[git] GnuPG - branch, master, updated. gnupg-2.1.18-52-ga08c781

by Neal H. Walfield cvs at cvs.gnupg.org
Thu Feb 2 13:31:24 CET 2017


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  a08c781739e7561093f32b732c4991f2bd817ec2 (commit)
       via  027b81b35fe36692005b8dba22d9eb2db05e8c80 (commit)
       via  74268180e5a3acc827f3a369f1fe5971f3bbe285 (commit)
       via  6f9d8a956b2ca0f5a0eb7acc656fc17af2f2de47 (commit)
      from  7440119e729d3fdedda8a9b44b70f8959beea8d7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit a08c781739e7561093f32b732c4991f2bd817ec2
Author: Neal H. Walfield <neal at g10code.com>
Date:   Thu Feb 2 13:26:17 2017 +0100

    gpg: If there is a TOFU conflict, elide the too few message warning.
    
    * g10/tofu.c (tofu_get_validity): If there was a conflict, don't also
    print out a warning about too few messages.
    
    Signed-off-by: Neal H. Walfield <neal at g10code.com>

diff --git a/g10/tofu.c b/g10/tofu.c
index fc03c5a..41bdd5f 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -3694,6 +3694,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
   int bindings = 0;
   int bindings_valid = 0;
   int need_warning = 0;
+  int had_conflict = 0;
 
   dbs = opendbs (ctrl);
   if (! dbs)
@@ -3762,6 +3763,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
                * key.  */
               log_assert (conflict_set);
 
+              had_conflict = 1;
               for (iter = conflict_set; iter; iter = iter->next)
                 show_statistics (dbs, iter->d, email,
                                  TOFU_POLICY_ASK, NULL, 1, now);
@@ -3794,7 +3796,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
       xfree (email);
     }
 
-  if (need_warning)
+  if (need_warning && ! had_conflict)
     show_warning (fingerprint, user_id_list);
 
  die:

commit 027b81b35fe36692005b8dba22d9eb2db05e8c80
Author: Neal H. Walfield <neal at g10code.com>
Date:   Thu Feb 2 13:24:57 2017 +0100

    gpg: Only print out TOFU statistics for conflicts in interactive mode
    
    * g10/tofu.c (get_trust): Add arguments POLICYP and CONFLICT_SETP.  If
    they are not NULL, return the policy and conflict set (if there is
    one), respectively.  Update callers.  If MAY_ASK is FALSE, don't print
    out the statistics.
    (tofu_register_encryption): If there is a conflict and we haven't yet
    printed the statistics about the conflicting bindings, do so now.
    (tofu_get_validity): Likewise.
    
    Signed-off-by: Neal H. Walfield <neal at g10code.com>
    GnuPG-bug-id: 2914

diff --git a/g10/tofu.c b/g10/tofu.c
index 9f5f406..fc03c5a 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -2644,7 +2644,9 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
 static enum tofu_policy
 get_trust (ctrl_t ctrl, PKT_public_key *pk,
            const char *fingerprint, const char *email,
-	   const char *user_id, int may_ask, time_t now)
+           const char *user_id, int may_ask,
+           enum tofu_policy *policyp, strlist_t *conflict_setp,
+           time_t now)
 {
   tofu_dbs_t dbs = ctrl->tofu.dbs;
   int in_transaction = 0;
@@ -2683,6 +2685,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
     if (tdb_keyid_is_utk (kid))
       {
         trust_level = TRUST_ULTIMATE;
+        policy = TOFU_POLICY_GOOD;
         goto out;
       }
   }
@@ -2690,7 +2693,8 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
   begin_transaction (ctrl, 0);
   in_transaction = 1;
 
-  policy = get_policy (dbs, pk, fingerprint, user_id, email, &conflict_set, now);
+  policy = get_policy (dbs, pk, fingerprint, user_id, email,
+                       &conflict_set, now);
   if (policy == TOFU_POLICY_AUTO)
     {
       policy = opt.tofu_default_policy;
@@ -2758,10 +2762,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
     }
   else
     {
-      for (iter = conflict_set; iter; iter = iter->next)
-        show_statistics (dbs, iter->d, email,
-                         TOFU_POLICY_ASK, NULL, 1, now);
-
       trust_level = TRUST_UNDEFINED;
     }
 
@@ -2807,7 +2807,13 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
   if (in_transaction)
     end_transaction (ctrl, 0);
 
-  free_strlist (conflict_set);
+  if (policyp)
+    *policyp = policy;
+
+  if (conflict_setp)
+    *conflict_setp = conflict_set;
+  else
+    free_strlist (conflict_set);
 
   return trust_level;
 }
@@ -3326,7 +3332,8 @@ tofu_register_signature (ctrl_t ctrl,
 
       /* Make sure the binding exists and record any TOFU
          conflicts.  */
-      if (get_trust (ctrl, pk, fingerprint, email, user_id->d, 0, now)
+      if (get_trust (ctrl, pk, fingerprint, email, user_id->d,
+                     0, NULL, NULL, now)
           == _tofu_GET_TRUST_ERROR)
         {
           rc = gpg_error (GPG_ERR_GENERAL);
@@ -3492,11 +3499,13 @@ tofu_register_encryption (ctrl_t ctrl,
   for (user_id = user_id_list; user_id; user_id = user_id->next)
     {
       char *email = email_from_user_id (user_id->d);
+      strlist_t conflict_set = NULL;
+      enum tofu_policy policy;
 
       /* Make sure the binding exists and that we recognize any
          conflicts.  */
       int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d,
-                          may_ask, now);
+                          may_ask, &policy, &conflict_set, now);
       if (tl == _tofu_GET_TRUST_ERROR)
         {
           /* An error.  */
@@ -3505,6 +3514,28 @@ tofu_register_encryption (ctrl_t ctrl,
           goto die;
         }
 
+
+      /* If there is a conflict and MAY_ASK is true, we need to show
+       * the TOFU statistics for the current binding and the
+       * conflicting bindings.  But, if we are not in batch mode, then
+       * they have already been printed (this is required to make sure
+       * the information is available to the caller before cpr_get is
+       * called).  */
+      if (policy == TOFU_POLICY_ASK && may_ask && opt.batch)
+        {
+          strlist_t iter;
+
+          /* The conflict set should contain at least the current
+           * key.  */
+          log_assert (conflict_set);
+
+          for (iter = conflict_set; iter; iter = iter->next)
+            show_statistics (dbs, iter->d, email,
+                             TOFU_POLICY_ASK, NULL, 1, now);
+        }
+
+      free_strlist (conflict_set);
+
       rc = gpgsql_stepx
         (dbs->db, &dbs->s.register_encryption, NULL, NULL, &err,
          "insert into encryptions\n"
@@ -3681,11 +3712,13 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
   for (user_id = user_id_list; user_id; user_id = user_id->next, bindings ++)
     {
       char *email = email_from_user_id (user_id->d);
+      strlist_t conflict_set = NULL;
+      enum tofu_policy policy;
 
       /* Always call get_trust to make sure the binding is
          registered.  */
       int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d,
-                          may_ask, now);
+                          may_ask, &policy, &conflict_set, now);
       if (tl == _tofu_GET_TRUST_ERROR)
         {
           /* An error.  */
@@ -3708,13 +3741,35 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
 
       if (may_ask && tl != TRUST_ULTIMATE && tl != TRUST_EXPIRED)
         {
-          enum tofu_policy policy =
-            get_policy (dbs, pk, fingerprint, user_id->d, email, NULL, now);
+          /* If policy is ask, then we already printed out the
+           * conflict information in ask_about_binding or will do so
+           * in a moment.  */
+          if (policy != TOFU_POLICY_ASK)
+            need_warning |=
+              show_statistics (dbs, fingerprint, email, policy, NULL, 0, now);
+
+          /* If there is a conflict and MAY_ASK is true, we need to
+           * show the TOFU statistics for the current binding and the
+           * conflicting bindings.  But, if we are not in batch mode,
+           * then they have already been printed (this is required to
+           * make sure the information is available to the caller
+           * before cpr_get is called).  */
+          if (policy == TOFU_POLICY_ASK && opt.batch)
+            {
+              strlist_t iter;
 
-          need_warning |=
-            show_statistics (dbs, fingerprint, email, policy, NULL, 0, now);
+              /* The conflict set should contain at least the current
+               * key.  */
+              log_assert (conflict_set);
+
+              for (iter = conflict_set; iter; iter = iter->next)
+                show_statistics (dbs, iter->d, email,
+                                 TOFU_POLICY_ASK, NULL, 1, now);
+            }
         }
 
+      free_strlist (conflict_set);
+
       if (tl == TRUST_NEVER)
         trust_level = TRUST_NEVER;
       else if (tl == TRUST_EXPIRED)

commit 74268180e5a3acc827f3a369f1fe5971f3bbe285
Author: Neal H. Walfield <neal at g10code.com>
Date:   Thu Feb 2 11:00:51 2017 +0100

    gpg: Add newline to output.
    
    * g10/tofu.c (ask_about_binding): Add newline to output.
    
    Signed-off-by: Neal H. Walfield <neal at g10code.com>

diff --git a/g10/tofu.c b/g10/tofu.c
index 149a185..9f5f406 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -1969,7 +1969,7 @@ ask_about_binding (ctrl_t ctrl,
       else if (!response[0])
         /* Default to unknown.  Don't save it.  */
         {
-          tty_printf (_("Defaulting to unknown."));
+          tty_printf (_("Defaulting to unknown.\n"));
           *policy = TOFU_POLICY_UNKNOWN;
           break;
         }

commit 6f9d8a956b2ca0f5a0eb7acc656fc17af2f2de47
Author: Neal H. Walfield <neal at g10code.com>
Date:   Fri Jan 6 11:51:08 2017 +0100

    gpg: Remove period at end of warning.
    
    * g10/tofu.c (tofu_register_encryption): Remove period at end of
    warning.
    
    Signed-off-by: Neal H. Walfield <neal at g10code.com>

diff --git a/g10/tofu.c b/g10/tofu.c
index 8d535fa..149a185 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -3480,7 +3480,7 @@ tofu_register_encryption (ctrl_t ctrl,
 
       if (! user_id_list)
         log_info (_("WARNING: Encrypting to %s, which has no "
-                    "non-revoked user ids.\n"),
+                    "non-revoked user ids\n"),
                   keystr (pk->keyid));
     }
 

-----------------------------------------------------------------------

Summary of changes:
 g10/tofu.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 74 insertions(+), 17 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org




More information about the Gnupg-commits mailing list