* pkclist.c (do_edit_ownertrust): Different prompt when we're using direct

trust since the meaning is different.

* keyedit.c (trustsig_prompt): Change the strings to match the ones in
pkclist.c:do_edit_ownertrust to make translation easier.

* trustdb.c (trust_model_string, get_validity): Add direct trust model
which applies to the key as a whole and not per-uid.

* options.h, g10.c (parse_trust_model): New. (main): Call it from here to
do string-to-trust-model.

g10/ChangeLog

@@ -1,3 +1,17 @@
+2004-10-13  David Shaw  <dshaw@jabberwocky.com>
+
+	* pkclist.c (do_edit_ownertrust): Different prompt when we're
+	using direct trust since the meaning is different.
+
+	* keyedit.c (trustsig_prompt): Change the strings to match the
+	ones in pkclist.c:do_edit_ownertrust to make translation easier.
+
+	* trustdb.c (trust_model_string, get_validity): Add direct trust
+	model which applies to the key as a whole and not per-uid.
+
+	* options.h, g10.c (parse_trust_model): New.
+	(main): Call it from here to do string-to-trust-model.
+
 2004-10-13  Werner Koch  <wk@g10code.com>
 
 	* openfile.c (overwrite_filep, make_outfile_name, open_outfile) 

g10/g10.c

@@ -1507,6 +1507,22 @@ collapse_args(int argc,char *argv[])
   return str;
 }
 
+static void
+parse_trust_model(const char *model)
+{
+  if(ascii_strcasecmp(model,"pgp")==0)
+    opt.trust_model=TM_PGP;
+  else if(ascii_strcasecmp(model,"classic")==0)
+    opt.trust_model=TM_CLASSIC;
+  else if(ascii_strcasecmp(model,"always")==0)
+    opt.trust_model=TM_ALWAYS;
+  else if(ascii_strcasecmp(model,"direct")==0)
+    opt.trust_model=TM_DIRECT;
+  else if(ascii_strcasecmp(model,"auto")==0)
+    opt.trust_model=TM_AUTO;
+  else
+    log_error("unknown trust model `%s'\n",model);
+}
 
 int
 main( int argc, char **argv )
@@ -1993,16 +2009,7 @@ main( int argc, char **argv )
 	       time. */
 	  case oAlwaysTrust: opt.trust_model=TM_ALWAYS; break;
 	  case oTrustModel:
-	    if(ascii_strcasecmp(pargs.r.ret_str,"pgp")==0)
+	    parse_trust_model(pargs.r.ret_str);
-	      opt.trust_model=TM_PGP;
-	    else if(ascii_strcasecmp(pargs.r.ret_str,"classic")==0)
-	      opt.trust_model=TM_CLASSIC;
-	    else if(ascii_strcasecmp(pargs.r.ret_str,"always")==0)
-	      opt.trust_model=TM_ALWAYS;
-	    else if(ascii_strcasecmp(pargs.r.ret_str,"auto")==0)
-	      opt.trust_model=TM_AUTO;
-	    else
-	      log_error("unknown trust model `%s'\n",pargs.r.ret_str);
 	    break;
 	  case oForceOwnertrust:
 	    log_info(_("NOTE: %s is not for normal use!\n"),

g10/keyedit.c

@@ -398,14 +398,13 @@ trustsig_prompt(byte *trust_value,byte *trust_depth,char **regexp)
   *trust_depth=0;
   *regexp=NULL;
 
-  tty_printf("\n");
   /* Same string as pkclist.c:do_edit_ownertrust */
-  tty_printf(_(
+  tty_printf(_("Please decide how far you trust this user to correctly verify"
-	       "Please decide how far you trust this user to correctly\n"
+	       " other users' keys\n(by looking at passports, checking"
-	       "verify other users' keys (by looking at passports,\n"
+	       " fingerprints from different sources, etc.)\n"));
-	       "checking fingerprints from different sources...)?\n\n"));
+  tty_printf("\n");
-  tty_printf (_("   (%d) I trust marginally\n"), 1);
+  tty_printf (_("  %d = I trust marginally\n"), 1);
-  tty_printf (_("   (%d) I trust fully\n"), 2);
+  tty_printf (_("  %d = I trust fully\n"), 2);
   tty_printf("\n");
 
   while(*trust_value==0)

g10/options.h

@@ -100,7 +100,7 @@ struct
      we started storing the trust model inside the trustdb. */
   enum
     {
-      TM_CLASSIC=0, TM_PGP=1, TM_EXTERNAL=2, TM_ALWAYS, TM_AUTO
+      TM_CLASSIC=0, TM_PGP=1, TM_EXTERNAL=2, TM_ALWAYS, TM_DIRECT, TM_AUTO
     } trust_model;
   int force_ownertrust;
   enum

g10/pkclist.c

@@ -238,11 +238,23 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
             tty_printf("\n");
 	    release_kbnode (keyblock);
           }
-	/* This string also used in keyedit.c:sign_uids */
+
-        tty_printf (_(
+	if(opt.trust_model==TM_DIRECT)
-                     "Please decide how far you trust this user to correctly\n"
+	  {
-                     "verify other users' keys (by looking at passports,\n"
+	    tty_printf(_("How much do you trust that this key actually "
-                     "checking fingerprints from different sources...)?\n\n"));
+			 "belongs to the named user?\n"));
+	    tty_printf("\n");
+	  }
+	else
+	  {
+	    /* This string also used in keyedit.c:trustsig_prompt */
+	    tty_printf(_("Please decide how far you trust this user to"
+			 " correctly verify other users' keys\n"
+			 "(by looking at passports, checking fingerprints from"
+			 " different sources, etc.)\n"));
+	    tty_printf("\n");
+	  }
+
 	if(min_num<=1)
 	  tty_printf (_("  %d = I don't know or won't say\n"), 1);
 	if(min_num<=2)
@@ -255,7 +267,7 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
           tty_printf (_("  %d = I trust ultimately\n"), 5);
 #if 0
 	/* not yet implemented */
-        tty_printf (_(" i = please show me more information\n") );
+        tty_printf ("  i = please show me more information\n");
 #endif
         if( mode )
           tty_printf(_("  m = back to the main menu\n"));

g10/trustdb.c

@@ -391,6 +391,7 @@ trust_model_string(void)
     case TM_PGP:      return "PGP";
     case TM_EXTERNAL: return "external";
     case TM_ALWAYS:   return "always";
+    case TM_DIRECT:   return "direct";
     default:          return "unknown";
     }
 }
@@ -1034,6 +1035,14 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
   else
     main_pk = pk;
 
+  if(opt.trust_model==TM_DIRECT)
+    {
+      /* Note that this happens BEFORE any user ID stuff is checked.
+	 The direct trust model applies to keys as a whole. */
+      validity=get_ownertrust(main_pk);
+      goto leave;
+    }
+
   rc = read_trust_record (main_pk, &trec);
   if (rc && rc != -1)
     {