security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-02-07 17:33:02 +01:00
Code Activity

g10: Simplify the binding statistics shown for a TOFU conflict.

Browse Source 
* g10/tofu.c (ask_about_binding): Simplify binding statistics.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
This commit is contained in:
Neal H. Walfield 2016-09-06 14:49:14 +02:00
parent f2249b7370
commit a9e6db6c7e
1 changed files with 81 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

157
g10/tofu.c
View File

@ -95,19 +95,15 @@ struct tofu_dbs_s
/* If a message is signed a couple of hours in the future, just assume /* If a message is signed a couple of hours in the future, just assume
some clock skew. */ some clock skew. */
#define TIME_AGO_FUTURE_IGNORE (2 * 60 * 60) #define TIME_AGO_FUTURE_IGNORE (2 * 60 * 60)
#if 0 /* Days. */
# define TIME_AGO_UNIT_SMALL 60 #define TIME_AGO_UNIT_SMALL (24 * 60 * 60)
# define TIME_AGO_MEDIUM_THRESHOLD (60 * TIME_AGO_UNIT_SMALL) #define TIME_AGO_SMALL_THRESHOLD (7 * TIME_AGO_UNIT_SMALL)
# define TIME_AGO_UNIT_MEDIUM (60 * 60) /* Months. */
# define TIME_AGO_LARGE_THRESHOLD (24 * 60 * TIME_AGO_UNIT_SMALL) #define TIME_AGO_UNIT_MEDIUM (30 * 24 * 60 * 60)
# define TIME_AGO_UNIT_LARGE (24 * 60 * 60) #define TIME_AGO_MEDIUM_THRESHOLD (2 * TIME_AGO_UNIT_MEDIUM)
#else /* Years. */
# define TIME_AGO_UNIT_SMALL (24 * 60 * 60) #define TIME_AGO_UNIT_LARGE (365 * 24 * 60 * 60)
# define TIME_AGO_MEDIUM_THRESHOLD (4 * TIME_AGO_UNIT_SMALL) #define TIME_AGO_LARGE_THRESHOLD (2 * TIME_AGO_UNIT_LARGE)
# define TIME_AGO_UNIT_MEDIUM (7 * 24 * 60 * 60)
# define TIME_AGO_LARGE_THRESHOLD (28 * TIME_AGO_UNIT_SMALL)
# define TIME_AGO_UNIT_LARGE (30 * 24 * 60 * 60)
#endif
/* Local prototypes. */ /* Local prototypes. */
static gpg_error_t end_transaction (ctrl_t ctrl, int only_batch); static gpg_error_t end_transaction (ctrl_t ctrl, int only_batch);
@ -1151,14 +1147,10 @@ format_conflict_msg_part1 (int policy, strlist_t conflict_set,
{ {
estream_t fp; estream_t fp;
char *fingerprint; char *fingerprint;
char *binding;
int binding_shown = 0;
char *tmpstr, *text; char *tmpstr, *text;
log_assert (conflict_set); log_assert (conflict_set);
fingerprint = conflict_set->d; fingerprint = conflict_set->d;
binding = xasprintf ("<%s, %s>", fingerprint, email);
fp = es_fopenmem (0, "rw,samethread"); fp = es_fopenmem (0, "rw,samethread");
if (!fp) if (!fp)
@ -1167,38 +1159,31 @@ format_conflict_msg_part1 (int policy, strlist_t conflict_set,
if (policy == TOFU_POLICY_NONE) if (policy == TOFU_POLICY_NONE)
{ {
es_fprintf (fp, _("The binding %s is NOT known."), binding); es_fprintf (fp,
_("This is the first time the email address \"%s\" is "
"being used with key %s."),
email, fingerprint);
es_fputs (" ", fp); es_fputs (" ", fp);
binding_shown = 1;
} }
else if (policy == TOFU_POLICY_ASK && conflict_set->next) else if (policy == TOFU_POLICY_ASK && conflict_set->next)
{ {
int conflicts = strlist_length (conflict_set) - 1; int conflicts = strlist_length (conflict_set);
es_fprintf (fp, es_fprintf (fp, _("The email address \"%s\" is associated with %d keys!"),
ngettext("The binding <key: %s, user id: %s> raised a " email, conflicts);
"conflict with %d other binding.", if (opt.verbose)
"The binding <key: %s, user id: %s> raised a " es_fprintf (fp,
"conflict with %d other bindings.", conflicts), _(" Since this binding's policy was 'auto', it has been "
fingerprint, email, conflicts); "changed to 'ask'."));
es_fprintf (fp,
_(" Since this binding's policy was 'auto', it has been "
"changed to 'ask'."));
es_fputs (" ", fp); es_fputs (" ", fp);
binding_shown = 1;
} }
/* TRANSLATORS: The %s%s is replaced by either a fingerprint and a
blank or by two empty strings. */
es_fprintf (fp, es_fprintf (fp,
_("Please indicate whether you believe the binding %s%s" _("Please indicate whether this email address should"
"is legitimate (the key belongs to the stated owner) " " be associated with key %s or whether you think someone"
"or a forgery (bad)."), " is impersonating \"%s\"."),
binding_shown ? "" : binding, fingerprint, email);
binding_shown ? "" : " ");
es_fputc ('\n', fp); es_fputc ('\n', fp);
xfree (binding);
es_fputc (0, fp); es_fputc (0, fp);
if (es_fclose_snatch (fp, (void **)&tmpstr, NULL)) if (es_fclose_snatch (fp, (void **)&tmpstr, NULL))
log_fatal ("error snatching memory stream\n"); log_fatal ("error snatching memory stream\n");
@ -1368,7 +1353,7 @@ ask_about_binding (ctrl_t ctrl,
{ {
strlist_t strlist_iter; strlist_t strlist_iter;
es_fprintf (fp, _("Known user IDs associated with this key:\n")); es_fprintf (fp, _("This key's user IDs:\n"));
for (strlist_iter = other_user_ids; for (strlist_iter = other_user_ids;
strlist_iter; strlist_iter;
strlist_iter = strlist_iter->next) strlist_iter = strlist_iter->next)
@ -1406,21 +1391,20 @@ ask_about_binding (ctrl_t ctrl,
" from\n" " from\n"
" (select bindings.*,\n" " (select bindings.*,\n"
" case\n" " case\n"
" when delta ISNULL then 1\n"
/* From the future (but if its just a couple of hours in the /* From the future (but if its just a couple of hours in the
* future don't turn it into a warning)? Or should we use * future don't turn it into a warning)? Or should we use
* small, medium or large units? (Note: whatever we do, we * small, medium or large units? (Note: whatever we do, we
* keep the value in seconds. Then when we group, everything * keep the value in seconds. Then when we group, everything
* that rounds to the same number of seconds is grouped.) */ * that rounds to the same number of seconds is grouped.) */
" when delta < -("STRINGIFY (TIME_AGO_FUTURE_IGNORE)") then -1\n" " when delta < -("STRINGIFY (TIME_AGO_FUTURE_IGNORE)") then 2\n"
" when delta < ("STRINGIFY (TIME_AGO_SMALL_THRESHOLD)")\n"
" then 3\n"
" when delta < ("STRINGIFY (TIME_AGO_MEDIUM_THRESHOLD)")\n" " when delta < ("STRINGIFY (TIME_AGO_MEDIUM_THRESHOLD)")\n"
" then max(0,\n" " then 4\n"
" round(delta / ("STRINGIFY (TIME_AGO_UNIT_SMALL)"))\n"
" * ("STRINGIFY (TIME_AGO_UNIT_SMALL)"))\n"
" when delta < ("STRINGIFY (TIME_AGO_LARGE_THRESHOLD)")\n" " when delta < ("STRINGIFY (TIME_AGO_LARGE_THRESHOLD)")\n"
" then round(delta / ("STRINGIFY (TIME_AGO_UNIT_MEDIUM)"))\n" " then 5\n"
" * ("STRINGIFY (TIME_AGO_UNIT_MEDIUM)")\n" " else 6\n"
" else round(delta / ("STRINGIFY (TIME_AGO_UNIT_LARGE)"))\n"
" * ("STRINGIFY (TIME_AGO_UNIT_LARGE)")\n"
" end time_ago,\n" " end time_ago,\n"
" delta time_ago_raw\n" " delta time_ago_raw\n"
" from bindings\n" " from bindings\n"
@ -1441,7 +1425,7 @@ ask_about_binding (ctrl_t ctrl,
if (!stats || strcmp (iter->d, stats->fingerprint) != 0) if (!stats || strcmp (iter->d, stats->fingerprint) != 0)
/* No stats for this binding. Add a dummy entry. */ /* No stats for this binding. Add a dummy entry. */
signature_stats_prepend (&stats, iter->d, TOFU_POLICY_AUTO, 0, 0); signature_stats_prepend (&stats, iter->d, TOFU_POLICY_AUTO, 1, 1);
} }
end_transaction (ctrl, 0); end_transaction (ctrl, 0);
strlist_rev (&conflict_set); strlist_rev (&conflict_set);
@ -1468,6 +1452,7 @@ ask_about_binding (ctrl_t ctrl,
{ {
char *key = NULL; char *key = NULL;
strlist_t binding; strlist_t binding;
int seen_in_past = 0;
es_fprintf (fp, _("Statistics for keys" es_fprintf (fp, _("Statistics for keys"
" with the email address \"%s\":\n"), " with the email address \"%s\":\n"),
@ -1510,36 +1495,56 @@ ask_about_binding (ctrl_t ctrl,
tofu_policy_str (stats_iter->policy)); tofu_policy_str (stats_iter->policy));
es_fputs ("):\n", fp); es_fputs ("):\n", fp);
xfree (key_pp); xfree (key_pp);
seen_in_past = 0;
} }
if (stats_iter->time_ago == 1)
{
/* The 1 in this case is the NULL entry. */
log_assert (stats_iter->count == 1);
stats_iter->count = 0;
}
seen_in_past += stats_iter->count;
es_fputs (" ", fp); es_fputs (" ", fp);
if (stats_iter->time_ago == -1) /* TANSLATORS: This string is concatenated with one of
es_fprintf (fp, ngettext("%ld message signed in the future.", * the day/week/month strings to form one sentence. */
"%ld messages signed in the future.", es_fprintf (fp, ngettext("Verified %d message",
stats_iter->count), stats_iter->count); "Verified %d messages",
seen_in_past), seen_in_past);
if (!stats_iter->count)
es_fputs (".", fp);
else if (stats_iter->time_ago == 2)
{
es_fprintf (fp, "in the future.");
/* Reset it. */
seen_in_past = 0;
}
else else
{ {
long t_scaled = time_ago_scale (stats_iter->time_ago); if (stats_iter->time_ago == 3)
es_fprintf (fp, ngettext(" over the past days.",
/* TANSLATORS: This string is concatenated with one of " over the past %d days.",
* the day/week/month strings to form one sentence. */ seen_in_past),
es_fprintf (fp, ngettext("%ld message signed", TIME_AGO_SMALL_THRESHOLD
"%ld messages signed", / TIME_AGO_UNIT_SMALL);
stats_iter->count), stats_iter->count); else if (stats_iter->time_ago == 4)
if (!stats_iter->count) es_fprintf (fp, ngettext(" over the past month.",
es_fputs (".", fp); " over the past %d months.",
else if (stats_iter->time_ago < TIME_AGO_UNIT_MEDIUM) seen_in_past),
es_fprintf (fp, ngettext(" over the past %ld day.", TIME_AGO_MEDIUM_THRESHOLD
" over the past %ld days.", / TIME_AGO_UNIT_MEDIUM);
t_scaled), t_scaled); else if (stats_iter->time_ago == 5)
else if (stats_iter->time_ago < TIME_AGO_UNIT_LARGE) es_fprintf (fp, ngettext(" over the past year.",
es_fprintf (fp, ngettext(" over the past %ld week.", " over the past %d years.",
" over the past %ld weeks.", seen_in_past),
t_scaled), t_scaled); TIME_AGO_LARGE_THRESHOLD
/ TIME_AGO_UNIT_LARGE);
else if (stats_iter->time_ago == 6)
es_fprintf (fp, _(" in the past."));
else else
es_fprintf (fp, ngettext(" over the past %ld month.", log_assert (! "Broken SQL.\n");
" over the past %ld months.",
t_scaled), t_scaled);
} }
es_fputs ("\n", fp); es_fputs ("\n", fp);
} }
@ -1558,11 +1563,11 @@ ask_about_binding (ctrl_t ctrl,
{ {
/* No translation. Use the English text. */ /* No translation. Use the English text. */
text = text =
"Normally, there is only a single key associated with an email " "Normally, an email address is associated with a single key. "
"address. However, people sometimes generate a new key if " "However, people sometimes generate a new key if "
"their key is too old or they think it might be compromised. " "their key is too old or they think it might be compromised. "
"Alternatively, a new key may indicate a man-in-the-middle " "Alternatively, a new key may indicate a man-in-the-middle "
"attack! Before accepting this key, you should talk to or " "attack! Before accepting this association, you should talk to or "
"call the person to make sure this new key is legitimate."; "call the person to make sure this new key is legitimate.";
} }
textbuf = format_text (text, 0, 72, 80); textbuf = format_text (text, 0, 72, 80);