1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

* keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,

menu_expire, menu_revsig, menu_revkey): Only force a trustdb check if we
did something that changes it.

* g10.c: add "--auto-check-trustdb" to override a
"--no-auto-check-trustdb"
This commit is contained in:
David Shaw 2002-04-19 11:31:53 +00:00
parent a2c677c829
commit cc7fb43ac3
3 changed files with 41 additions and 18 deletions

View File

@ -1,3 +1,12 @@
2002-04-19 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,
menu_expire, menu_revsig, menu_revkey): Only force a trustdb check
if we did something that changes it.
* g10.c: add "--auto-check-trustdb" to override a
"--no-auto-check-trustdb"
2002-04-19 Werner Koch <wk@gnupg.org> 2002-04-19 Werner Koch <wk@gnupg.org>
* tdbio.c (tdbio_write_nextcheck): Return a status whether the * tdbio.c (tdbio_write_nextcheck): Return a status whether the

View File

@ -268,6 +268,7 @@ enum cmd_and_opt_values { aNull = 0,
oFixedListMode, oFixedListMode,
oNoSigCache, oNoSigCache,
oNoSigCreateCheck, oNoSigCreateCheck,
oAutoCheckTrustDB,
oNoAutoCheckTrustDB, oNoAutoCheckTrustDB,
oPreservePermissions, oPreservePermissions,
oPreferenceList, oPreferenceList,
@ -523,6 +524,7 @@ static ARGPARSE_OPTS opts[] = {
{ oNoAutoKeyRetrieve, "no-auto-key-retrieve", 0, "@" }, { oNoAutoKeyRetrieve, "no-auto-key-retrieve", 0, "@" },
{ oNoSigCache, "no-sig-cache", 0, "@" }, { oNoSigCache, "no-sig-cache", 0, "@" },
{ oNoSigCreateCheck, "no-sig-create-check", 0, "@" }, { oNoSigCreateCheck, "no-sig-create-check", 0, "@" },
{ oAutoCheckTrustDB, "auto-check-trustdb", 0, "@"},
{ oNoAutoCheckTrustDB, "no-auto-check-trustdb", 0, "@"}, { oNoAutoCheckTrustDB, "no-auto-check-trustdb", 0, "@"},
{ oMergeOnly, "merge-only", 0, "@" }, { oMergeOnly, "merge-only", 0, "@" },
{ oAllowSecretKeyImport, "allow-secret-key-import", 0, "@" }, { oAllowSecretKeyImport, "allow-secret-key-import", 0, "@" },
@ -1271,6 +1273,7 @@ main( int argc, char **argv )
iobuf_enable_special_filenames (1); iobuf_enable_special_filenames (1);
break; break;
case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break; case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break;
case oAutoCheckTrustDB: opt.no_auto_check_trustdb=0; break;
case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break; case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break;
case oPreservePermissions: opt.preserve_permissions=1; break; case oPreservePermissions: opt.preserve_permissions=1; break;
case oPreferenceList: preference_list = pargs.r.ret_str; break; case oPreferenceList: preference_list = pargs.r.ret_str; break;

View File

@ -65,6 +65,8 @@ static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
static int enable_disable_key( KBNODE keyblock, int disable ); static int enable_disable_key( KBNODE keyblock, int disable );
static void menu_showphoto( KBNODE keyblock ); static void menu_showphoto( KBNODE keyblock );
static int update_trust=0;
#define CONTROL_D ('D' - 'A' + 1) #define CONTROL_D ('D' - 'A' + 1)
#define NODFLG_BADSIG (1<<0) /* bad signature */ #define NODFLG_BADSIG (1<<0) /* bad signature */
@ -274,7 +276,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
KBNODE node, uidnode; KBNODE node, uidnode;
PKT_public_key *primary_pk=NULL; PKT_public_key *primary_pk=NULL;
int select_all = !count_selected_uids(keyblock); int select_all = !count_selected_uids(keyblock);
int upd_trust = 0, force_v4=0, all_v3=1; int force_v4=0, all_v3=1;
/* Are there any non-v3 sigs on this key already? */ /* Are there any non-v3 sigs on this key already? */
if(opt.pgp2) if(opt.pgp2)
@ -596,7 +598,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
} }
*ret_modified = 1; /* we changed the keyblock */ *ret_modified = 1; /* we changed the keyblock */
upd_trust = 1; update_trust = 1;
pkt = m_alloc_clear( sizeof *pkt ); pkt = m_alloc_clear( sizeof *pkt );
pkt->pkttype = PKT_SIGNATURE; pkt->pkttype = PKT_SIGNATURE;
@ -611,9 +613,6 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
if( node->flag & NODFLG_DELSIG) if( node->flag & NODFLG_DELSIG)
delete_kbnode(node); delete_kbnode(node);
} /* end loop over signators */ } /* end loop over signators */
if (upd_trust)
revalidation_mark ();
leave: leave:
release_sk_list( sk_list ); release_sk_list( sk_list );
@ -1217,7 +1216,10 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
if( edit_ownertrust( find_kbnode( keyblock, if( edit_ownertrust( find_kbnode( keyblock,
PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) { PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
redisplay = 1; redisplay = 1;
revalidation_mark (); /* No real need to set update_trust here as
edit_ownertrust() calls revalidation_mark()
anyway. */
update_trust=1;
} }
break; break;
@ -1311,10 +1313,11 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
else else
tty_printf(_("Key not changed so no update needed.\n")); tty_printf(_("Key not changed so no update needed.\n"));
/* TODO: we should keep track whether we have changed if( update_trust )
* something relevant to the trustdb */ {
if( !(!modified && sign_mode) )
revalidation_mark (); revalidation_mark ();
update_trust=0;
}
goto leave; goto leave;
case cmdINVCMD: case cmdINVCMD:
@ -1756,6 +1759,7 @@ menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock )
selected = node->flag & NODFLG_SELUID; selected = node->flag & NODFLG_SELUID;
if( selected ) { if( selected ) {
delete_kbnode( node ); delete_kbnode( node );
update_trust=1;
if( sec_keyblock ) { if( sec_keyblock ) {
KBNODE snode; KBNODE snode;
int s_selected = 0; int s_selected = 0;
@ -1813,10 +1817,16 @@ menu_delsig( KBNODE pub_keyblock )
&inv_sig, &no_key, &other_err, &inv_sig, &no_key, &other_err,
&selfsig, 1 ); &selfsig, 1 );
if( valid ) if( valid ) {
okay = cpr_get_answer_yes_no_quit( okay = cpr_get_answer_yes_no_quit(
"keyedit.delsig.valid", "keyedit.delsig.valid",
_("Delete this good signature? (y/N/q)")); _("Delete this good signature? (y/N/q)"));
/* Only update trust if we delete a good signature.
The other two cases do not affect trust. */
if(okay)
update_trust=1;
}
else if( inv_sig || other_err ) else if( inv_sig || other_err )
okay = cpr_get_answer_yes_no_quit( okay = cpr_get_answer_yes_no_quit(
"keyedit.delsig.invalid", "keyedit.delsig.invalid",
@ -1900,6 +1910,10 @@ menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
commit_kbnode( &pub_keyblock ); commit_kbnode( &pub_keyblock );
if( sec_keyblock ) if( sec_keyblock )
commit_kbnode( &sec_keyblock ); commit_kbnode( &sec_keyblock );
/* No need to set update_trust here since signing keys no longer
are used to certify other keys, so there is no change in trust
when revoking/removing them */
} }
@ -2025,6 +2039,7 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
} }
free_secret_key( sk ); free_secret_key( sk );
update_trust=1;
return 1; return 1;
} }
@ -2459,7 +2474,6 @@ menu_revsig( KBNODE keyblock )
PKT_public_key *primary_pk; PKT_public_key *primary_pk;
KBNODE node; KBNODE node;
int changed = 0; int changed = 0;
int upd_trust = 0;
int rc, any; int rc, any;
struct revocation_reason_info *reason = NULL; struct revocation_reason_info *reason = NULL;
@ -2572,7 +2586,7 @@ menu_revsig( KBNODE keyblock )
return changed; return changed;
} }
changed = 1; /* we changed the keyblock */ changed = 1; /* we changed the keyblock */
upd_trust = 1; update_trust = 1;
pkt = m_alloc_clear( sizeof *pkt ); pkt = m_alloc_clear( sizeof *pkt );
pkt->pkttype = PKT_SIGNATURE; pkt->pkttype = PKT_SIGNATURE;
@ -2581,8 +2595,6 @@ menu_revsig( KBNODE keyblock )
goto reloop; goto reloop;
} }
if( upd_trust )
revalidation_mark ();
release_revocation_reason_info( reason ); release_revocation_reason_info( reason );
return changed; return changed;
} }
@ -2598,7 +2610,6 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
PKT_public_key *mainpk; PKT_public_key *mainpk;
KBNODE node; KBNODE node;
int changed = 0; int changed = 0;
int upd_trust = 0;
int rc; int rc;
struct revocation_reason_info *reason = NULL; struct revocation_reason_info *reason = NULL;
@ -2634,7 +2645,6 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
return changed; return changed;
} }
changed = 1; /* we changed the keyblock */ changed = 1; /* we changed the keyblock */
upd_trust = 1;
pkt = m_alloc_clear( sizeof *pkt ); pkt = m_alloc_clear( sizeof *pkt );
pkt->pkttype = PKT_SIGNATURE; pkt->pkttype = PKT_SIGNATURE;
@ -2646,8 +2656,9 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
commit_kbnode( &pub_keyblock ); commit_kbnode( &pub_keyblock );
/*commit_kbnode( &sec_keyblock );*/ /*commit_kbnode( &sec_keyblock );*/
if( upd_trust ) /* No need to set update_trust here since signing keys no longer
revalidation_mark (); are used to certify other keys, so there is no change in trust
when revoking/removing them */
release_revocation_reason_info( reason ); release_revocation_reason_info( reason );
return changed; return changed;