mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
gpg: Allow building without any trust model support.
* configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
This commit is contained in:
Werner Koch
parent
ea7f895319
commit
62fb86c658
23 changed files with 960 additions and 650 deletions
|
|
@ -81,7 +81,9 @@ static int menu_revsig (KBNODE keyblock);
|
|||
static int menu_revuid (KBNODE keyblock);
|
||||
static int menu_revkey (KBNODE pub_keyblock);
|
||||
static int menu_revsubkey (KBNODE pub_keyblock);
|
||||
#ifndef NO_TRUST_MODELS
|
||||
static int enable_disable_key (KBNODE keyblock, int disable);
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
static void menu_showphoto (KBNODE keyblock);
|
||||
|
||||
static int update_trust = 0;
|
||||
|
|
@ -1305,7 +1307,11 @@ enum cmdids
|
|||
cmdREVSIG, cmdREVKEY, cmdREVUID, cmdDELSIG, cmdPRIMARY, cmdDEBUG,
|
||||
cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdADDKEY, cmdDELKEY,
|
||||
cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
|
||||
cmdEXPIRE, cmdBACKSIGN, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
|
||||
cmdEXPIRE, cmdBACKSIGN,
|
||||
#ifndef NO_TRUST_MODELS
|
||||
cmdENABLEKEY, cmdDISABLEKEY,
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
cmdSHOWPREF,
|
||||
cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
|
||||
cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCHECKBKUPKEY,
|
||||
cmdCLEAN, cmdMINIMIZE, cmdNOP
|
||||
|
|
@ -1384,7 +1390,9 @@ static struct
|
|||
{ "passwd", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
|
||||
N_("change the passphrase")},
|
||||
{ "password", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
|
||||
#ifndef NO_TRUST_MODELS
|
||||
{ "trust", cmdTRUST, KEYEDIT_NOT_SK, N_("change the ownertrust")},
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
{ "revsig", cmdREVSIG, KEYEDIT_NOT_SK,
|
||||
N_("revoke signatures on the selected user IDs")},
|
||||
{ "revuid", cmdREVUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
|
||||
|
|
@ -1392,8 +1400,10 @@ static struct
|
|||
{ "revphoto", cmdREVUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
|
||||
{ "revkey", cmdREVKEY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
|
||||
N_("revoke key or selected subkeys")},
|
||||
#ifndef NO_TRUST_MODELS
|
||||
{ "enable", cmdENABLEKEY, KEYEDIT_NOT_SK, N_("enable key")},
|
||||
{ "disable", cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key")},
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
{ "showphoto", cmdSHOWPHOTO, 0, N_("show selected photo IDs")},
|
||||
{ "clean", cmdCLEAN, KEYEDIT_NOT_SK,
|
||||
N_("compact unusable user IDs and remove unusable signatures from key")},
|
||||
|
|
@ -2059,6 +2069,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
|||
change_passphrase (ctrl, keyblock);
|
||||
break;
|
||||
|
||||
#ifndef NO_TRUST_MODELS
|
||||
case cmdTRUST:
|
||||
if (opt.trust_model == TM_EXTERNAL)
|
||||
{
|
||||
|
|
@ -2080,6 +2091,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
|||
update_trust = 1;
|
||||
}
|
||||
break;
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
|
||||
case cmdPREF:
|
||||
{
|
||||
|
|
@ -2158,6 +2170,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
|||
}
|
||||
break;
|
||||
|
||||
#ifndef NO_TRUST_MODELS
|
||||
case cmdENABLEKEY:
|
||||
case cmdDISABLEKEY:
|
||||
if (enable_disable_key (keyblock, cmd == cmdDISABLEKEY))
|
||||
|
|
@ -2166,6 +2179,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
|||
modified = 1;
|
||||
}
|
||||
break;
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
|
||||
case cmdSHOWPHOTO:
|
||||
menu_showphoto (keyblock);
|
||||
|
|
@ -4837,12 +4851,14 @@ menu_revuid (KBNODE pub_keyblock)
|
|||
pkt->pkt.signature = sig;
|
||||
insert_kbnode (node, new_kbnode (pkt), 0);
|
||||
|
||||
#ifndef NO_TRUST_MODELS
|
||||
/* If the trustdb has an entry for this key+uid then the
|
||||
trustdb needs an update. */
|
||||
if (!update_trust
|
||||
&& (get_validity (pk, uid) & TRUST_MASK) >=
|
||||
TRUST_UNDEFINED)
|
||||
update_trust = 1;
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
|
||||
changed = 1;
|
||||
node->pkt->pkt.user_id->is_revoked = 1;
|
||||
|
|
@ -4978,6 +4994,7 @@ menu_revsubkey (KBNODE pub_keyblock)
|
|||
enabling or disabling a key. This is arguably sub-optimal as
|
||||
disabled keys are still counted in the web of trust, but perhaps
|
||||
not worth adding extra complexity to change. -ds */
|
||||
#ifndef NO_TRUST_MODELS
|
||||
static int
|
||||
enable_disable_key (KBNODE keyblock, int disable)
|
||||
{
|
||||
|
|
@ -4994,6 +5011,7 @@ enable_disable_key (KBNODE keyblock, int disable)
|
|||
update_ownertrust (pk, newtrust);
|
||||
return 0;
|
||||
}
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
|
||||
|
||||
static void
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue