mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
* keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,
menu_expire, menu_revsig, menu_revkey): Only force a trustdb check if we did something that changes it. * g10.c: add "--auto-check-trustdb" to override a "--no-auto-check-trustdb"
This commit is contained in:
parent
a2c677c829
commit
cc7fb43ac3
@ -1,3 +1,12 @@
|
|||||||
|
2002-04-19 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,
|
||||||
|
menu_expire, menu_revsig, menu_revkey): Only force a trustdb check
|
||||||
|
if we did something that changes it.
|
||||||
|
|
||||||
|
* g10.c: add "--auto-check-trustdb" to override a
|
||||||
|
"--no-auto-check-trustdb"
|
||||||
|
|
||||||
2002-04-19 Werner Koch <wk@gnupg.org>
|
2002-04-19 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* tdbio.c (tdbio_write_nextcheck): Return a status whether the
|
* tdbio.c (tdbio_write_nextcheck): Return a status whether the
|
||||||
|
@ -268,6 +268,7 @@ enum cmd_and_opt_values { aNull = 0,
|
|||||||
oFixedListMode,
|
oFixedListMode,
|
||||||
oNoSigCache,
|
oNoSigCache,
|
||||||
oNoSigCreateCheck,
|
oNoSigCreateCheck,
|
||||||
|
oAutoCheckTrustDB,
|
||||||
oNoAutoCheckTrustDB,
|
oNoAutoCheckTrustDB,
|
||||||
oPreservePermissions,
|
oPreservePermissions,
|
||||||
oPreferenceList,
|
oPreferenceList,
|
||||||
@ -523,6 +524,7 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ oNoAutoKeyRetrieve, "no-auto-key-retrieve", 0, "@" },
|
{ oNoAutoKeyRetrieve, "no-auto-key-retrieve", 0, "@" },
|
||||||
{ oNoSigCache, "no-sig-cache", 0, "@" },
|
{ oNoSigCache, "no-sig-cache", 0, "@" },
|
||||||
{ oNoSigCreateCheck, "no-sig-create-check", 0, "@" },
|
{ oNoSigCreateCheck, "no-sig-create-check", 0, "@" },
|
||||||
|
{ oAutoCheckTrustDB, "auto-check-trustdb", 0, "@"},
|
||||||
{ oNoAutoCheckTrustDB, "no-auto-check-trustdb", 0, "@"},
|
{ oNoAutoCheckTrustDB, "no-auto-check-trustdb", 0, "@"},
|
||||||
{ oMergeOnly, "merge-only", 0, "@" },
|
{ oMergeOnly, "merge-only", 0, "@" },
|
||||||
{ oAllowSecretKeyImport, "allow-secret-key-import", 0, "@" },
|
{ oAllowSecretKeyImport, "allow-secret-key-import", 0, "@" },
|
||||||
@ -1271,6 +1273,7 @@ main( int argc, char **argv )
|
|||||||
iobuf_enable_special_filenames (1);
|
iobuf_enable_special_filenames (1);
|
||||||
break;
|
break;
|
||||||
case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break;
|
case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break;
|
||||||
|
case oAutoCheckTrustDB: opt.no_auto_check_trustdb=0; break;
|
||||||
case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break;
|
case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break;
|
||||||
case oPreservePermissions: opt.preserve_permissions=1; break;
|
case oPreservePermissions: opt.preserve_permissions=1; break;
|
||||||
case oPreferenceList: preference_list = pargs.r.ret_str; break;
|
case oPreferenceList: preference_list = pargs.r.ret_str; break;
|
||||||
|
@ -65,6 +65,8 @@ static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
|
|||||||
static int enable_disable_key( KBNODE keyblock, int disable );
|
static int enable_disable_key( KBNODE keyblock, int disable );
|
||||||
static void menu_showphoto( KBNODE keyblock );
|
static void menu_showphoto( KBNODE keyblock );
|
||||||
|
|
||||||
|
static int update_trust=0;
|
||||||
|
|
||||||
#define CONTROL_D ('D' - 'A' + 1)
|
#define CONTROL_D ('D' - 'A' + 1)
|
||||||
|
|
||||||
#define NODFLG_BADSIG (1<<0) /* bad signature */
|
#define NODFLG_BADSIG (1<<0) /* bad signature */
|
||||||
@ -274,7 +276,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
|||||||
KBNODE node, uidnode;
|
KBNODE node, uidnode;
|
||||||
PKT_public_key *primary_pk=NULL;
|
PKT_public_key *primary_pk=NULL;
|
||||||
int select_all = !count_selected_uids(keyblock);
|
int select_all = !count_selected_uids(keyblock);
|
||||||
int upd_trust = 0, force_v4=0, all_v3=1;
|
int force_v4=0, all_v3=1;
|
||||||
|
|
||||||
/* Are there any non-v3 sigs on this key already? */
|
/* Are there any non-v3 sigs on this key already? */
|
||||||
if(opt.pgp2)
|
if(opt.pgp2)
|
||||||
@ -596,7 +598,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
|||||||
}
|
}
|
||||||
|
|
||||||
*ret_modified = 1; /* we changed the keyblock */
|
*ret_modified = 1; /* we changed the keyblock */
|
||||||
upd_trust = 1;
|
update_trust = 1;
|
||||||
|
|
||||||
pkt = m_alloc_clear( sizeof *pkt );
|
pkt = m_alloc_clear( sizeof *pkt );
|
||||||
pkt->pkttype = PKT_SIGNATURE;
|
pkt->pkttype = PKT_SIGNATURE;
|
||||||
@ -611,9 +613,6 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
|||||||
if( node->flag & NODFLG_DELSIG)
|
if( node->flag & NODFLG_DELSIG)
|
||||||
delete_kbnode(node);
|
delete_kbnode(node);
|
||||||
} /* end loop over signators */
|
} /* end loop over signators */
|
||||||
if (upd_trust)
|
|
||||||
revalidation_mark ();
|
|
||||||
|
|
||||||
|
|
||||||
leave:
|
leave:
|
||||||
release_sk_list( sk_list );
|
release_sk_list( sk_list );
|
||||||
@ -1217,7 +1216,10 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
|
|||||||
if( edit_ownertrust( find_kbnode( keyblock,
|
if( edit_ownertrust( find_kbnode( keyblock,
|
||||||
PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
|
PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
|
||||||
redisplay = 1;
|
redisplay = 1;
|
||||||
revalidation_mark ();
|
/* No real need to set update_trust here as
|
||||||
|
edit_ownertrust() calls revalidation_mark()
|
||||||
|
anyway. */
|
||||||
|
update_trust=1;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
@ -1311,10 +1313,11 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
|
|||||||
else
|
else
|
||||||
tty_printf(_("Key not changed so no update needed.\n"));
|
tty_printf(_("Key not changed so no update needed.\n"));
|
||||||
|
|
||||||
/* TODO: we should keep track whether we have changed
|
if( update_trust )
|
||||||
* something relevant to the trustdb */
|
{
|
||||||
if( !(!modified && sign_mode) )
|
|
||||||
revalidation_mark ();
|
revalidation_mark ();
|
||||||
|
update_trust=0;
|
||||||
|
}
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
case cmdINVCMD:
|
case cmdINVCMD:
|
||||||
@ -1756,6 +1759,7 @@ menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
|||||||
selected = node->flag & NODFLG_SELUID;
|
selected = node->flag & NODFLG_SELUID;
|
||||||
if( selected ) {
|
if( selected ) {
|
||||||
delete_kbnode( node );
|
delete_kbnode( node );
|
||||||
|
update_trust=1;
|
||||||
if( sec_keyblock ) {
|
if( sec_keyblock ) {
|
||||||
KBNODE snode;
|
KBNODE snode;
|
||||||
int s_selected = 0;
|
int s_selected = 0;
|
||||||
@ -1813,10 +1817,16 @@ menu_delsig( KBNODE pub_keyblock )
|
|||||||
&inv_sig, &no_key, &other_err,
|
&inv_sig, &no_key, &other_err,
|
||||||
&selfsig, 1 );
|
&selfsig, 1 );
|
||||||
|
|
||||||
if( valid )
|
if( valid ) {
|
||||||
okay = cpr_get_answer_yes_no_quit(
|
okay = cpr_get_answer_yes_no_quit(
|
||||||
"keyedit.delsig.valid",
|
"keyedit.delsig.valid",
|
||||||
_("Delete this good signature? (y/N/q)"));
|
_("Delete this good signature? (y/N/q)"));
|
||||||
|
|
||||||
|
/* Only update trust if we delete a good signature.
|
||||||
|
The other two cases do not affect trust. */
|
||||||
|
if(okay)
|
||||||
|
update_trust=1;
|
||||||
|
}
|
||||||
else if( inv_sig || other_err )
|
else if( inv_sig || other_err )
|
||||||
okay = cpr_get_answer_yes_no_quit(
|
okay = cpr_get_answer_yes_no_quit(
|
||||||
"keyedit.delsig.invalid",
|
"keyedit.delsig.invalid",
|
||||||
@ -1900,6 +1910,10 @@ menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
|||||||
commit_kbnode( &pub_keyblock );
|
commit_kbnode( &pub_keyblock );
|
||||||
if( sec_keyblock )
|
if( sec_keyblock )
|
||||||
commit_kbnode( &sec_keyblock );
|
commit_kbnode( &sec_keyblock );
|
||||||
|
|
||||||
|
/* No need to set update_trust here since signing keys no longer
|
||||||
|
are used to certify other keys, so there is no change in trust
|
||||||
|
when revoking/removing them */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -2025,6 +2039,7 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
|||||||
}
|
}
|
||||||
|
|
||||||
free_secret_key( sk );
|
free_secret_key( sk );
|
||||||
|
update_trust=1;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2459,7 +2474,6 @@ menu_revsig( KBNODE keyblock )
|
|||||||
PKT_public_key *primary_pk;
|
PKT_public_key *primary_pk;
|
||||||
KBNODE node;
|
KBNODE node;
|
||||||
int changed = 0;
|
int changed = 0;
|
||||||
int upd_trust = 0;
|
|
||||||
int rc, any;
|
int rc, any;
|
||||||
struct revocation_reason_info *reason = NULL;
|
struct revocation_reason_info *reason = NULL;
|
||||||
|
|
||||||
@ -2572,7 +2586,7 @@ menu_revsig( KBNODE keyblock )
|
|||||||
return changed;
|
return changed;
|
||||||
}
|
}
|
||||||
changed = 1; /* we changed the keyblock */
|
changed = 1; /* we changed the keyblock */
|
||||||
upd_trust = 1;
|
update_trust = 1;
|
||||||
|
|
||||||
pkt = m_alloc_clear( sizeof *pkt );
|
pkt = m_alloc_clear( sizeof *pkt );
|
||||||
pkt->pkttype = PKT_SIGNATURE;
|
pkt->pkttype = PKT_SIGNATURE;
|
||||||
@ -2581,8 +2595,6 @@ menu_revsig( KBNODE keyblock )
|
|||||||
goto reloop;
|
goto reloop;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( upd_trust )
|
|
||||||
revalidation_mark ();
|
|
||||||
release_revocation_reason_info( reason );
|
release_revocation_reason_info( reason );
|
||||||
return changed;
|
return changed;
|
||||||
}
|
}
|
||||||
@ -2598,7 +2610,6 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
|||||||
PKT_public_key *mainpk;
|
PKT_public_key *mainpk;
|
||||||
KBNODE node;
|
KBNODE node;
|
||||||
int changed = 0;
|
int changed = 0;
|
||||||
int upd_trust = 0;
|
|
||||||
int rc;
|
int rc;
|
||||||
struct revocation_reason_info *reason = NULL;
|
struct revocation_reason_info *reason = NULL;
|
||||||
|
|
||||||
@ -2634,7 +2645,6 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
|||||||
return changed;
|
return changed;
|
||||||
}
|
}
|
||||||
changed = 1; /* we changed the keyblock */
|
changed = 1; /* we changed the keyblock */
|
||||||
upd_trust = 1;
|
|
||||||
|
|
||||||
pkt = m_alloc_clear( sizeof *pkt );
|
pkt = m_alloc_clear( sizeof *pkt );
|
||||||
pkt->pkttype = PKT_SIGNATURE;
|
pkt->pkttype = PKT_SIGNATURE;
|
||||||
@ -2646,8 +2656,9 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
|||||||
commit_kbnode( &pub_keyblock );
|
commit_kbnode( &pub_keyblock );
|
||||||
/*commit_kbnode( &sec_keyblock );*/
|
/*commit_kbnode( &sec_keyblock );*/
|
||||||
|
|
||||||
if( upd_trust )
|
/* No need to set update_trust here since signing keys no longer
|
||||||
revalidation_mark ();
|
are used to certify other keys, so there is no change in trust
|
||||||
|
when revoking/removing them */
|
||||||
|
|
||||||
release_revocation_reason_info( reason );
|
release_revocation_reason_info( reason );
|
||||||
return changed;
|
return changed;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user