mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Exclude expired trusted keys from the key validation process.
* g10/trustdb.c (copy_key_item): New. (validate_keys): Use a stripped down UTK list w/o expired keys. -- This patch makes sure that an expired trusted key is not used for trust computation. The test case is to delete a trusted key from the keyring, import a copy of that key which has already expired, check that a signed key is not anymore fully trusted and finally import a prolonged version of the trusted key and check that the signed key is now again fully trusted. GnuPG-bug-id: 7200
This commit is contained in:
parent
23d4e7f0a7
commit
79ab52ff42
@ -95,6 +95,24 @@ new_key_item (void)
|
|||||||
return k;
|
return k;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static struct key_item *
|
||||||
|
copy_key_item (struct key_item *k0)
|
||||||
|
{
|
||||||
|
struct key_item *k;
|
||||||
|
|
||||||
|
k = xmalloc_clear (sizeof *k);
|
||||||
|
k->ownertrust = k0->ownertrust;
|
||||||
|
k->min_ownertrust = k0->min_ownertrust;
|
||||||
|
k->trust_depth = k0->trust_depth;
|
||||||
|
k->trust_value = k0->trust_value;
|
||||||
|
if (k0->trust_regexp)
|
||||||
|
k->trust_regexp = xstrdup (k0->trust_regexp);
|
||||||
|
k->kid[0] = k0->kid[0];
|
||||||
|
k->kid[1] = k0->kid[1];
|
||||||
|
|
||||||
|
return k;
|
||||||
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
release_key_items (struct key_item *k)
|
release_key_items (struct key_item *k)
|
||||||
{
|
{
|
||||||
@ -2138,6 +2156,7 @@ validate_keys (ctrl_t ctrl, int interactive)
|
|||||||
{
|
{
|
||||||
int rc = 0;
|
int rc = 0;
|
||||||
int quit=0;
|
int quit=0;
|
||||||
|
struct key_item *valid_utk_list = NULL;
|
||||||
struct key_item *klist = NULL;
|
struct key_item *klist = NULL;
|
||||||
struct key_item *k;
|
struct key_item *k;
|
||||||
struct key_array *keys = NULL;
|
struct key_array *keys = NULL;
|
||||||
@ -2170,18 +2189,12 @@ validate_keys (ctrl_t ctrl, int interactive)
|
|||||||
/* Step 1 */
|
/* Step 1 */
|
||||||
/* Fixme: Instead of always building a UTK list, we could just build it
|
/* Fixme: Instead of always building a UTK list, we could just build it
|
||||||
* here when needed */
|
* here when needed */
|
||||||
if (!utk_list)
|
|
||||||
{
|
|
||||||
if (!opt.quiet)
|
|
||||||
log_info (_("no ultimately trusted keys found\n"));
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* mark all UTKs as used and fully_trusted and set validity to
|
/* Mark all usable UTKs as used and fully_trusted and set validity
|
||||||
ultimate */
|
* to ultimate. Create a list of these UTKs for further processing. */
|
||||||
for (k=utk_list; k; k = k->next)
|
for (k=utk_list; k; k = k->next)
|
||||||
{
|
{
|
||||||
KBNODE keyblock;
|
kbnode_t keyblock;
|
||||||
PKT_public_key *pk;
|
PKT_public_key *pk;
|
||||||
|
|
||||||
keyblock = get_pubkeyblock (ctrl, k->kid);
|
keyblock = get_pubkeyblock (ctrl, k->kid);
|
||||||
@ -2192,6 +2205,19 @@ validate_keys (ctrl_t ctrl, int interactive)
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
pk = keyblock->pkt->pkt.public_key;
|
pk = keyblock->pkt->pkt.public_key;
|
||||||
|
if (pk->has_expired)
|
||||||
|
{
|
||||||
|
log_error (_("Note: ultimately trusted key %s expired\n"),
|
||||||
|
keystr(k->kid));
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
struct key_item *ki = copy_key_item (k);
|
||||||
|
ki->next = valid_utk_list;
|
||||||
|
valid_utk_list = ki;
|
||||||
|
}
|
||||||
|
|
||||||
mark_keyblock_seen (used, keyblock);
|
mark_keyblock_seen (used, keyblock);
|
||||||
mark_keyblock_seen (full_trust, keyblock);
|
mark_keyblock_seen (full_trust, keyblock);
|
||||||
for (node=keyblock; node; node = node->next)
|
for (node=keyblock; node; node = node->next)
|
||||||
@ -2213,7 +2239,13 @@ validate_keys (ctrl_t ctrl, int interactive)
|
|||||||
if (opt.trust_model == TM_TOFU)
|
if (opt.trust_model == TM_TOFU)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
klist = utk_list;
|
if (!valid_utk_list)
|
||||||
|
{
|
||||||
|
if (!opt.quiet)
|
||||||
|
log_info (_("no ultimately trusted keys found\n"));
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
klist = valid_utk_list;
|
||||||
|
|
||||||
if (!opt.quiet)
|
if (!opt.quiet)
|
||||||
log_info ("marginals needed: %d completes needed: %d trust model: %s\n",
|
log_info ("marginals needed: %d completes needed: %d trust model: %s\n",
|
||||||
@ -2286,7 +2318,7 @@ validate_keys (ctrl_t ctrl, int interactive)
|
|||||||
valids++;
|
valids++;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Step 4: Find all keys which are signed by a key in kdlist */
|
/* Step 4: Find all keys which are signed by a key in klist */
|
||||||
keys = validate_key_list (ctrl, kdb, full_trust, klist,
|
keys = validate_key_list (ctrl, kdb, full_trust, klist,
|
||||||
start_time, &next_expire);
|
start_time, &next_expire);
|
||||||
if (!keys)
|
if (!keys)
|
||||||
@ -2312,8 +2344,8 @@ validate_keys (ctrl_t ctrl, int interactive)
|
|||||||
depth, valids, key_count, ot_unknown, ot_undefined,
|
depth, valids, key_count, ot_unknown, ot_undefined,
|
||||||
ot_never, ot_marginal, ot_full, ot_ultimate );
|
ot_never, ot_marginal, ot_full, ot_ultimate );
|
||||||
|
|
||||||
/* Step 8: Build a new kdlist from all fully valid keys in KEYS */
|
/* Step 8: Build a new klist from all fully valid keys in KEYS */
|
||||||
if (klist != utk_list)
|
if (klist != valid_utk_list)
|
||||||
release_key_items (klist);
|
release_key_items (klist);
|
||||||
klist = NULL;
|
klist = NULL;
|
||||||
for (kar=keys; kar->keyblock; kar++)
|
for (kar=keys; kar->keyblock; kar++)
|
||||||
@ -2366,8 +2398,9 @@ validate_keys (ctrl_t ctrl, int interactive)
|
|||||||
leave:
|
leave:
|
||||||
keydb_release (kdb);
|
keydb_release (kdb);
|
||||||
release_key_array (keys);
|
release_key_array (keys);
|
||||||
if (klist != utk_list)
|
if (klist != valid_utk_list)
|
||||||
release_key_items (klist);
|
release_key_items (klist);
|
||||||
|
release_key_items (valid_utk_list);
|
||||||
release_key_hash_table (full_trust);
|
release_key_hash_table (full_trust);
|
||||||
release_key_hash_table (used);
|
release_key_hash_table (used);
|
||||||
if (!rc && !quit) /* mark trustDB as checked */
|
if (!rc && !quit) /* mark trustDB as checked */
|
||||||
|
Loading…
x
Reference in New Issue
Block a user