* pkclist.c (do_we_trust_pre): If an untrusted key was chosen by a

particular user ID, use that ID as the one to ask about when prompting whether to use the key anyway. (build_pk_list): Similar change here when adding keys to the recipient list. * trustdb.c (update_validity): Fix bug that prevented more than one validity record per trust record. (get_validity): When retrieving validity for a (user) supplied user ID, return the validity for that user ID only, and do not fall back to the general key validity. (validate_one_keyblock): Some commentary on whether non-self-signed user IDs belong in the web of trust (arguably, they do).
2024-12-23 10:29:58 +01:00 · 2003-04-30 04:45:25 +00:00 · 2003-04-30 04:45:25 +00:00 · 4b502c70bf
commit 4b502c70bf
parent f09fe68e76
3 changed files with 82 additions and 25 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,20 @@
 2003-04-30  David Shaw  <dshaw@jabberwocky.com>
 	* pkclist.c (do_we_trust_pre): If an untrusted key was chosen by a
 	particular user ID, use that ID as the one to ask about when
 	prompting whether to use the key anyway.
 	(build_pk_list): Similar change here when adding keys to the
 	recipient list.
 	* trustdb.c (update_validity): Fix bug that prevented more than
 	one validity record per trust record.
 	(get_validity): When retrieving validity for a (user) supplied
 	user ID, return the validity for that user ID only, and do not
 	fall back to the general key validity.
 	(validate_one_keyblock): Some commentary on whether
 	non-self-signed user IDs belong in the web of trust (arguably,
 	they do).
 2003-04-29  Werner Koch  <wk@gnupg.org>
 	* sig-check.c (check_key_signature2): Made "no subkey for subkey
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -525,17 +525,23 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
 	return 0;
    if( !opt.batch && !rc ) {
 	char *p;
 	u32 keyid[2];
 	size_t n;
 	keyid_from_pk( pk, keyid);
 	tty_printf( "%4u%c/%08lX %s \"",
 		  nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
 		  (ulong)keyid[1], datestr_from_pk( pk ) );
-	p = get_user_id( keyid, &n );
+	/* If the pk was chosen by a particular user ID, this is the
-	tty_print_utf8_string( p, n ),
+	   one to ask about. */
-	m_free(p);
+	if(pk->user_id)
 	  tty_print_utf8_string(pk->user_id->name,pk->user_id->len);
 	else
 	  {
 	    size_t n;
 	    char *p = get_user_id( keyid, &n );
 	    tty_print_utf8_string( p, n );
 	    m_free(p);
 	  }
 	tty_printf("\"\n");
        print_fingerprint (pk, NULL, 2);
 	tty_printf("\n");
@ -889,8 +895,8 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
 		}
 		else {
 		    int trustlevel;
-
+		    
-		    trustlevel = get_validity (pk, NULL);
+		    trustlevel = get_validity (pk, pk->user_id);
 		    if( (trustlevel & TRUST_FLAG_DISABLED) ) {
 			tty_printf(_("Public key is disabled.\n") );
 		    }
@ -903,8 +909,6 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
 			}
 			else {
 			    PK_LIST r;
 			    char *p;
 			    size_t n;
 			    u32 keyid[2];
 			    keyid_from_pk( pk, keyid);
@ -913,9 +917,16 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
 				       pubkey_letter( pk->pubkey_algo ),
 				       (ulong)keyid[1],
 				       datestr_from_pk( pk ) );
-			    p = get_user_id( keyid, &n );
+			    if(pk->user_id)
-			    tty_print_utf8_string( p, n );
+			      tty_print_utf8_string(pk->user_id->name,
-			    m_free(p);
+						    pk->user_id->len);
 			    else
 			      {
 				size_t n;
 				char *p = get_user_id( keyid, &n );
 				tty_print_utf8_string( p, n );
 				m_free(p);
 			      }
 			    tty_printf("\"\n");
 			    r = m_alloc( sizeof *r );
@ -985,7 +996,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
 	    else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
 		int trustlevel;
-		trustlevel = get_validity (pk, NULL);
+		trustlevel = get_validity (pk, pk->user_id);
 		if( (trustlevel & TRUST_FLAG_DISABLED) ) {
 		    free_public_key(pk); pk = NULL;
 		    log_info(_("%s: skipped: public key is disabled\n"),
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -692,13 +692,13 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
      vrec.rectype = RECTYPE_VALID;
      memcpy (vrec.r.valid.namehash, namehash, 20);
      vrec.r.valid.next = trec.r.trust.validlist;
      trec.r.trust.validlist = vrec.recnum;
    }
  vrec.r.valid.validity = validity;
  vrec.r.valid.full_count = uid->help_full_count;
  vrec.r.valid.marginal_count = uid->help_marginal_count;
  write_record (&vrec);
  trec.r.trust.depth = depth;
  trec.r.trust.validlist = vrec.recnum;
  write_record (&trec);
 }
@ -739,7 +739,6 @@ clear_validity (PKT_public_key *pk)
  return any;
 }
 /***********************************************
 *********  Query trustdb values  **************
 ***********************************************/
@ -804,7 +803,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
      else
 	rmd160_hash_buffer (namehash, uid->name, uid->len );
    }
-  
+
  init_trustdb ();
  if (!did_nextcheck)
    {
@ -861,16 +860,30 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
  while (recno)
    {
      read_record (recno, &vrec, RECTYPE_VALID);
-      if ( validity < (vrec.r.valid.validity & TRUST_MASK) )
+
-        validity = (vrec.r.valid.validity & TRUST_MASK);
+      if(uid)
-      if ( uid && !memcmp (vrec.r.valid.namehash, namehash, 20) )
+	{
-        break;
+	  /* If a user ID is given we return the validity for that
 	     user ID ONLY.  If the namehash is not found, then there
 	     is no validity at all (i.e. the user ID wasn't
 	     signed). */
 	  if(memcmp(vrec.r.valid.namehash,namehash,20)==0)
 	    {
 	      validity=(vrec.r.valid.validity & TRUST_MASK);
 	      break;
 	    }
 	}
      else
 	{
 	  /* If no namehash is given, we take the maximum validity
 	     over all user IDs */
 	  if ( validity < (vrec.r.valid.validity & TRUST_MASK) )
 	    validity = (vrec.r.valid.validity & TRUST_MASK);
 	}
      recno = vrec.r.valid.next;
    }
  if (recno) /* okay, use the user ID associated one */
    validity = (vrec.r.valid.validity & TRUST_MASK);
  if ( (trec.r.trust.ownertrust & TRUST_FLAG_DISABLED) )
    validity |= TRUST_FLAG_DISABLED;
@ -1304,6 +1317,16 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
  keyid_from_pk(pk, main_kid);
  for (node=kb; node; node = node->next)
    {
      /* A bit of discussion here: is it better for the web of trust
 	 to be built among only self-signed uids?  On the one hand, a
 	 self-signed uid is a statement that the key owner definitely
 	 intended that uid to be there, but on the other hand, a
 	 signed (but not self-signed) uid does carry trust, of a sort,
 	 even if it is a statement being made by people other than the
 	 key owner "through" the uids on the key owner's key.  I'm
 	 going with the latter. -dshaw */
      /* && node->pkt->pkt.user_id->created) */
      if (node->pkt->pkttype == PKT_USER_ID)
        {
          if (uidnode && issigned)
@ -1318,13 +1341,19 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
            }
          uidnode = node;
 	  uid=uidnode->pkt->pkt.user_id;
 #if 0
 	  /* If the selfsig is going to expire...  This is disabled as
 	     we do count un-self-signed uids in the web of trust. */
 	  if(uid->expiredate && uid->expiredate<*next_expire)
 	    *next_expire = uid->expiredate;
 #endif
          issigned = 0;
 	  get_validity_counts(pk,uid);
          mark_usable_uid_certs (kb, uidnode, main_kid, klist, 
                                 curtime, next_expire);
        }
-      else if (node->pkt->pkttype == PKT_SIGNATURE 
+      else if (node->pkt->pkttype == PKT_SIGNATURE
-               && (node->flag & (1<<8)) && uid)
+	       && (node->flag & (1<<8)) && uid)
        {
          PKT_signature *sig = node->pkt->pkt.signature;