From 2dbfc709adac559bf1f172de4ff595a815bd7d27 Mon Sep 17 00:00:00 2001 From: David Shaw Date: Sun, 6 Feb 2005 17:38:43 +0000 Subject: [PATCH] * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb is dirty and --interactive is set, do an --update-trustdb. If not interactive, do a --check_trustdb unless --no-auto-check-trustdb is set. * import.c (import_keys_internal): Moved from here. * keyserver.c (keyserver_refresh): Call it here after all refreshing has happened so that we don't rebuild after each preferred keyserver set of imports, but do one big rebuild at the end. This is Debian bug #293816, noted by Kurt Roeckx. --- g10/ChangeLog | 14 ++++++++++++++ g10/import.c | 15 ++++++--------- g10/keyserver.c | 22 ++++++++++++++++++---- g10/trustdb.c | 14 ++++++++++++++ g10/trustdb.h | 5 +++-- 5 files changed, 55 insertions(+), 15 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index b38ebe2fb..e3ed14642 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,17 @@ +2005-02-06 David Shaw + + * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the + trustdb is dirty and --interactive is set, do an --update-trustdb. + If not interactive, do a --check_trustdb unless + --no-auto-check-trustdb is set. + + * import.c (import_keys_internal): Moved from here. + + * keyserver.c (keyserver_refresh): Call it here after all + refreshing has happened so that we don't rebuild after each + preferred keyserver set of imports, but do one big rebuild at the + end. This is Debian bug #293816, noted by Kurt Roeckx. + 2005-02-04 David Shaw * getkey.c (merge_selfsigs_subkey): Merged away definition from diff --git a/g10/import.c b/g10/import.c index 4119b01c1..0554e4dbb 100644 --- a/g10/import.c +++ b/g10/import.c @@ -1,6 +1,6 @@ /* import.c - import a key into our key storage. - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, + * 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -193,18 +193,15 @@ import_keys_internal( IOBUF inp, char **fnames, int nnames, import_print_stats (stats); import_release_stats_handle (stats); } + /* If no fast import and the trustdb is dirty (i.e. we added a key or userID that had something other than a selfsig, a signature that was other than a selfsig, or any revocation), then update/check the trustdb if the user specified by setting interactive or by not setting no-auto-check-trustdb */ - if (!(options&IMPORT_FAST) && trustdb_pending_check()) - { - if (opt.interactive) - update_trustdb(); - else if (!opt.no_auto_check_trustdb) - check_trustdb(); - } + + if(!(options&IMPORT_FAST)) + trustdb_check_or_update(); return rc; } diff --git a/g10/keyserver.c b/g10/keyserver.c index fb3f11d5e..7389d1e60 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -35,6 +35,7 @@ #include "ttyio.h" #include "options.h" #include "packet.h" +#include "trustdb.h" #include "keyserver-internal.h" #include "util.h" @@ -1628,11 +1629,17 @@ keyserver_refresh(STRLIST users) { int rc,count,numdesc,fakev3=0; KEYDB_SEARCH_DESC *desc; + unsigned int options=opt.keyserver_options.import_options; - /* We switch merge_only on during a refresh, as 'refresh' should - never import new keys, even if their keyids match. Is it worth - preserving the old merge_only value here? */ - opt.import_options|=IMPORT_MERGE_ONLY; + /* We switch merge-only on during a refresh, as 'refresh' should + never import new keys, even if their keyids match. */ + opt.keyserver_options.import_options|=IMPORT_MERGE_ONLY; + + /* Similarly, we switch on fast-import, since refresh may make + multiple import sets (due to preferred keyserver URLs). We don't + want each set to rebuild the trustdb. Instead we do it once at + the end here. */ + opt.keyserver_options.import_options|=IMPORT_FAST; /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO scheme, then enable fake v3 keyid generation. */ @@ -1696,6 +1703,13 @@ keyserver_refresh(STRLIST users) m_free(desc); + opt.keyserver_options.import_options=options; + + /* If the original options didn't have fast import, and the trustdb + is dirty, rebuild. */ + if(!(opt.keyserver_options.import_options&IMPORT_FAST)) + trustdb_check_or_update(); + return rc; } diff --git a/g10/trustdb.c b/g10/trustdb.c index 8dccef7a9..d69b872ca 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -624,6 +624,20 @@ trustdb_pending_check(void) return pending_check_trustdb; } +/* If the trustdb is dirty, and we're interactive, update it. + Otherwise, check it unless no-auto-check-trustdb is set. */ +void +trustdb_check_or_update(void) +{ + if(trustdb_pending_check()) + { + if(opt.interactive) + update_trustdb(); + else if(!opt.no_auto_check_trustdb) + check_trustdb(); + } +} + void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, byte *marginals,byte *completes,byte *cert_depth) diff --git a/g10/trustdb.h b/g10/trustdb.h index baeab3fa4..8bcaae51e 100644 --- a/g10/trustdb.h +++ b/g10/trustdb.h @@ -1,6 +1,6 @@ /* trustdb.h - Trust database - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, + * 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -53,6 +53,7 @@ int string_to_trust_value (const char *str); void revalidation_mark (void); int trustdb_pending_check(void); +void trustdb_check_or_update(void); int cache_disabled_value(PKT_public_key *pk);