gpg: Pass CTRL to many more functions.

--

For proper operations as a server we need to avoid global variables.
Thus we need to pass the session state CTRL to most functions.  Quite
a lot of changes but fortunately straightforward to do.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 25 insertions, 17 deletions

diff --git a/g10/sig-check.c b/g10/sig-check.c
index 4e6ca4309..4622f6b33 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -45,9 +45,9 @@ static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
 /* Check a signature.  This is shorthand for check_signature2 with
    the unnamed arguments passed as NULL.  */
 int
-check_signature (PKT_signature *sig, gcry_md_hd_t digest)
+check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest)
 {
-    return check_signature2 (sig, digest, NULL, NULL, NULL, NULL);
+  return check_signature2 (ctrl, sig, digest, NULL, NULL, NULL, NULL);
 }
 
 
@@ -89,7 +89,8 @@ check_signature (PKT_signature *sig, gcry_md_hd_t digest)
  *
  * Returns 0 on success.  An error code otherwise.  */
 gpg_error_t
-check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
+check_signature2 (ctrl_t ctrl,
+                  PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
 		  int *r_expired, int *r_revoked, PKT_public_key **r_pk)
 {
     int rc=0;
@@ -122,7 +123,7 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
         log_info(_("WARNING: signature digest conflict in message\n"));
 	rc = gpg_error (GPG_ERR_GENERAL);
       }
-    else if( get_pubkey( pk, sig->keyid ) )
+    else if( get_pubkey (ctrl, pk, sig->keyid ) )
       rc = gpg_error (GPG_ERR_NO_PUBKEY);
     else if(!pk->flags.valid)
       {
@@ -560,7 +561,7 @@ cache_sig_result ( PKT_signature *sig, int result )
  * revoked, B is still revoked.  I'm not completely convinced this is
  * the proper behavior, but it matches how PGP does it. -dms */
 int
-check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
+check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig)
 {
   static int busy=0;
   int i;
@@ -616,7 +617,8 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
 	  /* The revoker's keyid.  */
           u32 keyid[2];
 
-          keyid_from_fingerprint(pk->revkey[i].fpr,MAX_FINGERPRINT_LEN,keyid);
+          keyid_from_fingerprint (ctrl, pk->revkey[i].fpr,
+                                  MAX_FINGERPRINT_LEN, keyid);
 
           if(keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1])
 	    /* The signature was generated by a designated revoker.
@@ -629,7 +631,7 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
               hash_public_key(md,pk);
 	      /* Note: check_signature only checks that the signature
 		 is good.  It does not fail if the key is revoked.  */
-              rc=check_signature(sig,md);
+              rc = check_signature (ctrl, sig, md);
 	      cache_sig_result(sig,rc);
               gcry_md_close (md);
 	      break;
@@ -685,9 +687,11 @@ check_backsig (PKT_public_key *main_pk,PKT_public_key *sub_pk,
  * passed as NULL.  See the documentation for that function for more
  * details.  */
 int
-check_key_signature (KBNODE root, KBNODE node, int *is_selfsig)
+check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t node,
+                     int *is_selfsig)
 {
-  return check_key_signature2 (root, node, NULL, NULL, is_selfsig, NULL, NULL);
+  return check_key_signature2 (ctrl, root, node, NULL, NULL,
+                               is_selfsig, NULL, NULL);
 }
 
 
@@ -725,7 +729,7 @@ check_key_signature (KBNODE root, KBNODE node, int *is_selfsig)
    generated the signature (i.e., the signer) on success.  This must
    be released by the caller using release_public_key_parts ().  */
 gpg_error_t
-check_signature_over_key_or_uid (PKT_public_key *signer,
+check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
                                  PKT_signature *sig, KBNODE kb, PACKET *packet,
                                  int *is_selfsig, PKT_public_key *ret_pk)
 {
@@ -841,7 +845,7 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
                   signer_alloced = 2;
                 }
 
-              rc = get_pubkey (signer, sig->keyid);
+              rc = get_pubkey (ctrl, signer, sig->keyid);
               if (rc)
                 {
                   xfree (signer);
@@ -957,7 +961,8 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
  * TODO: add r_revoked here as well.  It has the same problems as
  * r_expiredate and r_expired and the cache.  */
 int
-check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
+check_key_signature2 (ctrl_t ctrl,
+                      kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
                       PKT_public_key *ret_pk, int *is_selfsig,
                       u32 *r_expiredate, int *r_expired )
 {
@@ -1018,13 +1023,14 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
 
       /* Is it a designated revoker? */
       if (keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1])
-        rc = check_revocation_keys (pk, sig);
+        rc = check_revocation_keys (ctrl, pk, sig);
       else
         {
           rc = check_signature_metadata_validity (pk, sig,
                                                   r_expired, NULL);
           if (! rc)
-            rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt,
+            rc = check_signature_over_key_or_uid (ctrl, pk, sig,
+                                                  root, root->pkt,
                                                   is_selfsig, ret_pk);
         }
     }
@@ -1039,7 +1045,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
                                                   r_expired, NULL);
           if (! rc)
             /* 0x28 must be a self-sig, but 0x18 needn't be.  */
-            rc = check_signature_over_key_or_uid (sig->sig_class == 0x18
+            rc = check_signature_over_key_or_uid (ctrl,
+                                                  sig->sig_class == 0x18
                                                   ? NULL : pk,
                                                   sig, root, snode->pkt,
                                                   is_selfsig, ret_pk);
@@ -1063,7 +1070,7 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
         rc = check_signature_metadata_validity (pk, sig,
                                                 r_expired, NULL);
         if (! rc)
-          rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt,
+          rc = check_signature_over_key_or_uid (ctrl, pk, sig, root, root->pkt,
                                                 is_selfsig, ret_pk);
       }
     else if (/* Certification.  */
@@ -1082,7 +1089,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
             if (! rc)
               /* If this is a self-sig, ignore check_pk.  */
               rc = check_signature_over_key_or_uid
-                (keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk,
+                (ctrl,
+                 keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk,
                  sig, root, unode->pkt, NULL, ret_pk);
           }
 	else