aboutsummaryrefslogtreecommitdiffstats
path: root/g10/trustdb.c
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2011-02-04 11:57:53 +0000
committerWerner Koch <[email protected]>2011-02-04 11:57:53 +0000
commitb008274afdbe375b32a7e66dbd073e200f6f0587 (patch)
tree219e239d39cf06be3f03aa82fb572080ac163a15 /g10/trustdb.c
parentLet autogen.sh check the git config (diff)
downloadgnupg-b008274afdbe375b32a7e66dbd073e200f6f0587.tar.gz
gnupg-b008274afdbe375b32a7e66dbd073e200f6f0587.zip
Nuked almost all trailing white space.post-nuke-of-trailing-ws
We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
Diffstat (limited to 'g10/trustdb.c')
-rw-r--r--g10/trustdb.c176
1 files changed, 88 insertions, 88 deletions
diff --git a/g10/trustdb.c b/g10/trustdb.c
index dbd593a53..c8964323e 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -44,7 +44,7 @@
/*
* A structure to store key identification as well as some stuff needed
- * for validation
+ * for validation
*/
struct key_item {
struct key_item *next;
@@ -60,7 +60,7 @@ typedef struct key_item **KeyHashTable; /* see new_key_hash_table() */
/*
* Structure to keep track of keys, this is used as an array wherre
- * the item right after the last one has a keyblock set to NULL.
+ * the item right after the last one has a keyblock set to NULL.
* Maybe we can drop this thing and replace it by key_item
*/
struct key_array {
@@ -92,7 +92,7 @@ static struct key_item *
new_key_item (void)
{
struct key_item *k;
-
+
k = xmalloc_clear (sizeof *k);
return k;
}
@@ -114,11 +114,11 @@ release_key_items (struct key_item *k)
* For fast keylook up we need a hash table. Each byte of a KeyIDs
* should be distributed equally over the 256 possible values (except
* for v3 keyIDs but we consider them as not important here). So we
- * can just use 10 bits to index a table of 1024 key items.
+ * can just use 10 bits to index a table of 1024 key items.
* Possible optimization: Don not use key_items but other hash_table when the
- * duplicates lists gets too large.
+ * duplicates lists gets too large.
*/
-static KeyHashTable
+static KeyHashTable
new_key_hash_table (void)
{
struct key_item **tbl;
@@ -139,7 +139,7 @@ release_key_hash_table (KeyHashTable tbl)
xfree (tbl);
}
-/*
+/*
* Returns: True if the keyID is in the given hash table
*/
static int
@@ -164,7 +164,7 @@ add_key_hash_table (KeyHashTable tbl, u32 *kid)
for (k = tbl[(kid[1] & 0x03ff)]; k; k = k->next)
if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
return; /* already in table */
-
+
kk = new_key_item ();
kk->kid[0] = kid[0];
kk->kid[1] = kid[1];
@@ -236,7 +236,7 @@ add_utk (u32 *kid)
{
struct key_item *k;
- for (k = utk_list; k; k = k->next)
+ for (k = utk_list; k; k = k->next)
{
if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
{
@@ -271,15 +271,15 @@ verify_own_keys(void)
return;
/* scan the trustdb to find all ultimately trusted keys */
- for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ )
+ for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ )
{
- if ( rec.rectype == RECTYPE_TRUST
+ if ( rec.rectype == RECTYPE_TRUST
&& (rec.r.trust.ownertrust & TRUST_MASK) == TRUST_ULTIMATE)
{
byte *fpr = rec.r.trust.fingerprint;
int fprlen;
u32 kid[2];
-
+
/* Problem: We do only use fingerprints in the trustdb but
* we need the keyID here to indetify the key; we can only
* use that ugly hack to distinguish between 16 and 20
@@ -295,9 +295,9 @@ verify_own_keys(void)
}
/* Put any --trusted-key keys into the trustdb */
- for (k = user_utk_list; k; k = k->next)
+ for (k = user_utk_list; k; k = k->next)
{
- if ( add_utk (k->kid) )
+ if ( add_utk (k->kid) )
{ /* not yet in trustDB as ultimately trusted */
PKT_public_key pk;
@@ -494,7 +494,7 @@ init_trustdb()
static int
trust_letter (unsigned int value)
{
- switch( (value & TRUST_MASK) )
+ switch( (value & TRUST_MASK) )
{
case TRUST_UNKNOWN: return '-';
case TRUST_EXPIRED: return 'e';
@@ -543,7 +543,7 @@ uid_trust_string_fixed(PKT_public_key *key,PKT_user_id *uid)
const char *
trust_value_to_string (unsigned int value)
{
- switch( (value & TRUST_MASK) )
+ switch( (value & TRUST_MASK) )
{
case TRUST_UNKNOWN: return _("unknown");
case TRUST_EXPIRED: return _("expired");
@@ -612,7 +612,7 @@ check_trustdb ()
/*
- * Recreate the WoT.
+ * Recreate the WoT.
*/
void
update_trustdb()
@@ -684,29 +684,29 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
*********** Ownertrust et al. ****************
***********************************************/
-static int
+static int
read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
{
int rc;
-
+
init_trustdb();
rc = tdbio_search_trust_bypk (pk, rec);
if (rc == -1)
return -1; /* no record yet */
- if (rc)
+ if (rc)
{
log_error ("trustdb: searching trust record failed: %s\n",
g10_errstr (rc));
- return rc;
+ return rc;
}
-
+
if (rec->rectype != RECTYPE_TRUST)
{
log_error ("trustdb: record %lu is not a trust record\n",
rec->recnum);
- return G10ERR_TRUSTDB;
- }
-
+ return G10ERR_TRUSTDB;
+ }
+
return 0;
}
@@ -714,16 +714,16 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
* Return the assigned ownertrust value for the given public key.
* The key should be the primary key.
*/
-unsigned int
+unsigned int
get_ownertrust ( PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
-
+
rc = read_trust_record (pk, &rec);
if (rc == -1)
return TRUST_UNKNOWN; /* no record yet */
- if (rc)
+ if (rc)
{
tdbio_invalid ();
return rc; /* actually never reached */
@@ -732,16 +732,16 @@ get_ownertrust ( PKT_public_key *pk)
return rec.r.trust.ownertrust;
}
-unsigned int
+unsigned int
get_min_ownertrust (PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
-
+
rc = read_trust_record (pk, &rec);
if (rc == -1)
return TRUST_UNKNOWN; /* no record yet */
- if (rc)
+ if (rc)
{
tdbio_invalid ();
return rc; /* actually never reached */
@@ -804,7 +804,7 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
{
TRUSTREC rec;
int rc;
-
+
rc = read_trust_record (pk, &rec);
if (!rc)
{
@@ -836,7 +836,7 @@ update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
do_sync ();
rc = 0;
}
- else
+ else
{
tdbio_invalid ();
}
@@ -890,7 +890,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
do_sync ();
rc = 0;
}
- else
+ else
{
tdbio_invalid ();
}
@@ -903,7 +903,7 @@ clear_ownertrusts (PKT_public_key *pk)
{
TRUSTREC rec;
int rc;
-
+
rc = read_trust_record (pk, &rec);
if (!rc)
{
@@ -931,8 +931,8 @@ clear_ownertrusts (PKT_public_key *pk)
return 0;
}
-/*
- * Note: Caller has to do a sync
+/*
+ * Note: Caller has to do a sync
*/
static void
update_validity (PKT_public_key *pk, PKT_user_id *uid,
@@ -951,7 +951,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
return;
}
if (rc == -1) /* no record yet - create a new one */
- {
+ {
size_t dummy;
rc = 0;
@@ -1016,10 +1016,10 @@ cache_disabled_value (PKT_public_key *pk)
}
if (rc == -1) /* no record found, so assume not disabled */
goto leave;
-
+
if (trec.r.trust.ownertrust & TRUST_FLAG_DISABLED)
disabled = 1;
-
+
/* Cache it for later so we don't need to look at the trustdb every
time */
pk->flags.disabled = disabled;
@@ -1044,7 +1044,7 @@ check_trustdb_stale(void)
scheduled = tdbio_read_nextcheck ();
if (scheduled && scheduled <= make_timestamp ())
{
- if (opt.no_auto_check_trustdb)
+ if (opt.no_auto_check_trustdb)
{
pending_check_trustdb = 1;
log_info (_("please do a --check-trustdb\n"));
@@ -1061,7 +1061,7 @@ check_trustdb_stale(void)
/*
* Return the validity information for PK. If the namehash is not
* NULL, the validity of the corresponsing user ID is returned,
- * otherwise, a reasonable value for the entire key is returned.
+ * otherwise, a reasonable value for the entire key is returned.
*/
unsigned int
get_validity (PKT_public_key *pk, PKT_user_id *uid)
@@ -1090,7 +1090,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
log_error ("error getting main key %s of subkey %s: %s\n",
tempkeystr, keystr(kid), g10_errstr(rc));
xfree(tempkeystr);
- validity = TRUST_UNKNOWN;
+ validity = TRUST_UNKNOWN;
goto leave;
}
}
@@ -1113,7 +1113,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
}
if (rc == -1) /* no record found */
{
- validity = TRUST_UNKNOWN;
+ validity = TRUST_UNKNOWN;
goto leave;
}
@@ -1146,7 +1146,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
recno = vrec.r.valid.next;
}
-
+
if ( (trec.r.trust.ownertrust & TRUST_FLAG_DISABLED) )
{
validity |= TRUST_FLAG_DISABLED;
@@ -1166,7 +1166,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid)
* I initially designed it that way */
if (main_pk->has_expired || pk->has_expired)
validity = (validity & ~TRUST_MASK) | TRUST_EXPIRED;
-
+
if (pending_check_trustdb)
validity |= TRUST_FLAG_PENDING_CHECK;
@@ -1179,10 +1179,10 @@ int
get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
{
int trustlevel;
-
+
if (!pk)
return '?'; /* Just in case a NULL PK is passed. */
-
+
trustlevel = get_validity (pk, uid);
if ( (trustlevel & TRUST_FLAG_REVOKED) )
return 'r';
@@ -1309,7 +1309,7 @@ ask_ownertrust (u32 *kid,int minimum)
keystr(kid), g10_errstr(rc) );
return TRUST_UNKNOWN;
}
-
+
if(opt.force_ownertrust)
{
log_info("force trust for key %s to %s\n",
@@ -1383,7 +1383,7 @@ dump_key_array (int depth, struct key_array *keys)
}
}
}
-}
+}
static void
@@ -1406,7 +1406,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
status = TRUST_UNDEFINED;
else
status = 0;
-
+
if (status)
{
update_validity (keyblock->pkt->pkt.public_key,
@@ -1421,7 +1421,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
if (any)
do_sync ();
-}
+}
/*
* check whether the signature sig is in the klist k
@@ -1453,7 +1453,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
{
KBNODE node;
PKT_signature *sig;
-
+
/* first check all signatures */
for (node=uidnode->next; node; node = node->next)
{
@@ -1486,7 +1486,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
continue;
}
node->flag |= 1<<9;
- }
+ }
/* reset the remaining flags */
for (; node; node = node->next)
node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12);
@@ -1534,7 +1534,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
older: if signode was older then we don't want to take n
as signode is nonrevocable. If n was older then we're
automatically fine. */
-
+
if(((IS_UID_SIG(signode->pkt->pkt.signature) &&
!signode->pkt->pkt.signature->flags.revocable &&
(signode->pkt->pkt.signature->expiredate==0 ||
@@ -1550,7 +1550,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
n was older then we don't want to take signode as n is
nonrevocable. If signode was older then we're
automatically fine. */
-
+
if((!(IS_UID_SIG(signode->pkt->pkt.signature) &&
!signode->pkt->pkt.signature->flags.revocable &&
(signode->pkt->pkt.signature->expiredate==0 ||
@@ -1581,7 +1581,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
sig = signode->pkt->pkt.signature;
if (IS_UID_SIG (sig))
- { /* this seems to be a usable one which is not revoked.
+ { /* this seems to be a usable one which is not revoked.
* Just need to check whether there is an expiration time,
* We do the expired certification after finding a suitable
* certification, the assumption is that a signator does not
@@ -1590,7 +1590,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
* different expiration time */
const byte *p;
u32 expire;
-
+
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
expire = p? sig->timestamp + buffer_to_u32(p) : 0;
@@ -1677,7 +1677,7 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only)
delete_kbnode(node);
deleted++;
}
-
+
return deleted;
}
@@ -1936,7 +1936,7 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
{
if (uid->help_full_count >= opt.completes_needed
|| uid->help_marginal_count >= opt.marginals_needed )
- uidnode->flag |= 4;
+ uidnode->flag |= 4;
else if (uid->help_full_count || uid->help_marginal_count)
uidnode->flag |= 2;
uidnode->flag |= 1;
@@ -1951,7 +1951,7 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
issigned = 0;
get_validity_counts(pk,uid);
- mark_usable_uid_certs (kb, uidnode, main_kid, klist,
+ mark_usable_uid_certs (kb, uidnode, main_kid, klist,
curtime, next_expire);
}
else if (node->pkt->pkttype == PKT_SIGNATURE
@@ -1959,15 +1959,15 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
{
/* Note that we are only seeing unrevoked sigs here */
PKT_signature *sig = node->pkt->pkt.signature;
-
+
kr = is_in_klist (klist, sig);
/* If the trust_regexp does not match, it's as if the sig
did not exist. This is safe for non-trust sigs as well
since we don't accept a regexp on the sig unless it's a
trust sig. */
- if (kr && (!kr->trust_regexp
- || opt.trust_model != TM_PGP
- || (uidnode
+ if (kr && (!kr->trust_regexp
+ || opt.trust_model != TM_PGP
+ || (uidnode
&& check_regexp(kr->trust_regexp,
uidnode->pkt->pkt.user_id->name))))
{
@@ -2031,7 +2031,7 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
pk->trust_value = sig->trust_value;
pk->trust_depth = depth-1;
-
+
/* If the trust sig contains a regexp, record it
on the pk for the next round. */
if (sig->trust_regexp)
@@ -2054,7 +2054,7 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
{
if (uid->help_full_count >= opt.completes_needed
|| uid->help_marginal_count >= opt.marginals_needed )
- uidnode->flag |= 4;
+ uidnode->flag |= 4;
else if (uid->help_full_count || uid->help_marginal_count)
uidnode->flag |= 2;
uidnode->flag |= 1;
@@ -2078,7 +2078,7 @@ search_skipfnc (void *opaque, u32 *kid, PKT_user_id *dummy)
* kllist. The caller has to pass keydb handle so that we don't use
* to create our own. Returns either a key_array or NULL in case of
* an error. No results found are indicated by an empty array.
- * Caller hast to release the returned array.
+ * Caller hast to release the returned array.
*/
static struct key_array *
validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
@@ -2089,11 +2089,11 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
size_t nkeys, maxkeys;
int rc;
KEYDB_SEARCH_DESC desc;
-
+
maxkeys = 1000;
keys = xmalloc ((maxkeys+1) * sizeof *keys);
nkeys = 0;
-
+
rc = keydb_search_reset (hd);
if (rc)
{
@@ -2118,21 +2118,21 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
xfree (keys);
return NULL;
}
-
+
desc.mode = KEYDB_SEARCH_MODE_NEXT; /* change mode */
do
{
PKT_public_key *pk;
-
+
rc = keydb_get_keyblock (hd, &keyblock);
- if (rc)
+ if (rc)
{
log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
xfree (keys);
return NULL;
}
-
- if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY)
+
+ if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY)
{
log_debug ("ooops: invalid pkttype %d encountered\n",
keyblock->pkt->pkttype);
@@ -2142,7 +2142,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
}
/* prepare the keyblock for further processing */
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (keyblock);
clear_kbnode_flags (keyblock);
pk = keyblock->pkt->pkt.public_key;
if (pk->has_expired || pk->flags.revoked)
@@ -2179,9 +2179,9 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
release_kbnode (keyblock);
keyblock = NULL;
- }
+ }
while ( !(rc = keydb_search (hd, &desc, 1)) );
- if (rc && rc != -1)
+ if (rc && rc != -1)
{
log_error ("keydb_search_next failed: %s\n", g10_errstr(rc));
xfree (keys);
@@ -2190,7 +2190,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
keys[nkeys].keyblock = NULL;
return keys;
-}
+}
/* Caller must sync */
static void
@@ -2200,7 +2200,7 @@ reset_trust_records(void)
ulong recnum;
int count = 0, nreset = 0;
- for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ )
+ for (recnum=1; !tdbio_read_record (recnum, &rec, 0); recnum++ )
{
if(rec.rectype==RECTYPE_TRUST)
{
@@ -2239,7 +2239,7 @@ reset_trust_records(void)
* Step 2: loop max_cert_times
* Step 3: if OWNERTRUST of any key in klist is undefined
* ask user to assign ownertrust
- * Step 4: Loop over all keys in the keyDB which are not marked seen
+ * Step 4: Loop over all keys in the keyDB which are not marked seen
* Step 5: if key is revoked or expired
* mark key as seen
* continue loop at Step 4
@@ -2251,7 +2251,7 @@ reset_trust_records(void)
* End Loop
* Step 8: Build a new klist from all fully trusted keys from step 6
* End Loop
- * Ready
+ * Ready
*
*/
static int
@@ -2321,7 +2321,7 @@ validate_keys (int interactive)
if ( pk->expiredate && pk->expiredate >= start_time
&& pk->expiredate < next_expire)
next_expire = pk->expiredate;
-
+
release_kbnode (keyblock);
do_sync ();
}
@@ -2397,7 +2397,7 @@ validate_keys (int interactive)
/* Find all keys which are signed by a key in kdlist */
keys = validate_key_list (kdb, full_trust, klist,
start_time, &next_expire);
- if (!keys)
+ if (!keys)
{
log_error ("validate_key_list failed\n");
rc = G10ERR_GENERAL;
@@ -2415,9 +2415,9 @@ validate_keys (int interactive)
store_validation_status (depth, kar->keyblock, stored);
log_info (_("depth: %d valid: %3d signed: %3d"
- " trust: %d-, %dq, %dn, %dm, %df, %du\n"),
+ " trust: %d-, %dq, %dn, %dm, %df, %du\n"),
depth, valids, key_count, ot_unknown, ot_undefined,
- ot_never, ot_marginal, ot_full, ot_ultimate );
+ ot_never, ot_marginal, ot_full, ot_ultimate );
/* Build a new kdlist from all fully valid keys in KEYS */
if (klist != utk_list)
@@ -2479,10 +2479,10 @@ validate_keys (int interactive)
if (!rc && !quit) /* mark trustDB as checked */
{
if (next_expire == 0xffffffff || next_expire < start_time )
- tdbio_write_nextcheck (0);
+ tdbio_write_nextcheck (0);
else
{
- tdbio_write_nextcheck (next_expire);
+ tdbio_write_nextcheck (next_expire);
log_info (_("next trustdb check due at %s\n"),
strtimestamp (next_expire));
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 11:35:11 +0000