security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-12 22:11:29 +02:00
Code Activity

gpg: Remove useless variable in validate_keys.

Browse Source 
* g10/trustdb.c (store_validation_status): Remove arg  'stored'.
(validate_keys): Remove keyhashtable 'stored' which was never used.
--

This has been here since 2003.  The variable was never evaluated -
only stored.

Also added some comments.
This commit is contained in:
Werner Koch 2024-09-25 14:04:59 +02:00
parent 79ad6a8b43
commit c59eeda3c4
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 35 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
g10/trustdb.c
View File

@ -1094,7 +1094,7 @@ update_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
trec.rectype = RECTYPE_TRUST; trec.rectype = RECTYPE_TRUST;
fpr20_from_pk (pk, trec.r.trust.fingerprint); fpr20_from_pk (pk, trec.r.trust.fingerprint);
trec.r.trust.ownertrust = 0; trec.r.trust.ownertrust = 0;
} }
/* locate an existing one */ /* locate an existing one */
recno = trec.r.trust.validlist; recno = trec.r.trust.validlist;
@ -1644,11 +1644,12 @@ dump_key_array (int depth, struct key_array *keys)
} }
/* Store the validation status as given by the node flags of the
* KEYBLOCK in the trustdb. */
static void static void
store_validation_status (ctrl_t ctrl, int depth, store_validation_status (ctrl_t ctrl, int depth, kbnode_t keyblock)
kbnode_t keyblock, KeyHashTable stored)
{ {
KBNODE node; kbnode_t node;
int status; int status;
int any = 0; int any = 0;
@ -1657,6 +1658,7 @@ store_validation_status (ctrl_t ctrl, int depth,
if (node->pkt->pkttype == PKT_USER_ID) if (node->pkt->pkttype == PKT_USER_ID)
{ {
PKT_user_id *uid = node->pkt->pkt.user_id; PKT_user_id *uid = node->pkt->pkt.user_id;
if (node->flag & 4) if (node->flag & 4)
status = TRUST_FULLY; status = TRUST_FULLY;
else if (node->flag & 2) else if (node->flag & 2)
@ -1670,9 +1672,6 @@ store_validation_status (ctrl_t ctrl, int depth,
{ {
update_validity (ctrl, keyblock->pkt->pkt.public_key, update_validity (ctrl, keyblock->pkt->pkt.public_key,
uid, depth, status); uid, depth, status);
mark_keyblock_seen(stored,keyblock);
any = 1; any = 1;
} }
} }
@ -1794,7 +1793,7 @@ check_regexp (const char *expr,const char *string)
} }
/* /* This implements steps 6 as described for validate_keys.
* Return true if the key is signed by one of the keys in the given * Return true if the key is signed by one of the keys in the given
* key ID list. User IDs with a valid signature are marked by node * key ID list. User IDs with a valid signature are marked by node
* flags as follows: * flags as follows:
@ -1979,12 +1978,13 @@ search_skipfnc (void *opaque, u32 *kid, int dummy_uid_no)
} }
/* /* This implements steps 4 to 7 as described for validate_keys.
*
* Scan all keys and return a key_array of all suitable keys from * Scan all keys and return a key_array of all suitable keys from
* klist. The caller has to pass keydb handle so that we don't use * klist. The caller has to pass keydb handle so that we don't need
* to create our own. Returns either a key_array or NULL in case of * to create our own. Returns either a key_array or NULL in case of
* an error. No results found are indicated by an empty array. * an error. No results found are indicated by an empty array.
* Caller hast to release the returned array. * Caller has to release the returned array.
*/ */
static struct key_array * static struct key_array *
validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust, validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust,
@ -1996,7 +1996,7 @@ validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust,
int rc; int rc;
KEYDB_SEARCH_DESC desc; KEYDB_SEARCH_DESC desc;
maxkeys = 1000; maxkeys = 1000; /* Initially allocate space for 1000 keys. */
keys = xmalloc ((maxkeys+1) * sizeof *keys); keys = xmalloc ((maxkeys+1) * sizeof *keys);
nkeys = 0; nkeys = 0;
@ -2051,13 +2051,16 @@ validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust,
pk = keyblock->pkt->pkt.public_key; pk = keyblock->pkt->pkt.public_key;
if (pk->has_expired || pk->flags.revoked) if (pk->has_expired || pk->flags.revoked)
{ {
/* it does not make sense to look further at those keys */ /* Step 5: Mark revoked and expired keys.
* (it does not make sense to look further at those keys.) */
mark_keyblock_seen (full_trust, keyblock); mark_keyblock_seen (full_trust, keyblock);
} }
else if (validate_one_keyblock (ctrl, keyblock, klist, else if (validate_one_keyblock (ctrl, keyblock, klist,
curtime, next_expire)) curtime, next_expire))
{ {
KBNODE node; /* Step 6 has been done by validate_one_keyblock. This here
* is step 7. */
kbnode_t node;
if (pk->expiredate && pk->expiredate >= curtime if (pk->expiredate && pk->expiredate >= curtime
&& pk->expiredate < *next_expire) && pk->expiredate < *next_expire)
@ -2152,7 +2155,7 @@ reset_trust_records (ctrl_t ctrl)
* This works this way: * This works this way:
* Step 1: Find all ultimately trusted keys (UTK). * Step 1: Find all ultimately trusted keys (UTK).
* mark them all as seen and put them into klist. * mark them all as seen and put them into klist.
* Step 2: loop max_cert_times * Step 2: loop max_cert_depth
* Step 3: if OWNERTRUST of any key in klist is undefined * Step 3: if OWNERTRUST of any key in klist is undefined
* ask user to assign ownertrust * ask user to assign ownertrust
* Step 4: Loop over all keys in the keyDB which are not marked seen * Step 4: Loop over all keys in the keyDB which are not marked seen
@ -2183,7 +2186,7 @@ validate_keys (ctrl_t ctrl, int interactive)
KBNODE node; KBNODE node;
int depth; int depth;
int ot_unknown, ot_undefined, ot_never, ot_marginal, ot_full, ot_ultimate; int ot_unknown, ot_undefined, ot_never, ot_marginal, ot_full, ot_ultimate;
KeyHashTable stored,used,full_trust; KeyHashTable used, full_trust;
u32 start_time, next_expire; u32 start_time, next_expire;
/* Make sure we have all sigs cached. TODO: This is going to /* Make sure we have all sigs cached. TODO: This is going to
@ -2199,12 +2202,12 @@ validate_keys (ctrl_t ctrl, int interactive)
start_time = make_timestamp (); start_time = make_timestamp ();
next_expire = 0xffffffff; /* set next expire to the year 2106 */ next_expire = 0xffffffff; /* set next expire to the year 2106 */
stored = new_key_hash_table ();
used = new_key_hash_table (); used = new_key_hash_table ();
full_trust = new_key_hash_table (); full_trust = new_key_hash_table ();
reset_trust_records (ctrl); reset_trust_records (ctrl);
/* Step 1 */
/* Fixme: Instead of always building a UTK list, we could just build it /* Fixme: Instead of always building a UTK list, we could just build it
* here when needed */ * here when needed */
if (!utk_list) if (!utk_list)
@ -2224,14 +2227,13 @@ validate_keys (ctrl_t ctrl, int interactive)
keyblock = get_pubkeyblock (ctrl, k->kid); keyblock = get_pubkeyblock (ctrl, k->kid);
if (!keyblock) if (!keyblock)
{ {
log_error (_("public key of ultimately" log_error (_("Note: ultimately trusted key %s not found\n"),
" trusted key %s not found\n"), keystr(k->kid)); keystr(k->kid));
continue; continue;
} }
mark_keyblock_seen (used, keyblock);
mark_keyblock_seen (stored, keyblock);
mark_keyblock_seen (full_trust, keyblock);
pk = keyblock->pkt->pkt.public_key; pk = keyblock->pkt->pkt.public_key;
mark_keyblock_seen (used, keyblock);
mark_keyblock_seen (full_trust, keyblock);
for (node=keyblock; node; node = node->next) for (node=keyblock; node; node = node->next)
{ {
if (node->pkt->pkttype == PKT_USER_ID) if (node->pkt->pkttype == PKT_USER_ID)
@ -2246,9 +2248,9 @@ validate_keys (ctrl_t ctrl, int interactive)
do_sync (); do_sync ();
} }
/* In the TOFU trust model, we only need to save the ultimately
trusted keys. */
if (opt.trust_model == TM_TOFU) if (opt.trust_model == TM_TOFU)
/* In the TOFU trust model, we only need to save the ultimately
trusted keys. */
goto leave; goto leave;
klist = utk_list; klist = utk_list;
@ -2258,11 +2260,14 @@ validate_keys (ctrl_t ctrl, int interactive)
opt.marginals_needed, opt.completes_needed, opt.marginals_needed, opt.completes_needed,
trust_model_string (opt.trust_model)); trust_model_string (opt.trust_model));
/* Step 2 */
for (depth=0; depth < opt.max_cert_depth; depth++) for (depth=0; depth < opt.max_cert_depth; depth++)
{ {
int valids=0,key_count; int valids = 0;
/* See whether we should assign ownertrust values to the keys in int key_count;
klist. */
/* Step 3: See whether we should assign ownertrust values to the
* keys in klist. */
ot_unknown = ot_undefined = ot_never = 0; ot_unknown = ot_undefined = ot_never = 0;
ot_marginal = ot_full = ot_ultimate = 0; ot_marginal = ot_full = ot_ultimate = 0;
for (k=klist; k; k = k->next) for (k=klist; k; k = k->next)
@ -2321,7 +2326,7 @@ validate_keys (ctrl_t ctrl, int interactive)
valids++; valids++;
} }
/* Find all keys which are signed by a key in kdlist */ /* Step 4: Find all keys which are signed by a key in kdlist */
keys = validate_key_list (ctrl, kdb, full_trust, klist, keys = validate_key_list (ctrl, kdb, full_trust, klist,
start_time, &next_expire); start_time, &next_expire);
if (!keys) if (!keys)
@ -2339,7 +2344,7 @@ validate_keys (ctrl_t ctrl, int interactive)
dump_key_array (depth, keys); dump_key_array (depth, keys);
for (kar=keys; kar->keyblock; kar++) for (kar=keys; kar->keyblock; kar++)
store_validation_status (ctrl, depth, kar->keyblock, stored); store_validation_status (ctrl, depth, kar->keyblock);
if (!opt.quiet) if (!opt.quiet)
log_info (_("depth: %d valid: %3d signed: %3d" log_info (_("depth: %d valid: %3d signed: %3d"
@ -2347,7 +2352,7 @@ validate_keys (ctrl_t ctrl, int interactive)
depth, valids, key_count, ot_unknown, ot_undefined, depth, valids, key_count, ot_unknown, ot_undefined,
ot_never, ot_marginal, ot_full, ot_ultimate ); ot_never, ot_marginal, ot_full, ot_ultimate );
/* Build a new kdlist from all fully valid keys in KEYS */ /* Step 8: Build a new kdlist from all fully valid keys in KEYS */
if (klist != utk_list) if (klist != utk_list)
release_key_items (klist); release_key_items (klist);
klist = NULL; klist = NULL;
@ -2405,7 +2410,6 @@ validate_keys (ctrl_t ctrl, int interactive)
release_key_items (klist); release_key_items (klist);
release_key_hash_table (full_trust); release_key_hash_table (full_trust);
release_key_hash_table (used); release_key_hash_table (used);
release_key_hash_table (stored);
if (!rc && !quit) /* mark trustDB as checked */ if (!rc && !quit) /* mark trustDB as checked */
{ {
int rc2; int rc2;