aboutsummaryrefslogtreecommitdiffstats
path: root/g10/tofu.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Remove tofu database format "split".Werner Koch2016-08-101-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | * g10/options.h (struct opt): Remove field tofu_db_format. * g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and tofu.batch_update_started. * g10/gpg.c (parse_tofu_db_format): Remove. (main): Make option --tofu-db-format obsolete. * g10/tofu.c: Major rework. Remove the pretty complicated and slower split format and with that all the caching. Use the dbs struct directly. Move global vars for batch update into CTRL. Change calling conventions of some function to take CTRL or DBS pointers instead of the former low-level database pointer. -- The split database format might have been nice for use with Unison but it bypasses the concept of a relational database by doing parts of this itself and also risking deadlocks. Working with the Tofu database for debugging or experiments is also not possible with parts of the database logic implemented in gpg. The Tofu support is quite new and we can assume that it is not in real use now. Thus we better remove that now so that we do not need to maintain it for all future. Signed-off-by: Werner Koch <[email protected]>
* gpg: Store the Tofu meta handle for databases in CTRL.Werner Koch2016-05-211-5/+12
| | | | | | | | | | | | | | | | | | * g10/gpg.h (struct tofu_dbs_s, tofu_dbs_t): New declarations. (struct server_control_s): Add field tofu.dbs. * g10/tofu.c (struct dbs): Rename to tofu_dbs_s. Replace all users by by tofu_dbs_t. (opendbs): Add arg CTRL. Cache the DBS in CTRL. (closedbs): Rename to tofu_closedbs and make global. Add arg CTRL. (tofu_register): Add arg CTRL. Change all callers. Do not call closedbs. (tofu_get_validity): Ditto. (tofu_set_policy): Ditto. (tofu_get_policy): Ditto. (tofu_set_policy_by_keyid): Add arg CTRL. * g10/gpg.c (gpg_deinit_default_ctrl): Call tofu_closedbs. Signed-off-by: Werner Koch <[email protected]>
* gpg: Simplify the tofu interface by using the public key packet.Werner Koch2015-11-131-5/+4
| | | | | | | | | | | | | | | | * g10/tofu.c (fingerprint_str): Remove. (tofu_register): Take a public key instead of a fingerprint as arg. Use hexfingerprint() to get a fpr from the PK. (tofu_get_validity): Ditto. (tofu_set_policy, tofu_get_policy): Simplify by using hexfingerprint. * g10/trustdb.c (tdb_get_validity_core): Pass the primary key PK to instead of the fingerprint to the tofu functions. -- This change has the advantage that we are not bound to a specific fingerprint length and will thus helps us to implement rfc4880bis. Signed-off-by: Werner Koch <[email protected]>
* gpg: Provide an interface to patch TOFU updates.Neal H. Walfield2015-10-231-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/tofu.c (struct db): Rename begin_transaction to savepoint_batch. Rename end_transaction to savepoint_batch_commit. Update users. Remove field rollback. Add fields savepoint_inner and savepoint_inner_commit. Add field batch_update. (dump_cache): New function. (batch_update): New variable. (begin_transaction). New function. (end_transaction): New function. (rollback_transaction): New function. (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. (closedb): End any pending batch transaction. (closedbs): Assert that none of the DBs have a started batch transaction if we not in batch mode. (record_binding): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. Also start a batch mode transaction if we are using the flat format. (tofu_register): Use the begin_transaction, end_transaction and rollback_transaction functions instead of including the SQL inline. * g10/gpgv.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. * g10/test-stubs.c (tofu_begin_batch_update): New function. (tofu_end_batch_update): New function. -- Signed-off-by: Neal H. Walfield <[email protected]>
* build: Allow building without SQLlite support.Werner Koch2015-10-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | * configure.ac: Add option --dsiable-tofu and --disable-sqlite. (NEED_SQLITE_VERSION): New var. (USE_TOFU): New ac_define and am_conditional. * autogen.sh (build-w32): Add PKG_CONFIG_LIBDIR to configure so that pkg-config find the correct .pc file. * g10/Makefile.am (tofu_source): New. Build only if enabled. * g10/gpg.c (parse_trust_model)[!USE_TOFU]: Disable tofu models. (parse_tofu_policy)[!USE_TOFU]: Disable all. (parse_tofu_db_format)[!USE_TOFU]: Disable all. (main) <aTOFUPolicy>[!USE_TOFU]: Skip. * g10/keyedit.c (show_key_with_all_names_colon)[!USE_TOFU]: Do not call tofu functions. * g10/keylist.c (list_keyblock_colon)[!USE_TOFU]: Ditto. * g10/trustdb.c (tdb_get_validity_core)[!USE_TOFU]: Skip tofu processing. -- This allows to build a minimal version of GnuPG. It is also currently required to build for Windows. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix harmless compiler warnings.Werner Koch2015-10-181-1/+5
| | | | | | | | | | | | | | * g10/tofu.h (_tofu_GET_POLICY_ERROR): New. This avoids warnings about undefined enum values in a switch. * g10/trustdb.h (_tofu_GET_TRUST_ERROR): New. * g10/tofu.c (TIME_AGO_FUTURE_IGNORE): Move to the top. (opendbs): Avoid compiler warning (use braces). (GET_POLICY_ERROR): Replace define by enum _tofu_GET_POLICY_ERROR. (get_policy): Remove assert. (GET_TRUST_ERROR): Replace by _tofu_GET_TRUST_ERROR macro. (show_statistics): Undef MIN_SECS et al. after use. Signed-off-by: Werner Koch <[email protected]>
* g10: Add TOFU support.Neal H. Walfield2015-10-181-0/+105
* configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <[email protected]>.