diff options
| author | Neal H. Walfield <[email protected]> | 2016-09-01 11:29:56 +0000 |
|---|---|---|
| committer | Neal H. Walfield <[email protected]> | 2016-09-01 11:29:56 +0000 |
| commit | f2e5cb6ffb55e49a05d452cd85e45f6f67c20abb (patch) | |
| tree | 85f6a4cd9e9a5a2bd40fb29cb255a09cc4973bfd | |
| parent | g10: Improve text. (diff) | |
| download | gnupg-f2e5cb6ffb55e49a05d452cd85e45f6f67c20abb.tar.gz gnupg-f2e5cb6ffb55e49a05d452cd85e45f6f67c20abb.zip | |
g10: Add support for TRUST_NEVER.
* g10/pkclist.c (do_we_trust): Handle TRUST_NEVER, which can be
returned by the TOFU trust model.
(do_we_trust_pre): Print a different message if TRUSTLEVEL is
TRUST_NEVER.
(check_signatures_trust): Improve comment.
--
Signed-off-by: Neal H. Walfield <[email protected]>
| -rw-r--r-- | g10/pkclist.c | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/g10/pkclist.c b/g10/pkclist.c index 63d32d1e4..f7b248375 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -449,6 +449,13 @@ do_we_trust( PKT_public_key *pk, unsigned int trustlevel ) if( opt.verbose ) log_info(_("This key belongs to us\n")); return 1; /* yes */ + + case TRUST_NEVER: + /* This is retruned can be returned by TOFU, which can return + negative assertions. */ + log_info(_("%s: This key is bad! It has been marked as untrusted!\n"), + keystr_from_pk(pk)); + return 0; /* no */ } return 1; /*NOTREACHED*/ @@ -472,10 +479,16 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel ) print_fingerprint (NULL, pk, 2); tty_printf("\n"); - tty_printf( - _("It is NOT certain that the key belongs to the person named\n" - "in the user ID. If you *really* know what you are doing,\n" - "you may answer the next question with yes.\n")); + if ((trustlevel & TRUST_MASK) == TRUST_NEVER) + tty_printf( + _("This key has is bad! It has been marked as untrusted! If you\n" + "*really* know what you are doing, you may answer the next\n" + "question with yes.\n")); + else + tty_printf( + _("It is NOT certain that the key belongs to the person named\n" + "in the user ID. If you *really* know what you are doing,\n" + "you may answer the next question with yes.\n")); tty_printf("\n"); @@ -654,7 +667,8 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig) break; case TRUST_NEVER: - /* currently we won't get that status */ + /* This level can be returned by TOFU, which supports negative + * assertions. */ write_trust_status (STATUS_TRUST_NEVER, trustlevel); log_info(_("WARNING: We do NOT trust this key!\n")); log_info(_(" The signature is probably a FORGERY.\n")); |