mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-23 15:07:03 +01:00
* sign.c (do_sign): Show the hash used when making a signature in verbose
mode. * tdbio.h, tdbio.c (tdbio_read_model): New function to return the trust model used in a given trustdb. * options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb, update_trustdb): Use tdbio_read_model to implement an "auto" trust model which is set via the trustdb.
This commit is contained in:
parent
e0373e85a9
commit
a01bda6abd
@ -1,3 +1,15 @@
|
|||||||
|
2003-04-26 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* sign.c (do_sign): Show the hash used when making a signature in
|
||||||
|
verbose mode.
|
||||||
|
|
||||||
|
* tdbio.h, tdbio.c (tdbio_read_model): New function to return the
|
||||||
|
trust model used in a given trustdb.
|
||||||
|
|
||||||
|
* options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb,
|
||||||
|
update_trustdb): Use tdbio_read_model to implement an "auto" trust
|
||||||
|
model which is set via the trustdb.
|
||||||
|
|
||||||
2003-04-23 David Shaw <dshaw@jabberwocky.com>
|
2003-04-23 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* import.c (import_revoke_cert): Remove ultimate trust when
|
* import.c (import_revoke_cert): Remove ultimate trust when
|
||||||
|
@ -1172,7 +1172,7 @@ main( int argc, char **argv )
|
|||||||
opt.keyserver_options.include_subkeys=1;
|
opt.keyserver_options.include_subkeys=1;
|
||||||
opt.keyserver_options.include_revoked=1;
|
opt.keyserver_options.include_revoked=1;
|
||||||
opt.keyserver_options.try_dns_srv=1;
|
opt.keyserver_options.try_dns_srv=1;
|
||||||
opt.trust_model=TM_OPENPGP;
|
opt.trust_model=TM_AUTO;
|
||||||
opt.mangle_dos_filenames = 1;
|
opt.mangle_dos_filenames = 1;
|
||||||
|
|
||||||
#if defined (__MINGW32__)
|
#if defined (__MINGW32__)
|
||||||
@ -1493,6 +1493,8 @@ main( int argc, char **argv )
|
|||||||
opt.trust_model=TM_CLASSIC;
|
opt.trust_model=TM_CLASSIC;
|
||||||
else if(ascii_strcasecmp(pargs.r.ret_str,"always")==0)
|
else if(ascii_strcasecmp(pargs.r.ret_str,"always")==0)
|
||||||
opt.trust_model=TM_ALWAYS;
|
opt.trust_model=TM_ALWAYS;
|
||||||
|
else if(ascii_strcasecmp(pargs.r.ret_str,"auto")==0)
|
||||||
|
opt.trust_model=TM_AUTO;
|
||||||
else
|
else
|
||||||
log_error("unknown trust model \"%s\"\n",pargs.r.ret_str);
|
log_error("unknown trust model \"%s\"\n",pargs.r.ret_str);
|
||||||
break;
|
break;
|
||||||
|
@ -89,7 +89,9 @@ struct {
|
|||||||
int skip_verify;
|
int skip_verify;
|
||||||
int compress_keys;
|
int compress_keys;
|
||||||
int compress_sigs;
|
int compress_sigs;
|
||||||
enum {TM_CLASSIC=0, TM_OPENPGP=1, TM_ALWAYS} trust_model;
|
/* TM_CLASSIC must be zero to accomodate trustdbs generated before
|
||||||
|
we started storing the trust model inside the trustdb. */
|
||||||
|
enum {TM_CLASSIC=0, TM_OPENPGP=1, TM_ALWAYS, TM_AUTO} trust_model;
|
||||||
unsigned int force_ownertrust;
|
unsigned int force_ownertrust;
|
||||||
int pgp2;
|
int pgp2;
|
||||||
int pgp6;
|
int pgp6;
|
||||||
|
@ -309,8 +309,10 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
|||||||
else {
|
else {
|
||||||
if( opt.verbose ) {
|
if( opt.verbose ) {
|
||||||
char *ustr = get_user_id_string_printable (sig->keyid);
|
char *ustr = get_user_id_string_printable (sig->keyid);
|
||||||
log_info(_("%s signature from: \"%s\"\n"),
|
log_info(_("%s/%s signature from: \"%s\"\n"),
|
||||||
pubkey_algo_to_string(sk->pubkey_algo), ustr );
|
pubkey_algo_to_string(sk->pubkey_algo),
|
||||||
|
digest_algo_to_string(sig->digest_algo),
|
||||||
|
ustr );
|
||||||
m_free(ustr);
|
m_free(ustr);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
12
g10/tdbio.c
12
g10/tdbio.c
@ -669,6 +669,18 @@ tdbio_db_matches_options()
|
|||||||
return yes_no;
|
return yes_no;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
byte
|
||||||
|
tdbio_read_model(void)
|
||||||
|
{
|
||||||
|
TRUSTREC vr;
|
||||||
|
int rc;
|
||||||
|
|
||||||
|
rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
|
||||||
|
if( rc )
|
||||||
|
log_fatal( _("%s: error reading version record: %s\n"),
|
||||||
|
db_name, g10_errstr(rc) );
|
||||||
|
return vr.r.ver.trust_model;
|
||||||
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Return the nextstamp value.
|
* Return the nextstamp value.
|
||||||
|
@ -99,6 +99,7 @@ void tdbio_dump_record( TRUSTREC *rec, FILE *fp );
|
|||||||
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
|
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
|
||||||
int tdbio_write_record( TRUSTREC *rec );
|
int tdbio_write_record( TRUSTREC *rec );
|
||||||
int tdbio_db_matches_options(void);
|
int tdbio_db_matches_options(void);
|
||||||
|
byte tdbio_read_model(void);
|
||||||
ulong tdbio_read_nextcheck (void);
|
ulong tdbio_read_nextcheck (void);
|
||||||
int tdbio_write_nextcheck (ulong stamp);
|
int tdbio_write_nextcheck (ulong stamp);
|
||||||
int tdbio_is_dirty(void);
|
int tdbio_is_dirty(void);
|
||||||
|
@ -375,6 +375,17 @@ do_sync(void)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static const char *
|
||||||
|
trust_model_string(void)
|
||||||
|
{
|
||||||
|
switch(opt.trust_model)
|
||||||
|
{
|
||||||
|
case TM_OPENPGP: return "OpenPGP";
|
||||||
|
case TM_CLASSIC: return "classic";
|
||||||
|
case TM_ALWAYS: return "always";
|
||||||
|
default: return "unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Perform some checks over the trustdb
|
* Perform some checks over the trustdb
|
||||||
@ -425,7 +436,23 @@ init_trustdb()
|
|||||||
if( rc )
|
if( rc )
|
||||||
log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
|
log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
|
||||||
|
|
||||||
if(!tdbio_db_matches_options()
|
if(opt.trust_model==TM_AUTO)
|
||||||
|
{
|
||||||
|
/* Try and set the trust model off of whatever the trustdb says
|
||||||
|
it is. */
|
||||||
|
|
||||||
|
opt.trust_model=tdbio_read_model();
|
||||||
|
if(opt.trust_model!=TM_CLASSIC && opt.trust_model!=TM_OPENPGP)
|
||||||
|
{
|
||||||
|
log_info(_("unable to use unknown trust model (%d) - "
|
||||||
|
"assuming OpenPGP trust model\n"),opt.trust_model);
|
||||||
|
opt.trust_model=TM_OPENPGP;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(opt.verbose)
|
||||||
|
log_info(_("using %s trust model\n"),trust_model_string());
|
||||||
|
}
|
||||||
|
else if(!tdbio_db_matches_options()
|
||||||
&& (opt.trust_model==TM_CLASSIC || opt.trust_model==TM_OPENPGP))
|
&& (opt.trust_model==TM_CLASSIC || opt.trust_model==TM_OPENPGP))
|
||||||
pending_check_trustdb=1;
|
pending_check_trustdb=1;
|
||||||
}
|
}
|
||||||
@ -475,18 +502,6 @@ trust_string (unsigned int value)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char *
|
|
||||||
trust_model_string(void)
|
|
||||||
{
|
|
||||||
switch(opt.trust_model)
|
|
||||||
{
|
|
||||||
case TM_OPENPGP: return "OpenPGP";
|
|
||||||
case TM_CLASSIC: return "classic";
|
|
||||||
case TM_ALWAYS: return "always";
|
|
||||||
default: return "unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Recreate the WoT but do not ask for new ownertrusts. Special
|
* Recreate the WoT but do not ask for new ownertrusts. Special
|
||||||
* feature: In batch mode and without a forced yes, this is only done
|
* feature: In batch mode and without a forced yes, this is only done
|
||||||
@ -495,9 +510,9 @@ trust_model_string(void)
|
|||||||
void
|
void
|
||||||
check_trustdb ()
|
check_trustdb ()
|
||||||
{
|
{
|
||||||
|
init_trustdb();
|
||||||
if(opt.trust_model==TM_OPENPGP || opt.trust_model==TM_CLASSIC)
|
if(opt.trust_model==TM_OPENPGP || opt.trust_model==TM_CLASSIC)
|
||||||
{
|
{
|
||||||
init_trustdb();
|
|
||||||
if (opt.batch && !opt.answer_yes)
|
if (opt.batch && !opt.answer_yes)
|
||||||
{
|
{
|
||||||
ulong scheduled;
|
ulong scheduled;
|
||||||
@ -530,12 +545,10 @@ check_trustdb ()
|
|||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
update_trustdb()
|
update_trustdb()
|
||||||
{
|
|
||||||
if(opt.trust_model==TM_OPENPGP || opt.trust_model==TM_CLASSIC)
|
|
||||||
{
|
{
|
||||||
init_trustdb();
|
init_trustdb();
|
||||||
|
if(opt.trust_model==TM_OPENPGP || opt.trust_model==TM_CLASSIC)
|
||||||
validate_keys (1);
|
validate_keys (1);
|
||||||
}
|
|
||||||
else
|
else
|
||||||
log_info (_("no need for a trustdb update with \"%s\" trust model\n"),
|
log_info (_("no need for a trustdb update with \"%s\" trust model\n"),
|
||||||
trust_model_string());
|
trust_model_string());
|
||||||
@ -1891,9 +1904,7 @@ validate_keys (int interactive)
|
|||||||
klist = utk_list;
|
klist = utk_list;
|
||||||
|
|
||||||
log_info(_("%d marginal(s) needed, %d complete(s) needed, %s trust model\n"),
|
log_info(_("%d marginal(s) needed, %d complete(s) needed, %s trust model\n"),
|
||||||
opt.marginals_needed,opt.completes_needed,
|
opt.marginals_needed,opt.completes_needed,trust_model_string());
|
||||||
opt.trust_model==TM_CLASSIC?"Classic":
|
|
||||||
opt.trust_model==TM_OPENPGP?"OpenPGP":"unknown");
|
|
||||||
|
|
||||||
for (depth=0; depth < opt.max_cert_depth; depth++)
|
for (depth=0; depth < opt.max_cert_depth; depth++)
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user