[git] GnuPG - branch, master, updated. gnupg-2.1.18-53-g769272b

by Neal H. Walfield cvs at cvs.gnupg.org
Thu Feb 2 14:24:58 CET 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  769272ba87f282a69e8d5f9bb27c86e6bec4496b (commit)
      from  a08c781739e7561093f32b732c4991f2bd817ec2 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 769272ba87f282a69e8d5f9bb27c86e6bec4496b
Author: Neal H. Walfield <neal at g10code.com>
Date:   Thu Feb 2 14:24:38 2017 +0100

    gpg: Ensure TOFU bindings associated with UTKs are registered as usual
    
    * g10/tofu.c (get_trust): Call get_policy before short-circuiting the
    policy lookup for ultimately trusted keys to make sure the binding is
    added to the bindings table, if necessary.
    
    Signed-off-by: Neal H. Walfield <neal at g10code.com>
    GnuPG-bug-id: 2929

diff --git a/g10/tofu.c b/g10/tofu.c
index 41bdd5f..85347bb 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -2306,7 +2306,11 @@ build_conflict_set (tofu_dbs_t dbs,
 /* Return the effective policy for the binding <FINGERPRINT, EMAIL>
  * (email has already been normalized) and any conflict information in
  * *CONFLICT_SETP, if CONFLICT_SETP is not NULL.  Returns
- * _tofu_GET_POLICY_ERROR if an error occurs.  */
+ * _tofu_GET_POLICY_ERROR if an error occurs.
+ *
+ * This function registers the binding in the bindings table if it has
+ * not yet been registered.
+ */
 static enum tofu_policy
 get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
             const char *fingerprint, const char *user_id, const char *email,
@@ -2677,6 +2681,14 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
               && _tofu_GET_TRUST_ERROR != TRUST_FULLY
               && _tofu_GET_TRUST_ERROR != TRUST_ULTIMATE);
 
+  begin_transaction (ctrl, 0);
+  in_transaction = 1;
+
+  /* We need to call get_policy even if the key is ultimately trusted
+   * to make sure the binding has been registered.  */
+  policy = get_policy (dbs, pk, fingerprint, user_id, email,
+                       &conflict_set, now);
+
   /* If the key is ultimately trusted, there is nothing to do.  */
   {
     u32 kid[2];
@@ -2690,11 +2702,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
       }
   }
 
-  begin_transaction (ctrl, 0);
-  in_transaction = 1;
-
-  policy = get_policy (dbs, pk, fingerprint, user_id, email,
-                       &conflict_set, now);
   if (policy == TOFU_POLICY_AUTO)
     {
       policy = opt.tofu_default_policy;

-----------------------------------------------------------------------

Summary of changes:
 g10/tofu.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list