[git] GnuPG - branch, master, updated. gnupg-2.1.9-46-g9afeb4c
by Neal H. Walfield
cvs at cvs.gnupg.org
Wed Oct 21 13:52:36 CEST 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 9afeb4cca10c3632495fe71b23df99a4878bd3a5 (commit)
via 8c3b7915d675ca5346c17244654d5c6ab583ac44 (commit)
via cbaca254ac818c49c18d4480d3c7bd246cc57ae8 (commit)
via df57390d68482c5b3fa5ff3a42a29ae1b6cbb23c (commit)
via d05ff81732e20e6f9d6d7a6281a96a312b001abb (commit)
via 243f90afba87e99ca42e2451ac5cc59d00a044ac (commit)
via a79045e38d239a7f6e787cf7c1132772c737cc0e (commit)
via 85bd7d9491f8cc13c2b03f19b4f70ea13b45c704 (commit)
from 485e0a221deb5c68f29b6a7a110b349dbe41c027 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9afeb4cca10c3632495fe71b23df99a4878bd3a5
Author: Neal H. Walfield <neal at g10code.com>
Date: Wed Oct 21 13:37:11 2015 +0200
gpg: If the saved trust model is unknown, default to tofu+pgp.
* g10/trustdb.c (init_trustdb): If the saved trust model is unknown,
default to tofu+pgp instead of pgp.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/trustdb.c b/g10/trustdb.c
index e2f1935..32061e4 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -466,8 +466,8 @@ init_trustdb ()
&& opt.trust_model != TM_EXTERNAL)
{
log_info(_("unable to use unknown trust model (%d) - "
- "assuming %s trust model\n"),opt.trust_model,"PGP");
- opt.trust_model=TM_PGP;
+ "assuming %s trust model\n"),opt.trust_model,"tofu+pgp");
+ opt.trust_model = TM_TOFU_PGP;
}
if(opt.verbose)
commit 8c3b7915d675ca5346c17244654d5c6ab583ac44
Author: Neal H. Walfield <neal at g10code.com>
Date: Wed Oct 21 13:36:12 2015 +0200
gpg: Don't accidentally free UTK_LIST.
* g10/trustdb.c (validate_keys): Don't free UTK_LIST.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 022131a..e2f1935 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -2097,7 +2097,8 @@ validate_keys (int interactive)
leave:
keydb_release (kdb);
release_key_array (keys);
- release_key_items (klist);
+ if (klist != utk_list)
+ release_key_items (klist);
release_key_hash_table (full_trust);
release_key_hash_table (used);
release_key_hash_table (stored);
commit cbaca254ac818c49c18d4480d3c7bd246cc57ae8
Author: Neal H. Walfield <neal at g10code.com>
Date: Wed Oct 21 13:31:00 2015 +0200
gpg: When evaluating trust reg exps, treat tofu+pgp like pgp.
* g10/trustdb.c (validate_one_keyblock): When checking trust regular
expressions, treat the tofu+pgp trust model the same as the pgp trust
model.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 296083c..022131a 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1579,7 +1579,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
since we don't accept a regexp on the sig unless it's a
trust sig. */
if (kr && (!kr->trust_regexp
- || opt.trust_model != TM_PGP
+ || !(opt.trust_model == TM_PGP
+ || opt.trust_model == TM_TOFU_PGP)
|| (uidnode
&& check_regexp(kr->trust_regexp,
uidnode->pkt->pkt.user_id->name))))
@@ -1589,7 +1590,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
lesser trust sig or value. I could make a decent
argument for any of these cases, but this seems to be
what PGP does, and I'd like to be compatible. -dms */
- if (opt.trust_model == TM_PGP
+ if ((opt.trust_model == TM_PGP
+ || opt.trust_model == TM_TOFU_PGP)
&& sig->trust_depth
&& pk->trust_timestamp <= sig->timestamp)
{
commit df57390d68482c5b3fa5ff3a42a29ae1b6cbb23c
Author: Neal H. Walfield <neal at g10code.com>
Date: Wed Oct 21 13:35:27 2015 +0200
gpg: If a key is ultimate trusted, return that in the tofu model.
* g10/tofu.c (get_trust): If the policy is auto or none, check if the
key is ultimately trusted. If so, return that.
(tofu_register): If the key is ultimately trusted, don't show any
statistics.
(tofu_get_validity): Likewise.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
Suggested-by: Andre Heinecke <aheinecke at intevation.de>
diff --git a/g10/tofu.c b/g10/tofu.c
index 0a23626..b758875 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -1295,6 +1295,58 @@ get_trust (struct db *dbs, const char *fingerprint, const char *email,
return _tofu_GET_TRUST_ERROR;
policy = get_policy (dbs, fingerprint, email, &conflict);
+ if (policy == TOFU_POLICY_AUTO || policy == TOFU_POLICY_NONE)
+ /* See if the key is ultimately trusted. If so, we're done. */
+ {
+ int i, j;
+ char keyid[17];
+ KEYDB_SEARCH_DESC desc;
+
+ /* We need to convert the fingerprint as a string to a long
+ keyid.
+
+ FINGERPRINT has the form:
+
+ 362D 3527 F53A AD19 71AA FDE6 5885 9975 EE37 CF96
+ -------------------
+
+ The last 16 characters are the long keyid.
+ */
+ assert (strlen (fingerprint) > 4 * 4 + 3);
+ for (i = strlen (fingerprint) - (4 * 4 + 3), j = 0; j < 16; i ++, j ++)
+ {
+ if (fingerprint[i] == ' ')
+ i ++;
+ keyid[j] = fingerprint[i];
+ }
+ keyid[j] = 0;
+
+ rc = classify_user_id (keyid, &desc, 1);
+ if (rc || desc.mode != KEYDB_SEARCH_MODE_LONG_KID)
+ {
+ log_error (_("'%s' is not a valid long keyID\n"), keyid);
+ return _tofu_GET_TRUST_ERROR;
+ }
+
+ if (tdb_keyid_is_utk (desc.u.kid))
+ {
+ if (policy == TOFU_POLICY_NONE)
+ {
+ if (record_binding (dbs, fingerprint, email, user_id,
+ TOFU_POLICY_AUTO, 0) != 0)
+ {
+ log_error (_("error setting TOFU binding's trust level to %s\n"),
+ "auto");
+ trust_level = _tofu_GET_TRUST_ERROR;
+ goto out;
+ }
+ }
+
+ trust_level = TRUST_ULTIMATE;
+ goto out;
+ }
+ }
+
if (policy == TOFU_POLICY_AUTO)
{
policy = opt.tofu_default_policy;
@@ -2261,7 +2313,7 @@ tofu_register (const byte *fingerprint_bin, const char *user_id,
}
die:
- if (may_ask)
+ if (may_ask && trust_level != TRUST_ULTIMATE)
/* It's only appropriate to show the statistics in an interactive
context. */
show_statistics (dbs, fingerprint, email, user_id,
@@ -2367,7 +2419,7 @@ tofu_get_validity (const byte *fingerprint_bin, const char *user_id,
/* An error. */
trust_level = TRUST_UNDEFINED;
- if (may_ask)
+ if (may_ask && trust_level != TRUST_ULTIMATE)
show_statistics (dbs, fingerprint, email, user_id, NULL);
die:
commit d05ff81732e20e6f9d6d7a6281a96a312b001abb
Author: Neal H. Walfield <neal at g10code.com>
Date: Wed Oct 21 13:28:15 2015 +0200
gpg: Keep the trust DB up to date for the tofu and tofu+pgp models.
* g10/trustdb.c (init_trustdb): Recognize tofu and tofu+pgp as
possibly saved trust models. Also register the ultimately trusted
keys if the trust model is tofu or tofu+pgp.
(check_trustdb): Don't skip if the trust model is tofu or tofu+pgp.
(update_trustdb): Likewise.
(tdb_check_trustdb_stale): Likewise.
(validate_keys): If the trust model is TOFU, just write out the
ultimately trusted keys.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 1be98b5..296083c 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -459,9 +459,11 @@ init_trustdb ()
opt.trust_model=tdbio_read_model();
/* Sanity check this ;) */
- if(opt.trust_model!=TM_CLASSIC
- && opt.trust_model!=TM_PGP
- && opt.trust_model!=TM_EXTERNAL)
+ if(opt.trust_model != TM_CLASSIC
+ && opt.trust_model != TM_PGP
+ && opt.trust_model != TM_TOFU_PGP
+ && opt.trust_model != TM_TOFU
+ && opt.trust_model != TM_EXTERNAL)
{
log_info(_("unable to use unknown trust model (%d) - "
"assuming %s trust model\n"),opt.trust_model,"PGP");
@@ -472,7 +474,8 @@ init_trustdb ()
log_info(_("using %s trust model\n"),trust_model_string());
}
- if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
+ if (opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC
+ || opt.trust_model == TM_TOFU || opt.trust_model == TM_TOFU_PGP)
{
/* Verify the list of ultimately trusted keys and move the
--trusted-keys list there as well. */
@@ -494,7 +497,8 @@ void
check_trustdb ()
{
init_trustdb();
- if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
+ if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
+ || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
{
if (opt.batch && !opt.answer_yes)
{
@@ -530,7 +534,8 @@ void
update_trustdb()
{
init_trustdb();
- if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
+ if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
+ || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
validate_keys (1);
else
log_info (_("no need for a trustdb update with '%s' trust model\n"),
@@ -946,7 +951,8 @@ tdb_check_trustdb_stale (void)
return; /* No trustdb => can't be stale. */
if (!did_nextcheck
- && (opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC))
+ && (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
+ || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU))
{
ulong scheduled;
@@ -1938,6 +1944,11 @@ validate_keys (int interactive)
do_sync ();
}
+ if (opt.trust_model == TM_TOFU)
+ /* In the TOFU trust model, we only need to save the ultimately
+ trusted keys. */
+ goto leave;
+
klist = utk_list;
log_info(_("%d marginal(s) needed, %d complete(s) needed, %s trust model\n"),
commit 243f90afba87e99ca42e2451ac5cc59d00a044ac
Author: Neal H. Walfield <neal at g10code.com>
Date: Wed Oct 21 12:52:56 2015 +0200
gpg: Factor out code into a standalone function.
* g10/trustdb.c (tdb_keyid_is_utk): New function.
(add_utk): Use it.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/trustdb.c b/g10/trustdb.c
index cadc7e9..1be98b5 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -229,13 +229,8 @@ add_utk (u32 *kid)
{
struct key_item *k;
- for (k = utk_list; k; k = k->next)
- {
- if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
- {
- return 0;
- }
- }
+ if (tdb_keyid_is_utk (kid))
+ return 0;
k = new_key_item ();
k->kid[0] = kid[0];
@@ -317,6 +312,18 @@ verify_own_keys(void)
return;
}
+/* Returns whether KID is on the list of ultimately trusted keys. */
+int
+tdb_keyid_is_utk (u32 *kid)
+{
+ struct key_item *k;
+
+ for (k = utk_list; k; k = k->next)
+ if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
+ return 1;
+
+ return 0;
+}
/*********************************************
*********** TrustDB stuff *******************
diff --git a/g10/trustdb.h b/g10/trustdb.h
index adb75d7..718f779 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -111,6 +111,8 @@ void clean_key (kbnode_t keyblock, int noisy, int self_only,
/*-- trustdb.c --*/
void tdb_register_trusted_keyid (u32 *keyid);
void tdb_register_trusted_key (const char *string);
+/* Returns whether KID is on the list of ultimately trusted keys. */
+int tdb_keyid_is_utk (u32 *kid);
void check_trustdb (void);
void update_trustdb (void);
int setup_trustdb( int level, const char *dbname );
commit a79045e38d239a7f6e787cf7c1132772c737cc0e
Author: Neal H. Walfield <neal at g10code.com>
Date: Tue Oct 20 20:53:40 2015 +0200
dirmngr: Allow building with libassuan < 2.3.
* dirmngr/http.c (send_request): Use newer assuan function only if
available.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
Regression-due-to: 4e42ad30
diff --git a/dirmngr/http.c b/dirmngr/http.c
index c2a0431..1365ea1 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -1475,7 +1475,9 @@ send_request (http_t hd, const char *httphost, const char *auth,
{
int mode;
+#if ASSUAN_VERSION_NUMBER >= 0x020300 /* >= 2.3.0 */
if (assuan_sock_get_flag (ASSUAN_INVALID_FD, "tor-mode", &mode) || !mode)
+#endif
{
log_error ("TOR support is not available\n");
return gpg_err_make (default_errsource, GPG_ERR_NOT_IMPLEMENTED);
commit 85bd7d9491f8cc13c2b03f19b4f70ea13b45c704
Author: Neal H. Walfield <neal at g10code.com>
Date: Tue Oct 20 20:42:44 2015 +0200
gpg: Make the tofu DB check and initialization atomic.
* g10/tofu.c (initdb): Make the version check and the database
initialization atomic.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
Co-authored-by: Andre Heinecke <aheinecke at intevation.de>
diff --git a/g10/tofu.c b/g10/tofu.c
index 4ad44eb..0a23626 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -248,6 +248,15 @@ initdb (sqlite3 *db, enum db_type type)
unsigned long int count;
int version = -1;
+ rc = sqlite3_exec (db, "begin transaction;", NULL, NULL, &err);
+ if (rc)
+ {
+ log_error (_("error beginning transaction on TOFU database: %s\n"),
+ err);
+ sqlite3_free (err);
+ return 1;
+ }
+
/* If the DB has no tables, then assume this is a new DB that needs
to be initialized. */
rc = sqlite3_exec (db,
@@ -258,7 +267,7 @@ initdb (sqlite3 *db, enum db_type type)
log_error (_("error querying TOFU DB's available tables: %s\n"),
err);
sqlite3_free (err);
- return 1;
+ goto out;
}
else if (count != 0)
/* Assume that the DB is already initialized. Make sure the
@@ -270,21 +279,22 @@ initdb (sqlite3 *db, enum db_type type)
/* Happy, happy, joy, joy. */
{
sqlite3_free (err);
- return 0;
+ rc = 0;
+ goto out;
}
else if (rc == SQLITE_ABORT && version == -1)
/* Unsupported version. */
{
/* An error message was already displayed. */
sqlite3_free (err);
- return 1;
+ goto out;
}
else if (rc)
/* Some error. */
{
log_error (_("error determining TOFU DB's version: %s\n"), err);
sqlite3_free (err);
- return 1;
+ goto out;
}
else
/* Unexpected success. This can only happen if there are no
@@ -292,19 +302,11 @@ initdb (sqlite3 *db, enum db_type type)
{
log_error (_("error determining TOFU DB's version: %s\n"),
"select returned 0, but expected ABORT");
- return 1;
+ rc = 1;
+ goto out;
}
}
- rc = sqlite3_exec (db, "begin transaction;", NULL, NULL, &err);
- if (rc)
- {
- log_error (_("error beginning transaction on TOFU database: %s\n"),
- err);
- sqlite3_free (err);
- return 1;
- }
-
/* Create the version table. */
rc = sqlite3_exec (db,
"create table version (version INTEGER);",
-----------------------------------------------------------------------
Summary of changes:
dirmngr/http.c | 2 ++
g10/tofu.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++-----------
g10/trustdb.c | 59 +++++++++++++++++++++++++++-------------
g10/trustdb.h | 2 ++
4 files changed, 114 insertions(+), 35 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list