security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00
Code Activity

* tdbio.c (tdbio_write_nextcheck): Return a status whether the

Browse Source 
stamp was actually changed.
* trustdb.c (revalidation_mark): Sync the changes.  Removed the
sync operation done by its callers.
(get_validity): Add logic for maintaining a pending_check flag.
(clear_ownertrust): New.

* keyedit.c (sign_uids): Don't call revalidation_mark depending on
primary_pk.
(keyedit_menu): Call revalidation_mark after "trust".
(show_key_with_all_names): Print a warning on the wrong listed key
validity.

* delkey.c (do_delete_key): Clear the owenertrust information when
deleting a public key.
This commit is contained in:
Werner Koch 2002-04-19 09:18:57 +00:00
parent aedeefcc5f
commit 4847eadcd8
7 changed files with 98 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
g10/ChangeLog
View File

@ -1,3 +1,21 @@
2002-04-19 Werner Koch <wk@gnupg.org>
* tdbio.c (tdbio_write_nextcheck): Return a status whether the
stamp was actually changed.
* trustdb.c (revalidation_mark): Sync the changes. Removed the
sync operation done by its callers.
(get_validity): Add logic for maintaining a pending_check flag.
(clear_ownertrust): New.
* keyedit.c (sign_uids): Don't call revalidation_mark depending on
primary_pk.
(keyedit_menu): Call revalidation_mark after "trust".
(show_key_with_all_names): Print a warning on the wrong listed key
validity.
* delkey.c (do_delete_key): Clear the owenertrust information when
deleting a public key.
2002-04-18 Werner Koch <wk@gnupg.org> 2002-04-18 Werner Koch <wk@gnupg.org>
* seskey.c (encode_md_value): Print an error message if a wrong * seskey.c (encode_md_value): Print an error message if a wrong

4
g10/delkey.c
View File

@ -156,6 +156,10 @@ do_delete_key( const char *username, int secret, int *r_sec_avail )
log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) ); log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) );
goto leave; goto leave;
} }
if (!secret && pk && clear_ownertrust (pk)) {
if (opt.verbose)
log_info (_("ownertrust information cleared\n"));
}
} }
leave: leave:

27
g10/keyedit.c
View File

@ -611,9 +611,8 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
if( node->flag & NODFLG_DELSIG) if( node->flag & NODFLG_DELSIG)
delete_kbnode(node); delete_kbnode(node);
} /* end loop over signators */ } /* end loop over signators */
if( upd_trust && primary_pk ) { if (upd_trust)
revalidation_mark (); revalidation_mark ();
}
leave: leave:
@ -799,7 +798,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
cmdPRIMARY, cmdDEBUG, cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdPRIMARY, cmdDEBUG, cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID,
cmdADDKEY, cmdDELKEY, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdADDKEY, cmdDELKEY, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST,
cmdPREF, cmdEXPIRE, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF, cmdPREF, cmdEXPIRE, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
cmdSETPREF, cmdUPDPREF, cmdINVCMD, cmdSHOWPHOTO, cmdNOP }; cmdSETPREF, cmdUPDPREF, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
cmdCHKTRUST, cmdNOP };
static struct { const char *name; static struct { const char *name;
enum cmdids id; enum cmdids id;
int need_sk; int need_sk;
@ -1215,8 +1215,10 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
show_key_with_all_names( keyblock, 0, 0, 0, 1, 0 ); show_key_with_all_names( keyblock, 0, 0, 0, 1, 0 );
tty_printf("\n"); tty_printf("\n");
if( edit_ownertrust( find_kbnode( keyblock, if( edit_ownertrust( find_kbnode( keyblock,
PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
redisplay = 1; redisplay = 1;
revalidation_mark ();
}
break; break;
case cmdPREF: case cmdPREF:
@ -1439,6 +1441,7 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
{ {
KBNODE node; KBNODE node;
int i, rc; int i, rc;
int do_warn = 0;
/* the keys */ /* the keys */
for( node = keyblock; node; node = node->next ) { for( node = keyblock; node; node = node->next ) {
@ -1450,9 +1453,17 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
if( node->pkt->pkttype == PKT_PUBLIC_KEY ) { if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
/* do it here, so that debug messages don't clutter the /* do it here, so that debug messages don't clutter the
* output */ * output */
static int did_warn = 0;
trust = get_validity_info (pk, NULL); trust = get_validity_info (pk, NULL);
otrust = get_ownertrust_info (pk); otrust = get_ownertrust_info (pk);
/* Show a warning once */
if (!did_warn
&& (get_validity (pk, NULL) & TRUST_FLAG_PENDING_CHECK)) {
did_warn = 1;
do_warn = 1;
}
} }
if(with_revoker) if(with_revoker)
@ -1549,6 +1560,12 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
} }
} }
} }
if (do_warn)
tty_printf (_("Please note that the shown key validity "
"is not necessary correct\n"
"unless you restart the program.\n"));
} }
static void static void

6
g10/tdbio.c
View File

@ -659,7 +659,8 @@ tdbio_read_nextcheck ()
return vr.r.ver.nextcheck; return vr.r.ver.nextcheck;
} }
void /* Return true when the stamp was actually changed. */
int
tdbio_write_nextcheck (ulong stamp) tdbio_write_nextcheck (ulong stamp)
{ {
TRUSTREC vr; TRUSTREC vr;
@ -671,13 +672,14 @@ tdbio_write_nextcheck (ulong stamp)
db_name, g10_errstr(rc) ); db_name, g10_errstr(rc) );
if (vr.r.ver.nextcheck == stamp) if (vr.r.ver.nextcheck == stamp)
return; return 0;
vr.r.ver.nextcheck = stamp; vr.r.ver.nextcheck = stamp;
rc = tdbio_write_record( &vr ); rc = tdbio_write_record( &vr );
if( rc ) if( rc )
log_fatal( _("%s: error writing version record: %s\n"), log_fatal( _("%s: error writing version record: %s\n"),
db_name, g10_errstr(rc) ); db_name, g10_errstr(rc) );
return 1;
} }

2
g10/tdbio.h
View File

@ -95,7 +95,7 @@ int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
int tdbio_write_record( TRUSTREC *rec ); int tdbio_write_record( TRUSTREC *rec );
int tdbio_db_matches_options(void); int tdbio_db_matches_options(void);
ulong tdbio_read_nextcheck (void); ulong tdbio_read_nextcheck (void);
void tdbio_write_nextcheck (ulong stamp); int tdbio_write_nextcheck (ulong stamp);
int tdbio_is_dirty(void); int tdbio_is_dirty(void);
int tdbio_sync(void); int tdbio_sync(void);
int tdbio_begin_transaction(void); int tdbio_begin_transaction(void);

59
g10/trustdb.c
View File

@ -71,9 +71,7 @@ static struct {
static struct key_item *user_utk_list; /* temp. used to store --trusted-keys */ static struct key_item *user_utk_list; /* temp. used to store --trusted-keys */
static struct key_item *utk_list; /* all ultimately trusted keys */ static struct key_item *utk_list; /* all ultimately trusted keys */
/* Keep track on whether we did an update trustDB already */ static int pending_check_trustdb;
static int did_nextcheck;
static int validate_keys (int interactive); static int validate_keys (int interactive);
@ -499,7 +497,9 @@ revalidation_mark (void)
init_trustdb(); init_trustdb();
/* we simply set the time for the next check to 1 (far back in 1970) /* we simply set the time for the next check to 1 (far back in 1970)
* so that a --update-trustdb will be scheduled */ * so that a --update-trustdb will be scheduled */
tdbio_write_nextcheck (1); if (tdbio_write_nextcheck (1))
do_sync ();
pending_check_trustdb = 1;
} }
@ -593,7 +593,6 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
rec.r.trust.ownertrust = new_trust; rec.r.trust.ownertrust = new_trust;
write_record( &rec ); write_record( &rec );
revalidation_mark (); revalidation_mark ();
do_sync();
} }
} }
else if (rc == -1) else if (rc == -1)
@ -610,7 +609,6 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
rec.r.trust.ownertrust = new_trust; rec.r.trust.ownertrust = new_trust;
write_record (&rec); write_record (&rec);
revalidation_mark (); revalidation_mark ();
do_sync();
rc = 0; rc = 0;
} }
else else
@ -619,6 +617,34 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
} }
} }
/* Clear the ownertrust value. Return true if a changed actually happend. */
int
clear_ownertrust (PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
rc = read_trust_record (pk, &rec);
if (!rc)
{
if (DBG_TRUST)
log_debug ("clearing ownertrust (old value %u)\n",
(unsigned int)rec.r.trust.ownertrust);
if (rec.r.trust.ownertrust)
{
rec.r.trust.ownertrust = 0;
write_record( &rec );
revalidation_mark ();
return 1;
}
}
else if (rc != -1)
{
tdbio_invalid ();
}
return 0;
}
/* /*
* Note: Caller has to do a sync * Note: Caller has to do a sync
*/ */
@ -723,6 +749,7 @@ clear_validity (PKT_public_key *pk)
unsigned int unsigned int
get_validity (PKT_public_key *pk, const byte *namehash) get_validity (PKT_public_key *pk, const byte *namehash)
{ {
static int did_nextcheck;
TRUSTREC trec, vrec; TRUSTREC trec, vrec;
int rc; int rc;
ulong recno; ulong recno;
@ -739,12 +766,16 @@ get_validity (PKT_public_key *pk, const byte *namehash)
scheduled = tdbio_read_nextcheck (); scheduled = tdbio_read_nextcheck ();
if (scheduled && scheduled <= make_timestamp ()) if (scheduled && scheduled <= make_timestamp ())
{ {
if (opt.no_auto_check_trustdb) if (opt.no_auto_check_trustdb)
log_info ("please do a --check-trustdb\n"); {
else { pending_check_trustdb = 1;
log_info (_("checking the trustdb\n")); log_info ("please do a --check-trustdb\n");
validate_keys (0); }
} else
{
log_info (_("checking the trustdb\n"));
validate_keys (0);
}
} }
} }
@ -805,6 +836,9 @@ get_validity (PKT_public_key *pk, const byte *namehash)
* I initially designed it that way */ * I initially designed it that way */
if (main_pk->has_expired || pk->has_expired) if (main_pk->has_expired || pk->has_expired)
validity = (validity & ~TRUST_MASK) | TRUST_EXPIRED; validity = (validity & ~TRUST_MASK) | TRUST_EXPIRED;
if (pending_check_trustdb)
validity |= TRUST_FLAG_PENDING_CHECK;
if (main_pk != pk) if (main_pk != pk)
free_public_key (main_pk); free_public_key (main_pk);
@ -1605,6 +1639,7 @@ validate_keys (int interactive)
strtimestamp (next_expire)); strtimestamp (next_expire));
} }
do_sync (); do_sync ();
pending_check_trustdb = 0;
} }
return rc; return rc;
} }

3
g10/trustdb.h
View File

@ -35,7 +35,7 @@
#define TRUST_FLAG_REVOKED 32 /* r: revoked */ #define TRUST_FLAG_REVOKED 32 /* r: revoked */
#define TRUST_FLAG_SUB_REVOKED 64 /* r: revoked but for subkeys */ #define TRUST_FLAG_SUB_REVOKED 64 /* r: revoked but for subkeys */
#define TRUST_FLAG_DISABLED 128 /* d: key/uid disabled */ #define TRUST_FLAG_DISABLED 128 /* d: key/uid disabled */
#define TRUST_FLAG_PENDING_CHECK 256 /* a check-trustdb is pending */
/*-- trustdb.c --*/ /*-- trustdb.c --*/
void register_trusted_key( const char *string ); void register_trusted_key( const char *string );
@ -62,6 +62,7 @@ void enum_cert_paths_print( void **context, FILE *fp,
unsigned int get_ownertrust (PKT_public_key *pk); unsigned int get_ownertrust (PKT_public_key *pk);
int get_ownertrust_info (PKT_public_key *pk); int get_ownertrust_info (PKT_public_key *pk);
void update_ownertrust (PKT_public_key *pk, unsigned int new_trust ); void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
int clear_ownertrust (PKT_public_key *pk);
/*-- tdbdump.c --*/ /*-- tdbdump.c --*/