[git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-305-g62fb86c
by Werner Koch
cvs at cvs.gnupg.org
Mon Feb 10 17:49:40 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 62fb86c6589f7f74dad4741db31b3aefa0848420 (commit)
via ea7f895319e89150e5613b6d20f21410f99d6f22 (commit)
via 111f082487dc7a2a50375e24203de31b000e0dea (commit)
via 8e0ba4ecd3897c748ac2f06028406604ae7baced (commit)
via 357b142e7225e5c7f1e0f9768f48e833d5804b6a (commit)
via 54a11729fb71ba06e318fe229d0a230686ed4dc8 (commit)
via aa76a1660613ece3fc0d774856abcbe0bb158300 (commit)
from 2c814806d759e5cf611200e8210137cf8502a672 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 62fb86c6589f7f74dad4741db31b3aefa0848420
Author: Werner Koch <wk at gnupg.org>
Date: Mon Feb 10 17:05:54 2014 +0100
gpg: Allow building without any trust model support.
* configure.ac: Add option --disable-trust-models
(NO_TRUST_MODELS): New ac_define and am_conditional.
* g10/Makefile.am (trust_source): New.
(gpg2_SOURCES): Factor some files out to above. Add trust.c.
* g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust,
--import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb,
--list-trustdb, --trustdb-name, --auto-check-trustdb,
--no-auto-check-trustdb, and --force-ownertrust.
(parse_trust_model) [NO_TRUST_MODELS]: Do not build.
(main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all
trustdb related option code.
* g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust",
"enable", and "disable".
* g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print
"tru" record.
* g10/trust.c: New.
* g10/trustdb.c (struct key_item): Move to trustdb.h.
(register_trusted_keyid): Rename to tdb_register_trusted_keyid.
(register_trusted_key): Rename to tdb_register_trusted_key.
(trust_letter, uid_trust_string_fixed, trust_value_to_string)
(string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info)
(get_ownertrust_string, get_validity_info, get_validity_string)
(clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c.
(mark_usable_uid_certs): Move to trust.c and make global.
(is_in_klist): Move as inline to trustdb.h.
(trustdb_check_or_update): Rename to tdb_check_or_update
(revalidation_mark): Rename to tdb_revalidation_mark.
(get_ownertrust): Rename to tdb_get_ownertrust.
(get_min_ownertrust): Rename to tdb_get_min_ownertrust.
(update_ownertrust): Rename to tdb_update_ownertrust.
(clear_ownertrusts): Rename to tdb_clear_ownertrusts.
(cache_disabled_value): Rename to tdb_cache_disabled_value.
(check_trustdb_stale): Rename to tdb_check_trustdb_stale.
(get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and
factor some code out to ...
* trust.c (get_validity): ...new.
(check_or_update_trustdb): New wrapper.
(revalidation_mark): New wrapper.
(get_ownertrust): New wrapper.
(get_ownertrust_with_min): New wrapper.
(update_ownertrust): New wrapper.
(clear_ownertrusts): New wrapper.
(cache_disabled_value): New wrapper.
(check_trustdb_stale): New wrapper.
* tests/openpgp/defs.inc (opt_always): New. Use in all tests instead
of --always-trust.
diff --git a/configure.ac b/configure.ac
index 98de678..4abeeb0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -87,6 +87,7 @@ have_adns=no
use_zip=yes
use_bzip2=yes
use_exec=yes
+use_trust_models=yes
disable_keyserver_path=no
card_support=yes
use_ccid_driver=yes
@@ -215,6 +216,18 @@ AC_ARG_ENABLE(selinux-support,
AC_MSG_RESULT($selinux_support)
+AC_MSG_CHECKING([whether to enable trust models])
+AC_ARG_ENABLE(trust-models,
+ AC_HELP_STRING([--disable-trust-models],
+ [disable all trust models except "always"]),
+ use_trust_models=$enableval)
+AC_MSG_RESULT($use_trust_models)
+if test "$use_trust_models" = no ; then
+ AC_DEFINE(NO_TRUST_MODELS, 1,
+ [Define to include only trust-model always])
+fi
+
+
#
# Options to disable algorithm
#
@@ -1615,6 +1628,7 @@ AM_CONDITIONAL(BUILD_SYMCRYPTRUN, test "$build_symcryptrun" = "yes")
AM_CONDITIONAL(BUILD_GPGTAR, test "$build_gpgtar" = "yes")
AM_CONDITIONAL(ENABLE_CARD_SUPPORT, test "$card_support" = yes)
+AM_CONDITIONAL(NO_TRUST_MODELS, test "$use_trust_models" = no)
AM_CONDITIONAL(RUN_GPG_TESTS,
test x$cross_compiling = xno -a "$build_gpg" = yes )
diff --git a/g10/Makefile.am b/g10/Makefile.am
index fe442cf..ba68648 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -48,6 +48,13 @@ else
card_source =
endif
+if NO_TRUST_MODELS
+trust_source =
+else
+trust_source = trustdb.c trustdb.h tdbdump.c tdbio.c tdbio.h
+endif
+
+
if HAVE_W32_SYSTEM
resource_objs += gpg-w32info.o
endif
@@ -103,11 +110,6 @@ gpg2_SOURCES = gpg.c \
dearmor.c \
import.c \
export.c \
- trustdb.c \
- trustdb.h \
- tdbdump.c \
- tdbio.c \
- tdbio.h \
delkey.c \
keygen.c \
helptext.c \
@@ -116,6 +118,7 @@ gpg2_SOURCES = gpg.c \
call-dirmngr.c call-dirmngr.h \
photoid.c photoid.h \
call-agent.c call-agent.h \
+ trust.c $(trust_source) \
$(card_source) \
exec.c exec.h
diff --git a/g10/gpg.c b/g10/gpg.c
index 0365226..15cbe4b 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -431,12 +431,16 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_c (aGPGConfList, "gpgconf-list", "@" ),
ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@" ),
ARGPARSE_c (aListPackets, "list-packets","@"),
+
+#ifndef NO_TRUST_MODELS
ARGPARSE_c (aExportOwnerTrust, "export-ownertrust", "@"),
ARGPARSE_c (aImportOwnerTrust, "import-ownertrust", "@"),
ARGPARSE_c (aUpdateTrustDB,"update-trustdb",
N_("update the trust database")),
ARGPARSE_c (aCheckTrustDB, "check-trustdb", "@"),
ARGPARSE_c (aFixTrustDB, "fix-trustdb", "@"),
+#endif
+
ARGPARSE_c (aDeArmor, "dearmor", "@"),
ARGPARSE_c (aDeArmor, "dearmour", "@"),
ARGPARSE_c (aEnArmor, "enarmor", "@"),
@@ -603,7 +607,10 @@ static ARGPARSE_OPTS opts[] = {
/* More hidden commands and options. */
ARGPARSE_c (aPrintMDs, "print-mds", "@"), /* old */
+#ifndef NO_TRUST_MODELS
ARGPARSE_c (aListTrustDB, "list-trustdb", "@"),
+#endif
+
/* Not yet used:
ARGPARSE_c (aListTrustPath, "list-trust-path", "@"), */
ARGPARSE_c (aDeleteSecretAndPublicKeys,
@@ -619,7 +626,14 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oCommandFile, "command-file", "@"),
ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
ARGPARSE_s_n (oNoVerbose, "no-verbose", "@"),
+
+#ifndef NO_TRUST_MODELS
ARGPARSE_s_s (oTrustDBName, "trustdb-name", "@"),
+ ARGPARSE_s_n (oAutoCheckTrustDB, "auto-check-trustdb", "@"),
+ ARGPARSE_s_n (oNoAutoCheckTrustDB, "no-auto-check-trustdb", "@"),
+ ARGPARSE_s_s (oForceOwnertrust, "force-ownertrust", "@"),
+#endif
+
ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"),
ARGPARSE_s_n (oRequireSecmem, "require-secmem", "@"),
ARGPARSE_s_n (oNoRequireSecmem, "no-require-secmem", "@"),
@@ -647,7 +661,6 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_i (oDefCertLevel, "default-cert-check-level", "@"), /* old */
ARGPARSE_s_n (oAlwaysTrust, "always-trust", "@"),
ARGPARSE_s_s (oTrustModel, "trust-model", "@"),
- ARGPARSE_s_s (oForceOwnertrust, "force-ownertrust", "@"),
ARGPARSE_s_s (oSetFilename, "set-filename", "@"),
ARGPARSE_s_n (oForYourEyesOnly, "for-your-eyes-only", "@"),
ARGPARSE_s_n (oNoForYourEyesOnly, "no-for-your-eyes-only", "@"),
@@ -704,8 +717,6 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oNoAutoKeyRetrieve, "no-auto-key-retrieve", "@"),
ARGPARSE_s_n (oNoSigCache, "no-sig-cache", "@"),
ARGPARSE_s_n (oNoSigCreateCheck, "no-sig-create-check", "@"),
- ARGPARSE_s_n (oAutoCheckTrustDB, "auto-check-trustdb", "@"),
- ARGPARSE_s_n (oNoAutoCheckTrustDB, "no-auto-check-trustdb", "@"),
ARGPARSE_s_n (oMergeOnly, "merge-only", "@" ),
ARGPARSE_s_n (oAllowSecretKeyImport, "allow-secret-key-import", "@"),
ARGPARSE_s_n (oTryAllSecrets, "try-all-secrets", "@"),
@@ -1844,6 +1855,8 @@ collapse_args(int argc,char *argv[])
return str;
}
+
+#ifndef NO_TRUST_MODELS
static void
parse_trust_model(const char *model)
{
@@ -1860,6 +1873,7 @@ parse_trust_model(const char *model)
else
log_error("unknown trust model '%s'\n",model);
}
+#endif /*NO_TRUST_MODELS*/
/* This fucntion called to initialized a new control object. It is
@@ -1967,7 +1981,9 @@ main (int argc, char **argv)
int use_random_seed = 1;
enum cmd_and_opt_values cmd = 0;
const char *debug_level = NULL;
+#ifndef NO_TRUST_MODELS
const char *trustdb_name = NULL;
+#endif /*!NO_TRUST_MODELS*/
char *def_cipher_string = NULL;
char *def_digest_string = NULL;
char *compress_algo_string = NULL;
@@ -2056,7 +2072,11 @@ main (int argc, char **argv)
opt.verify_options = (VERIFY_SHOW_POLICY_URLS
| VERIFY_SHOW_STD_NOTATIONS
| VERIFY_SHOW_KEYSERVER_URLS);
+#ifdef NO_TRUST_MODELS
+ opt.trust_model = TM_ALWAYS;
+#else
opt.trust_model = TM_AUTO;
+#endif
opt.mangle_dos_filenames = 0;
opt.min_cert_level = 2;
set_screen_dimensions ();
@@ -2376,7 +2396,11 @@ main (int argc, char **argv)
case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break;
case oMarginalsNeeded: opt.marginals_needed = pargs.r.ret_int; break;
case oMaxCertDepth: opt.max_cert_depth = pargs.r.ret_int; break;
+
+#ifndef NO_TRUST_MODELS
case oTrustDBName: trustdb_name = pargs.r.ret_str; break;
+
+#endif /*!NO_TRUST_MODELS*/
case oDefaultKey: opt.def_secret_key = pargs.r.ret_str; break;
case oDefRecipient:
if( *pargs.r.ret_str )
@@ -2407,6 +2431,8 @@ main (int argc, char **argv)
case oCompressKeys: opt.compress_keys = 1; break;
case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
+
+#ifndef NO_TRUST_MODELS
/* There are many programs (like mutt) that call gpg with
--always-trust so keep this option around for a long
time. */
@@ -2414,6 +2440,8 @@ main (int argc, char **argv)
case oTrustModel:
parse_trust_model(pargs.r.ret_str);
break;
+#endif /*!NO_TRUST_MODELS*/
+
case oForceOwnertrust:
log_info(_("NOTE: %s is not for normal use!\n"),
"--force-ownertrust");
@@ -3494,6 +3522,7 @@ main (int argc, char **argv)
ctrl = xcalloc (1, sizeof *ctrl);
gpg_init_default_ctrl (ctrl);
+#ifndef NO_TRUST_MODELS
switch (cmd)
{
case aPrimegen:
@@ -3522,7 +3551,7 @@ main (int argc, char **argv)
}
if (rc)
log_error (_("failed to initialize the TrustDB: %s\n"), g10_errstr(rc));
-
+#endif /*!NO_TRUST_MODELS*/
switch (cmd)
{
@@ -4023,6 +4052,7 @@ main (int argc, char **argv)
}
break;
+#ifndef NO_TRUST_MODELS
case aListTrustDB:
if( !argc )
list_trustdb(NULL);
@@ -4068,6 +4098,7 @@ main (int argc, char **argv)
wrong_args("--import-ownertrust [file]");
import_ownertrust( argc? *argv:NULL );
break;
+#endif /*!NO_TRUST_MODELS*/
case aRebuildKeydbCaches:
if (argc)
diff --git a/g10/import.c b/g10/import.c
index 9c14e8b..74443ef 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -222,7 +222,7 @@ import_keys_internal (ctrl_t ctrl, iobuf_t inp, char **fnames, int nnames,
interactive or by not setting no-auto-check-trustdb */
if(!(options&IMPORT_FAST))
- trustdb_check_or_update();
+ check_or_update_trustdb ();
return rc;
}
diff --git a/g10/keyedit.c b/g10/keyedit.c
index e455e84..2b8b582 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -81,7 +81,9 @@ static int menu_revsig (KBNODE keyblock);
static int menu_revuid (KBNODE keyblock);
static int menu_revkey (KBNODE pub_keyblock);
static int menu_revsubkey (KBNODE pub_keyblock);
+#ifndef NO_TRUST_MODELS
static int enable_disable_key (KBNODE keyblock, int disable);
+#endif /*!NO_TRUST_MODELS*/
static void menu_showphoto (KBNODE keyblock);
static int update_trust = 0;
@@ -1305,7 +1307,11 @@ enum cmdids
cmdREVSIG, cmdREVKEY, cmdREVUID, cmdDELSIG, cmdPRIMARY, cmdDEBUG,
cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdADDKEY, cmdDELKEY,
cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
- cmdEXPIRE, cmdBACKSIGN, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
+ cmdEXPIRE, cmdBACKSIGN,
+#ifndef NO_TRUST_MODELS
+ cmdENABLEKEY, cmdDISABLEKEY,
+#endif /*!NO_TRUST_MODELS*/
+ cmdSHOWPREF,
cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCHECKBKUPKEY,
cmdCLEAN, cmdMINIMIZE, cmdNOP
@@ -1384,7 +1390,9 @@ static struct
{ "passwd", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
N_("change the passphrase")},
{ "password", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
+#ifndef NO_TRUST_MODELS
{ "trust", cmdTRUST, KEYEDIT_NOT_SK, N_("change the ownertrust")},
+#endif /*!NO_TRUST_MODELS*/
{ "revsig", cmdREVSIG, KEYEDIT_NOT_SK,
N_("revoke signatures on the selected user IDs")},
{ "revuid", cmdREVUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
@@ -1392,8 +1400,10 @@ static struct
{ "revphoto", cmdREVUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
{ "revkey", cmdREVKEY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
N_("revoke key or selected subkeys")},
+#ifndef NO_TRUST_MODELS
{ "enable", cmdENABLEKEY, KEYEDIT_NOT_SK, N_("enable key")},
{ "disable", cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key")},
+#endif /*!NO_TRUST_MODELS*/
{ "showphoto", cmdSHOWPHOTO, 0, N_("show selected photo IDs")},
{ "clean", cmdCLEAN, KEYEDIT_NOT_SK,
N_("compact unusable user IDs and remove unusable signatures from key")},
@@ -2059,6 +2069,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
change_passphrase (ctrl, keyblock);
break;
+#ifndef NO_TRUST_MODELS
case cmdTRUST:
if (opt.trust_model == TM_EXTERNAL)
{
@@ -2080,6 +2091,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
update_trust = 1;
}
break;
+#endif /*!NO_TRUST_MODELS*/
case cmdPREF:
{
@@ -2158,6 +2170,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
}
break;
+#ifndef NO_TRUST_MODELS
case cmdENABLEKEY:
case cmdDISABLEKEY:
if (enable_disable_key (keyblock, cmd == cmdDISABLEKEY))
@@ -2166,6 +2179,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
modified = 1;
}
break;
+#endif /*!NO_TRUST_MODELS*/
case cmdSHOWPHOTO:
menu_showphoto (keyblock);
@@ -4837,12 +4851,14 @@ menu_revuid (KBNODE pub_keyblock)
pkt->pkt.signature = sig;
insert_kbnode (node, new_kbnode (pkt), 0);
+#ifndef NO_TRUST_MODELS
/* If the trustdb has an entry for this key+uid then the
trustdb needs an update. */
if (!update_trust
&& (get_validity (pk, uid) & TRUST_MASK) >=
TRUST_UNDEFINED)
update_trust = 1;
+#endif /*!NO_TRUST_MODELS*/
changed = 1;
node->pkt->pkt.user_id->is_revoked = 1;
@@ -4978,6 +4994,7 @@ menu_revsubkey (KBNODE pub_keyblock)
enabling or disabling a key. This is arguably sub-optimal as
disabled keys are still counted in the web of trust, but perhaps
not worth adding extra complexity to change. -ds */
+#ifndef NO_TRUST_MODELS
static int
enable_disable_key (KBNODE keyblock, int disable)
{
@@ -4994,6 +5011,7 @@ enable_disable_key (KBNODE keyblock, int disable)
update_ownertrust (pk, newtrust);
return 0;
}
+#endif /*!NO_TRUST_MODELS*/
static void
diff --git a/g10/keylist.c b/g10/keylist.c
index 82d60c2..6e5ebda 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -64,6 +64,7 @@ static estream_t attrib_fp;
void
public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
{
+#ifndef NO_TRUST_MODELS
if (opt.with_colons)
{
byte trust_model, marginals, completes, cert_depth, min_cert_level;
@@ -98,9 +99,9 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
if (trust_model == TM_PGP || trust_model == TM_CLASSIC)
es_fprintf (es_stdout, ":%d:%d:%d", marginals, completes, cert_depth);
-
es_fprintf (es_stdout, "\n");
}
+#endif /*!NO_TRUST_MODELS*/
/* We need to do the stale check right here because it might need to
update the keyring while we already have the keyring open. This
diff --git a/g10/keyserver.c b/g10/keyserver.c
index 0f60f7d..4de56fc 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -1344,7 +1344,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
/* If the original options didn't have fast import, and the trustdb
is dirty, rebuild. */
if(!(opt.keyserver_options.import_options&IMPORT_FAST))
- trustdb_check_or_update();
+ check_or_update_trustdb ();
return rc;
}
@@ -1688,7 +1688,7 @@ keyserver_fetch (ctrl_t ctrl, strlist_t urilist)
/* If the original options didn't have fast import, and the trustdb
is dirty, rebuild. */
if (!(opt.keyserver_options.import_options&IMPORT_FAST))
- trustdb_check_or_update ();
+ check_or_update_trustdb ();
return 0;
}
diff --git a/g10/pkclist.c b/g10/pkclist.c
index d94f59e..a6d687a 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -176,6 +176,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
* 0 = nothing changed
* 1 = new ownertrust now in new_trust
*/
+#ifndef NO_TRUST_MODELS
static int
do_edit_ownertrust (PKT_public_key *pk, int mode,
unsigned *new_trust, int defer_help )
@@ -187,7 +188,7 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
int show=0;
int min_num;
int did_help=defer_help;
- unsigned int minimum=get_min_ownertrust(pk);
+ unsigned int minimum = tdb_get_min_ownertrust (pk);
char pkstrbuf[PUBKEY_STRING_SIZE];
switch(minimum)
@@ -365,12 +366,15 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
xfree(p);
return show? -2: quit? -1 : changed;
}
+#endif /*!NO_TRUST_MODELS*/
+
/*
* Display a menu to change the ownertrust of the key PK (which should
* be a primary key).
* For mode values see do_edit_ownertrust ()
*/
+#ifndef NO_TRUST_MODELS
int
edit_ownertrust (PKT_public_key *pk, int mode )
{
@@ -396,6 +400,7 @@ edit_ownertrust (PKT_public_key *pk, int mode )
}
}
}
+#endif /*!NO_TRUST_MODELS*/
/****************
diff --git a/g10/trust.c b/g10/trust.c
new file mode 100644
index 0000000..32cd934
--- /dev/null
+++ b/g10/trust.c
@@ -0,0 +1,740 @@
+/* trust.c - High level trust functions
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
+ * 2008, 2012 Free Software Foundation, Inc.
+ * Copyright (C) 2014 Werner Koch
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+
+#include "gpg.h"
+#include "keydb.h"
+#include "util.h"
+#include "options.h"
+#include "packet.h"
+#include "main.h"
+#include "i18n.h"
+#include "trustdb.h"
+
+
+/* Return true if key is disabled. Note that this is usually used via
+ the pk_is_disabled macro. */
+int
+cache_disabled_value (PKT_public_key *pk)
+{
+#ifdef NO_TRUST_MODELS
+ (void)pk;
+ return 0;
+#else
+ return tdb_cache_disabled_value (pk);
+#endif
+}
+
+
+void
+register_trusted_keyid (u32 *keyid)
+{
+#ifdef NO_TRUST_MODELS
+ (void)keyid;
+#else
+ register_trusted_keyid (keyid);
+#endif
+}
+
+
+void
+register_trusted_key (const char *string)
+{
+#ifdef NO_TRUST_MODELS
+ (void)string;
+#else
+ register_trusted_key (string);
+#endif
+}
+
+
+
+/*
+ * This function returns a letter for a trust value. Trust flags
+ * are ignored.
+ */
+static int
+trust_letter (unsigned int value)
+{
+ switch( (value & TRUST_MASK) )
+ {
+ case TRUST_UNKNOWN: return '-';
+ case TRUST_EXPIRED: return 'e';
+ case TRUST_UNDEFINED: return 'q';
+ case TRUST_NEVER: return 'n';
+ case TRUST_MARGINAL: return 'm';
+ case TRUST_FULLY: return 'f';
+ case TRUST_ULTIMATE: return 'u';
+ default: return '?';
+ }
+}
+
+
+/* The strings here are similar to those in
+ pkclist.c:do_edit_ownertrust() */
+const char *
+trust_value_to_string (unsigned int value)
+{
+ switch ((value & TRUST_MASK))
+ {
+ case TRUST_UNKNOWN: return _("unknown");
+ case TRUST_EXPIRED: return _("expired");
+ case TRUST_UNDEFINED: return _("undefined");
+ case TRUST_NEVER: return _("never");
+ case TRUST_MARGINAL: return _("marginal");
+ case TRUST_FULLY: return _("full");
+ case TRUST_ULTIMATE: return _("ultimate");
+ default: return "err";
+ }
+}
+
+
+int
+string_to_trust_value (const char *str)
+{
+ if (!ascii_strcasecmp (str, "undefined"))
+ return TRUST_UNDEFINED;
+ else if (!ascii_strcasecmp (str, "never"))
+ return TRUST_NEVER;
+ else if (!ascii_strcasecmp (str, "marginal"))
+ return TRUST_MARGINAL;
+ else if (!ascii_strcasecmp (str, "full"))
+ return TRUST_FULLY;
+ else if (!ascii_strcasecmp(str, "ultimate"))
+ return TRUST_ULTIMATE;
+ else
+ return -1;
+}
+
+
+const char *
+uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
+{
+ if (!key && !uid)
+ {
+ /* TRANSLATORS: these strings are similar to those in
+ trust_value_to_string(), but are a fixed length. This is needed to
+ make attractive information listings where columns line up
+ properly. The value "10" should be the length of the strings you
+ choose to translate to. This is the length in printable columns.
+ It gets passed to atoi() so everything after the number is
+ essentially a comment and need not be translated. Either key and
+ uid are both NULL, or neither are NULL. */
+ return _("10 translator see trust.c:uid_trust_string_fixed");
+ }
+ else if(uid->is_revoked || (key && key->flags.revoked))
+ return _("[ revoked]");
+ else if(uid->is_expired)
+ return _("[ expired]");
+ else if(key)
+ {
+ switch (get_validity(key,uid)&TRUST_MASK)
+ {
+ case TRUST_UNKNOWN: return _("[ unknown]");
+ case TRUST_EXPIRED: return _("[ expired]");
+ case TRUST_UNDEFINED: return _("[ undef ]");
+ case TRUST_MARGINAL: return _("[marginal]");
+ case TRUST_FULLY: return _("[ full ]");
+ case TRUST_ULTIMATE: return _("[ultimate]");
+ }
+ }
+
+ return "err";
+}
+
+
+
+/*
+ * Return the assigned ownertrust value for the given public key.
+ * The key should be the primary key.
+ */
+unsigned int
+get_ownertrust (PKT_public_key *pk)
+{
+#ifdef NO_TRUST_MODELS
+ (void)pk;
+ return TRUST_UNKNOWN;
+#else
+ return tdb_get_ownertrust (pk);
+#endif
+}
+
+
+/*
+ * Same as get_ownertrust but this takes the minimum ownertrust value
+ * into into account, and will bump up the value as needed.
+ */
+static int
+get_ownertrust_with_min (PKT_public_key *pk)
+{
+#ifdef NO_TRUST_MODELS
+ (void)pk;
+ return TRUST_UNKNOWN;
+#else
+ unsigned int otrust, otrust_min;
+
+ otrust = (tdb_get_ownertrust (pk) & TRUST_MASK);
+ otrust_min = tdb_get_min_ownertrust (pk);
+ if (otrust < otrust_min)
+ {
+ /* If the trust that the user has set is less than the trust
+ that was calculated from a trust signature chain, use the
+ higher of the two. We do this here and not in
+ get_ownertrust since the underlying ownertrust should not
+ really be set - just the appearance of the ownertrust. */
+
+ otrust = otrust_min;
+ }
+
+ return otrust;
+#endif
+}
+
+
+/*
+ * Same as get_ownertrust but return a trust letter instead of an
+ * value. This takes the minimum ownertrust value into account.
+ */
+int
+get_ownertrust_info (PKT_public_key *pk)
+{
+ return trust_letter (get_ownertrust_with_min (pk));
+}
+
+
+/*
+ * Same as get_ownertrust but return a trust string instead of an
+ * value. This takes the minimum ownertrust value into account.
+ */
+const char *
+get_ownertrust_string (PKT_public_key *pk)
+{
+ return trust_value_to_string (get_ownertrust_with_min (pk));
+}
+
+
+/*
+ * Set the trust value of the given public key to the new value.
+ * The key should be a primary one.
+ */
+void
+update_ownertrust (PKT_public_key *pk, unsigned int new_trust)
+{
+#ifdef NO_TRUST_MODELS
+ (void)pk;
+ (void)new_trust;
+#else
+ update_ownertrust (pk, new_trust);
+#endif
+}
+
+
+int
+clear_ownertrusts (PKT_public_key *pk)
+{
+#ifdef NO_TRUST_MODELS
+ (void)pk;
+ return 0;
+#else
+ return tdb_clear_ownertrusts (pk);
+#endif
+}
+
+
+void
+revalidation_mark (void)
+{
+#ifndef NO_TRUST_MODELS
+ tdb_revalidation_mark ();
+#endif
+}
+
+
+void
+check_trustdb_stale (void)
+{
+#ifndef NO_TRUST_MODELS
+ tdb_check_trustdb_stale ();
+#endif
+}
+
+
+void
+check_or_update_trustdb (void)
+{
+#ifndef NO_TRUST_MODELS
+ tdb_check_or_update ();
+#endif
+}
+
+
+/*
+ * Return the validity information for PK. If the namehash is not
+ * NULL, the validity of the corresponsing user ID is returned,
+ * otherwise, a reasonable value for the entire key is returned.
+ */
+unsigned int
+get_validity (PKT_public_key *pk, PKT_user_id *uid)
+{
+ int rc;
+ unsigned int validity;
+ u32 kid[2];
+ PKT_public_key *main_pk;
+
+ if (uid)
+ namehash_from_uid (uid);
+
+ keyid_from_pk (pk, kid);
+ if (pk->main_keyid[0] != kid[0] || pk->main_keyid[1] != kid[1])
+ {
+ /* This is a subkey - get the mainkey. */
+ main_pk = xmalloc_clear (sizeof *main_pk);
+ rc = get_pubkey (main_pk, pk->main_keyid);
+ if (rc)
+ {
+ char *tempkeystr = xstrdup (keystr (pk->main_keyid));
+ log_error ("error getting main key %s of subkey %s: %s\n",
+ tempkeystr, keystr (kid), g10_errstr (rc));
+ xfree (tempkeystr);
+ validity = TRUST_UNKNOWN;
+ goto leave;
+ }
+ }
+ else
+ main_pk = pk;
+
+#ifdef NO_TRUST_MODELS
+ validity = TRUST_UNKNOWN;
+#else
+ validity = tdb_get_validity_core (pk, uid, main_pk);
+#endif
+
+ leave:
+ /* Set some flags direct from the key */
+ if (main_pk->flags.revoked)
+ validity |= TRUST_FLAG_REVOKED;
+ if (main_pk != pk && pk->flags.revoked)
+ validity |= TRUST_FLAG_SUB_REVOKED;
+ /* Note: expiration is a trust value and not a flag - don't know why
+ * I initially designed it that way. */
+ if (main_pk->has_expired || pk->has_expired)
+ validity = ((validity & (~TRUST_MASK | TRUST_FLAG_PENDING_CHECK))
+ | TRUST_EXPIRED);
+
+ if (main_pk != pk)
+ free_public_key (main_pk);
+ return validity;
+}
+
+
+int
+get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
+{
+ int trustlevel;
+
+ if (!pk)
+ return '?'; /* Just in case a NULL PK is passed. */
+
+ trustlevel = get_validity (pk, uid);
+ if ((trustlevel & TRUST_FLAG_REVOKED))
+ return 'r';
+ return trust_letter (trustlevel);
+}
+
+
+const char *
+get_validity_string (PKT_public_key *pk, PKT_user_id *uid)
+{
+ int trustlevel;
+
+ if (!pk)
+ return "err"; /* Just in case a NULL PK is passed. */
+
+ trustlevel = get_validity (pk, uid);
+ if ((trustlevel & TRUST_FLAG_REVOKED))
+ return _("revoked");
+ return trust_value_to_string (trustlevel);
+}
+
+
+
+/*
+ * Mark the signature of the given UID which are used to certify it.
+ * To do this, we first revmove all signatures which are not valid and
+ * from the remain ones we look for the latest one. If this is not a
+ * certification revocation signature we mark the signature by setting
+ * node flag bit 8. Revocations are marked with flag 11, and sigs
+ * from unavailable keys are marked with flag 12. Note that flag bits
+ * 9 and 10 are used for internal purposes.
+ */
+void
+mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
+ u32 *main_kid, struct key_item *klist,
+ u32 curtime, u32 *next_expire)
+{
+ kbnode_t node;
+ PKT_signature *sig;
+
+ /* First check all signatures. */
+ for (node=uidnode->next; node; node = node->next)
+ {
+ int rc;
+
+ node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12);
+ if (node->pkt->pkttype == PKT_USER_ID
+ || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+ break; /* ready */
+ if (node->pkt->pkttype != PKT_SIGNATURE)
+ continue;
+ sig = node->pkt->pkt.signature;
+ if (main_kid
+ && sig->keyid[0] == main_kid[0] && sig->keyid[1] == main_kid[1])
+ continue; /* ignore self-signatures if we pass in a main_kid */
+ if (!IS_UID_SIG(sig) && !IS_UID_REV(sig))
+ continue; /* we only look at these signature classes */
+ if(sig->sig_class>=0x11 && sig->sig_class<=0x13 &&
+ sig->sig_class-0x10<opt.min_cert_level)
+ continue; /* treat anything under our min_cert_level as an
+ invalid signature */
+ if (klist && !is_in_klist (klist, sig))
+ continue; /* no need to check it then */
+ if ((rc=check_key_signature (keyblock, node, NULL)))
+ {
+ /* we ignore anything that won't verify, but tag the
+ no_pubkey case */
+ if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY)
+ node->flag |= 1<<12;
+ continue;
+ }
+ node->flag |= 1<<9;
+ }
+ /* Reset the remaining flags. */
+ for (; node; node = node->next)
+ node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12);
+
+ /* kbnode flag usage: bit 9 is here set for signatures to consider,
+ * bit 10 will be set by the loop to keep track of keyIDs already
+ * processed, bit 8 will be set for the usable signatures, and bit
+ * 11 will be set for usable revocations. */
+
+ /* For each cert figure out the latest valid one. */
+ for (node=uidnode->next; node; node = node->next)
+ {
+ KBNODE n, signode;
+ u32 kid[2];
+ u32 sigdate;
+
+ if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+ break;
+ if ( !(node->flag & (1<<9)) )
+ continue; /* not a node to look at */
+ if ( (node->flag & (1<<10)) )
+ continue; /* signature with a keyID already processed */
+ node->flag |= (1<<10); /* mark this node as processed */
+ sig = node->pkt->pkt.signature;
+ signode = node;
+ sigdate = sig->timestamp;
+ kid[0] = sig->keyid[0]; kid[1] = sig->keyid[1];
+
+ /* Now find the latest and greatest signature */
+ for (n=uidnode->next; n; n = n->next)
+ {
+ if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+ break;
+ if ( !(n->flag & (1<<9)) )
+ continue;
+ if ( (n->flag & (1<<10)) )
+ continue; /* shortcut already processed signatures */
+ sig = n->pkt->pkt.signature;
+ if (kid[0] != sig->keyid[0] || kid[1] != sig->keyid[1])
+ continue;
+ n->flag |= (1<<10); /* mark this node as processed */
+
+ /* If signode is nonrevocable and unexpired and n isn't,
+ then take signode (skip). It doesn't matter which is
+ older: if signode was older then we don't want to take n
+ as signode is nonrevocable. If n was older then we're
+ automatically fine. */
+
+ if(((IS_UID_SIG(signode->pkt->pkt.signature) &&
+ !signode->pkt->pkt.signature->flags.revocable &&
+ (signode->pkt->pkt.signature->expiredate==0 ||
+ signode->pkt->pkt.signature->expiredate>curtime))) &&
+ (!(IS_UID_SIG(n->pkt->pkt.signature) &&
+ !n->pkt->pkt.signature->flags.revocable &&
+ (n->pkt->pkt.signature->expiredate==0 ||
+ n->pkt->pkt.signature->expiredate>curtime))))
+ continue;
+
+ /* If n is nonrevocable and unexpired and signode isn't,
+ then take n. Again, it doesn't matter which is older: if
+ n was older then we don't want to take signode as n is
+ nonrevocable. If signode was older then we're
+ automatically fine. */
+
+ if((!(IS_UID_SIG(signode->pkt->pkt.signature) &&
+ !signode->pkt->pkt.signature->flags.revocable &&
+ (signode->pkt->pkt.signature->expiredate==0 ||
+ signode->pkt->pkt.signature->expiredate>curtime))) &&
+ ((IS_UID_SIG(n->pkt->pkt.signature) &&
+ !n->pkt->pkt.signature->flags.revocable &&
+ (n->pkt->pkt.signature->expiredate==0 ||
+ n->pkt->pkt.signature->expiredate>curtime))))
+ {
+ signode = n;
+ sigdate = sig->timestamp;
+ continue;
+ }
+
+ /* At this point, if it's newer, it goes in as the only
+ remaining possibilities are signode and n are both either
+ revocable or expired or both nonrevocable and unexpired.
+ If the timestamps are equal take the later ordered
+ packet, presuming that the key packets are hopefully in
+ their original order. */
+
+ if (sig->timestamp >= sigdate)
+ {
+ signode = n;
+ sigdate = sig->timestamp;
+ }
+ }
+
+ sig = signode->pkt->pkt.signature;
+ if (IS_UID_SIG (sig))
+ { /* this seems to be a usable one which is not revoked.
+ * Just need to check whether there is an expiration time,
+ * We do the expired certification after finding a suitable
+ * certification, the assumption is that a signator does not
+ * want that after the expiration of his certificate the
+ * system falls back to an older certification which has a
+ * different expiration time */
+ const byte *p;
+ u32 expire;
+
+ p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
+ expire = p? sig->timestamp + buffer_to_u32(p) : 0;
+
+ if (expire==0 || expire > curtime )
+ {
+ signode->flag |= (1<<8); /* yeah, found a good cert */
+ if (next_expire && expire && expire < *next_expire)
+ *next_expire = expire;
+ }
+ }
+ else
+ signode->flag |= (1<<11);
+ }
+}
+
+
+static int
+clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
+ int noisy, int self_only)
+{
+ int deleted = 0;
+ kbnode_t node;
+ u32 keyid[2];
+
+ assert (keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+
+ keyid_from_pk (keyblock->pkt->pkt.public_key, keyid);
+
+ /* Passing in a 0 for current time here means that we'll never weed
+ out an expired sig. This is correct behavior since we want to
+ keep the most recent expired sig in a series. */
+ mark_usable_uid_certs (keyblock, uidnode, NULL, NULL, 0, NULL);
+
+ /* What we want to do here is remove signatures that are not
+ considered as part of the trust calculations. Thus, all invalid
+ signatures are out, as are any signatures that aren't the last of
+ a series of uid sigs or revocations It breaks down like this:
+ coming out of mark_usable_uid_certs, if a sig is unflagged, it is
+ not even a candidate. If a sig has flag 9 or 10, that means it
+ was selected as a candidate and vetted. If a sig has flag 8 it
+ is a usable signature. If a sig has flag 11 it is a usable
+ revocation. If a sig has flag 12 it was issued by an unavailable
+ key. "Usable" here means the most recent valid
+ signature/revocation in a series from a particular signer.
+
+ Delete everything that isn't a usable uid sig (which might be
+ expired), a usable revocation, or a sig from an unavailable
+ key. */
+
+ for (node=uidnode->next;
+ node && node->pkt->pkttype==PKT_SIGNATURE;
+ node=node->next)
+ {
+ int keep;
+
+ keep = self_only? (node->pkt->pkt.signature->keyid[0] == keyid[0]
+ && node->pkt->pkt.signature->keyid[1] == keyid[1]) : 1;
+
+ /* Keep usable uid sigs ... */
+ if ((node->flag & (1<<8)) && keep)
+ continue;
+
+ /* ... and usable revocations... */
+ if ((node->flag & (1<<11)) && keep)
+ continue;
+
+ /* ... and sigs from unavailable keys. */
+ /* disabled for now since more people seem to want sigs from
+ unavailable keys removed altogether. */
+ /*
+ if(node->flag & (1<<12))
+ continue;
+ */
+
+ /* Everything else we delete */
+
+ /* At this point, if 12 is set, the signing key was unavailable.
+ If 9 or 10 is set, it's superseded. Otherwise, it's
+ invalid. */
+
+ if (noisy)
+ log_info ("removing signature from key %s on user ID \"%s\": %s\n",
+ keystr (node->pkt->pkt.signature->keyid),
+ uidnode->pkt->pkt.user_id->name,
+ node->flag&(1<<12)? "key unavailable":
+ node->flag&(1<<9)? "signature superseded"
+ /* */ :"invalid signature" );
+
+ delete_kbnode (node);
+ deleted++;
+ }
+
+ return deleted;
+}
+
+
+/* This is substantially easier than clean_sigs_from_uid since we just
+ have to establish if the uid has a valid self-sig, is not revoked,
+ and is not expired. Note that this does not take into account
+ whether the uid has a trust path to it - just whether the keyholder
+ themselves has certified the uid. Returns true if the uid was
+ compacted. To "compact" a user ID, we simply remove ALL signatures
+ except the self-sig that caused the user ID to be remove-worthy.
+ We don't actually remove the user ID packet itself since it might
+ be ressurected in a later merge. Note that this function requires
+ that the caller has already done a merge_keys_and_selfsig().
+
+ TODO: change the import code to allow importing a uid with only a
+ revocation if the uid already exists on the keyring. */
+
+static int
+clean_uid_from_key (kbnode_t keyblock, kbnode_t uidnode, int noisy)
+{
+ kbnode_t node;
+ PKT_user_id *uid = uidnode->pkt->pkt.user_id;
+ int deleted = 0;
+
+ assert (keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+ assert (uidnode->pkt->pkttype==PKT_USER_ID);
+
+ /* Skip valid user IDs, compacted user IDs, and non-self-signed user
+ IDs if --allow-non-selfsigned-uid is set. */
+ if (uid->created
+ || uid->flags.compacted
+ || (!uid->is_expired && !uid->is_revoked && opt.allow_non_selfsigned_uid))
+ return 0;
+
+ for (node=uidnode->next;
+ node && node->pkt->pkttype == PKT_SIGNATURE;
+ node=node->next)
+ {
+ if (!node->pkt->pkt.signature->flags.chosen_selfsig)
+ {
+ delete_kbnode (node);
+ deleted = 1;
+ uidnode->pkt->pkt.user_id->flags.compacted = 1;
+ }
+ }
+
+ if (noisy)
+ {
+ const char *reason;
+ char *user = utf8_to_native (uid->name, uid->len, 0);
+
+ if (uid->is_revoked)
+ reason = _("revoked");
+ else if (uid->is_expired)
+ reason = _("expired");
+ else
+ reason = _("invalid");
+
+ log_info ("compacting user ID \"%s\" on key %s: %s\n",
+ user, keystr_from_pk (keyblock->pkt->pkt.public_key),
+ reason);
+
+ xfree (user);
+ }
+
+ return deleted;
+}
+
+
+/* Needs to be called after a merge_keys_and_selfsig() */
+void
+clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
+ int *uids_cleaned, int *sigs_cleaned)
+{
+ int dummy;
+
+ assert (keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+ assert (uidnode->pkt->pkttype==PKT_USER_ID);
+
+ if (!uids_cleaned)
+ uids_cleaned = &dummy;
+
+ if (!sigs_cleaned)
+ sigs_cleaned = &dummy;
+
+ /* Do clean_uid_from_key first since if it fires off, we don't have
+ to bother with the other. */
+ *uids_cleaned += clean_uid_from_key (keyblock, uidnode, noisy);
+ if (!uidnode->pkt->pkt.user_id->flags.compacted)
+ *sigs_cleaned += clean_sigs_from_uid (keyblock, uidnode, noisy, self_only);
+}
+
+
+void
+clean_key (kbnode_t keyblock, int noisy, int self_only,
+ int *uids_cleaned, int *sigs_cleaned)
+{
+ kbnode_t uidnode;
+
+ merge_keys_and_selfsig (keyblock);
+
+ for (uidnode = keyblock->next;
+ uidnode && uidnode->pkt->pkttype != PKT_PUBLIC_SUBKEY;
+ uidnode = uidnode->next)
+ {
+ if (uidnode->pkt->pkttype == PKT_USER_ID)
+ clean_one_uid (keyblock, uidnode,noisy, self_only,
+ uids_cleaned, sigs_cleaned);
+ }
+}
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 24ed9df..733fa79 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -42,20 +42,6 @@
#include "trustdb.h"
-/*
- * A structure to store key identification as well as some stuff needed
- * for validation
- */
-struct key_item {
- struct key_item *next;
- unsigned int ownertrust,min_ownertrust;
- byte trust_depth;
- byte trust_value;
- char *trust_regexp;
- u32 kid[2];
-};
-
-
typedef struct key_item **KeyHashTable; /* see new_key_hash_table() */
/*
@@ -200,7 +186,7 @@ release_key_array ( struct key_array *keys )
* FIXME: Should be replaced by a function to add those keys to the trustdb.
*/
void
-register_trusted_keyid(u32 *keyid)
+tdb_register_trusted_keyid (u32 *keyid)
{
struct key_item *k;
@@ -212,7 +198,7 @@ register_trusted_keyid(u32 *keyid)
}
void
-register_trusted_key( const char *string )
+tdb_register_trusted_key( const char *string )
{
gpg_error_t err;
KEYDB_SEARCH_DESC desc;
@@ -308,9 +294,9 @@ verify_own_keys(void)
keystr(k->kid));
else
{
- update_ownertrust (&pk,
- ((get_ownertrust (&pk) & ~TRUST_MASK)
- | TRUST_ULTIMATE ));
+ tdb_update_ownertrust (&pk,
+ ((tdb_get_ownertrust (&pk) & ~TRUST_MASK)
+ | TRUST_ULTIMATE ));
release_public_key_parts (&pk);
}
@@ -483,96 +469,6 @@ init_trustdb()
}
-/***********************************************
- ************* Print helpers ****************
- ***********************************************/
-
-/****************
- * This function returns a letter for a trustvalue Trust flags
- * are ignore.
- */
-static int
-trust_letter (unsigned int value)
-{
- switch( (value & TRUST_MASK) )
- {
- case TRUST_UNKNOWN: return '-';
- case TRUST_EXPIRED: return 'e';
- case TRUST_UNDEFINED: return 'q';
- case TRUST_NEVER: return 'n';
- case TRUST_MARGINAL: return 'm';
- case TRUST_FULLY: return 'f';
- case TRUST_ULTIMATE: return 'u';
- default: return '?';
- }
-}
-
-const char *
-uid_trust_string_fixed(PKT_public_key *key,PKT_user_id *uid)
-{
- if(!key && !uid)
-/* TRANSLATORS: these strings are similar to those in
- trust_value_to_string(), but are a fixed length. This is needed to
- make attractive information listings where columns line up
- properly. The value "10" should be the length of the strings you
- choose to translate to. This is the length in printable columns.
- It gets passed to atoi() so everything after the number is
- essentially a comment and need not be translated. Either key and
- uid are both NULL, or neither are NULL. */
- return _("10 translator see trustdb.c:uid_trust_string_fixed");
- else if(uid->is_revoked || (key && key->flags.revoked))
- return _("[ revoked]");
- else if(uid->is_expired)
- return _("[ expired]");
- else if(key)
- switch(get_validity(key,uid)&TRUST_MASK)
- {
- case TRUST_UNKNOWN: return _("[ unknown]");
- case TRUST_EXPIRED: return _("[ expired]");
- case TRUST_UNDEFINED: return _("[ undef ]");
- case TRUST_MARGINAL: return _("[marginal]");
- case TRUST_FULLY: return _("[ full ]");
- case TRUST_ULTIMATE: return _("[ultimate]");
- }
-
- return "err";
-}
-
-/* The strings here are similar to those in
- pkclist.c:do_edit_ownertrust() */
-const char *
-trust_value_to_string (unsigned int value)
-{
- switch( (value & TRUST_MASK) )
- {
- case TRUST_UNKNOWN: return _("unknown");
- case TRUST_EXPIRED: return _("expired");
- case TRUST_UNDEFINED: return _("undefined");
- case TRUST_NEVER: return _("never");
- case TRUST_MARGINAL: return _("marginal");
- case TRUST_FULLY: return _("full");
- case TRUST_ULTIMATE: return _("ultimate");
- default: return "err";
- }
-}
-
-int
-string_to_trust_value (const char *str)
-{
- if(ascii_strcasecmp(str,"undefined")==0)
- return TRUST_UNDEFINED;
- else if(ascii_strcasecmp(str,"never")==0)
- return TRUST_NEVER;
- else if(ascii_strcasecmp(str,"marginal")==0)
- return TRUST_MARGINAL;
- else if(ascii_strcasecmp(str,"full")==0)
- return TRUST_FULLY;
- else if(ascii_strcasecmp(str,"ultimate")==0)
- return TRUST_ULTIMATE;
- else
- return -1;
-}
-
/****************
* Recreate the WoT but do not ask for new ownertrusts. Special
* feature: In batch mode and without a forced yes, this is only done
@@ -626,7 +522,7 @@ update_trustdb()
}
void
-revalidation_mark (void)
+tdb_revalidation_mark (void)
{
init_trustdb();
/* we simply set the time for the next check to 1 (far back in 1970)
@@ -645,7 +541,7 @@ trustdb_pending_check(void)
/* If the trustdb is dirty, and we're interactive, update it.
Otherwise, check it unless no-auto-check-trustdb is set. */
void
-trustdb_check_or_update(void)
+tdb_check_or_update (void)
{
if(trustdb_pending_check())
{
@@ -718,7 +614,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
* The key should be the primary key.
*/
unsigned int
-get_ownertrust ( PKT_public_key *pk)
+tdb_get_ownertrust ( PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
@@ -735,8 +631,9 @@ get_ownertrust ( PKT_public_key *pk)
return rec.r.trust.ownertrust;
}
+
unsigned int
-get_min_ownertrust (PKT_public_key *pk)
+tdb_get_min_ownertrust (PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
@@ -753,57 +650,13 @@ get_min_ownertrust (PKT_public_key *pk)
return rec.r.trust.min_ownertrust;
}
-/*
- * Same as get_ownertrust but this takes the minimum ownertrust value
- * into into account, and will bump up the value as needed.
- */
-static int
-get_ownertrust_with_min (PKT_public_key *pk)
-{
- unsigned int otrust,otrust_min;
-
- otrust = (get_ownertrust (pk) & TRUST_MASK);
- otrust_min = get_min_ownertrust (pk);
- if(otrust<otrust_min)
- {
- /* If the trust that the user has set is less than the trust
- that was calculated from a trust signature chain, use the
- higher of the two. We do this here and not in
- get_ownertrust since the underlying ownertrust should not
- really be set - just the appearance of the ownertrust. */
-
- otrust=otrust_min;
- }
-
- return otrust;
-}
-
-/*
- * Same as get_ownertrust but return a trust letter instead of an
- * value. This takes the minimum ownertrust value into account.
- */
-int
-get_ownertrust_info (PKT_public_key *pk)
-{
- return trust_letter(get_ownertrust_with_min(pk));
-}
-
-/*
- * Same as get_ownertrust but return a trust string instead of an
- * value. This takes the minimum ownertrust value into account.
- */
-const char *
-get_ownertrust_string (PKT_public_key *pk)
-{
- return trust_value_to_string(get_ownertrust_with_min(pk));
-}
/*
* Set the trust value of the given public key to the new value.
* The key should be a primary one.
*/
void
-update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
+tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
{
TRUSTREC rec;
int rc;
@@ -818,7 +671,7 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
{
rec.r.trust.ownertrust = new_trust;
write_record( &rec );
- revalidation_mark ();
+ tdb_revalidation_mark ();
do_sync ();
}
}
@@ -835,7 +688,7 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
rec.r.trust.ownertrust = new_trust;
write_record (&rec);
- revalidation_mark ();
+ tdb_revalidation_mark ();
do_sync ();
rc = 0;
}
@@ -872,7 +725,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
{
rec.r.trust.min_ownertrust = new_trust;
write_record( &rec );
- revalidation_mark ();
+ tdb_revalidation_mark ();
do_sync ();
}
}
@@ -889,7 +742,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
rec.r.trust.min_ownertrust = new_trust;
write_record (&rec);
- revalidation_mark ();
+ tdb_revalidation_mark ();
do_sync ();
rc = 0;
}
@@ -899,10 +752,11 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
}
}
+
/* Clear the ownertrust and min_ownertrust values. Return true if a
change actually happened. */
int
-clear_ownertrusts (PKT_public_key *pk)
+tdb_clear_ownertrusts (PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
@@ -922,7 +776,7 @@ clear_ownertrusts (PKT_public_key *pk)
rec.r.trust.ownertrust = 0;
rec.r.trust.min_ownertrust = 0;
write_record( &rec );
- revalidation_mark ();
+ tdb_revalidation_mark ();
do_sync ();
return 1;
}
@@ -1000,7 +854,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
/* Return true if key is disabled. Note that this is usually used via
the pk_is_disabled macro. */
int
-cache_disabled_value (PKT_public_key *pk)
+tdb_cache_disabled_value (PKT_public_key *pk)
{
int rc;
TRUSTREC trec;
@@ -1032,8 +886,9 @@ cache_disabled_value (PKT_public_key *pk)
return disabled;
}
+
void
-check_trustdb_stale(void)
+tdb_check_trustdb_stale (void)
{
static int did_nextcheck=0;
@@ -1063,49 +918,26 @@ check_trustdb_stale(void)
}
/*
- * Return the validity information for PK. If the namehash is not
- * NULL, the validity of the corresponsing user ID is returned,
- * otherwise, a reasonable value for the entire key is returned.
+ * Return the validity information for PK. This is the core of
+ * get_validity.
*/
unsigned int
-get_validity (PKT_public_key *pk, PKT_user_id *uid)
+tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid,
+ PKT_public_key *main_pk)
{
TRUSTREC trec, vrec;
int rc;
ulong recno;
unsigned int validity;
- u32 kid[2];
- PKT_public_key *main_pk;
-
- if(uid)
- namehash_from_uid(uid);
init_trustdb ();
check_trustdb_stale();
- keyid_from_pk (pk, kid);
- if (pk->main_keyid[0] != kid[0] || pk->main_keyid[1] != kid[1])
- { /* this is a subkey - get the mainkey */
- main_pk = xmalloc_clear (sizeof *main_pk);
- rc = get_pubkey (main_pk, pk->main_keyid);
- if (rc)
- {
- char *tempkeystr=xstrdup(keystr(pk->main_keyid));
- log_error ("error getting main key %s of subkey %s: %s\n",
- tempkeystr, keystr(kid), g10_errstr(rc));
- xfree(tempkeystr);
- validity = TRUST_UNKNOWN;
- goto leave;
- }
- }
- else
- main_pk = pk;
-
if(opt.trust_model==TM_DIRECT)
{
/* Note that this happens BEFORE any user ID stuff is checked.
The direct trust model applies to keys as a whole. */
- validity=get_ownertrust(main_pk);
+ validity = tdb_get_ownertrust (main_pk);
goto leave;
}
@@ -1161,51 +993,12 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
pk->flags.disabled_valid = 1;
leave:
- /* set some flags direct from the key */
- if (main_pk->flags.revoked)
- validity |= TRUST_FLAG_REVOKED;
- if (main_pk != pk && pk->flags.revoked)
- validity |= TRUST_FLAG_SUB_REVOKED;
- /* Note: expiration is a trust value and not a flag - don't know why
- * I initially designed it that way */
- if (main_pk->has_expired || pk->has_expired)
- validity = (validity & ~TRUST_MASK) | TRUST_EXPIRED;
-
if (pending_check_trustdb)
validity |= TRUST_FLAG_PENDING_CHECK;
- if (main_pk != pk)
- free_public_key (main_pk);
return validity;
}
-int
-get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
-{
- int trustlevel;
-
- if (!pk)
- return '?'; /* Just in case a NULL PK is passed. */
-
- trustlevel = get_validity (pk, uid);
- if ( (trustlevel & TRUST_FLAG_REVOKED) )
- return 'r';
- return trust_letter (trustlevel);
-}
-
-const char *
-get_validity_string (PKT_public_key *pk, PKT_user_id *uid)
-{
- int trustlevel;
-
- if (!pk)
- return "err"; /* Just in case a NULL PK is passed. */
-
- trustlevel = get_validity (pk, uid);
- if( trustlevel & TRUST_FLAG_REVOKED )
- return _("revoked");
- return trust_value_to_string(trustlevel);
-}
static void
get_validity_counts (PKT_public_key *pk, PKT_user_id *uid)
@@ -1318,14 +1111,14 @@ ask_ownertrust (u32 *kid,int minimum)
{
log_info("force trust for key %s to %s\n",
keystr(kid),trust_value_to_string(opt.force_ownertrust));
- update_ownertrust(pk,opt.force_ownertrust);
+ tdb_update_ownertrust (pk, opt.force_ownertrust);
ot=opt.force_ownertrust;
}
else
{
ot=edit_ownertrust(pk,0);
if(ot>0)
- ot = get_ownertrust (pk);
+ ot = tdb_get_ownertrust (pk);
else if(ot==0)
ot = minimum?minimum:TRUST_UNDEFINED;
else
@@ -1427,365 +1220,6 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
do_sync ();
}
-/*
- * check whether the signature sig is in the klist k
- */
-static struct key_item *
-is_in_klist (struct key_item *k, PKT_signature *sig)
-{
- for (; k; k = k->next)
- {
- if (k->kid[0] == sig->keyid[0] && k->kid[1] == sig->keyid[1])
- return k;
- }
- return NULL;
-}
-
-/*
- * Mark the signature of the given UID which are used to certify it.
- * To do this, we first revmove all signatures which are not valid and
- * from the remain ones we look for the latest one. If this is not a
- * certification revocation signature we mark the signature by setting
- * node flag bit 8. Revocations are marked with flag 11, and sigs
- * from unavailable keys are marked with flag 12. Note that flag bits
- * 9 and 10 are used for internal purposes.
- */
-static void
-mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
- u32 *main_kid, struct key_item *klist,
- u32 curtime, u32 *next_expire)
-{
- KBNODE node;
- PKT_signature *sig;
-
- /* first check all signatures */
- for (node=uidnode->next; node; node = node->next)
- {
- int rc;
-
- node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12);
- if (node->pkt->pkttype == PKT_USER_ID
- || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
- break; /* ready */
- if (node->pkt->pkttype != PKT_SIGNATURE)
- continue;
- sig = node->pkt->pkt.signature;
- if (main_kid
- && sig->keyid[0] == main_kid[0] && sig->keyid[1] == main_kid[1])
- continue; /* ignore self-signatures if we pass in a main_kid */
- if (!IS_UID_SIG(sig) && !IS_UID_REV(sig))
- continue; /* we only look at these signature classes */
- if(sig->sig_class>=0x11 && sig->sig_class<=0x13 &&
- sig->sig_class-0x10<opt.min_cert_level)
- continue; /* treat anything under our min_cert_level as an
- invalid signature */
- if (klist && !is_in_klist (klist, sig))
- continue; /* no need to check it then */
- if ((rc=check_key_signature (keyblock, node, NULL)))
- {
- /* we ignore anything that won't verify, but tag the
- no_pubkey case */
- if(rc==G10ERR_NO_PUBKEY)
- node->flag |= 1<<12;
- continue;
- }
- node->flag |= 1<<9;
- }
- /* reset the remaining flags */
- for (; node; node = node->next)
- node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12);
-
- /* kbnode flag usage: bit 9 is here set for signatures to consider,
- * bit 10 will be set by the loop to keep track of keyIDs already
- * processed, bit 8 will be set for the usable signatures, and bit
- * 11 will be set for usable revocations. */
-
- /* for each cert figure out the latest valid one */
- for (node=uidnode->next; node; node = node->next)
- {
- KBNODE n, signode;
- u32 kid[2];
- u32 sigdate;
-
- if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
- break;
- if ( !(node->flag & (1<<9)) )
- continue; /* not a node to look at */
- if ( (node->flag & (1<<10)) )
- continue; /* signature with a keyID already processed */
- node->flag |= (1<<10); /* mark this node as processed */
- sig = node->pkt->pkt.signature;
- signode = node;
- sigdate = sig->timestamp;
- kid[0] = sig->keyid[0]; kid[1] = sig->keyid[1];
-
- /* Now find the latest and greatest signature */
- for (n=uidnode->next; n; n = n->next)
- {
- if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
- break;
- if ( !(n->flag & (1<<9)) )
- continue;
- if ( (n->flag & (1<<10)) )
- continue; /* shortcut already processed signatures */
- sig = n->pkt->pkt.signature;
- if (kid[0] != sig->keyid[0] || kid[1] != sig->keyid[1])
- continue;
- n->flag |= (1<<10); /* mark this node as processed */
-
- /* If signode is nonrevocable and unexpired and n isn't,
- then take signode (skip). It doesn't matter which is
- older: if signode was older then we don't want to take n
- as signode is nonrevocable. If n was older then we're
- automatically fine. */
-
- if(((IS_UID_SIG(signode->pkt->pkt.signature) &&
- !signode->pkt->pkt.signature->flags.revocable &&
- (signode->pkt->pkt.signature->expiredate==0 ||
- signode->pkt->pkt.signature->expiredate>curtime))) &&
- (!(IS_UID_SIG(n->pkt->pkt.signature) &&
- !n->pkt->pkt.signature->flags.revocable &&
- (n->pkt->pkt.signature->expiredate==0 ||
- n->pkt->pkt.signature->expiredate>curtime))))
- continue;
-
- /* If n is nonrevocable and unexpired and signode isn't,
- then take n. Again, it doesn't matter which is older: if
- n was older then we don't want to take signode as n is
- nonrevocable. If signode was older then we're
- automatically fine. */
-
- if((!(IS_UID_SIG(signode->pkt->pkt.signature) &&
- !signode->pkt->pkt.signature->flags.revocable &&
- (signode->pkt->pkt.signature->expiredate==0 ||
- signode->pkt->pkt.signature->expiredate>curtime))) &&
- ((IS_UID_SIG(n->pkt->pkt.signature) &&
- !n->pkt->pkt.signature->flags.revocable &&
- (n->pkt->pkt.signature->expiredate==0 ||
- n->pkt->pkt.signature->expiredate>curtime))))
- {
- signode = n;
- sigdate = sig->timestamp;
- continue;
- }
-
- /* At this point, if it's newer, it goes in as the only
- remaining possibilities are signode and n are both either
- revocable or expired or both nonrevocable and unexpired.
- If the timestamps are equal take the later ordered
- packet, presuming that the key packets are hopefully in
- their original order. */
-
- if (sig->timestamp >= sigdate)
- {
- signode = n;
- sigdate = sig->timestamp;
- }
- }
-
- sig = signode->pkt->pkt.signature;
- if (IS_UID_SIG (sig))
- { /* this seems to be a usable one which is not revoked.
- * Just need to check whether there is an expiration time,
- * We do the expired certification after finding a suitable
- * certification, the assumption is that a signator does not
- * want that after the expiration of his certificate the
- * system falls back to an older certification which has a
- * different expiration time */
- const byte *p;
- u32 expire;
-
- p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
- expire = p? sig->timestamp + buffer_to_u32(p) : 0;
-
- if (expire==0 || expire > curtime )
- {
- signode->flag |= (1<<8); /* yeah, found a good cert */
- if (next_expire && expire && expire < *next_expire)
- *next_expire = expire;
- }
- }
- else
- signode->flag |= (1<<11);
- }
-}
-
-static int
-clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only)
-{
- int deleted=0;
- KBNODE node;
- u32 keyid[2];
-
- assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
-
- keyid_from_pk(keyblock->pkt->pkt.public_key,keyid);
-
- /* Passing in a 0 for current time here means that we'll never weed
- out an expired sig. This is correct behavior since we want to
- keep the most recent expired sig in a series. */
- mark_usable_uid_certs(keyblock,uidnode,NULL,NULL,0,NULL);
-
- /* What we want to do here is remove signatures that are not
- considered as part of the trust calculations. Thus, all invalid
- signatures are out, as are any signatures that aren't the last of
- a series of uid sigs or revocations It breaks down like this:
- coming out of mark_usable_uid_certs, if a sig is unflagged, it is
- not even a candidate. If a sig has flag 9 or 10, that means it
- was selected as a candidate and vetted. If a sig has flag 8 it
- is a usable signature. If a sig has flag 11 it is a usable
- revocation. If a sig has flag 12 it was issued by an unavailable
- key. "Usable" here means the most recent valid
- signature/revocation in a series from a particular signer.
-
- Delete everything that isn't a usable uid sig (which might be
- expired), a usable revocation, or a sig from an unavailable
- key. */
-
- for(node=uidnode->next;
- node && node->pkt->pkttype==PKT_SIGNATURE;
- node=node->next)
- {
- int keep=self_only?(node->pkt->pkt.signature->keyid[0]==keyid[0]
- && node->pkt->pkt.signature->keyid[1]==keyid[1]):1;
-
- /* Keep usable uid sigs ... */
- if((node->flag & (1<<8)) && keep)
- continue;
-
- /* ... and usable revocations... */
- if((node->flag & (1<<11)) && keep)
- continue;
-
- /* ... and sigs from unavailable keys. */
- /* disabled for now since more people seem to want sigs from
- unavailable keys removed altogether. */
- /*
- if(node->flag & (1<<12))
- continue;
- */
-
- /* Everything else we delete */
-
- /* At this point, if 12 is set, the signing key was unavailable.
- If 9 or 10 is set, it's superseded. Otherwise, it's
- invalid. */
-
- if(noisy)
- log_info("removing signature from key %s on user ID \"%s\": %s\n",
- keystr(node->pkt->pkt.signature->keyid),
- uidnode->pkt->pkt.user_id->name,
- node->flag&(1<<12)?"key unavailable":
- node->flag&(1<<9)?"signature superseded":"invalid signature");
-
- delete_kbnode(node);
- deleted++;
- }
-
- return deleted;
-}
-
-/* This is substantially easier than clean_sigs_from_uid since we just
- have to establish if the uid has a valid self-sig, is not revoked,
- and is not expired. Note that this does not take into account
- whether the uid has a trust path to it - just whether the keyholder
- themselves has certified the uid. Returns true if the uid was
- compacted. To "compact" a user ID, we simply remove ALL signatures
- except the self-sig that caused the user ID to be remove-worthy.
- We don't actually remove the user ID packet itself since it might
- be ressurected in a later merge. Note that this function requires
- that the caller has already done a merge_keys_and_selfsig().
-
- TODO: change the import code to allow importing a uid with only a
- revocation if the uid already exists on the keyring. */
-
-static int
-clean_uid_from_key(KBNODE keyblock,KBNODE uidnode,int noisy)
-{
- KBNODE node;
- PKT_user_id *uid=uidnode->pkt->pkt.user_id;
- int deleted=0;
-
- assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
- assert(uidnode->pkt->pkttype==PKT_USER_ID);
-
- /* Skip valid user IDs, compacted user IDs, and non-self-signed user
- IDs if --allow-non-selfsigned-uid is set. */
- if(uid->created || uid->flags.compacted
- || (!uid->is_expired && !uid->is_revoked
- && opt.allow_non_selfsigned_uid))
- return 0;
-
- for(node=uidnode->next;
- node && node->pkt->pkttype==PKT_SIGNATURE;
- node=node->next)
- if(!node->pkt->pkt.signature->flags.chosen_selfsig)
- {
- delete_kbnode(node);
- deleted=1;
- uidnode->pkt->pkt.user_id->flags.compacted=1;
- }
-
- if(noisy)
- {
- const char *reason;
- char *user=utf8_to_native(uid->name,uid->len,0);
-
- if(uid->is_revoked)
- reason=_("revoked");
- else if(uid->is_expired)
- reason=_("expired");
- else
- reason=_("invalid");
-
- log_info("compacting user ID \"%s\" on key %s: %s\n",
- user,keystr_from_pk(keyblock->pkt->pkt.public_key),
- reason);
-
- xfree(user);
- }
-
- return deleted;
-}
-
-/* Needs to be called after a merge_keys_and_selfsig() */
-void
-clean_one_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only,
- int *uids_cleaned,int *sigs_cleaned)
-{
- int dummy;
-
- assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
- assert(uidnode->pkt->pkttype==PKT_USER_ID);
-
- if(!uids_cleaned)
- uids_cleaned=&dummy;
-
- if(!sigs_cleaned)
- sigs_cleaned=&dummy;
-
- /* Do clean_uid_from_key first since if it fires off, we don't
- have to bother with the other */
- *uids_cleaned+=clean_uid_from_key(keyblock,uidnode,noisy);
- if(!uidnode->pkt->pkt.user_id->flags.compacted)
- *sigs_cleaned+=clean_sigs_from_uid(keyblock,uidnode,noisy,self_only);
-}
-
-void
-clean_key(KBNODE keyblock,int noisy,int self_only,
- int *uids_cleaned,int *sigs_cleaned)
-{
- KBNODE uidnode;
-
- merge_keys_and_selfsig(keyblock);
-
- for(uidnode=keyblock->next;
- uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY;
- uidnode=uidnode->next)
- if(uidnode->pkt->pkttype==PKT_USER_ID)
- clean_one_uid(keyblock,uidnode,noisy,self_only,
- uids_cleaned,sigs_cleaned);
-}
/* Returns a sanitized copy of the regexp (which might be "", but not
NULL). */
@@ -2449,10 +1883,10 @@ validate_keys (int interactive)
k->kid[0]=kid[0];
k->kid[1]=kid[1];
k->ownertrust =
- (get_ownertrust (kar->keyblock->pkt->pkt.public_key)
- & TRUST_MASK);
- k->min_ownertrust =
- get_min_ownertrust(kar->keyblock->pkt->pkt.public_key);
+ (tdb_get_ownertrust
+ (kar->keyblock->pkt->pkt.public_key) & TRUST_MASK);
+ k->min_ownertrust = tdb_get_min_ownertrust
+ (kar->keyblock->pkt->pkt.public_key);
k->trust_depth=
kar->keyblock->pkt->pkt.public_key->trust_depth;
k->trust_value=
diff --git a/g10/trustdb.h b/g10/trustdb.h
index 0a9ce33..f190f72 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -38,30 +38,89 @@
#define NAMEHASH_LEN 20
+
+/*
+ * A structure to store key identification as well as some stuff needed
+ * for validation
+ */
+struct key_item {
+ struct key_item *next;
+ unsigned int ownertrust,min_ownertrust;
+ byte trust_depth;
+ byte trust_value;
+ char *trust_regexp;
+ u32 kid[2];
+};
+
+
+/*
+ * Check whether the signature SIG is in the klist K.
+ */
+static inline struct key_item *
+is_in_klist (struct key_item *k, PKT_signature *sig)
+{
+ for (; k; k = k->next)
+ {
+ if (k->kid[0] == sig->keyid[0] && k->kid[1] == sig->keyid[1])
+ return k;
+ }
+ return NULL;
+}
+
+
+
+/*-- trust.c --*/
+int cache_disabled_value (PKT_public_key *pk);
+void register_trusted_keyid (u32 *keyid);
+void register_trusted_key (const char *string);
+
+const char *trust_value_to_string (unsigned int value);
+int string_to_trust_value (const char *str);
+const char *uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid);
+
+unsigned int get_ownertrust (PKT_public_key *pk);
+void update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
+int clear_ownertrusts (PKT_public_key *pk);
+
+void revalidation_mark (void);
+void check_trustdb_stale (void);
+void check_or_update_trustdb (void);
+
+unsigned int get_validity (PKT_public_key *pk, PKT_user_id *uid);
+int get_validity_info (PKT_public_key *pk, PKT_user_id *uid);
+const char *get_validity_string (PKT_public_key *pk, PKT_user_id *uid);
+
+void mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
+ u32 *main_kid, struct key_item *klist,
+ u32 curtime, u32 *next_expire);
+
+void clean_one_uid (kbnode_t keyblock, kbnode_t uidnode,
+ int noisy, int self_only,
+ int *uids_cleaned, int *sigs_cleaned);
+void clean_key (kbnode_t keyblock, int noisy, int self_only,
+ int *uids_cleaned,int *sigs_cleaned);
+
+
+
/*-- trustdb.c --*/
-void register_trusted_keyid(u32 *keyid);
-void register_trusted_key( const char *string );
+void tdb_register_trusted_keyid (u32 *keyid);
+void tdb_register_trusted_key (const char *string);
void check_trustdb (void);
void update_trustdb (void);
int setup_trustdb( int level, const char *dbname );
void how_to_fix_the_trustdb (void);
void init_trustdb( void );
-void check_trustdb_stale(void);
+void tdb_check_trustdb_stale (void);
void sync_trustdb( void );
-const char *uid_trust_string_fixed(PKT_public_key *key,PKT_user_id *uid);
-const char *trust_value_to_string (unsigned int value);
-int string_to_trust_value (const char *str);
-
-void revalidation_mark (void);
+void tdb_revalidation_mark (void);
int trustdb_pending_check(void);
-void trustdb_check_or_update(void);
+void tdb_check_or_update (void);
-int cache_disabled_value(PKT_public_key *pk);
+int tdb_cache_disabled_value (PKT_public_key *pk);
-unsigned int get_validity (PKT_public_key *pk, PKT_user_id *uid);
-int get_validity_info (PKT_public_key *pk, PKT_user_id *uid);
-const char *get_validity_string (PKT_public_key *pk, PKT_user_id *uid);
+unsigned int tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid,
+ PKT_public_key *main_pk);
void list_trust_path( const char *username );
int enum_cert_paths( void **context, ulong *lid,
@@ -73,18 +132,13 @@ void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
byte *marginals,byte *completes,byte *cert_depth,
byte *min_cert_level);
-unsigned int get_ownertrust (PKT_public_key *pk);
-unsigned int get_min_ownertrust (PKT_public_key *pk);
+unsigned int tdb_get_ownertrust (PKT_public_key *pk);
+unsigned int tdb_get_min_ownertrust (PKT_public_key *pk);
int get_ownertrust_info (PKT_public_key *pk);
const char *get_ownertrust_string (PKT_public_key *pk);
-void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
-int clear_ownertrusts (PKT_public_key *pk);
-
-void clean_one_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only,
- int *uids_cleaned,int *sigs_cleaned);
-void clean_key(KBNODE keyblock,int noisy,int self_only,
- int *uids_cleaned,int *sigs_cleaned);
+void tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
+int tdb_clear_ownertrusts (PKT_public_key *pk);
/*-- tdbdump.c --*/
void list_trustdb(const char *username);
diff --git a/tests/openpgp/armencrypt.test b/tests/openpgp/armencrypt.test
index df37294..ce1067e 100755
--- a/tests/openpgp/armencrypt.test
+++ b/tests/openpgp/armencrypt.test
@@ -12,7 +12,7 @@
#info Checking armored encryption
for i in $plain_files $data_files ; do
- $GPG --always-trust -ea -o x --yes -r "$usrname2" $i
+ $GPG ${opt_always} -ea -o x --yes -r "$usrname2" $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
done
diff --git a/tests/openpgp/armencryptp.test b/tests/openpgp/armencryptp.test
index 9246b6d..dfebb48 100755
--- a/tests/openpgp/armencryptp.test
+++ b/tests/openpgp/armencryptp.test
@@ -12,7 +12,7 @@
#info Checking armored encryption with a pipe
for i in $plain_files $data_files ; do
- $GPG --always-trust -ea --yes -r "$usrname2" < $i | tee x | $GPG -o y --yes
+ $GPG ${opt_always} -ea --yes -r "$usrname2" < $i | tee x | $GPG -o y --yes
cmp $i y || error "$i: mismatch"
$GPG --yes < x > y
cmp $i y || error "$i: mismatch"
diff --git a/tests/openpgp/armsignencrypt.test b/tests/openpgp/armsignencrypt.test
index 5b392df..c50a12d 100755
--- a/tests/openpgp/armsignencrypt.test
+++ b/tests/openpgp/armsignencrypt.test
@@ -13,7 +13,7 @@
#info Checking armored signing and encryption
for i in $plain_files $data_files ; do
- echo "$usrpass1" | $GPG --passphrase-fd 0 --always-trust \
+ echo "$usrpass1" | $GPG --passphrase-fd 0 ${opt_always} \
-sae -o x --yes -r "$usrname2" $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
diff --git a/tests/openpgp/defs.inc b/tests/openpgp/defs.inc
index 49e085e..008d32a 100755
--- a/tests/openpgp/defs.inc
+++ b/tests/openpgp/defs.inc
@@ -226,6 +226,15 @@ PINENTRY="$(cd $srcdir && /bin/pwd)/pinentry.sh"
# Default to empty passphrase for pinentry.sh
PINENTRY_USER_DATA=
+# If --check-trustdb is not an option, GPG has been build without
+# trust model support. Thus we can't use --always-trust and some
+# other options.
+if $GPG --dump-options | grep '^--check-trustdb$' >/dev/null ; then
+ opt_always="--always-trust"
+else
+ opt_always=
+fi
+
# Make sure we have a valid option files even with VPATH builds.
for f in gpg.conf gpg-agent.conf ; do
if [ -f ./$f ]; then
@@ -234,8 +243,10 @@ for f in gpg.conf gpg-agent.conf ; do
cat $srcdir/$f.tmpl >$f
case "$f" in
gpg.conf)
+ [ -n "${opt_always}" ] && echo "no-auto-check-trustdb" >>"$f"
echo "agent-program $GPG_AGENT" >>"$f"
- ;;
+
+ ;;
gpg-agent.conf)
echo "pinentry-program $PINENTRY" >>"$f"
;;
diff --git a/tests/openpgp/ecc.test b/tests/openpgp/ecc.test
index 01e1e06..062a1ae 100755
--- a/tests/openpgp/ecc.test
+++ b/tests/openpgp/ecc.test
@@ -203,7 +203,7 @@ info "Checking ECC encryption and decryption."
for i in $plain_files $data_files ; do
for k in $mainkeyids ; do
info "file: $i key: $k"
- $GPG --always-trust -e -o x --yes -r $k $i
+ $GPG ${opt_always} -e -o x --yes -r $k $i
$GPG -o y --yes x
cmp $i y || error "$i,$k: mismatch"
done
diff --git a/tests/openpgp/encrypt-dsa.test b/tests/openpgp/encrypt-dsa.test
index 8ae93d8..7ce670e 100755
--- a/tests/openpgp/encrypt-dsa.test
+++ b/tests/openpgp/encrypt-dsa.test
@@ -12,7 +12,7 @@
#info Checking encryption
for i in $plain_files $data_files ; do
- $GPG --always-trust -e -o x --yes -r "$dsa_usrname2" $i
+ $GPG ${opt_always} -e -o x --yes -r "$dsa_usrname2" $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
done
@@ -20,7 +20,7 @@ done
for ca in `all_cipher_algos` ; do
progress "$ca"
for i in $plain_files $data_files ; do
- $GPG --always-trust --cipher-algo $ca -e \
+ $GPG ${opt_always} --cipher-algo $ca -e \
-o x --yes -r "$dsa_usrname2" $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
diff --git a/tests/openpgp/encrypt.test b/tests/openpgp/encrypt.test
index 5ef5196..295a6c3 100755
--- a/tests/openpgp/encrypt.test
+++ b/tests/openpgp/encrypt.test
@@ -12,7 +12,7 @@
#info Checking encryption
for i in $plain_files $data_files ; do
- $GPG --always-trust -e -o x --yes -r "$usrname2" $i
+ $GPG ${opt_always} -e -o x --yes -r "$usrname2" $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
done
@@ -21,7 +21,7 @@ echo_n " > "
for ca in `all_cipher_algos` ; do
echo_n "$ca "
for i in $plain_files $data_files ; do
- $GPG --always-trust -e -o x --yes -r "$usrname2" --cipher-algo $ca $i
+ $GPG ${opt_always} -e -o x --yes -r "$usrname2" --cipher-algo $ca $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
done
diff --git a/tests/openpgp/encryptp.test b/tests/openpgp/encryptp.test
index 984f56a..3ad7119 100755
--- a/tests/openpgp/encryptp.test
+++ b/tests/openpgp/encryptp.test
@@ -12,7 +12,7 @@
#info Checking encryption with a pipe
for i in $plain_files $data_files ; do
- $GPG --always-trust -e --yes -r "$usrname2" <$i | $GPG --yes > y
+ $GPG ${opt_always} -e --yes -r "$usrname2" <$i | $GPG --yes > y
cmp $i y || error "$i: mismatch"
done
diff --git a/tests/openpgp/gpg.conf.tmpl b/tests/openpgp/gpg.conf.tmpl
index 7060a66..19f3180 100644
--- a/tests/openpgp/gpg.conf.tmpl
+++ b/tests/openpgp/gpg.conf.tmpl
@@ -2,4 +2,3 @@ no-greeting
no-secmem-warning
no-permission-warning
batch
-no-auto-check-trustdb
diff --git a/tests/openpgp/seat.test b/tests/openpgp/seat.test
index 8a5f399..b400e72 100755
--- a/tests/openpgp/seat.test
+++ b/tests/openpgp/seat.test
@@ -11,7 +11,7 @@
. $srcdir/defs.inc || exit 3
for i in $plain_files ; do
- echo "$usrpass1" | $GPG --passphrase-fd 0 --always-trust -seat \
+ echo "$usrpass1" | $GPG --passphrase-fd 0 ${opt_always} -seat \
-r two at example.com -o x --yes $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
diff --git a/tests/openpgp/signencrypt-dsa.test b/tests/openpgp/signencrypt-dsa.test
index dd724c9..2fb2bb1 100755
--- a/tests/openpgp/signencrypt-dsa.test
+++ b/tests/openpgp/signencrypt-dsa.test
@@ -12,7 +12,7 @@
#info Checking signing and encryption for DSA
for i in $plain_files $data_files ; do
- $GPG --always-trust -se -o x --yes \
+ $GPG ${opt_always} -se -o x --yes \
-u "$dsa_usrname1" -r "$dsa_usrname2" $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
@@ -27,7 +27,7 @@ fi
for da in $algos; do
for i in $plain_files; do
- $GPG --always-trust -se -o x --yes --digest-algo $da \
+ $GPG ${opt_always} -se -o x --yes --digest-algo $da \
-u "$dsa_usrname1" -r "$dsa_usrname2" $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
diff --git a/tests/openpgp/signencrypt.test b/tests/openpgp/signencrypt.test
index 8ccbaf7..5644bef 100755
--- a/tests/openpgp/signencrypt.test
+++ b/tests/openpgp/signencrypt.test
@@ -13,7 +13,7 @@
info "Checking signing and encryption"
for i in $plain_files $data_files ; do
- echo "$usrpass1" | $GPG --passphrase-fd 0 --always-trust \
+ echo "$usrpass1" | $GPG --passphrase-fd 0 ${opt_always} \
-se -o x --yes -r "$usrname2" $i
$GPG -o y --yes x
cmp $i y || error "$i: mismatch"
commit ea7f895319e89150e5613b6d20f21410f99d6f22
Author: Werner Koch <wk at gnupg.org>
Date: Mon Feb 10 10:41:48 2014 +0100
tests: Handle disabled algorithms.
* tests/openpgp/mds.test: Skip disabled algorithms.
* tests/openpgp/signencrypt-dsa.test: Ditto.
* tests/openpgp/sigs-dsa.test: Ditto.
diff --git a/tests/openpgp/mds.test b/tests/openpgp/mds.test
index a4583a1..944f535 100755
--- a/tests/openpgp/mds.test
+++ b/tests/openpgp/mds.test
@@ -23,11 +23,19 @@ failed=""
#info Checking message digests
cat /dev/null | $GPG --with-colons --print-mds >y
# MD5
-test_one ":1:" "D41D8CD98F00B204E9800998ECF8427E"
+if have_hash_algo "MD5"; then
+ test_one ":1:" "D41D8CD98F00B204E9800998ECF8427E"
+else
+ echo "Hash algorithm MD5 is not installed (not an error)"
+fi
# SHA-1
test_one ":2:" "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709"
# RMD160
-test_one ":3:" "9C1185A5C5E9FC54612808977EE8F548B2258D31"
+if have_hash_algo "RIPEMD160"; then
+ test_one ":3:" "9C1185A5C5E9FC54612808977EE8F548B2258D31"
+else
+ echo "Hash algorithm RIPEMD160 is not installed (not an error)"
+fi
# SHA-224
if have_hash_algo "SHA224"; then
test_one ":11:" "D14A028C2A3A2BC9476102BB288234C415A2B01F828EA62AC5B3E42F"
@@ -56,9 +64,13 @@ fi
[ "$failed" != "" ] && error "$failed failed for empty string"
echo_n "abcdefghijklmnopqrstuvwxyz" | $GPG --with-colons --print-mds >y
-test_one ":1:" "C3FCD3D76192E4007DFB496CCA67E13B"
+if have_hash_algo "MD5"; then
+ test_one ":1:" "C3FCD3D76192E4007DFB496CCA67E13B"
+fi
test_one ":2:" "32D10C7B8CF96570CA04CE37F2A19D84240D3A89"
-test_one ":3:" "F71C27109C692C1B56BBDCEB5B9D2865B3708DBC"
+if have_hash_algo "RIPEMD160"; then
+ test_one ":3:" "F71C27109C692C1B56BBDCEB5B9D2865B3708DBC"
+fi
if have_hash_algo "SHA224"; then
test_one ":11:" "45A5F72C39C5CFF2522EB3429799E49E5F44B356EF926BCF390DCCC2"
fi
diff --git a/tests/openpgp/signencrypt-dsa.test b/tests/openpgp/signencrypt-dsa.test
index 9473099..dd724c9 100755
--- a/tests/openpgp/signencrypt-dsa.test
+++ b/tests/openpgp/signencrypt-dsa.test
@@ -18,7 +18,14 @@ for i in $plain_files $data_files ; do
cmp $i y || error "$i: mismatch"
done
-for da in ripemd160 sha1; do
+algos="sha1"
+if have_hash_algo "RIPEMD160"; then
+ algos="ripemd160 $algos"
+else
+ echo "Hash algorithm RIPEMD160 is not installed (not an error)"
+fi
+
+for da in $algos; do
for i in $plain_files; do
$GPG --always-trust -se -o x --yes --digest-algo $da \
-u "$dsa_usrname1" -r "$dsa_usrname2" $i
diff --git a/tests/openpgp/sigs-dsa.test b/tests/openpgp/sigs-dsa.test
index e4f812a..4ba43ac 100755
--- a/tests/openpgp/sigs-dsa.test
+++ b/tests/openpgp/sigs-dsa.test
@@ -17,7 +17,14 @@ for i in $plain_files $data_files; do
cmp $i y || error "$i: mismatch"
done
-for da in ripemd160 sha1; do
+algos="sha1"
+if have_hash_algo "RIPEMD160"; then
+ algos="ripemd160 $algos"
+else
+ echo "Hash algorithm RIPEMD160 is not installed (not an error)"
+fi
+
+for da in $algos; do
for i in $plain_files; do
$GPG --digest-algo $da -s -o x --yes -u $dsa_usrname1 $i
$GPG -o y --yes x
commit 111f082487dc7a2a50375e24203de31b000e0dea
Author: Werner Koch <wk at gnupg.org>
Date: Wed Nov 27 18:38:20 2013 +0100
Silence annoying ABI change warning.
* configure.ac [GCC]: Pass -Wno-psabi for gcc >= 4.6. Avoid some gcc
option tests for gcc >= 4.6
--
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit d04399a6a8b36a7fea92c304aa7309956a2e352b)
Resolved Conflicts:
configure.ac: merged.
diff --git a/configure.ac b/configure.ac
index 1db7bc8..98de678 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1478,21 +1478,36 @@ AC_SUBST(W32SOCKLIBS)
#
AC_MSG_NOTICE([checking for cc features])
if test "$GCC" = yes; then
- # Note that it is okay to use CFLAGS here because this are just
+ # Check whether gcc does not emit a diagnositc for unknow -Wno-*
+ # options. This is the case for gcc >= 4.6
+ AC_MSG_CHECKING([if gcc ignores unknown -Wno-* options])
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#if __GNUC__ < 4 || (__GNUC__ == 4 && __GNUC_MINOR__ < 6 )
+#kickerror
+#endif]],[])],[_gcc_silent_wno=yes],[_gcc_silent_wno=no])
+ AC_MSG_RESULT($_gcc_silent_wno)
+
+ # Note that it is okay to use CFLAGS here because these are just
# warning options and the user should have a chance of overriding
# them.
if test "$USE_MAINTAINER_MODE" = "yes"; then
CFLAGS="$CFLAGS -O3 -Wall -Wcast-align -Wshadow -Wstrict-prototypes"
CFLAGS="$CFLAGS -Wformat -Wno-format-y2k -Wformat-security"
- AC_MSG_CHECKING([if gcc supports -Wno-missing-field-initializers])
- _gcc_cflags_save=$CFLAGS
- CFLAGS="-Wno-missing-field-initializers"
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],_gcc_wopt=yes,_gcc_wopt=no)
- AC_MSG_RESULT($_gcc_wopt)
- CFLAGS=$_gcc_cflags_save;
+ if test x"$_gcc_silent_wno" = xyes ; then
+ _gcc_wopt=yes
+ else
+ AC_MSG_CHECKING([if gcc supports -Wno-missing-field-initializers])
+ _gcc_cflags_save=$CFLAGS
+ CFLAGS="-Wno-missing-field-initializers"
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],
+ [_gcc_wopt=yes],[_gcc_wopt=no])
+ AC_MSG_RESULT($_gcc_wopt)
+ CFLAGS=$_gcc_cflags_save;
+ fi
if test x"$_gcc_wopt" = xyes ; then
CFLAGS="$CFLAGS -W -Wno-sign-compare -Wno-missing-field-initializers"
fi
+
AC_MSG_CHECKING([if gcc supports -Wdeclaration-after-statement])
_gcc_cflags_save=$CFLAGS
CFLAGS="-Wdeclaration-after-statement"
@@ -1506,12 +1521,17 @@ if test "$GCC" = yes; then
CFLAGS="$CFLAGS -Wall"
fi
- AC_MSG_CHECKING([if gcc supports -Wno-pointer-sign])
- _gcc_cflags_save=$CFLAGS
- CFLAGS="-Wno-pointer-sign"
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],_gcc_psign=yes,_gcc_psign=no)
- AC_MSG_RESULT($_gcc_psign)
- CFLAGS=$_gcc_cflags_save;
+ if test x"$_gcc_silent_wno" = xyes ; then
+ _gcc_psign=yes
+ else
+ AC_MSG_CHECKING([if gcc supports -Wno-pointer-sign])
+ _gcc_cflags_save=$CFLAGS
+ CFLAGS="-Wno-pointer-sign"
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],
+ [_gcc_psign=yes],[_gcc_psign=no])
+ AC_MSG_RESULT($_gcc_psign)
+ CFLAGS=$_gcc_cflags_save;
+ fi
if test x"$_gcc_psign" = xyes ; then
CFLAGS="$CFLAGS -Wno-pointer-sign"
fi
@@ -1525,6 +1545,14 @@ if test "$GCC" = yes; then
if test x"$_gcc_psign" = xyes ; then
CFLAGS="$CFLAGS -Wpointer-arith"
fi
+
+ # The undocumented option -Wno-psabi suppresses the annoying
+ # "the ABI of passing union with long double has changed in GCC 4.4"
+ # which is emitted in estream-printf.c but entirely irrelvant
+ # because that union is local to the file.
+ if test x"$_gcc_silent_wno" = xyes ; then
+ CFLAGS="$CFLAGS -Wno-psabi"
+ fi
fi
commit 8e0ba4ecd3897c748ac2f06028406604ae7baced
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 7 13:46:36 2014 +0100
Allow disabling of card support.
* configure.ac: Add option --disable-card-support. Also add
am_conditional and do not build scd if card support is enabled.
diff --git a/configure.ac b/configure.ac
index 9476dc4..1db7bc8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,6 +1,7 @@
# configure.ac - for GnuPG 2.1
# Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
# 2008, 2009, 2010, 2011, 2012 Free Software Foundation, Inc.
+# Copyright (C) 2013, 2014 Werner Koch
#
# This file is part of GnuPG.
#
@@ -87,6 +88,7 @@ use_zip=yes
use_bzip2=yes
use_exec=yes
disable_keyserver_path=no
+card_support=yes
use_ccid_driver=yes
use_standard_socket=yes
dirmngr_auto_start=no
@@ -388,6 +390,19 @@ AC_ARG_WITH(capabilities,
[use_capabilities="$withval"],[use_capabilities=no])
AC_MSG_RESULT($use_capabilities)
+#
+# Check whether to disable the card support
+AC_MSG_CHECKING([whether smartcard support is requested])
+AC_ARG_ENABLE(card-support,
+ AC_HELP_STRING([--disable-card-support],
+ [disable smartcard support]),
+ card_support=$enableval)
+AC_MSG_RESULT($card_support)
+if test "$card_support" = yes ; then
+ AC_DEFINE(ENABLE_CARD_SUPPORT,1,[Define to include smartcard support])
+else
+ build_scdaemon=no
+fi
#
# Allow disabling of internal CCID support.
@@ -547,9 +562,6 @@ AH_BOTTOM([
handler. */
#define HTTP_NO_WSASTARTUP
-/* We always include support for the OpenPGP card. */
-#define ENABLE_CARD_SUPPORT 1
-
/* We want to use the libgcrypt provided memory allocation for
asprintf. */
#define _ESTREAM_PRINTF_REALLOC gcry_realloc
@@ -1561,7 +1573,7 @@ if test "$build_agent_only" = "yes" ; then
fi
#
-# Set variables for use by th automake makefile.
+# Set variables for use by automake makefiles.
#
AM_CONDITIONAL(BUILD_GPG, test "$build_gpg" = "yes")
AM_CONDITIONAL(BUILD_GPGSM, test "$build_gpgsm" = "yes")
@@ -1574,6 +1586,8 @@ AM_CONDITIONAL(BUILD_DOC, test "$build_doc" = "yes")
AM_CONDITIONAL(BUILD_SYMCRYPTRUN, test "$build_symcryptrun" = "yes")
AM_CONDITIONAL(BUILD_GPGTAR, test "$build_gpgtar" = "yes")
+AM_CONDITIONAL(ENABLE_CARD_SUPPORT, test "$card_support" = yes)
+
AM_CONDITIONAL(RUN_GPG_TESTS,
test x$cross_compiling = xno -a "$build_gpg" = yes )
diff --git a/g10/Makefile.am b/g10/Makefile.am
index 415822a..fe442cf 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -42,6 +42,12 @@ else
bzip2_source =
endif
+if ENABLE_CARD_SUPPORT
+card_source = card-util.c
+else
+card_source =
+endif
+
if HAVE_W32_SYSTEM
resource_objs += gpg-w32info.o
endif
@@ -110,7 +116,7 @@ gpg2_SOURCES = gpg.c \
call-dirmngr.c call-dirmngr.h \
photoid.c photoid.h \
call-agent.c call-agent.h \
- card-util.c \
+ $(card_source) \
exec.c exec.h
gpgv2_SOURCES = gpgv.c \
commit 357b142e7225e5c7f1e0f9768f48e833d5804b6a
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 7 13:45:11 2014 +0100
gpg: List only available algos in --gen-key.
* g10/keygen.c (ask_algo, ask_curve): Take care of GPG_USE_<algo>.
diff --git a/g10/keygen.c b/g10/keygen.c
index 50919fd..b4b32c0 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -1798,25 +1798,35 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
tty_printf (_("Please select what kind of key you want:\n"));
+#if GPG_USE_RSA
if (!addmode)
tty_printf (_(" (%d) RSA and RSA (default)\n"), 1 );
+#endif
+
if (!addmode)
tty_printf (_(" (%d) DSA and Elgamal\n"), 2 );
tty_printf (_(" (%d) DSA (sign only)\n"), 3 );
+#if GPG_USE_RSA
tty_printf (_(" (%d) RSA (sign only)\n"), 4 );
+#endif
if (addmode)
{
tty_printf (_(" (%d) Elgamal (encrypt only)\n"), 5 );
+#if GPG_USE_RSA
tty_printf (_(" (%d) RSA (encrypt only)\n"), 6 );
+#endif
}
if (opt.expert)
{
tty_printf (_(" (%d) DSA (set your own capabilities)\n"), 7 );
+#if GPG_USE_RSA
tty_printf (_(" (%d) RSA (set your own capabilities)\n"), 8 );
+#endif
}
+#if GPG_USE_ECDSA || GPG_USE_ECDH || GPG_USE_EDDSA
if (opt.expert && !addmode)
tty_printf (_(" (%d) ECC\n"), 9 );
if (opt.expert)
@@ -1825,6 +1835,7 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
tty_printf (_(" (%d) ECC (set your own capabilities)\n"), 11 );
if (opt.expert && addmode)
tty_printf (_(" (%d) ECC (encrypt only)\n"), 12 );
+#endif
if (opt.expert && r_keygrip)
tty_printf (_(" (%d) Existing key\n"), 13 );
@@ -2087,7 +2098,10 @@ ask_curve (void)
int expert_only;
const char *pretty_name;
} curves[] = {
+#if GPG_USE_EDDSA
{ "Ed25519", 0, 0, "Curve 25519" },
+#endif
+#if GPG_USE_ECDSA || GPG_USE_ECDH
{ "NIST P-256", 0, 1, },
{ "NIST P-384", 0, 0, },
{ "NIST P-521", 0, 1, },
@@ -2095,6 +2109,7 @@ ask_curve (void)
{ "brainpoolP384r1", 0, 1, "Brainpool P-384" },
{ "brainpoolP512r1", 0, 1, "Brainpool P-512" },
{ "secp256k1", 0, 1 },
+#endif
};
int idx;
char *answer;
commit 54a11729fb71ba06e318fe229d0a230686ed4dc8
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 7 13:43:39 2014 +0100
gpg: Change --print-mds to output enabled OpenPGP algos.
* g10/gpg.c (print_mds): Use opengpg_md_test_algo. Test also for MD5
availibility.
diff --git a/g10/gpg.c b/g10/gpg.c
index a487913..0365226 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -4333,9 +4333,11 @@ print_mds( const char *fname, int algo )
if( algo )
gcry_md_enable (md, algo);
else {
- gcry_md_enable (md, GCRY_MD_MD5);
+ if (!openpgp_md_test_algo (GCRY_MD_MD5))
+ gcry_md_enable (md, GCRY_MD_MD5);
gcry_md_enable (md, GCRY_MD_SHA1);
- gcry_md_enable (md, GCRY_MD_RMD160);
+ if (!openpgp_md_test_algo (GCRY_MD_RMD160))
+ gcry_md_enable (md, GCRY_MD_RMD160);
if (!openpgp_md_test_algo (GCRY_MD_SHA224))
gcry_md_enable (md, GCRY_MD_SHA224);
if (!openpgp_md_test_algo (GCRY_MD_SHA256))
@@ -4356,35 +4358,37 @@ print_mds( const char *fname, int algo )
if ( algo )
print_hashline( md, algo, fname );
else {
- print_hashline( md, GCRY_MD_MD5, fname );
+ if (!openpgp_md_test_algo (GCRY_MD_MD5))
+ print_hashline( md, GCRY_MD_MD5, fname );
print_hashline( md, GCRY_MD_SHA1, fname );
- if (!gcry_md_test_algo (GCRY_MD_RMD160))
+ if (!openpgp_md_test_algo (GCRY_MD_RMD160))
print_hashline( md, GCRY_MD_RMD160, fname );
- if (!gcry_md_test_algo (GCRY_MD_SHA224))
+ if (!openpgp_md_test_algo (GCRY_MD_SHA224))
print_hashline (md, GCRY_MD_SHA224, fname);
- if (!gcry_md_test_algo (GCRY_MD_SHA256))
+ if (!openpgp_md_test_algo (GCRY_MD_SHA256))
print_hashline( md, GCRY_MD_SHA256, fname );
- if (!gcry_md_test_algo (GCRY_MD_SHA384))
+ if (!openpgp_md_test_algo (GCRY_MD_SHA384))
print_hashline ( md, GCRY_MD_SHA384, fname );
- if (!gcry_md_test_algo (GCRY_MD_SHA512))
+ if (!openpgp_md_test_algo (GCRY_MD_SHA512))
print_hashline ( md, GCRY_MD_SHA512, fname );
}
}
else {
if( algo )
- print_hex(md,-algo,fname);
+ print_hex(md,-algo,fname);
else {
- print_hex( md, GCRY_MD_MD5, fname );
+ if (!openpgp_md_test_algo (GCRY_MD_MD5))
+ print_hex( md, GCRY_MD_MD5, fname );
print_hex( md, GCRY_MD_SHA1, fname );
- if (!gcry_md_test_algo (GCRY_MD_RMD160))
+ if (!openpgp_md_test_algo (GCRY_MD_RMD160))
print_hex( md, GCRY_MD_RMD160, fname );
- if (!gcry_md_test_algo (GCRY_MD_SHA224))
+ if (!openpgp_md_test_algo (GCRY_MD_SHA224))
print_hex (md, GCRY_MD_SHA224, fname);
- if (!gcry_md_test_algo (GCRY_MD_SHA256))
+ if (!openpgp_md_test_algo (GCRY_MD_SHA256))
print_hex( md, GCRY_MD_SHA256, fname );
- if (!gcry_md_test_algo (GCRY_MD_SHA384))
+ if (!openpgp_md_test_algo (GCRY_MD_SHA384))
print_hex( md, GCRY_MD_SHA384, fname );
- if (!gcry_md_test_algo (GCRY_MD_SHA512))
+ if (!openpgp_md_test_algo (GCRY_MD_SHA512))
print_hex( md, GCRY_MD_SHA512, fname );
}
}
commit aa76a1660613ece3fc0d774856abcbe0bb158300
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 7 09:24:52 2014 +0100
gpg: Avoid compiler warnings for disabled algos.
* g10/misc.c (map_cipher_openpgp_to_gcry): Add case for disabled algo.
(openpgp_pk_test_algo2): Ditto.
(map_md_openpgp_to_gcry): Ditto.
diff --git a/g10/misc.c b/g10/misc.c
index ef26a5a..9c28e5b 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -348,36 +348,67 @@ map_cipher_openpgp_to_gcry (cipher_algo_t algo)
switch (algo)
{
case CIPHER_ALGO_NONE: return GCRY_CIPHER_NONE;
+
#ifdef GPG_USE_IDEA
case CIPHER_ALGO_IDEA: return GCRY_CIPHER_IDEA;
+#else
+ case CIPHER_ALGO_IDEA: return 0;
#endif
+
case CIPHER_ALGO_3DES: return GCRY_CIPHER_3DES;
+
#ifdef GPG_USE_CAST5
case CIPHER_ALGO_CAST5: return GCRY_CIPHER_CAST5;
+#else
+ case CIPHER_ALGO_CAST5: return 0;
#endif
+
#ifdef GPG_USE_BLOWFISH
case CIPHER_ALGO_BLOWFISH: return GCRY_CIPHER_BLOWFISH;
+#else
+ case CIPHER_ALGO_BLOWFISH: return 0;
#endif
+
#ifdef GPG_USE_AES128
case CIPHER_ALGO_AES: return GCRY_CIPHER_AES;
+#else
+ case CIPHER_ALGO_AES: return 0;
#endif
+
#ifdef GPG_USE_AES192
case CIPHER_ALGO_AES192: return GCRY_CIPHER_AES192;
+#else
+ case CIPHER_ALGO_AES192: return 0;
#endif
+
#ifdef GPG_USE_AES256
case CIPHER_ALGO_AES256: return GCRY_CIPHER_AES256;
+#else
+ case CIPHER_ALGO_AES256: return 0;
#endif
+
#ifdef GPG_USE_TWOFISH
case CIPHER_ALGO_TWOFISH: return GCRY_CIPHER_TWOFISH;
+#else
+ case CIPHER_ALGO_TWOFISH: return 0;
#endif
+
#ifdef GPG_USE_CAMELLIA128
case CIPHER_ALGO_CAMELLIA128: return GCRY_CIPHER_CAMELLIA128;
+#else
+ case CIPHER_ALGO_CAMELLIA128: return 0;
#endif
+
#ifdef GPG_USE_CAMELLIA192
case CIPHER_ALGO_CAMELLIA192: return GCRY_CIPHER_CAMELLIA192;
+#else
+ case CIPHER_ALGO_CAMELLIA192: return 0;
#endif
+
#ifdef GPG_USE_CAMELLIA256
case CIPHER_ALGO_CAMELLIA256: return GCRY_CIPHER_CAMELLIA256;
+#else
+ case CIPHER_ALGO_CAMELLIA256: return 0;
#endif
}
return 0;
@@ -510,18 +541,31 @@ openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use)
case PUBKEY_ALGO_RSA: ga = GCRY_PK_RSA; break;
case PUBKEY_ALGO_RSA_E: ga = GCRY_PK_RSA_E; break;
case PUBKEY_ALGO_RSA_S: ga = GCRY_PK_RSA_S; break;
+#else
+ case PUBKEY_ALGO_RSA: break;
+ case PUBKEY_ALGO_RSA_E: break;
+ case PUBKEY_ALGO_RSA_S: break;
#endif
+
case PUBKEY_ALGO_ELGAMAL_E: ga = GCRY_PK_ELG; break;
case PUBKEY_ALGO_DSA: ga = GCRY_PK_DSA; break;
#ifdef GPG_USE_ECDH
case PUBKEY_ALGO_ECDH: ga = GCRY_PK_ECC; break;
+#else
+ case PUBKEY_ALGO_ECDH: break;
#endif
+
#ifdef GPG_USE_ECDSA
case PUBKEY_ALGO_ECDSA: ga = GCRY_PK_ECC; break;
+#else
+ case PUBKEY_ALGO_ECDSA: break;
#endif
+
#ifdef GPG_USE_EDDSA
case PUBKEY_ALGO_EDDSA: ga = GCRY_PK_ECC; break;
+#else
+ case PUBKEY_ALGO_EDDSA: break;
#endif
case PUBKEY_ALGO_ELGAMAL:
@@ -606,22 +650,40 @@ map_md_openpgp_to_gcry (digest_algo_t algo)
{
#ifdef GPG_USE_MD5
case DIGEST_ALGO_MD5: return GCRY_MD_MD5;
+#else
+ case DIGEST_ALGO_MD5: return 0;
#endif
+
case DIGEST_ALGO_SHA1: return GCRY_MD_SHA1;
+
#ifdef GPG_USE_RMD160
case DIGEST_ALGO_RMD160: return GCRY_MD_RMD160;
+#else
+ case DIGEST_ALGO_RMD160: return 0;
#endif
+
#ifdef GPG_USE_SHA224
case DIGEST_ALGO_SHA224: return GCRY_MD_SHA224;
+#else
+ case DIGEST_ALGO_SHA224: return 0;
#endif
+
#ifdef GPG_USE_SHA256
case DIGEST_ALGO_SHA256: return GCRY_MD_SHA256;
+#else
+ case DIGEST_ALGO_SHA256: return 0;
#endif
+
#ifdef GPG_USE_SHA384
case DIGEST_ALGO_SHA384: return GCRY_MD_SHA384;
+#else
+ case DIGEST_ALGO_SHA384: return 0;
#endif
-#ifdef GPG_USE_512
+
+#ifdef GPG_USE_SHA512
case DIGEST_ALGO_SHA512: return GCRY_MD_SHA512;
+#else
+ case DIGEST_ALGO_SHA512: return 0;
#endif
}
return 0;
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 90 ++++-
g10/Makefile.am | 21 +-
g10/gpg.c | 73 +++-
g10/import.c | 2 +-
g10/keyedit.c | 20 +-
g10/keygen.c | 15 +
g10/keylist.c | 3 +-
g10/keyserver.c | 4 +-
g10/misc.c | 64 +++-
g10/pkclist.c | 7 +-
g10/trust.c | 740 ++++++++++++++++++++++++++++++++++++
g10/trustdb.c | 630 ++----------------------------
g10/trustdb.h | 98 +++--
tests/openpgp/armencrypt.test | 2 +-
tests/openpgp/armencryptp.test | 2 +-
tests/openpgp/armsignencrypt.test | 2 +-
tests/openpgp/defs.inc | 13 +-
tests/openpgp/ecc.test | 2 +-
tests/openpgp/encrypt-dsa.test | 4 +-
tests/openpgp/encrypt.test | 4 +-
tests/openpgp/encryptp.test | 2 +-
tests/openpgp/gpg.conf.tmpl | 1 -
tests/openpgp/mds.test | 20 +-
tests/openpgp/seat.test | 2 +-
tests/openpgp/signencrypt-dsa.test | 13 +-
tests/openpgp/signencrypt.test | 2 +-
tests/openpgp/sigs-dsa.test | 9 +-
27 files changed, 1155 insertions(+), 690 deletions(-)
create mode 100644 g10/trust.c
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list