mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-21 14:47:03 +01:00
* trustdb.c (validate_one_keyblock): Fix the trust signature
calculations so that we lower the trust depth of signatures to fit within the current chain, rather than discarding any signature that does not fit within the trust depth.
This commit is contained in:
David Shaw
parent
9e0919fad1
commit
9d76ee5147
@ -1,3 +1,10 @@
|
||||
2008-11-18 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* trustdb.c (validate_one_keyblock): Fix the trust signature
|
||||
calculations so that we lower the trust depth of signatures to fit
|
||||
within the current chain, rather than discarding any signature
|
||||
that does not fit within the trust depth.
|
||||
|
||||
2008-10-03 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* main.h, mainproc.c (check_sig_and_print),
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
/* trustdb.c
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
|
||||
* 2007 Free Software Foundation, Inc.
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
|
||||
* 2008 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -1933,50 +1933,72 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
|
||||
(uidnode && check_regexp(kr->trust_regexp,
|
||||
uidnode->pkt->pkt.user_id->name))))
|
||||
{
|
||||
if(DBG_TRUST && opt.trust_model==TM_PGP && sig->trust_depth)
|
||||
log_debug("trust sig on %s, sig depth is %d, kr depth is %d\n",
|
||||
uidnode->pkt->pkt.user_id->name,sig->trust_depth,
|
||||
kr->trust_depth);
|
||||
|
||||
/* Are we part of a trust sig chain? We always favor
|
||||
the latest trust sig, rather than the greater or
|
||||
lesser trust sig or value. I could make a decent
|
||||
argument for any of these cases, but this seems to be
|
||||
what PGP does, and I'd like to be compatible. -dms */
|
||||
if(opt.trust_model==TM_PGP && sig->trust_depth
|
||||
&& pk->trust_timestamp<=sig->timestamp
|
||||
&& (sig->trust_depth<=kr->trust_depth
|
||||
|| kr->ownertrust==TRUST_ULTIMATE))
|
||||
if(opt.trust_model==TM_PGP
|
||||
&& sig->trust_depth
|
||||
&& pk->trust_timestamp<=sig->timestamp)
|
||||
{
|
||||
/* If we got here, we know that:
|
||||
byte depth;
|
||||
|
||||
this is a trust sig.
|
||||
/* If the depth on the signature is less than the
|
||||
chain currently has, then use the signature depth
|
||||
so we don't increase the depth beyond what the
|
||||
signer wanted. If the depth on the signature is
|
||||
more than the chain currently has, then use the
|
||||
chain depth so we use as much of the signature
|
||||
depth as the chain will permit. An ultimately
|
||||
trusted signature can restart the depth to
|
||||
whatever level it likes. */
|
||||
|
||||
it's a newer trust sig than any previous trust
|
||||
sig on this key (not uid).
|
||||
if(sig->trust_depth<kr->trust_depth
|
||||
|| kr->ownertrust==TRUST_ULTIMATE)
|
||||
depth=sig->trust_depth;
|
||||
else
|
||||
depth=kr->trust_depth;
|
||||
|
||||
it is legal in that it was either generated by an
|
||||
ultimate key, or a key that was part of a trust
|
||||
chain, and the depth does not violate the
|
||||
original trust sig.
|
||||
if(depth)
|
||||
{
|
||||
if(DBG_TRUST)
|
||||
log_debug("trust sig on %s, sig depth is %d,"
|
||||
" kr depth is %d\n",
|
||||
uidnode->pkt->pkt.user_id->name,
|
||||
sig->trust_depth,
|
||||
kr->trust_depth);
|
||||
|
||||
if there is a regexp attached, it matched
|
||||
successfully.
|
||||
*/
|
||||
/* If we got here, we know that:
|
||||
|
||||
if(DBG_TRUST)
|
||||
log_debug("replacing trust value %d with %d and "
|
||||
"depth %d with %d\n",
|
||||
pk->trust_value,sig->trust_value,
|
||||
pk->trust_depth,sig->trust_depth);
|
||||
this is a trust sig.
|
||||
|
||||
pk->trust_value=sig->trust_value;
|
||||
pk->trust_depth=sig->trust_depth-1;
|
||||
it's a newer trust sig than any previous trust
|
||||
sig on this key (not uid).
|
||||
|
||||
/* If the trust sig contains a regexp, record it
|
||||
on the pk for the next round. */
|
||||
if(sig->trust_regexp)
|
||||
pk->trust_regexp=sig->trust_regexp;
|
||||
it is legal in that it was either generated by an
|
||||
ultimate key, or a key that was part of a trust
|
||||
chain, and the depth does not violate the
|
||||
original trust sig.
|
||||
|
||||
if there is a regexp attached, it matched
|
||||
successfully.
|
||||
*/
|
||||
|
||||
if(DBG_TRUST)
|
||||
log_debug("replacing trust value %d with %d and "
|
||||
"depth %d with %d\n",
|
||||
pk->trust_value,sig->trust_value,
|
||||
pk->trust_depth,depth);
|
||||
|
||||
pk->trust_value=sig->trust_value;
|
||||
pk->trust_depth=depth-1;
|
||||
|
||||
/* If the trust sig contains a regexp, record it
|
||||
on the pk for the next round. */
|
||||
if(sig->trust_regexp)
|
||||
pk->trust_regexp=sig->trust_regexp;
|
||||
}
|
||||
}
|
||||
|
||||
if (kr->ownertrust == TRUST_ULTIMATE)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user