gpg --trust-model=always sometimes fails with fatal error as of 1.4.16
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jan 15 05:11:02 CET 2014
Control: affects 735363 signing-party
re: http://bugs.debian.org/735363 -- "Fatal error/non-zero exit code
returned when --trust-model=always used"
(filed in debian against gpg 1.4.16)
caff (from debian's signing-party package) also fails with the recent
change to gnupg's behavior when --trust-model=always is set (the symptom
in caff is an endless stream of errors like:
Could not import 0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 into temporary
gnupg.
Caff seems to be invoking gpg like this:
/usr/bin/gpg --batch --no-tty --homedir /tmp/caff-0EE5BE979282D80B9F7540F1CCD2ED94D21739E9-dNk5a --status-fd 5 --no-auto-check-trustdb --trust-model=always --import
It seems i can replicate the problem with:
PGPID=0EE5BE979282D80B9F7540F1CCD2ED94D21739E9
mkdir -m 0700 -p /tmp/fake-gpg
gpg --export $PGPID | gpg --trust-model=always --homedir /tmp/fake-gpg --import
but subsequent invocations of:
gpg --export $PGPID | gpg --trust-model=always --homedir /tmp/fake-gpg --import
do not fail (presumably because they do not modify pubring.gpg, as the
first import was already actually imported successfully).
The change seems to be related to upstream's relatively recent change
2528178e7e2fac6454dd988121167305db7c71d9 (replicated below), which from
the comment log appears to try to address the issue, but maybe missed a
corner case.
Werner, perhaps you can comment on this?
commit 2528178e7e2fac6454dd988121167305db7c71d9
Author: Werner Koch <wk at gnupg.org>
Date: Fri Oct 11 09:25:58 2013 +0200
gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
* g10/trustdb.c (trustdb_args): Add field no_trustdb.
(init_trustdb): Set that field.
(revalidation_mark): Take care of a nonexistent trustdb file.
(read_trust_options): Ditto.
(get_ownertrust): Ditto.
(get_min_ownertrust): Ditto.
(update_ownertrust): Ditto.
(update_min_ownertrust): Ditto.
(clear_ownertrusts): Ditto.
(cache_disabled_value): Ditto.
(check_trustdb_stale): Ditto.
(get_validity): Ditto.
* g10/gpg.c (main): Do not create a trustdb with most commands for
trust-model always.
--
This slightly changes the semantics of most commands in that they
won't create a trustdb if --trust-model=always is used. It just does
not make sense to create a trustdb if there is no need for it.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 1a0eeaacd1bf09fe5125dbc3f56016bc20f3512e)
Resolved conflicts:
g10/gpg.c
g10/tdbio.h
g10/trustdb.c
(indentation fixes)
diff --git a/NEWS b/NEWS
index ca4bfca..ad3471e 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
Noteworthy changes in version 1.4.16 (unreleased)
-------------------------------------------------
+ * Do not create a trustdb file if --trust-model=always is used.
+
Noteworthy changes in version 1.4.15 (2013-10-04)
-------------------------------------------------
diff --git a/g10/gpg.c b/g10/gpg.c
index b310308..ca120ab 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -3318,14 +3318,12 @@ main (int argc, char **argv )
case aFixTrustDB:
case aExportOwnerTrust: rc = setup_trustdb( 0, trustdb_name ); break;
case aListTrustDB: rc = setup_trustdb( argc? 1:0, trustdb_name ); break;
- case aEncr:
- case aEncrFiles:
- /* No need to create the trust model if we are using the
+ default:
+ /* No need to create the trust model if we are using the
* always trust model. */
rc = setup_trustdb (opt.trust_model != TM_ALWAYS, trustdb_name);
break;
- default: rc = setup_trustdb(1, trustdb_name ); break;
- }
+ }
if( rc )
log_error(_("failed to initialize the TrustDB: %s\n"), g10_errstr(rc));
diff --git a/g10/tdbio.c b/g10/tdbio.c
index 4f02ff9..f109dde 100644
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@@ -471,7 +471,7 @@ create_version_record (void)
int
-tdbio_set_dbname( const char *new_dbname, int create )
+tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
{
char *fname;
static int initialized = 0;
@@ -481,6 +481,8 @@ tdbio_set_dbname( const char *new_dbname, int create )
initialized = 1;
}
+ *r_nofile = 0;
+
if(new_dbname==NULL)
fname=make_filename(opt.homedir,"trustdb" EXTSEP_S "gpg", NULL);
else if (*new_dbname != DIRSEP_C )
@@ -499,7 +501,9 @@ tdbio_set_dbname( const char *new_dbname, int create )
xfree(fname);
return G10ERR_TRUSTDB;
}
- if( create ) {
+ if (!create)
+ *r_nofile = 1;
+ else {
FILE *fp;
TRUSTREC rec;
int rc;
diff --git a/g10/tdbio.h b/g10/tdbio.h
index 39e8cba..dd6e9d3 100644
--- a/g10/tdbio.h
+++ b/g10/tdbio.h
@@ -90,7 +90,7 @@ typedef struct trust_record TRUSTREC;
/*-- tdbio.c --*/
int tdbio_update_version_record(void);
-int tdbio_set_dbname( const char *new_dbname, int create );
+int tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile);
const char *tdbio_get_dbname(void);
void tdbio_dump_record( TRUSTREC *rec, FILE *fp );
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 24d675b..0bf92e4 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -48,7 +48,7 @@
/*
* A structure to store key identification as well as some stuff needed
- * for validation
+ * for validation
*/
struct key_item {
struct key_item *next;
@@ -64,7 +64,7 @@ typedef struct key_item **KeyHashTable; /* see new_key_hash_table() */
/*
* Structure to keep track of keys, this is used as an array wherre
- * the item right after the last one has a keyblock set to NULL.
+ * the item right after the last one has a keyblock set to NULL.
* Maybe we can drop this thing and replace it by key_item
*/
struct key_array {
@@ -77,6 +77,7 @@ static struct {
int init;
int level;
char *dbname;
+ int no_trustdb; /* Set if a trustdb file is not available. */
} trustdb_args;
/* some globals */
@@ -96,7 +97,7 @@ static struct key_item *
new_key_item (void)
{
struct key_item *k;
-
+
k = xmalloc_clear (sizeof *k);
return k;
}
@@ -118,11 +119,11 @@ release_key_items (struct key_item *k)
* For fast keylook up we need a hash table. Each byte of a KeyIDs
* should be distributed equally over the 256 possible values (except
* for v3 keyIDs but we consider them as not important here). So we
- * can just use 10 bits to index a table of 1024 key items.
+ * can just use 10 bits to index a table of 1024 key items.
* Possible optimization: Don not use key_items but other hash_table when the
- * duplicates lists gets too large.
+ * duplicates lists gets too large.
*/
-static KeyHashTable
+static KeyHashTable
new_key_hash_table (void)
{
struct key_item **tbl;
@@ -143,7 +144,7 @@ release_key_hash_table (KeyHashTable tbl)
xfree (tbl);
}
-/*
+/*
* Returns: True if the keyID is in the given hash table
*/
static int
@@ -168,7 +169,7 @@ add_key_hash_table (KeyHashTable tbl, u32 *kid)
for (k = tbl[(kid[1] & 0x03ff)]; k; k = k->next)
if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
return; /* already in table */
-
+
kk = new_key_item ();
kk->kid[0] = kid[0];
kk->kid[1] = kid[1];
@@ -238,7 +239,7 @@ add_utk (u32 *kid)
{
struct key_item *k;
- for (k = utk_list; k; k = k->next)
+ for (k = utk_list; k; k = k->next)
{
if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
{
@@ -273,15 +274,15 @@ verify_own_keys(void)
return;
/* scan the trustdb to find all ultimately trusted keys */
- for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ )
+ for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ )
{
- if ( rec.rectype == RECTYPE_TRUST
+ if ( rec.rectype == RECTYPE_TRUST
&& (rec.r.trust.ownertrust & TRUST_MASK) == TRUST_ULTIMATE)
{
byte *fpr = rec.r.trust.fingerprint;
int fprlen;
u32 kid[2];
-
+
/* Problem: We do only use fingerprints in the trustdb but
* we need the keyID here to indetify the key; we can only
* use that ugly hack to distinguish between 16 and 20
@@ -297,9 +298,9 @@ verify_own_keys(void)
}
/* Put any --trusted-key keys into the trustdb */
- for (k = user_utk_list; k; k = k->next)
+ for (k = user_utk_list; k; k = k->next)
{
- if ( add_utk (k->kid) )
+ if ( add_utk (k->kid) )
{ /* not yet in trustDB as ultimately trusted */
PKT_public_key pk;
@@ -445,7 +446,7 @@ init_trustdb()
if(level==0 || level==1)
{
- int rc = tdbio_set_dbname( dbname, !!level );
+ int rc = tdbio_set_dbname (dbname, !!level, &trustdb_args.no_trustdb);
if( rc )
log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
}
@@ -496,7 +497,7 @@ init_trustdb()
static int
trust_letter (unsigned int value)
{
- switch( (value & TRUST_MASK) )
+ switch( (value & TRUST_MASK) )
{
case TRUST_UNKNOWN: return '-';
case TRUST_EXPIRED: return 'e';
@@ -545,7 +546,7 @@ uid_trust_string_fixed(PKT_public_key *key,PKT_user_id *uid)
const char *
trust_value_to_string (unsigned int value)
{
- switch( (value & TRUST_MASK) )
+ switch( (value & TRUST_MASK) )
{
case TRUST_UNKNOWN: return _("unknown");
case TRUST_EXPIRED: return _("expired");
@@ -614,7 +615,7 @@ check_trustdb ()
/*
- * Recreate the WoT.
+ * Recreate the WoT.
*/
void
update_trustdb()
@@ -631,6 +632,9 @@ void
revalidation_mark (void)
{
init_trustdb();
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ return;
+
/* we simply set the time for the next check to 1 (far back in 1970)
* so that a --update-trustdb will be scheduled */
if (tdbio_write_nextcheck (1))
@@ -666,8 +670,10 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
TRUSTREC opts;
init_trustdb();
-
- read_record(0,&opts,RECTYPE_VER);
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ memset (&opts, 0, sizeof opts);
+ else
+ read_record(0,&opts,RECTYPE_VER);
if(trust_model)
*trust_model=opts.r.ver.trust_model;
@@ -689,29 +695,29 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
*********** Ownertrust et al. ****************
***********************************************/
-static int
+static int
read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
{
int rc;
-
+
init_trustdb();
rc = tdbio_search_trust_bypk (pk, rec);
if (rc == -1)
return -1; /* no record yet */
- if (rc)
+ if (rc)
{
log_error ("trustdb: searching trust record failed: %s\n",
g10_errstr (rc));
- return rc;
+ return rc;
}
-
+
if (rec->rectype != RECTYPE_TRUST)
{
log_error ("trustdb: record %lu is not a trust record\n",
rec->recnum);
- return G10ERR_TRUSTDB;
- }
-
+ return G10ERR_TRUSTDB;
+ }
+
return 0;
}
@@ -719,16 +725,19 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
* Return the assigned ownertrust value for the given public key.
* The key should be the primary key.
*/
-unsigned int
+unsigned int
get_ownertrust ( PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
-
+
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ return TRUST_UNKNOWN;
+
rc = read_trust_record (pk, &rec);
if (rc == -1)
return TRUST_UNKNOWN; /* no record yet */
- if (rc)
+ if (rc)
{
tdbio_invalid ();
return rc; /* actually never reached */
@@ -737,16 +746,19 @@ get_ownertrust ( PKT_public_key *pk)
return rec.r.trust.ownertrust;
}
-unsigned int
+unsigned int
get_min_ownertrust (PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
-
+
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ return TRUST_UNKNOWN;
+
rc = read_trust_record (pk, &rec);
if (rc == -1)
return TRUST_UNKNOWN; /* no record yet */
- if (rc)
+ if (rc)
{
tdbio_invalid ();
return rc; /* actually never reached */
@@ -809,7 +821,10 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
{
TRUSTREC rec;
int rc;
-
+
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ return;
+
rc = read_trust_record (pk, &rec);
if (!rc)
{
@@ -841,7 +856,7 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
do_sync ();
rc = 0;
}
- else
+ else
{
tdbio_invalid ();
}
@@ -854,6 +869,9 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
TRUSTREC rec;
int rc;
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ return;
+
pk = xmalloc_clear (sizeof *pk);
rc = get_pubkey (pk, kid);
if (rc)
@@ -895,7 +913,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
do_sync ();
rc = 0;
}
- else
+ else
{
tdbio_invalid ();
}
@@ -908,7 +926,10 @@ clear_ownertrusts (PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
-
+
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ return 0;
+
rc = read_trust_record (pk, &rec);
if (!rc)
{
@@ -936,8 +957,8 @@ clear_ownertrusts (PKT_public_key *pk)
return 0;
}
-/*
- * Note: Caller has to do a sync
+/*
+ * Note: Caller has to do a sync
*/
static void
update_validity (PKT_public_key *pk, PKT_user_id *uid,
@@ -956,7 +977,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
return;
}
if (rc == -1) /* no record yet - create a new one */
- {
+ {
size_t dummy;
rc = 0;
@@ -1011,6 +1032,8 @@ cache_disabled_value(PKT_public_key *pk)
return (pk->is_disabled==2);
init_trustdb();
+ if (trustdb_args.no_trustdb)
+ return 0; /* No trustdb => not disabled. */
rc = read_trust_record (pk, &trec);
if (rc && rc != -1)
@@ -1020,10 +1043,10 @@ cache_disabled_value(PKT_public_key *pk)
}
if (rc == -1) /* no record found, so assume not disabled */
goto leave;
-
+
if(trec.r.trust.ownertrust & TRUST_FLAG_DISABLED)
disabled=1;
-
+
/* Cache it for later so we don't need to look at the trustdb every
time */
if(disabled)
@@ -1041,6 +1064,9 @@ check_trustdb_stale(void)
static int did_nextcheck=0;
init_trustdb ();
+ if (trustdb_args.no_trustdb)
+ return; /* No trustdb => can't be stale. */
+
if (!did_nextcheck
&& (opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC))
{
@@ -1051,7 +1077,7 @@ check_trustdb_stale(void)
if ((scheduled && scheduled <= make_timestamp ())
|| pending_check_trustdb)
{
- if (opt.no_auto_check_trustdb)
+ if (opt.no_auto_check_trustdb)
{
pending_check_trustdb = 1;
log_info (_("please do a --check-trustdb\n"));
@@ -1068,7 +1094,7 @@ check_trustdb_stale(void)
/*
* Return the validity information for PK. If the namehash is not
* NULL, the validity of the corresponsing user ID is returned,
- * otherwise, a reasonable value for the entire key is returned.
+ * otherwise, a reasonable value for the entire key is returned.
*/
unsigned int
get_validity (PKT_public_key *pk, PKT_user_id *uid)
@@ -1084,6 +1110,14 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
namehash_from_uid(uid);
init_trustdb ();
+
+ /* If we have no trustdb (which also means it has not been created)
+ and the trust-model is always, we don't know the validity -
+ return immediately. If we won't do that the tdbio code would try
+ to open the trustdb and run into a fatal error. */
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ return TRUST_UNKNOWN;
+
check_trustdb_stale();
keyid_from_pk (pk, kid);
@@ -1097,7 +1131,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
log_error ("error getting main key %s of subkey %s: %s\n",
tempkeystr, keystr(kid), g10_errstr(rc));
xfree(tempkeystr);
- validity = TRUST_UNKNOWN;
+ validity = TRUST_UNKNOWN;
goto leave;
}
}
@@ -1120,7 +1154,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
}
if (rc == -1) /* no record found */
{
- validity = TRUST_UNKNOWN;
+ validity = TRUST_UNKNOWN;
goto leave;
}
@@ -1153,7 +1187,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
recno = vrec.r.valid.next;
}
-
+
if ( (trec.r.trust.ownertrust & TRUST_FLAG_DISABLED) )
{
validity |= TRUST_FLAG_DISABLED;
@@ -1172,7 +1206,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
* I initially designed it that way */
if (main_pk->has_expired || pk->has_expired)
validity = (validity & ~TRUST_MASK) | TRUST_EXPIRED;
-
+
if (pending_check_trustdb)
validity |= TRUST_FLAG_PENDING_CHECK;
@@ -1307,7 +1341,7 @@ ask_ownertrust (u32 *kid,int minimum)
keystr(kid), g10_errstr(rc) );
return TRUST_UNKNOWN;
}
-
+
if(opt.force_ownertrust)
{
log_info("force trust for key %s to %s\n",
@@ -1380,7 +1414,7 @@ dump_key_array (int depth, struct key_array *keys)
}
}
}
-}
+}
static void
@@ -1403,7 +1437,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
status = TRUST_UNDEFINED;
else
status = 0;
-
+
if (status)
{
update_validity (keyblock->pkt->pkt.public_key,
@@ -1418,7 +1452,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
if (any)
do_sync ();
-}
+}
/*
* check whether the signature sig is in the klist k
@@ -1450,7 +1484,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
{
KBNODE node;
PKT_signature *sig;
-
+
/* first check all signatures */
for (node=uidnode->next; node; node = node->next)
{
@@ -1483,7 +1517,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
continue;
}
node->flag |= 1<<9;
- }
+ }
/* reset the remaining flags */
for (; node; node = node->next)
node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12);
@@ -1531,7 +1565,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
older: if signode was older then we don't want to take n
as signode is nonrevocable. If n was older then we're
automatically fine. */
-
+
if(((IS_UID_SIG(signode->pkt->pkt.signature) &&
!signode->pkt->pkt.signature->flags.revocable &&
(signode->pkt->pkt.signature->expiredate==0 ||
@@ -1547,7 +1581,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
n was older then we don't want to take signode as n is
nonrevocable. If signode was older then we're
automatically fine. */
-
+
if((!(IS_UID_SIG(signode->pkt->pkt.signature) &&
!signode->pkt->pkt.signature->flags.revocable &&
(signode->pkt->pkt.signature->expiredate==0 ||
@@ -1578,7 +1612,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
sig = signode->pkt->pkt.signature;
if (IS_UID_SIG (sig))
- { /* this seems to be a usable one which is not revoked.
+ { /* this seems to be a usable one which is not revoked.
* Just need to check whether there is an expiration time,
* We do the expired certification after finding a suitable
* certification, the assumption is that a signator does not
@@ -1587,7 +1621,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
* different expiration time */
const byte *p;
u32 expire;
-
+
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
expire = p? sig->timestamp + buffer_to_u32(p) : 0;
@@ -1674,7 +1708,7 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only)
delete_kbnode(node);
deleted++;
}
-
+
return deleted;
}
@@ -1931,7 +1965,7 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
{
if (uid->help_full_count >= opt.completes_needed
|| uid->help_marginal_count >= opt.marginals_needed )
- uidnode->flag |= 4;
+ uidnode->flag |= 4;
else if (uid->help_full_count || uid->help_marginal_count)
uidnode->flag |= 2;
uidnode->flag |= 1;
@@ -1946,7 +1980,7 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
issigned = 0;
get_validity_counts(pk,uid);
- mark_usable_uid_certs (kb, uidnode, main_kid, klist,
+ mark_usable_uid_certs (kb, uidnode, main_kid, klist,
curtime, next_expire);
}
else if (node->pkt->pkttype == PKT_SIGNATURE
@@ -1954,7 +1988,7 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
{
/* Note that we are only seeing unrevoked sigs here */
PKT_signature *sig = node->pkt->pkt.signature;
-
+
kr = is_in_klist (klist, sig);
/* If the trust_regexp does not match, it's as if the sig
did not exist. This is safe for non-trust sigs as well
@@ -2047,7 +2081,7 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
{
if (uid->help_full_count >= opt.completes_needed
|| uid->help_marginal_count >= opt.marginals_needed )
- uidnode->flag |= 4;
+ uidnode->flag |= 4;
else if (uid->help_full_count || uid->help_marginal_count)
uidnode->flag |= 2;
uidnode->flag |= 1;
@@ -2070,7 +2104,7 @@ search_skipfnc (void *opaque, u32 *kid, PKT_user_id *dummy)
* kllist. The caller has to pass keydb handle so that we don't use
* to create our own. Returns either a key_array or NULL in case of
* an error. No results found are indicated by an empty array.
- * Caller hast to release the returned array.
+ * Caller hast to release the returned array.
*/
static struct key_array *
validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
@@ -2081,11 +2115,11 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
size_t nkeys, maxkeys;
int rc;
KEYDB_SEARCH_DESC desc;
-
+
maxkeys = 1000;
keys = xmalloc ((maxkeys+1) * sizeof *keys);
nkeys = 0;
-
+
rc = keydb_search_reset (hd);
if (rc)
{
@@ -2110,21 +2144,21 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
xfree (keys);
return NULL;
}
-
+
desc.mode = KEYDB_SEARCH_MODE_NEXT; /* change mode */
do
{
PKT_public_key *pk;
-
+
rc = keydb_get_keyblock (hd, &keyblock);
- if (rc)
+ if (rc)
{
log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
xfree (keys);
return NULL;
}
-
- if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY)
+
+ if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY)
{
log_debug ("ooops: invalid pkttype %d encountered\n",
keyblock->pkt->pkttype);
@@ -2134,7 +2168,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
}
/* prepare the keyblock for further processing */
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (keyblock);
clear_kbnode_flags (keyblock);
pk = keyblock->pkt->pkt.public_key;
if (pk->has_expired || pk->is_revoked)
@@ -2171,9 +2205,9 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
release_kbnode (keyblock);
keyblock = NULL;
- }
+ }
while ( !(rc = keydb_search (hd, &desc, 1)) );
- if (rc && rc != -1)
+ if (rc && rc != -1)
{
log_error ("keydb_search_next failed: %s\n", g10_errstr(rc));
xfree (keys);
@@ -2182,7 +2216,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
keys[nkeys].keyblock = NULL;
return keys;
-}
+}
/* Caller must sync */
static void
@@ -2192,7 +2226,7 @@ reset_trust_records(void)
ulong recnum;
int count = 0, nreset = 0;
- for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ )
+ for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ )
{
if(rec.rectype==RECTYPE_TRUST)
{
@@ -2231,7 +2265,7 @@ reset_trust_records(void)
* Step 2: loop max_cert_times
* Step 3: if OWNERTRUST of any key in klist is undefined
* ask user to assign ownertrust
- * Step 4: Loop over all keys in the keyDB which are not marked seen
+ * Step 4: Loop over all keys in the keyDB which are not marked seen
* Step 5: if key is revoked or expired
* mark key as seen
* continue loop at Step 4
@@ -2243,7 +2277,7 @@ reset_trust_records(void)
* End Loop
* Step 8: Build a new klist from all fully trusted keys from step 6
* End Loop
- * Ready
+ * Ready
*
*/
static int
@@ -2313,7 +2347,7 @@ validate_keys (int interactive)
if ( pk->expiredate && pk->expiredate >= start_time
&& pk->expiredate < next_expire)
next_expire = pk->expiredate;
-
+
release_kbnode (keyblock);
do_sync ();
}
@@ -2389,7 +2423,7 @@ validate_keys (int interactive)
/* Find all keys which are signed by a key in kdlist */
keys = validate_key_list (kdb, full_trust, klist,
start_time, &next_expire);
- if (!keys)
+ if (!keys)
{
log_error ("validate_key_list failed\n");
rc = G10ERR_GENERAL;
@@ -2407,9 +2441,9 @@ validate_keys (int interactive)
store_validation_status (depth, kar->keyblock, stored);
log_info (_("depth: %d valid: %3d signed: %3d"
- " trust: %d-, %dq, %dn, %dm, %df, %du\n"),
+ " trust: %d-, %dq, %dn, %dm, %df, %du\n"),
depth, valids, key_count, ot_unknown, ot_undefined,
- ot_never, ot_marginal, ot_full, ot_ultimate );
+ ot_never, ot_marginal, ot_full, ot_ultimate );
/* Build a new kdlist from all fully valid keys in KEYS */
if (klist != utk_list)
@@ -2471,10 +2505,10 @@ validate_keys (int interactive)
if (!rc && !quit) /* mark trustDB as checked */
{
if (next_expire == 0xffffffff || next_expire < start_time )
- tdbio_write_nextcheck (0);
+ tdbio_write_nextcheck (0);
else
{
- tdbio_write_nextcheck (next_expire);
+ tdbio_write_nextcheck (next_expire);
log_info (_("next trustdb check due at %s\n"),
strtimestamp (next_expire));
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20140114/3c377244/attachment-0001.sig>
More information about the Gnupg-devel
mailing list