From 037f9de09298a31026ea2ab5fbd4a599b11cc34f Mon Sep 17 00:00:00 2001 From: "Neal H. Walfield" Date: Mon, 21 Nov 2016 22:47:30 +0100 Subject: g10: Cache the effective policy. Recompute it when required. * g10/tofu.c (initdb): Add column effective_policy to the bindings table. (record_binding): New parameters effective_policy and set_conflict. Save the effective policy. If SET_CONFLICT is set, then set conflict according to CONFLICT. Otherwise, preserve the current value of conflict. Update callers. (get_trust): Don't compute the effective policy here... (get_policy): ... do it here, if it was not cached. Take new parameters, PK, the public key, and NOW, the time that the operation started. Update callers. (show_statistics): New parameter PK. Pass it to get_policy. Update callers. (tofu_notice_key_changed): New function. * g10/gpgv.c (tofu_notice_key_changed): New stub. * g10/import.c (import_revoke_cert): Take additional argument CTRL. Pass it to keydb_update_keyblock. * g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL. Update callers. [USE_TOFU]: Call tofu_notice_key_changed. * g10/test-stubs.c (tofu_notice_key_changed): New stub. * tests/openpgp/tofu.scm: Assume that manually setting a binding's policy to auto does not cause the tofu engine to forget about any conflict. -- Signed-off-by: Neal H. Walfield We now store the computed policy in the tofu DB (in the effective_policy column of the bindings table) to avoid computing it every time, which is expensive. Further, policy is never overridden in case of a conflict. Instead, we detect a conflict if CONFLICT is not empty. This change is backwards compatible to existing DBs. The only minor incompatibility is that unresolved conflicts won't be automatically resolved in case we import a direct signature, or cross signatures. --- g10/import.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'g10/import.c') diff --git a/g10/import.c b/g10/import.c index 590959d25..1ed11bf38 100644 --- a/g10/import.c +++ b/g10/import.c @@ -111,7 +111,8 @@ static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock, struct import_stats_s *stats, int batch, unsigned int options, int for_migration, import_screener_t screener, void *screener_arg); -static int import_revoke_cert (kbnode_t node, struct import_stats_s *stats); +static int import_revoke_cert (ctrl_t ctrl, + kbnode_t node, struct import_stats_s *stats); static int chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self); static int delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options); @@ -562,7 +563,7 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats, screener, screener_arg); else if (keyblock->pkt->pkttype == PKT_SIGNATURE && keyblock->pkt->pkt.signature->sig_class == 0x20 ) - rc = import_revoke_cert (keyblock, stats); + rc = import_revoke_cert (ctrl, keyblock, stats); else { log_info (_("skipping block of type %d\n"), keyblock->pkt->pkttype); @@ -1642,7 +1643,7 @@ import_one (ctrl_t ctrl, { mod_key = 1; /* KEYBLOCK_ORIG has been updated; write */ - rc = keydb_update_keyblock (hd, keyblock_orig); + rc = keydb_update_keyblock (ctrl, hd, keyblock_orig); if (rc) log_error (_("error writing keyring '%s': %s\n"), keydb_get_resource_name (hd), gpg_strerror (rc) ); @@ -2288,7 +2289,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock, * Import a revocation certificate; this is a single signature packet. */ static int -import_revoke_cert (kbnode_t node, struct import_stats_s *stats) +import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) { PKT_public_key *pk = NULL; kbnode_t onode; @@ -2379,7 +2380,7 @@ import_revoke_cert (kbnode_t node, struct import_stats_s *stats) insert_kbnode( keyblock, clone_kbnode(node), 0 ); /* and write the keyblock back */ - rc = keydb_update_keyblock (hd, keyblock ); + rc = keydb_update_keyblock (ctrl, hd, keyblock ); if (rc) log_error (_("error writing keyring '%s': %s\n"), keydb_get_resource_name (hd), gpg_strerror (rc) ); -- cgit v1.2.3