security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-31 20:08:43 +01:00
Code Activity
112e02ee89
gnupg/g10/test-stubs.c

538 lines
9.2 KiB
C
Raw Normal View History

g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
/* test-stubs.c - The GnuPG signature verify utility
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2005, 2006,
* 2008, 2009, 2012 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
Change all http://www.gnu.org in license notices to https:// --
2016-11-05 12:02:19 +01:00
* along with this program; if not, see <https://www.gnu.org/licenses/>.
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
*/
#include <config.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <unistd.h>
#define INCLUDED_BY_MAIN_MODULE 1
#include "gpg.h"
Remove -I option to common. * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 12:21:23 +01:00
#include "../common/util.h"
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
#include "packet.h"
Remove -I option to common. * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 12:21:23 +01:00
#include "../common/iobuf.h"
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
#include "main.h"
#include "options.h"
#include "keydb.h"
#include "trustdb.h"
#include "filter.h"
Remove -I option to common. * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 12:21:23 +01:00
#include "../common/ttyio.h"
#include "../common/i18n.h"
#include "../common/sysutils.h"
#include "../common/status.h"
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
#include "call-agent.h"
int g10_errors_seen;
void
g10_exit( int rc )
{
rc = rc? rc : log_get_errorcount(0)? 2 : g10_errors_seen? 1 : 0;
exit(rc );
}
/* Stub:
Fix typos found using codespell. * agent/cache.c: Fix typos. * agent/call-pinentry.c: Likewise. * agent/call-scd.c: Likewise. * agent/command-ssh.c: Likewise. * agent/command.c: Likewise. * agent/divert-scd.c: Likewise. * agent/findkey.c: Likewise. * agent/gpg-agent.c: Likewise. * agent/w32main.c: Likewise. * common/argparse.c: Likewise. * common/audit.c: Likewise. * common/audit.h: Likewise. * common/convert.c: Likewise. * common/dotlock.c: Likewise. * common/exechelp-posix.c: Likewise. * common/exechelp-w32.c: Likewise. * common/exechelp-w32ce.c: Likewise. * common/exechelp.h: Likewise. * common/helpfile.c: Likewise. * common/i18n.h: Likewise. * common/iobuf.c: Likewise. * common/iobuf.h: Likewise. * common/localename.c: Likewise. * common/logging.c: Likewise. * common/openpgp-oid.c: Likewise. * common/session-env.c: Likewise. * common/sexputil.c: Likewise. * common/sysutils.c: Likewise. * common/t-sexputil.c: Likewise. * common/ttyio.c: Likewise. * common/util.h: Likewise. * dirmngr/cdblib.c: Likewise. * dirmngr/certcache.c: Likewise. * dirmngr/crlcache.c: Likewise. * dirmngr/dirmngr-client.c: Likewise. * dirmngr/dirmngr.c: Likewise. * dirmngr/dirmngr_ldap.c: Likewise. * dirmngr/dns-stuff.c: Likewise. * dirmngr/http.c: Likewise. * dirmngr/ks-engine-hkp.c: Likewise. * dirmngr/ks-engine-ldap.c: Likewise. * dirmngr/ldap-wrapper.c: Likewise. * dirmngr/ldap.c: Likewise. * dirmngr/misc.c: Likewise. * dirmngr/ocsp.c: Likewise. * dirmngr/validate.c: Likewise. * g10/encrypt.c: Likewise. * g10/getkey.c: Likewise. * g10/gpg.c: Likewise. * g10/gpgv.c: Likewise. * g10/import.c: Likewise. * g10/keydb.c: Likewise. * g10/keydb.h: Likewise. * g10/keygen.c: Likewise. * g10/keyid.c: Likewise. * g10/keylist.c: Likewise. * g10/keyring.c: Likewise. * g10/mainproc.c: Likewise. * g10/misc.c: Likewise. * g10/options.h: Likewise. * g10/packet.h: Likewise. * g10/parse-packet.c: Likewise. * g10/pkclist.c: Likewise. * g10/pkglue.c: Likewise. * g10/plaintext.c: Likewise. * g10/server.c: Likewise. * g10/sig-check.c: Likewise. * g10/sqlite.c: Likewise. * g10/tdbio.c: Likewise. * g10/test-stubs.c: Likewise. * g10/tofu.c: Likewise. * g10/trust.c: Likewise. * g10/trustdb.c: Likewise. * g13/create.c: Likewise. * g13/mountinfo.c: Likewise. * kbx/keybox-blob.c: Likewise. * kbx/keybox-file.c: Likewise. * kbx/keybox-init.c: Likewise. * kbx/keybox-search-desc.h: Likewise. * kbx/keybox-search.c: Likewise. * kbx/keybox-update.c: Likewise. * scd/apdu.c: Likewise. * scd/app-openpgp.c: Likewise. * scd/app-p15.c: Likewise. * scd/app.c: Likewise. * scd/ccid-driver.c: Likewise. * scd/command.c: Likewise. * scd/iso7816.c: Likewise. * sm/base64.c: Likewise. * sm/call-agent.c: Likewise. * sm/call-dirmngr.c: Likewise. * sm/certchain.c: Likewise. * sm/gpgsm.c: Likewise. * sm/import.c: Likewise. * sm/keydb.c: Likewise. * sm/minip12.c: Likewise. * sm/qualified.c: Likewise. * sm/server.c: Likewise. * tools/gpg-check-pattern.c: Likewise. * tools/gpgconf-comp.c: Likewise. * tools/gpgkey2ssh.c: Likewise. * tools/gpgparsemail.c: Likewise. * tools/gpgtar.c: Likewise. * tools/rfc822parse.c: Likewise. * tools/symcryptrun.c: Likewise. Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-16 12:41:46 +01:00
* We have to override the trustcheck from pkclist.c because
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
* this utility assumes that all keys in the keyring are trustworthy
*/
int
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
(void)ctrl;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)sig;
return 0;
}
void
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
read_trust_options (ctrl_t ctrl,
byte *trust_model, ulong *created, ulong *nextcheck,
byte *marginals, byte *completes, byte *cert_depth,
byte *min_cert_level)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
(void)ctrl;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)trust_model;
(void)created;
(void)nextcheck;
(void)marginals;
(void)completes;
(void)cert_depth;
(void)min_cert_level;
}
/* Stub:
* We don't have the trustdb , so we have to provide some stub functions
* instead
*/
int
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
(void)ctrl;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)pk;
return 0;
}
void
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
check_trustdb_stale (ctrl_t ctrl)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
(void)ctrl;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
}
int
g10: Avoid gratuitously loading a keyblock when it is already available * g10/trust.c (get_validity): Add new, optional parameter KB. Only load the keyblock if KB is NULL. Update callers. (get_validity): Likewise. * g10/trustdb.c (tdb_get_validity_core): Likewise. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 2812
2016-11-23 12:29:22 +01:00
get_validity_info (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk,
PKT_user_id *uid)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
(void)ctrl;
g10: Avoid gratuitously loading a keyblock when it is already available * g10/trust.c (get_validity): Add new, optional parameter KB. Only load the keyblock if KB is NULL. Update callers. (get_validity): Likewise. * g10/trustdb.c (tdb_get_validity_core): Likewise. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 2812
2016-11-23 12:29:22 +01:00
(void)kb;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)pk;
(void)uid;
return '?';
}
unsigned int
g10: Avoid gratuitously loading a keyblock when it is already available * g10/trust.c (get_validity): Add new, optional parameter KB. Only load the keyblock if KB is NULL. Update callers. (get_validity): Likewise. * g10/trustdb.c (tdb_get_validity_core): Likewise. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 2812
2016-11-23 12:29:22 +01:00
get_validity (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, PKT_user_id *uid,
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
PKT_signature *sig, int may_ask)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
(void)ctrl;
g10: Avoid gratuitously loading a keyblock when it is already available * g10/trust.c (get_validity): Add new, optional parameter KB. Only load the keyblock if KB is NULL. Update callers. (get_validity): Likewise. * g10/trustdb.c (tdb_get_validity_core): Likewise. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 2812
2016-11-23 12:29:22 +01:00
(void)kb;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)pk;
(void)uid;
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
(void)sig;
(void)may_ask;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
return 0;
}
const char *
trust_value_to_string (unsigned int value)
{
(void)value;
return "err";
}
const char *
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
(void)ctrl;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)key;
(void)uid;
return "err";
}
int
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
(void)ctrl;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)pk;
gpg: Do not require a trustdb for decryption. * g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE. Change to return an error code. Change all callers to to pass False for NO_CREATE. (tdb_get_ownertrust): New arg NO_CREATE. Call init_trustdb to test for a non-existing trustdb. Change all callers to to pass False for NO_CREATE. (tdb_get_min_ownertrust): Ditto. * g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE. Call init_trustdb for a quick check. (get_ownertrust_info): Add arg NO_CREATE. (get_ownertrust_string): Ditto. * g10/gpgv.c (get_ownertrust_info): Adjust stub. * g10/test-stubs.c (get_ownertrust_info): Ditto. * g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE set. * g10/pubkey-enc.c (get_it): Ditto. -- Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to gnupg-devel 'test failure on git master with decrypt-session-key.scm (and: continuous integration?)' Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-28 20:28:56 +01:00
(void)no_create;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
return '?';
}
unsigned int
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
(void)ctrl;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)pk;
return TRUST_UNKNOWN;
}
/* Stubs:
* Because we only work with trusted keys, it does not make sense to
* get them from a keyserver
*/
struct keyserver_spec *
keyserver_match (struct keyserver_spec *spec)
{
(void)spec;
return NULL;
}
gpg: Make --auto-key-retrieve work with dirmngr configured server. * g10/call-dirmngr.c (gpg_dirmngr_ks_list): Make R_KEYSERVER optional. * g10/keyserver.c (keyserver_any_configured): New. (keyserver_put): Remove arg keyserver because this will always receive opt.keyserver which is anyway used when connecting dirmngr. Do not check opt.keyserver. (keyserver_import_cert): Replace opt.keyserver by keyserver_any_configured. * g10/mainproc.c (check_sig_and_print): Ditto. * g10/import.c (revocation_present): Ditto. * g10/getkey.c (get_pubkey_byname): Ditto. * g10/gpgv.c (keyserver_any_configured): Add stub. * g10/test-stubs.c (keyserver_any_configured): Add stub. -- The keyserver should be configured in dirmngr.conf and thus we can't use opt.keyserver in gpg to decide whether a keyserver has been configured. GnuPG-bug-id: 2147 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-21 11:49:27 +01:00
int
keyserver_any_configured (ctrl_t ctrl)
{
(void)ctrl;
return 0;
}
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
int
gpg: Convey --quick option to dirmngr for --auto-key-retrieve. * g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'. (gpg_dirmngr_wkd_get): Ditto. * g10/keyserver.c (keyserver_get): Add arg 'quick'. (keyserver_get_chunk): Add arg 'quick'. (keyserver_import_fprint): Ditto. Change callers to pass 0 for it. (keyserver_import_keyid): Ditto. (keyserver_import_wkd): Ditto. * g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with QUICK set. -- Note that this option has not yet been implemented by dirmngr. Dirmngr will simply ignore it for now. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-27 08:44:19 +02:00
keyserver_import_keyid (u32 *keyid, void *dummy, int quick)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
(void)keyid;
(void)dummy;
gpg: Convey --quick option to dirmngr for --auto-key-retrieve. * g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'. (gpg_dirmngr_wkd_get): Ditto. * g10/keyserver.c (keyserver_get): Add arg 'quick'. (keyserver_get_chunk): Add arg 'quick'. (keyserver_import_fprint): Ditto. Change callers to pass 0 for it. (keyserver_import_keyid): Ditto. (keyserver_import_wkd): Ditto. * g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with QUICK set. -- Note that this option has not yet been implemented by dirmngr. Dirmngr will simply ignore it for now. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-27 08:44:19 +02:00
(void)quick;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
return -1;
}
gpg: Add experimental support for an issuer fpr. * common/openpgpdefs.h (SIGSUBPKT_ISSUER_FPR): New. * g10/build-packet.c (build_sig_subpkt_from_sig): Add arg PKSK and insert the issuer fpr if needed. * g10/sign.c (write_signature_packets): Pass signing key. (make_keysig_packet): Ditto. (update_keysig_packet): Ditto. * g10/parse-packet.c (dump_sig_subpkt): Print issuer fpr. (parse_one_sig_subpkt): Detect issuer fpr. (can_handle_critical): Add issuer fpr. * g10/mainproc.c (check_sig_and_print): Try to get key via fingerprint. * g10/gpgv.c (keyserver_import_fprint): New stub. * g10/test-stubs.c (keyserver_import_fprint): New stub. -- This support is enabled with the --rfc4880bis option and intended to test to recently proposed issuer fpr. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 23:58:16 +02:00
int
keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len,
gpg: Convey --quick option to dirmngr for --auto-key-retrieve. * g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'. (gpg_dirmngr_wkd_get): Ditto. * g10/keyserver.c (keyserver_get): Add arg 'quick'. (keyserver_get_chunk): Add arg 'quick'. (keyserver_import_fprint): Ditto. Change callers to pass 0 for it. (keyserver_import_keyid): Ditto. (keyserver_import_wkd): Ditto. * g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with QUICK set. -- Note that this option has not yet been implemented by dirmngr. Dirmngr will simply ignore it for now. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-27 08:44:19 +02:00
struct keyserver_spec *keyserver, int quick)
gpg: Add experimental support for an issuer fpr. * common/openpgpdefs.h (SIGSUBPKT_ISSUER_FPR): New. * g10/build-packet.c (build_sig_subpkt_from_sig): Add arg PKSK and insert the issuer fpr if needed. * g10/sign.c (write_signature_packets): Pass signing key. (make_keysig_packet): Ditto. (update_keysig_packet): Ditto. * g10/parse-packet.c (dump_sig_subpkt): Print issuer fpr. (parse_one_sig_subpkt): Detect issuer fpr. (can_handle_critical): Add issuer fpr. * g10/mainproc.c (check_sig_and_print): Try to get key via fingerprint. * g10/gpgv.c (keyserver_import_fprint): New stub. * g10/test-stubs.c (keyserver_import_fprint): New stub. -- This support is enabled with the --rfc4880bis option and intended to test to recently proposed issuer fpr. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 23:58:16 +02:00
{
(void)ctrl;
(void)fprint;
(void)fprint_len;
(void)keyserver;
gpg: Convey --quick option to dirmngr for --auto-key-retrieve. * g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'. (gpg_dirmngr_wkd_get): Ditto. * g10/keyserver.c (keyserver_get): Add arg 'quick'. (keyserver_get_chunk): Add arg 'quick'. (keyserver_import_fprint): Ditto. Change callers to pass 0 for it. (keyserver_import_keyid): Ditto. (keyserver_import_wkd): Ditto. * g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with QUICK set. -- Note that this option has not yet been implemented by dirmngr. Dirmngr will simply ignore it for now. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-27 08:44:19 +02:00
(void)quick;
gpg: Add experimental support for an issuer fpr. * common/openpgpdefs.h (SIGSUBPKT_ISSUER_FPR): New. * g10/build-packet.c (build_sig_subpkt_from_sig): Add arg PKSK and insert the issuer fpr if needed. * g10/sign.c (write_signature_packets): Pass signing key. (make_keysig_packet): Ditto. (update_keysig_packet): Ditto. * g10/parse-packet.c (dump_sig_subpkt): Print issuer fpr. (parse_one_sig_subpkt): Detect issuer fpr. (can_handle_critical): Add issuer fpr. * g10/mainproc.c (check_sig_and_print): Try to get key via fingerprint. * g10/gpgv.c (keyserver_import_fprint): New stub. * g10/test-stubs.c (keyserver_import_fprint): New stub. -- This support is enabled with the --rfc4880bis option and intended to test to recently proposed issuer fpr. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 23:58:16 +02:00
return -1;
}
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
int
keyserver_import_cert (const char *name)
{
(void)name;
return -1;
}
int
keyserver_import_pka (const char *name,unsigned char *fpr)
{
(void)name;
(void)fpr;
return -1;
}
gpg: Add experimental AKL method "wkd" and option --with-wkd-hash. * g10/getkey.c (parse_auto_key_locate): Add method "wkd". (get_pubkey_byname): Implement that method. Also rename a variable. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New. * g10/keyserver.c (keyserver_import_wkd): New. * g10/test-stubs.c (keyserver_import_wkd): Add stub. * g10/gpgv.c (keyserver_import_wkd): Ditto. * g10/options.h (opt): Add field 'with_wkd_hash'. (AKL_WKD): New. * g10/gpg.c (oWithWKDHash): New. (opts): Add option --with-wkd-hash. (main): Set that option. * g10/keylist.c (list_keyblock_print): Implement that option. -- The Web Key Directory is an experimental feature to retrieve a key via https. It is similar to OpenPGP DANE but also uses an encryption to reveal less information about a key lookup. For example the URI to lookup the key for Joe.Doe@Example.ORG is: https://example.org/.well-known/openpgpkey/ hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q (line has been wrapped for rendering purposes). The hash is a z-Base-32 encoded SHA-1 hash of the mail address' local-part. The address wk@gnupg.org can be used for testing. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:34:29 +02:00
gpg_error_t
gpg: Convey --quick option to dirmngr for --auto-key-retrieve. * g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'. (gpg_dirmngr_wkd_get): Ditto. * g10/keyserver.c (keyserver_get): Add arg 'quick'. (keyserver_get_chunk): Add arg 'quick'. (keyserver_import_fprint): Ditto. Change callers to pass 0 for it. (keyserver_import_keyid): Ditto. (keyserver_import_wkd): Ditto. * g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with QUICK set. -- Note that this option has not yet been implemented by dirmngr. Dirmngr will simply ignore it for now. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-27 08:44:19 +02:00
keyserver_import_wkd (ctrl_t ctrl, const char *name, int quick,
gpg: Add experimental AKL method "wkd" and option --with-wkd-hash. * g10/getkey.c (parse_auto_key_locate): Add method "wkd". (get_pubkey_byname): Implement that method. Also rename a variable. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New. * g10/keyserver.c (keyserver_import_wkd): New. * g10/test-stubs.c (keyserver_import_wkd): Add stub. * g10/gpgv.c (keyserver_import_wkd): Ditto. * g10/options.h (opt): Add field 'with_wkd_hash'. (AKL_WKD): New. * g10/gpg.c (oWithWKDHash): New. (opts): Add option --with-wkd-hash. (main): Set that option. * g10/keylist.c (list_keyblock_print): Implement that option. -- The Web Key Directory is an experimental feature to retrieve a key via https. It is similar to OpenPGP DANE but also uses an encryption to reveal less information about a key lookup. For example the URI to lookup the key for Joe.Doe@Example.ORG is: https://example.org/.well-known/openpgpkey/ hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q (line has been wrapped for rendering purposes). The hash is a z-Base-32 encoded SHA-1 hash of the mail address' local-part. The address wk@gnupg.org can be used for testing. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:34:29 +02:00
unsigned char **fpr, size_t *fpr_len)
{
(void)ctrl;
(void)name;
gpg: Convey --quick option to dirmngr for --auto-key-retrieve. * g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'. (gpg_dirmngr_wkd_get): Ditto. * g10/keyserver.c (keyserver_get): Add arg 'quick'. (keyserver_get_chunk): Add arg 'quick'. (keyserver_import_fprint): Ditto. Change callers to pass 0 for it. (keyserver_import_keyid): Ditto. (keyserver_import_wkd): Ditto. * g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with QUICK set. -- Note that this option has not yet been implemented by dirmngr. Dirmngr will simply ignore it for now. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-27 08:44:19 +02:00
(void)quick;
gpg: Add experimental AKL method "wkd" and option --with-wkd-hash. * g10/getkey.c (parse_auto_key_locate): Add method "wkd". (get_pubkey_byname): Implement that method. Also rename a variable. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New. * g10/keyserver.c (keyserver_import_wkd): New. * g10/test-stubs.c (keyserver_import_wkd): Add stub. * g10/gpgv.c (keyserver_import_wkd): Ditto. * g10/options.h (opt): Add field 'with_wkd_hash'. (AKL_WKD): New. * g10/gpg.c (oWithWKDHash): New. (opts): Add option --with-wkd-hash. (main): Set that option. * g10/keylist.c (list_keyblock_print): Implement that option. -- The Web Key Directory is an experimental feature to retrieve a key via https. It is similar to OpenPGP DANE but also uses an encryption to reveal less information about a key lookup. For example the URI to lookup the key for Joe.Doe@Example.ORG is: https://example.org/.well-known/openpgpkey/ hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q (line has been wrapped for rendering purposes). The hash is a z-Base-32 encoded SHA-1 hash of the mail address' local-part. The address wk@gnupg.org can be used for testing. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:34:29 +02:00
(void)fpr;
(void)fpr_len;
return GPG_ERR_BUG;
}
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
int
keyserver_import_name (const char *name,struct keyserver_spec *spec)
{
(void)name;
(void)spec;
return -1;
}
int
keyserver_import_ldap (const char *name)
{
(void)name;
return -1;
}
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
gpg_error_t
read_key_from_file (ctrl_t ctrl, const char *fname, kbnode_t *r_keyblock)
{
(void)ctrl;
(void)fname;
(void)r_keyblock;
return -1;
}
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
/* Stub:
* No encryption here but mainproc links to these functions.
*/
gpg_error_t
gpg: Allow multiple --default-key options. Take the last available key. * g10/getkey.c (parse_def_secret_key): New function. (get_seckey_default): Add parameter ctrl. Update callers. Use parse_def_secret_key to get the default secret key, if any. (getkey_byname): Likewise. (enum_secret_keys): Likewise. * g10/options.h (opt): Change def_secret_key's type from a char * to a strlist_t. * g10/gpg.c (main): When processing --default-key, add the key to OPT.DEF_SECRET_KEY. * g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers. * g10/mainproc.c (proc_pubkey_enc): Likewise. (do_proc_packets): Likewise. * g10/pkclist.c (default_recipient): Likewise. * g10/pubkey-enc.c (get_session_key): Likewise. * g10/sign.c (clearsign_file): Likewise. (sign_symencrypt_file): Likewise. * g10/skclist.c (build_sk_list): Likewise. * g10/test-stubs.c (get_session_key): Likewise. -- Signed-off-by: Neal H. Walield <neal@g10code.com> GnuPG-bug-id: 806
2015-11-03 23:15:27 +01:00
get_session_key (ctrl_t ctrl, PKT_pubkey_enc *k, DEK *dek)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
gpg: Allow multiple --default-key options. Take the last available key. * g10/getkey.c (parse_def_secret_key): New function. (get_seckey_default): Add parameter ctrl. Update callers. Use parse_def_secret_key to get the default secret key, if any. (getkey_byname): Likewise. (enum_secret_keys): Likewise. * g10/options.h (opt): Change def_secret_key's type from a char * to a strlist_t. * g10/gpg.c (main): When processing --default-key, add the key to OPT.DEF_SECRET_KEY. * g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers. * g10/mainproc.c (proc_pubkey_enc): Likewise. (do_proc_packets): Likewise. * g10/pkclist.c (default_recipient): Likewise. * g10/pubkey-enc.c (get_session_key): Likewise. * g10/sign.c (clearsign_file): Likewise. (sign_symencrypt_file): Likewise. * g10/skclist.c (build_sk_list): Likewise. * g10/test-stubs.c (get_session_key): Likewise. -- Signed-off-by: Neal H. Walield <neal@g10code.com> GnuPG-bug-id: 806
2015-11-03 23:15:27 +01:00
(void)ctrl;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)k;
(void)dek;
return GPG_ERR_GENERAL;
}
/* Stub: */
gpg_error_t
get_override_session_key (DEK *dek, const char *string)
{
(void)dek;
(void)string;
return GPG_ERR_GENERAL;
}
/* Stub: */
int
decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek)
{
(void)ctrl;
(void)procctx;
(void)ed;
(void)dek;
return GPG_ERR_GENERAL;
}
/* Stub:
* No interactive commands, so we don't need the helptexts
*/
void
display_online_help (const char *keyword)
{
(void)keyword;
}
/* Stub:
* We don't use secret keys, but getkey.c links to this
*/
int
check_secret_key (PKT_public_key *pk, int n)
{
(void)pk;
(void)n;
return GPG_ERR_GENERAL;
}
/* Stub:
* No secret key, so no passphrase needed
*/
DEK *
gpg: Cleanup of dek_to_passphrase function (part 2). * g10/passphrase.c (passphrase_get): Remove arg KEYID. Change arg MODE to NOCACHE. (passphrase_to_dek): Remove args KEYID and PUBKEY_ALGO. Split arg MODE into CREATE and NOCACHE. Change all callers and adjust stubs. (passphrase_clear_cache): Remove args KEYID and ALGO. They are not used. Change caller. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-08 18:45:29 +02:00
passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache,
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
const char *tmp, int *canceled)
{
(void)cipher_algo;
(void)s2k;
gpg: Cleanup of dek_to_passphrase function (part 2). * g10/passphrase.c (passphrase_get): Remove arg KEYID. Change arg MODE to NOCACHE. (passphrase_to_dek): Remove args KEYID and PUBKEY_ALGO. Split arg MODE into CREATE and NOCACHE. Change all callers and adjust stubs. (passphrase_clear_cache): Remove args KEYID and ALGO. They are not used. Change caller. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-08 18:45:29 +02:00
(void)create;
(void)nocache;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
(void)tmp;
if (canceled)
*canceled = 0;
return NULL;
}
void
gpg: Cleanup of dek_to_passphrase function (part 2). * g10/passphrase.c (passphrase_get): Remove arg KEYID. Change arg MODE to NOCACHE. (passphrase_to_dek): Remove args KEYID and PUBKEY_ALGO. Split arg MODE into CREATE and NOCACHE. Change all callers and adjust stubs. (passphrase_clear_cache): Remove args KEYID and ALGO. They are not used. Change caller. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-08 18:45:29 +02:00
passphrase_clear_cache (const char *cacheid)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
(void)cacheid;
}
struct keyserver_spec *
parse_preferred_keyserver(PKT_signature *sig)
{
(void)sig;
return NULL;
}
struct keyserver_spec *
parse_keyserver_uri (const char *uri, int require_scheme,
const char *configname, unsigned int configlineno)
{
(void)uri;
(void)require_scheme;
(void)configname;
(void)configlineno;
return NULL;
}
void
free_keyserver_spec (struct keyserver_spec *keyserver)
{
(void)keyserver;
}
/* Stubs to avoid linking to photoid.c */
void
show_photos (const struct user_attribute *attrs, int count, PKT_public_key *pk)
{
(void)attrs;
(void)count;
(void)pk;
}
int
parse_image_header (const struct user_attribute *attr, byte *type, u32 *len)
{
(void)attr;
(void)type;
(void)len;
return 0;
}
char *
image_type_to_string (byte type, int string)
{
(void)type;
(void)string;
return NULL;
}
#ifdef ENABLE_CARD_SUPPORT
int
agent_scd_getattr (const char *name, struct agent_card_info_s *info)
{
(void)name;
(void)info;
return 0;
}
#endif /* ENABLE_CARD_SUPPORT */
/* We do not do any locking, so use these stubs here */
void
dotlock_disable (void)
{
}
dotlock_t
dotlock_create (const char *file_to_lock, unsigned int flags)
{
(void)file_to_lock;
(void)flags;
return NULL;
}
void
dotlock_destroy (dotlock_t h)
{
(void)h;
}
int
dotlock_take (dotlock_t h, long timeout)
{
(void)h;
(void)timeout;
return 0;
}
int
dotlock_release (dotlock_t h)
{
(void)h;
return 0;
}
void
dotlock_remove_lockfiles (void)
{
}
gpg_error_t
agent_probe_secret_key (ctrl_t ctrl, PKT_public_key *pk)
{
(void)ctrl;
(void)pk;
return gpg_error (GPG_ERR_NO_SECKEY);
}
gpg_error_t
agent_probe_any_secret_key (ctrl_t ctrl, kbnode_t keyblock)
{
(void)ctrl;
(void)keyblock;
return gpg_error (GPG_ERR_NO_SECKEY);
}
gpg_error_t
g10: report whether key in agent is passphrase-protected or not * g10/call-agent.c, g10/call-agent.h (agent_get_keyinfo): add r_cleartext parameter to report whether a key is stored without passphrase protection. * g10/gpgv.c, g10/test-stubs.c: augment dummy agent_get_keyinfo to match new API. * g10/export.c, g10/keyedit.c, g10/keygen.c, g10/keylist.c, g10/sign.c: pass NULL to agent_get_keyinfo since we do not yet need to know whether agent is passphrase-protected. -- Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-06-10 22:15:33 +02:00
agent_get_keyinfo (ctrl_t ctrl, const char *hexkeygrip,
char **r_serialno, int *r_cleartext)
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
{
(void)ctrl;
(void)hexkeygrip;
g10: report whether key in agent is passphrase-protected or not * g10/call-agent.c, g10/call-agent.h (agent_get_keyinfo): add r_cleartext parameter to report whether a key is stored without passphrase protection. * g10/gpgv.c, g10/test-stubs.c: augment dummy agent_get_keyinfo to match new API. * g10/export.c, g10/keyedit.c, g10/keygen.c, g10/keylist.c, g10/sign.c: pass NULL to agent_get_keyinfo since we do not yet need to know whether agent is passphrase-protected. -- Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-06-10 22:15:33 +02:00
(void)r_cleartext;
g10: Add test for keydb as well as new testing infrastructure. * g10/Makefile.am (EXTRA_DIST): Add test.c. (AM_CPPFLAGS): Add -DSOURCE_DIR="\"$(srcdir)\"". (module_tests): Add t-keydb. (t_keydb_SOURCES): New variable. (t_keydb_LDADD): Likewise. * g10/t-keydb.c: New file. * g10/t-keydb-keyring.kbx: New file. * g10/test-stubs.c: New file. * g10/test.c: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 15:07:06 +02:00
*r_serialno = NULL;
return gpg_error (GPG_ERR_NO_SECKEY);
}
gpg_error_t
gpg_dirmngr_get_pka (ctrl_t ctrl, const char *userid,
unsigned char **r_fpr, size_t *r_fprlen,
char **r_url)
{
(void)ctrl;
(void)userid;
if (r_fpr)
*r_fpr = NULL;
if (r_fprlen)
*r_fprlen = 0;
if (r_url)
*r_url = NULL;
return gpg_error (GPG_ERR_NOT_FOUND);
}
gpg: Add option --print-dane-records. * g10/options.h (opt): Add field "print_dane_records". * g10/gpg.c (oPrintDANERecords): new. (opts): Add --print-dane-records. (main): Set that option. * g10/export.c (do_export): Remove EXPORT_DANE_FORMAT handling. (do_export_stream): Add EXPORT_DANE_FORMAT handling. * g10/keylist.c (list_keyblock_pka): Implement DANE record printing. * g10/gpgv.c (export_pubkey_buffer): New stub. * g10/test-stubs.c (export_pubkey_buffer): New stub. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-08 15:04:45 +02:00
gpg_error_t
export_pubkey_buffer (ctrl_t ctrl, const char *keyspec, unsigned int options,
gpg: Print export statistics to the status-fd. * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 16:02:35 +01:00
export_stats_t stats,
gpg: Add option --print-dane-records. * g10/options.h (opt): Add field "print_dane_records". * g10/gpg.c (oPrintDANERecords): new. (opts): Add --print-dane-records. (main): Set that option. * g10/export.c (do_export): Remove EXPORT_DANE_FORMAT handling. (do_export_stream): Add EXPORT_DANE_FORMAT handling. * g10/keylist.c (list_keyblock_pka): Implement DANE record printing. * g10/gpgv.c (export_pubkey_buffer): New stub. * g10/test-stubs.c (export_pubkey_buffer): New stub. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-08 15:04:45 +02:00
kbnode_t *r_keyblock, void **r_data, size_t *r_datalen)
{
(void)ctrl;
(void)keyspec;
(void)options;
gpg: Print export statistics to the status-fd. * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 16:02:35 +01:00
(void)stats;
gpg: Add option --print-dane-records. * g10/options.h (opt): Add field "print_dane_records". * g10/gpg.c (oPrintDANERecords): new. (opts): Add --print-dane-records. (main): Set that option. * g10/export.c (do_export): Remove EXPORT_DANE_FORMAT handling. (do_export_stream): Add EXPORT_DANE_FORMAT handling. * g10/keylist.c (list_keyblock_pka): Implement DANE record printing. * g10/gpgv.c (export_pubkey_buffer): New stub. * g10/test-stubs.c (export_pubkey_buffer): New stub. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-08 15:04:45 +02:00
*r_keyblock = NULL;
*r_data = NULL;
*r_datalen = 0;
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
}
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
gpg: New option --with-tofu-info. * g10/gpg.c (oWithTofuInfo): New. (opts): Add --with-tofu-info. (main): Set opt.with_tofu_info. * g10/options.h (struct opt): Add field WITH_TOFU_INFO. * g10/tofu.c (show_statistics): Add optional arg OUTFP and enter special mode if not NULL. Change all callers. (tofu_write_tfs_record): New. * g10/keylist.c (list_keyblock_colon): Do not print the tofu policy as part of the "uid" record. Print a new "tfs" record if the new option is set. * tests/openpgp/tofu.scm (getpolicy): Change from UID to TFS record. -- A separate option is required to avoid slowing down key listings. Foer example the current code takes for a keylisting in tofu+pgp mode 17 seconds while it takes more than 5 minutes if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 09:26:36 +02:00
gpg_error_t
tofu_write_tfs_record (ctrl_t ctrl, estream_t fp,
PKT_public_key *pk, const char *user_id)
{
(void)ctrl;
(void)fp;
(void)pk;
(void)user_id;
return gpg_error (GPG_ERR_GENERAL);
}
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
gpg_error_t
gpg: Store the Tofu meta handle for databases in CTRL. * g10/gpg.h (struct tofu_dbs_s, tofu_dbs_t): New declarations. (struct server_control_s): Add field tofu.dbs. * g10/tofu.c (struct dbs): Rename to tofu_dbs_s. Replace all users by by tofu_dbs_t. (opendbs): Add arg CTRL. Cache the DBS in CTRL. (closedbs): Rename to tofu_closedbs and make global. Add arg CTRL. (tofu_register): Add arg CTRL. Change all callers. Do not call closedbs. (tofu_get_validity): Ditto. (tofu_set_policy): Ditto. (tofu_get_policy): Ditto. (tofu_set_policy_by_keyid): Add arg CTRL. * g10/gpg.c (gpg_deinit_default_ctrl): Call tofu_closedbs. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 12:26:44 +02:00
tofu_get_policy (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *user_id,
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
enum tofu_policy *policy)
{
gpg: Store the Tofu meta handle for databases in CTRL. * g10/gpg.h (struct tofu_dbs_s, tofu_dbs_t): New declarations. (struct server_control_s): Add field tofu.dbs. * g10/tofu.c (struct dbs): Rename to tofu_dbs_s. Replace all users by by tofu_dbs_t. (opendbs): Add arg CTRL. Cache the DBS in CTRL. (closedbs): Rename to tofu_closedbs and make global. Add arg CTRL. (tofu_register): Add arg CTRL. Change all callers. Do not call closedbs. (tofu_get_validity): Ditto. (tofu_set_policy): Ditto. (tofu_get_policy): Ditto. (tofu_set_policy_by_keyid): Add arg CTRL. * g10/gpg.c (gpg_deinit_default_ctrl): Call tofu_closedbs. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 12:26:44 +02:00
(void)ctrl;
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
(void)pk;
(void)user_id;
(void)policy;
return gpg_error (GPG_ERR_GENERAL);
}
const char *
tofu_policy_str (enum tofu_policy policy)
{
(void)policy;
return "unknown";
}
gpg: Provide an interface to patch TOFU updates. * g10/tofu.c (struct db): Rename begin_transaction to savepoint_batch. Rename end_transaction to savepoint_batch_commit. Update users. Remove field rollback. Add fields savepoint_inner and savepoint_inner_commit. Add field batch_update. (dump_cache): New function. (batch_update): New variable. (begin_transaction). New function. (end_transaction): New function. (rollback_transaction): New function. (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. (closedb): End any pending batch transaction. (closedbs): Assert that none of the DBs have a started batch transaction if we not in batch mode. (record_binding): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. Also start a batch mode transaction if we are using the flat format. (tofu_register): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. * g10/gpgv.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. * g10/test-stubs.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-10-23 17:23:17 +02:00
void
gpg: Remove tofu database format "split". * g10/options.h (struct opt): Remove field tofu_db_format. * g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and tofu.batch_update_started. * g10/gpg.c (parse_tofu_db_format): Remove. (main): Make option --tofu-db-format obsolete. * g10/tofu.c: Major rework. Remove the pretty complicated and slower split format and with that all the caching. Use the dbs struct directly. Move global vars for batch update into CTRL. Change calling conventions of some function to take CTRL or DBS pointers instead of the former low-level database pointer. -- The split database format might have been nice for use with Unison but it bypasses the concept of a relational database by doing parts of this itself and also risking deadlocks. Working with the Tofu database for debugging or experiments is also not possible with parts of the database logic implemented in gpg. The Tofu support is quite new and we can assume that it is not in real use now. Thus we better remove that now so that we do not need to maintain it for all future. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-05 14:40:36 +02:00
tofu_begin_batch_update (ctrl_t ctrl)
gpg: Provide an interface to patch TOFU updates. * g10/tofu.c (struct db): Rename begin_transaction to savepoint_batch. Rename end_transaction to savepoint_batch_commit. Update users. Remove field rollback. Add fields savepoint_inner and savepoint_inner_commit. Add field batch_update. (dump_cache): New function. (batch_update): New variable. (begin_transaction). New function. (end_transaction): New function. (rollback_transaction): New function. (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. (closedb): End any pending batch transaction. (closedbs): Assert that none of the DBs have a started batch transaction if we not in batch mode. (record_binding): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. Also start a batch mode transaction if we are using the flat format. (tofu_register): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. * g10/gpgv.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. * g10/test-stubs.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-10-23 17:23:17 +02:00
{
gpg: Remove tofu database format "split". * g10/options.h (struct opt): Remove field tofu_db_format. * g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and tofu.batch_update_started. * g10/gpg.c (parse_tofu_db_format): Remove. (main): Make option --tofu-db-format obsolete. * g10/tofu.c: Major rework. Remove the pretty complicated and slower split format and with that all the caching. Use the dbs struct directly. Move global vars for batch update into CTRL. Change calling conventions of some function to take CTRL or DBS pointers instead of the former low-level database pointer. -- The split database format might have been nice for use with Unison but it bypasses the concept of a relational database by doing parts of this itself and also risking deadlocks. Working with the Tofu database for debugging or experiments is also not possible with parts of the database logic implemented in gpg. The Tofu support is quite new and we can assume that it is not in real use now. Thus we better remove that now so that we do not need to maintain it for all future. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-05 14:40:36 +02:00
(void)ctrl;
gpg: Provide an interface to patch TOFU updates. * g10/tofu.c (struct db): Rename begin_transaction to savepoint_batch. Rename end_transaction to savepoint_batch_commit. Update users. Remove field rollback. Add fields savepoint_inner and savepoint_inner_commit. Add field batch_update. (dump_cache): New function. (batch_update): New variable. (begin_transaction). New function. (end_transaction): New function. (rollback_transaction): New function. (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. (closedb): End any pending batch transaction. (closedbs): Assert that none of the DBs have a started batch transaction if we not in batch mode. (record_binding): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. Also start a batch mode transaction if we are using the flat format. (tofu_register): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. * g10/gpgv.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. * g10/test-stubs.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-10-23 17:23:17 +02:00
}
void
gpg: Remove tofu database format "split". * g10/options.h (struct opt): Remove field tofu_db_format. * g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and tofu.batch_update_started. * g10/gpg.c (parse_tofu_db_format): Remove. (main): Make option --tofu-db-format obsolete. * g10/tofu.c: Major rework. Remove the pretty complicated and slower split format and with that all the caching. Use the dbs struct directly. Move global vars for batch update into CTRL. Change calling conventions of some function to take CTRL or DBS pointers instead of the former low-level database pointer. -- The split database format might have been nice for use with Unison but it bypasses the concept of a relational database by doing parts of this itself and also risking deadlocks. Working with the Tofu database for debugging or experiments is also not possible with parts of the database logic implemented in gpg. The Tofu support is quite new and we can assume that it is not in real use now. Thus we better remove that now so that we do not need to maintain it for all future. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-05 14:40:36 +02:00
tofu_end_batch_update (ctrl_t ctrl)
gpg: Provide an interface to patch TOFU updates. * g10/tofu.c (struct db): Rename begin_transaction to savepoint_batch. Rename end_transaction to savepoint_batch_commit. Update users. Remove field rollback. Add fields savepoint_inner and savepoint_inner_commit. Add field batch_update. (dump_cache): New function. (batch_update): New variable. (begin_transaction). New function. (end_transaction): New function. (rollback_transaction): New function. (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. (closedb): End any pending batch transaction. (closedbs): Assert that none of the DBs have a started batch transaction if we not in batch mode. (record_binding): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. Also start a batch mode transaction if we are using the flat format. (tofu_register): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. * g10/gpgv.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. * g10/test-stubs.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-10-23 17:23:17 +02:00
{
gpg: Remove tofu database format "split". * g10/options.h (struct opt): Remove field tofu_db_format. * g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and tofu.batch_update_started. * g10/gpg.c (parse_tofu_db_format): Remove. (main): Make option --tofu-db-format obsolete. * g10/tofu.c: Major rework. Remove the pretty complicated and slower split format and with that all the caching. Use the dbs struct directly. Move global vars for batch update into CTRL. Change calling conventions of some function to take CTRL or DBS pointers instead of the former low-level database pointer. -- The split database format might have been nice for use with Unison but it bypasses the concept of a relational database by doing parts of this itself and also risking deadlocks. Working with the Tofu database for debugging or experiments is also not possible with parts of the database logic implemented in gpg. The Tofu support is quite new and we can assume that it is not in real use now. Thus we better remove that now so that we do not need to maintain it for all future. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-05 14:40:36 +02:00
(void)ctrl;
gpg: Provide an interface to patch TOFU updates. * g10/tofu.c (struct db): Rename begin_transaction to savepoint_batch. Rename end_transaction to savepoint_batch_commit. Update users. Remove field rollback. Add fields savepoint_inner and savepoint_inner_commit. Add field batch_update. (dump_cache): New function. (batch_update): New variable. (begin_transaction). New function. (end_transaction): New function. (rollback_transaction): New function. (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. (closedb): End any pending batch transaction. (closedbs): Assert that none of the DBs have a started batch transaction if we not in batch mode. (record_binding): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. Also start a batch mode transaction if we are using the flat format. (tofu_register): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. * g10/gpgv.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. * g10/test-stubs.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-10-23 17:23:17 +02:00
}
g10: Cache the effective policy. Recompute it when required. * g10/tofu.c (initdb): Add column effective_policy to the bindings table. (record_binding): New parameters effective_policy and set_conflict. Save the effective policy. If SET_CONFLICT is set, then set conflict according to CONFLICT. Otherwise, preserve the current value of conflict. Update callers. (get_trust): Don't compute the effective policy here... (get_policy): ... do it here, if it was not cached. Take new parameters, PK, the public key, and NOW, the time that the operation started. Update callers. (show_statistics): New parameter PK. Pass it to get_policy. Update callers. (tofu_notice_key_changed): New function. * g10/gpgv.c (tofu_notice_key_changed): New stub. * g10/import.c (import_revoke_cert): Take additional argument CTRL. Pass it to keydb_update_keyblock. * g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL. Update callers. [USE_TOFU]: Call tofu_notice_key_changed. * g10/test-stubs.c (tofu_notice_key_changed): New stub. * tests/openpgp/tofu.scm: Assume that manually setting a binding's policy to auto does not cause the tofu engine to forget about any conflict. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> We now store the computed policy in the tofu DB (in the effective_policy column of the bindings table) to avoid computing it every time, which is expensive. Further, policy is never overridden in case of a conflict. Instead, we detect a conflict if CONFLICT is not empty. This change is backwards compatible to existing DBs. The only minor incompatibility is that unresolved conflicts won't be automatically resolved in case we import a direct signature, or cross signatures.
2016-11-21 22:47:30 +01:00
gpg_error_t
tofu_notice_key_changed (ctrl_t ctrl, kbnode_t kb)
{
(void) ctrl;
(void) kb;
return 0;
}
Copy Permalink