1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

* tdbio.c (tdbio_write_nextcheck): Return a status whether the

stamp was actually changed.
* trustdb.c (revalidation_mark): Sync the changes.  Removed the
sync operation done by its callers.
(get_validity): Add logic for maintaining a pending_check flag.
(clear_ownertrust): New.

* keyedit.c (sign_uids): Don't call revalidation_mark depending on
primary_pk.
(keyedit_menu): Call revalidation_mark after "trust".
(show_key_with_all_names): Print a warning on the wrong listed key
validity.

* delkey.c (do_delete_key): Clear the owenertrust information when
deleting a public key.
This commit is contained in:
Werner Koch 2002-04-19 09:18:57 +00:00
parent aedeefcc5f
commit 4847eadcd8
7 changed files with 98 additions and 21 deletions

View File

@ -1,3 +1,21 @@
2002-04-19 Werner Koch <wk@gnupg.org>
* tdbio.c (tdbio_write_nextcheck): Return a status whether the
stamp was actually changed.
* trustdb.c (revalidation_mark): Sync the changes. Removed the
sync operation done by its callers.
(get_validity): Add logic for maintaining a pending_check flag.
(clear_ownertrust): New.
* keyedit.c (sign_uids): Don't call revalidation_mark depending on
primary_pk.
(keyedit_menu): Call revalidation_mark after "trust".
(show_key_with_all_names): Print a warning on the wrong listed key
validity.
* delkey.c (do_delete_key): Clear the owenertrust information when
deleting a public key.
2002-04-18 Werner Koch <wk@gnupg.org>
* seskey.c (encode_md_value): Print an error message if a wrong

View File

@ -156,6 +156,10 @@ do_delete_key( const char *username, int secret, int *r_sec_avail )
log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) );
goto leave;
}
if (!secret && pk && clear_ownertrust (pk)) {
if (opt.verbose)
log_info (_("ownertrust information cleared\n"));
}
}
leave:

View File

@ -611,9 +611,8 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
if( node->flag & NODFLG_DELSIG)
delete_kbnode(node);
} /* end loop over signators */
if( upd_trust && primary_pk ) {
if (upd_trust)
revalidation_mark ();
}
leave:
@ -799,7 +798,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
cmdPRIMARY, cmdDEBUG, cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID,
cmdADDKEY, cmdDELKEY, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST,
cmdPREF, cmdEXPIRE, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
cmdSETPREF, cmdUPDPREF, cmdINVCMD, cmdSHOWPHOTO, cmdNOP };
cmdSETPREF, cmdUPDPREF, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
cmdCHKTRUST, cmdNOP };
static struct { const char *name;
enum cmdids id;
int need_sk;
@ -1215,8 +1215,10 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
show_key_with_all_names( keyblock, 0, 0, 0, 1, 0 );
tty_printf("\n");
if( edit_ownertrust( find_kbnode( keyblock,
PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) )
PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
redisplay = 1;
revalidation_mark ();
}
break;
case cmdPREF:
@ -1439,6 +1441,7 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
{
KBNODE node;
int i, rc;
int do_warn = 0;
/* the keys */
for( node = keyblock; node; node = node->next ) {
@ -1450,9 +1453,17 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
/* do it here, so that debug messages don't clutter the
* output */
static int did_warn = 0;
trust = get_validity_info (pk, NULL);
otrust = get_ownertrust_info (pk);
/* Show a warning once */
if (!did_warn
&& (get_validity (pk, NULL) & TRUST_FLAG_PENDING_CHECK)) {
did_warn = 1;
do_warn = 1;
}
}
if(with_revoker)
@ -1549,6 +1560,12 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
}
}
}
if (do_warn)
tty_printf (_("Please note that the shown key validity "
"is not necessary correct\n"
"unless you restart the program.\n"));
}
static void

View File

@ -659,7 +659,8 @@ tdbio_read_nextcheck ()
return vr.r.ver.nextcheck;
}
void
/* Return true when the stamp was actually changed. */
int
tdbio_write_nextcheck (ulong stamp)
{
TRUSTREC vr;
@ -671,13 +672,14 @@ tdbio_write_nextcheck (ulong stamp)
db_name, g10_errstr(rc) );
if (vr.r.ver.nextcheck == stamp)
return;
return 0;
vr.r.ver.nextcheck = stamp;
rc = tdbio_write_record( &vr );
if( rc )
log_fatal( _("%s: error writing version record: %s\n"),
db_name, g10_errstr(rc) );
return 1;
}

View File

@ -95,7 +95,7 @@ int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
int tdbio_write_record( TRUSTREC *rec );
int tdbio_db_matches_options(void);
ulong tdbio_read_nextcheck (void);
void tdbio_write_nextcheck (ulong stamp);
int tdbio_write_nextcheck (ulong stamp);
int tdbio_is_dirty(void);
int tdbio_sync(void);
int tdbio_begin_transaction(void);

View File

@ -71,9 +71,7 @@ static struct {
static struct key_item *user_utk_list; /* temp. used to store --trusted-keys */
static struct key_item *utk_list; /* all ultimately trusted keys */
/* Keep track on whether we did an update trustDB already */
static int did_nextcheck;
static int pending_check_trustdb;
static int validate_keys (int interactive);
@ -499,7 +497,9 @@ revalidation_mark (void)
init_trustdb();
/* we simply set the time for the next check to 1 (far back in 1970)
* so that a --update-trustdb will be scheduled */
tdbio_write_nextcheck (1);
if (tdbio_write_nextcheck (1))
do_sync ();
pending_check_trustdb = 1;
}
@ -593,7 +593,6 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
rec.r.trust.ownertrust = new_trust;
write_record( &rec );
revalidation_mark ();
do_sync();
}
}
else if (rc == -1)
@ -610,7 +609,6 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
rec.r.trust.ownertrust = new_trust;
write_record (&rec);
revalidation_mark ();
do_sync();
rc = 0;
}
else
@ -619,6 +617,34 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
}
}
/* Clear the ownertrust value. Return true if a changed actually happend. */
int
clear_ownertrust (PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
rc = read_trust_record (pk, &rec);
if (!rc)
{
if (DBG_TRUST)
log_debug ("clearing ownertrust (old value %u)\n",
(unsigned int)rec.r.trust.ownertrust);
if (rec.r.trust.ownertrust)
{
rec.r.trust.ownertrust = 0;
write_record( &rec );
revalidation_mark ();
return 1;
}
}
else if (rc != -1)
{
tdbio_invalid ();
}
return 0;
}
/*
* Note: Caller has to do a sync
*/
@ -723,6 +749,7 @@ clear_validity (PKT_public_key *pk)
unsigned int
get_validity (PKT_public_key *pk, const byte *namehash)
{
static int did_nextcheck;
TRUSTREC trec, vrec;
int rc;
ulong recno;
@ -739,12 +766,16 @@ get_validity (PKT_public_key *pk, const byte *namehash)
scheduled = tdbio_read_nextcheck ();
if (scheduled && scheduled <= make_timestamp ())
{
if (opt.no_auto_check_trustdb)
log_info ("please do a --check-trustdb\n");
else {
log_info (_("checking the trustdb\n"));
validate_keys (0);
}
if (opt.no_auto_check_trustdb)
{
pending_check_trustdb = 1;
log_info ("please do a --check-trustdb\n");
}
else
{
log_info (_("checking the trustdb\n"));
validate_keys (0);
}
}
}
@ -805,6 +836,9 @@ get_validity (PKT_public_key *pk, const byte *namehash)
* I initially designed it that way */
if (main_pk->has_expired || pk->has_expired)
validity = (validity & ~TRUST_MASK) | TRUST_EXPIRED;
if (pending_check_trustdb)
validity |= TRUST_FLAG_PENDING_CHECK;
if (main_pk != pk)
free_public_key (main_pk);
@ -1605,6 +1639,7 @@ validate_keys (int interactive)
strtimestamp (next_expire));
}
do_sync ();
pending_check_trustdb = 0;
}
return rc;
}

View File

@ -35,7 +35,7 @@
#define TRUST_FLAG_REVOKED 32 /* r: revoked */
#define TRUST_FLAG_SUB_REVOKED 64 /* r: revoked but for subkeys */
#define TRUST_FLAG_DISABLED 128 /* d: key/uid disabled */
#define TRUST_FLAG_PENDING_CHECK 256 /* a check-trustdb is pending */
/*-- trustdb.c --*/
void register_trusted_key( const char *string );
@ -62,6 +62,7 @@ void enum_cert_paths_print( void **context, FILE *fp,
unsigned int get_ownertrust (PKT_public_key *pk);
int get_ownertrust_info (PKT_public_key *pk);
void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
int clear_ownertrust (PKT_public_key *pk);
/*-- tdbdump.c --*/