diff options
| author | Werner Koch <[email protected]> | 2013-10-11 07:25:58 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2014-03-07 09:44:27 +0000 |
| commit | d8f0b83e4f04641e5e9adbdd8abada15380f981c (patch) | |
| tree | 3f6cbf91c73ca9fec54874696675cd6fa55107cd /g10 | |
| parent | gpg: Print a "not found" message for an unknown key in --key-edit. (diff) | |
| download | gnupg-d8f0b83e4f04641e5e9adbdd8abada15380f981c.tar.gz gnupg-d8f0b83e4f04641e5e9adbdd8abada15380f981c.zip | |
gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
* g10/trustdb.c (trustdb_args): Add field no_trustdb.
(init_trustdb): Set that field.
(revalidation_mark): Take care of a nonexistent trustdb file.
(read_trust_options): Ditto.
(tdb_get_ownertrust): Ditto.
(tdb_get_min_ownertrust): Ditto.
(tdb_update_ownertrust): Ditto.
(update_min_ownertrust): Ditto.
(tdb_clear_ownertrusts): Ditto.
(tdb_cache_disabled_value): Ditto.
(tdb_check_trustdb_stale): Ditto.
(tdb_get_validity_core): Ditto.
* g10/gpg.c (main): Do not create a trustdb with most commands for
trust-model always.
--
This slightly changes the semantics of most commands in that they
won't create a trustdb if --trust-model=always is used. It just does
not make sense to create a trustdb if there is no need for it.
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 1a0eeaacd1bf09fe5125dbc3f56016bc20f3512e)
Resolved conflicts:
NEWS
g10/trustdb.c: Manually apply changes due to changed
function names.
Note that this also includes the fix for clear_ownertrust, see
GnuPG-bug-id: 1622.
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/gpg.c | 6 | ||||
| -rw-r--r-- | g10/tdbio.c | 8 | ||||
| -rw-r--r-- | g10/tdbio.h | 2 | ||||
| -rw-r--r-- | g10/trustdb.c | 68 |
4 files changed, 62 insertions, 22 deletions
@@ -3539,15 +3539,11 @@ main (int argc, char **argv) case aListTrustDB: rc = setup_trustdb (argc? 1:0, trustdb_name); break; - case aEncr: - case aEncrFiles: + default: /* If we are using TM_ALWAYS, we do not need to create the trustdb. */ rc = setup_trustdb (opt.trust_model != TM_ALWAYS, trustdb_name); break; - default: - rc = setup_trustdb (1, trustdb_name ); - break; } if (rc) log_error (_("failed to initialize the TrustDB: %s\n"), g10_errstr(rc)); diff --git a/g10/tdbio.c b/g10/tdbio.c index 0a659b141..db7a67c05 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -480,7 +480,7 @@ create_version_record (void) int -tdbio_set_dbname( const char *new_dbname, int create ) +tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile) { char *fname; static int initialized = 0; @@ -490,6 +490,8 @@ tdbio_set_dbname( const char *new_dbname, int create ) initialized = 1; } + *r_nofile = 0; + if(new_dbname==NULL) fname=make_filename(opt.homedir,"trustdb" EXTSEP_S GPGEXT_GPG, NULL); else if (*new_dbname != DIRSEP_C ) @@ -515,7 +517,9 @@ tdbio_set_dbname( const char *new_dbname, int create ) xfree(fname); return G10ERR_TRUSTDB; } - if( create ) { + if (!create) + *r_nofile = 1; + else { FILE *fp; TRUSTREC rec; int rc; diff --git a/g10/tdbio.h b/g10/tdbio.h index 252a393b7..4f37de44e 100644 --- a/g10/tdbio.h +++ b/g10/tdbio.h @@ -93,7 +93,7 @@ typedef struct trust_record TRUSTREC; /*-- tdbio.c --*/ int tdbio_update_version_record(void); -int tdbio_set_dbname( const char *new_dbname, int create ); +int tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile); const char *tdbio_get_dbname(void); void tdbio_dump_record( TRUSTREC *rec, FILE *fp ); int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ); diff --git a/g10/trustdb.c b/g10/trustdb.c index 733fa79bb..ea0739986 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -49,19 +49,22 @@ typedef struct key_item **KeyHashTable; /* see new_key_hash_table() */ * the item right after the last one has a keyblock set to NULL. * Maybe we can drop this thing and replace it by key_item */ -struct key_array { +struct key_array +{ KBNODE keyblock; }; -/* control information for the trust DB */ -static struct { - int init; - int level; - char *dbname; +/* Control information for the trust DB. */ +static struct +{ + int init; + int level; + char *dbname; + int no_trustdb; } trustdb_args; -/* some globals */ +/* Some globals. */ static struct key_item *user_utk_list; /* temp. used to store --trusted-keys */ static struct key_item *utk_list; /* all ultimately trusted keys */ @@ -417,7 +420,7 @@ how_to_fix_the_trustdb () void -init_trustdb() +init_trustdb () { int level = trustdb_args.level; const char* dbname = trustdb_args.dbname; @@ -429,7 +432,7 @@ init_trustdb() if(level==0 || level==1) { - int rc = tdbio_set_dbname( dbname, !!level ); + int rc = tdbio_set_dbname( dbname, !!level, &trustdb_args.no_trustdb); if( rc ) log_fatal("can't init trustdb: %s\n", g10_errstr(rc) ); } @@ -525,10 +528,13 @@ void tdb_revalidation_mark (void) { init_trustdb(); - /* we simply set the time for the next check to 1 (far back in 1970) - * so that a --update-trustdb will be scheduled */ + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + return; + + /* We simply set the time for the next check to 1 (far back in 1970) + so that a --update-trustdb will be scheduled. */ if (tdbio_write_nextcheck (1)) - do_sync (); + do_sync (); pending_check_trustdb = 1; } @@ -560,8 +566,10 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, TRUSTREC opts; init_trustdb(); - - read_record(0,&opts,RECTYPE_VER); + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + memset (&opts, 0, sizeof opts); + else + read_record (0, &opts, RECTYPE_VER); if(trust_model) *trust_model=opts.r.ver.trust_model; @@ -619,6 +627,9 @@ tdb_get_ownertrust ( PKT_public_key *pk) TRUSTREC rec; int rc; + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + return TRUST_UNKNOWN; + rc = read_trust_record (pk, &rec); if (rc == -1) return TRUST_UNKNOWN; /* no record yet */ @@ -638,6 +649,9 @@ tdb_get_min_ownertrust (PKT_public_key *pk) TRUSTREC rec; int rc; + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + return TRUST_UNKNOWN; + rc = read_trust_record (pk, &rec); if (rc == -1) return TRUST_UNKNOWN; /* no record yet */ @@ -661,6 +675,9 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) TRUSTREC rec; int rc; + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + return; + rc = read_trust_record (pk, &rec); if (!rc) { @@ -705,6 +722,9 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) TRUSTREC rec; int rc; + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + return; + pk = xmalloc_clear (sizeof *pk); rc = get_pubkey (pk, kid); if (rc) @@ -761,6 +781,11 @@ tdb_clear_ownertrusts (PKT_public_key *pk) TRUSTREC rec; int rc; + init_trustdb (); + + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + return 0; + rc = read_trust_record (pk, &rec); if (!rc) { @@ -865,6 +890,9 @@ tdb_cache_disabled_value (PKT_public_key *pk) init_trustdb(); + if (trustdb_args.no_trustdb) + return 0; /* No trustdb => not disabled. */ + rc = read_trust_record (pk, &trec); if (rc && rc != -1) { @@ -893,6 +921,10 @@ tdb_check_trustdb_stale (void) static int did_nextcheck=0; init_trustdb (); + + if (trustdb_args.no_trustdb) + return; /* No trustdb => can't be stale. */ + if (!did_nextcheck && (opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)) { @@ -931,6 +963,14 @@ tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid, unsigned int validity; init_trustdb (); + + /* If we have no trustdb (which also means it has not been created) + and the trust-model is always, we don't know the validity - + return immediately. If we won't do that the tdbio code would try + to open the trustdb and run into a fatal error. */ + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + return TRUST_UNKNOWN; + check_trustdb_stale(); if(opt.trust_model==TM_DIRECT) |