aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--g10/call-agent.c3
-rw-r--r--g10/call-dirmngr.c2
-rw-r--r--g10/card-util.c23
-rw-r--r--g10/delkey.c20
-rw-r--r--g10/encrypt.c17
-rw-r--r--g10/export.c28
-rw-r--r--g10/getkey.c140
-rw-r--r--g10/gpg.c21
-rw-r--r--g10/gpgcompose.c17
-rw-r--r--g10/gpgv.c17
-rw-r--r--g10/import.c126
-rw-r--r--g10/keydb.c4
-rw-r--r--g10/keydb.h44
-rw-r--r--g10/keyedit.c278
-rw-r--r--g10/keygen.c46
-rw-r--r--g10/keyid.c5
-rw-r--r--g10/keylist.c61
-rw-r--r--g10/keyring.c4
-rw-r--r--g10/keyring.h2
-rw-r--r--g10/keyserver.c14
-rw-r--r--g10/main.h59
-rw-r--r--g10/mainproc.c30
-rw-r--r--g10/packet.h13
-rw-r--r--g10/passphrase.c9
-rw-r--r--g10/pkclist.c58
-rw-r--r--g10/pubkey-enc.c19
-rw-r--r--g10/revoke.c36
-rw-r--r--g10/sig-check.c42
-rw-r--r--g10/sign.c35
-rw-r--r--g10/skclist.c8
-rw-r--r--g10/tdbdump.c24
-rw-r--r--g10/tdbio.c76
-rw-r--r--g10/tdbio.h13
-rw-r--r--g10/test-stubs.c17
-rw-r--r--g10/tofu.c21
-rw-r--r--g10/trust.c59
-rw-r--r--g10/trustdb.c189
-rw-r--r--g10/trustdb.h56
38 files changed, 885 insertions, 751 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c
index af06bf511..0ba978774 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -160,7 +160,8 @@ default_inq_cb (void *opaque, const char *line)
char buf[32];
if (parm->keyinfo.keyid)
- emit_status_need_passphrase (parm->keyinfo.keyid,
+ emit_status_need_passphrase (parm->ctrl,
+ parm->keyinfo.keyid,
parm->keyinfo.mainkeyid,
parm->keyinfo.pubkey_algo);
diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index aa39155ac..cb6c69cd7 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -1068,7 +1068,7 @@ gpg_dirmngr_ks_put (ctrl_t ctrl, void *data, size_t datalen, kbnode_t keyblock)
/* We are going to parse the keyblock, thus we better make sure the
all information is readily available. */
if (keyblock)
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
err = open_context (ctrl, &ctx);
if (err)
diff --git a/g10/card-util.c b/g10/card-util.c
index b88a9ed70..78cd52bfe 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -362,7 +362,8 @@ fpr_is_ff (const char *fpr)
/* Print all available information about the current card. */
static void
-current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
+current_card_status (ctrl_t ctrl, estream_t fp,
+ char *serialno, size_t serialnobuflen)
{
struct agent_card_info_s info;
PKT_public_key *pk = xcalloc (1, sizeof *pk);
@@ -609,9 +610,9 @@ current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
/* If the fingerprint is all 0xff, the key has no asssociated
OpenPGP certificate. */
if ( thefpr && !fpr_is_ff (thefpr)
- && !get_pubkey_byfprint (pk, &keyblock, thefpr, 20))
+ && !get_pubkey_byfprint (ctrl, pk, &keyblock, thefpr, 20))
{
- print_pubkey_info (fp, pk);
+ print_pubkey_info (ctrl, fp, pk);
if (keyblock)
print_card_key_info (fp, keyblock);
}
@@ -629,7 +630,7 @@ current_card_status (estream_t fp, char *serialno, size_t serialnobuflen)
Print all available information for current card when SERIALNO is NULL.
Or print llfor all cards when SERIALNO is "all". */
void
-card_status (estream_t fp, const char *serialno)
+card_status (ctrl_t ctrl, estream_t fp, const char *serialno)
{
int err;
strlist_t card_list, sl;
@@ -638,7 +639,7 @@ card_status (estream_t fp, const char *serialno)
if (serialno == NULL)
{
- current_card_status (fp, NULL, 0);
+ current_card_status (ctrl, fp, NULL, 0);
return;
}
@@ -673,7 +674,7 @@ card_status (estream_t fp, const char *serialno)
continue;
}
- current_card_status (fp, NULL, 0);
+ current_card_status (ctrl, fp, NULL, 0);
xfree (serialno1);
if (!all_cards)
@@ -1510,7 +1511,7 @@ generate_card_keys (ctrl_t ctrl)
/* This function is used by the key edit menu to generate an arbitrary
subkey. */
gpg_error_t
-card_generate_subkey (KBNODE pub_keyblock)
+card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock)
{
gpg_error_t err;
struct agent_card_info_s info;
@@ -1581,7 +1582,7 @@ card_generate_subkey (KBNODE pub_keyblock)
the serialnumber and thus it won't harm. */
}
- err = generate_card_subkeypair (pub_keyblock, keyno, info.serialno);
+ err = generate_card_subkeypair (ctrl, pub_keyblock, keyno, info.serialno);
leave:
agent_release_card_info (&info);
@@ -1987,12 +1988,14 @@ card_edit (ctrl_t ctrl, strlist_t commands)
{
if (opt.with_colons)
{
- current_card_status (es_stdout, serialnobuf, DIM (serialnobuf));
+ current_card_status (ctrl, es_stdout,
+ serialnobuf, DIM (serialnobuf));
fflush (stdout);
}
else
{
- current_card_status (NULL, serialnobuf, DIM (serialnobuf));
+ current_card_status (ctrl, NULL,
+ serialnobuf, DIM (serialnobuf));
tty_printf("\n");
}
redisplay = 0;
diff --git a/g10/delkey.c b/g10/delkey.c
index 547b40dd2..bf8c4e93b 100644
--- a/g10/delkey.c
+++ b/g10/delkey.c
@@ -47,7 +47,8 @@
* key can't be deleted for that reason.
*/
static gpg_error_t
-do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
+do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
+ int *r_sec_avail)
{
gpg_error_t err;
kbnode_t keyblock = NULL;
@@ -137,9 +138,9 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
else
{
if (secret)
- print_seckey_info (pk);
+ print_seckey_info (ctrl, pk);
else
- print_pubkey_info (NULL, pk );
+ print_pubkey_info (ctrl, NULL, pk );
tty_printf( "\n" );
yes = cpr_get_answer_is_yes
@@ -180,7 +181,8 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key))
continue; /* No secret key for that public (sub)key. */
- prompt = gpg_format_keydesc (node->pkt->pkt.public_key,
+ prompt = gpg_format_keydesc (ctrl,
+ node->pkt->pkt.public_key,
FORMAT_KEYDESC_DELKEY, 1);
err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip);
/* NB: We require --yes to advise the agent not to
@@ -232,7 +234,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
revalidation_mark(). This makes sense - only deleting keys
that have ownertrust set should trigger this. */
- if (!secret && pk && clear_ownertrusts (pk))
+ if (!secret && pk && clear_ownertrusts (ctrl, pk))
{
if (opt.verbose)
log_info (_("ownertrust information cleared\n"));
@@ -249,7 +251,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
* Delete a public or secret key from a keyring.
*/
gpg_error_t
-delete_keys (strlist_t names, int secret, int allow_both)
+delete_keys (ctrl_t ctrl, strlist_t names, int secret, int allow_both)
{
gpg_error_t err;
int avail;
@@ -260,14 +262,14 @@ delete_keys (strlist_t names, int secret, int allow_both)
for ( ;names ; names=names->next )
{
- err = do_delete_key (names->d, secret, force, &avail);
+ err = do_delete_key (ctrl, names->d, secret, force, &avail);
if (err && avail)
{
if (allow_both)
{
- err = do_delete_key (names->d, 1, 0, &avail);
+ err = do_delete_key (ctrl, names->d, 1, 0, &avail);
if (!err)
- err = do_delete_key (names->d, 0, 0, &avail);
+ err = do_delete_key (ctrl, names->d, 0, 0, &avail);
}
else
{
diff --git a/g10/encrypt.c b/g10/encrypt.c
index a79a47011..57ac8ad66 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -41,7 +41,8 @@
static int encrypt_simple( const char *filename, int mode, int use_seskey );
-static int write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, iobuf_t out );
+static int write_pubkey_enc_from_list (ctrl_t ctrl,
+ PK_LIST pk_list, DEK *dek, iobuf_t out);
/****************
* Encrypt FILENAME with only the symmetric cipher. Take input from
@@ -634,7 +635,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
if (DBG_CRYPTO)
log_printhex ("DEK is: ", cfx.dek->key, cfx.dek->keylen );
- rc = write_pubkey_enc_from_list (pk_list, cfx.dek, out);
+ rc = write_pubkey_enc_from_list (ctrl, pk_list, cfx.dek, out);
if (rc)
goto leave;
@@ -828,7 +829,8 @@ encrypt_filter (void *opaque, int control,
if (DBG_CRYPTO)
log_printhex ("DEK is: ", efx->cfx.dek->key, efx->cfx.dek->keylen);
- rc = write_pubkey_enc_from_list (efx->pk_list, efx->cfx.dek, a);
+ rc = write_pubkey_enc_from_list (efx->ctrl,
+ efx->pk_list, efx->cfx.dek, a);
if (rc)
return rc;
@@ -864,7 +866,8 @@ encrypt_filter (void *opaque, int control,
* Write a pubkey-enc packet for the public key PK to OUT.
*/
int
-write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
+write_pubkey_enc (ctrl_t ctrl,
+ PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
{
PACKET pkt;
PKT_pubkey_enc *enc;
@@ -899,7 +902,7 @@ write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
{
if ( opt.verbose )
{
- char *ustr = get_user_id_string_native (enc->keyid);
+ char *ustr = get_user_id_string_native (ctrl, enc->keyid);
log_info (_("%s/%s encrypted for: \"%s\"\n"),
openpgp_pk_algo_name (enc->pubkey_algo),
openpgp_cipher_algo_name (dek->algo),
@@ -924,7 +927,7 @@ write_pubkey_enc (PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
* Write pubkey-enc packets from the list of PKs to OUT.
*/
static int
-write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out)
+write_pubkey_enc_from_list (ctrl_t ctrl, PK_LIST pk_list, DEK *dek, iobuf_t out)
{
if (opt.throw_keyids && (PGP6 || PGP7 || PGP8))
{
@@ -937,7 +940,7 @@ write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out)
{
PKT_public_key *pk = pk_list->pk;
int throw_keyid = (opt.throw_keyids || (pk_list->flags&1));
- int rc = write_pubkey_enc (pk, throw_keyid, dek, out);
+ int rc = write_pubkey_enc (ctrl, pk, throw_keyid, dek, out);
if (rc)
return rc;
}
diff --git a/g10/export.c b/g10/export.c
index e2adcc4ab..8dafab26e 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -1188,7 +1188,7 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
if (opt.verbose)
log_info ("key %s: asking agent for the secret parts\n", hexgrip);
- prompt = gpg_format_keydesc (pk, FORMAT_KEYDESC_EXPORT,1);
+ prompt = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_EXPORT,1);
err = agent_export_key (ctrl, hexgrip, prompt, !cleartext, cache_nonce_addr,
&wrappedkey, &wrappedkeylen);
xfree (prompt);
@@ -1336,15 +1336,19 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor,
* KEYBLOCK must not have any blocks marked as deleted.
*/
static void
-apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
+apply_keep_uid_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
{
kbnode_t node;
+ struct impex_filter_parm_s parm;
+
+ parm.ctrl = ctrl;
for (node = keyblock->next; node; node = node->next )
{
if (node->pkt->pkttype == PKT_USER_ID)
{
- if (!recsel_select (selector, impex_filter_getval, node))
+ parm.node = node;
+ if (!recsel_select (selector, impex_filter_getval, &parm))
{
/* log_debug ("keep-uid: deleting '%s'\n", */
/* node->pkt->pkt.user_id->name); */
@@ -1372,16 +1376,21 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
* KEYBLOCK must not have any blocks marked as deleted.
*/
static void
-apply_drop_subkey_filter (kbnode_t keyblock, recsel_expr_t selector)
+apply_drop_subkey_filter (ctrl_t ctrl, kbnode_t keyblock,
+ recsel_expr_t selector)
{
kbnode_t node;
+ struct impex_filter_parm_s parm;
+
+ parm.ctrl = ctrl;
for (node = keyblock->next; node; node = node->next )
{
if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| node->pkt->pkttype == PKT_SECRET_SUBKEY)
{
- if (recsel_select (selector, impex_filter_getval, node))
+ parm.node = node;
+ if (recsel_select (selector, impex_filter_getval, &parm))
{
/*log_debug ("drop-subkey: deleting a key\n");*/
/* The subkey packet and all following packets up to the
@@ -1990,19 +1999,20 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret,
* UID sigs (0x10, 0x11, 0x12, and 0x13). A designated
* revocation is never stripped, even with export-minimal set. */
if ((options & EXPORT_CLEAN))
- clean_key (keyblock, opt.verbose, (options&EXPORT_MINIMAL), NULL, NULL);
+ clean_key (ctrl, keyblock, opt.verbose,
+ (options&EXPORT_MINIMAL), NULL, NULL);
if (export_keep_uid)
{
commit_kbnode (&keyblock);
- apply_keep_uid_filter (keyblock, export_keep_uid);
+ apply_keep_uid_filter (ctrl, keyblock, export_keep_uid);
commit_kbnode (&keyblock);
}
if (export_drop_subkey)
{
commit_kbnode (&keyblock);
- apply_drop_subkey_filter (keyblock, export_drop_subkey);
+ apply_drop_subkey_filter (ctrl, keyblock, export_drop_subkey);
commit_kbnode (&keyblock);
}
@@ -2139,7 +2149,7 @@ export_ssh_key (ctrl_t ctrl, const char *userid)
1 /* No AKL lookup. */);
if (!err)
{
- err = getkey_next (getkeyctx, NULL, NULL);
+ err = getkey_next (ctrl, getkeyctx, NULL, NULL);
if (!err)
err = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
else if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY)
diff --git a/g10/getkey.c b/g10/getkey.c
index 9c9d8b238..f29c15009 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -139,10 +139,9 @@ typedef struct user_id_db
static user_id_db_t user_id_db;
static int uid_cache_entries; /* Number of entries in uid cache. */
-static void merge_selfsigs (kbnode_t keyblock);
-static int lookup (getkey_ctx_t ctx,
- kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
- int want_secret);
+static void merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock);
+static int lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
+ kbnode_t *ret_keyblock, kbnode_t *ret_found_key);
static kbnode_t finish_lookup (kbnode_t keyblock,
unsigned int req_usage, int want_exact,
unsigned int *r_flags);
@@ -532,7 +531,7 @@ get_pubkeys (ctrl_t ctrl,
err = get_pubkey_byname (ctrl, &ctx, pk, search_terms, &kb, NULL,
include_unusable, 1);
else
- err = getkey_next (ctx, pk, &kb);
+ err = getkey_next (ctrl, ctx, pk, &kb);
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
/* No more results. */
@@ -697,7 +696,7 @@ pk_from_block (PKT_public_key *pk, kbnode_t keyblock, kbnode_t found_key)
* has definitely been merged into the public key using
* merge_selfsigs. */
int
-get_pubkey (PKT_public_key * pk, u32 * keyid)
+get_pubkey (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid)
{
int internal = 0;
int rc = 0;
@@ -748,7 +747,7 @@ get_pubkey (PKT_public_key * pk, u32 * keyid)
ctx.items[0].u.kid[0] = keyid[0];
ctx.items[0].u.kid[1] = keyid[1];
ctx.req_usage = pk->req_usage;
- rc = lookup (&ctx, &kb, &found_key, 0);
+ rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
if (!rc)
{
pk_from_block (pk, kb, found_key);
@@ -852,7 +851,7 @@ get_pubkey_fast (PKT_public_key * pk, u32 * keyid)
* The self-signed data has already been merged into the public key
* using merge_selfsigs. */
kbnode_t
-get_pubkeyblock (u32 * keyid)
+get_pubkeyblock (ctrl_t ctrl, u32 * keyid)
{
struct getkey_ctx_s ctx;
int rc = 0;
@@ -868,7 +867,7 @@ get_pubkeyblock (u32 * keyid)
ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID;
ctx.items[0].u.kid[0] = keyid[0];
ctx.items[0].u.kid[1] = keyid[1];
- rc = lookup (&ctx, &keyblock, NULL, 0);
+ rc = lookup (ctrl, &ctx, 0, &keyblock, NULL);
getkey_end (&ctx);
return rc ? NULL : keyblock;
@@ -893,7 +892,7 @@ get_pubkeyblock (u32 * keyid)
* The self-signed data has already been merged into the public key
* using merge_selfsigs. */
gpg_error_t
-get_seckey (PKT_public_key *pk, u32 *keyid)
+get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid)
{
gpg_error_t err;
struct getkey_ctx_s ctx;
@@ -911,7 +910,7 @@ get_seckey (PKT_public_key *pk, u32 *keyid)
ctx.items[0].u.kid[0] = keyid[0];
ctx.items[0].u.kid[1] = keyid[1];
ctx.req_usage = pk->req_usage;
- err = lookup (&ctx, &keyblock, &found_key, 1);
+ err = lookup (ctrl, &ctx, 1, &keyblock, &found_key);
if (!err)
{
pk_from_block (pk, keyblock, found_key);
@@ -933,15 +932,14 @@ get_seckey (PKT_public_key *pk, u32 *keyid)
/* Skip unusable keys. A key is unusable if it is revoked, expired or
disabled or if the selected user id is revoked or expired. */
static int
-skip_unusable (void *dummy, u32 * keyid, int uid_no)
+skip_unusable (void *opaque, u32 * keyid, int uid_no)
{
+ ctrl_t ctrl = opaque;
int unusable = 0;
KBNODE keyblock;
PKT_public_key *pk;
- (void) dummy;
-
- keyblock = get_pubkeyblock (keyid);
+ keyblock = get_pubkeyblock (ctrl, keyid);
if (!keyblock)
{
log_error ("error checking usability status of %s\n", keystr (keyid));
@@ -1034,7 +1032,7 @@ leave:
returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY
(if want_secret is set) is returned if the key is not found. */
static int
-key_byname (GETKEY_CTX *retctx, strlist_t namelist,
+key_byname (ctrl_t ctrl, GETKEY_CTX *retctx, strlist_t namelist,
PKT_public_key *pk,
int want_secret, int include_unusable,
KBNODE * ret_kb, KEYDB_HANDLE * ret_kdbhd)
@@ -1063,7 +1061,10 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
ctx->nitems = 1;
ctx->items[0].mode = KEYDB_SEARCH_MODE_FIRST;
if (!include_unusable)
- ctx->items[0].skipfnc = skip_unusable;
+ {
+ ctx->items[0].skipfnc = skip_unusable;
+ ctx->items[0].skipfncvalue = ctrl;
+ }
}
else
{
@@ -1096,7 +1097,10 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR16
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR20
&& ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR)
- ctx->items[n].skipfnc = skip_unusable;
+ {
+ ctx->items[n].skipfnc = skip_unusable;
+ ctx->items[n].skipfncvalue = ctrl;
+ }
}
}
@@ -1117,7 +1121,7 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist,
ctx->req_usage = pk->req_usage;
}
- rc = lookup (ctx, ret_kb, &found_key, want_secret);
+ rc = lookup (ctrl, ctx, want_secret, ret_kb, &found_key);
if (!rc && pk)
{
pk_from_block (pk, *ret_kb, found_key);
@@ -1273,7 +1277,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
* only try the local keyring). In this case, lookup NAME in
* the local keyring. */
add_to_strlist (&namelist, name);
- rc = key_byname (retctx, namelist, pk, 0,
+ rc = key_byname (ctrl, retctx, namelist, pk, 0,
include_unusable, ret_keyblock, ret_kdbhd);
}
@@ -1310,7 +1314,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
*retctx = NULL;
}
add_to_strlist (&namelist, name);
- rc = key_byname (anylocalfirst ? retctx : NULL,
+ rc = key_byname (ctrl, anylocalfirst ? retctx : NULL,
namelist, pk, 0,
include_unusable, ret_keyblock, ret_kdbhd);
break;
@@ -1427,7 +1431,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
getkey_end (*retctx);
*retctx = NULL;
}
- rc = key_byname (anylocalfirst ? retctx : NULL,
+ rc = key_byname (ctrl, anylocalfirst ? retctx : NULL,
namelist, pk, 0,
include_unusable, ret_keyblock, ret_kdbhd);
}
@@ -1596,7 +1600,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
struct pubkey_cmp_cookie new;
kbnode_t new_keyblock;
- while (getkey_next (ctx, &new.key, &new_keyblock) == 0)
+ while (getkey_next (ctrl, ctx, &new.key, &new_keyblock) == 0)
{
int diff = pubkey_cmp (ctrl, name, &best, &new, new_keyblock);
release_kbnode (new_keyblock);
@@ -1656,7 +1660,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
{
release_kbnode (*ret_keyblock);
*ret_keyblock = NULL;
- rc = getkey_next (ctx, NULL, ret_keyblock);
+ rc = getkey_next (ctrl, ctx, NULL, ret_keyblock);
}
}
}
@@ -1718,7 +1722,7 @@ get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname)
{
/* Warning: node flag bits 0 and 1 should be preserved by
* merge_selfsigs. FIXME: Check whether this still holds. */
- merge_selfsigs (keyblock);
+ merge_selfsigs (ctrl, keyblock);
found_key = finish_lookup (keyblock, pk->req_usage, 0, &infoflags);
print_status_key_considered (keyblock, infoflags);
if (found_key)
@@ -1761,7 +1765,7 @@ get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname)
* be done by creating a userID conforming to the unified fingerprint
* style. */
int
-get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
+get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock,
const byte * fprint, size_t fprint_len)
{
int rc;
@@ -1786,7 +1790,7 @@ get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16
: KEYDB_SEARCH_MODE_FPR20;
memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
- rc = lookup (&ctx, &kb, &found_key, 0);
+ rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
if (!rc && pk)
pk_from_block (pk, kb, found_key);
if (!rc && r_keyblock)
@@ -1911,7 +1915,7 @@ parse_def_secret_key (ctrl_t ctrl)
continue;
}
- merge_selfsigs (kb);
+ merge_selfsigs (ctrl, kb);
err = gpg_error (GPG_ERR_NO_SECKEY);
node = kb;
@@ -2024,7 +2028,7 @@ get_seckey_default (ctrl_t ctrl, PKT_public_key *pk)
else
include_unusable = 0;
- err = key_byname (NULL, namelist, pk, 1, include_unusable, NULL, NULL);
+ err = key_byname (ctrl, NULL, namelist, pk, 1, include_unusable, NULL, NULL);
free_strlist (namelist);
@@ -2069,10 +2073,10 @@ get_seckey_default (ctrl_t ctrl, PKT_public_key *pk)
* returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY
* (if want_secret is set) is returned if the key is not found. */
gpg_error_t
-getkey_bynames (getkey_ctx_t *retctx, PKT_public_key *pk,
+getkey_bynames (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
strlist_t names, int want_secret, kbnode_t *ret_keyblock)
{
- return key_byname (retctx, names, pk, want_secret, 1,
+ return key_byname (ctrl, retctx, names, pk, want_secret, 1,
ret_keyblock, NULL);
}
@@ -2136,7 +2140,7 @@ getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
else
with_unusable = 0;
- err = key_byname (retctx, namelist, pk, want_secret, with_unusable,
+ err = key_byname (ctrl, retctx, namelist, pk, want_secret, with_unusable,
ret_keyblock, NULL);
/* FIXME: Check that we really return GPG_ERR_NO_SECKEY if
@@ -2165,7 +2169,8 @@ getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk,
* The self-signed data has already been merged into the public key
* using merge_selfsigs. */
gpg_error_t
-getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock)
+getkey_next (ctrl_t ctrl, getkey_ctx_t ctx,
+ PKT_public_key *pk, kbnode_t *ret_keyblock)
{
int rc; /* Fixme: Make sure this is proper gpg_error */
KBNODE keyblock = NULL;
@@ -2183,7 +2188,8 @@ getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock)
if (pk && ret_keyblock == NULL)
ret_keyblock = &keyblock;
- rc = lookup (ctx, ret_keyblock, pk ? &found_key : NULL, ctx->want_secret);
+ rc = lookup (ctrl, ctx, ctx->want_secret,
+ ret_keyblock, pk ? &found_key : NULL);
if (!rc && pk)
{
log_assert (found_key);
@@ -2255,12 +2261,12 @@ setup_main_keyids (kbnode_t keyblock)
* useful, however, if you change the keyblock, e.g., by adding or
* removing a self-signed data packet. */
void
-merge_keys_and_selfsig (KBNODE keyblock)
+merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock)
{
if (!keyblock)
;
else if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
- merge_selfsigs (keyblock);
+ merge_selfsigs (ctrl, keyblock);
else
log_debug ("FIXME: merging secret key blocks is not anymore available\n");
}
@@ -2481,7 +2487,7 @@ sig_to_revoke_info (PKT_signature * sig, struct revoke_info *rinfo)
field is set to 1 and the other user id's is_primary are set to
0. */
static void
-merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
+merge_selfsigs_main (ctrl_t ctrl, kbnode_t keyblock, int *r_revoked,
struct revoke_info *rinfo)
{
PKT_public_key *pk = NULL;
@@ -2564,7 +2570,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1])
/* Self sig. */
{
- if (check_key_signature (keyblock, k, NULL))
+ if (check_key_signature (ctrl, keyblock, k, NULL))
; /* Signature did not verify. */
else if (IS_KEY_REV (sig))
{
@@ -2689,7 +2695,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
if (IS_KEY_REV (sig) &&
(sig->keyid[0] != kid[0] || sig->keyid[1] != kid[1]))
{
- int rc = check_revocation_keys (pk, sig);
+ int rc = check_revocation_keys (ctrl, pk, sig);
if (rc == 0)
{
*r_revoked = 2;
@@ -2746,7 +2752,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
PKT_signature *sig = k->pkt->pkt.signature;
if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1])
{
- if (check_key_signature (keyblock, k, NULL))
+ if (check_key_signature (ctrl, keyblock, k, NULL))
; /* signature did not verify */
else if ((IS_UID_SIG (sig) || IS_UID_REV (sig))
&& sig->timestamp >= sigdate)
@@ -2812,9 +2818,10 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
revoked the user should also remove the
ultimate trust flag. */
if (get_pubkey_fast (ultimate_pk, sig->keyid) == 0
- && check_key_signature2 (keyblock, k, ultimate_pk,
+ && check_key_signature2 (ctrl,
+ keyblock, k, ultimate_pk,
NULL, NULL, NULL, NULL) == 0
- && get_ownertrust (ultimate_pk) == TRUST_ULTIMATE)
+ && get_ownertrust (ctrl, ultimate_pk) == TRUST_ULTIMATE)
{
free_public_key (ultimate_pk);
pk->flags.valid = 1;
@@ -3050,7 +3057,7 @@ buf_to_sig (const byte * buf, size_t len)
flags.chosen_selfsig
*/
static void
-merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
+merge_selfsigs_subkey (ctrl_t ctrl, kbnode_t keyblock, kbnode_t subnode)
{
PKT_public_key *mainpk = NULL, *subpk = NULL;
PKT_signature *sig;
@@ -3089,7 +3096,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
sig = k->pkt->pkt.signature;
if (sig->keyid[0] == mainkid[0] && sig->keyid[1] == mainkid[1])
{
- if (check_key_signature (keyblock, k, NULL))
+ if (check_key_signature (ctrl, keyblock, k, NULL))
; /* Signature did not verify. */
else if (IS_SUBKEY_REV (sig))
{
@@ -3241,7 +3248,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
See documentation for merge_selfsigs_main, merge_selfsigs_subkey
and fixup_uidnode for exactly which fields are updated. */
static void
-merge_selfsigs (KBNODE keyblock)
+merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock)
{
KBNODE k;
int revoked;
@@ -3264,14 +3271,14 @@ merge_selfsigs (KBNODE keyblock)
BUG ();
}
- merge_selfsigs_main (keyblock, &revoked, &rinfo);
+ merge_selfsigs_main (ctrl, keyblock, &revoked, &rinfo);
/* Now merge in the data from each of the subkeys. */
for (k = keyblock; k; k = k->next)
{
if (k->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
- merge_selfsigs_subkey (keyblock, k);
+ merge_selfsigs_subkey (ctrl, keyblock, k);
}
}
@@ -3670,8 +3677,8 @@ print_status_key_considered (kbnode_t keyblock, unsigned int flags)
*RET_KEYBLOCK is deallocated. Therefore, if RET_FOUND_KEY is not
NULL, then RET_KEYBLOCK must not be NULL. */
static int
-lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
- int want_secret)
+lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
+ kbnode_t *ret_keyblock, kbnode_t *ret_found_key)
{
int rc;
int no_suitable_key = 0;
@@ -3708,7 +3715,7 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
/* Warning: node flag bits 0 and 1 should be preserved by
* merge_selfsigs. */
- merge_selfsigs (keyblock);
+ merge_selfsigs (ctrl, keyblock);
found_key = finish_lookup (keyblock, ctx->req_usage, ctx->exact,
&infoflags);
print_status_key_considered (keyblock, infoflags);
@@ -3868,7 +3875,8 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
break;
case 3: /* Init search context to enum all secret keys. */
- err = getkey_bynames (&c->ctx, NULL, NULL, 1, &keyblock);
+ err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
+ &keyblock);
if (err)
{
release_kbnode (keyblock);
@@ -3882,7 +3890,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
case 4: /* Get next item from the context. */
if (c->ctx)
{
- err = getkey_next (c->ctx, NULL, &keyblock);
+ err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
if (err)
{
release_kbnode (keyblock);
@@ -3946,7 +3954,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
/* Return a string with a printable representation of the user_id.
* this string must be freed by xfree. */
static char *
-get_user_id_string (u32 * keyid, int mode, size_t *r_len)
+get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
{
user_id_db_t r;
keyid_list_t a;
@@ -3990,7 +3998,7 @@ get_user_id_string (u32 * keyid, int mode, size_t *r_len)
}
}
}
- while (++pass < 2 && !get_pubkey (NULL, keyid));
+ while (++pass < 2 && !get_pubkey (ctrl, NULL, keyid));
if (mode == 2)
p = xstrdup (user_id_not_found_utf8 ());
@@ -4006,9 +4014,9 @@ get_user_id_string (u32 * keyid, int mode, size_t *r_len)
char *
-get_user_id_string_native (u32 * keyid)
+get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
{
- char *p = get_user_id_string (keyid, 0, NULL);
+ char *p = get_user_id_string (ctrl, keyid, 0, NULL);
char *p2 = utf8_to_native (p, strlen (p), 0);
xfree (p);
return p2;
@@ -4016,26 +4024,26 @@ get_user_id_string_native (u32 * keyid)
char *
-get_long_user_id_string (u32 * keyid)
+get_long_user_id_string (ctrl_t ctrl, u32 * keyid)
{
- return get_user_id_string (keyid, 1, NULL);
+ return get_user_id_string (ctrl, keyid, 1, NULL);
}
/* Please try to use get_user_byfpr instead of this one. */
char *
-get_user_id (u32 * keyid, size_t * rn)
+get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn)
{
- return get_user_id_string (keyid, 2, rn);
+ return get_user_id_string (ctrl, keyid, 2, rn);
}
/* Please try to use get_user_id_byfpr_native instead of this one. */
char *
-get_user_id_native (u32 * keyid)
+get_user_id_native (ctrl_t ctrl, u32 *keyid)
{
size_t rn;
- char *p = get_user_id (keyid, &rn);
+ char *p = get_user_id (ctrl, keyid, &rn);
char *p2 = utf8_to_native (p, rn, 0);
xfree (p);
return p2;
@@ -4048,7 +4056,7 @@ get_user_id_native (u32 * keyid)
terminated. To determine the length of the string, you must use
*RN. */
char *
-get_user_id_byfpr (const byte *fpr, size_t *rn)
+get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn)
{
user_id_db_t r;
char *p;
@@ -4076,7 +4084,7 @@ get_user_id_byfpr (const byte *fpr, size_t *rn)
}
}
while (++pass < 2
- && !get_pubkey_byfprint (NULL, NULL, fpr, MAX_FINGERPRINT_LEN));
+ && !get_pubkey_byfprint (ctrl, NULL, NULL, fpr, MAX_FINGERPRINT_LEN));
p = xstrdup (user_id_not_found_utf8 ());
*rn = strlen (p);
return p;
@@ -4086,10 +4094,10 @@ get_user_id_byfpr (const byte *fpr, size_t *rn)
encoding. The returned string needs to be freed. Unlike
get_user_id_byfpr, the returned string is NUL terminated. */
char *
-get_user_id_byfpr_native (const byte *fpr)
+get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr)
{
size_t rn;
- char *p = get_user_id_byfpr (fpr, &rn);
+ char *p = get_user_id_byfpr (ctrl, fpr, &rn);
char *p2 = utf8_to_native (p, rn, 0);
xfree (p);
return p2;
diff --git a/g10/gpg.c b/g10/gpg.c
index 507422c73..28e0a9c64 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -4292,7 +4292,8 @@ main (int argc, char **argv)
proper order :) */
for( ; argc; argc-- )
add_to_strlist2( &sl, argv[argc-1], utf8_strings );
- delete_keys(sl,cmd==aDeleteSecretKeys,cmd==aDeleteSecretAndPublicKeys);
+ delete_keys (ctrl, sl,
+ cmd==aDeleteSecretKeys, cmd==aDeleteSecretAndPublicKeys);
free_strlist(sl);
break;
@@ -4591,7 +4592,7 @@ main (int argc, char **argv)
if( argc != 1 )
wrong_args("--generate-revocation user-id");
username = make_username(*argv);
- gen_revoke( username );
+ gen_revoke (ctrl, username );
xfree( username );
break;
@@ -4738,10 +4739,10 @@ main (int argc, char **argv)
#ifndef NO_TRUST_MODELS
case aListTrustDB:
if( !argc )
- list_trustdb (es_stdout, NULL);
+ list_trustdb (ctrl, es_stdout, NULL);
else {
for( ; argc; argc--, argv++ )
- list_trustdb (es_stdout, *argv );
+ list_trustdb (ctrl, es_stdout, *argv );
}
break;
@@ -4773,28 +4774,28 @@ main (int argc, char **argv)
case aExportOwnerTrust:
if( argc )
wrong_args("--export-ownertrust");
- export_ownertrust();
+ export_ownertrust (ctrl);
break;
case aImportOwnerTrust:
if( argc > 1 )
wrong_args("--import-ownertrust [file]");
- import_ownertrust( argc? *argv:NULL );
+ import_ownertrust (ctrl, argc? *argv:NULL );
break;
#endif /*!NO_TRUST_MODELS*/
case aRebuildKeydbCaches:
if (argc)
wrong_args ("--rebuild-keydb-caches");
- keydb_rebuild_caches (1);
+ keydb_rebuild_caches (ctrl, 1);
break;
#ifdef ENABLE_CARD_SUPPORT
case aCardStatus:
if (argc == 0)
- card_status (es_stdout, NULL);
+ card_status (ctrl, es_stdout, NULL);
else if (argc == 1)
- card_status (es_stdout, *argv);
+ card_status (ctrl, es_stdout, *argv);
else
wrong_args ("--card-status [serialno]");
break;
@@ -4906,7 +4907,7 @@ main (int argc, char **argv)
g10_exit (1);
}
- merge_keys_and_selfsig (kb);
+ merge_keys_and_selfsig (ctrl, kb);
if (tofu_set_policy (ctrl, kb, policy))
g10_exit (1);
diff --git a/g10/gpgcompose.c b/g10/gpgcompose.c
index fafbfd274..d5855029d 100644
--- a/g10/gpgcompose.c
+++ b/g10/gpgcompose.c
@@ -42,6 +42,11 @@ struct filter
struct filter *next;
};
+
+/* Hack to ass CTRL to some functions. */
+static ctrl_t global_ctrl;
+
+
static struct filter *filters;
static void
@@ -1609,7 +1614,7 @@ mksubpkt_callback (PKT_signature *sig, void *cookie)
if (err)
{
u32 keyid[2];
- keyid_from_fingerprint (revkey->fpr, 20, keyid);
+ keyid_from_fingerprint (global_ctrl, revkey->fpr, 20, keyid);
log_fatal ("adding revocation key %s: %s\n",
keystr (keyid), gpg_strerror (err));
}
@@ -1793,7 +1798,8 @@ signature (const char *option, int argc, char *argv[], void *cookie)
/* Changing the issuer's key id is fragile. Check to make sure
make_keysig_packet didn't recompute the keyid. */
keyid_copy (keyid, si.issuer_pk->keyid);
- err = make_keysig_packet (&sig, si.pk, si.uid, si.sk, si.issuer_pk,
+ err = make_keysig_packet (global_ctrl,
+ &sig, si.pk, si.uid, si.sk, si.issuer_pk,
si.class, si.digest_algo,
si.timestamp, si.expiration,
mksubpkt_callback, &si, NULL);
@@ -2446,7 +2452,7 @@ pk_esk (const char *option, int argc, char *argv[], void *cookie)
make_session_key (&session_key);
}
- err = write_pubkey_enc (&pk, pi.throw_keyid, &session_key, out);
+ err = write_pubkey_enc (global_ctrl, &pk, pi.throw_keyid, &session_key, out);
if (err)
log_fatal ("%s: writing pk_esk packet for %s: %s\n",
option, pi.keyid, gpg_strerror (err));
@@ -2967,7 +2973,7 @@ main (int argc, char *argv[])
/* Allow notations in the IETF space, for instance. */
opt.expert = 1;
- ctrl = xcalloc (1, sizeof *ctrl);
+ global_ctrl = ctrl = xcalloc (1, sizeof *ctrl);
keydb_add_resource ("pubring" EXTSEP_S GPGEXT_GPG,
KEYDB_RESOURCE_FLAG_DEFAULT);
@@ -3035,7 +3041,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
}
void
-show_basic_key_info (KBNODE keyblock)
+show_basic_key_info (ctrl_t ctrl, KBNODE keyblock)
{
+ (void)ctrl;
(void) keyblock;
}
diff --git a/g10/gpgv.c b/g10/gpgv.c
index 5ee26b46c..ddbcd7da8 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -299,10 +299,12 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
}
void
-read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
- byte *marginals, byte *completes, byte *cert_depth,
- byte *min_cert_level)
+read_trust_options (ctrl_t ctrl,
+ byte *trust_model, ulong *created, ulong *nextcheck,
+ byte *marginals, byte *completes, byte *cert_depth,
+ byte *min_cert_level)
{
+ (void)ctrl;
(void)trust_model;
(void)created;
(void)nextcheck;
@@ -318,8 +320,9 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
*/
int
-cache_disabled_value(PKT_public_key *pk)
+cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
{
+ (void)ctrl;
(void)pk;
return 0;
}
@@ -371,16 +374,18 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
}
int
-get_ownertrust_info (PKT_public_key *pk, int no_create)
+get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
+ (void)ctrl;
(void)pk;
(void)no_create;
return '?';
}
unsigned int
-get_ownertrust (PKT_public_key *pk)
+get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
{
+ (void)ctrl;
(void)pk;
return TRUST_UNKNOWN;
}
diff --git a/g10/import.c b/g10/import.c
index d43b2a8e3..abc811d63 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -112,11 +112,12 @@ static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
import_screener_t screener, void *screener_arg);
static int import_revoke_cert (ctrl_t ctrl,
kbnode_t node, struct import_stats_s *stats);
-static int chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self);
-static int delete_inv_parts (kbnode_t keyblock,
+static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
+ int *non_self);
+static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock,
u32 *keyid, unsigned int options);
static int any_uid_left (kbnode_t keyblock);
-static int merge_blocks (kbnode_t keyblock_orig,
+static int merge_blocks (ctrl_t ctrl, kbnode_t keyblock_orig,
kbnode_t keyblock, u32 *keyid,
int *n_uids, int *n_sigs, int *n_subk );
static int append_uid (kbnode_t keyblock, kbnode_t node, int *n_sigs);
@@ -361,13 +362,13 @@ read_key_from_file (ctrl_t ctrl, const char *fname, kbnode_t *r_keyblock)
collapse_uids (&keyblock);
clear_kbnode_flags (keyblock);
- if (chk_self_sigs (keyblock, keyid, &non_self))
+ if (chk_self_sigs (ctrl, keyblock, keyid, &non_self))
{
err = gpg_error (GPG_ERR_INV_KEYRING);
goto leave;
}
- if (!delete_inv_parts (keyblock, keyid, 0) )
+ if (!delete_inv_parts (ctrl, keyblock, keyid, 0) )
{
err = gpg_error (GPG_ERR_NO_USER_ID);
goto leave;
@@ -907,7 +908,7 @@ read_block( IOBUF a, int with_meta,
by reordering the keyblock so that it reads "pk uid sig sub1 bind1
sub2 sub3". Returns TRUE if the keyblock was modified. */
static int
-fix_pks_corruption (kbnode_t keyblock)
+fix_pks_corruption (ctrl_t ctrl, kbnode_t keyblock)
{
int changed = 0;
int keycount = 0;
@@ -946,7 +947,7 @@ fix_pks_corruption (kbnode_t keyblock)
selfsig. This is not necessary here as the subkey and
binding sig will be rejected later if that is the
case. */
- if (check_key_signature (keyblock,node,NULL))
+ if (check_key_signature (ctrl, keyblock,node,NULL))
{
/* Not a match, so undo the changes. */
sknode->next = node->next;
@@ -979,7 +980,7 @@ fix_pks_corruption (kbnode_t keyblock)
We need to detect and delete them before doing a merge. This
function returns the number of removed sigs. */
static int
-fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
+fix_bad_direct_key_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid)
{
gpg_error_t err;
kbnode_t node;
@@ -992,7 +993,7 @@ fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
if (node->pkt->pkttype == PKT_SIGNATURE
&& IS_KEY_SIG (node->pkt->pkt.signature))
{
- err = check_key_signature (keyblock, node, NULL);
+ err = check_key_signature (ctrl, keyblock, node, NULL);
if (err && gpg_err_code (err) != GPG_ERR_PUBKEY_ALGO )
{
/* If we don't know the error, we can't decide; this is
@@ -1067,7 +1068,7 @@ check_prefs (ctrl_t ctrl, kbnode_t keyblock)
PKT_public_key *pk;
int problem=0;
- merge_keys_and_selfsig(keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
pk=keyblock->pkt->pkt.public_key;
for(node=keyblock;node;node=node->next)
@@ -1174,8 +1175,10 @@ check_prefs (ctrl_t ctrl, kbnode_t keyblock)
const char *
impex_filter_getval (void *cookie, const char *propname)
{
- /* FIXME: Malloc our static buffers and access them via the cookie. */
- kbnode_t node = cookie;
+ /* FIXME: Malloc our static buffers and access them via PARM. */
+ struct impex_filter_parm_s *parm = cookie;
+ ctrl_t ctrl = parm->ctrl;
+ kbnode_t node = parm->node;
static char numbuf[20];
const char *result;
@@ -1293,15 +1296,19 @@ impex_filter_getval (void *cookie, const char *propname)
* KEYBLOCK must not have any blocks marked as deleted.
*/
static void
-apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
+apply_keep_uid_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
{
kbnode_t node;
+ struct impex_filter_parm_s parm;
+
+ parm.ctrl = ctrl;
for (node = keyblock->next; node; node = node->next )
{
if (node->pkt->pkttype == PKT_USER_ID)
{
- if (!recsel_select (selector, impex_filter_getval, node))
+ parm.node = node;
+ if (!recsel_select (selector, impex_filter_getval, &parm))
{
/* log_debug ("keep-uid: deleting '%s'\n", */
@@ -1330,12 +1337,15 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
* KEYBLOCK must not have any blocks marked as deleted.
*/
static void
-apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector)
+apply_drop_sig_filter (ctrl_t ctrl, kbnode_t keyblock, recsel_expr_t selector)
{
kbnode_t node;
int active = 0;
u32 main_keyid[2];
PKT_signature *sig;
+ struct impex_filter_parm_s parm;
+
+ parm.ctrl = ctrl;
keyid_from_pk (keyblock->pkt->pkt.public_key, main_keyid);
@@ -1360,7 +1370,8 @@ apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector)
if (IS_UID_SIG(sig) || IS_UID_REV(sig))
{
- if (recsel_select (selector, impex_filter_getval, node))
+ parm.node = node;
+ if (recsel_select (selector, impex_filter_getval, &parm))
delete_kbnode (node);
}
}
@@ -1442,9 +1453,9 @@ import_one (ctrl_t ctrl,
{
if (is_status_enabled())
print_import_check (pk, uidnode->pkt->pkt.user_id);
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
tty_printf ("\n");
- show_basic_key_info (keyblock);
+ show_basic_key_info (ctrl, keyblock);
tty_printf ("\n");
if (!cpr_get_answer_is_yes ("import.okay",
"Do you want to import this key? (y/N) "))
@@ -1458,16 +1469,18 @@ import_one (ctrl_t ctrl,
end result, but does result in less logging which might confuse
the user. */
if (options&IMPORT_CLEAN)
- clean_key (keyblock,opt.verbose,options&IMPORT_MINIMAL,NULL,NULL);
+ clean_key (ctrl, keyblock,
+ opt.verbose, (options&IMPORT_MINIMAL), NULL, NULL);
clear_kbnode_flags( keyblock );
- if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
+ if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG)
+ && fix_pks_corruption (ctrl, keyblock)
&& opt.verbose)
log_info (_("key %s: PKS subkey corruption repaired\n"),
keystr_from_pk(pk));
- if (chk_self_sigs (keyblock, keyid, &non_self))
+ if (chk_self_sigs (ctrl, keyblock, keyid, &non_self))
return 0; /* Invalid keyblock - error already printed. */
/* If we allow such a thing, mark unsigned uids as valid */
@@ -1488,7 +1501,7 @@ import_one (ctrl_t ctrl,
}
}
- if (!delete_inv_parts (keyblock, keyid, options ) )
+ if (!delete_inv_parts (ctrl, keyblock, keyid, options ) )
{
if (!silent)
{
@@ -1506,13 +1519,13 @@ import_one (ctrl_t ctrl,
/* Apply import filter. */
if (import_filter.keep_uid)
{
- apply_keep_uid_filter (keyblock, import_filter.keep_uid);
+ apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
commit_kbnode (&keyblock);
any_filter = 1;
}
if (import_filter.drop_sig)
{
- apply_drop_sig_filter (keyblock, import_filter.drop_sig);
+ apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
commit_kbnode (&keyblock);
any_filter = 1;
}
@@ -1534,7 +1547,7 @@ import_one (ctrl_t ctrl,
if ((options & IMPORT_SHOW)
&& !((options & IMPORT_EXPORT) && !opt.armor && !opt.outfile))
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
merge_keys_done = 1;
/* Note that we do not want to show the validity because the key
* has not yet imported. */
@@ -1547,7 +1560,7 @@ import_one (ctrl_t ctrl,
{
if (!merge_keys_done)
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
merge_keys_done = 1;
}
rc = write_keyblock_to_output (keyblock, opt.armor, opt.export_options);
@@ -1604,23 +1617,23 @@ import_one (ctrl_t ctrl,
be made to happen with the trusted-key command and by
importing and locally exported key. */
- clear_ownertrusts (pk);
+ clear_ownertrusts (ctrl, pk);
if (non_self)
- revalidation_mark ();
+ revalidation_mark (ctrl);
}
keydb_release (hd);
/* We are ready. */
if (!opt.quiet && !silent)
{
- char *p = get_user_id_byfpr_native (fpr2);
+ char *p = get_user_id_byfpr_native (ctrl, fpr2);
log_info (_("key %s: public key \"%s\" imported\n"),
keystr(keyid), p);
xfree(p);
}
if (is_status_enabled())
{
- char *us = get_long_user_id_string( keyid );
+ char *us = get_long_user_id_string (ctrl, keyid);
write_status_text( STATUS_IMPORTED, us );
xfree(us);
print_import_ok (pk, 1);
@@ -1669,7 +1682,7 @@ import_one (ctrl_t ctrl,
}
/* Make sure the original direct key sigs are all sane. */
- n_sigs_cleaned = fix_bad_direct_key_sigs (keyblock_orig, keyid);
+ n_sigs_cleaned = fix_bad_direct_key_sigs (ctrl, keyblock_orig, keyid);
if (n_sigs_cleaned)
commit_kbnode (&keyblock_orig);
@@ -1677,7 +1690,7 @@ import_one (ctrl_t ctrl,
clear_kbnode_flags( keyblock_orig );
clear_kbnode_flags( keyblock );
n_uids = n_sigs = n_subk = n_uids_cleaned = 0;
- rc = merge_blocks (keyblock_orig, keyblock,
+ rc = merge_blocks (ctrl, keyblock_orig, keyblock,
keyid, &n_uids, &n_sigs, &n_subk );
if (rc )
{
@@ -1686,7 +1699,7 @@ import_one (ctrl_t ctrl,
}
if ((options & IMPORT_CLEAN))
- clean_key (keyblock_orig,opt.verbose,options&IMPORT_MINIMAL,
+ clean_key (ctrl, keyblock_orig, opt.verbose, (options&IMPORT_MINIMAL),
&n_uids_cleaned,&n_sigs_cleaned);
if (n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned)
@@ -1698,12 +1711,12 @@ import_one (ctrl_t ctrl,
log_error (_("error writing keyring '%s': %s\n"),
keydb_get_resource_name (hd), gpg_strerror (rc) );
else if (non_self)
- revalidation_mark ();
+ revalidation_mark (ctrl);
/* We are ready. */
if (!opt.quiet && !silent)
{
- char *p = get_user_id_byfpr_native (fpr2);
+ char *p = get_user_id_byfpr_native (ctrl, fpr2);
if (n_uids == 1 )
log_info( _("key %s: \"%s\" 1 new user ID\n"),
keystr(keyid),p);
@@ -1754,7 +1767,7 @@ import_one (ctrl_t ctrl,
if (!opt.quiet && !silent)
{
- char *p = get_user_id_byfpr_native (fpr2);
+ char *p = get_user_id_byfpr_native (ctrl, fpr2);
log_info( _("key %s: \"%s\" not changed\n"),keystr(keyid),p);
xfree(p);
}
@@ -2059,7 +2072,7 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
/* Send the wrapped key to the agent. */
{
- char *desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_IMPORT, 1);
+ char *desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_IMPORT, 1);
err = agent_import_key (ctrl, desc, &cache_nonce,
wrappedkey, wrappedkeylen, batch, force);
xfree (desc);
@@ -2279,7 +2292,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
/* Fixme: we should do this based on the fingerprint or
even better let import_one return the merged
keyblock. */
- node = get_pubkeyblock (keyid);
+ node = get_pubkeyblock (ctrl, keyid);
if (!node)
log_error ("key %s: failed to re-lookup public key\n",
keystr_from_pk (pk));
@@ -2356,7 +2369,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
keyid[1] = node->pkt->pkt.signature->keyid[1];
pk = xmalloc_clear( sizeof *pk );
- rc = get_pubkey( pk, keyid );
+ rc = get_pubkey (ctrl, pk, keyid );
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY )
{
log_error(_("key %s: no public key -"
@@ -2405,7 +2418,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
/* it is okay, that node is not in keyblock because
* check_key_signature works fine for sig_class 0x20 in this
* special case. */
- rc = check_key_signature( keyblock, node, NULL);
+ rc = check_key_signature (ctrl, keyblock, node, NULL);
if (rc )
{
log_error( _("key %s: invalid revocation certificate"
@@ -2440,7 +2453,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
/* we are ready */
if (!opt.quiet )
{
- char *p=get_user_id_native (keyid);
+ char *p=get_user_id_native (ctrl, keyid);
log_info( _("key %s: \"%s\" revocation certificate imported\n"),
keystr(keyid),p);
xfree(p);
@@ -2450,10 +2463,10 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
/* If the key we just revoked was ultimately trusted, remove its
ultimate trust. This doesn't stop the user from putting the
ultimate trust back, but is a reasonable solution for now. */
- if(get_ownertrust(pk)==TRUST_ULTIMATE)
- clear_ownertrusts(pk);
+ if (get_ownertrust (ctrl, pk) == TRUST_ULTIMATE)
+ clear_ownertrusts (ctrl, pk);
- revalidation_mark ();
+ revalidation_mark (ctrl);
leave:
keydb_release (hd);
@@ -2477,7 +2490,7 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
* is invalid.
*/
static int
-chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
+chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
{
kbnode_t n, knode = NULL;
PKT_signature *sig;
@@ -2510,7 +2523,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
/* This just caches the sigs for later use. That way we
import a fully-cached key which speeds things up. */
if (!opt.no_sig_cache)
- check_key_signature (keyblock, n, NULL);
+ check_key_signature (ctrl, keyblock, n, NULL);
if ( IS_UID_SIG(sig) || IS_UID_REV(sig) )
{
@@ -2525,7 +2538,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
/* If it hasn't been marked valid yet, keep trying. */
if (!(unode->flag & NODE_GOOD_SELFSIG))
{
- rc = check_key_signature (keyblock, n, NULL);
+ rc = check_key_signature (ctrl, keyblock, n, NULL);
if ( rc )
{
if ( opt.verbose )
@@ -2548,7 +2561,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
}
else if (IS_KEY_SIG (sig))
{
- rc = check_key_signature (keyblock, n, NULL);
+ rc = check_key_signature (ctrl, keyblock, n, NULL);
if ( rc )
{
if (opt.verbose)
@@ -2574,7 +2587,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
}
else
{
- rc = check_key_signature (keyblock, n, NULL);
+ rc = check_key_signature (ctrl, keyblock, n, NULL);
if ( rc )
{
if (opt.verbose)
@@ -2625,7 +2638,7 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
}
else
{
- rc = check_key_signature (keyblock, n, NULL);
+ rc = check_key_signature (ctrl, keyblock, n, NULL);
if ( rc )
{
if(opt.verbose)
@@ -2672,7 +2685,8 @@ chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
* Returns: True if at least one valid user-id is left over.
*/
static int
-delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options)
+delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
+ unsigned int options)
{
kbnode_t node;
int nvalid=0, uid_seen=0, subkey_seen=0;
@@ -2767,7 +2781,7 @@ delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options)
if(node->pkt->pkt.signature->keyid[0]==keyid[0]
&& node->pkt->pkt.signature->keyid[1]==keyid[1])
{
- int rc = check_key_signature( keyblock, node, NULL);
+ int rc = check_key_signature (ctrl, keyblock, node, NULL);
if (rc )
{
if(opt.verbose)
@@ -2968,8 +2982,8 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
{
u32 keyid[2];
- keyid_from_fingerprint(sig->revkey[idx].fpr,
- MAX_FINGERPRINT_LEN,keyid);
+ keyid_from_fingerprint (ctrl, sig->revkey[idx].fpr,
+ MAX_FINGERPRINT_LEN, keyid);
for(inode=keyblock->next;inode;inode=inode->next)
{
@@ -3041,7 +3055,7 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
* Note: We indicate newly inserted packets with NODE_FLAG_A.
*/
static int
-merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock,
+merge_blocks (ctrl_t ctrl, kbnode_t keyblock_orig, kbnode_t keyblock,
u32 *keyid, int *n_uids, int *n_sigs, int *n_subk )
{
kbnode_t onode, node;
@@ -3078,7 +3092,7 @@ merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock,
++*n_sigs;
if(!opt.quiet)
{
- char *p=get_user_id_native (keyid);
+ char *p = get_user_id_native (ctrl, keyid);
log_info(_("key %s: \"%s\" revocation"
" certificate added\n"), keystr(keyid),p);
xfree(p);
diff --git a/g10/keydb.c b/g10/keydb.c
index b255c3fff..5479a2aa9 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -1674,7 +1674,7 @@ keydb_locate_writable (KEYDB_HANDLE hd)
/* Rebuild the on-disk caches of all key resources. */
void
-keydb_rebuild_caches (int noisy)
+keydb_rebuild_caches (ctrl_t ctrl, int noisy)
{
int i, rc;
@@ -1687,7 +1687,7 @@ keydb_rebuild_caches (int noisy)
case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
break;
case KEYDB_RESOURCE_TYPE_KEYRING:
- rc = keyring_rebuild_cache (all_resources[i].token,noisy);
+ rc = keyring_rebuild_cache (ctrl, all_resources[i].token,noisy);
if (rc)
log_error (_("failed to rebuild keyring cache: %s\n"),
gpg_strerror (rc));
diff --git a/g10/keydb.h b/g10/keydb.h
index 2de52d504..605964db0 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -186,7 +186,7 @@ gpg_error_t keydb_delete_keyblock (KEYDB_HANDLE hd);
gpg_error_t keydb_locate_writable (KEYDB_HANDLE hd);
/* Rebuild the on-disk caches of all key resources. */
-void keydb_rebuild_caches (int noisy);
+void keydb_rebuild_caches (ctrl_t ctrl, int noisy);
/* Return the number of skipped blocks (because they were to large to
read from a keybox) since the last search reset. */
@@ -215,7 +215,7 @@ gpg_error_t keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr);
/*-- pkclist.c --*/
-void show_revocation_reason( PKT_public_key *pk, int mode );
+void show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode );
int check_signatures_trust (ctrl_t ctrl, PKT_signature *sig);
void release_pk_list (PK_LIST pk_list);
@@ -258,13 +258,15 @@ void set_next_passphrase( const char *s );
char *get_last_passphrase(void);
void next_to_last_passphrase(void);
-void emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo);
+void emit_status_need_passphrase (ctrl_t ctrl, u32 *keyid,
+ u32 *mainkeyid, int pubkey_algo);
#define FORMAT_KEYDESC_NORMAL 0
#define FORMAT_KEYDESC_IMPORT 1
#define FORMAT_KEYDESC_EXPORT 2
#define FORMAT_KEYDESC_DELKEY 3
-char *gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped);
+char *gpg_format_keydesc (ctrl_t ctrl,
+ PKT_public_key *pk, int mode, int escaped);
/*-- getkey.c --*/
@@ -276,7 +278,7 @@ void cache_public_key( PKT_public_key *pk );
void getkey_disable_caches(void);
/* Return the public key with the key id KEYID and store it at PK. */
-int get_pubkey( PKT_public_key *pk, u32 *keyid );
+int get_pubkey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid);
/* Similar to get_pubkey, but it does not take PK->REQ_USAGE into
account nor does it merge in the self-signed data. This function
@@ -284,7 +286,7 @@ int get_pubkey( PKT_public_key *pk, u32 *keyid );
int get_pubkey_fast (PKT_public_key *pk, u32 *keyid);
/* Return the key block for the key with KEYID. */
-kbnode_t get_pubkeyblock (u32 *keyid);
+kbnode_t get_pubkeyblock (ctrl_t ctrl, u32 *keyid);
/* A list used by get_pubkeys to gather all of the matches. */
struct pubkey_s
@@ -330,10 +332,10 @@ gpg_error_t get_pubkey_fromfile (ctrl_t ctrl,
/* Return the public key with the key id KEYID iff the secret key is
* available and store it at PK. */
-gpg_error_t get_seckey (PKT_public_key *pk, u32 *keyid);
+gpg_error_t get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid);
/* Lookup a key with the specified fingerprint. */
-int get_pubkey_byfprint (PKT_public_key *pk, kbnode_t *r_keyblock,
+int get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock,
const byte *fprint, size_t fprint_len);
/* This function is similar to get_pubkey_byfprint, but it doesn't
@@ -354,7 +356,8 @@ const char *parse_def_secret_key (ctrl_t ctrl);
gpg_error_t get_seckey_default (ctrl_t ctrl, PKT_public_key *pk);
/* Search for keys matching some criteria. */
-gpg_error_t getkey_bynames (getkey_ctx_t *retctx, PKT_public_key *pk,
+gpg_error_t getkey_bynames (ctrl_t ctrl,
+ getkey_ctx_t *retctx, PKT_public_key *pk,
strlist_t names, int want_secret,
kbnode_t *ret_keyblock);
@@ -365,8 +368,8 @@ gpg_error_t getkey_byname (ctrl_t ctrl,
kbnode_t *ret_keyblock);
/* Return the next search result. */
-gpg_error_t getkey_next (getkey_ctx_t ctx, PKT_public_key *pk,
- kbnode_t *ret_keyblock);
+gpg_error_t getkey_next (ctrl_t ctrl, getkey_ctx_t ctx,
+ PKT_public_key *pk, kbnode_t *ret_keyblock);
/* Release any resources used by a key listing context. */
void getkey_end (getkey_ctx_t ctx);
@@ -383,14 +386,14 @@ void setup_main_keyids (kbnode_t keyblock);
/* This function merges information from the self-signed data into the
data structures. */
-void merge_keys_and_selfsig (kbnode_t keyblock);
+void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock);
-char*get_user_id_string_native( u32 *keyid );
-char*get_long_user_id_string( u32 *keyid );
-char*get_user_id( u32 *keyid, size_t *rn );
-char*get_user_id_native( u32 *keyid );
-char *get_user_id_byfpr (const byte *fpr, size_t *rn);
-char *get_user_id_byfpr_native (const byte *fpr);
+char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid);
+char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid);
+char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn);
+char*get_user_id_native (ctrl_t ctrl, u32 *keyid);
+char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn);
+char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr);
void release_akl(void);
int parse_auto_key_locate(char *options);
@@ -449,8 +452,9 @@ const char *pk_keyid_str (PKT_public_key *pk);
const char *keystr_from_desc(KEYDB_SEARCH_DESC *desc);
u32 keyid_from_pk( PKT_public_key *pk, u32 *keyid );
-u32 keyid_from_sig( PKT_signature *sig, u32 *keyid );
-u32 keyid_from_fingerprint(const byte *fprint, size_t fprint_len, u32 *keyid);
+u32 keyid_from_sig (PKT_signature *sig, u32 *keyid );
+u32 keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint, size_t fprint_len,
+ u32 *keyid);
byte *namehash_from_uid(PKT_user_id *uid);
unsigned nbits_from_pk( PKT_public_key *pk );
const char *datestr_from_pk( PKT_public_key *pk );
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 9a6112631..a7a5f7209 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -59,24 +59,27 @@ static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
int with_revoker, int with_fpr,
int with_subkeys, int with_prefs,
int nowarn);
-static void show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys);
+static void show_key_and_fingerprint (ctrl_t ctrl,
+ kbnode_t keyblock, int with_subkeys);
static void show_key_and_grip (kbnode_t keyblock);
static void subkey_expire_warning (kbnode_t keyblock);
static int menu_adduid (ctrl_t ctrl, kbnode_t keyblock,
int photo, const char *photo_name, const char *uidstr);
static void menu_deluid (KBNODE pub_keyblock);
-static int menu_delsig (KBNODE pub_keyblock);
-static int menu_clean (KBNODE keyblock, int self_only);
+static int menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock);
+static int menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only);
static void menu_delkey (KBNODE pub_keyblock);
static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive);
-static gpg_error_t menu_expire (kbnode_t pub_keyblock,
+static gpg_error_t menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
int force_mainkey, u32 newexpiration);
-static int menu_changeusage (kbnode_t keyblock);
-static int menu_backsign (KBNODE pub_keyblock);
-static int menu_set_primary_uid (KBNODE pub_keyblock);
-static int menu_set_preferences (KBNODE pub_keyblock);
-static int menu_set_keyserver_url (const char *url, KBNODE pub_keyblock);
-static int menu_set_notation (const char *string, KBNODE pub_keyblock);
+static int menu_changeusage (ctrl_t ctrl, kbnode_t keyblock);
+static int menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock);
+static int menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock);
+static int menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock);
+static int menu_set_keyserver_url (ctrl_t ctrl,
+ const char *url, kbnode_t pub_keyblock);
+static int menu_set_notation (ctrl_t ctrl,
+ const char *string, kbnode_t pub_keyblock);
static int menu_select_uid (KBNODE keyblock, int idx);
static int menu_select_uid_namehash (KBNODE keyblock, const char *namehash);
static int menu_select_key (KBNODE keyblock, int idx, char *p);
@@ -86,15 +89,15 @@ static int count_keys_with_flag (KBNODE keyblock, unsigned flag);
static int count_selected_uids (KBNODE keyblock);
static int real_uids_left (KBNODE keyblock);
static int count_selected_keys (KBNODE keyblock);
-static int menu_revsig (KBNODE keyblock);
+static int menu_revsig (ctrl_t ctrl, kbnode_t keyblock);
static int menu_revuid (ctrl_t ctrl, kbnode_t keyblock);
static int core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
const struct revocation_reason_info *reason,
int *modified);
-static int menu_revkey (KBNODE pub_keyblock);
-static int menu_revsubkey (KBNODE pub_keyblock);
+static int menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock);
+static int menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock);
#ifndef NO_TRUST_MODELS
-static int enable_disable_key (KBNODE keyblock, int disable);
+static int enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable);
#endif /*!NO_TRUST_MODELS*/
static void menu_showphoto (ctrl_t ctrl, kbnode_t keyblock);
@@ -126,7 +129,7 @@ struct sign_attrib
/* TODO: Fix duplicated code between here and the check-sigs/list-sigs
code in keylist.c. */
static int
-print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
+print_and_check_one_sig_colon (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node,
int *inv_sigs, int *no_key, int *oth_err,
int *is_selfsig, int print_without_key)
{
@@ -136,7 +139,7 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
/* TODO: Make sure a cached sig record here still has the pk that
issued it. See also keylist.c:list_keyblock_print */
- rc = check_key_signature (keyblock, node, is_selfsig);
+ rc = check_key_signature (ctrl, keyblock, node, is_selfsig);
switch (gpg_err_code (rc))
{
case 0:
@@ -199,7 +202,7 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
* always be printed.
*/
static int
-print_one_sig (int rc, KBNODE keyblock, KBNODE node,
+print_one_sig (ctrl_t ctrl, int rc, kbnode_t keyblock, kbnode_t node,
int *inv_sigs, int *no_key, int *oth_err,
int is_selfsig, int print_without_key, int extended)
{
@@ -269,7 +272,7 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node,
else
{
size_t n;
- char *p = get_user_id (sig->keyid, &n);
+ char *p = get_user_id (ctrl, sig->keyid, &n);
tty_print_utf8_string2 (NULL, p, n,
opt.screen_columns - keystrlen () - 26 -
((opt.
@@ -316,14 +319,14 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node,
static int
-print_and_check_one_sig (KBNODE keyblock, KBNODE node,
+print_and_check_one_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node,
int *inv_sigs, int *no_key, int *oth_err,
int *is_selfsig, int print_without_key, int extended)
{
int rc;
- rc = check_key_signature (keyblock, node, is_selfsig);
- return print_one_sig (rc,
+ rc = check_key_signature (ctrl, keyblock, node, is_selfsig);
+ return print_one_sig (ctrl, rc,
keyblock, node, inv_sigs, no_key, oth_err,
*is_selfsig, print_without_key, extended);
}
@@ -388,7 +391,8 @@ sig_comparison (const void *av, const void *bv)
Returns 1 if the keyblock was modified, 0 otherwise. */
static int
-check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
+check_all_keysigs (ctrl_t ctrl, kbnode_t kb,
+ int only_selected, int only_selfsigs)
{
gpg_error_t err;
PKT_public_key *pk;
@@ -598,14 +602,13 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
if (keyid_cmp (pk_keyid (pk), sig->keyid) == 0)
issuer = pk;
- else
- /* Issuer is a different key. */
+ else /* Issuer is a different key. */
{
if (only_selfsigs)
continue;
issuer = xmalloc (sizeof (*issuer));
- err = get_pubkey (issuer, sig->keyid);
+ err = get_pubkey (ctrl, issuer, sig->keyid);
if (err)
{
xfree (issuer);
@@ -657,7 +660,8 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
continue;
else
{
- err = check_signature_over_key_or_uid (issuer, sig, kb, n2->pkt,
+ err = check_signature_over_key_or_uid (ctrl,
+ issuer, sig, kb, n2->pkt,
NULL, NULL);
if (! err)
break;
@@ -804,7 +808,7 @@ check_all_keysigs (KBNODE kb, int only_selected, int only_selfsigs)
}
if (modified)
- print_one_sig (rc, kb, n, NULL, NULL, NULL, has_selfsig,
+ print_one_sig (ctrl, rc, kb, n, NULL, NULL, NULL, has_selfsig,
0, only_selfsigs);
}
@@ -1517,7 +1521,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
if (!quick)
{
- p = get_user_id_native (sk_keyid);
+ p = get_user_id_native (ctrl, sk_keyid);
tty_fprintf (fp,
_("Are you sure that you want to sign this key with your\n"
"key \"%s\" (%s)\n"), p, keystr_from_pk (pk));
@@ -1617,7 +1621,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
* exportable. */
if (selfsig)
- rc = make_keysig_packet (&sig, primary_pk,
+ rc = make_keysig_packet (ctrl, &sig, primary_pk,
node->pkt->pkt.user_id,
NULL,
pk,
@@ -1625,7 +1629,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
keygen_add_std_prefs, primary_pk,
NULL);
else
- rc = make_keysig_packet (&sig, primary_pk,
+ rc = make_keysig_packet (ctrl, &sig, primary_pk,
node->pkt->pkt.user_id,
NULL,
pk,
@@ -1744,7 +1748,7 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
if (err)
goto leave;
- desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_NORMAL, 1);
+ desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_NORMAL, 1);
err = agent_passwd (ctrl, hexgrip, desc, 0,
&cache_nonce, &passwd_nonce);
xfree (desc);
@@ -1774,18 +1778,18 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
was changed. Note that a pointer to the keyblock must be given and
the function may change it (i.e. replacing the first node). */
static int
-fix_keyblock (kbnode_t *keyblockp)
+fix_keyblock (ctrl_t ctrl, kbnode_t *keyblockp)
{
int changed = 0;
if (collapse_uids (keyblockp))
changed++;
- if (check_all_keysigs (*keyblockp, 0, 1))
+ if (check_all_keysigs (ctrl, *keyblockp, 0, 1))
changed++;
reorder_keyblock (*keyblockp);
/* If we modified the keyblock, make sure the flags are right. */
if (changed)
- merge_keys_and_selfsig (*keyblockp);
+ merge_keys_and_selfsig (ctrl, *keyblockp);
return changed;
}
@@ -2052,7 +2056,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
goto leave;
}
- if (fix_keyblock (&keyblock))
+ if (fix_keyblock (ctrl, &keyblock))
modified++;
/* See whether we have a matching secret key. */
@@ -2195,7 +2199,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
case cmdFPR:
show_key_and_fingerprint
- (keyblock, (*arg_string == '*'
+ (ctrl,
+ keyblock, (*arg_string == '*'
&& (!arg_string[1] || spacep (arg_string + 1))));
break;
@@ -2226,7 +2231,8 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdCHECK:
- if (check_all_keysigs (keyblock, count_selected_uids (keyblock),
+ if (check_all_keysigs (ctrl, keyblock,
+ count_selected_uids (keyblock),
!strcmp (arg_string, "selfsig")))
modified = 1;
break;
@@ -2319,7 +2325,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
update_trust = 1;
redisplay = 1;
modified = 1;
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
}
break;
@@ -2357,7 +2363,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
if (!opt.expert)
tty_printf (_("(Use the '%s' command.)\n"), "uid");
}
- else if (menu_delsig (keyblock))
+ else if (menu_delsig (ctrl, keyblock))
{
/* No redisplay here, because it may scroll away some
* of the status output of this command. */
@@ -2371,17 +2377,17 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
{
redisplay = 1;
modified = 1;
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
}
break;
#ifdef ENABLE_CARD_SUPPORT
case cmdADDCARDKEY:
- if (!card_generate_subkey (keyblock))
+ if (!card_generate_subkey (ctrl, keyblock))
{
redisplay = 1;
modified = 1;
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
}
break;
@@ -2539,7 +2545,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
{
redisplay = 1;
modified = 1;
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
}
}
break;
@@ -2578,7 +2584,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
_("Do you really want to revoke"
" the entire key? (y/N) ")))
{
- if (menu_revkey (keyblock))
+ if (menu_revkey (ctrl, keyblock))
modified = 1;
redisplay = 1;
@@ -2591,21 +2597,21 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
: _("Do you really want to revoke"
" this subkey? (y/N) ")))
{
- if (menu_revsubkey (keyblock))
+ if (menu_revsubkey (ctrl, keyblock))
modified = 1;
redisplay = 1;
}
if (modified)
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
}
break;
case cmdEXPIRE:
- if (gpg_err_code (menu_expire (keyblock, 0, 0)) == GPG_ERR_TRUE)
+ if (gpg_err_code (menu_expire (ctrl, keyblock, 0, 0)) == GPG_ERR_TRUE)
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
run_subkey_warnings = 1;
modified = 1;
redisplay = 1;
@@ -2613,16 +2619,16 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdCHANGEUSAGE:
- if (menu_changeusage (keyblock))
+ if (menu_changeusage (ctrl, keyblock))
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
break;
case cmdBACKSIGN:
- if (menu_backsign (keyblock))
+ if (menu_backsign (ctrl, keyblock))
{
modified = 1;
redisplay = 1;
@@ -2630,9 +2636,9 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdPRIMARY:
- if (menu_set_primary_uid (keyblock))
+ if (menu_set_primary_uid (ctrl, keyblock))
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
@@ -2702,9 +2708,9 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
" for the selected user IDs? (y/N) ")
: _("Really update the preferences? (y/N) ")))
{
- if (menu_set_preferences (keyblock))
+ if (menu_set_preferences (ctrl, keyblock))
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
@@ -2713,20 +2719,20 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdPREFKS:
- if (menu_set_keyserver_url (*arg_string ? arg_string : NULL,
+ if (menu_set_keyserver_url (ctrl, *arg_string ? arg_string : NULL,
keyblock))
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
break;
case cmdNOTATION:
- if (menu_set_notation (*arg_string ? arg_string : NULL,
+ if (menu_set_notation (ctrl, *arg_string ? arg_string : NULL,
keyblock))
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
modified = 1;
redisplay = 1;
}
@@ -2736,7 +2742,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdREVSIG:
- if (menu_revsig (keyblock))
+ if (menu_revsig (ctrl, keyblock))
{
redisplay = 1;
modified = 1;
@@ -2746,7 +2752,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
#ifndef NO_TRUST_MODELS
case cmdENABLEKEY:
case cmdDISABLEKEY:
- if (enable_disable_key (keyblock, cmd == cmdDISABLEKEY))
+ if (enable_disable_key (ctrl, keyblock, cmd == cmdDISABLEKEY))
{
redisplay = 1;
modified = 1;
@@ -2759,12 +2765,12 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
case cmdCLEAN:
- if (menu_clean (keyblock, 0))
+ if (menu_clean (ctrl, keyblock, 0))
redisplay = modified = 1;
break;
case cmdMINIMIZE:
- if (menu_clean (keyblock, 1))
+ if (menu_clean (ctrl, keyblock, 1))
redisplay = modified = 1;
break;
@@ -2809,7 +2815,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
if (update_trust)
{
- revalidation_mark ();
+ revalidation_mark (ctrl);
update_trust = 0;
}
goto leave;
@@ -2928,8 +2934,8 @@ quick_find_keyblock (ctrl_t ctrl, const char *username,
goto leave;
}
- fix_keyblock (&keyblock);
- merge_keys_and_selfsig (keyblock);
+ fix_keyblock (ctrl, &keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
*r_keyblock = keyblock;
keyblock = NULL;
@@ -2981,7 +2987,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
}
if (update_trust)
- revalidation_mark ();
+ revalidation_mark (ctrl);
}
leave:
@@ -3054,7 +3060,7 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
goto leave;
}
- revalidation_mark ();
+ revalidation_mark (ctrl);
goto leave;
}
}
@@ -3112,16 +3118,16 @@ keyedit_quick_set_primary (ctrl_t ctrl, const char *username,
if (!any)
err = gpg_error (GPG_ERR_NO_USER_ID);
- else if (menu_set_primary_uid (keyblock))
+ else if (menu_set_primary_uid (ctrl, keyblock))
{
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
if (err)
{
log_error (_("update failed: %s\n"), gpg_strerror (err));
goto leave;
}
- revalidation_mark ();
+ revalidation_mark (ctrl);
}
else
err = gpg_error (GPG_ERR_GENERAL);
@@ -3235,7 +3241,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))
goto leave;
- if (fix_keyblock (&keyblock))
+ if (fix_keyblock (ctrl, &keyblock))
modified++;
/* Give some info in verbose. */
@@ -3350,7 +3356,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
log_info (_("Key not changed so no update needed.\n"));
if (update_trust)
- revalidation_mark ();
+ revalidation_mark (ctrl);
leave:
@@ -3383,7 +3389,7 @@ keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr,
if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))
goto leave;
- if (fix_keyblock (&keyblock))
+ if (fix_keyblock (ctrl, &keyblock))
modified++;
pk = keyblock->pkt->pkt.public_key;
@@ -3445,7 +3451,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
if (err)
goto leave;
- if (fix_keyblock (&keyblock))
+ if (fix_keyblock (ctrl, &keyblock))
modified++;
pk = keyblock->pkt->pkt.public_key;
@@ -3470,7 +3476,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
expire += make_timestamp ();
/* Set the new expiration date. */
- err = menu_expire (keyblock, 1, expire);
+ err = menu_expire (ctrl, keyblock, 1, expire);
if (gpg_err_code (err) == GPG_ERR_TRUE)
modified = 1;
else if (err)
@@ -3487,7 +3493,7 @@ keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr)
goto leave;
}
if (update_trust)
- revalidation_mark ();
+ revalidation_mark (ctrl);
}
else
log_info (_("Key not changed so no update needed.\n"));
@@ -3756,7 +3762,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
(ulong) pk->timestamp, (ulong) pk->expiredate);
if (node->pkt->pkttype == PKT_PUBLIC_KEY
&& !(opt.fast_list_mode || opt.no_expensive_trust_checks))
- es_putc (get_ownertrust_info (pk, 0), fp);
+ es_putc (get_ownertrust_info (ctrl, pk, 0), fp);
es_putc (':', fp);
es_putc (':', fp);
es_putc (':', fp);
@@ -3771,7 +3777,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
es_putc ('a', fp);
es_putc ('\n', fp);
- print_fingerprint (fp, pk, 0);
+ print_fingerprint (ctrl, fp, pk, 0);
print_revokers (fp, pk);
}
}
@@ -3973,7 +3979,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
static int did_warn = 0;
trust = get_validity_string (ctrl, pk, NULL);
- otrust = get_ownertrust_string (pk, 0);
+ otrust = get_ownertrust_string (ctrl, pk, 0);
/* Show a warning once */
if (!did_warn
@@ -3989,7 +3995,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
if (pk->flags.revoked)
{
- char *user = get_user_id_string_native (pk->revoked.keyid);
+ char *user = get_user_id_string_native (ctrl, pk->revoked.keyid);
tty_fprintf (fp,
_("The following key was revoked on"
" %s by %s key %s\n"),
@@ -4010,10 +4016,10 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
const char *algo;
algo = gcry_pk_algo_name (pk->revkey[i].algid);
- keyid_from_fingerprint (pk->revkey[i].fpr,
+ keyid_from_fingerprint (ctrl, pk->revkey[i].fpr,
MAX_FINGERPRINT_LEN, r_keyid);
- user = get_user_id_string_native (r_keyid);
+ user = get_user_id_string_native (ctrl, r_keyid);
tty_fprintf (fp,
_("This key may be revoked by %s key %s"),
algo ? algo : "?", user);
@@ -4147,7 +4153,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
tty_fprintf (fp, "\n");
}
if (node->pkt->pkttype == PKT_PUBLIC_KEY
- && (get_ownertrust (pk) & TRUST_FLAG_DISABLED))
+ && (get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED))
{
tty_fprintf (fp, "*** ");
tty_fprintf (fp, _("This key has been disabled"));
@@ -4158,7 +4164,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
if ((node->pkt->pkttype == PKT_PUBLIC_KEY
|| node->pkt->pkttype == PKT_SECRET_KEY) && with_fpr)
{
- print_fingerprint (fp, pk, 2);
+ print_fingerprint (ctrl, fp, pk, 2);
tty_fprintf (fp, "\n");
}
}
@@ -4183,7 +4189,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
secret keys and thus the printing of "pub" vs. "sec" does only
depend on the packet type and not by checking with gpg-agent. */
void
-show_basic_key_info (KBNODE keyblock)
+show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock)
{
KBNODE node;
int i;
@@ -4209,7 +4215,7 @@ show_basic_key_info (KBNODE keyblock)
tty_printf (" ");
tty_printf (_("expires: %s"), expirestr_from_pk (pk));
tty_printf ("\n");
- print_fingerprint (NULL, pk, 3);
+ print_fingerprint (ctrl, NULL, pk, 3);
tty_printf ("\n");
}
}
@@ -4235,7 +4241,7 @@ show_basic_key_info (KBNODE keyblock)
static void
-show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
+show_key_and_fingerprint (ctrl_t ctrl, kbnode_t keyblock, int with_subkeys)
{
kbnode_t node;
PKT_public_key *pk = NULL;
@@ -4260,7 +4266,7 @@ show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
}
tty_printf ("\n");
if (pk)
- print_fingerprint (NULL, pk, 2);
+ print_fingerprint (ctrl, NULL, pk, 2);
if (with_subkeys)
{
for (node = keyblock; node; node = node->next)
@@ -4274,7 +4280,7 @@ show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys)
datestr_from_pk (pk),
usagestr_from_pk (pk, 0));
- print_fingerprint (NULL, pk, 4);
+ print_fingerprint (ctrl, NULL, pk, 4);
}
}
}
@@ -4486,7 +4492,7 @@ menu_adduid (ctrl_t ctrl, kbnode_t pub_keyblock,
return 0;
}
- err = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x13, 0, 0, 0,
+ err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x13, 0, 0, 0,
keygen_add_std_prefs, pk, NULL);
if (err)
{
@@ -4549,7 +4555,7 @@ menu_deluid (KBNODE pub_keyblock)
static int
-menu_delsig (KBNODE pub_keyblock)
+menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock)
{
KBNODE node;
PKT_user_id *uid = NULL;
@@ -4571,11 +4577,11 @@ menu_delsig (KBNODE pub_keyblock)
okay = inv_sig = no_key = other_err = 0;
if (opt.with_colons)
- valid = print_and_check_one_sig_colon (pub_keyblock, node,
+ valid = print_and_check_one_sig_colon (ctrl, pub_keyblock, node,
&inv_sig, &no_key,
&other_err, &selfsig, 1);
else
- valid = print_and_check_one_sig (pub_keyblock, node,
+ valid = print_and_check_one_sig (ctrl, pub_keyblock, node,
&inv_sig, &no_key, &other_err,
&selfsig, 1, 0);
@@ -4631,7 +4637,7 @@ menu_delsig (KBNODE pub_keyblock)
static int
-menu_clean (KBNODE keyblock, int self_only)
+menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only)
{
KBNODE uidnode;
int modified = 0, select_all = !count_selected_uids (keyblock);
@@ -4648,7 +4654,7 @@ menu_clean (KBNODE keyblock, int self_only)
uidnode->pkt->pkt.user_id->len,
0);
- clean_one_uid (keyblock, uidnode, opt.verbose, self_only, &uids,
+ clean_one_uid (ctrl, keyblock, uidnode, opt.verbose, self_only, &uids,
&sigs);
if (uids)
{
@@ -4849,8 +4855,8 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive)
continue;
}
- print_pubkey_info (NULL, revoker_pk);
- print_fingerprint (NULL, revoker_pk, 2);
+ print_pubkey_info (ctrl, NULL, revoker_pk);
+ print_fingerprint (ctrl, NULL, revoker_pk, 2);
tty_printf ("\n");
tty_printf (_("WARNING: appointing a key as a designated revoker "
@@ -4868,7 +4874,7 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive)
break;
}
- rc = make_keysig_packet (&sig, pk, NULL, NULL, pk, 0x1F, 0, 0, 0,
+ rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk, 0x1F, 0, 0, 0,
keygen_add_revkey, &revkey, NULL);
if (rc)
{
@@ -4900,7 +4906,8 @@ fail:
* avoid all interactivity. Retirns 0 if nothing was done,
* GPG_ERR_TRUE if the key was modified, or any other error code. */
static gpg_error_t
-menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
+menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
+ int force_mainkey, u32 newexpiration)
{
int signumber, rc;
u32 expiredate;
@@ -4989,12 +4996,14 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
}
if (mainkey)
- rc = update_keysig_packet (&newsig, sig, main_pk, uid, NULL,
+ rc = update_keysig_packet (ctrl,
+ &newsig, sig, main_pk, uid, NULL,
main_pk, keygen_add_key_expire,
main_pk);
else
rc =
- update_keysig_packet (&newsig, sig, main_pk, NULL, sub_pk,
+ update_keysig_packet (ctrl,
+ &newsig, sig, main_pk, NULL, sub_pk,
main_pk, keygen_add_key_expire, sub_pk);
if (rc)
{
@@ -5026,7 +5035,7 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
* be used to rectify badly created keys and as such is not suggested
* for general use. */
static int
-menu_changeusage (kbnode_t keyblock)
+menu_changeusage (ctrl_t ctrl, kbnode_t keyblock)
{
int n1, rc;
int mainkey = 0;
@@ -5097,12 +5106,14 @@ menu_changeusage (kbnode_t keyblock)
sub_pk->pubkey_usage);
if (mainkey)
- rc = update_keysig_packet (&newsig, sig, main_pk, uid, NULL,
+ rc = update_keysig_packet (ctrl,
+ &newsig, sig, main_pk, uid, NULL,
main_pk, keygen_add_key_flags,
main_pk);
else
rc =
- update_keysig_packet (&newsig, sig, main_pk, NULL, sub_pk,
+ update_keysig_packet (ctrl,
+ &newsig, sig, main_pk, NULL, sub_pk,
main_pk, keygen_add_key_flags, sub_pk);
if (rc)
{
@@ -5129,7 +5140,7 @@ menu_changeusage (kbnode_t keyblock)
static int
-menu_backsign (KBNODE pub_keyblock)
+menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock)
{
int rc, modified = 0;
PKT_public_key *main_pk;
@@ -5138,7 +5149,7 @@ menu_backsign (KBNODE pub_keyblock)
log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
- merge_keys_and_selfsig (pub_keyblock);
+ merge_keys_and_selfsig (ctrl, pub_keyblock);
main_pk = pub_keyblock->pkt->pkt.public_key;
keyid_from_pk (main_pk, NULL);
@@ -5198,14 +5209,16 @@ menu_backsign (KBNODE pub_keyblock)
/* Now we can get to work. */
- rc = make_backsig (sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk,
+ rc = make_backsig (ctrl,
+ sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk,
timestamp, NULL);
if (!rc)
{
PKT_signature *newsig;
PACKET *newpkt;
- rc = update_keysig_packet (&newsig, sig_pk->pkt->pkt.signature,
+ rc = update_keysig_packet (ctrl,
+ &newsig, sig_pk->pkt->pkt.signature,
main_pk, NULL, sub_pk, main_pk,
NULL, NULL);
if (!rc)
@@ -5268,7 +5281,7 @@ change_primary_uid_cb (PKT_signature * sig, void *opaque)
* sufficient to updated a signature during import.
*/
static int
-menu_set_primary_uid (KBNODE pub_keyblock)
+menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock)
{
PKT_public_key *main_pk;
PKT_user_id *uid;
@@ -5357,7 +5370,7 @@ menu_set_primary_uid (KBNODE pub_keyblock)
if (action)
{
- int rc = update_keysig_packet (&newsig, sig,
+ int rc = update_keysig_packet (ctrl, &newsig, sig,
main_pk, uid, NULL,
main_pk,
change_primary_uid_cb,
@@ -5390,7 +5403,7 @@ menu_set_primary_uid (KBNODE pub_keyblock)
* Set preferences to new values for the selected user IDs
*/
static int
-menu_set_preferences (KBNODE pub_keyblock)
+menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock)
{
PKT_public_key *main_pk;
PKT_user_id *uid;
@@ -5448,7 +5461,7 @@ menu_set_preferences (KBNODE pub_keyblock)
PACKET *newpkt;
int rc;
- rc = update_keysig_packet (&newsig, sig,
+ rc = update_keysig_packet (ctrl, &newsig, sig,
main_pk, uid, NULL, main_pk,
keygen_upd_std_prefs, NULL);
if (rc)
@@ -5475,7 +5488,7 @@ menu_set_preferences (KBNODE pub_keyblock)
static int
-menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
+menu_set_keyserver_url (ctrl_t ctrl, const char *url, kbnode_t pub_keyblock)
{
PKT_public_key *main_pk;
PKT_user_id *uid;
@@ -5582,7 +5595,7 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
continue;
}
- rc = update_keysig_packet (&newsig, sig,
+ rc = update_keysig_packet (ctrl, &newsig, sig,
main_pk, uid, NULL,
main_pk,
keygen_add_keyserver_url, uri);
@@ -5612,8 +5625,9 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock)
return modified;
}
+
static int
-menu_set_notation (const char *string, KBNODE pub_keyblock)
+menu_set_notation (ctrl_t ctrl, const char *string, KBNODE pub_keyblock)
{
PKT_public_key *main_pk;
PKT_user_id *uid;
@@ -5781,7 +5795,7 @@ menu_set_notation (const char *string, KBNODE pub_keyblock)
_("Proceed? (y/N) "))))
continue;
- rc = update_keysig_packet (&newsig, sig,
+ rc = update_keysig_packet (ctrl, &newsig, sig,
main_pk, uid, NULL,
main_pk,
keygen_add_notations, notation);
@@ -6140,7 +6154,7 @@ real_uids_left (KBNODE keyblock)
* flag bit MARK_A is set on the signature and the user ID.
*/
static void
-ask_revoke_sig (KBNODE keyblock, KBNODE node)
+ask_revoke_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node)
{
int doit = 0;
PKT_user_id *uid;
@@ -6167,8 +6181,8 @@ ask_revoke_sig (KBNODE keyblock, KBNODE node)
es_printf ("\n");
- print_and_check_one_sig_colon (keyblock, node, NULL, NULL, NULL, NULL,
- 1);
+ print_and_check_one_sig_colon (ctrl, keyblock, node,
+ NULL, NULL, NULL, NULL, 1);
}
else
{
@@ -6210,7 +6224,7 @@ ask_revoke_sig (KBNODE keyblock, KBNODE node)
* Return: True when the keyblock has changed.
*/
static int
-menu_revsig (KBNODE keyblock)
+menu_revsig (ctrl_t ctrl, kbnode_t keyblock)
{
PKT_signature *sig;
PKT_public_key *primary_pk;
@@ -6302,7 +6316,7 @@ menu_revsig (KBNODE keyblock)
{
if (!(node->flag & NODFLG_SELSIG))
continue;
- ask_revoke_sig (keyblock, node);
+ ask_revoke_sig (ctrl, keyblock, node);
}
/* present selected */
@@ -6368,13 +6382,13 @@ reloop: /* (must use this, because we are modifing the list) */
node->flag &= ~NODFLG_MARK_A;
signerkey = xmalloc_secure_clear (sizeof *signerkey);
- if (get_seckey (signerkey, node->pkt->pkt.signature->keyid))
+ if (get_seckey (ctrl, signerkey, node->pkt->pkt.signature->keyid))
{
log_info (_("no secret key\n"));
free_public_key (signerkey);
continue;
}
- rc = make_keysig_packet (&sig, primary_pk,
+ rc = make_keysig_packet (ctrl, &sig, primary_pk,
unode->pkt->pkt.user_id,
NULL, signerkey, 0x30, 0, 0, 0,
sign_mk_attrib, &attrib, NULL);
@@ -6459,7 +6473,7 @@ core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
mksubpkt argument to make_keysig_packet */
attrib.reason = (struct revocation_reason_info *)reason;
- rc = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x30, 0,
+ rc = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x30, 0,
timestamp, 0,
sign_mk_attrib, &attrib, NULL);
if (rc)
@@ -6569,7 +6583,7 @@ leave:
* Revoke the whole key.
*/
static int
-menu_revkey (KBNODE pub_keyblock)
+menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock)
{
PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
int rc, changed = 0;
@@ -6588,7 +6602,7 @@ menu_revkey (KBNODE pub_keyblock)
if (!reason)
return 0;
- rc = make_keysig_packet (&sig, pk, NULL, NULL, pk,
+ rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk,
0x20, 0, 0, 0,
revocation_reason_build_cb, reason, NULL);
if (rc)
@@ -6615,7 +6629,7 @@ menu_revkey (KBNODE pub_keyblock)
static int
-menu_revsubkey (KBNODE pub_keyblock)
+menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock)
{
PKT_public_key *mainpk;
KBNODE node;
@@ -6650,7 +6664,7 @@ menu_revsubkey (KBNODE pub_keyblock)
attrib.reason = reason;
node->flag &= ~NODFLG_SELKEY;
- rc = make_keysig_packet (&sig, mainpk, NULL, subpk, mainpk,
+ rc = make_keysig_packet (ctrl, &sig, mainpk, NULL, subpk, mainpk,
0x28, 0, 0, 0, sign_mk_attrib, &attrib,
NULL);
if (rc)
@@ -6686,19 +6700,19 @@ menu_revsubkey (KBNODE pub_keyblock)
not worth adding extra complexity to change. -ds */
#ifndef NO_TRUST_MODELS
static int
-enable_disable_key (KBNODE keyblock, int disable)
+enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable)
{
PKT_public_key *pk =
find_kbnode (keyblock, PKT_PUBLIC_KEY)->pkt->pkt.public_key;
unsigned int trust, newtrust;
- trust = newtrust = get_ownertrust (pk);
+ trust = newtrust = get_ownertrust (ctrl, pk);
newtrust &= ~TRUST_FLAG_DISABLED;
if (disable)
newtrust |= TRUST_FLAG_DISABLED;
if (trust == newtrust)
return 0; /* already in that state */
- update_ownertrust (pk, newtrust);
+ update_ownertrust (ctrl, pk, newtrust);
return 0;
}
#endif /*!NO_TRUST_MODELS*/
diff --git a/g10/keygen.c b/g10/keygen.c
index 78c35a214..2db37bf34 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -843,7 +843,7 @@ keygen_add_revkey (PKT_signature *sig, void *opaque)
/* Create a back-signature. If TIMESTAMP is not NULL, use it for the
signature creation time. */
gpg_error_t
-make_backsig (PKT_signature *sig, PKT_public_key *pk,
+make_backsig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pk,
PKT_public_key *sub_pk, PKT_public_key *sub_psk,
u32 timestamp, const char *cache_nonce)
{
@@ -852,7 +852,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
cache_public_key (sub_pk);
- err = make_keysig_packet (&backsig, pk, NULL, sub_pk, sub_psk, 0x19,
+ err = make_keysig_packet (ctrl, &backsig, pk, NULL, sub_pk, sub_psk, 0x19,
0, timestamp, 0, NULL, NULL, cache_nonce);
if (err)
log_error ("make_keysig_packet failed for backsig: %s\n",
@@ -936,7 +936,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
PSK. REVKEY is describes the direct key signature and TIMESTAMP is
the timestamp to set on the signature. */
static gpg_error_t
-write_direct_sig (KBNODE root, PKT_public_key *psk,
+write_direct_sig (ctrl_t ctrl, kbnode_t root, PKT_public_key *psk,
struct revocation_key *revkey, u32 timestamp,
const char *cache_nonce)
{
@@ -960,7 +960,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk,
cache_public_key (pk);
/* Make the signature. */
- err = make_keysig_packet (&sig, pk, NULL,NULL, psk, 0x1F,
+ err = make_keysig_packet (ctrl, &sig, pk, NULL,NULL, psk, 0x1F,
0, timestamp, 0,
keygen_add_revkey, revkey, cache_nonce);
if (err)
@@ -982,7 +982,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk,
PSK. USE and TIMESTAMP give the extra data we need for the
signature. */
static gpg_error_t
-write_selfsigs (KBNODE root, PKT_public_key *psk,
+write_selfsigs (ctrl_t ctrl, kbnode_t root, PKT_public_key *psk,
unsigned int use, u32 timestamp, const char *cache_nonce)
{
gpg_error_t err;
@@ -1015,7 +1015,7 @@ write_selfsigs (KBNODE root, PKT_public_key *psk,
cache_public_key (pk);
/* Make the signature. */
- err = make_keysig_packet (&sig, pk, uid, NULL, psk, 0x13,
+ err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, psk, 0x13,
0, timestamp, 0,
keygen_add_std_prefs, pk, cache_nonce);
if (err)
@@ -1038,7 +1038,8 @@ write_selfsigs (KBNODE root, PKT_public_key *psk,
SUB_PSK is a key used to create a back-signature; that one is only
used if USE has the PUBKEY_USAGE_SIG capability. */
static int
-write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
+write_keybinding (ctrl_t ctrl, kbnode_t root,
+ PKT_public_key *pri_psk, PKT_public_key *sub_psk,
unsigned int use, u32 timestamp, const char *cache_nonce)
{
gpg_error_t err;
@@ -1074,7 +1075,7 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
/* Make the signature. */
oduap.usage = use;
oduap.pk = sub_pk;
- err = make_keysig_packet (&sig, pri_pk, NULL, sub_pk, pri_psk, 0x18,
+ err = make_keysig_packet (ctrl, &sig, pri_pk, NULL, sub_pk, pri_psk, 0x18,
0, timestamp, 0,
keygen_add_key_flags_and_expire, &oduap,
cache_nonce);
@@ -1087,7 +1088,8 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk,
/* Make a backsig. */
if (use & PUBKEY_USAGE_SIG)
{
- err = make_backsig (sig, pri_pk, sub_pk, sub_psk, timestamp, cache_nonce);
+ err = make_backsig (ctrl,
+ sig, pri_pk, sub_pk, sub_psk, timestamp, cache_nonce);
if (err)
return err;
}
@@ -4667,12 +4669,13 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
}
if (!err && (revkey = get_parameter_revkey (para, pREVOKER)))
- err = write_direct_sig (pub_root, pri_psk, revkey, timestamp, cache_nonce);
+ err = write_direct_sig (ctrl, pub_root, pri_psk,
+ revkey, timestamp, cache_nonce);
if (!err && (s = get_parameter_value (para, pUSERID)))
{
write_uid (pub_root, s );
- err = write_selfsigs (pub_root, pri_psk,
+ err = write_selfsigs (ctrl, pub_root, pri_psk,
get_parameter_uint (para, pKEYUSAGE), timestamp,
cache_nonce);
}
@@ -4690,7 +4693,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
0, pub_root, &timestamp,
get_parameter_u32 (para, pKEYEXPIRE));
if (!err)
- err = write_keybinding (pub_root, pri_psk, NULL,
+ err = write_keybinding (ctrl, pub_root, pri_psk, NULL,
PUBKEY_USAGE_AUTH, timestamp, cache_nonce);
}
@@ -4732,7 +4735,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
}
if (!err)
- err = write_keybinding (pub_root, pri_psk, sub_psk,
+ err = write_keybinding (ctrl, pub_root, pri_psk, sub_psk,
get_parameter_uint (para, pSUBKEYUSAGE),
timestamp, cache_nonce);
did_sub = 1;
@@ -4791,10 +4794,11 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
keyid_from_pk (pk, pk->main_keyid);
register_trusted_keyid (pk->main_keyid);
- update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK)
- | TRUST_ULTIMATE ));
+ update_ownertrust (ctrl, pk,
+ ((get_ownertrust (ctrl, pk) & ~TRUST_MASK)
+ | TRUST_ULTIMATE ));
- gen_standard_revoke (pk, cache_nonce);
+ gen_standard_revoke (ctrl, pk, cache_nonce);
/* Get rid of the first empty packet. */
commit_kbnode (&pub_root);
@@ -4803,7 +4807,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
{
tty_printf (_("public and secret key created and signed.\n") );
tty_printf ("\n");
- merge_keys_and_selfsig (pub_root);
+ merge_keys_and_selfsig (ctrl, pub_root);
list_keyblock_direct (ctrl, pub_root, 0, 1, 1, 1);
}
@@ -5033,7 +5037,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
* nonce, which we can use to set the passphrase for the subkey to
* that of the primary key. */
{
- char *desc = gpg_format_keydesc (pri_psk, FORMAT_KEYDESC_NORMAL, 1);
+ char *desc = gpg_format_keydesc (ctrl, pri_psk, FORMAT_KEYDESC_NORMAL, 1);
err = agent_passwd (ctrl, hexgrip, desc, 1 /*=verify*/,
&cache_nonce, &passwd_nonce);
xfree (desc);
@@ -5071,7 +5075,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
sub_psk = node->pkt->pkt.public_key;
/* Write the binding signature. */
- err = write_keybinding (keyblock, pri_psk, sub_psk, use, cur_time,
+ err = write_keybinding (ctrl, keyblock, pri_psk, sub_psk, use, cur_time,
cache_nonce);
if (err)
goto leave;
@@ -5095,7 +5099,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock, const char *algostr,
#ifdef ENABLE_CARD_SUPPORT
/* Generate a subkey on a card. */
gpg_error_t
-generate_card_subkeypair (kbnode_t pub_keyblock,
+generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock,
int keyno, const char *serialno)
{
gpg_error_t err = 0;
@@ -5186,7 +5190,7 @@ generate_card_subkeypair (kbnode_t pub_keyblock,
if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
sub_pk = node->pkt->pkt.public_key;
log_assert (sub_pk);
- err = write_keybinding (pub_keyblock, pri_pk, sub_pk,
+ err = write_keybinding (ctrl, pub_keyblock, pri_pk, sub_pk,
use, cur_time, NULL);
}
diff --git a/g10/keyid.c b/g10/keyid.c
index 1d3f46cb4..24a56433b 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -538,7 +538,8 @@ keyid_from_pk (PKT_public_key *pk, u32 *keyid)
* keys, but has to do a keylookup for old stayle keys.
*/
u32
-keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid )
+keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint,
+ size_t fprint_len, u32 *keyid)
{
u32 dummy_keyid[2];
@@ -552,7 +553,7 @@ keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid )
int rc;
memset (&pk, 0, sizeof pk);
- rc = get_pubkey_byfprint (&pk, NULL, fprint, fprint_len);
+ rc = get_pubkey_byfprint (ctrl, &pk, NULL, fprint, fprint_len);
if( rc )
{
log_error("Oops: keyid_from_fingerprint: no pubkey\n");
diff --git a/g10/keylist.c b/g10/keylist.c
index e99e34ba1..cc5009d70 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -92,7 +92,7 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
byte trust_model, marginals, completes, cert_depth, min_cert_level;
ulong created, nextcheck;
- read_trust_options (&trust_model, &created, &nextcheck,
+ read_trust_options (ctrl, &trust_model, &created, &nextcheck,
&marginals, &completes, &cert_depth, &min_cert_level);
es_fprintf (es_stdout, "tru:");
@@ -164,7 +164,7 @@ secret_key_list (ctrl_t ctrl, strlist_t list)
}
char *
-format_seckey_info (PKT_public_key *pk)
+format_seckey_info (ctrl_t ctrl, PKT_public_key *pk)
{
u32 keyid[2];
char *p;
@@ -172,7 +172,7 @@ format_seckey_info (PKT_public_key *pk)
char *info;
keyid_from_pk (pk, keyid);
- p = get_user_id_native (keyid);
+ p = get_user_id_native (ctrl, keyid);
info = xtryasprintf ("sec %s/%s %s %s",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
@@ -184,9 +184,9 @@ format_seckey_info (PKT_public_key *pk)
}
void
-print_seckey_info (PKT_public_key *pk)
+print_seckey_info (ctrl_t ctrl, PKT_public_key *pk)
{
- char *p = format_seckey_info (pk);
+ char *p = format_seckey_info (ctrl, pk);
tty_printf ("\n%s\n", p);
xfree (p);
}
@@ -195,7 +195,7 @@ print_seckey_info (PKT_public_key *pk)
the tty output interface is used, otherwise output is directted to
the given stream. */
void
-print_pubkey_info (estream_t fp, PKT_public_key *pk)
+print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk)
{
u32 keyid[2];
char *p;
@@ -208,7 +208,7 @@ print_pubkey_info (estream_t fp, PKT_public_key *pk)
if (pk->user_id)
p = utf8_to_native (pk->user_id->name, pk->user_id->len, 0);
else
- p = get_user_id_native (keyid);
+ p = get_user_id_native (ctrl, keyid);
if (fp)
tty_printf ("\n");
@@ -553,7 +553,7 @@ list_all (ctrl_t ctrl, int secret, int mark_secret)
lastresname = resname;
}
}
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
list_keyblock (ctrl, keyblock, secret, any_secret, opt.fingerprint,
&listctx);
}
@@ -604,7 +604,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
* functions) or to have the search function return indicators for
* found names. Yet another way is to use the keydb search
* facilities directly. */
- rc = getkey_bynames (&ctx, NULL, names, secret, &keyblock);
+ rc = getkey_bynames (ctrl, &ctx, NULL, names, secret, &keyblock);
if (rc)
{
log_error ("error reading key: %s\n", gpg_strerror (rc));
@@ -626,7 +626,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
keyblock, secret, mark_secret, opt.fingerprint, &listctx);
release_kbnode (keyblock);
}
- while (!getkey_next (ctx, NULL, &keyblock));
+ while (!getkey_next (ctrl, ctx, NULL, &keyblock));
getkey_end (ctx);
if (opt.check_sigs && !opt.with_colons)
@@ -667,7 +667,7 @@ locate_one (ctrl_t ctrl, strlist_t names)
list_keyblock (ctrl, keyblock, 0, 0, opt.fingerprint, &listctx);
release_kbnode (keyblock);
}
- while (ctx && !getkey_next (ctx, NULL, &keyblock));
+ while (ctx && !getkey_next (ctrl, ctx, NULL, &keyblock));
getkey_end (ctx);
ctx = NULL;
}
@@ -696,7 +696,7 @@ print_key_data (PKT_public_key * pk)
}
static void
-print_capabilities (PKT_public_key *pk, KBNODE keyblock)
+print_capabilities (ctrl_t ctrl, PKT_public_key *pk, KBNODE keyblock)
{
unsigned int use = pk->pubkey_usage;
int c_printed = 0;
@@ -907,10 +907,10 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
check_trustdb_stale (ctrl);
/* Print the "pub" line and in KF_NONE mode the fingerprint. */
- print_key_line (es_stdout, pk, secret);
+ print_key_line (ctrl, es_stdout, pk, secret);
if (fpr)
- print_fingerprint (NULL, pk, 0);
+ print_fingerprint (ctrl, NULL, pk, 0);
if (opt.with_keygrip && hexgrip)
es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
@@ -1020,10 +1020,10 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
}
/* Print the "sub" line. */
- print_key_line (es_stdout, pk2, secret);
+ print_key_line (ctrl, es_stdout, pk2, secret);
if (fpr > 1 || opt.with_subkey_fingerprint)
{
- print_fingerprint (NULL, pk2, 0);
+ print_fingerprint (ctrl, NULL, pk2, 0);
if (serialno)
print_card_serialno (serialno);
}
@@ -1041,7 +1041,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
if (listctx->check_sigs)
{
- rc = check_key_signature (keyblock, node, NULL);
+ rc = check_key_signature (ctrl, keyblock, node, NULL);
switch (gpg_err_code (rc))
{
case 0:
@@ -1113,7 +1113,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
else if (!opt.fast_list_mode)
{
size_t n;
- char *p = get_user_id (sig->keyid, &n);
+ char *p = get_user_id (ctrl, sig->keyid, &n);
print_utf8_buffer (es_stdout, p, n);
xfree (p);
}
@@ -1261,7 +1261,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
}
if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
- ownertrust_print = get_ownertrust_info (pk, 0);
+ ownertrust_print = get_ownertrust_info (ctrl, pk, 0);
else
ownertrust_print = 0;
@@ -1282,7 +1282,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
es_putc (':', es_stdout);
es_putc (':', es_stdout);
- print_capabilities (pk, keyblock);
+ print_capabilities (ctrl, pk, keyblock);
es_putc (':', es_stdout); /* End of field 13. */
es_putc (':', es_stdout); /* End of field 14. */
if (secret || has_secret)
@@ -1314,7 +1314,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
es_putc ('\n', es_stdout);
print_revokers (es_stdout, pk);
- print_fingerprint (NULL, pk, 0);
+ print_fingerprint (ctrl, NULL, pk, 0);
if (hexgrip)
es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
if (opt.with_key_data)
@@ -1419,7 +1419,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
(ulong) keyid2[0], (ulong) keyid2[1],
colon_datestr_from_pk (pk2),
colon_strtime (pk2->expiredate));
- print_capabilities (pk2, NULL);
+ print_capabilities (ctrl, pk2, NULL);
es_putc (':', es_stdout); /* End of field 13. */
es_putc (':', es_stdout); /* End of field 14. */
if (secret || has_secret)
@@ -1448,7 +1448,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
print_compliance_flags (pk2, keylength, curvename);
es_putc (':', es_stdout); /* End of field 18. */
es_putc ('\n', es_stdout);
- print_fingerprint (NULL, pk2, 0);
+ print_fingerprint (ctrl, NULL, pk2, 0);
if (hexgrip)
es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
if (opt.with_key_data)
@@ -1488,7 +1488,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
if (opt.no_sig_cache)
signer_pk = xmalloc_clear (sizeof (PKT_public_key));
- rc = check_key_signature2 (keyblock, node, NULL, signer_pk,
+ rc = check_key_signature2 (ctrl, keyblock, node, NULL, signer_pk,
NULL, NULL, NULL);
switch (gpg_err_code (rc))
{
@@ -1524,7 +1524,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
}
if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
- siguid = get_user_id (sig->keyid, &siguidlen);
+ siguid = get_user_id (ctrl, sig->keyid, &siguidlen);
else
{
siguid = NULL;
@@ -1697,7 +1697,8 @@ print_icao_hexdigit (estream_t fp, int c)
* of es_stdout or instead of the TTY in modes 2 and 3.
*/
void
-print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
+print_fingerprint (ctrl_t ctrl, estream_t override_fp,
+ PKT_public_key *pk, int mode)
{
char hexfpr[2*MAX_FINGERPRINT_LEN+1];
char *p;
@@ -1742,8 +1743,8 @@ print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
if (!primary && (mode == 1 || mode == 2))
{
PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk));
- get_pubkey (primary_pk, pk->main_keyid);
- print_fingerprint (override_fp, primary_pk, (mode | 0x80));
+ get_pubkey (ctrl, primary_pk, pk->main_keyid);
+ print_fingerprint (ctrl, override_fp, primary_pk, (mode | 0x80));
free_public_key (primary_pk);
}
@@ -1864,7 +1865,7 @@ print_card_serialno (const char *serialno)
* 3 := '>' Secret key is on a token.
*/
void
-print_key_line (estream_t fp, PKT_public_key *pk, int secret)
+print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret)
{
char pkstrbuf[PUBKEY_STRING_SIZE];
@@ -1919,7 +1920,7 @@ print_key_line (estream_t fp, PKT_public_key *pk, int secret)
fingerprints, show compact fpr of primary key: */
if (pk->flags.primary &&
!opt.fingerprint && !opt.with_fingerprint)
- print_fingerprint (fp, pk, 20);
+ print_fingerprint (ctrl, fp, pk, 20);
}
diff --git a/g10/keyring.c b/g10/keyring.c
index e7ebbb38b..51b76872f 100644
--- a/g10/keyring.c
+++ b/g10/keyring.c
@@ -1404,7 +1404,7 @@ write_keyblock (IOBUF fp, KBNODE keyblock)
* This is only done for the public keyrings.
*/
int
-keyring_rebuild_cache (void *token,int noisy)
+keyring_rebuild_cache (ctrl_t ctrl, void *token, int noisy)
{
KEYRING_HANDLE hd;
KEYDB_SEARCH_DESC desc;
@@ -1521,7 +1521,7 @@ keyring_rebuild_cache (void *token,int noisy)
|| openpgp_pk_test_algo(sig->pubkey_algo)))
sig->flags.checked=sig->flags.valid=0;
else
- check_key_signature (keyblock, node, NULL);
+ check_key_signature (ctrl, keyblock, node, NULL);
sigcount++;
}
diff --git a/g10/keyring.h b/g10/keyring.h
index 07f383576..7155d1d4a 100644
--- a/g10/keyring.h
+++ b/g10/keyring.h
@@ -40,6 +40,6 @@ int keyring_delete_keyblock (KEYRING_HANDLE hd);
int keyring_search_reset (KEYRING_HANDLE hd);
int keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc,
size_t ndesc, size_t *descindex, int skip_legacy);
-int keyring_rebuild_cache (void *token,int noisy);
+int keyring_rebuild_cache (ctrl_t ctrl, void *token,int noisy);
#endif /*GPG_KEYRING_H*/
diff --git a/g10/keyserver.c b/g10/keyserver.c
index 1fe3ea853..c9be1f020 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -468,7 +468,7 @@ parse_preferred_keyserver(PKT_signature *sig)
}
static void
-print_keyrec(int number,struct keyrec *keyrec)
+print_keyrec (ctrl_t ctrl, int number,struct keyrec *keyrec)
{
int i;
@@ -522,7 +522,7 @@ print_keyrec(int number,struct keyrec *keyrec)
case KEYDB_SEARCH_MODE_FPR20:
{
u32 kid[2];
- keyid_from_fingerprint(keyrec->desc.u.fpr,20,kid);
+ keyid_from_fingerprint (ctrl, keyrec->desc.u.fpr,20,kid);
es_printf("key %s",keystr(kid));
}
break;
@@ -960,7 +960,7 @@ search_line_handler (void *opaque, int special, char *line)
parm->numlines = 0;
}
- print_keyrec (parm->nkeys+1, keyrec);
+ print_keyrec (parm->ctrl, parm->nkeys+1, keyrec);
}
parm->numlines += keyrec->lines;
@@ -1196,9 +1196,11 @@ keyserver_import_keyid (ctrl_t ctrl,
return keyserver_get (ctrl, &desc, 1, keyserver, quick, NULL, NULL);
}
+
/* code mostly stolen from do_export_stream */
static int
-keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
+keyidlist (ctrl_t ctrl, strlist_t users, KEYDB_SEARCH_DESC **klist,
+ int *count, int fakev3)
{
int rc = 0;
int num = 100;
@@ -1318,7 +1320,7 @@ keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
PKT_user_id *uid=NULL;
PKT_signature *sig=NULL;
- merge_keys_and_selfsig(keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
for(node=node->next;node;node=node->next)
{
@@ -1401,7 +1403,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
fakev3=1;
- err = keyidlist (users, &desc, &numdesc, fakev3);
+ err = keyidlist (ctrl, users, &desc, &numdesc, fakev3);
if (err)
return err;
diff --git a/g10/main.h b/g10/main.h
index 96e55620f..2a65647c3 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -54,6 +54,7 @@
typedef struct
{
+ ctrl_t ctrl;
int header_okay;
PK_LIST pk_list;
DEK *symkey_dek;
@@ -237,12 +238,12 @@ void encrypt_crypt_files (ctrl_t ctrl,
int encrypt_filter (void *opaque, int control,
iobuf_t a, byte *buf, size_t *ret_len);
-int write_pubkey_enc (PKT_public_key *pk, int throw_keyid,
+int write_pubkey_enc (ctrl_t ctrl, PKT_public_key *pk, int throw_keyid,
DEK *dek, iobuf_t out);
/*-- sign.c --*/
-int complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
- const char *cache_nonce);
+int complete_sig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pksk,
+ gcry_md_hd_t md, const char *cache_nonce);
int sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
int do_encrypt, strlist_t remusr, const char *outfile );
int clearsign_file (ctrl_t ctrl,
@@ -254,7 +255,7 @@ int sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr);
/* SIG is a revocation signature. Check if any of PK's designated
revokers generated it. If so, return 0. Note: this function
(correctly) doesn't care if the designated revoker is revoked. */
-int check_revocation_keys (PKT_public_key *pk, PKT_signature *sig);
+int check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig);
/* Check that the backsig BACKSIG from the subkey SUB_PK to its
primary key MAIN_PK is valid. */
int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
@@ -262,13 +263,14 @@ int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
/* Check that the signature SIG over a key (e.g., a key binding or a
key revocation) is valid. (To check signatures over data, use
check_signature.) */
-int check_key_signature( KBNODE root, KBNODE sig, int *is_selfsig );
+int check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t sig,
+ int *is_selfsig );
/* Like check_key_signature, but with the ability to specify some
additional parameters and get back additional information. See the
documentation for the implementation for details. */
-int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
- PKT_public_key *ret_pk, int *is_selfsig,
- u32 *r_expiredate, int *r_expired );
+int check_key_signature2 (ctrl_t ctrl, kbnode_t root, kbnode_t node,
+ PKT_public_key *check_pk, PKT_public_key *ret_pk,
+ int *is_selfsig, u32 *r_expiredate, int *r_expired);
/* Returns whether SIGNER generated the signature SIG over the packet
PACKET, which is a key, subkey or uid, and comes from the key block
@@ -276,7 +278,8 @@ int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
SIG. If not NULL, sets *IS_SELFSIG to indicate whether the
signature is a self-signature and *RET_PK to a copy of the signer's
key. */
-gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer,
+gpg_error_t check_signature_over_key_or_uid (ctrl_t ctrl,
+ PKT_public_key *signer,
PKT_signature *sig,
KBNODE kb, PACKET *packet,
int *is_selfsig,
@@ -284,7 +287,8 @@ gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer,
/*-- delkey.c --*/
-gpg_error_t delete_keys (strlist_t names, int secret, int allow_both);
+gpg_error_t delete_keys (ctrl_t ctrl,
+ strlist_t names, int secret, int allow_both);
/*-- keyedit.c --*/
void keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
@@ -302,7 +306,7 @@ void keyedit_quick_set_expire (ctrl_t ctrl,
const char *fpr, const char *expirestr);
void keyedit_quick_set_primary (ctrl_t ctrl, const char *username,
const char *primaryuid);
-void show_basic_key_info (KBNODE keyblock);
+void show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock);
/*-- keygen.c --*/
const char *get_default_pubkey_algo (void);
@@ -323,7 +327,8 @@ int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
int keygen_add_keyserver_url(PKT_signature *sig, void *opaque);
int keygen_add_notations(PKT_signature *sig,void *opaque);
int keygen_add_revkey(PKT_signature *sig, void *opaque);
-gpg_error_t make_backsig (PKT_signature *sig, PKT_public_key *pk,
+gpg_error_t make_backsig (ctrl_t ctrl,
+ PKT_signature *sig, PKT_public_key *pk,
PKT_public_key *sub_pk, PKT_public_key *sub_psk,
u32 timestamp, const char *cache_nonce);
gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock,
@@ -331,7 +336,7 @@ gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock,
const char *usagestr,
const char *expirestr);
#ifdef ENABLE_CARD_SUPPORT
-gpg_error_t generate_card_subkeypair (kbnode_t pub_keyblock,
+gpg_error_t generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock,
int keyno, const char *serialno);
#endif
@@ -382,6 +387,13 @@ gpg_error_t import_old_secring (ctrl_t ctrl, const char *fname);
import_stats_t import_new_stats_handle (void);
void import_release_stats_handle (import_stats_t hd);
void import_print_stats (import_stats_t hd);
+/* Communication for impex_filter_getval */
+struct impex_filter_parm_s
+{
+ ctrl_t ctrl;
+ kbnode_t node;
+};
+
const char *impex_filter_getval (void *cookie, const char *propname);
gpg_error_t transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
kbnode_t sec_keyblock, int batch, int force);
@@ -430,8 +442,10 @@ int enarmor_file( const char *fname );
/*-- revoke.c --*/
struct revocation_reason_info;
-int gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce);
-int gen_revoke( const char *uname );
+
+int gen_standard_revoke (ctrl_t ctrl,
+ PKT_public_key *psk, const char *cache_nonce);
+int gen_revoke (ctrl_t ctrl, const char *uname);
int gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr);
int revocation_reason_build_cb( PKT_signature *sig, void *opaque );
struct revocation_reason_info *
@@ -446,18 +460,19 @@ void print_subpackets_colon(PKT_signature *sig);
void reorder_keyblock (KBNODE keyblock);
void list_keyblock_direct (ctrl_t ctrl, kbnode_t keyblock, int secret,
int has_secret, int fpr, int no_validity);
-void print_fingerprint (estream_t fp, PKT_public_key *pk, int mode);
+void print_fingerprint (ctrl_t ctrl, estream_t fp,
+ PKT_public_key *pk, int mode);
void print_revokers (estream_t fp, PKT_public_key *pk);
void show_policy_url(PKT_signature *sig,int indent,int mode);
void show_keyserver_url(PKT_signature *sig,int indent,int mode);
void show_notation(PKT_signature *sig,int indent,int mode,int which);
void dump_attribs (const PKT_user_id *uid, PKT_public_key *pk);
void set_attrib_fd(int fd);
-char *format_seckey_info (PKT_public_key *pk);
-void print_seckey_info (PKT_public_key *pk);
-void print_pubkey_info (estream_t fp, PKT_public_key *pk);
+char *format_seckey_info (ctrl_t ctrl, PKT_public_key *pk);
+void print_seckey_info (ctrl_t ctrl, PKT_public_key *pk);
+void print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk);
void print_card_key_info (estream_t fp, KBNODE keyblock);
-void print_key_line (estream_t fp, PKT_public_key *pk, int secret);
+void print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret);
/*-- verify.c --*/
void print_file_status( int status, const char *name, int what );
@@ -485,9 +500,9 @@ gpg_error_t gpg_proxy_pinentry_notify (ctrl_t ctrl,
#ifdef ENABLE_CARD_SUPPORT
/*-- card-util.c --*/
void change_pin (int no, int allow_admin);
-void card_status (estream_t fp, const char *serialno);
+void card_status (ctrl_t ctrl, estream_t fp, const char *serialno);
void card_edit (ctrl_t ctrl, strlist_t commands);
-gpg_error_t card_generate_subkey (KBNODE pub_keyblock);
+gpg_error_t card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock);
int card_store_subkey (KBNODE node, int use);
#endif
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 7b2c4567c..950f214b9 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -465,7 +465,7 @@ proc_pubkey_enc (ctrl_t ctrl, CTX c, PACKET *pkt)
* not decrypt.
*/
static void
-print_pkenc_list (struct kidlist_item *list, int failed)
+print_pkenc_list (ctrl_t ctrl, struct kidlist_item *list, int failed)
{
for (; list; list = list->next)
{
@@ -483,13 +483,13 @@ print_pkenc_list (struct kidlist_item *list, int failed)
if (!algstr)
algstr = "[?]";
pk->pubkey_algo = list->pubkey_algo;
- if (!get_pubkey (pk, list->kid))
+ if (!get_pubkey (ctrl, pk, list->kid))
{
char *p;
log_info (_("encrypted with %u-bit %s key, ID %s, created %s\n"),
nbits_from_pk (pk), algstr, keystr_from_pk(pk),
strtimestamp (pk->timestamp));
- p = get_user_id_native (list->kid);
+ p = get_user_id_native (ctrl, list->kid);
log_printf (_(" \"%s\"\n"), p);
xfree (p);
}
@@ -530,8 +530,8 @@ proc_encrypted (CTX c, PACKET *pkt)
log_info (_("encrypted with %lu passphrases\n"), c->symkeys);
else if (c->symkeys == 1)
log_info (_("encrypted with 1 passphrase\n"));
- print_pkenc_list ( c->pkenc_list, 1 );
- print_pkenc_list ( c->pkenc_list, 0 );
+ print_pkenc_list (c->ctrl, c->pkenc_list, 1 );
+ print_pkenc_list (c->ctrl, c->pkenc_list, 0 );
}
/* FIXME: Figure out the session key by looking at all pkenc packets. */
@@ -916,7 +916,7 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
if (c->list->pkt->pkttype == PKT_PUBLIC_KEY
|| c->list->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
- return check_key_signature( c->list, node, is_selfsig );
+ return check_key_signature (c->ctrl, c->list, node, is_selfsig);
}
else if (sig->sig_class == 0x20)
{
@@ -935,14 +935,14 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig,
/* We only get here if we are checking the signature of a binary
(0x00) or text document (0x01). */
- rc = check_signature2 (sig, md, NULL, is_expkey, is_revkey, r_pk);
+ rc = check_signature2 (c->ctrl, sig, md, NULL, is_expkey, is_revkey, r_pk);
if (! rc)
md_good = md;
else if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE && md2)
{
PKT_public_key *pk2;
- rc = check_signature2 (sig, md2, NULL, is_expkey, is_revkey,
+ rc = check_signature2 (c->ctrl, sig, md2, NULL, is_expkey, is_revkey,
r_pk? &pk2 : NULL);
if (!rc)
{
@@ -1032,19 +1032,19 @@ list_node (CTX c, kbnode_t node)
colon_datestr_from_pk( pk ),
colon_strtime (pk->expiredate) );
if (pk->flags.primary && !opt.fast_list_mode)
- es_putc (get_ownertrust_info (pk, 1), es_stdout);
+ es_putc (get_ownertrust_info (c->ctrl, pk, 1), es_stdout);
es_putc (':', es_stdout);
es_putc ('\n', es_stdout);
}
else
{
- print_key_line (es_stdout, pk, 0);
+ print_key_line (c->ctrl, es_stdout, pk, 0);
}
if (opt.keyid_format == KF_NONE && !opt.with_colons)
; /* Already printed. */
else if ((pk->flags.primary && opt.fingerprint) || opt.fingerprint > 1)
- print_fingerprint (NULL, pk, 0);
+ print_fingerprint (c->ctrl, NULL, pk, 0);
if (pk->flags.primary)
{
@@ -1165,7 +1165,7 @@ list_node (CTX c, kbnode_t node)
}
else if (!opt.fast_list_mode)
{
- p = get_user_id (sig->keyid, &n);
+ p = get_user_id (c->ctrl, sig->keyid, &n);
es_write_sanitized (es_stdout, p, n,
opt.with_colons?":":NULL, NULL );
xfree (p);
@@ -1928,7 +1928,7 @@ check_sig_and_print (CTX c, kbnode_t node)
* keyboock has already been fetched. Thus we could use the
* fingerprint or PK itself to lookup the entire keyblock. That
* would best be done with a cache. */
- keyblock = get_pubkeyblock (sig->keyid);
+ keyblock = get_pubkeyblock (c->ctrl, sig->keyid);
snprintf (keyid_str, sizeof keyid_str, "%08lX%08lX [uncertain] ",
(ulong)sig->keyid[0], (ulong)sig->keyid[1]);
@@ -2254,12 +2254,12 @@ proc_tree (CTX c, kbnode_t node)
if (node->pkt->pkttype == PKT_PUBLIC_KEY
|| node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
- merge_keys_and_selfsig (node);
+ merge_keys_and_selfsig (c->ctrl, node);
list_node (c, node);
}
else if (node->pkt->pkttype == PKT_SECRET_KEY)
{
- merge_keys_and_selfsig (node);
+ merge_keys_and_selfsig (c->ctrl, node);
list_node (c, node);
}
else if (node->pkt->pkttype == PKT_ONEPASS_SIG)
diff --git a/g10/packet.h b/g10/packet.h
index f5f22b695..3cb1e3b48 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -428,7 +428,7 @@ typedef struct
there is no disable value cached, fill one in. */
#define pk_is_disabled(a) \
(((a)->flags.disabled_valid)? \
- ((a)->flags.disabled):(cache_disabled_value((a))))
+ ((a)->flags.disabled):(cache_disabled_value(ctrl,(a))))
typedef struct {
@@ -853,14 +853,15 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b );
/*-- sig-check.c --*/
/* Check a signature. This is shorthand for check_signature2 with
the unnamed arguments passed as NULL. */
-int check_signature (PKT_signature *sig, gcry_md_hd_t digest);
+int check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest);
/* Check a signature. Looks up the public key from the key db. (If
* R_PK is not NULL, it is stored at RET_PK.) DIGEST contains a
* valid hash context that already includes the signed data. This
* function adds the relevant meta-data to the hash before finalizing
* it and verifying the signature. */
-gpg_error_t check_signature2 (PKT_signature *sig, gcry_md_hd_t digest,
+gpg_error_t check_signature2 (ctrl_t ctrl,
+ PKT_signature *sig, gcry_md_hd_t digest,
u32 *r_expiredate, int *r_expired, int *r_revoked,
PKT_public_key **r_pk);
@@ -885,14 +886,16 @@ int ask_for_detached_datafile( gcry_md_hd_t md, gcry_md_hd_t md2,
const char *inname, int textmode );
/*-- sign.c --*/
-int make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
+int make_keysig_packet (ctrl_t ctrl,
+ PKT_signature **ret_sig, PKT_public_key *pk,
PKT_user_id *uid, PKT_public_key *subpk,
PKT_public_key *pksk, int sigclass, int digest_algo,
u32 timestamp, u32 duration,
int (*mksubpkt)(PKT_signature *, void *),
void *opaque,
const char *cache_nonce);
-gpg_error_t update_keysig_packet (PKT_signature **ret_sig,
+gpg_error_t update_keysig_packet (ctrl_t ctrl,
+ PKT_signature **ret_sig,
PKT_signature *orig_sig,
PKT_public_key *pk,
PKT_user_id *uid,
diff --git a/g10/passphrase.c b/g10/passphrase.c
index 02371fe9f..a498f627b 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -441,12 +441,13 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
/* Emit the USERID_HINT and the NEED_PASSPHRASE status messages.
MAINKEYID may be NULL. */
void
-emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo)
+emit_status_need_passphrase (ctrl_t ctrl,
+ u32 *keyid, u32 *mainkeyid, int pubkey_algo)
{
char buf[50];
char *us;
- us = get_long_user_id_string (keyid);
+ us = get_long_user_id_string (ctrl, keyid);
write_status_text (STATUS_USERID_HINT, us);
xfree (us);
@@ -466,7 +467,7 @@ emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo)
MODE describes the use of the key description; use one of the
FORMAT_KEYDESC_ macros. */
char *
-gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped)
+gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped)
{
char *uid;
size_t uidlen;
@@ -484,7 +485,7 @@ gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped)
&& pk->keyid[1] != pk->main_keyid[1]);
algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
timestr = strtimestamp (pk->timestamp);
- uid = get_user_id (is_subkey? pk->main_keyid:pk->keyid, &uidlen);
+ uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen);
orig_codeset = i18n_switchto_utf8 ();
diff --git a/g10/pkclist.c b/g10/pkclist.c
index bf43d5638..e65da2574 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -110,7 +110,7 @@ do_show_revocation_reason( PKT_signature *sig )
subkeys, etc.) Mode 1: use only the revocation on the main pk */
void
-show_revocation_reason( PKT_public_key *pk, int mode )
+show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode)
{
/* Hmmm, this is not so easy because we have to duplicate the code
* used in the trustbd to calculate the keyflags. We need to find
@@ -127,7 +127,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
/* get the keyblock */
fingerprint_from_pk( pk, fingerprint, &fingerlen );
- rc = get_pubkey_byfprint(NULL, &keyblock, fingerprint, fingerlen);
+ rc = get_pubkey_byfprint (ctrl, NULL, &keyblock, fingerprint, fingerlen);
if( rc ) { /* that should never happen */
log_debug( "failed to get the keyblock\n");
return;
@@ -160,7 +160,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
/* We didn't find it, so check if the whole key is revoked */
if(!node && !mode)
- show_revocation_reason(pk,1);
+ show_revocation_reason (ctrl, pk, 1);
release_kbnode( keyblock );
}
@@ -188,7 +188,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
int show=0;
int min_num;
int did_help=defer_help;
- unsigned int minimum = tdb_get_min_ownertrust (pk, 0);
+ unsigned int minimum = tdb_get_min_ownertrust (ctrl, pk, 0);
switch(minimum)
{
@@ -222,13 +222,13 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
KBNODE keyblock, un;
tty_printf (_("No trust value assigned to:\n"));
- print_key_line (NULL, pk, 0);
+ print_key_line (ctrl, NULL, pk, 0);
- p = get_user_id_native(keyid);
+ p = get_user_id_native (ctrl, keyid);
tty_printf (_(" \"%s\"\n"),p);
xfree (p);
- keyblock = get_pubkeyblock (keyid);
+ keyblock = get_pubkeyblock (ctrl, keyid);
if (!keyblock)
BUG ();
for (un=keyblock; un; un = un->next)
@@ -257,7 +257,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
tty_printf(_(" aka \"%s\"\n"),p);
}
- print_fingerprint (NULL, pk, 2);
+ print_fingerprint (ctrl, NULL, pk, 2);
tty_printf("\n");
release_kbnode (keyblock);
}
@@ -391,8 +391,8 @@ edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode )
break;
case 1: /* trust value set */
trust &= ~TRUST_FLAG_DISABLED;
- trust |= get_ownertrust (pk) & TRUST_FLAG_DISABLED;
- update_ownertrust (pk, trust );
+ trust |= get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED;
+ update_ownertrust (ctrl, pk, trust );
return 1;
default:
return 0;
@@ -467,7 +467,7 @@ do_we_trust( PKT_public_key *pk, unsigned int trustlevel )
* key anyway.
*/
static int
-do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
+do_we_trust_pre (ctrl_t ctrl, PKT_public_key *pk, unsigned int trustlevel )
{
int rc;
@@ -475,8 +475,8 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
if( !opt.batch && !rc )
{
- print_pubkey_info(NULL,pk);
- print_fingerprint (NULL, pk, 2);
+ print_pubkey_info (ctrl, NULL,pk);
+ print_fingerprint (ctrl, NULL, pk, 2);
tty_printf("\n");
if ((trustlevel & TRUST_MASK) == TRUST_NEVER)
@@ -499,7 +499,7 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
char *hint_str;
keyid_from_pk (pk, kid);
- hint_str = get_long_user_id_string ( kid );
+ hint_str = get_long_user_id_string (ctrl, kid);
write_status_text ( STATUS_USERID_HINT, hint_str );
xfree (hint_str);
}
@@ -548,7 +548,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
unsigned int trustlevel = TRUST_UNKNOWN;
int rc=0;
- rc = get_pubkey( pk, sig->keyid );
+ rc = get_pubkey (ctrl, pk, sig->keyid );
if (rc)
{ /* this should not happen */
log_error("Ooops; the key vanished - can't check the trust\n");
@@ -561,7 +561,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
if( !opt.quiet )
log_info(_("WARNING: Using untrusted key!\n"));
if (opt.with_fingerprint)
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (ctrl, NULL, pk, 1);
goto leave;
}
@@ -580,13 +580,13 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
else
log_info(_("WARNING: This key has been revoked by its owner!\n"));
log_info(_(" This could mean that the signature is forged.\n"));
- show_revocation_reason( pk, 0 );
+ show_revocation_reason (ctrl, pk, 0);
}
else if ((trustlevel & TRUST_FLAG_SUB_REVOKED) )
{
write_status( STATUS_KEYREVOKED );
log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
- show_revocation_reason( pk, 0 );
+ show_revocation_reason (ctrl, pk, 0);
}
if ((trustlevel & TRUST_FLAG_DISABLED))
@@ -602,7 +602,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
primary_pk = xmalloc_clear (sizeof *primary_pk);
- get_pubkey (primary_pk, pk->main_keyid);
+ get_pubkey (ctrl, primary_pk, pk->main_keyid);
fingerprint_from_pk (primary_pk, fpr, &fprlen);
free_public_key (primary_pk);
@@ -649,7 +649,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
{
case TRUST_EXPIRED:
log_info(_("Note: This key has expired!\n"));
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (ctrl, NULL, pk, 1);
break;
default:
@@ -663,7 +663,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
" a trusted signature!\n"));
log_info(_(" There is no indication that the "
"signature belongs to the owner.\n" ));
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (ctrl, NULL, pk, 1);
break;
case TRUST_NEVER:
@@ -673,7 +673,7 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
log_info(_("WARNING: We do NOT trust this key!\n"));
log_info(_(" The signature is probably a FORGERY.\n"));
if (opt.with_fingerprint)
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (ctrl, NULL, pk, 1);
rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
break;
@@ -683,19 +683,19 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
" sufficiently trusted signatures!\n"));
log_info(_(" It is not certain that the"
" signature belongs to the owner.\n" ));
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (ctrl, NULL, pk, 1);
break;
case TRUST_FULLY:
write_trust_status (STATUS_TRUST_FULLY, trustlevel);
if (opt.with_fingerprint)
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (ctrl, NULL, pk, 1);
break;
case TRUST_ULTIMATE:
write_trust_status (STATUS_TRUST_ULTIMATE, trustlevel);
if (opt.with_fingerprint)
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (ctrl, NULL, pk, 1);
break;
}
@@ -882,7 +882,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
return GPG_ERR_UNUSABLE_PUBKEY;
}
- if ( !do_we_trust_pre (pk, trustlevel) )
+ if ( !do_we_trust_pre (ctrl, pk, trustlevel) )
{
/* We don't trust this key. */
send_status_inv_recp (10, name);
@@ -1151,8 +1151,8 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
else
{
size_t n;
- char *p = get_user_id( keyid, &n );
- tty_print_utf8_string( p, n );
+ char *p = get_user_id (ctrl, keyid, &n );
+ tty_print_utf8_string ( p, n );
xfree(p);
}
tty_printf("\"\n");
@@ -1218,7 +1218,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
{
tty_printf (_("Public key is disabled.\n") );
}
- else if ( do_we_trust_pre (pk, trustlevel) )
+ else if ( do_we_trust_pre (ctrl, pk, trustlevel) )
{
/* Skip the actual key if the key is already
* present in the list */
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index d2261b0b4..d0eaab775 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -37,7 +37,7 @@
#include "../common/host2net.h"
-static gpg_error_t get_it (PKT_pubkey_enc *k,
+static gpg_error_t get_it (ctrl_t ctrl, PKT_pubkey_enc *k,
DEK *dek, PKT_public_key *sk, u32 *keyid);
@@ -87,8 +87,8 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
{
sk = xmalloc_clear (sizeof *sk);
sk->pubkey_algo = k->pubkey_algo; /* We want a pubkey with this algo. */
- if (!(rc = get_seckey (sk, k->keyid)))
- rc = get_it (k, dek, sk, k->keyid);
+ if (!(rc = get_seckey (ctrl, sk, k->keyid)))
+ rc = get_it (ctrl, k, dek, sk, k->keyid);
}
else if (opt.skip_hidden_recipients)
rc = gpg_error (GPG_ERR_NO_SECKEY);
@@ -116,7 +116,7 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
log_info (_("anonymous recipient; trying secret key %s ...\n"),
keystr (keyid));
- rc = get_it (k, dek, sk, keyid);
+ rc = get_it (ctrl, k, dek, sk, keyid);
if (!rc)
{
if (!opt.quiet)
@@ -138,7 +138,8 @@ leave:
static gpg_error_t
-get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
+get_it (ctrl_t ctrl,
+ PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
{
gpg_error_t err;
byte *frame = NULL;
@@ -200,7 +201,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
}
/* Decrypt. */
- desc = gpg_format_keydesc (sk, FORMAT_KEYDESC_NORMAL, 1);
+ desc = gpg_format_keydesc (ctrl, sk, FORMAT_KEYDESC_NORMAL, 1);
err = agent_pkdecrypt (NULL, keygrip,
desc, sk->keyid, sk->main_keyid, sk->pubkey_algo,
s_data, &frame, &nframe, &padding);
@@ -340,7 +341,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
{
PKT_public_key *pk = NULL;
PKT_public_key *mainpk = NULL;
- KBNODE pkb = get_pubkeyblock (keyid);
+ KBNODE pkb = get_pubkeyblock (ctrl, keyid);
if (!pkb)
{
@@ -393,7 +394,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
{
log_info (_("Note: key has been revoked"));
log_printf ("\n");
- show_revocation_reason (pk, 1);
+ show_revocation_reason (ctrl, pk, 1);
}
if (is_status_enabled () && pk && mainpk)
@@ -410,7 +411,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
* value is irrelevant. */
write_status_printf (STATUS_DECRYPTION_KEY, "%s %s %c",
pkhex, mainpkhex,
- get_ownertrust_info (mainpk, 1));
+ get_ownertrust_info (ctrl, mainpk, 1));
}
diff --git a/g10/revoke.c b/g10/revoke.c
index 122699f8c..1dea6ae12 100644
--- a/g10/revoke.c
+++ b/g10/revoke.c
@@ -238,7 +238,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
}
/* To parse the revkeys */
- merge_keys_and_selfsig(keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
/* get the key from the keyblock */
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
@@ -294,7 +294,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
else
{
pk2 = xmalloc_clear (sizeof *pk2);
- rc = get_pubkey_byfprint (pk2, NULL,
+ rc = get_pubkey_byfprint (ctrl, pk2, NULL,
pk->revkey[i].fpr, MAX_FINGERPRINT_LEN);
}
@@ -305,11 +305,11 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
any = 1;
- print_pubkey_info (NULL, pk);
+ print_pubkey_info (ctrl, NULL, pk);
tty_printf ("\n");
tty_printf (_("To be revoked by:\n"));
- print_seckey_info (pk2);
+ print_seckey_info (ctrl, pk2);
if(pk->revkey[i].class&0x40)
tty_printf(_("(This is a sensitive revocation key)\n"));
@@ -343,7 +343,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
push_armor_filter (afx, out);
/* create it */
- rc = make_keysig_packet( &sig, pk, NULL, NULL, pk2, 0x20, 0,
+ rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk2, 0x20, 0,
0, 0,
revocation_reason_build_cb, reason,
NULL);
@@ -445,7 +445,8 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
just the naked revocation signature; it may be NULL. If LEADINTEXT
is not NULL, it is written right before the (armored) output.*/
static int
-create_revocation (const char *filename,
+create_revocation (ctrl_t ctrl,
+ const char *filename,
struct revocation_reason_info *reason,
PKT_public_key *psk,
kbnode_t keyblock,
@@ -470,7 +471,7 @@ create_revocation (const char *filename,
afx->hdrlines = "Comment: This is a revocation certificate\n";
push_armor_filter (afx, out);
- rc = make_keysig_packet (&sig, psk, NULL, NULL, psk, 0x20, 0,
+ rc = make_keysig_packet (ctrl, &sig, psk, NULL, NULL, psk, 0x20, 0,
0, 0,
revocation_reason_build_cb, reason, cache_nonce);
if (rc)
@@ -520,7 +521,7 @@ create_revocation (const char *filename,
key must be available. CACHE_NONCE is optional but can be used to
help gpg-agent to avoid an extra passphrase prompt. */
int
-gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
+gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce)
{
int rc;
estream_t memfp;
@@ -549,14 +550,14 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
es_fprintf (memfp, "%s\n\n",
_("This is a revocation certificate for the OpenPGP key:"));
- print_key_line (memfp, psk, 0);
+ print_key_line (ctrl, memfp, psk, 0);
if (opt.keyid_format != KF_NONE)
- print_fingerprint (memfp, psk, 3);
+ print_fingerprint (ctrl, memfp, psk, 3);
kl = opt.keyid_format == KF_NONE? 0 : keystrlen ();
- tmpstr = get_user_id (keyid, &len);
+ tmpstr = get_user_id (ctrl, keyid, &len);
es_fprintf (memfp, "uid%*s%.*s\n\n",
kl + 10, "",
(int)len, tmpstr);
@@ -585,7 +586,8 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
reason.code = 0x00; /* No particular reason. */
reason.desc = NULL;
- rc = create_revocation (fname, &reason, psk, NULL, leadin, 3, cache_nonce);
+ rc = create_revocation (ctrl,
+ fname, &reason, psk, NULL, leadin, 3, cache_nonce);
if (!rc && !opt.quiet)
log_info (_("revocation certificate stored as '%s.rev'\n"), fname);
@@ -601,7 +603,7 @@ gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
* Generate a revocation certificate for UNAME
*/
int
-gen_revoke (const char *uname)
+gen_revoke (ctrl_t ctrl, const char *uname)
{
int rc = 0;
PKT_public_key *psk;
@@ -660,7 +662,7 @@ gen_revoke (const char *uname)
lines with secret key infos are printed after this message. */
log_error (_("'%s' matches multiple secret keys:\n"), uname);
- info = format_seckey_info (keyblock->pkt->pkt.public_key);
+ info = format_seckey_info (ctrl, keyblock->pkt->pkt.public_key);
log_error (" %s\n", info);
xfree (info);
release_kbnode (keyblock);
@@ -668,7 +670,7 @@ gen_revoke (const char *uname)
rc = keydb_get_keyblock (kdbhd, &keyblock);
while (! rc)
{
- info = format_seckey_info (keyblock->pkt->pkt.public_key);
+ info = format_seckey_info (ctrl, keyblock->pkt->pkt.public_key);
log_info (" %s\n", info);
xfree (info);
release_kbnode (keyblock);
@@ -704,7 +706,7 @@ gen_revoke (const char *uname)
}
keyid_from_pk (psk, keyid );
- print_seckey_info (psk);
+ print_seckey_info (ctrl, psk);
tty_printf("\n");
if (!cpr_get_answer_is_yes ("gen_revoke.okay",
@@ -726,7 +728,7 @@ gen_revoke (const char *uname)
if (!opt.armor)
tty_printf (_("ASCII armored output forced.\n"));
- rc = create_revocation (NULL, reason, psk, keyblock, NULL, 0, NULL);
+ rc = create_revocation (ctrl, NULL, reason, psk, keyblock, NULL, 0, NULL);
if (rc)
goto leave;
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 4e6ca4309..4622f6b33 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -45,9 +45,9 @@ static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
/* Check a signature. This is shorthand for check_signature2 with
the unnamed arguments passed as NULL. */
int
-check_signature (PKT_signature *sig, gcry_md_hd_t digest)
+check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest)
{
- return check_signature2 (sig, digest, NULL, NULL, NULL, NULL);
+ return check_signature2 (ctrl, sig, digest, NULL, NULL, NULL, NULL);
}
@@ -89,7 +89,8 @@ check_signature (PKT_signature *sig, gcry_md_hd_t digest)
*
* Returns 0 on success. An error code otherwise. */
gpg_error_t
-check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
+check_signature2 (ctrl_t ctrl,
+ PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
int *r_expired, int *r_revoked, PKT_public_key **r_pk)
{
int rc=0;
@@ -122,7 +123,7 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
log_info(_("WARNING: signature digest conflict in message\n"));
rc = gpg_error (GPG_ERR_GENERAL);
}
- else if( get_pubkey( pk, sig->keyid ) )
+ else if( get_pubkey (ctrl, pk, sig->keyid ) )
rc = gpg_error (GPG_ERR_NO_PUBKEY);
else if(!pk->flags.valid)
{
@@ -560,7 +561,7 @@ cache_sig_result ( PKT_signature *sig, int result )
* revoked, B is still revoked. I'm not completely convinced this is
* the proper behavior, but it matches how PGP does it. -dms */
int
-check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
+check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig)
{
static int busy=0;
int i;
@@ -616,7 +617,8 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
/* The revoker's keyid. */
u32 keyid[2];
- keyid_from_fingerprint(pk->revkey[i].fpr,MAX_FINGERPRINT_LEN,keyid);
+ keyid_from_fingerprint (ctrl, pk->revkey[i].fpr,
+ MAX_FINGERPRINT_LEN, keyid);
if(keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1])
/* The signature was generated by a designated revoker.
@@ -629,7 +631,7 @@ check_revocation_keys (PKT_public_key *pk, PKT_signature *sig)
hash_public_key(md,pk);
/* Note: check_signature only checks that the signature
is good. It does not fail if the key is revoked. */
- rc=check_signature(sig,md);
+ rc = check_signature (ctrl, sig, md);
cache_sig_result(sig,rc);
gcry_md_close (md);
break;
@@ -685,9 +687,11 @@ check_backsig (PKT_public_key *main_pk,PKT_public_key *sub_pk,
* passed as NULL. See the documentation for that function for more
* details. */
int
-check_key_signature (KBNODE root, KBNODE node, int *is_selfsig)
+check_key_signature (ctrl_t ctrl, kbnode_t root, kbnode_t node,
+ int *is_selfsig)
{
- return check_key_signature2 (root, node, NULL, NULL, is_selfsig, NULL, NULL);
+ return check_key_signature2 (ctrl, root, node, NULL, NULL,
+ is_selfsig, NULL, NULL);
}
@@ -725,7 +729,7 @@ check_key_signature (KBNODE root, KBNODE node, int *is_selfsig)
generated the signature (i.e., the signer) on success. This must
be released by the caller using release_public_key_parts (). */
gpg_error_t
-check_signature_over_key_or_uid (PKT_public_key *signer,
+check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
PKT_signature *sig, KBNODE kb, PACKET *packet,
int *is_selfsig, PKT_public_key *ret_pk)
{
@@ -841,7 +845,7 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
signer_alloced = 2;
}
- rc = get_pubkey (signer, sig->keyid);
+ rc = get_pubkey (ctrl, signer, sig->keyid);
if (rc)
{
xfree (signer);
@@ -957,7 +961,8 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
* TODO: add r_revoked here as well. It has the same problems as
* r_expiredate and r_expired and the cache. */
int
-check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
+check_key_signature2 (ctrl_t ctrl,
+ kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
PKT_public_key *ret_pk, int *is_selfsig,
u32 *r_expiredate, int *r_expired )
{
@@ -1018,13 +1023,14 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
/* Is it a designated revoker? */
if (keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1])
- rc = check_revocation_keys (pk, sig);
+ rc = check_revocation_keys (ctrl, pk, sig);
else
{
rc = check_signature_metadata_validity (pk, sig,
r_expired, NULL);
if (! rc)
- rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt,
+ rc = check_signature_over_key_or_uid (ctrl, pk, sig,
+ root, root->pkt,
is_selfsig, ret_pk);
}
}
@@ -1039,7 +1045,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
r_expired, NULL);
if (! rc)
/* 0x28 must be a self-sig, but 0x18 needn't be. */
- rc = check_signature_over_key_or_uid (sig->sig_class == 0x18
+ rc = check_signature_over_key_or_uid (ctrl,
+ sig->sig_class == 0x18
? NULL : pk,
sig, root, snode->pkt,
is_selfsig, ret_pk);
@@ -1063,7 +1070,7 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
rc = check_signature_metadata_validity (pk, sig,
r_expired, NULL);
if (! rc)
- rc = check_signature_over_key_or_uid (pk, sig, root, root->pkt,
+ rc = check_signature_over_key_or_uid (ctrl, pk, sig, root, root->pkt,
is_selfsig, ret_pk);
}
else if (/* Certification. */
@@ -1082,7 +1089,8 @@ check_key_signature2 (kbnode_t root, kbnode_t node, PKT_public_key *check_pk,
if (! rc)
/* If this is a self-sig, ignore check_pk. */
rc = check_signature_over_key_or_uid
- (keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk,
+ (ctrl,
+ keyid_cmp (pk_keyid (pk), sig->keyid) == 0 ? pk : check_pk,
sig, root, unode->pkt, NULL, ret_pk);
}
else
diff --git a/g10/sign.c b/g10/sign.c
index 9bb1f4446..aaf284050 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -253,7 +253,7 @@ hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig)
/* Perform the sign operation. If CACHE_NONCE is given the agent is
advised to use that cached passphrase fro the key. */
static int
-do_sign (PKT_public_key *pksk, PKT_signature *sig,
+do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
gcry_md_hd_t md, int mdalgo, const char *cache_nonce)
{
gpg_error_t err;
@@ -294,7 +294,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
char *desc;
gcry_sexp_t s_sigval;
- desc = gpg_format_keydesc (pksk, FORMAT_KEYDESC_NORMAL, 1);
+ desc = gpg_format_keydesc (ctrl, pksk, FORMAT_KEYDESC_NORMAL, 1);
err = agent_pksign (NULL/*ctrl*/, cache_nonce, hexgrip, desc,
pksk->keyid, pksk->main_keyid, pksk->pubkey_algo,
dp, gcry_md_get_algo_dlen (mdalgo), mdalgo,
@@ -327,7 +327,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
{
if (opt.verbose)
{
- char *ustr = get_user_id_string_native (sig->keyid);
+ char *ustr = get_user_id_string_native (ctrl, sig->keyid);
log_info (_("%s/%s signature from: \"%s\"\n"),
openpgp_pk_algo_name (pksk->pubkey_algo),
openpgp_md_algo_name (sig->digest_algo),
@@ -340,13 +340,14 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
int
-complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
+complete_sig (ctrl_t ctrl,
+ PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
const char *cache_nonce)
{
int rc;
/* if (!(rc = check_secret_key (pksk, 0))) */
- rc = do_sign (pksk, sig, md, 0, cache_nonce);
+ rc = do_sign (ctrl, pksk, sig, md, 0, cache_nonce);
return rc;
}
@@ -669,7 +670,8 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
* hash which will not be changes here.
*/
static int
-write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
+write_signature_packets (ctrl_t ctrl,
+ SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
int sigclass, u32 timestamp, u32 duration,
int status_letter, const char *cache_nonce)
{
@@ -719,7 +721,7 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
- rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce);
+ rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce);
gcry_md_close (md);
if (!rc)
{
@@ -785,6 +787,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
memset( &zfx, 0, sizeof zfx);
memset( &mfx, 0, sizeof mfx);
memset( &efx, 0, sizeof efx);
+ efx.ctrl = ctrl;
init_packet( &pkt );
if( filenames ) {
@@ -1066,7 +1069,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
goto leave;
/* write the signatures */
- rc = write_signature_packets (sk_list, out, mfx.md,
+ rc = write_signature_packets (ctrl, sk_list, out, mfx.md,
opt.textmode && !outfile? 0x01 : 0x00,
0, duration, detached ? 'D':'S', NULL);
if( rc )
@@ -1209,8 +1212,8 @@ clearsign_file (ctrl_t ctrl,
push_armor_filter (afx, out);
/* Write the signatures. */
- rc = write_signature_packets (sk_list, out, textmd, 0x01, 0, duration, 'C',
- NULL);
+ rc = write_signature_packets (ctrl, sk_list, out, textmd, 0x01, 0,
+ duration, 'C', NULL);
if( rc )
goto leave;
@@ -1369,7 +1372,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
/* Write the signatures */
/*(current filters: zip - encrypt - armor)*/
- rc = write_signature_packets (sk_list, out, mfx.md,
+ rc = write_signature_packets (ctrl, sk_list, out, mfx.md,
opt.textmode? 0x01 : 0x00,
0, duration, 'S', NULL);
if( rc )
@@ -1420,7 +1423,8 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
* MKSUBPKT.
*/
int
-make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
+make_keysig_packet (ctrl_t ctrl,
+ PKT_signature **ret_sig, PKT_public_key *pk,
PKT_user_id *uid, PKT_public_key *subpk,
PKT_public_key *pksk,
int sigclass, int digest_algo,
@@ -1513,7 +1517,7 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
- rc = complete_sig (sig, pksk, md, cache_nonce);
+ rc = complete_sig (ctrl, sig, pksk, md, cache_nonce);
}
gcry_md_close (md);
@@ -1535,7 +1539,8 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
* TODO: Merge this with make_keysig_packet.
*/
gpg_error_t
-update_keysig_packet( PKT_signature **ret_sig,
+update_keysig_packet (ctrl_t ctrl,
+ PKT_signature **ret_sig,
PKT_signature *orig_sig,
PKT_public_key *pk,
PKT_user_id *uid,
@@ -1612,7 +1617,7 @@ update_keysig_packet( PKT_signature **ret_sig,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
- rc = complete_sig (sig, pksk, md, NULL);
+ rc = complete_sig (ctrl, sig, pksk, md, NULL);
}
leave:
diff --git a/g10/skclist.c b/g10/skclist.c
index 7a791b302..a016b621f 100644
--- a/g10/skclist.c
+++ b/g10/skclist.c
@@ -59,14 +59,14 @@ release_sk_list (SK_LIST sk_list)
* the string "(insecure!)" or "not secure" or "do not use"
* in one of the user ids. */
static int
-is_insecure (PKT_public_key *pk)
+is_insecure (ctrl_t ctrl, PKT_public_key *pk)
{
u32 keyid[2];
KBNODE node = NULL, u;
int insecure = 0;
keyid_from_pk (pk, keyid);
- node = get_pubkeyblock (keyid);
+ node = get_pubkeyblock (ctrl, keyid);
for (u = node; u; u = u->next)
{
if (u->pkt->pkttype == PKT_USER_ID)
@@ -150,7 +150,7 @@ build_sk_list (ctrl_t ctrl,
{
SK_LIST r;
- if (random_is_faked () && !is_insecure (pk))
+ if (random_is_faked () && !is_insecure (ctrl, pk))
{
log_info (_("key is not flagged as insecure - "
"can't use it with the faked RNG!\n"));
@@ -231,7 +231,7 @@ build_sk_list (ctrl_t ctrl,
get_inv_recpsgnr_code (GPG_ERR_WRONG_KEY_USAGE),
locusr->d, strlen (locusr->d), -1);
}
- else if (random_is_faked () && !is_insecure (pk))
+ else if (random_is_faked () && !is_insecure (ctrl, pk))
{
log_info (_("key is not flagged as insecure - "
"can't use it with the faked RNG!\n"));
diff --git a/g10/tdbdump.c b/g10/tdbdump.c
index a5ad32d6c..5ea903f45 100644
--- a/g10/tdbdump.c
+++ b/g10/tdbdump.c
@@ -49,9 +49,9 @@
* Write a record; die on error.
*/
static void
-write_record( TRUSTREC *rec )
+write_record (ctrl_t ctrl, TRUSTREC *rec)
{
- int rc = tdbio_write_record( rec );
+ int rc = tdbio_write_record (ctrl, rec);
if( !rc )
return;
log_error(_("trust record %lu, type %d: write failed: %s\n"),
@@ -64,13 +64,13 @@ write_record( TRUSTREC *rec )
* Dump the entire trustdb to FP or only the entries of one key.
*/
void
-list_trustdb (estream_t fp, const char *username)
+list_trustdb (ctrl_t ctrl, estream_t fp, const char *username)
{
TRUSTREC rec;
(void)username;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
/* For now we ignore the user ID. */
if (1)
{
@@ -94,14 +94,14 @@ list_trustdb (estream_t fp, const char *username)
* Print a list of all defined owner trust value.
*/
void
-export_ownertrust()
+export_ownertrust (ctrl_t ctrl)
{
TRUSTREC rec;
ulong recnum;
int i;
byte *p;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
es_printf (_("# List of assigned trustvalues, created %s\n"
"# (Use \"gpg --import-ownertrust\" to restore them)\n"),
asctimestamp( make_timestamp() ) );
@@ -121,7 +121,7 @@ export_ownertrust()
void
-import_ownertrust( const char *fname )
+import_ownertrust (ctrl_t ctrl, const char *fname )
{
estream_t fp;
int is_stdin=0;
@@ -133,7 +133,7 @@ import_ownertrust( const char *fname )
int any = 0;
int rc;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
if( iobuf_is_pipe_filename (fname) ) {
fp = es_stdin;
fname = "[stdin]";
@@ -202,7 +202,7 @@ import_ownertrust( const char *fname )
log_info("setting ownertrust to %u\n", otrust );
}
rec.r.trust.ownertrust = otrust;
- write_record (&rec );
+ write_record (ctrl, &rec);
any = 1;
}
}
@@ -210,11 +210,11 @@ import_ownertrust( const char *fname )
if (!opt.quiet)
log_info("inserting ownertrust of %u\n", otrust );
memset (&rec, 0, sizeof rec);
- rec.recnum = tdbio_new_recnum ();
+ rec.recnum = tdbio_new_recnum (ctrl);
rec.rectype = RECTYPE_TRUST;
memcpy (rec.r.trust.fingerprint, fpr, 20);
rec.r.trust.ownertrust = otrust;
- write_record (&rec );
+ write_record (ctrl, &rec);
any = 1;
}
else /* error */
@@ -228,7 +228,7 @@ import_ownertrust( const char *fname )
if (any)
{
- revalidation_mark ();
+ revalidation_mark (ctrl);
rc = tdbio_sync ();
if (rc)
log_error (_("trustdb: sync failed: %s\n"), gpg_strerror (rc) );
diff --git a/g10/tdbio.c b/g10/tdbio.c
index a7b7412a3..c780789f7 100644
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@@ -119,7 +119,7 @@ static int in_transaction;
static void open_db (void);
-static void create_hashtable (TRUSTREC *vr, int type);
+static void create_hashtable (ctrl_t ctrl, TRUSTREC *vr, int type);
@@ -535,7 +535,7 @@ cleanup (void)
* Returns: 0 on success or an error code.
*/
int
-tdbio_update_version_record (void)
+tdbio_update_version_record (ctrl_t ctrl)
{
TRUSTREC rec;
int rc;
@@ -551,7 +551,7 @@ tdbio_update_version_record (void)
rec.r.ver.cert_depth = opt.max_cert_depth;
rec.r.ver.trust_model = opt.trust_model;
rec.r.ver.min_cert_level = opt.min_cert_level;
- rc=tdbio_write_record(&rec);
+ rc = tdbio_write_record (ctrl, &rec);
}
return rc;
@@ -564,7 +564,7 @@ tdbio_update_version_record (void)
* Returns: 0 on success or an error code.
*/
static int
-create_version_record (void)
+create_version_record (ctrl_t ctrl)
{
TRUSTREC rec;
int rc;
@@ -582,13 +582,13 @@ create_version_record (void)
rec.r.ver.min_cert_level = opt.min_cert_level;
rec.rectype = RECTYPE_VER;
rec.recnum = 0;
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (!rc)
tdbio_sync ();
if (!rc)
- create_hashtable (&rec, 0);
+ create_hashtable (ctrl, &rec, 0);
return rc;
}
@@ -606,7 +606,8 @@ create_version_record (void)
*
*/
int
-tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile)
+tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname,
+ int create, int *r_nofile)
{
char *fname, *p;
struct stat statbuf;
@@ -719,7 +720,7 @@ tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile)
if (db_fd == -1)
log_fatal (_("can't open '%s': %s\n"), db_name, strerror (errno));
- rc = create_version_record ();
+ rc = create_version_record (ctrl);
if (rc)
log_fatal (_("%s: failed to create version record: %s"),
fname, gpg_strerror (rc));
@@ -806,7 +807,7 @@ open_db ()
* the function terminates the process.
*/
static void
-create_hashtable( TRUSTREC *vr, int type )
+create_hashtable (ctrl_t ctrl, TRUSTREC *vr, int type)
{
TRUSTREC rec;
off_t offset;
@@ -829,13 +830,13 @@ create_hashtable( TRUSTREC *vr, int type )
memset (&rec, 0, sizeof rec);
rec.rectype = RECTYPE_HTBL;
rec.recnum = recnum;
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_fatal (_("%s: failed to create hashtable: %s\n"),
db_name, gpg_strerror (rc));
}
/* Update the version record and flush. */
- rc = tdbio_write_record (vr);
+ rc = tdbio_write_record (ctrl, vr);
if (!rc)
rc = tdbio_sync ();
if (rc)
@@ -919,7 +920,7 @@ tdbio_read_nextcheck ()
* Return: True if the stamp actually changed.
*/
int
-tdbio_write_nextcheck (ulong stamp)
+tdbio_write_nextcheck (ctrl_t ctrl, ulong stamp)
{
TRUSTREC vr;
int rc;
@@ -933,7 +934,7 @@ tdbio_write_nextcheck (ulong stamp)
return 0;
vr.r.ver.nextcheck = stamp;
- rc = tdbio_write_record( &vr );
+ rc = tdbio_write_record (ctrl, &vr);
if (rc)
log_fatal (_("%s: error writing version record: %s\n"),
db_name, gpg_strerror (rc));
@@ -980,7 +981,7 @@ get_trusthashrec(void)
* Return: 0 on success or an error code.
*/
static int
-upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
+upd_hashtable (ctrl_t ctrl, ulong table, byte *key, int keylen, ulong newrecnum)
{
TRUSTREC lastrec, rec;
ulong hashrec, item;
@@ -1003,7 +1004,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
if (!item) /* Insert a new item into the hash table. */
{
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum;
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
{
log_error ("upd_hashtable: write htbl failed: %s\n",
@@ -1068,7 +1069,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
{
/* Empty slot found. */
rec.r.hlst.rnum[i] = newrecnum;
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_error ("upd_hashtable: write hlst failed: %s\n",
gpg_strerror (rc));
@@ -1090,8 +1091,8 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
else
{
/* Append a new record to the list. */
- rec.r.hlst.next = item = tdbio_new_recnum ();
- rc = tdbio_write_record (&rec);
+ rec.r.hlst.next = item = tdbio_new_recnum (ctrl);
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
{
log_error ("upd_hashtable: write hlst failed: %s\n",
@@ -1102,7 +1103,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
rec.rectype = RECTYPE_HLST;
rec.recnum = item;
rec.r.hlst.rnum[0] = newrecnum;
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_error ("upd_hashtable: write ext hlst failed: %s\n",
gpg_strerror (rc));
@@ -1120,10 +1121,10 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
item = rec.recnum; /* Save number of key record. */
memset (&rec, 0, sizeof rec);
rec.rectype = RECTYPE_HLST;
- rec.recnum = tdbio_new_recnum ();
+ rec.recnum = tdbio_new_recnum (ctrl);
rec.r.hlst.rnum[0] = item; /* Old key record */
rec.r.hlst.rnum[1] = newrecnum; /* and new key record */
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
{
log_error( "upd_hashtable: write new hlst failed: %s\n",
@@ -1132,7 +1133,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
}
/* Update the hashtable record. */
lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum;
- rc = tdbio_write_record (&lastrec);
+ rc = tdbio_write_record (ctrl, &lastrec);
if (rc)
log_error ("upd_hashtable: update htbl failed: %s\n",
gpg_strerror (rc));
@@ -1143,7 +1144,7 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
log_error ("hashtbl %lu: %lu/%d points to an invalid record %lu\n",
table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
if (opt.verbose > 1)
- list_trustdb (es_stderr, NULL);
+ list_trustdb (ctrl, es_stderr, NULL);
return GPG_ERR_TRUSTDB;
}
}
@@ -1159,7 +1160,8 @@ upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
* Return: 0 on success or an error code.
*/
static int
-drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
+drop_from_hashtable (ctrl_t ctrl, ulong table,
+ byte *key, int keylen, ulong recnum)
{
TRUSTREC rec;
ulong hashrec, item;
@@ -1185,7 +1187,7 @@ drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
if (item == recnum) /* Table points direct to the record. */
{
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = 0;
- rc = tdbio_write_record( &rec );
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_error ("drop_from_hashtable: write htbl failed: %s\n",
gpg_strerror (rc));
@@ -1221,7 +1223,7 @@ drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
if (rec.r.hlst.rnum[i] == recnum)
{
rec.r.hlst.rnum[i] = 0; /* Mark as free. */
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_error("drop_from_hashtable: write htbl failed: %s\n",
gpg_strerror (rc));
@@ -1354,9 +1356,9 @@ lookup_hashtable (ulong table, const byte *key, size_t keylen,
* Return: 0 on success or an error code.
*/
static int
-update_trusthashtbl( TRUSTREC *tr )
+update_trusthashtbl (ctrl_t ctrl, TRUSTREC *tr)
{
- return upd_hashtable (get_trusthashrec(),
+ return upd_hashtable (ctrl, get_trusthashrec (),
tr->r.trust.fingerprint, 20, tr->recnum);
}
@@ -1591,7 +1593,7 @@ tdbio_read_record (ulong recnum, TRUSTREC *rec, int expected)
* Return: 0 on success or an error code.
*/
int
-tdbio_write_record( TRUSTREC *rec )
+tdbio_write_record (ctrl_t ctrl, TRUSTREC *rec)
{
byte buf[TRUST_RECORD_LEN];
byte *p;
@@ -1675,7 +1677,7 @@ tdbio_write_record( TRUSTREC *rec )
if (rc)
;
else if (rec->rectype == RECTYPE_TRUST)
- rc = update_trusthashtbl (rec);
+ rc = update_trusthashtbl (ctrl, rec);
return rc;
}
@@ -1687,7 +1689,7 @@ tdbio_write_record( TRUSTREC *rec )
* Return: 0 on success or an error code.
*/
int
-tdbio_delete_record (ulong recnum)
+tdbio_delete_record (ctrl_t ctrl, ulong recnum)
{
TRUSTREC vr, rec;
int rc;
@@ -1698,7 +1700,7 @@ tdbio_delete_record (ulong recnum)
;
else if (rec.rectype == RECTYPE_TRUST)
{
- rc = drop_from_hashtable (get_trusthashrec(),
+ rc = drop_from_hashtable (ctrl, get_trusthashrec(),
rec.r.trust.fingerprint, 20, rec.recnum);
}
@@ -1715,9 +1717,9 @@ tdbio_delete_record (ulong recnum)
rec.rectype = RECTYPE_FREE;
rec.r.free.next = vr.r.ver.firstfree;
vr.r.ver.firstfree = recnum;
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (!rc)
- rc = tdbio_write_record (&vr);
+ rc = tdbio_write_record (ctrl, &vr);
return rc;
}
@@ -1727,7 +1729,7 @@ tdbio_delete_record (ulong recnum)
* Create a new record and return its record number.
*/
ulong
-tdbio_new_recnum ()
+tdbio_new_recnum (ctrl_t ctrl)
{
off_t offset;
ulong recnum;
@@ -1751,7 +1753,7 @@ tdbio_new_recnum ()
}
/* Update dir record. */
vr.r.ver.firstfree = rec.r.free.next;
- rc = tdbio_write_record (&vr);
+ rc = tdbio_write_record (ctrl, &vr);
if (rc)
{
log_error (_("%s: error writing dir record: %s\n"),
@@ -1763,7 +1765,7 @@ tdbio_new_recnum ()
rec.rectype = 0; /* Mark as unused record (actually already done
my the memset). */
rec.recnum = recnum;
- rc = tdbio_write_record (&rec);
+ rc = tdbio_write_record (ctrl, &rec);
if (rc)
log_fatal (_("%s: failed to zero a record: %s\n"),
db_name, gpg_strerror (rc));
diff --git a/g10/tdbio.h b/g10/tdbio.h
index e2cbbff2c..beaa30876 100644
--- a/g10/tdbio.h
+++ b/g10/tdbio.h
@@ -92,23 +92,24 @@ struct trust_record {
typedef struct trust_record TRUSTREC;
/*-- tdbio.c --*/
-int tdbio_update_version_record(void);
-int tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile);
+int tdbio_update_version_record (ctrl_t ctrl);
+int tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname,
+ int create, int *r_nofile);
const char *tdbio_get_dbname(void);
void tdbio_dump_record( TRUSTREC *rec, estream_t fp );
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
-int tdbio_write_record( TRUSTREC *rec );
+int tdbio_write_record (ctrl_t ctrl, TRUSTREC *rec);
int tdbio_db_matches_options(void);
byte tdbio_read_model(void);
ulong tdbio_read_nextcheck (void);
-int tdbio_write_nextcheck (ulong stamp);
+int tdbio_write_nextcheck (ctrl_t ctrl, ulong stamp);
int tdbio_is_dirty(void);
int tdbio_sync(void);
int tdbio_begin_transaction(void);
int tdbio_end_transaction(void);
int tdbio_cancel_transaction(void);
-int tdbio_delete_record( ulong recnum );
-ulong tdbio_new_recnum(void);
+int tdbio_delete_record (ctrl_t ctrl, ulong recnum);
+ulong tdbio_new_recnum (ctrl_t ctrl);
gpg_error_t tdbio_search_trust_byfpr (const byte *fingerprint, TRUSTREC *rec);
gpg_error_t tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec);
diff --git a/g10/test-stubs.c b/g10/test-stubs.c
index d541e0d86..e5fd3ae9a 100644
--- a/g10/test-stubs.c
+++ b/g10/test-stubs.c
@@ -66,10 +66,12 @@ check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
}
void
-read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
- byte *marginals, byte *completes, byte *cert_depth,
- byte *min_cert_level)
+read_trust_options (ctrl_t ctrl,
+ byte *trust_model, ulong *created, ulong *nextcheck,
+ byte *marginals, byte *completes, byte *cert_depth,
+ byte *min_cert_level)
{
+ (void)ctrl;
(void)trust_model;
(void)created;
(void)nextcheck;
@@ -85,8 +87,9 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
*/
int
-cache_disabled_value(PKT_public_key *pk)
+cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
{
+ (void)ctrl;
(void)pk;
return 0;
}
@@ -138,16 +141,18 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
}
int
-get_ownertrust_info (PKT_public_key *pk, int no_create)
+get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
+ (void)ctrl;
(void)pk;
(void)no_create;
return '?';
}
unsigned int
-get_ownertrust (PKT_public_key *pk)
+get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
{
+ (void)ctrl;
(void)pk;
return TRUST_UNKNOWN;
}
diff --git a/g10/tofu.c b/g10/tofu.c
index f2bd0c54a..169e29efd 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -2031,7 +2031,7 @@ ask_about_binding (ctrl_t ctrl,
email> (including the binding itself, which will be first in the
list). For each returned key also sets BINDING_NEW, etc. */
static strlist_t
-build_conflict_set (tofu_dbs_t dbs,
+build_conflict_set (ctrl_t ctrl, tofu_dbs_t dbs,
PKT_public_key *pk, const char *fingerprint,
const char *email)
{
@@ -2174,7 +2174,7 @@ build_conflict_set (tofu_dbs_t dbs,
continue;
}
- merge_keys_and_selfsig (kb);
+ merge_keys_and_selfsig (ctrl, kb);
log_assert (kb->pkt->pkttype == PKT_PUBLIC_KEY);
@@ -2317,7 +2317,7 @@ build_conflict_set (tofu_dbs_t dbs,
* not yet been registered.
*/
static enum tofu_policy
-get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
+get_policy (ctrl_t ctrl, tofu_dbs_t dbs, PKT_public_key *pk,
const char *fingerprint, const char *user_id, const char *email,
strlist_t *conflict_setp, time_t now)
{
@@ -2483,7 +2483,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
int lookup_err;
kbnode_t kb;
- lookup_err = get_pubkey_byfprint (NULL, &kb,
+ lookup_err = get_pubkey_byfprint (ctrl, NULL, &kb,
fingerprint_raw,
fingerprint_raw_len);
if (lookup_err)
@@ -2509,7 +2509,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
* disappeared. The latter can happen if the conflicting bindings
* are now cross signed, for instance. */
- conflict_set = build_conflict_set (dbs, pk, fingerprint, email);
+ conflict_set = build_conflict_set (ctrl, dbs, pk, fingerprint, email);
conflict_set_count = strlist_length (conflict_set);
if (conflict_set_count == 0)
{
@@ -2615,7 +2615,7 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
if (effective_policy == TOFU_POLICY_ASK && conflict_setp)
{
if (! conflict_set)
- conflict_set = build_conflict_set (dbs, pk, fingerprint, email);
+ conflict_set = build_conflict_set (ctrl, dbs, pk, fingerprint, email);
*conflict_setp = conflict_set;
}
else
@@ -2691,7 +2691,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
/* We need to call get_policy even if the key is ultimately trusted
* to make sure the binding has been registered. */
- policy = get_policy (dbs, pk, fingerprint, user_id, email,
+ policy = get_policy (ctrl, dbs, pk, fingerprint, user_id, email,
&conflict_set, now);
if (policy == TOFU_POLICY_ASK)
@@ -3493,7 +3493,7 @@ tofu_register_encryption (ctrl_t ctrl,
! pk_is_primary (pk)
/* We need the key block to find all user ids. */
|| ! user_id_list)
- kb = get_pubkeyblock (pk->keyid);
+ kb = get_pubkeyblock (ctrl, pk->keyid);
/* Make sure PK is a primary key. */
if (! pk_is_primary (pk))
@@ -3692,7 +3692,7 @@ tofu_write_tfs_record (ctrl_t ctrl, estream_t fp,
fingerprint = hexfingerprint (pk, NULL, 0);
email = email_from_user_id (user_id);
- policy = get_policy (dbs, pk, fingerprint, user_id, email, NULL, now);
+ policy = get_policy (ctrl, dbs, pk, fingerprint, user_id, email, NULL, now);
show_statistics (dbs, fingerprint, email, policy, fp, 0, now);
@@ -3953,7 +3953,8 @@ tofu_get_policy (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *user_id,
email = email_from_user_id (user_id->name);
- *policy = get_policy (dbs, pk, fingerprint, user_id->name, email, NULL, now);
+ *policy = get_policy (ctrl, dbs, pk, fingerprint,
+ user_id->name, email, NULL, now);
xfree (email);
xfree (fingerprint);
diff --git a/g10/trust.c b/g10/trust.c
index b1f6222a3..ee6078b5a 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -38,13 +38,13 @@
/* Return true if key is disabled. Note that this is usually used via
the pk_is_disabled macro. */
int
-cache_disabled_value (PKT_public_key *pk)
+cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
{
#ifdef NO_TRUST_MODELS
(void)pk;
return 0;
#else
- return tdb_cache_disabled_value (pk);
+ return tdb_cache_disabled_value (ctrl, pk);
#endif
}
@@ -173,13 +173,13 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
* The key should be the primary key.
*/
unsigned int
-get_ownertrust (PKT_public_key *pk)
+get_ownertrust (ctrl_t ctrl, PKT_public_key *pk)
{
#ifdef NO_TRUST_MODELS
(void)pk;
return TRUST_UNKNOWN;
#else
- return tdb_get_ownertrust (pk, 0);
+ return tdb_get_ownertrust (ctrl, pk, 0);
#endif
}
@@ -190,7 +190,7 @@ get_ownertrust (PKT_public_key *pk)
* inhibits creation of a trustdb it that does not yet exists.
*/
static int
-get_ownertrust_with_min (PKT_public_key *pk, int no_create)
+get_ownertrust_with_min (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
#ifdef NO_TRUST_MODELS
(void)pk;
@@ -202,11 +202,11 @@ get_ownertrust_with_min (PKT_public_key *pk, int no_create)
* functions: If the caller asked not to create a trustdb we call
* init_trustdb directly and allow it to fail with an error code for
* a non-existing trustdb. */
- if (no_create && init_trustdb (1))
+ if (no_create && init_trustdb (ctrl, 1))
return TRUST_UNKNOWN;
- otrust = (tdb_get_ownertrust (pk, no_create) & TRUST_MASK);
- otrust_min = tdb_get_min_ownertrust (pk, no_create);
+ otrust = (tdb_get_ownertrust (ctrl, pk, no_create) & TRUST_MASK);
+ otrust_min = tdb_get_min_ownertrust (ctrl, pk, no_create);
if (otrust < otrust_min)
{
/* If the trust that the user has set is less than the trust
@@ -229,9 +229,9 @@ get_ownertrust_with_min (PKT_public_key *pk, int no_create)
* NO_CREATE is set, no efforts for creating a trustdb will be taken.
*/
int
-get_ownertrust_info (PKT_public_key *pk, int no_create)
+get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
- return trust_letter (get_ownertrust_with_min (pk, no_create));
+ return trust_letter (get_ownertrust_with_min (ctrl, pk, no_create));
}
@@ -241,9 +241,9 @@ get_ownertrust_info (PKT_public_key *pk, int no_create)
* NO_CREATE is set, no efforts for creating a trustdb will be taken.
*/
const char *
-get_ownertrust_string (PKT_public_key *pk, int no_create)
+get_ownertrust_string (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
- return trust_value_to_string (get_ownertrust_with_min (pk, no_create));
+ return trust_value_to_string (get_ownertrust_with_min (ctrl, pk, no_create));
}
@@ -252,34 +252,34 @@ get_ownertrust_string (PKT_public_key *pk, int no_create)
* The key should be a primary one.
*/
void
-update_ownertrust (PKT_public_key *pk, unsigned int new_trust)
+update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust)
{
#ifdef NO_TRUST_MODELS
(void)pk;
(void)new_trust;
#else
- tdb_update_ownertrust (pk, new_trust);
+ tdb_update_ownertrust (ctrl, pk, new_trust);
#endif
}
int
-clear_ownertrusts (PKT_public_key *pk)
+clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk)
{
#ifdef NO_TRUST_MODELS
(void)pk;
return 0;
#else
- return tdb_clear_ownertrusts (pk);
+ return tdb_clear_ownertrusts (ctrl, pk);
#endif
}
void
-revalidation_mark (void)
+revalidation_mark (ctrl_t ctrl)
{
#ifndef NO_TRUST_MODELS
- tdb_revalidation_mark ();
+ tdb_revalidation_mark (ctrl);
#endif
}
@@ -343,7 +343,7 @@ get_validity (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, PKT_user_id *uid,
else
{
main_pk = xmalloc_clear (sizeof *main_pk);
- rc = get_pubkey (main_pk, pk->main_keyid);
+ rc = get_pubkey (ctrl, main_pk, pk->main_keyid);
if (rc)
{
char *tempkeystr = xstrdup (keystr (pk->main_keyid));
@@ -430,7 +430,7 @@ get_validity_string (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
* 9 and 10 are used for internal purposes.
*/
void
-mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
+mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
u32 *main_kid, struct key_item *klist,
u32 curtime, u32 *next_expire)
{
@@ -461,7 +461,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
invalid signature */
if (klist && !is_in_klist (klist, sig))
continue; /* no need to check it then */
- if ((rc=check_key_signature (keyblock, node, NULL)))
+ if ((rc=check_key_signature (ctrl, keyblock, node, NULL)))
{
/* we ignore anything that won't verify, but tag the
no_pubkey case */
@@ -594,7 +594,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
static int
-clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
+clean_sigs_from_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
int noisy, int self_only)
{
int deleted = 0;
@@ -609,7 +609,7 @@ clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
/* Passing in a 0 for current time here means that we'll never weed
out an expired sig. This is correct behavior since we want to
keep the most recent expired sig in a series. */
- mark_usable_uid_certs (keyblock, uidnode, NULL, NULL, 0, NULL);
+ mark_usable_uid_certs (ctrl, keyblock, uidnode, NULL, NULL, 0, NULL);
/* What we want to do here is remove signatures that are not
considered as part of the trust calculations. Thus, all invalid
@@ -743,8 +743,8 @@ clean_uid_from_key (kbnode_t keyblock, kbnode_t uidnode, int noisy)
/* Needs to be called after a merge_keys_and_selfsig() */
void
-clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
- int *uids_cleaned, int *sigs_cleaned)
+clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
+ int noisy, int self_only, int *uids_cleaned, int *sigs_cleaned)
{
int dummy = 0;
@@ -762,19 +762,20 @@ clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
to bother with the other. */
*uids_cleaned += clean_uid_from_key (keyblock, uidnode, noisy);
if (!uidnode->pkt->pkt.user_id->flags.compacted)
- *sigs_cleaned += clean_sigs_from_uid (keyblock, uidnode, noisy, self_only);
+ *sigs_cleaned += clean_sigs_from_uid (ctrl, keyblock, uidnode,
+ noisy, self_only);
}
/* NB: This function marks the deleted nodes only and the caller is
* responsible to skip or remove them. */
void
-clean_key (kbnode_t keyblock, int noisy, int self_only,
+clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only,
int *uids_cleaned, int *sigs_cleaned)
{
kbnode_t node;
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
for (node = keyblock->next;
node && !(node->pkt->pkttype == PKT_PUBLIC_SUBKEY
@@ -782,7 +783,7 @@ clean_key (kbnode_t keyblock, int noisy, int self_only,
node = node->next)
{
if (node->pkt->pkttype == PKT_USER_ID)
- clean_one_uid (keyblock, node, noisy, self_only,
+ clean_one_uid (ctrl, keyblock, node, noisy, self_only,
uids_cleaned, sigs_cleaned);
}
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 7b76ac841..f8a0bc9b3 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -248,7 +248,7 @@ add_utk (u32 *kid)
* Verify that all our secret keys are usable and put them into the utk_list.
*/
static void
-verify_own_keys(void)
+verify_own_keys (ctrl_t ctrl)
{
TRUSTREC rec;
ulong recnum;
@@ -275,7 +275,7 @@ verify_own_keys(void)
* the whole validation code to only work with
* fingerprints */
fprlen = (!fpr[16] && !fpr[17] && !fpr[18] && !fpr[19])? 16:20;
- keyid_from_fingerprint (fpr, fprlen, kid);
+ keyid_from_fingerprint (ctrl, fpr, fprlen, kid);
if (!add_utk (kid))
log_info(_("key %s occurs more than once in the trustdb\n"),
keystr(kid));
@@ -290,15 +290,15 @@ verify_own_keys(void)
PKT_public_key pk;
memset (&pk, 0, sizeof pk);
- rc = get_pubkey (&pk, k->kid);
+ rc = get_pubkey (ctrl, &pk, k->kid);
if (rc)
log_info(_("key %s: no public key for trusted key - skipped\n"),
keystr(k->kid));
else
{
tdb_update_ownertrust
- (&pk, ((tdb_get_ownertrust (&pk, 0) & ~TRUST_MASK)
- | TRUST_ULTIMATE ));
+ (ctrl, &pk, ((tdb_get_ownertrust (ctrl, &pk, 0) & ~TRUST_MASK)
+ | TRUST_ULTIMATE ));
release_public_key_parts (&pk);
}
@@ -361,9 +361,9 @@ read_record (ulong recno, TRUSTREC *rec, int rectype )
* Write a record and die on error
*/
static void
-write_record (TRUSTREC *rec)
+write_record (ctrl_t ctrl, TRUSTREC *rec)
{
- int rc = tdbio_write_record (rec);
+ int rc = tdbio_write_record (ctrl, rec);
if (rc)
{
log_error(_("trust record %lu, type %d: write failed: %s\n"),
@@ -444,7 +444,7 @@ how_to_fix_the_trustdb ()
* in that case 0 is returned if there is a trustdb or an error code
* if no trustdb is available. */
gpg_error_t
-init_trustdb (int no_create)
+init_trustdb (ctrl_t ctrl, int no_create)
{
int level = trustdb_args.level;
const char* dbname = trustdb_args.dbname;
@@ -456,7 +456,7 @@ init_trustdb (int no_create)
if(level==0 || level==1)
{
- int rc = tdbio_set_dbname (dbname, (!no_create && level),
+ int rc = tdbio_set_dbname (ctrl, dbname, (!no_create && level),
&trustdb_args.no_trustdb);
if (no_create && trustdb_args.no_trustdb)
{
@@ -501,7 +501,7 @@ init_trustdb (int no_create)
/* Verify the list of ultimately trusted keys and move the
--trusted-keys list there as well. */
if(level==1)
- verify_own_keys();
+ verify_own_keys (ctrl);
if(!tdbio_db_matches_options())
pending_check_trustdb=1;
@@ -515,9 +515,9 @@ init_trustdb (int no_create)
necessary if the trust model is not 'always trust'. Returns true
if we do have a usable trust database. */
int
-have_trustdb (void)
+have_trustdb (ctrl_t ctrl)
{
- return init_trustdb (opt.trust_model == TM_ALWAYS) == 0;
+ return !init_trustdb (ctrl, opt.trust_model == TM_ALWAYS);
}
@@ -529,7 +529,7 @@ have_trustdb (void)
void
check_trustdb (ctrl_t ctrl)
{
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
|| opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
{
@@ -566,7 +566,7 @@ check_trustdb (ctrl_t ctrl)
void
update_trustdb (ctrl_t ctrl)
{
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
|| opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
validate_keys (ctrl, 1);
@@ -576,15 +576,15 @@ update_trustdb (ctrl_t ctrl)
}
void
-tdb_revalidation_mark (void)
+tdb_revalidation_mark (ctrl_t ctrl)
{
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return;
/* We simply set the time for the next check to 1 (far back in 1970)
so that a --update-trustdb will be scheduled. */
- if (tdbio_write_nextcheck (1))
+ if (tdbio_write_nextcheck (ctrl, 1))
do_sync ();
pending_check_trustdb = 1;
}
@@ -610,13 +610,14 @@ tdb_check_or_update (ctrl_t ctrl)
}
void
-read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
- byte *marginals,byte *completes,byte *cert_depth,
- byte *min_cert_level)
+read_trust_options (ctrl_t ctrl,
+ byte *trust_model, ulong *created, ulong *nextcheck,
+ byte *marginals, byte *completes, byte *cert_depth,
+ byte *min_cert_level)
{
TRUSTREC opts;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
memset (&opts, 0, sizeof opts);
else
@@ -643,11 +644,11 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
***********************************************/
static int
-read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
+read_trust_record (ctrl_t ctrl, PKT_public_key *pk, TRUSTREC *rec)
{
int rc;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
rc = tdbio_search_trust_bypk (pk, rec);
if (rc)
{
@@ -676,7 +677,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec)
* values but we usually use --always-trust.
*/
unsigned int
-tdb_get_ownertrust (PKT_public_key *pk, int no_create)
+tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
TRUSTREC rec;
gpg_error_t err;
@@ -687,10 +688,10 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create)
/* If the caller asked not to create a trustdb we call init_trustdb
* directly and allow it to fail with an error code for a
* non-existing trustdb. */
- if (no_create && init_trustdb (1))
+ if (no_create && init_trustdb (ctrl, 1))
return TRUST_UNKNOWN;
- err = read_trust_record (pk, &rec);
+ err = read_trust_record (ctrl, pk, &rec);
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
return TRUST_UNKNOWN; /* no record yet */
if (err)
@@ -704,7 +705,7 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create)
unsigned int
-tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
+tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create)
{
TRUSTREC rec;
gpg_error_t err;
@@ -715,10 +716,10 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
/* If the caller asked not to create a trustdb we call init_trustdb
* directly and allow it to fail with an error code for a
* non-existing trustdb. */
- if (no_create && init_trustdb (1))
+ if (no_create && init_trustdb (ctrl, 1))
return TRUST_UNKNOWN;
- err = read_trust_record (pk, &rec);
+ err = read_trust_record (ctrl, pk, &rec);
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
return TRUST_UNKNOWN; /* no record yet */
if (err)
@@ -736,7 +737,7 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create)
* The key should be a primary one.
*/
void
-tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
+tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust )
{
TRUSTREC rec;
gpg_error_t err;
@@ -744,7 +745,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return;
- err = read_trust_record (pk, &rec);
+ err = read_trust_record (ctrl, pk, &rec);
if (!err)
{
if (DBG_TRUST)
@@ -753,8 +754,8 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
if (rec.r.trust.ownertrust != new_trust)
{
rec.r.trust.ownertrust = new_trust;
- write_record( &rec );
- tdb_revalidation_mark ();
+ write_record (ctrl, &rec);
+ tdb_revalidation_mark (ctrl);
do_sync ();
}
}
@@ -766,12 +767,12 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
log_debug ("insert ownertrust %u\n", new_trust );
memset (&rec, 0, sizeof rec);
- rec.recnum = tdbio_new_recnum ();
+ rec.recnum = tdbio_new_recnum (ctrl);
rec.rectype = RECTYPE_TRUST;
fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
rec.r.trust.ownertrust = new_trust;
- write_record (&rec);
- tdb_revalidation_mark ();
+ write_record (ctrl, &rec);
+ tdb_revalidation_mark (ctrl);
do_sync ();
}
else
@@ -781,7 +782,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust )
}
static void
-update_min_ownertrust (u32 *kid, unsigned int new_trust )
+update_min_ownertrust (ctrl_t ctrl, u32 *kid, unsigned int new_trust)
{
PKT_public_key *pk;
TRUSTREC rec;
@@ -791,7 +792,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
return;
pk = xmalloc_clear (sizeof *pk);
- err = get_pubkey (pk, kid);
+ err = get_pubkey (ctrl, pk, kid);
if (err)
{
log_error (_("public key %s not found: %s\n"),
@@ -799,7 +800,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
return;
}
- err = read_trust_record (pk, &rec);
+ err = read_trust_record (ctrl, pk, &rec);
if (!err)
{
if (DBG_TRUST)
@@ -810,8 +811,8 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
if (rec.r.trust.min_ownertrust != new_trust)
{
rec.r.trust.min_ownertrust = new_trust;
- write_record( &rec );
- tdb_revalidation_mark ();
+ write_record (ctrl, &rec);
+ tdb_revalidation_mark (ctrl);
do_sync ();
}
}
@@ -823,12 +824,12 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
log_debug ("insert min_ownertrust %u\n", new_trust );
memset (&rec, 0, sizeof rec);
- rec.recnum = tdbio_new_recnum ();
+ rec.recnum = tdbio_new_recnum (ctrl);
rec.rectype = RECTYPE_TRUST;
fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy);
rec.r.trust.min_ownertrust = new_trust;
- write_record (&rec);
- tdb_revalidation_mark ();
+ write_record (ctrl, &rec);
+ tdb_revalidation_mark (ctrl);
do_sync ();
}
else
@@ -844,17 +845,17 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust )
* Return: True if a change actually happened.
*/
int
-tdb_clear_ownertrusts (PKT_public_key *pk)
+tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk)
{
TRUSTREC rec;
gpg_error_t err;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
return 0;
- err = read_trust_record (pk, &rec);
+ err = read_trust_record (ctrl, pk, &rec);
if (!err)
{
if (DBG_TRUST)
@@ -868,8 +869,8 @@ tdb_clear_ownertrusts (PKT_public_key *pk)
{
rec.r.trust.ownertrust = 0;
rec.r.trust.min_ownertrust = 0;
- write_record( &rec );
- tdb_revalidation_mark ();
+ write_record (ctrl, &rec);
+ tdb_revalidation_mark (ctrl);
do_sync ();
return 1;
}
@@ -885,7 +886,7 @@ tdb_clear_ownertrusts (PKT_public_key *pk)
* Note: Caller has to do a sync
*/
static void
-update_validity (PKT_public_key *pk, PKT_user_id *uid,
+update_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
int depth, int validity)
{
TRUSTREC trec, vrec;
@@ -894,7 +895,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
namehash_from_uid(uid);
- err = read_trust_record (pk, &trec);
+ err = read_trust_record (ctrl, pk, &trec);
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
{
tdbio_invalid ();
@@ -906,7 +907,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
size_t dummy;
memset (&trec, 0, sizeof trec);
- trec.recnum = tdbio_new_recnum ();
+ trec.recnum = tdbio_new_recnum (ctrl);
trec.rectype = RECTYPE_TRUST;
fingerprint_from_pk (pk, trec.r.trust.fingerprint, &dummy);
trec.r.trust.ownertrust = 0;
@@ -925,7 +926,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
if (!recno) /* insert a new validity record */
{
memset (&vrec, 0, sizeof vrec);
- vrec.recnum = tdbio_new_recnum ();
+ vrec.recnum = tdbio_new_recnum (ctrl);
vrec.rectype = RECTYPE_VALID;
memcpy (vrec.r.valid.namehash, uid->namehash, 20);
vrec.r.valid.next = trec.r.trust.validlist;
@@ -934,9 +935,9 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
vrec.r.valid.validity = validity;
vrec.r.valid.full_count = uid->help_full_count;
vrec.r.valid.marginal_count = uid->help_marginal_count;
- write_record (&vrec);
+ write_record (ctrl, &vrec);
trec.r.trust.depth = depth;
- write_record (&trec);
+ write_record (ctrl, &trec);
}
@@ -947,7 +948,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid,
/* Return true if key is disabled. Note that this is usually used via
the pk_is_disabled macro. */
int
-tdb_cache_disabled_value (PKT_public_key *pk)
+tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk)
{
gpg_error_t err;
TRUSTREC trec;
@@ -956,12 +957,12 @@ tdb_cache_disabled_value (PKT_public_key *pk)
if (pk->flags.disabled_valid)
return pk->flags.disabled;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb)
return 0; /* No trustdb => not disabled. */
- err = read_trust_record (pk, &trec);
+ err = read_trust_record (ctrl, pk, &trec);
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
{
tdbio_invalid ();
@@ -991,7 +992,7 @@ tdb_check_trustdb_stale (ctrl_t ctrl)
{
static int did_nextcheck=0;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
if (trustdb_args.no_trustdb)
return; /* No trustdb => can't be stale. */
@@ -1062,7 +1063,7 @@ tdb_get_validity_core (ctrl_t ctrl,
(void)may_ask;
#endif
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
/* If we have no trustdb (which also means it has not been created)
and the trust-model is always, we don't know the validity -
@@ -1077,7 +1078,7 @@ tdb_get_validity_core (ctrl_t ctrl,
{
/* Note that this happens BEFORE any user ID stuff is checked.
The direct trust model applies to keys as a whole. */
- validity = tdb_get_ownertrust (main_pk, 0);
+ validity = tdb_get_ownertrust (ctrl, main_pk, 0);
goto leave;
}
@@ -1093,7 +1094,7 @@ tdb_get_validity_core (ctrl_t ctrl,
{
if (! kb)
{
- kb = get_pubkeyblock (main_pk->keyid);
+ kb = get_pubkeyblock (ctrl, main_pk->keyid);
free_kb = 1;
}
n = kb;
@@ -1201,7 +1202,7 @@ tdb_get_validity_core (ctrl_t ctrl,
|| opt.trust_model == TM_CLASSIC
|| opt.trust_model == TM_PGP)
{
- err = read_trust_record (main_pk, &trec);
+ err = read_trust_record (ctrl, main_pk, &trec);
if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
{
tdbio_invalid ();
@@ -1277,7 +1278,7 @@ tdb_get_validity_core (ctrl_t ctrl,
static void
-get_validity_counts (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_counts (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
{
TRUSTREC trec, vrec;
ulong recno;
@@ -1289,9 +1290,9 @@ get_validity_counts (PKT_public_key *pk, PKT_user_id *uid)
uid->help_marginal_count=uid->help_full_count=0;
- init_trustdb (0);
+ init_trustdb (ctrl, 0);
- if(read_trust_record (pk, &trec))
+ if(read_trust_record (ctrl, pk, &trec))
return;
/* loop over all user IDs */
@@ -1375,7 +1376,7 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
int ot;
pk = xmalloc_clear (sizeof *pk);
- rc = get_pubkey (pk, kid);
+ rc = get_pubkey (ctrl, pk, kid);
if (rc)
{
log_error (_("public key %s not found: %s\n"),
@@ -1387,14 +1388,14 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
{
log_info("force trust for key %s to %s\n",
keystr(kid),trust_value_to_string(opt.force_ownertrust));
- tdb_update_ownertrust (pk, opt.force_ownertrust);
+ tdb_update_ownertrust (ctrl, pk, opt.force_ownertrust);
ot=opt.force_ownertrust;
}
else
{
ot=edit_ownertrust (ctrl, pk, 0);
if(ot>0)
- ot = tdb_get_ownertrust (pk, 0);
+ ot = tdb_get_ownertrust (ctrl, pk, 0);
else if(ot==0)
ot = minimum?minimum:TRUST_UNDEFINED;
else
@@ -1460,7 +1461,8 @@ dump_key_array (int depth, struct key_array *keys)
static void
-store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
+store_validation_status (ctrl_t ctrl, int depth,
+ kbnode_t keyblock, KeyHashTable stored)
{
KBNODE node;
int status;
@@ -1482,7 +1484,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored)
if (status)
{
- update_validity (keyblock->pkt->pkt.public_key,
+ update_validity (ctrl, keyblock->pkt->pkt.public_key,
uid, depth, status);
mark_keyblock_seen(stored,keyblock);
@@ -1619,7 +1621,7 @@ check_regexp(const char *expr,const char *string)
* This function assumes that all kbnode flags are cleared on entry.
*/
static int
-validate_one_keyblock (KBNODE kb, struct key_item *klist,
+validate_one_keyblock (ctrl_t ctrl, kbnode_t kb, struct key_item *klist,
u32 curtime, u32 *next_expire)
{
struct key_item *kr;
@@ -1666,8 +1668,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
*next_expire = uid->expiredate;
issigned = 0;
- get_validity_counts(pk,uid);
- mark_usable_uid_certs (kb, uidnode, main_kid, klist,
+ get_validity_counts (ctrl, pk, uid);
+ mark_usable_uid_certs (ctrl, kb, uidnode, main_kid, klist,
curtime, next_expire);
}
else if (node->pkt->pkttype == PKT_SIGNATURE
@@ -1799,7 +1801,7 @@ search_skipfnc (void *opaque, u32 *kid, int dummy_uid_no)
* Caller hast to release the returned array.
*/
static struct key_array *
-validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
+validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust,
struct key_item *klist, u32 curtime, u32 *next_expire)
{
KBNODE keyblock = NULL;
@@ -1858,7 +1860,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
}
/* prepare the keyblock for further processing */
- merge_keys_and_selfsig (keyblock);
+ merge_keys_and_selfsig (ctrl, keyblock);
clear_kbnode_flags (keyblock);
pk = keyblock->pkt->pkt.public_key;
if (pk->has_expired || pk->flags.revoked)
@@ -1866,7 +1868,8 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
/* it does not make sense to look further at those keys */
mark_keyblock_seen (full_trust, keyblock);
}
- else if (validate_one_keyblock (keyblock, klist, curtime, next_expire))
+ else if (validate_one_keyblock (ctrl, keyblock, klist,
+ curtime, next_expire))
{
KBNODE node;
@@ -1915,7 +1918,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
/* Caller must sync */
static void
-reset_trust_records(void)
+reset_trust_records (ctrl_t ctrl)
{
TRUSTREC rec;
ulong recnum;
@@ -1929,7 +1932,7 @@ reset_trust_records(void)
if(rec.r.trust.min_ownertrust)
{
rec.r.trust.min_ownertrust=0;
- write_record(&rec);
+ write_record (ctrl, &rec);
}
}
@@ -1941,7 +1944,7 @@ reset_trust_records(void)
rec.r.valid.validity &= ~TRUST_MASK;
rec.r.valid.marginal_count=rec.r.valid.full_count=0;
nreset++;
- write_record(&rec);
+ write_record (ctrl, &rec);
}
}
@@ -2002,7 +2005,7 @@ validate_keys (ctrl_t ctrl, int interactive)
Perhaps combine this with reset_trust_records(), or only check
the caches on keys that are actually involved in the web of
trust. */
- keydb_rebuild_caches(0);
+ keydb_rebuild_caches (ctrl, 0);
kdb = keydb_new ();
if (!kdb)
@@ -2014,7 +2017,7 @@ validate_keys (ctrl_t ctrl, int interactive)
used = new_key_hash_table ();
full_trust = new_key_hash_table ();
- reset_trust_records();
+ reset_trust_records (ctrl);
/* Fixme: Instead of always building a UTK list, we could just build it
* here when needed */
@@ -2032,7 +2035,7 @@ validate_keys (ctrl_t ctrl, int interactive)
KBNODE keyblock;
PKT_public_key *pk;
- keyblock = get_pubkeyblock (k->kid);
+ keyblock = get_pubkeyblock (ctrl, k->kid);
if (!keyblock)
{
log_error (_("public key of ultimately"
@@ -2046,7 +2049,8 @@ validate_keys (ctrl_t ctrl, int interactive)
for (node=keyblock; node; node = node->next)
{
if (node->pkt->pkttype == PKT_USER_ID)
- update_validity (pk, node->pkt->pkt.user_id, 0, TRUST_ULTIMATE);
+ update_validity (ctrl, pk, node->pkt->pkt.user_id,
+ 0, TRUST_ULTIMATE);
}
if ( pk->expiredate && pk->expiredate >= start_time
&& pk->expiredate < next_expire)
@@ -2086,7 +2090,7 @@ validate_keys (ctrl_t ctrl, int interactive)
min=TRUST_MARGINAL;
if(min!=k->min_ownertrust)
- update_min_ownertrust(k->kid,min);
+ update_min_ownertrust (ctrl, k->kid,min);
if (interactive && k->ownertrust == TRUST_UNKNOWN)
{
@@ -2132,7 +2136,7 @@ validate_keys (ctrl_t ctrl, int interactive)
}
/* Find all keys which are signed by a key in kdlist */
- keys = validate_key_list (kdb, full_trust, klist,
+ keys = validate_key_list (ctrl, kdb, full_trust, klist,
start_time, &next_expire);
if (!keys)
{
@@ -2149,7 +2153,7 @@ validate_keys (ctrl_t ctrl, int interactive)
dump_key_array (depth, keys);
for (kar=keys; kar->keyblock; kar++)
- store_validation_status (depth, kar->keyblock, stored);
+ store_validation_status (ctrl, depth, kar->keyblock, stored);
if (!opt.quiet)
log_info (_("depth: %d valid: %3d signed: %3d"
@@ -2183,9 +2187,10 @@ validate_keys (ctrl_t ctrl, int interactive)
k->kid[1]=kid[1];
k->ownertrust =
(tdb_get_ownertrust
- (kar->keyblock->pkt->pkt.public_key, 0) & TRUST_MASK);
+ (ctrl, kar->keyblock->pkt->pkt.public_key, 0)
+ & TRUST_MASK);
k->min_ownertrust = tdb_get_min_ownertrust
- (kar->keyblock->pkt->pkt.public_key, 0);
+ (ctrl, kar->keyblock->pkt->pkt.public_key, 0);
k->trust_depth=
kar->keyblock->pkt->pkt.public_key->trust_depth;
k->trust_value=
@@ -2220,16 +2225,16 @@ validate_keys (ctrl_t ctrl, int interactive)
int rc2;
if (next_expire == 0xffffffff || next_expire < start_time )
- tdbio_write_nextcheck (0);
+ tdbio_write_nextcheck (ctrl, 0);
else
{
- tdbio_write_nextcheck (next_expire);
+ tdbio_write_nextcheck (ctrl, next_expire);
if (!opt.quiet)
log_info (_("next trustdb check due at %s\n"),
strtimestamp (next_expire));
}
- rc2 = tdbio_update_version_record ();
+ rc2 = tdbio_update_version_record (ctrl);
if (rc2)
{
log_error (_("unable to update trustdb version record: "
diff --git a/g10/trustdb.h b/g10/trustdb.h
index 00be4df74..4bc4ca971 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -77,7 +77,7 @@ is_in_klist (struct key_item *k, PKT_signature *sig)
/*-- trust.c --*/
-int cache_disabled_value (PKT_public_key *pk);
+int cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk);
void register_trusted_keyid (u32 *keyid);
void register_trusted_key (const char *string);
@@ -86,11 +86,12 @@ int string_to_trust_value (const char *str);
const char *uid_trust_string_fixed (ctrl_t ctrl,
PKT_public_key *key, PKT_user_id *uid);
-unsigned int get_ownertrust (PKT_public_key *pk);
-void update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
-int clear_ownertrusts (PKT_public_key *pk);
+unsigned int get_ownertrust (ctrl_t ctrl, PKT_public_key *pk);
+void update_ownertrust (ctrl_t ctrl,
+ PKT_public_key *pk, unsigned int new_trust);
+int clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk);
-void revalidation_mark (void);
+void revalidation_mark (ctrl_t ctrl);
void check_trustdb_stale (ctrl_t ctrl);
void check_or_update_trustdb (ctrl_t ctrl);
@@ -102,14 +103,14 @@ int get_validity_info (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk,
const char *get_validity_string (ctrl_t ctrl,
PKT_public_key *pk, PKT_user_id *uid);
-void mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
+void mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
u32 *main_kid, struct key_item *klist,
u32 curtime, u32 *next_expire);
-void clean_one_uid (kbnode_t keyblock, kbnode_t uidnode,
+void clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
int noisy, int self_only,
int *uids_cleaned, int *sigs_cleaned);
-void clean_key (kbnode_t keyblock, int noisy, int self_only,
+void clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only,
int *uids_cleaned,int *sigs_cleaned);
@@ -127,16 +128,14 @@ void update_trustdb (ctrl_t ctrl);
int setup_trustdb( int level, const char *dbname );
void how_to_fix_the_trustdb (void);
const char *trust_model_string (int model);
-gpg_error_t init_trustdb (int no_create);
-int have_trustdb (void);
+gpg_error_t init_trustdb (ctrl_t ctrl, int no_create);
+int have_trustdb (ctrl_t ctrl);
void tdb_check_trustdb_stale (ctrl_t ctrl);
-void sync_trustdb( void );
-
-void tdb_revalidation_mark (void);
+void tdb_revalidation_mark (ctrl_t ctrl);
int trustdb_pending_check(void);
void tdb_check_or_update (ctrl_t ctrl);
-int tdb_cache_disabled_value (PKT_public_key *pk);
+int tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk);
unsigned int tdb_get_validity_core (ctrl_t ctrl, kbnode_t kb,
PKT_public_key *pk, PKT_user_id *uid,
@@ -149,22 +148,27 @@ int enum_cert_paths( void **context, ulong *lid,
void enum_cert_paths_print( void **context, FILE *fp,
int refresh, ulong selected_lid );
-void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
- byte *marginals,byte *completes,byte *cert_depth,
- byte *min_cert_level);
+void read_trust_options (ctrl_t ctrl, byte *trust_model,
+ ulong *created, ulong *nextcheck,
+ byte *marginals, byte *completes, byte *cert_depth,
+ byte *min_cert_level);
-unsigned int tdb_get_ownertrust (PKT_public_key *pk, int no_create);
-unsigned int tdb_get_min_ownertrust (PKT_public_key *pk, int no_create);
-int get_ownertrust_info (PKT_public_key *pk, int no_create);
-const char *get_ownertrust_string (PKT_public_key *pk, int no_create);
+unsigned int tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
+ int no_create);
+unsigned int tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
+ int no_create);
+int get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create);
+const char *get_ownertrust_string (ctrl_t ctrl,
+ PKT_public_key *pk, int no_create);
-void tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
-int tdb_clear_ownertrusts (PKT_public_key *pk);
+void tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
+ unsigned int new_trust);
+int tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk);
/*-- tdbdump.c --*/
-void list_trustdb (estream_t fp, const char *username);
-void export_ownertrust(void);
-void import_ownertrust(const char *fname);
+void list_trustdb (ctrl_t ctrl, estream_t fp, const char *username);
+void export_ownertrust (ctrl_t ctrl);
+void import_ownertrust (ctrl_t ctrl, const char *fname);
/*-- pkclist.c --*/
int edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode);