From 8f2671d2cc022af2f564e296bdeb3bb2d2734ef4 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 31 Mar 2017 20:03:52 +0200 Subject: [PATCH] gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch --- g10/call-agent.c | 3 +- g10/call-dirmngr.c | 2 +- g10/card-util.c | 23 ++-- g10/delkey.c | 20 ++-- g10/encrypt.c | 17 +-- g10/export.c | 28 +++-- g10/getkey.c | 140 ++++++++++++----------- g10/gpg.c | 21 ++-- g10/gpgcompose.c | 17 ++- g10/gpgv.c | 17 ++- g10/import.c | 126 +++++++++++--------- g10/keydb.c | 4 +- g10/keydb.h | 44 +++---- g10/keyedit.c | 278 ++++++++++++++++++++++++--------------------- g10/keygen.c | 46 ++++---- g10/keyid.c | 5 +- g10/keylist.c | 61 +++++----- g10/keyring.c | 4 +- g10/keyring.h | 2 +- g10/keyserver.c | 14 ++- g10/main.h | 59 ++++++---- g10/mainproc.c | 30 ++--- g10/packet.h | 13 ++- g10/passphrase.c | 9 +- g10/pkclist.c | 58 +++++----- g10/pubkey-enc.c | 19 ++-- g10/revoke.c | 36 +++--- g10/sig-check.c | 42 ++++--- g10/sign.c | 35 +++--- g10/skclist.c | 8 +- g10/tdbdump.c | 24 ++-- g10/tdbio.c | 76 +++++++------ g10/tdbio.h | 13 ++- g10/test-stubs.c | 17 ++- g10/tofu.c | 21 ++-- g10/trust.c | 59 +++++----- g10/trustdb.c | 189 +++++++++++++++--------------- g10/trustdb.h | 56 ++++----- 38 files changed, 885 insertions(+), 751 deletions(-) diff --git a/g10/call-agent.c b/g10/call-agent.c index af06bf511..0ba978774 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -160,7 +160,8 @@ default_inq_cb (void *opaque, const char *line) char buf[32]; if (parm->keyinfo.keyid) - emit_status_need_passphrase (parm->keyinfo.keyid, + emit_status_need_passphrase (parm->ctrl, + parm->keyinfo.keyid, parm->keyinfo.mainkeyid, parm->keyinfo.pubkey_algo); diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c index aa39155ac..cb6c69cd7 100644 --- a/g10/call-dirmngr.c +++ b/g10/call-dirmngr.c @@ -1068,7 +1068,7 @@ gpg_dirmngr_ks_put (ctrl_t ctrl, void *data, size_t datalen, kbnode_t keyblock) /* We are going to parse the keyblock, thus we better make sure the all information is readily available. */ if (keyblock) - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); err = open_context (ctrl, &ctx); if (err) diff --git a/g10/card-util.c b/g10/card-util.c index b88a9ed70..78cd52bfe 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -362,7 +362,8 @@ fpr_is_ff (const char *fpr) /* Print all available information about the current card. */ static void -current_card_status (estream_t fp, char *serialno, size_t serialnobuflen) +current_card_status (ctrl_t ctrl, estream_t fp, + char *serialno, size_t serialnobuflen) { struct agent_card_info_s info; PKT_public_key *pk = xcalloc (1, sizeof *pk); @@ -609,9 +610,9 @@ current_card_status (estream_t fp, char *serialno, size_t serialnobuflen) /* If the fingerprint is all 0xff, the key has no asssociated OpenPGP certificate. */ if ( thefpr && !fpr_is_ff (thefpr) - && !get_pubkey_byfprint (pk, &keyblock, thefpr, 20)) + && !get_pubkey_byfprint (ctrl, pk, &keyblock, thefpr, 20)) { - print_pubkey_info (fp, pk); + print_pubkey_info (ctrl, fp, pk); if (keyblock) print_card_key_info (fp, keyblock); } @@ -629,7 +630,7 @@ current_card_status (estream_t fp, char *serialno, size_t serialnobuflen) Print all available information for current card when SERIALNO is NULL. Or print llfor all cards when SERIALNO is "all". */ void -card_status (estream_t fp, const char *serialno) +card_status (ctrl_t ctrl, estream_t fp, const char *serialno) { int err; strlist_t card_list, sl; @@ -638,7 +639,7 @@ card_status (estream_t fp, const char *serialno) if (serialno == NULL) { - current_card_status (fp, NULL, 0); + current_card_status (ctrl, fp, NULL, 0); return; } @@ -673,7 +674,7 @@ card_status (estream_t fp, const char *serialno) continue; } - current_card_status (fp, NULL, 0); + current_card_status (ctrl, fp, NULL, 0); xfree (serialno1); if (!all_cards) @@ -1510,7 +1511,7 @@ generate_card_keys (ctrl_t ctrl) /* This function is used by the key edit menu to generate an arbitrary subkey. */ gpg_error_t -card_generate_subkey (KBNODE pub_keyblock) +card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock) { gpg_error_t err; struct agent_card_info_s info; @@ -1581,7 +1582,7 @@ card_generate_subkey (KBNODE pub_keyblock) the serialnumber and thus it won't harm. */ } - err = generate_card_subkeypair (pub_keyblock, keyno, info.serialno); + err = generate_card_subkeypair (ctrl, pub_keyblock, keyno, info.serialno); leave: agent_release_card_info (&info); @@ -1987,12 +1988,14 @@ card_edit (ctrl_t ctrl, strlist_t commands) { if (opt.with_colons) { - current_card_status (es_stdout, serialnobuf, DIM (serialnobuf)); + current_card_status (ctrl, es_stdout, + serialnobuf, DIM (serialnobuf)); fflush (stdout); } else { - current_card_status (NULL, serialnobuf, DIM (serialnobuf)); + current_card_status (ctrl, NULL, + serialnobuf, DIM (serialnobuf)); tty_printf("\n"); } redisplay = 0; diff --git a/g10/delkey.c b/g10/delkey.c index 547b40dd2..bf8c4e93b 100644 --- a/g10/delkey.c +++ b/g10/delkey.c @@ -47,7 +47,8 @@ * key can't be deleted for that reason. */ static gpg_error_t -do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) +do_delete_key (ctrl_t ctrl, const char *username, int secret, int force, + int *r_sec_avail) { gpg_error_t err; kbnode_t keyblock = NULL; @@ -137,9 +138,9 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) else { if (secret) - print_seckey_info (pk); + print_seckey_info (ctrl, pk); else - print_pubkey_info (NULL, pk ); + print_pubkey_info (ctrl, NULL, pk ); tty_printf( "\n" ); yes = cpr_get_answer_is_yes @@ -180,7 +181,8 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key)) continue; /* No secret key for that public (sub)key. */ - prompt = gpg_format_keydesc (node->pkt->pkt.public_key, + prompt = gpg_format_keydesc (ctrl, + node->pkt->pkt.public_key, FORMAT_KEYDESC_DELKEY, 1); err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip); /* NB: We require --yes to advise the agent not to @@ -232,7 +234,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) revalidation_mark(). This makes sense - only deleting keys that have ownertrust set should trigger this. */ - if (!secret && pk && clear_ownertrusts (pk)) + if (!secret && pk && clear_ownertrusts (ctrl, pk)) { if (opt.verbose) log_info (_("ownertrust information cleared\n")); @@ -249,7 +251,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) * Delete a public or secret key from a keyring. */ gpg_error_t -delete_keys (strlist_t names, int secret, int allow_both) +delete_keys (ctrl_t ctrl, strlist_t names, int secret, int allow_both) { gpg_error_t err; int avail; @@ -260,14 +262,14 @@ delete_keys (strlist_t names, int secret, int allow_both) for ( ;names ; names=names->next ) { - err = do_delete_key (names->d, secret, force, &avail); + err = do_delete_key (ctrl, names->d, secret, force, &avail); if (err && avail) { if (allow_both) { - err = do_delete_key (names->d, 1, 0, &avail); + err = do_delete_key (ctrl, names->d, 1, 0, &avail); if (!err) - err = do_delete_key (names->d, 0, 0, &avail); + err = do_delete_key (ctrl, names->d, 0, 0, &avail); } else { diff --git a/g10/encrypt.c b/g10/encrypt.c index a79a47011..57ac8ad66 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -41,7 +41,8 @@ static int encrypt_simple( const char *filename, int mode, int use_seskey ); -static int write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, iobuf_t out ); +static int write_pubkey_enc_from_list (ctrl_t ctrl, + PK_LIST pk_list, DEK *dek, iobuf_t out); /**************** * Encrypt FILENAME with only the symmetric cipher. Take input from @@ -634,7 +635,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, if (DBG_CRYPTO) log_printhex ("DEK is: ", cfx.dek->key, cfx.dek->keylen ); - rc = write_pubkey_enc_from_list (pk_list, cfx.dek, out); + rc = write_pubkey_enc_from_list (ctrl, pk_list, cfx.dek, out); if (rc) goto leave; @@ -828,7 +829,8 @@ encrypt_filter (void *opaque, int control, if (DBG_CRYPTO) log_printhex ("DEK is: ", efx->cfx.dek->key, efx->cfx.dek->keylen); - rc = write_pubkey_enc_from_list (efx->pk_list, efx->cfx.dek, a); + rc = write_pubkey_enc_from_list (efx->ctrl, + efx->pk_list, efx->cfx.dek, a); if (rc) return rc; @@ -864,7 +866,8 @@ encrypt_filter (void *opaque, int control, * Write a pubkey-enc packet for the public key PK to OUT. */ int -write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out) +write_pubkey_enc (ctrl_t ctrl, + PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out) { PACKET pkt; PKT_pubkey_enc *enc; @@ -899,7 +902,7 @@ write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out) { if ( opt.verbose ) { - char *ustr = get_user_id_string_native (enc->keyid); + char *ustr = get_user_id_string_native (ctrl, enc->keyid); log_info (_("%s/%s encrypted for: \"%s\"\n"), openpgp_pk_algo_name (enc->pubkey_algo), openpgp_cipher_algo_name (dek->algo), @@ -924,7 +927,7 @@ write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out) * Write pubkey-enc packets from the list of PKs to OUT. */ static int -write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out) +write_pubkey_enc_from_list (ctrl_t ctrl, PK_LIST pk_list, DEK *dek, iobuf_t out) { if (opt.throw_keyids && (PGP6 || PGP7 || PGP8)) { @@ -937,7 +940,7 @@ write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out) { PKT_public_key *pk = pk_list->pk; int throw_keyid = (opt.throw_keyids || (pk_list->flags&1)); - int rc = write_pubkey_enc (pk, throw_keyid, dek, out); + int rc = write_pubkey_enc (ctrl, pk, throw_keyid, dek, out); if (rc) return rc; } diff --git a/g10/export.c b/g10/export.c index e2adcc4ab..8dafab26e 100644 --- a/g10/export.c +++ b/g10/export.c @@ -1188,7 +1188,7 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd, if (opt.verbose) log_info ("key %s: asking agent for the secret parts\n", hexgrip); - prompt = gpg_format_keydesc (pk, FORMAT_KEYDESC_EXPORT,1); + prompt = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_EXPORT,1); err = agent_export_key (ctrl, hexgrip, prompt, !cleartext, cache_nonce_addr, &wrappedkey, &wrappedkeylen); xfree (prompt); @@ -1336,15 +1336,19 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor, * KEYBLOCK must not have any blocks marked as deleted. */ static void -apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector) +apply_keep_uid_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector) { kbnode_t node; + struct impex_filter_parm_s parm; + + parm.ctrl = ctrl; for (node = keyblock->next; node; node = node->next ) { if (node->pkt->pkttype == PKT_USER_ID) { - if (!recsel_select (selector, impex_filter_getval, node)) + parm.node = node; + if (!recsel_select (selector, impex_filter_getval, &parm)) { /* log_debug ("keep-uid: deleting '%s'\n", */ /* node->pkt->pkt.user_id->name); */ @@ -1372,16 +1376,21 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector) * KEYBLOCK must not have any blocks marked as deleted. */ static void -apply_drop_subkey_filter (kbnode_t keyblock, recsel_expr_t selector) +apply_drop_subkey_filter (ctrl_t ctrl, kbnode_t keyblock, + recsel_expr_t selector) { kbnode_t node; + struct impex_filter_parm_s parm; + + parm.ctrl = ctrl; for (node = keyblock->next; node; node = node->next ) { if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY || node->pkt->pkttype == PKT_SECRET_SUBKEY) { - if (recsel_select (selector, impex_filter_getval, node)) + parm.node = node; + if (recsel_select (selector, impex_filter_getval, &parm)) { /*log_debug ("drop-subkey: deleting a key\n");*/ /* The subkey packet and all following packets up to the @@ -1990,19 +1999,20 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, * UID sigs (0x10, 0x11, 0x12, and 0x13). A designated * revocation is never stripped, even with export-minimal set. */ if ((options & EXPORT_CLEAN)) - clean_key (keyblock, opt.verbose, (options&EXPORT_MINIMAL), NULL, NULL); + clean_key (ctrl, keyblock, opt.verbose, + (options&EXPORT_MINIMAL), NULL, NULL); if (export_keep_uid) { commit_kbnode (&keyblock); - apply_keep_uid_filter (keyblock, export_keep_uid); + apply_keep_uid_filter (ctrl, keyblock, export_keep_uid); commit_kbnode (&keyblock); } if (export_drop_subkey) { commit_kbnode (&keyblock); - apply_drop_subkey_filter (keyblock, export_drop_subkey); + apply_drop_subkey_filter (ctrl, keyblock, export_drop_subkey); commit_kbnode (&keyblock); } @@ -2139,7 +2149,7 @@ export_ssh_key (ctrl_t ctrl, const char *userid) 1 /* No AKL lookup. */); if (!err) { - err = getkey_next (getkeyctx, NULL, NULL); + err = getkey_next (ctrl, getkeyctx, NULL, NULL); if (!err) err = gpg_error (GPG_ERR_AMBIGUOUS_NAME); else if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY) diff --git a/g10/getkey.c b/g10/getkey.c index 9c9d8b238..f29c15009 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -139,10 +139,9 @@ typedef struct user_id_db static user_id_db_t user_id_db; static int uid_cache_entries; /* Number of entries in uid cache. */ -static void merge_selfsigs (kbnode_t keyblock); -static int lookup (getkey_ctx_t ctx, - kbnode_t *ret_keyblock, kbnode_t *ret_found_key, - int want_secret); +static void merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock); +static int lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret, + kbnode_t *ret_keyblock, kbnode_t *ret_found_key); static kbnode_t finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, unsigned int *r_flags); @@ -532,7 +531,7 @@ get_pubkeys (ctrl_t ctrl, err = get_pubkey_byname (ctrl, &ctx, pk, search_terms, &kb, NULL, include_unusable, 1); else - err = getkey_next (ctx, pk, &kb); + err = getkey_next (ctrl, ctx, pk, &kb); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) /* No more results. */ @@ -697,7 +696,7 @@ pk_from_block (PKT_public_key *pk, kbnode_t keyblock, kbnode_t found_key) * has definitely been merged into the public key using * merge_selfsigs. */ int -get_pubkey (PKT_public_key * pk, u32 * keyid) +get_pubkey (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid) { int internal = 0; int rc = 0; @@ -748,7 +747,7 @@ get_pubkey (PKT_public_key * pk, u32 * keyid) ctx.items[0].u.kid[0] = keyid[0]; ctx.items[0].u.kid[1] = keyid[1]; ctx.req_usage = pk->req_usage; - rc = lookup (&ctx, &kb, &found_key, 0); + rc = lookup (ctrl, &ctx, 0, &kb, &found_key); if (!rc) { pk_from_block (pk, kb, found_key); @@ -852,7 +851,7 @@ get_pubkey_fast (PKT_public_key * pk, u32 * keyid) * The self-signed data has already been merged into the public key * using merge_selfsigs. */ kbnode_t -get_pubkeyblock (u32 * keyid) +get_pubkeyblock (ctrl_t ctrl, u32 * keyid) { struct getkey_ctx_s ctx; int rc = 0; @@ -868,7 +867,7 @@ get_pubkeyblock (u32 * keyid) ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID; ctx.items[0].u.kid[0] = keyid[0]; ctx.items[0].u.kid[1] = keyid[1]; - rc = lookup (&ctx, &keyblock, NULL, 0); + rc = lookup (ctrl, &ctx, 0, &keyblock, NULL); getkey_end (&ctx); return rc ? NULL : keyblock; @@ -893,7 +892,7 @@ get_pubkeyblock (u32 * keyid) * The self-signed data has already been merged into the public key * using merge_selfsigs. */ gpg_error_t -get_seckey (PKT_public_key *pk, u32 *keyid) +get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid) { gpg_error_t err; struct getkey_ctx_s ctx; @@ -911,7 +910,7 @@ get_seckey (PKT_public_key *pk, u32 *keyid) ctx.items[0].u.kid[0] = keyid[0]; ctx.items[0].u.kid[1] = keyid[1]; ctx.req_usage = pk->req_usage; - err = lookup (&ctx, &keyblock, &found_key, 1); + err = lookup (ctrl, &ctx, 1, &keyblock, &found_key); if (!err) { pk_from_block (pk, keyblock, found_key); @@ -933,15 +932,14 @@ get_seckey (PKT_public_key *pk, u32 *keyid) /* Skip unusable keys. A key is unusable if it is revoked, expired or disabled or if the selected user id is revoked or expired. */ static int -skip_unusable (void *dummy, u32 * keyid, int uid_no) +skip_unusable (void *opaque, u32 * keyid, int uid_no) { + ctrl_t ctrl = opaque; int unusable = 0; KBNODE keyblock; PKT_public_key *pk; - (void) dummy; - - keyblock = get_pubkeyblock (keyid); + keyblock = get_pubkeyblock (ctrl, keyid); if (!keyblock) { log_error ("error checking usability status of %s\n", keystr (keyid)); @@ -1034,7 +1032,7 @@ leave: returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY (if want_secret is set) is returned if the key is not found. */ static int -key_byname (GETKEY_CTX *retctx, strlist_t namelist, +key_byname (ctrl_t ctrl, GETKEY_CTX *retctx, strlist_t namelist, PKT_public_key *pk, int want_secret, int include_unusable, KBNODE * ret_kb, KEYDB_HANDLE * ret_kdbhd) @@ -1063,7 +1061,10 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist, ctx->nitems = 1; ctx->items[0].mode = KEYDB_SEARCH_MODE_FIRST; if (!include_unusable) - ctx->items[0].skipfnc = skip_unusable; + { + ctx->items[0].skipfnc = skip_unusable; + ctx->items[0].skipfncvalue = ctrl; + } } else { @@ -1096,7 +1097,10 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist, && ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR16 && ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR20 && ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR) - ctx->items[n].skipfnc = skip_unusable; + { + ctx->items[n].skipfnc = skip_unusable; + ctx->items[n].skipfncvalue = ctrl; + } } } @@ -1117,7 +1121,7 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist, ctx->req_usage = pk->req_usage; } - rc = lookup (ctx, ret_kb, &found_key, want_secret); + rc = lookup (ctrl, ctx, want_secret, ret_kb, &found_key); if (!rc && pk) { pk_from_block (pk, *ret_kb, found_key); @@ -1273,7 +1277,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, * only try the local keyring). In this case, lookup NAME in * the local keyring. */ add_to_strlist (&namelist, name); - rc = key_byname (retctx, namelist, pk, 0, + rc = key_byname (ctrl, retctx, namelist, pk, 0, include_unusable, ret_keyblock, ret_kdbhd); } @@ -1310,7 +1314,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, *retctx = NULL; } add_to_strlist (&namelist, name); - rc = key_byname (anylocalfirst ? retctx : NULL, + rc = key_byname (ctrl, anylocalfirst ? retctx : NULL, namelist, pk, 0, include_unusable, ret_keyblock, ret_kdbhd); break; @@ -1427,7 +1431,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, getkey_end (*retctx); *retctx = NULL; } - rc = key_byname (anylocalfirst ? retctx : NULL, + rc = key_byname (ctrl, anylocalfirst ? retctx : NULL, namelist, pk, 0, include_unusable, ret_keyblock, ret_kdbhd); } @@ -1596,7 +1600,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk, struct pubkey_cmp_cookie new; kbnode_t new_keyblock; - while (getkey_next (ctx, &new.key, &new_keyblock) == 0) + while (getkey_next (ctrl, ctx, &new.key, &new_keyblock) == 0) { int diff = pubkey_cmp (ctrl, name, &best, &new, new_keyblock); release_kbnode (new_keyblock); @@ -1656,7 +1660,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk, { release_kbnode (*ret_keyblock); *ret_keyblock = NULL; - rc = getkey_next (ctx, NULL, ret_keyblock); + rc = getkey_next (ctrl, ctx, NULL, ret_keyblock); } } } @@ -1718,7 +1722,7 @@ get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname) { /* Warning: node flag bits 0 and 1 should be preserved by * merge_selfsigs. FIXME: Check whether this still holds. */ - merge_selfsigs (keyblock); + merge_selfsigs (ctrl, keyblock); found_key = finish_lookup (keyblock, pk->req_usage, 0, &infoflags); print_status_key_considered (keyblock, infoflags); if (found_key) @@ -1761,7 +1765,7 @@ get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname) * be done by creating a userID conforming to the unified fingerprint * style. */ int -get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock, +get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, const byte * fprint, size_t fprint_len) { int rc; @@ -1786,7 +1790,7 @@ get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock, ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16 : KEYDB_SEARCH_MODE_FPR20; memcpy (ctx.items[0].u.fpr, fprint, fprint_len); - rc = lookup (&ctx, &kb, &found_key, 0); + rc = lookup (ctrl, &ctx, 0, &kb, &found_key); if (!rc && pk) pk_from_block (pk, kb, found_key); if (!rc && r_keyblock) @@ -1911,7 +1915,7 @@ parse_def_secret_key (ctrl_t ctrl) continue; } - merge_selfsigs (kb); + merge_selfsigs (ctrl, kb); err = gpg_error (GPG_ERR_NO_SECKEY); node = kb; @@ -2024,7 +2028,7 @@ get_seckey_default (ctrl_t ctrl, PKT_public_key *pk) else include_unusable = 0; - err = key_byname (NULL, namelist, pk, 1, include_unusable, NULL, NULL); + err = key_byname (ctrl, NULL, namelist, pk, 1, include_unusable, NULL, NULL); free_strlist (namelist); @@ -2069,10 +2073,10 @@ get_seckey_default (ctrl_t ctrl, PKT_public_key *pk) * returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY * (if want_secret is set) is returned if the key is not found. */ gpg_error_t -getkey_bynames (getkey_ctx_t *retctx, PKT_public_key *pk, +getkey_bynames (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk, strlist_t names, int want_secret, kbnode_t *ret_keyblock) { - return key_byname (retctx, names, pk, want_secret, 1, + return key_byname (ctrl, retctx, names, pk, want_secret, 1, ret_keyblock, NULL); } @@ -2136,7 +2140,7 @@ getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk, else with_unusable = 0; - err = key_byname (retctx, namelist, pk, want_secret, with_unusable, + err = key_byname (ctrl, retctx, namelist, pk, want_secret, with_unusable, ret_keyblock, NULL); /* FIXME: Check that we really return GPG_ERR_NO_SECKEY if @@ -2165,7 +2169,8 @@ getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk, * The self-signed data has already been merged into the public key * using merge_selfsigs. */ gpg_error_t -getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock) +getkey_next (ctrl_t ctrl, getkey_ctx_t ctx, + PKT_public_key *pk, kbnode_t *ret_keyblock) { int rc; /* Fixme: Make sure this is proper gpg_error */ KBNODE keyblock = NULL; @@ -2183,7 +2188,8 @@ getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock) if (pk && ret_keyblock == NULL) ret_keyblock = &keyblock; - rc = lookup (ctx, ret_keyblock, pk ? &found_key : NULL, ctx->want_secret); + rc = lookup (ctrl, ctx, ctx->want_secret, + ret_keyblock, pk ? &found_key : NULL); if (!rc && pk) { log_assert (found_key); @@ -2255,12 +2261,12 @@ setup_main_keyids (kbnode_t keyblock) * useful, however, if you change the keyblock, e.g., by adding or * removing a self-signed data packet. */ void -merge_keys_and_selfsig (KBNODE keyblock) +merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock) { if (!keyblock) ; else if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY) - merge_selfsigs (keyblock); + merge_selfsigs (ctrl, keyblock); else log_debug ("FIXME: merging secret key blocks is not anymore available\n"); } @@ -2481,7 +2487,7 @@ sig_to_revoke_info (PKT_signature * sig, struct revoke_info *rinfo) field is set to 1 and the other user id's is_primary are set to 0. */ static void -merge_selfsigs_main (KBNODE keyblock, int *r_revoked, +merge_selfsigs_main (ctrl_t ctrl, kbnode_t keyblock, int *r_revoked, struct revoke_info *rinfo) { PKT_public_key *pk = NULL; @@ -2564,7 +2570,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked, if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1]) /* Self sig. */ { - if (check_key_signature (keyblock, k, NULL)) + if (check_key_signature (ctrl, keyblock, k, NULL)) ; /* Signature did not verify. */ else if (IS_KEY_REV (sig)) { @@ -2689,7 +2695,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked, if (IS_KEY_REV (sig) && (sig->keyid[0] != kid[0] || sig->keyid[1] != kid[1])) { - int rc = check_revocation_keys (pk, sig); + int rc = check_revocation_keys (ctrl, pk, sig); if (rc == 0) { *r_revoked = 2; @@ -2746,7 +2752,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked, PKT_signature *sig = k->pkt->pkt.signature; if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1]) { - if (check_key_signature (keyblock, k, NULL)) + if (check_key_signature (ctrl, keyblock, k, NULL)) ; /* signature did not verify */ else if ((IS_UID_SIG (sig) || IS_UID_REV (sig)) && sig->timestamp >= sigdate) @@ -2812,9 +2818,10 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked, revoked the user should also remove the ultimate trust flag. */ if (get_pubkey_fast (ultimate_pk, sig->keyid) == 0 - && check_key_signature2 (keyblock, k, ultimate_pk, + && check_key_signature2 (ctrl, + keyblock, k, ultimate_pk, NULL, NULL, NULL, NULL) == 0 - && get_ownertrust (ultimate_pk) == TRUST_ULTIMATE) + && get_ownertrust (ctrl, ultimate_pk) == TRUST_ULTIMATE) { free_public_key (ultimate_pk); pk->flags.valid = 1; @@ -3050,7 +3057,7 @@ buf_to_sig (const byte * buf, size_t len) flags.chosen_selfsig */ static void -merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode) +merge_selfsigs_subkey (ctrl_t ctrl, kbnode_t keyblock, kbnode_t subnode) { PKT_public_key *mainpk = NULL, *subpk = NULL; PKT_signature *sig; @@ -3089,7 +3096,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode) sig = k->pkt->pkt.signature; if (sig->keyid[0] == mainkid[0] && sig->keyid[1] == mainkid[1]) { - if (check_key_signature (keyblock, k, NULL)) + if (check_key_signature (ctrl, keyblock, k, NULL)) ; /* Signature did not verify. */ else if (IS_SUBKEY_REV (sig)) { @@ -3241,7 +3248,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode) See documentation for merge_selfsigs_main, merge_selfsigs_subkey and fixup_uidnode for exactly which fields are updated. */ static void -merge_selfsigs (KBNODE keyblock) +merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock) { KBNODE k; int revoked; @@ -3264,14 +3271,14 @@ merge_selfsigs (KBNODE keyblock) BUG (); } - merge_selfsigs_main (keyblock, &revoked, &rinfo); + merge_selfsigs_main (ctrl, keyblock, &revoked, &rinfo); /* Now merge in the data from each of the subkeys. */ for (k = keyblock; k; k = k->next) { if (k->pkt->pkttype == PKT_PUBLIC_SUBKEY) { - merge_selfsigs_subkey (keyblock, k); + merge_selfsigs_subkey (ctrl, keyblock, k); } } @@ -3670,8 +3677,8 @@ print_status_key_considered (kbnode_t keyblock, unsigned int flags) *RET_KEYBLOCK is deallocated. Therefore, if RET_FOUND_KEY is not NULL, then RET_KEYBLOCK must not be NULL. */ static int -lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key, - int want_secret) +lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret, + kbnode_t *ret_keyblock, kbnode_t *ret_found_key) { int rc; int no_suitable_key = 0; @@ -3708,7 +3715,7 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key, /* Warning: node flag bits 0 and 1 should be preserved by * merge_selfsigs. */ - merge_selfsigs (keyblock); + merge_selfsigs (ctrl, keyblock); found_key = finish_lookup (keyblock, ctx->req_usage, ctx->exact, &infoflags); print_status_key_considered (keyblock, infoflags); @@ -3868,7 +3875,8 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) break; case 3: /* Init search context to enum all secret keys. */ - err = getkey_bynames (&c->ctx, NULL, NULL, 1, &keyblock); + err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1, + &keyblock); if (err) { release_kbnode (keyblock); @@ -3882,7 +3890,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) case 4: /* Get next item from the context. */ if (c->ctx) { - err = getkey_next (c->ctx, NULL, &keyblock); + err = getkey_next (ctrl, c->ctx, NULL, &keyblock); if (err) { release_kbnode (keyblock); @@ -3946,7 +3954,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) /* Return a string with a printable representation of the user_id. * this string must be freed by xfree. */ static char * -get_user_id_string (u32 * keyid, int mode, size_t *r_len) +get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len) { user_id_db_t r; keyid_list_t a; @@ -3990,7 +3998,7 @@ get_user_id_string (u32 * keyid, int mode, size_t *r_len) } } } - while (++pass < 2 && !get_pubkey (NULL, keyid)); + while (++pass < 2 && !get_pubkey (ctrl, NULL, keyid)); if (mode == 2) p = xstrdup (user_id_not_found_utf8 ()); @@ -4006,9 +4014,9 @@ get_user_id_string (u32 * keyid, int mode, size_t *r_len) char * -get_user_id_string_native (u32 * keyid) +get_user_id_string_native (ctrl_t ctrl, u32 * keyid) { - char *p = get_user_id_string (keyid, 0, NULL); + char *p = get_user_id_string (ctrl, keyid, 0, NULL); char *p2 = utf8_to_native (p, strlen (p), 0); xfree (p); return p2; @@ -4016,26 +4024,26 @@ get_user_id_string_native (u32 * keyid) char * -get_long_user_id_string (u32 * keyid) +get_long_user_id_string (ctrl_t ctrl, u32 * keyid) { - return get_user_id_string (keyid, 1, NULL); + return get_user_id_string (ctrl, keyid, 1, NULL); } /* Please try to use get_user_byfpr instead of this one. */ char * -get_user_id (u32 * keyid, size_t * rn) +get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn) { - return get_user_id_string (keyid, 2, rn); + return get_user_id_string (ctrl, keyid, 2, rn); } /* Please try to use get_user_id_byfpr_native instead of this one. */ char * -get_user_id_native (u32 * keyid) +get_user_id_native (ctrl_t ctrl, u32 *keyid) { size_t rn; - char *p = get_user_id (keyid, &rn); + char *p = get_user_id (ctrl, keyid, &rn); char *p2 = utf8_to_native (p, rn, 0); xfree (p); return p2; @@ -4048,7 +4056,7 @@ get_user_id_native (u32 * keyid) terminated. To determine the length of the string, you must use *RN. */ char * -get_user_id_byfpr (const byte *fpr, size_t *rn) +get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn) { user_id_db_t r; char *p; @@ -4076,7 +4084,7 @@ get_user_id_byfpr (const byte *fpr, size_t *rn) } } while (++pass < 2 - && !get_pubkey_byfprint (NULL, NULL, fpr, MAX_FINGERPRINT_LEN)); + && !get_pubkey_byfprint (ctrl, NULL, NULL, fpr, MAX_FINGERPRINT_LEN)); p = xstrdup (user_id_not_found_utf8 ()); *rn = strlen (p); return p; @@ -4086,10 +4094,10 @@ get_user_id_byfpr (const byte *fpr, size_t *rn) encoding. The returned string needs to be freed. Unlike get_user_id_byfpr, the returned string is NUL terminated. */ char * -get_user_id_byfpr_native (const byte *fpr) +get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr) { size_t rn; - char *p = get_user_id_byfpr (fpr, &rn); + char *p = get_user_id_byfpr (ctrl, fpr, &rn); char *p2 = utf8_to_native (p, rn, 0); xfree (p); return p2; diff --git a/g10/gpg.c b/g10/gpg.c index 507422c73..28e0a9c64 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -4292,7 +4292,8 @@ main (int argc, char **argv) proper order :) */ for( ; argc; argc-- ) add_to_strlist2( &sl, argv[argc-1], utf8_strings ); - delete_keys(sl,cmd==aDeleteSecretKeys,cmd==aDeleteSecretAndPublicKeys); + delete_keys (ctrl, sl, + cmd==aDeleteSecretKeys, cmd==aDeleteSecretAndPublicKeys); free_strlist(sl); break; @@ -4591,7 +4592,7 @@ main (int argc, char **argv) if( argc != 1 ) wrong_args("--generate-revocation user-id"); username = make_username(*argv); - gen_revoke( username ); + gen_revoke (ctrl, username ); xfree( username ); break; @@ -4738,10 +4739,10 @@ main (int argc, char **argv) #ifndef NO_TRUST_MODELS case aListTrustDB: if( !argc ) - list_trustdb (es_stdout, NULL); + list_trustdb (ctrl, es_stdout, NULL); else { for( ; argc; argc--, argv++ ) - list_trustdb (es_stdout, *argv ); + list_trustdb (ctrl, es_stdout, *argv ); } break; @@ -4773,28 +4774,28 @@ main (int argc, char **argv) case aExportOwnerTrust: if( argc ) wrong_args("--export-ownertrust"); - export_ownertrust(); + export_ownertrust (ctrl); break; case aImportOwnerTrust: if( argc > 1 ) wrong_args("--import-ownertrust [file]"); - import_ownertrust( argc? *argv:NULL ); + import_ownertrust (ctrl, argc? *argv:NULL ); break; #endif /*!NO_TRUST_MODELS*/ case aRebuildKeydbCaches: if (argc) wrong_args ("--rebuild-keydb-caches"); - keydb_rebuild_caches (1); + keydb_rebuild_caches (ctrl, 1); break; #ifdef ENABLE_CARD_SUPPORT case aCardStatus: if (argc == 0) - card_status (es_stdout, NULL); + card_status (ctrl, es_stdout, NULL); else if (argc == 1) - card_status (es_stdout, *argv); + card_status (ctrl, es_stdout, *argv); else wrong_args ("--card-status [serialno]"); break; @@ -4906,7 +4907,7 @@ main (int argc, char **argv) g10_exit (1); } - merge_keys_and_selfsig (kb); + merge_keys_and_selfsig (ctrl, kb); if (tofu_set_policy (ctrl, kb, policy)) g10_exit (1); diff --git a/g10/gpgcompose.c b/g10/gpgcompose.c index fafbfd274..d5855029d 100644 --- a/g10/gpgcompose.c +++ b/g10/gpgcompose.c @@ -42,6 +42,11 @@ struct filter struct filter *next; }; + +/* Hack to ass CTRL to some functions. */ +static ctrl_t global_ctrl; + + static struct filter *filters; static void @@ -1609,7 +1614,7 @@ mksubpkt_callback (PKT_signature *sig, void *cookie) if (err) { u32 keyid[2]; - keyid_from_fingerprint (revkey->fpr, 20, keyid); + keyid_from_fingerprint (global_ctrl, revkey->fpr, 20, keyid); log_fatal ("adding revocation key %s: %s\n", keystr (keyid), gpg_strerror (err)); } @@ -1793,7 +1798,8 @@ signature (const char *option, int argc, char *argv[], void *cookie) /* Changing the issuer's key id is fragile. Check to make sure make_keysig_packet didn't recompute the keyid. */ keyid_copy (keyid, si.issuer_pk->keyid); - err = make_keysig_packet (&sig, si.pk, si.uid, si.sk, si.issuer_pk, + err = make_keysig_packet (global_ctrl, + &sig, si.pk, si.uid, si.sk, si.issuer_pk, si.class, si.digest_algo, si.timestamp, si.expiration, mksubpkt_callback, &si, NULL); @@ -2446,7 +2452,7 @@ pk_esk (const char *option, int argc, char *argv[], void *cookie) make_session_key (&session_key); } - err = write_pubkey_enc (&pk, pi.throw_keyid, &session_key, out); + err = write_pubkey_enc (global_ctrl, &pk, pi.throw_keyid, &session_key, out); if (err) log_fatal ("%s: writing pk_esk packet for %s: %s\n", option, pi.keyid, gpg_strerror (err)); @@ -2967,7 +2973,7 @@ main (int argc, char *argv[]) /* Allow notations in the IETF space, for instance. */ opt.expert = 1; - ctrl = xcalloc (1, sizeof *ctrl); + global_ctrl = ctrl = xcalloc (1, sizeof *ctrl); keydb_add_resource ("pubring" EXTSEP_S GPGEXT_GPG, KEYDB_RESOURCE_FLAG_DEFAULT); @@ -3035,7 +3041,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, } void -show_basic_key_info (KBNODE keyblock) +show_basic_key_info (ctrl_t ctrl, KBNODE keyblock) { + (void)ctrl; (void) keyblock; } diff --git a/g10/gpgv.c b/g10/gpgv.c index 5ee26b46c..ddbcd7da8 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -299,10 +299,12 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) } void -read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck, - byte *marginals, byte *completes, byte *cert_depth, - byte *min_cert_level) +read_trust_options (ctrl_t ctrl, + byte *trust_model, ulong *created, ulong *nextcheck, + byte *marginals, byte *completes, byte *cert_depth, + byte *min_cert_level) { + (void)ctrl; (void)trust_model; (void)created; (void)nextcheck; @@ -318,8 +320,9 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck, */ int -cache_disabled_value(PKT_public_key *pk) +cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk) { + (void)ctrl; (void)pk; return 0; } @@ -371,16 +374,18 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid) } int -get_ownertrust_info (PKT_public_key *pk, int no_create) +get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create) { + (void)ctrl; (void)pk; (void)no_create; return '?'; } unsigned int -get_ownertrust (PKT_public_key *pk) +get_ownertrust (ctrl_t ctrl, PKT_public_key *pk) { + (void)ctrl; (void)pk; return TRUST_UNKNOWN; } diff --git a/g10/import.c b/g10/import.c index d43b2a8e3..abc811d63 100644 --- a/g10/import.c +++ b/g10/import.c @@ -112,11 +112,12 @@ static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock, import_screener_t screener, void *screener_arg); static int import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats); -static int chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self); -static int delete_inv_parts (kbnode_t keyblock, +static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, + int *non_self); +static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, unsigned int options); static int any_uid_left (kbnode_t keyblock); -static int merge_blocks (kbnode_t keyblock_orig, +static int merge_blocks (ctrl_t ctrl, kbnode_t keyblock_orig, kbnode_t keyblock, u32 *keyid, int *n_uids, int *n_sigs, int *n_subk ); static int append_uid (kbnode_t keyblock, kbnode_t node, int *n_sigs); @@ -361,13 +362,13 @@ read_key_from_file (ctrl_t ctrl, const char *fname, kbnode_t *r_keyblock) collapse_uids (&keyblock); clear_kbnode_flags (keyblock); - if (chk_self_sigs (keyblock, keyid, &non_self)) + if (chk_self_sigs (ctrl, keyblock, keyid, &non_self)) { err = gpg_error (GPG_ERR_INV_KEYRING); goto leave; } - if (!delete_inv_parts (keyblock, keyid, 0) ) + if (!delete_inv_parts (ctrl, keyblock, keyid, 0) ) { err = gpg_error (GPG_ERR_NO_USER_ID); goto leave; @@ -907,7 +908,7 @@ read_block( IOBUF a, int with_meta, by reordering the keyblock so that it reads "pk uid sig sub1 bind1 sub2 sub3". Returns TRUE if the keyblock was modified. */ static int -fix_pks_corruption (kbnode_t keyblock) +fix_pks_corruption (ctrl_t ctrl, kbnode_t keyblock) { int changed = 0; int keycount = 0; @@ -946,7 +947,7 @@ fix_pks_corruption (kbnode_t keyblock) selfsig. This is not necessary here as the subkey and binding sig will be rejected later if that is the case. */ - if (check_key_signature (keyblock,node,NULL)) + if (check_key_signature (ctrl, keyblock,node,NULL)) { /* Not a match, so undo the changes. */ sknode->next = node->next; @@ -979,7 +980,7 @@ fix_pks_corruption (kbnode_t keyblock) We need to detect and delete them before doing a merge. This function returns the number of removed sigs. */ static int -fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid) +fix_bad_direct_key_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid) { gpg_error_t err; kbnode_t node; @@ -992,7 +993,7 @@ fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid) if (node->pkt->pkttype == PKT_SIGNATURE && IS_KEY_SIG (node->pkt->pkt.signature)) { - err = check_key_signature (keyblock, node, NULL); + err = check_key_signature (ctrl, keyblock, node, NULL); if (err && gpg_err_code (err) != GPG_ERR_PUBKEY_ALGO ) { /* If we don't know the error, we can't decide; this is @@ -1067,7 +1068,7 @@ check_prefs (ctrl_t ctrl, kbnode_t keyblock) PKT_public_key *pk; int problem=0; - merge_keys_and_selfsig(keyblock); + merge_keys_and_selfsig (ctrl, keyblock); pk=keyblock->pkt->pkt.public_key; for(node=keyblock;node;node=node->next) @@ -1174,8 +1175,10 @@ check_prefs (ctrl_t ctrl, kbnode_t keyblock) const char * impex_filter_getval (void *cookie, const char *propname) { - /* FIXME: Malloc our static buffers and access them via the cookie. */ - kbnode_t node = cookie; + /* FIXME: Malloc our static buffers and access them via PARM. */ + struct impex_filter_parm_s *parm = cookie; + ctrl_t ctrl = parm->ctrl; + kbnode_t node = parm->node; static char numbuf[20]; const char *result; @@ -1293,15 +1296,19 @@ impex_filter_getval (void *cookie, const char *propname) * KEYBLOCK must not have any blocks marked as deleted. */ static void -apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector) +apply_keep_uid_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector) { kbnode_t node; + struct impex_filter_parm_s parm; + + parm.ctrl = ctrl; for (node = keyblock->next; node; node = node->next ) { if (node->pkt->pkttype == PKT_USER_ID) { - if (!recsel_select (selector, impex_filter_getval, node)) + parm.node = node; + if (!recsel_select (selector, impex_filter_getval, &parm)) { /* log_debug ("keep-uid: deleting '%s'\n", */ @@ -1330,12 +1337,15 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector) * KEYBLOCK must not have any blocks marked as deleted. */ static void -apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector) +apply_drop_sig_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector) { kbnode_t node; int active = 0; u32 main_keyid[2]; PKT_signature *sig; + struct impex_filter_parm_s parm; + + parm.ctrl = ctrl; keyid_from_pk (keyblock->pkt->pkt.public_key, main_keyid); @@ -1360,7 +1370,8 @@ apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector) if (IS_UID_SIG(sig) || IS_UID_REV(sig)) { - if (recsel_select (selector, impex_filter_getval, node)) + parm.node = node; + if (recsel_select (selector, impex_filter_getval, &parm)) delete_kbnode (node); } } @@ -1442,9 +1453,9 @@ import_one (ctrl_t ctrl, { if (is_status_enabled()) print_import_check (pk, uidnode->pkt->pkt.user_id); - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); tty_printf ("\n"); - show_basic_key_info (keyblock); + show_basic_key_info (ctrl, keyblock); tty_printf ("\n"); if (!cpr_get_answer_is_yes ("import.okay", "Do you want to import this key? (y/N) ")) @@ -1458,16 +1469,18 @@ import_one (ctrl_t ctrl, end result, but does result in less logging which might confuse the user. */ if (options&IMPORT_CLEAN) - clean_key (keyblock,opt.verbose,options&IMPORT_MINIMAL,NULL,NULL); + clean_key (ctrl, keyblock, + opt.verbose, (options&IMPORT_MINIMAL), NULL, NULL); clear_kbnode_flags( keyblock ); - if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock) + if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) + && fix_pks_corruption (ctrl, keyblock) && opt.verbose) log_info (_("key %s: PKS subkey corruption repaired\n"), keystr_from_pk(pk)); - if (chk_self_sigs (keyblock, keyid, &non_self)) + if (chk_self_sigs (ctrl, keyblock, keyid, &non_self)) return 0; /* Invalid keyblock - error already printed. */ /* If we allow such a thing, mark unsigned uids as valid */ @@ -1488,7 +1501,7 @@ import_one (ctrl_t ctrl, } } - if (!delete_inv_parts (keyblock, keyid, options ) ) + if (!delete_inv_parts (ctrl, keyblock, keyid, options ) ) { if (!silent) { @@ -1506,13 +1519,13 @@ import_one (ctrl_t ctrl, /* Apply import filter. */ if (import_filter.keep_uid) { - apply_keep_uid_filter (keyblock, import_filter.keep_uid); + apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid); commit_kbnode (&keyblock); any_filter = 1; } if (import_filter.drop_sig) { - apply_drop_sig_filter (keyblock, import_filter.drop_sig); + apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig); commit_kbnode (&keyblock); any_filter = 1; } @@ -1534,7 +1547,7 @@ import_one (ctrl_t ctrl, if ((options & IMPORT_SHOW) && !((options & IMPORT_EXPORT) && !opt.armor && !opt.outfile)) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); merge_keys_done = 1; /* Note that we do not want to show the validity because the key * has not yet imported. */ @@ -1547,7 +1560,7 @@ import_one (ctrl_t ctrl, { if (!merge_keys_done) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); merge_keys_done = 1; } rc = write_keyblock_to_output (keyblock, opt.armor, opt.export_options); @@ -1604,23 +1617,23 @@ import_one (ctrl_t ctrl, be made to happen with the trusted-key command and by importing and locally exported key. */ - clear_ownertrusts (pk); + clear_ownertrusts (ctrl, pk); if (non_self) - revalidation_mark (); + revalidation_mark (ctrl); } keydb_release (hd); /* We are ready. */ if (!opt.quiet && !silent) { - char *p = get_user_id_byfpr_native (fpr2); + char *p = get_user_id_byfpr_native (ctrl, fpr2); log_info (_("key %s: public key \"%s\" imported\n"), keystr(keyid), p); xfree(p); } if (is_status_enabled()) { - char *us = get_long_user_id_string( keyid ); + char *us = get_long_user_id_string (ctrl, keyid); write_status_text( STATUS_IMPORTED, us ); xfree(us); print_import_ok (pk, 1); @@ -1669,7 +1682,7 @@ import_one (ctrl_t ctrl, } /* Make sure the original direct key sigs are all sane. */ - n_sigs_cleaned = fix_bad_direct_key_sigs (keyblock_orig, keyid); + n_sigs_cleaned = fix_bad_direct_key_sigs (ctrl, keyblock_orig, keyid); if (n_sigs_cleaned) commit_kbnode (&keyblock_orig); @@ -1677,7 +1690,7 @@ import_one (ctrl_t ctrl, clear_kbnode_flags( keyblock_orig ); clear_kbnode_flags( keyblock ); n_uids = n_sigs = n_subk = n_uids_cleaned = 0; - rc = merge_blocks (keyblock_orig, keyblock, + rc = merge_blocks (ctrl, keyblock_orig, keyblock, keyid, &n_uids, &n_sigs, &n_subk ); if (rc ) { @@ -1686,7 +1699,7 @@ import_one (ctrl_t ctrl, } if ((options & IMPORT_CLEAN)) - clean_key (keyblock_orig,opt.verbose,options&IMPORT_MINIMAL, + clean_key (ctrl, keyblock_orig, opt.verbose, (options&IMPORT_MINIMAL), &n_uids_cleaned,&n_sigs_cleaned); if (n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned) @@ -1698,12 +1711,12 @@ import_one (ctrl_t ctrl, log_error (_("error writing keyring '%s': %s\n"), keydb_get_resource_name (hd), gpg_strerror (rc) ); else if (non_self) - revalidation_mark (); + revalidation_mark (ctrl); /* We are ready. */ if (!opt.quiet && !silent) { - char *p = get_user_id_byfpr_native (fpr2); + char *p = get_user_id_byfpr_native (ctrl, fpr2); if (n_uids == 1 ) log_info( _("key %s: \"%s\" 1 new user ID\n"), keystr(keyid),p); @@ -1754,7 +1767,7 @@ import_one (ctrl_t ctrl, if (!opt.quiet && !silent) { - char *p = get_user_id_byfpr_native (fpr2); + char *p = get_user_id_byfpr_native (ctrl, fpr2); log_info( _("key %s: \"%s\" not changed\n"),keystr(keyid),p); xfree(p); } @@ -2059,7 +2072,7 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats, /* Send the wrapped key to the agent. */ { - char *desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_IMPORT, 1); + char *desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_IMPORT, 1); err = agent_import_key (ctrl, desc, &cache_nonce, wrappedkey, wrappedkeylen, batch, force); xfree (desc); @@ -2279,7 +2292,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock, /* Fixme: we should do this based on the fingerprint or even better let import_one return the merged keyblock. */ - node = get_pubkeyblock (keyid); + node = get_pubkeyblock (ctrl, keyid); if (!node) log_error ("key %s: failed to re-lookup public key\n", keystr_from_pk (pk)); @@ -2356,7 +2369,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) keyid[1] = node->pkt->pkt.signature->keyid[1]; pk = xmalloc_clear( sizeof *pk ); - rc = get_pubkey( pk, keyid ); + rc = get_pubkey (ctrl, pk, keyid ); if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY ) { log_error(_("key %s: no public key -" @@ -2405,7 +2418,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) /* it is okay, that node is not in keyblock because * check_key_signature works fine for sig_class 0x20 in this * special case. */ - rc = check_key_signature( keyblock, node, NULL); + rc = check_key_signature (ctrl, keyblock, node, NULL); if (rc ) { log_error( _("key %s: invalid revocation certificate" @@ -2440,7 +2453,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) /* we are ready */ if (!opt.quiet ) { - char *p=get_user_id_native (keyid); + char *p=get_user_id_native (ctrl, keyid); log_info( _("key %s: \"%s\" revocation certificate imported\n"), keystr(keyid),p); xfree(p); @@ -2450,10 +2463,10 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) /* If the key we just revoked was ultimately trusted, remove its ultimate trust. This doesn't stop the user from putting the ultimate trust back, but is a reasonable solution for now. */ - if(get_ownertrust(pk)==TRUST_ULTIMATE) - clear_ownertrusts(pk); + if (get_ownertrust (ctrl, pk) == TRUST_ULTIMATE) + clear_ownertrusts (ctrl, pk); - revalidation_mark (); + revalidation_mark (ctrl); leave: keydb_release (hd); @@ -2477,7 +2490,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) * is invalid. */ static int -chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self ) +chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self) { kbnode_t n, knode = NULL; PKT_signature *sig; @@ -2510,7 +2523,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self ) /* This just caches the sigs for later use. That way we import a fully-cached key which speeds things up. */ if (!opt.no_sig_cache) - check_key_signature (keyblock, n, NULL); + check_key_signature (ctrl, keyblock, n, NULL); if ( IS_UID_SIG(sig) || IS_UID_REV(sig) ) { @@ -2525,7 +2538,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self ) /* If it hasn't been marked valid yet, keep trying. */ if (!(unode->flag & NODE_GOOD_SELFSIG)) { - rc = check_key_signature (keyblock, n, NULL); + rc = check_key_signature (ctrl, keyblock, n, NULL); if ( rc ) { if ( opt.verbose ) @@ -2548,7 +2561,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self ) } else if (IS_KEY_SIG (sig)) { - rc = check_key_signature (keyblock, n, NULL); + rc = check_key_signature (ctrl, keyblock, n, NULL); if ( rc ) { if (opt.verbose) @@ -2574,7 +2587,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self ) } else { - rc = check_key_signature (keyblock, n, NULL); + rc = check_key_signature (ctrl, keyblock, n, NULL); if ( rc ) { if (opt.verbose) @@ -2625,7 +2638,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self ) } else { - rc = check_key_signature (keyblock, n, NULL); + rc = check_key_signature (ctrl, keyblock, n, NULL); if ( rc ) { if(opt.verbose) @@ -2672,7 +2685,8 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self ) * Returns: True if at least one valid user-id is left over. */ static int -delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options) +delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, + unsigned int options) { kbnode_t node; int nvalid=0, uid_seen=0, subkey_seen=0; @@ -2767,7 +2781,7 @@ delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options) if(node->pkt->pkt.signature->keyid[0]==keyid[0] && node->pkt->pkt.signature->keyid[1]==keyid[1]) { - int rc = check_key_signature( keyblock, node, NULL); + int rc = check_key_signature (ctrl, keyblock, node, NULL); if (rc ) { if(opt.verbose) @@ -2968,8 +2982,8 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock) { u32 keyid[2]; - keyid_from_fingerprint(sig->revkey[idx].fpr, - MAX_FINGERPRINT_LEN,keyid); + keyid_from_fingerprint (ctrl, sig->revkey[idx].fpr, + MAX_FINGERPRINT_LEN, keyid); for(inode=keyblock->next;inode;inode=inode->next) { @@ -3041,7 +3055,7 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock) * Note: We indicate newly inserted packets with NODE_FLAG_A. */ static int -merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock, +merge_blocks (ctrl_t ctrl, kbnode_t keyblock_orig, kbnode_t keyblock, u32 *keyid, int *n_uids, int *n_sigs, int *n_subk ) { kbnode_t onode, node; @@ -3078,7 +3092,7 @@ merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock, ++*n_sigs; if(!opt.quiet) { - char *p=get_user_id_native (keyid); + char *p = get_user_id_native (ctrl, keyid); log_info(_("key %s: \"%s\" revocation" " certificate added\n"), keystr(keyid),p); xfree(p); diff --git a/g10/keydb.c b/g10/keydb.c index b255c3fff..5479a2aa9 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -1674,7 +1674,7 @@ keydb_locate_writable (KEYDB_HANDLE hd) /* Rebuild the on-disk caches of all key resources. */ void -keydb_rebuild_caches (int noisy) +keydb_rebuild_caches (ctrl_t ctrl, int noisy) { int i, rc; @@ -1687,7 +1687,7 @@ keydb_rebuild_caches (int noisy) case KEYDB_RESOURCE_TYPE_NONE: /* ignore */ break; case KEYDB_RESOURCE_TYPE_KEYRING: - rc = keyring_rebuild_cache (all_resources[i].token,noisy); + rc = keyring_rebuild_cache (ctrl, all_resources[i].token,noisy); if (rc) log_error (_("failed to rebuild keyring cache: %s\n"), gpg_strerror (rc)); diff --git a/g10/keydb.h b/g10/keydb.h index 2de52d504..605964db0 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -186,7 +186,7 @@ gpg_error_t keydb_delete_keyblock (KEYDB_HANDLE hd); gpg_error_t keydb_locate_writable (KEYDB_HANDLE hd); /* Rebuild the on-disk caches of all key resources. */ -void keydb_rebuild_caches (int noisy); +void keydb_rebuild_caches (ctrl_t ctrl, int noisy); /* Return the number of skipped blocks (because they were to large to read from a keybox) since the last search reset. */ @@ -215,7 +215,7 @@ gpg_error_t keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr); /*-- pkclist.c --*/ -void show_revocation_reason( PKT_public_key *pk, int mode ); +void show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode ); int check_signatures_trust (ctrl_t ctrl, PKT_signature *sig); void release_pk_list (PK_LIST pk_list); @@ -258,13 +258,15 @@ void set_next_passphrase( const char *s ); char *get_last_passphrase(void); void next_to_last_passphrase(void); -void emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo); +void emit_status_need_passphrase (ctrl_t ctrl, u32 *keyid, + u32 *mainkeyid, int pubkey_algo); #define FORMAT_KEYDESC_NORMAL 0 #define FORMAT_KEYDESC_IMPORT 1 #define FORMAT_KEYDESC_EXPORT 2 #define FORMAT_KEYDESC_DELKEY 3 -char *gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped); +char *gpg_format_keydesc (ctrl_t ctrl, + PKT_public_key *pk, int mode, int escaped); /*-- getkey.c --*/ @@ -276,7 +278,7 @@ void cache_public_key( PKT_public_key *pk ); void getkey_disable_caches(void); /* Return the public key with the key id KEYID and store it at PK. */ -int get_pubkey( PKT_public_key *pk, u32 *keyid ); +int get_pubkey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid); /* Similar to get_pubkey, but it does not take PK->REQ_USAGE into account nor does it merge in the self-signed data. This function @@ -284,7 +286,7 @@ int get_pubkey( PKT_public_key *pk, u32 *keyid ); int get_pubkey_fast (PKT_public_key *pk, u32 *keyid); /* Return the key block for the key with KEYID. */ -kbnode_t get_pubkeyblock (u32 *keyid); +kbnode_t get_pubkeyblock (ctrl_t ctrl, u32 *keyid); /* A list used by get_pubkeys to gather all of the matches. */ struct pubkey_s @@ -330,10 +332,10 @@ gpg_error_t get_pubkey_fromfile (ctrl_t ctrl, /* Return the public key with the key id KEYID iff the secret key is * available and store it at PK. */ -gpg_error_t get_seckey (PKT_public_key *pk, u32 *keyid); +gpg_error_t get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid); /* Lookup a key with the specified fingerprint. */ -int get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock, +int get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, const byte *fprint, size_t fprint_len); /* This function is similar to get_pubkey_byfprint, but it doesn't @@ -354,7 +356,8 @@ const char *parse_def_secret_key (ctrl_t ctrl); gpg_error_t get_seckey_default (ctrl_t ctrl, PKT_public_key *pk); /* Search for keys matching some criteria. */ -gpg_error_t getkey_bynames (getkey_ctx_t *retctx, PKT_public_key *pk, +gpg_error_t getkey_bynames (ctrl_t ctrl, + getkey_ctx_t *retctx, PKT_public_key *pk, strlist_t names, int want_secret, kbnode_t *ret_keyblock); @@ -365,8 +368,8 @@ gpg_error_t getkey_byname (ctrl_t ctrl, kbnode_t *ret_keyblock); /* Return the next search result. */ -gpg_error_t getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, - kbnode_t *ret_keyblock); +gpg_error_t getkey_next (ctrl_t ctrl, getkey_ctx_t ctx, + PKT_public_key *pk, kbnode_t *ret_keyblock); /* Release any resources used by a key listing context. */ void getkey_end (getkey_ctx_t ctx); @@ -383,14 +386,14 @@ void setup_main_keyids (kbnode_t keyblock); /* This function merges information from the self-signed data into the data structures. */ -void merge_keys_and_selfsig (kbnode_t keyblock); +void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock); -char*get_user_id_string_native( u32 *keyid ); -char*get_long_user_id_string( u32 *keyid ); -char*get_user_id( u32 *keyid, size_t *rn ); -char*get_user_id_native( u32 *keyid ); -char *get_user_id_byfpr (const byte *fpr, size_t *rn); -char *get_user_id_byfpr_native (const byte *fpr); +char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid); +char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid); +char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn); +char*get_user_id_native (ctrl_t ctrl, u32 *keyid); +char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn); +char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr); void release_akl(void); int parse_auto_key_locate(char *options); @@ -449,8 +452,9 @@ const char *pk_keyid_str (PKT_public_key *pk); const char *keystr_from_desc(KEYDB_SEARCH_DESC *desc); u32 keyid_from_pk( PKT_public_key *pk, u32 *keyid ); -u32 keyid_from_sig( PKT_signature *sig, u32 *keyid ); -u32 keyid_from_fingerprint(const byte *fprint, size_t fprint_len, u32 *keyid); +u32 keyid_from_sig (PKT_signature *sig, u32 *keyid ); +u32 keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint, size_t fprint_len, + u32 *keyid); byte *namehash_from_uid(PKT_user_id *uid); unsigned nbits_from_pk( PKT_public_key *pk ); const char *datestr_from_pk( PKT_public_key *pk ); diff --git a/g10/keyedit.c b/g10/keyedit.c index 9a6112631..a7a5f7209 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -59,24 +59,27 @@ static void show_key_with_all_names (ctrl_t ctrl, estream_t fp, int with_revoker, int with_fpr, int with_subkeys, int with_prefs, int nowarn); -static void show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys); +static void show_key_and_fingerprint (ctrl_t ctrl, + kbnode_t keyblock, int with_subkeys); static void show_key_and_grip (kbnode_t keyblock); static void subkey_expire_warning (kbnode_t keyblock); static int menu_adduid (ctrl_t ctrl, kbnode_t keyblock, int photo, const char *photo_name, const char *uidstr); static void menu_deluid (KBNODE pub_keyblock); -static int menu_delsig (KBNODE pub_keyblock); -static int menu_clean (KBNODE keyblock, int self_only); +static int menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock); +static int menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only); static void menu_delkey (KBNODE pub_keyblock); static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive); -static gpg_error_t menu_expire (kbnode_t pub_keyblock, +static gpg_error_t menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration); -static int menu_changeusage (kbnode_t keyblock); -static int menu_backsign (KBNODE pub_keyblock); -static int menu_set_primary_uid (KBNODE pub_keyblock); -static int menu_set_preferences (KBNODE pub_keyblock); -static int menu_set_keyserver_url (const char *url, KBNODE pub_keyblock); -static int menu_set_notation (const char *string, KBNODE pub_keyblock); +static int menu_changeusage (ctrl_t ctrl, kbnode_t keyblock); +static int menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock); +static int menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock); +static int menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock); +static int menu_set_keyserver_url (ctrl_t ctrl, + const char *url, kbnode_t pub_keyblock); +static int menu_set_notation (ctrl_t ctrl, + const char *string, kbnode_t pub_keyblock); static int menu_select_uid (KBNODE keyblock, int idx); static int menu_select_uid_namehash (KBNODE keyblock, const char *namehash); static int menu_select_key (KBNODE keyblock, int idx, char *p); @@ -86,15 +89,15 @@ static int count_keys_with_flag (KBNODE keyblock, unsigned flag); static int count_selected_uids (KBNODE keyblock); static int real_uids_left (KBNODE keyblock); static int count_selected_keys (KBNODE keyblock); -static int menu_revsig (KBNODE keyblock); +static int menu_revsig (ctrl_t ctrl, kbnode_t keyblock); static int menu_revuid (ctrl_t ctrl, kbnode_t keyblock); static int core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node, const struct revocation_reason_info *reason, int *modified); -static int menu_revkey (KBNODE pub_keyblock); -static int menu_revsubkey (KBNODE pub_keyblock); +static int menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock); +static int menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock); #ifndef NO_TRUST_MODELS -static int enable_disable_key (KBNODE keyblock, int disable); +static int enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable); #endif /*!NO_TRUST_MODELS*/ static void menu_showphoto (ctrl_t ctrl, kbnode_t keyblock); @@ -126,7 +129,7 @@ struct sign_attrib /* TODO: Fix duplicated code between here and the check-sigs/list-sigs code in keylist.c. */ static int -print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node, +print_and_check_one_sig_colon (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node, int *inv_sigs, int *no_key, int *oth_err, int *is_selfsig, int print_without_key) { @@ -136,7 +139,7 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node, /* TODO: Make sure a cached sig record here still has the pk that issued it. See also keylist.c:list_keyblock_print */ - rc = check_key_signature (keyblock, node, is_selfsig); + rc = check_key_signature (ctrl, keyblock, node, is_selfsig); switch (gpg_err_code (rc)) { case 0: @@ -199,7 +202,7 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node, * always be printed. */ static int -print_one_sig (int rc, KBNODE keyblock, KBNODE node, +print_one_sig (ctrl_t ctrl, int rc, kbnode_t keyblock, kbnode_t node, int *inv_sigs, int *no_key, int *oth_err, int is_selfsig, int print_without_key, int extended) { @@ -269,7 +272,7 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node, else { size_t n; - char *p = get_user_id (sig->keyid, &n); + char *p = get_user_id (ctrl, sig->keyid, &n); tty_print_utf8_string2 (NULL, p, n, opt.screen_columns - keystrlen () - 26 - ((opt. @@ -316,14 +319,14 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node, static int -print_and_check_one_sig (KBNODE keyblock, KBNODE node, +print_and_check_one_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node, int *inv_sigs, int *no_key, int *oth_err, int *is_selfsig, int print_without_key, int extended) { int rc; - rc = check_key_signature (keyblock, node, is_selfsig); - return print_one_sig (rc, + rc = check_key_signature (ctrl, keyblock, node, is_selfsig); + return print_one_sig (ctrl, rc, keyblock, node, inv_sigs, no_key, oth_err, *is_selfsig, print_without_key, extended); } @@ -388,7 +391,8 @@ sig_comparison (const void *av, const void *bv) Returns 1 if the keyblock was modified, 0 otherwise. */ static int -check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs) +check_all_keysigs (ctrl_t ctrl, kbnode_t kb, + int only_selected, int only_selfsigs) { gpg_error_t err; PKT_public_key *pk; @@ -598,14 +602,13 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs) if (keyid_cmp (pk_keyid (pk), sig->keyid) == 0) issuer = pk; - else - /* Issuer is a different key. */ + else /* Issuer is a different key. */ { if (only_selfsigs) continue; issuer = xmalloc (sizeof (*issuer)); - err = get_pubkey (issuer, sig->keyid); + err = get_pubkey (ctrl, issuer, sig->keyid); if (err) { xfree (issuer); @@ -657,7 +660,8 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs) continue; else { - err = check_signature_over_key_or_uid (issuer, sig, kb, n2->pkt, + err = check_signature_over_key_or_uid (ctrl, + issuer, sig, kb, n2->pkt, NULL, NULL); if (! err) break; @@ -804,7 +808,7 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs) } if (modified) - print_one_sig (rc, kb, n, NULL, NULL, NULL, has_selfsig, + print_one_sig (ctrl, rc, kb, n, NULL, NULL, NULL, has_selfsig, 0, only_selfsigs); } @@ -1517,7 +1521,7 @@ sign_uids (ctrl_t ctrl, estream_t fp, if (!quick) { - p = get_user_id_native (sk_keyid); + p = get_user_id_native (ctrl, sk_keyid); tty_fprintf (fp, _("Are you sure that you want to sign this key with your\n" "key \"%s\" (%s)\n"), p, keystr_from_pk (pk)); @@ -1617,7 +1621,7 @@ sign_uids (ctrl_t ctrl, estream_t fp, * exportable. */ if (selfsig) - rc = make_keysig_packet (&sig, primary_pk, + rc = make_keysig_packet (ctrl, &sig, primary_pk, node->pkt->pkt.user_id, NULL, pk, @@ -1625,7 +1629,7 @@ sign_uids (ctrl_t ctrl, estream_t fp, keygen_add_std_prefs, primary_pk, NULL); else - rc = make_keysig_packet (&sig, primary_pk, + rc = make_keysig_packet (ctrl, &sig, primary_pk, node->pkt->pkt.user_id, NULL, pk, @@ -1744,7 +1748,7 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock) if (err) goto leave; - desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_NORMAL, 1); + desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_NORMAL, 1); err = agent_passwd (ctrl, hexgrip, desc, 0, &cache_nonce, &passwd_nonce); xfree (desc); @@ -1774,18 +1778,18 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock) was changed. Note that a pointer to the keyblock must be given and the function may change it (i.e. replacing the first node). */ static int -fix_keyblock (kbnode_t *keyblockp) +fix_keyblock (ctrl_t ctrl, kbnode_t *keyblockp) { int changed = 0; if (collapse_uids (keyblockp)) changed++; - if (check_all_keysigs (*keyblockp, 0, 1)) + if (check_all_keysigs (ctrl, *keyblockp, 0, 1)) changed++; reorder_keyblock (*keyblockp); /* If we modified the keyblock, make sure the flags are right. */ if (changed) - merge_keys_and_selfsig (*keyblockp); + merge_keys_and_selfsig (ctrl, *keyblockp); return changed; } @@ -2052,7 +2056,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, goto leave; } - if (fix_keyblock (&keyblock)) + if (fix_keyblock (ctrl, &keyblock)) modified++; /* See whether we have a matching secret key. */ @@ -2195,7 +2199,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, case cmdFPR: show_key_and_fingerprint - (keyblock, (*arg_string == '*' + (ctrl, + keyblock, (*arg_string == '*' && (!arg_string[1] || spacep (arg_string + 1)))); break; @@ -2226,7 +2231,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, break; case cmdCHECK: - if (check_all_keysigs (keyblock, count_selected_uids (keyblock), + if (check_all_keysigs (ctrl, keyblock, + count_selected_uids (keyblock), !strcmp (arg_string, "selfsig"))) modified = 1; break; @@ -2319,7 +2325,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, update_trust = 1; redisplay = 1; modified = 1; - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); } break; @@ -2357,7 +2363,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, if (!opt.expert) tty_printf (_("(Use the '%s' command.)\n"), "uid"); } - else if (menu_delsig (keyblock)) + else if (menu_delsig (ctrl, keyblock)) { /* No redisplay here, because it may scroll away some * of the status output of this command. */ @@ -2371,17 +2377,17 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, { redisplay = 1; modified = 1; - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); } break; #ifdef ENABLE_CARD_SUPPORT case cmdADDCARDKEY: - if (!card_generate_subkey (keyblock)) + if (!card_generate_subkey (ctrl, keyblock)) { redisplay = 1; modified = 1; - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); } break; @@ -2539,7 +2545,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, { redisplay = 1; modified = 1; - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); } } break; @@ -2578,7 +2584,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, _("Do you really want to revoke" " the entire key? (y/N) "))) { - if (menu_revkey (keyblock)) + if (menu_revkey (ctrl, keyblock)) modified = 1; redisplay = 1; @@ -2591,21 +2597,21 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, : _("Do you really want to revoke" " this subkey? (y/N) "))) { - if (menu_revsubkey (keyblock)) + if (menu_revsubkey (ctrl, keyblock)) modified = 1; redisplay = 1; } if (modified) - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); } break; case cmdEXPIRE: - if (gpg_err_code (menu_expire (keyblock, 0, 0)) == GPG_ERR_TRUE) + if (gpg_err_code (menu_expire (ctrl, keyblock, 0, 0)) == GPG_ERR_TRUE) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); run_subkey_warnings = 1; modified = 1; redisplay = 1; @@ -2613,16 +2619,16 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, break; case cmdCHANGEUSAGE: - if (menu_changeusage (keyblock)) + if (menu_changeusage (ctrl, keyblock)) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); modified = 1; redisplay = 1; } break; case cmdBACKSIGN: - if (menu_backsign (keyblock)) + if (menu_backsign (ctrl, keyblock)) { modified = 1; redisplay = 1; @@ -2630,9 +2636,9 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, break; case cmdPRIMARY: - if (menu_set_primary_uid (keyblock)) + if (menu_set_primary_uid (ctrl, keyblock)) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); modified = 1; redisplay = 1; } @@ -2702,9 +2708,9 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, " for the selected user IDs? (y/N) ") : _("Really update the preferences? (y/N) "))) { - if (menu_set_preferences (keyblock)) + if (menu_set_preferences (ctrl, keyblock)) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); modified = 1; redisplay = 1; } @@ -2713,20 +2719,20 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, break; case cmdPREFKS: - if (menu_set_keyserver_url (*arg_string ? arg_string : NULL, + if (menu_set_keyserver_url (ctrl, *arg_string ? arg_string : NULL, keyblock)) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); modified = 1; redisplay = 1; } break; case cmdNOTATION: - if (menu_set_notation (*arg_string ? arg_string : NULL, + if (menu_set_notation (ctrl, *arg_string ? arg_string : NULL, keyblock)) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); modified = 1; redisplay = 1; } @@ -2736,7 +2742,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, break; case cmdREVSIG: - if (menu_revsig (keyblock)) + if (menu_revsig (ctrl, keyblock)) { redisplay = 1; modified = 1; @@ -2746,7 +2752,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, #ifndef NO_TRUST_MODELS case cmdENABLEKEY: case cmdDISABLEKEY: - if (enable_disable_key (keyblock, cmd == cmdDISABLEKEY)) + if (enable_disable_key (ctrl, keyblock, cmd == cmdDISABLEKEY)) { redisplay = 1; modified = 1; @@ -2759,12 +2765,12 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, break; case cmdCLEAN: - if (menu_clean (keyblock, 0)) + if (menu_clean (ctrl, keyblock, 0)) redisplay = modified = 1; break; case cmdMINIMIZE: - if (menu_clean (keyblock, 1)) + if (menu_clean (ctrl, keyblock, 1)) redisplay = modified = 1; break; @@ -2809,7 +2815,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, if (update_trust) { - revalidation_mark (); + revalidation_mark (ctrl); update_trust = 0; } goto leave; @@ -2928,8 +2934,8 @@ quick_find_keyblock (ctrl_t ctrl, const char *username, goto leave; } - fix_keyblock (&keyblock); - merge_keys_and_selfsig (keyblock); + fix_keyblock (ctrl, &keyblock); + merge_keys_and_selfsig (ctrl, keyblock); *r_keyblock = keyblock; keyblock = NULL; @@ -2981,7 +2987,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid) } if (update_trust) - revalidation_mark (); + revalidation_mark (ctrl); } leave: @@ -3054,7 +3060,7 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev) goto leave; } - revalidation_mark (); + revalidation_mark (ctrl); goto leave; } } @@ -3112,16 +3118,16 @@ keyedit_quick_set_primary (ctrl_t ctrl, const char *username, if (!any) err = gpg_error (GPG_ERR_NO_USER_ID); - else if (menu_set_primary_uid (keyblock)) + else if (menu_set_primary_uid (ctrl, keyblock)) { - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); err = keydb_update_keyblock (ctrl, kdbhd, keyblock); if (err) { log_error (_("update failed: %s\n"), gpg_strerror (err)); goto leave; } - revalidation_mark (); + revalidation_mark (ctrl); } else err = gpg_error (GPG_ERR_GENERAL); @@ -3235,7 +3241,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids, if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd)) goto leave; - if (fix_keyblock (&keyblock)) + if (fix_keyblock (ctrl, &keyblock)) modified++; /* Give some info in verbose. */ @@ -3350,7 +3356,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids, log_info (_("Key not changed so no update needed.\n")); if (update_trust) - revalidation_mark (); + revalidation_mark (ctrl); leave: @@ -3383,7 +3389,7 @@ keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr, if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd)) goto leave; - if (fix_keyblock (&keyblock)) + if (fix_keyblock (ctrl, &keyblock)) modified++; pk = keyblock->pkt->pkt.public_key; @@ -3445,7 +3451,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr) if (err) goto leave; - if (fix_keyblock (&keyblock)) + if (fix_keyblock (ctrl, &keyblock)) modified++; pk = keyblock->pkt->pkt.public_key; @@ -3470,7 +3476,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr) expire += make_timestamp (); /* Set the new expiration date. */ - err = menu_expire (keyblock, 1, expire); + err = menu_expire (ctrl, keyblock, 1, expire); if (gpg_err_code (err) == GPG_ERR_TRUE) modified = 1; else if (err) @@ -3487,7 +3493,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr) goto leave; } if (update_trust) - revalidation_mark (); + revalidation_mark (ctrl); } else log_info (_("Key not changed so no update needed.\n")); @@ -3756,7 +3762,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock) (ulong) pk->timestamp, (ulong) pk->expiredate); if (node->pkt->pkttype == PKT_PUBLIC_KEY && !(opt.fast_list_mode || opt.no_expensive_trust_checks)) - es_putc (get_ownertrust_info (pk, 0), fp); + es_putc (get_ownertrust_info (ctrl, pk, 0), fp); es_putc (':', fp); es_putc (':', fp); es_putc (':', fp); @@ -3771,7 +3777,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock) es_putc ('a', fp); es_putc ('\n', fp); - print_fingerprint (fp, pk, 0); + print_fingerprint (ctrl, fp, pk, 0); print_revokers (fp, pk); } } @@ -3973,7 +3979,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp, static int did_warn = 0; trust = get_validity_string (ctrl, pk, NULL); - otrust = get_ownertrust_string (pk, 0); + otrust = get_ownertrust_string (ctrl, pk, 0); /* Show a warning once */ if (!did_warn @@ -3989,7 +3995,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp, if (pk->flags.revoked) { - char *user = get_user_id_string_native (pk->revoked.keyid); + char *user = get_user_id_string_native (ctrl, pk->revoked.keyid); tty_fprintf (fp, _("The following key was revoked on" " %s by %s key %s\n"), @@ -4010,10 +4016,10 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp, const char *algo; algo = gcry_pk_algo_name (pk->revkey[i].algid); - keyid_from_fingerprint (pk->revkey[i].fpr, + keyid_from_fingerprint (ctrl, pk->revkey[i].fpr, MAX_FINGERPRINT_LEN, r_keyid); - user = get_user_id_string_native (r_keyid); + user = get_user_id_string_native (ctrl, r_keyid); tty_fprintf (fp, _("This key may be revoked by %s key %s"), algo ? algo : "?", user); @@ -4147,7 +4153,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp, tty_fprintf (fp, "\n"); } if (node->pkt->pkttype == PKT_PUBLIC_KEY - && (get_ownertrust (pk) & TRUST_FLAG_DISABLED)) + && (get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED)) { tty_fprintf (fp, "*** "); tty_fprintf (fp, _("This key has been disabled")); @@ -4158,7 +4164,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp, if ((node->pkt->pkttype == PKT_PUBLIC_KEY || node->pkt->pkttype == PKT_SECRET_KEY) && with_fpr) { - print_fingerprint (fp, pk, 2); + print_fingerprint (ctrl, fp, pk, 2); tty_fprintf (fp, "\n"); } } @@ -4183,7 +4189,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp, secret keys and thus the printing of "pub" vs. "sec" does only depend on the packet type and not by checking with gpg-agent. */ void -show_basic_key_info (KBNODE keyblock) +show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock) { KBNODE node; int i; @@ -4209,7 +4215,7 @@ show_basic_key_info (KBNODE keyblock) tty_printf (" "); tty_printf (_("expires: %s"), expirestr_from_pk (pk)); tty_printf ("\n"); - print_fingerprint (NULL, pk, 3); + print_fingerprint (ctrl, NULL, pk, 3); tty_printf ("\n"); } } @@ -4235,7 +4241,7 @@ show_basic_key_info (KBNODE keyblock) static void -show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys) +show_key_and_fingerprint (ctrl_t ctrl, kbnode_t keyblock, int with_subkeys) { kbnode_t node; PKT_public_key *pk = NULL; @@ -4260,7 +4266,7 @@ show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys) } tty_printf ("\n"); if (pk) - print_fingerprint (NULL, pk, 2); + print_fingerprint (ctrl, NULL, pk, 2); if (with_subkeys) { for (node = keyblock; node; node = node->next) @@ -4274,7 +4280,7 @@ show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys) datestr_from_pk (pk), usagestr_from_pk (pk, 0)); - print_fingerprint (NULL, pk, 4); + print_fingerprint (ctrl, NULL, pk, 4); } } } @@ -4486,7 +4492,7 @@ menu_adduid (ctrl_t ctrl, kbnode_t pub_keyblock, return 0; } - err = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x13, 0, 0, 0, + err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x13, 0, 0, 0, keygen_add_std_prefs, pk, NULL); if (err) { @@ -4549,7 +4555,7 @@ menu_deluid (KBNODE pub_keyblock) static int -menu_delsig (KBNODE pub_keyblock) +menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock) { KBNODE node; PKT_user_id *uid = NULL; @@ -4571,11 +4577,11 @@ menu_delsig (KBNODE pub_keyblock) okay = inv_sig = no_key = other_err = 0; if (opt.with_colons) - valid = print_and_check_one_sig_colon (pub_keyblock, node, + valid = print_and_check_one_sig_colon (ctrl, pub_keyblock, node, &inv_sig, &no_key, &other_err, &selfsig, 1); else - valid = print_and_check_one_sig (pub_keyblock, node, + valid = print_and_check_one_sig (ctrl, pub_keyblock, node, &inv_sig, &no_key, &other_err, &selfsig, 1, 0); @@ -4631,7 +4637,7 @@ menu_delsig (KBNODE pub_keyblock) static int -menu_clean (KBNODE keyblock, int self_only) +menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only) { KBNODE uidnode; int modified = 0, select_all = !count_selected_uids (keyblock); @@ -4648,7 +4654,7 @@ menu_clean (KBNODE keyblock, int self_only) uidnode->pkt->pkt.user_id->len, 0); - clean_one_uid (keyblock, uidnode, opt.verbose, self_only, &uids, + clean_one_uid (ctrl, keyblock, uidnode, opt.verbose, self_only, &uids, &sigs); if (uids) { @@ -4849,8 +4855,8 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive) continue; } - print_pubkey_info (NULL, revoker_pk); - print_fingerprint (NULL, revoker_pk, 2); + print_pubkey_info (ctrl, NULL, revoker_pk); + print_fingerprint (ctrl, NULL, revoker_pk, 2); tty_printf ("\n"); tty_printf (_("WARNING: appointing a key as a designated revoker " @@ -4868,7 +4874,7 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive) break; } - rc = make_keysig_packet (&sig, pk, NULL, NULL, pk, 0x1F, 0, 0, 0, + rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk, 0x1F, 0, 0, 0, keygen_add_revkey, &revkey, NULL); if (rc) { @@ -4900,7 +4906,8 @@ fail: * avoid all interactivity. Retirns 0 if nothing was done, * GPG_ERR_TRUE if the key was modified, or any other error code. */ static gpg_error_t -menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration) +menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock, + int force_mainkey, u32 newexpiration) { int signumber, rc; u32 expiredate; @@ -4989,12 +4996,14 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration) } if (mainkey) - rc = update_keysig_packet (&newsig, sig, main_pk, uid, NULL, + rc = update_keysig_packet (ctrl, + &newsig, sig, main_pk, uid, NULL, main_pk, keygen_add_key_expire, main_pk); else rc = - update_keysig_packet (&newsig, sig, main_pk, NULL, sub_pk, + update_keysig_packet (ctrl, + &newsig, sig, main_pk, NULL, sub_pk, main_pk, keygen_add_key_expire, sub_pk); if (rc) { @@ -5026,7 +5035,7 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration) * be used to rectify badly created keys and as such is not suggested * for general use. */ static int -menu_changeusage (kbnode_t keyblock) +menu_changeusage (ctrl_t ctrl, kbnode_t keyblock) { int n1, rc; int mainkey = 0; @@ -5097,12 +5106,14 @@ menu_changeusage (kbnode_t keyblock) sub_pk->pubkey_usage); if (mainkey) - rc = update_keysig_packet (&newsig, sig, main_pk, uid, NULL, + rc = update_keysig_packet (ctrl, + &newsig, sig, main_pk, uid, NULL, main_pk, keygen_add_key_flags, main_pk); else rc = - update_keysig_packet (&newsig, sig, main_pk, NULL, sub_pk, + update_keysig_packet (ctrl, + &newsig, sig, main_pk, NULL, sub_pk, main_pk, keygen_add_key_flags, sub_pk); if (rc) { @@ -5129,7 +5140,7 @@ menu_changeusage (kbnode_t keyblock) static int -menu_backsign (KBNODE pub_keyblock) +menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock) { int rc, modified = 0; PKT_public_key *main_pk; @@ -5138,7 +5149,7 @@ menu_backsign (KBNODE pub_keyblock) log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY); - merge_keys_and_selfsig (pub_keyblock); + merge_keys_and_selfsig (ctrl, pub_keyblock); main_pk = pub_keyblock->pkt->pkt.public_key; keyid_from_pk (main_pk, NULL); @@ -5198,14 +5209,16 @@ menu_backsign (KBNODE pub_keyblock) /* Now we can get to work. */ - rc = make_backsig (sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk, + rc = make_backsig (ctrl, + sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk, timestamp, NULL); if (!rc) { PKT_signature *newsig; PACKET *newpkt; - rc = update_keysig_packet (&newsig, sig_pk->pkt->pkt.signature, + rc = update_keysig_packet (ctrl, + &newsig, sig_pk->pkt->pkt.signature, main_pk, NULL, sub_pk, main_pk, NULL, NULL); if (!rc) @@ -5268,7 +5281,7 @@ change_primary_uid_cb (PKT_signature * sig, void *opaque) * sufficient to updated a signature during import. */ static int -menu_set_primary_uid (KBNODE pub_keyblock) +menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock) { PKT_public_key *main_pk; PKT_user_id *uid; @@ -5357,7 +5370,7 @@ menu_set_primary_uid (KBNODE pub_keyblock) if (action) { - int rc = update_keysig_packet (&newsig, sig, + int rc = update_keysig_packet (ctrl, &newsig, sig, main_pk, uid, NULL, main_pk, change_primary_uid_cb, @@ -5390,7 +5403,7 @@ menu_set_primary_uid (KBNODE pub_keyblock) * Set preferences to new values for the selected user IDs */ static int -menu_set_preferences (KBNODE pub_keyblock) +menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock) { PKT_public_key *main_pk; PKT_user_id *uid; @@ -5448,7 +5461,7 @@ menu_set_preferences (KBNODE pub_keyblock) PACKET *newpkt; int rc; - rc = update_keysig_packet (&newsig, sig, + rc = update_keysig_packet (ctrl, &newsig, sig, main_pk, uid, NULL, main_pk, keygen_upd_std_prefs, NULL); if (rc) @@ -5475,7 +5488,7 @@ menu_set_preferences (KBNODE pub_keyblock) static int -menu_set_keyserver_url (const char *url, KBNODE pub_keyblock) +menu_set_keyserver_url (ctrl_t ctrl, const char *url, kbnode_t pub_keyblock) { PKT_public_key *main_pk; PKT_user_id *uid; @@ -5582,7 +5595,7 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock) continue; } - rc = update_keysig_packet (&newsig, sig, + rc = update_keysig_packet (ctrl, &newsig, sig, main_pk, uid, NULL, main_pk, keygen_add_keyserver_url, uri); @@ -5612,8 +5625,9 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock) return modified; } + static int -menu_set_notation (const char *string, KBNODE pub_keyblock) +menu_set_notation (ctrl_t ctrl, const char *string, KBNODE pub_keyblock) { PKT_public_key *main_pk; PKT_user_id *uid; @@ -5781,7 +5795,7 @@ menu_set_notation (const char *string, KBNODE pub_keyblock) _("Proceed? (y/N) ")))) continue; - rc = update_keysig_packet (&newsig, sig, + rc = update_keysig_packet (ctrl, &newsig, sig, main_pk, uid, NULL, main_pk, keygen_add_notations, notation); @@ -6140,7 +6154,7 @@ real_uids_left (KBNODE keyblock) * flag bit MARK_A is set on the signature and the user ID. */ static void -ask_revoke_sig (KBNODE keyblock, KBNODE node) +ask_revoke_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node) { int doit = 0; PKT_user_id *uid; @@ -6167,8 +6181,8 @@ ask_revoke_sig (KBNODE keyblock, KBNODE node) es_printf ("\n"); - print_and_check_one_sig_colon (keyblock, node, NULL, NULL, NULL, NULL, - 1); + print_and_check_one_sig_colon (ctrl, keyblock, node, + NULL, NULL, NULL, NULL, 1); } else { @@ -6210,7 +6224,7 @@ ask_revoke_sig (KBNODE keyblock, KBNODE node) * Return: True when the keyblock has changed. */ static int -menu_revsig (KBNODE keyblock) +menu_revsig (ctrl_t ctrl, kbnode_t keyblock) { PKT_signature *sig; PKT_public_key *primary_pk; @@ -6302,7 +6316,7 @@ menu_revsig (KBNODE keyblock) { if (!(node->flag & NODFLG_SELSIG)) continue; - ask_revoke_sig (keyblock, node); + ask_revoke_sig (ctrl, keyblock, node); } /* present selected */ @@ -6368,13 +6382,13 @@ reloop: /* (must use this, because we are modifing the list) */ node->flag &= ~NODFLG_MARK_A; signerkey = xmalloc_secure_clear (sizeof *signerkey); - if (get_seckey (signerkey, node->pkt->pkt.signature->keyid)) + if (get_seckey (ctrl, signerkey, node->pkt->pkt.signature->keyid)) { log_info (_("no secret key\n")); free_public_key (signerkey); continue; } - rc = make_keysig_packet (&sig, primary_pk, + rc = make_keysig_packet (ctrl, &sig, primary_pk, unode->pkt->pkt.user_id, NULL, signerkey, 0x30, 0, 0, 0, sign_mk_attrib, &attrib, NULL); @@ -6459,7 +6473,7 @@ core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node, mksubpkt argument to make_keysig_packet */ attrib.reason = (struct revocation_reason_info *)reason; - rc = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x30, 0, + rc = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x30, 0, timestamp, 0, sign_mk_attrib, &attrib, NULL); if (rc) @@ -6569,7 +6583,7 @@ leave: * Revoke the whole key. */ static int -menu_revkey (KBNODE pub_keyblock) +menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock) { PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key; int rc, changed = 0; @@ -6588,7 +6602,7 @@ menu_revkey (KBNODE pub_keyblock) if (!reason) return 0; - rc = make_keysig_packet (&sig, pk, NULL, NULL, pk, + rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk, 0x20, 0, 0, 0, revocation_reason_build_cb, reason, NULL); if (rc) @@ -6615,7 +6629,7 @@ menu_revkey (KBNODE pub_keyblock) static int -menu_revsubkey (KBNODE pub_keyblock) +menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock) { PKT_public_key *mainpk; KBNODE node; @@ -6650,7 +6664,7 @@ menu_revsubkey (KBNODE pub_keyblock) attrib.reason = reason; node->flag &= ~NODFLG_SELKEY; - rc = make_keysig_packet (&sig, mainpk, NULL, subpk, mainpk, + rc = make_keysig_packet (ctrl, &sig, mainpk, NULL, subpk, mainpk, 0x28, 0, 0, 0, sign_mk_attrib, &attrib, NULL); if (rc) @@ -6686,19 +6700,19 @@ menu_revsubkey (KBNODE pub_keyblock) not worth adding extra complexity to change. -ds */ #ifndef NO_TRUST_MODELS static int -enable_disable_key (KBNODE keyblock, int disable) +enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable) { PKT_public_key *pk = find_kbnode (keyblock, PKT_PUBLIC_KEY)->pkt->pkt.public_key; unsigned int trust, newtrust; - trust = newtrust = get_ownertrust (pk); + trust = newtrust = get_ownertrust (ctrl, pk); newtrust &= ~TRUST_FLAG_DISABLED; if (disable) newtrust |= TRUST_FLAG_DISABLED; if (trust == newtrust) return 0; /* already in that state */ - update_ownertrust (pk, newtrust); + update_ownertrust (ctrl, pk, newtrust); return 0; } #endif /*!NO_TRUST_MODELS*/ diff --git a/g10/keygen.c b/g10/keygen.c index 78c35a214..2db37bf34 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -843,7 +843,7 @@ keygen_add_revkey (PKT_signature *sig, void *opaque) /* Create a back-signature. If TIMESTAMP is not NULL, use it for the signature creation time. */ gpg_error_t -make_backsig (PKT_signature *sig, PKT_public_key *pk, +make_backsig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pk, PKT_public_key *sub_pk, PKT_public_key *sub_psk, u32 timestamp, const char *cache_nonce) { @@ -852,7 +852,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk, cache_public_key (sub_pk); - err = make_keysig_packet (&backsig, pk, NULL, sub_pk, sub_psk, 0x19, + err = make_keysig_packet (ctrl, &backsig, pk, NULL, sub_pk, sub_psk, 0x19, 0, timestamp, 0, NULL, NULL, cache_nonce); if (err) log_error ("make_keysig_packet failed for backsig: %s\n", @@ -936,7 +936,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk, PSK. REVKEY is describes the direct key signature and TIMESTAMP is the timestamp to set on the signature. */ static gpg_error_t -write_direct_sig (KBNODE root, PKT_public_key *psk, +write_direct_sig (ctrl_t ctrl, kbnode_t root, PKT_public_key *psk, struct revocation_key *revkey, u32 timestamp, const char *cache_nonce) { @@ -960,7 +960,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk, cache_public_key (pk); /* Make the signature. */ - err = make_keysig_packet (&sig, pk, NULL,NULL, psk, 0x1F, + err = make_keysig_packet (ctrl, &sig, pk, NULL,NULL, psk, 0x1F, 0, timestamp, 0, keygen_add_revkey, revkey, cache_nonce); if (err) @@ -982,7 +982,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk, PSK. USE and TIMESTAMP give the extra data we need for the signature. */ static gpg_error_t -write_selfsigs (KBNODE root, PKT_public_key *psk, +write_selfsigs (ctrl_t ctrl, kbnode_t root, PKT_public_key *psk, unsigned int use, u32 timestamp, const char *cache_nonce) { gpg_error_t err; @@ -1015,7 +1015,7 @@ write_selfsigs (KBNODE root, PKT_public_key *psk, cache_public_key (pk); /* Make the signature. */ - err = make_keysig_packet (&sig, pk, uid, NULL, psk, 0x13, + err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, psk, 0x13, 0, timestamp, 0, keygen_add_std_prefs, pk, cache_nonce); if (err) @@ -1038,7 +1038,8 @@ write_selfsigs (KBNODE root, PKT_public_key *psk, SUB_PSK is a key used to create a back-signature; that one is only used if USE has the PUBKEY_USAGE_SIG capability. */ static int -write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk, +write_keybinding (ctrl_t ctrl, kbnode_t root, + PKT_public_key *pri_psk, PKT_public_key *sub_psk, unsigned int use, u32 timestamp, const char *cache_nonce) { gpg_error_t err; @@ -1074,7 +1075,7 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk, /* Make the signature. */ oduap.usage = use; oduap.pk = sub_pk; - err = make_keysig_packet (&sig, pri_pk, NULL, sub_pk, pri_psk, 0x18, + err = make_keysig_packet (ctrl, &sig, pri_pk, NULL, sub_pk, pri_psk, 0x18, 0, timestamp, 0, keygen_add_key_flags_and_expire, &oduap, cache_nonce); @@ -1087,7 +1088,8 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk, /* Make a backsig. */ if (use & PUBKEY_USAGE_SIG) { - err = make_backsig (sig, pri_pk, sub_pk, sub_psk, timestamp, cache_nonce); + err = make_backsig (ctrl, + sig, pri_pk, sub_pk, sub_psk, timestamp, cache_nonce); if (err) return err; } @@ -4667,12 +4669,13 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, } if (!err && (revkey = get_parameter_revkey (para, pREVOKER))) - err = write_direct_sig (pub_root, pri_psk, revkey, timestamp, cache_nonce); + err = write_direct_sig (ctrl, pub_root, pri_psk, + revkey, timestamp, cache_nonce); if (!err && (s = get_parameter_value (para, pUSERID))) { write_uid (pub_root, s ); - err = write_selfsigs (pub_root, pri_psk, + err = write_selfsigs (ctrl, pub_root, pri_psk, get_parameter_uint (para, pKEYUSAGE), timestamp, cache_nonce); } @@ -4690,7 +4693,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, 0, pub_root, ×tamp, get_parameter_u32 (para, pKEYEXPIRE)); if (!err) - err = write_keybinding (pub_root, pri_psk, NULL, + err = write_keybinding (ctrl, pub_root, pri_psk, NULL, PUBKEY_USAGE_AUTH, timestamp, cache_nonce); } @@ -4732,7 +4735,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, } if (!err) - err = write_keybinding (pub_root, pri_psk, sub_psk, + err = write_keybinding (ctrl, pub_root, pri_psk, sub_psk, get_parameter_uint (para, pSUBKEYUSAGE), timestamp, cache_nonce); did_sub = 1; @@ -4791,10 +4794,11 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, keyid_from_pk (pk, pk->main_keyid); register_trusted_keyid (pk->main_keyid); - update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK) - | TRUST_ULTIMATE )); + update_ownertrust (ctrl, pk, + ((get_ownertrust (ctrl, pk) & ~TRUST_MASK) + | TRUST_ULTIMATE )); - gen_standard_revoke (pk, cache_nonce); + gen_standard_revoke (ctrl, pk, cache_nonce); /* Get rid of the first empty packet. */ commit_kbnode (&pub_root); @@ -4803,7 +4807,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, { tty_printf (_("public and secret key created and signed.\n") ); tty_printf ("\n"); - merge_keys_and_selfsig (pub_root); + merge_keys_and_selfsig (ctrl, pub_root); list_keyblock_direct (ctrl, pub_root, 0, 1, 1, 1); } @@ -5033,7 +5037,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr, * nonce, which we can use to set the passphrase for the subkey to * that of the primary key. */ { - char *desc = gpg_format_keydesc (pri_psk, FORMAT_KEYDESC_NORMAL, 1); + char *desc = gpg_format_keydesc (ctrl, pri_psk, FORMAT_KEYDESC_NORMAL, 1); err = agent_passwd (ctrl, hexgrip, desc, 1 /*=verify*/, &cache_nonce, &passwd_nonce); xfree (desc); @@ -5071,7 +5075,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr, sub_psk = node->pkt->pkt.public_key; /* Write the binding signature. */ - err = write_keybinding (keyblock, pri_psk, sub_psk, use, cur_time, + err = write_keybinding (ctrl, keyblock, pri_psk, sub_psk, use, cur_time, cache_nonce); if (err) goto leave; @@ -5095,7 +5099,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr, #ifdef ENABLE_CARD_SUPPORT /* Generate a subkey on a card. */ gpg_error_t -generate_card_subkeypair (kbnode_t pub_keyblock, +generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock, int keyno, const char *serialno) { gpg_error_t err = 0; @@ -5186,7 +5190,7 @@ generate_card_subkeypair (kbnode_t pub_keyblock, if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) sub_pk = node->pkt->pkt.public_key; log_assert (sub_pk); - err = write_keybinding (pub_keyblock, pri_pk, sub_pk, + err = write_keybinding (ctrl, pub_keyblock, pri_pk, sub_pk, use, cur_time, NULL); } diff --git a/g10/keyid.c b/g10/keyid.c index 1d3f46cb4..24a56433b 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -538,7 +538,8 @@ keyid_from_pk (PKT_public_key *pk, u32 *keyid) * keys, but has to do a keylookup for old stayle keys. */ u32 -keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid ) +keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint, + size_t fprint_len, u32 *keyid) { u32 dummy_keyid[2]; @@ -552,7 +553,7 @@ keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid ) int rc; memset (&pk, 0, sizeof pk); - rc = get_pubkey_byfprint (&pk, NULL, fprint, fprint_len); + rc = get_pubkey_byfprint (ctrl, &pk, NULL, fprint, fprint_len); if( rc ) { log_error("Oops: keyid_from_fingerprint: no pubkey\n"); diff --git a/g10/keylist.c b/g10/keylist.c index e99e34ba1..cc5009d70 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -92,7 +92,7 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode) byte trust_model, marginals, completes, cert_depth, min_cert_level; ulong created, nextcheck; - read_trust_options (&trust_model, &created, &nextcheck, + read_trust_options (ctrl, &trust_model, &created, &nextcheck, &marginals, &completes, &cert_depth, &min_cert_level); es_fprintf (es_stdout, "tru:"); @@ -164,7 +164,7 @@ secret_key_list (ctrl_t ctrl, strlist_t list) } char * -format_seckey_info (PKT_public_key *pk) +format_seckey_info (ctrl_t ctrl, PKT_public_key *pk) { u32 keyid[2]; char *p; @@ -172,7 +172,7 @@ format_seckey_info (PKT_public_key *pk) char *info; keyid_from_pk (pk, keyid); - p = get_user_id_native (keyid); + p = get_user_id_native (ctrl, keyid); info = xtryasprintf ("sec %s/%s %s %s", pubkey_string (pk, pkstrbuf, sizeof pkstrbuf), @@ -184,9 +184,9 @@ format_seckey_info (PKT_public_key *pk) } void -print_seckey_info (PKT_public_key *pk) +print_seckey_info (ctrl_t ctrl, PKT_public_key *pk) { - char *p = format_seckey_info (pk); + char *p = format_seckey_info (ctrl, pk); tty_printf ("\n%s\n", p); xfree (p); } @@ -195,7 +195,7 @@ print_seckey_info (PKT_public_key *pk) the tty output interface is used, otherwise output is directted to the given stream. */ void -print_pubkey_info (estream_t fp, PKT_public_key *pk) +print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk) { u32 keyid[2]; char *p; @@ -208,7 +208,7 @@ print_pubkey_info (estream_t fp, PKT_public_key *pk) if (pk->user_id) p = utf8_to_native (pk->user_id->name, pk->user_id->len, 0); else - p = get_user_id_native (keyid); + p = get_user_id_native (ctrl, keyid); if (fp) tty_printf ("\n"); @@ -553,7 +553,7 @@ list_all (ctrl_t ctrl, int secret, int mark_secret) lastresname = resname; } } - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); list_keyblock (ctrl, keyblock, secret, any_secret, opt.fingerprint, &listctx); } @@ -604,7 +604,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret) * functions) or to have the search function return indicators for * found names. Yet another way is to use the keydb search * facilities directly. */ - rc = getkey_bynames (&ctx, NULL, names, secret, &keyblock); + rc = getkey_bynames (ctrl, &ctx, NULL, names, secret, &keyblock); if (rc) { log_error ("error reading key: %s\n", gpg_strerror (rc)); @@ -626,7 +626,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret) keyblock, secret, mark_secret, opt.fingerprint, &listctx); release_kbnode (keyblock); } - while (!getkey_next (ctx, NULL, &keyblock)); + while (!getkey_next (ctrl, ctx, NULL, &keyblock)); getkey_end (ctx); if (opt.check_sigs && !opt.with_colons) @@ -667,7 +667,7 @@ locate_one (ctrl_t ctrl, strlist_t names) list_keyblock (ctrl, keyblock, 0, 0, opt.fingerprint, &listctx); release_kbnode (keyblock); } - while (ctx && !getkey_next (ctx, NULL, &keyblock)); + while (ctx && !getkey_next (ctrl, ctx, NULL, &keyblock)); getkey_end (ctx); ctx = NULL; } @@ -696,7 +696,7 @@ print_key_data (PKT_public_key * pk) } static void -print_capabilities (PKT_public_key *pk, KBNODE keyblock) +print_capabilities (ctrl_t ctrl, PKT_public_key *pk, KBNODE keyblock) { unsigned int use = pk->pubkey_usage; int c_printed = 0; @@ -907,10 +907,10 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr, check_trustdb_stale (ctrl); /* Print the "pub" line and in KF_NONE mode the fingerprint. */ - print_key_line (es_stdout, pk, secret); + print_key_line (ctrl, es_stdout, pk, secret); if (fpr) - print_fingerprint (NULL, pk, 0); + print_fingerprint (ctrl, NULL, pk, 0); if (opt.with_keygrip && hexgrip) es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip); @@ -1020,10 +1020,10 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr, } /* Print the "sub" line. */ - print_key_line (es_stdout, pk2, secret); + print_key_line (ctrl, es_stdout, pk2, secret); if (fpr > 1 || opt.with_subkey_fingerprint) { - print_fingerprint (NULL, pk2, 0); + print_fingerprint (ctrl, NULL, pk2, 0); if (serialno) print_card_serialno (serialno); } @@ -1041,7 +1041,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr, if (listctx->check_sigs) { - rc = check_key_signature (keyblock, node, NULL); + rc = check_key_signature (ctrl, keyblock, node, NULL); switch (gpg_err_code (rc)) { case 0: @@ -1113,7 +1113,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr, else if (!opt.fast_list_mode) { size_t n; - char *p = get_user_id (sig->keyid, &n); + char *p = get_user_id (ctrl, sig->keyid, &n); print_utf8_buffer (es_stdout, p, n); xfree (p); } @@ -1261,7 +1261,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, } if (!opt.fast_list_mode && !opt.no_expensive_trust_checks) - ownertrust_print = get_ownertrust_info (pk, 0); + ownertrust_print = get_ownertrust_info (ctrl, pk, 0); else ownertrust_print = 0; @@ -1282,7 +1282,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, es_putc (':', es_stdout); es_putc (':', es_stdout); - print_capabilities (pk, keyblock); + print_capabilities (ctrl, pk, keyblock); es_putc (':', es_stdout); /* End of field 13. */ es_putc (':', es_stdout); /* End of field 14. */ if (secret || has_secret) @@ -1314,7 +1314,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, es_putc ('\n', es_stdout); print_revokers (es_stdout, pk); - print_fingerprint (NULL, pk, 0); + print_fingerprint (ctrl, NULL, pk, 0); if (hexgrip) es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip); if (opt.with_key_data) @@ -1419,7 +1419,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, (ulong) keyid2[0], (ulong) keyid2[1], colon_datestr_from_pk (pk2), colon_strtime (pk2->expiredate)); - print_capabilities (pk2, NULL); + print_capabilities (ctrl, pk2, NULL); es_putc (':', es_stdout); /* End of field 13. */ es_putc (':', es_stdout); /* End of field 14. */ if (secret || has_secret) @@ -1448,7 +1448,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, print_compliance_flags (pk2, keylength, curvename); es_putc (':', es_stdout); /* End of field 18. */ es_putc ('\n', es_stdout); - print_fingerprint (NULL, pk2, 0); + print_fingerprint (ctrl, NULL, pk2, 0); if (hexgrip) es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip); if (opt.with_key_data) @@ -1488,7 +1488,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, if (opt.no_sig_cache) signer_pk = xmalloc_clear (sizeof (PKT_public_key)); - rc = check_key_signature2 (keyblock, node, NULL, signer_pk, + rc = check_key_signature2 (ctrl, keyblock, node, NULL, signer_pk, NULL, NULL, NULL); switch (gpg_err_code (rc)) { @@ -1524,7 +1524,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, } if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode) - siguid = get_user_id (sig->keyid, &siguidlen); + siguid = get_user_id (ctrl, sig->keyid, &siguidlen); else { siguid = NULL; @@ -1697,7 +1697,8 @@ print_icao_hexdigit (estream_t fp, int c) * of es_stdout or instead of the TTY in modes 2 and 3. */ void -print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode) +print_fingerprint (ctrl_t ctrl, estream_t override_fp, + PKT_public_key *pk, int mode) { char hexfpr[2*MAX_FINGERPRINT_LEN+1]; char *p; @@ -1742,8 +1743,8 @@ print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode) if (!primary && (mode == 1 || mode == 2)) { PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk)); - get_pubkey (primary_pk, pk->main_keyid); - print_fingerprint (override_fp, primary_pk, (mode | 0x80)); + get_pubkey (ctrl, primary_pk, pk->main_keyid); + print_fingerprint (ctrl, override_fp, primary_pk, (mode | 0x80)); free_public_key (primary_pk); } @@ -1864,7 +1865,7 @@ print_card_serialno (const char *serialno) * 3 := '>' Secret key is on a token. */ void -print_key_line (estream_t fp, PKT_public_key *pk, int secret) +print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret) { char pkstrbuf[PUBKEY_STRING_SIZE]; @@ -1919,7 +1920,7 @@ print_key_line (estream_t fp, PKT_public_key *pk, int secret) fingerprints, show compact fpr of primary key: */ if (pk->flags.primary && !opt.fingerprint && !opt.with_fingerprint) - print_fingerprint (fp, pk, 20); + print_fingerprint (ctrl, fp, pk, 20); } diff --git a/g10/keyring.c b/g10/keyring.c index e7ebbb38b..51b76872f 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -1404,7 +1404,7 @@ write_keyblock (IOBUF fp, KBNODE keyblock) * This is only done for the public keyrings. */ int -keyring_rebuild_cache (void *token,int noisy) +keyring_rebuild_cache (ctrl_t ctrl, void *token, int noisy) { KEYRING_HANDLE hd; KEYDB_SEARCH_DESC desc; @@ -1521,7 +1521,7 @@ keyring_rebuild_cache (void *token,int noisy) || openpgp_pk_test_algo(sig->pubkey_algo))) sig->flags.checked=sig->flags.valid=0; else - check_key_signature (keyblock, node, NULL); + check_key_signature (ctrl, keyblock, node, NULL); sigcount++; } diff --git a/g10/keyring.h b/g10/keyring.h index 07f383576..7155d1d4a 100644 --- a/g10/keyring.h +++ b/g10/keyring.h @@ -40,6 +40,6 @@ int keyring_delete_keyblock (KEYRING_HANDLE hd); int keyring_search_reset (KEYRING_HANDLE hd); int keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc, size_t *descindex, int skip_legacy); -int keyring_rebuild_cache (void *token,int noisy); +int keyring_rebuild_cache (ctrl_t ctrl, void *token,int noisy); #endif /*GPG_KEYRING_H*/ diff --git a/g10/keyserver.c b/g10/keyserver.c index 1fe3ea853..c9be1f020 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -468,7 +468,7 @@ parse_preferred_keyserver(PKT_signature *sig) } static void -print_keyrec(int number,struct keyrec *keyrec) +print_keyrec (ctrl_t ctrl, int number,struct keyrec *keyrec) { int i; @@ -522,7 +522,7 @@ print_keyrec(int number,struct keyrec *keyrec) case KEYDB_SEARCH_MODE_FPR20: { u32 kid[2]; - keyid_from_fingerprint(keyrec->desc.u.fpr,20,kid); + keyid_from_fingerprint (ctrl, keyrec->desc.u.fpr,20,kid); es_printf("key %s",keystr(kid)); } break; @@ -960,7 +960,7 @@ search_line_handler (void *opaque, int special, char *line) parm->numlines = 0; } - print_keyrec (parm->nkeys+1, keyrec); + print_keyrec (parm->ctrl, parm->nkeys+1, keyrec); } parm->numlines += keyrec->lines; @@ -1196,9 +1196,11 @@ keyserver_import_keyid (ctrl_t ctrl, return keyserver_get (ctrl, &desc, 1, keyserver, quick, NULL, NULL); } + /* code mostly stolen from do_export_stream */ static int -keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3) +keyidlist (ctrl_t ctrl, strlist_t users, KEYDB_SEARCH_DESC **klist, + int *count, int fakev3) { int rc = 0; int num = 100; @@ -1318,7 +1320,7 @@ keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3) PKT_user_id *uid=NULL; PKT_signature *sig=NULL; - merge_keys_and_selfsig(keyblock); + merge_keys_and_selfsig (ctrl, keyblock); for(node=node->next;node;node=node->next) { @@ -1401,7 +1403,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users) ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0)) fakev3=1; - err = keyidlist (users, &desc, &numdesc, fakev3); + err = keyidlist (ctrl, users, &desc, &numdesc, fakev3); if (err) return err; diff --git a/g10/main.h b/g10/main.h index 96e55620f..2a65647c3 100644 --- a/g10/main.h +++ b/g10/main.h @@ -54,6 +54,7 @@ typedef struct { + ctrl_t ctrl; int header_okay; PK_LIST pk_list; DEK *symkey_dek; @@ -237,12 +238,12 @@ void encrypt_crypt_files (ctrl_t ctrl, int encrypt_filter (void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len); -int write_pubkey_enc (PKT_public_key *pk, int throw_keyid, +int write_pubkey_enc (ctrl_t ctrl, PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out); /*-- sign.c --*/ -int complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md, - const char *cache_nonce); +int complete_sig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pksk, + gcry_md_hd_t md, const char *cache_nonce); int sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, int do_encrypt, strlist_t remusr, const char *outfile ); int clearsign_file (ctrl_t ctrl, @@ -254,7 +255,7 @@ int sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr); /* SIG is a revocation signature. Check if any of PK's designated revokers generated it. If so, return 0. Note: this function (correctly) doesn't care if the designated revoker is revoked. */ -int check_revocation_keys (PKT_public_key *pk, PKT_signature *sig); +int check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig); /* Check that the backsig BACKSIG from the subkey SUB_PK to its primary key MAIN_PK is valid. */ int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk, @@ -262,13 +263,14 @@ int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk, /* Check that the signature SIG over a key (e.g., a key binding or a key revocation) is valid. (To check signatures over data, use check_signature.) */ -int check_key_signature( KBNODE root, KBNODE sig, int *is_selfsig ); +int check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t sig, + int *is_selfsig ); /* Like check_key_signature, but with the ability to specify some additional parameters and get back additional information. See the documentation for the implementation for details. */ -int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk, - PKT_public_key *ret_pk, int *is_selfsig, - u32 *r_expiredate, int *r_expired ); +int check_key_signature2 (ctrl_t ctrl, kbnode_t root, kbnode_t node, + PKT_public_key *check_pk, PKT_public_key *ret_pk, + int *is_selfsig, u32 *r_expiredate, int *r_expired); /* Returns whether SIGNER generated the signature SIG over the packet PACKET, which is a key, subkey or uid, and comes from the key block @@ -276,7 +278,8 @@ int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk, SIG. If not NULL, sets *IS_SELFSIG to indicate whether the signature is a self-signature and *RET_PK to a copy of the signer's key. */ -gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer, +gpg_error_t check_signature_over_key_or_uid (ctrl_t ctrl, + PKT_public_key *signer, PKT_signature *sig, KBNODE kb, PACKET *packet, int *is_selfsig, @@ -284,7 +287,8 @@ gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer, /*-- delkey.c --*/ -gpg_error_t delete_keys (strlist_t names, int secret, int allow_both); +gpg_error_t delete_keys (ctrl_t ctrl, + strlist_t names, int secret, int allow_both); /*-- keyedit.c --*/ void keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, @@ -302,7 +306,7 @@ void keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr); void keyedit_quick_set_primary (ctrl_t ctrl, const char *username, const char *primaryuid); -void show_basic_key_info (KBNODE keyblock); +void show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock); /*-- keygen.c --*/ const char *get_default_pubkey_algo (void); @@ -323,7 +327,8 @@ int keygen_upd_std_prefs( PKT_signature *sig, void *opaque ); int keygen_add_keyserver_url(PKT_signature *sig, void *opaque); int keygen_add_notations(PKT_signature *sig,void *opaque); int keygen_add_revkey(PKT_signature *sig, void *opaque); -gpg_error_t make_backsig (PKT_signature *sig, PKT_public_key *pk, +gpg_error_t make_backsig (ctrl_t ctrl, + PKT_signature *sig, PKT_public_key *pk, PKT_public_key *sub_pk, PKT_public_key *sub_psk, u32 timestamp, const char *cache_nonce); gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, @@ -331,7 +336,7 @@ gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *usagestr, const char *expirestr); #ifdef ENABLE_CARD_SUPPORT -gpg_error_t generate_card_subkeypair (kbnode_t pub_keyblock, +gpg_error_t generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock, int keyno, const char *serialno); #endif @@ -382,6 +387,13 @@ gpg_error_t import_old_secring (ctrl_t ctrl, const char *fname); import_stats_t import_new_stats_handle (void); void import_release_stats_handle (import_stats_t hd); void import_print_stats (import_stats_t hd); +/* Communication for impex_filter_getval */ +struct impex_filter_parm_s +{ + ctrl_t ctrl; + kbnode_t node; +}; + const char *impex_filter_getval (void *cookie, const char *propname); gpg_error_t transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats, kbnode_t sec_keyblock, int batch, int force); @@ -430,8 +442,10 @@ int enarmor_file( const char *fname ); /*-- revoke.c --*/ struct revocation_reason_info; -int gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce); -int gen_revoke( const char *uname ); + +int gen_standard_revoke (ctrl_t ctrl, + PKT_public_key *psk, const char *cache_nonce); +int gen_revoke (ctrl_t ctrl, const char *uname); int gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr); int revocation_reason_build_cb( PKT_signature *sig, void *opaque ); struct revocation_reason_info * @@ -446,18 +460,19 @@ void print_subpackets_colon(PKT_signature *sig); void reorder_keyblock (KBNODE keyblock); void list_keyblock_direct (ctrl_t ctrl, kbnode_t keyblock, int secret, int has_secret, int fpr, int no_validity); -void print_fingerprint (estream_t fp, PKT_public_key *pk, int mode); +void print_fingerprint (ctrl_t ctrl, estream_t fp, + PKT_public_key *pk, int mode); void print_revokers (estream_t fp, PKT_public_key *pk); void show_policy_url(PKT_signature *sig,int indent,int mode); void show_keyserver_url(PKT_signature *sig,int indent,int mode); void show_notation(PKT_signature *sig,int indent,int mode,int which); void dump_attribs (const PKT_user_id *uid, PKT_public_key *pk); void set_attrib_fd(int fd); -char *format_seckey_info (PKT_public_key *pk); -void print_seckey_info (PKT_public_key *pk); -void print_pubkey_info (estream_t fp, PKT_public_key *pk); +char *format_seckey_info (ctrl_t ctrl, PKT_public_key *pk); +void print_seckey_info (ctrl_t ctrl, PKT_public_key *pk); +void print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk); void print_card_key_info (estream_t fp, KBNODE keyblock); -void print_key_line (estream_t fp, PKT_public_key *pk, int secret); +void print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret); /*-- verify.c --*/ void print_file_status( int status, const char *name, int what ); @@ -485,9 +500,9 @@ gpg_error_t gpg_proxy_pinentry_notify (ctrl_t ctrl, #ifdef ENABLE_CARD_SUPPORT /*-- card-util.c --*/ void change_pin (int no, int allow_admin); -void card_status (estream_t fp, const char *serialno); +void card_status (ctrl_t ctrl, estream_t fp, const char *serialno); void card_edit (ctrl_t ctrl, strlist_t commands); -gpg_error_t card_generate_subkey (KBNODE pub_keyblock); +gpg_error_t card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock); int card_store_subkey (KBNODE node, int use); #endif diff --git a/g10/mainproc.c b/g10/mainproc.c index 7b2c4567c..950f214b9 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -465,7 +465,7 @@ proc_pubkey_enc (ctrl_t ctrl, CTX c, PACKET *pkt) * not decrypt. */ static void -print_pkenc_list (struct kidlist_item *list, int failed) +print_pkenc_list (ctrl_t ctrl, struct kidlist_item *list, int failed) { for (; list; list = list->next) { @@ -483,13 +483,13 @@ print_pkenc_list (struct kidlist_item *list, int failed) if (!algstr) algstr = "[?]"; pk->pubkey_algo = list->pubkey_algo; - if (!get_pubkey (pk, list->kid)) + if (!get_pubkey (ctrl, pk, list->kid)) { char *p; log_info (_("encrypted with %u-bit %s key, ID %s, created %s\n"), nbits_from_pk (pk), algstr, keystr_from_pk(pk), strtimestamp (pk->timestamp)); - p = get_user_id_native (list->kid); + p = get_user_id_native (ctrl, list->kid); log_printf (_(" \"%s\"\n"), p); xfree (p); } @@ -530,8 +530,8 @@ proc_encrypted (CTX c, PACKET *pkt) log_info (_("encrypted with %lu passphrases\n"), c->symkeys); else if (c->symkeys == 1) log_info (_("encrypted with 1 passphrase\n")); - print_pkenc_list ( c->pkenc_list, 1 ); - print_pkenc_list ( c->pkenc_list, 0 ); + print_pkenc_list (c->ctrl, c->pkenc_list, 1 ); + print_pkenc_list (c->ctrl, c->pkenc_list, 0 ); } /* FIXME: Figure out the session key by looking at all pkenc packets. */ @@ -916,7 +916,7 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig, if (c->list->pkt->pkttype == PKT_PUBLIC_KEY || c->list->pkt->pkttype == PKT_PUBLIC_SUBKEY) { - return check_key_signature( c->list, node, is_selfsig ); + return check_key_signature (c->ctrl, c->list, node, is_selfsig); } else if (sig->sig_class == 0x20) { @@ -935,14 +935,14 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig, /* We only get here if we are checking the signature of a binary (0x00) or text document (0x01). */ - rc = check_signature2 (sig, md, NULL, is_expkey, is_revkey, r_pk); + rc = check_signature2 (c->ctrl, sig, md, NULL, is_expkey, is_revkey, r_pk); if (! rc) md_good = md; else if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE && md2) { PKT_public_key *pk2; - rc = check_signature2 (sig, md2, NULL, is_expkey, is_revkey, + rc = check_signature2 (c->ctrl, sig, md2, NULL, is_expkey, is_revkey, r_pk? &pk2 : NULL); if (!rc) { @@ -1032,19 +1032,19 @@ list_node (CTX c, kbnode_t node) colon_datestr_from_pk( pk ), colon_strtime (pk->expiredate) ); if (pk->flags.primary && !opt.fast_list_mode) - es_putc (get_ownertrust_info (pk, 1), es_stdout); + es_putc (get_ownertrust_info (c->ctrl, pk, 1), es_stdout); es_putc (':', es_stdout); es_putc ('\n', es_stdout); } else { - print_key_line (es_stdout, pk, 0); + print_key_line (c->ctrl, es_stdout, pk, 0); } if (opt.keyid_format == KF_NONE && !opt.with_colons) ; /* Already printed. */ else if ((pk->flags.primary && opt.fingerprint) || opt.fingerprint > 1) - print_fingerprint (NULL, pk, 0); + print_fingerprint (c->ctrl, NULL, pk, 0); if (pk->flags.primary) { @@ -1165,7 +1165,7 @@ list_node (CTX c, kbnode_t node) } else if (!opt.fast_list_mode) { - p = get_user_id (sig->keyid, &n); + p = get_user_id (c->ctrl, sig->keyid, &n); es_write_sanitized (es_stdout, p, n, opt.with_colons?":":NULL, NULL ); xfree (p); @@ -1928,7 +1928,7 @@ check_sig_and_print (CTX c, kbnode_t node) * keyboock has already been fetched. Thus we could use the * fingerprint or PK itself to lookup the entire keyblock. That * would best be done with a cache. */ - keyblock = get_pubkeyblock (sig->keyid); + keyblock = get_pubkeyblock (c->ctrl, sig->keyid); snprintf (keyid_str, sizeof keyid_str, "%08lX%08lX [uncertain] ", (ulong)sig->keyid[0], (ulong)sig->keyid[1]); @@ -2254,12 +2254,12 @@ proc_tree (CTX c, kbnode_t node) if (node->pkt->pkttype == PKT_PUBLIC_KEY || node->pkt->pkttype == PKT_PUBLIC_SUBKEY) { - merge_keys_and_selfsig (node); + merge_keys_and_selfsig (c->ctrl, node); list_node (c, node); } else if (node->pkt->pkttype == PKT_SECRET_KEY) { - merge_keys_and_selfsig (node); + merge_keys_and_selfsig (c->ctrl, node); list_node (c, node); } else if (node->pkt->pkttype == PKT_ONEPASS_SIG) diff --git a/g10/packet.h b/g10/packet.h index f5f22b695..3cb1e3b48 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -428,7 +428,7 @@ typedef struct there is no disable value cached, fill one in. */ #define pk_is_disabled(a) \ (((a)->flags.disabled_valid)? \ - ((a)->flags.disabled):(cache_disabled_value((a)))) + ((a)->flags.disabled):(cache_disabled_value(ctrl,(a)))) typedef struct { @@ -853,14 +853,15 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b ); /*-- sig-check.c --*/ /* Check a signature. This is shorthand for check_signature2 with the unnamed arguments passed as NULL. */ -int check_signature (PKT_signature *sig, gcry_md_hd_t digest); +int check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest); /* Check a signature. Looks up the public key from the key db. (If * R_PK is not NULL, it is stored at RET_PK.) DIGEST contains a * valid hash context that already includes the signed data. This * function adds the relevant meta-data to the hash before finalizing * it and verifying the signature. */ -gpg_error_t check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, +gpg_error_t check_signature2 (ctrl_t ctrl, + PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate, int *r_expired, int *r_revoked, PKT_public_key **r_pk); @@ -885,14 +886,16 @@ int ask_for_detached_datafile( gcry_md_hd_t md, gcry_md_hd_t md2, const char *inname, int textmode ); /*-- sign.c --*/ -int make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk, +int make_keysig_packet (ctrl_t ctrl, + PKT_signature **ret_sig, PKT_public_key *pk, PKT_user_id *uid, PKT_public_key *subpk, PKT_public_key *pksk, int sigclass, int digest_algo, u32 timestamp, u32 duration, int (*mksubpkt)(PKT_signature *, void *), void *opaque, const char *cache_nonce); -gpg_error_t update_keysig_packet (PKT_signature **ret_sig, +gpg_error_t update_keysig_packet (ctrl_t ctrl, + PKT_signature **ret_sig, PKT_signature *orig_sig, PKT_public_key *pk, PKT_user_id *uid, diff --git a/g10/passphrase.c b/g10/passphrase.c index 02371fe9f..a498f627b 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -441,12 +441,13 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, /* Emit the USERID_HINT and the NEED_PASSPHRASE status messages. MAINKEYID may be NULL. */ void -emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo) +emit_status_need_passphrase (ctrl_t ctrl, + u32 *keyid, u32 *mainkeyid, int pubkey_algo) { char buf[50]; char *us; - us = get_long_user_id_string (keyid); + us = get_long_user_id_string (ctrl, keyid); write_status_text (STATUS_USERID_HINT, us); xfree (us); @@ -466,7 +467,7 @@ emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo) MODE describes the use of the key description; use one of the FORMAT_KEYDESC_ macros. */ char * -gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped) +gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped) { char *uid; size_t uidlen; @@ -484,7 +485,7 @@ gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped) && pk->keyid[1] != pk->main_keyid[1]); algo_name = openpgp_pk_algo_name (pk->pubkey_algo); timestr = strtimestamp (pk->timestamp); - uid = get_user_id (is_subkey? pk->main_keyid:pk->keyid, &uidlen); + uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen); orig_codeset = i18n_switchto_utf8 (); diff --git a/g10/pkclist.c b/g10/pkclist.c index bf43d5638..e65da2574 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -110,7 +110,7 @@ do_show_revocation_reason( PKT_signature *sig ) subkeys, etc.) Mode 1: use only the revocation on the main pk */ void -show_revocation_reason( PKT_public_key *pk, int mode ) +show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode) { /* Hmmm, this is not so easy because we have to duplicate the code * used in the trustbd to calculate the keyflags. We need to find @@ -127,7 +127,7 @@ show_revocation_reason( PKT_public_key *pk, int mode ) /* get the keyblock */ fingerprint_from_pk( pk, fingerprint, &fingerlen ); - rc = get_pubkey_byfprint(NULL, &keyblock, fingerprint, fingerlen); + rc = get_pubkey_byfprint (ctrl, NULL, &keyblock, fingerprint, fingerlen); if( rc ) { /* that should never happen */ log_debug( "failed to get the keyblock\n"); return; @@ -160,7 +160,7 @@ show_revocation_reason( PKT_public_key *pk, int mode ) /* We didn't find it, so check if the whole key is revoked */ if(!node && !mode) - show_revocation_reason(pk,1); + show_revocation_reason (ctrl, pk, 1); release_kbnode( keyblock ); } @@ -188,7 +188,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode, int show=0; int min_num; int did_help=defer_help; - unsigned int minimum = tdb_get_min_ownertrust (pk, 0); + unsigned int minimum = tdb_get_min_ownertrust (ctrl, pk, 0); switch(minimum) { @@ -222,13 +222,13 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode, KBNODE keyblock, un; tty_printf (_("No trust value assigned to:\n")); - print_key_line (NULL, pk, 0); + print_key_line (ctrl, NULL, pk, 0); - p = get_user_id_native(keyid); + p = get_user_id_native (ctrl, keyid); tty_printf (_(" \"%s\"\n"),p); xfree (p); - keyblock = get_pubkeyblock (keyid); + keyblock = get_pubkeyblock (ctrl, keyid); if (!keyblock) BUG (); for (un=keyblock; un; un = un->next) @@ -257,7 +257,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode, tty_printf(_(" aka \"%s\"\n"),p); } - print_fingerprint (NULL, pk, 2); + print_fingerprint (ctrl, NULL, pk, 2); tty_printf("\n"); release_kbnode (keyblock); } @@ -391,8 +391,8 @@ edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode ) break; case 1: /* trust value set */ trust &= ~TRUST_FLAG_DISABLED; - trust |= get_ownertrust (pk) & TRUST_FLAG_DISABLED; - update_ownertrust (pk, trust ); + trust |= get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED; + update_ownertrust (ctrl, pk, trust ); return 1; default: return 0; @@ -467,7 +467,7 @@ do_we_trust( PKT_public_key *pk, unsigned int trustlevel ) * key anyway. */ static int -do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel ) +do_we_trust_pre (ctrl_t ctrl, PKT_public_key *pk, unsigned int trustlevel ) { int rc; @@ -475,8 +475,8 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel ) if( !opt.batch && !rc ) { - print_pubkey_info(NULL,pk); - print_fingerprint (NULL, pk, 2); + print_pubkey_info (ctrl, NULL,pk); + print_fingerprint (ctrl, NULL, pk, 2); tty_printf("\n"); if ((trustlevel & TRUST_MASK) == TRUST_NEVER) @@ -499,7 +499,7 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel ) char *hint_str; keyid_from_pk (pk, kid); - hint_str = get_long_user_id_string ( kid ); + hint_str = get_long_user_id_string (ctrl, kid); write_status_text ( STATUS_USERID_HINT, hint_str ); xfree (hint_str); } @@ -548,7 +548,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) unsigned int trustlevel = TRUST_UNKNOWN; int rc=0; - rc = get_pubkey( pk, sig->keyid ); + rc = get_pubkey (ctrl, pk, sig->keyid ); if (rc) { /* this should not happen */ log_error("Ooops; the key vanished - can't check the trust\n"); @@ -561,7 +561,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) if( !opt.quiet ) log_info(_("WARNING: Using untrusted key!\n")); if (opt.with_fingerprint) - print_fingerprint (NULL, pk, 1); + print_fingerprint (ctrl, NULL, pk, 1); goto leave; } @@ -580,13 +580,13 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) else log_info(_("WARNING: This key has been revoked by its owner!\n")); log_info(_(" This could mean that the signature is forged.\n")); - show_revocation_reason( pk, 0 ); + show_revocation_reason (ctrl, pk, 0); } else if ((trustlevel & TRUST_FLAG_SUB_REVOKED) ) { write_status( STATUS_KEYREVOKED ); log_info(_("WARNING: This subkey has been revoked by its owner!\n")); - show_revocation_reason( pk, 0 ); + show_revocation_reason (ctrl, pk, 0); } if ((trustlevel & TRUST_FLAG_DISABLED)) @@ -602,7 +602,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) primary_pk = xmalloc_clear (sizeof *primary_pk); - get_pubkey (primary_pk, pk->main_keyid); + get_pubkey (ctrl, primary_pk, pk->main_keyid); fingerprint_from_pk (primary_pk, fpr, &fprlen); free_public_key (primary_pk); @@ -649,7 +649,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) { case TRUST_EXPIRED: log_info(_("Note: This key has expired!\n")); - print_fingerprint (NULL, pk, 1); + print_fingerprint (ctrl, NULL, pk, 1); break; default: @@ -663,7 +663,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) " a trusted signature!\n")); log_info(_(" There is no indication that the " "signature belongs to the owner.\n" )); - print_fingerprint (NULL, pk, 1); + print_fingerprint (ctrl, NULL, pk, 1); break; case TRUST_NEVER: @@ -673,7 +673,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) log_info(_("WARNING: We do NOT trust this key!\n")); log_info(_(" The signature is probably a FORGERY.\n")); if (opt.with_fingerprint) - print_fingerprint (NULL, pk, 1); + print_fingerprint (ctrl, NULL, pk, 1); rc = gpg_error (GPG_ERR_BAD_SIGNATURE); break; @@ -683,19 +683,19 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) " sufficiently trusted signatures!\n")); log_info(_(" It is not certain that the" " signature belongs to the owner.\n" )); - print_fingerprint (NULL, pk, 1); + print_fingerprint (ctrl, NULL, pk, 1); break; case TRUST_FULLY: write_trust_status (STATUS_TRUST_FULLY, trustlevel); if (opt.with_fingerprint) - print_fingerprint (NULL, pk, 1); + print_fingerprint (ctrl, NULL, pk, 1); break; case TRUST_ULTIMATE: write_trust_status (STATUS_TRUST_ULTIMATE, trustlevel); if (opt.with_fingerprint) - print_fingerprint (NULL, pk, 1); + print_fingerprint (ctrl, NULL, pk, 1); break; } @@ -882,7 +882,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use, return GPG_ERR_UNUSABLE_PUBKEY; } - if ( !do_we_trust_pre (pk, trustlevel) ) + if ( !do_we_trust_pre (ctrl, pk, trustlevel) ) { /* We don't trust this key. */ send_status_inv_recp (10, name); @@ -1151,8 +1151,8 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list) else { size_t n; - char *p = get_user_id( keyid, &n ); - tty_print_utf8_string( p, n ); + char *p = get_user_id (ctrl, keyid, &n ); + tty_print_utf8_string ( p, n ); xfree(p); } tty_printf("\"\n"); @@ -1218,7 +1218,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list) { tty_printf (_("Public key is disabled.\n") ); } - else if ( do_we_trust_pre (pk, trustlevel) ) + else if ( do_we_trust_pre (ctrl, pk, trustlevel) ) { /* Skip the actual key if the key is already * present in the list */ diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index d2261b0b4..d0eaab775 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -37,7 +37,7 @@ #include "../common/host2net.h" -static gpg_error_t get_it (PKT_pubkey_enc *k, +static gpg_error_t get_it (ctrl_t ctrl, PKT_pubkey_enc *k, DEK *dek, PKT_public_key *sk, u32 *keyid); @@ -87,8 +87,8 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek) { sk = xmalloc_clear (sizeof *sk); sk->pubkey_algo = k->pubkey_algo; /* We want a pubkey with this algo. */ - if (!(rc = get_seckey (sk, k->keyid))) - rc = get_it (k, dek, sk, k->keyid); + if (!(rc = get_seckey (ctrl, sk, k->keyid))) + rc = get_it (ctrl, k, dek, sk, k->keyid); } else if (opt.skip_hidden_recipients) rc = gpg_error (GPG_ERR_NO_SECKEY); @@ -116,7 +116,7 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek) log_info (_("anonymous recipient; trying secret key %s ...\n"), keystr (keyid)); - rc = get_it (k, dek, sk, keyid); + rc = get_it (ctrl, k, dek, sk, keyid); if (!rc) { if (!opt.quiet) @@ -138,7 +138,8 @@ leave: static gpg_error_t -get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) +get_it (ctrl_t ctrl, + PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) { gpg_error_t err; byte *frame = NULL; @@ -200,7 +201,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) } /* Decrypt. */ - desc = gpg_format_keydesc (sk, FORMAT_KEYDESC_NORMAL, 1); + desc = gpg_format_keydesc (ctrl, sk, FORMAT_KEYDESC_NORMAL, 1); err = agent_pkdecrypt (NULL, keygrip, desc, sk->keyid, sk->main_keyid, sk->pubkey_algo, s_data, &frame, &nframe, &padding); @@ -340,7 +341,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) { PKT_public_key *pk = NULL; PKT_public_key *mainpk = NULL; - KBNODE pkb = get_pubkeyblock (keyid); + KBNODE pkb = get_pubkeyblock (ctrl, keyid); if (!pkb) { @@ -393,7 +394,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) { log_info (_("Note: key has been revoked")); log_printf ("\n"); - show_revocation_reason (pk, 1); + show_revocation_reason (ctrl, pk, 1); } if (is_status_enabled () && pk && mainpk) @@ -410,7 +411,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) * value is irrelevant. */ write_status_printf (STATUS_DECRYPTION_KEY, "%s %s %c", pkhex, mainpkhex, - get_ownertrust_info (mainpk, 1)); + get_ownertrust_info (ctrl, mainpk, 1)); } diff --git a/g10/revoke.c b/g10/revoke.c index 122699f8c..1dea6ae12 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -238,7 +238,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr) } /* To parse the revkeys */ - merge_keys_and_selfsig(keyblock); + merge_keys_and_selfsig (ctrl, keyblock); /* get the key from the keyblock */ node = find_kbnode( keyblock, PKT_PUBLIC_KEY ); @@ -294,7 +294,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr) else { pk2 = xmalloc_clear (sizeof *pk2); - rc = get_pubkey_byfprint (pk2, NULL, + rc = get_pubkey_byfprint (ctrl, pk2, NULL, pk->revkey[i].fpr, MAX_FINGERPRINT_LEN); } @@ -305,11 +305,11 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr) any = 1; - print_pubkey_info (NULL, pk); + print_pubkey_info (ctrl, NULL, pk); tty_printf ("\n"); tty_printf (_("To be revoked by:\n")); - print_seckey_info (pk2); + print_seckey_info (ctrl, pk2); if(pk->revkey[i].class&0x40) tty_printf(_("(This is a sensitive revocation key)\n")); @@ -343,7 +343,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr) push_armor_filter (afx, out); /* create it */ - rc = make_keysig_packet( &sig, pk, NULL, NULL, pk2, 0x20, 0, + rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk2, 0x20, 0, 0, 0, revocation_reason_build_cb, reason, NULL); @@ -445,7 +445,8 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr) just the naked revocation signature; it may be NULL. If LEADINTEXT is not NULL, it is written right before the (armored) output.*/ static int -create_revocation (const char *filename, +create_revocation (ctrl_t ctrl, + const char *filename, struct revocation_reason_info *reason, PKT_public_key *psk, kbnode_t keyblock, @@ -470,7 +471,7 @@ create_revocation (const char *filename, afx->hdrlines = "Comment: This is a revocation certificate\n"; push_armor_filter (afx, out); - rc = make_keysig_packet (&sig, psk, NULL, NULL, psk, 0x20, 0, + rc = make_keysig_packet (ctrl, &sig, psk, NULL, NULL, psk, 0x20, 0, 0, 0, revocation_reason_build_cb, reason, cache_nonce); if (rc) @@ -520,7 +521,7 @@ create_revocation (const char *filename, key must be available. CACHE_NONCE is optional but can be used to help gpg-agent to avoid an extra passphrase prompt. */ int -gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce) +gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce) { int rc; estream_t memfp; @@ -549,14 +550,14 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce) es_fprintf (memfp, "%s\n\n", _("This is a revocation certificate for the OpenPGP key:")); - print_key_line (memfp, psk, 0); + print_key_line (ctrl, memfp, psk, 0); if (opt.keyid_format != KF_NONE) - print_fingerprint (memfp, psk, 3); + print_fingerprint (ctrl, memfp, psk, 3); kl = opt.keyid_format == KF_NONE? 0 : keystrlen (); - tmpstr = get_user_id (keyid, &len); + tmpstr = get_user_id (ctrl, keyid, &len); es_fprintf (memfp, "uid%*s%.*s\n\n", kl + 10, "", (int)len, tmpstr); @@ -585,7 +586,8 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce) reason.code = 0x00; /* No particular reason. */ reason.desc = NULL; - rc = create_revocation (fname, &reason, psk, NULL, leadin, 3, cache_nonce); + rc = create_revocation (ctrl, + fname, &reason, psk, NULL, leadin, 3, cache_nonce); if (!rc && !opt.quiet) log_info (_("revocation certificate stored as '%s.rev'\n"), fname); @@ -601,7 +603,7 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce) * Generate a revocation certificate for UNAME */ int -gen_revoke (const char *uname) +gen_revoke (ctrl_t ctrl, const char *uname) { int rc = 0; PKT_public_key *psk; @@ -660,7 +662,7 @@ gen_revoke (const char *uname) lines with secret key infos are printed after this message. */ log_error (_("'%s' matches multiple secret keys:\n"), uname); - info = format_seckey_info (keyblock->pkt->pkt.public_key); + info = format_seckey_info (ctrl, keyblock->pkt->pkt.public_key); log_error (" %s\n", info); xfree (info); release_kbnode (keyblock); @@ -668,7 +670,7 @@ gen_revoke (const char *uname) rc = keydb_get_keyblock (kdbhd, &keyblock); while (! rc) { - info = format_seckey_info (keyblock->pkt->pkt.public_key); + info = format_seckey_info (ctrl, keyblock->pkt->pkt.public_key); log_info (" %s\n", info); xfree (info); release_kbnode (keyblock); @@ -704,7 +706,7 @@ gen_revoke (const char *uname) } keyid_from_pk (psk, keyid ); - print_seckey_info (psk); + print_seckey_info (ctrl, psk); tty_printf("\n"); if (!cpr_get_answer_is_yes ("gen_revoke.okay", @@ -726,7 +728,7 @@ gen_revoke (const char *uname) if (!opt.armor) tty_printf (_("ASCII armored output forced.\n")); - rc = create_revocation (NULL, reason, psk, keyblock, NULL, 0, NULL); + rc = create_revocation (ctrl, NULL, reason, psk, keyblock, NULL, 0, NULL); if (rc) goto leave; diff --git a/g10/sig-check.c b/g10/sig-check.c index 4e6ca4309..4622f6b33 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -45,9 +45,9 @@ static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig, /* Check a signature. This is shorthand for check_signature2 with the unnamed arguments passed as NULL. */ int -check_signature (PKT_signature *sig, gcry_md_hd_t digest) +check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest) { - return check_signature2 (sig, digest, NULL, NULL, NULL, NULL); + return check_signature2 (ctrl, sig, digest, NULL, NULL, NULL, NULL); } @@ -89,7 +89,8 @@ check_signature (PKT_signature *sig, gcry_md_hd_t digest) * * Returns 0 on success. An error code otherwise. */ gpg_error_t -check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate, +check_signature2 (ctrl_t ctrl, + PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate, int *r_expired, int *r_revoked, PKT_public_key **r_pk) { int rc=0; @@ -122,7 +123,7 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate, log_info(_("WARNING: signature digest conflict in message\n")); rc = gpg_error (GPG_ERR_GENERAL); } - else if( get_pubkey( pk, sig->keyid ) ) + else if( get_pubkey (ctrl, pk, sig->keyid ) ) rc = gpg_error (GPG_ERR_NO_PUBKEY); else if(!pk->flags.valid) { @@ -560,7 +561,7 @@ cache_sig_result ( PKT_signature *sig, int result ) * revoked, B is still revoked. I'm not completely convinced this is * the proper behavior, but it matches how PGP does it. -dms */ int -check_revocation_keys (PKT_public_key *pk, PKT_signature *sig) +check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig) { static int busy=0; int i; @@ -616,7 +617,8 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig) /* The revoker's keyid. */ u32 keyid[2]; - keyid_from_fingerprint(pk->revkey[i].fpr,MAX_FINGERPRINT_LEN,keyid); + keyid_from_fingerprint (ctrl, pk->revkey[i].fpr, + MAX_FINGERPRINT_LEN, keyid); if(keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1]) /* The signature was generated by a designated revoker. @@ -629,7 +631,7 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig) hash_public_key(md,pk); /* Note: check_signature only checks that the signature is good. It does not fail if the key is revoked. */ - rc=check_signature(sig,md); + rc = check_signature (ctrl, sig, md); cache_sig_result(sig,rc); gcry_md_close (md); break; @@ -685,9 +687,11 @@ check_backsig (PKT_public_key *main_pk,PKT_public_key *sub_pk, * passed as NULL. See the documentation for that function for more * details. */ int -check_key_signature (KBNODE root, KBNODE node, int *is_selfsig) +check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t node, + int *is_selfsig) { - return check_key_signature2 (root, node, NULL, NULL, is_selfsig, NULL, NULL); + return check_key_signature2 (ctrl, root, node, NULL, NULL, + is_selfsig, NULL, NULL); } @@ -725,7 +729,7 @@ check_key_signature (KBNODE root, KBNODE node, int *is_selfsig) generated the signature (i.e., the signer) on success. This must be released by the caller using release_public_key_parts (). */ gpg_error_t -check_signature_over_key_or_uid (PKT_public_key *signer, +check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer, PKT_signature *sig, KBNODE kb, PACKET *packet, int *is_selfsig, PKT_public_key *ret_pk) { @@ -841,7 +845,7 @@ check_signature_over_key_or_uid (PKT_public_key *signer, signer_alloced = 2; } - rc = get_pubkey (signer, sig->keyid); + rc = get_pubkey (ctrl, signer, sig->keyid); if (rc) { xfree (signer); @@ -957,7 +961,8 @@ check_signature_over_key_or_uid (PKT_public_key *signer, * TODO: add r_revoked here as well. It has the same problems as * r_expiredate and r_expired and the cache. */ int -check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk, +check_key_signature2 (ctrl_t ctrl, + kbnode_t root, kbnode_t node, PKT_public_key *check_pk, PKT_public_key *ret_pk, int *is_selfsig, u32 *r_expiredate, int *r_expired ) { @@ -1018,13 +1023,14 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk, /* Is it a designated revoker? */ if (keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1]) - rc = check_revocation_keys (pk, sig); + rc = check_revocation_keys (ctrl, pk, sig); else { rc = check_signature_metadata_validity (pk, sig, r_expired, NULL); if (! rc) - rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt, + rc = check_signature_over_key_or_uid (ctrl, pk, sig, + root, root->pkt, is_selfsig, ret_pk); } } @@ -1039,7 +1045,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk, r_expired, NULL); if (! rc) /* 0x28 must be a self-sig, but 0x18 needn't be. */ - rc = check_signature_over_key_or_uid (sig->sig_class == 0x18 + rc = check_signature_over_key_or_uid (ctrl, + sig->sig_class == 0x18 ? NULL : pk, sig, root, snode->pkt, is_selfsig, ret_pk); @@ -1063,7 +1070,7 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk, rc = check_signature_metadata_validity (pk, sig, r_expired, NULL); if (! rc) - rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt, + rc = check_signature_over_key_or_uid (ctrl, pk, sig, root, root->pkt, is_selfsig, ret_pk); } else if (/* Certification. */ @@ -1082,7 +1089,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk, if (! rc) /* If this is a self-sig, ignore check_pk. */ rc = check_signature_over_key_or_uid - (keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk, + (ctrl, + keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk, sig, root, unode->pkt, NULL, ret_pk); } else diff --git a/g10/sign.c b/g10/sign.c index 9bb1f4446..aaf284050 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -253,7 +253,7 @@ hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig) /* Perform the sign operation. If CACHE_NONCE is given the agent is advised to use that cached passphrase fro the key. */ static int -do_sign (PKT_public_key *pksk, PKT_signature *sig, +do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig, gcry_md_hd_t md, int mdalgo, const char *cache_nonce) { gpg_error_t err; @@ -294,7 +294,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, char *desc; gcry_sexp_t s_sigval; - desc = gpg_format_keydesc (pksk, FORMAT_KEYDESC_NORMAL, 1); + desc = gpg_format_keydesc (ctrl, pksk, FORMAT_KEYDESC_NORMAL, 1); err = agent_pksign (NULL/*ctrl*/, cache_nonce, hexgrip, desc, pksk->keyid, pksk->main_keyid, pksk->pubkey_algo, dp, gcry_md_get_algo_dlen (mdalgo), mdalgo, @@ -327,7 +327,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, { if (opt.verbose) { - char *ustr = get_user_id_string_native (sig->keyid); + char *ustr = get_user_id_string_native (ctrl, sig->keyid); log_info (_("%s/%s signature from: \"%s\"\n"), openpgp_pk_algo_name (pksk->pubkey_algo), openpgp_md_algo_name (sig->digest_algo), @@ -340,13 +340,14 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, int -complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md, +complete_sig (ctrl_t ctrl, + PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md, const char *cache_nonce) { int rc; /* if (!(rc = check_secret_key (pksk, 0))) */ - rc = do_sign (pksk, sig, md, 0, cache_nonce); + rc = do_sign (ctrl, pksk, sig, md, 0, cache_nonce); return rc; } @@ -669,7 +670,8 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode) * hash which will not be changes here. */ static int -write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, +write_signature_packets (ctrl_t ctrl, + SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, int sigclass, u32 timestamp, u32 duration, int status_letter, const char *cache_nonce) { @@ -719,7 +721,7 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, hash_sigversion_to_magic (md, sig); gcry_md_final (md); - rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce); + rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce); gcry_md_close (md); if (!rc) { @@ -785,6 +787,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, memset( &zfx, 0, sizeof zfx); memset( &mfx, 0, sizeof mfx); memset( &efx, 0, sizeof efx); + efx.ctrl = ctrl; init_packet( &pkt ); if( filenames ) { @@ -1066,7 +1069,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, goto leave; /* write the signatures */ - rc = write_signature_packets (sk_list, out, mfx.md, + rc = write_signature_packets (ctrl, sk_list, out, mfx.md, opt.textmode && !outfile? 0x01 : 0x00, 0, duration, detached ? 'D':'S', NULL); if( rc ) @@ -1209,8 +1212,8 @@ clearsign_file (ctrl_t ctrl, push_armor_filter (afx, out); /* Write the signatures. */ - rc = write_signature_packets (sk_list, out, textmd, 0x01, 0, duration, 'C', - NULL); + rc = write_signature_packets (ctrl, sk_list, out, textmd, 0x01, 0, + duration, 'C', NULL); if( rc ) goto leave; @@ -1369,7 +1372,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr) /* Write the signatures */ /*(current filters: zip - encrypt - armor)*/ - rc = write_signature_packets (sk_list, out, mfx.md, + rc = write_signature_packets (ctrl, sk_list, out, mfx.md, opt.textmode? 0x01 : 0x00, 0, duration, 'S', NULL); if( rc ) @@ -1420,7 +1423,8 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr) * MKSUBPKT. */ int -make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk, +make_keysig_packet (ctrl_t ctrl, + PKT_signature **ret_sig, PKT_public_key *pk, PKT_user_id *uid, PKT_public_key *subpk, PKT_public_key *pksk, int sigclass, int digest_algo, @@ -1513,7 +1517,7 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk, hash_sigversion_to_magic (md, sig); gcry_md_final (md); - rc = complete_sig (sig, pksk, md, cache_nonce); + rc = complete_sig (ctrl, sig, pksk, md, cache_nonce); } gcry_md_close (md); @@ -1535,7 +1539,8 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk, * TODO: Merge this with make_keysig_packet. */ gpg_error_t -update_keysig_packet( PKT_signature **ret_sig, +update_keysig_packet (ctrl_t ctrl, + PKT_signature **ret_sig, PKT_signature *orig_sig, PKT_public_key *pk, PKT_user_id *uid, @@ -1612,7 +1617,7 @@ update_keysig_packet( PKT_signature **ret_sig, hash_sigversion_to_magic (md, sig); gcry_md_final (md); - rc = complete_sig (sig, pksk, md, NULL); + rc = complete_sig (ctrl, sig, pksk, md, NULL); } leave: diff --git a/g10/skclist.c b/g10/skclist.c index 7a791b302..a016b621f 100644 --- a/g10/skclist.c +++ b/g10/skclist.c @@ -59,14 +59,14 @@ release_sk_list (SK_LIST sk_list) * the string "(insecure!)" or "not secure" or "do not use" * in one of the user ids. */ static int -is_insecure (PKT_public_key *pk) +is_insecure (ctrl_t ctrl, PKT_public_key *pk) { u32 keyid[2]; KBNODE node = NULL, u; int insecure = 0; keyid_from_pk (pk, keyid); - node = get_pubkeyblock (keyid); + node = get_pubkeyblock (ctrl, keyid); for (u = node; u; u = u->next) { if (u->pkt->pkttype == PKT_USER_ID) @@ -150,7 +150,7 @@ build_sk_list (ctrl_t ctrl, { SK_LIST r; - if (random_is_faked () && !is_insecure (pk)) + if (random_is_faked () && !is_insecure (ctrl, pk)) { log_info (_("key is not flagged as insecure - " "can't use it with the faked RNG!\n")); @@ -231,7 +231,7 @@ build_sk_list (ctrl_t ctrl, get_inv_recpsgnr_code (GPG_ERR_WRONG_KEY_USAGE), locusr->d, strlen (locusr->d), -1); } - else if (random_is_faked () && !is_insecure (pk)) + else if (random_is_faked () && !is_insecure (ctrl, pk)) { log_info (_("key is not flagged as insecure - " "can't use it with the faked RNG!\n")); diff --git a/g10/tdbdump.c b/g10/tdbdump.c index a5ad32d6c..5ea903f45 100644 --- a/g10/tdbdump.c +++ b/g10/tdbdump.c @@ -49,9 +49,9 @@ * Write a record; die on error. */ static void -write_record( TRUSTREC *rec ) +write_record (ctrl_t ctrl, TRUSTREC *rec) { - int rc = tdbio_write_record( rec ); + int rc = tdbio_write_record (ctrl, rec); if( !rc ) return; log_error(_("trust record %lu, type %d: write failed: %s\n"), @@ -64,13 +64,13 @@ write_record( TRUSTREC *rec ) * Dump the entire trustdb to FP or only the entries of one key. */ void -list_trustdb (estream_t fp, const char *username) +list_trustdb (ctrl_t ctrl, estream_t fp, const char *username) { TRUSTREC rec; (void)username; - init_trustdb (0); + init_trustdb (ctrl, 0); /* For now we ignore the user ID. */ if (1) { @@ -94,14 +94,14 @@ list_trustdb (estream_t fp, const char *username) * Print a list of all defined owner trust value. */ void -export_ownertrust() +export_ownertrust (ctrl_t ctrl) { TRUSTREC rec; ulong recnum; int i; byte *p; - init_trustdb (0); + init_trustdb (ctrl, 0); es_printf (_("# List of assigned trustvalues, created %s\n" "# (Use \"gpg --import-ownertrust\" to restore them)\n"), asctimestamp( make_timestamp() ) ); @@ -121,7 +121,7 @@ export_ownertrust() void -import_ownertrust( const char *fname ) +import_ownertrust (ctrl_t ctrl, const char *fname ) { estream_t fp; int is_stdin=0; @@ -133,7 +133,7 @@ import_ownertrust( const char *fname ) int any = 0; int rc; - init_trustdb (0); + init_trustdb (ctrl, 0); if( iobuf_is_pipe_filename (fname) ) { fp = es_stdin; fname = "[stdin]"; @@ -202,7 +202,7 @@ import_ownertrust( const char *fname ) log_info("setting ownertrust to %u\n", otrust ); } rec.r.trust.ownertrust = otrust; - write_record (&rec ); + write_record (ctrl, &rec); any = 1; } } @@ -210,11 +210,11 @@ import_ownertrust( const char *fname ) if (!opt.quiet) log_info("inserting ownertrust of %u\n", otrust ); memset (&rec, 0, sizeof rec); - rec.recnum = tdbio_new_recnum (); + rec.recnum = tdbio_new_recnum (ctrl); rec.rectype = RECTYPE_TRUST; memcpy (rec.r.trust.fingerprint, fpr, 20); rec.r.trust.ownertrust = otrust; - write_record (&rec ); + write_record (ctrl, &rec); any = 1; } else /* error */ @@ -228,7 +228,7 @@ import_ownertrust( const char *fname ) if (any) { - revalidation_mark (); + revalidation_mark (ctrl); rc = tdbio_sync (); if (rc) log_error (_("trustdb: sync failed: %s\n"), gpg_strerror (rc) ); diff --git a/g10/tdbio.c b/g10/tdbio.c index a7b7412a3..c780789f7 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -119,7 +119,7 @@ static int in_transaction; static void open_db (void); -static void create_hashtable (TRUSTREC *vr, int type); +static void create_hashtable (ctrl_t ctrl, TRUSTREC *vr, int type); @@ -535,7 +535,7 @@ cleanup (void) * Returns: 0 on success or an error code. */ int -tdbio_update_version_record (void) +tdbio_update_version_record (ctrl_t ctrl) { TRUSTREC rec; int rc; @@ -551,7 +551,7 @@ tdbio_update_version_record (void) rec.r.ver.cert_depth = opt.max_cert_depth; rec.r.ver.trust_model = opt.trust_model; rec.r.ver.min_cert_level = opt.min_cert_level; - rc=tdbio_write_record(&rec); + rc = tdbio_write_record (ctrl, &rec); } return rc; @@ -564,7 +564,7 @@ tdbio_update_version_record (void) * Returns: 0 on success or an error code. */ static int -create_version_record (void) +create_version_record (ctrl_t ctrl) { TRUSTREC rec; int rc; @@ -582,13 +582,13 @@ create_version_record (void) rec.r.ver.min_cert_level = opt.min_cert_level; rec.rectype = RECTYPE_VER; rec.recnum = 0; - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (!rc) tdbio_sync (); if (!rc) - create_hashtable (&rec, 0); + create_hashtable (ctrl, &rec, 0); return rc; } @@ -606,7 +606,8 @@ create_version_record (void) * */ int -tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile) +tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname, + int create, int *r_nofile) { char *fname, *p; struct stat statbuf; @@ -719,7 +720,7 @@ tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile) if (db_fd == -1) log_fatal (_("can't open '%s': %s\n"), db_name, strerror (errno)); - rc = create_version_record (); + rc = create_version_record (ctrl); if (rc) log_fatal (_("%s: failed to create version record: %s"), fname, gpg_strerror (rc)); @@ -806,7 +807,7 @@ open_db () * the function terminates the process. */ static void -create_hashtable( TRUSTREC *vr, int type ) +create_hashtable (ctrl_t ctrl, TRUSTREC *vr, int type) { TRUSTREC rec; off_t offset; @@ -829,13 +830,13 @@ create_hashtable( TRUSTREC *vr, int type ) memset (&rec, 0, sizeof rec); rec.rectype = RECTYPE_HTBL; rec.recnum = recnum; - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (rc) log_fatal (_("%s: failed to create hashtable: %s\n"), db_name, gpg_strerror (rc)); } /* Update the version record and flush. */ - rc = tdbio_write_record (vr); + rc = tdbio_write_record (ctrl, vr); if (!rc) rc = tdbio_sync (); if (rc) @@ -919,7 +920,7 @@ tdbio_read_nextcheck () * Return: True if the stamp actually changed. */ int -tdbio_write_nextcheck (ulong stamp) +tdbio_write_nextcheck (ctrl_t ctrl, ulong stamp) { TRUSTREC vr; int rc; @@ -933,7 +934,7 @@ tdbio_write_nextcheck (ulong stamp) return 0; vr.r.ver.nextcheck = stamp; - rc = tdbio_write_record( &vr ); + rc = tdbio_write_record (ctrl, &vr); if (rc) log_fatal (_("%s: error writing version record: %s\n"), db_name, gpg_strerror (rc)); @@ -980,7 +981,7 @@ get_trusthashrec(void) * Return: 0 on success or an error code. */ static int -upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) +upd_hashtable (ctrl_t ctrl, ulong table, byte *key, int keylen, ulong newrecnum) { TRUSTREC lastrec, rec; ulong hashrec, item; @@ -1003,7 +1004,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) if (!item) /* Insert a new item into the hash table. */ { rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum; - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (rc) { log_error ("upd_hashtable: write htbl failed: %s\n", @@ -1068,7 +1069,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) { /* Empty slot found. */ rec.r.hlst.rnum[i] = newrecnum; - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (rc) log_error ("upd_hashtable: write hlst failed: %s\n", gpg_strerror (rc)); @@ -1090,8 +1091,8 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) else { /* Append a new record to the list. */ - rec.r.hlst.next = item = tdbio_new_recnum (); - rc = tdbio_write_record (&rec); + rec.r.hlst.next = item = tdbio_new_recnum (ctrl); + rc = tdbio_write_record (ctrl, &rec); if (rc) { log_error ("upd_hashtable: write hlst failed: %s\n", @@ -1102,7 +1103,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) rec.rectype = RECTYPE_HLST; rec.recnum = item; rec.r.hlst.rnum[0] = newrecnum; - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (rc) log_error ("upd_hashtable: write ext hlst failed: %s\n", gpg_strerror (rc)); @@ -1120,10 +1121,10 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) item = rec.recnum; /* Save number of key record. */ memset (&rec, 0, sizeof rec); rec.rectype = RECTYPE_HLST; - rec.recnum = tdbio_new_recnum (); + rec.recnum = tdbio_new_recnum (ctrl); rec.r.hlst.rnum[0] = item; /* Old key record */ rec.r.hlst.rnum[1] = newrecnum; /* and new key record */ - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (rc) { log_error( "upd_hashtable: write new hlst failed: %s\n", @@ -1132,7 +1133,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) } /* Update the hashtable record. */ lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum; - rc = tdbio_write_record (&lastrec); + rc = tdbio_write_record (ctrl, &lastrec); if (rc) log_error ("upd_hashtable: update htbl failed: %s\n", gpg_strerror (rc)); @@ -1143,7 +1144,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) log_error ("hashtbl %lu: %lu/%d points to an invalid record %lu\n", table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item); if (opt.verbose > 1) - list_trustdb (es_stderr, NULL); + list_trustdb (ctrl, es_stderr, NULL); return GPG_ERR_TRUSTDB; } } @@ -1159,7 +1160,8 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum) * Return: 0 on success or an error code. */ static int -drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum) +drop_from_hashtable (ctrl_t ctrl, ulong table, + byte *key, int keylen, ulong recnum) { TRUSTREC rec; ulong hashrec, item; @@ -1185,7 +1187,7 @@ drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum) if (item == recnum) /* Table points direct to the record. */ { rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = 0; - rc = tdbio_write_record( &rec ); + rc = tdbio_write_record (ctrl, &rec); if (rc) log_error ("drop_from_hashtable: write htbl failed: %s\n", gpg_strerror (rc)); @@ -1221,7 +1223,7 @@ drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum) if (rec.r.hlst.rnum[i] == recnum) { rec.r.hlst.rnum[i] = 0; /* Mark as free. */ - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (rc) log_error("drop_from_hashtable: write htbl failed: %s\n", gpg_strerror (rc)); @@ -1354,9 +1356,9 @@ lookup_hashtable (ulong table, const byte *key, size_t keylen, * Return: 0 on success or an error code. */ static int -update_trusthashtbl( TRUSTREC *tr ) +update_trusthashtbl (ctrl_t ctrl, TRUSTREC *tr) { - return upd_hashtable (get_trusthashrec(), + return upd_hashtable (ctrl, get_trusthashrec (), tr->r.trust.fingerprint, 20, tr->recnum); } @@ -1591,7 +1593,7 @@ tdbio_read_record (ulong recnum, TRUSTREC *rec, int expected) * Return: 0 on success or an error code. */ int -tdbio_write_record( TRUSTREC *rec ) +tdbio_write_record (ctrl_t ctrl, TRUSTREC *rec) { byte buf[TRUST_RECORD_LEN]; byte *p; @@ -1675,7 +1677,7 @@ tdbio_write_record( TRUSTREC *rec ) if (rc) ; else if (rec->rectype == RECTYPE_TRUST) - rc = update_trusthashtbl (rec); + rc = update_trusthashtbl (ctrl, rec); return rc; } @@ -1687,7 +1689,7 @@ tdbio_write_record( TRUSTREC *rec ) * Return: 0 on success or an error code. */ int -tdbio_delete_record (ulong recnum) +tdbio_delete_record (ctrl_t ctrl, ulong recnum) { TRUSTREC vr, rec; int rc; @@ -1698,7 +1700,7 @@ tdbio_delete_record (ulong recnum) ; else if (rec.rectype == RECTYPE_TRUST) { - rc = drop_from_hashtable (get_trusthashrec(), + rc = drop_from_hashtable (ctrl, get_trusthashrec(), rec.r.trust.fingerprint, 20, rec.recnum); } @@ -1715,9 +1717,9 @@ tdbio_delete_record (ulong recnum) rec.rectype = RECTYPE_FREE; rec.r.free.next = vr.r.ver.firstfree; vr.r.ver.firstfree = recnum; - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (!rc) - rc = tdbio_write_record (&vr); + rc = tdbio_write_record (ctrl, &vr); return rc; } @@ -1727,7 +1729,7 @@ tdbio_delete_record (ulong recnum) * Create a new record and return its record number. */ ulong -tdbio_new_recnum () +tdbio_new_recnum (ctrl_t ctrl) { off_t offset; ulong recnum; @@ -1751,7 +1753,7 @@ tdbio_new_recnum () } /* Update dir record. */ vr.r.ver.firstfree = rec.r.free.next; - rc = tdbio_write_record (&vr); + rc = tdbio_write_record (ctrl, &vr); if (rc) { log_error (_("%s: error writing dir record: %s\n"), @@ -1763,7 +1765,7 @@ tdbio_new_recnum () rec.rectype = 0; /* Mark as unused record (actually already done my the memset). */ rec.recnum = recnum; - rc = tdbio_write_record (&rec); + rc = tdbio_write_record (ctrl, &rec); if (rc) log_fatal (_("%s: failed to zero a record: %s\n"), db_name, gpg_strerror (rc)); diff --git a/g10/tdbio.h b/g10/tdbio.h index e2cbbff2c..beaa30876 100644 --- a/g10/tdbio.h +++ b/g10/tdbio.h @@ -92,23 +92,24 @@ struct trust_record { typedef struct trust_record TRUSTREC; /*-- tdbio.c --*/ -int tdbio_update_version_record(void); -int tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile); +int tdbio_update_version_record (ctrl_t ctrl); +int tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname, + int create, int *r_nofile); const char *tdbio_get_dbname(void); void tdbio_dump_record( TRUSTREC *rec, estream_t fp ); int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ); -int tdbio_write_record( TRUSTREC *rec ); +int tdbio_write_record (ctrl_t ctrl, TRUSTREC *rec); int tdbio_db_matches_options(void); byte tdbio_read_model(void); ulong tdbio_read_nextcheck (void); -int tdbio_write_nextcheck (ulong stamp); +int tdbio_write_nextcheck (ctrl_t ctrl, ulong stamp); int tdbio_is_dirty(void); int tdbio_sync(void); int tdbio_begin_transaction(void); int tdbio_end_transaction(void); int tdbio_cancel_transaction(void); -int tdbio_delete_record( ulong recnum ); -ulong tdbio_new_recnum(void); +int tdbio_delete_record (ctrl_t ctrl, ulong recnum); +ulong tdbio_new_recnum (ctrl_t ctrl); gpg_error_t tdbio_search_trust_byfpr (const byte *fingerprint, TRUSTREC *rec); gpg_error_t tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec); diff --git a/g10/test-stubs.c b/g10/test-stubs.c index d541e0d86..e5fd3ae9a 100644 --- a/g10/test-stubs.c +++ b/g10/test-stubs.c @@ -66,10 +66,12 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) } void -read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck, - byte *marginals, byte *completes, byte *cert_depth, - byte *min_cert_level) +read_trust_options (ctrl_t ctrl, + byte *trust_model, ulong *created, ulong *nextcheck, + byte *marginals, byte *completes, byte *cert_depth, + byte *min_cert_level) { + (void)ctrl; (void)trust_model; (void)created; (void)nextcheck; @@ -85,8 +87,9 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck, */ int -cache_disabled_value(PKT_public_key *pk) +cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk) { + (void)ctrl; (void)pk; return 0; } @@ -138,16 +141,18 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid) } int -get_ownertrust_info (PKT_public_key *pk, int no_create) +get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create) { + (void)ctrl; (void)pk; (void)no_create; return '?'; } unsigned int -get_ownertrust (PKT_public_key *pk) +get_ownertrust (ctrl_t ctrl, PKT_public_key *pk) { + (void)ctrl; (void)pk; return TRUST_UNKNOWN; } diff --git a/g10/tofu.c b/g10/tofu.c index f2bd0c54a..169e29efd 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2031,7 +2031,7 @@ ask_about_binding (ctrl_t ctrl, email> (including the binding itself, which will be first in the list). For each returned key also sets BINDING_NEW, etc. */ static strlist_t -build_conflict_set (tofu_dbs_t dbs, +build_conflict_set (ctrl_t ctrl, tofu_dbs_t dbs, PKT_public_key *pk, const char *fingerprint, const char *email) { @@ -2174,7 +2174,7 @@ build_conflict_set (tofu_dbs_t dbs, continue; } - merge_keys_and_selfsig (kb); + merge_keys_and_selfsig (ctrl, kb); log_assert (kb->pkt->pkttype == PKT_PUBLIC_KEY); @@ -2317,7 +2317,7 @@ build_conflict_set (tofu_dbs_t dbs, * not yet been registered. */ static enum tofu_policy -get_policy (tofu_dbs_t dbs, PKT_public_key *pk, +get_policy (ctrl_t ctrl, tofu_dbs_t dbs, PKT_public_key *pk, const char *fingerprint, const char *user_id, const char *email, strlist_t *conflict_setp, time_t now) { @@ -2483,7 +2483,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk, int lookup_err; kbnode_t kb; - lookup_err = get_pubkey_byfprint (NULL, &kb, + lookup_err = get_pubkey_byfprint (ctrl, NULL, &kb, fingerprint_raw, fingerprint_raw_len); if (lookup_err) @@ -2509,7 +2509,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk, * disappeared. The latter can happen if the conflicting bindings * are now cross signed, for instance. */ - conflict_set = build_conflict_set (dbs, pk, fingerprint, email); + conflict_set = build_conflict_set (ctrl, dbs, pk, fingerprint, email); conflict_set_count = strlist_length (conflict_set); if (conflict_set_count == 0) { @@ -2615,7 +2615,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk, if (effective_policy == TOFU_POLICY_ASK && conflict_setp) { if (! conflict_set) - conflict_set = build_conflict_set (dbs, pk, fingerprint, email); + conflict_set = build_conflict_set (ctrl, dbs, pk, fingerprint, email); *conflict_setp = conflict_set; } else @@ -2691,7 +2691,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, /* We need to call get_policy even if the key is ultimately trusted * to make sure the binding has been registered. */ - policy = get_policy (dbs, pk, fingerprint, user_id, email, + policy = get_policy (ctrl, dbs, pk, fingerprint, user_id, email, &conflict_set, now); if (policy == TOFU_POLICY_ASK) @@ -3493,7 +3493,7 @@ tofu_register_encryption (ctrl_t ctrl, ! pk_is_primary (pk) /* We need the key block to find all user ids. */ || ! user_id_list) - kb = get_pubkeyblock (pk->keyid); + kb = get_pubkeyblock (ctrl, pk->keyid); /* Make sure PK is a primary key. */ if (! pk_is_primary (pk)) @@ -3692,7 +3692,7 @@ tofu_write_tfs_record (ctrl_t ctrl, estream_t fp, fingerprint = hexfingerprint (pk, NULL, 0); email = email_from_user_id (user_id); - policy = get_policy (dbs, pk, fingerprint, user_id, email, NULL, now); + policy = get_policy (ctrl, dbs, pk, fingerprint, user_id, email, NULL, now); show_statistics (dbs, fingerprint, email, policy, fp, 0, now); @@ -3953,7 +3953,8 @@ tofu_get_policy (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *user_id, email = email_from_user_id (user_id->name); - *policy = get_policy (dbs, pk, fingerprint, user_id->name, email, NULL, now); + *policy = get_policy (ctrl, dbs, pk, fingerprint, + user_id->name, email, NULL, now); xfree (email); xfree (fingerprint); diff --git a/g10/trust.c b/g10/trust.c index b1f6222a3..ee6078b5a 100644 --- a/g10/trust.c +++ b/g10/trust.c @@ -38,13 +38,13 @@ /* Return true if key is disabled. Note that this is usually used via the pk_is_disabled macro. */ int -cache_disabled_value (PKT_public_key *pk) +cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk) { #ifdef NO_TRUST_MODELS (void)pk; return 0; #else - return tdb_cache_disabled_value (pk); + return tdb_cache_disabled_value (ctrl, pk); #endif } @@ -173,13 +173,13 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid) * The key should be the primary key. */ unsigned int -get_ownertrust (PKT_public_key *pk) +get_ownertrust (ctrl_t ctrl, PKT_public_key *pk) { #ifdef NO_TRUST_MODELS (void)pk; return TRUST_UNKNOWN; #else - return tdb_get_ownertrust (pk, 0); + return tdb_get_ownertrust (ctrl, pk, 0); #endif } @@ -190,7 +190,7 @@ get_ownertrust (PKT_public_key *pk) * inhibits creation of a trustdb it that does not yet exists. */ static int -get_ownertrust_with_min (PKT_public_key *pk, int no_create) +get_ownertrust_with_min (ctrl_t ctrl, PKT_public_key *pk, int no_create) { #ifdef NO_TRUST_MODELS (void)pk; @@ -202,11 +202,11 @@ get_ownertrust_with_min (PKT_public_key *pk, int no_create) * functions: If the caller asked not to create a trustdb we call * init_trustdb directly and allow it to fail with an error code for * a non-existing trustdb. */ - if (no_create && init_trustdb (1)) + if (no_create && init_trustdb (ctrl, 1)) return TRUST_UNKNOWN; - otrust = (tdb_get_ownertrust (pk, no_create) & TRUST_MASK); - otrust_min = tdb_get_min_ownertrust (pk, no_create); + otrust = (tdb_get_ownertrust (ctrl, pk, no_create) & TRUST_MASK); + otrust_min = tdb_get_min_ownertrust (ctrl, pk, no_create); if (otrust < otrust_min) { /* If the trust that the user has set is less than the trust @@ -229,9 +229,9 @@ get_ownertrust_with_min (PKT_public_key *pk, int no_create) * NO_CREATE is set, no efforts for creating a trustdb will be taken. */ int -get_ownertrust_info (PKT_public_key *pk, int no_create) +get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create) { - return trust_letter (get_ownertrust_with_min (pk, no_create)); + return trust_letter (get_ownertrust_with_min (ctrl, pk, no_create)); } @@ -241,9 +241,9 @@ get_ownertrust_info (PKT_public_key *pk, int no_create) * NO_CREATE is set, no efforts for creating a trustdb will be taken. */ const char * -get_ownertrust_string (PKT_public_key *pk, int no_create) +get_ownertrust_string (ctrl_t ctrl, PKT_public_key *pk, int no_create) { - return trust_value_to_string (get_ownertrust_with_min (pk, no_create)); + return trust_value_to_string (get_ownertrust_with_min (ctrl, pk, no_create)); } @@ -252,34 +252,34 @@ get_ownertrust_string (PKT_public_key *pk, int no_create) * The key should be a primary one. */ void -update_ownertrust (PKT_public_key *pk, unsigned int new_trust) +update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust) { #ifdef NO_TRUST_MODELS (void)pk; (void)new_trust; #else - tdb_update_ownertrust (pk, new_trust); + tdb_update_ownertrust (ctrl, pk, new_trust); #endif } int -clear_ownertrusts (PKT_public_key *pk) +clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk) { #ifdef NO_TRUST_MODELS (void)pk; return 0; #else - return tdb_clear_ownertrusts (pk); + return tdb_clear_ownertrusts (ctrl, pk); #endif } void -revalidation_mark (void) +revalidation_mark (ctrl_t ctrl) { #ifndef NO_TRUST_MODELS - tdb_revalidation_mark (); + tdb_revalidation_mark (ctrl); #endif } @@ -343,7 +343,7 @@ get_validity (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, PKT_user_id *uid, else { main_pk = xmalloc_clear (sizeof *main_pk); - rc = get_pubkey (main_pk, pk->main_keyid); + rc = get_pubkey (ctrl, main_pk, pk->main_keyid); if (rc) { char *tempkeystr = xstrdup (keystr (pk->main_keyid)); @@ -430,7 +430,7 @@ get_validity_string (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid) * 9 and 10 are used for internal purposes. */ void -mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode, +mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, u32 *main_kid, struct key_item *klist, u32 curtime, u32 *next_expire) { @@ -461,7 +461,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode, invalid signature */ if (klist && !is_in_klist (klist, sig)) continue; /* no need to check it then */ - if ((rc=check_key_signature (keyblock, node, NULL))) + if ((rc=check_key_signature (ctrl, keyblock, node, NULL))) { /* we ignore anything that won't verify, but tag the no_pubkey case */ @@ -594,7 +594,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode, static int -clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode, +clean_sigs_from_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only) { int deleted = 0; @@ -609,7 +609,7 @@ clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode, /* Passing in a 0 for current time here means that we'll never weed out an expired sig. This is correct behavior since we want to keep the most recent expired sig in a series. */ - mark_usable_uid_certs (keyblock, uidnode, NULL, NULL, 0, NULL); + mark_usable_uid_certs (ctrl, keyblock, uidnode, NULL, NULL, 0, NULL); /* What we want to do here is remove signatures that are not considered as part of the trust calculations. Thus, all invalid @@ -743,8 +743,8 @@ clean_uid_from_key (kbnode_t keyblock, kbnode_t uidnode, int noisy) /* Needs to be called after a merge_keys_and_selfsig() */ void -clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only, - int *uids_cleaned, int *sigs_cleaned) +clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, + int noisy, int self_only, int *uids_cleaned, int *sigs_cleaned) { int dummy = 0; @@ -762,19 +762,20 @@ clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only, to bother with the other. */ *uids_cleaned += clean_uid_from_key (keyblock, uidnode, noisy); if (!uidnode->pkt->pkt.user_id->flags.compacted) - *sigs_cleaned += clean_sigs_from_uid (keyblock, uidnode, noisy, self_only); + *sigs_cleaned += clean_sigs_from_uid (ctrl, keyblock, uidnode, + noisy, self_only); } /* NB: This function marks the deleted nodes only and the caller is * responsible to skip or remove them. */ void -clean_key (kbnode_t keyblock, int noisy, int self_only, +clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only, int *uids_cleaned, int *sigs_cleaned) { kbnode_t node; - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); for (node = keyblock->next; node && !(node->pkt->pkttype == PKT_PUBLIC_SUBKEY @@ -782,7 +783,7 @@ clean_key (kbnode_t keyblock, int noisy, int self_only, node = node->next) { if (node->pkt->pkttype == PKT_USER_ID) - clean_one_uid (keyblock, node, noisy, self_only, + clean_one_uid (ctrl, keyblock, node, noisy, self_only, uids_cleaned, sigs_cleaned); } diff --git a/g10/trustdb.c b/g10/trustdb.c index 7b76ac841..f8a0bc9b3 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -248,7 +248,7 @@ add_utk (u32 *kid) * Verify that all our secret keys are usable and put them into the utk_list. */ static void -verify_own_keys(void) +verify_own_keys (ctrl_t ctrl) { TRUSTREC rec; ulong recnum; @@ -275,7 +275,7 @@ verify_own_keys(void) * the whole validation code to only work with * fingerprints */ fprlen = (!fpr[16] && !fpr[17] && !fpr[18] && !fpr[19])? 16:20; - keyid_from_fingerprint (fpr, fprlen, kid); + keyid_from_fingerprint (ctrl, fpr, fprlen, kid); if (!add_utk (kid)) log_info(_("key %s occurs more than once in the trustdb\n"), keystr(kid)); @@ -290,15 +290,15 @@ verify_own_keys(void) PKT_public_key pk; memset (&pk, 0, sizeof pk); - rc = get_pubkey (&pk, k->kid); + rc = get_pubkey (ctrl, &pk, k->kid); if (rc) log_info(_("key %s: no public key for trusted key - skipped\n"), keystr(k->kid)); else { tdb_update_ownertrust - (&pk, ((tdb_get_ownertrust (&pk, 0) & ~TRUST_MASK) - | TRUST_ULTIMATE )); + (ctrl, &pk, ((tdb_get_ownertrust (ctrl, &pk, 0) & ~TRUST_MASK) + | TRUST_ULTIMATE )); release_public_key_parts (&pk); } @@ -361,9 +361,9 @@ read_record (ulong recno, TRUSTREC *rec, int rectype ) * Write a record and die on error */ static void -write_record (TRUSTREC *rec) +write_record (ctrl_t ctrl, TRUSTREC *rec) { - int rc = tdbio_write_record (rec); + int rc = tdbio_write_record (ctrl, rec); if (rc) { log_error(_("trust record %lu, type %d: write failed: %s\n"), @@ -444,7 +444,7 @@ how_to_fix_the_trustdb () * in that case 0 is returned if there is a trustdb or an error code * if no trustdb is available. */ gpg_error_t -init_trustdb (int no_create) +init_trustdb (ctrl_t ctrl, int no_create) { int level = trustdb_args.level; const char* dbname = trustdb_args.dbname; @@ -456,7 +456,7 @@ init_trustdb (int no_create) if(level==0 || level==1) { - int rc = tdbio_set_dbname (dbname, (!no_create && level), + int rc = tdbio_set_dbname (ctrl, dbname, (!no_create && level), &trustdb_args.no_trustdb); if (no_create && trustdb_args.no_trustdb) { @@ -501,7 +501,7 @@ init_trustdb (int no_create) /* Verify the list of ultimately trusted keys and move the --trusted-keys list there as well. */ if(level==1) - verify_own_keys(); + verify_own_keys (ctrl); if(!tdbio_db_matches_options()) pending_check_trustdb=1; @@ -515,9 +515,9 @@ init_trustdb (int no_create) necessary if the trust model is not 'always trust'. Returns true if we do have a usable trust database. */ int -have_trustdb (void) +have_trustdb (ctrl_t ctrl) { - return init_trustdb (opt.trust_model == TM_ALWAYS) == 0; + return !init_trustdb (ctrl, opt.trust_model == TM_ALWAYS); } @@ -529,7 +529,7 @@ have_trustdb (void) void check_trustdb (ctrl_t ctrl) { - init_trustdb (0); + init_trustdb (ctrl, 0); if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU) { @@ -566,7 +566,7 @@ check_trustdb (ctrl_t ctrl) void update_trustdb (ctrl_t ctrl) { - init_trustdb (0); + init_trustdb (ctrl, 0); if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU) validate_keys (ctrl, 1); @@ -576,15 +576,15 @@ update_trustdb (ctrl_t ctrl) } void -tdb_revalidation_mark (void) +tdb_revalidation_mark (ctrl_t ctrl) { - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return; /* We simply set the time for the next check to 1 (far back in 1970) so that a --update-trustdb will be scheduled. */ - if (tdbio_write_nextcheck (1)) + if (tdbio_write_nextcheck (ctrl, 1)) do_sync (); pending_check_trustdb = 1; } @@ -610,13 +610,14 @@ tdb_check_or_update (ctrl_t ctrl) } void -read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, - byte *marginals,byte *completes,byte *cert_depth, - byte *min_cert_level) +read_trust_options (ctrl_t ctrl, + byte *trust_model, ulong *created, ulong *nextcheck, + byte *marginals, byte *completes, byte *cert_depth, + byte *min_cert_level) { TRUSTREC opts; - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) memset (&opts, 0, sizeof opts); else @@ -643,11 +644,11 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, ***********************************************/ static int -read_trust_record (PKT_public_key *pk, TRUSTREC *rec) +read_trust_record (ctrl_t ctrl, PKT_public_key *pk, TRUSTREC *rec) { int rc; - init_trustdb (0); + init_trustdb (ctrl, 0); rc = tdbio_search_trust_bypk (pk, rec); if (rc) { @@ -676,7 +677,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec) * values but we usually use --always-trust. */ unsigned int -tdb_get_ownertrust (PKT_public_key *pk, int no_create) +tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create) { TRUSTREC rec; gpg_error_t err; @@ -687,10 +688,10 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create) /* If the caller asked not to create a trustdb we call init_trustdb * directly and allow it to fail with an error code for a * non-existing trustdb. */ - if (no_create && init_trustdb (1)) + if (no_create && init_trustdb (ctrl, 1)) return TRUST_UNKNOWN; - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) return TRUST_UNKNOWN; /* no record yet */ if (err) @@ -704,7 +705,7 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create) unsigned int -tdb_get_min_ownertrust (PKT_public_key *pk, int no_create) +tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create) { TRUSTREC rec; gpg_error_t err; @@ -715,10 +716,10 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create) /* If the caller asked not to create a trustdb we call init_trustdb * directly and allow it to fail with an error code for a * non-existing trustdb. */ - if (no_create && init_trustdb (1)) + if (no_create && init_trustdb (ctrl, 1)) return TRUST_UNKNOWN; - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) return TRUST_UNKNOWN; /* no record yet */ if (err) @@ -736,7 +737,7 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create) * The key should be a primary one. */ void -tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) +tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust ) { TRUSTREC rec; gpg_error_t err; @@ -744,7 +745,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return; - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (!err) { if (DBG_TRUST) @@ -753,8 +754,8 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) if (rec.r.trust.ownertrust != new_trust) { rec.r.trust.ownertrust = new_trust; - write_record( &rec ); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); } } @@ -766,12 +767,12 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) log_debug ("insert ownertrust %u\n", new_trust ); memset (&rec, 0, sizeof rec); - rec.recnum = tdbio_new_recnum (); + rec.recnum = tdbio_new_recnum (ctrl); rec.rectype = RECTYPE_TRUST; fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy); rec.r.trust.ownertrust = new_trust; - write_record (&rec); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); } else @@ -781,7 +782,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) } static void -update_min_ownertrust (u32 *kid, unsigned int new_trust ) +update_min_ownertrust (ctrl_t ctrl, u32 *kid, unsigned int new_trust) { PKT_public_key *pk; TRUSTREC rec; @@ -791,7 +792,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) return; pk = xmalloc_clear (sizeof *pk); - err = get_pubkey (pk, kid); + err = get_pubkey (ctrl, pk, kid); if (err) { log_error (_("public key %s not found: %s\n"), @@ -799,7 +800,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) return; } - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (!err) { if (DBG_TRUST) @@ -810,8 +811,8 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) if (rec.r.trust.min_ownertrust != new_trust) { rec.r.trust.min_ownertrust = new_trust; - write_record( &rec ); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); } } @@ -823,12 +824,12 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) log_debug ("insert min_ownertrust %u\n", new_trust ); memset (&rec, 0, sizeof rec); - rec.recnum = tdbio_new_recnum (); + rec.recnum = tdbio_new_recnum (ctrl); rec.rectype = RECTYPE_TRUST; fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy); rec.r.trust.min_ownertrust = new_trust; - write_record (&rec); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); } else @@ -844,17 +845,17 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) * Return: True if a change actually happened. */ int -tdb_clear_ownertrusts (PKT_public_key *pk) +tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk) { TRUSTREC rec; gpg_error_t err; - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return 0; - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (!err) { if (DBG_TRUST) @@ -868,8 +869,8 @@ tdb_clear_ownertrusts (PKT_public_key *pk) { rec.r.trust.ownertrust = 0; rec.r.trust.min_ownertrust = 0; - write_record( &rec ); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); return 1; } @@ -885,7 +886,7 @@ tdb_clear_ownertrusts (PKT_public_key *pk) * Note: Caller has to do a sync */ static void -update_validity (PKT_public_key *pk, PKT_user_id *uid, +update_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid, int depth, int validity) { TRUSTREC trec, vrec; @@ -894,7 +895,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, namehash_from_uid(uid); - err = read_trust_record (pk, &trec); + err = read_trust_record (ctrl, pk, &trec); if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND) { tdbio_invalid (); @@ -906,7 +907,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, size_t dummy; memset (&trec, 0, sizeof trec); - trec.recnum = tdbio_new_recnum (); + trec.recnum = tdbio_new_recnum (ctrl); trec.rectype = RECTYPE_TRUST; fingerprint_from_pk (pk, trec.r.trust.fingerprint, &dummy); trec.r.trust.ownertrust = 0; @@ -925,7 +926,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, if (!recno) /* insert a new validity record */ { memset (&vrec, 0, sizeof vrec); - vrec.recnum = tdbio_new_recnum (); + vrec.recnum = tdbio_new_recnum (ctrl); vrec.rectype = RECTYPE_VALID; memcpy (vrec.r.valid.namehash, uid->namehash, 20); vrec.r.valid.next = trec.r.trust.validlist; @@ -934,9 +935,9 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, vrec.r.valid.validity = validity; vrec.r.valid.full_count = uid->help_full_count; vrec.r.valid.marginal_count = uid->help_marginal_count; - write_record (&vrec); + write_record (ctrl, &vrec); trec.r.trust.depth = depth; - write_record (&trec); + write_record (ctrl, &trec); } @@ -947,7 +948,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, /* Return true if key is disabled. Note that this is usually used via the pk_is_disabled macro. */ int -tdb_cache_disabled_value (PKT_public_key *pk) +tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk) { gpg_error_t err; TRUSTREC trec; @@ -956,12 +957,12 @@ tdb_cache_disabled_value (PKT_public_key *pk) if (pk->flags.disabled_valid) return pk->flags.disabled; - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb) return 0; /* No trustdb => not disabled. */ - err = read_trust_record (pk, &trec); + err = read_trust_record (ctrl, pk, &trec); if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND) { tdbio_invalid (); @@ -991,7 +992,7 @@ tdb_check_trustdb_stale (ctrl_t ctrl) { static int did_nextcheck=0; - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb) return; /* No trustdb => can't be stale. */ @@ -1062,7 +1063,7 @@ tdb_get_validity_core (ctrl_t ctrl, (void)may_ask; #endif - init_trustdb (0); + init_trustdb (ctrl, 0); /* If we have no trustdb (which also means it has not been created) and the trust-model is always, we don't know the validity - @@ -1077,7 +1078,7 @@ tdb_get_validity_core (ctrl_t ctrl, { /* Note that this happens BEFORE any user ID stuff is checked. The direct trust model applies to keys as a whole. */ - validity = tdb_get_ownertrust (main_pk, 0); + validity = tdb_get_ownertrust (ctrl, main_pk, 0); goto leave; } @@ -1093,7 +1094,7 @@ tdb_get_validity_core (ctrl_t ctrl, { if (! kb) { - kb = get_pubkeyblock (main_pk->keyid); + kb = get_pubkeyblock (ctrl, main_pk->keyid); free_kb = 1; } n = kb; @@ -1201,7 +1202,7 @@ tdb_get_validity_core (ctrl_t ctrl, || opt.trust_model == TM_CLASSIC || opt.trust_model == TM_PGP) { - err = read_trust_record (main_pk, &trec); + err = read_trust_record (ctrl, main_pk, &trec); if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND) { tdbio_invalid (); @@ -1277,7 +1278,7 @@ tdb_get_validity_core (ctrl_t ctrl, static void -get_validity_counts (PKT_public_key *pk, PKT_user_id *uid) +get_validity_counts (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid) { TRUSTREC trec, vrec; ulong recno; @@ -1289,9 +1290,9 @@ get_validity_counts (PKT_public_key *pk, PKT_user_id *uid) uid->help_marginal_count=uid->help_full_count=0; - init_trustdb (0); + init_trustdb (ctrl, 0); - if(read_trust_record (pk, &trec)) + if(read_trust_record (ctrl, pk, &trec)) return; /* loop over all user IDs */ @@ -1375,7 +1376,7 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum) int ot; pk = xmalloc_clear (sizeof *pk); - rc = get_pubkey (pk, kid); + rc = get_pubkey (ctrl, pk, kid); if (rc) { log_error (_("public key %s not found: %s\n"), @@ -1387,14 +1388,14 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum) { log_info("force trust for key %s to %s\n", keystr(kid),trust_value_to_string(opt.force_ownertrust)); - tdb_update_ownertrust (pk, opt.force_ownertrust); + tdb_update_ownertrust (ctrl, pk, opt.force_ownertrust); ot=opt.force_ownertrust; } else { ot=edit_ownertrust (ctrl, pk, 0); if(ot>0) - ot = tdb_get_ownertrust (pk, 0); + ot = tdb_get_ownertrust (ctrl, pk, 0); else if(ot==0) ot = minimum?minimum:TRUST_UNDEFINED; else @@ -1460,7 +1461,8 @@ dump_key_array (int depth, struct key_array *keys) static void -store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored) +store_validation_status (ctrl_t ctrl, int depth, + kbnode_t keyblock, KeyHashTable stored) { KBNODE node; int status; @@ -1482,7 +1484,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored) if (status) { - update_validity (keyblock->pkt->pkt.public_key, + update_validity (ctrl, keyblock->pkt->pkt.public_key, uid, depth, status); mark_keyblock_seen(stored,keyblock); @@ -1619,7 +1621,7 @@ check_regexp(const char *expr,const char *string) * This function assumes that all kbnode flags are cleared on entry. */ static int -validate_one_keyblock (KBNODE kb, struct key_item *klist, +validate_one_keyblock (ctrl_t ctrl, kbnode_t kb, struct key_item *klist, u32 curtime, u32 *next_expire) { struct key_item *kr; @@ -1666,8 +1668,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist, *next_expire = uid->expiredate; issigned = 0; - get_validity_counts(pk,uid); - mark_usable_uid_certs (kb, uidnode, main_kid, klist, + get_validity_counts (ctrl, pk, uid); + mark_usable_uid_certs (ctrl, kb, uidnode, main_kid, klist, curtime, next_expire); } else if (node->pkt->pkttype == PKT_SIGNATURE @@ -1799,7 +1801,7 @@ search_skipfnc (void *opaque, u32 *kid, int dummy_uid_no) * Caller hast to release the returned array. */ static struct key_array * -validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, +validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust, struct key_item *klist, u32 curtime, u32 *next_expire) { KBNODE keyblock = NULL; @@ -1858,7 +1860,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, } /* prepare the keyblock for further processing */ - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); clear_kbnode_flags (keyblock); pk = keyblock->pkt->pkt.public_key; if (pk->has_expired || pk->flags.revoked) @@ -1866,7 +1868,8 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, /* it does not make sense to look further at those keys */ mark_keyblock_seen (full_trust, keyblock); } - else if (validate_one_keyblock (keyblock, klist, curtime, next_expire)) + else if (validate_one_keyblock (ctrl, keyblock, klist, + curtime, next_expire)) { KBNODE node; @@ -1915,7 +1918,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, /* Caller must sync */ static void -reset_trust_records(void) +reset_trust_records (ctrl_t ctrl) { TRUSTREC rec; ulong recnum; @@ -1929,7 +1932,7 @@ reset_trust_records(void) if(rec.r.trust.min_ownertrust) { rec.r.trust.min_ownertrust=0; - write_record(&rec); + write_record (ctrl, &rec); } } @@ -1941,7 +1944,7 @@ reset_trust_records(void) rec.r.valid.validity &= ~TRUST_MASK; rec.r.valid.marginal_count=rec.r.valid.full_count=0; nreset++; - write_record(&rec); + write_record (ctrl, &rec); } } @@ -2002,7 +2005,7 @@ validate_keys (ctrl_t ctrl, int interactive) Perhaps combine this with reset_trust_records(), or only check the caches on keys that are actually involved in the web of trust. */ - keydb_rebuild_caches(0); + keydb_rebuild_caches (ctrl, 0); kdb = keydb_new (); if (!kdb) @@ -2014,7 +2017,7 @@ validate_keys (ctrl_t ctrl, int interactive) used = new_key_hash_table (); full_trust = new_key_hash_table (); - reset_trust_records(); + reset_trust_records (ctrl); /* Fixme: Instead of always building a UTK list, we could just build it * here when needed */ @@ -2032,7 +2035,7 @@ validate_keys (ctrl_t ctrl, int interactive) KBNODE keyblock; PKT_public_key *pk; - keyblock = get_pubkeyblock (k->kid); + keyblock = get_pubkeyblock (ctrl, k->kid); if (!keyblock) { log_error (_("public key of ultimately" @@ -2046,7 +2049,8 @@ validate_keys (ctrl_t ctrl, int interactive) for (node=keyblock; node; node = node->next) { if (node->pkt->pkttype == PKT_USER_ID) - update_validity (pk, node->pkt->pkt.user_id, 0, TRUST_ULTIMATE); + update_validity (ctrl, pk, node->pkt->pkt.user_id, + 0, TRUST_ULTIMATE); } if ( pk->expiredate && pk->expiredate >= start_time && pk->expiredate < next_expire) @@ -2086,7 +2090,7 @@ validate_keys (ctrl_t ctrl, int interactive) min=TRUST_MARGINAL; if(min!=k->min_ownertrust) - update_min_ownertrust(k->kid,min); + update_min_ownertrust (ctrl, k->kid,min); if (interactive && k->ownertrust == TRUST_UNKNOWN) { @@ -2132,7 +2136,7 @@ validate_keys (ctrl_t ctrl, int interactive) } /* Find all keys which are signed by a key in kdlist */ - keys = validate_key_list (kdb, full_trust, klist, + keys = validate_key_list (ctrl, kdb, full_trust, klist, start_time, &next_expire); if (!keys) { @@ -2149,7 +2153,7 @@ validate_keys (ctrl_t ctrl, int interactive) dump_key_array (depth, keys); for (kar=keys; kar->keyblock; kar++) - store_validation_status (depth, kar->keyblock, stored); + store_validation_status (ctrl, depth, kar->keyblock, stored); if (!opt.quiet) log_info (_("depth: %d valid: %3d signed: %3d" @@ -2183,9 +2187,10 @@ validate_keys (ctrl_t ctrl, int interactive) k->kid[1]=kid[1]; k->ownertrust = (tdb_get_ownertrust - (kar->keyblock->pkt->pkt.public_key, 0) & TRUST_MASK); + (ctrl, kar->keyblock->pkt->pkt.public_key, 0) + & TRUST_MASK); k->min_ownertrust = tdb_get_min_ownertrust - (kar->keyblock->pkt->pkt.public_key, 0); + (ctrl, kar->keyblock->pkt->pkt.public_key, 0); k->trust_depth= kar->keyblock->pkt->pkt.public_key->trust_depth; k->trust_value= @@ -2220,16 +2225,16 @@ validate_keys (ctrl_t ctrl, int interactive) int rc2; if (next_expire == 0xffffffff || next_expire < start_time ) - tdbio_write_nextcheck (0); + tdbio_write_nextcheck (ctrl, 0); else { - tdbio_write_nextcheck (next_expire); + tdbio_write_nextcheck (ctrl, next_expire); if (!opt.quiet) log_info (_("next trustdb check due at %s\n"), strtimestamp (next_expire)); } - rc2 = tdbio_update_version_record (); + rc2 = tdbio_update_version_record (ctrl); if (rc2) { log_error (_("unable to update trustdb version record: " diff --git a/g10/trustdb.h b/g10/trustdb.h index 00be4df74..4bc4ca971 100644 --- a/g10/trustdb.h +++ b/g10/trustdb.h @@ -77,7 +77,7 @@ is_in_klist (struct key_item *k, PKT_signature *sig) /*-- trust.c --*/ -int cache_disabled_value (PKT_public_key *pk); +int cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk); void register_trusted_keyid (u32 *keyid); void register_trusted_key (const char *string); @@ -86,11 +86,12 @@ int string_to_trust_value (const char *str); const char *uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid); -unsigned int get_ownertrust (PKT_public_key *pk); -void update_ownertrust (PKT_public_key *pk, unsigned int new_trust); -int clear_ownertrusts (PKT_public_key *pk); +unsigned int get_ownertrust (ctrl_t ctrl, PKT_public_key *pk); +void update_ownertrust (ctrl_t ctrl, + PKT_public_key *pk, unsigned int new_trust); +int clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk); -void revalidation_mark (void); +void revalidation_mark (ctrl_t ctrl); void check_trustdb_stale (ctrl_t ctrl); void check_or_update_trustdb (ctrl_t ctrl); @@ -102,14 +103,14 @@ int get_validity_info (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, const char *get_validity_string (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid); -void mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode, +void mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, u32 *main_kid, struct key_item *klist, u32 curtime, u32 *next_expire); -void clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, +void clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only, int *uids_cleaned, int *sigs_cleaned); -void clean_key (kbnode_t keyblock, int noisy, int self_only, +void clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only, int *uids_cleaned,int *sigs_cleaned); @@ -127,16 +128,14 @@ void update_trustdb (ctrl_t ctrl); int setup_trustdb( int level, const char *dbname ); void how_to_fix_the_trustdb (void); const char *trust_model_string (int model); -gpg_error_t init_trustdb (int no_create); -int have_trustdb (void); +gpg_error_t init_trustdb (ctrl_t ctrl, int no_create); +int have_trustdb (ctrl_t ctrl); void tdb_check_trustdb_stale (ctrl_t ctrl); -void sync_trustdb( void ); - -void tdb_revalidation_mark (void); +void tdb_revalidation_mark (ctrl_t ctrl); int trustdb_pending_check(void); void tdb_check_or_update (ctrl_t ctrl); -int tdb_cache_disabled_value (PKT_public_key *pk); +int tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk); unsigned int tdb_get_validity_core (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, PKT_user_id *uid, @@ -149,22 +148,27 @@ int enum_cert_paths( void **context, ulong *lid, void enum_cert_paths_print( void **context, FILE *fp, int refresh, ulong selected_lid ); -void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, - byte *marginals,byte *completes,byte *cert_depth, - byte *min_cert_level); +void read_trust_options (ctrl_t ctrl, byte *trust_model, + ulong *created, ulong *nextcheck, + byte *marginals, byte *completes, byte *cert_depth, + byte *min_cert_level); -unsigned int tdb_get_ownertrust (PKT_public_key *pk, int no_create); -unsigned int tdb_get_min_ownertrust (PKT_public_key *pk, int no_create); -int get_ownertrust_info (PKT_public_key *pk, int no_create); -const char *get_ownertrust_string (PKT_public_key *pk, int no_create); +unsigned int tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk, + int no_create); +unsigned int tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk, + int no_create); +int get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create); +const char *get_ownertrust_string (ctrl_t ctrl, + PKT_public_key *pk, int no_create); -void tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust); -int tdb_clear_ownertrusts (PKT_public_key *pk); +void tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, + unsigned int new_trust); +int tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk); /*-- tdbdump.c --*/ -void list_trustdb (estream_t fp, const char *username); -void export_ownertrust(void); -void import_ownertrust(const char *fname); +void list_trustdb (ctrl_t ctrl, estream_t fp, const char *username); +void export_ownertrust (ctrl_t ctrl); +void import_ownertrust (ctrl_t ctrl, const char *fname); /*-- pkclist.c --*/ int edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode);