security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: Pass CTRL to many more functions. 

--

For proper operations as a server we need to avoid global variables.
Thus we need to pass the session state CTRL to most functions.  Quite
a lot of changes but fortunately straightforward to do.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-03-31 20:03:52 +02:00
parent 5e89144cbc
commit 8f2671d2cc
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
38 changed files with 885 additions and 751 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
g10/call-agent.c
View File

@ -160,7 +160,8 @@ default_inq_cb (void *opaque, const char *line)
char buf[32];
if (parm->keyinfo.keyid)
emit_status_need_passphrase (parm->keyinfo.keyid,
emit_status_need_passphrase (parm->ctrl,
parm->keyinfo.keyid,
parm->keyinfo.mainkeyid,
parm->keyinfo.pubkey_algo);

2
g10/call-dirmngr.c
View File

@ -1068,7 +1068,7 @@ gpg_dirmngr_ks_put (ctrl_t ctrl, void *data, size_t datalen, kbnode_t keyblock)
/* We are going to parse the keyblock, thus we better make sure the
all information is readily available. */
if (keyblock)
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
err = open_context (ctrl, &ctx);
if (err)

23
g10/card-util.c
View File

@ -362,7 +362,8 @@ fpr_is_ff (const char *fpr)
/* Print all available information about the current card. */
static void
current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
current_card_status (ctrl_t ctrl, estream_t fp,
char *serialno, size_t serialnobuflen)
{
struct agent_card_info_s info;
PKT_public_key *pk = xcalloc (1, sizeof *pk);
@ -609,9 +610,9 @@ current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
/* If the fingerprint is all 0xff, the key has no asssociated
OpenPGP certificate. */
if ( thefpr && !fpr_is_ff (thefpr)
&& !get_pubkey_byfprint (pk, &keyblock, thefpr, 20))
&& !get_pubkey_byfprint (ctrl, pk, &keyblock, thefpr, 20))
{
print_pubkey_info (fp, pk);
print_pubkey_info (ctrl, fp, pk);
if (keyblock)
print_card_key_info (fp, keyblock);
}
@ -629,7 +630,7 @@ current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
Print all available information for current card when SERIALNO is NULL.
Or print llfor all cards when SERIALNO is "all". */
void
card_status (estream_t fp, const char *serialno)
card_status (ctrl_t ctrl, estream_t fp, const char *serialno)
{
int err;
strlist_t card_list, sl;
@ -638,7 +639,7 @@ card_status (estream_t fp, const char *serialno)
if (serialno == NULL)
{
current_card_status (fp, NULL, 0);
current_card_status (ctrl, fp, NULL, 0);
return;
}
@ -673,7 +674,7 @@ card_status (estream_t fp, const char *serialno)
continue;
}
current_card_status (fp, NULL, 0);
current_card_status (ctrl, fp, NULL, 0);
xfree (serialno1);
if (!all_cards)
@ -1510,7 +1511,7 @@ generate_card_keys (ctrl_t ctrl)
/* This function is used by the key edit menu to generate an arbitrary
subkey. */
gpg_error_t
card_generate_subkey (KBNODE pub_keyblock)
card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock)
{
gpg_error_t err;
struct agent_card_info_s info;
@ -1581,7 +1582,7 @@ card_generate_subkey (KBNODE pub_keyblock)
the serialnumber and thus it won't harm. */
}
err = generate_card_subkeypair (pub_keyblock, keyno, info.serialno);
err = generate_card_subkeypair (ctrl, pub_keyblock, keyno, info.serialno);
leave:
agent_release_card_info (&info);
@ -1987,12 +1988,14 @@ card_edit (ctrl_t ctrl, strlist_t commands)
{
if (opt.with_colons)
{
current_card_status (es_stdout, serialnobuf, DIM (serialnobuf));
current_card_status (ctrl, es_stdout,
serialnobuf, DIM (serialnobuf));
fflush (stdout);
}
else
{
current_card_status (NULL, serialnobuf, DIM (serialnobuf));
current_card_status (ctrl, NULL,
serialnobuf, DIM (serialnobuf));
tty_printf("\n");
}
redisplay = 0;

20
g10/delkey.c
View File

@ -47,7 +47,8 @@
* key can't be deleted for that reason.
*/
static gpg_error_t
do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
int *r_sec_avail)
{
gpg_error_t err;
kbnode_t keyblock = NULL;
@ -137,9 +138,9 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
else
{
if (secret)
print_seckey_info (pk);
print_seckey_info (ctrl, pk);
else
print_pubkey_info (NULL, pk );
print_pubkey_info (ctrl, NULL, pk );
tty_printf( "\n" );
yes = cpr_get_answer_is_yes
@ -180,7 +181,8 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key))
continue; /* No secret key for that public (sub)key. */
prompt = gpg_format_keydesc (node->pkt->pkt.public_key,
prompt = gpg_format_keydesc (ctrl,
node->pkt->pkt.public_key,
FORMAT_KEYDESC_DELKEY, 1);
err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip);
/* NB: We require --yes to advise the agent not to
@ -232,7 +234,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
revalidation_mark(). This makes sense - only deleting keys
that have ownertrust set should trigger this. */
if (!secret && pk && clear_ownertrusts (pk))
if (!secret && pk && clear_ownertrusts (ctrl, pk))
{
if (opt.verbose)
log_info (_("ownertrust information cleared\n"));
@ -249,7 +251,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
* Delete a public or secret key from a keyring.
*/
gpg_error_t
delete_keys (strlist_t names, int secret, int allow_both)
delete_keys (ctrl_t ctrl, strlist_t names, int secret, int allow_both)
{
gpg_error_t err;
int avail;
@ -260,14 +262,14 @@ delete_keys (strlist_t names, int secret, int allow_both)
for ( ;names ; names=names->next )
{
err = do_delete_key (names->d, secret, force, &avail);
err = do_delete_key (ctrl, names->d, secret, force, &avail);
if (err && avail)
{
if (allow_both)
{
err = do_delete_key (names->d, 1, 0, &avail);
err = do_delete_key (ctrl, names->d, 1, 0, &avail);
if (!err)
err = do_delete_key (names->d, 0, 0, &avail);
err = do_delete_key (ctrl, names->d, 0, 0, &avail);
}
else
{

17
g10/encrypt.c
View File

@ -41,7 +41,8 @@
static int encrypt_simple( const char *filename, int mode, int use_seskey );
static int write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, iobuf_t out );
static int write_pubkey_enc_from_list (ctrl_t ctrl,
PK_LIST pk_list, DEK *dek, iobuf_t out);
/****************
* Encrypt FILENAME with only the symmetric cipher. Take input from
@ -634,7 +635,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
if (DBG_CRYPTO)
log_printhex ("DEK is: ", cfx.dek->key, cfx.dek->keylen );
rc = write_pubkey_enc_from_list (pk_list, cfx.dek, out);
rc = write_pubkey_enc_from_list (ctrl, pk_list, cfx.dek, out);
if (rc)
goto leave;
@ -828,7 +829,8 @@ encrypt_filter (void *opaque, int control,
if (DBG_CRYPTO)
log_printhex ("DEK is: ", efx->cfx.dek->key, efx->cfx.dek->keylen);
rc = write_pubkey_enc_from_list (efx->pk_list, efx->cfx.dek, a);
rc = write_pubkey_enc_from_list (efx->ctrl,
efx->pk_list, efx->cfx.dek, a);
if (rc)
return rc;
@ -864,7 +866,8 @@ encrypt_filter (void *opaque, int control,
* Write a pubkey-enc packet for the public key PK to OUT.
*/
int
write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
write_pubkey_enc (ctrl_t ctrl,
PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
{
PACKET pkt;
PKT_pubkey_enc *enc;
@ -899,7 +902,7 @@ write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
{
if ( opt.verbose )
{
char *ustr = get_user_id_string_native (enc->keyid);
char *ustr = get_user_id_string_native (ctrl, enc->keyid);
log_info (_("%s/%s encrypted for: \"%s\"\n"),
openpgp_pk_algo_name (enc->pubkey_algo),
openpgp_cipher_algo_name (dek->algo),
@ -924,7 +927,7 @@ write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
* Write pubkey-enc packets from the list of PKs to OUT.
*/
static int
write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out)
write_pubkey_enc_from_list (ctrl_t ctrl, PK_LIST pk_list, DEK *dek, iobuf_t out)
{
if (opt.throw_keyids && (PGP6 || PGP7 || PGP8))
{
@ -937,7 +940,7 @@ write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out)
{
PKT_public_key *pk = pk_list->pk;
int throw_keyid = (opt.throw_keyids || (pk_list->flags&1));
int rc = write_pubkey_enc (pk, throw_keyid, dek, out);
int rc = write_pubkey_enc (ctrl, pk, throw_keyid, dek, out);
if (rc)
return rc;
}

28
g10/export.c
View File

@ -1188,7 +1188,7 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
if (opt.verbose)
log_info ("key %s: asking agent for the secret parts\n", hexgrip);
prompt = gpg_format_keydesc (pk, FORMAT_KEYDESC_EXPORT,1);
prompt = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_EXPORT,1);
err = agent_export_key (ctrl, hexgrip, prompt, !cleartext, cache_nonce_addr,
&wrappedkey, &wrappedkeylen);
xfree (prompt);
@ -1336,15 +1336,19 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor,
* KEYBLOCK must not have any blocks marked as deleted.
*/
static void
apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
apply_keep_uid_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
{
kbnode_t node;
struct impex_filter_parm_s parm;
parm.ctrl = ctrl;
for (node = keyblock->next; node; node = node->next )
{
if (node->pkt->pkttype == PKT_USER_ID)
{
if (!recsel_select (selector, impex_filter_getval, node))
parm.node = node;
if (!recsel_select (selector, impex_filter_getval, &parm))
{
/* log_debug ("keep-uid: deleting '%s'\n", */
/* node->pkt->pkt.user_id->name); */
@ -1372,16 +1376,21 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
* KEYBLOCK must not have any blocks marked as deleted.
*/
static void
apply_drop_subkey_filter (kbnode_t keyblock, recsel_expr_t selector)
apply_drop_subkey_filter (ctrl_t ctrl, kbnode_t keyblock,
recsel_expr_t selector)
{
kbnode_t node;
struct impex_filter_parm_s parm;
parm.ctrl = ctrl;
for (node = keyblock->next; node; node = node->next )
{
if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| node->pkt->pkttype == PKT_SECRET_SUBKEY)
{
if (recsel_select (selector, impex_filter_getval, node))
parm.node = node;
if (recsel_select (selector, impex_filter_getval, &parm))
{
/*log_debug ("drop-subkey: deleting a key\n");*/
/* The subkey packet and all following packets up to the
@ -1990,19 +1999,20 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret,
* UID sigs (0x10, 0x11, 0x12, and 0x13). A designated
* revocation is never stripped, even with export-minimal set. */
if ((options & EXPORT_CLEAN))
clean_key (keyblock, opt.verbose, (options&EXPORT_MINIMAL), NULL, NULL);
clean_key (ctrl, keyblock, opt.verbose,
(options&EXPORT_MINIMAL), NULL, NULL);
if (export_keep_uid)
{
commit_kbnode (&keyblock);
apply_keep_uid_filter (keyblock, export_keep_uid);
apply_keep_uid_filter (ctrl, keyblock, export_keep_uid);
commit_kbnode (&keyblock);
}
if (export_drop_subkey)
{
commit_kbnode (&keyblock);
apply_drop_subkey_filter (keyblock, export_drop_subkey);
apply_drop_subkey_filter (ctrl, keyblock, export_drop_subkey);
commit_kbnode (&keyblock);
}
@ -2139,7 +2149,7 @@ export_ssh_key (ctrl_t ctrl, const char *userid)
1 /* No AKL lookup. */);
if (!err)
{
err = getkey_next (getkeyctx, NULL, NULL);
err = getkey_next (ctrl, getkeyctx, NULL, NULL);
if (!err)
err = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
else if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY)

140
g10/getkey.c
View File

@ -139,10 +139,9 @@ typedef struct user_id_db
static user_id_db_t user_id_db;
static int uid_cache_entries; /* Number of entries in uid cache. */
static void merge_selfsigs (kbnode_t keyblock);
static int lookup (getkey_ctx_t ctx,
kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
int want_secret);
static void merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock);
static int lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
kbnode_t *ret_keyblock, kbnode_t *ret_found_key);
static kbnode_t finish_lookup (kbnode_t keyblock,
unsigned int req_usage, int want_exact,
unsigned int *r_flags);
@ -532,7 +531,7 @@ get_pubkeys (ctrl_t ctrl,
err = get_pubkey_byname (ctrl, &ctx, pk, search_terms, &kb, NULL,
include_unusable, 1);
else
err = getkey_next (ctx, pk, &kb);
err = getkey_next (ctrl, ctx, pk, &kb);
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
/* No more results. */
@ -697,7 +696,7 @@ pk_from_block (PKT_public_key *pk, kbnode_t keyblock, kbnode_t found_key)
* has definitely been merged into the public key using
* merge_selfsigs. */
int
get_pubkey (PKT_public_key * pk, u32 * keyid)
get_pubkey (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid)
{
int internal = 0;
int rc = 0;
@ -748,7 +747,7 @@ get_pubkey (PKT_public_key * pk, u32 * keyid)
ctx.items[0].u.kid[0] = keyid[0];
ctx.items[0].u.kid[1] = keyid[1];
ctx.req_usage = pk->req_usage;
rc = lookup (&ctx, &kb, &found_key, 0);
rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
if (!rc)
{
pk_from_block (pk, kb, found_key);
@ -852,7 +851,7 @@ get_pubkey_fast (PKT_public_key * pk, u32 * keyid)
* The self-signed data has already been merged into the public key
* using merge_selfsigs. */
kbnode_t
get_pubkeyblock (u32 * keyid)
get_pubkeyblock (ctrl_t ctrl, u32 * keyid)
{
struct getkey_ctx_s ctx;
int rc = 0;
@ -868,7 +867,7 @@ get_pubkeyblock (u32 * keyid)
ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID;
ctx.items[0].u.kid[0] = keyid[0];
ctx.items[0].u.kid[1] = keyid[1];
rc = lookup (&ctx, &keyblock, NULL, 0);
rc = lookup (ctrl, &ctx, 0, &keyblock, NULL);
getkey_end (&ctx);
return rc ? NULL : keyblock;
@ -893,7 +892,7 @@ get_pubkeyblock (u32 * keyid)
* The self-signed data has already been merged into the public key
* using merge_selfsigs. */
gpg_error_t
get_seckey (PKT_public_key *pk, u32 *keyid)
get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid)
{
gpg_error_t err;
struct getkey_ctx_s ctx;
@ -911,7 +910,7 @@ get_seckey (PKT_public_key *pk, u32 *keyid)
ctx.items[0].u.kid[0] = keyid[0];
ctx.items[0].u.kid[1] = keyid[1];
ctx.req_usage = pk->req_usage;
err = lookup (&ctx, &keyblock, &found_key, 1);
err = lookup (ctrl, &ctx, 1, &keyblock, &found_key);
if (!err)
{
pk_from_block (pk, keyblock, found_key);
@ -933,15 +932,14 @@ get_seckey (PKT_public_key *pk, u32 *keyid)
/* Skip unusable keys. A key is unusable if it is revoked, expired or
disabled or if the selected user id is revoked or expired. */
static int
skip_unusable (void *dummy, u32 * keyid, int uid_no)
skip_unusable (void *opaque, u32 * keyid, int uid_no)
{
ctrl_t ctrl = opaque;
int unusable = 0;
KBNODE keyblock;
PKT_public_key *pk;
(void) dummy;
keyblock = get_pubkeyblock (keyid);
keyblock = get_pubkeyblock (ctrl, keyid);
if (!keyblock)
{
log_error ("error checking usability status of %s\n", keystr (keyid));
@ -1034,7 +1032,7 @@ leave:
returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY
(if want_secret is set) is returned if the key is not found. */
static int
key_byname (GETKEY_CTX *retctx, strlist_t namelist,
key_byname (ctrl_t ctrl, GETKEY_CTX *retctx, strlist_t namelist,
PKT_public_key *pk,
int want_secret, int include_unusable,
KBNODE * ret_kb, KEYDB_HANDLE * ret_kdbhd)
@ -1063,7 +1061,10 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
ctx->nitems = 1;
ctx->items[0].mode = KEYDB_SEARCH_MODE_FIRST;
if (!include_unusable)
ctx->items[0].skipfnc = skip_unusable;
{
ctx->items[0].skipfnc = skip_unusable;
ctx->items[0].skipfncvalue = ctrl;
}
}
else
{
@ -1096,7 +1097,10 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR16
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR20
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR)
ctx->items[n].skipfnc = skip_unusable;
{
ctx->items[n].skipfnc = skip_unusable;
ctx->items[n].skipfncvalue = ctrl;
}
}
}
@ -1117,7 +1121,7 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
ctx->req_usage = pk->req_usage;
}
rc = lookup (ctx, ret_kb, &found_key, want_secret);
rc = lookup (ctrl, ctx, want_secret, ret_kb, &found_key);
if (!rc && pk)
{
pk_from_block (pk, *ret_kb, found_key);
@ -1273,7 +1277,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
* only try the local keyring). In this case, lookup NAME in
* the local keyring. */
add_to_strlist (&namelist, name);
rc = key_byname (retctx, namelist, pk, 0,
rc = key_byname (ctrl, retctx, namelist, pk, 0,
include_unusable, ret_keyblock, ret_kdbhd);
}
@ -1310,7 +1314,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
*retctx = NULL;
}
add_to_strlist (&namelist, name);
rc = key_byname (anylocalfirst ? retctx : NULL,
rc = key_byname (ctrl, anylocalfirst ? retctx : NULL,
namelist, pk, 0,
include_unusable, ret_keyblock, ret_kdbhd);
break;
@ -1427,7 +1431,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
getkey_end (*retctx);
*retctx = NULL;
}
rc = key_byname (anylocalfirst ? retctx : NULL,
rc = key_byname (ctrl, anylocalfirst ? retctx : NULL,
namelist, pk, 0,
include_unusable, ret_keyblock, ret_kdbhd);
}
@ -1596,7 +1600,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
struct pubkey_cmp_cookie new;
kbnode_t new_keyblock;
while (getkey_next (ctx, &new.key, &new_keyblock) == 0)
while (getkey_next (ctrl, ctx, &new.key, &new_keyblock) == 0)
{
int diff = pubkey_cmp (ctrl, name, &best, &new, new_keyblock);
release_kbnode (new_keyblock);
@ -1656,7 +1660,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
{
release_kbnode (*ret_keyblock);
*ret_keyblock = NULL;
rc = getkey_next (ctx, NULL, ret_keyblock);
rc = getkey_next (ctrl, ctx, NULL, ret_keyblock);
}
}
}
@ -1718,7 +1722,7 @@ get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname)
{
/* Warning: node flag bits 0 and 1 should be preserved by
* merge_selfsigs. FIXME: Check whether this still holds. */
merge_selfsigs (keyblock);
merge_selfsigs (ctrl, keyblock);
found_key = finish_lookup (keyblock, pk->req_usage, 0, &infoflags);
print_status_key_considered (keyblock, infoflags);
if (found_key)
@ -1761,7 +1765,7 @@ get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname)
* be done by creating a userID conforming to the unified fingerprint
* style. */
int
get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock,
const byte * fprint, size_t fprint_len)
{
int rc;
@ -1786,7 +1790,7 @@ get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16
: KEYDB_SEARCH_MODE_FPR20;
memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
rc = lookup (&ctx, &kb, &found_key, 0);
rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
if (!rc && pk)
pk_from_block (pk, kb, found_key);
if (!rc && r_keyblock)
@ -1911,7 +1915,7 @@ parse_def_secret_key (ctrl_t ctrl)
continue;
}
merge_selfsigs (kb);
merge_selfsigs (ctrl, kb);
err = gpg_error (GPG_ERR_NO_SECKEY);
node = kb;
@ -2024,7 +2028,7 @@ get_seckey_default (ctrl_t ctrl, PKT_public_key *pk)
else
include_unusable = 0;
err = key_byname (NULL, namelist, pk, 1, include_unusable, NULL, NULL);
err = key_byname (ctrl, NULL, namelist, pk, 1, include_unusable, NULL, NULL);
free_strlist (namelist);
@ -2069,10 +2073,10 @@ get_seckey_default (ctrl_t ctrl, PKT_public_key *pk)
* returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY
* (if want_secret is set) is returned if the key is not found. */
gpg_error_t
getkey_bynames (getkey_ctx_t *retctx, PKT_public_key *pk,
getkey_bynames (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
strlist_t names, int want_secret, kbnode_t *ret_keyblock)
{
return key_byname (retctx, names, pk, want_secret, 1,
return key_byname (ctrl, retctx, names, pk, want_secret, 1,
ret_keyblock, NULL);
}
@ -2136,7 +2140,7 @@ getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
else
with_unusable = 0;
err = key_byname (retctx, namelist, pk, want_secret, with_unusable,
err = key_byname (ctrl, retctx, namelist, pk, want_secret, with_unusable,
ret_keyblock, NULL);
/* FIXME: Check that we really return GPG_ERR_NO_SECKEY if
@ -2165,7 +2169,8 @@ getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
* The self-signed data has already been merged into the public key
* using merge_selfsigs. */
gpg_error_t
getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock)
getkey_next (ctrl_t ctrl, getkey_ctx_t ctx,
PKT_public_key *pk, kbnode_t *ret_keyblock)
{
int rc; /* Fixme: Make sure this is proper gpg_error */
KBNODE keyblock = NULL;
@ -2183,7 +2188,8 @@ getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock)
if (pk && ret_keyblock == NULL)
ret_keyblock = &keyblock;
rc = lookup (ctx, ret_keyblock, pk ? &found_key : NULL, ctx->want_secret);
rc = lookup (ctrl, ctx, ctx->want_secret,
ret_keyblock, pk ? &found_key : NULL);
if (!rc && pk)
{
log_assert (found_key);
@ -2255,12 +2261,12 @@ setup_main_keyids (kbnode_t keyblock)
* useful, however, if you change the keyblock, e.g., by adding or
* removing a self-signed data packet. */
void
merge_keys_and_selfsig (KBNODE keyblock)
merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock)
{
if (!keyblock)
;
else if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
merge_selfsigs (keyblock);
merge_selfsigs (ctrl, keyblock);
else
log_debug ("FIXME: merging secret key blocks is not anymore available\n");
}
@ -2481,7 +2487,7 @@ sig_to_revoke_info (PKT_signature * sig, struct revoke_info *rinfo)
field is set to 1 and the other user id's is_primary are set to
0. */
static void
merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
merge_selfsigs_main (ctrl_t ctrl, kbnode_t keyblock, int *r_revoked,
struct revoke_info *rinfo)
{
PKT_public_key *pk = NULL;
@ -2564,7 +2570,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1])
/* Self sig. */
{
if (check_key_signature (keyblock, k, NULL))
if (check_key_signature (ctrl, keyblock, k, NULL))
; /* Signature did not verify. */
else if (IS_KEY_REV (sig))
{
@ -2689,7 +2695,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
if (IS_KEY_REV (sig) &&
(sig->keyid[0] != kid[0] || sig->keyid[1] != kid[1]))
{
int rc = check_revocation_keys (pk, sig);
int rc = check_revocation_keys (ctrl, pk, sig);
if (rc == 0)
{
*r_revoked = 2;
@ -2746,7 +2752,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
PKT_signature *sig = k->pkt->pkt.signature;
if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1])
{
if (check_key_signature (keyblock, k, NULL))
if (check_key_signature (ctrl, keyblock, k, NULL))
; /* signature did not verify */
else if ((IS_UID_SIG (sig) || IS_UID_REV (sig))
&& sig->timestamp >= sigdate)
@ -2812,9 +2818,10 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
revoked the user should also remove the
ultimate trust flag. */
if (get_pubkey_fast (ultimate_pk, sig->keyid) == 0
&& check_key_signature2 (keyblock, k, ultimate_pk,
&& check_key_signature2 (ctrl,
keyblock, k, ultimate_pk,
NULL, NULL, NULL, NULL) == 0
&& get_ownertrust (ultimate_pk) == TRUST_ULTIMATE)
&& get_ownertrust (ctrl, ultimate_pk) == TRUST_ULTIMATE)
{
free_public_key (ultimate_pk);
pk->flags.valid = 1;
@ -3050,7 +3057,7 @@ buf_to_sig (const byte * buf, size_t len)
flags.chosen_selfsig
*/
static void
merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
merge_selfsigs_subkey (ctrl_t ctrl, kbnode_t keyblock, kbnode_t subnode)
{
PKT_public_key *mainpk = NULL, *subpk = NULL;
PKT_signature *sig;
@ -3089,7 +3096,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
sig = k->pkt->pkt.signature;
if (sig->keyid[0] == mainkid[0] && sig->keyid[1] == mainkid[1])
{
if (check_key_signature (keyblock, k, NULL))
if (check_key_signature (ctrl, keyblock, k, NULL))
; /* Signature did not verify. */
else if (IS_SUBKEY_REV (sig))
{
@ -3241,7 +3248,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
See documentation for merge_selfsigs_main, merge_selfsigs_subkey
and fixup_uidnode for exactly which fields are updated. */
static void
merge_selfsigs (KBNODE keyblock)
merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock)
{
KBNODE k;
int revoked;
@ -3264,14 +3271,14 @@ merge_selfsigs (KBNODE keyblock)
BUG ();
}
merge_selfsigs_main (keyblock, &revoked, &rinfo);
merge_selfsigs_main (ctrl, keyblock, &revoked, &rinfo);
/* Now merge in the data from each of the subkeys. */
for (k = keyblock; k; k = k->next)
{
if (k->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
merge_selfsigs_subkey (keyblock, k);
merge_selfsigs_subkey (ctrl, keyblock, k);
}
}
@ -3670,8 +3677,8 @@ print_status_key_considered (kbnode_t keyblock, unsigned int flags)
*RET_KEYBLOCK is deallocated. Therefore, if RET_FOUND_KEY is not
NULL, then RET_KEYBLOCK must not be NULL. */
static int
lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
int want_secret)
lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
kbnode_t *ret_keyblock, kbnode_t *ret_found_key)
{
int rc;
int no_suitable_key = 0;
@ -3708,7 +3715,7 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
/* Warning: node flag bits 0 and 1 should be preserved by
* merge_selfsigs. */
merge_selfsigs (keyblock);
merge_selfsigs (ctrl, keyblock);
found_key = finish_lookup (keyblock, ctx->req_usage, ctx->exact,
&infoflags);
print_status_key_considered (keyblock, infoflags);
@ -3868,7 +3875,8 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
break;
case 3: /* Init search context to enum all secret keys. */
err = getkey_bynames (&c->ctx, NULL, NULL, 1, &keyblock);
err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
&keyblock);
if (err)
{
release_kbnode (keyblock);
@ -3882,7 +3890,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
case 4: /* Get next item from the context. */
if (c->ctx)
{
err = getkey_next (c->ctx, NULL, &keyblock);
err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
if (err)
{
release_kbnode (keyblock);
@ -3946,7 +3954,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
/* Return a string with a printable representation of the user_id.
* this string must be freed by xfree. */
static char *
get_user_id_string (u32 * keyid, int mode, size_t *r_len)
get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
{
user_id_db_t r;
keyid_list_t a;
@ -3990,7 +3998,7 @@ get_user_id_string (u32 * keyid, int mode, size_t *r_len)
}
}
}
while (++pass < 2 && !get_pubkey (NULL, keyid));
while (++pass < 2 && !get_pubkey (ctrl, NULL, keyid));
if (mode == 2)
p = xstrdup (user_id_not_found_utf8 ());
@ -4006,9 +4014,9 @@ get_user_id_string (u32 * keyid, int mode, size_t *r_len)
char *
get_user_id_string_native (u32 * keyid)
get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
{
char *p = get_user_id_string (keyid, 0, NULL);
char *p = get_user_id_string (ctrl, keyid, 0, NULL);
char *p2 = utf8_to_native (p, strlen (p), 0);
xfree (p);
return p2;
@ -4016,26 +4024,26 @@ get_user_id_string_native (u32 * keyid)
char *
get_long_user_id_string (u32 * keyid)
get_long_user_id_string (ctrl_t ctrl, u32 * keyid)
{
return get_user_id_string (keyid, 1, NULL);
return get_user_id_string (ctrl, keyid, 1, NULL);
}
/* Please try to use get_user_byfpr instead of this one. */
char *
get_user_id (u32 * keyid, size_t * rn)
get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn)
{
return get_user_id_string (keyid, 2, rn);
return get_user_id_string (ctrl, keyid, 2, rn);
}
/* Please try to use get_user_id_byfpr_native instead of this one. */
char *
get_user_id_native (u32 * keyid)
get_user_id_native (ctrl_t ctrl, u32 *keyid)
{
size_t rn;
char *p = get_user_id (keyid, &rn);
char *p = get_user_id (ctrl, keyid, &rn);
char *p2 = utf8_to_native (p, rn, 0);
xfree (p);
return p2;
@ -4048,7 +4056,7 @@ get_user_id_native (u32 * keyid)
terminated. To determine the length of the string, you must use
*RN. */
char *
get_user_id_byfpr (const byte *fpr, size_t *rn)
get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn)
{
user_id_db_t r;
char *p;
@ -4076,7 +4084,7 @@ get_user_id_byfpr (const byte *fpr, size_t *rn)
}
}
while (++pass < 2
&& !get_pubkey_byfprint (NULL, NULL, fpr, MAX_FINGERPRINT_LEN));
&& !get_pubkey_byfprint (ctrl, NULL, NULL, fpr, MAX_FINGERPRINT_LEN));
p = xstrdup (user_id_not_found_utf8 ());
*rn = strlen (p);
return p;
@ -4086,10 +4094,10 @@ get_user_id_byfpr (const byte *fpr, size_t *rn)
encoding. The returned string needs to be freed. Unlike
get_user_id_byfpr, the returned string is NUL terminated. */
char *
get_user_id_byfpr_native (const byte *fpr)
get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr)
{
size_t rn;
char *p = get_user_id_byfpr (fpr, &rn);
char *p = get_user_id_byfpr (ctrl, fpr, &rn);
char *p2 = utf8_to_native (p, rn, 0);
xfree (p);
return p2;

21
g10/gpg.c
View File

@ -4292,7 +4292,8 @@ main (int argc, char **argv)
proper order :) */
for( ; argc; argc-- )
add_to_strlist2( &sl, argv[argc-1], utf8_strings );
delete_keys(sl,cmd==aDeleteSecretKeys,cmd==aDeleteSecretAndPublicKeys);
delete_keys (ctrl, sl,
cmd==aDeleteSecretKeys, cmd==aDeleteSecretAndPublicKeys);
free_strlist(sl);
break;
@ -4591,7 +4592,7 @@ main (int argc, char **argv)
if( argc != 1 )
wrong_args("--generate-revocation user-id");
username = make_username(*argv);
gen_revoke( username );
gen_revoke (ctrl, username );
xfree( username );
break;
@ -4738,10 +4739,10 @@ main (int argc, char **argv)
#ifndef NO_TRUST_MODELS
case aListTrustDB:
if( !argc )
list_trustdb (es_stdout, NULL);
list_trustdb (ctrl, es_stdout, NULL);
else {
for( ; argc; argc--, argv++ )
list_trustdb (es_stdout, *argv );
list_trustdb (ctrl, es_stdout, *argv );
}
break;
@ -4773,28 +4774,28 @@ main (int argc, char **argv)
case aExportOwnerTrust:
if( argc )
wrong_args("--export-ownertrust");
export_ownertrust();
export_ownertrust (ctrl);
break;
case aImportOwnerTrust:
if( argc > 1 )
wrong_args("--import-ownertrust [file]");
import_ownertrust( argc? *argv:NULL );
import_ownertrust (ctrl, argc? *argv:NULL );
break;
#endif /*!NO_TRUST_MODELS*/
case aRebuildKeydbCaches:
if (argc)
wrong_args ("--rebuild-keydb-caches");
keydb_rebuild_caches (1);
keydb_rebuild_caches (ctrl, 1);
break;
#ifdef ENABLE_CARD_SUPPORT
case aCardStatus:
if (argc == 0)
card_status (es_stdout, NULL);
card_status (ctrl, es_stdout, NULL);
else if (argc == 1)
card_status (es_stdout, *argv);
card_status (ctrl, es_stdout, *argv);
else
wrong_args ("--card-status [serialno]");
break;
@ -4906,7 +4907,7 @@ main (int argc, char **argv)
g10_exit (1);
}
merge_keys_and_selfsig (kb);
merge_keys_and_selfsig (ctrl, kb);
if (tofu_set_policy (ctrl, kb, policy))
g10_exit (1);

17
g10/gpgcompose.c
View File

@ -42,6 +42,11 @@ struct filter
struct filter *next;
};
/* Hack to ass CTRL to some functions. */
static ctrl_t global_ctrl;
static struct filter *filters;
static void
@ -1609,7 +1614,7 @@ mksubpkt_callback (PKT_signature *sig, void *cookie)
if (err)
{
u32 keyid[2];
keyid_from_fingerprint (revkey->fpr, 20, keyid);
keyid_from_fingerprint (global_ctrl, revkey->fpr, 20, keyid);
log_fatal ("adding revocation key %s: %s\n",
keystr (keyid), gpg_strerror (err));
}
@ -1793,7 +1798,8 @@ signature (const char *option, int argc, char *argv[], void *cookie)
/* Changing the issuer's key id is fragile. Check to make sure
make_keysig_packet didn't recompute the keyid. */
keyid_copy (keyid, si.issuer_pk->keyid);
err = make_keysig_packet (&sig, si.pk, si.uid, si.sk, si.issuer_pk,
err = make_keysig_packet (global_ctrl,
&sig, si.pk, si.uid, si.sk, si.issuer_pk,
si.class, si.digest_algo,
si.timestamp, si.expiration,
mksubpkt_callback, &si, NULL);
@ -2446,7 +2452,7 @@ pk_esk (const char *option, int argc, char *argv[], void *cookie)
make_session_key (&session_key);
}
err = write_pubkey_enc (&pk, pi.throw_keyid, &session_key, out);
err = write_pubkey_enc (global_ctrl, &pk, pi.throw_keyid, &session_key, out);
if (err)
log_fatal ("%s: writing pk_esk packet for %s: %s\n",
option, pi.keyid, gpg_strerror (err));
@ -2967,7 +2973,7 @@ main (int argc, char *argv[])
/* Allow notations in the IETF space, for instance. */
opt.expert = 1;
ctrl = xcalloc (1, sizeof *ctrl);
global_ctrl = ctrl = xcalloc (1, sizeof *ctrl);
keydb_add_resource ("pubring" EXTSEP_S GPGEXT_GPG,
KEYDB_RESOURCE_FLAG_DEFAULT);
@ -3035,7 +3041,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
}
void
show_basic_key_info (KBNODE keyblock)
show_basic_key_info (ctrl_t ctrl, KBNODE keyblock)
{
(void)ctrl;
(void) keyblock;
}

17
g10/gpgv.c
View File

@ -299,10 +299,12 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
}
void
read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
byte *marginals, byte *completes, byte *cert_depth,
byte *min_cert_level)
read_trust_options (ctrl_t ctrl,
byte *trust_model, ulong *created, ulong *nextcheck,
byte *marginals, byte *completes, byte *cert_depth,
byte *min_cert_level)
{
(void)ctrl;
(void)trust_model;
(void)created;
(void)nextcheck;
@ -318,8 +320,9 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
*/
int
cache_disabled_value(PKT_public_key *pk)
cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
{
(void)ctrl;
(void)pk;
return 0;
}
@ -371,16 +374,18 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
}
int
get_ownertrust_info (PKT_public_key *pk, int no_create)
get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
(void)ctrl;
(void)pk;
(void)no_create;
return '?';
}
unsigned int
get_ownertrust (PKT_public_key *pk)
get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
{
(void)ctrl;
(void)pk;
return TRUST_UNKNOWN;
}

126
g10/import.c
View File

@ -112,11 +112,12 @@ static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
import_screener_t screener, void *screener_arg);
static int import_revoke_cert (ctrl_t ctrl,
kbnode_t node, struct import_stats_s *stats);
static int chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self);
static int delete_inv_parts (kbnode_t keyblock,
static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
int *non_self);
static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock,
u32 *keyid, unsigned int options);
static int any_uid_left (kbnode_t keyblock);
static int merge_blocks (kbnode_t keyblock_orig,
static int merge_blocks (ctrl_t ctrl, kbnode_t keyblock_orig,
kbnode_t keyblock, u32 *keyid,
int *n_uids, int *n_sigs, int *n_subk );
static int append_uid (kbnode_t keyblock, kbnode_t node, int *n_sigs);
@ -361,13 +362,13 @@ read_key_from_file (ctrl_t ctrl, const char *fname, kbnode_t *r_keyblock)
collapse_uids (&keyblock);
clear_kbnode_flags (keyblock);
if (chk_self_sigs (keyblock, keyid, &non_self))
if (chk_self_sigs (ctrl, keyblock, keyid, &non_self))
{
err = gpg_error (GPG_ERR_INV_KEYRING);
goto leave;
}
if (!delete_inv_parts (keyblock, keyid, 0) )
if (!delete_inv_parts (ctrl, keyblock, keyid, 0) )
{
err = gpg_error (GPG_ERR_NO_USER_ID);
goto leave;
@ -907,7 +908,7 @@ read_block( IOBUF a, int with_meta,
by reordering the keyblock so that it reads "pk uid sig sub1 bind1
sub2 sub3". Returns TRUE if the keyblock was modified. */
static int
fix_pks_corruption (kbnode_t keyblock)
fix_pks_corruption (ctrl_t ctrl, kbnode_t keyblock)
{
int changed = 0;
int keycount = 0;
@ -946,7 +947,7 @@ fix_pks_corruption (kbnode_t keyblock)
selfsig. This is not necessary here as the subkey and
binding sig will be rejected later if that is the
case. */
if (check_key_signature (keyblock,node,NULL))
if (check_key_signature (ctrl, keyblock,node,NULL))
{
/* Not a match, so undo the changes. */
sknode->next = node->next;
@ -979,7 +980,7 @@ fix_pks_corruption (kbnode_t keyblock)
We need to detect and delete them before doing a merge. This
function returns the number of removed sigs. */
static int
fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
fix_bad_direct_key_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid)
{
gpg_error_t err;
kbnode_t node;
@ -992,7 +993,7 @@ fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
if (node->pkt->pkttype == PKT_SIGNATURE
&& IS_KEY_SIG (node->pkt->pkt.signature))
{
err = check_key_signature (keyblock, node, NULL);
err = check_key_signature (ctrl, keyblock, node, NULL);
if (err && gpg_err_code (err) != GPG_ERR_PUBKEY_ALGO )
{
/* If we don't know the error, we can't decide; this is
@ -1067,7 +1068,7 @@ check_prefs (ctrl_t ctrl, kbnode_t keyblock)
PKT_public_key *pk;
int problem=0;
merge_keys_and_selfsig(keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
pk=keyblock->pkt->pkt.public_key;
for(node=keyblock;node;node=node->next)
@ -1174,8 +1175,10 @@ check_prefs (ctrl_t ctrl, kbnode_t keyblock)
const char *
impex_filter_getval (void *cookie, const char *propname)
{
/* FIXME: Malloc our static buffers and access them via the cookie. */
kbnode_t node = cookie;
/* FIXME: Malloc our static buffers and access them via PARM. */
struct impex_filter_parm_s *parm = cookie;
ctrl_t ctrl = parm->ctrl;
kbnode_t node = parm->node;
static char numbuf[20];
const char *result;
@ -1293,15 +1296,19 @@ impex_filter_getval (void *cookie, const char *propname)
* KEYBLOCK must not have any blocks marked as deleted.
*/
static void
apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
apply_keep_uid_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
{
kbnode_t node;
struct impex_filter_parm_s parm;
parm.ctrl = ctrl;
for (node = keyblock->next; node; node = node->next )
{
if (node->pkt->pkttype == PKT_USER_ID)
{
if (!recsel_select (selector, impex_filter_getval, node))
parm.node = node;
if (!recsel_select (selector, impex_filter_getval, &parm))
{
/* log_debug ("keep-uid: deleting '%s'\n", */
@ -1330,12 +1337,15 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
* KEYBLOCK must not have any blocks marked as deleted.
*/
static void
apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector)
apply_drop_sig_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
{
kbnode_t node;
int active = 0;
u32 main_keyid[2];
PKT_signature *sig;
struct impex_filter_parm_s parm;
parm.ctrl = ctrl;
keyid_from_pk (keyblock->pkt->pkt.public_key, main_keyid);
@ -1360,7 +1370,8 @@ apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector)
if (IS_UID_SIG(sig) || IS_UID_REV(sig))
{
if (recsel_select (selector, impex_filter_getval, node))
parm.node = node;
if (recsel_select (selector, impex_filter_getval, &parm))
delete_kbnode (node);
}
}
@ -1442,9 +1453,9 @@ import_one (ctrl_t ctrl,
{
if (is_status_enabled())
print_import_check (pk, uidnode->pkt->pkt.user_id);
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
tty_printf ("\n");
show_basic_key_info (keyblock);
show_basic_key_info (ctrl, keyblock);
tty_printf ("\n");
if (!cpr_get_answer_is_yes ("import.okay",
"Do you want to import this key? (y/N) "))
@ -1458,16 +1469,18 @@ import_one (ctrl_t ctrl,
end result, but does result in less logging which might confuse
the user. */
if (options&IMPORT_CLEAN)
clean_key (keyblock,opt.verbose,options&IMPORT_MINIMAL,NULL,NULL);
clean_key (ctrl, keyblock,
opt.verbose, (options&IMPORT_MINIMAL), NULL, NULL);
clear_kbnode_flags( keyblock );
if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG)
&& fix_pks_corruption (ctrl, keyblock)
&& opt.verbose)
log_info (_("key %s: PKS subkey corruption repaired\n"),
keystr_from_pk(pk));
if (chk_self_sigs (keyblock, keyid, &non_self))
if (chk_self_sigs (ctrl, keyblock, keyid, &non_self))
return 0; /* Invalid keyblock - error already printed. */
/* If we allow such a thing, mark unsigned uids as valid */
@ -1488,7 +1501,7 @@ import_one (ctrl_t ctrl,
}
}
if (!delete_inv_parts (keyblock, keyid, options ) )
if (!delete_inv_parts (ctrl, keyblock, keyid, options ) )
{
if (!silent)
{
@ -1506,13 +1519,13 @@ import_one (ctrl_t ctrl,
/* Apply import filter. */
if (import_filter.keep_uid)
{
apply_keep_uid_filter (keyblock, import_filter.keep_uid);
apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
commit_kbnode (&keyblock);
any_filter = 1;
}
if (import_filter.drop_sig)
{
apply_drop_sig_filter (keyblock, import_filter.drop_sig);
apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
commit_kbnode (&keyblock);
any_filter = 1;
}
@ -1534,7 +1547,7 @@ import_one (ctrl_t ctrl,
if ((options & IMPORT_SHOW)
&& !((options & IMPORT_EXPORT) && !opt.armor && !opt.outfile))
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
merge_keys_done = 1;
/* Note that we do not want to show the validity because the key
* has not yet imported. */
@ -1547,7 +1560,7 @@ import_one (ctrl_t ctrl,
{
if (!merge_keys_done)
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
merge_keys_done = 1;
}
rc = write_keyblock_to_output (keyblock, opt.armor, opt.export_options);
@ -1604,23 +1617,23 @@ import_one (ctrl_t ctrl,
be made to happen with the trusted-key command and by
importing and locally exported key. */
clear_ownertrusts (pk);
clear_ownertrusts (ctrl, pk);
if (non_self)
revalidation_mark ();
revalidation_mark (ctrl);
}
keydb_release (hd);
/* We are ready. */
if (!opt.quiet && !silent)
{
char *p = get_user_id_byfpr_native (fpr2);
char *p = get_user_id_byfpr_native (ctrl, fpr2);
log_info (_("key %s: public key \"%s\" imported\n"),
keystr(keyid), p);
xfree(p);
}
if (is_status_enabled())
{
char *us = get_long_user_id_string( keyid );
char *us = get_long_user_id_string (ctrl, keyid);
write_status_text( STATUS_IMPORTED, us );
xfree(us);
print_import_ok (pk, 1);
@ -1669,7 +1682,7 @@ import_one (ctrl_t ctrl,
}
/* Make sure the original direct key sigs are all sane. */
n_sigs_cleaned = fix_bad_direct_key_sigs (keyblock_orig, keyid);
n_sigs_cleaned = fix_bad_direct_key_sigs (ctrl, keyblock_orig, keyid);
if (n_sigs_cleaned)
commit_kbnode (&keyblock_orig);
@ -1677,7 +1690,7 @@ import_one (ctrl_t ctrl,
clear_kbnode_flags( keyblock_orig );
clear_kbnode_flags( keyblock );
n_uids = n_sigs = n_subk = n_uids_cleaned = 0;
rc = merge_blocks (keyblock_orig, keyblock,
rc = merge_blocks (ctrl, keyblock_orig, keyblock,
keyid, &n_uids, &n_sigs, &n_subk );
if (rc )
{
@ -1686,7 +1699,7 @@ import_one (ctrl_t ctrl,
}
if ((options & IMPORT_CLEAN))
clean_key (keyblock_orig,opt.verbose,options&IMPORT_MINIMAL,
clean_key (ctrl, keyblock_orig, opt.verbose, (options&IMPORT_MINIMAL),
&n_uids_cleaned,&n_sigs_cleaned);
if (n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned)
@ -1698,12 +1711,12 @@ import_one (ctrl_t ctrl,
log_error (_("error writing keyring '%s': %s\n"),
keydb_get_resource_name (hd), gpg_strerror (rc) );
else if (non_self)
revalidation_mark ();
revalidation_mark (ctrl);
/* We are ready. */
if (!opt.quiet && !silent)
{
char *p = get_user_id_byfpr_native (fpr2);
char *p = get_user_id_byfpr_native (ctrl, fpr2);
if (n_uids == 1 )
log_info( _("key %s: \"%s\" 1 new user ID\n"),
keystr(keyid),p);
@ -1754,7 +1767,7 @@ import_one (ctrl_t ctrl,
if (!opt.quiet && !silent)
{
char *p = get_user_id_byfpr_native (fpr2);
char *p = get_user_id_byfpr_native (ctrl, fpr2);
log_info( _("key %s: \"%s\" not changed\n"),keystr(keyid),p);
xfree(p);
}
@ -2059,7 +2072,7 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
/* Send the wrapped key to the agent. */
{
char *desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_IMPORT, 1);
char *desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_IMPORT, 1);
err = agent_import_key (ctrl, desc, &cache_nonce,
wrappedkey, wrappedkeylen, batch, force);
xfree (desc);
@ -2279,7 +2292,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
/* Fixme: we should do this based on the fingerprint or
even better let import_one return the merged
keyblock. */
node = get_pubkeyblock (keyid);
node = get_pubkeyblock (ctrl, keyid);
if (!node)
log_error ("key %s: failed to re-lookup public key\n",
keystr_from_pk (pk));
@ -2356,7 +2369,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
keyid[1] = node->pkt->pkt.signature->keyid[1];
pk = xmalloc_clear( sizeof *pk );
rc = get_pubkey( pk, keyid );
rc = get_pubkey (ctrl, pk, keyid );
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY )
{
log_error(_("key %s: no public key -"
@ -2405,7 +2418,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
/* it is okay, that node is not in keyblock because
* check_key_signature works fine for sig_class 0x20 in this
* special case. */
rc = check_key_signature( keyblock, node, NULL);
rc = check_key_signature (ctrl, keyblock, node, NULL);
if (rc )
{
log_error( _("key %s: invalid revocation certificate"
@ -2440,7 +2453,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
/* we are ready */
if (!opt.quiet )
{
char *p=get_user_id_native (keyid);
char *p=get_user_id_native (ctrl, keyid);
log_info( _("key %s: \"%s\" revocation certificate imported\n"),
keystr(keyid),p);
xfree(p);
@ -2450,10 +2463,10 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
/* If the key we just revoked was ultimately trusted, remove its
ultimate trust. This doesn't stop the user from putting the
ultimate trust back, but is a reasonable solution for now. */
if(get_ownertrust(pk)==TRUST_ULTIMATE)
clear_ownertrusts(pk);
if (get_ownertrust (ctrl, pk) == TRUST_ULTIMATE)
clear_ownertrusts (ctrl, pk);
revalidation_mark ();
revalidation_mark (ctrl);
leave:
keydb_release (hd);
@ -2477,7 +2490,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
* is invalid.
*/
static int
chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
{
kbnode_t n, knode = NULL;
PKT_signature *sig;
@ -2510,7 +2523,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
/* This just caches the sigs for later use. That way we
import a fully-cached key which speeds things up. */
if (!opt.no_sig_cache)
check_key_signature (keyblock, n, NULL);
check_key_signature (ctrl, keyblock, n, NULL);
if ( IS_UID_SIG(sig) || IS_UID_REV(sig) )
{
@ -2525,7 +2538,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
/* If it hasn't been marked valid yet, keep trying. */
if (!(unode->flag & NODE_GOOD_SELFSIG))
{
rc = check_key_signature (keyblock, n, NULL);
rc = check_key_signature (ctrl, keyblock, n, NULL);
if ( rc )
{
if ( opt.verbose )
@ -2548,7 +2561,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
}
else if (IS_KEY_SIG (sig))
{
rc = check_key_signature (keyblock, n, NULL);
rc = check_key_signature (ctrl, keyblock, n, NULL);
if ( rc )
{
if (opt.verbose)
@ -2574,7 +2587,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
}
else
{
rc = check_key_signature (keyblock, n, NULL);
rc = check_key_signature (ctrl, keyblock, n, NULL);
if ( rc )
{
if (opt.verbose)
@ -2625,7 +2638,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
}
else
{
rc = check_key_signature (keyblock, n, NULL);
rc = check_key_signature (ctrl, keyblock, n, NULL);
if ( rc )
{
if(opt.verbose)
@ -2672,7 +2685,8 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
* Returns: True if at least one valid user-id is left over.
*/
static int
delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options)
delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
unsigned int options)
{
kbnode_t node;
int nvalid=0, uid_seen=0, subkey_seen=0;
@ -2767,7 +2781,7 @@ delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options)
if(node->pkt->pkt.signature->keyid[0]==keyid[0]
&& node->pkt->pkt.signature->keyid[1]==keyid[1])
{
int rc = check_key_signature( keyblock, node, NULL);
int rc = check_key_signature (ctrl, keyblock, node, NULL);
if (rc )
{
if(opt.verbose)
@ -2968,8 +2982,8 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
{
u32 keyid[2];
keyid_from_fingerprint(sig->revkey[idx].fpr,
MAX_FINGERPRINT_LEN,keyid);
keyid_from_fingerprint (ctrl, sig->revkey[idx].fpr,
MAX_FINGERPRINT_LEN, keyid);
for(inode=keyblock->next;inode;inode=inode->next)
{
@ -3041,7 +3055,7 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
* Note: We indicate newly inserted packets with NODE_FLAG_A.
*/
static int
merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock,
merge_blocks (ctrl_t ctrl, kbnode_t keyblock_orig, kbnode_t keyblock,
u32 *keyid, int *n_uids, int *n_sigs, int *n_subk )
{
kbnode_t onode, node;
@ -3078,7 +3092,7 @@ merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock,
++*n_sigs;
if(!opt.quiet)
{
char *p=get_user_id_native (keyid);
char *p = get_user_id_native (ctrl, keyid);
log_info(_("key %s: \"%s\" revocation"
" certificate added\n"), keystr(keyid),p);
xfree(p);

4
g10/keydb.c
View File

@ -1674,7 +1674,7 @@ keydb_locate_writable (KEYDB_HANDLE hd)
/* Rebuild the on-disk caches of all key resources. */
void
keydb_rebuild_caches (int noisy)
keydb_rebuild_caches (ctrl_t ctrl, int noisy)
{
int i, rc;
@ -1687,7 +1687,7 @@ keydb_rebuild_caches (int noisy)
case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
break;
case KEYDB_RESOURCE_TYPE_KEYRING:
rc = keyring_rebuild_cache (all_resources[i].token,noisy);
rc = keyring_rebuild_cache (ctrl, all_resources[i].token,noisy);
if (rc)
log_error (_("failed to rebuild keyring cache: %s\n"),
gpg_strerror (rc));

44
g10/keydb.h
View File

@ -186,7 +186,7 @@ gpg_error_t keydb_delete_keyblock (KEYDB_HANDLE hd);
gpg_error_t keydb_locate_writable (KEYDB_HANDLE hd);
/* Rebuild the on-disk caches of all key resources. */
void keydb_rebuild_caches (int noisy);
void keydb_rebuild_caches (ctrl_t ctrl, int noisy);
/* Return the number of skipped blocks (because they were to large to
read from a keybox) since the last search reset. */
@ -215,7 +215,7 @@ gpg_error_t keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr);
/*-- pkclist.c --*/
void show_revocation_reason( PKT_public_key *pk, int mode );
void show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode );
int check_signatures_trust (ctrl_t ctrl, PKT_signature *sig);
void release_pk_list (PK_LIST pk_list);
@ -258,13 +258,15 @@ void set_next_passphrase( const char *s );
char *get_last_passphrase(void);
void next_to_last_passphrase(void);
void emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo);
void emit_status_need_passphrase (ctrl_t ctrl, u32 *keyid,
u32 *mainkeyid, int pubkey_algo);
#define FORMAT_KEYDESC_NORMAL 0
#define FORMAT_KEYDESC_IMPORT 1
#define FORMAT_KEYDESC_EXPORT 2
#define FORMAT_KEYDESC_DELKEY 3
char *gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped);
char *gpg_format_keydesc (ctrl_t ctrl,
PKT_public_key *pk, int mode, int escaped);
/*-- getkey.c --*/
@ -276,7 +278,7 @@ void cache_public_key( PKT_public_key *pk );
void getkey_disable_caches(void);
/* Return the public key with the key id KEYID and store it at PK. */
int get_pubkey( PKT_public_key *pk, u32 *keyid );
int get_pubkey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid);
/* Similar to get_pubkey, but it does not take PK->REQ_USAGE into
account nor does it merge in the self-signed data. This function
@ -284,7 +286,7 @@ int get_pubkey( PKT_public_key *pk, u32 *keyid );
int get_pubkey_fast (PKT_public_key *pk, u32 *keyid);
/* Return the key block for the key with KEYID. */
kbnode_t get_pubkeyblock (u32 *keyid);
kbnode_t get_pubkeyblock (ctrl_t ctrl, u32 *keyid);
/* A list used by get_pubkeys to gather all of the matches. */
struct pubkey_s
@ -330,10 +332,10 @@ gpg_error_t get_pubkey_fromfile (ctrl_t ctrl,
/* Return the public key with the key id KEYID iff the secret key is
* available and store it at PK. */
gpg_error_t get_seckey (PKT_public_key *pk, u32 *keyid);
gpg_error_t get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid);
/* Lookup a key with the specified fingerprint. */
int get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
int get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock,
const byte *fprint, size_t fprint_len);
/* This function is similar to get_pubkey_byfprint, but it doesn't
@ -354,7 +356,8 @@ const char *parse_def_secret_key (ctrl_t ctrl);
gpg_error_t get_seckey_default (ctrl_t ctrl, PKT_public_key *pk);
/* Search for keys matching some criteria. */
gpg_error_t getkey_bynames (getkey_ctx_t *retctx, PKT_public_key *pk,
gpg_error_t getkey_bynames (ctrl_t ctrl,
getkey_ctx_t *retctx, PKT_public_key *pk,
strlist_t names, int want_secret,
kbnode_t *ret_keyblock);
@ -365,8 +368,8 @@ gpg_error_t getkey_byname (ctrl_t ctrl,
kbnode_t *ret_keyblock);
/* Return the next search result. */
gpg_error_t getkey_next (getkey_ctx_t ctx, PKT_public_key *pk,
kbnode_t *ret_keyblock);
gpg_error_t getkey_next (ctrl_t ctrl, getkey_ctx_t ctx,
PKT_public_key *pk, kbnode_t *ret_keyblock);
/* Release any resources used by a key listing context. */
void getkey_end (getkey_ctx_t ctx);
@ -383,14 +386,14 @@ void setup_main_keyids (kbnode_t keyblock);
/* This function merges information from the self-signed data into the
data structures. */
void merge_keys_and_selfsig (kbnode_t keyblock);
void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock);
char*get_user_id_string_native( u32 *keyid );
char*get_long_user_id_string( u32 *keyid );
char*get_user_id( u32 *keyid, size_t *rn );
char*get_user_id_native( u32 *keyid );
char *get_user_id_byfpr (const byte *fpr, size_t *rn);
char *get_user_id_byfpr_native (const byte *fpr);
char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid);
char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid);
char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn);
char*get_user_id_native (ctrl_t ctrl, u32 *keyid);
char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn);
char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr);
void release_akl(void);
int parse_auto_key_locate(char *options);
@ -449,8 +452,9 @@ const char *pk_keyid_str (PKT_public_key *pk);
const char *keystr_from_desc(KEYDB_SEARCH_DESC *desc);
u32 keyid_from_pk( PKT_public_key *pk, u32 *keyid );
u32 keyid_from_sig( PKT_signature *sig, u32 *keyid );
u32 keyid_from_fingerprint(const byte *fprint, size_t fprint_len, u32 *keyid);
u32 keyid_from_sig (PKT_signature *sig, u32 *keyid );
u32 keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint, size_t fprint_len,
u32 *keyid);
byte *namehash_from_uid(PKT_user_id *uid);
unsigned nbits_from_pk( PKT_public_key *pk );
const char *datestr_from_pk( PKT_public_key *pk );

278
g10/keyedit.c
View File

@ -59,24 +59,27 @@ static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
int with_revoker, int with_fpr,
int with_subkeys, int with_prefs,
int nowarn);
static void show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys);
static void show_key_and_fingerprint (ctrl_t ctrl,
kbnode_t keyblock, int with_subkeys);
static void show_key_and_grip (kbnode_t keyblock);
static void subkey_expire_warning (kbnode_t keyblock);
static int menu_adduid (ctrl_t ctrl, kbnode_t keyblock,
int photo, const char *photo_name, const char *uidstr);
static void menu_deluid (KBNODE pub_keyblock);
static int menu_delsig (KBNODE pub_keyblock);
static int menu_clean (KBNODE keyblock, int self_only);
static int menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock);
static int menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only);
static void menu_delkey (KBNODE pub_keyblock);
static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive);
static gpg_error_t menu_expire (kbnode_t pub_keyblock,
static gpg_error_t menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
int force_mainkey, u32 newexpiration);
static int menu_changeusage (kbnode_t keyblock);
static int menu_backsign (KBNODE pub_keyblock);
static int menu_set_primary_uid (KBNODE pub_keyblock);
static int menu_set_preferences (KBNODE pub_keyblock);
static int menu_set_keyserver_url (const char *url, KBNODE pub_keyblock);
static int menu_set_notation (const char *string, KBNODE pub_keyblock);
static int menu_changeusage (ctrl_t ctrl, kbnode_t keyblock);
static int menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock);
static int menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock);
static int menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock);
static int menu_set_keyserver_url (ctrl_t ctrl,
const char *url, kbnode_t pub_keyblock);
static int menu_set_notation (ctrl_t ctrl,
const char *string, kbnode_t pub_keyblock);
static int menu_select_uid (KBNODE keyblock, int idx);
static int menu_select_uid_namehash (KBNODE keyblock, const char *namehash);
static int menu_select_key (KBNODE keyblock, int idx, char *p);
@ -86,15 +89,15 @@ static int count_keys_with_flag (KBNODE keyblock, unsigned flag);
static int count_selected_uids (KBNODE keyblock);
static int real_uids_left (KBNODE keyblock);
static int count_selected_keys (KBNODE keyblock);
static int menu_revsig (KBNODE keyblock);
static int menu_revsig (ctrl_t ctrl, kbnode_t keyblock);
static int menu_revuid (ctrl_t ctrl, kbnode_t keyblock);
static int core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
const struct revocation_reason_info *reason,
int *modified);
static int menu_revkey (KBNODE pub_keyblock);
static int menu_revsubkey (KBNODE pub_keyblock);
static int menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock);
static int menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock);
#ifndef NO_TRUST_MODELS
static int enable_disable_key (KBNODE keyblock, int disable);
static int enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable);
#endif /*!NO_TRUST_MODELS*/
static void menu_showphoto (ctrl_t ctrl, kbnode_t keyblock);
@ -126,7 +129,7 @@ struct sign_attrib
/* TODO: Fix duplicated code between here and the check-sigs/list-sigs
code in keylist.c. */
static int
print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
print_and_check_one_sig_colon (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node,
int *inv_sigs, int *no_key, int *oth_err,
int *is_selfsig, int print_without_key)
{
@ -136,7 +139,7 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
/* TODO: Make sure a cached sig record here still has the pk that
issued it. See also keylist.c:list_keyblock_print */
rc = check_key_signature (keyblock, node, is_selfsig);
rc = check_key_signature (ctrl, keyblock, node, is_selfsig);
switch (gpg_err_code (rc))
{
case 0:
@ -199,7 +202,7 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
* always be printed.
*/
static int
print_one_sig (int rc, KBNODE keyblock, KBNODE node,
print_one_sig (ctrl_t ctrl, int rc, kbnode_t keyblock, kbnode_t node,
int *inv_sigs, int *no_key, int *oth_err,
int is_selfsig, int print_without_key, int extended)
{
@ -269,7 +272,7 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node,
else
{
size_t n;
char *p = get_user_id (sig->keyid, &n);
char *p = get_user_id (ctrl, sig->keyid, &n);
tty_print_utf8_string2 (NULL, p, n,
opt.screen_columns - keystrlen () - 26 -
((opt.
@ -316,14 +319,14 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node,
static int
print_and_check_one_sig (KBNODE keyblock, KBNODE node,
print_and_check_one_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node,
int *inv_sigs, int *no_key, int *oth_err,
int *is_selfsig, int print_without_key, int extended)
{
int rc;
rc = check_key_signature (keyblock, node, is_selfsig);
return print_one_sig (rc,
rc = check_key_signature (ctrl, keyblock, node, is_selfsig);
return print_one_sig (ctrl, rc,
keyblock, node, inv_sigs, no_key, oth_err,
*is_selfsig, print_without_key, extended);
}
@ -388,7 +391,8 @@ sig_comparison (const void *av, const void *bv)
Returns 1 if the keyblock was modified, 0 otherwise. */
static int
check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
check_all_keysigs (ctrl_t ctrl, kbnode_t kb,
int only_selected, int only_selfsigs)
{
gpg_error_t err;
PKT_public_key *pk;
@ -598,14 +602,13 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
if (keyid_cmp (pk_keyid (pk), sig->keyid) == 0)
issuer = pk;
else
/* Issuer is a different key. */
else /* Issuer is a different key. */
{
if (only_selfsigs)
continue;
issuer = xmalloc (sizeof (*issuer));
err = get_pubkey (issuer, sig->keyid);
err = get_pubkey (ctrl, issuer, sig->keyid);
if (err)
{
xfree (issuer);
@ -657,7 +660,8 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
continue;
else
{
err = check_signature_over_key_or_uid (issuer, sig, kb, n2->pkt,
err = check_signature_over_key_or_uid (ctrl,
issuer, sig, kb, n2->pkt,
NULL, NULL);
if (! err)
break;
@ -804,7 +808,7 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
}
if (modified)
print_one_sig (rc, kb, n, NULL, NULL, NULL, has_selfsig,
print_one_sig (ctrl, rc, kb, n, NULL, NULL, NULL, has_selfsig,
0, only_selfsigs);
}
@ -1517,7 +1521,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
if (!quick)
{
p = get_user_id_native (sk_keyid);
p = get_user_id_native (ctrl, sk_keyid);
tty_fprintf (fp,
_("Are you sure that you want to sign this key with your\n"
"key \"%s\" (%s)\n"), p, keystr_from_pk (pk));
@ -1617,7 +1621,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
* exportable. */
if (selfsig)
rc = make_keysig_packet (&sig, primary_pk,
rc = make_keysig_packet (ctrl, &sig, primary_pk,
node->pkt->pkt.user_id,
NULL,
pk,
@ -1625,7 +1629,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
keygen_add_std_prefs, primary_pk,
NULL);
else
rc = make_keysig_packet (&sig, primary_pk,
rc = make_keysig_packet (ctrl, &sig, primary_pk,
node->pkt->pkt.user_id,
NULL,
pk,
@ -1744,7 +1748,7 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
if (err)
goto leave;
desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_NORMAL, 1);
desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_NORMAL, 1);
err = agent_passwd (ctrl, hexgrip, desc, 0,
&cache_nonce, &passwd_nonce);
xfree (desc);
@ -1774,18 +1778,18 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
was changed. Note that a pointer to the keyblock must be given and
the function may change it (i.e. replacing the first node). */
static int
fix_keyblock (kbnode_t *keyblockp)
fix_keyblock (ctrl_t ctrl, kbnode_t *keyblockp)
{
int changed = 0;
if (collapse_uids (keyblockp))
changed++;
if (check_all_keysigs (*keyblockp, 0, 1))
if (check_all_keysigs (ctrl, *keyblockp, 0, 1))
changed++;
reorder_keyblock (*keyblockp);
/* If we modified the keyblock, make sure the flags are right. */
if (changed)
merge_keys_and_selfsig (*keyblockp);
merge_keys_and_selfsig (ctrl, *keyblockp);
return changed;
}
@ -2052,7 +2056,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
goto leave;
}
if (fix_keyblock (&keyblock))
if (fix_keyblock (ctrl, &keyblock))
modified++;
/* See whether we have a matching secret key. */
@ -2195,7 +2199,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
case cmdFPR:
show_key_and_fingerprint
(keyblock, (*arg_string == '*'
(ctrl,
keyblock, (*arg_string == '*'
&& (!arg_string[1] || spacep (arg_string + 1))));
break;
@ -2226,7 +2231,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdCHECK:
if (check_all_keysigs (keyblock, count_selected_uids (keyblock),
if (check_all_keysigs (ctrl, keyblock,
count_selected_uids (keyblock),
!strcmp (arg_string, "selfsig")))
modified = 1;
break;
@ -2319,7 +2325,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
update_trust = 1;
redisplay = 1;
modified = 1;
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
}
break;
@ -2357,7 +2363,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
if (!opt.expert)
tty_printf (_("(Use the '%s' command.)\n"), "uid");
}
else if (menu_delsig (keyblock))
else if (menu_delsig (ctrl, keyblock))
{
/* No redisplay here, because it may scroll away some
* of the status output of this command. */
@ -2371,17 +2377,17 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
{
redisplay = 1;
modified = 1;
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
}
break;
#ifdef ENABLE_CARD_SUPPORT
case cmdADDCARDKEY:
if (!card_generate_subkey (keyblock))
if (!card_generate_subkey (ctrl, keyblock))
{
redisplay = 1;
modified = 1;
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
}
break;
@ -2539,7 +2545,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
{
redisplay = 1;
modified = 1;
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
}
}
break;
@ -2578,7 +2584,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
_("Do you really want to revoke"
" the entire key? (y/N) ")))
{
if (menu_revkey (keyblock))
if (menu_revkey (ctrl, keyblock))
modified = 1;
redisplay = 1;
@ -2591,21 +2597,21 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
: _("Do you really want to revoke"
" this subkey? (y/N) ")))
{
if (menu_revsubkey (keyblock))
if (menu_revsubkey (ctrl, keyblock))
modified = 1;
redisplay = 1;
}
if (modified)
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
}
break;
case cmdEXPIRE:
if (gpg_err_code (menu_expire (keyblock, 0, 0)) == GPG_ERR_TRUE)
if (gpg_err_code (menu_expire (ctrl, keyblock, 0, 0)) == GPG_ERR_TRUE)
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
run_subkey_warnings = 1;
modified = 1;
redisplay = 1;
@ -2613,16 +2619,16 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdCHANGEUSAGE:
if (menu_changeusage (keyblock))
if (menu_changeusage (ctrl, keyblock))
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
break;
case cmdBACKSIGN:
if (menu_backsign (keyblock))
if (menu_backsign (ctrl, keyblock))
{
modified = 1;
redisplay = 1;
@ -2630,9 +2636,9 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdPRIMARY:
if (menu_set_primary_uid (keyblock))
if (menu_set_primary_uid (ctrl, keyblock))
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
@ -2702,9 +2708,9 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
" for the selected user IDs? (y/N) ")
: _("Really update the preferences? (y/N) ")))
{
if (menu_set_preferences (keyblock))
if (menu_set_preferences (ctrl, keyblock))
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
@ -2713,20 +2719,20 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdPREFKS:
if (menu_set_keyserver_url (*arg_string ? arg_string : NULL,
if (menu_set_keyserver_url (ctrl, *arg_string ? arg_string : NULL,
keyblock))
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
break;
case cmdNOTATION:
if (menu_set_notation (*arg_string ? arg_string : NULL,
if (menu_set_notation (ctrl, *arg_string ? arg_string : NULL,
keyblock))
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
@ -2736,7 +2742,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdREVSIG:
if (menu_revsig (keyblock))
if (menu_revsig (ctrl, keyblock))
{
redisplay = 1;
modified = 1;
@ -2746,7 +2752,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
#ifndef NO_TRUST_MODELS
case cmdENABLEKEY:
case cmdDISABLEKEY:
if (enable_disable_key (keyblock, cmd == cmdDISABLEKEY))
if (enable_disable_key (ctrl, keyblock, cmd == cmdDISABLEKEY))
{
redisplay = 1;
modified = 1;
@ -2759,12 +2765,12 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdCLEAN:
if (menu_clean (keyblock, 0))
if (menu_clean (ctrl, keyblock, 0))
redisplay = modified = 1;
break;
case cmdMINIMIZE:
if (menu_clean (keyblock, 1))
if (menu_clean (ctrl, keyblock, 1))
redisplay = modified = 1;
break;
@ -2809,7 +2815,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
if (update_trust)
{
revalidation_mark ();
revalidation_mark (ctrl);
update_trust = 0;
}
goto leave;
@ -2928,8 +2934,8 @@ quick_find_keyblock (ctrl_t ctrl, const char *username,
goto leave;
}
fix_keyblock (&keyblock);
merge_keys_and_selfsig (keyblock);
fix_keyblock (ctrl, &keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
*r_keyblock = keyblock;
keyblock = NULL;
@ -2981,7 +2987,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
}
if (update_trust)
revalidation_mark ();
revalidation_mark (ctrl);
}
leave:
@ -3054,7 +3060,7 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
goto leave;
}
revalidation_mark ();
revalidation_mark (ctrl);
goto leave;
}
}
@ -3112,16 +3118,16 @@ keyedit_quick_set_primary (ctrl_t ctrl, const char *username,
if (!any)
err = gpg_error (GPG_ERR_NO_USER_ID);
else if (menu_set_primary_uid (keyblock))
else if (menu_set_primary_uid (ctrl, keyblock))
{
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
if (err)
{
log_error (_("update failed: %s\n"), gpg_strerror (err));
goto leave;
}
revalidation_mark ();
revalidation_mark (ctrl);
}
else
err = gpg_error (GPG_ERR_GENERAL);
@ -3235,7 +3241,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))
goto leave;
if (fix_keyblock (&keyblock))
if (fix_keyblock (ctrl, &keyblock))
modified++;
/* Give some info in verbose. */
@ -3350,7 +3356,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
log_info (_("Key not changed so no update needed.\n"));
if (update_trust)
revalidation_mark ();
revalidation_mark (ctrl);
leave:
@ -3383,7 +3389,7 @@ keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr,
if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))
goto leave;
if (fix_keyblock (&keyblock))
if (fix_keyblock (ctrl, &keyblock))
modified++;
pk = keyblock->pkt->pkt.public_key;
@ -3445,7 +3451,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
if (err)
goto leave;
if (fix_keyblock (&keyblock))
if (fix_keyblock (ctrl, &keyblock))
modified++;
pk = keyblock->pkt->pkt.public_key;
@ -3470,7 +3476,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
expire += make_timestamp ();
/* Set the new expiration date. */
err = menu_expire (keyblock, 1, expire);
err = menu_expire (ctrl, keyblock, 1, expire);
if (gpg_err_code (err) == GPG_ERR_TRUE)
modified = 1;
else if (err)
@ -3487,7 +3493,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
goto leave;
}
if (update_trust)
revalidation_mark ();
revalidation_mark (ctrl);
}
else
log_info (_("Key not changed so no update needed.\n"));
@ -3756,7 +3762,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
(ulong) pk->timestamp, (ulong) pk->expiredate);
if (node->pkt->pkttype == PKT_PUBLIC_KEY
&& !(opt.fast_list_mode || opt.no_expensive_trust_checks))
es_putc (get_ownertrust_info (pk, 0), fp);
es_putc (get_ownertrust_info (ctrl, pk, 0), fp);
es_putc (':', fp);
es_putc (':', fp);
es_putc (':', fp);
@ -3771,7 +3777,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
es_putc ('a', fp);
es_putc ('\n', fp);
print_fingerprint (fp, pk, 0);
print_fingerprint (ctrl, fp, pk, 0);
print_revokers (fp, pk);
}
}
@ -3973,7 +3979,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
static int did_warn = 0;
trust = get_validity_string (ctrl, pk, NULL);
otrust = get_ownertrust_string (pk, 0);
otrust = get_ownertrust_string (ctrl, pk, 0);
/* Show a warning once */
if (!did_warn
@ -3989,7 +3995,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
if (pk->flags.revoked)
{
char *user = get_user_id_string_native (pk->revoked.keyid);
char *user = get_user_id_string_native (ctrl, pk->revoked.keyid);
tty_fprintf (fp,
_("The following key was revoked on"
" %s by %s key %s\n"),
@ -4010,10 +4016,10 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
const char *algo;
algo = gcry_pk_algo_name (pk->revkey[i].algid);
keyid_from_fingerprint (pk->revkey[i].fpr,
keyid_from_fingerprint (ctrl, pk->revkey[i].fpr,
MAX_FINGERPRINT_LEN, r_keyid);
user = get_user_id_string_native (r_keyid);
user = get_user_id_string_native (ctrl, r_keyid);
tty_fprintf (fp,
_("This key may be revoked by %s key %s"),
algo ? algo : "?", user);
@ -4147,7 +4153,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
tty_fprintf (fp, "\n");
}
if (node->pkt->pkttype == PKT_PUBLIC_KEY
&& (get_ownertrust (pk) & TRUST_FLAG_DISABLED))
&& (get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED))
{
tty_fprintf (fp, "*** ");
tty_fprintf (fp, _("This key has been disabled"));
@ -4158,7 +4164,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
if ((node->pkt->pkttype == PKT_PUBLIC_KEY
|| node->pkt->pkttype == PKT_SECRET_KEY) && with_fpr)
{
print_fingerprint (fp, pk, 2);
print_fingerprint (ctrl, fp, pk, 2);
tty_fprintf (fp, "\n");
}
}
@ -4183,7 +4189,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
secret keys and thus the printing of "pub" vs. "sec" does only
depend on the packet type and not by checking with gpg-agent. */
void
show_basic_key_info (KBNODE keyblock)
show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock)
{
KBNODE node;
int i;
@ -4209,7 +4215,7 @@ show_basic_key_info (KBNODE keyblock)
tty_printf (" ");
tty_printf (_("expires: %s"), expirestr_from_pk (pk));
tty_printf ("\n");
print_fingerprint (NULL, pk, 3);
print_fingerprint (ctrl, NULL, pk, 3);
tty_printf ("\n");
}
}
@ -4235,7 +4241,7 @@ show_basic_key_info (KBNODE keyblock)
static void
show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
show_key_and_fingerprint (ctrl_t ctrl, kbnode_t keyblock, int with_subkeys)
{
kbnode_t node;
PKT_public_key *pk = NULL;
@ -4260,7 +4266,7 @@ show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
}
tty_printf ("\n");
if (pk)
print_fingerprint (NULL, pk, 2);
print_fingerprint (ctrl, NULL, pk, 2);
if (with_subkeys)
{
for (node = keyblock; node; node = node->next)
@ -4274,7 +4280,7 @@ show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
datestr_from_pk (pk),
usagestr_from_pk (pk, 0));
print_fingerprint (NULL, pk, 4);
print_fingerprint (ctrl, NULL, pk, 4);
}
}
}
@ -4486,7 +4492,7 @@ menu_adduid (ctrl_t ctrl, kbnode_t pub_keyblock,
return 0;
}
err = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x13, 0, 0, 0,
err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x13, 0, 0, 0,
keygen_add_std_prefs, pk, NULL);
if (err)
{
@ -4549,7 +4555,7 @@ menu_deluid (KBNODE pub_keyblock)
static int
menu_delsig (KBNODE pub_keyblock)
menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock)
{
KBNODE node;
PKT_user_id *uid = NULL;
@ -4571,11 +4577,11 @@ menu_delsig (KBNODE pub_keyblock)
okay = inv_sig = no_key = other_err = 0;
if (opt.with_colons)
valid = print_and_check_one_sig_colon (pub_keyblock, node,
valid = print_and_check_one_sig_colon (ctrl, pub_keyblock, node,
&inv_sig, &no_key,
&other_err, &selfsig, 1);
else
valid = print_and_check_one_sig (pub_keyblock, node,
valid = print_and_check_one_sig (ctrl, pub_keyblock, node,
&inv_sig, &no_key, &other_err,
&selfsig, 1, 0);
@ -4631,7 +4637,7 @@ menu_delsig (KBNODE pub_keyblock)
static int
menu_clean (KBNODE keyblock, int self_only)
menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only)
{
KBNODE uidnode;
int modified = 0, select_all = !count_selected_uids (keyblock);
@ -4648,7 +4654,7 @@ menu_clean (KBNODE keyblock, int self_only)
uidnode->pkt->pkt.user_id->len,
0);
clean_one_uid (keyblock, uidnode, opt.verbose, self_only, &uids,
clean_one_uid (ctrl, keyblock, uidnode, opt.verbose, self_only, &uids,
&sigs);
if (uids)
{
@ -4849,8 +4855,8 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive)
continue;
}
print_pubkey_info (NULL, revoker_pk);
print_fingerprint (NULL, revoker_pk, 2);
print_pubkey_info (ctrl, NULL, revoker_pk);
print_fingerprint (ctrl, NULL, revoker_pk, 2);
tty_printf ("\n");
tty_printf (_("WARNING: appointing a key as a designated revoker "
@ -4868,7 +4874,7 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive)
break;
}
rc = make_keysig_packet (&sig, pk, NULL, NULL, pk, 0x1F, 0, 0, 0,
rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk, 0x1F, 0, 0, 0,
keygen_add_revkey, &revkey, NULL);
if (rc)
{
@ -4900,7 +4906,8 @@ fail:
* avoid all interactivity. Retirns 0 if nothing was done,
* GPG_ERR_TRUE if the key was modified, or any other error code. */
static gpg_error_t
menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
int force_mainkey, u32 newexpiration)
{
int signumber, rc;
u32 expiredate;
@ -4989,12 +4996,14 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
}
if (mainkey)
rc = update_keysig_packet (&newsig, sig, main_pk, uid, NULL,
rc = update_keysig_packet (ctrl,
&newsig, sig, main_pk, uid, NULL,
main_pk, keygen_add_key_expire,
main_pk);
else
rc =
update_keysig_packet (&newsig, sig, main_pk, NULL, sub_pk,
update_keysig_packet (ctrl,
&newsig, sig, main_pk, NULL, sub_pk,
main_pk, keygen_add_key_expire, sub_pk);
if (rc)
{
@ -5026,7 +5035,7 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
* be used to rectify badly created keys and as such is not suggested
* for general use. */
static int
menu_changeusage (kbnode_t keyblock)
menu_changeusage (ctrl_t ctrl, kbnode_t keyblock)
{
int n1, rc;
int mainkey = 0;
@ -5097,12 +5106,14 @@ menu_changeusage (kbnode_t keyblock)
sub_pk->pubkey_usage);
if (mainkey)
rc = update_keysig_packet (&newsig, sig, main_pk, uid, NULL,
rc = update_keysig_packet (ctrl,
&newsig, sig, main_pk, uid, NULL,
main_pk, keygen_add_key_flags,
main_pk);
else
rc =
update_keysig_packet (&newsig, sig, main_pk, NULL, sub_pk,
update_keysig_packet (ctrl,
&newsig, sig, main_pk, NULL, sub_pk,
main_pk, keygen_add_key_flags, sub_pk);
if (rc)
{
@ -5129,7 +5140,7 @@ menu_changeusage (kbnode_t keyblock)
static int
menu_backsign (KBNODE pub_keyblock)
menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock)
{
int rc, modified = 0;
PKT_public_key *main_pk;
@ -5138,7 +5149,7 @@ menu_backsign (KBNODE pub_keyblock)
log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
merge_keys_and_selfsig (pub_keyblock);
merge_keys_and_selfsig (ctrl, pub_keyblock);
main_pk = pub_keyblock->pkt->pkt.public_key;
keyid_from_pk (main_pk, NULL);
@ -5198,14 +5209,16 @@ menu_backsign (KBNODE pub_keyblock)
/* Now we can get to work. */
rc = make_backsig (sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk,
rc = make_backsig (ctrl,
sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk,
timestamp, NULL);
if (!rc)
{
PKT_signature *newsig;
PACKET *newpkt;
rc = update_keysig_packet (&newsig, sig_pk->pkt->pkt.signature,
rc = update_keysig_packet (ctrl,
&newsig, sig_pk->pkt->pkt.signature,
main_pk, NULL, sub_pk, main_pk,
NULL, NULL);
if (!rc)
@ -5268,7 +5281,7 @@ change_primary_uid_cb (PKT_signature * sig, void *opaque)
* sufficient to updated a signature during import.
*/
static int
menu_set_primary_uid (KBNODE pub_keyblock)
menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock)
{
PKT_public_key *main_pk;
PKT_user_id *uid;
@ -5357,7 +5370,7 @@ menu_set_primary_uid (KBNODE pub_keyblock)
if (action)
{
int rc = update_keysig_packet (&newsig, sig,
int rc = update_keysig_packet (ctrl, &newsig, sig,
main_pk, uid, NULL,
main_pk,
change_primary_uid_cb,
@ -5390,7 +5403,7 @@ menu_set_primary_uid (KBNODE pub_keyblock)
* Set preferences to new values for the selected user IDs
*/
static int
menu_set_preferences (KBNODE pub_keyblock)
menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock)
{
PKT_public_key *main_pk;
PKT_user_id *uid;
@ -5448,7 +5461,7 @@ menu_set_preferences (KBNODE pub_keyblock)
PACKET *newpkt;
int rc;
rc = update_keysig_packet (&newsig, sig,
rc = update_keysig_packet (ctrl, &newsig, sig,
main_pk, uid, NULL, main_pk,
keygen_upd_std_prefs, NULL);
if (rc)
@ -5475,7 +5488,7 @@ menu_set_preferences (KBNODE pub_keyblock)
static int
menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
menu_set_keyserver_url (ctrl_t ctrl, const char *url, kbnode_t pub_keyblock)
{
PKT_public_key *main_pk;
PKT_user_id *uid;
@ -5582,7 +5595,7 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
continue;
}
rc = update_keysig_packet (&newsig, sig,
rc = update_keysig_packet (ctrl, &newsig, sig,
main_pk, uid, NULL,
main_pk,
keygen_add_keyserver_url, uri);
@ -5612,8 +5625,9 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
return modified;
}
static int
menu_set_notation (const char *string, KBNODE pub_keyblock)
menu_set_notation (ctrl_t ctrl, const char *string, KBNODE pub_keyblock)
{
PKT_public_key *main_pk;
PKT_user_id *uid;
@ -5781,7 +5795,7 @@ menu_set_notation (const char *string, KBNODE pub_keyblock)
_("Proceed? (y/N) "))))
continue;
rc = update_keysig_packet (&newsig, sig,
rc = update_keysig_packet (ctrl, &newsig, sig,
main_pk, uid, NULL,
main_pk,
keygen_add_notations, notation);
@ -6140,7 +6154,7 @@ real_uids_left (KBNODE keyblock)
* flag bit MARK_A is set on the signature and the user ID.
*/
static void
ask_revoke_sig (KBNODE keyblock, KBNODE node)
ask_revoke_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node)
{
int doit = 0;
PKT_user_id *uid;
@ -6167,8 +6181,8 @@ ask_revoke_sig (KBNODE keyblock, KBNODE node)
es_printf ("\n");
print_and_check_one_sig_colon (keyblock, node, NULL, NULL, NULL, NULL,
1);
print_and_check_one_sig_colon (ctrl, keyblock, node,
NULL, NULL, NULL, NULL, 1);
}
else
{
@ -6210,7 +6224,7 @@ ask_revoke_sig (KBNODE keyblock, KBNODE node)
* Return: True when the keyblock has changed.
*/
static int
menu_revsig (KBNODE keyblock)
menu_revsig (ctrl_t ctrl, kbnode_t keyblock)
{
PKT_signature *sig;
PKT_public_key *primary_pk;
@ -6302,7 +6316,7 @@ menu_revsig (KBNODE keyblock)
{
if (!(node->flag & NODFLG_SELSIG))
continue;
ask_revoke_sig (keyblock, node);
ask_revoke_sig (ctrl, keyblock, node);
}
/* present selected */
@ -6368,13 +6382,13 @@ reloop: /* (must use this, because we are modifing the list) */
node->flag &= ~NODFLG_MARK_A;
signerkey = xmalloc_secure_clear (sizeof *signerkey);
if (get_seckey (signerkey, node->pkt->pkt.signature->keyid))
if (get_seckey (ctrl, signerkey, node->pkt->pkt.signature->keyid))
{
log_info (_("no secret key\n"));
free_public_key (signerkey);
continue;
}
rc = make_keysig_packet (&sig, primary_pk,
rc = make_keysig_packet (ctrl, &sig, primary_pk,
unode->pkt->pkt.user_id,
NULL, signerkey, 0x30, 0, 0, 0,
sign_mk_attrib, &attrib, NULL);
@ -6459,7 +6473,7 @@ core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
mksubpkt argument to make_keysig_packet */
attrib.reason = (struct revocation_reason_info *)reason;
rc = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x30, 0,
rc = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x30, 0,
timestamp, 0,
sign_mk_attrib, &attrib, NULL);
if (rc)
@ -6569,7 +6583,7 @@ leave:
* Revoke the whole key.
*/
static int
menu_revkey (KBNODE pub_keyblock)
menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock)
{
PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
int rc, changed = 0;
@ -6588,7 +6602,7 @@ menu_revkey (KBNODE pub_keyblock)
if (!reason)
return 0;
rc = make_keysig_packet (&sig, pk, NULL, NULL, pk,
rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk,
0x20, 0, 0, 0,
revocation_reason_build_cb, reason, NULL);
if (rc)
@ -6615,7 +6629,7 @@ menu_revkey (KBNODE pub_keyblock)
static int
menu_revsubkey (KBNODE pub_keyblock)
menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock)
{
PKT_public_key *mainpk;
KBNODE node;
@ -6650,7 +6664,7 @@ menu_revsubkey (KBNODE pub_keyblock)
attrib.reason = reason;
node->flag &= ~NODFLG_SELKEY;
rc = make_keysig_packet (&sig, mainpk, NULL, subpk, mainpk,
rc = make_keysig_packet (ctrl, &sig, mainpk, NULL, subpk, mainpk,
0x28, 0, 0, 0, sign_mk_attrib, &attrib,
NULL);
if (rc)
@ -6686,19 +6700,19 @@ menu_revsubkey (KBNODE pub_keyblock)
not worth adding extra complexity to change. -ds */
#ifndef NO_TRUST_MODELS
static int
enable_disable_key (KBNODE keyblock, int disable)
enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable)
{
PKT_public_key *pk =
find_kbnode (keyblock, PKT_PUBLIC_KEY)->pkt->pkt.public_key;
unsigned int trust, newtrust;
trust = newtrust = get_ownertrust (pk);
trust = newtrust = get_ownertrust (ctrl, pk);
newtrust &= ~TRUST_FLAG_DISABLED;
if (disable)
newtrust |= TRUST_FLAG_DISABLED;
if (trust == newtrust)
return 0; /* already in that state */
update_ownertrust (pk, newtrust);
update_ownertrust (ctrl, pk, newtrust);
return 0;
}
#endif /*!NO_TRUST_MODELS*/

46
g10/keygen.c
View File

@ -843,7 +843,7 @@ keygen_add_revkey (PKT_signature *sig, void *opaque)
/* Create a back-signature. If TIMESTAMP is not NULL, use it for the
signature creation time. */
gpg_error_t
make_backsig (PKT_signature *sig, PKT_public_key *pk,
make_backsig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pk,
PKT_public_key *sub_pk, PKT_public_key *sub_psk,
u32 timestamp, const char *cache_nonce)
{
@ -852,7 +852,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
cache_public_key (sub_pk);
err = make_keysig_packet (&backsig, pk, NULL, sub_pk, sub_psk, 0x19,
err = make_keysig_packet (ctrl, &backsig, pk, NULL, sub_pk, sub_psk, 0x19,
0, timestamp, 0, NULL, NULL, cache_nonce);
if (err)
log_error ("make_keysig_packet failed for backsig: %s\n",
@ -936,7 +936,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
PSK. REVKEY is describes the direct key signature and TIMESTAMP is
the timestamp to set on the signature. */
static gpg_error_t
write_direct_sig (KBNODE root, PKT_public_key *psk,
write_direct_sig (ctrl_t ctrl, kbnode_t root, PKT_public_key *psk,
struct revocation_key *revkey, u32 timestamp,
const char *cache_nonce)
{
@ -960,7 +960,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk,
cache_public_key (pk);
/* Make the signature. */
err = make_keysig_packet (&sig, pk, NULL,NULL, psk, 0x1F,
err = make_keysig_packet (ctrl, &sig, pk, NULL,NULL, psk, 0x1F,
0, timestamp, 0,
keygen_add_revkey, revkey, cache_nonce);
if (err)
@ -982,7 +982,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk,
PSK. USE and TIMESTAMP give the extra data we need for the
signature. */
static gpg_error_t
write_selfsigs (KBNODE root, PKT_public_key *psk,
write_selfsigs (ctrl_t ctrl, kbnode_t root, PKT_public_key *psk,
unsigned int use, u32 timestamp, const char *cache_nonce)
{
gpg_error_t err;
@ -1015,7 +1015,7 @@ write_selfsigs (KBNODE root, PKT_public_key *psk,
cache_public_key (pk);
/* Make the signature. */
err = make_keysig_packet (&sig, pk, uid, NULL, psk, 0x13,
err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, psk, 0x13,
0, timestamp, 0,
keygen_add_std_prefs, pk, cache_nonce);
if (err)
@ -1038,7 +1038,8 @@ write_selfsigs (KBNODE root, PKT_public_key *psk,
SUB_PSK is a key used to create a back-signature; that one is only
used if USE has the PUBKEY_USAGE_SIG capability. */
static int
write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
write_keybinding (ctrl_t ctrl, kbnode_t root,
PKT_public_key *pri_psk, PKT_public_key *sub_psk,
unsigned int use, u32 timestamp, const char *cache_nonce)
{
gpg_error_t err;
@ -1074,7 +1075,7 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
/* Make the signature. */
oduap.usage = use;
oduap.pk = sub_pk;
err = make_keysig_packet (&sig, pri_pk, NULL, sub_pk, pri_psk, 0x18,
err = make_keysig_packet (ctrl, &sig, pri_pk, NULL, sub_pk, pri_psk, 0x18,
0, timestamp, 0,
keygen_add_key_flags_and_expire, &oduap,
cache_nonce);
@ -1087,7 +1088,8 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
/* Make a backsig. */
if (use & PUBKEY_USAGE_SIG)
{
err = make_backsig (sig, pri_pk, sub_pk, sub_psk, timestamp, cache_nonce);
err = make_backsig (ctrl,
sig, pri_pk, sub_pk, sub_psk, timestamp, cache_nonce);
if (err)
return err;
}
@ -4667,12 +4669,13 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
}
if (!err && (revkey = get_parameter_revkey (para, pREVOKER)))
err = write_direct_sig (pub_root, pri_psk, revkey, timestamp, cache_nonce);
err = write_direct_sig (ctrl, pub_root, pri_psk,
revkey, timestamp, cache_nonce);
if (!err && (s = get_parameter_value (para, pUSERID)))
{
write_uid (pub_root, s );
err = write_selfsigs (pub_root, pri_psk,
err = write_selfsigs (ctrl, pub_root, pri_psk,
get_parameter_uint (para, pKEYUSAGE), timestamp,
cache_nonce);
}
@ -4690,7 +4693,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
0, pub_root, &timestamp,
get_parameter_u32 (para, pKEYEXPIRE));
if (!err)
err = write_keybinding (pub_root, pri_psk, NULL,
err = write_keybinding (ctrl, pub_root, pri_psk, NULL,
PUBKEY_USAGE_AUTH, timestamp, cache_nonce);
}
@ -4732,7 +4735,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
}
if (!err)
err = write_keybinding (pub_root, pri_psk, sub_psk,
err = write_keybinding (ctrl, pub_root, pri_psk, sub_psk,
get_parameter_uint (para, pSUBKEYUSAGE),
timestamp, cache_nonce);
did_sub = 1;
@ -4791,10 +4794,11 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
keyid_from_pk (pk, pk->main_keyid);
register_trusted_keyid (pk->main_keyid);
update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK)
| TRUST_ULTIMATE ));
update_ownertrust (ctrl, pk,
((get_ownertrust (ctrl, pk) & ~TRUST_MASK)
| TRUST_ULTIMATE ));
gen_standard_revoke (pk, cache_nonce);
gen_standard_revoke (ctrl, pk, cache_nonce);
/* Get rid of the first empty packet. */
commit_kbnode (&pub_root);
@ -4803,7 +4807,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
{
tty_printf (_("public and secret key created and signed.\n") );
tty_printf ("\n");
merge_keys_and_selfsig (pub_root);
merge_keys_and_selfsig (ctrl, pub_root);
list_keyblock_direct (ctrl, pub_root, 0, 1, 1, 1);
}
@ -5033,7 +5037,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
* nonce, which we can use to set the passphrase for the subkey to
* that of the primary key. */
{
char *desc = gpg_format_keydesc (pri_psk, FORMAT_KEYDESC_NORMAL, 1);
char *desc = gpg_format_keydesc (ctrl, pri_psk, FORMAT_KEYDESC_NORMAL, 1);
err = agent_passwd (ctrl, hexgrip, desc, 1 /*=verify*/,
&cache_nonce, &passwd_nonce);
xfree (desc);
@ -5071,7 +5075,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
sub_psk = node->pkt->pkt.public_key;
/* Write the binding signature. */
err = write_keybinding (keyblock, pri_psk, sub_psk, use, cur_time,
err = write_keybinding (ctrl, keyblock, pri_psk, sub_psk, use, cur_time,
cache_nonce);
if (err)
goto leave;
@ -5095,7 +5099,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
#ifdef ENABLE_CARD_SUPPORT
/* Generate a subkey on a card. */
gpg_error_t
generate_card_subkeypair (kbnode_t pub_keyblock,
generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock,
int keyno, const char *serialno)
{
gpg_error_t err = 0;
@ -5186,7 +5190,7 @@ generate_card_subkeypair (kbnode_t pub_keyblock,
if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
sub_pk = node->pkt->pkt.public_key;
log_assert (sub_pk);
err = write_keybinding (pub_keyblock, pri_pk, sub_pk,
err = write_keybinding (ctrl, pub_keyblock, pri_pk, sub_pk,
use, cur_time, NULL);
}

5
g10/keyid.c
View File

@ -538,7 +538,8 @@ keyid_from_pk (PKT_public_key *pk, u32 *keyid)
* keys, but has to do a keylookup for old stayle keys.
*/
u32
keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid )
keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint,
size_t fprint_len, u32 *keyid)
{
u32 dummy_keyid[2];
@ -552,7 +553,7 @@ keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid )
int rc;
memset (&pk, 0, sizeof pk);
rc = get_pubkey_byfprint (&pk, NULL, fprint, fprint_len);
rc = get_pubkey_byfprint (ctrl, &pk, NULL, fprint, fprint_len);
if( rc )
{
log_error("Oops: keyid_from_fingerprint: no pubkey\n");

61
g10/keylist.c
View File

@ -92,7 +92,7 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
byte trust_model, marginals, completes, cert_depth, min_cert_level;
ulong created, nextcheck;
read_trust_options (&trust_model, &created, &nextcheck,
read_trust_options (ctrl, &trust_model, &created, &nextcheck,
&marginals, &completes, &cert_depth, &min_cert_level);
es_fprintf (es_stdout, "tru:");
@ -164,7 +164,7 @@ secret_key_list (ctrl_t ctrl, strlist_t list)
}
char *
format_seckey_info (PKT_public_key *pk)
format_seckey_info (ctrl_t ctrl, PKT_public_key *pk)
{
u32 keyid[2];
char *p;
@ -172,7 +172,7 @@ format_seckey_info (PKT_public_key *pk)
char *info;
keyid_from_pk (pk, keyid);
p = get_user_id_native (keyid);
p = get_user_id_native (ctrl, keyid);
info = xtryasprintf ("sec %s/%s %s %s",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
@ -184,9 +184,9 @@ format_seckey_info (PKT_public_key *pk)
}
void
print_seckey_info (PKT_public_key *pk)
print_seckey_info (ctrl_t ctrl, PKT_public_key *pk)
{
char *p = format_seckey_info (pk);
char *p = format_seckey_info (ctrl, pk);
tty_printf ("\n%s\n", p);
xfree (p);
}
@ -195,7 +195,7 @@ print_seckey_info (PKT_public_key *pk)
the tty output interface is used, otherwise output is directted to
the given stream. */
void
print_pubkey_info (estream_t fp, PKT_public_key *pk)
print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk)
{
u32 keyid[2];
char *p;
@ -208,7 +208,7 @@ print_pubkey_info (estream_t fp, PKT_public_key *pk)
if (pk->user_id)
p = utf8_to_native (pk->user_id->name, pk->user_id->len, 0);
else
p = get_user_id_native (keyid);
p = get_user_id_native (ctrl, keyid);
if (fp)
tty_printf ("\n");
@ -553,7 +553,7 @@ list_all (ctrl_t ctrl, int secret, int mark_secret)
lastresname = resname;
}
}
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
list_keyblock (ctrl, keyblock, secret, any_secret, opt.fingerprint,
&listctx);
}
@ -604,7 +604,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
* functions) or to have the search function return indicators for
* found names. Yet another way is to use the keydb search
* facilities directly. */
rc = getkey_bynames (&ctx, NULL, names, secret, &keyblock);
rc = getkey_bynames (ctrl, &ctx, NULL, names, secret, &keyblock);
if (rc)
{
log_error ("error reading key: %s\n", gpg_strerror (rc));
@ -626,7 +626,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
keyblock, secret, mark_secret, opt.fingerprint, &listctx);
release_kbnode (keyblock);
}
while (!getkey_next (ctx, NULL, &keyblock));
while (!getkey_next (ctrl, ctx, NULL, &keyblock));
getkey_end (ctx);
if (opt.check_sigs && !opt.with_colons)
@ -667,7 +667,7 @@ locate_one (ctrl_t ctrl, strlist_t names)
list_keyblock (ctrl, keyblock, 0, 0, opt.fingerprint, &listctx);
release_kbnode (keyblock);
}
while (ctx && !getkey_next (ctx, NULL, &keyblock));
while (ctx && !getkey_next (ctrl, ctx, NULL, &keyblock));
getkey_end (ctx);
ctx = NULL;
}
@ -696,7 +696,7 @@ print_key_data (PKT_public_key * pk)
}
static void
print_capabilities (PKT_public_key *pk, KBNODE keyblock)
print_capabilities (ctrl_t ctrl, PKT_public_key *pk, KBNODE keyblock)
{
unsigned int use = pk->pubkey_usage;
int c_printed = 0;
@ -907,10 +907,10 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
check_trustdb_stale (ctrl);
/* Print the "pub" line and in KF_NONE mode the fingerprint. */
print_key_line (es_stdout, pk, secret);
print_key_line (ctrl, es_stdout, pk, secret);
if (fpr)
print_fingerprint (NULL, pk, 0);
print_fingerprint (ctrl, NULL, pk, 0);
if (opt.with_keygrip && hexgrip)
es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
@ -1020,10 +1020,10 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
}
/* Print the "sub" line. */
print_key_line (es_stdout, pk2, secret);
print_key_line (ctrl, es_stdout, pk2, secret);
if (fpr > 1 || opt.with_subkey_fingerprint)
{
print_fingerprint (NULL, pk2, 0);
print_fingerprint (ctrl, NULL, pk2, 0);
if (serialno)
print_card_serialno (serialno);
}
@ -1041,7 +1041,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
if (listctx->check_sigs)
{
rc = check_key_signature (keyblock, node, NULL);
rc = check_key_signature (ctrl, keyblock, node, NULL);
switch (gpg_err_code (rc))
{
case 0:
@ -1113,7 +1113,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
else if (!opt.fast_list_mode)
{
size_t n;
char *p = get_user_id (sig->keyid, &n);
char *p = get_user_id (ctrl, sig->keyid, &n);
print_utf8_buffer (es_stdout, p, n);
xfree (p);
}
@ -1261,7 +1261,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
}
if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
ownertrust_print = get_ownertrust_info (pk, 0);
ownertrust_print = get_ownertrust_info (ctrl, pk, 0);
else
ownertrust_print = 0;
@ -1282,7 +1282,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
es_putc (':', es_stdout);
es_putc (':', es_stdout);
print_capabilities (pk, keyblock);
print_capabilities (ctrl, pk, keyblock);
es_putc (':', es_stdout); /* End of field 13. */
es_putc (':', es_stdout); /* End of field 14. */
if (secret || has_secret)
@ -1314,7 +1314,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
es_putc ('\n', es_stdout);
print_revokers (es_stdout, pk);
print_fingerprint (NULL, pk, 0);
print_fingerprint (ctrl, NULL, pk, 0);
if (hexgrip)
es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
if (opt.with_key_data)
@ -1419,7 +1419,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
(ulong) keyid2[0], (ulong) keyid2[1],
colon_datestr_from_pk (pk2),
colon_strtime (pk2->expiredate));
print_capabilities (pk2, NULL);
print_capabilities (ctrl, pk2, NULL);
es_putc (':', es_stdout); /* End of field 13. */
es_putc (':', es_stdout); /* End of field 14. */
if (secret || has_secret)
@ -1448,7 +1448,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
print_compliance_flags (pk2, keylength, curvename);
es_putc (':', es_stdout); /* End of field 18. */
es_putc ('\n', es_stdout);
print_fingerprint (NULL, pk2, 0);
print_fingerprint (ctrl, NULL, pk2, 0);
if (hexgrip)
es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
if (opt.with_key_data)
@ -1488,7 +1488,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
if (opt.no_sig_cache)
signer_pk = xmalloc_clear (sizeof (PKT_public_key));
rc = check_key_signature2 (keyblock, node, NULL, signer_pk,
rc = check_key_signature2 (ctrl, keyblock, node, NULL, signer_pk,
NULL, NULL, NULL);
switch (gpg_err_code (rc))
{
@ -1524,7 +1524,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
}
if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
siguid = get_user_id (sig->keyid, &siguidlen);
siguid = get_user_id (ctrl, sig->keyid, &siguidlen);
else
{
siguid = NULL;
@ -1697,7 +1697,8 @@ print_icao_hexdigit (estream_t fp, int c)
* of es_stdout or instead of the TTY in modes 2 and 3.
*/
void
print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
print_fingerprint (ctrl_t ctrl, estream_t override_fp,
PKT_public_key *pk, int mode)
{
char hexfpr[2*MAX_FINGERPRINT_LEN+1];
char *p;
@ -1742,8 +1743,8 @@ print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
if (!primary && (mode == 1 || mode == 2))
{
PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk));
get_pubkey (primary_pk, pk->main_keyid);
print_fingerprint (override_fp, primary_pk, (mode | 0x80));
get_pubkey (ctrl, primary_pk, pk->main_keyid);
print_fingerprint (ctrl, override_fp, primary_pk, (mode | 0x80));
free_public_key (primary_pk);
}
@ -1864,7 +1865,7 @@ print_card_serialno (const char *serialno)
* 3 := '>' Secret key is on a token.
*/
void
print_key_line (estream_t fp, PKT_public_key *pk, int secret)
print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret)
{
char pkstrbuf[PUBKEY_STRING_SIZE];
@ -1919,7 +1920,7 @@ print_key_line (estream_t fp, PKT_public_key *pk, int secret)
fingerprints, show compact fpr of primary key: */
if (pk->flags.primary &&
!opt.fingerprint && !opt.with_fingerprint)
print_fingerprint (fp, pk, 20);
print_fingerprint (ctrl, fp, pk, 20);
}

4
g10/keyring.c
View File

@ -1404,7 +1404,7 @@ write_keyblock (IOBUF fp, KBNODE keyblock)
* This is only done for the public keyrings.
*/
int
keyring_rebuild_cache (void *token,int noisy)
keyring_rebuild_cache (ctrl_t ctrl, void *token, int noisy)
{
KEYRING_HANDLE hd;
KEYDB_SEARCH_DESC desc;
@ -1521,7 +1521,7 @@ keyring_rebuild_cache (void *token,int noisy)
|| openpgp_pk_test_algo(sig->pubkey_algo)))
sig->flags.checked=sig->flags.valid=0;
else
check_key_signature (keyblock, node, NULL);
check_key_signature (ctrl, keyblock, node, NULL);
sigcount++;
}

2
g10/keyring.h
View File

@ -40,6 +40,6 @@ int keyring_delete_keyblock (KEYRING_HANDLE hd);
int keyring_search_reset (KEYRING_HANDLE hd);
int keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc,
size_t ndesc, size_t *descindex, int skip_legacy);
int keyring_rebuild_cache (void *token,int noisy);
int keyring_rebuild_cache (ctrl_t ctrl, void *token,int noisy);
#endif /*GPG_KEYRING_H*/

14
g10/keyserver.c
View File

@ -468,7 +468,7 @@ parse_preferred_keyserver(PKT_signature *sig)
}
static void
print_keyrec(int number,struct keyrec *keyrec)
print_keyrec (ctrl_t ctrl, int number,struct keyrec *keyrec)
{
int i;
@ -522,7 +522,7 @@ print_keyrec(int number,struct keyrec *keyrec)
case KEYDB_SEARCH_MODE_FPR20:
{
u32 kid[2];
keyid_from_fingerprint(keyrec->desc.u.fpr,20,kid);
keyid_from_fingerprint (ctrl, keyrec->desc.u.fpr,20,kid);
es_printf("key %s",keystr(kid));
}
break;
@ -960,7 +960,7 @@ search_line_handler (void *opaque, int special, char *line)
parm->numlines = 0;
}
print_keyrec (parm->nkeys+1, keyrec);
print_keyrec (parm->ctrl, parm->nkeys+1, keyrec);
}
parm->numlines += keyrec->lines;
@ -1196,9 +1196,11 @@ keyserver_import_keyid (ctrl_t ctrl,
return keyserver_get (ctrl, &desc, 1, keyserver, quick, NULL, NULL);
}
/* code mostly stolen from do_export_stream */
static int
keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
keyidlist (ctrl_t ctrl, strlist_t users, KEYDB_SEARCH_DESC **klist,
int *count, int fakev3)
{
int rc = 0;
int num = 100;
@ -1318,7 +1320,7 @@ keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
PKT_user_id *uid=NULL;
PKT_signature *sig=NULL;
merge_keys_and_selfsig(keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
for(node=node->next;node;node=node->next)
{
@ -1401,7 +1403,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
fakev3=1;
err = keyidlist (users, &desc, &numdesc, fakev3);
err = keyidlist (ctrl, users, &desc, &numdesc, fakev3);
if (err)
return err;

59
g10/main.h
View File

@ -54,6 +54,7 @@
typedef struct
{
ctrl_t ctrl;
int header_okay;
PK_LIST pk_list;
DEK *symkey_dek;
@ -237,12 +238,12 @@ void encrypt_crypt_files (ctrl_t ctrl,
int encrypt_filter (void *opaque, int control,
iobuf_t a, byte *buf, size_t *ret_len);
int write_pubkey_enc (PKT_public_key *pk, int throw_keyid,
int write_pubkey_enc (ctrl_t ctrl, PKT_public_key *pk, int throw_keyid,
DEK *dek, iobuf_t out);
/*-- sign.c --*/
int complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
const char *cache_nonce);
int complete_sig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pksk,
gcry_md_hd_t md, const char *cache_nonce);
int sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
int do_encrypt, strlist_t remusr, const char *outfile );
int clearsign_file (ctrl_t ctrl,
@ -254,7 +255,7 @@ int sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr);
/* SIG is a revocation signature. Check if any of PK's designated
revokers generated it. If so, return 0. Note: this function
(correctly) doesn't care if the designated revoker is revoked. */
int check_revocation_keys (PKT_public_key *pk, PKT_signature *sig);
int check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig);
/* Check that the backsig BACKSIG from the subkey SUB_PK to its
primary key MAIN_PK is valid. */
int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
@ -262,13 +263,14 @@ int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
/* Check that the signature SIG over a key (e.g., a key binding or a
key revocation) is valid. (To check signatures over data, use
check_signature.) */
int check_key_signature( KBNODE root, KBNODE sig, int *is_selfsig );
int check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t sig,
int *is_selfsig );
/* Like check_key_signature, but with the ability to specify some
additional parameters and get back additional information. See the
documentation for the implementation for details. */
int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
PKT_public_key *ret_pk, int *is_selfsig,
u32 *r_expiredate, int *r_expired );
int check_key_signature2 (ctrl_t ctrl, kbnode_t root, kbnode_t node,
PKT_public_key *check_pk, PKT_public_key *ret_pk,
int *is_selfsig, u32 *r_expiredate, int *r_expired);
/* Returns whether SIGNER generated the signature SIG over the packet
PACKET, which is a key, subkey or uid, and comes from the key block
@ -276,7 +278,8 @@ int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
SIG. If not NULL, sets *IS_SELFSIG to indicate whether the
signature is a self-signature and *RET_PK to a copy of the signer's
key. */
gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer,
gpg_error_t check_signature_over_key_or_uid (ctrl_t ctrl,
PKT_public_key *signer,
PKT_signature *sig,
KBNODE kb, PACKET *packet,
int *is_selfsig,
@ -284,7 +287,8 @@ gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer,
/*-- delkey.c --*/
gpg_error_t delete_keys (strlist_t names, int secret, int allow_both);
gpg_error_t delete_keys (ctrl_t ctrl,
strlist_t names, int secret, int allow_both);
/*-- keyedit.c --*/
void keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
@ -302,7 +306,7 @@ void keyedit_quick_set_expire (ctrl_t ctrl,
const char *fpr, const char *expirestr);
void keyedit_quick_set_primary (ctrl_t ctrl, const char *username,
const char *primaryuid);
void show_basic_key_info (KBNODE keyblock);
void show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock);
/*-- keygen.c --*/
const char *get_default_pubkey_algo (void);
@ -323,7 +327,8 @@ int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
int keygen_add_keyserver_url(PKT_signature *sig, void *opaque);
int keygen_add_notations(PKT_signature *sig,void *opaque);
int keygen_add_revkey(PKT_signature *sig, void *opaque);
gpg_error_t make_backsig (PKT_signature *sig, PKT_public_key *pk,
gpg_error_t make_backsig (ctrl_t ctrl,
PKT_signature *sig, PKT_public_key *pk,
PKT_public_key *sub_pk, PKT_public_key *sub_psk,
u32 timestamp, const char *cache_nonce);
gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock,
@ -331,7 +336,7 @@ gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock,
const char *usagestr,
const char *expirestr);
#ifdef ENABLE_CARD_SUPPORT
gpg_error_t generate_card_subkeypair (kbnode_t pub_keyblock,
gpg_error_t generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock,
int keyno, const char *serialno);
#endif
@ -382,6 +387,13 @@ gpg_error_t import_old_secring (ctrl_t ctrl, const char *fname);
import_stats_t import_new_stats_handle (void);
void import_release_stats_handle (import_stats_t hd);
void import_print_stats (import_stats_t hd);
/* Communication for impex_filter_getval */
struct impex_filter_parm_s
{
ctrl_t ctrl;
kbnode_t node;
};
const char *impex_filter_getval (void *cookie, const char *propname);
gpg_error_t transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
kbnode_t sec_keyblock, int batch, int force);
@ -430,8 +442,10 @@ int enarmor_file( const char *fname );
/*-- revoke.c --*/
struct revocation_reason_info;
int gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce);
int gen_revoke( const char *uname );
int gen_standard_revoke (ctrl_t ctrl,
PKT_public_key *psk, const char *cache_nonce);
int gen_revoke (ctrl_t ctrl, const char *uname);
int gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr);
int revocation_reason_build_cb( PKT_signature *sig, void *opaque );
struct revocation_reason_info *
@ -446,18 +460,19 @@ void print_subpackets_colon(PKT_signature *sig);
void reorder_keyblock (KBNODE keyblock);
void list_keyblock_direct (ctrl_t ctrl, kbnode_t keyblock, int secret,
int has_secret, int fpr, int no_validity);
void print_fingerprint (estream_t fp, PKT_public_key *pk, int mode);
void print_fingerprint (ctrl_t ctrl, estream_t fp,
PKT_public_key *pk, int mode);
void print_revokers (estream_t fp, PKT_public_key *pk);
void show_policy_url(PKT_signature *sig,int indent,int mode);
void show_keyserver_url(PKT_signature *sig,int indent,int mode);
void show_notation(PKT_signature *sig,int indent,int mode,int which);
void dump_attribs (const PKT_user_id *uid, PKT_public_key *pk);
void set_attrib_fd(int fd);
char *format_seckey_info (PKT_public_key *pk);
void print_seckey_info (PKT_public_key *pk);
void print_pubkey_info (estream_t fp, PKT_public_key *pk);
char *format_seckey_info (ctrl_t ctrl, PKT_public_key *pk);
void print_seckey_info (ctrl_t ctrl, PKT_public_key *pk);
void print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk);
void print_card_key_info (estream_t fp, KBNODE keyblock);
void print_key_line (estream_t fp, PKT_public_key *pk, int secret);
void print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret);
/*-- verify.c --*/
void print_file_status( int status, const char *name, int what );
@ -485,9 +500,9 @@ gpg_error_t gpg_proxy_pinentry_notify (ctrl_t ctrl,
#ifdef ENABLE_CARD_SUPPORT
/*-- card-util.c --*/
void change_pin (int no, int allow_admin);
void card_status (estream_t fp, const char *serialno);
void card_status (ctrl_t ctrl, estream_t fp, const char *serialno);
void card_edit (ctrl_t ctrl, strlist_t commands);
gpg_error_t card_generate_subkey (KBNODE pub_keyblock);
gpg_error_t card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock);
int card_store_subkey (KBNODE node, int use);
#endif

30
g10/mainproc.c
View File

@ -465,7 +465,7 @@ proc_pubkey_enc (ctrl_t ctrl, CTX c, PACKET *pkt)
* not decrypt.
*/
static void
print_pkenc_list (struct kidlist_item *list, int failed)
print_pkenc_list (ctrl_t ctrl, struct kidlist_item *list, int failed)
{
for (; list; list = list->next)
{
@ -483,13 +483,13 @@ print_pkenc_list (struct kidlist_item *list, int failed)
if (!algstr)
algstr = "[?]";
pk->pubkey_algo = list->pubkey_algo;
if (!get_pubkey (pk, list->kid))
if (!get_pubkey (ctrl, pk, list->kid))
{
char *p;
log_info (_("encrypted with %u-bit %s key, ID %s, created %s\n"),
nbits_from_pk (pk), algstr, keystr_from_pk(pk),
strtimestamp (pk->timestamp));
p = get_user_id_native (list->kid);
p = get_user_id_native (ctrl, list->kid);
log_printf (_(" \"%s\"\n"), p);
xfree (p);
}
@ -530,8 +530,8 @@ proc_encrypted (CTX c, PACKET *pkt)
log_info (_("encrypted with %lu passphrases\n"), c->symkeys);
else if (c->symkeys == 1)
log_info (_("encrypted with 1 passphrase\n"));
print_pkenc_list ( c->pkenc_list, 1 );
print_pkenc_list ( c->pkenc_list, 0 );
print_pkenc_list (c->ctrl, c->pkenc_list, 1 );
print_pkenc_list (c->ctrl, c->pkenc_list, 0 );
}
/* FIXME: Figure out the session key by looking at all pkenc packets. */
@ -916,7 +916,7 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
if (c->list->pkt->pkttype == PKT_PUBLIC_KEY
|| c->list->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
return check_key_signature( c->list, node, is_selfsig );
return check_key_signature (c->ctrl, c->list, node, is_selfsig);
}
else if (sig->sig_class == 0x20)
{
@ -935,14 +935,14 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
/* We only get here if we are checking the signature of a binary
(0x00) or text document (0x01). */
rc = check_signature2 (sig, md, NULL, is_expkey, is_revkey, r_pk);
rc = check_signature2 (c->ctrl, sig, md, NULL, is_expkey, is_revkey, r_pk);
if (! rc)
md_good = md;
else if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE && md2)
{
PKT_public_key *pk2;
rc = check_signature2 (sig, md2, NULL, is_expkey, is_revkey,
rc = check_signature2 (c->ctrl, sig, md2, NULL, is_expkey, is_revkey,
r_pk? &pk2 : NULL);
if (!rc)
{
@ -1032,19 +1032,19 @@ list_node (CTX c, kbnode_t node)
colon_datestr_from_pk( pk ),
colon_strtime (pk->expiredate) );
if (pk->flags.primary && !opt.fast_list_mode)
es_putc (get_ownertrust_info (pk, 1), es_stdout);
es_putc (get_ownertrust_info (c->ctrl, pk, 1), es_stdout);
es_putc (':', es_stdout);
es_putc ('\n', es_stdout);
}
else
{
print_key_line (es_stdout, pk, 0);
print_key_line (c->ctrl, es_stdout, pk, 0);
}
if (opt.keyid_format == KF_NONE && !opt.with_colons)
; /* Already printed. */
else if ((pk->flags.primary && opt.fingerprint) || opt.fingerprint > 1)
print_fingerprint (NULL, pk, 0);
print_fingerprint (c->ctrl, NULL, pk, 0);
if (pk->flags.primary)
{
@ -1165,7 +1165,7 @@ list_node (CTX c, kbnode_t node)
}
else if (!opt.fast_list_mode)
{
p = get_user_id (sig->keyid, &n);
p = get_user_id (c->ctrl, sig->keyid, &n);
es_write_sanitized (es_stdout, p, n,
opt.with_colons?":":NULL, NULL );
xfree (p);
@ -1928,7 +1928,7 @@ check_sig_and_print (CTX c, kbnode_t node)
* keyboock has already been fetched. Thus we could use the
* fingerprint or PK itself to lookup the entire keyblock. That
* would best be done with a cache. */
keyblock = get_pubkeyblock (sig->keyid);
keyblock = get_pubkeyblock (c->ctrl, sig->keyid);
snprintf (keyid_str, sizeof keyid_str, "%08lX%08lX [uncertain] ",
(ulong)sig->keyid[0], (ulong)sig->keyid[1]);
@ -2254,12 +2254,12 @@ proc_tree (CTX c, kbnode_t node)
if (node->pkt->pkttype == PKT_PUBLIC_KEY
|| node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
merge_keys_and_selfsig (node);
merge_keys_and_selfsig (c->ctrl, node);
list_node (c, node);
}
else if (node->pkt->pkttype == PKT_SECRET_KEY)
{
merge_keys_and_selfsig (node);
merge_keys_and_selfsig (c->ctrl, node);
list_node (c, node);
}
else if (node->pkt->pkttype == PKT_ONEPASS_SIG)

13
g10/packet.h
View File

@ -428,7 +428,7 @@ typedef struct
there is no disable value cached, fill one in. */
#define pk_is_disabled(a) \
(((a)->flags.disabled_valid)? \
((a)->flags.disabled):(cache_disabled_value((a))))
((a)->flags.disabled):(cache_disabled_value(ctrl,(a))))
typedef struct {
@ -853,14 +853,15 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b );
/*-- sig-check.c --*/
/* Check a signature. This is shorthand for check_signature2 with
the unnamed arguments passed as NULL. */
int check_signature (PKT_signature *sig, gcry_md_hd_t digest);
int check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest);
/* Check a signature. Looks up the public key from the key db. (If
* R_PK is not NULL, it is stored at RET_PK.) DIGEST contains a
* valid hash context that already includes the signed data. This
* function adds the relevant meta-data to the hash before finalizing
* it and verifying the signature. */
gpg_error_t check_signature2 (PKT_signature *sig, gcry_md_hd_t digest,
gpg_error_t check_signature2 (ctrl_t ctrl,
PKT_signature *sig, gcry_md_hd_t digest,
u32 *r_expiredate, int *r_expired, int *r_revoked,
PKT_public_key **r_pk);
@ -885,14 +886,16 @@ int ask_for_detached_datafile( gcry_md_hd_t md, gcry_md_hd_t md2,
const char *inname, int textmode );
/*-- sign.c --*/
int make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
int make_keysig_packet (ctrl_t ctrl,
PKT_signature **ret_sig, PKT_public_key *pk,
PKT_user_id *uid, PKT_public_key *subpk,
PKT_public_key *pksk, int sigclass, int digest_algo,
u32 timestamp, u32 duration,
int (*mksubpkt)(PKT_signature *, void *),
void *opaque,
const char *cache_nonce);
gpg_error_t update_keysig_packet (PKT_signature **ret_sig,
gpg_error_t update_keysig_packet (ctrl_t ctrl,
PKT_signature **ret_sig,
PKT_signature *orig_sig,
PKT_public_key *pk,
PKT_user_id *uid,

9
g10/passphrase.c
View File

@ -441,12 +441,13 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
/* Emit the USERID_HINT and the NEED_PASSPHRASE status messages.
MAINKEYID may be NULL. */
void
emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo)
emit_status_need_passphrase (ctrl_t ctrl,
u32 *keyid, u32 *mainkeyid, int pubkey_algo)
{
char buf[50];
char *us;
us = get_long_user_id_string (keyid);
us = get_long_user_id_string (ctrl, keyid);
write_status_text (STATUS_USERID_HINT, us);
xfree (us);
@ -466,7 +467,7 @@ emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo)
MODE describes the use of the key description; use one of the
FORMAT_KEYDESC_ macros. */
char *
gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped)
gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped)
{
char *uid;
size_t uidlen;
@ -484,7 +485,7 @@ gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped)
&& pk->keyid[1] != pk->main_keyid[1]);
algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
timestr = strtimestamp (pk->timestamp);
uid = get_user_id (is_subkey? pk->main_keyid:pk->keyid, &uidlen);
uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen);
orig_codeset = i18n_switchto_utf8 ();

58
g10/pkclist.c
View File

@ -110,7 +110,7 @@ do_show_revocation_reason( PKT_signature *sig )
subkeys, etc.) Mode 1: use only the revocation on the main pk */
void
show_revocation_reason( PKT_public_key *pk, int mode )
show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode)
{
/* Hmmm, this is not so easy because we have to duplicate the code
* used in the trustbd to calculate the keyflags. We need to find
@ -127,7 +127,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
/* get the keyblock */
fingerprint_from_pk( pk, fingerprint, &fingerlen );
rc = get_pubkey_byfprint(NULL, &keyblock, fingerprint, fingerlen);
rc = get_pubkey_byfprint (ctrl, NULL, &keyblock, fingerprint, fingerlen);
if( rc ) { /* that should never happen */
log_debug( "failed to get the keyblock\n");
return;
@ -160,7 +160,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
/* We didn't find it, so check if the whole key is revoked */
if(!node && !mode)
show_revocation_reason(pk,1);
show_revocation_reason (ctrl, pk, 1);
release_kbnode( keyblock );
}
@ -188,7 +188,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
int show=0;
int min_num;
int did_help=defer_help;
unsigned int minimum = tdb_get_min_ownertrust (pk, 0);
unsigned int minimum = tdb_get_min_ownertrust (ctrl, pk, 0);
switch(minimum)
{
@ -222,13 +222,13 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
KBNODE keyblock, un;
tty_printf (_("No trust value assigned to:\n"));
print_key_line (NULL, pk, 0);
print_key_line (ctrl, NULL, pk, 0);
p = get_user_id_native(keyid);
p = get_user_id_native (ctrl, keyid);
tty_printf (_(" \"%s\"\n"),p);
xfree (p);
keyblock = get_pubkeyblock (keyid);
keyblock = get_pubkeyblock (ctrl, keyid);
if (!keyblock)
BUG ();
for (un=keyblock; un; un = un->next)
@ -257,7 +257,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
tty_printf(_(" aka \"%s\"\n"),p);
}
print_fingerprint (NULL, pk, 2);
print_fingerprint (ctrl, NULL, pk, 2);
tty_printf("\n");
release_kbnode (keyblock);
}
@ -391,8 +391,8 @@ edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode )
break;
case 1: /* trust value set */
trust &= ~TRUST_FLAG_DISABLED;
trust |= get_ownertrust (pk) & TRUST_FLAG_DISABLED;
update_ownertrust (pk, trust );
trust |= get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED;
update_ownertrust (ctrl, pk, trust );
return 1;
default:
return 0;
@ -467,7 +467,7 @@ do_we_trust( PKT_public_key *pk, unsigned int trustlevel )
* key anyway.
*/
static int
do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
do_we_trust_pre (ctrl_t ctrl, PKT_public_key *pk, unsigned int trustlevel )
{
int rc;
@ -475,8 +475,8 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
if( !opt.batch && !rc )
{
print_pubkey_info(NULL,pk);
print_fingerprint (NULL, pk, 2);
print_pubkey_info (ctrl, NULL,pk);
print_fingerprint (ctrl, NULL, pk, 2);
tty_printf("\n");
if ((trustlevel & TRUST_MASK) == TRUST_NEVER)
@ -499,7 +499,7 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
char *hint_str;
keyid_from_pk (pk, kid);
hint_str = get_long_user_id_string ( kid );
hint_str = get_long_user_id_string (ctrl, kid);
write_status_text ( STATUS_USERID_HINT, hint_str );
xfree (hint_str);
}
@ -548,7 +548,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
unsigned int trustlevel = TRUST_UNKNOWN;
int rc=0;
rc = get_pubkey( pk, sig->keyid );
rc = get_pubkey (ctrl, pk, sig->keyid );
if (rc)
{ /* this should not happen */
log_error("Ooops; the key vanished - can't check the trust\n");
@ -561,7 +561,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
if( !opt.quiet )
log_info(_("WARNING: Using untrusted key!\n"));
if (opt.with_fingerprint)
print_fingerprint (NULL, pk, 1);
print_fingerprint (ctrl, NULL, pk, 1);
goto leave;
}
@ -580,13 +580,13 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
else
log_info(_("WARNING: This key has been revoked by its owner!\n"));
log_info(_(" This could mean that the signature is forged.\n"));
show_revocation_reason( pk, 0 );
show_revocation_reason (ctrl, pk, 0);
}
else if ((trustlevel & TRUST_FLAG_SUB_REVOKED) )
{
write_status( STATUS_KEYREVOKED );
log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
show_revocation_reason( pk, 0 );
show_revocation_reason (ctrl, pk, 0);
}
if ((trustlevel & TRUST_FLAG_DISABLED))
@ -602,7 +602,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
primary_pk = xmalloc_clear (sizeof *primary_pk);
get_pubkey (primary_pk, pk->main_keyid);
get_pubkey (ctrl, primary_pk, pk->main_keyid);
fingerprint_from_pk (primary_pk, fpr, &fprlen);
free_public_key (primary_pk);
@ -649,7 +649,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
{
case TRUST_EXPIRED:
log_info(_("Note: This key has expired!\n"));
print_fingerprint (NULL, pk, 1);
print_fingerprint (ctrl, NULL, pk, 1);
break;
default:
@ -663,7 +663,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
" a trusted signature!\n"));
log_info(_(" There is no indication that the "
"signature belongs to the owner.\n" ));
print_fingerprint (NULL, pk, 1);
print_fingerprint (ctrl, NULL, pk, 1);
break;
case TRUST_NEVER:
@ -673,7 +673,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
log_info(_("WARNING: We do NOT trust this key!\n"));
log_info(_(" The signature is probably a FORGERY.\n"));
if (opt.with_fingerprint)
print_fingerprint (NULL, pk, 1);
print_fingerprint (ctrl, NULL, pk, 1);
rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
break;
@ -683,19 +683,19 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
" sufficiently trusted signatures!\n"));
log_info(_(" It is not certain that the"
" signature belongs to the owner.\n" ));
print_fingerprint (NULL, pk, 1);
print_fingerprint (ctrl, NULL, pk, 1);
break;
case TRUST_FULLY:
write_trust_status (STATUS_TRUST_FULLY, trustlevel);
if (opt.with_fingerprint)
print_fingerprint (NULL, pk, 1);
print_fingerprint (ctrl, NULL, pk, 1);
break;
case TRUST_ULTIMATE:
write_trust_status (STATUS_TRUST_ULTIMATE, trustlevel);
if (opt.with_fingerprint)
print_fingerprint (NULL, pk, 1);
print_fingerprint (ctrl, NULL, pk, 1);
break;
}
@ -882,7 +882,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
return GPG_ERR_UNUSABLE_PUBKEY;
}
if ( !do_we_trust_pre (pk, trustlevel) )
if ( !do_we_trust_pre (ctrl, pk, trustlevel) )
{
/* We don't trust this key. */
send_status_inv_recp (10, name);
@ -1151,8 +1151,8 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
else
{
size_t n;
char *p = get_user_id( keyid, &n );
tty_print_utf8_string( p, n );
char *p = get_user_id (ctrl, keyid, &n );
tty_print_utf8_string ( p, n );
xfree(p);
}
tty_printf("\"\n");
@ -1218,7 +1218,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
{
tty_printf (_("Public key is disabled.\n") );
}
else if ( do_we_trust_pre (pk, trustlevel) )
else if ( do_we_trust_pre (ctrl, pk, trustlevel) )
{
/* Skip the actual key if the key is already
* present in the list */

19
g10/pubkey-enc.c
View File

@ -37,7 +37,7 @@
#include "../common/host2net.h"
static gpg_error_t get_it (PKT_pubkey_enc *k,
static gpg_error_t get_it (ctrl_t ctrl, PKT_pubkey_enc *k,
DEK *dek, PKT_public_key *sk, u32 *keyid);
@ -87,8 +87,8 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
{
sk = xmalloc_clear (sizeof *sk);
sk->pubkey_algo = k->pubkey_algo; /* We want a pubkey with this algo. */
if (!(rc = get_seckey (sk, k->keyid)))
rc = get_it (k, dek, sk, k->keyid);
if (!(rc = get_seckey (ctrl, sk, k->keyid)))
rc = get_it (ctrl, k, dek, sk, k->keyid);
}
else if (opt.skip_hidden_recipients)
rc = gpg_error (GPG_ERR_NO_SECKEY);
@ -116,7 +116,7 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
log_info (_("anonymous recipient; trying secret key %s ...\n"),
keystr (keyid));
rc = get_it (k, dek, sk, keyid);
rc = get_it (ctrl, k, dek, sk, keyid);
if (!rc)
{
if (!opt.quiet)
@ -138,7 +138,8 @@ leave:
static gpg_error_t
get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
get_it (ctrl_t ctrl,
PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
{
gpg_error_t err;
byte *frame = NULL;
@ -200,7 +201,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
}
/* Decrypt. */
desc = gpg_format_keydesc (sk, FORMAT_KEYDESC_NORMAL, 1);
desc = gpg_format_keydesc (ctrl, sk, FORMAT_KEYDESC_NORMAL, 1);
err = agent_pkdecrypt (NULL, keygrip,
desc, sk->keyid, sk->main_keyid, sk->pubkey_algo,
s_data, &frame, &nframe, &padding);
@ -340,7 +341,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
{
PKT_public_key *pk = NULL;
PKT_public_key *mainpk = NULL;
KBNODE pkb = get_pubkeyblock (keyid);
KBNODE pkb = get_pubkeyblock (ctrl, keyid);
if (!pkb)
{
@ -393,7 +394,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
{
log_info (_("Note: key has been revoked"));
log_printf ("\n");
show_revocation_reason (pk, 1);
show_revocation_reason (ctrl, pk, 1);
}
if (is_status_enabled () && pk && mainpk)
@ -410,7 +411,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
* value is irrelevant. */
write_status_printf (STATUS_DECRYPTION_KEY, "%s %s %c",
pkhex, mainpkhex,
get_ownertrust_info (mainpk, 1));
get_ownertrust_info (ctrl, mainpk, 1));
}

36
g10/revoke.c
View File

@ -238,7 +238,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
}
/* To parse the revkeys */
merge_keys_and_selfsig(keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
/* get the key from the keyblock */
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
@ -294,7 +294,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
else
{
pk2 = xmalloc_clear (sizeof *pk2);
rc = get_pubkey_byfprint (pk2, NULL,
rc = get_pubkey_byfprint (ctrl, pk2, NULL,
pk->revkey[i].fpr, MAX_FINGERPRINT_LEN);
}
@ -305,11 +305,11 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
any = 1;
print_pubkey_info (NULL, pk);
print_pubkey_info (ctrl, NULL, pk);
tty_printf ("\n");
tty_printf (_("To be revoked by:\n"));
print_seckey_info (pk2);
print_seckey_info (ctrl, pk2);
if(pk->revkey[i].class&0x40)
tty_printf(_("(This is a sensitive revocation key)\n"));
@ -343,7 +343,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
push_armor_filter (afx, out);
/* create it */
rc = make_keysig_packet( &sig, pk, NULL, NULL, pk2, 0x20, 0,
rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk2, 0x20, 0,
0, 0,
revocation_reason_build_cb, reason,
NULL);
@ -445,7 +445,8 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
just the naked revocation signature; it may be NULL. If LEADINTEXT
is not NULL, it is written right before the (armored) output.*/
static int
create_revocation (const char *filename,
create_revocation (ctrl_t ctrl,
const char *filename,
struct revocation_reason_info *reason,
PKT_public_key *psk,
kbnode_t keyblock,
@ -470,7 +471,7 @@ create_revocation (const char *filename,
afx->hdrlines = "Comment: This is a revocation certificate\n";
push_armor_filter (afx, out);
rc = make_keysig_packet (&sig, psk, NULL, NULL, psk, 0x20, 0,
rc = make_keysig_packet (ctrl, &sig, psk, NULL, NULL, psk, 0x20, 0,
0, 0,
revocation_reason_build_cb, reason, cache_nonce);
if (rc)
@ -520,7 +521,7 @@ create_revocation (const char *filename,
key must be available. CACHE_NONCE is optional but can be used to
help gpg-agent to avoid an extra passphrase prompt. */
int
gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce)
{
int rc;
estream_t memfp;
@ -549,14 +550,14 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
es_fprintf (memfp, "%s\n\n",
_("This is a revocation certificate for the OpenPGP key:"));
print_key_line (memfp, psk, 0);
print_key_line (ctrl, memfp, psk, 0);
if (opt.keyid_format != KF_NONE)
print_fingerprint (memfp, psk, 3);
print_fingerprint (ctrl, memfp, psk, 3);
kl = opt.keyid_format == KF_NONE? 0 : keystrlen ();
tmpstr = get_user_id (keyid, &len);
tmpstr = get_user_id (ctrl, keyid, &len);
es_fprintf (memfp, "uid%*s%.*s\n\n",
kl + 10, "",
(int)len, tmpstr);
@ -585,7 +586,8 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
reason.code = 0x00; /* No particular reason. */
reason.desc = NULL;
rc = create_revocation (fname, &reason, psk, NULL, leadin, 3, cache_nonce);
rc = create_revocation (ctrl,
fname, &reason, psk, NULL, leadin, 3, cache_nonce);
if (!rc && !opt.quiet)
log_info (_("revocation certificate stored as '%s.rev'\n"), fname);
@ -601,7 +603,7 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
* Generate a revocation certificate for UNAME
*/
int
gen_revoke (const char *uname)
gen_revoke (ctrl_t ctrl, const char *uname)
{
int rc = 0;
PKT_public_key *psk;
@ -660,7 +662,7 @@ gen_revoke (const char *uname)
lines with secret key infos are printed after this message. */
log_error (_("'%s' matches multiple secret keys:\n"), uname);
info = format_seckey_info (keyblock->pkt->pkt.public_key);
info = format_seckey_info (ctrl, keyblock->pkt->pkt.public_key);
log_error (" %s\n", info);
xfree (info);
release_kbnode (keyblock);
@ -668,7 +670,7 @@ gen_revoke (const char *uname)
rc = keydb_get_keyblock (kdbhd, &keyblock);
while (! rc)
{
info = format_seckey_info (keyblock->pkt->pkt.public_key);
info = format_seckey_info (ctrl, keyblock->pkt->pkt.public_key);
log_info (" %s\n", info);
xfree (info);
release_kbnode (keyblock);
@ -704,7 +706,7 @@ gen_revoke (const char *uname)
}
keyid_from_pk (psk, keyid );
print_seckey_info (psk);
print_seckey_info (ctrl, psk);
tty_printf("\n");
if (!cpr_get_answer_is_yes ("gen_revoke.okay",
@ -726,7 +728,7 @@ gen_revoke (const char *uname)
if (!opt.armor)
tty_printf (_("ASCII armored output forced.\n"));
rc = create_revocation (NULL, reason, psk, keyblock, NULL, 0, NULL);
rc = create_revocation (ctrl, NULL, reason, psk, keyblock, NULL, 0, NULL);
if (rc)
goto leave;

42
g10/sig-check.c
View File

@ -45,9 +45,9 @@ static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
/* Check a signature. This is shorthand for check_signature2 with
the unnamed arguments passed as NULL. */
int
check_signature (PKT_signature *sig, gcry_md_hd_t digest)
check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest)
{
return check_signature2 (sig, digest, NULL, NULL, NULL, NULL);
return check_signature2 (ctrl, sig, digest, NULL, NULL, NULL, NULL);
}
@ -89,7 +89,8 @@ check_signature (PKT_signature *sig, gcry_md_hd_t digest)
*
* Returns 0 on success. An error code otherwise. */
gpg_error_t
check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
check_signature2 (ctrl_t ctrl,
PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
int *r_expired, int *r_revoked, PKT_public_key **r_pk)
{
int rc=0;
@ -122,7 +123,7 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
log_info(_("WARNING: signature digest conflict in message\n"));
rc = gpg_error (GPG_ERR_GENERAL);
}
else if( get_pubkey( pk, sig->keyid ) )
else if( get_pubkey (ctrl, pk, sig->keyid ) )
rc = gpg_error (GPG_ERR_NO_PUBKEY);
else if(!pk->flags.valid)
{
@ -560,7 +561,7 @@ cache_sig_result ( PKT_signature *sig, int result )
* revoked, B is still revoked. I'm not completely convinced this is
* the proper behavior, but it matches how PGP does it. -dms */
int
check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig)
{
static int busy=0;
int i;
@ -616,7 +617,8 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
/* The revoker's keyid. */
u32 keyid[2];
keyid_from_fingerprint(pk->revkey[i].fpr,MAX_FINGERPRINT_LEN,keyid);
keyid_from_fingerprint (ctrl, pk->revkey[i].fpr,
MAX_FINGERPRINT_LEN, keyid);
if(keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1])
/* The signature was generated by a designated revoker.
@ -629,7 +631,7 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
hash_public_key(md,pk);
/* Note: check_signature only checks that the signature
is good. It does not fail if the key is revoked. */
rc=check_signature(sig,md);
rc = check_signature (ctrl, sig, md);
cache_sig_result(sig,rc);
gcry_md_close (md);
break;
@ -685,9 +687,11 @@ check_backsig (PKT_public_key *main_pk,PKT_public_key *sub_pk,
* passed as NULL. See the documentation for that function for more
* details. */
int
check_key_signature (KBNODE root, KBNODE node, int *is_selfsig)
check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t node,
int *is_selfsig)
{
return check_key_signature2 (root, node, NULL, NULL, is_selfsig, NULL, NULL);
return check_key_signature2 (ctrl, root, node, NULL, NULL,
is_selfsig, NULL, NULL);
}
@ -725,7 +729,7 @@ check_key_signature (KBNODE root, KBNODE node, int *is_selfsig)
generated the signature (i.e., the signer) on success. This must
be released by the caller using release_public_key_parts (). */
gpg_error_t
check_signature_over_key_or_uid (PKT_public_key *signer,
check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
PKT_signature *sig, KBNODE kb, PACKET *packet,
int *is_selfsig, PKT_public_key *ret_pk)
{
@ -841,7 +845,7 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
signer_alloced = 2;
}
rc = get_pubkey (signer, sig->keyid);
rc = get_pubkey (ctrl, signer, sig->keyid);
if (rc)
{
xfree (signer);
@ -957,7 +961,8 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
* TODO: add r_revoked here as well. It has the same problems as
* r_expiredate and r_expired and the cache. */
int
check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
check_key_signature2 (ctrl_t ctrl,
kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
PKT_public_key *ret_pk, int *is_selfsig,
u32 *r_expiredate, int *r_expired )
{
@ -1018,13 +1023,14 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
/* Is it a designated revoker? */
if (keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1])
rc = check_revocation_keys (pk, sig);
rc = check_revocation_keys (ctrl, pk, sig);
else
{
rc = check_signature_metadata_validity (pk, sig,
r_expired, NULL);
if (! rc)
rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt,
rc = check_signature_over_key_or_uid (ctrl, pk, sig,
root, root->pkt,
is_selfsig, ret_pk);
}
}
@ -1039,7 +1045,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
r_expired, NULL);
if (! rc)
/* 0x28 must be a self-sig, but 0x18 needn't be. */
rc = check_signature_over_key_or_uid (sig->sig_class == 0x18
rc = check_signature_over_key_or_uid (ctrl,
sig->sig_class == 0x18
? NULL : pk,
sig, root, snode->pkt,
is_selfsig, ret_pk);
@ -1063,7 +1070,7 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
rc = check_signature_metadata_validity (pk, sig,
r_expired, NULL);
if (! rc)
rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt,
rc = check_signature_over_key_or_uid (ctrl, pk, sig, root, root->pkt,
is_selfsig, ret_pk);
}
else if (/* Certification. */
@ -1082,7 +1089,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
if (! rc)
/* If this is a self-sig, ignore check_pk. */
rc = check_signature_over_key_or_uid
(keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk,
(ctrl,
keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk,
sig, root, unode->pkt, NULL, ret_pk);
}
else

35
g10/sign.c
View File

@ -253,7 +253,7 @@ hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig)
/* Perform the sign operation. If CACHE_NONCE is given the agent is
advised to use that cached passphrase fro the key. */
static int
do_sign (PKT_public_key *pksk, PKT_signature *sig,
do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
gcry_md_hd_t md, int mdalgo, const char *cache_nonce)
{
gpg_error_t err;
@ -294,7 +294,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
char *desc;
gcry_sexp_t s_sigval;
desc = gpg_format_keydesc (pksk, FORMAT_KEYDESC_NORMAL, 1);
desc = gpg_format_keydesc (ctrl, pksk, FORMAT_KEYDESC_NORMAL, 1);
err = agent_pksign (NULL/*ctrl*/, cache_nonce, hexgrip, desc,
pksk->keyid, pksk->main_keyid, pksk->pubkey_algo,
dp, gcry_md_get_algo_dlen (mdalgo), mdalgo,
@ -327,7 +327,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
{
if (opt.verbose)
{
char *ustr = get_user_id_string_native (sig->keyid);
char *ustr = get_user_id_string_native (ctrl, sig->keyid);
log_info (_("%s/%s signature from: \"%s\"\n"),
openpgp_pk_algo_name (pksk->pubkey_algo),
openpgp_md_algo_name (sig->digest_algo),
@ -340,13 +340,14 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
int
complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
complete_sig (ctrl_t ctrl,
PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
const char *cache_nonce)
{
int rc;
/* if (!(rc = check_secret_key (pksk, 0))) */
rc = do_sign (pksk, sig, md, 0, cache_nonce);
rc = do_sign (ctrl, pksk, sig, md, 0, cache_nonce);
return rc;
}
@ -669,7 +670,8 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
* hash which will not be changes here.
*/
static int
write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
write_signature_packets (ctrl_t ctrl,
SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
int sigclass, u32 timestamp, u32 duration,
int status_letter, const char *cache_nonce)
{
@ -719,7 +721,7 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce);
rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce);
gcry_md_close (md);
if (!rc)
{
@ -785,6 +787,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
memset( &zfx, 0, sizeof zfx);
memset( &mfx, 0, sizeof mfx);
memset( &efx, 0, sizeof efx);
efx.ctrl = ctrl;
init_packet( &pkt );
if( filenames ) {
@ -1066,7 +1069,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
goto leave;
/* write the signatures */
rc = write_signature_packets (sk_list, out, mfx.md,
rc = write_signature_packets (ctrl, sk_list, out, mfx.md,
opt.textmode && !outfile? 0x01 : 0x00,
0, duration, detached ? 'D':'S', NULL);
if( rc )
@ -1209,8 +1212,8 @@ clearsign_file (ctrl_t ctrl,
push_armor_filter (afx, out);
/* Write the signatures. */
rc = write_signature_packets (sk_list, out, textmd, 0x01, 0, duration, 'C',
NULL);
rc = write_signature_packets (ctrl, sk_list, out, textmd, 0x01, 0,
duration, 'C', NULL);
if( rc )
goto leave;
@ -1369,7 +1372,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
/* Write the signatures */
/*(current filters: zip - encrypt - armor)*/
rc = write_signature_packets (sk_list, out, mfx.md,
rc = write_signature_packets (ctrl, sk_list, out, mfx.md,
opt.textmode? 0x01 : 0x00,
0, duration, 'S', NULL);
if( rc )
@ -1420,7 +1423,8 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
* MKSUBPKT.
*/
int
make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
make_keysig_packet (ctrl_t ctrl,
PKT_signature **ret_sig, PKT_public_key *pk,
PKT_user_id *uid, PKT_public_key *subpk,
PKT_public_key *pksk,
int sigclass, int digest_algo,
@ -1513,7 +1517,7 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
rc = complete_sig (sig, pksk, md, cache_nonce);
rc = complete_sig (ctrl, sig, pksk, md, cache_nonce);
}
gcry_md_close (md);
@ -1535,7 +1539,8 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
* TODO: Merge this with make_keysig_packet.
*/
gpg_error_t
update_keysig_packet( PKT_signature **ret_sig,
update_keysig_packet (ctrl_t ctrl,
PKT_signature **ret_sig,
PKT_signature *orig_sig,
PKT_public_key *pk,
PKT_user_id *uid,
@ -1612,7 +1617,7 @@ update_keysig_packet( PKT_signature **ret_sig,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
rc = complete_sig (sig, pksk, md, NULL);
rc = complete_sig (ctrl, sig, pksk, md, NULL);
}
leave:

8
g10/skclist.c
View File

@ -59,14 +59,14 @@ release_sk_list (SK_LIST sk_list)
* the string "(insecure!)" or "not secure" or "do not use"
* in one of the user ids. */
static int
is_insecure (PKT_public_key *pk)
is_insecure (ctrl_t ctrl, PKT_public_key *pk)
{
u32 keyid[2];
KBNODE node = NULL, u;
int insecure = 0;
keyid_from_pk (pk, keyid);
node = get_pubkeyblock (keyid);
node = get_pubkeyblock (ctrl, keyid);
for (u = node; u; u = u->next)
{
if (u->pkt->pkttype == PKT_USER_ID)
@ -150,7 +150,7 @@ build_sk_list (ctrl_t ctrl,
{
SK_LIST r;
if (random_is_faked () && !is_insecure (pk))
if (random_is_faked () && !is_insecure (ctrl, pk))
{
log_info (_("key is not flagged as insecure - "
"can't use it with the faked RNG!\n"));
@ -231,7 +231,7 @@ build_sk_list (ctrl_t ctrl,
get_inv_recpsgnr_code (GPG_ERR_WRONG_KEY_USAGE),
locusr->d, strlen (locusr->d), -1);
}
else if (random_is_faked () && !is_insecure (pk))
else if (random_is_faked () && !is_insecure (ctrl, pk))
{
log_info (_("key is not flagged as insecure - "
"can't use it with the faked RNG!\n"));

24
g10/tdbdump.c
View File

@ -49,9 +49,9 @@
* Write a record; die on error.
*/
static void
write_record( TRUSTREC *rec )
write_record (ctrl_t ctrl, TRUSTREC *rec)
{
int rc = tdbio_write_record( rec );
int rc = tdbio_write_record (ctrl, rec);
if( !rc )
return;
log_error(_("trust record %lu, type %d: write failed: %s\n"),
@ -64,13 +64,13 @@ write_record( TRUSTREC *rec )
* Dump the entire trustdb to FP or only the entries of one key.
*/
void
list_trustdb (estream_t fp, const char *username)
list_trustdb (ctrl_t ctrl, estream_t fp, const char *username)
{
TRUSTREC rec;
(void)username;
init_trustdb (0);
init_trustdb (ctrl, 0);
/* For now we ignore the user ID. */
if (1)
{
@ -94,14 +94,14 @@ list_trustdb (estream_t fp, const char *username)
* Print a list of all defined owner trust value.
*/
void
export_ownertrust()
export_ownertrust (ctrl_t ctrl)
{
TRUSTREC rec;
ulong recnum;
int i;
byte *p;
init_trustdb (0);
init_trustdb (ctrl, 0);
es_printf (_("# List of assigned trustvalues, created %s\n"
"# (Use \"gpg --import-ownertrust\" to restore them)\n"),
asctimestamp( make_timestamp() ) );
@ -121,7 +121,7 @@ export_ownertrust()
void
import_ownertrust( const char *fname )
import_ownertrust (ctrl_t ctrl, const char *fname )
{
estream_t fp;
int is_stdin=0;
@ -133,7 +133,7 @@ import_ownertrust( const char *fname )
int any = 0;
int rc;
init_trustdb (0);
init_trustdb (ctrl, 0);
if( iobuf_is_pipe_filename (fname) ) {
fp = es_stdin;
fname = "[stdin]";
@ -202,7 +202,7 @@ import_ownertrust( const char *fname )
log_info("setting ownertrust to %u\n", otrust );
}
rec.r.trust.ownertrust = otrust;
write_record (&rec );
write_record (ctrl, &rec);
any = 1;
}
}
@ -210,11 +210,11 @@ import_ownertrust( const char *fname )
if (!opt.quiet)
log_info("inserting ownertrust of %u\n", otrust );
memset (&rec, 0, sizeof rec);
rec.recnum = tdbio_new_recnum ();
rec.recnum = tdbio_new_recnum (ctrl);
rec.rectype = RECTYPE_TRUST;
memcpy (rec.r.trust.fingerprint, fpr, 20);
rec.r.trust.ownertrust = otrust;
write_record (&rec );
write_record (ctrl, &rec);
any = 1;
}
else /* error */
@ -228,7 +228,7 @@ import_ownertrust( const char *fname )
if (any)
{
revalidation_mark ();
revalidation_mark (ctrl);
rc = tdbio_sync ();
if (rc)
log_error (_("trustdb: sync failed: %s\n"), gpg_strerror (rc) );

76
g10/tdbio.c
View File

@ -119,7 +119,7 @@ static int in_transaction;
static void open_db (void);
static void create_hashtable (TRUSTREC *vr, int type);
static void create_hashtable (ctrl_t ctrl, TRUSTREC *vr, int type);
@ -535,7 +535,7 @@ cleanup (void)
* Returns: 0 on success or an error code.
*/
int
tdbio_update_version_record (void)
tdbio_update_version_record (ctrl_t ctrl)
{
TRUSTREC rec;
int rc;
@ -551,7 +551,7 @@ tdbio_update_version_record (void)
rec.r.ver.cert_depth = opt.max_cert_depth;
rec.r.ver.trust_model = opt.trust_model;
rec.r.ver.min_cert_level = opt.min_cert_level;
rc=tdbio_write_record(&rec);
rc = tdbio_write_record (ctrl, &rec);
}
return rc;
@ -564,7 +564,7 @@ tdbio_update_version_record (void)
* Returns: 0 on success or an error code.
*/
static int
create_version_record (void)
create_version_record (ctrl_t ctrl)
{
TRUSTREC rec;
int rc;
@ -582,13 +582,13 @@ create_version_record (void)
rec.r.ver.min_cert_level = opt.min_cert_level;
rec.rectype = RECTYPE_VER;
rec.recnum = 0;
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (!rc)
tdbio_sync ();
if (!rc)
create_hashtable (&rec, 0);
create_hashtable (ctrl, &rec, 0);
return rc;
}
@ -606,7 +606,8 @@ create_version_record (void)
*
*/
int
tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile)
tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname,
int create, int *r_nofile)
{
char *fname, *p;
struct stat statbuf;
@ -719,7 +720,7 @@ tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile)
if (db_fd == -1)
log_fatal (_("can't open '%s': %s\n"), db_name, strerror (errno));
rc = create_version_record ();
rc = create_version_record (ctrl);
if (rc)
log_fatal (_("%s: failed to create version record: %s"),
fname, gpg_strerror (rc));
@ -806,7 +807,7 @@ open_db ()
* the function terminates the process.
*/
static void
create_hashtable( TRUSTREC *vr, int type )
create_hashtable (ctrl_t ctrl, TRUSTREC *vr, int type)
{
TRUSTREC rec;
off_t offset;
@ -829,13 +830,13 @@ create_hashtable( TRUSTREC *vr, int type )
memset (&rec, 0, sizeof rec);
rec.rectype = RECTYPE_HTBL;
rec.recnum = recnum;
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_fatal (_("%s: failed to create hashtable: %s\n"),
db_name, gpg_strerror (rc));
}
/* Update the version record and flush. */
rc = tdbio_write_record (vr);
rc = tdbio_write_record (ctrl, vr);
if (!rc)
rc = tdbio_sync ();
if (rc)
@ -919,7 +920,7 @@ tdbio_read_nextcheck ()
* Return: True if the stamp actually changed.
*/
int
tdbio_write_nextcheck (ulong stamp)
tdbio_write_nextcheck (ctrl_t ctrl, ulong stamp)
{
TRUSTREC vr;
int rc;
@ -933,7 +934,7 @@ tdbio_write_nextcheck (ulong stamp)
return 0;
vr.r.ver.nextcheck = stamp;
rc = tdbio_write_record( &vr );
rc = tdbio_write_record (ctrl, &vr);
if (rc)
log_fatal (_("%s: error writing version record: %s\n"),
db_name, gpg_strerror (rc));
@ -980,7 +981,7 @@ get_trusthashrec(void)
* Return: 0 on success or an error code.
*/
static int
upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
upd_hashtable (ctrl_t ctrl, ulong table, byte *key, int keylen, ulong newrecnum)
{
TRUSTREC lastrec, rec;
ulong hashrec, item;
@ -1003,7 +1004,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
if (!item) /* Insert a new item into the hash table. */
{
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum;
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (rc)
{
log_error ("upd_hashtable: write htbl failed: %s\n",
@ -1068,7 +1069,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
{
/* Empty slot found. */
rec.r.hlst.rnum[i] = newrecnum;
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_error ("upd_hashtable: write hlst failed: %s\n",
gpg_strerror (rc));
@ -1090,8 +1091,8 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
else
{
/* Append a new record to the list. */
rec.r.hlst.next = item = tdbio_new_recnum ();
rc = tdbio_write_record (&rec);
rec.r.hlst.next = item = tdbio_new_recnum (ctrl);
rc = tdbio_write_record (ctrl, &rec);
if (rc)
{
log_error ("upd_hashtable: write hlst failed: %s\n",
@ -1102,7 +1103,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
rec.rectype = RECTYPE_HLST;
rec.recnum = item;
rec.r.hlst.rnum[0] = newrecnum;
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_error ("upd_hashtable: write ext hlst failed: %s\n",
gpg_strerror (rc));
@ -1120,10 +1121,10 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
item = rec.recnum; /* Save number of key record. */
memset (&rec, 0, sizeof rec);
rec.rectype = RECTYPE_HLST;
rec.recnum = tdbio_new_recnum ();
rec.recnum = tdbio_new_recnum (ctrl);
rec.r.hlst.rnum[0] = item; /* Old key record */
rec.r.hlst.rnum[1] = newrecnum; /* and new key record */
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (rc)
{
log_error( "upd_hashtable: write new hlst failed: %s\n",
@ -1132,7 +1133,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
}
/* Update the hashtable record. */
lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum;
rc = tdbio_write_record (&lastrec);
rc = tdbio_write_record (ctrl, &lastrec);
if (rc)
log_error ("upd_hashtable: update htbl failed: %s\n",
gpg_strerror (rc));
@ -1143,7 +1144,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
log_error ("hashtbl %lu: %lu/%d points to an invalid record %lu\n",
table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
if (opt.verbose > 1)
list_trustdb (es_stderr, NULL);
list_trustdb (ctrl, es_stderr, NULL);
return GPG_ERR_TRUSTDB;
}
}
@ -1159,7 +1160,8 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
* Return: 0 on success or an error code.
*/
static int
drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
drop_from_hashtable (ctrl_t ctrl, ulong table,
byte *key, int keylen, ulong recnum)
{
TRUSTREC rec;
ulong hashrec, item;
@ -1185,7 +1187,7 @@ drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
if (item == recnum) /* Table points direct to the record. */
{
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = 0;
rc = tdbio_write_record( &rec );
rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_error ("drop_from_hashtable: write htbl failed: %s\n",
gpg_strerror (rc));
@ -1221,7 +1223,7 @@ drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
if (rec.r.hlst.rnum[i] == recnum)
{
rec.r.hlst.rnum[i] = 0; /* Mark as free. */
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_error("drop_from_hashtable: write htbl failed: %s\n",
gpg_strerror (rc));
@ -1354,9 +1356,9 @@ lookup_hashtable (ulong table, const byte *key, size_t keylen,
* Return: 0 on success or an error code.
*/
static int
update_trusthashtbl( TRUSTREC *tr )
update_trusthashtbl (ctrl_t ctrl, TRUSTREC *tr)
{
return upd_hashtable (get_trusthashrec(),
return upd_hashtable (ctrl, get_trusthashrec (),
tr->r.trust.fingerprint, 20, tr->recnum);
}
@ -1591,7 +1593,7 @@ tdbio_read_record (ulong recnum, TRUSTREC *rec, int expected)
* Return: 0 on success or an error code.
*/
int
tdbio_write_record( TRUSTREC *rec )
tdbio_write_record (ctrl_t ctrl, TRUSTREC *rec)
{
byte buf[TRUST_RECORD_LEN];
byte *p;
@ -1675,7 +1677,7 @@ tdbio_write_record( TRUSTREC *rec )
if (rc)
;
else if (rec->rectype == RECTYPE_TRUST)
rc = update_trusthashtbl (rec);
rc = update_trusthashtbl (ctrl, rec);
return rc;
}
@ -1687,7 +1689,7 @@ tdbio_write_record( TRUSTREC *rec )
* Return: 0 on success or an error code.
*/
int
tdbio_delete_record (ulong recnum)
tdbio_delete_record (ctrl_t ctrl, ulong recnum)
{
TRUSTREC vr, rec;
int rc;
@ -1698,7 +1700,7 @@ tdbio_delete_record (ulong recnum)
;
else if (rec.rectype == RECTYPE_TRUST)
{
rc = drop_from_hashtable (get_trusthashrec(),
rc = drop_from_hashtable (ctrl, get_trusthashrec(),
rec.r.trust.fingerprint, 20, rec.recnum);
}
@ -1715,9 +1717,9 @@ tdbio_delete_record (ulong recnum)
rec.rectype = RECTYPE_FREE;
rec.r.free.next = vr.r.ver.firstfree;
vr.r.ver.firstfree = recnum;
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (!rc)
rc = tdbio_write_record (&vr);
rc = tdbio_write_record (ctrl, &vr);
return rc;
}
@ -1727,7 +1729,7 @@ tdbio_delete_record (ulong recnum)
* Create a new record and return its record number.
*/
ulong
tdbio_new_recnum ()
tdbio_new_recnum (ctrl_t ctrl)
{
off_t offset;
ulong recnum;
@ -1751,7 +1753,7 @@ tdbio_new_recnum ()
}
/* Update dir record. */
vr.r.ver.firstfree = rec.r.free.next;
rc = tdbio_write_record (&vr);
rc = tdbio_write_record (ctrl, &vr);
if (rc)
{
log_error (_("%s: error writing dir record: %s\n"),
@ -1763,7 +1765,7 @@ tdbio_new_recnum ()
rec.rectype = 0; /* Mark as unused record (actually already done
my the memset). */
rec.recnum = recnum;
rc = tdbio_write_record (&rec);
rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_fatal (_("%s: failed to zero a record: %s\n"),
db_name, gpg_strerror (rc));

13
g10/tdbio.h
View File

@ -92,23 +92,24 @@ struct trust_record {
typedef struct trust_record TRUSTREC;
/*-- tdbio.c --*/
int tdbio_update_version_record(void);
int tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile);
int tdbio_update_version_record (ctrl_t ctrl);
int tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname,
int create, int *r_nofile);
const char *tdbio_get_dbname(void);
void tdbio_dump_record( TRUSTREC *rec, estream_t fp );
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
int tdbio_write_record( TRUSTREC *rec );
int tdbio_write_record (ctrl_t ctrl, TRUSTREC *rec);
int tdbio_db_matches_options(void);
byte tdbio_read_model(void);
ulong tdbio_read_nextcheck (void);
int tdbio_write_nextcheck (ulong stamp);
int tdbio_write_nextcheck (ctrl_t ctrl, ulong stamp);
int tdbio_is_dirty(void);
int tdbio_sync(void);
int tdbio_begin_transaction(void);
int tdbio_end_transaction(void);
int tdbio_cancel_transaction(void);
int tdbio_delete_record( ulong recnum );
ulong tdbio_new_recnum(void);
int tdbio_delete_record (ctrl_t ctrl, ulong recnum);
ulong tdbio_new_recnum (ctrl_t ctrl);
gpg_error_t tdbio_search_trust_byfpr (const byte *fingerprint, TRUSTREC *rec);
gpg_error_t tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec);

17
g10/test-stubs.c
View File

@ -66,10 +66,12 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
}
void
read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
byte *marginals, byte *completes, byte *cert_depth,
byte *min_cert_level)
read_trust_options (ctrl_t ctrl,
byte *trust_model, ulong *created, ulong *nextcheck,
byte *marginals, byte *completes, byte *cert_depth,
byte *min_cert_level)
{
(void)ctrl;
(void)trust_model;
(void)created;
(void)nextcheck;
@ -85,8 +87,9 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
*/
int
cache_disabled_value(PKT_public_key *pk)
cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
{
(void)ctrl;
(void)pk;
return 0;
}
@ -138,16 +141,18 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
}
int
get_ownertrust_info (PKT_public_key *pk, int no_create)
get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
(void)ctrl;
(void)pk;
(void)no_create;
return '?';
}
unsigned int
get_ownertrust (PKT_public_key *pk)
get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
{
(void)ctrl;
(void)pk;
return TRUST_UNKNOWN;
}

21
g10/tofu.c
View File

@ -2031,7 +2031,7 @@ ask_about_binding (ctrl_t ctrl,
email> (including the binding itself, which will be first in the
list). For each returned key also sets BINDING_NEW, etc. */
static strlist_t
build_conflict_set (tofu_dbs_t dbs,
build_conflict_set (ctrl_t ctrl, tofu_dbs_t dbs,
PKT_public_key *pk, const char *fingerprint,
const char *email)
{
@ -2174,7 +2174,7 @@ build_conflict_set (tofu_dbs_t dbs,
continue;
}
merge_keys_and_selfsig (kb);
merge_keys_and_selfsig (ctrl, kb);
log_assert (kb->pkt->pkttype == PKT_PUBLIC_KEY);
@ -2317,7 +2317,7 @@ build_conflict_set (tofu_dbs_t dbs,
* not yet been registered.
*/
static enum tofu_policy
get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
get_policy (ctrl_t ctrl, tofu_dbs_t dbs, PKT_public_key *pk,
const char *fingerprint, const char *user_id, const char *email,
strlist_t *conflict_setp, time_t now)
{
@ -2483,7 +2483,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
int lookup_err;
kbnode_t kb;
lookup_err = get_pubkey_byfprint (NULL, &kb,
lookup_err = get_pubkey_byfprint (ctrl, NULL, &kb,
fingerprint_raw,
fingerprint_raw_len);
if (lookup_err)
@ -2509,7 +2509,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
* disappeared. The latter can happen if the conflicting bindings
* are now cross signed, for instance. */
conflict_set = build_conflict_set (dbs, pk, fingerprint, email);
conflict_set = build_conflict_set (ctrl, dbs, pk, fingerprint, email);
conflict_set_count = strlist_length (conflict_set);
if (conflict_set_count == 0)
{
@ -2615,7 +2615,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
if (effective_policy == TOFU_POLICY_ASK && conflict_setp)
{
if (! conflict_set)
conflict_set = build_conflict_set (dbs, pk, fingerprint, email);
conflict_set = build_conflict_set (ctrl, dbs, pk, fingerprint, email);
*conflict_setp = conflict_set;
}
else
@ -2691,7 +2691,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
/* We need to call get_policy even if the key is ultimately trusted
* to make sure the binding has been registered. */
policy = get_policy (dbs, pk, fingerprint, user_id, email,
policy = get_policy (ctrl, dbs, pk, fingerprint, user_id, email,
&conflict_set, now);
if (policy == TOFU_POLICY_ASK)
@ -3493,7 +3493,7 @@ tofu_register_encryption (ctrl_t ctrl,
! pk_is_primary (pk)
/* We need the key block to find all user ids. */
|| ! user_id_list)
kb = get_pubkeyblock (pk->keyid);
kb = get_pubkeyblock (ctrl, pk->keyid);
/* Make sure PK is a primary key. */
if (! pk_is_primary (pk))
@ -3692,7 +3692,7 @@ tofu_write_tfs_record (ctrl_t ctrl, estream_t fp,
fingerprint = hexfingerprint (pk, NULL, 0);
email = email_from_user_id (user_id);
policy = get_policy (dbs, pk, fingerprint, user_id, email, NULL, now);
policy = get_policy (ctrl, dbs, pk, fingerprint, user_id, email, NULL, now);
show_statistics (dbs, fingerprint, email, policy, fp, 0, now);
@ -3953,7 +3953,8 @@ tofu_get_policy (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *user_id,
email = email_from_user_id (user_id->name);
*policy = get_policy (dbs, pk, fingerprint, user_id->name, email, NULL, now);
*policy = get_policy (ctrl, dbs, pk, fingerprint,
user_id->name, email, NULL, now);
xfree (email);
xfree (fingerprint);

59
g10/trust.c
View File

@ -38,13 +38,13 @@
/* Return true if key is disabled. Note that this is usually used via
the pk_is_disabled macro. */
int
cache_disabled_value (PKT_public_key *pk)
cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
{
#ifdef NO_TRUST_MODELS
(void)pk;
return 0;
#else
return tdb_cache_disabled_value (pk);
return tdb_cache_disabled_value (ctrl, pk);
#endif
}
@ -173,13 +173,13 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
* The key should be the primary key.
*/
unsigned int
get_ownertrust (PKT_public_key *pk)
get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
{
#ifdef NO_TRUST_MODELS
(void)pk;
return TRUST_UNKNOWN;
#else
return tdb_get_ownertrust (pk, 0);
return tdb_get_ownertrust (ctrl, pk, 0);
#endif
}
@ -190,7 +190,7 @@ get_ownertrust (PKT_public_key *pk)
* inhibits creation of a trustdb it that does not yet exists.
*/
static int
get_ownertrust_with_min (PKT_public_key *pk, int no_create)
get_ownertrust_with_min (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
#ifdef NO_TRUST_MODELS
(void)pk;
@ -202,11 +202,11 @@ get_ownertrust_with_min (PKT_public_key *pk, int no_create)
* functions: If the caller asked not to create a trustdb we call
* init_trustdb directly and allow it to fail with an error code for
* a non-existing trustdb. */
if (no_create && init_trustdb (1))
if (no_create && init_trustdb (ctrl, 1))
return TRUST_UNKNOWN;
otrust = (tdb_get_ownertrust (pk, no_create) & TRUST_MASK);
otrust_min = tdb_get_min_ownertrust (pk, no_create);
otrust = (tdb_get_ownertrust (ctrl, pk, no_create) & TRUST_MASK);
otrust_min = tdb_get_min_ownertrust (ctrl, pk, no_create);
if (otrust < otrust_min)
{
/* If the trust that the user has set is less than the trust
@ -229,9 +229,9 @@ get_ownertrust_with_min (PKT_public_key *pk, int no_create)
* NO_CREATE is set, no efforts for creating a trustdb will be taken.
*/
int
get_ownertrust_info (PKT_public_key *pk, int no_create)
get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
return trust_letter (get_ownertrust_with_min (pk, no_create));
return trust_letter (get_ownertrust_with_min (ctrl, pk, no_create));
}
@ -241,9 +241,9 @@ get_ownertrust_info (PKT_public_key *pk, int no_create)
* NO_CREATE is set, no efforts for creating a trustdb will be taken.
*/
const char *
get_ownertrust_string (PKT_public_key *pk, int no_create)
get_ownertrust_string (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
return trust_value_to_string (get_ownertrust_with_min (pk, no_create));
return trust_value_to_string (get_ownertrust_with_min (ctrl, pk, no_create));
}
@ -252,34 +252,34 @@ get_ownertrust_string (PKT_public_key *pk, int no_create)
* The key should be a primary one.
*/
void
update_ownertrust (PKT_public_key *pk, unsigned int new_trust)
update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust)
{
#ifdef NO_TRUST_MODELS
(void)pk;
(void)new_trust;
#else
tdb_update_ownertrust (pk, new_trust);
tdb_update_ownertrust (ctrl, pk, new_trust);
#endif
}
int
clear_ownertrusts (PKT_public_key *pk)
clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk)
{
#ifdef NO_TRUST_MODELS
(void)pk;
return 0;
#else
return tdb_clear_ownertrusts (pk);
return tdb_clear_ownertrusts (ctrl, pk);
#endif
}
void
revalidation_mark (void)
revalidation_mark (ctrl_t ctrl)
{
#ifndef NO_TRUST_MODELS
tdb_revalidation_mark ();
tdb_revalidation_mark (ctrl);
#endif
}
@ -343,7 +343,7 @@ get_validity (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, PKT_user_id *uid,
else
{
main_pk = xmalloc_clear (sizeof *main_pk);
rc = get_pubkey (main_pk, pk->main_keyid);
rc = get_pubkey (ctrl, main_pk, pk->main_keyid);
if (rc)
{
char *tempkeystr = xstrdup (keystr (pk->main_keyid));
@ -430,7 +430,7 @@ get_validity_string (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
* 9 and 10 are used for internal purposes.
*/
void
mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
u32 *main_kid, struct key_item *klist,
u32 curtime, u32 *next_expire)
{
@ -461,7 +461,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
invalid signature */
if (klist && !is_in_klist (klist, sig))
continue; /* no need to check it then */
if ((rc=check_key_signature (keyblock, node, NULL)))
if ((rc=check_key_signature (ctrl, keyblock, node, NULL)))
{
/* we ignore anything that won't verify, but tag the
no_pubkey case */
@ -594,7 +594,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
static int
clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
clean_sigs_from_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
int noisy, int self_only)
{
int deleted = 0;
@ -609,7 +609,7 @@ clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
/* Passing in a 0 for current time here means that we'll never weed
out an expired sig. This is correct behavior since we want to
keep the most recent expired sig in a series. */
mark_usable_uid_certs (keyblock, uidnode, NULL, NULL, 0, NULL);
mark_usable_uid_certs (ctrl, keyblock, uidnode, NULL, NULL, 0, NULL);
/* What we want to do here is remove signatures that are not
considered as part of the trust calculations. Thus, all invalid
@ -743,8 +743,8 @@ clean_uid_from_key (kbnode_t keyblock, kbnode_t uidnode, int noisy)
/* Needs to be called after a merge_keys_and_selfsig() */
void
clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
int *uids_cleaned, int *sigs_cleaned)
clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
int noisy, int self_only, int *uids_cleaned, int *sigs_cleaned)
{
int dummy = 0;
@ -762,19 +762,20 @@ clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
to bother with the other. */
*uids_cleaned += clean_uid_from_key (keyblock, uidnode, noisy);
if (!uidnode->pkt->pkt.user_id->flags.compacted)
*sigs_cleaned += clean_sigs_from_uid (keyblock, uidnode, noisy, self_only);
*sigs_cleaned += clean_sigs_from_uid (ctrl, keyblock, uidnode,
noisy, self_only);
}
/* NB: This function marks the deleted nodes only and the caller is
* responsible to skip or remove them. */
void
clean_key (kbnode_t keyblock, int noisy, int self_only,
clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only,
int *uids_cleaned, int *sigs_cleaned)
{
kbnode_t node;
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
for (node = keyblock->next;
node && !(node->pkt->pkttype == PKT_PUBLIC_SUBKEY
@ -782,7 +783,7 @@ clean_key (kbnode_t keyblock, int noisy, int self_only,
node = node->next)
{
if (node->pkt->pkttype == PKT_USER_ID)
clean_one_uid (keyblock, node, noisy, self_only,
clean_one_uid (ctrl, keyblock, node, noisy, self_only,
uids_cleaned, sigs_cleaned);
}

189
g10/trustdb.c
View File

@ -248,7 +248,7 @@ add_utk (u32 *kid)
* Verify that all our secret keys are usable and put them into the utk_list.
*/
static void
verify_own_keys(void)
verify_own_keys (ctrl_t ctrl)
{
TRUSTREC rec;
ulong recnum;
@ -275,7 +275,7 @@ verify_own_keys(void)
* the whole validation code to only work with
* fingerprints */
fprlen = (!fpr[16] && !fpr[17] && !fpr[18] && !fpr[19])? 16:20;
keyid_from_fingerprint (fpr, fprlen, kid);
keyid_from_fingerprint (ctrl, fpr, fprlen, kid);
if (!add_utk (kid))
log_info(_("key %s occurs more than once in the trustdb\n"),
keystr(kid));
@ -290,15 +290,15 @@ verify_own_keys(void)
PKT_public_key pk;
memset (&pk, 0, sizeof pk);
rc = get_pubkey (&pk, k->kid);
rc = get_pubkey (ctrl, &pk, k->kid);
if (rc)
log_info(_("key %s: no public key for trusted key - skipped\n"),
keystr(k->kid));
else
{
tdb_update_ownertrust
(&pk, ((tdb_get_ownertrust (&pk, 0) & ~TRUST_MASK)
| TRUST_ULTIMATE ));
(ctrl, &pk, ((tdb_get_ownertrust (ctrl, &pk, 0) & ~TRUST_MASK)
| TRUST_ULTIMATE ));
release_public_key_parts (&pk);
}
@ -361,9 +361,9 @@ read_record (ulong recno, TRUSTREC *rec, int rectype )
* Write a record and die on error
*/
static void
write_record (TRUSTREC *rec)
write_record (ctrl_t ctrl, TRUSTREC *rec)
{
int rc = tdbio_write_record (rec);
int rc = tdbio_write_record (ctrl, rec);
if (rc)
{
log_error(_("trust record %lu, type %d: write failed: %s\n"),
@ -444,7 +444,7 @@ how_to_fix_the_trustdb ()
* in that case 0 is returned if there is a trustdb or an error code
* if no trustdb is available. */
gpg_error_t
init_trustdb (int no_create)
init_trustdb (ctrl_t ctrl, int no_create)
{
int level = trustdb_args.level;
const char* dbname = trustdb_args.dbname;
@ -456,7 +456,7 @@ init_trustdb (int no_create)
if(level==0 || level==1)
{
int rc = tdbio_set_dbname (dbname, (!no_create && level),
int rc = tdbio_set_dbname (ctrl, dbname, (!no_create && level),
&trustdb_args.no_trustdb);
if (no_create && trustdb_args.no_trustdb)
{
@ -501,7 +501,7 @@ init_trustdb (int no_create)
/* Verify the list of ultimately trusted keys and move the
--trusted-keys list there as well. */
if(level==1)
verify_own_keys();
verify_own_keys (ctrl);
if(!tdbio_db_matches_options())
pending_check_trustdb=1;
@ -515,9 +515,9 @@ init_trustdb (int no_create)
necessary if the trust model is not 'always trust'. Returns true
if we do have a usable trust database. */
int
have_trustdb (void)
have_trustdb (ctrl_t ctrl)
{
return init_trustdb (opt.trust_model == TM_ALWAYS) == 0;
return !init_trustdb (ctrl, opt.trust_model == TM_ALWAYS);
}
@ -529,7 +529,7 @@ have_trustdb (void)
void
check_trustdb (ctrl_t ctrl)
{
init_trustdb (0);
init_trustdb (ctrl, 0);
if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
|| opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
{
@ -566,7 +566,7 @@ check_trustdb (ctrl_t ctrl)
void
update_trustdb (ctrl_t ctrl)
{
init_trustdb (0);
init_trustdb (ctrl, 0);
if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
|| opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
validate_keys (ctrl, 1);
@ -576,15 +576,15 @@ update_trustdb (ctrl_t ctrl)
}
void
tdb_revalidation_mark (void)
tdb_revalidation_mark (ctrl_t ctrl)
{
init_trustdb (0);
init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return;
/* We simply set the time for the next check to 1 (far back in 1970)
so that a --update-trustdb will be scheduled. */
if (tdbio_write_nextcheck (1))
if (tdbio_write_nextcheck (ctrl, 1))
do_sync ();
pending_check_trustdb = 1;
}
@ -610,13 +610,14 @@ tdb_check_or_update (ctrl_t ctrl)
}
void
read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
byte *marginals,byte *completes,byte *cert_depth,
byte *min_cert_level)
read_trust_options (ctrl_t ctrl,
byte *trust_model, ulong *created, ulong *nextcheck,
byte *marginals, byte *completes, byte *cert_depth,
byte *min_cert_level)
{
TRUSTREC opts;
init_trustdb (0);
init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
memset (&opts, 0, sizeof opts);
else
@ -643,11 +644,11 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
***********************************************/
static int
read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
read_trust_record (ctrl_t ctrl, PKT_public_key *pk, TRUSTREC *rec)
{
int rc;
init_trustdb (0);
init_trustdb (ctrl, 0);
rc = tdbio_search_trust_bypk (pk, rec);
if (rc)
{
@ -676,7 +677,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
* values but we usually use --always-trust.
*/
unsigned int
tdb_get_ownertrust (PKT_public_key *pk, int no_create)
tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
TRUSTREC rec;
gpg_error_t err;
@ -687,10 +688,10 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create)
/* If the caller asked not to create a trustdb we call init_trustdb
* directly and allow it to fail with an error code for a
* non-existing trustdb. */
if (no_create && init_trustdb (1))
if (no_create && init_trustdb (ctrl, 1))
return TRUST_UNKNOWN;
err = read_trust_record (pk, &rec);
err = read_trust_record (ctrl, pk, &rec);
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
return TRUST_UNKNOWN; /* no record yet */
if (err)
@ -704,7 +705,7 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create)
unsigned int
tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
TRUSTREC rec;
gpg_error_t err;
@ -715,10 +716,10 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
/* If the caller asked not to create a trustdb we call init_trustdb
* directly and allow it to fail with an error code for a
* non-existing trustdb. */
if (no_create && init_trustdb (1))
if (no_create && init_trustdb (ctrl, 1))
return TRUST_UNKNOWN;
err = read_trust_record (pk, &rec);
err = read_trust_record (ctrl, pk, &rec);
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
return TRUST_UNKNOWN; /* no record yet */
if (err)
@ -736,7 +737,7 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
* The key should be a primary one.
*/
void
tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust )
{
TRUSTREC rec;
gpg_error_t err;
@ -744,7 +745,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return;
err = read_trust_record (pk, &rec);
err = read_trust_record (ctrl, pk, &rec);
if (!err)
{
if (DBG_TRUST)
@ -753,8 +754,8 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
if (rec.r.trust.ownertrust != new_trust)
{
rec.r.trust.ownertrust = new_trust;
write_record( &rec );
tdb_revalidation_mark ();
write_record (ctrl, &rec);
tdb_revalidation_mark (ctrl);
do_sync ();
}
}
@ -766,12 +767,12 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
log_debug ("insert ownertrust %u\n", new_trust );
memset (&rec, 0, sizeof rec);
rec.recnum = tdbio_new_recnum ();
rec.recnum = tdbio_new_recnum (ctrl);
rec.rectype = RECTYPE_TRUST;
fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
rec.r.trust.ownertrust = new_trust;
write_record (&rec);
tdb_revalidation_mark ();
write_record (ctrl, &rec);
tdb_revalidation_mark (ctrl);
do_sync ();
}
else
@ -781,7 +782,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
}
static void
update_min_ownertrust (u32 *kid, unsigned int new_trust )
update_min_ownertrust (ctrl_t ctrl, u32 *kid, unsigned int new_trust)
{
PKT_public_key *pk;
TRUSTREC rec;
@ -791,7 +792,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
return;
pk = xmalloc_clear (sizeof *pk);
err = get_pubkey (pk, kid);
err = get_pubkey (ctrl, pk, kid);
if (err)
{
log_error (_("public key %s not found: %s\n"),
@ -799,7 +800,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
return;
}
err = read_trust_record (pk, &rec);
err = read_trust_record (ctrl, pk, &rec);
if (!err)
{
if (DBG_TRUST)
@ -810,8 +811,8 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
if (rec.r.trust.min_ownertrust != new_trust)
{
rec.r.trust.min_ownertrust = new_trust;
write_record( &rec );
tdb_revalidation_mark ();
write_record (ctrl, &rec);
tdb_revalidation_mark (ctrl);
do_sync ();
}
}
@ -823,12 +824,12 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
log_debug ("insert min_ownertrust %u\n", new_trust );
memset (&rec, 0, sizeof rec);
rec.recnum = tdbio_new_recnum ();
rec.recnum = tdbio_new_recnum (ctrl);
rec.rectype = RECTYPE_TRUST;
fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
rec.r.trust.min_ownertrust = new_trust;
write_record (&rec);
tdb_revalidation_mark ();
write_record (ctrl, &rec);
tdb_revalidation_mark (ctrl);
do_sync ();
}
else
@ -844,17 +845,17 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
* Return: True if a change actually happened.
*/
int
tdb_clear_ownertrusts (PKT_public_key *pk)
tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk)
{
TRUSTREC rec;
gpg_error_t err;
init_trustdb (0);
init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return 0;
err = read_trust_record (pk, &rec);
err = read_trust_record (ctrl, pk, &rec);
if (!err)
{
if (DBG_TRUST)
@ -868,8 +869,8 @@ tdb_clear_ownertrusts (PKT_public_key *pk)
{
rec.r.trust.ownertrust = 0;
rec.r.trust.min_ownertrust = 0;
write_record( &rec );
tdb_revalidation_mark ();
write_record (ctrl, &rec);
tdb_revalidation_mark (ctrl);
do_sync ();
return 1;
}
@ -885,7 +886,7 @@ tdb_clear_ownertrusts (PKT_public_key *pk)
* Note: Caller has to do a sync
*/
static void
update_validity (PKT_public_key *pk, PKT_user_id *uid,
update_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
int depth, int validity)
{
TRUSTREC trec, vrec;
@ -894,7 +895,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
namehash_from_uid(uid);
err = read_trust_record (pk, &trec);
err = read_trust_record (ctrl, pk, &trec);
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
{
tdbio_invalid ();
@ -906,7 +907,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
size_t dummy;
memset (&trec, 0, sizeof trec);
trec.recnum = tdbio_new_recnum ();
trec.recnum = tdbio_new_recnum (ctrl);
trec.rectype = RECTYPE_TRUST;
fingerprint_from_pk (pk, trec.r.trust.fingerprint, &dummy);
trec.r.trust.ownertrust = 0;
@ -925,7 +926,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
if (!recno) /* insert a new validity record */
{
memset (&vrec, 0, sizeof vrec);
vrec.recnum = tdbio_new_recnum ();
vrec.recnum = tdbio_new_recnum (ctrl);
vrec.rectype = RECTYPE_VALID;
memcpy (vrec.r.valid.namehash, uid->namehash, 20);
vrec.r.valid.next = trec.r.trust.validlist;
@ -934,9 +935,9 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
vrec.r.valid.validity = validity;
vrec.r.valid.full_count = uid->help_full_count;
vrec.r.valid.marginal_count = uid->help_marginal_count;
write_record (&vrec);
write_record (ctrl, &vrec);
trec.r.trust.depth = depth;
write_record (&trec);
write_record (ctrl, &trec);
}
@ -947,7 +948,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
/* Return true if key is disabled. Note that this is usually used via
the pk_is_disabled macro. */
int
tdb_cache_disabled_value (PKT_public_key *pk)
tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
{
gpg_error_t err;
TRUSTREC trec;
@ -956,12 +957,12 @@ tdb_cache_disabled_value (PKT_public_key *pk)
if (pk->flags.disabled_valid)
return pk->flags.disabled;
init_trustdb (0);
init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb)
return 0; /* No trustdb => not disabled. */
err = read_trust_record (pk, &trec);
err = read_trust_record (ctrl, pk, &trec);
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
{
tdbio_invalid ();
@ -991,7 +992,7 @@ tdb_check_trustdb_stale (ctrl_t ctrl)
{
static int did_nextcheck=0;
init_trustdb (0);
init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb)
return; /* No trustdb => can't be stale. */
@ -1062,7 +1063,7 @@ tdb_get_validity_core (ctrl_t ctrl,
(void)may_ask;
#endif
init_trustdb (0);
init_trustdb (ctrl, 0);
/* If we have no trustdb (which also means it has not been created)
and the trust-model is always, we don't know the validity -
@ -1077,7 +1078,7 @@ tdb_get_validity_core (ctrl_t ctrl,
{
/* Note that this happens BEFORE any user ID stuff is checked.
The direct trust model applies to keys as a whole. */
validity = tdb_get_ownertrust (main_pk, 0);
validity = tdb_get_ownertrust (ctrl, main_pk, 0);
goto leave;
}
@ -1093,7 +1094,7 @@ tdb_get_validity_core (ctrl_t ctrl,
{
if (! kb)
{
kb = get_pubkeyblock (main_pk->keyid);
kb = get_pubkeyblock (ctrl, main_pk->keyid);
free_kb = 1;
}
n = kb;
@ -1201,7 +1202,7 @@ tdb_get_validity_core (ctrl_t ctrl,
|| opt.trust_model == TM_CLASSIC
|| opt.trust_model == TM_PGP)
{
err = read_trust_record (main_pk, &trec);
err = read_trust_record (ctrl, main_pk, &trec);
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
{
tdbio_invalid ();
@ -1277,7 +1278,7 @@ tdb_get_validity_core (ctrl_t ctrl,
static void
get_validity_counts (PKT_public_key *pk, PKT_user_id *uid)
get_validity_counts (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
{
TRUSTREC trec, vrec;
ulong recno;
@ -1289,9 +1290,9 @@ get_validity_counts (PKT_public_key *pk, PKT_user_id *uid)
uid->help_marginal_count=uid->help_full_count=0;
init_trustdb (0);
init_trustdb (ctrl, 0);
if(read_trust_record (pk, &trec))
if(read_trust_record (ctrl, pk, &trec))
return;
/* loop over all user IDs */
@ -1375,7 +1376,7 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
int ot;
pk = xmalloc_clear (sizeof *pk);
rc = get_pubkey (pk, kid);
rc = get_pubkey (ctrl, pk, kid);
if (rc)
{
log_error (_("public key %s not found: %s\n"),
@ -1387,14 +1388,14 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
{
log_info("force trust for key %s to %s\n",
keystr(kid),trust_value_to_string(opt.force_ownertrust));
tdb_update_ownertrust (pk, opt.force_ownertrust);
tdb_update_ownertrust (ctrl, pk, opt.force_ownertrust);
ot=opt.force_ownertrust;
}
else
{
ot=edit_ownertrust (ctrl, pk, 0);
if(ot>0)
ot = tdb_get_ownertrust (pk, 0);
ot = tdb_get_ownertrust (ctrl, pk, 0);
else if(ot==0)
ot = minimum?minimum:TRUST_UNDEFINED;
else
@ -1460,7 +1461,8 @@ dump_key_array (int depth, struct key_array *keys)
static void
store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
store_validation_status (ctrl_t ctrl, int depth,
kbnode_t keyblock, KeyHashTable stored)
{
KBNODE node;
int status;
@ -1482,7 +1484,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
if (status)
{
update_validity (keyblock->pkt->pkt.public_key,
update_validity (ctrl, keyblock->pkt->pkt.public_key,
uid, depth, status);
mark_keyblock_seen(stored,keyblock);
@ -1619,7 +1621,7 @@ check_regexp(const char *expr,const char *string)
* This function assumes that all kbnode flags are cleared on entry.
*/
static int
validate_one_keyblock (KBNODE kb, struct key_item *klist,
validate_one_keyblock (ctrl_t ctrl, kbnode_t kb, struct key_item *klist,
u32 curtime, u32 *next_expire)
{
struct key_item *kr;
@ -1666,8 +1668,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
*next_expire = uid->expiredate;
issigned = 0;
get_validity_counts(pk,uid);
mark_usable_uid_certs (kb, uidnode, main_kid, klist,
get_validity_counts (ctrl, pk, uid);
mark_usable_uid_certs (ctrl, kb, uidnode, main_kid, klist,
curtime, next_expire);
}
else if (node->pkt->pkttype == PKT_SIGNATURE
@ -1799,7 +1801,7 @@ search_skipfnc (void *opaque, u32 *kid, int dummy_uid_no)
* Caller hast to release the returned array.
*/
static struct key_array *
validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust,
struct key_item *klist, u32 curtime, u32 *next_expire)
{
KBNODE keyblock = NULL;
@ -1858,7 +1860,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
}
/* prepare the keyblock for further processing */
merge_keys_and_selfsig (keyblock);
merge_keys_and_selfsig (ctrl, keyblock);
clear_kbnode_flags (keyblock);
pk = keyblock->pkt->pkt.public_key;
if (pk->has_expired || pk->flags.revoked)
@ -1866,7 +1868,8 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
/* it does not make sense to look further at those keys */
mark_keyblock_seen (full_trust, keyblock);
}
else if (validate_one_keyblock (keyblock, klist, curtime, next_expire))
else if (validate_one_keyblock (ctrl, keyblock, klist,
curtime, next_expire))
{
KBNODE node;
@ -1915,7 +1918,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
/* Caller must sync */
static void
reset_trust_records(void)
reset_trust_records (ctrl_t ctrl)
{
TRUSTREC rec;
ulong recnum;
@ -1929,7 +1932,7 @@ reset_trust_records(void)
if(rec.r.trust.min_ownertrust)
{
rec.r.trust.min_ownertrust=0;
write_record(&rec);
write_record (ctrl, &rec);
}
}
@ -1941,7 +1944,7 @@ reset_trust_records(void)
rec.r.valid.validity &= ~TRUST_MASK;
rec.r.valid.marginal_count=rec.r.valid.full_count=0;
nreset++;
write_record(&rec);
write_record (ctrl, &rec);
}
}
@ -2002,7 +2005,7 @@ validate_keys (ctrl_t ctrl, int interactive)
Perhaps combine this with reset_trust_records(), or only check
the caches on keys that are actually involved in the web of
trust. */
keydb_rebuild_caches(0);
keydb_rebuild_caches (ctrl, 0);
kdb = keydb_new ();
if (!kdb)
@ -2014,7 +2017,7 @@ validate_keys (ctrl_t ctrl, int interactive)
used = new_key_hash_table ();
full_trust = new_key_hash_table ();
reset_trust_records();
reset_trust_records (ctrl);
/* Fixme: Instead of always building a UTK list, we could just build it
* here when needed */
@ -2032,7 +2035,7 @@ validate_keys (ctrl_t ctrl, int interactive)
KBNODE keyblock;
PKT_public_key *pk;
keyblock = get_pubkeyblock (k->kid);
keyblock = get_pubkeyblock (ctrl, k->kid);
if (!keyblock)
{
log_error (_("public key of ultimately"
@ -2046,7 +2049,8 @@ validate_keys (ctrl_t ctrl, int interactive)
for (node=keyblock; node; node = node->next)
{
if (node->pkt->pkttype == PKT_USER_ID)
update_validity (pk, node->pkt->pkt.user_id, 0, TRUST_ULTIMATE);
update_validity (ctrl, pk, node->pkt->pkt.user_id,
0, TRUST_ULTIMATE);
}
if ( pk->expiredate && pk->expiredate >= start_time
&& pk->expiredate < next_expire)
@ -2086,7 +2090,7 @@ validate_keys (ctrl_t ctrl, int interactive)
min=TRUST_MARGINAL;
if(min!=k->min_ownertrust)
update_min_ownertrust(k->kid,min);
update_min_ownertrust (ctrl, k->kid,min);
if (interactive && k->ownertrust == TRUST_UNKNOWN)
{
@ -2132,7 +2136,7 @@ validate_keys (ctrl_t ctrl, int interactive)
}
/* Find all keys which are signed by a key in kdlist */
keys = validate_key_list (kdb, full_trust, klist,
keys = validate_key_list (ctrl, kdb, full_trust, klist,
start_time, &next_expire);
if (!keys)
{
@ -2149,7 +2153,7 @@ validate_keys (ctrl_t ctrl, int interactive)
dump_key_array (depth, keys);
for (kar=keys; kar->keyblock; kar++)
store_validation_status (depth, kar->keyblock, stored);
store_validation_status (ctrl, depth, kar->keyblock, stored);
if (!opt.quiet)
log_info (_("depth: %d valid: %3d signed: %3d"
@ -2183,9 +2187,10 @@ validate_keys (ctrl_t ctrl, int interactive)
k->kid[1]=kid[1];
k->ownertrust =
(tdb_get_ownertrust
(kar->keyblock->pkt->pkt.public_key, 0) & TRUST_MASK);
(ctrl, kar->keyblock->pkt->pkt.public_key, 0)
& TRUST_MASK);
k->min_ownertrust = tdb_get_min_ownertrust
(kar->keyblock->pkt->pkt.public_key, 0);
(ctrl, kar->keyblock->pkt->pkt.public_key, 0);
k->trust_depth=
kar->keyblock->pkt->pkt.public_key->trust_depth;
k->trust_value=
@ -2220,16 +2225,16 @@ validate_keys (ctrl_t ctrl, int interactive)
int rc2;
if (next_expire == 0xffffffff || next_expire < start_time )
tdbio_write_nextcheck (0);
tdbio_write_nextcheck (ctrl, 0);
else
{
tdbio_write_nextcheck (next_expire);
tdbio_write_nextcheck (ctrl, next_expire);
if (!opt.quiet)
log_info (_("next trustdb check due at %s\n"),
strtimestamp (next_expire));
}
rc2 = tdbio_update_version_record ();
rc2 = tdbio_update_version_record (ctrl);
if (rc2)
{
log_error (_("unable to update trustdb version record: "

56
g10/trustdb.h
View File

@ -77,7 +77,7 @@ is_in_klist (struct key_item *k, PKT_signature *sig)
/*-- trust.c --*/
int cache_disabled_value (PKT_public_key *pk);
int cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk);
void register_trusted_keyid (u32 *keyid);
void register_trusted_key (const char *string);
@ -86,11 +86,12 @@ int string_to_trust_value (const char *str);
const char *uid_trust_string_fixed (ctrl_t ctrl,
PKT_public_key *key, PKT_user_id *uid);
unsigned int get_ownertrust (PKT_public_key *pk);
void update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
int clear_ownertrusts (PKT_public_key *pk);
unsigned int get_ownertrust (ctrl_t ctrl, PKT_public_key *pk);
void update_ownertrust (ctrl_t ctrl,
PKT_public_key *pk, unsigned int new_trust);
int clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk);
void revalidation_mark (void);
void revalidation_mark (ctrl_t ctrl);
void check_trustdb_stale (ctrl_t ctrl);
void check_or_update_trustdb (ctrl_t ctrl);
@ -102,14 +103,14 @@ int get_validity_info (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk,
const char *get_validity_string (ctrl_t ctrl,
PKT_public_key *pk, PKT_user_id *uid);
void mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
void mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
u32 *main_kid, struct key_item *klist,
u32 curtime, u32 *next_expire);
void clean_one_uid (kbnode_t keyblock, kbnode_t uidnode,
void clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
int noisy, int self_only,
int *uids_cleaned, int *sigs_cleaned);
void clean_key (kbnode_t keyblock, int noisy, int self_only,
void clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only,
int *uids_cleaned,int *sigs_cleaned);
@ -127,16 +128,14 @@ void update_trustdb (ctrl_t ctrl);
int setup_trustdb( int level, const char *dbname );
void how_to_fix_the_trustdb (void);
const char *trust_model_string (int model);
gpg_error_t init_trustdb (int no_create);
int have_trustdb (void);
gpg_error_t init_trustdb (ctrl_t ctrl, int no_create);
int have_trustdb (ctrl_t ctrl);
void tdb_check_trustdb_stale (ctrl_t ctrl);
void sync_trustdb( void );
void tdb_revalidation_mark (void);
void tdb_revalidation_mark (ctrl_t ctrl);
int trustdb_pending_check(void);
void tdb_check_or_update (ctrl_t ctrl);
int tdb_cache_disabled_value (PKT_public_key *pk);
int tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk);
unsigned int tdb_get_validity_core (ctrl_t ctrl, kbnode_t kb,
PKT_public_key *pk, PKT_user_id *uid,
@ -149,22 +148,27 @@ int enum_cert_paths( void **context, ulong *lid,
void enum_cert_paths_print( void **context, FILE *fp,
int refresh, ulong selected_lid );
void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
byte *marginals,byte *completes,byte *cert_depth,
byte *min_cert_level);
void read_trust_options (ctrl_t ctrl, byte *trust_model,
ulong *created, ulong *nextcheck,
byte *marginals, byte *completes, byte *cert_depth,
byte *min_cert_level);
unsigned int tdb_get_ownertrust (PKT_public_key *pk, int no_create);
unsigned int tdb_get_min_ownertrust (PKT_public_key *pk, int no_create);
int get_ownertrust_info (PKT_public_key *pk, int no_create);
const char *get_ownertrust_string (PKT_public_key *pk, int no_create);
unsigned int tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
int no_create);
unsigned int tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
int no_create);
int get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create);
const char *get_ownertrust_string (ctrl_t ctrl,
PKT_public_key *pk, int no_create);
void tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
int tdb_clear_ownertrusts (PKT_public_key *pk);
void tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
unsigned int new_trust);
int tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk);
/*-- tdbdump.c --*/
void list_trustdb (estream_t fp, const char *username);
void export_ownertrust(void);
void import_ownertrust(const char *fname);
void list_trustdb (ctrl_t ctrl, estream_t fp, const char *username);
void export_ownertrust (ctrl_t ctrl);
void import_ownertrust (ctrl_t ctrl, const char *fname);
/*-- pkclist.c --*/
int edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode);