gpg: Extend TRUST_foo status lines with the trust model.

* g10/trustdb.h (TRUST_FLAG_TOFU_BASED): New. * g10/trustdb.c (trust_model_string): Lowercase the strings. Add arg "model" and change callers to call with OPT.TRUST_MODEL. * g10/tofu.c (tofu_wot_trust_combine): Set TRUST_FLAG_TOFU_BASED. * g10/pkclist.c (write_trust_status): New. (check_signatures_trust): Call new function. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-01-21 14:47:03 +01:00 · 2016-05-02 19:10:59 +02:00 · 2016-05-02 19:10:59 +02:00 · ae1889320b
commit ae1889320b
parent 5cef611858
4 changed files with 58 additions and 24 deletions
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -505,6 +505,22 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
 }


+/* Write a TRUST_foo status line inclduing the validation model.  */
+static void
+write_trust_status (int statuscode, int trustlevel)
+{
+  int tm;
+
+  /* For the combined tofu+pgp method, we return the trust model which
+   * was responsible for the trustlevel.  */
+  if (opt.trust_model == TM_TOFU_PGP)
+    tm = (trustlevel & TRUST_FLAG_TOFU_BASED)? TM_TOFU : TM_PGP;
+  else
+    tm = opt.trust_model;
+  write_status_strings (statuscode, "0 ", trust_model_string (tm), NULL);
+}
+
+
 /****************
 * Check whether we can trust this signature.
 * Returns an error code if we should not trust this signature.
@ -626,7 +642,7 @@ check_signatures_trust( PKT_signature *sig )
      /* fall thru */
    case TRUST_UNKNOWN:
    case TRUST_UNDEFINED:
-      write_status( STATUS_TRUST_UNDEFINED );
+      write_trust_status (STATUS_TRUST_UNDEFINED, trustlevel);
      log_info(_("WARNING: This key is not certified with"
                 " a trusted signature!\n"));
      log_info(_("         There is no indication that the "
@ -636,7 +652,7 @@ check_signatures_trust( PKT_signature *sig )

    case TRUST_NEVER:
      /* currently we won't get that status */
-      write_status( STATUS_TRUST_NEVER );
+      write_trust_status (STATUS_TRUST_NEVER, trustlevel);
      log_info(_("WARNING: We do NOT trust this key!\n"));
      log_info(_("         The signature is probably a FORGERY.\n"));
      if (opt.with_fingerprint)
@ -645,7 +661,7 @@ check_signatures_trust( PKT_signature *sig )
      break;

    case TRUST_MARGINAL:
-      write_status( STATUS_TRUST_MARGINAL );
+      write_trust_status (STATUS_TRUST_MARGINAL, trustlevel);
      log_info(_("WARNING: This key is not certified with"
                 " sufficiently trusted signatures!\n"));
      log_info(_("         It is not certain that the"
@ -654,13 +670,13 @@ check_signatures_trust( PKT_signature *sig )
      break;

    case TRUST_FULLY:
-      write_status( STATUS_TRUST_FULLY );
+      write_trust_status (STATUS_TRUST_FULLY, trustlevel);
      if (opt.with_fingerprint)
        print_fingerprint (NULL, pk, 1);
      break;

    case TRUST_ULTIMATE:
-      write_status( STATUS_TRUST_ULTIMATE );
+      write_trust_status (STATUS_TRUST_ULTIMATE, trustlevel);
      if (opt.with_fingerprint)
        print_fingerprint (NULL, pk, 1);
      break;
--- a/g10/tofu.c
+++ b/g10/tofu.c
@ -2795,17 +2795,30 @@ tofu_wot_trust_combine (int tofu_base, int wot_base)

  /* Now we only have positive or neutral trust policies.  We take
     the max.  */
-  if (tofu == TRUST_ULTIMATE || wot == TRUST_ULTIMATE)
+  if (tofu == TRUST_ULTIMATE)
+    return upper | TRUST_ULTIMATE | TRUST_FLAG_TOFU_BASED;
+  if (wot == TRUST_ULTIMATE)
    return upper | TRUST_ULTIMATE;
-  if (tofu == TRUST_FULLY || wot == TRUST_FULLY)
+
+  if (tofu == TRUST_FULLY)
+    return upper | TRUST_FULLY | TRUST_FLAG_TOFU_BASED;
+  if (wot == TRUST_FULLY)
    return upper | TRUST_FULLY;
-  if (tofu == TRUST_MARGINAL || wot == TRUST_MARGINAL)
+
+  if (tofu == TRUST_MARGINAL)
+    return upper | TRUST_MARGINAL | TRUST_FLAG_TOFU_BASED;
+  if (wot == TRUST_MARGINAL)
    return upper | TRUST_MARGINAL;
-  if (tofu == TRUST_UNDEFINED || wot == TRUST_UNDEFINED)
+
+  if (tofu == TRUST_UNDEFINED)
+    return upper | TRUST_UNDEFINED | TRUST_FLAG_TOFU_BASED;
+  if (wot == TRUST_UNDEFINED)
    return upper | TRUST_UNDEFINED;
+
  return upper | TRUST_UNKNOWN;
 }

+
 /* Return the validity (TRUST_NEVER, etc.) of the binding
   <FINGERPRINT, USER_ID>.

--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -378,16 +378,16 @@ do_sync(void)
      }
 }

-static const char *
-trust_model_string(void)
+const char *
+trust_model_string (int model)
 {
-  switch(opt.trust_model)
+  switch (model)
    {
    case TM_CLASSIC:  return "classic";
-    case TM_PGP:      return "PGP";
+    case TM_PGP:      return "pgp";
    case TM_EXTERNAL: return "external";
-    case TM_TOFU:     return "TOFU";
-    case TM_TOFU_PGP: return "TOFU+PGP";
+    case TM_TOFU:     return "tofu";
+    case TM_TOFU_PGP: return "tofu+pgp";
    case TM_ALWAYS:   return "always";
    case TM_DIRECT:   return "direct";
    default:          return "unknown";
@ -470,7 +470,8 @@ init_trustdb ()
 	}

      if(opt.verbose)
-	log_info(_("using %s trust model\n"),trust_model_string());
+	log_info(_("using %s trust model\n"),
+                 trust_model_string (opt.trust_model));
    }

  if (opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC
@ -522,7 +523,7 @@ check_trustdb ()
    }
  else
    log_info (_("no need for a trustdb check with '%s' trust model\n"),
-	      trust_model_string());
+	      trust_model_string(opt.trust_model));
 }


@ -538,7 +539,7 @@ update_trustdb()
    validate_keys (1);
  else
    log_info (_("no need for a trustdb update with '%s' trust model\n"),
-	      trust_model_string());
+	      trust_model_string(opt.trust_model));
 }

 void
@ -1963,7 +1964,8 @@ validate_keys (int interactive)

  if (!opt.quiet)
    log_info ("marginals needed: %d  completes needed: %d  trust model: %s\n",
-              opt.marginals_needed, opt.completes_needed, trust_model_string());
+              opt.marginals_needed, opt.completes_needed,
+              trust_model_string (opt.trust_model));

  for (depth=0; depth < opt.max_cert_depth; depth++)
    {
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@ -21,7 +21,7 @@
 #ifndef G10_TRUSTDB_H
 #define G10_TRUSTDB_H

-/* Trust values must be sorted in ascending order */
+/* Trust values must be sorted in ascending order! */
 #define TRUST_MASK	 15
 #define TRUST_UNKNOWN	  0  /* o: not yet calculated/assigned */
 #define TRUST_EXPIRED	  1  /* e: calculation may be invalid */
@ -30,11 +30,13 @@
 #define TRUST_MARGINAL	  4  /* m: marginally trusted */
 #define TRUST_FULLY	  5  /* f: fully trusted      */
 #define TRUST_ULTIMATE	  6  /* u: ultimately trusted */
-/* trust values not covered by the mask */
+/* Trust values not covered by the mask. */
 #define TRUST_FLAG_REVOKED        32 /* r: revoked */
 #define TRUST_FLAG_SUB_REVOKED    64 /* r: revoked but for subkeys */
 #define TRUST_FLAG_DISABLED      128 /* d: key/uid disabled */
 #define TRUST_FLAG_PENDING_CHECK 256 /* a check-trustdb is pending */
+#define TRUST_FLAG_TOFU_BASED    512 /* The trust value is based on
+                                      * the TOFU information.  */

 /* Private value used in tofu.c - must be different from the trust
   values.  */
@ -117,6 +119,7 @@ void check_trustdb (void);
 void update_trustdb (void);
 int setup_trustdb( int level, const char *dbname );
 void how_to_fix_the_trustdb (void);
+const char *trust_model_string (int model);
 void init_trustdb( void );
 void tdb_check_trustdb_stale (void);
 void sync_trustdb( void );