[git] GnuPG - branch, master, updated. gnupg-2.1.15-122-g6e930f0
by Neal H. Walfield
cvs at cvs.gnupg.org
Fri Sep 16 15:37:59 CEST 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 6e930f0e4077bc7aa3d28b1ba649a82d62427d87 (commit)
via 3825847300700a94ac98a24c6db7cf81057b372c (commit)
via 221b0bd0e5946edaea7135bc3b6f3c5c0fc6dbca (commit)
via c2e563421e4fd4f0910642aa7b171bcf0b374b01 (commit)
via af196342bf44ce6dc42111d37539dec7ee3b3d82 (commit)
from 4ab8107063b641ed74fc4c9bf98304bcea573178 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6e930f0e4077bc7aa3d28b1ba649a82d62427d87
Author: Neal H. Walfield <neal at g10code.com>
Date: Fri Sep 16 15:32:03 2016 +0200
g10: On failure, propagate the return code.
* g10/tofu.c (tofu_register_encryption): If get_trust fails, set RC.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/tofu.c b/g10/tofu.c
index 6817303..e6a3429 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -3072,6 +3072,7 @@ tofu_register_encryption (ctrl_t ctrl,
if (tl == _tofu_GET_TRUST_ERROR)
{
/* An error. */
+ rc = gpg_error (GPG_ERR_GENERAL);
xfree (email);
goto die;
}
commit 3825847300700a94ac98a24c6db7cf81057b372c
Author: Neal H. Walfield <neal at g10code.com>
Date: Fri Sep 16 15:31:10 2016 +0200
g10: Improve some comments and a string.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/tofu.c b/g10/tofu.c
index 495f7ef..6817303 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -2083,6 +2083,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
if (tdb_keyid_is_utk (kid))
{
if (policy == TOFU_POLICY_NONE)
+ /* New binding. */
{
if (record_binding (dbs, fingerprint, email, user_id,
TOFU_POLICY_GOOD, 0, now) != 0)
@@ -2164,7 +2165,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
*/
/* Before continuing, see if the key is signed by an ultimately
- trusted key. */
+ * trusted key. */
{
int fingerprint_raw_len = strlen (fingerprint) / 2;
char fingerprint_raw[fingerprint_raw_len];
@@ -2594,13 +2595,14 @@ show_statistics (tofu_dbs_t dbs, const char *fingerprint,
if (rc)
{
log_error (_("error reading TOFU database: %s\n"), err);
- print_further_info ("getting statistics");
+ print_further_info ("getting signature statistics");
sqlite3_free (err);
goto out;
}
if (strlist)
{
+ /* We expect exactly 3 elements. */
log_assert (strlist->next);
log_assert (strlist->next->next);
log_assert (! strlist->next->next->next);
@@ -2625,13 +2627,14 @@ show_statistics (tofu_dbs_t dbs, const char *fingerprint,
if (rc)
{
log_error (_("error reading TOFU database: %s\n"), err);
- print_further_info ("getting statistics");
+ print_further_info ("getting encryption statistics");
sqlite3_free (err);
goto out;
}
if (strlist)
{
+ /* We expect exactly 3 elements. */
log_assert (strlist->next);
log_assert (strlist->next->next);
log_assert (! strlist->next->next->next);
@@ -2753,10 +2756,10 @@ show_statistics (tofu_dbs_t dbs, const char *fingerprint,
if (encryption_count == 0)
log_info (_("Warning: you have yet to encrypt"
- " a message to this key and user id!\n"));
+ " a message to this key!\n"));
else if (encryption_count == 1)
log_info (_("Warning: you have only encrypted"
- " one message to this key and user id!\n"));
+ " one message to this key!\n"));
/* Cf. write_stats_status */
if (sqrtu32 (encryption_count * encryption_count
@@ -2930,7 +2933,7 @@ tofu_register_signature (ctrl_t ctrl,
because <fingerprint, email, sig_time, sig_digest> is the
primary key! */
log_debug ("SIGNATURES DB contains duplicate records"
- " <key: %s, fingerprint: %s, time: 0x%lx, sig: %s,"
+ " <key: %s, email: %s, time: 0x%lx, sig: %s,"
" origin: %s>."
" Please report.\n",
fingerprint, email, (unsigned long) sig_time,
@@ -2939,7 +2942,7 @@ tofu_register_signature (ctrl_t ctrl,
{
if (DBG_TRUST)
log_debug ("Already observed the signature and binding"
- " <key: %s, user id: %s, time: 0x%lx, sig: %s,"
+ " <key: %s, email: %s, time: 0x%lx, sig: %s,"
" origin: %s>\n",
fingerprint, email, (unsigned long) sig_time,
sig_digest, origin);
@@ -3048,8 +3051,8 @@ tofu_register_encryption (ctrl_t ctrl,
free_user_id_list = 1;
if (! user_id_list)
- log_info ("WARNING: Encrypting to %s, which has no"
- "non-revoked user ids.\n",
+ log_info (_("WARNING: Encrypting to %s, which has no"
+ "non-revoked user ids.\n"),
keystr (pk->keyid));
}
@@ -3240,6 +3243,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
fingerprint = hexfingerprint (pk, NULL, 0);
tofu_begin_batch_update (ctrl);
+ /* Start the batch transaction now. */
tofu_resume_batch_transaction (ctrl);
for (user_id = user_id_list; user_id; user_id = user_id->next, bindings ++)
commit 221b0bd0e5946edaea7135bc3b6f3c5c0fc6dbca
Author: Neal H. Walfield <neal at g10code.com>
Date: Fri Sep 16 15:18:56 2016 +0200
g10: Don't ignore failure. On failure, rollback.
* g10/tofu.c (tofu_set_policy): If record_binding fails, fail. If the
function fails, rollback the transaction.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/tofu.c b/g10/tofu.c
index 9a60223..495f7ef 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -3328,6 +3328,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
gpg_error_t
tofu_set_policy (ctrl_t ctrl, kbnode_t kb, enum tofu_policy policy)
{
+ gpg_error_t err;
time_t now = gnupg_get_time ();
tofu_dbs_t dbs;
PKT_public_key *pk;
@@ -3370,15 +3371,26 @@ tofu_set_policy (ctrl_t ctrl, kbnode_t kb, enum tofu_policy policy)
email = email_from_user_id (user_id->name);
- record_binding (dbs, fingerprint, email, user_id->name, policy, 1, now);
+ err = record_binding (dbs, fingerprint, email, user_id->name,
+ policy, 1, now);
+ if (err)
+ {
+ log_error (_("error setting policy for key %s, user id \"%s\": %s"),
+ fingerprint, email, gpg_strerror (err));
+ xfree (email);
+ break;
+ }
xfree (email);
}
- end_transaction (ctrl, 0);
+ if (err)
+ rollback_transaction (ctrl);
+ else
+ end_transaction (ctrl, 0);
xfree (fingerprint);
- return 0;
+ return err;
}
/* Set the TOFU policy for all non-revoked user ids in the KEY with
commit c2e563421e4fd4f0910642aa7b171bcf0b374b01
Author: Neal H. Walfield <neal at g10code.com>
Date: Fri Sep 16 15:17:51 2016 +0200
g10: Load the key block if the supplied user id list is NULL.
* g10/tofu.c (tofu_register_encryption): Load the key block if
USER_ID_LIST is NULL.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/tofu.c b/g10/tofu.c
index 7f07483..9a60223 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -3023,7 +3023,7 @@ tofu_register_encryption (ctrl_t ctrl,
if (/* We need the key block to find the primary key. */
keyid_cmp (pk_keyid (pk), pk_main_keyid (pk)) != 0
/* We need the key block to find all user ids. */
- || user_id_list)
+ || ! user_id_list)
kb = get_pubkeyblock (pk->keyid);
/* Make sure PK is a primary key. */
commit af196342bf44ce6dc42111d37539dec7ee3b3d82
Author: Neal H. Walfield <neal at g10code.com>
Date: Fri Sep 16 15:10:11 2016 +0200
g10: Use the accessor functions for accessing and comparing key ids
* g10/tofu.c (get_trust): Use the pk_main_keyid accessor function.
(tofu_register_signature): Likewise.
(tofu_register_encryption): Likewise.
(tofu_set_policy): Likewise and also use pk_keyid and keyid_cmp.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
diff --git a/g10/tofu.c b/g10/tofu.c
index 0cd3f12..7f07483 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -2058,7 +2058,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
if (opt.batch)
may_ask = 0;
- log_assert (keyid_cmp (pk_keyid (pk), pk->main_keyid) == 0);
+ log_assert (keyid_cmp (pk_keyid (pk), pk_main_keyid (pk)) == 0);
/* Make sure _tofu_GET_TRUST_ERROR isn't equal to any of the trust
levels. */
@@ -2877,7 +2877,7 @@ tofu_register_signature (ctrl_t ctrl,
if (rc)
return rc;
- log_assert (keyid_cmp (pk_keyid (pk), pk->main_keyid) == 0);
+ log_assert (keyid_cmp (pk_keyid (pk), pk_main_keyid (pk)) == 0);
sig_digest = make_radix64_string (sig_digest_bin, sig_digest_bin_len);
fingerprint = hexfingerprint (pk, NULL, 0);
@@ -3020,12 +3020,14 @@ tofu_register_encryption (ctrl_t ctrl,
return rc;
}
- /* Make sure PK is a primary key. */
- if (keyid_cmp (pk_keyid (pk), pk->main_keyid) != 0
+ if (/* We need the key block to find the primary key. */
+ keyid_cmp (pk_keyid (pk), pk_main_keyid (pk)) != 0
+ /* We need the key block to find all user ids. */
|| user_id_list)
kb = get_pubkeyblock (pk->keyid);
- if (keyid_cmp (pk_keyid (pk), pk->main_keyid) != 0)
+ /* Make sure PK is a primary key. */
+ if (keyid_cmp (pk_keyid (pk), pk_main_keyid (pk)) != 0)
pk = kb->pkt->pkt.public_key;
if (! user_id_list)
@@ -3345,8 +3347,7 @@ tofu_set_policy (ctrl_t ctrl, kbnode_t kb, enum tofu_policy policy)
if (DBG_TRUST)
log_debug ("Setting TOFU policy for %s to %s\n",
keystr (pk->keyid), tofu_policy_str (policy));
- if (! (pk->main_keyid[0] == pk->keyid[0]
- && pk->main_keyid[1] == pk->keyid[1]))
+ if (keyid_cmp (pk_main_keyid (pk), pk_keyid (pk)) != 0)
log_bug ("%s: Passed a subkey, but expecting a primary key.\n", __func__);
fingerprint = hexfingerprint (pk, NULL, 0);
-----------------------------------------------------------------------
Summary of changes:
g10/tofu.c | 58 ++++++++++++++++++++++++++++++++++++++--------------------
1 file changed, 38 insertions(+), 20 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list