make check does work again

2025-01-22 14:57:02 +01:00 · 2001-09-28 10:43:03 +00:00 · 2001-09-28 10:43:03 +00:00 · aa971d5c89
commit aa971d5c89
parent c1a0e80f71
9 changed files with 98 additions and 43 deletions
--- a/9
+++ b/9
@ -1,3 +1,12 @@
+2001-09-28  Werner Koch  <wk@gnupg.org>
+
+	* configure.ac: From now on add a string "-cvs" to the version to
+	indicate that this is a pre-release of the given version number.
+
+2001-09-26  Werner Koch  <wk@gnupg.org>
+
+	* configure.ac [MINGW32]: Switched from wsock.dll to ws2_32.dll.
+
 2001-09-09  Werner Koch  <wk@gnupg.org>

 	* configure.ac: autoconf changed the name of the maintainer mode
--- a/9
+++ b/9
@ -1,8 +1,9 @@
 
+  * getkey does not return revoked/expired keys - therefore it is not
+    possible to override it.
+
  * Selection using +wordlist does not work.

-  * Make the offtbl in keyring.c global.
-
  * Always use the primary key to sign other keys.

  * add listing of notation data
@ -75,8 +76,7 @@
  * export by user-IDs does only export the first matching name which leads
    to a problem in cases where there are 2 keys with identically
    user-IDs. 
-    --> Check whether this is still true.
-    
+    --> Check whether this is still true - yes it is.
    
  * With option -i prompt before adding a key to the keyring and show some
    info what we are about to add.
@ -105,7 +105,6 @@ Nice to have
  * use DEL and ^H for erasing the previous character (util/ttyio.c).
    or better readline.
  * Print a warning if the directory mode is wrong.
-  * Do a real fix for bug #7 or document that it is a PGP 5 error.
  * preferences of hash algorithms are not yet used.
  * add test cases for invalid data (scrambled armor or other random data)
  * add checking of armor trailers
--- a/configure.ac
+++ b/configure.ac
@ -21,7 +21,10 @@ dnl (Process this file with autoconf to produce a configure script.)
 AC_REVISION($Revision$)dnl

 AC_PREREQ(2.52)
-AC_INIT(gnupg,1.0.6b)
+dnl A snapshot release has a letter appended. CVS files before a release
+dnl are suffixed with the string "-cvs", so "1.0.6a-cvs" is a cvs version
+dnl between 1.0.6 and 1.0.6a. 
+AC_INIT(gnupg,1.0.6b-cvs)
 AC_CONFIG_SRCDIR(g10/g10.c)
 AC_CONFIG_AUX_DIR(scripts)
 AC_CONFIG_HEADERS(config.h)
@ -786,7 +789,7 @@ GNUPG_CHECK_GNUMAKE
 # mysterious reasons - the final link step shoudl bail out. 
 case "${target}" in
    *-*-mingw32*)
-        LIBS="$LIBS -lwsock32"
+        LIBS="$LIBS -lws2_32"
        ;;
    *)
       ;;
--- a/doc/gpg.sgml
+++ b/doc/gpg.sgml
@ -1175,8 +1175,8 @@ modifications, you can use this option to disable the caching.  It
 probably does not make sense to disable it because all kind of damage
 can be done if someone else has write access to your public keyring.
 </para></listitem></varlistentry>
-<varlistentry>

+<varlistentry>
 <term>--no-sig-create-check</term>
 <listitem><para>
 GnuPG normally verifies each signature right after creation to protect
@ -1187,6 +1187,7 @@ However, due to the fact that the signature creation needs manual
 interaction, this performance penalty does not matter in most settings.
 </para></listitem></varlistentry>

+<varlistentry>
 <term>--no-auto-check-trustdb</term>
 <listitem><para>
 If GnuPG feels that its information about the Web-of-Trust has to be
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -316,23 +316,40 @@ not be expected to successfully import such a key.
@itemx ---fast-import @code{files}
 Import/merge keys. This adds the given keys to the
 keyring.
-The fast version does not build
+The fast version does not update
 the trustdb; this can be done at any time with the
 command ---update-trustdb.

 There are a few other options which control how this command works.
 Most notable here is the ---merge-only option which does not insert new keys
 but does only the merging of new signatures, user-IDs and subkeys.
-See also the option ---allow-secret-key-import.

@item ---recv-keys @code{key IDs}
 Import the keys with the given key IDs from a HKP
 keyserver. Option ---keyserver must be used to
 give the name of this keyserver.

-@item ---export-ownertrust
-List the assigned ownertrust values in ASCII format
-for backup purposes.
+@item ---recv-keys @code{key IDs}
+Import the keys with the given key IDs from a HKP
+keyserver. Option ---keyserver must be used to
+give the name of this keyserver.
+
+@item ---update-trustdb
+Do trust DB maintenance. This command goes over all keys and builds
+the Web-of-Trust. This is an intercative command because it may has to
+ask for the "ownertrust" values of keys. The user has to give an
+estimation in how far she trusts the owner of the displayed key to
+correctly certify (sign) other keys. It does only ask for that value
+if it has not yet been assigned to a key. Using the edit menu, that
+value can be changed at any time later.
+
+@item ---check-trustdb
+Do trust DB maintenance without user interaction. Form time to time
+the trust database must be updated so that expired keys and resulting
+changes in the Web-of_trust can be tracked. GnuPG tries to figure
+when this is required and then does it implicitly; this command can be
+used to force such a check. The processing is identically to that of
+---update-trustdb but it skips keys with a not yet defined "ownertrust".

@item ---import-ownertrust @code{files}
 Update the trustdb with the ownertrust values stored
@ -703,6 +720,12 @@ for DSA keys), and so this option can be used to disable it.
 However, due to the fact that the signature creation needs manual
 interaction, this performance penalty does not matter in most settings.

+@item ---no-auto-check-trustdb
+If GnuPG feels that its information about the Web-of-Trust has to be
+updated, it automatically runs the ---check-trustdb command 
+internally. As this is a time consuming process, this option allow to
+disable the automatic invocation.
+
@item ---throw-keyid
 Do not put the keyid into encrypted packets. This option
 hides the receiver of the message and is a countermeasure
@ -905,9 +928,7 @@ handing out the secret key.
 Don't insert new keys into the keyrings while doing an import.

@item ---allow-secret-key-import
-Allow import of secret keys. The import command normally skips secret
-keys because a secret key can otherwise be used to attack the trust
-calculation.
+This is an obsolete option and is not used anywhere.

@item ---try-all-secrets
 Don't look at the key ID as stored in the message but try all secret keys in
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,11 @@
+2001-09-28  Werner Koch  <wk@gnupg.org>
+
+	* tdbio.c (migrate_from_v2): Check return code of tbdio_sync.
+
+	* tdbdump.c (import_ownertrust): Do a tdbio_sync().
+
+	* keyring.c: Made the offtbl an global object.
+
 2001-09-27  Werner Koch  <wk@gnupg.org>

 	* pkclist.c (do_edit_ownertrust): Allow settin of ultimate trust.
--- a/g10/keyring.c
+++ b/g10/keyring.c
@ -35,10 +35,14 @@
 #include "main.h" /*for check_key_signature()*/
 #include "i18n.h"

+/* off_item is a funny named for an object used to keep track of known
+ * keys.  The idea was to use the offset to seek to the known keyblock, but
+ * this is not possible if more than one process is using the keyring.
+ */
 struct off_item {
  struct off_item *next;
  u32 kid[2];
-  off_t off;
+  /*off_t off;*/
 };

 typedef struct off_item **OffsetHashTable; 
@ -48,8 +52,6 @@ typedef struct keyring_name *KR_NAME;
 struct keyring_name {
  struct keyring_name *next;
  int secret;
-  OffsetHashTable offtbl;
-  int offtbl_ready;
  DOTLOCK lockhd;
  int is_locked;
  char fname[1];
@ -59,6 +61,9 @@ typedef struct keyring_name const * CONST_KR_NAME;
 static KR_NAME kr_names;
 static int active_handles;

+static OffsetHashTable kr_offtbl;
+static int kr_offtbl_ready;
+

 struct keyring_handle {
  int secret; /* this is for a secret keyring */
@ -119,6 +124,7 @@ new_offset_hash_table (void)
  return tbl;
 }

+#if 0
 static void
 release_offset_hash_table (OffsetHashTable tbl)
 {
@ -130,6 +136,7 @@ release_offset_hash_table (OffsetHashTable tbl)
    release_offset_items (tbl[i]);
  m_free (tbl);
 }
+#endif

 static struct off_item *
 lookup_offset_hash_table (OffsetHashTable tbl, u32 *kid)
@ -151,7 +158,7 @@ update_offset_hash_table (OffsetHashTable tbl, u32 *kid, off_t off)
    {
      if (k->kid[0] == kid[0] && k->kid[1] == kid[1]) 
        {
-          k->off = off;
+          /*k->off = off;*/
          return;
        }
    }
@ -159,7 +166,7 @@ update_offset_hash_table (OffsetHashTable tbl, u32 *kid, off_t off)
  k = new_offset_item ();
  k->kid[0] = kid[0];
  k->kid[1] = kid[1];
-  k->off = off;
+  /*k->off = off;*/
  k->next = tbl[(kid[1] & 0x07ff)];
  tbl[(kid[1] & 0x07ff)] = k;
 }
@ -201,12 +208,14 @@ keyring_register_filename (const char *fname, int secret)
    kr = m_alloc (sizeof *kr + strlen (fname));
    strcpy (kr->fname, fname);
    kr->secret = !!secret;
-    kr->offtbl = new_offset_hash_table ();
-    kr->offtbl_ready = 0;
    kr->lockhd = NULL;
    kr->is_locked = 0;
    kr->next = kr_names;
    kr_names = kr;
+
+    /* create the offset table the first time a function here is used */
+    if (!kr_offtbl)
+      kr_offtbl = new_offset_hash_table ();
 }


@ -479,11 +488,9 @@ keyring_update_keyblock (KEYRING_HANDLE hd, KBNODE kb)
    rc = do_copy (3, hd->found.kr->fname, kb, hd->secret,
                  hd->found.offset, hd->found.n_packets );
    if (!rc) {
-      if (hd->current.kr && hd->current.kr->offtbl)
+      if (!hd->secret && kr_offtbl)
        {
-          /* we do not have the offset but as it is not use it does not
-           * matter*/
-          update_offset_hash_table_from_kb (hd->current.kr->offtbl, kb, 0);
+          update_offset_hash_table_from_kb (kr_offtbl, kb, 0);
        }
      /* better reset the found info */
      hd->found.kr = NULL;
@ -521,10 +528,9 @@ keyring_insert_keyblock (KEYRING_HANDLE hd, KBNODE kb)

    /* do the insert */
    rc = do_copy (1, fname, kb, hd->secret, 0, 0 );
-    if (!rc && hd->current.kr && hd->current.kr->offtbl)
+    if (!rc && !hd->secret && kr_offtbl)
      {
-        /* we do not have the offset but as it is not use it does not matter*/
-        update_offset_hash_table_from_kb (hd->current.kr->offtbl, kb, 0);
+        update_offset_hash_table_from_kb (kr_offtbl, kb, 0);
      }
      
    return rc;
@ -835,11 +841,10 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
    int need_uid, need_words, need_keyid, need_fpr, any_skip;
    int pk_no, uid_no;
    int initial_skip;
+    int use_offtbl;
    PKT_user_id *uid = NULL;
    PKT_public_key *pk = NULL;
    PKT_secret_key *sk = NULL;
-    OffsetHashTable offtbl;
-    int offtbl_ready;

    /* figure out what information we need */
    need_uid = need_words = need_keyid = need_fpr = any_skip = 0;
@ -881,17 +886,16 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
    if (rc)
        return rc;

-    offtbl = hd->secret? NULL:hd->current.kr->offtbl;
-    offtbl_ready = hd->current.kr->offtbl_ready;
-    if (!offtbl)
+    use_offtbl = !hd->secret && kr_offtbl;
+    if (!use_offtbl)
      ;
-    else if (!offtbl_ready)
+    else if (!kr_offtbl_ready)
      need_keyid = 1;
    else if (ndesc == 1 && desc[0].mode == KEYDB_SEARCH_MODE_LONG_KID)
      {
        struct off_item *oi;
            
-        oi = lookup_offset_hash_table (offtbl, desc[0].u.kid);
+        oi = lookup_offset_hash_table (kr_offtbl, desc[0].u.kid);
        if (!oi)
          { /* We know that we don't have this key */
            hd->found.kr = NULL;
@ -958,8 +962,8 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
            if (need_keyid)
                keyid_from_pk (pk, aki);

-            if (offtbl && !offtbl_ready)
-              update_offset_hash_table (offtbl, aki, main_offset);
+            if (use_offtbl && !kr_offtbl_ready)
+              update_offset_hash_table (kr_offtbl, aki, main_offset);
        }
 	else if (pkt.pkttype == PKT_USER_ID) {
            uid = pkt.pkt.user_id;
@ -1052,7 +1056,8 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
        hd->current.eof = 1;
        /* if we scanned the entire keyring, we are sure that
         * all known key IDs are in our offtbl, mark that. */
-        hd->current.kr->offtbl_ready = 1;
+        if (use_offtbl)
+          kr_offtbl_ready = 1;
      }
    else 
        hd->current.error = rc;
--- a/g10/tdbdump.c
+++ b/g10/tdbdump.c
@ -128,6 +128,7 @@ import_ownertrust( const char *fname )
    unsigned int otrust;
    byte fpr[20];
    int any = 0;
+    int rc;

    init_trustdb();
    if( !fname || (*fname == '-' && !fname[1]) ) {
@ -142,7 +143,6 @@ import_ownertrust( const char *fname )

    while( fgets( line, DIM(line)-1, fp ) ) {
 	TRUSTREC rec;
-	int rc;

 	if( !*line || *line == '#' )
 	    continue;
@ -210,6 +210,13 @@ import_ownertrust( const char *fname )
 	fclose(fp);
    
    if (any)
+      {
        revalidation_mark ();
+        rc = tdbio_sync ();
+        if (rc)
+          log_error (_("trustdb: sync failed: %s\n"), g10_errstr(rc) );
      }
    
+}
+
+
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@ -1455,7 +1455,7 @@ migrate_from_v2 ()
  int ottable_size, ottable_used;
  byte oldbuf[40];
  ulong recno;
-  int count;
+  int rc, count;

  ottable_size = 5;
  ottable = m_alloc (ottable_size * sizeof *ottable);
@ -1555,7 +1555,9 @@ migrate_from_v2 ()
    }

  revalidation_mark ();
-  tdbio_sync ();
+  rc = tdbio_sync ();
+  if (rc)
+    log_fatal ("failed to sync `%s'\n", db_name);
  log_info ("migrated %d version 2 ownertrusts\n", count);
  m_free (ottable);
 }