diff options
| author | Neal H. Walfield <[email protected]> | 2016-12-16 13:32:27 +0000 |
|---|---|---|
| committer | Neal H. Walfield <[email protected]> | 2016-12-16 13:32:39 +0000 |
| commit | 94f6b9010d2e80a75ccbb21426faf0b30195f1ab (patch) | |
| tree | 37d81077ccacd3375df3a0b612a0b1b5993651b0 | |
| parent | doc: Improve section on unattended key generation. (diff) | |
| download | gnupg-94f6b9010d2e80a75ccbb21426faf0b30195f1ab.tar.gz gnupg-94f6b9010d2e80a75ccbb21426faf0b30195f1ab.zip | |
g10: Extend TOFU_STATS to emit <sign-days> and <encyrption-days>
* doc/DETAILS: Add SIGN-DAYS and ENCRYPT-DAYS to the TOFU_STATS status
line.
* g10/tofu.c (write_stats_status): Take additional parameters
signature_days and encryption_days. Update callers. Include them in
the tfs record and TOFU status lines.
(show_statistics): Compute the number of days on which we saw a
message signed by FINGERPRINT, and the number of days on which we
encrypted a message to it.
Signed-off-by: Neal H. Walfield <[email protected]>
| -rw-r--r-- | doc/DETAILS | 12 | ||||
| -rw-r--r-- | g10/tofu.c | 79 |
2 files changed, 73 insertions, 18 deletions
diff --git a/doc/DETAILS b/doc/DETAILS index 534c48c0b..ab7096009 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -722,7 +722,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: userid encoded in UTF-8 and percent escaped. The fingerprint is identical for all TOFU_USER lines up to a NEWSIG line. -*** TOFU_STATS <summary> <sign-count> <encryption-count> [<policy> [<tm1> <tm2> <tm3> <tm4> [<validity>]]] +*** TOFU_STATS <summary> <sign-count> <encryption-count> [<policy> [<tm1> <tm2> <tm3> <tm4> [<validity> [<sign-days> <encrypt-days>]]]] Statistics for the current user id. @@ -742,7 +742,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: - unknown :: Policy is "unknown" (TOFU information does not contribute to the key's validity) - TM1 ist the time the first message was verified. TM2 is the time + TM1 is the time the first message was verified. TM2 is the time the most recent message was verified. TM3 is the time the first message was encrypted. TM4 is the most recent encryption. All may either be seconds since Epoch or an ISO time string @@ -753,6 +753,14 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: takes on value 0. Instead, if there is a conflict, VALIDITY still reflects the key's validity (values: 1-4). + SIGN-COUNT and ENCRYPTION-COUNT are the number of messages that we + have seen that have been signed by this key / encryption to this + key. + + SIGN-DAYS and ENCRYPTION-DAYS are similar, but the number of days + (in UTC) on which we have seen messages signed by this key / + encrypted to this key. + *** TOFU_STATS_SHORT <long_string> Information about the TOFU binding for the signature. diff --git a/g10/tofu.c b/g10/tofu.c index c574171bc..5f92de682 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2875,9 +2875,11 @@ write_stats_status (estream_t fp, unsigned long signature_count, unsigned long signature_first_seen, unsigned long signature_most_recent, + unsigned long signature_days, unsigned long encryption_count, unsigned long encryption_first_done, - unsigned long encryption_most_recent) + unsigned long encryption_most_recent, + unsigned long encryption_days) { int summary; int validity; @@ -2905,17 +2907,17 @@ write_stats_status (estream_t fp, if (fp) { - es_fprintf (fp, "tfs:1:%d:%lu:%lu:%s:%lu:%lu:%lu:%lu:%d:\n", + es_fprintf (fp, "tfs:1:%d:%lu:%lu:%s:%lu:%lu:%lu:%lu:%d:%lu:%lu:\n", summary, signature_count, encryption_count, tofu_policy_str (policy), signature_first_seen, signature_most_recent, encryption_first_done, encryption_most_recent, - validity); + validity, signature_days, encryption_days); } else { write_status_printf (STATUS_TOFU_STATS, - "%d %lu %lu %s %lu %lu %lu %lu %d", + "%d %lu %lu %s %lu %lu %lu %lu %d %lu %lu", summary, signature_count, encryption_count, @@ -2924,7 +2926,8 @@ write_stats_status (estream_t fp, signature_most_recent, encryption_first_done, encryption_most_recent, - validity); + validity, + signature_days, encryption_days); } } @@ -2951,9 +2954,11 @@ show_statistics (tofu_dbs_t dbs, unsigned long signature_first_seen = 0; unsigned long signature_most_recent = 0; unsigned long signature_count = 0; + unsigned long signature_days = 0; unsigned long encryption_first_done = 0; unsigned long encryption_most_recent = 0; unsigned long encryption_count = 0; + unsigned long encryption_days = 0; int show_warning = 0; @@ -2978,18 +2983,38 @@ show_statistics (tofu_dbs_t dbs, rc = gpg_error (GPG_ERR_GENERAL); goto out; } + rc = gpgsql_exec_printf + (dbs->db, strings_collect_cb, &strlist, &err, + "select count (*) from\n" + " (select round(signatures.time / (24 * 60 * 60)) day\n" + " from signatures\n" + " left join bindings on signatures.binding = bindings.oid\n" + " where fingerprint = %Q and email = %Q\n" + " group by day);", + fingerprint, email); + if (rc) + { + log_error (_("error reading TOFU database: %s\n"), err); + print_further_info ("getting signature statistics (by day)"); + sqlite3_free (err); + rc = gpg_error (GPG_ERR_GENERAL); + goto out; + } if (strlist) { - /* We expect exactly 3 elements. */ + /* We expect exactly 4 elements. */ log_assert (strlist->next); log_assert (strlist->next->next); - log_assert (! strlist->next->next->next); + log_assert (strlist->next->next->next); + log_assert (! strlist->next->next->next->next); - string_to_ulong (&signature_count, strlist->d, -1, __LINE__); - string_to_ulong (&signature_first_seen, strlist->next->d, -1, __LINE__); - string_to_ulong (&signature_most_recent, + string_to_ulong (&signature_days, strlist->d, -1, __LINE__); + string_to_ulong (&signature_count, strlist->next->d, -1, __LINE__); + string_to_ulong (&signature_first_seen, strlist->next->next->d, -1, __LINE__); + string_to_ulong (&signature_most_recent, + strlist->next->next->next->d, -1, __LINE__); free_strlist (strlist); strlist = NULL; @@ -3011,18 +3036,38 @@ show_statistics (tofu_dbs_t dbs, rc = gpg_error (GPG_ERR_GENERAL); goto out; } + rc = gpgsql_exec_printf + (dbs->db, strings_collect_cb, &strlist, &err, + "select count (*) from\n" + " (select round(encryptions.time / (24 * 60 * 60)) day\n" + " from encryptions\n" + " left join bindings on encryptions.binding = bindings.oid\n" + " where fingerprint = %Q and email = %Q\n" + " group by day);", + fingerprint, email); + if (rc) + { + log_error (_("error reading TOFU database: %s\n"), err); + print_further_info ("getting encryption statistics (by day)"); + sqlite3_free (err); + rc = gpg_error (GPG_ERR_GENERAL); + goto out; + } if (strlist) { - /* We expect exactly 3 elements. */ + /* We expect exactly 4 elements. */ log_assert (strlist->next); log_assert (strlist->next->next); - log_assert (! strlist->next->next->next); + log_assert (strlist->next->next->next); + log_assert (! strlist->next->next->next->next); - string_to_ulong (&encryption_count, strlist->d, -1, __LINE__); - string_to_ulong (&encryption_first_done, strlist->next->d, -1, __LINE__); - string_to_ulong (&encryption_most_recent, + string_to_ulong (&encryption_days, strlist->d, -1, __LINE__); + string_to_ulong (&encryption_count, strlist->next->d, -1, __LINE__); + string_to_ulong (&encryption_first_done, strlist->next->next->d, -1, __LINE__); + string_to_ulong (&encryption_most_recent, + strlist->next->next->next->d, -1, __LINE__); free_strlist (strlist); strlist = NULL; @@ -3036,9 +3081,11 @@ show_statistics (tofu_dbs_t dbs, signature_count, signature_first_seen, signature_most_recent, + signature_days, encryption_count, encryption_first_done, - encryption_most_recent); + encryption_most_recent, + encryption_days); if (!outfp && !only_status_fd) { |