1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Do not require a trustdb for decryption.

* g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE.
Change to return an error code.  Change all callers to to pass False
for NO_CREATE.
(tdb_get_ownertrust): New arg NO_CREATE.  Call init_trustdb to test
for a non-existing trustdb.  Change all callers to to pass False for
NO_CREATE.
(tdb_get_min_ownertrust): Ditto.
* g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE.  Call
init_trustdb for a quick check.
(get_ownertrust_info): Add arg NO_CREATE.
(get_ownertrust_string): Ditto.
* g10/gpgv.c (get_ownertrust_info): Adjust stub.
* g10/test-stubs.c (get_ownertrust_info): Ditto.
* g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE
set.
* g10/pubkey-enc.c (get_it): Ditto.
--

Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b

For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to
gnupg-devel 'test failure on git master with
decrypt-session-key.scm (and: continuous integration?)'

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-02-28 20:28:56 +01:00
parent e4583ae14e
commit e182542e90
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
11 changed files with 102 additions and 54 deletions

View File

@ -371,9 +371,10 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
}
int
get_ownertrust_info (PKT_public_key *pk)
get_ownertrust_info (PKT_public_key *pk, int no_create)
{
(void)pk;
(void)no_create;
return '?';
}

View File

@ -3679,7 +3679,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
(ulong) pk->timestamp, (ulong) pk->expiredate);
if (node->pkt->pkttype == PKT_PUBLIC_KEY
&& !(opt.fast_list_mode || opt.no_expensive_trust_checks))
es_putc (get_ownertrust_info (pk), fp);
es_putc (get_ownertrust_info (pk, 0), fp);
es_putc (':', fp);
es_putc (':', fp);
es_putc (':', fp);
@ -3896,7 +3896,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
static int did_warn = 0;
trust = get_validity_string (ctrl, pk, NULL);
otrust = get_ownertrust_string (pk);
otrust = get_ownertrust_string (pk, 0);
/* Show a warning once */
if (!did_warn

View File

@ -1232,7 +1232,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
}
if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
ownertrust_print = get_ownertrust_info (pk);
ownertrust_print = get_ownertrust_info (pk, 0);
else
ownertrust_print = 0;

View File

@ -1032,7 +1032,7 @@ list_node (CTX c, kbnode_t node)
colon_datestr_from_pk( pk ),
colon_strtime (pk->expiredate) );
if (pk->flags.primary && !opt.fast_list_mode)
es_putc (get_ownertrust_info (pk), es_stdout);
es_putc (get_ownertrust_info (pk, 1), es_stdout);
es_putc (':', es_stdout);
es_putc ('\n', es_stdout);
}

View File

@ -188,7 +188,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
int show=0;
int min_num;
int did_help=defer_help;
unsigned int minimum = tdb_get_min_ownertrust (pk);
unsigned int minimum = tdb_get_min_ownertrust (pk, 0);
switch(minimum)
{

View File

@ -404,8 +404,13 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
hexfingerprint (pk, pkhex, sizeof pkhex);
hexfingerprint (mainpk, mainpkhex, sizeof mainpkhex);
/* Note that we do not want to create a trustdb just for
* getting the ownertrust: If there is no trustdb there can't
* be ulitmately trusted key anyway and thus the ownertrust
* value is irrelevant. */
write_status_printf (STATUS_DECRYPTION_KEY, "%s %s %c",
pkhex, mainpkhex, get_ownertrust_info (mainpk));
pkhex, mainpkhex,
get_ownertrust_info (mainpk, 1));
}

View File

@ -70,7 +70,7 @@ list_trustdb (estream_t fp, const char *username)
(void)username;
init_trustdb();
init_trustdb (0);
/* For now we ignore the user ID. */
if (1)
{
@ -101,7 +101,7 @@ export_ownertrust()
int i;
byte *p;
init_trustdb();
init_trustdb (0);
es_printf (_("# List of assigned trustvalues, created %s\n"
"# (Use \"gpg --import-ownertrust\" to restore them)\n"),
asctimestamp( make_timestamp() ) );
@ -133,7 +133,7 @@ import_ownertrust( const char *fname )
int any = 0;
int rc;
init_trustdb();
init_trustdb (0);
if( iobuf_is_pipe_filename (fname) ) {
fp = es_stdin;
fname = "[stdin]";

View File

@ -138,9 +138,10 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
}
int
get_ownertrust_info (PKT_public_key *pk)
get_ownertrust_info (PKT_public_key *pk, int no_create)
{
(void)pk;
(void)no_create;
return '?';
}

View File

@ -179,17 +179,18 @@ get_ownertrust (PKT_public_key *pk)
(void)pk;
return TRUST_UNKNOWN;
#else
return tdb_get_ownertrust (pk);
return tdb_get_ownertrust (pk, 0);
#endif
}
/*
* Same as get_ownertrust but this takes the minimum ownertrust value
* into account, and will bump up the value as needed.
* into account, and will bump up the value as needed. NO_CREATE
* inhibits creation of a trustdb it that does not yet exists.
*/
static int
get_ownertrust_with_min (PKT_public_key *pk)
get_ownertrust_with_min (PKT_public_key *pk, int no_create)
{
#ifdef NO_TRUST_MODELS
(void)pk;
@ -197,8 +198,15 @@ get_ownertrust_with_min (PKT_public_key *pk)
#else
unsigned int otrust, otrust_min;
otrust = (tdb_get_ownertrust (pk) & TRUST_MASK);
otrust_min = tdb_get_min_ownertrust (pk);
/* Shortcut instead of doing the same twice in the two tdb_get
* functions: If the caller asked not to create a trustdb we call
* init_trustdb directly and allow it to fail with an error code for
* a non-existing trustdb. */
if (no_create && init_trustdb (1))
return TRUST_UNKNOWN;
otrust = (tdb_get_ownertrust (pk, no_create) & TRUST_MASK);
otrust_min = tdb_get_min_ownertrust (pk, no_create);
if (otrust < otrust_min)
{
/* If the trust that the user has set is less than the trust
@ -217,23 +225,25 @@ get_ownertrust_with_min (PKT_public_key *pk)
/*
* Same as get_ownertrust but return a trust letter instead of an
* value. This takes the minimum ownertrust value into account.
* value. This takes the minimum ownertrust value into account. If
* NO_CREATE is set, no efforts for creating a trustdb will be taken.
*/
int
get_ownertrust_info (PKT_public_key *pk)
get_ownertrust_info (PKT_public_key *pk, int no_create)
{
return trust_letter (get_ownertrust_with_min (pk));
return trust_letter (get_ownertrust_with_min (pk, no_create));
}
/*
* Same as get_ownertrust but return a trust string instead of an
* value. This takes the minimum ownertrust value into account.
* value. This takes the minimum ownertrust value into account. If
* NO_CREATE is set, no efforts for creating a trustdb will be taken.
*/
const char *
get_ownertrust_string (PKT_public_key *pk)
get_ownertrust_string (PKT_public_key *pk, int no_create)
{
return trust_value_to_string (get_ownertrust_with_min (pk));
return trust_value_to_string (get_ownertrust_with_min (pk, no_create));
}

View File

@ -296,8 +296,8 @@ verify_own_keys(void)
keystr(k->kid));
else
{
tdb_update_ownertrust (&pk,
((tdb_get_ownertrust (&pk) & ~TRUST_MASK)
tdb_update_ownertrust
(&pk, ((tdb_get_ownertrust (&pk, 0) & ~TRUST_MASK)
| TRUST_ULTIMATE ));
release_public_key_parts (&pk);
}
@ -439,20 +439,33 @@ how_to_fix_the_trustdb ()
}
void
init_trustdb ()
/* Initialize the trustdb. With NO_CREATE set a missing trustdb is
* not an error and the function won't terminate the process on error;
* in that case 0 is returned if there is a trustdb or an error code
* if no trustdb is available. */
gpg_error_t
init_trustdb (int no_create)
{
int level = trustdb_args.level;
const char* dbname = trustdb_args.dbname;
if( trustdb_args.init )
return;
return 0;
trustdb_args.init = 1;
if(level==0 || level==1)
{
int rc = tdbio_set_dbname( dbname, !!level, &trustdb_args.no_trustdb);
int rc = tdbio_set_dbname (dbname, (!no_create && level),
&trustdb_args.no_trustdb);
if (no_create && trustdb_args.no_trustdb)
{
/* No trustdb found and the caller asked us not to create
* it. Return an error and set the initialization state
* back so that we always test for an existing trustdb. */
trustdb_args.init = 0;
return gpg_error (GPG_ERR_ENOENT);
}
if (rc)
log_fatal("can't init trustdb: %s\n", gpg_strerror (rc) );
}
@ -493,6 +506,8 @@ init_trustdb ()
if(!tdbio_db_matches_options())
pending_check_trustdb=1;
}
return 0;
}
@ -504,7 +519,7 @@ init_trustdb ()
void
check_trustdb (ctrl_t ctrl)
{
init_trustdb();
init_trustdb (0);
if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
|| opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
{
@ -541,7 +556,7 @@ check_trustdb (ctrl_t ctrl)
void
update_trustdb (ctrl_t ctrl)
{
init_trustdb ();
init_trustdb (0);
if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
|| opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
validate_keys (ctrl, 1);
@ -553,7 +568,7 @@ update_trustdb (ctrl_t ctrl)
void
tdb_revalidation_mark (void)
{
init_trustdb();
init_trustdb (0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return;
@ -591,7 +606,7 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
{
TRUSTREC opts;
init_trustdb();
init_trustdb (0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
memset (&opts, 0, sizeof opts);
else
@ -622,7 +637,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
{
int rc;
init_trustdb();
init_trustdb (0);
rc = tdbio_search_trust_bypk (pk, rec);
if (rc)
{
@ -642,12 +657,16 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
return 0;
}
/****************
* Return the assigned ownertrust value for the given public key.
* The key should be the primary key.
/*
* Return the assigned ownertrust value for the given public key. The
* key should be the primary key. If NO_CREATE is set a missing
* trustdb will not be created. This comes for example handy when we
* want to print status lines (DECRYPTION_KEY) which carry ownertrust
* values but we usually use --always-trust.
*/
unsigned int
tdb_get_ownertrust ( PKT_public_key *pk)
tdb_get_ownertrust (PKT_public_key *pk, int no_create)
{
TRUSTREC rec;
gpg_error_t err;
@ -655,6 +674,12 @@ tdb_get_ownertrust ( PKT_public_key *pk)
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return TRUST_UNKNOWN;
/* If the caller asked not to create a trustdb we call init_trustdb
* directly and allow it to fail with an error code for a
* non-existing trustdb. */
if (no_create && init_trustdb (1))
return TRUST_UNKNOWN;
err = read_trust_record (pk, &rec);
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
return TRUST_UNKNOWN; /* no record yet */
@ -669,7 +694,7 @@ tdb_get_ownertrust ( PKT_public_key *pk)
unsigned int
tdb_get_min_ownertrust (PKT_public_key *pk)
tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
{
TRUSTREC rec;
gpg_error_t err;
@ -677,6 +702,12 @@ tdb_get_min_ownertrust (PKT_public_key *pk)
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return TRUST_UNKNOWN;
/* If the caller asked not to create a trustdb we call init_trustdb
* directly and allow it to fail with an error code for a
* non-existing trustdb. */
if (no_create && init_trustdb (1))
return TRUST_UNKNOWN;
err = read_trust_record (pk, &rec);
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
return TRUST_UNKNOWN; /* no record yet */
@ -808,7 +839,7 @@ tdb_clear_ownertrusts (PKT_public_key *pk)
TRUSTREC rec;
gpg_error_t err;
init_trustdb ();
init_trustdb (0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return 0;
@ -915,7 +946,7 @@ tdb_cache_disabled_value (PKT_public_key *pk)
if (pk->flags.disabled_valid)
return pk->flags.disabled;
init_trustdb();
init_trustdb (0);
if (trustdb_args.no_trustdb)
return 0; /* No trustdb => not disabled. */
@ -950,7 +981,7 @@ tdb_check_trustdb_stale (ctrl_t ctrl)
{
static int did_nextcheck=0;
init_trustdb ();
init_trustdb (0);
if (trustdb_args.no_trustdb)
return; /* No trustdb => can't be stale. */
@ -1021,7 +1052,7 @@ tdb_get_validity_core (ctrl_t ctrl,
(void)may_ask;
#endif
init_trustdb ();
init_trustdb (0);
/* If we have no trustdb (which also means it has not been created)
and the trust-model is always, we don't know the validity -
@ -1036,7 +1067,7 @@ tdb_get_validity_core (ctrl_t ctrl,
{
/* Note that this happens BEFORE any user ID stuff is checked.
The direct trust model applies to keys as a whole. */
validity = tdb_get_ownertrust (main_pk);
validity = tdb_get_ownertrust (main_pk, 0);
goto leave;
}
@ -1248,7 +1279,7 @@ get_validity_counts (PKT_public_key *pk, PKT_user_id *uid)
uid->help_marginal_count=uid->help_full_count=0;
init_trustdb ();
init_trustdb (0);
if(read_trust_record (pk, &trec))
return;
@ -1353,7 +1384,7 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
{
ot=edit_ownertrust (ctrl, pk, 0);
if(ot>0)
ot = tdb_get_ownertrust (pk);
ot = tdb_get_ownertrust (pk, 0);
else if(ot==0)
ot = minimum?minimum:TRUST_UNDEFINED;
else
@ -2142,9 +2173,9 @@ validate_keys (ctrl_t ctrl, int interactive)
k->kid[1]=kid[1];
k->ownertrust =
(tdb_get_ownertrust
(kar->keyblock->pkt->pkt.public_key) & TRUST_MASK);
(kar->keyblock->pkt->pkt.public_key, 0) & TRUST_MASK);
k->min_ownertrust = tdb_get_min_ownertrust
(kar->keyblock->pkt->pkt.public_key);
(kar->keyblock->pkt->pkt.public_key, 0);
k->trust_depth=
kar->keyblock->pkt->pkt.public_key->trust_depth;
k->trust_value=

View File

@ -127,7 +127,7 @@ void update_trustdb (ctrl_t ctrl);
int setup_trustdb( int level, const char *dbname );
void how_to_fix_the_trustdb (void);
const char *trust_model_string (int model);
void init_trustdb( void );
gpg_error_t init_trustdb (int no_create);
void tdb_check_trustdb_stale (ctrl_t ctrl);
void sync_trustdb( void );
@ -152,10 +152,10 @@ void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
byte *marginals,byte *completes,byte *cert_depth,
byte *min_cert_level);
unsigned int tdb_get_ownertrust (PKT_public_key *pk);
unsigned int tdb_get_min_ownertrust (PKT_public_key *pk);
int get_ownertrust_info (PKT_public_key *pk);
const char *get_ownertrust_string (PKT_public_key *pk);
unsigned int tdb_get_ownertrust (PKT_public_key *pk, int no_create);
unsigned int tdb_get_min_ownertrust (PKT_public_key *pk, int no_create);
int get_ownertrust_info (PKT_public_key *pk, int no_create);
const char *get_ownertrust_string (PKT_public_key *pk, int no_create);
void tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
int tdb_clear_ownertrusts (PKT_public_key *pk);