security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

* gpgv.c (check_trustdb_stale): Stub. 

* trustdb.c (get_validity): Move the up-to-date check to
check_trustdb_stale (new), so that it can be called before validity is
checked.

* keylist.c (list_keyblock_print): Disable the overall key validity
display until it can be thought about more.  Use check_trustdb_stale here
to avoid putting the check warning in the middle of a listed key.

* trustdb.c (init_trustdb): Only verify_own_keys() for those trust models
that it applies to (i.e. classic and OpenPGP).
This commit is contained in:
David Shaw 2003-09-30 15:30:39 +00:00
parent 8062cb418a
commit 52100b459a
5 changed files with 71 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
g10/ChangeLog
View File

@ -1,3 +1,19 @@
2003-09-30 David Shaw <dshaw@jabberwocky.com>
* gpgv.c (check_trustdb_stale): Stub.
* trustdb.c (get_validity): Move the up-to-date check to
check_trustdb_stale (new), so that it can be called before
validity is checked.
* keylist.c (list_keyblock_print): Disable the overall key
validity display until it can be thought about more. Use
check_trustdb_stale here to avoid putting the check warning in the
middle of a listed key.
* trustdb.c (init_trustdb): Only verify_own_keys() for those trust
models that it applies to (i.e. classic and OpenPGP).
2003-09-29 Werner Koch <wk@gnupg.org>
* keygen.c (do_add_key_flags, parse_parameter_usage): Add support

3
g10/gpgv.c
View File

@ -242,6 +242,9 @@ cache_disabled_value(PKT_public_key *pk)
return 0;
}
void
check_trustdb_stale(void) {}
int
get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
{

11
g10/keylist.c
View File

@ -622,12 +622,18 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
}
else
{
#if 0
int validity;
#endif
pk = node->pkt->pkt.public_key;
sk = NULL;
keyid_from_pk( pk, keyid );
#if 0
validity=get_validity(pk,NULL);
#endif
check_trustdb_stale();
printf("pub %4u%c/",
nbits_from_pk(pk),pubkey_letter(pk->pubkey_algo));
@ -644,8 +650,13 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
if(newformat && pk->expiredate)
printf(_(" [expires: %s]"), expirestr_from_pk( pk ) );
#if 0
/* I need to think about this some more. It's easy enough to
include, but it looks sort of confusing in the
listing... */
if(opt.list_options&LIST_SHOW_VALIDITY)
printf(" [%s]",trust_value_to_string(validity));
#endif
}
for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {

80
g10/trustdb.c
View File

@ -406,7 +406,6 @@ setup_trustdb( int level, const char *dbname )
void
init_trustdb()
{
int rc=0;
int level = trustdb_args.level;
const char* dbname = trustdb_args.dbname;
@ -415,26 +414,14 @@ init_trustdb()
trustdb_args.init = 1;
if ( !level || level==1)
if(level==0 || level==1)
{
rc = tdbio_set_dbname( dbname, !!level );
if( !rc )
{
if( !level )
return;
/* verify that our own keys are in the trustDB
* or move them to the trustdb. */
verify_own_keys();
/* should we check whether there is no other ultimately trusted
* key in the database? */
}
int rc = tdbio_set_dbname( dbname, !!level );
if( rc )
log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
}
else
BUG();
if( rc )
log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
if(opt.trust_model==TM_AUTO)
{
@ -443,7 +430,7 @@ init_trustdb()
opt.trust_model=tdbio_read_model();
/* Sanity check this ;) */
if(opt.trust_model!=TM_PGP && opt.trust_model!=TM_CLASSIC)
if(opt.trust_model!=TM_CLASSIC && opt.trust_model!=TM_PGP)
{
log_info(_("unable to use unknown trust model (%d) - "
"assuming %s trust model\n"),opt.trust_model,"PGP");
@ -454,14 +441,19 @@ init_trustdb()
log_info(_("using %s trust model\n"),trust_model_string());
}
if((opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
&& !tdbio_db_matches_options())
pending_check_trustdb=1;
if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
{
/* Verify the list of ultimately trusted keys and move the
--trusted-keys list there as well. */
if(level==1)
verify_own_keys();
if(!tdbio_db_matches_options())
pending_check_trustdb=1;
}
}
/***********************************************
************* Print helpers ****************
***********************************************/
@ -1007,24 +999,10 @@ cache_disabled_value(PKT_public_key *pk)
return disabled;
}
/*
* Return the validity information for PK. If the namehash is not
* NULL, the validity of the corresponsing user ID is returned,
* otherwise, a reasonable value for the entire key is returned.
*/
unsigned int
get_validity (PKT_public_key *pk, PKT_user_id *uid)
void
check_trustdb_stale(void)
{
static int did_nextcheck;
TRUSTREC trec, vrec;
int rc;
ulong recno;
unsigned int validity;
u32 kid[2];
PKT_public_key *main_pk;
if(uid)
namehash_from_uid(uid);
static int did_nextcheck=0;
init_trustdb ();
if (!did_nextcheck
@ -1048,6 +1026,28 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
}
}
}
}
/*
* Return the validity information for PK. If the namehash is not
* NULL, the validity of the corresponsing user ID is returned,
* otherwise, a reasonable value for the entire key is returned.
*/
unsigned int
get_validity (PKT_public_key *pk, PKT_user_id *uid)
{
TRUSTREC trec, vrec;
int rc;
ulong recno;
unsigned int validity;
u32 kid[2];
PKT_public_key *main_pk;
if(uid)
namehash_from_uid(uid);
init_trustdb ();
check_trustdb_stale();
keyid_from_pk (pk, kid);
if (pk->main_keyid[0] != kid[0] || pk->main_keyid[1] != kid[1])

1
g10/trustdb.h
View File

@ -44,6 +44,7 @@ void check_trustdb (void);
void update_trustdb (void);
int setup_trustdb( int level, const char *dbname );
void init_trustdb( void );
void check_trustdb_stale(void);
void sync_trustdb( void );
const char *trust_value_to_string (unsigned int value);