aboutsummaryrefslogtreecommitdiffstats
path: root/g10/tofu.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Return the DBs meta-handle rather than the sqlite3 handle.Neal H. Walfield2015-10-231-28/+28
| | | | | | | | * g10/tofu.c (getdb): Return a struct db * instead of an sqlite *. Update users. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: If a key is ultimate trusted, return that in the tofu model.Neal H. Walfield2015-10-211-2/+54
| | | | | | | | | | | | * g10/tofu.c (get_trust): If the policy is auto or none, check if the key is ultimately trusted. If so, return that. (tofu_register): If the key is ultimately trusted, don't show any statistics. (tofu_get_validity): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]> Suggested-by: Andre Heinecke <[email protected]>
* gpg: Make the tofu DB check and initialization atomic.Neal H. Walfield2015-10-211-14/+16
| | | | | | | | | * g10/tofu.c (initdb): Make the version check and the database initialization atomic. -- Signed-off-by: Neal H. Walfield <[email protected]> Co-authored-by: Andre Heinecke <[email protected]>
* gpg: Don't die immediately if the TOFU DB is locked.Neal H. Walfield2015-10-201-0/+4
| | | | | | | * g10/tofu.c (opendb): Don't die immediately if the DB is locked. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Improve output.Neal H. Walfield2015-10-201-4/+4
| | | | | | | | * g10/tofu.c (get_trust): Also show the binding when indicating a conflict occurred. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Synchronize translation template.Neal H. Walfield2015-10-201-1/+1
| | | | | | | * g10/tofu.c (show_statistics): Synchronize translation template. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: When showing conflicts, also show bindings with no recorded sigs.Neal H. Walfield2015-10-201-20/+34
| | | | | | | | | | * g10/tofu.c (signature_stats_collect_cb): If the time_ago column is NULL, then both time_ago and count should be 0. (get_trust): Reverse the direction of the join so that we also get statistics about bindings without any signatures. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Improve text.Neal H. Walfield2015-10-201-7/+9
| | | | | | | | * g10/tofu.c (show_statistics): Improve text. -- Signed-off-by: Neal H. Walfield <[email protected]> Suggested-by: Malte <[email protected]>
* gpg: Use the right variable to display the information.Neal H. Walfield2015-10-201-3/+4
| | | | | | | | | * g10/tofu.c (get_trust): Use the right variable to display the conflicting key. -- Signed-off-by: Neal H. Walfield <[email protected]> Reported-by: Andre Heinecke <[email protected]>
* gpg: Make failing to create a directory a soft error.Neal H. Walfield2015-10-201-1/+1
| | | | | | | | * g10/tofu.c (getdb): Don't exit if we can't create the directory. Just return an error. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Fix formatting.Neal H. Walfield2015-10-191-6/+6
| | | | | | | * g10/tofu.c (get_trust): Fix formatting. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Don't forget to free some memory.Neal H. Walfield2015-10-191-0/+1
| | | | | | | * g10/tofu.c (tofu_register): Free SIG_DIGEST before returning. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: If a conflict occurs in batch mode, record that.Neal H. Walfield2015-10-191-6/+20
| | | | | | | | | * g10/tofu.c (get_trust): If a conflict occurs when MAY_ASK is false, set conflict to the key. When prompting the user, don't show the conflicting key if the conflicting key is the current key. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Silence two more warnings.Werner Koch2015-10-181-2/+2
| | | | | | | | * g10/trustdb.c (tdb_get_validity_core): Silence a warning. * g10/tofu.c (tofu_register): Move SIG_DIGEST computation to the top so that it is not uninitialized in case of an early error. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix harmless compiler warnings.Werner Koch2015-10-181-66/+64
| | | | | | | | | | | | | | * g10/tofu.h (_tofu_GET_POLICY_ERROR): New. This avoids warnings about undefined enum values in a switch. * g10/trustdb.h (_tofu_GET_TRUST_ERROR): New. * g10/tofu.c (TIME_AGO_FUTURE_IGNORE): Move to the top. (opendbs): Avoid compiler warning (use braces). (GET_POLICY_ERROR): Replace define by enum _tofu_GET_POLICY_ERROR. (get_policy): Remove assert. (GET_TRUST_ERROR): Replace by _tofu_GET_TRUST_ERROR macro. (show_statistics): Undef MIN_SECS et al. after use. Signed-off-by: Werner Koch <[email protected]>
* g10: Fix assert.Neal H. Walfield2015-10-181-1/+1
| | | | | | | * g10/tofu.c (get_trust): Fix assert. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10: Add TOFU support.Neal H. Walfield2015-10-181-0/+2472
* configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <[email protected]>.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 05:18:43 +0000