1999-03-11 15:42:06 +00:00
|
|
|
/* tdbdump.c
|
2002-06-29 13:46:34 +00:00
|
|
|
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
|
1999-03-11 15:42:06 +00:00
|
|
|
*
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
*
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <errno.h>
|
|
|
|
#include <ctype.h>
|
|
|
|
#include <assert.h>
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <fcntl.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
|
|
|
|
#include "errors.h"
|
|
|
|
#include "iobuf.h"
|
|
|
|
#include "keydb.h"
|
2002-06-29 13:46:34 +00:00
|
|
|
#include "memory.h"
|
1999-03-11 15:42:06 +00:00
|
|
|
#include "util.h"
|
|
|
|
#include "trustdb.h"
|
|
|
|
#include "options.h"
|
|
|
|
#include "packet.h"
|
|
|
|
#include "main.h"
|
|
|
|
#include "i18n.h"
|
|
|
|
#include "tdbio.h"
|
|
|
|
|
|
|
|
|
1999-11-19 16:11:37 +00:00
|
|
|
#define HEXTOBIN(x) ( (x) >= '0' && (x) <= '9' ? ((x)-'0') : \
|
|
|
|
(x) >= 'A' && (x) <= 'F' ? ((x)-'A'+10) : ((x)-'a'+10))
|
1999-03-11 15:42:06 +00:00
|
|
|
|
2002-06-29 13:46:34 +00:00
|
|
|
|
1999-03-11 15:42:06 +00:00
|
|
|
/****************
|
|
|
|
* Wirte a record but die on error
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
write_record( TRUSTREC *rec )
|
|
|
|
{
|
|
|
|
int rc = tdbio_write_record( rec );
|
|
|
|
if( !rc )
|
|
|
|
return;
|
|
|
|
log_error(_("trust record %lu, type %d: write failed: %s\n"),
|
2002-06-29 13:46:34 +00:00
|
|
|
rec->recnum, rec->rectype, g10_errstr(rc) );
|
1999-03-11 15:42:06 +00:00
|
|
|
tdbio_invalid();
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/****************
|
2002-06-29 13:46:34 +00:00
|
|
|
* Dump the entire trustdb or only the entries of one key.
|
1999-03-11 15:42:06 +00:00
|
|
|
*/
|
|
|
|
void
|
|
|
|
list_trustdb( const char *username )
|
|
|
|
{
|
|
|
|
TRUSTREC rec;
|
|
|
|
|
|
|
|
init_trustdb();
|
2002-06-29 13:46:34 +00:00
|
|
|
/* for now we ignore the user ID */
|
|
|
|
if (1) {
|
1999-03-11 15:42:06 +00:00
|
|
|
ulong recnum;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
printf("TrustDB: %s\n", tdbio_get_dbname() );
|
|
|
|
for(i=9+strlen(tdbio_get_dbname()); i > 0; i-- )
|
|
|
|
putchar('-');
|
|
|
|
putchar('\n');
|
|
|
|
for(recnum=0; !tdbio_read_record( recnum, &rec, 0); recnum++ )
|
|
|
|
tdbio_dump_record( &rec, stdout );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/****************
|
|
|
|
* Print a list of all defined owner trust value.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
export_ownertrust()
|
|
|
|
{
|
|
|
|
TRUSTREC rec;
|
|
|
|
ulong recnum;
|
|
|
|
int i;
|
|
|
|
byte *p;
|
|
|
|
|
|
|
|
init_trustdb();
|
|
|
|
printf(_("# List of assigned trustvalues, created %s\n"
|
1999-06-26 10:23:06 +00:00
|
|
|
"# (Use \"gpg --import-ownertrust\" to restore them)\n"),
|
1999-03-11 15:42:06 +00:00
|
|
|
asctimestamp( make_timestamp() ) );
|
|
|
|
for(recnum=0; !tdbio_read_record( recnum, &rec, 0); recnum++ ) {
|
2002-06-29 13:46:34 +00:00
|
|
|
if( rec.rectype == RECTYPE_TRUST ) {
|
|
|
|
if( !rec.r.trust.ownertrust )
|
1999-03-11 15:42:06 +00:00
|
|
|
continue;
|
2002-06-29 13:46:34 +00:00
|
|
|
p = rec.r.trust.fingerprint;
|
|
|
|
for(i=0; i < 20; i++, p++ )
|
1999-03-11 15:42:06 +00:00
|
|
|
printf("%02X", *p );
|
2002-06-29 13:46:34 +00:00
|
|
|
printf(":%u:\n", (unsigned int)rec.r.trust.ownertrust );
|
1999-03-11 15:42:06 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
import_ownertrust( const char *fname )
|
|
|
|
{
|
|
|
|
FILE *fp;
|
|
|
|
int is_stdin=0;
|
|
|
|
char line[256];
|
|
|
|
char *p;
|
|
|
|
size_t n, fprlen;
|
2002-06-29 13:46:34 +00:00
|
|
|
unsigned int otrust;
|
|
|
|
byte fpr[20];
|
|
|
|
int any = 0;
|
|
|
|
int rc;
|
1999-03-11 15:42:06 +00:00
|
|
|
|
|
|
|
init_trustdb();
|
2004-10-13 09:59:46 +00:00
|
|
|
if( iobuf_is_pipe_filename (fname) ) {
|
1999-03-11 15:42:06 +00:00
|
|
|
fp = stdin;
|
|
|
|
fname = "[stdin]";
|
|
|
|
is_stdin = 1;
|
|
|
|
}
|
|
|
|
else if( !(fp = fopen( fname, "r" )) ) {
|
2004-10-13 18:10:06 +00:00
|
|
|
log_error ( _("can't open `%s': %s\n"), fname, strerror(errno) );
|
1999-03-11 15:42:06 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2004-10-13 18:10:06 +00:00
|
|
|
if (is_secured_file (fileno (fp)))
|
|
|
|
{
|
|
|
|
fclose (fp);
|
|
|
|
errno = EPERM;
|
|
|
|
log_error (_("can't open `%s': %s\n"), fname, strerror(errno) );
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
1999-03-11 15:42:06 +00:00
|
|
|
while( fgets( line, DIM(line)-1, fp ) ) {
|
|
|
|
TRUSTREC rec;
|
|
|
|
|
|
|
|
if( !*line || *line == '#' )
|
|
|
|
continue;
|
|
|
|
n = strlen(line);
|
|
|
|
if( line[n-1] != '\n' ) {
|
2004-10-13 18:10:06 +00:00
|
|
|
log_error (_("error in `%s': %s\n"), fname, _("line too long") );
|
1999-03-11 15:42:06 +00:00
|
|
|
/* ... or last line does not have a LF */
|
|
|
|
break; /* can't continue */
|
|
|
|
}
|
|
|
|
for(p = line; *p && *p != ':' ; p++ )
|
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-07-10 14:30:07 +00:00
|
|
|
if( !hexdigitp(p) )
|
1999-03-11 15:42:06 +00:00
|
|
|
break;
|
|
|
|
if( *p != ':' ) {
|
2004-10-13 18:10:06 +00:00
|
|
|
log_error (_("error in `%s': %s\n"), fname, _("colon missing") );
|
1999-03-11 15:42:06 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
fprlen = p - line;
|
|
|
|
if( fprlen != 32 && fprlen != 40 ) {
|
2004-10-13 18:10:06 +00:00
|
|
|
log_error (_("error in `%s': %s\n"),
|
|
|
|
fname, _("invalid fingerprint") );
|
1999-03-11 15:42:06 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if( sscanf(p, ":%u:", &otrust ) != 1 ) {
|
2004-10-13 18:10:06 +00:00
|
|
|
log_error (_("error in `%s': %s\n"),
|
|
|
|
fname, _("ownertrust value missing"));
|
1999-03-11 15:42:06 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if( !otrust )
|
|
|
|
continue; /* no otrust defined - no need to update or insert */
|
|
|
|
/* convert the ascii fingerprint to binary */
|
2002-06-29 13:46:34 +00:00
|
|
|
for(p=line, fprlen=0; fprlen < 20 && *p != ':'; p += 2 )
|
|
|
|
fpr[fprlen++] = HEXTOBIN(p[0]) * 16 + HEXTOBIN(p[1]);
|
|
|
|
while (fprlen < 20)
|
|
|
|
fpr[fprlen++] = 0;
|
|
|
|
|
|
|
|
rc = tdbio_search_trust_byfpr (fpr, &rec);
|
1999-03-11 15:42:06 +00:00
|
|
|
if( !rc ) { /* found: update */
|
2002-06-29 13:46:34 +00:00
|
|
|
if (rec.r.trust.ownertrust != otrust)
|
|
|
|
{
|
|
|
|
if( rec.r.trust.ownertrust )
|
|
|
|
log_info("changing ownertrust from %u to %u\n",
|
|
|
|
rec.r.trust.ownertrust, otrust );
|
|
|
|
else
|
|
|
|
log_info("setting ownertrust to %u\n", otrust );
|
|
|
|
rec.r.trust.ownertrust = otrust;
|
|
|
|
write_record (&rec );
|
|
|
|
any = 1;
|
|
|
|
}
|
1999-03-11 15:42:06 +00:00
|
|
|
}
|
2002-06-29 13:46:34 +00:00
|
|
|
else if( rc == -1 ) { /* not found: insert */
|
|
|
|
log_info("inserting ownertrust of %u\n", otrust );
|
|
|
|
memset (&rec, 0, sizeof rec);
|
|
|
|
rec.recnum = tdbio_new_recnum ();
|
|
|
|
rec.rectype = RECTYPE_TRUST;
|
|
|
|
memcpy (rec.r.trust.fingerprint, fpr, 20);
|
|
|
|
rec.r.trust.ownertrust = otrust;
|
|
|
|
write_record (&rec );
|
|
|
|
any = 1;
|
1999-03-11 15:42:06 +00:00
|
|
|
}
|
|
|
|
else /* error */
|
2004-10-13 18:10:06 +00:00
|
|
|
log_error (_("error finding trust record in `%s': %s\n"),
|
|
|
|
fname, g10_errstr(rc));
|
1999-03-11 15:42:06 +00:00
|
|
|
}
|
|
|
|
if( ferror(fp) )
|
2004-10-13 18:10:06 +00:00
|
|
|
log_error ( _("read error in `%s': %s\n"), fname, strerror(errno) );
|
1999-03-11 15:42:06 +00:00
|
|
|
if( !is_stdin )
|
|
|
|
fclose(fp);
|
2002-06-29 13:46:34 +00:00
|
|
|
|
|
|
|
if (any)
|
|
|
|
{
|
|
|
|
revalidation_mark ();
|
|
|
|
rc = tdbio_sync ();
|
|
|
|
if (rc)
|
|
|
|
log_error (_("trustdb: sync failed: %s\n"), g10_errstr(rc) );
|
|
|
|
}
|
|
|
|
|
1999-03-11 15:42:06 +00:00
|
|
|
}
|
|
|
|
|
2002-06-29 13:46:34 +00:00
|
|
|
|