diff options
| author | Werner Koch <[email protected]> | 2003-09-23 17:48:33 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2003-09-23 17:48:33 +0000 |
| commit | 4c66e94ff91d680eaf1d9c48a62d66d1951f90ef (patch) | |
| tree | 66ede04edbfe1c45eece46e852093282832f8312 /g10/trustdb.c | |
| parent | 2003-09-22 Timo Schulz <[email protected]> (diff) | |
| download | gnupg-4c66e94ff91d680eaf1d9c48a62d66d1951f90ef.tar.gz gnupg-4c66e94ff91d680eaf1d9c48a62d66d1951f90ef.zip | |
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
Diffstat (limited to 'g10/trustdb.c')
| -rw-r--r-- | g10/trustdb.c | 42 |
1 files changed, 35 insertions, 7 deletions
diff --git a/g10/trustdb.c b/g10/trustdb.c index 16bd96e49..864334f4f 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -591,6 +591,31 @@ trustdb_pending_check(void) return pending_check_trustdb; } +void +read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, + byte *marginals,byte *completes,byte *cert_depth) +{ + TRUSTREC opts; + + init_trustdb(); + + read_record(0,&opts,RECTYPE_VER); + + if(trust_model) + *trust_model=opts.r.ver.trust_model; + if(created) + *created=opts.r.ver.created; + if(nextcheck) + *nextcheck=opts.r.ver.nextcheck; + if(marginals) + *marginals=opts.r.ver.marginals; + if(completes) + *completes=opts.r.ver.completes; + if(cert_depth) + *cert_depth=opts.r.ver.cert_depth; +} + + /*********************************************** *********** Ownertrust et al. **************** @@ -1573,10 +1598,14 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist, signed (but not self-signed) uid does carry trust, of a sort, even if it is a statement being made by people other than the key owner "through" the uids on the key owner's key. I'm - going with the latter. -dshaw */ + going with the latter. However, if the user ID was + explicitly revoked, or passively allowed to expire, that + should stop validity through the user ID until it is + resigned. -dshaw */ - /* && node->pkt->pkt.user_id->created) */ - if (node->pkt->pkttype == PKT_USER_ID) + if (node->pkt->pkttype == PKT_USER_ID + && !node->pkt->pkt.user_id->is_revoked + && !node->pkt->pkt.user_id->is_expired) { if (uidnode && issigned) { @@ -1590,12 +1619,11 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist, } uidnode = node; uid=uidnode->pkt->pkt.user_id; -#if 0 - /* If the selfsig is going to expire... This is disabled as - we do count un-self-signed uids in the web of trust. */ + + /* If the selfsig is going to expire... */ if(uid->expiredate && uid->expiredate<*next_expire) *next_expire = uid->expiredate; -#endif + issigned = 0; get_validity_counts(pk,uid); mark_usable_uid_certs (kb, uidnode, main_kid, klist, |