security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

g10: If the set of UTKs changes, invalidate any changed policies.

Browse source 
* g10/trustdb.c (tdb_utks): New function.
* g10/tofu.c (check_utks): New function.
(initdb): Call it.
* tests/openpgp/tofu.scm: Modify test to check the effective policy of
keys whose effective policy changes when we change the set of UTKs.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>

If the set of ultimately trusted keys changes, then it is possible
that a binding's effective policy changes.  To deal with this, we
detect when the set of ultimately trusted keys changes and invalidate
all cached policies.
This commit is contained in:
Neal H. Walfield 2016-11-22 15:05:59 +01:00
parent 5c2db9dedf
commit 44c17bcb00
4 changed files with 180 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
g10/trustdb.c
View file

@ -324,6 +324,13 @@ tdb_keyid_is_utk (u32 *kid)
return 0;
}
/* Return the list of ultimately trusted keys. */
struct key_item *
tdb_utks (void)
{
return utk_list;
}
/*********************************************
*********** TrustDB stuff *******************