mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE. * g10/trustdb.c (trustdb_args): Add field no_trustdb. (init_trustdb): Set that field. (revalidation_mark): Take care of a nonexistent trustdb file. (read_trust_options): Ditto. (get_ownertrust): Ditto. (get_min_ownertrust): Ditto. (update_ownertrust): Ditto. (update_min_ownertrust): Ditto. (clear_ownertrusts): Ditto. (cache_disabled_value): Ditto. (check_trustdb_stale): Ditto. (get_validity): Ditto. * g10/gpg.c (main): Do not create a trustdb with most commands for trust-model always. -- This slightly changes the semantics of most commands in that they won't create a trustdb if --trust-model=always is used. It just does not make sense to create a trustdb if there is no need for it. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 1a0eeaacd1bf09fe5125dbc3f56016bc20f3512e) Resolved conflicts: g10/gpg.c g10/tdbio.h g10/trustdb.c (indentation fixes)
This commit is contained in:
Werner Koch
parent
0a10f1f91e
commit
2528178e7e
2
NEWS
2
NEWS
@ -1,6 +1,8 @@
|
||||
Noteworthy changes in version 1.4.16 (unreleased)
|
||||
-------------------------------------------------
|
||||
|
||||
* Do not create a trustdb file if --trust-model=always is used.
|
||||
|
||||
|
||||
Noteworthy changes in version 1.4.15 (2013-10-04)
|
||||
-------------------------------------------------
|
||||
|
||||
@ -3318,14 +3318,12 @@ main (int argc, char **argv )
|
||||
case aFixTrustDB:
|
||||
case aExportOwnerTrust: rc = setup_trustdb( 0, trustdb_name ); break;
|
||||
case aListTrustDB: rc = setup_trustdb( argc? 1:0, trustdb_name ); break;
|
||||
case aEncr:
|
||||
case aEncrFiles:
|
||||
/* No need to create the trust model if we are using the
|
||||
default:
|
||||
/* No need to create the trust model if we are using the
|
||||
* always trust model. */
|
||||
rc = setup_trustdb (opt.trust_model != TM_ALWAYS, trustdb_name);
|
||||
break;
|
||||
default: rc = setup_trustdb(1, trustdb_name ); break;
|
||||
}
|
||||
}
|
||||
if( rc )
|
||||
log_error(_("failed to initialize the TrustDB: %s\n"), g10_errstr(rc));
|
||||
|
||||
|
||||
@ -471,7 +471,7 @@ create_version_record (void)
|
||||
|
||||
|
||||
int
|
||||
tdbio_set_dbname( const char *new_dbname, int create )
|
||||
tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
|
||||
{
|
||||
char *fname;
|
||||
static int initialized = 0;
|
||||
@ -481,6 +481,8 @@ tdbio_set_dbname( const char *new_dbname, int create )
|
||||
initialized = 1;
|
||||
}
|
||||
|
||||
*r_nofile = 0;
|
||||
|
||||
if(new_dbname==NULL)
|
||||
fname=make_filename(opt.homedir,"trustdb" EXTSEP_S "gpg", NULL);
|
||||
else if (*new_dbname != DIRSEP_C )
|
||||
@ -499,7 +501,9 @@ tdbio_set_dbname( const char *new_dbname, int create )
|
||||
xfree(fname);
|
||||
return G10ERR_TRUSTDB;
|
||||
}
|
||||
if( create ) {
|
||||
if (!create)
|
||||
*r_nofile = 1;
|
||||
else {
|
||||
FILE *fp;
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
@ -90,7 +90,7 @@ typedef struct trust_record TRUSTREC;
|
||||
|
||||
/*-- tdbio.c --*/
|
||||
int tdbio_update_version_record(void);
|
||||
int tdbio_set_dbname( const char *new_dbname, int create );
|
||||
int tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile);
|
||||
const char *tdbio_get_dbname(void);
|
||||
void tdbio_dump_record( TRUSTREC *rec, FILE *fp );
|
||||
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
|
||||
|
||||
@ -77,6 +77,7 @@ static struct {
|
||||
int init;
|
||||
int level;
|
||||
char *dbname;
|
||||
int no_trustdb; /* Set if a trustdb file is not available. */
|
||||
} trustdb_args;
|
||||
|
||||
/* some globals */
|
||||
@ -445,7 +446,7 @@ init_trustdb()
|
||||
|
||||
if(level==0 || level==1)
|
||||
{
|
||||
int rc = tdbio_set_dbname( dbname, !!level );
|
||||
int rc = tdbio_set_dbname (dbname, !!level, &trustdb_args.no_trustdb);
|
||||
if( rc )
|
||||
log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
|
||||
}
|
||||
@ -631,6 +632,9 @@ void
|
||||
revalidation_mark (void)
|
||||
{
|
||||
init_trustdb();
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return;
|
||||
|
||||
/* we simply set the time for the next check to 1 (far back in 1970)
|
||||
* so that a --update-trustdb will be scheduled */
|
||||
if (tdbio_write_nextcheck (1))
|
||||
@ -666,8 +670,10 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
|
||||
TRUSTREC opts;
|
||||
|
||||
init_trustdb();
|
||||
|
||||
read_record(0,&opts,RECTYPE_VER);
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
memset (&opts, 0, sizeof opts);
|
||||
else
|
||||
read_record(0,&opts,RECTYPE_VER);
|
||||
|
||||
if(trust_model)
|
||||
*trust_model=opts.r.ver.trust_model;
|
||||
@ -725,6 +731,9 @@ get_ownertrust ( PKT_public_key *pk)
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
rc = read_trust_record (pk, &rec);
|
||||
if (rc == -1)
|
||||
return TRUST_UNKNOWN; /* no record yet */
|
||||
@ -743,6 +752,9 @@ get_min_ownertrust (PKT_public_key *pk)
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
rc = read_trust_record (pk, &rec);
|
||||
if (rc == -1)
|
||||
return TRUST_UNKNOWN; /* no record yet */
|
||||
@ -810,6 +822,9 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return;
|
||||
|
||||
rc = read_trust_record (pk, &rec);
|
||||
if (!rc)
|
||||
{
|
||||
@ -854,6 +869,9 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return;
|
||||
|
||||
pk = xmalloc_clear (sizeof *pk);
|
||||
rc = get_pubkey (pk, kid);
|
||||
if (rc)
|
||||
@ -909,6 +927,9 @@ clear_ownertrusts (PKT_public_key *pk)
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return 0;
|
||||
|
||||
rc = read_trust_record (pk, &rec);
|
||||
if (!rc)
|
||||
{
|
||||
@ -1011,6 +1032,8 @@ cache_disabled_value(PKT_public_key *pk)
|
||||
return (pk->is_disabled==2);
|
||||
|
||||
init_trustdb();
|
||||
if (trustdb_args.no_trustdb)
|
||||
return 0; /* No trustdb => not disabled. */
|
||||
|
||||
rc = read_trust_record (pk, &trec);
|
||||
if (rc && rc != -1)
|
||||
@ -1041,6 +1064,9 @@ check_trustdb_stale(void)
|
||||
static int did_nextcheck=0;
|
||||
|
||||
init_trustdb ();
|
||||
if (trustdb_args.no_trustdb)
|
||||
return; /* No trustdb => can't be stale. */
|
||||
|
||||
if (!did_nextcheck
|
||||
&& (opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC))
|
||||
{
|
||||
@ -1084,6 +1110,14 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
|
||||
namehash_from_uid(uid);
|
||||
|
||||
init_trustdb ();
|
||||
|
||||
/* If we have no trustdb (which also means it has not been created)
|
||||
and the trust-model is always, we don't know the validity -
|
||||
return immediately. If we won't do that the tdbio code would try
|
||||
to open the trustdb and run into a fatal error. */
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
check_trustdb_stale();
|
||||
|
||||
keyid_from_pk (pk, kid);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user