diff --git a/NEWS b/NEWS index 86835f12e..6695dd549 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,15 @@ +Noteworthy changes in version 0.3.2 +----------------------------------- + * Fixed some bugs when using --textmode (-seat) + + * Now displays the trust status of a positive verified message. + + * Keyrings are now scanned in the sequence they are added with + --[secret-]keyring. Note that the default keyring is implictly + added as the very first one unless --no-default-keyring is used. + + * Fixed setuid and dlopen bug. + Noteworthy changes in version 0.3.1 ----------------------------------- * Partial headers are now written in the OpenPGP format if diff --git a/TODO b/TODO index 7d77e55c9..53a3c9de8 100644 --- a/TODO +++ b/TODO @@ -1,4 +1,10 @@ + + * clearsig of zero length files does not work + + * Change the inernal represenation of keyid into a struct which + can also hold the localid + * add option --restore-ownertrust * always put key signatures before the first subkey. diff --git a/VERSION b/VERSION index d296451a6..d15723fbe 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.3.1a +0.3.2 diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 2e47f9a0c..bee034920 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,12 @@ +Thu Jul 9 13:01:14 1998 Werner Koch (wk@isil.d.shuttle.de) + + * dynload.c (load_extension): Function now nbails out if + the program is run setuid. + +Wed Jul 8 18:58:23 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rmd160.c (rmd160_hash_buffer): New. + Thu Jul 2 10:50:30 1998 Werner Koch (wk@isil.d.shuttle.de) * cipher.c (cipher_open): algos >=100 use standard CFB diff --git a/cipher/dynload.c b/cipher/dynload.c index e22731702..a8c01f259 100644 --- a/cipher/dynload.c +++ b/cipher/dynload.c @@ -22,6 +22,7 @@ #include #include #include +#include #ifdef HAVE_DL_DLOPEN #include #endif @@ -109,7 +110,11 @@ load_extension( EXTLIST el ) int seq = 0; int class, vers; + /* make sure we are not setuid */ + if( getuid() != geteuid() ) + log_bug("trying to load an extension while still setuid\n"); + /* now that we are not setuid anymore, we can safely load modules */ el->handle = dlopen(el->name, RTLD_NOW); if( !el->handle ) { log_error("%s: error loading extension: %s\n", el->name, dlerror() ); diff --git a/cipher/rmd160.c b/cipher/rmd160.c index e38172498..3b1702cb0 100644 --- a/cipher/rmd160.c +++ b/cipher/rmd160.c @@ -26,7 +26,7 @@ #include "util.h" #include "memory.h" #include "rmd.h" - +#include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */ /********************************* * RIPEMD-160 is not patented, see (as of 25.10.97) @@ -530,6 +530,24 @@ rmd160_read( RMD160_CONTEXT *hd ) return hd->buf; } + + +/**************** + * Shortcut functions which puts the hash value of the supplied buffer + * into outbuf which must have a size of 20 bytes. + */ +void +rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ) +{ + RMD160_CONTEXT hd; + + rmd160_init( &hd ); + rmd160_write( &hd, (byte*)buffer, length ); + rmd160_final( &hd ); + memcpy( outbuf, hd.buf, 20 ); +} + + /**************** * Return some information about the algorithm. We need algo here to * distinguish different flavors of the algorithm. diff --git a/doc/DETAILS b/doc/DETAILS index e315bf550..a2de34306 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -84,18 +84,18 @@ Record type 2: (directory record) 1 byte reserved 8 bytes keyid (We keep it here to speed up searching by keyid) 1 u32 Local-Id. This is simply the record number of this record. - 1 u32 pubkey (record number of it) + 1 u32 primary public key (record number of it) 1 u32 cache record 1 u32 sigrecord 1 byte No signatures flag (used to avoid duplicate building). 3 byte reserved - 1 u32 preference record + 1 u32 userid record 6 byte reserved Record type 3: -------------- - Informations about a public key certificate. + Informations about a primary public key. These are static values which are never changed without user interaction. 1 byte value 3 @@ -107,7 +107,7 @@ Record type 3: 1 byte pubkey algorithm 1 byte length of the fingerprint (in bytes) 20 bytes fingerprint of the public key - 1 byte ownertrust: + 1 byte ownertrust if there is no trust defined for the userid: 3 byte reserved @@ -207,6 +207,25 @@ Record type 7 (hash list) For the current record length of 40, n is 6 +Record type 8: (userid) +-------------- + Informations about a userid + We do not store the userid but the hash value of the userid because that + is sufficient. + + 1 byte value 8 + 1 byte reserved + 1 u32 owner; points to the directory record. + 1 u32 next userid + 1 byte subtype: 0 = a real user id + 1 = not a real userid, but a "dummy" user of length 0 + which is used to represent stuff that is directly + bound to the key. + 20 bytes ripemd160 hash of the username. + 1 u32 pointer to preference record + 1 byte ownertrust + 4 byte reserved + Packet Headers diff --git a/g10/ChangeLog b/g10/ChangeLog index 7525c1818..a637ac9e9 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,20 @@ +Thu Jul 9 14:52:47 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (build_list): Now drops setuid. + (main): Changed the way keyrings and algorithms are registered . + +Wed Jul 8 14:17:30 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h (PKT_public_key): Add field keyid. + * parse-packet.c (parse_key): Reset the above field. + * keyid.c (keyid_from_pk): Use above field as cache. + + * tdbio.c, tdbio.h: New + * trustdb.c: Moved some functions to tdbio.c. + (print_keyid): New. + + * pkclist.c (check_signatures_trust): New. + Wed Jul 8 10:45:28 1998 Werner Koch (wk@isil.d.shuttle.de) * plaintext.c (special_md_putc): New. diff --git a/g10/Makefile.am b/g10/Makefile.am index c64055423..be695d895 100644 --- a/g10/Makefile.am +++ b/g10/Makefile.am @@ -32,6 +32,8 @@ common_source = \ keyid.c \ trustdb.c \ trustdb.h \ + tdbio.c \ + tdbio.h \ pref.h \ pref.c \ packet.h \ diff --git a/g10/g10.c b/g10/g10.c index 77ba9bc4a..8082fe2eb 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -182,6 +182,7 @@ enum cmd_values { aNull = 0, aDeArmor, aEnArmor, aGenRandom, aTest }; +static int maybe_setuid = 1; static char *build_list( const char *text, const char *(*mapf)(int), int (*chkf)(int) ); @@ -264,6 +265,9 @@ build_list( const char *text, const char * (*mapf)(int), int (*chkf)(int) ) size_t n=strlen(text)+2; char *list, *p; + if( maybe_setuid ) + secmem_init( 0 ); /* drop setuid */ + for(i=1; i < 110; i++ ) if( !chkf(i) && (s=mapf(i)) ) n += strlen(s) + 2; @@ -381,7 +385,7 @@ main( int argc, char **argv ) char **orig_argv; const char *fname; STRLIST sl, remusr= NULL, locusr=NULL; - int nrings=0, sec_nrings=0; + STRLIST nrings=NULL, sec_nrings=NULL; armor_filter_context_t afx; int detached_sig = 0; FILE *configfp = NULL; @@ -394,10 +398,13 @@ main( int argc, char **argv ) int greeting = 1; enum cmd_values cmd = 0; const char *trustdb_name = NULL; + char *def_cipher_string = NULL; + char *def_digest_string = NULL; trap_unaligned(); #ifdef IS_G10MAINT secmem_init( 0 ); /* disable use of secmem */ + maybe_setuid = 0; log_set_name("gpgm"); #else /* Please note that we may running SUID(ROOT), so be very CAREFUL @@ -509,12 +516,8 @@ main( int argc, char **argv ) case 523: set_passphrase_fd( pargs.r.ret_int ); break; case 524: set_cmd( &cmd, aEditKey); break; case 525: set_cmd( &cmd, aChangePass); break; - case 527: - opt.def_cipher_algo = string_to_cipher_algo(pargs.r.ret_str); - break; - case 529: - opt.def_digest_algo = string_to_digest_algo(pargs.r.ret_str); - break; + case 527: def_cipher_string = m_strdup(pargs.r.ret_str); break; + case 529: def_digest_string = m_strdup(pargs.r.ret_str); break; case 539: set_cmd( &cmd, aClearsign); break; case 540: secmem_set_flags( secmem_get_flags() | 1 ); break; case 542: set_cmd( &cmd, aGenRevoke); break; @@ -548,12 +551,12 @@ main( int argc, char **argv ) case 501: opt.answer_yes = 1; break; case 502: opt.answer_no = 1; break; case 508: set_cmd( &cmd, aCheckKeys); break; - case 509: add_keyring(pargs.r.ret_str); nrings++; break; + case 509: append_to_strlist( &nrings, pargs.r.ret_str); break; case 510: opt.debug |= pargs.r.ret_ulong; break; case 511: opt.debug = ~0; break; case 512: set_status_fd( pargs.r.ret_int ); break; case 515: opt.fingerprint = 1; break; - case 517: add_secret_keyring(pargs.r.ret_str); sec_nrings++; break; + case 517: append_to_strlist( &sec_nrings, pargs.r.ret_str); break; case 518: /* config files may not be nested (silently ignore them) */ if( !configfp ) { @@ -603,7 +606,6 @@ main( int argc, char **argv ) goto next_pass; } m_free( configname ); configname = NULL; - check_opts(); if( log_get_errorcount(0) ) g10_exit(2); @@ -615,12 +617,28 @@ main( int argc, char **argv ) #ifdef IS_G10 /* initialize the secure memory. */ secmem_init( 16384 ); + maybe_setuid = 0; /* Okay, we are now working under our real uid */ #endif /*write_status( STATUS_ENTER );*/ set_debug(); + + /* must do this after dropping setuid, because string_to... + * may try to load an module */ + if( def_cipher_string ) { + opt.def_cipher_algo = string_to_cipher_algo(def_cipher_string); + m_free(def_cipher_string); def_cipher_string = NULL; + } + if( def_digest_string ) { + opt.def_digest_algo = string_to_digest_algo(def_digest_string); + m_free(def_digest_string); def_digest_string = NULL; + } + check_opts(); + if( log_get_errorcount(0) ) + g10_exit(2); + if( !cmd && opt.fingerprint ) set_cmd( &cmd, aListKeys); @@ -651,11 +669,18 @@ main( int argc, char **argv ) * not in case of "-kvv userid keyring" */ if( cmd != aDeArmor && cmd != aEnArmor && !(cmd == aKMode && argc == 2 ) ) { + if( !sec_nrings || default_keyring ) /* add default secret rings */ add_secret_keyring("secring.gpg"); + for(sl = sec_nrings; sl; sl = sl->next ) + add_secret_keyring( sl->d ); if( !nrings || default_keyring ) /* add default ring */ add_keyring("pubring.gpg"); + for(sl = nrings; sl; sl = sl->next ) + add_keyring( sl->d ); } + FREE_STRLIST(nrings); + FREE_STRLIST(sec_nrings); if( argc ) fname = *argv; diff --git a/g10/getkey.c b/g10/getkey.c index c51e54bd9..3f8ac63b8 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -759,6 +759,15 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid, size_t an; byte *afp = fingerprint_from_pk( k->pkt->pkt.public_key, &an ); + + if( DBG_CACHE ) { + u32 aki[2]; + keyid_from_pk( k->pkt->pkt.public_key, aki ); + log_debug(" aki=%08lx%08lx algo=%d mode=%d an=%u\n", + (ulong)aki[0], (ulong)aki[1], + k->pkt->pkt.public_key->pubkey_algo, + mode, an ); + } if( an == mode && !memcmp( afp, name, an) && ( !pk->pubkey_algo || pk->pubkey_algo diff --git a/g10/keydb.h b/g10/keydb.h index ddc9e5491..58a170d27 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -86,6 +86,7 @@ struct pubkey_find_info { /*-- pkclist.c --*/ +int check_signatures_trust( PKT_signature *sig ); void release_pk_list( PK_LIST pk_list ); int build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage ); diff --git a/g10/keyid.c b/g10/keyid.c index 74bbf8c2c..0809df93a 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -161,9 +161,16 @@ keyid_from_pk( PKT_public_key *pk, u32 *keyid ) if( !keyid ) keyid = dummy_keyid; - if( pk->version < 4 && is_RSA(pk->pubkey_algo) ) { + if( pk->keyid[0] || pk->keyid[1] ) { + keyid[0] = pk->keyid[0]; + keyid[1] = pk->keyid[1]; + lowbits = keyid[1]; + } + else if( pk->version < 4 && is_RSA(pk->pubkey_algo) ) { lowbits = pubkey_get_npkey(pk->pubkey_algo) ? mpi_get_keyid( pk->pkey[0], keyid ) : 0 ; /* from n */ + pk->keyid[0] = keyid[0]; + pk->keyid[1] = keyid[1]; } else { const byte *dp; @@ -174,6 +181,8 @@ keyid_from_pk( PKT_public_key *pk, u32 *keyid ) keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; lowbits = keyid[1]; md_close(md); + pk->keyid[0] = keyid[0]; + pk->keyid[1] = keyid[1]; } return lowbits; diff --git a/g10/mainproc.c b/g10/mainproc.c index b73d49bd1..9090fd4e1 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -837,6 +837,8 @@ check_sig_and_print( CTX c, KBNODE node ) print_keyid( stderr, sig->keyid ); putc('\"', stderr); putc('\n', stderr); + if( !rc ) + rc = check_signatures_trust( sig ); if( opt.batch && rc ) g10_exit(1); } diff --git a/g10/packet.h b/g10/packet.h index 9c8a8547d..0cefd8d10 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -111,6 +111,7 @@ typedef struct { byte pubkey_algo; /* algorithm used for public key scheme */ byte pubkey_usage; /* for now only used to pass it to getkey() */ ulong local_id; /* internal use, valid if > 0 */ + u32 keyid[2]; /* calculated by keyid_from_pk() */ MPI pkey[PUBKEY_MAX_NPKEY]; } PKT_public_key; diff --git a/g10/parse-packet.c b/g10/parse-packet.c index ab1e6cdf8..310feae29 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -946,6 +946,8 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen, pk->version = version; pk->pubkey_algo = algorithm; pk->pubkey_usage = 0; /* not yet used */ + pk->keyid[0] = 0; + pk->keyid[1] = 0; } nskey = pubkey_get_nskey( algorithm ); npkey = pubkey_get_npkey( algorithm ); diff --git a/g10/pkclist.c b/g10/pkclist.c index e20fe8503..81e23c765 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -33,6 +33,7 @@ #include "util.h" #include "trustdb.h" #include "ttyio.h" +#include "status.h" #include "i18n.h" /**************** @@ -57,7 +58,7 @@ query_ownertrust( ulong lid ) pk = m_alloc_clear( sizeof *pk ); rc = get_pubkey( pk, keyid ); if( rc ) { - log_error("keyid %08lX: pubkey not found: %s\n", + log_error("key %08lX: public key not found: %s\n", (ulong)keyid[1], g10_errstr(rc) ); return 0; } @@ -282,6 +283,114 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel ) } + +/**************** + * Check whether we can trust this signature. + * Returns: Error if we shall not trust this signatures. + */ +int +check_signatures_trust( PKT_signature *sig ) +{ + PKT_public_key *pk = m_alloc_clear( sizeof *pk ); + int trustlevel; + int dont_try = 0; + int rc=0; + + rc = get_pubkey( pk, sig->keyid ); + if( rc ) { /* this should not happen */ + log_error("Ooops; the key vanished - can't check the trust\n"); + rc = G10ERR_NO_PUBKEY; + goto leave; + } + + retry: + rc = check_trust( pk, &trustlevel ); + if( rc ) { + log_error("check trust failed: %s\n", g10_errstr(rc)); + goto leave; + } + + if( (trustlevel & TRUST_FLAG_REVOKED) ) { + write_status( STATUS_KEYREVOKED ); + log_info(_("WARNING: This key has been revoked by its owner!\n")); + log_info(_(" This could mean that the signature is forgery.\n")); + } + + + switch( (trustlevel & TRUST_MASK) ) { + case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */ + rc = insert_trust_record( pk ); + if( rc ) { + log_error("failed to insert it into the trustdb: %s\n", + g10_errstr(rc) ); + goto leave; + } + rc = check_trust( pk, &trustlevel ); + if( rc ) + log_fatal("trust check after insert failed: %s\n", + g10_errstr(rc) ); + if( trustlevel == TRUST_UNKNOWN || trustlevel == TRUST_EXPIRED ) + BUG(); + goto retry; + + case TRUST_EXPIRED: + log_info(_("Note: This key has expired!\n")); + break; + + case TRUST_UNDEFINED: + if( dont_try || opt.batch || opt.answer_no ) { + write_status( STATUS_TRUST_UNDEFINED ); + log_info(_( + "WARNING: This key is not certified with a trusted signature!\n")); + log_info(_( + " There is no indication that the " + "signature belongs to the owner.\n" )); + } + else { + rc = add_ownertrust( pk ); + if( rc ) { + dont_try = 1; + rc = 0; + } + goto retry; + } + break; + + case TRUST_NEVER: + write_status( STATUS_TRUST_NEVER ); + log_info(_("WARNING: We do NOT trust this key!\n")); + log_info(_(" The signature is probably a FORGERY.\n")); + rc = G10ERR_BAD_SIGN; + break; + + case TRUST_MARGINAL: + write_status( STATUS_TRUST_MARGINAL ); + log_info(_( + "WARNING: This key is not certified with enough trusted signatures!\n" + )); + log_info(_( + " It is not certain that the signature belongs to the owner.\n" + )); + break; + + case TRUST_FULLY: + write_status( STATUS_TRUST_FULLY ); + break; + + case TRUST_ULTIMATE: + write_status( STATUS_TRUST_ULTIMATE ); + break; + + default: BUG(); + } + + + leave: + free_public_key( pk ); + return rc; +} + + void release_pk_list( PK_LIST pk_list ) { diff --git a/g10/sig-check.c b/g10/sig-check.c index 984671923..f600a4d1e 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -158,7 +158,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest ) } if( pk->timestamp > sig->timestamp ) - return G10ERR_TIME_CONFLICT; /* pubkey newer that signature */ + return G10ERR_TIME_CONFLICT; /* pubkey newer than signature */ cur_time = make_timestamp(); if( pk->timestamp > cur_time ) { diff --git a/g10/status.c b/g10/status.c index 35367fbba..5cdd4fd03 100644 --- a/g10/status.c +++ b/g10/status.c @@ -54,10 +54,16 @@ write_status_text( int no, const char *text) case STATUS_ABORT : s = "ABORT\n"; break; case STATUS_GOODSIG: s = "GOODSIG\n"; break; case STATUS_SIGEXPIRED: s = "SIGEXPIRED\n"; break; + case STATUS_KEYREVOKED: s = "KEYREVOKED\n"; break; case STATUS_BADSIG : s = "BADSIG\n"; break; case STATUS_ERRSIG : s = "ERRSIG\n"; break; case STATUS_BADARMOR : s = "BADARMOR\n"; break; case STATUS_RSA_OR_IDEA : s= "RSA_OR_IDEA\n"; break; + case STATUS_TRUST_UNDEFINED: s = "TRUST_UNDEFINED\n"; break; + case STATUS_TRUST_NEVER : s = "TRUST_NEVER\n"; break; + case STATUS_TRUST_MARGINAL : s = "TRUST_MARGINAL\n"; break; + case STATUS_TRUST_FULLY : s = "TRUST_FULLY\n"; break; + case STATUS_TRUST_ULTIMATE : s = "TRUST_ULTIMATE\n"; break; default: s = "?\n"; break; } diff --git a/g10/status.h b/g10/status.h index 8b5ffdacd..d6ed773a0 100644 --- a/g10/status.h +++ b/g10/status.h @@ -34,6 +34,15 @@ #define STATUS_RSA_OR_IDEA 8 #define STATUS_SIGEXPIRED 9 +#define STATUS_KEYREVOKED 10 + +#define STATUS_TRUST_UNDEFINED 11 +#define STATUS_TRUST_NEVER 12 +#define STATUS_TRUST_MARGINAL 13 +#define STATUS_TRUST_FULLY 14 +#define STATUS_TRUST_ULTIMATE 15 + + /*-- status.c --*/ void set_status_fd( int fd ); diff --git a/g10/tdbio.c b/g10/tdbio.c new file mode 100644 index 000000000..d3b9a7221 --- /dev/null +++ b/g10/tdbio.c @@ -0,0 +1,518 @@ +/* tdbio.c + * Copyright (C) 1998 Free Software Foundation, Inc. + * + * This file is part of GNUPG. + * + * GNUPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GNUPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "errors.h" +#include "iobuf.h" +#include "memory.h" +#include "util.h" +#include "options.h" +#include "main.h" +#include "i18n.h" +#include "trustdb.h" +#include "tdbio.h" + + + +static char *db_name; +static int db_fd = -1; + + + +static void create_db( const char *fname ); +static void open_db(void); + +/************************************************** + ************** read and write helpers ************ + **************************************************/ + +static void +fwrite_8(FILE *fp, byte a) +{ + if( putc( a & 0xff, fp ) == EOF ) + log_fatal("error writing byte to trustdb: %s\n", strerror(errno) ); +} + + +static void +fwrite_32( FILE*fp, ulong a) +{ + putc( (a>>24) & 0xff, fp ); + putc( (a>>16) & 0xff, fp ); + putc( (a>> 8) & 0xff, fp ); + if( putc( a & 0xff, fp ) == EOF ) + log_fatal("error writing ulong to trustdb: %s\n", strerror(errno) ); +} + +static void +fwrite_zeros( FILE *fp, size_t n) +{ + while( n-- ) + if( putc( 0, fp ) == EOF ) + log_fatal("error writing zeros to trustdb: %s\n", strerror(errno) ); +} + + + + +/************************************************** + ************** read and write stuff ************** + **************************************************/ + +int +tdbio_set_dbname( const char *new_dbname, int create ) +{ + char *fname; + + fname = new_dbname? m_strdup( new_dbname ) + : make_filename(opt.homedir, "trustdb.gpg", NULL ); + + if( access( fname, R_OK ) ) { + if( errno != ENOENT ) { + log_error_f( fname, _("can't access: %s\n"), strerror(errno) ); + m_free(fname); + return G10ERR_TRUSTDB; + } + if( create ) { + char *p = strrchr( fname, '/' ); + assert(p); + *p = 0; + if( access( fname, F_OK ) ) { + if( strlen(fname) >= 7 + && !strcmp(fname+strlen(fname)-7, "/.gnupg" ) ) { + #if __MINGW32__ + if( mkdir( fname ) ) + #else + if( mkdir( fname, S_IRUSR|S_IWUSR|S_IXUSR ) ) + #endif + log_fatal_f( fname, _("can't create directory: %s\n"), + strerror(errno) ); + } + else + log_fatal_f(fname, _("directory does not exist!\n") ); + } + *p = '/'; + create_db( fname ); + } + } + m_free(db_name); + db_name = fname; + return 0; +} + + +const char * +tdbio_get_dbname() +{ + return db_name; +} + + + +/**************** + * Create a new trustdb + */ +static void +create_db( const char *fname ) +{ + FILE *fp; + + fp =fopen( fname, "w" ); + if( !fp ) + log_fatal_f( fname, _("can't create %s: %s\n"), strerror(errno) ); + fwrite_8( fp, 1 ); + fwrite_8( fp, 'g' ); + fwrite_8( fp, 'p' ); + fwrite_8( fp, 'g' ); + fwrite_8( fp, 1 ); /* version */ + fwrite_zeros( fp, 3 ); /* reserved */ + fwrite_32( fp, 0 ); /* not locked */ + fwrite_32( fp, make_timestamp() ); /* created */ + fwrite_32( fp, 0 ); /* not yet modified */ + fwrite_32( fp, 0 ); /* not yet validated*/ + fwrite_32( fp, 0 ); /* reserved */ + fwrite_8( fp, 3 ); /* marginals needed */ + fwrite_8( fp, 1 ); /* completes needed */ + fwrite_8( fp, 4 ); /* max_cet_depth */ + fwrite_zeros( fp, 9 ); /* filler */ + fclose(fp); +} + + + +static void +open_db() +{ + TRUSTREC rec; + assert( db_fd == -1 ); + + db_fd = open( db_name, O_RDWR ); + if( db_fd == -1 ) + log_fatal_f( db_name, _("can't open: %s\n"), strerror(errno) ); + if( tdbio_read_record( 0, &rec, RECTYPE_VER ) ) + log_fatal_f( db_name, _("invalid trust-db\n") ); + /* fixme: check ->locked and other stuff */ +} + + +void +tdbio_dump_record( ulong rnum, TRUSTREC *rec, FILE *fp ) +{ + int i, any; + + fprintf(fp, "rec %5lu, type=", rnum ); + + switch( rec->rectype ) { + case 0: fprintf(fp, "free\n"); + break; + case RECTYPE_VER: fprintf(fp, "version\n"); + break; + case RECTYPE_DIR: + fprintf(fp, "dir keyid=%08lX, key=%lu, ctl=%lu, sig=%lu", + (ulong)rec->r.dir.keyid[1], + rec->r.dir.keyrec, rec->r.dir.ctlrec, rec->r.dir.sigrec ); + if( rec->r.dir.no_sigs == 1 ) + fputs(", (none)", fp ); + else if( rec->r.dir.no_sigs == 2 ) + fputs(", (invalid)", fp ); + else if( rec->r.dir.no_sigs == 3 ) + fputs(", (revoked)", fp ); + else if( rec->r.dir.no_sigs ) + fputs(", (??)", fp ); + putc('\n', fp); + break; + case RECTYPE_KEY: fprintf(fp, + "key %08lX, own=%lu, ownertrust=%02x, fl=%d\n", + (ulong)rec->r.key.keyid[1], + rec->r.key.owner, rec->r.key.ownertrust, + rec->r.key.fingerprint_len ); + break; + case RECTYPE_UID: + if( !rec->r.uid.subtype ) + fprintf(fp, + "uid %02x%02x, owner=%lu, chain=%lu, pref=%lu, otr=%02x\n", + rec->r.uid.namehash[18], rec->r.uid.namehash[19], + rec->r.uid.owner, rec->r.uid.chain, (ulong)rec->r.uid.prefrec, + rec->r.uid.ownertrust ); + else + fprintf(fp, + "uid subtype%d, owner=%lu, chain=%lu\n", + rec->r.uid.subtype, rec->r.uid.owner, rec->r.uid.chain); + break; + case RECTYPE_CTL: fprintf(fp, "ctl\n"); + break; + case RECTYPE_SIG: + fprintf(fp, "sigrec, owner=%lu, chain=%lu\n", + rec->r.sig.owner, rec->r.sig.chain ); + for(i=any=0; i < SIGS_PER_RECORD; i++ ) { + if( rec->r.sig.sig[i].local_id ) { + if( !any ) { + putc('\t', fp); + any++; + } + fprintf(fp, " %lu:%02x", rec->r.sig.sig[i].local_id, + rec->r.sig.sig[i].flag ); + } + } + if( any ) + putc('\n', fp); + break; + default: + fprintf(fp, "%d (unknown)\n", rec->rectype ); + break; + } +} + +/**************** + * read the record with number recnum + * returns: -1 on error, 0 on success + */ +int +tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ) +{ + byte buf[TRUST_RECORD_LEN], *p; + int rc = 0; + int n, i; + + if( db_fd == -1 ) + open_db(); + if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) { + log_error(_("trustdb: lseek failed: %s\n"), strerror(errno) ); + return G10ERR_READ_FILE; + } + n = read( db_fd, buf, TRUST_RECORD_LEN); + if( !n ) { + return -1; /* eof */ + } + else if( n != TRUST_RECORD_LEN ) { + log_error(_("trustdb: read failed (n=%d): %s\n"), n, strerror(errno) ); + return G10ERR_READ_FILE; + } + p = buf; + rec->rectype = *p++; + if( expected && rec->rectype != expected ) { + log_error("%lu: read expected rec type %d, got %d\n", + recnum, expected, rec->rectype ); + return G10ERR_TRUSTDB; + } + p++; + switch( rec->rectype ) { + case 0: /* unused record */ + break; + case RECTYPE_VER: /* version record */ + /* g10 was the original name */ + if( memcmp(buf+1, "gpg", 3 ) && memcmp(buf+1, "g10", 3 ) ) { + log_error_f( db_name, _("not a trustdb file\n") ); + rc = G10ERR_TRUSTDB; + } + p += 2; /* skip magic */ + rec->r.ver.version = *p++; + rec->r.ver.locked = buftoulong(p); p += 4; + rec->r.ver.created = buftoulong(p); p += 4; + rec->r.ver.modified = buftoulong(p); p += 4; + rec->r.ver.validated= buftoulong(p); p += 4; + rec->r.ver.marginals_needed = *p++; + rec->r.ver.completes_needed = *p++; + rec->r.ver.max_cert_depth = *p++; + if( recnum ) { + log_error_f( db_name, "version record with recnum %lu\n", + (ulong)recnum ); + rc = G10ERR_TRUSTDB; + } + if( rec->r.ver.version != 1 ) { + log_error_f( db_name, "invalid file version %d\n", + rec->r.ver.version ); + rc = G10ERR_TRUSTDB; + } + break; + case RECTYPE_DIR: /*directory record */ + rec->r.dir.local_id = buftoulong(p); p += 4; + rec->r.dir.keyid[0] = buftou32(p); p += 4; + rec->r.dir.keyid[1] = buftou32(p); p += 4; + rec->r.dir.keyrec = buftoulong(p); p += 4; + rec->r.dir.ctlrec = buftoulong(p); p += 4; + rec->r.dir.sigrec = buftoulong(p); p += 4; + rec->r.dir.no_sigs = *p++; + if( rec->r.dir.local_id != recnum ) { + log_error_f( db_name, "dir local_id != recnum (%lu,%lu)\n", + (ulong)rec->r.dir.local_id, + (ulong)recnum ); + rc = G10ERR_TRUSTDB; + } + break; + case RECTYPE_KEY: /* public key record */ + rec->r.key.owner = buftoulong(p); p += 4; + rec->r.dir.keyid[0] = buftou32(p); p += 4; + rec->r.dir.keyid[1] = buftou32(p); p += 4; + rec->r.key.pubkey_algo = *p++; + rec->r.key.fingerprint_len = *p++; + if( rec->r.key.fingerprint_len < 1 || rec->r.key.fingerprint_len > 20 ) + rec->r.key.fingerprint_len = 20; + memcpy( rec->r.key.fingerprint, p, 20); p += 20; + rec->r.key.ownertrust = *p++; + break; + case RECTYPE_CTL: /* control record */ + rec->r.ctl.owner = buftoulong(p); p += 4; + memcpy(rec->r.ctl.blockhash, p, 20); p += 20; + rec->r.ctl.trustlevel = *p++; + break; + case RECTYPE_SIG: + rec->r.sig.owner = buftoulong(p); p += 4; + rec->r.sig.chain = buftoulong(p); p += 4; + for(i=0; i < SIGS_PER_RECORD; i++ ) { + rec->r.sig.sig[i].local_id = buftoulong(p); p += 4; + rec->r.sig.sig[i].flag = *p++; + } + break; + default: + log_error_f( db_name, "invalid record type %d at recnum %lu\n", + rec->rectype, (ulong)recnum ); + rc = G10ERR_TRUSTDB; + break; + } + + return rc; +} + +/**************** + * Write the record at RECNUM + */ +int +tdbio_write_record( ulong recnum, TRUSTREC *rec ) +{ + byte buf[TRUST_RECORD_LEN], *p; + int rc = 0; + int i, n; + + if( db_fd == -1 ) + open_db(); + + memset(buf, 0, TRUST_RECORD_LEN); + p = buf; + *p++ = rec->rectype; p++; + switch( rec->rectype ) { + case 0: /* unused record */ + break; + case 1: /* version record */ + BUG(); + break; + + case RECTYPE_DIR: /*directory record */ + ulongtobuf(p, rec->r.dir.local_id); p += 4; + u32tobuf(p, rec->r.key.keyid[0]); p += 4; + u32tobuf(p, rec->r.key.keyid[1]); p += 4; + ulongtobuf(p, rec->r.dir.keyrec); p += 4; + ulongtobuf(p, rec->r.dir.ctlrec); p += 4; + ulongtobuf(p, rec->r.dir.sigrec); p += 4; + *p++ = rec->r.dir.no_sigs; + assert( rec->r.dir.local_id == recnum ); + break; + + case RECTYPE_KEY: + ulongtobuf(p, rec->r.key.owner); p += 4; + u32tobuf(p, rec->r.key.keyid[0]); p += 4; + u32tobuf(p, rec->r.key.keyid[1]); p += 4; + *p++ = rec->r.key.pubkey_algo; + *p++ = rec->r.key.fingerprint_len; + memcpy( p, rec->r.key.fingerprint, 20); p += 20; + *p++ = rec->r.key.ownertrust; + break; + + case RECTYPE_CTL: /* control record */ + ulongtobuf(p, rec->r.ctl.owner); p += 4; + memcpy(p, rec->r.ctl.blockhash, 20); p += 20; + *p++ = rec->r.ctl.trustlevel; + break; + + case RECTYPE_SIG: + ulongtobuf(p, rec->r.sig.owner); p += 4; + ulongtobuf(p, rec->r.sig.chain); p += 4; + for(i=0; i < SIGS_PER_RECORD; i++ ) { + ulongtobuf(p, rec->r.sig.sig[i].local_id); p += 4; + *p++ = rec->r.sig.sig[i].flag; + } + break; + default: + BUG(); + } + + if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) { + log_error(_("trustdb: lseek failed: %s\n"), strerror(errno) ); + return G10ERR_WRITE_FILE; + } + n = write( db_fd, buf, TRUST_RECORD_LEN); + if( n != TRUST_RECORD_LEN ) { + log_error(_("trustdb: write failed (n=%d): %s\n"), n, strerror(errno) ); + return G10ERR_WRITE_FILE; + } + + return rc; +} + + +/**************** + * create a new record and return its record number + */ +ulong +tdbio_new_recnum() +{ + off_t offset; + ulong recnum; + TRUSTREC rec; + int rc; + + /* fixme: look for unused records */ + offset = lseek( db_fd, 0, SEEK_END ); + if( offset == -1 ) + log_fatal("trustdb: lseek to end failed: %s\n", strerror(errno) ); + recnum = offset / TRUST_RECORD_LEN; + assert(recnum); /* this is will never be the first record */ + + /* we must write a record, so that the next call to this function + * returns another recnum */ + memset( &rec, 0, sizeof rec ); + rec.rectype = 0; /* free record */ + rc = tdbio_write_record(recnum, &rec ); + if( rc ) + log_fatal_f(db_name,_("failed to append a record: %s\n"), + g10_errstr(rc)); + return recnum ; +} + + + +/**************** + * Search the trustdb for a key which matches PK and return the dir record + * The local_id of PK is set to the correct value + * + * Note: To increase performance, we could use a index search here. + */ +int +tdbio_search_record( PKT_public_key *pk, TRUSTREC *rec ) +{ + ulong recnum; + u32 keyid[2]; + byte *fingerprint; + size_t fingerlen; + int rc; + + keyid_from_pk( pk, keyid ); + fingerprint = fingerprint_from_pk( pk, &fingerlen ); + assert( fingerlen == 20 || fingerlen == 16 ); + + for(recnum=1; !(rc=tdbio_read_record( recnum, rec, 0)); recnum++ ) { + if( rec->rectype != RECTYPE_DIR ) + continue; + if( rec->r.dir.keyid[0] == keyid[0] + && rec->r.dir.keyid[1] == keyid[1]){ + TRUSTREC keyrec; + + if( tdbio_read_record( rec->r.dir.keyrec, &keyrec, RECTYPE_KEY ) ) { + log_error("%lu: ooops: invalid key record\n", recnum ); + break; + } + if( keyrec.r.key.pubkey_algo == pk->pubkey_algo + && !memcmp(keyrec.r.key.fingerprint, fingerprint, fingerlen) ){ + if( pk->local_id && pk->local_id != recnum ) + log_error_f(db_name, + "found record, but local_id from memory does " + "not match recnum (%lu,%lu)\n", + (ulong)pk->local_id, (ulong)recnum ); + pk->local_id = recnum; + return 0; + } + } + } + if( rc != -1 ) + log_error_f( db_name, _("search_db failed: %s\n"), g10_errstr(rc) ); + return rc; +} + + diff --git a/g10/tdbio.h b/g10/tdbio.h new file mode 100644 index 000000000..facb5c307 --- /dev/null +++ b/g10/tdbio.h @@ -0,0 +1,150 @@ +/* tdbio.h - Trust database I/O functions + * Copyright (C) 1998 Free Software Foundation, Inc. + * + * This file is part of GNUPG. + * + * GNUPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GNUPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifndef G10_TDBIO_H +#define G10_TDBIO_H + + +#define TRUST_RECORD_LEN 40 +#define SIGS_PER_RECORD ((TRUST_RECORD_LEN-10)/5) +#define ITEMS_PER_HTBL_RECORD ((TRUST_RECORD_LEN-2)/4) +#define ITEMS_PER_HLST_RECORD ((TRUST_RECORD_LEN-6)/5) +#define MAX_LIST_SIGS_DEPTH 20 + + +#define RECTYPE_VER 1 +#define RECTYPE_DIR 2 +#define RECTYPE_KEY 3 +#define RECTYPE_CTL 4 +#define RECTYPE_SIG 5 +#define RECTYPE_HTBL 6 +#define RECTYPE_HLST 7 +#define RECTYPE_UID 8 + + +struct trust_record { + int rectype; + union { + struct { /* version record: */ + byte version; /* should be 1 */ + ulong locked; /* pid of process which holds a lock */ + ulong created; /* timestamp of trustdb creation */ + ulong modified; /* timestamp of last modification */ + ulong validated; /* timestamp of last validation */ + byte marginals_needed; + byte completes_needed; + byte max_cert_depth; + } ver; + struct { /* directory record */ + ulong local_id; + u32 keyid[2]; + ulong keyrec; /* recno of primary public key record */ + ulong ctlrec; /* recno of control record */ + ulong sigrec; /* recno of first signature record (osolete) */ + ulong uidrec; /* recno of first user-id record */ + ulong link; /* to next dir record */ + byte no_sigs; /* does not have sigature and checked */ + } dir; + struct { /* primary public key record */ + ulong owner; + u32 keyid[2]; + byte pubkey_algo; + byte fingerprint_len; + byte fingerprint[20]; + byte ownertrust; + } key; + struct { /* user id reord */ + ulong owner; /* point back to the directory record */ + ulong chain; /* points to next user id record */ + byte subtype; /* must be 0 */ + byte namehash[20]; /* ripemd hash of the username */ + byte ownertrust; + u32 prefrec; /* recno of reference record */ + } uid; + struct { /* control record */ + ulong owner; + byte blockhash[20]; + byte trustlevel; /* calculated trustlevel */ + } ctl; + struct { /* signature record */ + ulong owner; /* local_id of record owner (pubkey record) */ + ulong chain; /* offset of next record or NULL for last one */ + struct { + ulong local_id; /* of pubkey record of signator (0=unused) */ + byte flag; /* reserved */ + } sig[SIGS_PER_RECORD]; + } sig; + struct { + ulong item[ITEMS_PER_HTBL_RECORD]; + } htbl; + struct { + ulong chain; + struct { + byte hash; + ulong rnum; + } item[ITEMS_PER_HLST_RECORD]; + } hlst; + } r; +}; +typedef struct trust_record TRUSTREC; + +typedef struct { + ulong local_id; /* localid of the pubkey */ + ulong sigrec; + ulong sig_id; /* returned signature id */ + unsigned sig_flag; /* returned signature record flag */ + struct { /* internal data */ + int init_done; + int eof; + TRUSTREC rec; + int index; + } ctl; +} SIGREC_CONTEXT; + + +/*-- tdbio.c --*/ +int tdbio_set_dbname( const char *new_dbname, int create ); +const char *tdbio_get_dbname(void); +void tdbio_dump_record( ulong rnum, TRUSTREC *rec, FILE *fp ); +int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ); +int tdbio_write_record( ulong recnum, TRUSTREC *rec ); +ulong tdbio_new_recnum(void); +int tdbio_search_record( PKT_public_key *pk, TRUSTREC *rec ); + + +#define buftoulong( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \ + (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3))) +#define buftoushort( p ) ((*((byte*)(p)) << 8) | (*((byte*)(p)+1))) +#define ulongtobuf( p, a ) do { \ + ((byte*)p)[0] = a >> 24; \ + ((byte*)p)[1] = a >> 16; \ + ((byte*)p)[2] = a >> 8; \ + ((byte*)p)[3] = a ; \ + } while(0) +#define ushorttobuf( p, a ) do { \ + ((byte*)p)[0] = a >> 8; \ + ((byte*)p)[1] = a ; \ + } while(0) +#define buftou32( p) buftoulong( (p) ) +#define u32tobuf( p, a) ulongtobuf( (p), (a) ) + + + +#endif /*G10_TDBIO_H*/ diff --git a/g10/trustdb.c b/g10/trustdb.c index 4ca177c1d..916eeffd1 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -39,94 +39,9 @@ #include "packet.h" #include "main.h" #include "i18n.h" +#include "tdbio.h" -#define TRUST_RECORD_LEN 40 -#define SIGS_PER_RECORD ((TRUST_RECORD_LEN-10)/5) -#define ITEMS_PER_HTBL_RECORD ((TRUST_RECORD_LEN-2)/4) -#define ITEMS_PER_HLST_RECORD ((TRUST_RECORD_LEN-6)/5) -#define MAX_LIST_SIGS_DEPTH 20 - - -#define RECTYPE_VER 1 -#define RECTYPE_DIR 2 -#define RECTYPE_KEY 3 -#define RECTYPE_CTL 4 -#define RECTYPE_SIG 5 -#define RECTYPE_HTBL 6 -#define RECTYPE_HLST 7 - - -struct trust_record { - int rectype; - union { - struct { /* version record: */ - byte version; /* should be 1 */ - ulong locked; /* pid of process which holds a lock */ - ulong created; /* timestamp of trustdb creation */ - ulong modified; /* timestamp of last modification */ - ulong validated; /* timestamp of last validation */ - byte marginals_needed; - byte completes_needed; - byte max_cert_depth; - } ver; - struct { /* directory record */ - ulong local_id; - u32 keyid[2]; - ulong keyrec; /* recno of public key record */ - ulong ctlrec; /* recno of control record */ - ulong sigrec; /* recno of first signature record */ - ulong link; /* to next dir record */ - byte no_sigs; /* does not have sigature and checked */ - } dir; - struct { /* public key record */ - ulong owner; - u32 keyid[2]; - byte pubkey_algo; - byte fingerprint_len; - byte fingerprint[20]; - byte ownertrust; - } key; - struct { /* control record */ - ulong owner; - byte blockhash[20]; - byte trustlevel; /* calculated trustlevel */ - } ctl; - struct { /* signature record */ - ulong owner; /* local_id of record owner (pubkey record) */ - ulong chain; /* offset of next record or NULL for last one */ - struct { - ulong local_id; /* of pubkey record of signator (0=unused) */ - byte flag; /* reserved */ - } sig[SIGS_PER_RECORD]; - } sig; - struct { - ulong item[ITEMS_PER_HTBL_RECORD]; - } htbl; - struct { - ulong chain; - struct { - byte hash; - ulong rnum; - } item[ITEMS_PER_HLST_RECORD]; - } hlst; - } r; -}; -typedef struct trust_record TRUSTREC; - -typedef struct { - ulong local_id; /* localid of the pubkey */ - ulong sigrec; - ulong sig_id; /* returned signature id */ - unsigned sig_flag; /* returned signature record flag */ - struct { /* internal data */ - int init_done; - int eof; - TRUSTREC rec; - int index; - } ctl; -} SIGREC_CONTEXT; - typedef struct local_id_info *LOCAL_ID_INFO; struct local_id_info { LOCAL_ID_INFO next; @@ -157,13 +72,6 @@ typedef struct { } ENUM_TRUST_WEB_CONTEXT; -static void create_db( const char *fname ); -static void open_db(void); -static void dump_record( ulong rnum, TRUSTREC *rec, FILE *fp ); -static int read_record( ulong recnum, TRUSTREC *rec, int expected ); -static int write_record( ulong recnum, TRUSTREC *rec ); -static ulong new_recnum(void); -static int search_record( PKT_public_key *pk, TRUSTREC *rec ); static int walk_sigrecs( SIGREC_CONTEXT *c, int create ); static LOCAL_ID_INFO *new_lid_table(void); @@ -183,8 +91,6 @@ static int do_check( ulong pubkeyid, TRUSTREC *drec, unsigned *trustlevel ); static int update_no_sigs( ulong lid, int no_sigs ); -static char *db_name; -static int db_fd = -1; /* a table used to keep track of ultimately trusted keys * which are the ones from our secrings */ static LOCAL_ID_INFO *ultikey_table; @@ -192,53 +98,6 @@ static LOCAL_ID_INFO *ultikey_table; static ulong last_trust_web_key; static TRUST_SEG_LIST last_trust_web_tslist; -#define buftoulong( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \ - (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3))) -#define buftoushort( p ) ((*((byte*)(p)) << 8) | (*((byte*)(p)+1))) -#define ulongtobuf( p, a ) do { \ - ((byte*)p)[0] = a >> 24; \ - ((byte*)p)[1] = a >> 16; \ - ((byte*)p)[2] = a >> 8; \ - ((byte*)p)[3] = a ; \ - } while(0) -#define ushorttobuf( p, a ) do { \ - ((byte*)p)[0] = a >> 8; \ - ((byte*)p)[1] = a ; \ - } while(0) -#define buftou32( p) buftoulong( (p) ) -#define u32tobuf( p, a) ulongtobuf( (p), (a) ) - - -/************************************************** - ************** read and write helpers ************ - **************************************************/ - -static void -fwrite_8(FILE *fp, byte a) -{ - if( putc( a & 0xff, fp ) == EOF ) - log_fatal("error writing byte to trustdb: %s\n", strerror(errno) ); -} - - -static void -fwrite_32( FILE*fp, ulong a) -{ - putc( (a>>24) & 0xff, fp ); - putc( (a>>16) & 0xff, fp ); - putc( (a>> 8) & 0xff, fp ); - if( putc( a & 0xff, fp ) == EOF ) - log_fatal("error writing ulong to trustdb: %s\n", strerror(errno) ); -} - -static void -fwrite_zeros( FILE *fp, size_t n) -{ - while( n-- ) - if( putc( 0, fp ) == EOF ) - log_fatal("error writing zeros to trustdb: %s\n", strerror(errno) ); -} - /********************************************** ************* list helpers ******************* @@ -312,376 +171,6 @@ upd_lid_table_flag( LOCAL_ID_INFO *tbl, ulong lid, unsigned flag ) BUG(); } - -/************************************************** - ************** read and write stuff ************** - **************************************************/ - - -/**************** - * Create a new trustdb - */ -static void -create_db( const char *fname ) -{ - FILE *fp; - - fp =fopen( fname, "w" ); - if( !fp ) - log_fatal(_("can't create %s: %s\n"), fname, strerror(errno) ); - fwrite_8( fp, 1 ); - fwrite_8( fp, 'g' ); - fwrite_8( fp, 'p' ); - fwrite_8( fp, 'g' ); - fwrite_8( fp, 1 ); /* version */ - fwrite_zeros( fp, 3 ); /* reserved */ - fwrite_32( fp, 0 ); /* not locked */ - fwrite_32( fp, make_timestamp() ); /* created */ - fwrite_32( fp, 0 ); /* not yet modified */ - fwrite_32( fp, 0 ); /* not yet validated*/ - fwrite_32( fp, 0 ); /* reserved */ - fwrite_8( fp, 3 ); /* marginals needed */ - fwrite_8( fp, 1 ); /* completes needed */ - fwrite_8( fp, 4 ); /* max_cet_depth */ - fwrite_zeros( fp, 9 ); /* filler */ - fclose(fp); -} - -static void -open_db() -{ - TRUSTREC rec; - assert( db_fd == -1 ); - - db_fd = open( db_name, O_RDWR ); - if( db_fd == -1 ) - log_fatal(_("can't open %s: %s\n"), db_name, strerror(errno) ); - if( read_record( 0, &rec, RECTYPE_VER ) ) - log_fatal(_("TrustDB %s is invalid\n"), db_name ); - /* fixme: check ->locked and other stuff */ -} - - -static void -dump_record( ulong rnum, TRUSTREC *rec, FILE *fp ) -{ - int i, any; - - fprintf(fp, "trust record %lu, type=", rnum ); - - switch( rec->rectype ) { - case 0: fprintf(fp, "free\n"); - break; - case RECTYPE_VER: fprintf(fp, "version\n"); - break; - case RECTYPE_DIR: - fprintf(fp, "dir keyid=%08lX, key=%lu, ctl=%lu, sig=%lu", - (ulong)rec->r.dir.keyid[1], - rec->r.dir.keyrec, rec->r.dir.ctlrec, rec->r.dir.sigrec ); - if( rec->r.dir.no_sigs == 1 ) - fputs(", (none)", fp ); - else if( rec->r.dir.no_sigs == 2 ) - fputs(", (invalid)", fp ); - else if( rec->r.dir.no_sigs == 3 ) - fputs(", (revoked)", fp ); - else if( rec->r.dir.no_sigs ) - fputs(", (??)", fp ); - putc('\n', fp); - break; - case RECTYPE_KEY: fprintf(fp, - "key keyid=%08lX, own=%lu, ownertrust=%02x, fl=%d\n", - (ulong)rec->r.key.keyid[1], - rec->r.key.owner, rec->r.key.ownertrust, - rec->r.key.fingerprint_len ); - break; - case RECTYPE_CTL: fprintf(fp, "ctl\n"); - break; - case RECTYPE_SIG: - fprintf(fp, "sigrec, owner=%lu, chain=%lu\n", - rec->r.sig.owner, rec->r.sig.chain ); - for(i=any=0; i < SIGS_PER_RECORD; i++ ) { - if( rec->r.sig.sig[i].local_id ) { - if( !any ) { - putc('\t', fp); - any++; - } - fprintf(fp, " %lu:%02x", rec->r.sig.sig[i].local_id, - rec->r.sig.sig[i].flag ); - } - } - if( any ) - putc('\n', fp); - break; - default: - fprintf(fp, "%d (unknown)\n", rec->rectype ); - break; - } -} - -/**************** - * read the record with number recnum - * returns: -1 on error, 0 on success - */ -static int -read_record( ulong recnum, TRUSTREC *rec, int expected ) -{ - byte buf[TRUST_RECORD_LEN], *p; - int rc = 0; - int n, i; - - if( db_fd == -1 ) - open_db(); - if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) { - log_error(_("trustdb: lseek failed: %s\n"), strerror(errno) ); - return G10ERR_READ_FILE; - } - n = read( db_fd, buf, TRUST_RECORD_LEN); - if( !n ) { - return -1; /* eof */ - } - else if( n != TRUST_RECORD_LEN ) { - log_error(_("trustdb: read failed (n=%d): %s\n"), n, strerror(errno) ); - return G10ERR_READ_FILE; - } - p = buf; - rec->rectype = *p++; - if( expected && rec->rectype != expected ) { - log_error("%lu: read expected rec type %d, got %d\n", - recnum, expected, rec->rectype ); - return G10ERR_TRUSTDB; - } - p++; - switch( rec->rectype ) { - case 0: /* unused record */ - break; - case RECTYPE_VER: /* version record */ - /* g10 was the original name */ - if( memcmp(buf+1, "gpg", 3 ) && memcmp(buf+1, "g10", 3 ) ) { - log_error(_("%s: not a trustdb file\n"), db_name ); - rc = G10ERR_TRUSTDB; - } - p += 2; /* skip magic */ - rec->r.ver.version = *p++; - rec->r.ver.locked = buftoulong(p); p += 4; - rec->r.ver.created = buftoulong(p); p += 4; - rec->r.ver.modified = buftoulong(p); p += 4; - rec->r.ver.validated= buftoulong(p); p += 4; - rec->r.ver.marginals_needed = *p++; - rec->r.ver.completes_needed = *p++; - rec->r.ver.max_cert_depth = *p++; - if( recnum ) { - log_error("%s: version record with recnum %lu\n", - db_name, (ulong)recnum ); - rc = G10ERR_TRUSTDB; - } - if( rec->r.ver.version != 1 ) { - log_error("%s: invalid file version %d\n", - db_name, rec->r.ver.version ); - rc = G10ERR_TRUSTDB; - } - break; - case RECTYPE_DIR: /*directory record */ - rec->r.dir.local_id = buftoulong(p); p += 4; - rec->r.dir.keyid[0] = buftou32(p); p += 4; - rec->r.dir.keyid[1] = buftou32(p); p += 4; - rec->r.dir.keyrec = buftoulong(p); p += 4; - rec->r.dir.ctlrec = buftoulong(p); p += 4; - rec->r.dir.sigrec = buftoulong(p); p += 4; - rec->r.dir.no_sigs = *p++; - if( rec->r.dir.local_id != recnum ) { - log_error("%s: dir local_id != recnum (%lu,%lu)\n", - db_name, - (ulong)rec->r.dir.local_id, - (ulong)recnum ); - rc = G10ERR_TRUSTDB; - } - break; - case RECTYPE_KEY: /* public key record */ - rec->r.key.owner = buftoulong(p); p += 4; - rec->r.dir.keyid[0] = buftou32(p); p += 4; - rec->r.dir.keyid[1] = buftou32(p); p += 4; - rec->r.key.pubkey_algo = *p++; - rec->r.key.fingerprint_len = *p++; - if( rec->r.key.fingerprint_len < 1 || rec->r.key.fingerprint_len > 20 ) - rec->r.key.fingerprint_len = 20; - memcpy( rec->r.key.fingerprint, p, 20); p += 20; - rec->r.key.ownertrust = *p++; - break; - case RECTYPE_CTL: /* control record */ - rec->r.ctl.owner = buftoulong(p); p += 4; - memcpy(rec->r.ctl.blockhash, p, 20); p += 20; - rec->r.ctl.trustlevel = *p++; - break; - case RECTYPE_SIG: - rec->r.sig.owner = buftoulong(p); p += 4; - rec->r.sig.chain = buftoulong(p); p += 4; - for(i=0; i < SIGS_PER_RECORD; i++ ) { - rec->r.sig.sig[i].local_id = buftoulong(p); p += 4; - rec->r.sig.sig[i].flag = *p++; - } - break; - default: - log_error("%s: invalid record type %d at recnum %lu\n", - db_name, rec->rectype, (ulong)recnum ); - rc = G10ERR_TRUSTDB; - break; - } - - return rc; -} - -/**************** - * Write the record at RECNUM - */ -static int -write_record( ulong recnum, TRUSTREC *rec ) -{ - byte buf[TRUST_RECORD_LEN], *p; - int rc = 0; - int i, n; - - if( db_fd == -1 ) - open_db(); - - memset(buf, 0, TRUST_RECORD_LEN); - p = buf; - *p++ = rec->rectype; p++; - switch( rec->rectype ) { - case 0: /* unused record */ - break; - case 1: /* version record */ - BUG(); - break; - - case RECTYPE_DIR: /*directory record */ - ulongtobuf(p, rec->r.dir.local_id); p += 4; - u32tobuf(p, rec->r.key.keyid[0]); p += 4; - u32tobuf(p, rec->r.key.keyid[1]); p += 4; - ulongtobuf(p, rec->r.dir.keyrec); p += 4; - ulongtobuf(p, rec->r.dir.ctlrec); p += 4; - ulongtobuf(p, rec->r.dir.sigrec); p += 4; - *p++ = rec->r.dir.no_sigs; - assert( rec->r.dir.local_id == recnum ); - break; - - case RECTYPE_KEY: - ulongtobuf(p, rec->r.key.owner); p += 4; - u32tobuf(p, rec->r.key.keyid[0]); p += 4; - u32tobuf(p, rec->r.key.keyid[1]); p += 4; - *p++ = rec->r.key.pubkey_algo; - *p++ = rec->r.key.fingerprint_len; - memcpy( p, rec->r.key.fingerprint, 20); p += 20; - *p++ = rec->r.key.ownertrust; - break; - - case RECTYPE_CTL: /* control record */ - ulongtobuf(p, rec->r.ctl.owner); p += 4; - memcpy(p, rec->r.ctl.blockhash, 20); p += 20; - *p++ = rec->r.ctl.trustlevel; - break; - - case RECTYPE_SIG: - ulongtobuf(p, rec->r.sig.owner); p += 4; - ulongtobuf(p, rec->r.sig.chain); p += 4; - for(i=0; i < SIGS_PER_RECORD; i++ ) { - ulongtobuf(p, rec->r.sig.sig[i].local_id); p += 4; - *p++ = rec->r.sig.sig[i].flag; - } - break; - default: - BUG(); - } - - if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) { - log_error(_("trustdb: lseek failed: %s\n"), strerror(errno) ); - return G10ERR_WRITE_FILE; - } - n = write( db_fd, buf, TRUST_RECORD_LEN); - if( n != TRUST_RECORD_LEN ) { - log_error(_("trustdb: write failed (n=%d): %s\n"), n, strerror(errno) ); - return G10ERR_WRITE_FILE; - } - - return rc; -} - - -/**************** - * create a new record and return its record number - */ -static ulong -new_recnum() -{ - off_t offset; - ulong recnum; - TRUSTREC rec; - int rc; - - /* fixme: look for unused records */ - offset = lseek( db_fd, 0, SEEK_END ); - if( offset == -1 ) - log_fatal("trustdb: lseek to end failed: %s\n", strerror(errno) ); - recnum = offset / TRUST_RECORD_LEN; - assert(recnum); /* this is will never be the first record */ - - /* we must write a record, so that the next call to this function - * returns another recnum */ - memset( &rec, 0, sizeof rec ); - rec.rectype = 0; /* free record */ - rc = write_record(recnum, &rec ); - if( rc ) - log_fatal(_("%s: failed to append a record: %s\n"), - db_name, g10_errstr(rc)); - return recnum ; -} - -/**************** - * Search the trustdb for a key which matches PK and return the dir record - * The local_id of PK is set to the correct value - * - * Note: To increase performance, we could use a index search here. - */ -static int -search_record( PKT_public_key *pk, TRUSTREC *rec ) -{ - ulong recnum; - u32 keyid[2]; - byte *fingerprint; - size_t fingerlen; - int rc; - - keyid_from_pk( pk, keyid ); - fingerprint = fingerprint_from_pk( pk, &fingerlen ); - assert( fingerlen == 20 || fingerlen == 16 ); - - for(recnum=1; !(rc=read_record( recnum, rec, 0)); recnum++ ) { - if( rec->rectype != RECTYPE_DIR ) - continue; - if( rec->r.dir.keyid[0] == keyid[0] - && rec->r.dir.keyid[1] == keyid[1]){ - TRUSTREC keyrec; - - if( read_record( rec->r.dir.keyrec, &keyrec, RECTYPE_KEY ) ) { - log_error("%lu: ooops: invalid key record\n", recnum ); - break; - } - if( keyrec.r.key.pubkey_algo == pk->pubkey_algo - && !memcmp(keyrec.r.key.fingerprint, fingerprint, fingerlen) ){ - if( pk->local_id && pk->local_id != recnum ) - log_error("%s: found record, but local_id from mem does " - "not match recnum (%lu,%lu)\n", db_name, - (ulong)pk->local_id, (ulong)recnum ); - pk->local_id = recnum; - return 0; - } - } - } - if( rc != -1 ) - log_error(_("%s: search_db failed: %s\n"),db_name, g10_errstr(rc) ); - return rc; -} - - /**************** * If we do not have a local_id in a signature packet, find the owner of * the signature packet in our trustdb or insert them into the trustdb @@ -697,7 +186,7 @@ set_signature_packets_local_id( PKT_signature *sig ) if( rc) goto leave; if( !pk->local_id ) { - rc = search_record( pk, &rec ); + rc = tdbio_search_record( pk, &rec ); if( rc == -1 ) rc = insert_trust_record( pk ); if( rc ) @@ -719,7 +208,7 @@ keyid_from_local_id( ulong lid, u32 *keyid ) TRUSTREC rec; int rc; - rc = read_record( lid, &rec, RECTYPE_DIR ); + rc = tdbio_read_record( lid, &rec, RECTYPE_DIR ); if( rc ) { log_error(_("error reading record with local_id %lu: %s\n"), lid, g10_errstr(rc)); @@ -757,7 +246,7 @@ walk_sigrecs( SIGREC_CONTEXT *c, int create ) if( !c->ctl.init_done ) { c->ctl.init_done = 1; if( !c->sigrec ) { - rc = read_record( c->local_id, r, RECTYPE_DIR ); + rc = tdbio_read_record( c->local_id, r, RECTYPE_DIR ); if( rc ) { log_error(_("%lu: error reading dir record: %s\n"), c->local_id, g10_errstr(rc)); @@ -775,7 +264,7 @@ walk_sigrecs( SIGREC_CONTEXT *c, int create ) c->ctl.eof = 1; return rc; } - rc = read_record( c->local_id, r, RECTYPE_DIR ); + rc = tdbio_read_record( c->local_id, r, RECTYPE_DIR ); if( rc ) { log_error(_("%lu: error re-reading dir record: %s\n"), c->local_id, g10_errstr(rc)); @@ -802,7 +291,7 @@ walk_sigrecs( SIGREC_CONTEXT *c, int create ) c->ctl.eof = 1; return -1; /* return eof */ } - rc = read_record( rnum, r, RECTYPE_SIG ); + rc = tdbio_read_record( rnum, r, RECTYPE_SIG ); if( rc ) { log_error(_("error reading sigrec: %s\n"), g10_errstr(rc)); c->ctl.eof = 1; @@ -842,29 +331,28 @@ verify_own_keys() u32 keyid[2]; while( !(rc=enum_secret_keys( &enum_context, sk) ) ) { - /* fixed: to be sure that it is a secret key of our own, - * we should check it, but this needs a passphrase - * for every key and this is boring for the user. - * Solution: Sign the secring and the trustring - * and verify this signature during - * startup + /* To be sure that it is a secret key of our own, + * we should check it, but this needs a passphrase + * for every key and this is boring for the user. + * Anyway, access to the seret keyring should be + * granted to the user only as it is poosible to + * crack it with dictionary attacks. */ - keyid_from_sk( sk, keyid ); if( DBG_TRUST ) - log_debug("checking secret key %08lX\n", (ulong)keyid[1] ); + log_debug("key %08lX: checking secret key\n", (ulong)keyid[1] ); /* see whether we can access the public key of this secret key */ memset( pk, 0, sizeof *pk ); rc = get_pubkey( pk, keyid ); if( rc ) { - log_error(_("keyid %08lX: secret key without public key\n"), + log_error(_("key %08lX: secret key without public key\n"), (ulong)keyid[1] ); goto leave; } if( cmp_public_secret_key( pk, sk ) ) { - log_error(_("keyid %08lX: secret and public key don't match\n"), + log_error(_("key %08lX: secret and public key don't match\n"), (ulong)keyid[1] ); rc = G10ERR_GENERAL; goto leave; @@ -875,22 +363,22 @@ verify_own_keys() if( rc == -1 ) { /* put it into the trustdb */ rc = insert_trust_record( pk ); if( rc ) { - log_error(_("keyid %08lX: can't put it into the trustdb\n"), + log_error(_("key %08lX: can't put it into the trustdb\n"), (ulong)keyid[1] ); goto leave; } } else if( rc ) { - log_error(_("keyid %08lX: query record failed\n"), (ulong)keyid[1] ); + log_error(_("key %08lX: query record failed\n"), (ulong)keyid[1] ); goto leave; } if( DBG_TRUST ) - log_debug("putting %08lX(%lu) into ultikey_table\n", + log_debug("key %08lX.%lu: stored into ultikey_table\n", (ulong)keyid[1], pk->local_id ); if( ins_lid_table_item( ultikey_table, pk->local_id, 0 ) ) - log_error(_("keyid %08lX: already in ultikey_table\n"), + log_error(_("key %08lX: already in ultikey_table\n"), (ulong)keyid[1]); @@ -927,6 +415,33 @@ print_user_id( const char *text, u32 *keyid ) m_free(p); } +static void +print_keyid( FILE *fp, ulong lid ) +{ + u32 ki[2]; + if( keyid_from_trustdb( lid, ki ) ) + fprintf(fp, "????????.%lu", lid ); + else + fprintf(fp, "%08lX.%lu", (ulong)ki[1], lid ); +} + +static void +print_trust( FILE *fp, unsigned trust ) +{ + int c; + switch( trust ) { + case TRUST_UNKNOWN: c = 'o'; break; + case TRUST_EXPIRED: c = 'e'; break; + case TRUST_UNDEFINED: c = 'q'; break; + case TRUST_NEVER: c = 'n'; break; + case TRUST_MARGINAL: c = 'm'; break; + case TRUST_FULLY: c = 'f'; break; + case TRUST_ULTIMATE: c = 'u'; break; + default: fprintf(fp, "%02x", trust ); return; + } + putc(c, fp); +} + /* (a non-recursive algorithm would be easier) */ static int do_list_sigs( ulong root, ulong pubkey, int depth, @@ -944,12 +459,12 @@ do_list_sigs( ulong root, ulong pubkey, int depth, break; rc = keyid_from_local_id( sx.sig_id, keyid ); if( rc ) { - printf("%6u: %*s????????(%lu:%02x)\n", *lineno, depth*4, "", + printf("%6u: %*s????????.%lu:%02x\n", *lineno, depth*4, "", sx.sig_id, sx.sig_flag ); ++*lineno; } else { - printf("%6u: %*s%08lX(%lu:%02x) ", *lineno, depth*4, "", + printf("%6u: %*s%08lX.%lu:%02x ", *lineno, depth*4, "", (ulong)keyid[1], sx.sig_id, sx.sig_flag ); /* check whether we already checked this pubkey */ if( !qry_lid_table_flag( ultikey_table, sx.sig_id, NULL ) ) { @@ -1002,7 +517,7 @@ list_sigs( ulong pubkey_id ) log_error("Hmmm, no pubkey record for local_id %lu\n", pubkey_id); return rc; } - printf("Signatures of %08lX(%lu) ", (ulong)keyid[1], pubkey_id ); + printf("Signatures of %08lX.%lu ", (ulong)keyid[1], pubkey_id ); print_user_id("", keyid); printf("----------------------\n"); @@ -1134,7 +649,7 @@ check_sigs( KBNODE keyblock, int *selfsig_okay, int *revoked ) } } if( DBG_TRUST ) - log_debug("trustdb: sig from %08lX(%lu): %s%s\n", + log_debug("trustdb: sig from %08lX.%lu: %s%s\n", (ulong)node->pkt->pkt.signature->keyid[1], node->pkt->pkt.signature->local_id, g10_errstr(rc), (node->flag&4)?" (dup)":"" ); @@ -1165,18 +680,19 @@ build_sigrecs( ulong pubkeyid ) log_debug("trustdb: build_sigrecs for pubkey %lu\n", (ulong)pubkeyid ); /* get the keyblock */ - if( (rc=read_record( pubkeyid, &rec, RECTYPE_DIR )) ) { + if( (rc=tdbio_read_record( pubkeyid, &rec, RECTYPE_DIR )) ) { log_error(_("%lu: build_sigrecs: can't read dir record\n"), pubkeyid ); goto leave; } - if( (rc=read_record( rec.r.dir.keyrec, &krec, RECTYPE_KEY )) ) { + if( (rc=tdbio_read_record( rec.r.dir.keyrec, &krec, RECTYPE_KEY )) ) { log_error(_("%lu: build_sigrecs: can't read key record\n"), pubkeyid); goto leave; } rc = get_keyblock_byfprint( &keyblock, krec.r.key.fingerprint, krec.r.key.fingerprint_len ); if( rc ) { - log_error(_("build_sigrecs: get_keyblock_byfprint failed\n") ); + log_error(_("build_sigrecs: get_keyblock_byfprint failed: %s\n"), + g10_errstr(rc) ); goto leave; } /* check all key signatures */ @@ -1214,7 +730,7 @@ build_sigrecs( ulong pubkeyid ) * it was necessary to have the pubkey. The only reason * this can fail are I/O errors of the trustdb or a * remove operation on the pubkey database - which should - * not disturb us, because we have to chance them anyway. */ + * not disturb us, because we have to change them anyway. */ rc = set_signature_packets_local_id( node->pkt->pkt.signature ); if( rc ) log_fatal(_("set_signature_packets_local_id failed: %s\n"), @@ -1222,11 +738,11 @@ build_sigrecs( ulong pubkeyid ) } if( i == SIGS_PER_RECORD ) { /* write the record */ - rnum = new_recnum(); + rnum = tdbio_new_recnum(); if( rnum2 ) { /* write the stored record */ rec2.r.sig.owner = pubkeyid; rec2.r.sig.chain = rnum; /* the next record number */ - rc = write_record( rnum2, &rec2 ); + rc = tdbio_write_record( rnum2, &rec2 ); if( rc ) { log_error(_("build_sigrecs: write_record failed\n") ); goto leave; @@ -1247,11 +763,11 @@ build_sigrecs( ulong pubkeyid ) } if( i || rnum2 ) { /* write the record */ - rnum = new_recnum(); + rnum = tdbio_new_recnum(); if( rnum2 ) { /* write the stored record */ rec2.r.sig.owner = pubkeyid; rec2.r.sig.chain = rnum; - rc = write_record( rnum2, &rec2 ); + rc = tdbio_write_record( rnum2, &rec2 ); if( rc ) { log_error(_("build_sigrecs: write_record failed\n") ); goto leave; @@ -1262,7 +778,7 @@ build_sigrecs( ulong pubkeyid ) if( i ) { /* write the pending record */ rec.r.sig.owner = pubkeyid; rec.r.sig.chain = 0; - rc = write_record( rnum, &rec ); + rc = tdbio_write_record( rnum, &rec ); if( rc ) { log_error(_("build_sigrecs: write_record failed\n") ); goto leave; @@ -1273,12 +789,12 @@ build_sigrecs( ulong pubkeyid ) } if( first_sigrec ) { /* update the dir record */ - if( (rc =read_record( pubkeyid, &rec, RECTYPE_DIR )) ) { + if( (rc =tdbio_read_record( pubkeyid, &rec, RECTYPE_DIR )) ) { log_error(_("update_dir_record: read failed\n")); goto leave; } rec.r.dir.sigrec = first_sigrec; - if( (rc=write_record( pubkeyid, &rec )) ) { + if( (rc=tdbio_write_record( pubkeyid, &rec )) ) { log_error(_("update_dir_record: write failed\n")); goto leave; } @@ -1410,7 +926,7 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel ) /* no sigrecs, so build them */ rc = build_sigrecs( pubkeyid ); if( !rc ) /* and read again */ - rc = read_record( pubkeyid, dr, RECTYPE_DIR ); + rc = tdbio_read_record( pubkeyid, dr, RECTYPE_DIR ); } if( dr->r.dir.no_sigs == 3 ) @@ -1439,10 +955,13 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel ) continue; if( opt.verbose ) { - log_info("tslist segs:" ); - for(i=0; i < tsl->nseg; i++ ) - fprintf(stderr, " %lu/%02x", tsl->seg[i].lid, - tsl->seg[i].trust ); + log_info("trust path:" ); + for(i=0; i < tsl->nseg; i++ ) { + putc(' ',stderr); + print_keyid( stderr, tsl->seg[i].lid ); + putc(':',stderr); + print_trust( stderr, tsl->seg[i].trust ); + } putc('\n',stderr); } } @@ -1504,39 +1023,9 @@ init_trustdb( int level, const char *dbname ) ultikey_table = new_lid_table(); if( !level || level==1 ) { - char *fname = dbname? m_strdup( dbname ) - : make_filename(opt.homedir, "trustdb.gpg", NULL ); - if( access( fname, R_OK ) ) { - if( errno != ENOENT ) { - log_error(_("can't access %s: %s\n"), fname, strerror(errno) ); - m_free(fname); - return G10ERR_TRUSTDB; - } - if( level ) { - char *p = strrchr( fname, '/' ); - assert(p); - *p = 0; - if( access( fname, F_OK ) ) { - if( strlen(fname) >= 7 - && !strcmp(fname+strlen(fname)-7, "/.gnupg" ) ) { - #if __MINGW32__ - if( mkdir( fname ) ) - #else - if( mkdir( fname, S_IRUSR|S_IWUSR|S_IXUSR ) ) - #endif - log_fatal(_("can't create directory '%s': %s\n"), - fname, strerror(errno) ); - } - else - log_fatal(_("directory '%s' does not exist!\n"), fname ); - } - *p = '/'; - create_db( fname ); - } - } - m_free(db_name); - db_name = fname; - + rc = tdbio_set_dbname( dbname, !!level ); + if( rc ) + return rc; if( !level ) return 0; @@ -1566,7 +1055,7 @@ list_trustdb( const char *username ) if( (rc = get_pubkey_byname( pk, username )) ) log_error("user '%s' not found: %s\n", username, g10_errstr(rc) ); - else if( (rc=search_record( pk, &rec )) && rc != -1 ) + else if( (rc=tdbio_search_record( pk, &rec )) && rc != -1 ) log_error("problem finding '%s' in trustdb: %s\n", username, g10_errstr(rc)); else if( rc == -1 ) @@ -1579,12 +1068,12 @@ list_trustdb( const char *username ) ulong recnum; int i; - printf("TrustDB: %s\n", db_name ); - for(i=9+strlen(db_name); i > 0; i-- ) + printf("TrustDB: %s\n", tdbio_get_dbname() ); + for(i=9+strlen(tdbio_get_dbname()); i > 0; i-- ) putchar('-'); putchar('\n'); - for(recnum=0; !read_record( recnum, &rec, 0); recnum++ ) - dump_record( recnum, &rec, stdout ); + for(recnum=0; !tdbio_read_record( recnum, &rec, 0); recnum++ ) + tdbio_dump_record( recnum, &rec, stdout ); } } @@ -1599,7 +1088,7 @@ list_ownertrust() int i; byte *p; - for(recnum=0; !read_record( recnum, &rec, 0); recnum++ ) { + for(recnum=0; !tdbio_read_record( recnum, &rec, 0); recnum++ ) { if( rec.rectype == RECTYPE_KEY ) { p = rec.r.key.fingerprint; for(i=0; i < rec.r.key.fingerprint_len; i++, p++ ) @@ -1625,7 +1114,7 @@ list_trust_path( int max_depth, const char *username ) if( (rc = get_pubkey_byname( pk, username )) ) log_error("user '%s' not found: %s\n", username, g10_errstr(rc) ); - else if( (rc=search_record( pk, &rec )) && rc != -1 ) + else if( (rc=tdbio_search_record( pk, &rec )) && rc != -1 ) log_error("problem finding '%s' in trustdb: %s\n", username, g10_errstr(rc)); else if( rc == -1 ) { @@ -1684,8 +1173,12 @@ list_trust_path( int max_depth, const char *username ) if( tsl->dup ) continue; printf("trust path:" ); - for(i=0; i < tsl->nseg; i++ ) - printf(" %lu/%02x", tsl->seg[i].lid, tsl->seg[i].trust ); + for(i=0; i < tsl->nseg; i++ ) { + putc(' ',stdout); + print_keyid( stdout, tsl->seg[i].lid ); + putc(':',stdout); + print_trust( stdout, tsl->seg[i].trust ); + } putchar('\n'); } } @@ -1722,19 +1215,22 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel ) unsigned trustlevel = TRUST_UNKNOWN; int rc=0; u32 cur_time; + u32 keyid[2]; + if( DBG_TRUST ) log_info("check_trust() called.\n"); + keyid_from_pk( pk, keyid ); /* get the pubkey record */ if( pk->local_id ) { - if( read_record( pk->local_id, &rec, RECTYPE_DIR ) ) { - log_error(_("check_trust: read record failed\n")); + if( tdbio_read_record( pk->local_id, &rec, RECTYPE_DIR ) ) { + log_error(_("check_trust: read dir record failed\n")); return G10ERR_TRUSTDB; } } else { /* no local_id: scan the trustdb */ - if( (rc=search_record( pk, &rec )) && rc != -1 ) { + if( (rc=tdbio_search_record( pk, &rec )) && rc != -1 ) { log_error(_("check_trust: search_record failed: %s\n"), g10_errstr(rc)); return rc; @@ -1742,31 +1238,35 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel ) else if( rc == -1 ) { rc = insert_trust_record( pk ); if( rc ) { - log_error(_("failed to insert pubkey into trustdb: %s\n"), - g10_errstr(rc)); + log_error(_("key %08lX: insert trust record failed: %s\n"), + keyid[1], g10_errstr(rc)); goto leave; } - log_info(_("pubkey not in trustdb - inserted as %lu\n"), - pk->local_id ); + log_info(_("key %08lX.%lu: inserted into trustdb\n"), + keyid[1], pk->local_id ); } } cur_time = make_timestamp(); if( pk->timestamp > cur_time ) { - log_info(_("public key created in future (time warp or clock problem)\n")); + log_info(_("key %08lX.%lu: created in future " + "(time warp or clock problem)\n"), + keyid[1], pk->local_id ); return G10ERR_TIME_CONFLICT; } if( pk->valid_days && add_days_to_timestamp(pk->timestamp, pk->valid_days) < cur_time ) { - log_info(_("key expiration date is %s\n"), strtimestamp( - add_days_to_timestamp(pk->timestamp, - pk->valid_days))); + log_info(_("key %08lX.%lu: expired at %s\n"), + keyid[1], pk->local_id, + strtimestamp( add_days_to_timestamp(pk->timestamp, + pk->valid_days))); trustlevel = TRUST_EXPIRED; } else { rc = do_check( pk->local_id, &rec, &trustlevel ); if( rc ) { - log_error(_("check_trust: do_check failed: %s\n"), g10_errstr(rc)); + log_error(_("key %08lX.%lu: trust check failed: %s\n"), + keyid[1], pk->local_id, g10_errstr(rc)); return rc; } } @@ -1774,7 +1274,7 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel ) leave: if( DBG_TRUST ) - log_info("check_trust() returns trustlevel %04x.\n", trustlevel); + log_debug("check_trust() returns trustlevel %04x.\n", trustlevel); *r_trustlevel = trustlevel; return 0; } @@ -1859,11 +1359,11 @@ get_ownertrust( ulong lid, unsigned *r_otrust ) { TRUSTREC rec; - if( read_record( lid, &rec, RECTYPE_DIR ) ) { + if( tdbio_read_record( lid, &rec, RECTYPE_DIR ) ) { log_error("get_ownertrust: read dir record failed\n"); return G10ERR_TRUSTDB; } - if( read_record( rec.r.dir.keyrec, &rec, RECTYPE_KEY ) ) { + if( tdbio_read_record( rec.r.dir.keyrec, &rec, RECTYPE_KEY ) ) { log_error("get_ownertrust: read key record failed\n"); return G10ERR_TRUSTDB; } @@ -1877,7 +1377,7 @@ keyid_from_trustdb( ulong lid, u32 *keyid ) { TRUSTREC rec; - if( read_record( lid, &rec, RECTYPE_DIR ) ) { + if( tdbio_read_record( lid, &rec, RECTYPE_DIR ) ) { log_error("keyid_from_trustdb: read record failed\n"); return G10ERR_TRUSTDB; } @@ -1903,13 +1403,13 @@ query_trust_record( PKT_public_key *pk ) int rc=0; if( pk->local_id ) { - if( read_record( pk->local_id, &rec, RECTYPE_DIR ) ) { + if( tdbio_read_record( pk->local_id, &rec, RECTYPE_DIR ) ) { log_error("query_trust_record: read record failed\n"); return G10ERR_TRUSTDB; } } else { /* no local_id: scan the trustdb */ - if( (rc=search_record( pk, &rec )) && rc != -1 ) { + if( (rc=tdbio_search_record( pk, &rec )) && rc != -1 ) { log_error("query_trust_record: search_record failed: %s\n", g10_errstr(rc)); return rc; @@ -1939,10 +1439,10 @@ insert_trust_record( PKT_public_key *pk ) keyid_from_pk( pk, keyid ); fingerprint = fingerprint_from_pk( pk, &fingerlen ); - /* FIXME: check that we do not have this record. */ + /* fixme: assert that we do not have this record. */ - dnum = new_recnum(); - knum = new_recnum(); + dnum = tdbio_new_recnum(); + knum = tdbio_new_recnum(); /* build dir record */ memset( &rec, 0, sizeof rec ); rec.rectype = RECTYPE_DIR; @@ -1951,7 +1451,7 @@ insert_trust_record( PKT_public_key *pk ) rec.r.dir.keyid[1] = keyid[1]; rec.r.dir.keyrec = knum; rec.r.dir.no_sigs = 0; - if( write_record( dnum, &rec ) ) { + if( tdbio_write_record( dnum, &rec ) ) { log_error("writing dir record failed\n"); return G10ERR_TRUSTDB; } @@ -1965,11 +1465,11 @@ insert_trust_record( PKT_public_key *pk ) rec.r.key.fingerprint_len = fingerlen; memcpy(rec.r.key.fingerprint, fingerprint, fingerlen ); rec.r.key.ownertrust = 0; - if( write_record( knum, &rec ) ) { + if( tdbio_write_record( knum, &rec ) ) { log_error("wrinting key record failed\n"); return G10ERR_TRUSTDB; } - + /* and store the LID */ pk->local_id = dnum; return 0; @@ -1982,19 +1482,19 @@ update_ownertrust( ulong lid, unsigned new_trust ) TRUSTREC rec; ulong recnum; - if( read_record( lid, &rec, RECTYPE_DIR ) ) { + if( tdbio_read_record( lid, &rec, RECTYPE_DIR ) ) { log_error("update_ownertrust: read dir failed\n"); return G10ERR_TRUSTDB; } recnum = rec.r.dir.keyrec; - if( read_record( recnum, &rec, RECTYPE_KEY ) ) { + if( tdbio_read_record( recnum, &rec, RECTYPE_KEY ) ) { log_error("update_ownertrust: read key failed\n"); return G10ERR_TRUSTDB; } /* check keyid, fingerprint etc ? */ rec.r.key.ownertrust = new_trust; - if( write_record( recnum, &rec ) ) { + if( tdbio_write_record( recnum, &rec ) ) { log_error("update_ownertrust: write failed\n"); return G10ERR_TRUSTDB; } @@ -2013,13 +1513,13 @@ update_no_sigs( ulong lid, int no_sigs ) { TRUSTREC rec; - if( read_record( lid, &rec, RECTYPE_DIR ) ) { + if( tdbio_read_record( lid, &rec, RECTYPE_DIR ) ) { log_error("update_no_sigs: read failed\n"); return G10ERR_TRUSTDB; } rec.r.dir.no_sigs = no_sigs; - if( write_record( lid, &rec ) ) { + if( tdbio_write_record( lid, &rec ) ) { log_error("update_no_sigs: write failed\n"); return G10ERR_TRUSTDB; } diff --git a/include/cipher.h b/include/cipher.h index 6df44b772..0e2b95a79 100644 --- a/include/cipher.h +++ b/include/cipher.h @@ -121,6 +121,8 @@ void md_stop_debug( MD_HANDLE a ); md_write( (h), NULL, 0 ); \ (h)->buffer[(h)->bufcount++] = (c) & 0xff; \ } while(0) +/*-- rmd160.c --*/ +void rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ); /*-- cipher.c --*/ diff --git a/po/de.po b/po/de.po index 20532ff98..c620d414d 100644 --- a/po/de.po +++ b/po/de.po @@ -6,12 +6,12 @@ msgstr "" "Xgettext-Options: --default-domain=gnupg --directory=.. --add-comments --keyword=_ --keyword=N_ --files-from=./POTFILES.in\n" "Files: util/secmem.c util/argparse.c cipher/random.c cipher/rand-dummy.c cipher/rand-unix.c cipher/rand-w32.c g10/g10.c g10/pkclist.c g10/keygen.c g10/decrypt.c g10/encode.c g10/import.c g10/keyedit.c g10/keylist.c g10/mainproc.c g10/passphrase.c g10/plaintext.c g10/pref.c g10/seckey-cert.c g10/sig-check.c g10/sign.c g10/trustdb.c g10/verify.c\n" -#: util/secmem.c:180 +#: util/secmem.c:188 msgid "Warning: using insecure memory!\n" msgstr "" "Achtung: Speicher mit sensibeln Daten kann auf Platte ausgelagert werden.\n" "(um dies zu vermeiden, kann das Programm suid(root) installiert werden;\n" -" bitte wenden Sie sich hierzu an den Systemadministraor)\n" +" bitte wenden Sie sich hierzu an den Systemadministrator)\n" #: cipher/rand-dummy.c:106 msgid "warning: using insecure random number generator!!\n" @@ -134,31 +134,31 @@ msgstr "Ein \"Revocation\" Zertifikat erzeugen" msgid "export keys" msgstr "Schl\374ssel exportieren" -#: g10/g10.c:79 +#: g10/g10.c:80 msgid "import/merge keys" msgstr "Schl\374ssel importieren/kombinieren" -#: g10/g10.c:80 +#: g10/g10.c:81 msgid "list only the sequence of packets" msgstr "Lediglich die Struktur der Daten Packete anzeigen" -#: g10/g10.c:83 +#: g10/g10.c:84 msgid "De-Armor a file or stdin" msgstr "\"De-Armor\" einer Datei oder stdin" -#: g10/g10.c:84 +#: g10/g10.c:85 msgid "En-Armor a file or stdin" msgstr "\"En-Armor\" einer Datei oder stdin" -#: g10/g10.c:85 +#: g10/g10.c:86 msgid "|algo [files]|print message digests" msgstr "|algo [files]|Hashwerte der Dateien ausgeben" -#: g10/g10.c:86 +#: g10/g10.c:87 msgid "print all message digests" msgstr "Message-Digests f\374r die Eingabedaten ausgeben" -#: g10/g10.c:91 +#: g10/g10.c:92 msgid "" "@\n" "Options:\n" @@ -168,111 +168,111 @@ msgstr "" "Optionen:\n" " " -#: g10/g10.c:93 +#: g10/g10.c:94 msgid "create ascii armored output" msgstr "Ausgabe mit ASCII Armor versehen" -#: g10/g10.c:95 +#: g10/g10.c:96 msgid "use this user-id to sign or decrypt" msgstr "Mit dieser User-ID signieren" -#: g10/g10.c:96 +#: g10/g10.c:97 msgid "use this user-id for encryption" msgstr "Verschl\374sseln f\374r diese User-ID" -#: g10/g10.c:97 +#: g10/g10.c:98 msgid "|N|set compress level N (0 disables)" msgstr "Kompressionsstufe auf N setzen (0 f\374r keine Kompression)" -#: g10/g10.c:98 +#: g10/g10.c:99 msgid "use canonical text mode" msgstr "Text Modus benutzen" -#: g10/g10.c:100 +#: g10/g10.c:101 msgid "use as output file" msgstr "dies als Ausgabedatei benutzen" -#: g10/g10.c:101 +#: g10/g10.c:102 msgid "verbose" msgstr "detailierte Informationen" -#: g10/g10.c:102 +#: g10/g10.c:103 msgid "do not make any changes" msgstr "Keine wirklichen \304nderungen durchf\374hren" -#: g10/g10.c:103 +#: g10/g10.c:104 msgid "batch mode: never ask" msgstr "Stapel Modus: Keine Abfragen" -#: g10/g10.c:104 +#: g10/g10.c:105 msgid "assume yes on most questions" msgstr "\"Ja\" als Standard Antwort annehmen" -#: g10/g10.c:105 +#: g10/g10.c:106 msgid "assume no on most questions" msgstr "\"Nein\" als Standard Antwort annehmen" -#: g10/g10.c:106 +#: g10/g10.c:107 msgid "add this keyring to the list of keyrings" msgstr "Den \366ffentlichen Schl\374sselring mitbenutzen" -#: g10/g10.c:107 +#: g10/g10.c:108 msgid "add this secret keyring to the list" msgstr "Den geheimen Schl\374sselring mitbenutzen" -#: g10/g10.c:108 +#: g10/g10.c:109 msgid "|NAME|use NAME as default secret key" msgstr "|NAME|NAME als voreingestellten Schl\374ssel benutzen" -#: g10/g10.c:109 +#: g10/g10.c:110 msgid "read options from file" msgstr "Optionen aus der Datei lesen" -#: g10/g10.c:111 +#: g10/g10.c:112 msgid "set debugging flags" msgstr "Debug-Flags einschalten" -#: g10/g10.c:112 +#: g10/g10.c:113 msgid "enable full debugging" msgstr "Alle Debug-Flags einschalten" -#: g10/g10.c:113 +#: g10/g10.c:114 msgid "|FD|write status info to this FD" msgstr "|FD|Status Informatiuon auf FD ausgeben" -#: g10/g10.c:114 +#: g10/g10.c:115 msgid "do not write comment packets" msgstr "Keine Kommentarpackete schreiben" -#: g10/g10.c:115 +#: g10/g10.c:116 msgid "(default is 1)" msgstr "(voreingestellt ist 1)" -#: g10/g10.c:116 +#: g10/g10.c:117 msgid "(default is 3)" msgstr "(voreingestellt ist 3)" -#: g10/g10.c:117 +#: g10/g10.c:118 msgid "|file|load extension module" msgstr "|FILE|Erweierungsmodul |FILE| laden" -#: g10/g10.c:118 +#: g10/g10.c:119 msgid "emulate the mode described in RFC1991" msgstr "Den in RFC1991 beschriebenen Modus emulieren" -#: g10/g10.c:120 +#: g10/g10.c:121 msgid "|NAME|use cipher algorithm NAME" msgstr "|NAME|Den Cipher-Algorithmus NAME benutzen" -#: g10/g10.c:121 +#: g10/g10.c:122 msgid "|NAME|use message digest algorithm NAME" msgstr "|NAME|Den Hash-Algorithmus NAME benutzen" -#: g10/g10.c:122 +#: g10/g10.c:123 msgid "|N|use compress algorithm N" msgstr "|N|Den Komressionsalgorithmus N benutzen" -#: g10/g10.c:130 +#: g10/g10.c:131 msgid "" "@\n" "Examples:\n" @@ -292,19 +292,19 @@ msgstr "" " -k [userid] Die Schll\374ssel anzeigen\n" " -kc [userid] Die \"Fingerprints\" anzeigen\n" -#: g10/g10.c:211 +#: g10/g10.c:213 msgid "Please report bugs to .\n" -msgstr "Berichte \374ber Wanzen an .\n" +msgstr "Berichte \374ber Wanzen an .\n" -#: g10/g10.c:216 +#: g10/g10.c:218 msgid "Usage: gpgm [options] [files] (-h for help)" msgstr "Aufruf: gpgm [Optionen] [Dateien] (-h f\374r Hilfe)" -#: g10/g10.c:218 +#: g10/g10.c:220 msgid "Usage: gpg [options] [files] (-h for help)" msgstr "Aufruf: gpg [Optionen] [Dateien] (-h f\374r Hilfe)" -#: g10/g10.c:223 +#: g10/g10.c:225 msgid "" "Syntax: gpgm [options] [files]\n" "GNUPG maintenance utility\n" @@ -312,7 +312,7 @@ msgstr "" "Syntax: gpgm [options] [files]\n" "GNUPG Wartungs Hilfsmittel\n" -#: g10/g10.c:226 +#: g10/g10.c:228 msgid "" "Syntax: gpg [options] [files]\n" "sign, check, encrypt or decrypt\n" @@ -322,138 +322,142 @@ msgstr "" "Signieren, pr\374fen, verschl\374sseln, entschl\374sseln\n" "Die voreingestellte Operation ist abh\344ngig von den Eingabedaten\n" -#: g10/g10.c:303 +#: g10/g10.c:308 msgid "usage: gpgm [options] " msgstr "Aufruf: gpgm [Optionen] " -#: g10/g10.c:305 +#: g10/g10.c:310 msgid "usage: gpg [options] " msgstr "Aufruf: gpg [Optionen] " -#: g10/g10.c:346 +#: g10/g10.c:351 msgid "conflicting commands\n" msgstr "Widersprechende Kommandos\n" -#: g10/g10.c:359 +#: g10/g10.c:364 msgid "selected cipher algorithm is invalid\n" msgstr "Der ausgew\344hlte Cipher Algorithmus ist ung\374ltig\n" -#: g10/g10.c:361 +#: g10/g10.c:366 msgid "selected digest algorithm is invalid\n" msgstr "Der ausgew\344hlte Message-Digest Algorithmus ist ung\374ltig\n" -#: g10/g10.c:363 +#: g10/g10.c:368 msgid "compress algorithm must be in range %d..%d\n" msgstr "Der Kompressionsalgorithmus muss %d bis %d sein\n" -#: g10/g10.c:365 +#: g10/g10.c:370 msgid "completes-needed must be greater than 0\n" msgstr "completes-needed m\374\337en gr\366\337er als 0 sein\n" -#: g10/g10.c:367 +#: g10/g10.c:372 msgid "marginals-needed must be greater than 1\n" msgstr "marginals-needed m\374\337en gr\366\337er als 1 sein\n" -#: g10/g10.c:463 +#: g10/g10.c:471 msgid "note: no default option file '%s'\n" msgstr "Notiz: Keine voreingestellte Optionen Datei '%s' vorhanden\n" -#: g10/g10.c:467 +#: g10/g10.c:475 msgid "option file '%s': %s\n" msgstr "Optionen Datei '%s': %s\n" -#: g10/g10.c:474 +#: g10/g10.c:482 msgid "reading options from '%s'\n" msgstr "Optionen werden von '%s' gelesen\n" -#: g10/g10.c:693 +#: g10/g10.c:720 msgid "failed to initialize the TrustDB: %s\n" msgstr "Die Trust-DB kann nicht initialisiert werden: %s\n" -#: g10/g10.c:699 +#. only store the file +#: g10/g10.c:726 msgid "--store [filename]" msgstr "--store [Dateiname]" -#: g10/g10.c:707 +#: g10/g10.c:734 msgid "--symmetric [filename]" msgstr "--symmetric [Dateiname]" -#: g10/g10.c:715 +#. encrypt the given file +#: g10/g10.c:742 msgid "--encrypt [filename]" msgstr "--encrypt [Dateiname]" -#: g10/g10.c:728 +#: g10/g10.c:755 msgid "--sign [filename]" msgstr "--sign [Dateiname]" -#. sign and encrypt the given file -#: g10/g10.c:741 +#: g10/g10.c:768 msgid "--sign --encrypt [filename]" msgstr "--sign --encrypt [Dateiname]" -#: g10/g10.c:755 +#: g10/g10.c:782 msgid "--clearsign [filename]" msgstr "--clearsign [Dateiname]" -#: g10/g10.c:767 +#: g10/g10.c:794 msgid "--decrypt [filename]" msgstr "--decrypt [Dateiname]" -#: g10/g10.c:775 +#. sign the key given as argument +#: g10/g10.c:802 msgid "--sign-key username" msgstr "--sign-key Benutzername" -#. Edit a key signature -#: g10/g10.c:783 +#: g10/g10.c:810 msgid "--edit-key username" msgstr "--deit-key Benutzername" -#: g10/g10.c:791 +#: g10/g10.c:818 msgid "--delete-secret-key username" msgstr "--delete-secret-key Benutzername" -#: g10/g10.c:794 +#: g10/g10.c:821 msgid "--delete-key username" msgstr "--delete-key Benutzername" -#: g10/g10.c:802 +#. Change the passphrase +#. no arg: use default, 1 arg use this one +#: g10/g10.c:829 msgid "--change-passphrase [username]" msgstr "--change-passphrase [Benutzername]" -#. -kv userid keyring -#: g10/encode.c:200 g10/g10.c:826 g10/keylist.c:79 g10/trustdb.c:358 +#. prepare iobufs +#: g10/encode.c:200 g10/g10.c:853 g10/keylist.c:79 msgid "can't open %s: %s\n" msgstr "Datei '%s' kann nicht ge\366ffnet werden: %s\n" -#: g10/g10.c:837 +#: g10/g10.c:864 msgid "-k[v][v][v][c] [userid] [keyring]" msgstr "-h[v][v][v][c] [Benutzername] [Keyring]" -#: g10/g10.c:897 +#: g10/g10.c:924 msgid "dearmoring failed: %s\n" msgstr "De-Armor fehlgeschlagen: %s\n" -#: g10/g10.c:905 +#: g10/g10.c:932 msgid "enarmoring failed: %s\n" msgstr "En-Armor fehlgeschlagen: %s\n" -#: g10/g10.c:961 +#: g10/g10.c:988 msgid "invalid hash algorithm '%s'\n" msgstr "Ung\374ltiger Hash Algorithmus '%s'\n" -#: g10/g10.c:1014 +#. fixme: g10maint should do regular maintenace tasks here +#: g10/g10.c:1041 msgid "[filename]" msgstr "[Dateiname]" -#: g10/decrypt.c:59 g10/g10.c:1016 g10/verify.c:66 +#: g10/decrypt.c:59 g10/g10.c:1043 g10/verify.c:66 msgid "can't open '%s'\n" msgstr "Datei '%s' kann nicht ge\366ffnet werden\n" -#: g10/g10.c:1061 +#: g10/g10.c:1088 msgid "RSA keys are depreciated; please consider creating a new key and use this key in the future\n" msgstr "RSA Schl\374ssel sind nicht erw\374nscht; bitte denken Sie dar\374ber nach einen neuen Schl\374ssel zu erzeugen und diesen in Zukunft zu benutzen\n" -#: g10/pkclist.c:65 +#: g10/pkclist.c:66 msgid "" "No ownertrust defined for %lu:\n" "%4u%c/%08lX %s \"" @@ -461,7 +465,7 @@ msgstr "" "Es ist kein \"Ownertrust\" f\374r %lu definiert:\n" "%4u%c/%08lX %s \"" -#: g10/pkclist.c:72 +#: g10/pkclist.c:73 msgid "" "\"\n" "\n" @@ -489,11 +493,11 @@ msgstr "" " s = Bitte weitere Information anzeigen\n" "\n" -#: g10/pkclist.c:83 +#: g10/pkclist.c:84 msgid "Your decision? " msgstr "Ihre Auswahl? " -#: g10/pkclist.c:90 +#: g10/pkclist.c:91 msgid "" "It's up to you to assign a value here; this value will never be exported\n" "to any 3rd party. We need it to implement the web-of-trust; it has nothing\n" @@ -504,11 +508,11 @@ msgstr "" "um das Netz-des-Vertrauens aufzubauen. Dieses hat nichts mit dem (impliziet\n" "erzeugten) Netz-der-Zertifikate zu tun.\n" -#: g10/pkclist.c:108 +#: g10/pkclist.c:109 msgid "You will see a list of signators etc. here\n" msgstr "Sie sollten hier eigentlich eine Liste der Signierer sehen.\n" -#: g10/pkclist.c:132 +#: g10/pkclist.c:133 msgid "" "Could not find a valid trust path to the key. Let's see whether we\n" "can assign some missing owner trust values.\n" @@ -518,13 +522,13 @@ msgstr "" "Mal sehen ob wir now weitere Ownertrust Werte zuordnen k\366nnen.\n" "\n" -#: g10/pkclist.c:157 +#: g10/pkclist.c:158 msgid "" "No ownertrust values changed.\n" "\n" msgstr "Keine \"Ownertrust\" Werte ge\344ndert.\n" -#: g10/pkclist.c:267 +#: g10/pkclist.c:268 msgid "" "It is NOT certain that the key belongs to its owner.\n" "If you *really* know what you are doing, you may answer\n" @@ -535,11 +539,47 @@ msgstr "" "Wenn Sie *wirklich* wissen, was Sie tun, k\366nnen Sie die n\344chste\n" "Frage mit ja beantworten\n" -#: g10/pkclist.c:278 +#: g10/pkclist.c:279 msgid "WARNING: Using untrusted key!\n" msgstr "WARNUNG: Ein Schl\374ssel ohne gesichertes Vertrauen wird benutzt!\n" -#: g10/pkclist.c:308 +#: g10/pkclist.c:315 +msgid "WARNING: This key has been revoked by its owner!\n" +msgstr "" + +#: g10/pkclist.c:316 +msgid " This could mean that the signature is forgery.\n" +msgstr "" + +#: g10/pkclist.c:337 +msgid "Note: This key has expired!\n" +msgstr "" + +#: g10/pkclist.c:344 +msgid "WARNING: This key is not certified with a trusted signature!\n" +msgstr "" + +#: g10/pkclist.c:346 +msgid " There is no indication that the signature belongs to the owner.\n" +msgstr "" + +#: g10/pkclist.c:361 +msgid "WARNING: We do NOT trust this key!\n" +msgstr "" + +#: g10/pkclist.c:362 +msgid " The signature is probably a FORGERY.\n" +msgstr "" + +#: g10/pkclist.c:369 +msgid "WARNING: This key is not certified with enough trusted signatures!\n" +msgstr "" + +#: g10/pkclist.c:372 +msgid " It is not certain that the signature belongs to the owner.\n" +msgstr "" + +#: g10/pkclist.c:417 msgid "" "You did not specify a user ID. (you may use \"-r\")\n" "\n" @@ -547,23 +587,23 @@ msgstr "" "Sie gaben keine User-ID angegeben. (benutzen Sie die Option \"-r\")\n" "\n" -#: g10/pkclist.c:312 +#: g10/pkclist.c:421 msgid "Enter the user ID: " msgstr "Geben Sie die User-ID ein: " -#: g10/pkclist.c:323 +#: g10/pkclist.c:432 msgid "No such user ID.\n" msgstr "Keine solche User-ID.\n" -#: g10/pkclist.c:357 g10/pkclist.c:384 +#: g10/pkclist.c:466 g10/pkclist.c:493 msgid "%s: skipped: %s\n" msgstr "%s: \374bergangen: %s\n" -#: g10/pkclist.c:365 +#: g10/pkclist.c:474 msgid "%s: error checking key: %s\n" msgstr "%s: Fehler beim pr\374fen des Schl\374ssels: %s\n" -#: g10/pkclist.c:391 +#: g10/pkclist.c:500 msgid "no valid addressees\n" msgstr "Keine g\374ltigen Adressaten" @@ -597,7 +637,7 @@ msgstr " (%d) DSA (nur signieren)\n" #: g10/keygen.c:388 msgid " (%d) ElGamal in a v3 packet\n" -msgstr " ((%d) ElGamal in einem v4 Packet\n" +msgstr " (%d) ElGamal in einem v3 Packet\n" #: g10/keygen.c:392 msgid "Your selection? " @@ -1054,7 +1094,7 @@ msgstr "M\366chten Sie die ausgew\344hlten Siganturen wirklich entfernen? " #: g10/keyedit.c:250 g10/keyedit.c:396 g10/keyedit.c:465 msgid "%s: user not found\n" -msgstr "%s: Benutzer nich gefunden\n" +msgstr "%s: Benutzer nicht gefunden\n" #: g10/keyedit.c:277 g10/keyedit.c:417 msgid "Checking signatures of this public key certificate:\n" @@ -1141,19 +1181,19 @@ msgstr "Erzeugung des \366ffentlichen Schl\374ssels fehlgeschlagen: %s\n" msgid "decryption failed: %s\n" msgstr "Enschl\374sselung fehlgeschlagen: %s\n" -#: g10/mainproc.c:817 +#: g10/mainproc.c:829 msgid "Signature made %.*s using %s key ID %08lX\n" msgstr "Signatur wurde am %.*s mit %s Schl\374ssel %08lX erzeugt\n" -#: g10/mainproc.c:823 +#: g10/mainproc.c:835 msgid "BAD signature from \"" msgstr "FALSCHE Signatur von \"" -#: g10/mainproc.c:824 +#: g10/mainproc.c:836 msgid "Good signature from \"" msgstr "Gute Signatur von \"" -#: g10/mainproc.c:833 +#: g10/mainproc.c:847 msgid "Can't check signature: %s\n" msgstr "Signatur kann nicht gepr\374ft werden: %s\n" @@ -1171,7 +1211,7 @@ msgstr "" msgid "(%u-bit %s key, ID %08lX, created %s)\n" msgstr "(%u-bit %s Schl\374ssel, ID %08lX, erzeugt %s)\n" -#: g10/plaintext.c:216 +#: g10/plaintext.c:268 msgid "can't open signed data '%s'\n" msgstr "" @@ -1179,7 +1219,7 @@ msgstr "" msgid "Invalid passphrase; please try again ...\n" msgstr "" -#: g10/sig-check.c:165 g10/trustdb.c:1755 +#: g10/sig-check.c:165 msgid "public key created in future (time warp or clock problem)\n" msgstr "" @@ -1187,167 +1227,127 @@ msgstr "" msgid "warning: signature key expired %s\n" msgstr "" -#: g10/trustdb.c:331 -msgid "can't create %s: %s\n" -msgstr "" - -#: g10/trustdb.c:360 -msgid "TrustDB %s is invalid\n" -msgstr "" - -#: g10/trustdb.c:435 g10/trustdb.c:596 -msgid "trustdb: lseek failed: %s\n" -msgstr "" - -#: g10/trustdb.c:443 -msgid "trustdb: read failed (n=%d): %s\n" -msgstr "" - -#: g10/trustdb.c:460 -msgid "%s: not a trustdb file\n" -msgstr "" - -#: g10/trustdb.c:601 -msgid "trustdb: write failed (n=%d): %s\n" -msgstr "" - -#: g10/trustdb.c:633 -msgid "%s: failed to append a record: %s\n" -msgstr "" - -#: g10/trustdb.c:680 -msgid "%s: search_db failed: %s\n" -msgstr "" - -#: g10/trustdb.c:724 +#: g10/trustdb.c:213 msgid "error reading record with local_id %lu: %s\n" msgstr "" -#: g10/trustdb.c:729 +#: g10/trustdb.c:218 msgid "record with local_id %lu is not a dir record\n" msgstr "" -#: g10/trustdb.c:762 +#: g10/trustdb.c:251 msgid "%lu: error reading dir record: %s\n" msgstr "" -#: g10/trustdb.c:773 +#: g10/trustdb.c:262 msgid "%lu: error building sigs on the fly: %s\n" msgstr "" -#: g10/trustdb.c:780 +#: g10/trustdb.c:269 msgid "%lu: error re-reading dir record: %s\n" msgstr "" -#: g10/trustdb.c:807 +#: g10/trustdb.c:296 msgid "error reading sigrec: %s\n" msgstr "" -#: g10/trustdb.c:812 +#: g10/trustdb.c:301 msgid "chained sigrec %lu has a wrong owner\n" msgstr "" -#: g10/trustdb.c:862 -msgid "keyid %08lX: secret key without public key\n" +#: g10/trustdb.c:350 +msgid "key %08lX: secret key without public key\n" msgstr "" -#: g10/trustdb.c:867 -msgid "keyid %08lX: secret and public key don't match\n" +#: g10/trustdb.c:355 +msgid "key %08lX: secret and public key don't match\n" msgstr "" -#: g10/trustdb.c:878 -msgid "keyid %08lX: can't put it into the trustdb\n" +#: g10/trustdb.c:366 +msgid "key %08lX: can't put it into the trustdb\n" msgstr "" -#: g10/trustdb.c:884 -msgid "keyid %08lX: query record failed\n" +#: g10/trustdb.c:372 +msgid "key %08lX: query record failed\n" msgstr "" -#: g10/trustdb.c:893 -msgid "keyid %08lX: already in ultikey_table\n" +#: g10/trustdb.c:381 +msgid "key %08lX: already in ultikey_table\n" msgstr "" -#: g10/trustdb.c:901 +#: g10/trustdb.c:389 msgid "enum_secret_keys failed: %s\n" msgstr "" -#: g10/trustdb.c:1169 +#. get the keyblock +#: g10/trustdb.c:684 msgid "%lu: build_sigrecs: can't read dir record\n" msgstr "" -#: g10/trustdb.c:1173 +#: g10/trustdb.c:688 msgid "%lu: build_sigrecs: can't read key record\n" msgstr "" -#: g10/trustdb.c:1179 -msgid "build_sigrecs: get_keyblock_byfprint failed\n" +#: g10/trustdb.c:694 +msgid "build_sigrecs: get_keyblock_byfprint failed: %s\n" msgstr "" -#: g10/trustdb.c:1185 +#: g10/trustdb.c:701 msgid "build_sigrecs: check_sigs failed\n" msgstr "" -#: g10/trustdb.c:1189 +#: g10/trustdb.c:705 msgid "build_sigrecs: self-signature missing\n" msgstr "" -#: g10/trustdb.c:1195 +#: g10/trustdb.c:711 msgid "build_sigrecs: key has been revoked\n" msgstr "" -#: g10/trustdb.c:1220 +#: g10/trustdb.c:736 msgid "set_signature_packets_local_id failed: %s\n" msgstr "" -#: g10/trustdb.c:1231 g10/trustdb.c:1256 g10/trustdb.c:1267 +#: g10/trustdb.c:747 g10/trustdb.c:772 g10/trustdb.c:783 msgid "build_sigrecs: write_record failed\n" msgstr "" -#: g10/trustdb.c:1277 +#: g10/trustdb.c:793 msgid "update_dir_record: read failed\n" msgstr "" -#: g10/trustdb.c:1282 +#: g10/trustdb.c:798 msgid "update_dir_record: write failed\n" msgstr "" -#: g10/trustdb.c:1292 +#: g10/trustdb.c:808 msgid "trustdb: build_sigrecs: %s\n" msgstr "" -#: g10/trustdb.c:1511 -msgid "can't access %s: %s\n" +#: g10/trustdb.c:1228 +msgid "check_trust: read dir record failed\n" msgstr "" -#: g10/trustdb.c:1527 -msgid "can't create directory '%s': %s\n" -msgstr "" - -#: g10/trustdb.c:1531 -msgid "directory '%s' does not exist!\n" -msgstr "" - -#: g10/trustdb.c:1732 -msgid "check_trust: read record failed\n" -msgstr "" - -#. no local_id: scan the trustdb -#: g10/trustdb.c:1738 +#: g10/trustdb.c:1234 msgid "check_trust: search_record failed: %s\n" msgstr "" -#: g10/trustdb.c:1745 -msgid "failed to insert pubkey into trustdb: %s\n" +#: g10/trustdb.c:1241 +msgid "key %08lX: insert trust record failed: %s\n" msgstr "" -#: g10/trustdb.c:1749 -msgid "pubkey not in trustdb - inserted as %lu\n" +#: g10/trustdb.c:1245 +msgid "key %08lX.%lu: inserted into trustdb\n" msgstr "" -#: g10/trustdb.c:1761 -msgid "key expiration date is %s\n" +#: g10/trustdb.c:1251 +msgid "key %08lX.%lu: created in future (time warp or clock problem)\n" msgstr "" -#: g10/trustdb.c:1769 -msgid "check_trust: do_check failed: %s\n" +#: g10/trustdb.c:1259 +msgid "key %08lX.%lu: expired at %s\n" +msgstr "" + +#: g10/trustdb.c:1268 +msgid "key %08lX.%lu: trust check failed: %s\n" msgstr "" diff --git a/tools/mk-tdata b/tools/mk-tdata index 3b9e1c016..1664b3278 100755 Binary files a/tools/mk-tdata and b/tools/mk-tdata differ diff --git a/util/ChangeLog b/util/ChangeLog index 661914645..6b4a76fd8 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,7 @@ +Thu Jul 9 14:47:20 1998 Werner Koch (wk@isil.d.shuttle.de) + + * secmem.c (secmem_init): Drops setuid if called with 0. + Tue Jul 7 11:49:25 1998 Werner Koch (wk@isil.d.shuttle.de) * logger.c (log_set_filename): New. diff --git a/util/secmem.c b/util/secmem.c index b1d86ebf1..4721bcd91 100644 --- a/util/secmem.c +++ b/util/secmem.c @@ -153,8 +153,16 @@ secmem_get_flags(void) void secmem_init( size_t n ) { - if( !n ) + if( !n ) { + uid_t uid; + disable_secmem=1; + uid = getuid(); + if( uid != geteuid() ) { + if( setuid( uid ) ) + log_fatal("failed to drop setuid\n" ); + } + } else { if( n < DEFAULT_POOLSIZE ) n = DEFAULT_POOLSIZE; diff --git a/zlib/Makefile b/zlib/Makefile index 8b8f71fd9..51a26a471 100644 --- a/zlib/Makefile +++ b/zlib/Makefile @@ -92,7 +92,7 @@ POSUB = po RANLIB = ranlib USE_INCLUDED_LIBINTL = yes USE_NLS = yes -VERSION = 0.3.1a +VERSION = 0.3.2 ZLIBS = l =