From 4735ab96aa5577d40ba7b3f72d863057198cc6a7 Mon Sep 17 00:00:00 2001 From: Justus Winter Date: Thu, 2 Mar 2017 14:35:09 +0100 Subject: [PATCH] gpg: Fix (quick) key generation with --always-trust. * g10/keygen.c (do_generate_keypair): Only update the ownertrust if we do have a trust database. * g10/trustdb.c (have_trustdb): New function. * g10/trustdb.h (have_trustdb): New prototype. * tests/openpgp/quick-key-manipulation.scm: Remove workaround. GnuPG-bug-id: 2695 Signed-off-by: Justus Winter --- g10/keygen.c | 5 +++-- g10/trustdb.c | 10 ++++++++++ g10/trustdb.h | 1 + tests/openpgp/quick-key-manipulation.scm | 4 ---- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/g10/keygen.c b/g10/keygen.c index 24cf93cb1..f044257ed 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -4791,8 +4791,9 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, keyid_from_pk (pk, pk->main_keyid); register_trusted_keyid (pk->main_keyid); - update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK) - | TRUST_ULTIMATE )); + if (have_trustdb ()) + update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK) + | TRUST_ULTIMATE )); gen_standard_revoke (pk, cache_nonce); diff --git a/g10/trustdb.c b/g10/trustdb.c index f4df4c818..74430510d 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -511,6 +511,16 @@ init_trustdb (int no_create) } +/* Check whether we have a trust database, initializing it if + necessary if the trust model is not 'always trust'. Returns true + if we do have a usable trust database. */ +int +have_trustdb (void) +{ + return init_trustdb (opt.trust_model == TM_ALWAYS) == 0; +} + + /**************** * Recreate the WoT but do not ask for new ownertrusts. Special * feature: In batch mode and without a forced yes, this is only done diff --git a/g10/trustdb.h b/g10/trustdb.h index 3088063aa..00be4df74 100644 --- a/g10/trustdb.h +++ b/g10/trustdb.h @@ -128,6 +128,7 @@ int setup_trustdb( int level, const char *dbname ); void how_to_fix_the_trustdb (void); const char *trust_model_string (int model); gpg_error_t init_trustdb (int no_create); +int have_trustdb (void); void tdb_check_trustdb_stale (ctrl_t ctrl); void sync_trustdb( void ); diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm index 8ceb03500..10f0bfe21 100755 --- a/tests/openpgp/quick-key-manipulation.scm +++ b/tests/openpgp/quick-key-manipulation.scm @@ -21,10 +21,6 @@ (load (with-path "time.scm")) (setup-environment) - ;; XXX because of --always-trust, the trustdb is not created. - ;; Therefore, we redefine GPG without --always-trust. -(define GPG `(,(tool 'gpg) --no-permission-warning)) - (define (exact id) (string-append "=" id))