security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: Always initialize the trust db when generating keys. 

* g10/gpg.c (main): Always initialize the trust db when generating
keys.
* g10/keygen.c (do_generate_keypair): We can now assume that there is
a trust db.
--
It is important to mark keys we create as ultimately trusted.

Fixes-commit: 4735ab96aa
GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
Justus Winter 2017-03-02 16:25:20 +01:00
parent 4735ab96aa
commit 0c4d0620d3
No known key found for this signature in database
GPG Key ID: DD1A52F9DA8C9020
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
g10/gpg.c
View File

@ -3949,6 +3949,11 @@ main (int argc, char **argv)
case aListTrustDB:
rc = setup_trustdb (argc? 1:0, trustdb_name);
break;
case aKeygen:
case aFullKeygen:
case aQuickKeygen:
rc = setup_trustdb (1, trustdb_name);
break;
default:
/* If we are using TM_ALWAYS, we do not need to create the
trustdb. */

5
g10/keygen.c
View File

@ -4791,9 +4791,8 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
keyid_from_pk (pk, pk->main_keyid);
register_trusted_keyid (pk->main_keyid);
if (have_trustdb ())
update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK)
| TRUST_ULTIMATE ));
update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK)
| TRUST_ULTIMATE ));
gen_standard_revoke (pk, cache_nonce);