mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE. * g10/trustdb.c (trustdb_args): Add field no_trustdb. (init_trustdb): Set that field. (revalidation_mark): Take care of a nonexistent trustdb file. (read_trust_options): Ditto. (get_ownertrust): Ditto. (get_min_ownertrust): Ditto. (update_ownertrust): Ditto. (update_min_ownertrust): Ditto. (clear_ownertrusts): Ditto. (cache_disabled_value): Ditto. (check_trustdb_stale): Ditto. (get_validity): Ditto. * g10/gpg.c (main): Do not create a trustdb with most commands for trust-model always. -- This slightly changes the semantics of most commands in that they won't create a trustdb if --trust-model=always is used. It just does not make sense to create a trustdb if there is no need for it. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
6286d01ba3
commit
1a0eeaacd1
2
NEWS
2
NEWS
@ -1,6 +1,8 @@
|
||||
Noteworthy changes in version 2.0.23 (unreleased)
|
||||
-------------------------------------------------
|
||||
|
||||
* Do not create a trustdb file if --trust-model=always is used.
|
||||
|
||||
|
||||
Noteworthy changes in version 2.0.22 (2013-10-04)
|
||||
-------------------------------------------------
|
||||
|
@ -3408,15 +3408,11 @@ main (int argc, char **argv)
|
||||
case aListTrustDB:
|
||||
rc = setup_trustdb (argc? 1:0, trustdb_name);
|
||||
break;
|
||||
case aEncr:
|
||||
case aEncrFiles:
|
||||
default:
|
||||
/* If we are using TM_ALWAYS, we do not need to create the
|
||||
trustdb. */
|
||||
rc = setup_trustdb (opt.trust_model != TM_ALWAYS, trustdb_name);
|
||||
break;
|
||||
default:
|
||||
rc = setup_trustdb (1, trustdb_name );
|
||||
break;
|
||||
}
|
||||
if (rc)
|
||||
log_error (_("failed to initialize the TrustDB: %s\n"), g10_errstr(rc));
|
||||
|
@ -473,7 +473,7 @@ create_version_record (void)
|
||||
|
||||
|
||||
int
|
||||
tdbio_set_dbname( const char *new_dbname, int create )
|
||||
tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
|
||||
{
|
||||
char *fname;
|
||||
static int initialized = 0;
|
||||
@ -483,6 +483,8 @@ tdbio_set_dbname( const char *new_dbname, int create )
|
||||
initialized = 1;
|
||||
}
|
||||
|
||||
*r_nofile = 0;
|
||||
|
||||
if(new_dbname==NULL)
|
||||
fname=make_filename(opt.homedir,"trustdb" EXTSEP_S "gpg", NULL);
|
||||
else if (*new_dbname != DIRSEP_C )
|
||||
@ -501,7 +503,9 @@ tdbio_set_dbname( const char *new_dbname, int create )
|
||||
xfree(fname);
|
||||
return G10ERR_TRUSTDB;
|
||||
}
|
||||
if( create ) {
|
||||
if (!create)
|
||||
*r_nofile = 1;
|
||||
else {
|
||||
FILE *fp;
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
@ -93,7 +93,7 @@ typedef struct trust_record TRUSTREC;
|
||||
|
||||
/*-- tdbio.c --*/
|
||||
int tdbio_update_version_record(void);
|
||||
int tdbio_set_dbname( const char *new_dbname, int create );
|
||||
int tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile);
|
||||
const char *tdbio_get_dbname(void);
|
||||
void tdbio_dump_record( TRUSTREC *rec, FILE *fp );
|
||||
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
|
||||
|
@ -73,6 +73,7 @@ static struct {
|
||||
int init;
|
||||
int level;
|
||||
char *dbname;
|
||||
int no_trustdb; /* Set if a trustdb file is not available. */
|
||||
} trustdb_args;
|
||||
|
||||
/* some globals */
|
||||
@ -441,7 +442,7 @@ init_trustdb()
|
||||
|
||||
if(level==0 || level==1)
|
||||
{
|
||||
int rc = tdbio_set_dbname( dbname, !!level );
|
||||
int rc = tdbio_set_dbname (dbname, !!level, &trustdb_args.no_trustdb);
|
||||
if( rc )
|
||||
log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
|
||||
}
|
||||
@ -627,6 +628,9 @@ void
|
||||
revalidation_mark (void)
|
||||
{
|
||||
init_trustdb();
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return;
|
||||
|
||||
/* we simply set the time for the next check to 1 (far back in 1970)
|
||||
* so that a --update-trustdb will be scheduled */
|
||||
if (tdbio_write_nextcheck (1))
|
||||
@ -662,7 +666,9 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
|
||||
TRUSTREC opts;
|
||||
|
||||
init_trustdb();
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
memset (&opts, 0, sizeof opts);
|
||||
else
|
||||
read_record(0,&opts,RECTYPE_VER);
|
||||
|
||||
if(trust_model)
|
||||
@ -721,6 +727,9 @@ get_ownertrust ( PKT_public_key *pk)
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
rc = read_trust_record (pk, &rec);
|
||||
if (rc == -1)
|
||||
return TRUST_UNKNOWN; /* no record yet */
|
||||
@ -739,6 +748,9 @@ get_min_ownertrust (PKT_public_key *pk)
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
rc = read_trust_record (pk, &rec);
|
||||
if (rc == -1)
|
||||
return TRUST_UNKNOWN; /* no record yet */
|
||||
@ -806,6 +818,9 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return;
|
||||
|
||||
rc = read_trust_record (pk, &rec);
|
||||
if (!rc)
|
||||
{
|
||||
@ -850,6 +865,9 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return;
|
||||
|
||||
pk = xmalloc_clear (sizeof *pk);
|
||||
rc = get_pubkey (pk, kid);
|
||||
if (rc)
|
||||
@ -905,6 +923,9 @@ clear_ownertrusts (PKT_public_key *pk)
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return 0;
|
||||
|
||||
rc = read_trust_record (pk, &rec);
|
||||
if (!rc)
|
||||
{
|
||||
@ -1007,6 +1028,8 @@ cache_disabled_value(PKT_public_key *pk)
|
||||
return (pk->is_disabled==2);
|
||||
|
||||
init_trustdb();
|
||||
if (trustdb_args.no_trustdb)
|
||||
return 0; /* No trustdb => not disabled. */
|
||||
|
||||
rc = read_trust_record (pk, &trec);
|
||||
if (rc && rc != -1)
|
||||
@ -1037,6 +1060,9 @@ check_trustdb_stale(void)
|
||||
static int did_nextcheck=0;
|
||||
|
||||
init_trustdb ();
|
||||
if (trustdb_args.no_trustdb)
|
||||
return; /* No trustdb => can't be stale. */
|
||||
|
||||
if (!did_nextcheck
|
||||
&& (opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC))
|
||||
{
|
||||
@ -1080,6 +1106,14 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
|
||||
namehash_from_uid(uid);
|
||||
|
||||
init_trustdb ();
|
||||
|
||||
/* If we have no trustdb (which also means it has not been created)
|
||||
and the trust-model is always, we don't know the validity -
|
||||
return immediately. If we won't do that the tdbio code would try
|
||||
to open the trustdb and run into a fatal error. */
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
check_trustdb_stale();
|
||||
|
||||
keyid_from_pk (pk, kid);
|
||||
|
Loading…
x
Reference in New Issue
Block a user