[git] GnuPG - branch, master, updated. gnupg-2.1.12-12-g027c4e5

by Werner Koch cvs at cvs.gnupg.org
Sat May 21 11:44:42 CEST 2016


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  027c4e55522b8e18711a3331932a9869ab89ca26 (commit)
       via  fd973ee1c18aa8fe764e09ba4dff589309b2d78d (commit)
       via  437c97ab6a34ff1936001dd05209193b4466a81d (commit)
      from  a69d3c122c47ad8f857ab749e94b8b63e8d64623 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 027c4e55522b8e18711a3331932a9869ab89ca26
Author: Werner Koch <wk at gnupg.org>
Date:   Sat May 21 11:41:49 2016 +0200

    gpg: Pass CTRL object down to the trust functions
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/g10/gpg.c b/g10/gpg.c
index 006c95b..3e0ae3f 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -4432,12 +4432,12 @@ main (int argc, char **argv)
       case aUpdateTrustDB:
 	if( argc )
 	    wrong_args("--update-trustdb");
-	update_trustdb();
+	update_trustdb (ctrl);
 	break;
 
       case aCheckTrustDB:
         /* Old versions allowed for arguments - ignore them */
-        check_trustdb();
+        check_trustdb (ctrl);
 	break;
 
       case aFixTrustDB:
diff --git a/g10/gpgv.c b/g10/gpgv.c
index 7e87176..ea26659 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -247,8 +247,9 @@ g10_exit( int rc )
  * this utility assumes that all keys in the keyring are trustworthy
  */
 int
-check_signatures_trust( PKT_signature *sig )
+check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
 {
+  (void)ctrl;
   (void)sig;
   return 0;
 }
@@ -280,22 +281,25 @@ cache_disabled_value(PKT_public_key *pk)
 }
 
 void
-check_trustdb_stale(void)
+check_trustdb_stale (ctrl_t ctrl)
 {
+  (void)ctrl;
 }
 
 int
-get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_info (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
 {
+  (void)ctrl;
   (void)pk;
   (void)uid;
   return '?';
 }
 
 unsigned int
-get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
-	      int may_ask)
+get_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
+              PKT_signature *sig, int may_ask)
 {
+  (void)ctrl;
   (void)pk;
   (void)uid;
   (void)sig;
@@ -311,8 +315,9 @@ trust_value_to_string (unsigned int value)
 }
 
 const char *
-uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
+uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
 {
+  (void)ctrl;
   (void)key;
   (void)uid;
   return "err";
diff --git a/g10/import.c b/g10/import.c
index 6707797..7c0d1e2 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -249,7 +249,7 @@ import_keys_internal (ctrl_t ctrl, iobuf_t inp, char **fnames, int nnames,
      interactive or by not setting no-auto-check-trustdb */
 
   if (!(options & IMPORT_FAST))
-    check_or_update_trustdb ();
+    check_or_update_trustdb (ctrl);
 
   return rc;
 }
diff --git a/g10/keydb.h b/g10/keydb.h
index 8896eea..a30cf7a 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -222,7 +222,7 @@ gpg_error_t keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr);
 
 /*-- pkclist.c --*/
 void show_revocation_reason( PKT_public_key *pk, int mode );
-int  check_signatures_trust( PKT_signature *sig );
+int  check_signatures_trust (ctrl_t ctrl, PKT_signature *sig);
 
 void release_pk_list (PK_LIST pk_list);
 int  build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list);
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 200a1ab..c7288b2 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -51,7 +51,8 @@
 
 static void show_prefs (PKT_user_id * uid, PKT_signature * selfsig,
 			int verbose);
-static void show_names (estream_t fp, KBNODE keyblock, PKT_public_key * pk,
+static void show_names (ctrl_t ctrl, estream_t fp,
+                        kbnode_t keyblock, PKT_public_key * pk,
 			unsigned int flag, int with_prefs);
 static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
                                      KBNODE keyblock, int only_marked,
@@ -61,8 +62,8 @@ static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
 static void show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys);
 static void show_key_and_grip (kbnode_t keyblock);
 static void subkey_expire_warning (kbnode_t keyblock);
-static int menu_adduid (KBNODE keyblock, int photo, const char *photo_name,
-                        const char *uidstr);
+static int menu_adduid (ctrl_t ctrl, kbnode_t keyblock,
+                        int photo, const char *photo_name, const char *uidstr);
 static void menu_deluid (KBNODE pub_keyblock);
 static int menu_delsig (KBNODE pub_keyblock);
 static int menu_clean (KBNODE keyblock, int self_only);
@@ -85,13 +86,13 @@ static int count_selected_uids (KBNODE keyblock);
 static int real_uids_left (KBNODE keyblock);
 static int count_selected_keys (KBNODE keyblock);
 static int menu_revsig (KBNODE keyblock);
-static int menu_revuid (KBNODE keyblock);
+static int menu_revuid (ctrl_t ctrl, kbnode_t keyblock);
 static int menu_revkey (KBNODE pub_keyblock);
 static int menu_revsubkey (KBNODE pub_keyblock);
 #ifndef NO_TRUST_MODELS
 static int enable_disable_key (KBNODE keyblock, int disable);
 #endif /*!NO_TRUST_MODELS*/
-static void menu_showphoto (KBNODE keyblock);
+static void menu_showphoto (ctrl_t ctrl, kbnode_t keyblock);
 
 static int update_trust = 0;
 
@@ -2022,7 +2023,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
      and run the stale check as early as possible.  Note, that for
      non- W32 platforms it is run indirectly trough a call to
      get_validity ().  */
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 #endif
 
   /* Get the public key */
@@ -2295,7 +2296,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 	  photo = 1;
 	  /* fall through */
 	case cmdADDUID:
-	  if (menu_adduid (keyblock, photo, arg_string, NULL))
+	  if (menu_adduid (ctrl, keyblock, photo, arg_string, NULL))
 	    {
 	      update_trust = 1;
 	      redisplay = 1;
@@ -2537,7 +2538,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
                       n1 > 1 ? _("Really revoke all selected user IDs? (y/N) ")
 		      :        _("Really revoke this user ID? (y/N) ")))
 	      {
-		if (menu_revuid (keyblock))
+		if (menu_revuid (ctrl, keyblock))
 		  {
 		    modified = 1;
 		    redisplay = 1;
@@ -2631,7 +2632,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 
 	  show_key_with_all_names (ctrl, NULL, keyblock, 0, 0, 0, 1, 0, 0);
 	  tty_printf ("\n");
-	  if (edit_ownertrust (find_kbnode (keyblock,
+	  if (edit_ownertrust (ctrl, find_kbnode (keyblock,
 					    PKT_PUBLIC_KEY)->pkt->pkt.
 			       public_key, 1))
 	    {
@@ -2648,7 +2649,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 	  {
 	    int count = count_selected_uids (keyblock);
 	    log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
-	    show_names (NULL, keyblock, keyblock->pkt->pkt.public_key,
+	    show_names (ctrl, NULL, keyblock, keyblock->pkt->pkt.public_key,
 			count ? NODFLG_SELUID : 0, 1);
 	  }
 	  break;
@@ -2657,7 +2658,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 	  {
 	    int count = count_selected_uids (keyblock);
 	    log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
-	    show_names (NULL, keyblock, keyblock->pkt->pkt.public_key,
+	    show_names (ctrl, NULL, keyblock, keyblock->pkt->pkt.public_key,
 			count ? NODFLG_SELUID : 0, 2);
 	  }
 	  break;
@@ -2733,7 +2734,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 #endif /*!NO_TRUST_MODELS*/
 
 	case cmdSHOWPHOTO:
-	  menu_showphoto (keyblock);
+	  menu_showphoto (ctrl, keyblock);
 	  break;
 
 	case cmdCLEAN:
@@ -2863,7 +2864,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
 
 #ifdef HAVE_W32_SYSTEM
   /* See keyedit_menu for why we need this.  */
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 #endif
 
   /* Search the key; we don't want the whole getkey stuff here.  */
@@ -2914,7 +2915,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
 
   fix_keyblock (&keyblock);
 
-  if (menu_adduid (keyblock, 0, NULL, uidstring))
+  if (menu_adduid (ctrl, keyblock, 0, NULL, uidstring))
     {
       err = keydb_update_keyblock (kdbhd, keyblock);
       if (err)
@@ -2956,7 +2957,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
 
 #ifdef HAVE_W32_SYSTEM
   /* See keyedit_menu for why we need this.  */
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 #endif
 
   /* We require a fingerprint because only this uniquely identifies a
@@ -3371,7 +3372,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
 	    es_putc ('e', fp);
 	  else if (!(opt.fast_list_mode || opt.no_expensive_trust_checks))
 	    {
-	      int trust = get_validity_info (pk, NULL);
+	      int trust = get_validity_info (ctrl, pk, NULL);
 	      if (trust == 'u')
 		ulti_hack = 1;
 	      es_putc (trust, fp);
@@ -3430,7 +3431,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
 	      int uid_validity;
 
 	      if (primary && !ulti_hack)
-		uid_validity = get_validity_info (primary, uid);
+		uid_validity = get_validity_info (ctrl, primary, uid);
 	      else
 		uid_validity = 'u';
 	      es_fprintf (fp, "%c::::::::", uid_validity);
@@ -3497,8 +3498,8 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
 
 
 static void
-show_names (estream_t fp,
-            KBNODE keyblock, PKT_public_key * pk, unsigned int flag,
+show_names (ctrl_t ctrl, estream_t fp,
+            kbnode_t keyblock, PKT_public_key * pk, unsigned int flag,
 	    int with_prefs)
 {
   KBNODE node;
@@ -3513,7 +3514,7 @@ show_names (estream_t fp,
 	  if (!flag || (flag && (node->flag & flag)))
 	    {
 	      if (!(flag & NODFLG_MARK_A) && pk)
-		tty_fprintf (fp, "%s ", uid_trust_string_fixed (pk, uid));
+		tty_fprintf (fp, "%s ", uid_trust_string_fixed (ctrl, pk, uid));
 
 	      if (flag & NODFLG_MARK_A)
 		tty_fprintf (fp, "     ");
@@ -3600,12 +3601,12 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
 	       * output */
 	      static int did_warn = 0;
 
-	      trust = get_validity_string (pk, NULL);
+	      trust = get_validity_string (ctrl, pk, NULL);
 	      otrust = get_ownertrust_string (pk);
 
 	      /* Show a warning once */
 	      if (!did_warn
-		  && (get_validity (pk, NULL, NULL, 0)
+		  && (get_validity (ctrl, pk, NULL, NULL, 0)
 		      & TRUST_FLAG_PENDING_CHECK))
 		{
 		  did_warn = 1;
@@ -3792,7 +3793,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
 	}
     }
 
-  show_names (fp,
+  show_names (ctrl, fp,
               keyblock, primary, only_marked ? NODFLG_MARK_A : 0, with_prefs);
 
   if (do_warn && !nowarn)
@@ -4037,8 +4038,8 @@ subkey_expire_warning (kbnode_t keyblock)
  * user id.
  */
 static int
-menu_adduid (kbnode_t pub_keyblock, int photo, const char *photo_name,
-             const char *uidstring)
+menu_adduid (ctrl_t ctrl, kbnode_t pub_keyblock,
+             int photo, const char *photo_name, const char *uidstring)
 {
   PKT_user_id *uid;
   PKT_public_key *pk = NULL;
@@ -4100,7 +4101,7 @@ menu_adduid (kbnode_t pub_keyblock, int photo, const char *photo_name,
 	    }
 	}
 
-      uid = generate_photo_id (pk, photo_name);
+      uid = generate_photo_id (ctrl, pk, photo_name);
     }
   else
     uid = generate_user_id (pub_keyblock, uidstring);
@@ -6015,7 +6016,7 @@ reloop:			/* (must use this, because we are modifing the list) */
 /* Revoke a user ID (i.e. revoke a user ID selfsig).  Return true if
    keyblock changed.  */
 static int
-menu_revuid (KBNODE pub_keyblock)
+menu_revuid (ctrl_t ctrl, kbnode_t pub_keyblock)
 {
   PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
   KBNODE node;
@@ -6096,7 +6097,7 @@ menu_revuid (KBNODE pub_keyblock)
 		/* If the trustdb has an entry for this key+uid then the
 		   trustdb needs an update. */
 		if (!update_trust
-		    && (get_validity (pk, uid, NULL, 0) & TRUST_MASK) >=
+		    && (get_validity (ctrl, pk, uid, NULL, 0) & TRUST_MASK) >=
 		    TRUST_UNDEFINED)
 		  update_trust = 1;
 #endif /*!NO_TRUST_MODELS*/
@@ -6258,7 +6259,7 @@ enable_disable_key (KBNODE keyblock, int disable)
 
 
 static void
-menu_showphoto (KBNODE keyblock)
+menu_showphoto (ctrl_t ctrl, kbnode_t keyblock)
 {
   KBNODE node;
   int select_all = !count_selected_uids (keyblock);
@@ -6295,7 +6296,7 @@ menu_showphoto (KBNODE keyblock)
 				    "key %s (uid %d)\n"),
 				  image_type_to_string (type, 1),
 				  (ulong) size, keystr_from_pk (pk), count);
-		      show_photos (&uid->attribs[i], 1, pk, uid);
+		      show_photos (ctrl, &uid->attribs[i], 1, pk, uid);
 		    }
 		}
 	    }
diff --git a/g10/keylist.c b/g10/keylist.c
index 1649991..763edac 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -130,7 +130,7 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
      is very bad for W32 because of a sharing violation. For real OSes
      it might lead to false results if we are later listing a keyring
      which is associated with the inode of a deleted file.  */
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 
 #ifdef USE_TOFU
   tofu_begin_batch_update ();
@@ -154,7 +154,7 @@ secret_key_list (ctrl_t ctrl, strlist_t list)
 {
   (void)ctrl;
 
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 
   if (!list)
     list_all (ctrl, 1, 0);
@@ -1010,7 +1010,7 @@ list_keyblock_pka (ctrl_t ctrl, kbnode_t keyblock)
 
 
 static void
-list_keyblock_print (KBNODE keyblock, int secret, int fpr,
+list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
                      struct keylist_context *listctx)
 {
   int rc;
@@ -1051,7 +1051,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr,
   else
     s2k_char = ' ';
 
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 
 
   es_fprintf (es_stdout, "%s%c  %s/%s %s",
@@ -1088,7 +1088,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr,
      include, but it looks sort of confusing in the listing... */
   if (opt.list_options & LIST_SHOW_VALIDITY)
     {
-      int validity = get_validity (pk, NULL, NULL, 0);
+      int validity = get_validity (ctrl, pk, NULL, NULL, 0);
       es_fprintf (es_stdout, " [%s]", trust_value_to_string (validity));
     }
 #endif
@@ -1134,9 +1134,9 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr,
 	    {
 	      const char *validity;
 
-	      validity = uid_trust_string_fixed (pk, uid);
+	      validity = uid_trust_string_fixed (ctrl, pk, uid);
 	      indent = ((keystrlen () + (opt.legacy_list_mode? 9:11))
-                        - atoi (uid_trust_string_fixed (NULL, NULL)));
+                        - atoi (uid_trust_string_fixed (ctrl, NULL, NULL)));
 	      if (indent < 0 || indent > 40)
 		indent = 0;
 
@@ -1174,7 +1174,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr,
             }
 
 	  if ((opt.list_options & LIST_SHOW_PHOTOS) && uid->attribs != NULL)
-	    show_photos (uid->attribs, uid->numattribs, pk, uid);
+	    show_photos (ctrl, uid->attribs, uid->numattribs, pk, uid);
 	}
       else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
 	{
@@ -1390,7 +1390,8 @@ print_revokers (estream_t fp, PKT_public_key * pk)
    record (i.e. requested via --list-secret-key).  If HAS_SECRET a
    secret key is available even if SECRET is not set.  */
 static void
-list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
+list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
+                     int secret, int has_secret, int fpr)
 {
   int rc;
   KBNODE kbctx;
@@ -1437,7 +1438,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
     ;
   else
     {
-      trustletter = get_validity_info (pk, NULL);
+      trustletter = get_validity_info (ctrl, pk, NULL);
       if (trustletter == 'u')
         ulti_hack = 1;
       es_putc (trustletter, es_stdout);
@@ -1519,7 +1520,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
 	      int uid_validity;
 
 	      if (!ulti_hack)
-		uid_validity = get_validity_info (pk, uid);
+		uid_validity = get_validity_info (ctrl, pk, uid);
 	      else
 		uid_validity = 'u';
 	      es_fprintf (es_stdout, "%s:%c::::", str, uid_validity);
@@ -1814,9 +1815,9 @@ list_keyblock (ctrl_t ctrl,
   if (opt.print_pka_records || opt.print_dane_records)
     list_keyblock_pka (ctrl, keyblock);
   else if (opt.with_colons)
-    list_keyblock_colon (keyblock, secret, has_secret, fpr);
+    list_keyblock_colon (ctrl, keyblock, secret, has_secret, fpr);
   else
-    list_keyblock_print (keyblock, secret, fpr, listctx);
+    list_keyblock_print (ctrl, keyblock, secret, fpr, listctx);
   if (secret)
     es_fflush (es_stdout);
 }
diff --git a/g10/keyserver.c b/g10/keyserver.c
index 3486abb..40659f0 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -1464,7 +1464,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
   /* If the original options didn't have fast import, and the trustdb
      is dirty, rebuild. */
   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
-    check_or_update_trustdb ();
+    check_or_update_trustdb (ctrl);
 
   return err;
 }
@@ -1885,7 +1885,7 @@ keyserver_fetch (ctrl_t ctrl, strlist_t urilist)
   /* If the original options didn't have fast import, and the trustdb
      is dirty, rebuild. */
   if (!(opt.keyserver_options.import_options&IMPORT_FAST))
-    check_or_update_trustdb ();
+    check_or_update_trustdb (ctrl);
 
   return 0;
 }
diff --git a/g10/mainproc.c b/g10/mainproc.c
index d56790b..a2bfae3 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1002,7 +1002,7 @@ list_node (CTX c, kbnode_t node)
           keyid_from_pk( pk, keyid );
           if (mainkey)
             c->trustletter = (opt.fast_list_mode?
-                              0 : get_validity_info( pk, NULL));
+                              0 : get_validity_info (c->ctrl, pk, NULL));
           es_printf ("%s:", mainkey? "pub":"sub" );
           if (c->trustletter)
             es_putc (c->trustletter, es_stdout);
@@ -1603,31 +1603,31 @@ check_sig_and_print (CTX c, kbnode_t node)
     }
 
   /* Check that the message composition is valid.
-
-     Per RFC-2440bis (-15) allowed:
-
-     S{1,n}           -- detached signature.
-     S{1,n} P         -- old style PGP2 signature
-     O{1,n} P S{1,n}  -- standard OpenPGP signature.
-     C P S{1,n}       -- cleartext signature.
-
-
-          O = One-Pass Signature packet.
-          S = Signature packet.
-          P = OpenPGP Message packet (Encrypted | Compressed | Literal)
-                 (Note that the current rfc2440bis draft also allows
-                  for a signed message but that does not work as it
-                  introduces ambiguities.)
-              We keep track of these packages using the marker packet
-              CTRLPKT_PLAINTEXT_MARK.
-          C = Marker packet for cleartext signatures.
-
-     We reject all other messages.
-
-     Actually we are calling this too often, i.e. for verification of
-     each message but better have some duplicate work than to silently
-     introduce a bug here.
-  */
+   *
+   * Per RFC-2440bis (-15) allowed:
+   *
+   * S{1,n}           -- detached signature.
+   * S{1,n} P         -- old style PGP2 signature
+   * O{1,n} P S{1,n}  -- standard OpenPGP signature.
+   * C P S{1,n}       -- cleartext signature.
+   *
+   *
+   *      O = One-Pass Signature packet.
+   *      S = Signature packet.
+   *      P = OpenPGP Message packet (Encrypted | Compressed | Literal)
+   *             (Note that the current rfc2440bis draft also allows
+   *              for a signed message but that does not work as it
+   *              introduces ambiguities.)
+   *          We keep track of these packages using the marker packet
+   *          CTRLPKT_PLAINTEXT_MARK.
+   *      C = Marker packet for cleartext signatures.
+   *
+   * We reject all other messages.
+   *
+   * Actually we are calling this too often, i.e. for verification of
+   * each message but better have some duplicate work than to silently
+   * introduce a bug here.
+   */
   {
     kbnode_t n;
     int n_onepass, n_sig;
@@ -1871,7 +1871,7 @@ check_sig_and_print (CTX c, kbnode_t node)
 	     does not print a LF we need to compute the validity
 	     before calling that function.  */
           if ((opt.verify_options & VERIFY_SHOW_UID_VALIDITY))
-            valid = get_validity (pk, un->pkt->pkt.user_id, NULL, 0);
+            valid = get_validity (c->ctrl, pk, un->pkt->pkt.user_id, NULL, 0);
           else
             valid = 0; /* Not used.  */
 
@@ -1950,7 +1950,8 @@ check_sig_and_print (CTX c, kbnode_t node)
                   dump_attribs (un->pkt->pkt.user_id, pk);
 
                   if (opt.verify_options&VERIFY_SHOW_PHOTOS)
-                    show_photos (un->pkt->pkt.user_id->attribs,
+                    show_photos (c->ctrl,
+                                 un->pkt->pkt.user_id->attribs,
                                  un->pkt->pkt.user_id->numattribs,
                                  pk ,un->pkt->pkt.user_id);
                 }
@@ -1973,7 +1974,8 @@ check_sig_and_print (CTX c, kbnode_t node)
 		       actually ask the user to update any trust
 		       information.  */
                     valid = (trust_value_to_string
-                             (get_validity (pk, un->pkt->pkt.user_id, sig, 0)));
+                             (get_validity (c->ctrl, pk,
+                                            un->pkt->pkt.user_id, sig, 0)));
                   log_printf (" [%s]\n",valid);
                 }
               else
@@ -2061,7 +2063,7 @@ check_sig_and_print (CTX c, kbnode_t node)
         {
           if ((opt.verify_options & VERIFY_PKA_LOOKUPS))
             pka_uri_from_sig (c, sig); /* Make sure PKA info is available. */
-          rc = check_signatures_trust (sig);
+          rc = check_signatures_trust (c->ctrl, sig);
         }
 
       /* Print extra information about the signature.  */
diff --git a/g10/photoid.c b/g10/photoid.c
index f6e625a..e188653 100644
--- a/g10/photoid.c
+++ b/g10/photoid.c
@@ -48,7 +48,7 @@
 /* Generate a new photo id packet, or return NULL if canceled.
    FIXME:  Should we add a duplicates check similar to generate_user_id? */
 PKT_user_id *
-generate_photo_id(PKT_public_key *pk,const char *photo_name)
+generate_photo_id (ctrl_t ctrl, PKT_public_key *pk,const char *photo_name)
 {
   PKT_user_id *uid;
   int error=1,i;
@@ -163,7 +163,7 @@ generate_photo_id(PKT_public_key *pk,const char *photo_name)
          "user" may not be able to dismiss a viewer window! */
       if(opt.command_fd==-1)
 	{
-	  show_photos (uid->attribs, uid->numattribs, pk, uid);
+	  show_photos (ctrl, uid->attribs, uid->numattribs, pk, uid);
 	  switch(cpr_get_answer_yes_no_quit("photoid.jpeg.okay",
 					 _("Is this photo correct (y/N/q)? ")))
 	    {
@@ -286,9 +286,10 @@ static const char *get_default_photo_command(void)
 }
 #endif
 
+
 void
-show_photos(const struct user_attribute *attrs, int count,
-            PKT_public_key *pk, PKT_user_id *uid)
+show_photos (ctrl_t ctrl, const struct user_attribute *attrs, int count,
+             PKT_public_key *pk, PKT_user_id *uid)
 {
 #ifdef DISABLE_PHOTO_VIEWER
   (void)attrs;
@@ -303,8 +304,8 @@ show_photos(const struct user_attribute *attrs, int count,
 
   memset (&args, 0, sizeof(args));
   args.pk = pk;
-  args.validity_info = get_validity_info (pk, uid);
-  args.validity_string = get_validity_string (pk, uid);
+  args.validity_info = get_validity_info (ctrl, pk, uid);
+  args.validity_string = get_validity_string (ctrl, pk, uid);
   namehash_from_uid (uid);
   args.namehash = uid->namehash;
 
diff --git a/g10/photoid.h b/g10/photoid.h
index ec2b55f..9fc758e 100644
--- a/g10/photoid.h
+++ b/g10/photoid.h
@@ -24,10 +24,11 @@
 
 #include "packet.h"
 
-PKT_user_id *generate_photo_id(PKT_public_key *pk,const char *filename);
+PKT_user_id *generate_photo_id (ctrl_t ctrl,
+                                PKT_public_key *pk,const char *filename);
 int parse_image_header(const struct user_attribute *attr,byte *type,u32 *len);
 char *image_type_to_string(byte type,int style);
-void show_photos (const struct user_attribute *attrs, int count,
+void show_photos (ctrl_t ctrl, const struct user_attribute *attrs, int count,
                   PKT_public_key *pk, PKT_user_id *uid);
 
 #endif /* !_PHOTOID_H_ */
diff --git a/g10/pkclist.c b/g10/pkclist.c
index de8897a..f284107 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -178,7 +178,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
  */
 #ifndef NO_TRUST_MODELS
 static int
-do_edit_ownertrust (PKT_public_key *pk, int mode,
+do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
                     unsigned *new_trust, int defer_help )
 {
   char *p;
@@ -248,7 +248,8 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
 
 		if((opt.verify_options&VERIFY_SHOW_PHOTOS)
 		   && un->pkt->pkt.user_id->attrib_data)
-		  show_photos (un->pkt->pkt.user_id->attribs,
+		  show_photos (ctrl,
+                               un->pkt->pkt.user_id->attribs,
                                un->pkt->pkt.user_id->numattribs, pk,
                                un->pkt->pkt.user_id);
 
@@ -376,14 +377,14 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
  */
 #ifndef NO_TRUST_MODELS
 int
-edit_ownertrust (PKT_public_key *pk, int mode )
+edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode )
 {
   unsigned int trust = 0;
   int no_help = 0;
 
   for(;;)
     {
-      switch ( do_edit_ownertrust (pk, mode, &trust, no_help ) )
+      switch ( do_edit_ownertrust (ctrl, pk, mode, &trust, no_help ) )
         {
         case -1: /* quit */
           return -1;
@@ -526,7 +527,7 @@ write_trust_status (int statuscode, int trustlevel)
  * Returns an error code if we should not trust this signature.
  */
 int
-check_signatures_trust( PKT_signature *sig )
+check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
 {
   PKT_public_key *pk = xmalloc_clear( sizeof *pk );
   unsigned int trustlevel = TRUST_UNKNOWN;
@@ -553,7 +554,7 @@ check_signatures_trust( PKT_signature *sig )
     log_info(_("WARNING: this key might be revoked (revocation key"
 	       " not present)\n"));
 
-  trustlevel = get_validity (pk, NULL, sig, 1);
+  trustlevel = get_validity (ctrl, pk, NULL, sig, 1);
 
   if ( (trustlevel & TRUST_FLAG_REVOKED) )
     {
@@ -845,7 +846,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
     }
 
   /* Key found and usable.  Check validity. */
-  trustlevel = get_validity (pk, pk->user_id, NULL, 1);
+  trustlevel = get_validity (ctrl, pk, pk->user_id, NULL, 1);
   if ( (trustlevel & TRUST_FLAG_DISABLED) )
     {
       /* Key has been disabled. */
@@ -1183,7 +1184,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
                 { /* Check validity of this key. */
                   int trustlevel;
 
-                  trustlevel = get_validity (pk, pk->user_id, NULL, 1);
+                  trustlevel = get_validity (ctrl, pk, pk->user_id, NULL, 1);
                   if ( (trustlevel & TRUST_FLAG_DISABLED) )
                     {
                       tty_printf (_("Public key is disabled.\n") );
diff --git a/g10/seskey.c b/g10/seskey.c
index c41a145..d0e6b6f 100644
--- a/g10/seskey.c
+++ b/g10/seskey.c
@@ -347,6 +347,9 @@ encode_md_value (PKT_public_key *pk, gcry_md_hd_t md, int hash_algo)
         return NULL;
       if ( gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, asn, &asnlen) )
         BUG();
+      log_debug ("%s: hash_algo=%d pk=%p\n", __func__, hash_algo, pk);
+      log_debug ("%s: pk->pkey[0]=%p\n", __func__, pk->pkey[0]);
+      gcry_log_debugmpi ("pkey[0]", pk->pkey[0]);
       frame = do_encode_md (md, hash_algo, gcry_md_get_algo_dlen (hash_algo),
                             gcry_mpi_get_nbits (pk->pkey[0]), asn, asnlen);
       xfree (asn);
diff --git a/g10/test-stubs.c b/g10/test-stubs.c
index 2edae18..177f35a 100644
--- a/g10/test-stubs.c
+++ b/g10/test-stubs.c
@@ -58,8 +58,9 @@ g10_exit( int rc )
  * this utility assumes that all keys in the keyring are trustworthy
  */
 int
-check_signatures_trust( PKT_signature *sig )
+check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
 {
+  (void)ctrl;
   (void)sig;
   return 0;
 }
@@ -91,22 +92,25 @@ cache_disabled_value(PKT_public_key *pk)
 }
 
 void
-check_trustdb_stale(void)
+check_trustdb_stale (ctrl_t ctrl)
 {
+  (void)ctrl;
 }
 
 int
-get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_info (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
 {
+  (void)ctrl;
   (void)pk;
   (void)uid;
   return '?';
 }
 
 unsigned int
-get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
-	      int may_ask)
+get_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
+              PKT_signature *sig, int may_ask)
 {
+  (void)ctrl;
   (void)pk;
   (void)uid;
   (void)sig;
@@ -122,8 +126,9 @@ trust_value_to_string (unsigned int value)
 }
 
 const char *
-uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
+uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
 {
+  (void)ctrl;
   (void)key;
   (void)uid;
   return "err";
diff --git a/g10/trust.c b/g10/trust.c
index b15fa04..8790754 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -131,7 +131,7 @@ string_to_trust_value (const char *str)
 
 
 const char *
-uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
+uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
 {
   if (!key && !uid)
     {
@@ -151,7 +151,7 @@ uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
     return                         _("[ expired]");
   else if(key)
     {
-      switch (get_validity (key, uid, NULL, 0) & TRUST_MASK)
+      switch (get_validity (ctrl, key, uid, NULL, 0) & TRUST_MASK)
         {
         case TRUST_UNKNOWN:   return _("[ unknown]");
         case TRUST_EXPIRED:   return _("[ expired]");
@@ -275,19 +275,23 @@ revalidation_mark (void)
 
 
 void
-check_trustdb_stale (void)
+check_trustdb_stale (ctrl_t ctrl)
 {
 #ifndef NO_TRUST_MODELS
-  tdb_check_trustdb_stale ();
+  tdb_check_trustdb_stale (ctrl);
+#else
+  (void)ctrl;
 #endif
 }
 
 
 void
-check_or_update_trustdb (void)
+check_or_update_trustdb (ctrl_t ctrl)
 {
 #ifndef NO_TRUST_MODELS
-  tdb_check_or_update ();
+  tdb_check_or_update (ctrl);
+#else
+  (void)ctrl;
 #endif
 }
 
@@ -298,8 +302,8 @@ check_or_update_trustdb (void)
  * otherwise, a reasonable value for the entire key is returned.
  */
 unsigned int
-get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
-	      int may_ask)
+get_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
+              PKT_signature *sig, int may_ask)
 {
   int rc;
   unsigned int validity;
@@ -331,7 +335,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
 #ifdef NO_TRUST_MODELS
   validity = TRUST_UNKNOWN;
 #else
-  validity = tdb_get_validity_core (pk, uid, main_pk, sig, may_ask);
+  validity = tdb_get_validity_core (ctrl, pk, uid, main_pk, sig, may_ask);
 #endif
 
  leave:
@@ -353,14 +357,14 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
 
 
 int
-get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_info (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
 {
   int trustlevel;
 
   if (!pk)
     return '?';  /* Just in case a NULL PK is passed.  */
 
-  trustlevel = get_validity (pk, uid, NULL, 0);
+  trustlevel = get_validity (ctrl, pk, uid, NULL, 0);
   if ((trustlevel & TRUST_FLAG_REVOKED))
     return 'r';
   return trust_letter (trustlevel);
@@ -368,14 +372,14 @@ get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
 
 
 const char *
-get_validity_string (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_string (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
 {
   int trustlevel;
 
   if (!pk)
     return "err";  /* Just in case a NULL PK is passed.  */
 
-  trustlevel = get_validity (pk, uid, NULL, 0);
+  trustlevel = get_validity (ctrl, pk, uid, NULL, 0);
   if ((trustlevel & TRUST_FLAG_REVOKED))
     return _("revoked");
   return trust_value_to_string (trustlevel);
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 195a006..e5f7121 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -70,7 +70,7 @@ static struct key_item *utk_list;      /* all ultimately trusted keys */
 
 static int pending_check_trustdb;
 
-static int validate_keys (int interactive);
+static int validate_keys (ctrl_t ctrl, int interactive);
 
 

 /**********************************************
@@ -494,7 +494,7 @@ init_trustdb ()
  * when a check is due.  This can be used to run the check from a crontab
  */
 void
-check_trustdb ()
+check_trustdb (ctrl_t ctrl)
 {
   init_trustdb();
   if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
@@ -519,7 +519,7 @@ check_trustdb ()
 	    }
 	}
 
-      validate_keys (0);
+      validate_keys (ctrl, 0);
     }
   else
     log_info (_("no need for a trustdb check with '%s' trust model\n"),
@@ -531,12 +531,12 @@ check_trustdb ()
  * Recreate the WoT.
  */
 void
-update_trustdb()
+update_trustdb (ctrl_t ctrl)
 {
-  init_trustdb();
+  init_trustdb ();
   if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
       || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
-    validate_keys (1);
+    validate_keys (ctrl, 1);
   else
     log_info (_("no need for a trustdb update with '%s' trust model\n"),
 	      trust_model_string(opt.trust_model));
@@ -565,14 +565,14 @@ trustdb_pending_check(void)
 /* If the trustdb is dirty, and we're interactive, update it.
    Otherwise, check it unless no-auto-check-trustdb is set. */
 void
-tdb_check_or_update (void)
+tdb_check_or_update (ctrl_t ctrl)
 {
-  if(trustdb_pending_check())
+  if (trustdb_pending_check ())
     {
-      if(opt.interactive)
-	update_trustdb();
-      else if(!opt.no_auto_check_trustdb)
-	check_trustdb();
+      if (opt.interactive)
+	update_trustdb (ctrl);
+      else if (!opt.no_auto_check_trustdb)
+	check_trustdb (ctrl);
     }
 }
 
@@ -938,7 +938,7 @@ tdb_cache_disabled_value (PKT_public_key *pk)
 
 
 void
-tdb_check_trustdb_stale (void)
+tdb_check_trustdb_stale (ctrl_t ctrl)
 {
   static int did_nextcheck=0;
 
@@ -968,7 +968,7 @@ tdb_check_trustdb_stale (void)
             {
               if (!opt.quiet)
                 log_info (_("checking the trustdb\n"));
-              validate_keys (0);
+              validate_keys (ctrl, 0);
             }
         }
     }
@@ -981,7 +981,8 @@ tdb_check_trustdb_stale (void)
  * by the TOFU code to record statistics.
  */
 unsigned int
-tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid,
+tdb_get_validity_core (ctrl_t ctrl,
+                       PKT_public_key *pk, PKT_user_id *uid,
                        PKT_public_key *main_pk,
 		       PKT_signature *sig,
 		       int may_ask)
@@ -1008,7 +1009,7 @@ tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid,
   if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
     return TRUST_UNKNOWN;
 
-  check_trustdb_stale();
+  check_trustdb_stale (ctrl);
 
   if(opt.trust_model==TM_DIRECT)
     {
@@ -1267,7 +1268,7 @@ enum_cert_paths_print (void **context, FILE *fp,
  ****************************************/
 
 static int
-ask_ownertrust (u32 *kid,int minimum)
+ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
 {
   PKT_public_key *pk;
   int rc;
@@ -1291,7 +1292,7 @@ ask_ownertrust (u32 *kid,int minimum)
     }
   else
     {
-      ot=edit_ownertrust(pk,0);
+      ot=edit_ownertrust (ctrl, pk, 0);
       if(ot>0)
 	ot = tdb_get_ownertrust (pk);
       else if(ot==0)
@@ -1881,7 +1882,7 @@ reset_trust_records(void)
  *
  */
 static int
-validate_keys (int interactive)
+validate_keys (ctrl_t ctrl, int interactive)
 {
   int rc = 0;
   int quit=0;
@@ -1989,7 +1990,7 @@ validate_keys (int interactive)
 
           if (interactive && k->ownertrust == TRUST_UNKNOWN)
 	    {
-	      k->ownertrust = ask_ownertrust (k->kid,min);
+	      k->ownertrust = ask_ownertrust (ctrl, k->kid,min);
 
 	      if (k->ownertrust == (unsigned int)(-1))
 		{
diff --git a/g10/trustdb.h b/g10/trustdb.h
index 7e1307d..47d7b72 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -83,20 +83,22 @@ void register_trusted_key (const char *string);
 
 const char *trust_value_to_string (unsigned int value);
 int string_to_trust_value (const char *str);
-const char *uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid);
+const char *uid_trust_string_fixed (ctrl_t ctrl,
+                                    PKT_public_key *key, PKT_user_id *uid);
 
 unsigned int get_ownertrust (PKT_public_key *pk);
 void update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
 int clear_ownertrusts (PKT_public_key *pk);
 
 void revalidation_mark (void);
-void check_trustdb_stale (void);
-void check_or_update_trustdb (void);
+void check_trustdb_stale (ctrl_t ctrl);
+void check_or_update_trustdb (ctrl_t ctrl);
 
-unsigned int get_validity (PKT_public_key *pk, PKT_user_id *uid,
+unsigned int get_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
 			   PKT_signature *sig, int may_ask);
-int get_validity_info (PKT_public_key *pk, PKT_user_id *uid);
-const char *get_validity_string (PKT_public_key *pk, PKT_user_id *uid);
+int get_validity_info (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid);
+const char *get_validity_string (ctrl_t ctrl,
+                                 PKT_public_key *pk, PKT_user_id *uid);
 
 void mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
                             u32 *main_kid, struct key_item *klist,
@@ -115,22 +117,23 @@ void tdb_register_trusted_keyid (u32 *keyid);
 void tdb_register_trusted_key (const char *string);
 /* Returns whether KID is on the list of ultimately trusted keys.  */
 int tdb_keyid_is_utk (u32 *kid);
-void check_trustdb (void);
-void update_trustdb (void);
+void check_trustdb (ctrl_t ctrl);
+void update_trustdb (ctrl_t ctrl);
 int setup_trustdb( int level, const char *dbname );
 void how_to_fix_the_trustdb (void);
 const char *trust_model_string (int model);
 void init_trustdb( void );
-void tdb_check_trustdb_stale (void);
+void tdb_check_trustdb_stale (ctrl_t ctrl);
 void sync_trustdb( void );
 
 void tdb_revalidation_mark (void);
 int trustdb_pending_check(void);
-void tdb_check_or_update (void);
+void tdb_check_or_update (ctrl_t ctrl);
 
 int tdb_cache_disabled_value (PKT_public_key *pk);
 
-unsigned int tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid,
+unsigned int tdb_get_validity_core (ctrl_t ctrl,
+                                    PKT_public_key *pk, PKT_user_id *uid,
                                     PKT_public_key *main_pk,
 				    PKT_signature *sig, int may_ask);
 
@@ -158,6 +161,6 @@ void export_ownertrust(void);
 void import_ownertrust(const char *fname);
 
 /*-- pkclist.c --*/
-int edit_ownertrust (PKT_public_key *pk, int mode );
+int edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode);
 
 #endif /*G10_TRUSTDB_H*/

commit fd973ee1c18aa8fe764e09ba4dff589309b2d78d
Author: Werner Koch <wk at gnupg.org>
Date:   Sat May 21 11:06:24 2016 +0200

    gpg: Fix the TOFU_STATS_LONG status.
    
    * g10/tofu.c (show_statistics): Print TOFU STATS with formatting
    characters.
    --
    
    We better leave the non-breaking space character in the status
    messages so that the caller can make use of them.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/doc/DETAILS b/doc/DETAILS
index 2710007..59f8d56 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -688,7 +688,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
 
     This status identifies the key and the userid for all following
     Tofu information.  The fingerprint is the fingerprint of the
-    primary key and the mbox is in general the mailbox part of the
+    primary key and the mbox is in general the addr-spec part of the
     userid encoded in UTF-8 and percent escaped.
 
 *** TOFU_STATS <validity> <sign-count> 0 [<policy> [<tm1> <tm2>]]
@@ -730,8 +730,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
 *** PKA_TRUST_
     This is is one:
 
-    - PKA_TRUST_GOOD <mailbox>
-    - PKA_TRUST_BAD  <mailbox>
+    - PKA_TRUST_GOOD <addr-spec>
+    - PKA_TRUST_BAD  <addr-spec>
 
     Depending on the outcome of the PKA check one of the above status
     codes is emitted in addition to a =TRUST_*= status.
diff --git a/g10/tofu.c b/g10/tofu.c
index e591aa5..b73ad93 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -2101,7 +2101,7 @@ get_trust (struct dbs *dbs, const char *fingerprint, const char *email,
 	/* TRANSLATORS: Please translate the text found in the source
 	   file below.  We don't directly internationalize that text
 	   so that we can tweak it without breaking translations.  */
-	const char *text = _("TOFU detected a binding conflict");
+	char *text = _("TOFU detected a binding conflict");
         char *textbuf;
 	if (strcmp (text, "TOFU detected a binding conflict") == 0)
 	  /* No translation.  Use the English text.  */
@@ -2542,15 +2542,18 @@ show_statistics (struct dbs *dbs, const char *fingerprint,
               log_fatal ("error snatching memory stream\n");
             msg = format_text (tmpmsg, 0, 72, 80);
             es_free (tmpmsg);
-            for (p=msg; *p; p++)
-              if (*p == '~')
-                *p = ' ';
 
             /* Print a status line but suppress the trailing LF.
              * Spaces are not percent escaped. */
             if (*msg)
               write_status_buffer (STATUS_TOFU_STATS_LONG,
                                    msg, strlen (msg)-1, -1);
+
+            /* Remove the non-breaking space markers.  */
+            for (p=msg; *p; p++)
+              if (*p == '~')
+                *p = ' ';
+
           }
 
 	  log_string (GPGRT_LOG_INFO, msg);

commit 437c97ab6a34ff1936001dd05209193b4466a81d
Author: Werner Koch <wk at gnupg.org>
Date:   Thu May 19 09:35:20 2016 +0200

    gpg: Print "[  never ]" instead of err for validity.
    
    * g10/trust.c (uid_trust_string_fixed): Handle NEVER.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/g10/trust.c b/g10/trust.c
index 82de7cb..b15fa04 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -156,6 +156,7 @@ uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
         case TRUST_UNKNOWN:   return _("[ unknown]");
         case TRUST_EXPIRED:   return _("[ expired]");
         case TRUST_UNDEFINED: return _("[  undef ]");
+        case TRUST_NEVER:     return _("[  never ]");
         case TRUST_MARGINAL:  return _("[marginal]");
         case TRUST_FULLY:     return _("[  full  ]");
         case TRUST_ULTIMATE:  return _("[ultimate]");

-----------------------------------------------------------------------

Summary of changes:
 doc/DETAILS      |  6 +++---
 g10/gpg.c        |  4 ++--
 g10/gpgv.c       | 17 ++++++++++------
 g10/import.c     |  2 +-
 g10/keydb.h      |  2 +-
 g10/keyedit.c    | 61 ++++++++++++++++++++++++++++---------------------------
 g10/keylist.c    | 27 ++++++++++++------------
 g10/keyserver.c  |  4 ++--
 g10/mainproc.c   | 62 +++++++++++++++++++++++++++++---------------------------
 g10/photoid.c    | 13 ++++++------
 g10/photoid.h    |  5 +++--
 g10/pkclist.c    | 17 ++++++++--------
 g10/seskey.c     |  3 +++
 g10/test-stubs.c | 17 ++++++++++------
 g10/tofu.c       | 11 ++++++----
 g10/trust.c      | 31 ++++++++++++++++------------
 g10/trustdb.c    | 41 +++++++++++++++++++------------------
 g10/trustdb.h    | 27 +++++++++++++-----------
 18 files changed, 191 insertions(+), 159 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org




More information about the Gnupg-commits mailing list