src/keymanagement.c
branchENGINE-289
changeset 2325 781d887c83f4
parent 2324 de5b5578fc16
child 2326 6d2a523aad35
     1.1 --- a/src/keymanagement.c	Mon Dec 18 13:27:42 2017 +0100
     1.2 +++ b/src/keymanagement.c	Mon Dec 18 21:31:22 2017 +0100
     1.3 @@ -109,23 +109,13 @@
     1.4      PEP_STATUS status = get_trust(session, ident);
     1.5      if (status != PEP_STATUS_OK)
     1.6          return ADD_TO_LOG(status);
     1.7 +        
     1.8 +    bool revoked, expired;
     1.9 +    bool blacklisted;
    1.10      
    1.11 -    bool done = false;
    1.12 -    
    1.13 -    bool revoked, expired;
    1.14      status = key_revoked(session, fpr, &revoked);    
    1.15      
    1.16      assert(status == PEP_STATUS_OK);
    1.17 -    // switch (status) {
    1.18 -    //     case PEP_STATUS_OK:
    1.19 -    //         break;
    1.20 -    //     case PEP_KEY_NOT_FOUND:
    1.21 -    //         // Key not found in keyring
    1.22 -    //     case PEP_GET_KEY_FAILED:
    1.23 -    //         // other GPG error
    1.24 -    //     default:
    1.25 -    //         return status;
    1.26 -    // }
    1.27      
    1.28      if (status != PEP_STATUS_OK) {
    1.29           return ADD_TO_LOG(status);
    1.30 @@ -137,11 +127,18 @@
    1.31  
    1.32      assert(status == PEP_STATUS_OK);
    1.33      if (status != PEP_STATUS_OK)
    1.34 -         return ADD_TO_LOG(status);
    1.35 +        return ADD_TO_LOG(status);
    1.36      
    1.37 +    status = blacklist_is_listed(session, 
    1.38 +                                 stored_identity->fpr, 
    1.39 +                                 &blacklisted);
    1.40 +                                 
    1.41 +    if (status != PEP_STATUS_OK)
    1.42 +        return ADD_TO_LOG(status);
    1.43 +        
    1.44      char* retval = fpr;
    1.45      
    1.46 -    // FIXME: bits for pEp
    1.47 +    // FIXME: bits for pEp FIXME: blacklisted?
    1.48      if (ident->me && (ct == PEP_ct_pEp) && !revoked && expired) {
    1.49          // extend key
    1.50          timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
    1.51 @@ -155,14 +152,21 @@
    1.52              if (status != PEP_STATUS_OK)
    1.53                   return ADD_TO_LOG(status);
    1.54              // communicate key(?)
    1.55 -            done = true;
    1.56          }        
    1.57      }
    1.58      
    1.59      if (revoked)
    1.60 -        ct = PEP_ct_revoked; // not to be stored. To be used here.
    1.61 +        ct = PEP_ct_revoked;
    1.62      else if (expired)
    1.63 -        ct = PEP_ct_expired;
    1.64 +        ct = PEP_ct_expired;        
    1.65 +    else if (blacklisted && 
    1.66 +            ((ct | PEP_ct_confirmed) == PEP_ct_OpenPGP_confirmed)) {
    1.67 +        ident->ct = ct = PEP_ct_key_not_found;
    1.68 +        free(ident->fpr);
    1.69 +            ident->fpr = strdup("");
    1.70 +        }
    1.71 +        status = PEP_KEY_UNSUITABLE;
    1.72 +    }
    1.73      
    1.74      switch (ct) {
    1.75          case PEP_ct_key_expired:
    1.76 @@ -170,15 +174,17 @@
    1.77          case PEP_ct_key_b0rken:
    1.78              // delete key from being default key for all users/identities
    1.79              status = remove_fpr_as_default(session, fpr);
    1.80 -            ident->fpr = NULL;
    1.81 +            free(ident->fpr);
    1.82 +            ident->fpr = strdup("");
    1.83 +            status = PEP_KEY_UNSUITABLE;
    1.84 +            status = update_trust_for_fpr(session, 
    1.85 +                                          stored_identity->fpr, 
    1.86 +                                          ct);
    1.87          default:
    1.88              break;
    1.89      }            
    1.90  
    1.91 -    if (!(revoked || expired || !done))
    1.92 -        return PEP_STATUS_OK;
    1.93 -
    1.94 -    return PEP_UNKNOWN_ERROR; // FIXME - better error
    1.95 +    return status;
    1.96  }
    1.97  
    1.98  // Only call on retrieval of previously stored identity!
    1.99 @@ -244,6 +250,92 @@
   1.100  
   1.101  PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags);
   1.102  
   1.103 +static void transfer_ident_lang_and_flags(pEp_identity* new_ident,
   1.104 +                                          pEp_identity* stored_ident) {
   1.105 +    if (new_ident->lang[0] == 0) {
   1.106 +      new_ident->lang[0] = stored_ident->lang[0];
   1.107 +      new_ident->lang[1] = stored_ident->lang[1];
   1.108 +      new_ident->lang[2] = 0;
   1.109 +    }
   1.110 +
   1.111 +    new_ident->flags = stored_ident->flags;
   1.112 +                                              
   1.113 +}
   1.114 +
   1.115 +static PEP_STATUS prepare_updated_identity(PEP_SESSION session,
   1.116 +                                                 pEp_identity* input_id,
   1.117 +                                                 pEp_identity* stored_ident,
   1.118 +                                                 bool store) {
   1.119 +    
   1.120 +    if (!session || !input_id || !stored_ident)
   1.121 +        return PEP_ILLEGAL_VALUE;
   1.122 +        
   1.123 +    bool is_identity_default, is_user_default, is_address_default;
   1.124 +    status = get_valid_pubkey(session, stored_ident,
   1.125 +                                &is_identity_default,
   1.126 +                                &is_user_default,
   1.127 +                                &is_address_default);
   1.128 +                                
   1.129 +    if (status == PEP_STATUS_OK && stored_ident->fpr) {
   1.130 +    //        * set identity comm_type from trust db (user_id, FPR)
   1.131 +        status = get_trust(session, stored_ident);
   1.132 +        if (status != PEP_STATUS_OK)
   1.133 +            return status; // FIXME - free mem
   1.134 +        if (input_id->fpr &&
   1.135 +                 strcasecmp(stored_ident->fpr, input_id->fpr) != 0) {
   1.136 +            free(input_id->fpr);
   1.137 +            strdup(input_id->fpr, stored_ident->fpr);
   1.138 +            
   1.139 +            // We have to call this because we didn't get it during
   1.140 +            // get identity above
   1.141 +            status = get_trust(session, stored_ident);
   1.142 +            input_id->comm_type = stored_ident->comm_type;
   1.143 +        }
   1.144 +    }
   1.145 +    else {
   1.146 +        return status; // Couldn't find a key.
   1.147 +    }
   1.148 +                
   1.149 +    // We patch the DB with the input username, but if we didn't have
   1.150 +    // one, we pull it out of storage if available.
   1.151 +    // (also, if the input username is "anonymous" and there exists
   1.152 +    //  a DB username, we replace)
   1.153 +    if (stored_ident->username) {
   1.154 +        if (input_id->username && 
   1.155 +            (strcasecmp(input_id->username, "anonymous") == 0)) {
   1.156 +            free(input_id->username);
   1.157 +            input_id->username = NULL;
   1.158 +        }
   1.159 +        if (!input_id->username)
   1.160 +            input_id->username = strdup(stored_ident->username);
   1.161 +    }
   1.162 +        
   1.163 +    // Call set_identity() to store
   1.164 +    if ((is_identity_default || is_user_default) &&
   1.165 +         is_address_default) {                 
   1.166 +         // if we got an fpr which is default for either user
   1.167 +         // or identity AND is valid for this address, set in DB
   1.168 +         // as default
   1.169 +         status = set_identity(input_id);
   1.170 +    }
   1.171 +    else {
   1.172 +        // Store without default fpr/ct, but return the fpr and ct 
   1.173 +        // for current use
   1.174 +        char* save_fpr = input_id->fpr;
   1.175 +        PEP_comm_type save_ct = input_id->comm_type;
   1.176 +        input_id->fpr = NULL;
   1.177 +        input_id->comm_type = PEP_ct_unknown;
   1.178 +        status = set_identity(input_id);
   1.179 +        input_id->fpr = save_fpr;
   1.180 +        input_id->comm_type = save_ct;
   1.181 +    }
   1.182 +    
   1.183 +    transfer_ident_lang_and_flags(input_id, stored_ident);
   1.184 +    
   1.185 +    return status;
   1.186 +}
   1.187 +
   1.188 +
   1.189  DYNAMIC_API PEP_STATUS update_identity(
   1.190          PEP_SESSION session, pEp_identity * identity
   1.191      )
   1.192 @@ -334,7 +426,6 @@
   1.193          if (stored_ident && stored_ident->fpr)
   1.194              identity_default_fpr = strdup(stored_ident->fpr);
   1.195          
   1.196 -        // Ok, now we start the real algorithm:
   1.197          if (status == PEP_STATUS_OK && stored_ident) { 
   1.198              //  * if identity available
   1.199              //      * patch it with username
   1.200 @@ -343,66 +434,9 @@
   1.201              //      * elect valid key for identity
   1.202              //    * if valid key exists
   1.203              //        * set return value's fpr
   1.204 -            bool fpr_changed = false;
   1.205 -            bool is_identity_default, is_user_default, is_address_default;
   1.206 -            status = get_valid_pubkey(session, stored_ident,
   1.207 -                                        &is_identity_default,
   1.208 -                                        &is_user_default,
   1.209 -                                        &is_address_default);
   1.210 -                                        
   1.211 -            if (status == PEP_STATUS_OK && stored_ident->fpr) {
   1.212 -            //        * set identity comm_type from trust db (user_id, FPR)
   1.213 -                status = get_trust(session, stored_ident);
   1.214 -                if (status != PEP_STATUS_OK)
   1.215 -                    return status; // FIXME - free mem
   1.216 -                if (identity->fpr &&
   1.217 -                         strcasecmp(stored_ident->fpr, identity->fpr) != 0) {
   1.218 -                    free(identity->fpr);
   1.219 -                    strdup(identity->fpr, stored_ident->fpr);
   1.220 -                    
   1.221 -                    // We have to call this because we didn't get it during
   1.222 -                    // get identity above
   1.223 -                    status = get_trust(session, stored_ident);
   1.224 -                    identity->comm_type = stored_ident->comm_type;
   1.225 -                }
   1.226 -            }
   1.227 -            else {
   1.228 -                return status; // Couldn't find a key.
   1.229 -            }
   1.230 -                        
   1.231 -            // We patch the DB with the input username, but if we didn't have
   1.232 -            // one, we pull it out of storage if available.
   1.233 -            // (also, if the input username is "anonymous" and there exists
   1.234 -            //  a DB username, we replace)
   1.235 -            if (stored_ident->username) {
   1.236 -                if (identity->username && 
   1.237 -                    (strcasecmp(identity->username, "anonymous") == 0)) {
   1.238 -                    free(identity->username);
   1.239 -                    identity->username = NULL;
   1.240 -                }
   1.241 -                if (!identity->username)
   1.242 -                    identity->username = strdup(stored_ident->username);
   1.243 -            }
   1.244 -                
   1.245 -            // Call set_identity() to store
   1.246 -            if ((is_identity_default || is_user_default) &&
   1.247 -                 is_address_default) {                 
   1.248 -                 // if we got an fpr which is default for either user
   1.249 -                 // or identity AND is valid for this address, set in DB
   1.250 -                 // as default
   1.251 -                 status = set_identity(identity);
   1.252 -            }
   1.253 -            else {
   1.254 -                // Store without default fpr/ct, but return the fpr and ct 
   1.255 -                // for current use
   1.256 -                char* save_fpr = identity->fpr;
   1.257 -                PEP_comm_type save_ct = identity->comm_type;
   1.258 -                identity->fpr = NULL;
   1.259 -                identity->comm_type = PEP_ct_unknown;
   1.260 -                status = set_identity(identity);
   1.261 -                identity->fpr = save_fpr;
   1.262 -                identity->comm_type = save_ct;
   1.263 -            }
   1.264 +            status = prepare_updated_identity(session,
   1.265 +                                              identity,
   1.266 +                                              stored_ident, true);
   1.267          }
   1.268          //  * else (identity unavailable)
   1.269          else {
   1.270 @@ -443,7 +477,7 @@
   1.271                  pEp_identity* this_id = id_curr->ident;
   1.272                  if (this_id) {
   1.273                      char* this_uid = this_id->user_id;
   1.274 -                    if (this_uid && (strstr(this_uid, "TOFU_") == NULL)) {
   1.275 +                    if (this_uid && (strstr(this_uid, "TOFU_") != this_uid)) {
   1.276                          // FIXME: should we also be fixing pEp_own_userId in this
   1.277                          // function here?
   1.278                          
   1.279 @@ -468,10 +502,29 @@
   1.280          }
   1.281  
   1.282          if (stored_ident) {
   1.283 -            
   1.284 +            status = prepare_updated_identity(session,
   1.285 +                                              identity,
   1.286 +                                              stored_ident, true);
   1.287          }
   1.288          else {
   1.289 -            //    * create temporary identity, store it, and Return this            
   1.290 +            // create temporary identity, store it, and Return this
   1.291 +            // This means TOFU_ user_id
   1.292 +            identity->user_id = calloc(1, strlen(identity->address) + 6);
   1.293 +            if (!identity->user_id)
   1.294 +                return PEP_OUT_OF_MEMORY;
   1.295 +
   1.296 +            snprintf(identity->user_id, strlen(identity->address) + 6,
   1.297 +                     "TOFU_%s", identity->address);        
   1.298 +            
   1.299 +            free(identity->fpr);
   1.300 +            identity->fpr = NULL;
   1.301 +            identity->comm_type = PEP_ct_unknown;
   1.302 +             
   1.303 +            //    * We've already checked and retrieved
   1.304 +            //      any applicable temporary identities above. If we're 
   1.305 +            //      here, none of them fit.
   1.306 +            //    * call set_identity() to store
   1.307 +            status = set_identity(session, identity);
   1.308          }
   1.309      }
   1.310      else {
   1.311 @@ -479,253 +532,26 @@
   1.312           * Temporary identity information without username suplied
   1.313              * Input: address (no others)
   1.314           */
   1.315 -         
   1.316 +        identity_list* id_list = NULL;
   1.317 +        status = get_identities_by_address(session, identity->address, &id_list);
   1.318 +
   1.319          //    * Search for identity with this address
   1.320 -        //    * If exactly one found
   1.321 -        //      * elect valid key for identity (see below)
   1.322 -        //      * if valid key exists
   1.323 -        //        * set identity comm_type from trust db (user_id, FPR)
   1.324 -        //        * set return value's fpr
   1.325 -        //        * ...? (do we also set the stored fpr?)
   1.326 -        //      * Return this identity
   1.327 -        //    * else
   1.328 -        //      * return error status (too little information)
   1.329 +        if (id_list && !(id_list->next)) { // exactly one            
   1.330 +            //    * If exactly one found
   1.331 +            //      * elect valid key for identity (see below)
   1.332 +            //      * Return this identity
   1.333 +            stored_ident = id_curr->ident;
   1.334 +            
   1.335 +            if (this_id)
   1.336 +                status = prepare_updated_identity(session, identity,
   1.337 +                                                  stored_ident, false);
   1.338 +            else
   1.339 +                status = PEP_CANNOT_FIND_IDENTITY;
   1.340 +        }
   1.341 +        else // too little info
   1.342 +            status = PEP_CANNOT_FIND_IDENTITY; 
   1.343      }
   1.344 -
   1.345 -
   1.346 -    int _no_user_id = EMPTYSTR(identity->user_id);
   1.347 -    int _did_elect_new_key = 0;
   1.348 -
   1.349 -    if (_no_user_id)
   1.350 -    {
   1.351 -        char* own_id = NULL;
   1.352 -        status = get_own_userid(session, &own_id);
   1.353 -        if (status == PEP_STATUS_OK && own_id) {
   1.354 -            status = get_identity(session, identity->address, own_id,
   1.355 -                    &stored_identity);
   1.356 -            if (status == PEP_STATUS_OK) {
   1.357 -                free_identity(stored_identity);
   1.358 -                identity->user_id = own_id;
   1.359 -                return _myself(session, identity, false, true);
   1.360 -            }
   1.361 -        }
   1.362 -        
   1.363 -        free(identity->user_id);
   1.364 -
   1.365 -        identity->user_id = calloc(1, strlen(identity->address) + 6);
   1.366 -        if (!identity->user_id)
   1.367 -        {
   1.368 -            return PEP_OUT_OF_MEMORY;
   1.369 -        }
   1.370 -        snprintf(identity->user_id, strlen(identity->address) + 6,
   1.371 -                 "TOFU_%s", identity->address);
   1.372 -    }
   1.373 - 
   1.374 -    status = get_identity(session,
   1.375 -                          identity->address,
   1.376 -                          identity->user_id,
   1.377 -                          &stored_identity);
   1.378 -    
   1.379 -    assert(status != PEP_OUT_OF_MEMORY);
   1.380 -    if (status == PEP_OUT_OF_MEMORY)
   1.381 -        goto exit_free;
   1.382 -
   1.383 -    temp_id = identity_dup(identity);
   1.384 -    
   1.385 -    /* We don't take given fpr. 
   1.386 -       In case there's no acceptable stored fpr, it will be elected. */
   1.387 -    free(temp_id->fpr);
   1.388 -    temp_id->fpr = NULL;
   1.389 -    temp_id->comm_type = PEP_ct_unknown;
   1.390 -            
   1.391 -    if (stored_identity) {
   1.392 -        
   1.393 -        bool dont_use_stored_fpr = true;
   1.394 -
   1.395 -        /* if we have a stored_identity fpr */
   1.396 -        if (!EMPTYSTR(stored_identity->fpr)) {
   1.397 -            bool revoked = false;
   1.398 -            status = key_revoked(session, stored_identity->fpr, &revoked);
   1.399 -            
   1.400 -            if (status != PEP_STATUS_OK || revoked)
   1.401 -                dont_use_stored_fpr = true;
   1.402 -                
   1.403 -            if (revoked) {
   1.404 -                // Do stuff
   1.405 -                status = update_trust_for_fpr(session, stored_identity->fpr, PEP_ct_key_revoked);
   1.406 -                // What to do on failure? FIXME
   1.407 -                status = replace_identities_fpr(session, stored_identity->fpr, "");
   1.408 -            }
   1.409 -            else {    
   1.410 -                status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
   1.411 -                if (status != PEP_STATUS_OK)
   1.412 -                    dont_use_stored_fpr = true; 
   1.413 -            }
   1.414 -        }
   1.415 -            
   1.416 -
   1.417 -        if (!dont_use_stored_fpr) {
   1.418 -            /* Check stored comm_type */
   1.419 -            PEP_comm_type _comm_type_key;
   1.420 -            status = get_key_rating(session, stored_identity->fpr, &_comm_type_key);
   1.421 -            assert(status != PEP_OUT_OF_MEMORY);
   1.422 -            if (status == PEP_OUT_OF_MEMORY) {
   1.423 -                goto exit_free;
   1.424 -            }
   1.425 -            if (status == PEP_KEY_NOT_FOUND){
   1.426 -                /* stored key was deleted from keyring. any other candidate ?*/
   1.427 -                status = elect_pubkey(session, temp_id);
   1.428 -                if (status != PEP_STATUS_OK) {
   1.429 -                    goto exit_free;
   1.430 -                } else {
   1.431 -                    _did_elect_new_key = 1;
   1.432 -                }
   1.433 -            } else {
   1.434 -                temp_id->fpr = strdup(stored_identity->fpr);
   1.435 -                assert(temp_id->fpr);
   1.436 -                if (temp_id->fpr == NULL) {
   1.437 -                    status = PEP_OUT_OF_MEMORY;
   1.438 -                    goto exit_free;
   1.439 -                }
   1.440 -
   1.441 -                if (_comm_type_key < PEP_ct_unconfirmed_encryption) {
   1.442 -                    /* if key not good anymore, 
   1.443 -                       downgrade eventually trusted comm_type */
   1.444 -                    temp_id->comm_type = _comm_type_key;
   1.445 -                } else {
   1.446 -                    /* otherwise take stored comm_type as-is except if 
   1.447 -                       is unknown or is expired (but key not expired anymore) */
   1.448 -                    temp_id->comm_type = stored_identity->comm_type;
   1.449 -                    if (temp_id->comm_type == PEP_ct_unknown ||
   1.450 -                        temp_id->comm_type == PEP_ct_key_expired) {
   1.451 -                        temp_id->comm_type = _comm_type_key;
   1.452 -                    }
   1.453 -                }
   1.454 -            }
   1.455 -        }
   1.456 -        else {
   1.457 -            status = elect_pubkey(session, temp_id);
   1.458 -            if (status != PEP_STATUS_OK){
   1.459 -                goto exit_free;
   1.460 -            } else {
   1.461 -                _did_elect_new_key = 1;
   1.462 -            }
   1.463 -        }
   1.464 -        
   1.465 -        /* ok, from here on out, use temp_id */
   1.466 -        
   1.467 -        
   1.468 -        /* At this point, we either have a non-blacklisted fpr we can work */
   1.469 -        /* with, or we've got nada.                                        */
   1.470 -
   1.471 -        if (EMPTYSTR(temp_id->fpr)) {
   1.472 -            /* nada : set comm_type accordingly */
   1.473 -            temp_id->comm_type = PEP_ct_key_not_found;
   1.474 -        }
   1.475 -        
   1.476 -        if (EMPTYSTR(temp_id->username)) {
   1.477 -            free(temp_id->username);
   1.478 -            temp_id->username = strdup(stored_identity->username);
   1.479 -            assert(temp_id->username);
   1.480 -            if (temp_id->username == NULL){
   1.481 -                status = PEP_OUT_OF_MEMORY;
   1.482 -                goto exit_free;
   1.483 -            }
   1.484 -        }
   1.485 -
   1.486 -        if (temp_id->lang[0] == 0) {
   1.487 -            temp_id->lang[0] = stored_identity->lang[0];
   1.488 -            temp_id->lang[1] = stored_identity->lang[1];
   1.489 -            temp_id->lang[2] = 0;
   1.490 -        }
   1.491 -
   1.492 -        temp_id->flags = stored_identity->flags;
   1.493 -    }
   1.494 -    else /* stored_identity == NULL */ {
   1.495 -        temp_id->flags = 0;
   1.496 -
   1.497 -        /* We elect a pubkey */
   1.498 -        status = elect_pubkey(session, temp_id);
   1.499 -        if (status != PEP_STATUS_OK)
   1.500 -            goto exit_free;
   1.501 -        
   1.502 -        /* Work with the elected key */
   1.503 -        if (!EMPTYSTR(temp_id->fpr)) {
   1.504 -            
   1.505 -            PEP_comm_type _comm_type_key = temp_id->comm_type;
   1.506 -            
   1.507 -            _did_elect_new_key = 1;
   1.508 -
   1.509 -            // We don't want to lose a previous trust entry!!!
   1.510 -            status = get_trust(session, temp_id);
   1.511 -
   1.512 -            bool has_trust_status = (status == PEP_STATUS_OK);
   1.513 -
   1.514 -            if (!has_trust_status)
   1.515 -                temp_id->comm_type = _comm_type_key;
   1.516 -        }
   1.517 -    }
   1.518 -
   1.519 -    if (temp_id->fpr == NULL) {
   1.520 -        temp_id->fpr = strdup("");
   1.521 -        if (temp_id->fpr == NULL) {
   1.522 -            status = PEP_OUT_OF_MEMORY;
   1.523 -            goto exit_free;
   1.524 -        }
   1.525 -    }
   1.526 -    
   1.527 -    
   1.528 -    status = PEP_STATUS_OK;
   1.529 -
   1.530 -    if (temp_id->comm_type != PEP_ct_unknown && !EMPTYSTR(temp_id->user_id)) {
   1.531 -
   1.532 -        if (EMPTYSTR(temp_id->username)) { // mitigate
   1.533 -            free(temp_id->username);
   1.534 -            temp_id->username = strdup("Anonymous");
   1.535 -            assert(temp_id->username);
   1.536 -            if (temp_id->username == NULL){
   1.537 -                status = PEP_OUT_OF_MEMORY;
   1.538 -                goto exit_free;
   1.539 -            }
   1.540 -        }
   1.541 -
   1.542 -        // Identity doesn't get stored if call was just about checking existing
   1.543 -        // user by address (i.e. no user id given but already stored)
   1.544 -        if (!(_no_user_id && stored_identity) || _did_elect_new_key)
   1.545 -        {
   1.546 -            status = set_identity(session, temp_id);
   1.547 -            assert(status == PEP_STATUS_OK);
   1.548 -            if (status != PEP_STATUS_OK) {
   1.549 -                goto exit_free;
   1.550 -            }
   1.551 -        }
   1.552 -    }
   1.553 -
   1.554 -    if (temp_id->comm_type != PEP_ct_compromized &&
   1.555 -            temp_id->comm_type < PEP_ct_strong_but_unconfirmed)
   1.556 -        if (session->examine_identity)
   1.557 -            session->examine_identity(temp_id, session->examine_management);
   1.558 -    
   1.559 -    /* ok, we got to the end. So we can assign the output identity */
   1.560 -    free(identity->address);
   1.561 -    identity->address = strdup(temp_id->address);
   1.562 -    free(identity->fpr);
   1.563 -    identity->fpr = strdup(temp_id->fpr);
   1.564 -    free(identity->user_id);
   1.565 -    identity->user_id = strdup(temp_id->user_id);
   1.566 -    free(identity->username);
   1.567 -    identity->username = strdup(temp_id->username ? temp_id->username : "Anonymous");
   1.568 -    identity->comm_type = temp_id->comm_type;
   1.569 -    identity->lang[0] = temp_id->lang[0];
   1.570 -    identity->lang[1] = temp_id->lang[1];
   1.571 -    identity->lang[2] = 0;
   1.572 -    identity->me = temp_id->me;
   1.573 -    identity->flags = temp_id->flags;
   1.574 -
   1.575 -exit_free :
   1.576 -    free_identity(stored_identity);
   1.577 -    free_identity(temp_id);
   1.578 -    
   1.579 +                        
   1.580      return ADD_TO_LOG(status);
   1.581  }
   1.582