mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Pass CTRL to many more functions.
-- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
5e89144cbc
commit
8f2671d2cc
@ -160,7 +160,8 @@ default_inq_cb (void *opaque, const char *line)
|
||||
char buf[32];
|
||||
|
||||
if (parm->keyinfo.keyid)
|
||||
emit_status_need_passphrase (parm->keyinfo.keyid,
|
||||
emit_status_need_passphrase (parm->ctrl,
|
||||
parm->keyinfo.keyid,
|
||||
parm->keyinfo.mainkeyid,
|
||||
parm->keyinfo.pubkey_algo);
|
||||
|
||||
|
@ -1068,7 +1068,7 @@ gpg_dirmngr_ks_put (ctrl_t ctrl, void *data, size_t datalen, kbnode_t keyblock)
|
||||
/* We are going to parse the keyblock, thus we better make sure the
|
||||
all information is readily available. */
|
||||
if (keyblock)
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
|
||||
err = open_context (ctrl, &ctx);
|
||||
if (err)
|
||||
|
@ -362,7 +362,8 @@ fpr_is_ff (const char *fpr)
|
||||
|
||||
/* Print all available information about the current card. */
|
||||
static void
|
||||
current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
|
||||
current_card_status (ctrl_t ctrl, estream_t fp,
|
||||
char *serialno, size_t serialnobuflen)
|
||||
{
|
||||
struct agent_card_info_s info;
|
||||
PKT_public_key *pk = xcalloc (1, sizeof *pk);
|
||||
@ -609,9 +610,9 @@ current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
|
||||
/* If the fingerprint is all 0xff, the key has no asssociated
|
||||
OpenPGP certificate. */
|
||||
if ( thefpr && !fpr_is_ff (thefpr)
|
||||
&& !get_pubkey_byfprint (pk, &keyblock, thefpr, 20))
|
||||
&& !get_pubkey_byfprint (ctrl, pk, &keyblock, thefpr, 20))
|
||||
{
|
||||
print_pubkey_info (fp, pk);
|
||||
print_pubkey_info (ctrl, fp, pk);
|
||||
if (keyblock)
|
||||
print_card_key_info (fp, keyblock);
|
||||
}
|
||||
@ -629,7 +630,7 @@ current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
|
||||
Print all available information for current card when SERIALNO is NULL.
|
||||
Or print llfor all cards when SERIALNO is "all". */
|
||||
void
|
||||
card_status (estream_t fp, const char *serialno)
|
||||
card_status (ctrl_t ctrl, estream_t fp, const char *serialno)
|
||||
{
|
||||
int err;
|
||||
strlist_t card_list, sl;
|
||||
@ -638,7 +639,7 @@ card_status (estream_t fp, const char *serialno)
|
||||
|
||||
if (serialno == NULL)
|
||||
{
|
||||
current_card_status (fp, NULL, 0);
|
||||
current_card_status (ctrl, fp, NULL, 0);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -673,7 +674,7 @@ card_status (estream_t fp, const char *serialno)
|
||||
continue;
|
||||
}
|
||||
|
||||
current_card_status (fp, NULL, 0);
|
||||
current_card_status (ctrl, fp, NULL, 0);
|
||||
xfree (serialno1);
|
||||
|
||||
if (!all_cards)
|
||||
@ -1510,7 +1511,7 @@ generate_card_keys (ctrl_t ctrl)
|
||||
/* This function is used by the key edit menu to generate an arbitrary
|
||||
subkey. */
|
||||
gpg_error_t
|
||||
card_generate_subkey (KBNODE pub_keyblock)
|
||||
card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock)
|
||||
{
|
||||
gpg_error_t err;
|
||||
struct agent_card_info_s info;
|
||||
@ -1581,7 +1582,7 @@ card_generate_subkey (KBNODE pub_keyblock)
|
||||
the serialnumber and thus it won't harm. */
|
||||
}
|
||||
|
||||
err = generate_card_subkeypair (pub_keyblock, keyno, info.serialno);
|
||||
err = generate_card_subkeypair (ctrl, pub_keyblock, keyno, info.serialno);
|
||||
|
||||
leave:
|
||||
agent_release_card_info (&info);
|
||||
@ -1987,12 +1988,14 @@ card_edit (ctrl_t ctrl, strlist_t commands)
|
||||
{
|
||||
if (opt.with_colons)
|
||||
{
|
||||
current_card_status (es_stdout, serialnobuf, DIM (serialnobuf));
|
||||
current_card_status (ctrl, es_stdout,
|
||||
serialnobuf, DIM (serialnobuf));
|
||||
fflush (stdout);
|
||||
}
|
||||
else
|
||||
{
|
||||
current_card_status (NULL, serialnobuf, DIM (serialnobuf));
|
||||
current_card_status (ctrl, NULL,
|
||||
serialnobuf, DIM (serialnobuf));
|
||||
tty_printf("\n");
|
||||
}
|
||||
redisplay = 0;
|
||||
|
20
g10/delkey.c
20
g10/delkey.c
@ -47,7 +47,8 @@
|
||||
* key can't be deleted for that reason.
|
||||
*/
|
||||
static gpg_error_t
|
||||
do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
|
||||
do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
|
||||
int *r_sec_avail)
|
||||
{
|
||||
gpg_error_t err;
|
||||
kbnode_t keyblock = NULL;
|
||||
@ -137,9 +138,9 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
|
||||
else
|
||||
{
|
||||
if (secret)
|
||||
print_seckey_info (pk);
|
||||
print_seckey_info (ctrl, pk);
|
||||
else
|
||||
print_pubkey_info (NULL, pk );
|
||||
print_pubkey_info (ctrl, NULL, pk );
|
||||
tty_printf( "\n" );
|
||||
|
||||
yes = cpr_get_answer_is_yes
|
||||
@ -180,7 +181,8 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
|
||||
if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key))
|
||||
continue; /* No secret key for that public (sub)key. */
|
||||
|
||||
prompt = gpg_format_keydesc (node->pkt->pkt.public_key,
|
||||
prompt = gpg_format_keydesc (ctrl,
|
||||
node->pkt->pkt.public_key,
|
||||
FORMAT_KEYDESC_DELKEY, 1);
|
||||
err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip);
|
||||
/* NB: We require --yes to advise the agent not to
|
||||
@ -232,7 +234,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
|
||||
revalidation_mark(). This makes sense - only deleting keys
|
||||
that have ownertrust set should trigger this. */
|
||||
|
||||
if (!secret && pk && clear_ownertrusts (pk))
|
||||
if (!secret && pk && clear_ownertrusts (ctrl, pk))
|
||||
{
|
||||
if (opt.verbose)
|
||||
log_info (_("ownertrust information cleared\n"));
|
||||
@ -249,7 +251,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
|
||||
* Delete a public or secret key from a keyring.
|
||||
*/
|
||||
gpg_error_t
|
||||
delete_keys (strlist_t names, int secret, int allow_both)
|
||||
delete_keys (ctrl_t ctrl, strlist_t names, int secret, int allow_both)
|
||||
{
|
||||
gpg_error_t err;
|
||||
int avail;
|
||||
@ -260,14 +262,14 @@ delete_keys (strlist_t names, int secret, int allow_both)
|
||||
|
||||
for ( ;names ; names=names->next )
|
||||
{
|
||||
err = do_delete_key (names->d, secret, force, &avail);
|
||||
err = do_delete_key (ctrl, names->d, secret, force, &avail);
|
||||
if (err && avail)
|
||||
{
|
||||
if (allow_both)
|
||||
{
|
||||
err = do_delete_key (names->d, 1, 0, &avail);
|
||||
err = do_delete_key (ctrl, names->d, 1, 0, &avail);
|
||||
if (!err)
|
||||
err = do_delete_key (names->d, 0, 0, &avail);
|
||||
err = do_delete_key (ctrl, names->d, 0, 0, &avail);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -41,7 +41,8 @@
|
||||
|
||||
|
||||
static int encrypt_simple( const char *filename, int mode, int use_seskey );
|
||||
static int write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, iobuf_t out );
|
||||
static int write_pubkey_enc_from_list (ctrl_t ctrl,
|
||||
PK_LIST pk_list, DEK *dek, iobuf_t out);
|
||||
|
||||
/****************
|
||||
* Encrypt FILENAME with only the symmetric cipher. Take input from
|
||||
@ -634,7 +635,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
|
||||
if (DBG_CRYPTO)
|
||||
log_printhex ("DEK is: ", cfx.dek->key, cfx.dek->keylen );
|
||||
|
||||
rc = write_pubkey_enc_from_list (pk_list, cfx.dek, out);
|
||||
rc = write_pubkey_enc_from_list (ctrl, pk_list, cfx.dek, out);
|
||||
if (rc)
|
||||
goto leave;
|
||||
|
||||
@ -828,7 +829,8 @@ encrypt_filter (void *opaque, int control,
|
||||
if (DBG_CRYPTO)
|
||||
log_printhex ("DEK is: ", efx->cfx.dek->key, efx->cfx.dek->keylen);
|
||||
|
||||
rc = write_pubkey_enc_from_list (efx->pk_list, efx->cfx.dek, a);
|
||||
rc = write_pubkey_enc_from_list (efx->ctrl,
|
||||
efx->pk_list, efx->cfx.dek, a);
|
||||
if (rc)
|
||||
return rc;
|
||||
|
||||
@ -864,7 +866,8 @@ encrypt_filter (void *opaque, int control,
|
||||
* Write a pubkey-enc packet for the public key PK to OUT.
|
||||
*/
|
||||
int
|
||||
write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
|
||||
write_pubkey_enc (ctrl_t ctrl,
|
||||
PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
|
||||
{
|
||||
PACKET pkt;
|
||||
PKT_pubkey_enc *enc;
|
||||
@ -899,7 +902,7 @@ write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
|
||||
{
|
||||
if ( opt.verbose )
|
||||
{
|
||||
char *ustr = get_user_id_string_native (enc->keyid);
|
||||
char *ustr = get_user_id_string_native (ctrl, enc->keyid);
|
||||
log_info (_("%s/%s encrypted for: \"%s\"\n"),
|
||||
openpgp_pk_algo_name (enc->pubkey_algo),
|
||||
openpgp_cipher_algo_name (dek->algo),
|
||||
@ -924,7 +927,7 @@ write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
|
||||
* Write pubkey-enc packets from the list of PKs to OUT.
|
||||
*/
|
||||
static int
|
||||
write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out)
|
||||
write_pubkey_enc_from_list (ctrl_t ctrl, PK_LIST pk_list, DEK *dek, iobuf_t out)
|
||||
{
|
||||
if (opt.throw_keyids && (PGP6 || PGP7 || PGP8))
|
||||
{
|
||||
@ -937,7 +940,7 @@ write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out)
|
||||
{
|
||||
PKT_public_key *pk = pk_list->pk;
|
||||
int throw_keyid = (opt.throw_keyids || (pk_list->flags&1));
|
||||
int rc = write_pubkey_enc (pk, throw_keyid, dek, out);
|
||||
int rc = write_pubkey_enc (ctrl, pk, throw_keyid, dek, out);
|
||||
if (rc)
|
||||
return rc;
|
||||
}
|
||||
|
28
g10/export.c
28
g10/export.c
@ -1188,7 +1188,7 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
|
||||
if (opt.verbose)
|
||||
log_info ("key %s: asking agent for the secret parts\n", hexgrip);
|
||||
|
||||
prompt = gpg_format_keydesc (pk, FORMAT_KEYDESC_EXPORT,1);
|
||||
prompt = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_EXPORT,1);
|
||||
err = agent_export_key (ctrl, hexgrip, prompt, !cleartext, cache_nonce_addr,
|
||||
&wrappedkey, &wrappedkeylen);
|
||||
xfree (prompt);
|
||||
@ -1336,15 +1336,19 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor,
|
||||
* KEYBLOCK must not have any blocks marked as deleted.
|
||||
*/
|
||||
static void
|
||||
apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
|
||||
apply_keep_uid_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
|
||||
{
|
||||
kbnode_t node;
|
||||
struct impex_filter_parm_s parm;
|
||||
|
||||
parm.ctrl = ctrl;
|
||||
|
||||
for (node = keyblock->next; node; node = node->next )
|
||||
{
|
||||
if (node->pkt->pkttype == PKT_USER_ID)
|
||||
{
|
||||
if (!recsel_select (selector, impex_filter_getval, node))
|
||||
parm.node = node;
|
||||
if (!recsel_select (selector, impex_filter_getval, &parm))
|
||||
{
|
||||
/* log_debug ("keep-uid: deleting '%s'\n", */
|
||||
/* node->pkt->pkt.user_id->name); */
|
||||
@ -1372,16 +1376,21 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
|
||||
* KEYBLOCK must not have any blocks marked as deleted.
|
||||
*/
|
||||
static void
|
||||
apply_drop_subkey_filter (kbnode_t keyblock, recsel_expr_t selector)
|
||||
apply_drop_subkey_filter (ctrl_t ctrl, kbnode_t keyblock,
|
||||
recsel_expr_t selector)
|
||||
{
|
||||
kbnode_t node;
|
||||
struct impex_filter_parm_s parm;
|
||||
|
||||
parm.ctrl = ctrl;
|
||||
|
||||
for (node = keyblock->next; node; node = node->next )
|
||||
{
|
||||
if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
|
||||
|| node->pkt->pkttype == PKT_SECRET_SUBKEY)
|
||||
{
|
||||
if (recsel_select (selector, impex_filter_getval, node))
|
||||
parm.node = node;
|
||||
if (recsel_select (selector, impex_filter_getval, &parm))
|
||||
{
|
||||
/*log_debug ("drop-subkey: deleting a key\n");*/
|
||||
/* The subkey packet and all following packets up to the
|
||||
@ -1990,19 +1999,20 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret,
|
||||
* UID sigs (0x10, 0x11, 0x12, and 0x13). A designated
|
||||
* revocation is never stripped, even with export-minimal set. */
|
||||
if ((options & EXPORT_CLEAN))
|
||||
clean_key (keyblock, opt.verbose, (options&EXPORT_MINIMAL), NULL, NULL);
|
||||
clean_key (ctrl, keyblock, opt.verbose,
|
||||
(options&EXPORT_MINIMAL), NULL, NULL);
|
||||
|
||||
if (export_keep_uid)
|
||||
{
|
||||
commit_kbnode (&keyblock);
|
||||
apply_keep_uid_filter (keyblock, export_keep_uid);
|
||||
apply_keep_uid_filter (ctrl, keyblock, export_keep_uid);
|
||||
commit_kbnode (&keyblock);
|
||||
}
|
||||
|
||||
if (export_drop_subkey)
|
||||
{
|
||||
commit_kbnode (&keyblock);
|
||||
apply_drop_subkey_filter (keyblock, export_drop_subkey);
|
||||
apply_drop_subkey_filter (ctrl, keyblock, export_drop_subkey);
|
||||
commit_kbnode (&keyblock);
|
||||
}
|
||||
|
||||
@ -2139,7 +2149,7 @@ export_ssh_key (ctrl_t ctrl, const char *userid)
|
||||
1 /* No AKL lookup. */);
|
||||
if (!err)
|
||||
{
|
||||
err = getkey_next (getkeyctx, NULL, NULL);
|
||||
err = getkey_next (ctrl, getkeyctx, NULL, NULL);
|
||||
if (!err)
|
||||
err = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
|
||||
else if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY)
|
||||
|
136
g10/getkey.c
136
g10/getkey.c
@ -139,10 +139,9 @@ typedef struct user_id_db
|
||||
static user_id_db_t user_id_db;
|
||||
static int uid_cache_entries; /* Number of entries in uid cache. */
|
||||
|
||||
static void merge_selfsigs (kbnode_t keyblock);
|
||||
static int lookup (getkey_ctx_t ctx,
|
||||
kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
|
||||
int want_secret);
|
||||
static void merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock);
|
||||
static int lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
|
||||
kbnode_t *ret_keyblock, kbnode_t *ret_found_key);
|
||||
static kbnode_t finish_lookup (kbnode_t keyblock,
|
||||
unsigned int req_usage, int want_exact,
|
||||
unsigned int *r_flags);
|
||||
@ -532,7 +531,7 @@ get_pubkeys (ctrl_t ctrl,
|
||||
err = get_pubkey_byname (ctrl, &ctx, pk, search_terms, &kb, NULL,
|
||||
include_unusable, 1);
|
||||
else
|
||||
err = getkey_next (ctx, pk, &kb);
|
||||
err = getkey_next (ctrl, ctx, pk, &kb);
|
||||
|
||||
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
|
||||
/* No more results. */
|
||||
@ -697,7 +696,7 @@ pk_from_block (PKT_public_key *pk, kbnode_t keyblock, kbnode_t found_key)
|
||||
* has definitely been merged into the public key using
|
||||
* merge_selfsigs. */
|
||||
int
|
||||
get_pubkey (PKT_public_key * pk, u32 * keyid)
|
||||
get_pubkey (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid)
|
||||
{
|
||||
int internal = 0;
|
||||
int rc = 0;
|
||||
@ -748,7 +747,7 @@ get_pubkey (PKT_public_key * pk, u32 * keyid)
|
||||
ctx.items[0].u.kid[0] = keyid[0];
|
||||
ctx.items[0].u.kid[1] = keyid[1];
|
||||
ctx.req_usage = pk->req_usage;
|
||||
rc = lookup (&ctx, &kb, &found_key, 0);
|
||||
rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
|
||||
if (!rc)
|
||||
{
|
||||
pk_from_block (pk, kb, found_key);
|
||||
@ -852,7 +851,7 @@ get_pubkey_fast (PKT_public_key * pk, u32 * keyid)
|
||||
* The self-signed data has already been merged into the public key
|
||||
* using merge_selfsigs. */
|
||||
kbnode_t
|
||||
get_pubkeyblock (u32 * keyid)
|
||||
get_pubkeyblock (ctrl_t ctrl, u32 * keyid)
|
||||
{
|
||||
struct getkey_ctx_s ctx;
|
||||
int rc = 0;
|
||||
@ -868,7 +867,7 @@ get_pubkeyblock (u32 * keyid)
|
||||
ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID;
|
||||
ctx.items[0].u.kid[0] = keyid[0];
|
||||
ctx.items[0].u.kid[1] = keyid[1];
|
||||
rc = lookup (&ctx, &keyblock, NULL, 0);
|
||||
rc = lookup (ctrl, &ctx, 0, &keyblock, NULL);
|
||||
getkey_end (&ctx);
|
||||
|
||||
return rc ? NULL : keyblock;
|
||||
@ -893,7 +892,7 @@ get_pubkeyblock (u32 * keyid)
|
||||
* The self-signed data has already been merged into the public key
|
||||
* using merge_selfsigs. */
|
||||
gpg_error_t
|
||||
get_seckey (PKT_public_key *pk, u32 *keyid)
|
||||
get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid)
|
||||
{
|
||||
gpg_error_t err;
|
||||
struct getkey_ctx_s ctx;
|
||||
@ -911,7 +910,7 @@ get_seckey (PKT_public_key *pk, u32 *keyid)
|
||||
ctx.items[0].u.kid[0] = keyid[0];
|
||||
ctx.items[0].u.kid[1] = keyid[1];
|
||||
ctx.req_usage = pk->req_usage;
|
||||
err = lookup (&ctx, &keyblock, &found_key, 1);
|
||||
err = lookup (ctrl, &ctx, 1, &keyblock, &found_key);
|
||||
if (!err)
|
||||
{
|
||||
pk_from_block (pk, keyblock, found_key);
|
||||
@ -933,15 +932,14 @@ get_seckey (PKT_public_key *pk, u32 *keyid)
|
||||
/* Skip unusable keys. A key is unusable if it is revoked, expired or
|
||||
disabled or if the selected user id is revoked or expired. */
|
||||
static int
|
||||
skip_unusable (void *dummy, u32 * keyid, int uid_no)
|
||||
skip_unusable (void *opaque, u32 * keyid, int uid_no)
|
||||
{
|
||||
ctrl_t ctrl = opaque;
|
||||
int unusable = 0;
|
||||
KBNODE keyblock;
|
||||
PKT_public_key *pk;
|
||||
|
||||
(void) dummy;
|
||||
|
||||
keyblock = get_pubkeyblock (keyid);
|
||||
keyblock = get_pubkeyblock (ctrl, keyid);
|
||||
if (!keyblock)
|
||||
{
|
||||
log_error ("error checking usability status of %s\n", keystr (keyid));
|
||||
@ -1034,7 +1032,7 @@ leave:
|
||||
returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY
|
||||
(if want_secret is set) is returned if the key is not found. */
|
||||
static int
|
||||
key_byname (GETKEY_CTX *retctx, strlist_t namelist,
|
||||
key_byname (ctrl_t ctrl, GETKEY_CTX *retctx, strlist_t namelist,
|
||||
PKT_public_key *pk,
|
||||
int want_secret, int include_unusable,
|
||||
KBNODE * ret_kb, KEYDB_HANDLE * ret_kdbhd)
|
||||
@ -1063,7 +1061,10 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
|
||||
ctx->nitems = 1;
|
||||
ctx->items[0].mode = KEYDB_SEARCH_MODE_FIRST;
|
||||
if (!include_unusable)
|
||||
{
|
||||
ctx->items[0].skipfnc = skip_unusable;
|
||||
ctx->items[0].skipfncvalue = ctrl;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -1096,7 +1097,10 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
|
||||
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR16
|
||||
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR20
|
||||
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR)
|
||||
{
|
||||
ctx->items[n].skipfnc = skip_unusable;
|
||||
ctx->items[n].skipfncvalue = ctrl;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1117,7 +1121,7 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
|
||||
ctx->req_usage = pk->req_usage;
|
||||
}
|
||||
|
||||
rc = lookup (ctx, ret_kb, &found_key, want_secret);
|
||||
rc = lookup (ctrl, ctx, want_secret, ret_kb, &found_key);
|
||||
if (!rc && pk)
|
||||
{
|
||||
pk_from_block (pk, *ret_kb, found_key);
|
||||
@ -1273,7 +1277,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
|
||||
* only try the local keyring). In this case, lookup NAME in
|
||||
* the local keyring. */
|
||||
add_to_strlist (&namelist, name);
|
||||
rc = key_byname (retctx, namelist, pk, 0,
|
||||
rc = key_byname (ctrl, retctx, namelist, pk, 0,
|
||||
include_unusable, ret_keyblock, ret_kdbhd);
|
||||
}
|
||||
|
||||
@ -1310,7 +1314,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
|
||||
*retctx = NULL;
|
||||
}
|
||||
add_to_strlist (&namelist, name);
|
||||
rc = key_byname (anylocalfirst ? retctx : NULL,
|
||||
rc = key_byname (ctrl, anylocalfirst ? retctx : NULL,
|
||||
namelist, pk, 0,
|
||||
include_unusable, ret_keyblock, ret_kdbhd);
|
||||
break;
|
||||
@ -1427,7 +1431,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
|
||||
getkey_end (*retctx);
|
||||
*retctx = NULL;
|
||||
}
|
||||
rc = key_byname (anylocalfirst ? retctx : NULL,
|
||||
rc = key_byname (ctrl, anylocalfirst ? retctx : NULL,
|
||||
namelist, pk, 0,
|
||||
include_unusable, ret_keyblock, ret_kdbhd);
|
||||
}
|
||||
@ -1596,7 +1600,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
|
||||
struct pubkey_cmp_cookie new;
|
||||
kbnode_t new_keyblock;
|
||||
|
||||
while (getkey_next (ctx, &new.key, &new_keyblock) == 0)
|
||||
while (getkey_next (ctrl, ctx, &new.key, &new_keyblock) == 0)
|
||||
{
|
||||
int diff = pubkey_cmp (ctrl, name, &best, &new, new_keyblock);
|
||||
release_kbnode (new_keyblock);
|
||||
@ -1656,7 +1660,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
|
||||
{
|
||||
release_kbnode (*ret_keyblock);
|
||||
*ret_keyblock = NULL;
|
||||
rc = getkey_next (ctx, NULL, ret_keyblock);
|
||||
rc = getkey_next (ctrl, ctx, NULL, ret_keyblock);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1718,7 +1722,7 @@ get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname)
|
||||
{
|
||||
/* Warning: node flag bits 0 and 1 should be preserved by
|
||||
* merge_selfsigs. FIXME: Check whether this still holds. */
|
||||
merge_selfsigs (keyblock);
|
||||
merge_selfsigs (ctrl, keyblock);
|
||||
found_key = finish_lookup (keyblock, pk->req_usage, 0, &infoflags);
|
||||
print_status_key_considered (keyblock, infoflags);
|
||||
if (found_key)
|
||||
@ -1761,7 +1765,7 @@ get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname)
|
||||
* be done by creating a userID conforming to the unified fingerprint
|
||||
* style. */
|
||||
int
|
||||
get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
|
||||
get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock,
|
||||
const byte * fprint, size_t fprint_len)
|
||||
{
|
||||
int rc;
|
||||
@ -1786,7 +1790,7 @@ get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
|
||||
ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16
|
||||
: KEYDB_SEARCH_MODE_FPR20;
|
||||
memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
|
||||
rc = lookup (&ctx, &kb, &found_key, 0);
|
||||
rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
|
||||
if (!rc && pk)
|
||||
pk_from_block (pk, kb, found_key);
|
||||
if (!rc && r_keyblock)
|
||||
@ -1911,7 +1915,7 @@ parse_def_secret_key (ctrl_t ctrl)
|
||||
continue;
|
||||
}
|
||||
|
||||
merge_selfsigs (kb);
|
||||
merge_selfsigs (ctrl, kb);
|
||||
|
||||
err = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
node = kb;
|
||||
@ -2024,7 +2028,7 @@ get_seckey_default (ctrl_t ctrl, PKT_public_key *pk)
|
||||
else
|
||||
include_unusable = 0;
|
||||
|
||||
err = key_byname (NULL, namelist, pk, 1, include_unusable, NULL, NULL);
|
||||
err = key_byname (ctrl, NULL, namelist, pk, 1, include_unusable, NULL, NULL);
|
||||
|
||||
free_strlist (namelist);
|
||||
|
||||
@ -2069,10 +2073,10 @@ get_seckey_default (ctrl_t ctrl, PKT_public_key *pk)
|
||||
* returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY
|
||||
* (if want_secret is set) is returned if the key is not found. */
|
||||
gpg_error_t
|
||||
getkey_bynames (getkey_ctx_t *retctx, PKT_public_key *pk,
|
||||
getkey_bynames (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
|
||||
strlist_t names, int want_secret, kbnode_t *ret_keyblock)
|
||||
{
|
||||
return key_byname (retctx, names, pk, want_secret, 1,
|
||||
return key_byname (ctrl, retctx, names, pk, want_secret, 1,
|
||||
ret_keyblock, NULL);
|
||||
}
|
||||
|
||||
@ -2136,7 +2140,7 @@ getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
|
||||
else
|
||||
with_unusable = 0;
|
||||
|
||||
err = key_byname (retctx, namelist, pk, want_secret, with_unusable,
|
||||
err = key_byname (ctrl, retctx, namelist, pk, want_secret, with_unusable,
|
||||
ret_keyblock, NULL);
|
||||
|
||||
/* FIXME: Check that we really return GPG_ERR_NO_SECKEY if
|
||||
@ -2165,7 +2169,8 @@ getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
|
||||
* The self-signed data has already been merged into the public key
|
||||
* using merge_selfsigs. */
|
||||
gpg_error_t
|
||||
getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock)
|
||||
getkey_next (ctrl_t ctrl, getkey_ctx_t ctx,
|
||||
PKT_public_key *pk, kbnode_t *ret_keyblock)
|
||||
{
|
||||
int rc; /* Fixme: Make sure this is proper gpg_error */
|
||||
KBNODE keyblock = NULL;
|
||||
@ -2183,7 +2188,8 @@ getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock)
|
||||
if (pk && ret_keyblock == NULL)
|
||||
ret_keyblock = &keyblock;
|
||||
|
||||
rc = lookup (ctx, ret_keyblock, pk ? &found_key : NULL, ctx->want_secret);
|
||||
rc = lookup (ctrl, ctx, ctx->want_secret,
|
||||
ret_keyblock, pk ? &found_key : NULL);
|
||||
if (!rc && pk)
|
||||
{
|
||||
log_assert (found_key);
|
||||
@ -2255,12 +2261,12 @@ setup_main_keyids (kbnode_t keyblock)
|
||||
* useful, however, if you change the keyblock, e.g., by adding or
|
||||
* removing a self-signed data packet. */
|
||||
void
|
||||
merge_keys_and_selfsig (KBNODE keyblock)
|
||||
merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock)
|
||||
{
|
||||
if (!keyblock)
|
||||
;
|
||||
else if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
|
||||
merge_selfsigs (keyblock);
|
||||
merge_selfsigs (ctrl, keyblock);
|
||||
else
|
||||
log_debug ("FIXME: merging secret key blocks is not anymore available\n");
|
||||
}
|
||||
@ -2481,7 +2487,7 @@ sig_to_revoke_info (PKT_signature * sig, struct revoke_info *rinfo)
|
||||
field is set to 1 and the other user id's is_primary are set to
|
||||
0. */
|
||||
static void
|
||||
merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
|
||||
merge_selfsigs_main (ctrl_t ctrl, kbnode_t keyblock, int *r_revoked,
|
||||
struct revoke_info *rinfo)
|
||||
{
|
||||
PKT_public_key *pk = NULL;
|
||||
@ -2564,7 +2570,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
|
||||
if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1])
|
||||
/* Self sig. */
|
||||
{
|
||||
if (check_key_signature (keyblock, k, NULL))
|
||||
if (check_key_signature (ctrl, keyblock, k, NULL))
|
||||
; /* Signature did not verify. */
|
||||
else if (IS_KEY_REV (sig))
|
||||
{
|
||||
@ -2689,7 +2695,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
|
||||
if (IS_KEY_REV (sig) &&
|
||||
(sig->keyid[0] != kid[0] || sig->keyid[1] != kid[1]))
|
||||
{
|
||||
int rc = check_revocation_keys (pk, sig);
|
||||
int rc = check_revocation_keys (ctrl, pk, sig);
|
||||
if (rc == 0)
|
||||
{
|
||||
*r_revoked = 2;
|
||||
@ -2746,7 +2752,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
|
||||
PKT_signature *sig = k->pkt->pkt.signature;
|
||||
if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1])
|
||||
{
|
||||
if (check_key_signature (keyblock, k, NULL))
|
||||
if (check_key_signature (ctrl, keyblock, k, NULL))
|
||||
; /* signature did not verify */
|
||||
else if ((IS_UID_SIG (sig) || IS_UID_REV (sig))
|
||||
&& sig->timestamp >= sigdate)
|
||||
@ -2812,9 +2818,10 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
|
||||
revoked the user should also remove the
|
||||
ultimate trust flag. */
|
||||
if (get_pubkey_fast (ultimate_pk, sig->keyid) == 0
|
||||
&& check_key_signature2 (keyblock, k, ultimate_pk,
|
||||
&& check_key_signature2 (ctrl,
|
||||
keyblock, k, ultimate_pk,
|
||||
NULL, NULL, NULL, NULL) == 0
|
||||
&& get_ownertrust (ultimate_pk) == TRUST_ULTIMATE)
|
||||
&& get_ownertrust (ctrl, ultimate_pk) == TRUST_ULTIMATE)
|
||||
{
|
||||
free_public_key (ultimate_pk);
|
||||
pk->flags.valid = 1;
|
||||
@ -3050,7 +3057,7 @@ buf_to_sig (const byte * buf, size_t len)
|
||||
flags.chosen_selfsig
|
||||
*/
|
||||
static void
|
||||
merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
|
||||
merge_selfsigs_subkey (ctrl_t ctrl, kbnode_t keyblock, kbnode_t subnode)
|
||||
{
|
||||
PKT_public_key *mainpk = NULL, *subpk = NULL;
|
||||
PKT_signature *sig;
|
||||
@ -3089,7 +3096,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
|
||||
sig = k->pkt->pkt.signature;
|
||||
if (sig->keyid[0] == mainkid[0] && sig->keyid[1] == mainkid[1])
|
||||
{
|
||||
if (check_key_signature (keyblock, k, NULL))
|
||||
if (check_key_signature (ctrl, keyblock, k, NULL))
|
||||
; /* Signature did not verify. */
|
||||
else if (IS_SUBKEY_REV (sig))
|
||||
{
|
||||
@ -3241,7 +3248,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
|
||||
See documentation for merge_selfsigs_main, merge_selfsigs_subkey
|
||||
and fixup_uidnode for exactly which fields are updated. */
|
||||
static void
|
||||
merge_selfsigs (KBNODE keyblock)
|
||||
merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock)
|
||||
{
|
||||
KBNODE k;
|
||||
int revoked;
|
||||
@ -3264,14 +3271,14 @@ merge_selfsigs (KBNODE keyblock)
|
||||
BUG ();
|
||||
}
|
||||
|
||||
merge_selfsigs_main (keyblock, &revoked, &rinfo);
|
||||
merge_selfsigs_main (ctrl, keyblock, &revoked, &rinfo);
|
||||
|
||||
/* Now merge in the data from each of the subkeys. */
|
||||
for (k = keyblock; k; k = k->next)
|
||||
{
|
||||
if (k->pkt->pkttype == PKT_PUBLIC_SUBKEY)
|
||||
{
|
||||
merge_selfsigs_subkey (keyblock, k);
|
||||
merge_selfsigs_subkey (ctrl, keyblock, k);
|
||||
}
|
||||
}
|
||||
|
||||
@ -3670,8 +3677,8 @@ print_status_key_considered (kbnode_t keyblock, unsigned int flags)
|
||||
*RET_KEYBLOCK is deallocated. Therefore, if RET_FOUND_KEY is not
|
||||
NULL, then RET_KEYBLOCK must not be NULL. */
|
||||
static int
|
||||
lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
|
||||
int want_secret)
|
||||
lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
|
||||
kbnode_t *ret_keyblock, kbnode_t *ret_found_key)
|
||||
{
|
||||
int rc;
|
||||
int no_suitable_key = 0;
|
||||
@ -3708,7 +3715,7 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
|
||||
|
||||
/* Warning: node flag bits 0 and 1 should be preserved by
|
||||
* merge_selfsigs. */
|
||||
merge_selfsigs (keyblock);
|
||||
merge_selfsigs (ctrl, keyblock);
|
||||
found_key = finish_lookup (keyblock, ctx->req_usage, ctx->exact,
|
||||
&infoflags);
|
||||
print_status_key_considered (keyblock, infoflags);
|
||||
@ -3868,7 +3875,8 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
|
||||
break;
|
||||
|
||||
case 3: /* Init search context to enum all secret keys. */
|
||||
err = getkey_bynames (&c->ctx, NULL, NULL, 1, &keyblock);
|
||||
err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
|
||||
&keyblock);
|
||||
if (err)
|
||||
{
|
||||
release_kbnode (keyblock);
|
||||
@ -3882,7 +3890,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
|
||||
case 4: /* Get next item from the context. */
|
||||
if (c->ctx)
|
||||
{
|
||||
err = getkey_next (c->ctx, NULL, &keyblock);
|
||||
err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
|
||||
if (err)
|
||||
{
|
||||
release_kbnode (keyblock);
|
||||
@ -3946,7 +3954,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
|
||||
/* Return a string with a printable representation of the user_id.
|
||||
* this string must be freed by xfree. */
|
||||
static char *
|
||||
get_user_id_string (u32 * keyid, int mode, size_t *r_len)
|
||||
get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
|
||||
{
|
||||
user_id_db_t r;
|
||||
keyid_list_t a;
|
||||
@ -3990,7 +3998,7 @@ get_user_id_string (u32 * keyid, int mode, size_t *r_len)
|
||||
}
|
||||
}
|
||||
}
|
||||
while (++pass < 2 && !get_pubkey (NULL, keyid));
|
||||
while (++pass < 2 && !get_pubkey (ctrl, NULL, keyid));
|
||||
|
||||
if (mode == 2)
|
||||
p = xstrdup (user_id_not_found_utf8 ());
|
||||
@ -4006,9 +4014,9 @@ get_user_id_string (u32 * keyid, int mode, size_t *r_len)
|
||||
|
||||
|
||||
char *
|
||||
get_user_id_string_native (u32 * keyid)
|
||||
get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
|
||||
{
|
||||
char *p = get_user_id_string (keyid, 0, NULL);
|
||||
char *p = get_user_id_string (ctrl, keyid, 0, NULL);
|
||||
char *p2 = utf8_to_native (p, strlen (p), 0);
|
||||
xfree (p);
|
||||
return p2;
|
||||
@ -4016,26 +4024,26 @@ get_user_id_string_native (u32 * keyid)
|
||||
|
||||
|
||||
char *
|
||||
get_long_user_id_string (u32 * keyid)
|
||||
get_long_user_id_string (ctrl_t ctrl, u32 * keyid)
|
||||
{
|
||||
return get_user_id_string (keyid, 1, NULL);
|
||||
return get_user_id_string (ctrl, keyid, 1, NULL);
|
||||
}
|
||||
|
||||
|
||||
/* Please try to use get_user_byfpr instead of this one. */
|
||||
char *
|
||||
get_user_id (u32 * keyid, size_t * rn)
|
||||
get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn)
|
||||
{
|
||||
return get_user_id_string (keyid, 2, rn);
|
||||
return get_user_id_string (ctrl, keyid, 2, rn);
|
||||
}
|
||||
|
||||
|
||||
/* Please try to use get_user_id_byfpr_native instead of this one. */
|
||||
char *
|
||||
get_user_id_native (u32 * keyid)
|
||||
get_user_id_native (ctrl_t ctrl, u32 *keyid)
|
||||
{
|
||||
size_t rn;
|
||||
char *p = get_user_id (keyid, &rn);
|
||||
char *p = get_user_id (ctrl, keyid, &rn);
|
||||
char *p2 = utf8_to_native (p, rn, 0);
|
||||
xfree (p);
|
||||
return p2;
|
||||
@ -4048,7 +4056,7 @@ get_user_id_native (u32 * keyid)
|
||||
terminated. To determine the length of the string, you must use
|
||||
*RN. */
|
||||
char *
|
||||
get_user_id_byfpr (const byte *fpr, size_t *rn)
|
||||
get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn)
|
||||
{
|
||||
user_id_db_t r;
|
||||
char *p;
|
||||
@ -4076,7 +4084,7 @@ get_user_id_byfpr (const byte *fpr, size_t *rn)
|
||||
}
|
||||
}
|
||||
while (++pass < 2
|
||||
&& !get_pubkey_byfprint (NULL, NULL, fpr, MAX_FINGERPRINT_LEN));
|
||||
&& !get_pubkey_byfprint (ctrl, NULL, NULL, fpr, MAX_FINGERPRINT_LEN));
|
||||
p = xstrdup (user_id_not_found_utf8 ());
|
||||
*rn = strlen (p);
|
||||
return p;
|
||||
@ -4086,10 +4094,10 @@ get_user_id_byfpr (const byte *fpr, size_t *rn)
|
||||
encoding. The returned string needs to be freed. Unlike
|
||||
get_user_id_byfpr, the returned string is NUL terminated. */
|
||||
char *
|
||||
get_user_id_byfpr_native (const byte *fpr)
|
||||
get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr)
|
||||
{
|
||||
size_t rn;
|
||||
char *p = get_user_id_byfpr (fpr, &rn);
|
||||
char *p = get_user_id_byfpr (ctrl, fpr, &rn);
|
||||
char *p2 = utf8_to_native (p, rn, 0);
|
||||
xfree (p);
|
||||
return p2;
|
||||
|
21
g10/gpg.c
21
g10/gpg.c
@ -4292,7 +4292,8 @@ main (int argc, char **argv)
|
||||
proper order :) */
|
||||
for( ; argc; argc-- )
|
||||
add_to_strlist2( &sl, argv[argc-1], utf8_strings );
|
||||
delete_keys(sl,cmd==aDeleteSecretKeys,cmd==aDeleteSecretAndPublicKeys);
|
||||
delete_keys (ctrl, sl,
|
||||
cmd==aDeleteSecretKeys, cmd==aDeleteSecretAndPublicKeys);
|
||||
free_strlist(sl);
|
||||
break;
|
||||
|
||||
@ -4591,7 +4592,7 @@ main (int argc, char **argv)
|
||||
if( argc != 1 )
|
||||
wrong_args("--generate-revocation user-id");
|
||||
username = make_username(*argv);
|
||||
gen_revoke( username );
|
||||
gen_revoke (ctrl, username );
|
||||
xfree( username );
|
||||
break;
|
||||
|
||||
@ -4738,10 +4739,10 @@ main (int argc, char **argv)
|
||||
#ifndef NO_TRUST_MODELS
|
||||
case aListTrustDB:
|
||||
if( !argc )
|
||||
list_trustdb (es_stdout, NULL);
|
||||
list_trustdb (ctrl, es_stdout, NULL);
|
||||
else {
|
||||
for( ; argc; argc--, argv++ )
|
||||
list_trustdb (es_stdout, *argv );
|
||||
list_trustdb (ctrl, es_stdout, *argv );
|
||||
}
|
||||
break;
|
||||
|
||||
@ -4773,28 +4774,28 @@ main (int argc, char **argv)
|
||||
case aExportOwnerTrust:
|
||||
if( argc )
|
||||
wrong_args("--export-ownertrust");
|
||||
export_ownertrust();
|
||||
export_ownertrust (ctrl);
|
||||
break;
|
||||
|
||||
case aImportOwnerTrust:
|
||||
if( argc > 1 )
|
||||
wrong_args("--import-ownertrust [file]");
|
||||
import_ownertrust( argc? *argv:NULL );
|
||||
import_ownertrust (ctrl, argc? *argv:NULL );
|
||||
break;
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
|
||||
case aRebuildKeydbCaches:
|
||||
if (argc)
|
||||
wrong_args ("--rebuild-keydb-caches");
|
||||
keydb_rebuild_caches (1);
|
||||
keydb_rebuild_caches (ctrl, 1);
|
||||
break;
|
||||
|
||||
#ifdef ENABLE_CARD_SUPPORT
|
||||
case aCardStatus:
|
||||
if (argc == 0)
|
||||
card_status (es_stdout, NULL);
|
||||
card_status (ctrl, es_stdout, NULL);
|
||||
else if (argc == 1)
|
||||
card_status (es_stdout, *argv);
|
||||
card_status (ctrl, es_stdout, *argv);
|
||||
else
|
||||
wrong_args ("--card-status [serialno]");
|
||||
break;
|
||||
@ -4906,7 +4907,7 @@ main (int argc, char **argv)
|
||||
g10_exit (1);
|
||||
}
|
||||
|
||||
merge_keys_and_selfsig (kb);
|
||||
merge_keys_and_selfsig (ctrl, kb);
|
||||
if (tofu_set_policy (ctrl, kb, policy))
|
||||
g10_exit (1);
|
||||
|
||||
|
@ -42,6 +42,11 @@ struct filter
|
||||
struct filter *next;
|
||||
};
|
||||
|
||||
|
||||
/* Hack to ass CTRL to some functions. */
|
||||
static ctrl_t global_ctrl;
|
||||
|
||||
|
||||
static struct filter *filters;
|
||||
|
||||
static void
|
||||
@ -1609,7 +1614,7 @@ mksubpkt_callback (PKT_signature *sig, void *cookie)
|
||||
if (err)
|
||||
{
|
||||
u32 keyid[2];
|
||||
keyid_from_fingerprint (revkey->fpr, 20, keyid);
|
||||
keyid_from_fingerprint (global_ctrl, revkey->fpr, 20, keyid);
|
||||
log_fatal ("adding revocation key %s: %s\n",
|
||||
keystr (keyid), gpg_strerror (err));
|
||||
}
|
||||
@ -1793,7 +1798,8 @@ signature (const char *option, int argc, char *argv[], void *cookie)
|
||||
/* Changing the issuer's key id is fragile. Check to make sure
|
||||
make_keysig_packet didn't recompute the keyid. */
|
||||
keyid_copy (keyid, si.issuer_pk->keyid);
|
||||
err = make_keysig_packet (&sig, si.pk, si.uid, si.sk, si.issuer_pk,
|
||||
err = make_keysig_packet (global_ctrl,
|
||||
&sig, si.pk, si.uid, si.sk, si.issuer_pk,
|
||||
si.class, si.digest_algo,
|
||||
si.timestamp, si.expiration,
|
||||
mksubpkt_callback, &si, NULL);
|
||||
@ -2446,7 +2452,7 @@ pk_esk (const char *option, int argc, char *argv[], void *cookie)
|
||||
make_session_key (&session_key);
|
||||
}
|
||||
|
||||
err = write_pubkey_enc (&pk, pi.throw_keyid, &session_key, out);
|
||||
err = write_pubkey_enc (global_ctrl, &pk, pi.throw_keyid, &session_key, out);
|
||||
if (err)
|
||||
log_fatal ("%s: writing pk_esk packet for %s: %s\n",
|
||||
option, pi.keyid, gpg_strerror (err));
|
||||
@ -2967,7 +2973,7 @@ main (int argc, char *argv[])
|
||||
/* Allow notations in the IETF space, for instance. */
|
||||
opt.expert = 1;
|
||||
|
||||
ctrl = xcalloc (1, sizeof *ctrl);
|
||||
global_ctrl = ctrl = xcalloc (1, sizeof *ctrl);
|
||||
|
||||
keydb_add_resource ("pubring" EXTSEP_S GPGEXT_GPG,
|
||||
KEYDB_RESOURCE_FLAG_DEFAULT);
|
||||
@ -3035,7 +3041,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
}
|
||||
|
||||
void
|
||||
show_basic_key_info (KBNODE keyblock)
|
||||
show_basic_key_info (ctrl_t ctrl, KBNODE keyblock)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void) keyblock;
|
||||
}
|
||||
|
13
g10/gpgv.c
13
g10/gpgv.c
@ -299,10 +299,12 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
}
|
||||
|
||||
void
|
||||
read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
|
||||
read_trust_options (ctrl_t ctrl,
|
||||
byte *trust_model, ulong *created, ulong *nextcheck,
|
||||
byte *marginals, byte *completes, byte *cert_depth,
|
||||
byte *min_cert_level)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void)trust_model;
|
||||
(void)created;
|
||||
(void)nextcheck;
|
||||
@ -318,8 +320,9 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
|
||||
*/
|
||||
|
||||
int
|
||||
cache_disabled_value(PKT_public_key *pk)
|
||||
cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void)pk;
|
||||
return 0;
|
||||
}
|
||||
@ -371,16 +374,18 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
|
||||
}
|
||||
|
||||
int
|
||||
get_ownertrust_info (PKT_public_key *pk, int no_create)
|
||||
get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void)pk;
|
||||
(void)no_create;
|
||||
return '?';
|
||||
}
|
||||
|
||||
unsigned int
|
||||
get_ownertrust (PKT_public_key *pk)
|
||||
get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void)pk;
|
||||
return TRUST_UNKNOWN;
|
||||
}
|
||||
|
126
g10/import.c
126
g10/import.c
@ -112,11 +112,12 @@ static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
|
||||
import_screener_t screener, void *screener_arg);
|
||||
static int import_revoke_cert (ctrl_t ctrl,
|
||||
kbnode_t node, struct import_stats_s *stats);
|
||||
static int chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self);
|
||||
static int delete_inv_parts (kbnode_t keyblock,
|
||||
static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
|
||||
int *non_self);
|
||||
static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock,
|
||||
u32 *keyid, unsigned int options);
|
||||
static int any_uid_left (kbnode_t keyblock);
|
||||
static int merge_blocks (kbnode_t keyblock_orig,
|
||||
static int merge_blocks (ctrl_t ctrl, kbnode_t keyblock_orig,
|
||||
kbnode_t keyblock, u32 *keyid,
|
||||
int *n_uids, int *n_sigs, int *n_subk );
|
||||
static int append_uid (kbnode_t keyblock, kbnode_t node, int *n_sigs);
|
||||
@ -361,13 +362,13 @@ read_key_from_file (ctrl_t ctrl, const char *fname, kbnode_t *r_keyblock)
|
||||
collapse_uids (&keyblock);
|
||||
|
||||
clear_kbnode_flags (keyblock);
|
||||
if (chk_self_sigs (keyblock, keyid, &non_self))
|
||||
if (chk_self_sigs (ctrl, keyblock, keyid, &non_self))
|
||||
{
|
||||
err = gpg_error (GPG_ERR_INV_KEYRING);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
if (!delete_inv_parts (keyblock, keyid, 0) )
|
||||
if (!delete_inv_parts (ctrl, keyblock, keyid, 0) )
|
||||
{
|
||||
err = gpg_error (GPG_ERR_NO_USER_ID);
|
||||
goto leave;
|
||||
@ -907,7 +908,7 @@ read_block( IOBUF a, int with_meta,
|
||||
by reordering the keyblock so that it reads "pk uid sig sub1 bind1
|
||||
sub2 sub3". Returns TRUE if the keyblock was modified. */
|
||||
static int
|
||||
fix_pks_corruption (kbnode_t keyblock)
|
||||
fix_pks_corruption (ctrl_t ctrl, kbnode_t keyblock)
|
||||
{
|
||||
int changed = 0;
|
||||
int keycount = 0;
|
||||
@ -946,7 +947,7 @@ fix_pks_corruption (kbnode_t keyblock)
|
||||
selfsig. This is not necessary here as the subkey and
|
||||
binding sig will be rejected later if that is the
|
||||
case. */
|
||||
if (check_key_signature (keyblock,node,NULL))
|
||||
if (check_key_signature (ctrl, keyblock,node,NULL))
|
||||
{
|
||||
/* Not a match, so undo the changes. */
|
||||
sknode->next = node->next;
|
||||
@ -979,7 +980,7 @@ fix_pks_corruption (kbnode_t keyblock)
|
||||
We need to detect and delete them before doing a merge. This
|
||||
function returns the number of removed sigs. */
|
||||
static int
|
||||
fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
|
||||
fix_bad_direct_key_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid)
|
||||
{
|
||||
gpg_error_t err;
|
||||
kbnode_t node;
|
||||
@ -992,7 +993,7 @@ fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
|
||||
if (node->pkt->pkttype == PKT_SIGNATURE
|
||||
&& IS_KEY_SIG (node->pkt->pkt.signature))
|
||||
{
|
||||
err = check_key_signature (keyblock, node, NULL);
|
||||
err = check_key_signature (ctrl, keyblock, node, NULL);
|
||||
if (err && gpg_err_code (err) != GPG_ERR_PUBKEY_ALGO )
|
||||
{
|
||||
/* If we don't know the error, we can't decide; this is
|
||||
@ -1067,7 +1068,7 @@ check_prefs (ctrl_t ctrl, kbnode_t keyblock)
|
||||
PKT_public_key *pk;
|
||||
int problem=0;
|
||||
|
||||
merge_keys_and_selfsig(keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
pk=keyblock->pkt->pkt.public_key;
|
||||
|
||||
for(node=keyblock;node;node=node->next)
|
||||
@ -1174,8 +1175,10 @@ check_prefs (ctrl_t ctrl, kbnode_t keyblock)
|
||||
const char *
|
||||
impex_filter_getval (void *cookie, const char *propname)
|
||||
{
|
||||
/* FIXME: Malloc our static buffers and access them via the cookie. */
|
||||
kbnode_t node = cookie;
|
||||
/* FIXME: Malloc our static buffers and access them via PARM. */
|
||||
struct impex_filter_parm_s *parm = cookie;
|
||||
ctrl_t ctrl = parm->ctrl;
|
||||
kbnode_t node = parm->node;
|
||||
static char numbuf[20];
|
||||
const char *result;
|
||||
|
||||
@ -1293,15 +1296,19 @@ impex_filter_getval (void *cookie, const char *propname)
|
||||
* KEYBLOCK must not have any blocks marked as deleted.
|
||||
*/
|
||||
static void
|
||||
apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
|
||||
apply_keep_uid_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
|
||||
{
|
||||
kbnode_t node;
|
||||
struct impex_filter_parm_s parm;
|
||||
|
||||
parm.ctrl = ctrl;
|
||||
|
||||
for (node = keyblock->next; node; node = node->next )
|
||||
{
|
||||
if (node->pkt->pkttype == PKT_USER_ID)
|
||||
{
|
||||
if (!recsel_select (selector, impex_filter_getval, node))
|
||||
parm.node = node;
|
||||
if (!recsel_select (selector, impex_filter_getval, &parm))
|
||||
{
|
||||
|
||||
/* log_debug ("keep-uid: deleting '%s'\n", */
|
||||
@ -1330,12 +1337,15 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
|
||||
* KEYBLOCK must not have any blocks marked as deleted.
|
||||
*/
|
||||
static void
|
||||
apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector)
|
||||
apply_drop_sig_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
|
||||
{
|
||||
kbnode_t node;
|
||||
int active = 0;
|
||||
u32 main_keyid[2];
|
||||
PKT_signature *sig;
|
||||
struct impex_filter_parm_s parm;
|
||||
|
||||
parm.ctrl = ctrl;
|
||||
|
||||
keyid_from_pk (keyblock->pkt->pkt.public_key, main_keyid);
|
||||
|
||||
@ -1360,7 +1370,8 @@ apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector)
|
||||
|
||||
if (IS_UID_SIG(sig) || IS_UID_REV(sig))
|
||||
{
|
||||
if (recsel_select (selector, impex_filter_getval, node))
|
||||
parm.node = node;
|
||||
if (recsel_select (selector, impex_filter_getval, &parm))
|
||||
delete_kbnode (node);
|
||||
}
|
||||
}
|
||||
@ -1442,9 +1453,9 @@ import_one (ctrl_t ctrl,
|
||||
{
|
||||
if (is_status_enabled())
|
||||
print_import_check (pk, uidnode->pkt->pkt.user_id);
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
tty_printf ("\n");
|
||||
show_basic_key_info (keyblock);
|
||||
show_basic_key_info (ctrl, keyblock);
|
||||
tty_printf ("\n");
|
||||
if (!cpr_get_answer_is_yes ("import.okay",
|
||||
"Do you want to import this key? (y/N) "))
|
||||
@ -1458,16 +1469,18 @@ import_one (ctrl_t ctrl,
|
||||
end result, but does result in less logging which might confuse
|
||||
the user. */
|
||||
if (options&IMPORT_CLEAN)
|
||||
clean_key (keyblock,opt.verbose,options&IMPORT_MINIMAL,NULL,NULL);
|
||||
clean_key (ctrl, keyblock,
|
||||
opt.verbose, (options&IMPORT_MINIMAL), NULL, NULL);
|
||||
|
||||
clear_kbnode_flags( keyblock );
|
||||
|
||||
if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
|
||||
if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG)
|
||||
&& fix_pks_corruption (ctrl, keyblock)
|
||||
&& opt.verbose)
|
||||
log_info (_("key %s: PKS subkey corruption repaired\n"),
|
||||
keystr_from_pk(pk));
|
||||
|
||||
if (chk_self_sigs (keyblock, keyid, &non_self))
|
||||
if (chk_self_sigs (ctrl, keyblock, keyid, &non_self))
|
||||
return 0; /* Invalid keyblock - error already printed. */
|
||||
|
||||
/* If we allow such a thing, mark unsigned uids as valid */
|
||||
@ -1488,7 +1501,7 @@ import_one (ctrl_t ctrl,
|
||||
}
|
||||
}
|
||||
|
||||
if (!delete_inv_parts (keyblock, keyid, options ) )
|
||||
if (!delete_inv_parts (ctrl, keyblock, keyid, options ) )
|
||||
{
|
||||
if (!silent)
|
||||
{
|
||||
@ -1506,13 +1519,13 @@ import_one (ctrl_t ctrl,
|
||||
/* Apply import filter. */
|
||||
if (import_filter.keep_uid)
|
||||
{
|
||||
apply_keep_uid_filter (keyblock, import_filter.keep_uid);
|
||||
apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
|
||||
commit_kbnode (&keyblock);
|
||||
any_filter = 1;
|
||||
}
|
||||
if (import_filter.drop_sig)
|
||||
{
|
||||
apply_drop_sig_filter (keyblock, import_filter.drop_sig);
|
||||
apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
|
||||
commit_kbnode (&keyblock);
|
||||
any_filter = 1;
|
||||
}
|
||||
@ -1534,7 +1547,7 @@ import_one (ctrl_t ctrl,
|
||||
if ((options & IMPORT_SHOW)
|
||||
&& !((options & IMPORT_EXPORT) && !opt.armor && !opt.outfile))
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
merge_keys_done = 1;
|
||||
/* Note that we do not want to show the validity because the key
|
||||
* has not yet imported. */
|
||||
@ -1547,7 +1560,7 @@ import_one (ctrl_t ctrl,
|
||||
{
|
||||
if (!merge_keys_done)
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
merge_keys_done = 1;
|
||||
}
|
||||
rc = write_keyblock_to_output (keyblock, opt.armor, opt.export_options);
|
||||
@ -1604,23 +1617,23 @@ import_one (ctrl_t ctrl,
|
||||
be made to happen with the trusted-key command and by
|
||||
importing and locally exported key. */
|
||||
|
||||
clear_ownertrusts (pk);
|
||||
clear_ownertrusts (ctrl, pk);
|
||||
if (non_self)
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
}
|
||||
keydb_release (hd);
|
||||
|
||||
/* We are ready. */
|
||||
if (!opt.quiet && !silent)
|
||||
{
|
||||
char *p = get_user_id_byfpr_native (fpr2);
|
||||
char *p = get_user_id_byfpr_native (ctrl, fpr2);
|
||||
log_info (_("key %s: public key \"%s\" imported\n"),
|
||||
keystr(keyid), p);
|
||||
xfree(p);
|
||||
}
|
||||
if (is_status_enabled())
|
||||
{
|
||||
char *us = get_long_user_id_string( keyid );
|
||||
char *us = get_long_user_id_string (ctrl, keyid);
|
||||
write_status_text( STATUS_IMPORTED, us );
|
||||
xfree(us);
|
||||
print_import_ok (pk, 1);
|
||||
@ -1669,7 +1682,7 @@ import_one (ctrl_t ctrl,
|
||||
}
|
||||
|
||||
/* Make sure the original direct key sigs are all sane. */
|
||||
n_sigs_cleaned = fix_bad_direct_key_sigs (keyblock_orig, keyid);
|
||||
n_sigs_cleaned = fix_bad_direct_key_sigs (ctrl, keyblock_orig, keyid);
|
||||
if (n_sigs_cleaned)
|
||||
commit_kbnode (&keyblock_orig);
|
||||
|
||||
@ -1677,7 +1690,7 @@ import_one (ctrl_t ctrl,
|
||||
clear_kbnode_flags( keyblock_orig );
|
||||
clear_kbnode_flags( keyblock );
|
||||
n_uids = n_sigs = n_subk = n_uids_cleaned = 0;
|
||||
rc = merge_blocks (keyblock_orig, keyblock,
|
||||
rc = merge_blocks (ctrl, keyblock_orig, keyblock,
|
||||
keyid, &n_uids, &n_sigs, &n_subk );
|
||||
if (rc )
|
||||
{
|
||||
@ -1686,7 +1699,7 @@ import_one (ctrl_t ctrl,
|
||||
}
|
||||
|
||||
if ((options & IMPORT_CLEAN))
|
||||
clean_key (keyblock_orig,opt.verbose,options&IMPORT_MINIMAL,
|
||||
clean_key (ctrl, keyblock_orig, opt.verbose, (options&IMPORT_MINIMAL),
|
||||
&n_uids_cleaned,&n_sigs_cleaned);
|
||||
|
||||
if (n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned)
|
||||
@ -1698,12 +1711,12 @@ import_one (ctrl_t ctrl,
|
||||
log_error (_("error writing keyring '%s': %s\n"),
|
||||
keydb_get_resource_name (hd), gpg_strerror (rc) );
|
||||
else if (non_self)
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
|
||||
/* We are ready. */
|
||||
if (!opt.quiet && !silent)
|
||||
{
|
||||
char *p = get_user_id_byfpr_native (fpr2);
|
||||
char *p = get_user_id_byfpr_native (ctrl, fpr2);
|
||||
if (n_uids == 1 )
|
||||
log_info( _("key %s: \"%s\" 1 new user ID\n"),
|
||||
keystr(keyid),p);
|
||||
@ -1754,7 +1767,7 @@ import_one (ctrl_t ctrl,
|
||||
|
||||
if (!opt.quiet && !silent)
|
||||
{
|
||||
char *p = get_user_id_byfpr_native (fpr2);
|
||||
char *p = get_user_id_byfpr_native (ctrl, fpr2);
|
||||
log_info( _("key %s: \"%s\" not changed\n"),keystr(keyid),p);
|
||||
xfree(p);
|
||||
}
|
||||
@ -2059,7 +2072,7 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
|
||||
|
||||
/* Send the wrapped key to the agent. */
|
||||
{
|
||||
char *desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_IMPORT, 1);
|
||||
char *desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_IMPORT, 1);
|
||||
err = agent_import_key (ctrl, desc, &cache_nonce,
|
||||
wrappedkey, wrappedkeylen, batch, force);
|
||||
xfree (desc);
|
||||
@ -2279,7 +2292,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
|
||||
/* Fixme: we should do this based on the fingerprint or
|
||||
even better let import_one return the merged
|
||||
keyblock. */
|
||||
node = get_pubkeyblock (keyid);
|
||||
node = get_pubkeyblock (ctrl, keyid);
|
||||
if (!node)
|
||||
log_error ("key %s: failed to re-lookup public key\n",
|
||||
keystr_from_pk (pk));
|
||||
@ -2356,7 +2369,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
|
||||
keyid[1] = node->pkt->pkt.signature->keyid[1];
|
||||
|
||||
pk = xmalloc_clear( sizeof *pk );
|
||||
rc = get_pubkey( pk, keyid );
|
||||
rc = get_pubkey (ctrl, pk, keyid );
|
||||
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY )
|
||||
{
|
||||
log_error(_("key %s: no public key -"
|
||||
@ -2405,7 +2418,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
|
||||
/* it is okay, that node is not in keyblock because
|
||||
* check_key_signature works fine for sig_class 0x20 in this
|
||||
* special case. */
|
||||
rc = check_key_signature( keyblock, node, NULL);
|
||||
rc = check_key_signature (ctrl, keyblock, node, NULL);
|
||||
if (rc )
|
||||
{
|
||||
log_error( _("key %s: invalid revocation certificate"
|
||||
@ -2440,7 +2453,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
|
||||
/* we are ready */
|
||||
if (!opt.quiet )
|
||||
{
|
||||
char *p=get_user_id_native (keyid);
|
||||
char *p=get_user_id_native (ctrl, keyid);
|
||||
log_info( _("key %s: \"%s\" revocation certificate imported\n"),
|
||||
keystr(keyid),p);
|
||||
xfree(p);
|
||||
@ -2450,10 +2463,10 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
|
||||
/* If the key we just revoked was ultimately trusted, remove its
|
||||
ultimate trust. This doesn't stop the user from putting the
|
||||
ultimate trust back, but is a reasonable solution for now. */
|
||||
if(get_ownertrust(pk)==TRUST_ULTIMATE)
|
||||
clear_ownertrusts(pk);
|
||||
if (get_ownertrust (ctrl, pk) == TRUST_ULTIMATE)
|
||||
clear_ownertrusts (ctrl, pk);
|
||||
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
|
||||
leave:
|
||||
keydb_release (hd);
|
||||
@ -2477,7 +2490,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
|
||||
* is invalid.
|
||||
*/
|
||||
static int
|
||||
chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
|
||||
chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
|
||||
{
|
||||
kbnode_t n, knode = NULL;
|
||||
PKT_signature *sig;
|
||||
@ -2510,7 +2523,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
|
||||
/* This just caches the sigs for later use. That way we
|
||||
import a fully-cached key which speeds things up. */
|
||||
if (!opt.no_sig_cache)
|
||||
check_key_signature (keyblock, n, NULL);
|
||||
check_key_signature (ctrl, keyblock, n, NULL);
|
||||
|
||||
if ( IS_UID_SIG(sig) || IS_UID_REV(sig) )
|
||||
{
|
||||
@ -2525,7 +2538,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
|
||||
/* If it hasn't been marked valid yet, keep trying. */
|
||||
if (!(unode->flag & NODE_GOOD_SELFSIG))
|
||||
{
|
||||
rc = check_key_signature (keyblock, n, NULL);
|
||||
rc = check_key_signature (ctrl, keyblock, n, NULL);
|
||||
if ( rc )
|
||||
{
|
||||
if ( opt.verbose )
|
||||
@ -2548,7 +2561,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
|
||||
}
|
||||
else if (IS_KEY_SIG (sig))
|
||||
{
|
||||
rc = check_key_signature (keyblock, n, NULL);
|
||||
rc = check_key_signature (ctrl, keyblock, n, NULL);
|
||||
if ( rc )
|
||||
{
|
||||
if (opt.verbose)
|
||||
@ -2574,7 +2587,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = check_key_signature (keyblock, n, NULL);
|
||||
rc = check_key_signature (ctrl, keyblock, n, NULL);
|
||||
if ( rc )
|
||||
{
|
||||
if (opt.verbose)
|
||||
@ -2625,7 +2638,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = check_key_signature (keyblock, n, NULL);
|
||||
rc = check_key_signature (ctrl, keyblock, n, NULL);
|
||||
if ( rc )
|
||||
{
|
||||
if(opt.verbose)
|
||||
@ -2672,7 +2685,8 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
|
||||
* Returns: True if at least one valid user-id is left over.
|
||||
*/
|
||||
static int
|
||||
delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options)
|
||||
delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
|
||||
unsigned int options)
|
||||
{
|
||||
kbnode_t node;
|
||||
int nvalid=0, uid_seen=0, subkey_seen=0;
|
||||
@ -2767,7 +2781,7 @@ delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options)
|
||||
if(node->pkt->pkt.signature->keyid[0]==keyid[0]
|
||||
&& node->pkt->pkt.signature->keyid[1]==keyid[1])
|
||||
{
|
||||
int rc = check_key_signature( keyblock, node, NULL);
|
||||
int rc = check_key_signature (ctrl, keyblock, node, NULL);
|
||||
if (rc )
|
||||
{
|
||||
if(opt.verbose)
|
||||
@ -2968,8 +2982,8 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
|
||||
{
|
||||
u32 keyid[2];
|
||||
|
||||
keyid_from_fingerprint(sig->revkey[idx].fpr,
|
||||
MAX_FINGERPRINT_LEN,keyid);
|
||||
keyid_from_fingerprint (ctrl, sig->revkey[idx].fpr,
|
||||
MAX_FINGERPRINT_LEN, keyid);
|
||||
|
||||
for(inode=keyblock->next;inode;inode=inode->next)
|
||||
{
|
||||
@ -3041,7 +3055,7 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
|
||||
* Note: We indicate newly inserted packets with NODE_FLAG_A.
|
||||
*/
|
||||
static int
|
||||
merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock,
|
||||
merge_blocks (ctrl_t ctrl, kbnode_t keyblock_orig, kbnode_t keyblock,
|
||||
u32 *keyid, int *n_uids, int *n_sigs, int *n_subk )
|
||||
{
|
||||
kbnode_t onode, node;
|
||||
@ -3078,7 +3092,7 @@ merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock,
|
||||
++*n_sigs;
|
||||
if(!opt.quiet)
|
||||
{
|
||||
char *p=get_user_id_native (keyid);
|
||||
char *p = get_user_id_native (ctrl, keyid);
|
||||
log_info(_("key %s: \"%s\" revocation"
|
||||
" certificate added\n"), keystr(keyid),p);
|
||||
xfree(p);
|
||||
|
@ -1674,7 +1674,7 @@ keydb_locate_writable (KEYDB_HANDLE hd)
|
||||
|
||||
/* Rebuild the on-disk caches of all key resources. */
|
||||
void
|
||||
keydb_rebuild_caches (int noisy)
|
||||
keydb_rebuild_caches (ctrl_t ctrl, int noisy)
|
||||
{
|
||||
int i, rc;
|
||||
|
||||
@ -1687,7 +1687,7 @@ keydb_rebuild_caches (int noisy)
|
||||
case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
|
||||
break;
|
||||
case KEYDB_RESOURCE_TYPE_KEYRING:
|
||||
rc = keyring_rebuild_cache (all_resources[i].token,noisy);
|
||||
rc = keyring_rebuild_cache (ctrl, all_resources[i].token,noisy);
|
||||
if (rc)
|
||||
log_error (_("failed to rebuild keyring cache: %s\n"),
|
||||
gpg_strerror (rc));
|
||||
|
44
g10/keydb.h
44
g10/keydb.h
@ -186,7 +186,7 @@ gpg_error_t keydb_delete_keyblock (KEYDB_HANDLE hd);
|
||||
gpg_error_t keydb_locate_writable (KEYDB_HANDLE hd);
|
||||
|
||||
/* Rebuild the on-disk caches of all key resources. */
|
||||
void keydb_rebuild_caches (int noisy);
|
||||
void keydb_rebuild_caches (ctrl_t ctrl, int noisy);
|
||||
|
||||
/* Return the number of skipped blocks (because they were to large to
|
||||
read from a keybox) since the last search reset. */
|
||||
@ -215,7 +215,7 @@ gpg_error_t keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr);
|
||||
|
||||
|
||||
/*-- pkclist.c --*/
|
||||
void show_revocation_reason( PKT_public_key *pk, int mode );
|
||||
void show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode );
|
||||
int check_signatures_trust (ctrl_t ctrl, PKT_signature *sig);
|
||||
|
||||
void release_pk_list (PK_LIST pk_list);
|
||||
@ -258,13 +258,15 @@ void set_next_passphrase( const char *s );
|
||||
char *get_last_passphrase(void);
|
||||
void next_to_last_passphrase(void);
|
||||
|
||||
void emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo);
|
||||
void emit_status_need_passphrase (ctrl_t ctrl, u32 *keyid,
|
||||
u32 *mainkeyid, int pubkey_algo);
|
||||
|
||||
#define FORMAT_KEYDESC_NORMAL 0
|
||||
#define FORMAT_KEYDESC_IMPORT 1
|
||||
#define FORMAT_KEYDESC_EXPORT 2
|
||||
#define FORMAT_KEYDESC_DELKEY 3
|
||||
char *gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped);
|
||||
char *gpg_format_keydesc (ctrl_t ctrl,
|
||||
PKT_public_key *pk, int mode, int escaped);
|
||||
|
||||
|
||||
/*-- getkey.c --*/
|
||||
@ -276,7 +278,7 @@ void cache_public_key( PKT_public_key *pk );
|
||||
void getkey_disable_caches(void);
|
||||
|
||||
/* Return the public key with the key id KEYID and store it at PK. */
|
||||
int get_pubkey( PKT_public_key *pk, u32 *keyid );
|
||||
int get_pubkey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid);
|
||||
|
||||
/* Similar to get_pubkey, but it does not take PK->REQ_USAGE into
|
||||
account nor does it merge in the self-signed data. This function
|
||||
@ -284,7 +286,7 @@ int get_pubkey( PKT_public_key *pk, u32 *keyid );
|
||||
int get_pubkey_fast (PKT_public_key *pk, u32 *keyid);
|
||||
|
||||
/* Return the key block for the key with KEYID. */
|
||||
kbnode_t get_pubkeyblock (u32 *keyid);
|
||||
kbnode_t get_pubkeyblock (ctrl_t ctrl, u32 *keyid);
|
||||
|
||||
/* A list used by get_pubkeys to gather all of the matches. */
|
||||
struct pubkey_s
|
||||
@ -330,10 +332,10 @@ gpg_error_t get_pubkey_fromfile (ctrl_t ctrl,
|
||||
|
||||
/* Return the public key with the key id KEYID iff the secret key is
|
||||
* available and store it at PK. */
|
||||
gpg_error_t get_seckey (PKT_public_key *pk, u32 *keyid);
|
||||
gpg_error_t get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid);
|
||||
|
||||
/* Lookup a key with the specified fingerprint. */
|
||||
int get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
|
||||
int get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock,
|
||||
const byte *fprint, size_t fprint_len);
|
||||
|
||||
/* This function is similar to get_pubkey_byfprint, but it doesn't
|
||||
@ -354,7 +356,8 @@ const char *parse_def_secret_key (ctrl_t ctrl);
|
||||
gpg_error_t get_seckey_default (ctrl_t ctrl, PKT_public_key *pk);
|
||||
|
||||
/* Search for keys matching some criteria. */
|
||||
gpg_error_t getkey_bynames (getkey_ctx_t *retctx, PKT_public_key *pk,
|
||||
gpg_error_t getkey_bynames (ctrl_t ctrl,
|
||||
getkey_ctx_t *retctx, PKT_public_key *pk,
|
||||
strlist_t names, int want_secret,
|
||||
kbnode_t *ret_keyblock);
|
||||
|
||||
@ -365,8 +368,8 @@ gpg_error_t getkey_byname (ctrl_t ctrl,
|
||||
kbnode_t *ret_keyblock);
|
||||
|
||||
/* Return the next search result. */
|
||||
gpg_error_t getkey_next (getkey_ctx_t ctx, PKT_public_key *pk,
|
||||
kbnode_t *ret_keyblock);
|
||||
gpg_error_t getkey_next (ctrl_t ctrl, getkey_ctx_t ctx,
|
||||
PKT_public_key *pk, kbnode_t *ret_keyblock);
|
||||
|
||||
/* Release any resources used by a key listing context. */
|
||||
void getkey_end (getkey_ctx_t ctx);
|
||||
@ -383,14 +386,14 @@ void setup_main_keyids (kbnode_t keyblock);
|
||||
|
||||
/* This function merges information from the self-signed data into the
|
||||
data structures. */
|
||||
void merge_keys_and_selfsig (kbnode_t keyblock);
|
||||
void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock);
|
||||
|
||||
char*get_user_id_string_native( u32 *keyid );
|
||||
char*get_long_user_id_string( u32 *keyid );
|
||||
char*get_user_id( u32 *keyid, size_t *rn );
|
||||
char*get_user_id_native( u32 *keyid );
|
||||
char *get_user_id_byfpr (const byte *fpr, size_t *rn);
|
||||
char *get_user_id_byfpr_native (const byte *fpr);
|
||||
char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid);
|
||||
char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid);
|
||||
char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn);
|
||||
char*get_user_id_native (ctrl_t ctrl, u32 *keyid);
|
||||
char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn);
|
||||
char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr);
|
||||
|
||||
void release_akl(void);
|
||||
int parse_auto_key_locate(char *options);
|
||||
@ -449,8 +452,9 @@ const char *pk_keyid_str (PKT_public_key *pk);
|
||||
|
||||
const char *keystr_from_desc(KEYDB_SEARCH_DESC *desc);
|
||||
u32 keyid_from_pk( PKT_public_key *pk, u32 *keyid );
|
||||
u32 keyid_from_sig( PKT_signature *sig, u32 *keyid );
|
||||
u32 keyid_from_fingerprint(const byte *fprint, size_t fprint_len, u32 *keyid);
|
||||
u32 keyid_from_sig (PKT_signature *sig, u32 *keyid );
|
||||
u32 keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint, size_t fprint_len,
|
||||
u32 *keyid);
|
||||
byte *namehash_from_uid(PKT_user_id *uid);
|
||||
unsigned nbits_from_pk( PKT_public_key *pk );
|
||||
const char *datestr_from_pk( PKT_public_key *pk );
|
||||
|
278
g10/keyedit.c
278
g10/keyedit.c
@ -59,24 +59,27 @@ static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
|
||||
int with_revoker, int with_fpr,
|
||||
int with_subkeys, int with_prefs,
|
||||
int nowarn);
|
||||
static void show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys);
|
||||
static void show_key_and_fingerprint (ctrl_t ctrl,
|
||||
kbnode_t keyblock, int with_subkeys);
|
||||
static void show_key_and_grip (kbnode_t keyblock);
|
||||
static void subkey_expire_warning (kbnode_t keyblock);
|
||||
static int menu_adduid (ctrl_t ctrl, kbnode_t keyblock,
|
||||
int photo, const char *photo_name, const char *uidstr);
|
||||
static void menu_deluid (KBNODE pub_keyblock);
|
||||
static int menu_delsig (KBNODE pub_keyblock);
|
||||
static int menu_clean (KBNODE keyblock, int self_only);
|
||||
static int menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock);
|
||||
static int menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only);
|
||||
static void menu_delkey (KBNODE pub_keyblock);
|
||||
static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive);
|
||||
static gpg_error_t menu_expire (kbnode_t pub_keyblock,
|
||||
static gpg_error_t menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
|
||||
int force_mainkey, u32 newexpiration);
|
||||
static int menu_changeusage (kbnode_t keyblock);
|
||||
static int menu_backsign (KBNODE pub_keyblock);
|
||||
static int menu_set_primary_uid (KBNODE pub_keyblock);
|
||||
static int menu_set_preferences (KBNODE pub_keyblock);
|
||||
static int menu_set_keyserver_url (const char *url, KBNODE pub_keyblock);
|
||||
static int menu_set_notation (const char *string, KBNODE pub_keyblock);
|
||||
static int menu_changeusage (ctrl_t ctrl, kbnode_t keyblock);
|
||||
static int menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock);
|
||||
static int menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock);
|
||||
static int menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock);
|
||||
static int menu_set_keyserver_url (ctrl_t ctrl,
|
||||
const char *url, kbnode_t pub_keyblock);
|
||||
static int menu_set_notation (ctrl_t ctrl,
|
||||
const char *string, kbnode_t pub_keyblock);
|
||||
static int menu_select_uid (KBNODE keyblock, int idx);
|
||||
static int menu_select_uid_namehash (KBNODE keyblock, const char *namehash);
|
||||
static int menu_select_key (KBNODE keyblock, int idx, char *p);
|
||||
@ -86,15 +89,15 @@ static int count_keys_with_flag (KBNODE keyblock, unsigned flag);
|
||||
static int count_selected_uids (KBNODE keyblock);
|
||||
static int real_uids_left (KBNODE keyblock);
|
||||
static int count_selected_keys (KBNODE keyblock);
|
||||
static int menu_revsig (KBNODE keyblock);
|
||||
static int menu_revsig (ctrl_t ctrl, kbnode_t keyblock);
|
||||
static int menu_revuid (ctrl_t ctrl, kbnode_t keyblock);
|
||||
static int core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
|
||||
const struct revocation_reason_info *reason,
|
||||
int *modified);
|
||||
static int menu_revkey (KBNODE pub_keyblock);
|
||||
static int menu_revsubkey (KBNODE pub_keyblock);
|
||||
static int menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock);
|
||||
static int menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock);
|
||||
#ifndef NO_TRUST_MODELS
|
||||
static int enable_disable_key (KBNODE keyblock, int disable);
|
||||
static int enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable);
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
static void menu_showphoto (ctrl_t ctrl, kbnode_t keyblock);
|
||||
|
||||
@ -126,7 +129,7 @@ struct sign_attrib
|
||||
/* TODO: Fix duplicated code between here and the check-sigs/list-sigs
|
||||
code in keylist.c. */
|
||||
static int
|
||||
print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
|
||||
print_and_check_one_sig_colon (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node,
|
||||
int *inv_sigs, int *no_key, int *oth_err,
|
||||
int *is_selfsig, int print_without_key)
|
||||
{
|
||||
@ -136,7 +139,7 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
|
||||
/* TODO: Make sure a cached sig record here still has the pk that
|
||||
issued it. See also keylist.c:list_keyblock_print */
|
||||
|
||||
rc = check_key_signature (keyblock, node, is_selfsig);
|
||||
rc = check_key_signature (ctrl, keyblock, node, is_selfsig);
|
||||
switch (gpg_err_code (rc))
|
||||
{
|
||||
case 0:
|
||||
@ -199,7 +202,7 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
|
||||
* always be printed.
|
||||
*/
|
||||
static int
|
||||
print_one_sig (int rc, KBNODE keyblock, KBNODE node,
|
||||
print_one_sig (ctrl_t ctrl, int rc, kbnode_t keyblock, kbnode_t node,
|
||||
int *inv_sigs, int *no_key, int *oth_err,
|
||||
int is_selfsig, int print_without_key, int extended)
|
||||
{
|
||||
@ -269,7 +272,7 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node,
|
||||
else
|
||||
{
|
||||
size_t n;
|
||||
char *p = get_user_id (sig->keyid, &n);
|
||||
char *p = get_user_id (ctrl, sig->keyid, &n);
|
||||
tty_print_utf8_string2 (NULL, p, n,
|
||||
opt.screen_columns - keystrlen () - 26 -
|
||||
((opt.
|
||||
@ -316,14 +319,14 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node,
|
||||
|
||||
|
||||
static int
|
||||
print_and_check_one_sig (KBNODE keyblock, KBNODE node,
|
||||
print_and_check_one_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node,
|
||||
int *inv_sigs, int *no_key, int *oth_err,
|
||||
int *is_selfsig, int print_without_key, int extended)
|
||||
{
|
||||
int rc;
|
||||
|
||||
rc = check_key_signature (keyblock, node, is_selfsig);
|
||||
return print_one_sig (rc,
|
||||
rc = check_key_signature (ctrl, keyblock, node, is_selfsig);
|
||||
return print_one_sig (ctrl, rc,
|
||||
keyblock, node, inv_sigs, no_key, oth_err,
|
||||
*is_selfsig, print_without_key, extended);
|
||||
}
|
||||
@ -388,7 +391,8 @@ sig_comparison (const void *av, const void *bv)
|
||||
|
||||
Returns 1 if the keyblock was modified, 0 otherwise. */
|
||||
static int
|
||||
check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
|
||||
check_all_keysigs (ctrl_t ctrl, kbnode_t kb,
|
||||
int only_selected, int only_selfsigs)
|
||||
{
|
||||
gpg_error_t err;
|
||||
PKT_public_key *pk;
|
||||
@ -598,14 +602,13 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
|
||||
|
||||
if (keyid_cmp (pk_keyid (pk), sig->keyid) == 0)
|
||||
issuer = pk;
|
||||
else
|
||||
/* Issuer is a different key. */
|
||||
else /* Issuer is a different key. */
|
||||
{
|
||||
if (only_selfsigs)
|
||||
continue;
|
||||
|
||||
issuer = xmalloc (sizeof (*issuer));
|
||||
err = get_pubkey (issuer, sig->keyid);
|
||||
err = get_pubkey (ctrl, issuer, sig->keyid);
|
||||
if (err)
|
||||
{
|
||||
xfree (issuer);
|
||||
@ -657,7 +660,8 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
|
||||
continue;
|
||||
else
|
||||
{
|
||||
err = check_signature_over_key_or_uid (issuer, sig, kb, n2->pkt,
|
||||
err = check_signature_over_key_or_uid (ctrl,
|
||||
issuer, sig, kb, n2->pkt,
|
||||
NULL, NULL);
|
||||
if (! err)
|
||||
break;
|
||||
@ -804,7 +808,7 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
|
||||
}
|
||||
|
||||
if (modified)
|
||||
print_one_sig (rc, kb, n, NULL, NULL, NULL, has_selfsig,
|
||||
print_one_sig (ctrl, rc, kb, n, NULL, NULL, NULL, has_selfsig,
|
||||
0, only_selfsigs);
|
||||
}
|
||||
|
||||
@ -1517,7 +1521,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
|
||||
|
||||
if (!quick)
|
||||
{
|
||||
p = get_user_id_native (sk_keyid);
|
||||
p = get_user_id_native (ctrl, sk_keyid);
|
||||
tty_fprintf (fp,
|
||||
_("Are you sure that you want to sign this key with your\n"
|
||||
"key \"%s\" (%s)\n"), p, keystr_from_pk (pk));
|
||||
@ -1617,7 +1621,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
|
||||
* exportable. */
|
||||
|
||||
if (selfsig)
|
||||
rc = make_keysig_packet (&sig, primary_pk,
|
||||
rc = make_keysig_packet (ctrl, &sig, primary_pk,
|
||||
node->pkt->pkt.user_id,
|
||||
NULL,
|
||||
pk,
|
||||
@ -1625,7 +1629,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
|
||||
keygen_add_std_prefs, primary_pk,
|
||||
NULL);
|
||||
else
|
||||
rc = make_keysig_packet (&sig, primary_pk,
|
||||
rc = make_keysig_packet (ctrl, &sig, primary_pk,
|
||||
node->pkt->pkt.user_id,
|
||||
NULL,
|
||||
pk,
|
||||
@ -1744,7 +1748,7 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
|
||||
if (err)
|
||||
goto leave;
|
||||
|
||||
desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_NORMAL, 1);
|
||||
desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_NORMAL, 1);
|
||||
err = agent_passwd (ctrl, hexgrip, desc, 0,
|
||||
&cache_nonce, &passwd_nonce);
|
||||
xfree (desc);
|
||||
@ -1774,18 +1778,18 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
|
||||
was changed. Note that a pointer to the keyblock must be given and
|
||||
the function may change it (i.e. replacing the first node). */
|
||||
static int
|
||||
fix_keyblock (kbnode_t *keyblockp)
|
||||
fix_keyblock (ctrl_t ctrl, kbnode_t *keyblockp)
|
||||
{
|
||||
int changed = 0;
|
||||
|
||||
if (collapse_uids (keyblockp))
|
||||
changed++;
|
||||
if (check_all_keysigs (*keyblockp, 0, 1))
|
||||
if (check_all_keysigs (ctrl, *keyblockp, 0, 1))
|
||||
changed++;
|
||||
reorder_keyblock (*keyblockp);
|
||||
/* If we modified the keyblock, make sure the flags are right. */
|
||||
if (changed)
|
||||
merge_keys_and_selfsig (*keyblockp);
|
||||
merge_keys_and_selfsig (ctrl, *keyblockp);
|
||||
|
||||
return changed;
|
||||
}
|
||||
@ -2052,7 +2056,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
goto leave;
|
||||
}
|
||||
|
||||
if (fix_keyblock (&keyblock))
|
||||
if (fix_keyblock (ctrl, &keyblock))
|
||||
modified++;
|
||||
|
||||
/* See whether we have a matching secret key. */
|
||||
@ -2195,7 +2199,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
|
||||
case cmdFPR:
|
||||
show_key_and_fingerprint
|
||||
(keyblock, (*arg_string == '*'
|
||||
(ctrl,
|
||||
keyblock, (*arg_string == '*'
|
||||
&& (!arg_string[1] || spacep (arg_string + 1))));
|
||||
break;
|
||||
|
||||
@ -2226,7 +2231,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
break;
|
||||
|
||||
case cmdCHECK:
|
||||
if (check_all_keysigs (keyblock, count_selected_uids (keyblock),
|
||||
if (check_all_keysigs (ctrl, keyblock,
|
||||
count_selected_uids (keyblock),
|
||||
!strcmp (arg_string, "selfsig")))
|
||||
modified = 1;
|
||||
break;
|
||||
@ -2319,7 +2325,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
update_trust = 1;
|
||||
redisplay = 1;
|
||||
modified = 1;
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
}
|
||||
break;
|
||||
|
||||
@ -2357,7 +2363,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
if (!opt.expert)
|
||||
tty_printf (_("(Use the '%s' command.)\n"), "uid");
|
||||
}
|
||||
else if (menu_delsig (keyblock))
|
||||
else if (menu_delsig (ctrl, keyblock))
|
||||
{
|
||||
/* No redisplay here, because it may scroll away some
|
||||
* of the status output of this command. */
|
||||
@ -2371,17 +2377,17 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
{
|
||||
redisplay = 1;
|
||||
modified = 1;
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
}
|
||||
break;
|
||||
|
||||
#ifdef ENABLE_CARD_SUPPORT
|
||||
case cmdADDCARDKEY:
|
||||
if (!card_generate_subkey (keyblock))
|
||||
if (!card_generate_subkey (ctrl, keyblock))
|
||||
{
|
||||
redisplay = 1;
|
||||
modified = 1;
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
}
|
||||
break;
|
||||
|
||||
@ -2539,7 +2545,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
{
|
||||
redisplay = 1;
|
||||
modified = 1;
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
}
|
||||
}
|
||||
break;
|
||||
@ -2578,7 +2584,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
_("Do you really want to revoke"
|
||||
" the entire key? (y/N) ")))
|
||||
{
|
||||
if (menu_revkey (keyblock))
|
||||
if (menu_revkey (ctrl, keyblock))
|
||||
modified = 1;
|
||||
|
||||
redisplay = 1;
|
||||
@ -2591,21 +2597,21 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
: _("Do you really want to revoke"
|
||||
" this subkey? (y/N) ")))
|
||||
{
|
||||
if (menu_revsubkey (keyblock))
|
||||
if (menu_revsubkey (ctrl, keyblock))
|
||||
modified = 1;
|
||||
|
||||
redisplay = 1;
|
||||
}
|
||||
|
||||
if (modified)
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
}
|
||||
break;
|
||||
|
||||
case cmdEXPIRE:
|
||||
if (gpg_err_code (menu_expire (keyblock, 0, 0)) == GPG_ERR_TRUE)
|
||||
if (gpg_err_code (menu_expire (ctrl, keyblock, 0, 0)) == GPG_ERR_TRUE)
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
run_subkey_warnings = 1;
|
||||
modified = 1;
|
||||
redisplay = 1;
|
||||
@ -2613,16 +2619,16 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
break;
|
||||
|
||||
case cmdCHANGEUSAGE:
|
||||
if (menu_changeusage (keyblock))
|
||||
if (menu_changeusage (ctrl, keyblock))
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
modified = 1;
|
||||
redisplay = 1;
|
||||
}
|
||||
break;
|
||||
|
||||
case cmdBACKSIGN:
|
||||
if (menu_backsign (keyblock))
|
||||
if (menu_backsign (ctrl, keyblock))
|
||||
{
|
||||
modified = 1;
|
||||
redisplay = 1;
|
||||
@ -2630,9 +2636,9 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
break;
|
||||
|
||||
case cmdPRIMARY:
|
||||
if (menu_set_primary_uid (keyblock))
|
||||
if (menu_set_primary_uid (ctrl, keyblock))
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
modified = 1;
|
||||
redisplay = 1;
|
||||
}
|
||||
@ -2702,9 +2708,9 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
" for the selected user IDs? (y/N) ")
|
||||
: _("Really update the preferences? (y/N) ")))
|
||||
{
|
||||
if (menu_set_preferences (keyblock))
|
||||
if (menu_set_preferences (ctrl, keyblock))
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
modified = 1;
|
||||
redisplay = 1;
|
||||
}
|
||||
@ -2713,20 +2719,20 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
break;
|
||||
|
||||
case cmdPREFKS:
|
||||
if (menu_set_keyserver_url (*arg_string ? arg_string : NULL,
|
||||
if (menu_set_keyserver_url (ctrl, *arg_string ? arg_string : NULL,
|
||||
keyblock))
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
modified = 1;
|
||||
redisplay = 1;
|
||||
}
|
||||
break;
|
||||
|
||||
case cmdNOTATION:
|
||||
if (menu_set_notation (*arg_string ? arg_string : NULL,
|
||||
if (menu_set_notation (ctrl, *arg_string ? arg_string : NULL,
|
||||
keyblock))
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
modified = 1;
|
||||
redisplay = 1;
|
||||
}
|
||||
@ -2736,7 +2742,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
break;
|
||||
|
||||
case cmdREVSIG:
|
||||
if (menu_revsig (keyblock))
|
||||
if (menu_revsig (ctrl, keyblock))
|
||||
{
|
||||
redisplay = 1;
|
||||
modified = 1;
|
||||
@ -2746,7 +2752,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
#ifndef NO_TRUST_MODELS
|
||||
case cmdENABLEKEY:
|
||||
case cmdDISABLEKEY:
|
||||
if (enable_disable_key (keyblock, cmd == cmdDISABLEKEY))
|
||||
if (enable_disable_key (ctrl, keyblock, cmd == cmdDISABLEKEY))
|
||||
{
|
||||
redisplay = 1;
|
||||
modified = 1;
|
||||
@ -2759,12 +2765,12 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
break;
|
||||
|
||||
case cmdCLEAN:
|
||||
if (menu_clean (keyblock, 0))
|
||||
if (menu_clean (ctrl, keyblock, 0))
|
||||
redisplay = modified = 1;
|
||||
break;
|
||||
|
||||
case cmdMINIMIZE:
|
||||
if (menu_clean (keyblock, 1))
|
||||
if (menu_clean (ctrl, keyblock, 1))
|
||||
redisplay = modified = 1;
|
||||
break;
|
||||
|
||||
@ -2809,7 +2815,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
|
||||
if (update_trust)
|
||||
{
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
update_trust = 0;
|
||||
}
|
||||
goto leave;
|
||||
@ -2928,8 +2934,8 @@ quick_find_keyblock (ctrl_t ctrl, const char *username,
|
||||
goto leave;
|
||||
}
|
||||
|
||||
fix_keyblock (&keyblock);
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
fix_keyblock (ctrl, &keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
|
||||
*r_keyblock = keyblock;
|
||||
keyblock = NULL;
|
||||
@ -2981,7 +2987,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
|
||||
}
|
||||
|
||||
if (update_trust)
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
}
|
||||
|
||||
leave:
|
||||
@ -3054,7 +3060,7 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
|
||||
goto leave;
|
||||
}
|
||||
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
@ -3112,16 +3118,16 @@ keyedit_quick_set_primary (ctrl_t ctrl, const char *username,
|
||||
|
||||
if (!any)
|
||||
err = gpg_error (GPG_ERR_NO_USER_ID);
|
||||
else if (menu_set_primary_uid (keyblock))
|
||||
else if (menu_set_primary_uid (ctrl, keyblock))
|
||||
{
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
|
||||
if (err)
|
||||
{
|
||||
log_error (_("update failed: %s\n"), gpg_strerror (err));
|
||||
goto leave;
|
||||
}
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
}
|
||||
else
|
||||
err = gpg_error (GPG_ERR_GENERAL);
|
||||
@ -3235,7 +3241,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
|
||||
if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))
|
||||
goto leave;
|
||||
|
||||
if (fix_keyblock (&keyblock))
|
||||
if (fix_keyblock (ctrl, &keyblock))
|
||||
modified++;
|
||||
|
||||
/* Give some info in verbose. */
|
||||
@ -3350,7 +3356,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
|
||||
log_info (_("Key not changed so no update needed.\n"));
|
||||
|
||||
if (update_trust)
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
|
||||
|
||||
leave:
|
||||
@ -3383,7 +3389,7 @@ keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr,
|
||||
if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))
|
||||
goto leave;
|
||||
|
||||
if (fix_keyblock (&keyblock))
|
||||
if (fix_keyblock (ctrl, &keyblock))
|
||||
modified++;
|
||||
|
||||
pk = keyblock->pkt->pkt.public_key;
|
||||
@ -3445,7 +3451,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
|
||||
if (err)
|
||||
goto leave;
|
||||
|
||||
if (fix_keyblock (&keyblock))
|
||||
if (fix_keyblock (ctrl, &keyblock))
|
||||
modified++;
|
||||
|
||||
pk = keyblock->pkt->pkt.public_key;
|
||||
@ -3470,7 +3476,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
|
||||
expire += make_timestamp ();
|
||||
|
||||
/* Set the new expiration date. */
|
||||
err = menu_expire (keyblock, 1, expire);
|
||||
err = menu_expire (ctrl, keyblock, 1, expire);
|
||||
if (gpg_err_code (err) == GPG_ERR_TRUE)
|
||||
modified = 1;
|
||||
else if (err)
|
||||
@ -3487,7 +3493,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
|
||||
goto leave;
|
||||
}
|
||||
if (update_trust)
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
}
|
||||
else
|
||||
log_info (_("Key not changed so no update needed.\n"));
|
||||
@ -3756,7 +3762,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
|
||||
(ulong) pk->timestamp, (ulong) pk->expiredate);
|
||||
if (node->pkt->pkttype == PKT_PUBLIC_KEY
|
||||
&& !(opt.fast_list_mode || opt.no_expensive_trust_checks))
|
||||
es_putc (get_ownertrust_info (pk, 0), fp);
|
||||
es_putc (get_ownertrust_info (ctrl, pk, 0), fp);
|
||||
es_putc (':', fp);
|
||||
es_putc (':', fp);
|
||||
es_putc (':', fp);
|
||||
@ -3771,7 +3777,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
|
||||
es_putc ('a', fp);
|
||||
es_putc ('\n', fp);
|
||||
|
||||
print_fingerprint (fp, pk, 0);
|
||||
print_fingerprint (ctrl, fp, pk, 0);
|
||||
print_revokers (fp, pk);
|
||||
}
|
||||
}
|
||||
@ -3973,7 +3979,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
|
||||
static int did_warn = 0;
|
||||
|
||||
trust = get_validity_string (ctrl, pk, NULL);
|
||||
otrust = get_ownertrust_string (pk, 0);
|
||||
otrust = get_ownertrust_string (ctrl, pk, 0);
|
||||
|
||||
/* Show a warning once */
|
||||
if (!did_warn
|
||||
@ -3989,7 +3995,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
|
||||
|
||||
if (pk->flags.revoked)
|
||||
{
|
||||
char *user = get_user_id_string_native (pk->revoked.keyid);
|
||||
char *user = get_user_id_string_native (ctrl, pk->revoked.keyid);
|
||||
tty_fprintf (fp,
|
||||
_("The following key was revoked on"
|
||||
" %s by %s key %s\n"),
|
||||
@ -4010,10 +4016,10 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
|
||||
const char *algo;
|
||||
|
||||
algo = gcry_pk_algo_name (pk->revkey[i].algid);
|
||||
keyid_from_fingerprint (pk->revkey[i].fpr,
|
||||
keyid_from_fingerprint (ctrl, pk->revkey[i].fpr,
|
||||
MAX_FINGERPRINT_LEN, r_keyid);
|
||||
|
||||
user = get_user_id_string_native (r_keyid);
|
||||
user = get_user_id_string_native (ctrl, r_keyid);
|
||||
tty_fprintf (fp,
|
||||
_("This key may be revoked by %s key %s"),
|
||||
algo ? algo : "?", user);
|
||||
@ -4147,7 +4153,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
|
||||
tty_fprintf (fp, "\n");
|
||||
}
|
||||
if (node->pkt->pkttype == PKT_PUBLIC_KEY
|
||||
&& (get_ownertrust (pk) & TRUST_FLAG_DISABLED))
|
||||
&& (get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED))
|
||||
{
|
||||
tty_fprintf (fp, "*** ");
|
||||
tty_fprintf (fp, _("This key has been disabled"));
|
||||
@ -4158,7 +4164,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
|
||||
if ((node->pkt->pkttype == PKT_PUBLIC_KEY
|
||||
|| node->pkt->pkttype == PKT_SECRET_KEY) && with_fpr)
|
||||
{
|
||||
print_fingerprint (fp, pk, 2);
|
||||
print_fingerprint (ctrl, fp, pk, 2);
|
||||
tty_fprintf (fp, "\n");
|
||||
}
|
||||
}
|
||||
@ -4183,7 +4189,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
|
||||
secret keys and thus the printing of "pub" vs. "sec" does only
|
||||
depend on the packet type and not by checking with gpg-agent. */
|
||||
void
|
||||
show_basic_key_info (KBNODE keyblock)
|
||||
show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock)
|
||||
{
|
||||
KBNODE node;
|
||||
int i;
|
||||
@ -4209,7 +4215,7 @@ show_basic_key_info (KBNODE keyblock)
|
||||
tty_printf (" ");
|
||||
tty_printf (_("expires: %s"), expirestr_from_pk (pk));
|
||||
tty_printf ("\n");
|
||||
print_fingerprint (NULL, pk, 3);
|
||||
print_fingerprint (ctrl, NULL, pk, 3);
|
||||
tty_printf ("\n");
|
||||
}
|
||||
}
|
||||
@ -4235,7 +4241,7 @@ show_basic_key_info (KBNODE keyblock)
|
||||
|
||||
|
||||
static void
|
||||
show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
|
||||
show_key_and_fingerprint (ctrl_t ctrl, kbnode_t keyblock, int with_subkeys)
|
||||
{
|
||||
kbnode_t node;
|
||||
PKT_public_key *pk = NULL;
|
||||
@ -4260,7 +4266,7 @@ show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
|
||||
}
|
||||
tty_printf ("\n");
|
||||
if (pk)
|
||||
print_fingerprint (NULL, pk, 2);
|
||||
print_fingerprint (ctrl, NULL, pk, 2);
|
||||
if (with_subkeys)
|
||||
{
|
||||
for (node = keyblock; node; node = node->next)
|
||||
@ -4274,7 +4280,7 @@ show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
|
||||
datestr_from_pk (pk),
|
||||
usagestr_from_pk (pk, 0));
|
||||
|
||||
print_fingerprint (NULL, pk, 4);
|
||||
print_fingerprint (ctrl, NULL, pk, 4);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -4486,7 +4492,7 @@ menu_adduid (ctrl_t ctrl, kbnode_t pub_keyblock,
|
||||
return 0;
|
||||
}
|
||||
|
||||
err = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x13, 0, 0, 0,
|
||||
err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x13, 0, 0, 0,
|
||||
keygen_add_std_prefs, pk, NULL);
|
||||
if (err)
|
||||
{
|
||||
@ -4549,7 +4555,7 @@ menu_deluid (KBNODE pub_keyblock)
|
||||
|
||||
|
||||
static int
|
||||
menu_delsig (KBNODE pub_keyblock)
|
||||
menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock)
|
||||
{
|
||||
KBNODE node;
|
||||
PKT_user_id *uid = NULL;
|
||||
@ -4571,11 +4577,11 @@ menu_delsig (KBNODE pub_keyblock)
|
||||
|
||||
okay = inv_sig = no_key = other_err = 0;
|
||||
if (opt.with_colons)
|
||||
valid = print_and_check_one_sig_colon (pub_keyblock, node,
|
||||
valid = print_and_check_one_sig_colon (ctrl, pub_keyblock, node,
|
||||
&inv_sig, &no_key,
|
||||
&other_err, &selfsig, 1);
|
||||
else
|
||||
valid = print_and_check_one_sig (pub_keyblock, node,
|
||||
valid = print_and_check_one_sig (ctrl, pub_keyblock, node,
|
||||
&inv_sig, &no_key, &other_err,
|
||||
&selfsig, 1, 0);
|
||||
|
||||
@ -4631,7 +4637,7 @@ menu_delsig (KBNODE pub_keyblock)
|
||||
|
||||
|
||||
static int
|
||||
menu_clean (KBNODE keyblock, int self_only)
|
||||
menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only)
|
||||
{
|
||||
KBNODE uidnode;
|
||||
int modified = 0, select_all = !count_selected_uids (keyblock);
|
||||
@ -4648,7 +4654,7 @@ menu_clean (KBNODE keyblock, int self_only)
|
||||
uidnode->pkt->pkt.user_id->len,
|
||||
0);
|
||||
|
||||
clean_one_uid (keyblock, uidnode, opt.verbose, self_only, &uids,
|
||||
clean_one_uid (ctrl, keyblock, uidnode, opt.verbose, self_only, &uids,
|
||||
&sigs);
|
||||
if (uids)
|
||||
{
|
||||
@ -4849,8 +4855,8 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive)
|
||||
continue;
|
||||
}
|
||||
|
||||
print_pubkey_info (NULL, revoker_pk);
|
||||
print_fingerprint (NULL, revoker_pk, 2);
|
||||
print_pubkey_info (ctrl, NULL, revoker_pk);
|
||||
print_fingerprint (ctrl, NULL, revoker_pk, 2);
|
||||
tty_printf ("\n");
|
||||
|
||||
tty_printf (_("WARNING: appointing a key as a designated revoker "
|
||||
@ -4868,7 +4874,7 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive)
|
||||
break;
|
||||
}
|
||||
|
||||
rc = make_keysig_packet (&sig, pk, NULL, NULL, pk, 0x1F, 0, 0, 0,
|
||||
rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk, 0x1F, 0, 0, 0,
|
||||
keygen_add_revkey, &revkey, NULL);
|
||||
if (rc)
|
||||
{
|
||||
@ -4900,7 +4906,8 @@ fail:
|
||||
* avoid all interactivity. Retirns 0 if nothing was done,
|
||||
* GPG_ERR_TRUE if the key was modified, or any other error code. */
|
||||
static gpg_error_t
|
||||
menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
|
||||
menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
|
||||
int force_mainkey, u32 newexpiration)
|
||||
{
|
||||
int signumber, rc;
|
||||
u32 expiredate;
|
||||
@ -4989,12 +4996,14 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
|
||||
}
|
||||
|
||||
if (mainkey)
|
||||
rc = update_keysig_packet (&newsig, sig, main_pk, uid, NULL,
|
||||
rc = update_keysig_packet (ctrl,
|
||||
&newsig, sig, main_pk, uid, NULL,
|
||||
main_pk, keygen_add_key_expire,
|
||||
main_pk);
|
||||
else
|
||||
rc =
|
||||
update_keysig_packet (&newsig, sig, main_pk, NULL, sub_pk,
|
||||
update_keysig_packet (ctrl,
|
||||
&newsig, sig, main_pk, NULL, sub_pk,
|
||||
main_pk, keygen_add_key_expire, sub_pk);
|
||||
if (rc)
|
||||
{
|
||||
@ -5026,7 +5035,7 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
|
||||
* be used to rectify badly created keys and as such is not suggested
|
||||
* for general use. */
|
||||
static int
|
||||
menu_changeusage (kbnode_t keyblock)
|
||||
menu_changeusage (ctrl_t ctrl, kbnode_t keyblock)
|
||||
{
|
||||
int n1, rc;
|
||||
int mainkey = 0;
|
||||
@ -5097,12 +5106,14 @@ menu_changeusage (kbnode_t keyblock)
|
||||
sub_pk->pubkey_usage);
|
||||
|
||||
if (mainkey)
|
||||
rc = update_keysig_packet (&newsig, sig, main_pk, uid, NULL,
|
||||
rc = update_keysig_packet (ctrl,
|
||||
&newsig, sig, main_pk, uid, NULL,
|
||||
main_pk, keygen_add_key_flags,
|
||||
main_pk);
|
||||
else
|
||||
rc =
|
||||
update_keysig_packet (&newsig, sig, main_pk, NULL, sub_pk,
|
||||
update_keysig_packet (ctrl,
|
||||
&newsig, sig, main_pk, NULL, sub_pk,
|
||||
main_pk, keygen_add_key_flags, sub_pk);
|
||||
if (rc)
|
||||
{
|
||||
@ -5129,7 +5140,7 @@ menu_changeusage (kbnode_t keyblock)
|
||||
|
||||
|
||||
static int
|
||||
menu_backsign (KBNODE pub_keyblock)
|
||||
menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock)
|
||||
{
|
||||
int rc, modified = 0;
|
||||
PKT_public_key *main_pk;
|
||||
@ -5138,7 +5149,7 @@ menu_backsign (KBNODE pub_keyblock)
|
||||
|
||||
log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
|
||||
|
||||
merge_keys_and_selfsig (pub_keyblock);
|
||||
merge_keys_and_selfsig (ctrl, pub_keyblock);
|
||||
main_pk = pub_keyblock->pkt->pkt.public_key;
|
||||
keyid_from_pk (main_pk, NULL);
|
||||
|
||||
@ -5198,14 +5209,16 @@ menu_backsign (KBNODE pub_keyblock)
|
||||
|
||||
/* Now we can get to work. */
|
||||
|
||||
rc = make_backsig (sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk,
|
||||
rc = make_backsig (ctrl,
|
||||
sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk,
|
||||
timestamp, NULL);
|
||||
if (!rc)
|
||||
{
|
||||
PKT_signature *newsig;
|
||||
PACKET *newpkt;
|
||||
|
||||
rc = update_keysig_packet (&newsig, sig_pk->pkt->pkt.signature,
|
||||
rc = update_keysig_packet (ctrl,
|
||||
&newsig, sig_pk->pkt->pkt.signature,
|
||||
main_pk, NULL, sub_pk, main_pk,
|
||||
NULL, NULL);
|
||||
if (!rc)
|
||||
@ -5268,7 +5281,7 @@ change_primary_uid_cb (PKT_signature * sig, void *opaque)
|
||||
* sufficient to updated a signature during import.
|
||||
*/
|
||||
static int
|
||||
menu_set_primary_uid (KBNODE pub_keyblock)
|
||||
menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock)
|
||||
{
|
||||
PKT_public_key *main_pk;
|
||||
PKT_user_id *uid;
|
||||
@ -5357,7 +5370,7 @@ menu_set_primary_uid (KBNODE pub_keyblock)
|
||||
|
||||
if (action)
|
||||
{
|
||||
int rc = update_keysig_packet (&newsig, sig,
|
||||
int rc = update_keysig_packet (ctrl, &newsig, sig,
|
||||
main_pk, uid, NULL,
|
||||
main_pk,
|
||||
change_primary_uid_cb,
|
||||
@ -5390,7 +5403,7 @@ menu_set_primary_uid (KBNODE pub_keyblock)
|
||||
* Set preferences to new values for the selected user IDs
|
||||
*/
|
||||
static int
|
||||
menu_set_preferences (KBNODE pub_keyblock)
|
||||
menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock)
|
||||
{
|
||||
PKT_public_key *main_pk;
|
||||
PKT_user_id *uid;
|
||||
@ -5448,7 +5461,7 @@ menu_set_preferences (KBNODE pub_keyblock)
|
||||
PACKET *newpkt;
|
||||
int rc;
|
||||
|
||||
rc = update_keysig_packet (&newsig, sig,
|
||||
rc = update_keysig_packet (ctrl, &newsig, sig,
|
||||
main_pk, uid, NULL, main_pk,
|
||||
keygen_upd_std_prefs, NULL);
|
||||
if (rc)
|
||||
@ -5475,7 +5488,7 @@ menu_set_preferences (KBNODE pub_keyblock)
|
||||
|
||||
|
||||
static int
|
||||
menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
|
||||
menu_set_keyserver_url (ctrl_t ctrl, const char *url, kbnode_t pub_keyblock)
|
||||
{
|
||||
PKT_public_key *main_pk;
|
||||
PKT_user_id *uid;
|
||||
@ -5582,7 +5595,7 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
|
||||
continue;
|
||||
}
|
||||
|
||||
rc = update_keysig_packet (&newsig, sig,
|
||||
rc = update_keysig_packet (ctrl, &newsig, sig,
|
||||
main_pk, uid, NULL,
|
||||
main_pk,
|
||||
keygen_add_keyserver_url, uri);
|
||||
@ -5612,8 +5625,9 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
|
||||
return modified;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
menu_set_notation (const char *string, KBNODE pub_keyblock)
|
||||
menu_set_notation (ctrl_t ctrl, const char *string, KBNODE pub_keyblock)
|
||||
{
|
||||
PKT_public_key *main_pk;
|
||||
PKT_user_id *uid;
|
||||
@ -5781,7 +5795,7 @@ menu_set_notation (const char *string, KBNODE pub_keyblock)
|
||||
_("Proceed? (y/N) "))))
|
||||
continue;
|
||||
|
||||
rc = update_keysig_packet (&newsig, sig,
|
||||
rc = update_keysig_packet (ctrl, &newsig, sig,
|
||||
main_pk, uid, NULL,
|
||||
main_pk,
|
||||
keygen_add_notations, notation);
|
||||
@ -6140,7 +6154,7 @@ real_uids_left (KBNODE keyblock)
|
||||
* flag bit MARK_A is set on the signature and the user ID.
|
||||
*/
|
||||
static void
|
||||
ask_revoke_sig (KBNODE keyblock, KBNODE node)
|
||||
ask_revoke_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node)
|
||||
{
|
||||
int doit = 0;
|
||||
PKT_user_id *uid;
|
||||
@ -6167,8 +6181,8 @@ ask_revoke_sig (KBNODE keyblock, KBNODE node)
|
||||
|
||||
es_printf ("\n");
|
||||
|
||||
print_and_check_one_sig_colon (keyblock, node, NULL, NULL, NULL, NULL,
|
||||
1);
|
||||
print_and_check_one_sig_colon (ctrl, keyblock, node,
|
||||
NULL, NULL, NULL, NULL, 1);
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -6210,7 +6224,7 @@ ask_revoke_sig (KBNODE keyblock, KBNODE node)
|
||||
* Return: True when the keyblock has changed.
|
||||
*/
|
||||
static int
|
||||
menu_revsig (KBNODE keyblock)
|
||||
menu_revsig (ctrl_t ctrl, kbnode_t keyblock)
|
||||
{
|
||||
PKT_signature *sig;
|
||||
PKT_public_key *primary_pk;
|
||||
@ -6302,7 +6316,7 @@ menu_revsig (KBNODE keyblock)
|
||||
{
|
||||
if (!(node->flag & NODFLG_SELSIG))
|
||||
continue;
|
||||
ask_revoke_sig (keyblock, node);
|
||||
ask_revoke_sig (ctrl, keyblock, node);
|
||||
}
|
||||
|
||||
/* present selected */
|
||||
@ -6368,13 +6382,13 @@ reloop: /* (must use this, because we are modifing the list) */
|
||||
|
||||
node->flag &= ~NODFLG_MARK_A;
|
||||
signerkey = xmalloc_secure_clear (sizeof *signerkey);
|
||||
if (get_seckey (signerkey, node->pkt->pkt.signature->keyid))
|
||||
if (get_seckey (ctrl, signerkey, node->pkt->pkt.signature->keyid))
|
||||
{
|
||||
log_info (_("no secret key\n"));
|
||||
free_public_key (signerkey);
|
||||
continue;
|
||||
}
|
||||
rc = make_keysig_packet (&sig, primary_pk,
|
||||
rc = make_keysig_packet (ctrl, &sig, primary_pk,
|
||||
unode->pkt->pkt.user_id,
|
||||
NULL, signerkey, 0x30, 0, 0, 0,
|
||||
sign_mk_attrib, &attrib, NULL);
|
||||
@ -6459,7 +6473,7 @@ core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
|
||||
mksubpkt argument to make_keysig_packet */
|
||||
attrib.reason = (struct revocation_reason_info *)reason;
|
||||
|
||||
rc = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x30, 0,
|
||||
rc = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x30, 0,
|
||||
timestamp, 0,
|
||||
sign_mk_attrib, &attrib, NULL);
|
||||
if (rc)
|
||||
@ -6569,7 +6583,7 @@ leave:
|
||||
* Revoke the whole key.
|
||||
*/
|
||||
static int
|
||||
menu_revkey (KBNODE pub_keyblock)
|
||||
menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock)
|
||||
{
|
||||
PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
|
||||
int rc, changed = 0;
|
||||
@ -6588,7 +6602,7 @@ menu_revkey (KBNODE pub_keyblock)
|
||||
if (!reason)
|
||||
return 0;
|
||||
|
||||
rc = make_keysig_packet (&sig, pk, NULL, NULL, pk,
|
||||
rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk,
|
||||
0x20, 0, 0, 0,
|
||||
revocation_reason_build_cb, reason, NULL);
|
||||
if (rc)
|
||||
@ -6615,7 +6629,7 @@ menu_revkey (KBNODE pub_keyblock)
|
||||
|
||||
|
||||
static int
|
||||
menu_revsubkey (KBNODE pub_keyblock)
|
||||
menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock)
|
||||
{
|
||||
PKT_public_key *mainpk;
|
||||
KBNODE node;
|
||||
@ -6650,7 +6664,7 @@ menu_revsubkey (KBNODE pub_keyblock)
|
||||
attrib.reason = reason;
|
||||
|
||||
node->flag &= ~NODFLG_SELKEY;
|
||||
rc = make_keysig_packet (&sig, mainpk, NULL, subpk, mainpk,
|
||||
rc = make_keysig_packet (ctrl, &sig, mainpk, NULL, subpk, mainpk,
|
||||
0x28, 0, 0, 0, sign_mk_attrib, &attrib,
|
||||
NULL);
|
||||
if (rc)
|
||||
@ -6686,19 +6700,19 @@ menu_revsubkey (KBNODE pub_keyblock)
|
||||
not worth adding extra complexity to change. -ds */
|
||||
#ifndef NO_TRUST_MODELS
|
||||
static int
|
||||
enable_disable_key (KBNODE keyblock, int disable)
|
||||
enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable)
|
||||
{
|
||||
PKT_public_key *pk =
|
||||
find_kbnode (keyblock, PKT_PUBLIC_KEY)->pkt->pkt.public_key;
|
||||
unsigned int trust, newtrust;
|
||||
|
||||
trust = newtrust = get_ownertrust (pk);
|
||||
trust = newtrust = get_ownertrust (ctrl, pk);
|
||||
newtrust &= ~TRUST_FLAG_DISABLED;
|
||||
if (disable)
|
||||
newtrust |= TRUST_FLAG_DISABLED;
|
||||
if (trust == newtrust)
|
||||
return 0; /* already in that state */
|
||||
update_ownertrust (pk, newtrust);
|
||||
update_ownertrust (ctrl, pk, newtrust);
|
||||
return 0;
|
||||
}
|
||||
#endif /*!NO_TRUST_MODELS*/
|
||||
|
44
g10/keygen.c
44
g10/keygen.c
@ -843,7 +843,7 @@ keygen_add_revkey (PKT_signature *sig, void *opaque)
|
||||
/* Create a back-signature. If TIMESTAMP is not NULL, use it for the
|
||||
signature creation time. */
|
||||
gpg_error_t
|
||||
make_backsig (PKT_signature *sig, PKT_public_key *pk,
|
||||
make_backsig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pk,
|
||||
PKT_public_key *sub_pk, PKT_public_key *sub_psk,
|
||||
u32 timestamp, const char *cache_nonce)
|
||||
{
|
||||
@ -852,7 +852,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
|
||||
|
||||
cache_public_key (sub_pk);
|
||||
|
||||
err = make_keysig_packet (&backsig, pk, NULL, sub_pk, sub_psk, 0x19,
|
||||
err = make_keysig_packet (ctrl, &backsig, pk, NULL, sub_pk, sub_psk, 0x19,
|
||||
0, timestamp, 0, NULL, NULL, cache_nonce);
|
||||
if (err)
|
||||
log_error ("make_keysig_packet failed for backsig: %s\n",
|
||||
@ -936,7 +936,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
|
||||
PSK. REVKEY is describes the direct key signature and TIMESTAMP is
|
||||
the timestamp to set on the signature. */
|
||||
static gpg_error_t
|
||||
write_direct_sig (KBNODE root, PKT_public_key *psk,
|
||||
write_direct_sig (ctrl_t ctrl, kbnode_t root, PKT_public_key *psk,
|
||||
struct revocation_key *revkey, u32 timestamp,
|
||||
const char *cache_nonce)
|
||||
{
|
||||
@ -960,7 +960,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk,
|
||||
cache_public_key (pk);
|
||||
|
||||
/* Make the signature. */
|
||||
err = make_keysig_packet (&sig, pk, NULL,NULL, psk, 0x1F,
|
||||
err = make_keysig_packet (ctrl, &sig, pk, NULL,NULL, psk, 0x1F,
|
||||
0, timestamp, 0,
|
||||
keygen_add_revkey, revkey, cache_nonce);
|
||||
if (err)
|
||||
@ -982,7 +982,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk,
|
||||
PSK. USE and TIMESTAMP give the extra data we need for the
|
||||
signature. */
|
||||
static gpg_error_t
|
||||
write_selfsigs (KBNODE root, PKT_public_key *psk,
|
||||
write_selfsigs (ctrl_t ctrl, kbnode_t root, PKT_public_key *psk,
|
||||
unsigned int use, u32 timestamp, const char *cache_nonce)
|
||||
{
|
||||
gpg_error_t err;
|
||||
@ -1015,7 +1015,7 @@ write_selfsigs (KBNODE root, PKT_public_key *psk,
|
||||
cache_public_key (pk);
|
||||
|
||||
/* Make the signature. */
|
||||
err = make_keysig_packet (&sig, pk, uid, NULL, psk, 0x13,
|
||||
err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, psk, 0x13,
|
||||
0, timestamp, 0,
|
||||
keygen_add_std_prefs, pk, cache_nonce);
|
||||
if (err)
|
||||
@ -1038,7 +1038,8 @@ write_selfsigs (KBNODE root, PKT_public_key *psk,
|
||||
SUB_PSK is a key used to create a back-signature; that one is only
|
||||
used if USE has the PUBKEY_USAGE_SIG capability. */
|
||||
static int
|
||||
write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
|
||||
write_keybinding (ctrl_t ctrl, kbnode_t root,
|
||||
PKT_public_key *pri_psk, PKT_public_key *sub_psk,
|
||||
unsigned int use, u32 timestamp, const char *cache_nonce)
|
||||
{
|
||||
gpg_error_t err;
|
||||
@ -1074,7 +1075,7 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
|
||||
/* Make the signature. */
|
||||
oduap.usage = use;
|
||||
oduap.pk = sub_pk;
|
||||
err = make_keysig_packet (&sig, pri_pk, NULL, sub_pk, pri_psk, 0x18,
|
||||
err = make_keysig_packet (ctrl, &sig, pri_pk, NULL, sub_pk, pri_psk, 0x18,
|
||||
0, timestamp, 0,
|
||||
keygen_add_key_flags_and_expire, &oduap,
|
||||
cache_nonce);
|
||||
@ -1087,7 +1088,8 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
|
||||
/* Make a backsig. */
|
||||
if (use & PUBKEY_USAGE_SIG)
|
||||
{
|
||||
err = make_backsig (sig, pri_pk, sub_pk, sub_psk, timestamp, cache_nonce);
|
||||
err = make_backsig (ctrl,
|
||||
sig, pri_pk, sub_pk, sub_psk, timestamp, cache_nonce);
|
||||
if (err)
|
||||
return err;
|
||||
}
|
||||
@ -4667,12 +4669,13 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
|
||||
}
|
||||
|
||||
if (!err && (revkey = get_parameter_revkey (para, pREVOKER)))
|
||||
err = write_direct_sig (pub_root, pri_psk, revkey, timestamp, cache_nonce);
|
||||
err = write_direct_sig (ctrl, pub_root, pri_psk,
|
||||
revkey, timestamp, cache_nonce);
|
||||
|
||||
if (!err && (s = get_parameter_value (para, pUSERID)))
|
||||
{
|
||||
write_uid (pub_root, s );
|
||||
err = write_selfsigs (pub_root, pri_psk,
|
||||
err = write_selfsigs (ctrl, pub_root, pri_psk,
|
||||
get_parameter_uint (para, pKEYUSAGE), timestamp,
|
||||
cache_nonce);
|
||||
}
|
||||
@ -4690,7 +4693,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
|
||||
0, pub_root, ×tamp,
|
||||
get_parameter_u32 (para, pKEYEXPIRE));
|
||||
if (!err)
|
||||
err = write_keybinding (pub_root, pri_psk, NULL,
|
||||
err = write_keybinding (ctrl, pub_root, pri_psk, NULL,
|
||||
PUBKEY_USAGE_AUTH, timestamp, cache_nonce);
|
||||
}
|
||||
|
||||
@ -4732,7 +4735,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
|
||||
}
|
||||
|
||||
if (!err)
|
||||
err = write_keybinding (pub_root, pri_psk, sub_psk,
|
||||
err = write_keybinding (ctrl, pub_root, pri_psk, sub_psk,
|
||||
get_parameter_uint (para, pSUBKEYUSAGE),
|
||||
timestamp, cache_nonce);
|
||||
did_sub = 1;
|
||||
@ -4791,10 +4794,11 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
|
||||
keyid_from_pk (pk, pk->main_keyid);
|
||||
register_trusted_keyid (pk->main_keyid);
|
||||
|
||||
update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK)
|
||||
update_ownertrust (ctrl, pk,
|
||||
((get_ownertrust (ctrl, pk) & ~TRUST_MASK)
|
||||
| TRUST_ULTIMATE ));
|
||||
|
||||
gen_standard_revoke (pk, cache_nonce);
|
||||
gen_standard_revoke (ctrl, pk, cache_nonce);
|
||||
|
||||
/* Get rid of the first empty packet. */
|
||||
commit_kbnode (&pub_root);
|
||||
@ -4803,7 +4807,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
|
||||
{
|
||||
tty_printf (_("public and secret key created and signed.\n") );
|
||||
tty_printf ("\n");
|
||||
merge_keys_and_selfsig (pub_root);
|
||||
merge_keys_and_selfsig (ctrl, pub_root);
|
||||
list_keyblock_direct (ctrl, pub_root, 0, 1, 1, 1);
|
||||
}
|
||||
|
||||
@ -5033,7 +5037,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
|
||||
* nonce, which we can use to set the passphrase for the subkey to
|
||||
* that of the primary key. */
|
||||
{
|
||||
char *desc = gpg_format_keydesc (pri_psk, FORMAT_KEYDESC_NORMAL, 1);
|
||||
char *desc = gpg_format_keydesc (ctrl, pri_psk, FORMAT_KEYDESC_NORMAL, 1);
|
||||
err = agent_passwd (ctrl, hexgrip, desc, 1 /*=verify*/,
|
||||
&cache_nonce, &passwd_nonce);
|
||||
xfree (desc);
|
||||
@ -5071,7 +5075,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
|
||||
sub_psk = node->pkt->pkt.public_key;
|
||||
|
||||
/* Write the binding signature. */
|
||||
err = write_keybinding (keyblock, pri_psk, sub_psk, use, cur_time,
|
||||
err = write_keybinding (ctrl, keyblock, pri_psk, sub_psk, use, cur_time,
|
||||
cache_nonce);
|
||||
if (err)
|
||||
goto leave;
|
||||
@ -5095,7 +5099,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
|
||||
#ifdef ENABLE_CARD_SUPPORT
|
||||
/* Generate a subkey on a card. */
|
||||
gpg_error_t
|
||||
generate_card_subkeypair (kbnode_t pub_keyblock,
|
||||
generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock,
|
||||
int keyno, const char *serialno)
|
||||
{
|
||||
gpg_error_t err = 0;
|
||||
@ -5186,7 +5190,7 @@ generate_card_subkeypair (kbnode_t pub_keyblock,
|
||||
if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
|
||||
sub_pk = node->pkt->pkt.public_key;
|
||||
log_assert (sub_pk);
|
||||
err = write_keybinding (pub_keyblock, pri_pk, sub_pk,
|
||||
err = write_keybinding (ctrl, pub_keyblock, pri_pk, sub_pk,
|
||||
use, cur_time, NULL);
|
||||
}
|
||||
|
||||
|
@ -538,7 +538,8 @@ keyid_from_pk (PKT_public_key *pk, u32 *keyid)
|
||||
* keys, but has to do a keylookup for old stayle keys.
|
||||
*/
|
||||
u32
|
||||
keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid )
|
||||
keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint,
|
||||
size_t fprint_len, u32 *keyid)
|
||||
{
|
||||
u32 dummy_keyid[2];
|
||||
|
||||
@ -552,7 +553,7 @@ keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid )
|
||||
int rc;
|
||||
|
||||
memset (&pk, 0, sizeof pk);
|
||||
rc = get_pubkey_byfprint (&pk, NULL, fprint, fprint_len);
|
||||
rc = get_pubkey_byfprint (ctrl, &pk, NULL, fprint, fprint_len);
|
||||
if( rc )
|
||||
{
|
||||
log_error("Oops: keyid_from_fingerprint: no pubkey\n");
|
||||
|
@ -92,7 +92,7 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
|
||||
byte trust_model, marginals, completes, cert_depth, min_cert_level;
|
||||
ulong created, nextcheck;
|
||||
|
||||
read_trust_options (&trust_model, &created, &nextcheck,
|
||||
read_trust_options (ctrl, &trust_model, &created, &nextcheck,
|
||||
&marginals, &completes, &cert_depth, &min_cert_level);
|
||||
|
||||
es_fprintf (es_stdout, "tru:");
|
||||
@ -164,7 +164,7 @@ secret_key_list (ctrl_t ctrl, strlist_t list)
|
||||
}
|
||||
|
||||
char *
|
||||
format_seckey_info (PKT_public_key *pk)
|
||||
format_seckey_info (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
u32 keyid[2];
|
||||
char *p;
|
||||
@ -172,7 +172,7 @@ format_seckey_info (PKT_public_key *pk)
|
||||
char *info;
|
||||
|
||||
keyid_from_pk (pk, keyid);
|
||||
p = get_user_id_native (keyid);
|
||||
p = get_user_id_native (ctrl, keyid);
|
||||
|
||||
info = xtryasprintf ("sec %s/%s %s %s",
|
||||
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
|
||||
@ -184,9 +184,9 @@ format_seckey_info (PKT_public_key *pk)
|
||||
}
|
||||
|
||||
void
|
||||
print_seckey_info (PKT_public_key *pk)
|
||||
print_seckey_info (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
char *p = format_seckey_info (pk);
|
||||
char *p = format_seckey_info (ctrl, pk);
|
||||
tty_printf ("\n%s\n", p);
|
||||
xfree (p);
|
||||
}
|
||||
@ -195,7 +195,7 @@ print_seckey_info (PKT_public_key *pk)
|
||||
the tty output interface is used, otherwise output is directted to
|
||||
the given stream. */
|
||||
void
|
||||
print_pubkey_info (estream_t fp, PKT_public_key *pk)
|
||||
print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk)
|
||||
{
|
||||
u32 keyid[2];
|
||||
char *p;
|
||||
@ -208,7 +208,7 @@ print_pubkey_info (estream_t fp, PKT_public_key *pk)
|
||||
if (pk->user_id)
|
||||
p = utf8_to_native (pk->user_id->name, pk->user_id->len, 0);
|
||||
else
|
||||
p = get_user_id_native (keyid);
|
||||
p = get_user_id_native (ctrl, keyid);
|
||||
|
||||
if (fp)
|
||||
tty_printf ("\n");
|
||||
@ -553,7 +553,7 @@ list_all (ctrl_t ctrl, int secret, int mark_secret)
|
||||
lastresname = resname;
|
||||
}
|
||||
}
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
list_keyblock (ctrl, keyblock, secret, any_secret, opt.fingerprint,
|
||||
&listctx);
|
||||
}
|
||||
@ -604,7 +604,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
|
||||
* functions) or to have the search function return indicators for
|
||||
* found names. Yet another way is to use the keydb search
|
||||
* facilities directly. */
|
||||
rc = getkey_bynames (&ctx, NULL, names, secret, &keyblock);
|
||||
rc = getkey_bynames (ctrl, &ctx, NULL, names, secret, &keyblock);
|
||||
if (rc)
|
||||
{
|
||||
log_error ("error reading key: %s\n", gpg_strerror (rc));
|
||||
@ -626,7 +626,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
|
||||
keyblock, secret, mark_secret, opt.fingerprint, &listctx);
|
||||
release_kbnode (keyblock);
|
||||
}
|
||||
while (!getkey_next (ctx, NULL, &keyblock));
|
||||
while (!getkey_next (ctrl, ctx, NULL, &keyblock));
|
||||
getkey_end (ctx);
|
||||
|
||||
if (opt.check_sigs && !opt.with_colons)
|
||||
@ -667,7 +667,7 @@ locate_one (ctrl_t ctrl, strlist_t names)
|
||||
list_keyblock (ctrl, keyblock, 0, 0, opt.fingerprint, &listctx);
|
||||
release_kbnode (keyblock);
|
||||
}
|
||||
while (ctx && !getkey_next (ctx, NULL, &keyblock));
|
||||
while (ctx && !getkey_next (ctrl, ctx, NULL, &keyblock));
|
||||
getkey_end (ctx);
|
||||
ctx = NULL;
|
||||
}
|
||||
@ -696,7 +696,7 @@ print_key_data (PKT_public_key * pk)
|
||||
}
|
||||
|
||||
static void
|
||||
print_capabilities (PKT_public_key *pk, KBNODE keyblock)
|
||||
print_capabilities (ctrl_t ctrl, PKT_public_key *pk, KBNODE keyblock)
|
||||
{
|
||||
unsigned int use = pk->pubkey_usage;
|
||||
int c_printed = 0;
|
||||
@ -907,10 +907,10 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
|
||||
check_trustdb_stale (ctrl);
|
||||
|
||||
/* Print the "pub" line and in KF_NONE mode the fingerprint. */
|
||||
print_key_line (es_stdout, pk, secret);
|
||||
print_key_line (ctrl, es_stdout, pk, secret);
|
||||
|
||||
if (fpr)
|
||||
print_fingerprint (NULL, pk, 0);
|
||||
print_fingerprint (ctrl, NULL, pk, 0);
|
||||
|
||||
if (opt.with_keygrip && hexgrip)
|
||||
es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
|
||||
@ -1020,10 +1020,10 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
|
||||
}
|
||||
|
||||
/* Print the "sub" line. */
|
||||
print_key_line (es_stdout, pk2, secret);
|
||||
print_key_line (ctrl, es_stdout, pk2, secret);
|
||||
if (fpr > 1 || opt.with_subkey_fingerprint)
|
||||
{
|
||||
print_fingerprint (NULL, pk2, 0);
|
||||
print_fingerprint (ctrl, NULL, pk2, 0);
|
||||
if (serialno)
|
||||
print_card_serialno (serialno);
|
||||
}
|
||||
@ -1041,7 +1041,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
|
||||
|
||||
if (listctx->check_sigs)
|
||||
{
|
||||
rc = check_key_signature (keyblock, node, NULL);
|
||||
rc = check_key_signature (ctrl, keyblock, node, NULL);
|
||||
switch (gpg_err_code (rc))
|
||||
{
|
||||
case 0:
|
||||
@ -1113,7 +1113,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
|
||||
else if (!opt.fast_list_mode)
|
||||
{
|
||||
size_t n;
|
||||
char *p = get_user_id (sig->keyid, &n);
|
||||
char *p = get_user_id (ctrl, sig->keyid, &n);
|
||||
print_utf8_buffer (es_stdout, p, n);
|
||||
xfree (p);
|
||||
}
|
||||
@ -1261,7 +1261,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
|
||||
}
|
||||
|
||||
if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
|
||||
ownertrust_print = get_ownertrust_info (pk, 0);
|
||||
ownertrust_print = get_ownertrust_info (ctrl, pk, 0);
|
||||
else
|
||||
ownertrust_print = 0;
|
||||
|
||||
@ -1282,7 +1282,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
|
||||
|
||||
es_putc (':', es_stdout);
|
||||
es_putc (':', es_stdout);
|
||||
print_capabilities (pk, keyblock);
|
||||
print_capabilities (ctrl, pk, keyblock);
|
||||
es_putc (':', es_stdout); /* End of field 13. */
|
||||
es_putc (':', es_stdout); /* End of field 14. */
|
||||
if (secret || has_secret)
|
||||
@ -1314,7 +1314,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
|
||||
es_putc ('\n', es_stdout);
|
||||
|
||||
print_revokers (es_stdout, pk);
|
||||
print_fingerprint (NULL, pk, 0);
|
||||
print_fingerprint (ctrl, NULL, pk, 0);
|
||||
if (hexgrip)
|
||||
es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
|
||||
if (opt.with_key_data)
|
||||
@ -1419,7 +1419,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
|
||||
(ulong) keyid2[0], (ulong) keyid2[1],
|
||||
colon_datestr_from_pk (pk2),
|
||||
colon_strtime (pk2->expiredate));
|
||||
print_capabilities (pk2, NULL);
|
||||
print_capabilities (ctrl, pk2, NULL);
|
||||
es_putc (':', es_stdout); /* End of field 13. */
|
||||
es_putc (':', es_stdout); /* End of field 14. */
|
||||
if (secret || has_secret)
|
||||
@ -1448,7 +1448,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
|
||||
print_compliance_flags (pk2, keylength, curvename);
|
||||
es_putc (':', es_stdout); /* End of field 18. */
|
||||
es_putc ('\n', es_stdout);
|
||||
print_fingerprint (NULL, pk2, 0);
|
||||
print_fingerprint (ctrl, NULL, pk2, 0);
|
||||
if (hexgrip)
|
||||
es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
|
||||
if (opt.with_key_data)
|
||||
@ -1488,7 +1488,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
|
||||
if (opt.no_sig_cache)
|
||||
signer_pk = xmalloc_clear (sizeof (PKT_public_key));
|
||||
|
||||
rc = check_key_signature2 (keyblock, node, NULL, signer_pk,
|
||||
rc = check_key_signature2 (ctrl, keyblock, node, NULL, signer_pk,
|
||||
NULL, NULL, NULL);
|
||||
switch (gpg_err_code (rc))
|
||||
{
|
||||
@ -1524,7 +1524,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
|
||||
}
|
||||
|
||||
if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
|
||||
siguid = get_user_id (sig->keyid, &siguidlen);
|
||||
siguid = get_user_id (ctrl, sig->keyid, &siguidlen);
|
||||
else
|
||||
{
|
||||
siguid = NULL;
|
||||
@ -1697,7 +1697,8 @@ print_icao_hexdigit (estream_t fp, int c)
|
||||
* of es_stdout or instead of the TTY in modes 2 and 3.
|
||||
*/
|
||||
void
|
||||
print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
|
||||
print_fingerprint (ctrl_t ctrl, estream_t override_fp,
|
||||
PKT_public_key *pk, int mode)
|
||||
{
|
||||
char hexfpr[2*MAX_FINGERPRINT_LEN+1];
|
||||
char *p;
|
||||
@ -1742,8 +1743,8 @@ print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
|
||||
if (!primary && (mode == 1 || mode == 2))
|
||||
{
|
||||
PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk));
|
||||
get_pubkey (primary_pk, pk->main_keyid);
|
||||
print_fingerprint (override_fp, primary_pk, (mode | 0x80));
|
||||
get_pubkey (ctrl, primary_pk, pk->main_keyid);
|
||||
print_fingerprint (ctrl, override_fp, primary_pk, (mode | 0x80));
|
||||
free_public_key (primary_pk);
|
||||
}
|
||||
|
||||
@ -1864,7 +1865,7 @@ print_card_serialno (const char *serialno)
|
||||
* 3 := '>' Secret key is on a token.
|
||||
*/
|
||||
void
|
||||
print_key_line (estream_t fp, PKT_public_key *pk, int secret)
|
||||
print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret)
|
||||
{
|
||||
char pkstrbuf[PUBKEY_STRING_SIZE];
|
||||
|
||||
@ -1919,7 +1920,7 @@ print_key_line (estream_t fp, PKT_public_key *pk, int secret)
|
||||
fingerprints, show compact fpr of primary key: */
|
||||
if (pk->flags.primary &&
|
||||
!opt.fingerprint && !opt.with_fingerprint)
|
||||
print_fingerprint (fp, pk, 20);
|
||||
print_fingerprint (ctrl, fp, pk, 20);
|
||||
}
|
||||
|
||||
|
||||
|
@ -1404,7 +1404,7 @@ write_keyblock (IOBUF fp, KBNODE keyblock)
|
||||
* This is only done for the public keyrings.
|
||||
*/
|
||||
int
|
||||
keyring_rebuild_cache (void *token,int noisy)
|
||||
keyring_rebuild_cache (ctrl_t ctrl, void *token, int noisy)
|
||||
{
|
||||
KEYRING_HANDLE hd;
|
||||
KEYDB_SEARCH_DESC desc;
|
||||
@ -1521,7 +1521,7 @@ keyring_rebuild_cache (void *token,int noisy)
|
||||
|| openpgp_pk_test_algo(sig->pubkey_algo)))
|
||||
sig->flags.checked=sig->flags.valid=0;
|
||||
else
|
||||
check_key_signature (keyblock, node, NULL);
|
||||
check_key_signature (ctrl, keyblock, node, NULL);
|
||||
|
||||
sigcount++;
|
||||
}
|
||||
|
@ -40,6 +40,6 @@ int keyring_delete_keyblock (KEYRING_HANDLE hd);
|
||||
int keyring_search_reset (KEYRING_HANDLE hd);
|
||||
int keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc,
|
||||
size_t ndesc, size_t *descindex, int skip_legacy);
|
||||
int keyring_rebuild_cache (void *token,int noisy);
|
||||
int keyring_rebuild_cache (ctrl_t ctrl, void *token,int noisy);
|
||||
|
||||
#endif /*GPG_KEYRING_H*/
|
||||
|
@ -468,7 +468,7 @@ parse_preferred_keyserver(PKT_signature *sig)
|
||||
}
|
||||
|
||||
static void
|
||||
print_keyrec(int number,struct keyrec *keyrec)
|
||||
print_keyrec (ctrl_t ctrl, int number,struct keyrec *keyrec)
|
||||
{
|
||||
int i;
|
||||
|
||||
@ -522,7 +522,7 @@ print_keyrec(int number,struct keyrec *keyrec)
|
||||
case KEYDB_SEARCH_MODE_FPR20:
|
||||
{
|
||||
u32 kid[2];
|
||||
keyid_from_fingerprint(keyrec->desc.u.fpr,20,kid);
|
||||
keyid_from_fingerprint (ctrl, keyrec->desc.u.fpr,20,kid);
|
||||
es_printf("key %s",keystr(kid));
|
||||
}
|
||||
break;
|
||||
@ -960,7 +960,7 @@ search_line_handler (void *opaque, int special, char *line)
|
||||
parm->numlines = 0;
|
||||
}
|
||||
|
||||
print_keyrec (parm->nkeys+1, keyrec);
|
||||
print_keyrec (parm->ctrl, parm->nkeys+1, keyrec);
|
||||
}
|
||||
|
||||
parm->numlines += keyrec->lines;
|
||||
@ -1196,9 +1196,11 @@ keyserver_import_keyid (ctrl_t ctrl,
|
||||
return keyserver_get (ctrl, &desc, 1, keyserver, quick, NULL, NULL);
|
||||
}
|
||||
|
||||
|
||||
/* code mostly stolen from do_export_stream */
|
||||
static int
|
||||
keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
|
||||
keyidlist (ctrl_t ctrl, strlist_t users, KEYDB_SEARCH_DESC **klist,
|
||||
int *count, int fakev3)
|
||||
{
|
||||
int rc = 0;
|
||||
int num = 100;
|
||||
@ -1318,7 +1320,7 @@ keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
|
||||
PKT_user_id *uid=NULL;
|
||||
PKT_signature *sig=NULL;
|
||||
|
||||
merge_keys_and_selfsig(keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
|
||||
for(node=node->next;node;node=node->next)
|
||||
{
|
||||
@ -1401,7 +1403,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
|
||||
ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
|
||||
fakev3=1;
|
||||
|
||||
err = keyidlist (users, &desc, &numdesc, fakev3);
|
||||
err = keyidlist (ctrl, users, &desc, &numdesc, fakev3);
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
|
59
g10/main.h
59
g10/main.h
@ -54,6 +54,7 @@
|
||||
|
||||
typedef struct
|
||||
{
|
||||
ctrl_t ctrl;
|
||||
int header_okay;
|
||||
PK_LIST pk_list;
|
||||
DEK *symkey_dek;
|
||||
@ -237,12 +238,12 @@ void encrypt_crypt_files (ctrl_t ctrl,
|
||||
int encrypt_filter (void *opaque, int control,
|
||||
iobuf_t a, byte *buf, size_t *ret_len);
|
||||
|
||||
int write_pubkey_enc (PKT_public_key *pk, int throw_keyid,
|
||||
int write_pubkey_enc (ctrl_t ctrl, PKT_public_key *pk, int throw_keyid,
|
||||
DEK *dek, iobuf_t out);
|
||||
|
||||
/*-- sign.c --*/
|
||||
int complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
|
||||
const char *cache_nonce);
|
||||
int complete_sig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pksk,
|
||||
gcry_md_hd_t md, const char *cache_nonce);
|
||||
int sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
|
||||
int do_encrypt, strlist_t remusr, const char *outfile );
|
||||
int clearsign_file (ctrl_t ctrl,
|
||||
@ -254,7 +255,7 @@ int sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr);
|
||||
/* SIG is a revocation signature. Check if any of PK's designated
|
||||
revokers generated it. If so, return 0. Note: this function
|
||||
(correctly) doesn't care if the designated revoker is revoked. */
|
||||
int check_revocation_keys (PKT_public_key *pk, PKT_signature *sig);
|
||||
int check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig);
|
||||
/* Check that the backsig BACKSIG from the subkey SUB_PK to its
|
||||
primary key MAIN_PK is valid. */
|
||||
int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
|
||||
@ -262,13 +263,14 @@ int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
|
||||
/* Check that the signature SIG over a key (e.g., a key binding or a
|
||||
key revocation) is valid. (To check signatures over data, use
|
||||
check_signature.) */
|
||||
int check_key_signature( KBNODE root, KBNODE sig, int *is_selfsig );
|
||||
int check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t sig,
|
||||
int *is_selfsig );
|
||||
/* Like check_key_signature, but with the ability to specify some
|
||||
additional parameters and get back additional information. See the
|
||||
documentation for the implementation for details. */
|
||||
int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
|
||||
PKT_public_key *ret_pk, int *is_selfsig,
|
||||
u32 *r_expiredate, int *r_expired );
|
||||
int check_key_signature2 (ctrl_t ctrl, kbnode_t root, kbnode_t node,
|
||||
PKT_public_key *check_pk, PKT_public_key *ret_pk,
|
||||
int *is_selfsig, u32 *r_expiredate, int *r_expired);
|
||||
|
||||
/* Returns whether SIGNER generated the signature SIG over the packet
|
||||
PACKET, which is a key, subkey or uid, and comes from the key block
|
||||
@ -276,7 +278,8 @@ int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
|
||||
SIG. If not NULL, sets *IS_SELFSIG to indicate whether the
|
||||
signature is a self-signature and *RET_PK to a copy of the signer's
|
||||
key. */
|
||||
gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer,
|
||||
gpg_error_t check_signature_over_key_or_uid (ctrl_t ctrl,
|
||||
PKT_public_key *signer,
|
||||
PKT_signature *sig,
|
||||
KBNODE kb, PACKET *packet,
|
||||
int *is_selfsig,
|
||||
@ -284,7 +287,8 @@ gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer,
|
||||
|
||||
|
||||
/*-- delkey.c --*/
|
||||
gpg_error_t delete_keys (strlist_t names, int secret, int allow_both);
|
||||
gpg_error_t delete_keys (ctrl_t ctrl,
|
||||
strlist_t names, int secret, int allow_both);
|
||||
|
||||
/*-- keyedit.c --*/
|
||||
void keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
@ -302,7 +306,7 @@ void keyedit_quick_set_expire (ctrl_t ctrl,
|
||||
const char *fpr, const char *expirestr);
|
||||
void keyedit_quick_set_primary (ctrl_t ctrl, const char *username,
|
||||
const char *primaryuid);
|
||||
void show_basic_key_info (KBNODE keyblock);
|
||||
void show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock);
|
||||
|
||||
/*-- keygen.c --*/
|
||||
const char *get_default_pubkey_algo (void);
|
||||
@ -323,7 +327,8 @@ int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
|
||||
int keygen_add_keyserver_url(PKT_signature *sig, void *opaque);
|
||||
int keygen_add_notations(PKT_signature *sig,void *opaque);
|
||||
int keygen_add_revkey(PKT_signature *sig, void *opaque);
|
||||
gpg_error_t make_backsig (PKT_signature *sig, PKT_public_key *pk,
|
||||
gpg_error_t make_backsig (ctrl_t ctrl,
|
||||
PKT_signature *sig, PKT_public_key *pk,
|
||||
PKT_public_key *sub_pk, PKT_public_key *sub_psk,
|
||||
u32 timestamp, const char *cache_nonce);
|
||||
gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock,
|
||||
@ -331,7 +336,7 @@ gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock,
|
||||
const char *usagestr,
|
||||
const char *expirestr);
|
||||
#ifdef ENABLE_CARD_SUPPORT
|
||||
gpg_error_t generate_card_subkeypair (kbnode_t pub_keyblock,
|
||||
gpg_error_t generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock,
|
||||
int keyno, const char *serialno);
|
||||
#endif
|
||||
|
||||
@ -382,6 +387,13 @@ gpg_error_t import_old_secring (ctrl_t ctrl, const char *fname);
|
||||
import_stats_t import_new_stats_handle (void);
|
||||
void import_release_stats_handle (import_stats_t hd);
|
||||
void import_print_stats (import_stats_t hd);
|
||||
/* Communication for impex_filter_getval */
|
||||
struct impex_filter_parm_s
|
||||
{
|
||||
ctrl_t ctrl;
|
||||
kbnode_t node;
|
||||
};
|
||||
|
||||
const char *impex_filter_getval (void *cookie, const char *propname);
|
||||
gpg_error_t transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
|
||||
kbnode_t sec_keyblock, int batch, int force);
|
||||
@ -430,8 +442,10 @@ int enarmor_file( const char *fname );
|
||||
|
||||
/*-- revoke.c --*/
|
||||
struct revocation_reason_info;
|
||||
int gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce);
|
||||
int gen_revoke( const char *uname );
|
||||
|
||||
int gen_standard_revoke (ctrl_t ctrl,
|
||||
PKT_public_key *psk, const char *cache_nonce);
|
||||
int gen_revoke (ctrl_t ctrl, const char *uname);
|
||||
int gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr);
|
||||
int revocation_reason_build_cb( PKT_signature *sig, void *opaque );
|
||||
struct revocation_reason_info *
|
||||
@ -446,18 +460,19 @@ void print_subpackets_colon(PKT_signature *sig);
|
||||
void reorder_keyblock (KBNODE keyblock);
|
||||
void list_keyblock_direct (ctrl_t ctrl, kbnode_t keyblock, int secret,
|
||||
int has_secret, int fpr, int no_validity);
|
||||
void print_fingerprint (estream_t fp, PKT_public_key *pk, int mode);
|
||||
void print_fingerprint (ctrl_t ctrl, estream_t fp,
|
||||
PKT_public_key *pk, int mode);
|
||||
void print_revokers (estream_t fp, PKT_public_key *pk);
|
||||
void show_policy_url(PKT_signature *sig,int indent,int mode);
|
||||
void show_keyserver_url(PKT_signature *sig,int indent,int mode);
|
||||
void show_notation(PKT_signature *sig,int indent,int mode,int which);
|
||||
void dump_attribs (const PKT_user_id *uid, PKT_public_key *pk);
|
||||
void set_attrib_fd(int fd);
|
||||
char *format_seckey_info (PKT_public_key *pk);
|
||||
void print_seckey_info (PKT_public_key *pk);
|
||||
void print_pubkey_info (estream_t fp, PKT_public_key *pk);
|
||||
char *format_seckey_info (ctrl_t ctrl, PKT_public_key *pk);
|
||||
void print_seckey_info (ctrl_t ctrl, PKT_public_key *pk);
|
||||
void print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk);
|
||||
void print_card_key_info (estream_t fp, KBNODE keyblock);
|
||||
void print_key_line (estream_t fp, PKT_public_key *pk, int secret);
|
||||
void print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret);
|
||||
|
||||
/*-- verify.c --*/
|
||||
void print_file_status( int status, const char *name, int what );
|
||||
@ -485,9 +500,9 @@ gpg_error_t gpg_proxy_pinentry_notify (ctrl_t ctrl,
|
||||
#ifdef ENABLE_CARD_SUPPORT
|
||||
/*-- card-util.c --*/
|
||||
void change_pin (int no, int allow_admin);
|
||||
void card_status (estream_t fp, const char *serialno);
|
||||
void card_status (ctrl_t ctrl, estream_t fp, const char *serialno);
|
||||
void card_edit (ctrl_t ctrl, strlist_t commands);
|
||||
gpg_error_t card_generate_subkey (KBNODE pub_keyblock);
|
||||
gpg_error_t card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock);
|
||||
int card_store_subkey (KBNODE node, int use);
|
||||
#endif
|
||||
|
||||
|
@ -465,7 +465,7 @@ proc_pubkey_enc (ctrl_t ctrl, CTX c, PACKET *pkt)
|
||||
* not decrypt.
|
||||
*/
|
||||
static void
|
||||
print_pkenc_list (struct kidlist_item *list, int failed)
|
||||
print_pkenc_list (ctrl_t ctrl, struct kidlist_item *list, int failed)
|
||||
{
|
||||
for (; list; list = list->next)
|
||||
{
|
||||
@ -483,13 +483,13 @@ print_pkenc_list (struct kidlist_item *list, int failed)
|
||||
if (!algstr)
|
||||
algstr = "[?]";
|
||||
pk->pubkey_algo = list->pubkey_algo;
|
||||
if (!get_pubkey (pk, list->kid))
|
||||
if (!get_pubkey (ctrl, pk, list->kid))
|
||||
{
|
||||
char *p;
|
||||
log_info (_("encrypted with %u-bit %s key, ID %s, created %s\n"),
|
||||
nbits_from_pk (pk), algstr, keystr_from_pk(pk),
|
||||
strtimestamp (pk->timestamp));
|
||||
p = get_user_id_native (list->kid);
|
||||
p = get_user_id_native (ctrl, list->kid);
|
||||
log_printf (_(" \"%s\"\n"), p);
|
||||
xfree (p);
|
||||
}
|
||||
@ -530,8 +530,8 @@ proc_encrypted (CTX c, PACKET *pkt)
|
||||
log_info (_("encrypted with %lu passphrases\n"), c->symkeys);
|
||||
else if (c->symkeys == 1)
|
||||
log_info (_("encrypted with 1 passphrase\n"));
|
||||
print_pkenc_list ( c->pkenc_list, 1 );
|
||||
print_pkenc_list ( c->pkenc_list, 0 );
|
||||
print_pkenc_list (c->ctrl, c->pkenc_list, 1 );
|
||||
print_pkenc_list (c->ctrl, c->pkenc_list, 0 );
|
||||
}
|
||||
|
||||
/* FIXME: Figure out the session key by looking at all pkenc packets. */
|
||||
@ -916,7 +916,7 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
|
||||
if (c->list->pkt->pkttype == PKT_PUBLIC_KEY
|
||||
|| c->list->pkt->pkttype == PKT_PUBLIC_SUBKEY)
|
||||
{
|
||||
return check_key_signature( c->list, node, is_selfsig );
|
||||
return check_key_signature (c->ctrl, c->list, node, is_selfsig);
|
||||
}
|
||||
else if (sig->sig_class == 0x20)
|
||||
{
|
||||
@ -935,14 +935,14 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
|
||||
|
||||
/* We only get here if we are checking the signature of a binary
|
||||
(0x00) or text document (0x01). */
|
||||
rc = check_signature2 (sig, md, NULL, is_expkey, is_revkey, r_pk);
|
||||
rc = check_signature2 (c->ctrl, sig, md, NULL, is_expkey, is_revkey, r_pk);
|
||||
if (! rc)
|
||||
md_good = md;
|
||||
else if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE && md2)
|
||||
{
|
||||
PKT_public_key *pk2;
|
||||
|
||||
rc = check_signature2 (sig, md2, NULL, is_expkey, is_revkey,
|
||||
rc = check_signature2 (c->ctrl, sig, md2, NULL, is_expkey, is_revkey,
|
||||
r_pk? &pk2 : NULL);
|
||||
if (!rc)
|
||||
{
|
||||
@ -1032,19 +1032,19 @@ list_node (CTX c, kbnode_t node)
|
||||
colon_datestr_from_pk( pk ),
|
||||
colon_strtime (pk->expiredate) );
|
||||
if (pk->flags.primary && !opt.fast_list_mode)
|
||||
es_putc (get_ownertrust_info (pk, 1), es_stdout);
|
||||
es_putc (get_ownertrust_info (c->ctrl, pk, 1), es_stdout);
|
||||
es_putc (':', es_stdout);
|
||||
es_putc ('\n', es_stdout);
|
||||
}
|
||||
else
|
||||
{
|
||||
print_key_line (es_stdout, pk, 0);
|
||||
print_key_line (c->ctrl, es_stdout, pk, 0);
|
||||
}
|
||||
|
||||
if (opt.keyid_format == KF_NONE && !opt.with_colons)
|
||||
; /* Already printed. */
|
||||
else if ((pk->flags.primary && opt.fingerprint) || opt.fingerprint > 1)
|
||||
print_fingerprint (NULL, pk, 0);
|
||||
print_fingerprint (c->ctrl, NULL, pk, 0);
|
||||
|
||||
if (pk->flags.primary)
|
||||
{
|
||||
@ -1165,7 +1165,7 @@ list_node (CTX c, kbnode_t node)
|
||||
}
|
||||
else if (!opt.fast_list_mode)
|
||||
{
|
||||
p = get_user_id (sig->keyid, &n);
|
||||
p = get_user_id (c->ctrl, sig->keyid, &n);
|
||||
es_write_sanitized (es_stdout, p, n,
|
||||
opt.with_colons?":":NULL, NULL );
|
||||
xfree (p);
|
||||
@ -1928,7 +1928,7 @@ check_sig_and_print (CTX c, kbnode_t node)
|
||||
* keyboock has already been fetched. Thus we could use the
|
||||
* fingerprint or PK itself to lookup the entire keyblock. That
|
||||
* would best be done with a cache. */
|
||||
keyblock = get_pubkeyblock (sig->keyid);
|
||||
keyblock = get_pubkeyblock (c->ctrl, sig->keyid);
|
||||
|
||||
snprintf (keyid_str, sizeof keyid_str, "%08lX%08lX [uncertain] ",
|
||||
(ulong)sig->keyid[0], (ulong)sig->keyid[1]);
|
||||
@ -2254,12 +2254,12 @@ proc_tree (CTX c, kbnode_t node)
|
||||
if (node->pkt->pkttype == PKT_PUBLIC_KEY
|
||||
|| node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
|
||||
{
|
||||
merge_keys_and_selfsig (node);
|
||||
merge_keys_and_selfsig (c->ctrl, node);
|
||||
list_node (c, node);
|
||||
}
|
||||
else if (node->pkt->pkttype == PKT_SECRET_KEY)
|
||||
{
|
||||
merge_keys_and_selfsig (node);
|
||||
merge_keys_and_selfsig (c->ctrl, node);
|
||||
list_node (c, node);
|
||||
}
|
||||
else if (node->pkt->pkttype == PKT_ONEPASS_SIG)
|
||||
|
13
g10/packet.h
13
g10/packet.h
@ -428,7 +428,7 @@ typedef struct
|
||||
there is no disable value cached, fill one in. */
|
||||
#define pk_is_disabled(a) \
|
||||
(((a)->flags.disabled_valid)? \
|
||||
((a)->flags.disabled):(cache_disabled_value((a))))
|
||||
((a)->flags.disabled):(cache_disabled_value(ctrl,(a))))
|
||||
|
||||
|
||||
typedef struct {
|
||||
@ -853,14 +853,15 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b );
|
||||
/*-- sig-check.c --*/
|
||||
/* Check a signature. This is shorthand for check_signature2 with
|
||||
the unnamed arguments passed as NULL. */
|
||||
int check_signature (PKT_signature *sig, gcry_md_hd_t digest);
|
||||
int check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest);
|
||||
|
||||
/* Check a signature. Looks up the public key from the key db. (If
|
||||
* R_PK is not NULL, it is stored at RET_PK.) DIGEST contains a
|
||||
* valid hash context that already includes the signed data. This
|
||||
* function adds the relevant meta-data to the hash before finalizing
|
||||
* it and verifying the signature. */
|
||||
gpg_error_t check_signature2 (PKT_signature *sig, gcry_md_hd_t digest,
|
||||
gpg_error_t check_signature2 (ctrl_t ctrl,
|
||||
PKT_signature *sig, gcry_md_hd_t digest,
|
||||
u32 *r_expiredate, int *r_expired, int *r_revoked,
|
||||
PKT_public_key **r_pk);
|
||||
|
||||
@ -885,14 +886,16 @@ int ask_for_detached_datafile( gcry_md_hd_t md, gcry_md_hd_t md2,
|
||||
const char *inname, int textmode );
|
||||
|
||||
/*-- sign.c --*/
|
||||
int make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
|
||||
int make_keysig_packet (ctrl_t ctrl,
|
||||
PKT_signature **ret_sig, PKT_public_key *pk,
|
||||
PKT_user_id *uid, PKT_public_key *subpk,
|
||||
PKT_public_key *pksk, int sigclass, int digest_algo,
|
||||
u32 timestamp, u32 duration,
|
||||
int (*mksubpkt)(PKT_signature *, void *),
|
||||
void *opaque,
|
||||
const char *cache_nonce);
|
||||
gpg_error_t update_keysig_packet (PKT_signature **ret_sig,
|
||||
gpg_error_t update_keysig_packet (ctrl_t ctrl,
|
||||
PKT_signature **ret_sig,
|
||||
PKT_signature *orig_sig,
|
||||
PKT_public_key *pk,
|
||||
PKT_user_id *uid,
|
||||
|
@ -441,12 +441,13 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
|
||||
/* Emit the USERID_HINT and the NEED_PASSPHRASE status messages.
|
||||
MAINKEYID may be NULL. */
|
||||
void
|
||||
emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo)
|
||||
emit_status_need_passphrase (ctrl_t ctrl,
|
||||
u32 *keyid, u32 *mainkeyid, int pubkey_algo)
|
||||
{
|
||||
char buf[50];
|
||||
char *us;
|
||||
|
||||
us = get_long_user_id_string (keyid);
|
||||
us = get_long_user_id_string (ctrl, keyid);
|
||||
write_status_text (STATUS_USERID_HINT, us);
|
||||
xfree (us);
|
||||
|
||||
@ -466,7 +467,7 @@ emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo)
|
||||
MODE describes the use of the key description; use one of the
|
||||
FORMAT_KEYDESC_ macros. */
|
||||
char *
|
||||
gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped)
|
||||
gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped)
|
||||
{
|
||||
char *uid;
|
||||
size_t uidlen;
|
||||
@ -484,7 +485,7 @@ gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped)
|
||||
&& pk->keyid[1] != pk->main_keyid[1]);
|
||||
algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
|
||||
timestr = strtimestamp (pk->timestamp);
|
||||
uid = get_user_id (is_subkey? pk->main_keyid:pk->keyid, &uidlen);
|
||||
uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen);
|
||||
|
||||
orig_codeset = i18n_switchto_utf8 ();
|
||||
|
||||
|
@ -110,7 +110,7 @@ do_show_revocation_reason( PKT_signature *sig )
|
||||
subkeys, etc.) Mode 1: use only the revocation on the main pk */
|
||||
|
||||
void
|
||||
show_revocation_reason( PKT_public_key *pk, int mode )
|
||||
show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode)
|
||||
{
|
||||
/* Hmmm, this is not so easy because we have to duplicate the code
|
||||
* used in the trustbd to calculate the keyflags. We need to find
|
||||
@ -127,7 +127,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
|
||||
|
||||
/* get the keyblock */
|
||||
fingerprint_from_pk( pk, fingerprint, &fingerlen );
|
||||
rc = get_pubkey_byfprint(NULL, &keyblock, fingerprint, fingerlen);
|
||||
rc = get_pubkey_byfprint (ctrl, NULL, &keyblock, fingerprint, fingerlen);
|
||||
if( rc ) { /* that should never happen */
|
||||
log_debug( "failed to get the keyblock\n");
|
||||
return;
|
||||
@ -160,7 +160,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
|
||||
|
||||
/* We didn't find it, so check if the whole key is revoked */
|
||||
if(!node && !mode)
|
||||
show_revocation_reason(pk,1);
|
||||
show_revocation_reason (ctrl, pk, 1);
|
||||
|
||||
release_kbnode( keyblock );
|
||||
}
|
||||
@ -188,7 +188,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
|
||||
int show=0;
|
||||
int min_num;
|
||||
int did_help=defer_help;
|
||||
unsigned int minimum = tdb_get_min_ownertrust (pk, 0);
|
||||
unsigned int minimum = tdb_get_min_ownertrust (ctrl, pk, 0);
|
||||
|
||||
switch(minimum)
|
||||
{
|
||||
@ -222,13 +222,13 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
|
||||
KBNODE keyblock, un;
|
||||
|
||||
tty_printf (_("No trust value assigned to:\n"));
|
||||
print_key_line (NULL, pk, 0);
|
||||
print_key_line (ctrl, NULL, pk, 0);
|
||||
|
||||
p = get_user_id_native(keyid);
|
||||
p = get_user_id_native (ctrl, keyid);
|
||||
tty_printf (_(" \"%s\"\n"),p);
|
||||
xfree (p);
|
||||
|
||||
keyblock = get_pubkeyblock (keyid);
|
||||
keyblock = get_pubkeyblock (ctrl, keyid);
|
||||
if (!keyblock)
|
||||
BUG ();
|
||||
for (un=keyblock; un; un = un->next)
|
||||
@ -257,7 +257,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
|
||||
tty_printf(_(" aka \"%s\"\n"),p);
|
||||
}
|
||||
|
||||
print_fingerprint (NULL, pk, 2);
|
||||
print_fingerprint (ctrl, NULL, pk, 2);
|
||||
tty_printf("\n");
|
||||
release_kbnode (keyblock);
|
||||
}
|
||||
@ -391,8 +391,8 @@ edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode )
|
||||
break;
|
||||
case 1: /* trust value set */
|
||||
trust &= ~TRUST_FLAG_DISABLED;
|
||||
trust |= get_ownertrust (pk) & TRUST_FLAG_DISABLED;
|
||||
update_ownertrust (pk, trust );
|
||||
trust |= get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED;
|
||||
update_ownertrust (ctrl, pk, trust );
|
||||
return 1;
|
||||
default:
|
||||
return 0;
|
||||
@ -467,7 +467,7 @@ do_we_trust( PKT_public_key *pk, unsigned int trustlevel )
|
||||
* key anyway.
|
||||
*/
|
||||
static int
|
||||
do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
|
||||
do_we_trust_pre (ctrl_t ctrl, PKT_public_key *pk, unsigned int trustlevel )
|
||||
{
|
||||
int rc;
|
||||
|
||||
@ -475,8 +475,8 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
|
||||
|
||||
if( !opt.batch && !rc )
|
||||
{
|
||||
print_pubkey_info(NULL,pk);
|
||||
print_fingerprint (NULL, pk, 2);
|
||||
print_pubkey_info (ctrl, NULL,pk);
|
||||
print_fingerprint (ctrl, NULL, pk, 2);
|
||||
tty_printf("\n");
|
||||
|
||||
if ((trustlevel & TRUST_MASK) == TRUST_NEVER)
|
||||
@ -499,7 +499,7 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
|
||||
char *hint_str;
|
||||
|
||||
keyid_from_pk (pk, kid);
|
||||
hint_str = get_long_user_id_string ( kid );
|
||||
hint_str = get_long_user_id_string (ctrl, kid);
|
||||
write_status_text ( STATUS_USERID_HINT, hint_str );
|
||||
xfree (hint_str);
|
||||
}
|
||||
@ -548,7 +548,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
unsigned int trustlevel = TRUST_UNKNOWN;
|
||||
int rc=0;
|
||||
|
||||
rc = get_pubkey( pk, sig->keyid );
|
||||
rc = get_pubkey (ctrl, pk, sig->keyid );
|
||||
if (rc)
|
||||
{ /* this should not happen */
|
||||
log_error("Ooops; the key vanished - can't check the trust\n");
|
||||
@ -561,7 +561,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
if( !opt.quiet )
|
||||
log_info(_("WARNING: Using untrusted key!\n"));
|
||||
if (opt.with_fingerprint)
|
||||
print_fingerprint (NULL, pk, 1);
|
||||
print_fingerprint (ctrl, NULL, pk, 1);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -580,13 +580,13 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
else
|
||||
log_info(_("WARNING: This key has been revoked by its owner!\n"));
|
||||
log_info(_(" This could mean that the signature is forged.\n"));
|
||||
show_revocation_reason( pk, 0 );
|
||||
show_revocation_reason (ctrl, pk, 0);
|
||||
}
|
||||
else if ((trustlevel & TRUST_FLAG_SUB_REVOKED) )
|
||||
{
|
||||
write_status( STATUS_KEYREVOKED );
|
||||
log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
|
||||
show_revocation_reason( pk, 0 );
|
||||
show_revocation_reason (ctrl, pk, 0);
|
||||
}
|
||||
|
||||
if ((trustlevel & TRUST_FLAG_DISABLED))
|
||||
@ -602,7 +602,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
|
||||
|
||||
primary_pk = xmalloc_clear (sizeof *primary_pk);
|
||||
get_pubkey (primary_pk, pk->main_keyid);
|
||||
get_pubkey (ctrl, primary_pk, pk->main_keyid);
|
||||
fingerprint_from_pk (primary_pk, fpr, &fprlen);
|
||||
free_public_key (primary_pk);
|
||||
|
||||
@ -649,7 +649,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
{
|
||||
case TRUST_EXPIRED:
|
||||
log_info(_("Note: This key has expired!\n"));
|
||||
print_fingerprint (NULL, pk, 1);
|
||||
print_fingerprint (ctrl, NULL, pk, 1);
|
||||
break;
|
||||
|
||||
default:
|
||||
@ -663,7 +663,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
" a trusted signature!\n"));
|
||||
log_info(_(" There is no indication that the "
|
||||
"signature belongs to the owner.\n" ));
|
||||
print_fingerprint (NULL, pk, 1);
|
||||
print_fingerprint (ctrl, NULL, pk, 1);
|
||||
break;
|
||||
|
||||
case TRUST_NEVER:
|
||||
@ -673,7 +673,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
log_info(_("WARNING: We do NOT trust this key!\n"));
|
||||
log_info(_(" The signature is probably a FORGERY.\n"));
|
||||
if (opt.with_fingerprint)
|
||||
print_fingerprint (NULL, pk, 1);
|
||||
print_fingerprint (ctrl, NULL, pk, 1);
|
||||
rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
|
||||
break;
|
||||
|
||||
@ -683,19 +683,19 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
" sufficiently trusted signatures!\n"));
|
||||
log_info(_(" It is not certain that the"
|
||||
" signature belongs to the owner.\n" ));
|
||||
print_fingerprint (NULL, pk, 1);
|
||||
print_fingerprint (ctrl, NULL, pk, 1);
|
||||
break;
|
||||
|
||||
case TRUST_FULLY:
|
||||
write_trust_status (STATUS_TRUST_FULLY, trustlevel);
|
||||
if (opt.with_fingerprint)
|
||||
print_fingerprint (NULL, pk, 1);
|
||||
print_fingerprint (ctrl, NULL, pk, 1);
|
||||
break;
|
||||
|
||||
case TRUST_ULTIMATE:
|
||||
write_trust_status (STATUS_TRUST_ULTIMATE, trustlevel);
|
||||
if (opt.with_fingerprint)
|
||||
print_fingerprint (NULL, pk, 1);
|
||||
print_fingerprint (ctrl, NULL, pk, 1);
|
||||
break;
|
||||
}
|
||||
|
||||
@ -882,7 +882,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
|
||||
return GPG_ERR_UNUSABLE_PUBKEY;
|
||||
}
|
||||
|
||||
if ( !do_we_trust_pre (pk, trustlevel) )
|
||||
if ( !do_we_trust_pre (ctrl, pk, trustlevel) )
|
||||
{
|
||||
/* We don't trust this key. */
|
||||
send_status_inv_recp (10, name);
|
||||
@ -1151,8 +1151,8 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
|
||||
else
|
||||
{
|
||||
size_t n;
|
||||
char *p = get_user_id( keyid, &n );
|
||||
tty_print_utf8_string( p, n );
|
||||
char *p = get_user_id (ctrl, keyid, &n );
|
||||
tty_print_utf8_string ( p, n );
|
||||
xfree(p);
|
||||
}
|
||||
tty_printf("\"\n");
|
||||
@ -1218,7 +1218,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
|
||||
{
|
||||
tty_printf (_("Public key is disabled.\n") );
|
||||
}
|
||||
else if ( do_we_trust_pre (pk, trustlevel) )
|
||||
else if ( do_we_trust_pre (ctrl, pk, trustlevel) )
|
||||
{
|
||||
/* Skip the actual key if the key is already
|
||||
* present in the list */
|
||||
|
@ -37,7 +37,7 @@
|
||||
#include "../common/host2net.h"
|
||||
|
||||
|
||||
static gpg_error_t get_it (PKT_pubkey_enc *k,
|
||||
static gpg_error_t get_it (ctrl_t ctrl, PKT_pubkey_enc *k,
|
||||
DEK *dek, PKT_public_key *sk, u32 *keyid);
|
||||
|
||||
|
||||
@ -87,8 +87,8 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
|
||||
{
|
||||
sk = xmalloc_clear (sizeof *sk);
|
||||
sk->pubkey_algo = k->pubkey_algo; /* We want a pubkey with this algo. */
|
||||
if (!(rc = get_seckey (sk, k->keyid)))
|
||||
rc = get_it (k, dek, sk, k->keyid);
|
||||
if (!(rc = get_seckey (ctrl, sk, k->keyid)))
|
||||
rc = get_it (ctrl, k, dek, sk, k->keyid);
|
||||
}
|
||||
else if (opt.skip_hidden_recipients)
|
||||
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
@ -116,7 +116,7 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
|
||||
log_info (_("anonymous recipient; trying secret key %s ...\n"),
|
||||
keystr (keyid));
|
||||
|
||||
rc = get_it (k, dek, sk, keyid);
|
||||
rc = get_it (ctrl, k, dek, sk, keyid);
|
||||
if (!rc)
|
||||
{
|
||||
if (!opt.quiet)
|
||||
@ -138,7 +138,8 @@ leave:
|
||||
|
||||
|
||||
static gpg_error_t
|
||||
get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
|
||||
get_it (ctrl_t ctrl,
|
||||
PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
|
||||
{
|
||||
gpg_error_t err;
|
||||
byte *frame = NULL;
|
||||
@ -200,7 +201,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
|
||||
}
|
||||
|
||||
/* Decrypt. */
|
||||
desc = gpg_format_keydesc (sk, FORMAT_KEYDESC_NORMAL, 1);
|
||||
desc = gpg_format_keydesc (ctrl, sk, FORMAT_KEYDESC_NORMAL, 1);
|
||||
err = agent_pkdecrypt (NULL, keygrip,
|
||||
desc, sk->keyid, sk->main_keyid, sk->pubkey_algo,
|
||||
s_data, &frame, &nframe, &padding);
|
||||
@ -340,7 +341,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
|
||||
{
|
||||
PKT_public_key *pk = NULL;
|
||||
PKT_public_key *mainpk = NULL;
|
||||
KBNODE pkb = get_pubkeyblock (keyid);
|
||||
KBNODE pkb = get_pubkeyblock (ctrl, keyid);
|
||||
|
||||
if (!pkb)
|
||||
{
|
||||
@ -393,7 +394,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
|
||||
{
|
||||
log_info (_("Note: key has been revoked"));
|
||||
log_printf ("\n");
|
||||
show_revocation_reason (pk, 1);
|
||||
show_revocation_reason (ctrl, pk, 1);
|
||||
}
|
||||
|
||||
if (is_status_enabled () && pk && mainpk)
|
||||
@ -410,7 +411,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
|
||||
* value is irrelevant. */
|
||||
write_status_printf (STATUS_DECRYPTION_KEY, "%s %s %c",
|
||||
pkhex, mainpkhex,
|
||||
get_ownertrust_info (mainpk, 1));
|
||||
get_ownertrust_info (ctrl, mainpk, 1));
|
||||
|
||||
}
|
||||
|
||||
|
36
g10/revoke.c
36
g10/revoke.c
@ -238,7 +238,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
|
||||
}
|
||||
|
||||
/* To parse the revkeys */
|
||||
merge_keys_and_selfsig(keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
|
||||
/* get the key from the keyblock */
|
||||
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
|
||||
@ -294,7 +294,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
|
||||
else
|
||||
{
|
||||
pk2 = xmalloc_clear (sizeof *pk2);
|
||||
rc = get_pubkey_byfprint (pk2, NULL,
|
||||
rc = get_pubkey_byfprint (ctrl, pk2, NULL,
|
||||
pk->revkey[i].fpr, MAX_FINGERPRINT_LEN);
|
||||
}
|
||||
|
||||
@ -305,11 +305,11 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
|
||||
|
||||
any = 1;
|
||||
|
||||
print_pubkey_info (NULL, pk);
|
||||
print_pubkey_info (ctrl, NULL, pk);
|
||||
tty_printf ("\n");
|
||||
|
||||
tty_printf (_("To be revoked by:\n"));
|
||||
print_seckey_info (pk2);
|
||||
print_seckey_info (ctrl, pk2);
|
||||
|
||||
if(pk->revkey[i].class&0x40)
|
||||
tty_printf(_("(This is a sensitive revocation key)\n"));
|
||||
@ -343,7 +343,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
|
||||
push_armor_filter (afx, out);
|
||||
|
||||
/* create it */
|
||||
rc = make_keysig_packet( &sig, pk, NULL, NULL, pk2, 0x20, 0,
|
||||
rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk2, 0x20, 0,
|
||||
0, 0,
|
||||
revocation_reason_build_cb, reason,
|
||||
NULL);
|
||||
@ -445,7 +445,8 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
|
||||
just the naked revocation signature; it may be NULL. If LEADINTEXT
|
||||
is not NULL, it is written right before the (armored) output.*/
|
||||
static int
|
||||
create_revocation (const char *filename,
|
||||
create_revocation (ctrl_t ctrl,
|
||||
const char *filename,
|
||||
struct revocation_reason_info *reason,
|
||||
PKT_public_key *psk,
|
||||
kbnode_t keyblock,
|
||||
@ -470,7 +471,7 @@ create_revocation (const char *filename,
|
||||
afx->hdrlines = "Comment: This is a revocation certificate\n";
|
||||
push_armor_filter (afx, out);
|
||||
|
||||
rc = make_keysig_packet (&sig, psk, NULL, NULL, psk, 0x20, 0,
|
||||
rc = make_keysig_packet (ctrl, &sig, psk, NULL, NULL, psk, 0x20, 0,
|
||||
0, 0,
|
||||
revocation_reason_build_cb, reason, cache_nonce);
|
||||
if (rc)
|
||||
@ -520,7 +521,7 @@ create_revocation (const char *filename,
|
||||
key must be available. CACHE_NONCE is optional but can be used to
|
||||
help gpg-agent to avoid an extra passphrase prompt. */
|
||||
int
|
||||
gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
|
||||
gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce)
|
||||
{
|
||||
int rc;
|
||||
estream_t memfp;
|
||||
@ -549,14 +550,14 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
|
||||
es_fprintf (memfp, "%s\n\n",
|
||||
_("This is a revocation certificate for the OpenPGP key:"));
|
||||
|
||||
print_key_line (memfp, psk, 0);
|
||||
print_key_line (ctrl, memfp, psk, 0);
|
||||
|
||||
if (opt.keyid_format != KF_NONE)
|
||||
print_fingerprint (memfp, psk, 3);
|
||||
print_fingerprint (ctrl, memfp, psk, 3);
|
||||
|
||||
kl = opt.keyid_format == KF_NONE? 0 : keystrlen ();
|
||||
|
||||
tmpstr = get_user_id (keyid, &len);
|
||||
tmpstr = get_user_id (ctrl, keyid, &len);
|
||||
es_fprintf (memfp, "uid%*s%.*s\n\n",
|
||||
kl + 10, "",
|
||||
(int)len, tmpstr);
|
||||
@ -585,7 +586,8 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
|
||||
|
||||
reason.code = 0x00; /* No particular reason. */
|
||||
reason.desc = NULL;
|
||||
rc = create_revocation (fname, &reason, psk, NULL, leadin, 3, cache_nonce);
|
||||
rc = create_revocation (ctrl,
|
||||
fname, &reason, psk, NULL, leadin, 3, cache_nonce);
|
||||
if (!rc && !opt.quiet)
|
||||
log_info (_("revocation certificate stored as '%s.rev'\n"), fname);
|
||||
|
||||
@ -601,7 +603,7 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
|
||||
* Generate a revocation certificate for UNAME
|
||||
*/
|
||||
int
|
||||
gen_revoke (const char *uname)
|
||||
gen_revoke (ctrl_t ctrl, const char *uname)
|
||||
{
|
||||
int rc = 0;
|
||||
PKT_public_key *psk;
|
||||
@ -660,7 +662,7 @@ gen_revoke (const char *uname)
|
||||
lines with secret key infos are printed after this message. */
|
||||
log_error (_("'%s' matches multiple secret keys:\n"), uname);
|
||||
|
||||
info = format_seckey_info (keyblock->pkt->pkt.public_key);
|
||||
info = format_seckey_info (ctrl, keyblock->pkt->pkt.public_key);
|
||||
log_error (" %s\n", info);
|
||||
xfree (info);
|
||||
release_kbnode (keyblock);
|
||||
@ -668,7 +670,7 @@ gen_revoke (const char *uname)
|
||||
rc = keydb_get_keyblock (kdbhd, &keyblock);
|
||||
while (! rc)
|
||||
{
|
||||
info = format_seckey_info (keyblock->pkt->pkt.public_key);
|
||||
info = format_seckey_info (ctrl, keyblock->pkt->pkt.public_key);
|
||||
log_info (" %s\n", info);
|
||||
xfree (info);
|
||||
release_kbnode (keyblock);
|
||||
@ -704,7 +706,7 @@ gen_revoke (const char *uname)
|
||||
}
|
||||
|
||||
keyid_from_pk (psk, keyid );
|
||||
print_seckey_info (psk);
|
||||
print_seckey_info (ctrl, psk);
|
||||
|
||||
tty_printf("\n");
|
||||
if (!cpr_get_answer_is_yes ("gen_revoke.okay",
|
||||
@ -726,7 +728,7 @@ gen_revoke (const char *uname)
|
||||
if (!opt.armor)
|
||||
tty_printf (_("ASCII armored output forced.\n"));
|
||||
|
||||
rc = create_revocation (NULL, reason, psk, keyblock, NULL, 0, NULL);
|
||||
rc = create_revocation (ctrl, NULL, reason, psk, keyblock, NULL, 0, NULL);
|
||||
if (rc)
|
||||
goto leave;
|
||||
|
||||
|
@ -45,9 +45,9 @@ static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
|
||||
/* Check a signature. This is shorthand for check_signature2 with
|
||||
the unnamed arguments passed as NULL. */
|
||||
int
|
||||
check_signature (PKT_signature *sig, gcry_md_hd_t digest)
|
||||
check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest)
|
||||
{
|
||||
return check_signature2 (sig, digest, NULL, NULL, NULL, NULL);
|
||||
return check_signature2 (ctrl, sig, digest, NULL, NULL, NULL, NULL);
|
||||
}
|
||||
|
||||
|
||||
@ -89,7 +89,8 @@ check_signature (PKT_signature *sig, gcry_md_hd_t digest)
|
||||
*
|
||||
* Returns 0 on success. An error code otherwise. */
|
||||
gpg_error_t
|
||||
check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
|
||||
check_signature2 (ctrl_t ctrl,
|
||||
PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
|
||||
int *r_expired, int *r_revoked, PKT_public_key **r_pk)
|
||||
{
|
||||
int rc=0;
|
||||
@ -122,7 +123,7 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
|
||||
log_info(_("WARNING: signature digest conflict in message\n"));
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
else if( get_pubkey( pk, sig->keyid ) )
|
||||
else if( get_pubkey (ctrl, pk, sig->keyid ) )
|
||||
rc = gpg_error (GPG_ERR_NO_PUBKEY);
|
||||
else if(!pk->flags.valid)
|
||||
{
|
||||
@ -560,7 +561,7 @@ cache_sig_result ( PKT_signature *sig, int result )
|
||||
* revoked, B is still revoked. I'm not completely convinced this is
|
||||
* the proper behavior, but it matches how PGP does it. -dms */
|
||||
int
|
||||
check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
|
||||
check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig)
|
||||
{
|
||||
static int busy=0;
|
||||
int i;
|
||||
@ -616,7 +617,8 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
|
||||
/* The revoker's keyid. */
|
||||
u32 keyid[2];
|
||||
|
||||
keyid_from_fingerprint(pk->revkey[i].fpr,MAX_FINGERPRINT_LEN,keyid);
|
||||
keyid_from_fingerprint (ctrl, pk->revkey[i].fpr,
|
||||
MAX_FINGERPRINT_LEN, keyid);
|
||||
|
||||
if(keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1])
|
||||
/* The signature was generated by a designated revoker.
|
||||
@ -629,7 +631,7 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
|
||||
hash_public_key(md,pk);
|
||||
/* Note: check_signature only checks that the signature
|
||||
is good. It does not fail if the key is revoked. */
|
||||
rc=check_signature(sig,md);
|
||||
rc = check_signature (ctrl, sig, md);
|
||||
cache_sig_result(sig,rc);
|
||||
gcry_md_close (md);
|
||||
break;
|
||||
@ -685,9 +687,11 @@ check_backsig (PKT_public_key *main_pk,PKT_public_key *sub_pk,
|
||||
* passed as NULL. See the documentation for that function for more
|
||||
* details. */
|
||||
int
|
||||
check_key_signature (KBNODE root, KBNODE node, int *is_selfsig)
|
||||
check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t node,
|
||||
int *is_selfsig)
|
||||
{
|
||||
return check_key_signature2 (root, node, NULL, NULL, is_selfsig, NULL, NULL);
|
||||
return check_key_signature2 (ctrl, root, node, NULL, NULL,
|
||||
is_selfsig, NULL, NULL);
|
||||
}
|
||||
|
||||
|
||||
@ -725,7 +729,7 @@ check_key_signature (KBNODE root, KBNODE node, int *is_selfsig)
|
||||
generated the signature (i.e., the signer) on success. This must
|
||||
be released by the caller using release_public_key_parts (). */
|
||||
gpg_error_t
|
||||
check_signature_over_key_or_uid (PKT_public_key *signer,
|
||||
check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
|
||||
PKT_signature *sig, KBNODE kb, PACKET *packet,
|
||||
int *is_selfsig, PKT_public_key *ret_pk)
|
||||
{
|
||||
@ -841,7 +845,7 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
|
||||
signer_alloced = 2;
|
||||
}
|
||||
|
||||
rc = get_pubkey (signer, sig->keyid);
|
||||
rc = get_pubkey (ctrl, signer, sig->keyid);
|
||||
if (rc)
|
||||
{
|
||||
xfree (signer);
|
||||
@ -957,7 +961,8 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
|
||||
* TODO: add r_revoked here as well. It has the same problems as
|
||||
* r_expiredate and r_expired and the cache. */
|
||||
int
|
||||
check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
|
||||
check_key_signature2 (ctrl_t ctrl,
|
||||
kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
|
||||
PKT_public_key *ret_pk, int *is_selfsig,
|
||||
u32 *r_expiredate, int *r_expired )
|
||||
{
|
||||
@ -1018,13 +1023,14 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
|
||||
|
||||
/* Is it a designated revoker? */
|
||||
if (keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1])
|
||||
rc = check_revocation_keys (pk, sig);
|
||||
rc = check_revocation_keys (ctrl, pk, sig);
|
||||
else
|
||||
{
|
||||
rc = check_signature_metadata_validity (pk, sig,
|
||||
r_expired, NULL);
|
||||
if (! rc)
|
||||
rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt,
|
||||
rc = check_signature_over_key_or_uid (ctrl, pk, sig,
|
||||
root, root->pkt,
|
||||
is_selfsig, ret_pk);
|
||||
}
|
||||
}
|
||||
@ -1039,7 +1045,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
|
||||
r_expired, NULL);
|
||||
if (! rc)
|
||||
/* 0x28 must be a self-sig, but 0x18 needn't be. */
|
||||
rc = check_signature_over_key_or_uid (sig->sig_class == 0x18
|
||||
rc = check_signature_over_key_or_uid (ctrl,
|
||||
sig->sig_class == 0x18
|
||||
? NULL : pk,
|
||||
sig, root, snode->pkt,
|
||||
is_selfsig, ret_pk);
|
||||
@ -1063,7 +1070,7 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
|
||||
rc = check_signature_metadata_validity (pk, sig,
|
||||
r_expired, NULL);
|
||||
if (! rc)
|
||||
rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt,
|
||||
rc = check_signature_over_key_or_uid (ctrl, pk, sig, root, root->pkt,
|
||||
is_selfsig, ret_pk);
|
||||
}
|
||||
else if (/* Certification. */
|
||||
@ -1082,7 +1089,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
|
||||
if (! rc)
|
||||
/* If this is a self-sig, ignore check_pk. */
|
||||
rc = check_signature_over_key_or_uid
|
||||
(keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk,
|
||||
(ctrl,
|
||||
keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk,
|
||||
sig, root, unode->pkt, NULL, ret_pk);
|
||||
}
|
||||
else
|
||||
|
35
g10/sign.c
35
g10/sign.c
@ -253,7 +253,7 @@ hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig)
|
||||
/* Perform the sign operation. If CACHE_NONCE is given the agent is
|
||||
advised to use that cached passphrase fro the key. */
|
||||
static int
|
||||
do_sign (PKT_public_key *pksk, PKT_signature *sig,
|
||||
do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
|
||||
gcry_md_hd_t md, int mdalgo, const char *cache_nonce)
|
||||
{
|
||||
gpg_error_t err;
|
||||
@ -294,7 +294,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
|
||||
char *desc;
|
||||
gcry_sexp_t s_sigval;
|
||||
|
||||
desc = gpg_format_keydesc (pksk, FORMAT_KEYDESC_NORMAL, 1);
|
||||
desc = gpg_format_keydesc (ctrl, pksk, FORMAT_KEYDESC_NORMAL, 1);
|
||||
err = agent_pksign (NULL/*ctrl*/, cache_nonce, hexgrip, desc,
|
||||
pksk->keyid, pksk->main_keyid, pksk->pubkey_algo,
|
||||
dp, gcry_md_get_algo_dlen (mdalgo), mdalgo,
|
||||
@ -327,7 +327,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
|
||||
{
|
||||
if (opt.verbose)
|
||||
{
|
||||
char *ustr = get_user_id_string_native (sig->keyid);
|
||||
char *ustr = get_user_id_string_native (ctrl, sig->keyid);
|
||||
log_info (_("%s/%s signature from: \"%s\"\n"),
|
||||
openpgp_pk_algo_name (pksk->pubkey_algo),
|
||||
openpgp_md_algo_name (sig->digest_algo),
|
||||
@ -340,13 +340,14 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
|
||||
|
||||
|
||||
int
|
||||
complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
|
||||
complete_sig (ctrl_t ctrl,
|
||||
PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
|
||||
const char *cache_nonce)
|
||||
{
|
||||
int rc;
|
||||
|
||||
/* if (!(rc = check_secret_key (pksk, 0))) */
|
||||
rc = do_sign (pksk, sig, md, 0, cache_nonce);
|
||||
rc = do_sign (ctrl, pksk, sig, md, 0, cache_nonce);
|
||||
return rc;
|
||||
}
|
||||
|
||||
@ -669,7 +670,8 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
|
||||
* hash which will not be changes here.
|
||||
*/
|
||||
static int
|
||||
write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
|
||||
write_signature_packets (ctrl_t ctrl,
|
||||
SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
|
||||
int sigclass, u32 timestamp, u32 duration,
|
||||
int status_letter, const char *cache_nonce)
|
||||
{
|
||||
@ -719,7 +721,7 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
|
||||
hash_sigversion_to_magic (md, sig);
|
||||
gcry_md_final (md);
|
||||
|
||||
rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce);
|
||||
rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce);
|
||||
gcry_md_close (md);
|
||||
if (!rc)
|
||||
{
|
||||
@ -785,6 +787,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
|
||||
memset( &zfx, 0, sizeof zfx);
|
||||
memset( &mfx, 0, sizeof mfx);
|
||||
memset( &efx, 0, sizeof efx);
|
||||
efx.ctrl = ctrl;
|
||||
init_packet( &pkt );
|
||||
|
||||
if( filenames ) {
|
||||
@ -1066,7 +1069,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
|
||||
goto leave;
|
||||
|
||||
/* write the signatures */
|
||||
rc = write_signature_packets (sk_list, out, mfx.md,
|
||||
rc = write_signature_packets (ctrl, sk_list, out, mfx.md,
|
||||
opt.textmode && !outfile? 0x01 : 0x00,
|
||||
0, duration, detached ? 'D':'S', NULL);
|
||||
if( rc )
|
||||
@ -1209,8 +1212,8 @@ clearsign_file (ctrl_t ctrl,
|
||||
push_armor_filter (afx, out);
|
||||
|
||||
/* Write the signatures. */
|
||||
rc = write_signature_packets (sk_list, out, textmd, 0x01, 0, duration, 'C',
|
||||
NULL);
|
||||
rc = write_signature_packets (ctrl, sk_list, out, textmd, 0x01, 0,
|
||||
duration, 'C', NULL);
|
||||
if( rc )
|
||||
goto leave;
|
||||
|
||||
@ -1369,7 +1372,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
|
||||
|
||||
/* Write the signatures */
|
||||
/*(current filters: zip - encrypt - armor)*/
|
||||
rc = write_signature_packets (sk_list, out, mfx.md,
|
||||
rc = write_signature_packets (ctrl, sk_list, out, mfx.md,
|
||||
opt.textmode? 0x01 : 0x00,
|
||||
0, duration, 'S', NULL);
|
||||
if( rc )
|
||||
@ -1420,7 +1423,8 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
|
||||
* MKSUBPKT.
|
||||
*/
|
||||
int
|
||||
make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
|
||||
make_keysig_packet (ctrl_t ctrl,
|
||||
PKT_signature **ret_sig, PKT_public_key *pk,
|
||||
PKT_user_id *uid, PKT_public_key *subpk,
|
||||
PKT_public_key *pksk,
|
||||
int sigclass, int digest_algo,
|
||||
@ -1513,7 +1517,7 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
|
||||
hash_sigversion_to_magic (md, sig);
|
||||
gcry_md_final (md);
|
||||
|
||||
rc = complete_sig (sig, pksk, md, cache_nonce);
|
||||
rc = complete_sig (ctrl, sig, pksk, md, cache_nonce);
|
||||
}
|
||||
|
||||
gcry_md_close (md);
|
||||
@ -1535,7 +1539,8 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
|
||||
* TODO: Merge this with make_keysig_packet.
|
||||
*/
|
||||
gpg_error_t
|
||||
update_keysig_packet( PKT_signature **ret_sig,
|
||||
update_keysig_packet (ctrl_t ctrl,
|
||||
PKT_signature **ret_sig,
|
||||
PKT_signature *orig_sig,
|
||||
PKT_public_key *pk,
|
||||
PKT_user_id *uid,
|
||||
@ -1612,7 +1617,7 @@ update_keysig_packet( PKT_signature **ret_sig,
|
||||
hash_sigversion_to_magic (md, sig);
|
||||
gcry_md_final (md);
|
||||
|
||||
rc = complete_sig (sig, pksk, md, NULL);
|
||||
rc = complete_sig (ctrl, sig, pksk, md, NULL);
|
||||
}
|
||||
|
||||
leave:
|
||||
|
@ -59,14 +59,14 @@ release_sk_list (SK_LIST sk_list)
|
||||
* the string "(insecure!)" or "not secure" or "do not use"
|
||||
* in one of the user ids. */
|
||||
static int
|
||||
is_insecure (PKT_public_key *pk)
|
||||
is_insecure (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
u32 keyid[2];
|
||||
KBNODE node = NULL, u;
|
||||
int insecure = 0;
|
||||
|
||||
keyid_from_pk (pk, keyid);
|
||||
node = get_pubkeyblock (keyid);
|
||||
node = get_pubkeyblock (ctrl, keyid);
|
||||
for (u = node; u; u = u->next)
|
||||
{
|
||||
if (u->pkt->pkttype == PKT_USER_ID)
|
||||
@ -150,7 +150,7 @@ build_sk_list (ctrl_t ctrl,
|
||||
{
|
||||
SK_LIST r;
|
||||
|
||||
if (random_is_faked () && !is_insecure (pk))
|
||||
if (random_is_faked () && !is_insecure (ctrl, pk))
|
||||
{
|
||||
log_info (_("key is not flagged as insecure - "
|
||||
"can't use it with the faked RNG!\n"));
|
||||
@ -231,7 +231,7 @@ build_sk_list (ctrl_t ctrl,
|
||||
get_inv_recpsgnr_code (GPG_ERR_WRONG_KEY_USAGE),
|
||||
locusr->d, strlen (locusr->d), -1);
|
||||
}
|
||||
else if (random_is_faked () && !is_insecure (pk))
|
||||
else if (random_is_faked () && !is_insecure (ctrl, pk))
|
||||
{
|
||||
log_info (_("key is not flagged as insecure - "
|
||||
"can't use it with the faked RNG!\n"));
|
||||
|
@ -49,9 +49,9 @@
|
||||
* Write a record; die on error.
|
||||
*/
|
||||
static void
|
||||
write_record( TRUSTREC *rec )
|
||||
write_record (ctrl_t ctrl, TRUSTREC *rec)
|
||||
{
|
||||
int rc = tdbio_write_record( rec );
|
||||
int rc = tdbio_write_record (ctrl, rec);
|
||||
if( !rc )
|
||||
return;
|
||||
log_error(_("trust record %lu, type %d: write failed: %s\n"),
|
||||
@ -64,13 +64,13 @@ write_record( TRUSTREC *rec )
|
||||
* Dump the entire trustdb to FP or only the entries of one key.
|
||||
*/
|
||||
void
|
||||
list_trustdb (estream_t fp, const char *username)
|
||||
list_trustdb (ctrl_t ctrl, estream_t fp, const char *username)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
|
||||
(void)username;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
/* For now we ignore the user ID. */
|
||||
if (1)
|
||||
{
|
||||
@ -94,14 +94,14 @@ list_trustdb (estream_t fp, const char *username)
|
||||
* Print a list of all defined owner trust value.
|
||||
*/
|
||||
void
|
||||
export_ownertrust()
|
||||
export_ownertrust (ctrl_t ctrl)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
ulong recnum;
|
||||
int i;
|
||||
byte *p;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
es_printf (_("# List of assigned trustvalues, created %s\n"
|
||||
"# (Use \"gpg --import-ownertrust\" to restore them)\n"),
|
||||
asctimestamp( make_timestamp() ) );
|
||||
@ -121,7 +121,7 @@ export_ownertrust()
|
||||
|
||||
|
||||
void
|
||||
import_ownertrust( const char *fname )
|
||||
import_ownertrust (ctrl_t ctrl, const char *fname )
|
||||
{
|
||||
estream_t fp;
|
||||
int is_stdin=0;
|
||||
@ -133,7 +133,7 @@ import_ownertrust( const char *fname )
|
||||
int any = 0;
|
||||
int rc;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
if( iobuf_is_pipe_filename (fname) ) {
|
||||
fp = es_stdin;
|
||||
fname = "[stdin]";
|
||||
@ -202,7 +202,7 @@ import_ownertrust( const char *fname )
|
||||
log_info("setting ownertrust to %u\n", otrust );
|
||||
}
|
||||
rec.r.trust.ownertrust = otrust;
|
||||
write_record (&rec );
|
||||
write_record (ctrl, &rec);
|
||||
any = 1;
|
||||
}
|
||||
}
|
||||
@ -210,11 +210,11 @@ import_ownertrust( const char *fname )
|
||||
if (!opt.quiet)
|
||||
log_info("inserting ownertrust of %u\n", otrust );
|
||||
memset (&rec, 0, sizeof rec);
|
||||
rec.recnum = tdbio_new_recnum ();
|
||||
rec.recnum = tdbio_new_recnum (ctrl);
|
||||
rec.rectype = RECTYPE_TRUST;
|
||||
memcpy (rec.r.trust.fingerprint, fpr, 20);
|
||||
rec.r.trust.ownertrust = otrust;
|
||||
write_record (&rec );
|
||||
write_record (ctrl, &rec);
|
||||
any = 1;
|
||||
}
|
||||
else /* error */
|
||||
@ -228,7 +228,7 @@ import_ownertrust( const char *fname )
|
||||
|
||||
if (any)
|
||||
{
|
||||
revalidation_mark ();
|
||||
revalidation_mark (ctrl);
|
||||
rc = tdbio_sync ();
|
||||
if (rc)
|
||||
log_error (_("trustdb: sync failed: %s\n"), gpg_strerror (rc) );
|
||||
|
76
g10/tdbio.c
76
g10/tdbio.c
@ -119,7 +119,7 @@ static int in_transaction;
|
||||
|
||||
|
||||
static void open_db (void);
|
||||
static void create_hashtable (TRUSTREC *vr, int type);
|
||||
static void create_hashtable (ctrl_t ctrl, TRUSTREC *vr, int type);
|
||||
|
||||
|
||||
|
||||
@ -535,7 +535,7 @@ cleanup (void)
|
||||
* Returns: 0 on success or an error code.
|
||||
*/
|
||||
int
|
||||
tdbio_update_version_record (void)
|
||||
tdbio_update_version_record (ctrl_t ctrl)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
@ -551,7 +551,7 @@ tdbio_update_version_record (void)
|
||||
rec.r.ver.cert_depth = opt.max_cert_depth;
|
||||
rec.r.ver.trust_model = opt.trust_model;
|
||||
rec.r.ver.min_cert_level = opt.min_cert_level;
|
||||
rc=tdbio_write_record(&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
}
|
||||
|
||||
return rc;
|
||||
@ -564,7 +564,7 @@ tdbio_update_version_record (void)
|
||||
* Returns: 0 on success or an error code.
|
||||
*/
|
||||
static int
|
||||
create_version_record (void)
|
||||
create_version_record (ctrl_t ctrl)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
int rc;
|
||||
@ -582,13 +582,13 @@ create_version_record (void)
|
||||
rec.r.ver.min_cert_level = opt.min_cert_level;
|
||||
rec.rectype = RECTYPE_VER;
|
||||
rec.recnum = 0;
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
|
||||
if (!rc)
|
||||
tdbio_sync ();
|
||||
|
||||
if (!rc)
|
||||
create_hashtable (&rec, 0);
|
||||
create_hashtable (ctrl, &rec, 0);
|
||||
|
||||
return rc;
|
||||
}
|
||||
@ -606,7 +606,8 @@ create_version_record (void)
|
||||
*
|
||||
*/
|
||||
int
|
||||
tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile)
|
||||
tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname,
|
||||
int create, int *r_nofile)
|
||||
{
|
||||
char *fname, *p;
|
||||
struct stat statbuf;
|
||||
@ -719,7 +720,7 @@ tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile)
|
||||
if (db_fd == -1)
|
||||
log_fatal (_("can't open '%s': %s\n"), db_name, strerror (errno));
|
||||
|
||||
rc = create_version_record ();
|
||||
rc = create_version_record (ctrl);
|
||||
if (rc)
|
||||
log_fatal (_("%s: failed to create version record: %s"),
|
||||
fname, gpg_strerror (rc));
|
||||
@ -806,7 +807,7 @@ open_db ()
|
||||
* the function terminates the process.
|
||||
*/
|
||||
static void
|
||||
create_hashtable( TRUSTREC *vr, int type )
|
||||
create_hashtable (ctrl_t ctrl, TRUSTREC *vr, int type)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
off_t offset;
|
||||
@ -829,13 +830,13 @@ create_hashtable( TRUSTREC *vr, int type )
|
||||
memset (&rec, 0, sizeof rec);
|
||||
rec.rectype = RECTYPE_HTBL;
|
||||
rec.recnum = recnum;
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
log_fatal (_("%s: failed to create hashtable: %s\n"),
|
||||
db_name, gpg_strerror (rc));
|
||||
}
|
||||
/* Update the version record and flush. */
|
||||
rc = tdbio_write_record (vr);
|
||||
rc = tdbio_write_record (ctrl, vr);
|
||||
if (!rc)
|
||||
rc = tdbio_sync ();
|
||||
if (rc)
|
||||
@ -919,7 +920,7 @@ tdbio_read_nextcheck ()
|
||||
* Return: True if the stamp actually changed.
|
||||
*/
|
||||
int
|
||||
tdbio_write_nextcheck (ulong stamp)
|
||||
tdbio_write_nextcheck (ctrl_t ctrl, ulong stamp)
|
||||
{
|
||||
TRUSTREC vr;
|
||||
int rc;
|
||||
@ -933,7 +934,7 @@ tdbio_write_nextcheck (ulong stamp)
|
||||
return 0;
|
||||
|
||||
vr.r.ver.nextcheck = stamp;
|
||||
rc = tdbio_write_record( &vr );
|
||||
rc = tdbio_write_record (ctrl, &vr);
|
||||
if (rc)
|
||||
log_fatal (_("%s: error writing version record: %s\n"),
|
||||
db_name, gpg_strerror (rc));
|
||||
@ -980,7 +981,7 @@ get_trusthashrec(void)
|
||||
* Return: 0 on success or an error code.
|
||||
*/
|
||||
static int
|
||||
upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
upd_hashtable (ctrl_t ctrl, ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
{
|
||||
TRUSTREC lastrec, rec;
|
||||
ulong hashrec, item;
|
||||
@ -1003,7 +1004,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
if (!item) /* Insert a new item into the hash table. */
|
||||
{
|
||||
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum;
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
{
|
||||
log_error ("upd_hashtable: write htbl failed: %s\n",
|
||||
@ -1068,7 +1069,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
{
|
||||
/* Empty slot found. */
|
||||
rec.r.hlst.rnum[i] = newrecnum;
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
log_error ("upd_hashtable: write hlst failed: %s\n",
|
||||
gpg_strerror (rc));
|
||||
@ -1090,8 +1091,8 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
else
|
||||
{
|
||||
/* Append a new record to the list. */
|
||||
rec.r.hlst.next = item = tdbio_new_recnum ();
|
||||
rc = tdbio_write_record (&rec);
|
||||
rec.r.hlst.next = item = tdbio_new_recnum (ctrl);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
{
|
||||
log_error ("upd_hashtable: write hlst failed: %s\n",
|
||||
@ -1102,7 +1103,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
rec.rectype = RECTYPE_HLST;
|
||||
rec.recnum = item;
|
||||
rec.r.hlst.rnum[0] = newrecnum;
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
log_error ("upd_hashtable: write ext hlst failed: %s\n",
|
||||
gpg_strerror (rc));
|
||||
@ -1120,10 +1121,10 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
item = rec.recnum; /* Save number of key record. */
|
||||
memset (&rec, 0, sizeof rec);
|
||||
rec.rectype = RECTYPE_HLST;
|
||||
rec.recnum = tdbio_new_recnum ();
|
||||
rec.recnum = tdbio_new_recnum (ctrl);
|
||||
rec.r.hlst.rnum[0] = item; /* Old key record */
|
||||
rec.r.hlst.rnum[1] = newrecnum; /* and new key record */
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
{
|
||||
log_error( "upd_hashtable: write new hlst failed: %s\n",
|
||||
@ -1132,7 +1133,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
}
|
||||
/* Update the hashtable record. */
|
||||
lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum;
|
||||
rc = tdbio_write_record (&lastrec);
|
||||
rc = tdbio_write_record (ctrl, &lastrec);
|
||||
if (rc)
|
||||
log_error ("upd_hashtable: update htbl failed: %s\n",
|
||||
gpg_strerror (rc));
|
||||
@ -1143,7 +1144,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
log_error ("hashtbl %lu: %lu/%d points to an invalid record %lu\n",
|
||||
table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
|
||||
if (opt.verbose > 1)
|
||||
list_trustdb (es_stderr, NULL);
|
||||
list_trustdb (ctrl, es_stderr, NULL);
|
||||
return GPG_ERR_TRUSTDB;
|
||||
}
|
||||
}
|
||||
@ -1159,7 +1160,8 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
|
||||
* Return: 0 on success or an error code.
|
||||
*/
|
||||
static int
|
||||
drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
|
||||
drop_from_hashtable (ctrl_t ctrl, ulong table,
|
||||
byte *key, int keylen, ulong recnum)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
ulong hashrec, item;
|
||||
@ -1185,7 +1187,7 @@ drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
|
||||
if (item == recnum) /* Table points direct to the record. */
|
||||
{
|
||||
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = 0;
|
||||
rc = tdbio_write_record( &rec );
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
log_error ("drop_from_hashtable: write htbl failed: %s\n",
|
||||
gpg_strerror (rc));
|
||||
@ -1221,7 +1223,7 @@ drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
|
||||
if (rec.r.hlst.rnum[i] == recnum)
|
||||
{
|
||||
rec.r.hlst.rnum[i] = 0; /* Mark as free. */
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
log_error("drop_from_hashtable: write htbl failed: %s\n",
|
||||
gpg_strerror (rc));
|
||||
@ -1354,9 +1356,9 @@ lookup_hashtable (ulong table, const byte *key, size_t keylen,
|
||||
* Return: 0 on success or an error code.
|
||||
*/
|
||||
static int
|
||||
update_trusthashtbl( TRUSTREC *tr )
|
||||
update_trusthashtbl (ctrl_t ctrl, TRUSTREC *tr)
|
||||
{
|
||||
return upd_hashtable (get_trusthashrec(),
|
||||
return upd_hashtable (ctrl, get_trusthashrec (),
|
||||
tr->r.trust.fingerprint, 20, tr->recnum);
|
||||
}
|
||||
|
||||
@ -1591,7 +1593,7 @@ tdbio_read_record (ulong recnum, TRUSTREC *rec, int expected)
|
||||
* Return: 0 on success or an error code.
|
||||
*/
|
||||
int
|
||||
tdbio_write_record( TRUSTREC *rec )
|
||||
tdbio_write_record (ctrl_t ctrl, TRUSTREC *rec)
|
||||
{
|
||||
byte buf[TRUST_RECORD_LEN];
|
||||
byte *p;
|
||||
@ -1675,7 +1677,7 @@ tdbio_write_record( TRUSTREC *rec )
|
||||
if (rc)
|
||||
;
|
||||
else if (rec->rectype == RECTYPE_TRUST)
|
||||
rc = update_trusthashtbl (rec);
|
||||
rc = update_trusthashtbl (ctrl, rec);
|
||||
|
||||
return rc;
|
||||
}
|
||||
@ -1687,7 +1689,7 @@ tdbio_write_record( TRUSTREC *rec )
|
||||
* Return: 0 on success or an error code.
|
||||
*/
|
||||
int
|
||||
tdbio_delete_record (ulong recnum)
|
||||
tdbio_delete_record (ctrl_t ctrl, ulong recnum)
|
||||
{
|
||||
TRUSTREC vr, rec;
|
||||
int rc;
|
||||
@ -1698,7 +1700,7 @@ tdbio_delete_record (ulong recnum)
|
||||
;
|
||||
else if (rec.rectype == RECTYPE_TRUST)
|
||||
{
|
||||
rc = drop_from_hashtable (get_trusthashrec(),
|
||||
rc = drop_from_hashtable (ctrl, get_trusthashrec(),
|
||||
rec.r.trust.fingerprint, 20, rec.recnum);
|
||||
}
|
||||
|
||||
@ -1715,9 +1717,9 @@ tdbio_delete_record (ulong recnum)
|
||||
rec.rectype = RECTYPE_FREE;
|
||||
rec.r.free.next = vr.r.ver.firstfree;
|
||||
vr.r.ver.firstfree = recnum;
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (!rc)
|
||||
rc = tdbio_write_record (&vr);
|
||||
rc = tdbio_write_record (ctrl, &vr);
|
||||
|
||||
return rc;
|
||||
}
|
||||
@ -1727,7 +1729,7 @@ tdbio_delete_record (ulong recnum)
|
||||
* Create a new record and return its record number.
|
||||
*/
|
||||
ulong
|
||||
tdbio_new_recnum ()
|
||||
tdbio_new_recnum (ctrl_t ctrl)
|
||||
{
|
||||
off_t offset;
|
||||
ulong recnum;
|
||||
@ -1751,7 +1753,7 @@ tdbio_new_recnum ()
|
||||
}
|
||||
/* Update dir record. */
|
||||
vr.r.ver.firstfree = rec.r.free.next;
|
||||
rc = tdbio_write_record (&vr);
|
||||
rc = tdbio_write_record (ctrl, &vr);
|
||||
if (rc)
|
||||
{
|
||||
log_error (_("%s: error writing dir record: %s\n"),
|
||||
@ -1763,7 +1765,7 @@ tdbio_new_recnum ()
|
||||
rec.rectype = 0; /* Mark as unused record (actually already done
|
||||
my the memset). */
|
||||
rec.recnum = recnum;
|
||||
rc = tdbio_write_record (&rec);
|
||||
rc = tdbio_write_record (ctrl, &rec);
|
||||
if (rc)
|
||||
log_fatal (_("%s: failed to zero a record: %s\n"),
|
||||
db_name, gpg_strerror (rc));
|
||||
|
13
g10/tdbio.h
13
g10/tdbio.h
@ -92,23 +92,24 @@ struct trust_record {
|
||||
typedef struct trust_record TRUSTREC;
|
||||
|
||||
/*-- tdbio.c --*/
|
||||
int tdbio_update_version_record(void);
|
||||
int tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile);
|
||||
int tdbio_update_version_record (ctrl_t ctrl);
|
||||
int tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname,
|
||||
int create, int *r_nofile);
|
||||
const char *tdbio_get_dbname(void);
|
||||
void tdbio_dump_record( TRUSTREC *rec, estream_t fp );
|
||||
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
|
||||
int tdbio_write_record( TRUSTREC *rec );
|
||||
int tdbio_write_record (ctrl_t ctrl, TRUSTREC *rec);
|
||||
int tdbio_db_matches_options(void);
|
||||
byte tdbio_read_model(void);
|
||||
ulong tdbio_read_nextcheck (void);
|
||||
int tdbio_write_nextcheck (ulong stamp);
|
||||
int tdbio_write_nextcheck (ctrl_t ctrl, ulong stamp);
|
||||
int tdbio_is_dirty(void);
|
||||
int tdbio_sync(void);
|
||||
int tdbio_begin_transaction(void);
|
||||
int tdbio_end_transaction(void);
|
||||
int tdbio_cancel_transaction(void);
|
||||
int tdbio_delete_record( ulong recnum );
|
||||
ulong tdbio_new_recnum(void);
|
||||
int tdbio_delete_record (ctrl_t ctrl, ulong recnum);
|
||||
ulong tdbio_new_recnum (ctrl_t ctrl);
|
||||
gpg_error_t tdbio_search_trust_byfpr (const byte *fingerprint, TRUSTREC *rec);
|
||||
gpg_error_t tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec);
|
||||
|
||||
|
@ -66,10 +66,12 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
|
||||
}
|
||||
|
||||
void
|
||||
read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
|
||||
read_trust_options (ctrl_t ctrl,
|
||||
byte *trust_model, ulong *created, ulong *nextcheck,
|
||||
byte *marginals, byte *completes, byte *cert_depth,
|
||||
byte *min_cert_level)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void)trust_model;
|
||||
(void)created;
|
||||
(void)nextcheck;
|
||||
@ -85,8 +87,9 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
|
||||
*/
|
||||
|
||||
int
|
||||
cache_disabled_value(PKT_public_key *pk)
|
||||
cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void)pk;
|
||||
return 0;
|
||||
}
|
||||
@ -138,16 +141,18 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
|
||||
}
|
||||
|
||||
int
|
||||
get_ownertrust_info (PKT_public_key *pk, int no_create)
|
||||
get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void)pk;
|
||||
(void)no_create;
|
||||
return '?';
|
||||
}
|
||||
|
||||
unsigned int
|
||||
get_ownertrust (PKT_public_key *pk)
|
||||
get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
(void)ctrl;
|
||||
(void)pk;
|
||||
return TRUST_UNKNOWN;
|
||||
}
|
||||
|
21
g10/tofu.c
21
g10/tofu.c
@ -2031,7 +2031,7 @@ ask_about_binding (ctrl_t ctrl,
|
||||
email> (including the binding itself, which will be first in the
|
||||
list). For each returned key also sets BINDING_NEW, etc. */
|
||||
static strlist_t
|
||||
build_conflict_set (tofu_dbs_t dbs,
|
||||
build_conflict_set (ctrl_t ctrl, tofu_dbs_t dbs,
|
||||
PKT_public_key *pk, const char *fingerprint,
|
||||
const char *email)
|
||||
{
|
||||
@ -2174,7 +2174,7 @@ build_conflict_set (tofu_dbs_t dbs,
|
||||
continue;
|
||||
}
|
||||
|
||||
merge_keys_and_selfsig (kb);
|
||||
merge_keys_and_selfsig (ctrl, kb);
|
||||
|
||||
log_assert (kb->pkt->pkttype == PKT_PUBLIC_KEY);
|
||||
|
||||
@ -2317,7 +2317,7 @@ build_conflict_set (tofu_dbs_t dbs,
|
||||
* not yet been registered.
|
||||
*/
|
||||
static enum tofu_policy
|
||||
get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
|
||||
get_policy (ctrl_t ctrl, tofu_dbs_t dbs, PKT_public_key *pk,
|
||||
const char *fingerprint, const char *user_id, const char *email,
|
||||
strlist_t *conflict_setp, time_t now)
|
||||
{
|
||||
@ -2483,7 +2483,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
|
||||
int lookup_err;
|
||||
kbnode_t kb;
|
||||
|
||||
lookup_err = get_pubkey_byfprint (NULL, &kb,
|
||||
lookup_err = get_pubkey_byfprint (ctrl, NULL, &kb,
|
||||
fingerprint_raw,
|
||||
fingerprint_raw_len);
|
||||
if (lookup_err)
|
||||
@ -2509,7 +2509,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
|
||||
* disappeared. The latter can happen if the conflicting bindings
|
||||
* are now cross signed, for instance. */
|
||||
|
||||
conflict_set = build_conflict_set (dbs, pk, fingerprint, email);
|
||||
conflict_set = build_conflict_set (ctrl, dbs, pk, fingerprint, email);
|
||||
conflict_set_count = strlist_length (conflict_set);
|
||||
if (conflict_set_count == 0)
|
||||
{
|
||||
@ -2615,7 +2615,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
|
||||
if (effective_policy == TOFU_POLICY_ASK && conflict_setp)
|
||||
{
|
||||
if (! conflict_set)
|
||||
conflict_set = build_conflict_set (dbs, pk, fingerprint, email);
|
||||
conflict_set = build_conflict_set (ctrl, dbs, pk, fingerprint, email);
|
||||
*conflict_setp = conflict_set;
|
||||
}
|
||||
else
|
||||
@ -2691,7 +2691,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
|
||||
|
||||
/* We need to call get_policy even if the key is ultimately trusted
|
||||
* to make sure the binding has been registered. */
|
||||
policy = get_policy (dbs, pk, fingerprint, user_id, email,
|
||||
policy = get_policy (ctrl, dbs, pk, fingerprint, user_id, email,
|
||||
&conflict_set, now);
|
||||
|
||||
if (policy == TOFU_POLICY_ASK)
|
||||
@ -3493,7 +3493,7 @@ tofu_register_encryption (ctrl_t ctrl,
|
||||
! pk_is_primary (pk)
|
||||
/* We need the key block to find all user ids. */
|
||||
|| ! user_id_list)
|
||||
kb = get_pubkeyblock (pk->keyid);
|
||||
kb = get_pubkeyblock (ctrl, pk->keyid);
|
||||
|
||||
/* Make sure PK is a primary key. */
|
||||
if (! pk_is_primary (pk))
|
||||
@ -3692,7 +3692,7 @@ tofu_write_tfs_record (ctrl_t ctrl, estream_t fp,
|
||||
|
||||
fingerprint = hexfingerprint (pk, NULL, 0);
|
||||
email = email_from_user_id (user_id);
|
||||
policy = get_policy (dbs, pk, fingerprint, user_id, email, NULL, now);
|
||||
policy = get_policy (ctrl, dbs, pk, fingerprint, user_id, email, NULL, now);
|
||||
|
||||
show_statistics (dbs, fingerprint, email, policy, fp, 0, now);
|
||||
|
||||
@ -3953,7 +3953,8 @@ tofu_get_policy (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *user_id,
|
||||
|
||||
email = email_from_user_id (user_id->name);
|
||||
|
||||
*policy = get_policy (dbs, pk, fingerprint, user_id->name, email, NULL, now);
|
||||
*policy = get_policy (ctrl, dbs, pk, fingerprint,
|
||||
user_id->name, email, NULL, now);
|
||||
|
||||
xfree (email);
|
||||
xfree (fingerprint);
|
||||
|
59
g10/trust.c
59
g10/trust.c
@ -38,13 +38,13 @@
|
||||
/* Return true if key is disabled. Note that this is usually used via
|
||||
the pk_is_disabled macro. */
|
||||
int
|
||||
cache_disabled_value (PKT_public_key *pk)
|
||||
cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
#ifdef NO_TRUST_MODELS
|
||||
(void)pk;
|
||||
return 0;
|
||||
#else
|
||||
return tdb_cache_disabled_value (pk);
|
||||
return tdb_cache_disabled_value (ctrl, pk);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -173,13 +173,13 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
|
||||
* The key should be the primary key.
|
||||
*/
|
||||
unsigned int
|
||||
get_ownertrust (PKT_public_key *pk)
|
||||
get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
#ifdef NO_TRUST_MODELS
|
||||
(void)pk;
|
||||
return TRUST_UNKNOWN;
|
||||
#else
|
||||
return tdb_get_ownertrust (pk, 0);
|
||||
return tdb_get_ownertrust (ctrl, pk, 0);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -190,7 +190,7 @@ get_ownertrust (PKT_public_key *pk)
|
||||
* inhibits creation of a trustdb it that does not yet exists.
|
||||
*/
|
||||
static int
|
||||
get_ownertrust_with_min (PKT_public_key *pk, int no_create)
|
||||
get_ownertrust_with_min (ctrl_t ctrl, PKT_public_key *pk, int no_create)
|
||||
{
|
||||
#ifdef NO_TRUST_MODELS
|
||||
(void)pk;
|
||||
@ -202,11 +202,11 @@ get_ownertrust_with_min (PKT_public_key *pk, int no_create)
|
||||
* functions: If the caller asked not to create a trustdb we call
|
||||
* init_trustdb directly and allow it to fail with an error code for
|
||||
* a non-existing trustdb. */
|
||||
if (no_create && init_trustdb (1))
|
||||
if (no_create && init_trustdb (ctrl, 1))
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
otrust = (tdb_get_ownertrust (pk, no_create) & TRUST_MASK);
|
||||
otrust_min = tdb_get_min_ownertrust (pk, no_create);
|
||||
otrust = (tdb_get_ownertrust (ctrl, pk, no_create) & TRUST_MASK);
|
||||
otrust_min = tdb_get_min_ownertrust (ctrl, pk, no_create);
|
||||
if (otrust < otrust_min)
|
||||
{
|
||||
/* If the trust that the user has set is less than the trust
|
||||
@ -229,9 +229,9 @@ get_ownertrust_with_min (PKT_public_key *pk, int no_create)
|
||||
* NO_CREATE is set, no efforts for creating a trustdb will be taken.
|
||||
*/
|
||||
int
|
||||
get_ownertrust_info (PKT_public_key *pk, int no_create)
|
||||
get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
|
||||
{
|
||||
return trust_letter (get_ownertrust_with_min (pk, no_create));
|
||||
return trust_letter (get_ownertrust_with_min (ctrl, pk, no_create));
|
||||
}
|
||||
|
||||
|
||||
@ -241,9 +241,9 @@ get_ownertrust_info (PKT_public_key *pk, int no_create)
|
||||
* NO_CREATE is set, no efforts for creating a trustdb will be taken.
|
||||
*/
|
||||
const char *
|
||||
get_ownertrust_string (PKT_public_key *pk, int no_create)
|
||||
get_ownertrust_string (ctrl_t ctrl, PKT_public_key *pk, int no_create)
|
||||
{
|
||||
return trust_value_to_string (get_ownertrust_with_min (pk, no_create));
|
||||
return trust_value_to_string (get_ownertrust_with_min (ctrl, pk, no_create));
|
||||
}
|
||||
|
||||
|
||||
@ -252,34 +252,34 @@ get_ownertrust_string (PKT_public_key *pk, int no_create)
|
||||
* The key should be a primary one.
|
||||
*/
|
||||
void
|
||||
update_ownertrust (PKT_public_key *pk, unsigned int new_trust)
|
||||
update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust)
|
||||
{
|
||||
#ifdef NO_TRUST_MODELS
|
||||
(void)pk;
|
||||
(void)new_trust;
|
||||
#else
|
||||
tdb_update_ownertrust (pk, new_trust);
|
||||
tdb_update_ownertrust (ctrl, pk, new_trust);
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
clear_ownertrusts (PKT_public_key *pk)
|
||||
clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
#ifdef NO_TRUST_MODELS
|
||||
(void)pk;
|
||||
return 0;
|
||||
#else
|
||||
return tdb_clear_ownertrusts (pk);
|
||||
return tdb_clear_ownertrusts (ctrl, pk);
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
revalidation_mark (void)
|
||||
revalidation_mark (ctrl_t ctrl)
|
||||
{
|
||||
#ifndef NO_TRUST_MODELS
|
||||
tdb_revalidation_mark ();
|
||||
tdb_revalidation_mark (ctrl);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -343,7 +343,7 @@ get_validity (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, PKT_user_id *uid,
|
||||
else
|
||||
{
|
||||
main_pk = xmalloc_clear (sizeof *main_pk);
|
||||
rc = get_pubkey (main_pk, pk->main_keyid);
|
||||
rc = get_pubkey (ctrl, main_pk, pk->main_keyid);
|
||||
if (rc)
|
||||
{
|
||||
char *tempkeystr = xstrdup (keystr (pk->main_keyid));
|
||||
@ -430,7 +430,7 @@ get_validity_string (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
|
||||
* 9 and 10 are used for internal purposes.
|
||||
*/
|
||||
void
|
||||
mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
|
||||
mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
|
||||
u32 *main_kid, struct key_item *klist,
|
||||
u32 curtime, u32 *next_expire)
|
||||
{
|
||||
@ -461,7 +461,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
|
||||
invalid signature */
|
||||
if (klist && !is_in_klist (klist, sig))
|
||||
continue; /* no need to check it then */
|
||||
if ((rc=check_key_signature (keyblock, node, NULL)))
|
||||
if ((rc=check_key_signature (ctrl, keyblock, node, NULL)))
|
||||
{
|
||||
/* we ignore anything that won't verify, but tag the
|
||||
no_pubkey case */
|
||||
@ -594,7 +594,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
|
||||
|
||||
|
||||
static int
|
||||
clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
|
||||
clean_sigs_from_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
|
||||
int noisy, int self_only)
|
||||
{
|
||||
int deleted = 0;
|
||||
@ -609,7 +609,7 @@ clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
|
||||
/* Passing in a 0 for current time here means that we'll never weed
|
||||
out an expired sig. This is correct behavior since we want to
|
||||
keep the most recent expired sig in a series. */
|
||||
mark_usable_uid_certs (keyblock, uidnode, NULL, NULL, 0, NULL);
|
||||
mark_usable_uid_certs (ctrl, keyblock, uidnode, NULL, NULL, 0, NULL);
|
||||
|
||||
/* What we want to do here is remove signatures that are not
|
||||
considered as part of the trust calculations. Thus, all invalid
|
||||
@ -743,8 +743,8 @@ clean_uid_from_key (kbnode_t keyblock, kbnode_t uidnode, int noisy)
|
||||
|
||||
/* Needs to be called after a merge_keys_and_selfsig() */
|
||||
void
|
||||
clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
|
||||
int *uids_cleaned, int *sigs_cleaned)
|
||||
clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
|
||||
int noisy, int self_only, int *uids_cleaned, int *sigs_cleaned)
|
||||
{
|
||||
int dummy = 0;
|
||||
|
||||
@ -762,19 +762,20 @@ clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
|
||||
to bother with the other. */
|
||||
*uids_cleaned += clean_uid_from_key (keyblock, uidnode, noisy);
|
||||
if (!uidnode->pkt->pkt.user_id->flags.compacted)
|
||||
*sigs_cleaned += clean_sigs_from_uid (keyblock, uidnode, noisy, self_only);
|
||||
*sigs_cleaned += clean_sigs_from_uid (ctrl, keyblock, uidnode,
|
||||
noisy, self_only);
|
||||
}
|
||||
|
||||
|
||||
/* NB: This function marks the deleted nodes only and the caller is
|
||||
* responsible to skip or remove them. */
|
||||
void
|
||||
clean_key (kbnode_t keyblock, int noisy, int self_only,
|
||||
clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only,
|
||||
int *uids_cleaned, int *sigs_cleaned)
|
||||
{
|
||||
kbnode_t node;
|
||||
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
|
||||
for (node = keyblock->next;
|
||||
node && !(node->pkt->pkttype == PKT_PUBLIC_SUBKEY
|
||||
@ -782,7 +783,7 @@ clean_key (kbnode_t keyblock, int noisy, int self_only,
|
||||
node = node->next)
|
||||
{
|
||||
if (node->pkt->pkttype == PKT_USER_ID)
|
||||
clean_one_uid (keyblock, node, noisy, self_only,
|
||||
clean_one_uid (ctrl, keyblock, node, noisy, self_only,
|
||||
uids_cleaned, sigs_cleaned);
|
||||
}
|
||||
|
||||
|
185
g10/trustdb.c
185
g10/trustdb.c
@ -248,7 +248,7 @@ add_utk (u32 *kid)
|
||||
* Verify that all our secret keys are usable and put them into the utk_list.
|
||||
*/
|
||||
static void
|
||||
verify_own_keys(void)
|
||||
verify_own_keys (ctrl_t ctrl)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
ulong recnum;
|
||||
@ -275,7 +275,7 @@ verify_own_keys(void)
|
||||
* the whole validation code to only work with
|
||||
* fingerprints */
|
||||
fprlen = (!fpr[16] && !fpr[17] && !fpr[18] && !fpr[19])? 16:20;
|
||||
keyid_from_fingerprint (fpr, fprlen, kid);
|
||||
keyid_from_fingerprint (ctrl, fpr, fprlen, kid);
|
||||
if (!add_utk (kid))
|
||||
log_info(_("key %s occurs more than once in the trustdb\n"),
|
||||
keystr(kid));
|
||||
@ -290,14 +290,14 @@ verify_own_keys(void)
|
||||
PKT_public_key pk;
|
||||
|
||||
memset (&pk, 0, sizeof pk);
|
||||
rc = get_pubkey (&pk, k->kid);
|
||||
rc = get_pubkey (ctrl, &pk, k->kid);
|
||||
if (rc)
|
||||
log_info(_("key %s: no public key for trusted key - skipped\n"),
|
||||
keystr(k->kid));
|
||||
else
|
||||
{
|
||||
tdb_update_ownertrust
|
||||
(&pk, ((tdb_get_ownertrust (&pk, 0) & ~TRUST_MASK)
|
||||
(ctrl, &pk, ((tdb_get_ownertrust (ctrl, &pk, 0) & ~TRUST_MASK)
|
||||
| TRUST_ULTIMATE ));
|
||||
release_public_key_parts (&pk);
|
||||
}
|
||||
@ -361,9 +361,9 @@ read_record (ulong recno, TRUSTREC *rec, int rectype )
|
||||
* Write a record and die on error
|
||||
*/
|
||||
static void
|
||||
write_record (TRUSTREC *rec)
|
||||
write_record (ctrl_t ctrl, TRUSTREC *rec)
|
||||
{
|
||||
int rc = tdbio_write_record (rec);
|
||||
int rc = tdbio_write_record (ctrl, rec);
|
||||
if (rc)
|
||||
{
|
||||
log_error(_("trust record %lu, type %d: write failed: %s\n"),
|
||||
@ -444,7 +444,7 @@ how_to_fix_the_trustdb ()
|
||||
* in that case 0 is returned if there is a trustdb or an error code
|
||||
* if no trustdb is available. */
|
||||
gpg_error_t
|
||||
init_trustdb (int no_create)
|
||||
init_trustdb (ctrl_t ctrl, int no_create)
|
||||
{
|
||||
int level = trustdb_args.level;
|
||||
const char* dbname = trustdb_args.dbname;
|
||||
@ -456,7 +456,7 @@ init_trustdb (int no_create)
|
||||
|
||||
if(level==0 || level==1)
|
||||
{
|
||||
int rc = tdbio_set_dbname (dbname, (!no_create && level),
|
||||
int rc = tdbio_set_dbname (ctrl, dbname, (!no_create && level),
|
||||
&trustdb_args.no_trustdb);
|
||||
if (no_create && trustdb_args.no_trustdb)
|
||||
{
|
||||
@ -501,7 +501,7 @@ init_trustdb (int no_create)
|
||||
/* Verify the list of ultimately trusted keys and move the
|
||||
--trusted-keys list there as well. */
|
||||
if(level==1)
|
||||
verify_own_keys();
|
||||
verify_own_keys (ctrl);
|
||||
|
||||
if(!tdbio_db_matches_options())
|
||||
pending_check_trustdb=1;
|
||||
@ -515,9 +515,9 @@ init_trustdb (int no_create)
|
||||
necessary if the trust model is not 'always trust'. Returns true
|
||||
if we do have a usable trust database. */
|
||||
int
|
||||
have_trustdb (void)
|
||||
have_trustdb (ctrl_t ctrl)
|
||||
{
|
||||
return init_trustdb (opt.trust_model == TM_ALWAYS) == 0;
|
||||
return !init_trustdb (ctrl, opt.trust_model == TM_ALWAYS);
|
||||
}
|
||||
|
||||
|
||||
@ -529,7 +529,7 @@ have_trustdb (void)
|
||||
void
|
||||
check_trustdb (ctrl_t ctrl)
|
||||
{
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
|
||||
|| opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
|
||||
{
|
||||
@ -566,7 +566,7 @@ check_trustdb (ctrl_t ctrl)
|
||||
void
|
||||
update_trustdb (ctrl_t ctrl)
|
||||
{
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
|
||||
|| opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
|
||||
validate_keys (ctrl, 1);
|
||||
@ -576,15 +576,15 @@ update_trustdb (ctrl_t ctrl)
|
||||
}
|
||||
|
||||
void
|
||||
tdb_revalidation_mark (void)
|
||||
tdb_revalidation_mark (ctrl_t ctrl)
|
||||
{
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return;
|
||||
|
||||
/* We simply set the time for the next check to 1 (far back in 1970)
|
||||
so that a --update-trustdb will be scheduled. */
|
||||
if (tdbio_write_nextcheck (1))
|
||||
if (tdbio_write_nextcheck (ctrl, 1))
|
||||
do_sync ();
|
||||
pending_check_trustdb = 1;
|
||||
}
|
||||
@ -610,13 +610,14 @@ tdb_check_or_update (ctrl_t ctrl)
|
||||
}
|
||||
|
||||
void
|
||||
read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
|
||||
byte *marginals,byte *completes,byte *cert_depth,
|
||||
read_trust_options (ctrl_t ctrl,
|
||||
byte *trust_model, ulong *created, ulong *nextcheck,
|
||||
byte *marginals, byte *completes, byte *cert_depth,
|
||||
byte *min_cert_level)
|
||||
{
|
||||
TRUSTREC opts;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
memset (&opts, 0, sizeof opts);
|
||||
else
|
||||
@ -643,11 +644,11 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
|
||||
***********************************************/
|
||||
|
||||
static int
|
||||
read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
|
||||
read_trust_record (ctrl_t ctrl, PKT_public_key *pk, TRUSTREC *rec)
|
||||
{
|
||||
int rc;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
rc = tdbio_search_trust_bypk (pk, rec);
|
||||
if (rc)
|
||||
{
|
||||
@ -676,7 +677,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
|
||||
* values but we usually use --always-trust.
|
||||
*/
|
||||
unsigned int
|
||||
tdb_get_ownertrust (PKT_public_key *pk, int no_create)
|
||||
tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
gpg_error_t err;
|
||||
@ -687,10 +688,10 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create)
|
||||
/* If the caller asked not to create a trustdb we call init_trustdb
|
||||
* directly and allow it to fail with an error code for a
|
||||
* non-existing trustdb. */
|
||||
if (no_create && init_trustdb (1))
|
||||
if (no_create && init_trustdb (ctrl, 1))
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
err = read_trust_record (pk, &rec);
|
||||
err = read_trust_record (ctrl, pk, &rec);
|
||||
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
|
||||
return TRUST_UNKNOWN; /* no record yet */
|
||||
if (err)
|
||||
@ -704,7 +705,7 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create)
|
||||
|
||||
|
||||
unsigned int
|
||||
tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
|
||||
tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
gpg_error_t err;
|
||||
@ -715,10 +716,10 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
|
||||
/* If the caller asked not to create a trustdb we call init_trustdb
|
||||
* directly and allow it to fail with an error code for a
|
||||
* non-existing trustdb. */
|
||||
if (no_create && init_trustdb (1))
|
||||
if (no_create && init_trustdb (ctrl, 1))
|
||||
return TRUST_UNKNOWN;
|
||||
|
||||
err = read_trust_record (pk, &rec);
|
||||
err = read_trust_record (ctrl, pk, &rec);
|
||||
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
|
||||
return TRUST_UNKNOWN; /* no record yet */
|
||||
if (err)
|
||||
@ -736,7 +737,7 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
|
||||
* The key should be a primary one.
|
||||
*/
|
||||
void
|
||||
tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
|
||||
tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust )
|
||||
{
|
||||
TRUSTREC rec;
|
||||
gpg_error_t err;
|
||||
@ -744,7 +745,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return;
|
||||
|
||||
err = read_trust_record (pk, &rec);
|
||||
err = read_trust_record (ctrl, pk, &rec);
|
||||
if (!err)
|
||||
{
|
||||
if (DBG_TRUST)
|
||||
@ -753,8 +754,8 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
|
||||
if (rec.r.trust.ownertrust != new_trust)
|
||||
{
|
||||
rec.r.trust.ownertrust = new_trust;
|
||||
write_record( &rec );
|
||||
tdb_revalidation_mark ();
|
||||
write_record (ctrl, &rec);
|
||||
tdb_revalidation_mark (ctrl);
|
||||
do_sync ();
|
||||
}
|
||||
}
|
||||
@ -766,12 +767,12 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
|
||||
log_debug ("insert ownertrust %u\n", new_trust );
|
||||
|
||||
memset (&rec, 0, sizeof rec);
|
||||
rec.recnum = tdbio_new_recnum ();
|
||||
rec.recnum = tdbio_new_recnum (ctrl);
|
||||
rec.rectype = RECTYPE_TRUST;
|
||||
fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
|
||||
rec.r.trust.ownertrust = new_trust;
|
||||
write_record (&rec);
|
||||
tdb_revalidation_mark ();
|
||||
write_record (ctrl, &rec);
|
||||
tdb_revalidation_mark (ctrl);
|
||||
do_sync ();
|
||||
}
|
||||
else
|
||||
@ -781,7 +782,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
|
||||
}
|
||||
|
||||
static void
|
||||
update_min_ownertrust (u32 *kid, unsigned int new_trust )
|
||||
update_min_ownertrust (ctrl_t ctrl, u32 *kid, unsigned int new_trust)
|
||||
{
|
||||
PKT_public_key *pk;
|
||||
TRUSTREC rec;
|
||||
@ -791,7 +792,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
|
||||
return;
|
||||
|
||||
pk = xmalloc_clear (sizeof *pk);
|
||||
err = get_pubkey (pk, kid);
|
||||
err = get_pubkey (ctrl, pk, kid);
|
||||
if (err)
|
||||
{
|
||||
log_error (_("public key %s not found: %s\n"),
|
||||
@ -799,7 +800,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
|
||||
return;
|
||||
}
|
||||
|
||||
err = read_trust_record (pk, &rec);
|
||||
err = read_trust_record (ctrl, pk, &rec);
|
||||
if (!err)
|
||||
{
|
||||
if (DBG_TRUST)
|
||||
@ -810,8 +811,8 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
|
||||
if (rec.r.trust.min_ownertrust != new_trust)
|
||||
{
|
||||
rec.r.trust.min_ownertrust = new_trust;
|
||||
write_record( &rec );
|
||||
tdb_revalidation_mark ();
|
||||
write_record (ctrl, &rec);
|
||||
tdb_revalidation_mark (ctrl);
|
||||
do_sync ();
|
||||
}
|
||||
}
|
||||
@ -823,12 +824,12 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
|
||||
log_debug ("insert min_ownertrust %u\n", new_trust );
|
||||
|
||||
memset (&rec, 0, sizeof rec);
|
||||
rec.recnum = tdbio_new_recnum ();
|
||||
rec.recnum = tdbio_new_recnum (ctrl);
|
||||
rec.rectype = RECTYPE_TRUST;
|
||||
fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
|
||||
rec.r.trust.min_ownertrust = new_trust;
|
||||
write_record (&rec);
|
||||
tdb_revalidation_mark ();
|
||||
write_record (ctrl, &rec);
|
||||
tdb_revalidation_mark (ctrl);
|
||||
do_sync ();
|
||||
}
|
||||
else
|
||||
@ -844,17 +845,17 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
|
||||
* Return: True if a change actually happened.
|
||||
*/
|
||||
int
|
||||
tdb_clear_ownertrusts (PKT_public_key *pk)
|
||||
tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
gpg_error_t err;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
|
||||
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
|
||||
return 0;
|
||||
|
||||
err = read_trust_record (pk, &rec);
|
||||
err = read_trust_record (ctrl, pk, &rec);
|
||||
if (!err)
|
||||
{
|
||||
if (DBG_TRUST)
|
||||
@ -868,8 +869,8 @@ tdb_clear_ownertrusts (PKT_public_key *pk)
|
||||
{
|
||||
rec.r.trust.ownertrust = 0;
|
||||
rec.r.trust.min_ownertrust = 0;
|
||||
write_record( &rec );
|
||||
tdb_revalidation_mark ();
|
||||
write_record (ctrl, &rec);
|
||||
tdb_revalidation_mark (ctrl);
|
||||
do_sync ();
|
||||
return 1;
|
||||
}
|
||||
@ -885,7 +886,7 @@ tdb_clear_ownertrusts (PKT_public_key *pk)
|
||||
* Note: Caller has to do a sync
|
||||
*/
|
||||
static void
|
||||
update_validity (PKT_public_key *pk, PKT_user_id *uid,
|
||||
update_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
|
||||
int depth, int validity)
|
||||
{
|
||||
TRUSTREC trec, vrec;
|
||||
@ -894,7 +895,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
|
||||
|
||||
namehash_from_uid(uid);
|
||||
|
||||
err = read_trust_record (pk, &trec);
|
||||
err = read_trust_record (ctrl, pk, &trec);
|
||||
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
|
||||
{
|
||||
tdbio_invalid ();
|
||||
@ -906,7 +907,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
|
||||
size_t dummy;
|
||||
|
||||
memset (&trec, 0, sizeof trec);
|
||||
trec.recnum = tdbio_new_recnum ();
|
||||
trec.recnum = tdbio_new_recnum (ctrl);
|
||||
trec.rectype = RECTYPE_TRUST;
|
||||
fingerprint_from_pk (pk, trec.r.trust.fingerprint, &dummy);
|
||||
trec.r.trust.ownertrust = 0;
|
||||
@ -925,7 +926,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
|
||||
if (!recno) /* insert a new validity record */
|
||||
{
|
||||
memset (&vrec, 0, sizeof vrec);
|
||||
vrec.recnum = tdbio_new_recnum ();
|
||||
vrec.recnum = tdbio_new_recnum (ctrl);
|
||||
vrec.rectype = RECTYPE_VALID;
|
||||
memcpy (vrec.r.valid.namehash, uid->namehash, 20);
|
||||
vrec.r.valid.next = trec.r.trust.validlist;
|
||||
@ -934,9 +935,9 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
|
||||
vrec.r.valid.validity = validity;
|
||||
vrec.r.valid.full_count = uid->help_full_count;
|
||||
vrec.r.valid.marginal_count = uid->help_marginal_count;
|
||||
write_record (&vrec);
|
||||
write_record (ctrl, &vrec);
|
||||
trec.r.trust.depth = depth;
|
||||
write_record (&trec);
|
||||
write_record (ctrl, &trec);
|
||||
}
|
||||
|
||||
|
||||
@ -947,7 +948,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
|
||||
/* Return true if key is disabled. Note that this is usually used via
|
||||
the pk_is_disabled macro. */
|
||||
int
|
||||
tdb_cache_disabled_value (PKT_public_key *pk)
|
||||
tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
|
||||
{
|
||||
gpg_error_t err;
|
||||
TRUSTREC trec;
|
||||
@ -956,12 +957,12 @@ tdb_cache_disabled_value (PKT_public_key *pk)
|
||||
if (pk->flags.disabled_valid)
|
||||
return pk->flags.disabled;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
|
||||
if (trustdb_args.no_trustdb)
|
||||
return 0; /* No trustdb => not disabled. */
|
||||
|
||||
err = read_trust_record (pk, &trec);
|
||||
err = read_trust_record (ctrl, pk, &trec);
|
||||
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
|
||||
{
|
||||
tdbio_invalid ();
|
||||
@ -991,7 +992,7 @@ tdb_check_trustdb_stale (ctrl_t ctrl)
|
||||
{
|
||||
static int did_nextcheck=0;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
|
||||
if (trustdb_args.no_trustdb)
|
||||
return; /* No trustdb => can't be stale. */
|
||||
@ -1062,7 +1063,7 @@ tdb_get_validity_core (ctrl_t ctrl,
|
||||
(void)may_ask;
|
||||
#endif
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
|
||||
/* If we have no trustdb (which also means it has not been created)
|
||||
and the trust-model is always, we don't know the validity -
|
||||
@ -1077,7 +1078,7 @@ tdb_get_validity_core (ctrl_t ctrl,
|
||||
{
|
||||
/* Note that this happens BEFORE any user ID stuff is checked.
|
||||
The direct trust model applies to keys as a whole. */
|
||||
validity = tdb_get_ownertrust (main_pk, 0);
|
||||
validity = tdb_get_ownertrust (ctrl, main_pk, 0);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -1093,7 +1094,7 @@ tdb_get_validity_core (ctrl_t ctrl,
|
||||
{
|
||||
if (! kb)
|
||||
{
|
||||
kb = get_pubkeyblock (main_pk->keyid);
|
||||
kb = get_pubkeyblock (ctrl, main_pk->keyid);
|
||||
free_kb = 1;
|
||||
}
|
||||
n = kb;
|
||||
@ -1201,7 +1202,7 @@ tdb_get_validity_core (ctrl_t ctrl,
|
||||
|| opt.trust_model == TM_CLASSIC
|
||||
|| opt.trust_model == TM_PGP)
|
||||
{
|
||||
err = read_trust_record (main_pk, &trec);
|
||||
err = read_trust_record (ctrl, main_pk, &trec);
|
||||
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
|
||||
{
|
||||
tdbio_invalid ();
|
||||
@ -1277,7 +1278,7 @@ tdb_get_validity_core (ctrl_t ctrl,
|
||||
|
||||
|
||||
static void
|
||||
get_validity_counts (PKT_public_key *pk, PKT_user_id *uid)
|
||||
get_validity_counts (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
|
||||
{
|
||||
TRUSTREC trec, vrec;
|
||||
ulong recno;
|
||||
@ -1289,9 +1290,9 @@ get_validity_counts (PKT_public_key *pk, PKT_user_id *uid)
|
||||
|
||||
uid->help_marginal_count=uid->help_full_count=0;
|
||||
|
||||
init_trustdb (0);
|
||||
init_trustdb (ctrl, 0);
|
||||
|
||||
if(read_trust_record (pk, &trec))
|
||||
if(read_trust_record (ctrl, pk, &trec))
|
||||
return;
|
||||
|
||||
/* loop over all user IDs */
|
||||
@ -1375,7 +1376,7 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
|
||||
int ot;
|
||||
|
||||
pk = xmalloc_clear (sizeof *pk);
|
||||
rc = get_pubkey (pk, kid);
|
||||
rc = get_pubkey (ctrl, pk, kid);
|
||||
if (rc)
|
||||
{
|
||||
log_error (_("public key %s not found: %s\n"),
|
||||
@ -1387,14 +1388,14 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
|
||||
{
|
||||
log_info("force trust for key %s to %s\n",
|
||||
keystr(kid),trust_value_to_string(opt.force_ownertrust));
|
||||
tdb_update_ownertrust (pk, opt.force_ownertrust);
|
||||
tdb_update_ownertrust (ctrl, pk, opt.force_ownertrust);
|
||||
ot=opt.force_ownertrust;
|
||||
}
|
||||
else
|
||||
{
|
||||
ot=edit_ownertrust (ctrl, pk, 0);
|
||||
if(ot>0)
|
||||
ot = tdb_get_ownertrust (pk, 0);
|
||||
ot = tdb_get_ownertrust (ctrl, pk, 0);
|
||||
else if(ot==0)
|
||||
ot = minimum?minimum:TRUST_UNDEFINED;
|
||||
else
|
||||
@ -1460,7 +1461,8 @@ dump_key_array (int depth, struct key_array *keys)
|
||||
|
||||
|
||||
static void
|
||||
store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
|
||||
store_validation_status (ctrl_t ctrl, int depth,
|
||||
kbnode_t keyblock, KeyHashTable stored)
|
||||
{
|
||||
KBNODE node;
|
||||
int status;
|
||||
@ -1482,7 +1484,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
|
||||
|
||||
if (status)
|
||||
{
|
||||
update_validity (keyblock->pkt->pkt.public_key,
|
||||
update_validity (ctrl, keyblock->pkt->pkt.public_key,
|
||||
uid, depth, status);
|
||||
|
||||
mark_keyblock_seen(stored,keyblock);
|
||||
@ -1619,7 +1621,7 @@ check_regexp(const char *expr,const char *string)
|
||||
* This function assumes that all kbnode flags are cleared on entry.
|
||||
*/
|
||||
static int
|
||||
validate_one_keyblock (KBNODE kb, struct key_item *klist,
|
||||
validate_one_keyblock (ctrl_t ctrl, kbnode_t kb, struct key_item *klist,
|
||||
u32 curtime, u32 *next_expire)
|
||||
{
|
||||
struct key_item *kr;
|
||||
@ -1666,8 +1668,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
|
||||
*next_expire = uid->expiredate;
|
||||
|
||||
issigned = 0;
|
||||
get_validity_counts(pk,uid);
|
||||
mark_usable_uid_certs (kb, uidnode, main_kid, klist,
|
||||
get_validity_counts (ctrl, pk, uid);
|
||||
mark_usable_uid_certs (ctrl, kb, uidnode, main_kid, klist,
|
||||
curtime, next_expire);
|
||||
}
|
||||
else if (node->pkt->pkttype == PKT_SIGNATURE
|
||||
@ -1799,7 +1801,7 @@ search_skipfnc (void *opaque, u32 *kid, int dummy_uid_no)
|
||||
* Caller hast to release the returned array.
|
||||
*/
|
||||
static struct key_array *
|
||||
validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
|
||||
validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust,
|
||||
struct key_item *klist, u32 curtime, u32 *next_expire)
|
||||
{
|
||||
KBNODE keyblock = NULL;
|
||||
@ -1858,7 +1860,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
|
||||
}
|
||||
|
||||
/* prepare the keyblock for further processing */
|
||||
merge_keys_and_selfsig (keyblock);
|
||||
merge_keys_and_selfsig (ctrl, keyblock);
|
||||
clear_kbnode_flags (keyblock);
|
||||
pk = keyblock->pkt->pkt.public_key;
|
||||
if (pk->has_expired || pk->flags.revoked)
|
||||
@ -1866,7 +1868,8 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
|
||||
/* it does not make sense to look further at those keys */
|
||||
mark_keyblock_seen (full_trust, keyblock);
|
||||
}
|
||||
else if (validate_one_keyblock (keyblock, klist, curtime, next_expire))
|
||||
else if (validate_one_keyblock (ctrl, keyblock, klist,
|
||||
curtime, next_expire))
|
||||
{
|
||||
KBNODE node;
|
||||
|
||||
@ -1915,7 +1918,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
|
||||
|
||||
/* Caller must sync */
|
||||
static void
|
||||
reset_trust_records(void)
|
||||
reset_trust_records (ctrl_t ctrl)
|
||||
{
|
||||
TRUSTREC rec;
|
||||
ulong recnum;
|
||||
@ -1929,7 +1932,7 @@ reset_trust_records(void)
|
||||
if(rec.r.trust.min_ownertrust)
|
||||
{
|
||||
rec.r.trust.min_ownertrust=0;
|
||||
write_record(&rec);
|
||||
write_record (ctrl, &rec);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1941,7 +1944,7 @@ reset_trust_records(void)
|
||||
rec.r.valid.validity &= ~TRUST_MASK;
|
||||
rec.r.valid.marginal_count=rec.r.valid.full_count=0;
|
||||
nreset++;
|
||||
write_record(&rec);
|
||||
write_record (ctrl, &rec);
|
||||
}
|
||||
|
||||
}
|
||||
@ -2002,7 +2005,7 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
Perhaps combine this with reset_trust_records(), or only check
|
||||
the caches on keys that are actually involved in the web of
|
||||
trust. */
|
||||
keydb_rebuild_caches(0);
|
||||
keydb_rebuild_caches (ctrl, 0);
|
||||
|
||||
kdb = keydb_new ();
|
||||
if (!kdb)
|
||||
@ -2014,7 +2017,7 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
used = new_key_hash_table ();
|
||||
full_trust = new_key_hash_table ();
|
||||
|
||||
reset_trust_records();
|
||||
reset_trust_records (ctrl);
|
||||
|
||||
/* Fixme: Instead of always building a UTK list, we could just build it
|
||||
* here when needed */
|
||||
@ -2032,7 +2035,7 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
KBNODE keyblock;
|
||||
PKT_public_key *pk;
|
||||
|
||||
keyblock = get_pubkeyblock (k->kid);
|
||||
keyblock = get_pubkeyblock (ctrl, k->kid);
|
||||
if (!keyblock)
|
||||
{
|
||||
log_error (_("public key of ultimately"
|
||||
@ -2046,7 +2049,8 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
for (node=keyblock; node; node = node->next)
|
||||
{
|
||||
if (node->pkt->pkttype == PKT_USER_ID)
|
||||
update_validity (pk, node->pkt->pkt.user_id, 0, TRUST_ULTIMATE);
|
||||
update_validity (ctrl, pk, node->pkt->pkt.user_id,
|
||||
0, TRUST_ULTIMATE);
|
||||
}
|
||||
if ( pk->expiredate && pk->expiredate >= start_time
|
||||
&& pk->expiredate < next_expire)
|
||||
@ -2086,7 +2090,7 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
min=TRUST_MARGINAL;
|
||||
|
||||
if(min!=k->min_ownertrust)
|
||||
update_min_ownertrust(k->kid,min);
|
||||
update_min_ownertrust (ctrl, k->kid,min);
|
||||
|
||||
if (interactive && k->ownertrust == TRUST_UNKNOWN)
|
||||
{
|
||||
@ -2132,7 +2136,7 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
}
|
||||
|
||||
/* Find all keys which are signed by a key in kdlist */
|
||||
keys = validate_key_list (kdb, full_trust, klist,
|
||||
keys = validate_key_list (ctrl, kdb, full_trust, klist,
|
||||
start_time, &next_expire);
|
||||
if (!keys)
|
||||
{
|
||||
@ -2149,7 +2153,7 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
dump_key_array (depth, keys);
|
||||
|
||||
for (kar=keys; kar->keyblock; kar++)
|
||||
store_validation_status (depth, kar->keyblock, stored);
|
||||
store_validation_status (ctrl, depth, kar->keyblock, stored);
|
||||
|
||||
if (!opt.quiet)
|
||||
log_info (_("depth: %d valid: %3d signed: %3d"
|
||||
@ -2183,9 +2187,10 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
k->kid[1]=kid[1];
|
||||
k->ownertrust =
|
||||
(tdb_get_ownertrust
|
||||
(kar->keyblock->pkt->pkt.public_key, 0) & TRUST_MASK);
|
||||
(ctrl, kar->keyblock->pkt->pkt.public_key, 0)
|
||||
& TRUST_MASK);
|
||||
k->min_ownertrust = tdb_get_min_ownertrust
|
||||
(kar->keyblock->pkt->pkt.public_key, 0);
|
||||
(ctrl, kar->keyblock->pkt->pkt.public_key, 0);
|
||||
k->trust_depth=
|
||||
kar->keyblock->pkt->pkt.public_key->trust_depth;
|
||||
k->trust_value=
|
||||
@ -2220,16 +2225,16 @@ validate_keys (ctrl_t ctrl, int interactive)
|
||||
int rc2;
|
||||
|
||||
if (next_expire == 0xffffffff || next_expire < start_time )
|
||||
tdbio_write_nextcheck (0);
|
||||
tdbio_write_nextcheck (ctrl, 0);
|
||||
else
|
||||
{
|
||||
tdbio_write_nextcheck (next_expire);
|
||||
tdbio_write_nextcheck (ctrl, next_expire);
|
||||
if (!opt.quiet)
|
||||
log_info (_("next trustdb check due at %s\n"),
|
||||
strtimestamp (next_expire));
|
||||
}
|
||||
|
||||
rc2 = tdbio_update_version_record ();
|
||||
rc2 = tdbio_update_version_record (ctrl);
|
||||
if (rc2)
|
||||
{
|
||||
log_error (_("unable to update trustdb version record: "
|
||||
|
@ -77,7 +77,7 @@ is_in_klist (struct key_item *k, PKT_signature *sig)
|
||||
|
||||
|
||||
/*-- trust.c --*/
|
||||
int cache_disabled_value (PKT_public_key *pk);
|
||||
int cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk);
|
||||
void register_trusted_keyid (u32 *keyid);
|
||||
void register_trusted_key (const char *string);
|
||||
|
||||
@ -86,11 +86,12 @@ int string_to_trust_value (const char *str);
|
||||
const char *uid_trust_string_fixed (ctrl_t ctrl,
|
||||
PKT_public_key *key, PKT_user_id *uid);
|
||||
|
||||
unsigned int get_ownertrust (PKT_public_key *pk);
|
||||
void update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
|
||||
int clear_ownertrusts (PKT_public_key *pk);
|
||||
unsigned int get_ownertrust (ctrl_t ctrl, PKT_public_key *pk);
|
||||
void update_ownertrust (ctrl_t ctrl,
|
||||
PKT_public_key *pk, unsigned int new_trust);
|
||||
int clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk);
|
||||
|
||||
void revalidation_mark (void);
|
||||
void revalidation_mark (ctrl_t ctrl);
|
||||
void check_trustdb_stale (ctrl_t ctrl);
|
||||
void check_or_update_trustdb (ctrl_t ctrl);
|
||||
|
||||
@ -102,14 +103,14 @@ int get_validity_info (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk,
|
||||
const char *get_validity_string (ctrl_t ctrl,
|
||||
PKT_public_key *pk, PKT_user_id *uid);
|
||||
|
||||
void mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
|
||||
void mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
|
||||
u32 *main_kid, struct key_item *klist,
|
||||
u32 curtime, u32 *next_expire);
|
||||
|
||||
void clean_one_uid (kbnode_t keyblock, kbnode_t uidnode,
|
||||
void clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
|
||||
int noisy, int self_only,
|
||||
int *uids_cleaned, int *sigs_cleaned);
|
||||
void clean_key (kbnode_t keyblock, int noisy, int self_only,
|
||||
void clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only,
|
||||
int *uids_cleaned,int *sigs_cleaned);
|
||||
|
||||
|
||||
@ -127,16 +128,14 @@ void update_trustdb (ctrl_t ctrl);
|
||||
int setup_trustdb( int level, const char *dbname );
|
||||
void how_to_fix_the_trustdb (void);
|
||||
const char *trust_model_string (int model);
|
||||
gpg_error_t init_trustdb (int no_create);
|
||||
int have_trustdb (void);
|
||||
gpg_error_t init_trustdb (ctrl_t ctrl, int no_create);
|
||||
int have_trustdb (ctrl_t ctrl);
|
||||
void tdb_check_trustdb_stale (ctrl_t ctrl);
|
||||
void sync_trustdb( void );
|
||||
|
||||
void tdb_revalidation_mark (void);
|
||||
void tdb_revalidation_mark (ctrl_t ctrl);
|
||||
int trustdb_pending_check(void);
|
||||
void tdb_check_or_update (ctrl_t ctrl);
|
||||
|
||||
int tdb_cache_disabled_value (PKT_public_key *pk);
|
||||
int tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk);
|
||||
|
||||
unsigned int tdb_get_validity_core (ctrl_t ctrl, kbnode_t kb,
|
||||
PKT_public_key *pk, PKT_user_id *uid,
|
||||
@ -149,22 +148,27 @@ int enum_cert_paths( void **context, ulong *lid,
|
||||
void enum_cert_paths_print( void **context, FILE *fp,
|
||||
int refresh, ulong selected_lid );
|
||||
|
||||
void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
|
||||
byte *marginals,byte *completes,byte *cert_depth,
|
||||
void read_trust_options (ctrl_t ctrl, byte *trust_model,
|
||||
ulong *created, ulong *nextcheck,
|
||||
byte *marginals, byte *completes, byte *cert_depth,
|
||||
byte *min_cert_level);
|
||||
|
||||
unsigned int tdb_get_ownertrust (PKT_public_key *pk, int no_create);
|
||||
unsigned int tdb_get_min_ownertrust (PKT_public_key *pk, int no_create);
|
||||
int get_ownertrust_info (PKT_public_key *pk, int no_create);
|
||||
const char *get_ownertrust_string (PKT_public_key *pk, int no_create);
|
||||
unsigned int tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
|
||||
int no_create);
|
||||
unsigned int tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
|
||||
int no_create);
|
||||
int get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create);
|
||||
const char *get_ownertrust_string (ctrl_t ctrl,
|
||||
PKT_public_key *pk, int no_create);
|
||||
|
||||
void tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
|
||||
int tdb_clear_ownertrusts (PKT_public_key *pk);
|
||||
void tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
|
||||
unsigned int new_trust);
|
||||
int tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk);
|
||||
|
||||
/*-- tdbdump.c --*/
|
||||
void list_trustdb (estream_t fp, const char *username);
|
||||
void export_ownertrust(void);
|
||||
void import_ownertrust(const char *fname);
|
||||
void list_trustdb (ctrl_t ctrl, estream_t fp, const char *username);
|
||||
void export_ownertrust (ctrl_t ctrl);
|
||||
void import_ownertrust (ctrl_t ctrl, const char *fname);
|
||||
|
||||
/*-- pkclist.c --*/
|
||||
int edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode);
|
||||
|
Loading…
x
Reference in New Issue
Block a user