diff options
| author | DongHun Kwak <dh0128.kwak@samsung.com> | 2021-02-09 16:00:19 +0900 |
|---|---|---|
| committer | DongHun Kwak <dh0128.kwak@samsung.com> | 2021-02-09 16:00:19 +0900 |
| commit | d9787447fe6a57e39113b60305b4ab672b9ba897 (patch) | |
| tree | 6c925adf6340a1a5ab43d9048ca4b27eae819cd6 /g10 | |
| parent | f77eedfaad1525168ca8593a3eb43ef157cd2891 (diff) | |
| download | gpg2-d9787447fe6a57e39113b60305b4ab672b9ba897.tar.gz gpg2-d9787447fe6a57e39113b60305b4ab672b9ba897.tar.bz2 gpg2-d9787447fe6a57e39113b60305b4ab672b9ba897.zip | |
Imported Upstream version 2.1.19upstream/2.1.19
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/armor.c | 2 | ||||
| -rw-r--r-- | g10/build-packet.c | 2 | ||||
| -rw-r--r-- | g10/call-agent.c | 2 | ||||
| -rw-r--r-- | g10/call-dirmngr.c | 26 | ||||
| -rw-r--r-- | g10/card-util.c | 2 | ||||
| -rw-r--r-- | g10/compress.c | 2 | ||||
| -rw-r--r-- | g10/cpr.c | 3 | ||||
| -rw-r--r-- | g10/encrypt.c | 6 | ||||
| -rw-r--r-- | g10/export.c | 75 | ||||
| -rw-r--r-- | g10/getkey.c | 2 | ||||
| -rw-r--r-- | g10/gpg.c | 23 | ||||
| -rw-r--r-- | g10/gpgv.c | 44 | ||||
| -rw-r--r-- | g10/import.c | 2 | ||||
| -rw-r--r-- | g10/keydb.c | 2 | ||||
| -rw-r--r-- | g10/keyedit.c | 8 | ||||
| -rw-r--r-- | g10/keygen.c | 284 | ||||
| -rw-r--r-- | g10/keyid.c | 2 | ||||
| -rw-r--r-- | g10/keylist.c | 5 | ||||
| -rw-r--r-- | g10/keyring.c | 24 | ||||
| -rw-r--r-- | g10/main.h | 6 | ||||
| -rw-r--r-- | g10/mainproc.c | 6 | ||||
| -rw-r--r-- | g10/misc.c | 2 | ||||
| -rw-r--r-- | g10/passphrase.c | 3 | ||||
| -rw-r--r-- | g10/pkclist.c | 4 | ||||
| -rw-r--r-- | g10/pubkey-enc.c | 36 | ||||
| -rw-r--r-- | g10/revoke.c | 2 | ||||
| -rw-r--r-- | g10/rmd160.c | 2 | ||||
| -rw-r--r-- | g10/server.c | 19 | ||||
| -rw-r--r-- | g10/sign.c | 11 | ||||
| -rw-r--r-- | g10/tdbdump.c | 22 | ||||
| -rw-r--r-- | g10/test-stubs.c | 3 | ||||
| -rw-r--r-- | g10/tofu.c | 114 | ||||
| -rw-r--r-- | g10/trust.c | 32 | ||||
| -rw-r--r-- | g10/trustdb.c | 87 | ||||
| -rw-r--r-- | g10/trustdb.h | 10 |
35 files changed, 593 insertions, 282 deletions
diff --git a/g10/armor.c b/g10/armor.c index 58d8e01..6b7c3f7 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -1294,7 +1294,7 @@ armor_filter( void *opaque, int control, c = bintoasc[radbuf[2]&077]; iobuf_put(a, c); iobuf_writestr(a,afx->eol); - /* and the the trailer */ + /* and the trailer */ if( afx->what >= DIM(tail_strings) ) log_bug("afx->what=%d", afx->what); iobuf_writestr(a, "-----"); diff --git a/g10/build-packet.c b/g10/build-packet.c index ad46a02..489fadd 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -621,7 +621,7 @@ calc_plaintext( PKT_plaintext *pt ) is assumed to have been enabled on OUT. On success, partial block mode is disabled. - If PT->BUF is NULL, the the caller must write out the data. In + If PT->BUF is NULL, the caller must write out the data. In this case, if PT->LEN was 0, then partial body length mode was enabled and the caller must disable it by calling iobuf_set_partial_body_length_mode (out, 0). */ diff --git a/g10/call-agent.c b/g10/call-agent.c index 335e12a..7c30bdb 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -340,7 +340,7 @@ unescape_status_string (const unsigned char *s) } -/* Take a 20 byte hexencoded string and put it into the the provided +/* Take a 20 byte hexencoded string and put it into the provided 20 byte buffer FPR in binary format. */ static int unhexify_fpr (const char *hexstr, unsigned char *fpr) diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c index 4be9da1..2f2ba98 100644 --- a/g10/call-dirmngr.c +++ b/g10/call-dirmngr.c @@ -374,7 +374,8 @@ ks_status_cb (void *opaque, const char *line) { struct ks_status_parm_s *parm = opaque; gpg_error_t err = 0; - const char *s; + const char *s, *s2; + const char *warn; if ((s = has_leading_keyword (line, parm->keyword? parm->keyword : "SOURCE"))) { @@ -385,6 +386,29 @@ ks_status_cb (void *opaque, const char *line) err = gpg_error_from_syserror (); } } + else if ((s = has_leading_keyword (line, "WARNING"))) + { + if ((s2 = has_leading_keyword (s, "tor_not_running"))) + warn = _("Tor is not running"); + else if ((s2 = has_leading_keyword (s, "tor_config_problem"))) + warn = _("Tor is not properly configured"); + else + warn = NULL; + + if (warn) + { + log_info (_("WARNING: %s\n"), warn); + if (s2) + { + while (*s2 && !spacep (s2)) + s2++; + while (*s2 && spacep (s2)) + s2++; + if (*s2) + print_further_info ("%s", s2); + } + } + } return err; } diff --git a/g10/card-util.c b/g10/card-util.c index e358572..969f6c9 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -72,7 +72,7 @@ write_sc_op_status (gpg_error_t err) } -/* Change the PIN of a an OpenPGP card. This is an interactive +/* Change the PIN of an OpenPGP card. This is an interactive function. */ void change_pin (int unblock_v2, int allow_admin) diff --git a/g10/compress.c b/g10/compress.c index fbc8097..a14d107 100644 --- a/g10/compress.c +++ b/g10/compress.c @@ -182,7 +182,7 @@ do_uncompress( compress_filter_context_t *zfx, z_stream *zs, nread = iobuf_read( a, zfx->inbuf + n, count ); if( nread == -1 ) nread = 0; n += nread; - /* Algo 1 has no zlib header which requires us to to give + /* Algo 1 has no zlib header which requires us to give * inflate an extra dummy byte to read. To be on the safe * side we allow for up to 4 ff bytes. */ if( nread < count && zfx->algo == 1 && zfx->algo1hack < 4) { @@ -107,6 +107,9 @@ set_status_fd (int fd) if (fd == -1) return; + if (! gnupg_fd_valid (fd)) + log_fatal ("status-fd is invalid: %s\n", strerror (errno)); + if (fd == 1) statusfp = es_stdout; else if (fd == 2) diff --git a/g10/encrypt.c b/g10/encrypt.c index 5268946..6130ba0 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -319,7 +319,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey) && !overflow && opt.verbose) log_info(_("WARNING: '%s' is an empty file\n"), filename ); /* We can't encode the length of very large files because - OpenPGP uses only 32 bit for file sizes. So if the the + OpenPGP uses only 32 bit for file sizes. So if the size of a file is larger than 2^32 minus some bytes for packet headers, we switch to partial length encoding. */ if ( tmpsize < (IOBUF_FILELENGTH_LIMIT - 65536) ) @@ -461,7 +461,7 @@ write_symkey_enc (STRING2KEY *symkey_s2k, DEK *symkey_dek, DEK *dek, * The caller may provide a checked list of public keys in * PROVIDED_PKS; if not the function builds a list of keys on its own. * - * Note that FILEFD is currently only used by cmd_encrypt in the the + * Note that FILEFD is currently only used by cmd_encrypt in the * not yet finished server.c. */ int @@ -659,7 +659,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, && !overflow && opt.verbose) log_info(_("WARNING: '%s' is an empty file\n"), filename ); /* We can't encode the length of very large files because - OpenPGP uses only 32 bit for file sizes. So if the the size + OpenPGP uses only 32 bit for file sizes. So if the size of a file is larger than 2^32 minus some bytes for packet headers, we switch to partial length encoding. */ if (tmpsize < (IOBUF_FILELENGTH_LIMIT - 65536) ) diff --git a/g10/export.c b/g10/export.c index f354ca0..4138261 100644 --- a/g10/export.c +++ b/g10/export.c @@ -247,16 +247,17 @@ export_pubkeys (ctrl_t ctrl, strlist_t users, unsigned int options, /* * Export secret keys (to stdout or to --output FILE). * - * Depending on opt.armor the output is armored. If USERS is NULL, - * all secret keys will be exported. STATS is either an export stats - * object for update or NULL. + * Depending on opt.armor the output is armored. OPTIONS are defined + * in main.h. If USERS is NULL, all secret keys will be exported. + * STATS is either an export stats object for update or NULL. * * This function is the core of "gpg --export-secret-keys". */ int -export_seckeys (ctrl_t ctrl, strlist_t users, export_stats_t stats) +export_seckeys (ctrl_t ctrl, strlist_t users, unsigned int options, + export_stats_t stats) { - return do_export (ctrl, users, 1, 0, stats); + return do_export (ctrl, users, 1, options, stats); } @@ -264,16 +265,18 @@ export_seckeys (ctrl_t ctrl, strlist_t users, export_stats_t stats) * Export secret sub keys (to stdout or to --output FILE). * * This is the same as export_seckeys but replaces the primary key by - * a stub key. Depending on opt.armor the output is armored. If - * USERS is NULL, all secret subkeys will be exported. STATS is - * either an export stats object for update or NULL. + * a stub key. Depending on opt.armor the output is armored. OPTIONS + * are defined in main.h. If USERS is NULL, all secret subkeys will + * be exported. STATS is either an export stats object for update or + * NULL. * * This function is the core of "gpg --export-secret-subkeys". */ int -export_secsubkeys (ctrl_t ctrl, strlist_t users, export_stats_t stats) +export_secsubkeys (ctrl_t ctrl, strlist_t users, unsigned int options, + export_stats_t stats) { - return do_export (ctrl, users, 2, 0, stats); + return do_export (ctrl, users, 2, options, stats); } @@ -1022,7 +1025,7 @@ transfer_format_to_openpgp (gcry_sexp_t s_pgp, PKT_public_key *pk) err = gpg_error (GPG_ERR_UNKNOWN_CURVE); goto leave; } - /* Put the curve's OID into into the MPI array. This requires + /* Put the curve's OID into the MPI array. This requires that we shift Q and D. For ECDH also insert the KDF parms. */ if (is_ecdh) { @@ -1969,11 +1972,9 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, } /* Always do the cleaning on the public key part if requested. - Note that we don't yet set this option if we are exporting - secret keys. Note that both export-clean and export-minimal - only apply to UID sigs (0x10, 0x11, 0x12, and 0x13). A - designated revocation is never stripped, even with - export-minimal set. */ + * Note that both export-clean and export-minimal only apply to + * UID sigs (0x10, 0x11, 0x12, and 0x13). A designated + * revocation is never stripped, even with export-minimal set. */ if ((options & EXPORT_CLEAN)) clean_key (keyblock, opt.verbose, (options&EXPORT_MINIMAL), NULL, NULL); @@ -2208,6 +2209,48 @@ export_ssh_key (ctrl_t ctrl, const char *userid) latest_key = node; } } + + /* If no subkey was suitable check the primary key. */ + if (!latest_key + && (node = keyblock) && node->pkt->pkttype == PKT_PUBLIC_KEY) + { + pk = node->pkt->pkt.public_key; + if (DBG_LOOKUP) + log_debug ("\tchecking primary key %08lX\n", + (ulong) keyid_from_pk (pk, NULL)); + if (!(pk->pubkey_usage & PUBKEY_USAGE_AUTH)) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not usable for authentication\n"); + } + else if (!pk->flags.valid) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not valid\n"); + } + else if (pk->flags.revoked) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key has been revoked\n"); + } + else if (pk->has_expired) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key has expired\n"); + } + else if (pk->timestamp > curtime && !opt.ignore_valid_from) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not yet valid\n"); + } + else + { + if (DBG_LOOKUP) + log_debug ("\tprimary key is fine\n"); + latest_date = pk->timestamp; + latest_key = node; + } + } } if (!latest_key) diff --git a/g10/getkey.c b/g10/getkey.c index e39de28..163ab80 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1143,7 +1143,7 @@ key_byname (GETKEY_CTX *retctx, strlist_t namelist, /* Find a public key identified by NAME. * - * If name appears to be a valid valid RFC822 mailbox (i.e., email + * If name appears to be a valid RFC822 mailbox (i.e., email * address) and auto key lookup is enabled (no_akl == 0), then the * specified auto key lookup methods (--auto-key-lookup) are used to * import the key into the local keyring. Otherwise, just the local @@ -728,9 +728,9 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oWithKeyData,"with-key-data", "@"), ARGPARSE_s_n (oWithSigList,"with-sig-list", "@"), ARGPARSE_s_n (oWithSigCheck,"with-sig-check", "@"), - ARGPARSE_s_n (aListKeys, "list-key", "@"), /* alias */ - ARGPARSE_s_n (aListSigs, "list-sig", "@"), /* alias */ - ARGPARSE_s_n (aCheckKeys, "check-sig", "@"), /* alias */ + ARGPARSE_c (aListKeys, "list-key", "@"), /* alias */ + ARGPARSE_c (aListSigs, "list-sig", "@"), /* alias */ + ARGPARSE_c (aCheckKeys, "check-sig", "@"), /* alias */ ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"), ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"), ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"), @@ -1840,11 +1840,13 @@ gpgconf_list (const char *configfile) es_printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("try-secret-key:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("auto-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT); es_printf ("group:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("compliance:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, "gnupg"); es_printf ("default-new-key-algo:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("trust-model:%lu:\n", GC_OPT_FLAG_NONE); /* The next one is an info only item and should match the macros at the top of keygen.c */ @@ -3079,6 +3081,8 @@ main (int argc, char **argv) case oCommandFD: opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0); + if (! gnupg_fd_valid (opt.command_fd)) + log_fatal ("command-fd is invalid: %s\n", strerror (errno)); break; case oCommandFile: opt.command_fd = open_info_file (pargs.r.ret_str, 0, 1); @@ -4542,7 +4546,7 @@ main (int argc, char **argv) add_to_strlist2( &sl, *argv, utf8_strings ); { export_stats_t stats = export_new_stats (); - export_seckeys (ctrl, sl, stats); + export_seckeys (ctrl, sl, opt.export_options, stats); export_print_stats (stats); export_release_stats (stats); } @@ -4555,7 +4559,7 @@ main (int argc, char **argv) add_to_strlist2( &sl, *argv, utf8_strings ); { export_stats_t stats = export_new_stats (); - export_secsubkeys (ctrl, sl, stats); + export_secsubkeys (ctrl, sl, opt.export_options, stats); export_print_stats (stats); export_release_stats (stats); } @@ -4892,8 +4896,12 @@ main (int argc, char **argv) #endif /*USE_TOFU*/ break; - case aListPackets: default: + if (!opt.quiet) + log_info (_("WARNING: no command supplied." + " Trying to guess what you mean ...\n")); + /*FALLTHU*/ + case aListPackets: if( argc > 1 ) wrong_args("[filename]"); /* Issue some output for the unix newbie */ @@ -5293,6 +5301,9 @@ read_sessionkey_from_fd (int fd) int i, len; char *line; + if (! gnupg_fd_valid (fd)) + log_fatal ("override-session-key-fd is invalid: %s\n", strerror (errno)); + for (line = NULL, i = len = 100; ; i++ ) { if (i >= len-1 ) @@ -61,9 +61,11 @@ enum cmd_and_opt_values { oIgnoreTimeConflict, oStatusFD, oLoggerFD, + oLoggerFile, oHomedir, oWeakDigest, oEnableSpecialFilenames, + oDebug, aTest }; @@ -81,15 +83,37 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_i (oStatusFD, "status-fd", N_("|FD|write status info to this FD")), ARGPARSE_s_i (oLoggerFD, "logger-fd", "@"), + ARGPARSE_s_s (oLoggerFile, "log-file", "@"), ARGPARSE_s_s (oHomedir, "homedir", "@"), ARGPARSE_s_s (oWeakDigest, "weak-digest", N_("|ALGO|reject signatures made with ALGO")), ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"), + ARGPARSE_s_s (oDebug, "debug", "@"), ARGPARSE_end () }; +/* The list of supported debug flags. */ +static struct debug_flags_s debug_flags [] = + { + { DBG_PACKET_VALUE , "packet" }, + { DBG_MPI_VALUE , "mpi" }, + { DBG_CRYPTO_VALUE , "crypto" }, + { DBG_FILTER_VALUE , "filter" }, + { DBG_IOBUF_VALUE , "iobuf" }, + { DBG_MEMORY_VALUE , "memory" }, + { DBG_CACHE_VALUE , "cache" }, + { DBG_MEMSTAT_VALUE, "memstat" }, + { DBG_TRUST_VALUE , "trust" }, + { DBG_HASHING_VALUE, "hashing" }, + { DBG_IPC_VALUE , "ipc" }, + { DBG_CLOCK_VALUE , "clock" }, + { DBG_LOOKUP_VALUE , "lookup" }, + { DBG_EXTPROG_VALUE, "extprog" }, + { 0, NULL } + }; + int g10_errors_seen = 0; @@ -192,12 +216,27 @@ main( int argc, char **argv ) opt.list_sigs=1; gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose); break; + case oDebug: + if (parse_debug_flag (pargs.r.ret_str, &opt.debug, debug_flags)) + { + pargs.r_opt = ARGPARSE_INVALID_ARG; + pargs.err = ARGPARSE_PRINT_ERROR; + } + break; case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break; case oOutput: opt.outfile = pargs.r.ret_str; break; - case oStatusFD: set_status_fd( pargs.r.ret_int ); break; + case oStatusFD: + set_status_fd (translate_sys2libc_fd_int (pargs.r.ret_int, 1)); + break; case oLoggerFD: log_set_fd (translate_sys2libc_fd_int (pargs.r.ret_int, 1)); break; + case oLoggerFile: + log_set_file (pargs.r.ret_str); + log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX + | GPGRT_LOG_WITH_TIME + | GPGRT_LOG_WITH_PID) ); + break; case oHomedir: gnupg_set_homedir (pargs.r.ret_str); break; case oWeakDigest: additional_weak_digest(pargs.r.ret_str); @@ -332,9 +371,10 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid) } int -get_ownertrust_info (PKT_public_key *pk) +get_ownertrust_info (PKT_public_key *pk, int no_create) { (void)pk; + (void)no_create; return '?'; } diff --git a/g10/import.c b/g10/import.c index b6c04dc..45ec07a 100644 --- a/g10/import.c +++ b/g10/import.c @@ -76,7 +76,7 @@ struct import_stats_s #define NODE_FLAG_A 8 -/* A an object and a global instance to store selectors created from +/* An object and a global instance to store selectors created from * --import-filter keep-uid=EXPR. * --import-filter drop-sig=EXPR. * diff --git a/g10/keydb.c b/g10/keydb.c index aab90e3..4c5149d 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -1092,7 +1092,7 @@ unlock_all (KEYDB_HANDLE hd) * keydb_get_keyblock (hd, ...); // -> Result 1. * * Note: it is only possible to save a single save state at a time. - * In other words, the the save stack only has room for a single + * In other words, the save stack only has room for a single * instance of the state. */ void keydb_push_found_state (KEYDB_HANDLE hd) diff --git a/g10/keyedit.c b/g10/keyedit.c index 1456d28..892da1a 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -1080,7 +1080,7 @@ trustsig_prompt (byte * trust_value, byte * trust_depth, char **regexp) /* - * Loop over all LOCUSR and and sign the uids after asking. If no + * Loop over all LOCUSR and sign the uids after asking. If no * user id is marked, all user ids will be signed; if some user_ids * are marked only those will be signed. If QUICK is true the * function won't ask the user and use sensible defaults. @@ -3679,7 +3679,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock) (ulong) pk->timestamp, (ulong) pk->expiredate); if (node->pkt->pkttype == PKT_PUBLIC_KEY && !(opt.fast_list_mode || opt.no_expensive_trust_checks)) - es_putc (get_ownertrust_info (pk), fp); + es_putc (get_ownertrust_info (pk, 0), fp); es_putc (':', fp); es_putc (':', fp); es_putc (':', fp); @@ -3896,7 +3896,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp, static int did_warn = 0; trust = get_validity_string (ctrl, pk, NULL); - otrust = get_ownertrust_string (pk); + otrust = get_ownertrust_string (pk, 0); /* Show a warning once */ if (!did_warn @@ -5186,7 +5186,7 @@ change_primary_uid_cb (PKT_signature * sig, void *opaque) * Set the primary uid flag for the selected UID. We will also reset * all other primary uid flags. For this to work with have to update * all the signature timestamps. If we would do this with the current - * time, we lose quite a lot of information, so we use a a kludge to + * time, we lose quite a lot of information, so we use a kludge to * do this: Just increment the timestamp by one second which is * sufficient to updated a signature during import. */ diff --git a/g10/keygen.c b/g10/keygen.c index 98ef29e..24cf93c 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -89,7 +89,8 @@ enum para_name { pSERIALNO, pCARDBACKUPKEY, pHANDLE, - pKEYSERVER + pKEYSERVER, + pKEYGRIP }; struct para_data_s { @@ -1785,7 +1786,7 @@ ask_key_flags (int algo, int subkey, unsigned int current) else if (!subkey && *s == 'c') { /* Accept 'c' for the primary key because USAGE_CERT - will will be set anyway. This is for folks who + will be set anyway. This is for folks who want to experiment with a cert-only primary key. */ current |= PUBKEY_USAGE_CERT; } @@ -1838,7 +1839,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip) gpg_error_t err; unsigned char *public; size_t publiclen; - const char *algostr; + int algo; if (hexgrip[0] == '&') hexgrip++; @@ -1848,26 +1849,10 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip) return 0; publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL); - get_pk_algo_from_canon_sexp (public, publiclen, &algostr); + algo = get_pk_algo_from_canon_sexp (public, publiclen); xfree (public); - /* FIXME: Mapping of ECC algorithms is probably not correct. */ - if (!algostr) - return 0; - else if (!strcmp (algostr, "rsa")) - return PUBKEY_ALGO_RSA; - else if (!strcmp (algostr, "dsa")) - return PUBKEY_ALGO_DSA; - else if (!strcmp (algostr, "elg")) - return PUBKEY_ALGO_ELGAMAL_E; - else if (!strcmp (algostr, "ecc")) - return PUBKEY_ALGO_ECDH; - else if (!strcmp (algostr, "ecdsa")) - return PUBKEY_ALGO_ECDSA; - else if (!strcmp (algostr, "eddsa")) - return PUBKEY_ALGO_EDDSA; - else - return 0; + return map_pk_gcry_to_openpgp (algo); } @@ -3653,8 +3638,9 @@ read_parameter_file (ctrl_t ctrl, const char *fname ) { "Preferences", pPREFERENCES }, { "Revoker", pREVOKER }, { "Handle", pHANDLE }, - { "Keyserver", pKEYSERVER }, - { NULL, 0 } + { "Keyserver", pKEYSERVER }, + { "Keygrip", pKEYGRIP }, + { NULL, 0 } }; IOBUF fp; byte *line; @@ -4175,137 +4161,166 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname, else if (full) /* Full featured key generation. */ { int subkey_algo; - char *curve = NULL; - - /* Fixme: To support creating a primary key by keygrip we better - also define the keyword for the parameter file. Note that - the subkey case will never be asserted if a keygrip has been - given. */ - algo = ask_algo (ctrl, 0, &subkey_algo, &use, NULL); - if (subkey_algo) + char *key_from_hexgrip = NULL; + + algo = ask_algo (ctrl, 0, &subkey_algo, &use, &key_from_hexgrip); + if (key_from_hexgrip) { - /* Create primary and subkey at once. */ - both = 1; - if (algo == PUBKEY_ALGO_ECDSA - || algo == PUBKEY_ALGO_EDDSA - || algo == PUBKEY_ALGO_ECDH) + r = xmalloc_clear( sizeof *r + 20 ); + r->key = pKEYTYPE; + sprintf( r->u.value, "%d", algo); + r->next = para; + para = r; + + if (use) { - curve = ask_curve (&algo, &subkey_algo); - r = xmalloc_clear( sizeof *r + 20 ); - r->key = pKEYTYPE; - sprintf( r->u.value, "%d", algo); - r->next = para; - para = r; - nbits = 0; - r = xmalloc_clear (sizeof *r + strlen (curve)); - r->key = pKEYCURVE; - strcpy (r->u.value, curve); + r = xmalloc_clear( sizeof *r + 25 ); + r->key = pKEYUSAGE; + sprintf( r->u.value, "%s%s%s", + (use & PUBKEY_USAGE_SIG)? "sign ":"", + (use & PUBKEY_USAGE_ENC)? "encrypt ":"", + (use & PUBKEY_USAGE_AUTH)? "auth":"" ); r->next = para; para = r; } - else + + r = xmalloc_clear( sizeof *r + 40 ); + r->key = pKEYGRIP; + strcpy (r->u.value, key_from_hexgrip); + r->next = para; + para = r; + + xfree (key_from_hexgrip); + } + else + { + char *curve = NULL; + + if (subkey_algo) { + /* Create primary and subkey at once. */ + both = 1; + if (algo == PUBKEY_ALGO_ECDSA + || algo == PUBKEY_ALGO_EDDSA + || algo == PUBKEY_ALGO_ECDH) + { + curve = ask_curve (&algo, &subkey_algo); + r = xmalloc_clear( sizeof *r + 20 ); + r->key = pKEYTYPE; + sprintf( r->u.value, "%d", algo); + r->next = para; + para = r; + nbits = 0; + r = xmalloc_clear (sizeof *r + strlen (curve)); + r->key = pKEYCURVE; + strcpy (r->u.value, curve); + r->next = para; + para = r; + } + else + { + r = xmalloc_clear( sizeof *r + 20 ); + r->key = pKEYTYPE; + sprintf( r->u.value, "%d", algo); + r->next = para; + para = r; + nbits = ask_keysize (algo, 0); + r = xmalloc_clear( sizeof *r + 20 ); + r->key = pKEYLENGTH; + sprintf( r->u.value, "%u", nbits); + r->next = para; + para = r; + } r = xmalloc_clear( sizeof *r + 20 ); - r->key = pKEYTYPE; - sprintf( r->u.value, "%d", algo); + r->key = pKEYUSAGE; + strcpy( r->u.value, "sign" ); r->next = para; para = r; - nbits = ask_keysize (algo, 0); + r = xmalloc_clear( sizeof *r + 20 ); - r->key = pKEYLENGTH; - sprintf( r->u.value, "%u", nbits); + r->key = pSUBKEYTYPE; + sprintf( r->u.value, "%d", subkey_algo); + r->next = para; + para = r; + r = xmalloc_clear( sizeof *r + 20 ); + r->key = pSUBKEYUSAGE; + strcpy( r->u.value, "encrypt" ); r->next = para; para = r; - } - r = xmalloc_clear( sizeof *r + 20 ); - r->key = pKEYUSAGE; - strcpy( r->u.value, "sign" ); - r->next = para; - para = r; - - r = xmalloc_clear( sizeof *r + 20 ); - r->key = pSUBKEYTYPE; - sprintf( r->u.value, "%d", subkey_algo); - r->next = para; - para = r; - r = xmalloc_clear( sizeof *r + 20 ); - r->key = pSUBKEYUSAGE; - strcpy( r->u.value, "encrypt" ); - r->next = para; - para = r; - if (algo == PUBKEY_ALGO_ECDSA - || algo == PUBKEY_ALGO_EDDSA - || algo == PUBKEY_ALGO_ECDH) + if (algo == PUBKEY_ALGO_ECDSA + || algo == PUBKEY_ALGO_EDDSA + || algo == PUBKEY_ALGO_ECDH) + { + if (algo == PUBKEY_ALGO_EDDSA + && subkey_algo == PUBKEY_ALGO_ECDH) + { + /* Need to switch to a different curve for the + encryption key. */ + xfree (curve); + curve = xstrdup ("Curve25519"); + } + r = xmalloc_clear (sizeof *r + strlen (curve)); + r->key = pSUBKEYCURVE; + strcpy (r->u.value, curve); + r->next = para; + para = r; + } + } + else /* Create only a single key. */ { - if (algo == PUBKEY_ALGO_EDDSA - && subkey_algo == PUBKEY_ALGO_ECDH) + /* For ECC we need to ask for the curve before storing the + algo because ask_curve may change the algo. */ + if (algo == PUBKEY_ALGO_ECDSA + || algo == PUBKEY_ALGO_EDDSA + || algo == PUBKEY_ALGO_ECDH) { - /* Need to switch to a different curve for the - encryption key. */ - xfree (curve); - curve = xstrdup ("Curve25519"); + curve = ask_curve (&algo, NULL); + r = xmalloc_clear (sizeof *r + strlen (curve)); + r->key = pKEYCURVE; + strcpy (r->u.value, curve); + r->next = para; + para = r; } - r = xmalloc_clear (sizeof *r + strlen (curve)); - r->key = pSUBKEYCURVE; - strcpy (r->u.value, curve); + + r = xmalloc_clear( sizeof *r + 20 ); + r->key = pKEYTYPE; + sprintf( r->u.value, "%d", algo ); r->next = para; para = r; + + if (use) + { + r = xmalloc_clear( sizeof *r + 25 ); + r->key = pKEYUSAGE; + sprintf( r->u.value, "%s%s%s", + (use & PUBKEY_USAGE_SIG)? "sign ":"", + (use & PUBKEY_USAGE_ENC)? "encrypt ":"", + (use & PUBKEY_USAGE_AUTH)? "auth":"" ); + r->next = para; + para = r; + } + nbits = 0; } - } - else /* Create only a single key. */ - { - /* For ECC we need to ask for the curve before storing the - algo because ask_curve may change the algo. */ + if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_EDDSA || algo == PUBKEY_ALGO_ECDH) { - curve = ask_curve (&algo, NULL); - r = xmalloc_clear (sizeof *r + strlen (curve)); - r->key = pKEYCURVE; - strcpy (r->u.value, curve); - r->next = para; - para = r; + /* The curve has already been set. */ } - - r = xmalloc_clear( sizeof *r + 20 ); - r->key = pKEYTYPE; - sprintf( r->u.value, "%d", algo ); - r->next = para; - para = r; - - if (use) + else { - r = xmalloc_clear( sizeof *r + 25 ); - r->key = pKEYUSAGE; - sprintf( r->u.value, "%s%s%s", - (use & PUBKEY_USAGE_SIG)? "sign ":"", - (use & PUBKEY_USAGE_ENC)? "encrypt ":"", - (use & PUBKEY_USAGE_AUTH)? "auth":"" ); + nbits = ask_keysize (both? subkey_algo : algo, nbits); + r = xmalloc_clear( sizeof *r + 20 ); + r->key = both? pSUBKEYLENGTH : pKEYLENGTH; + sprintf( r->u.value, "%u", nbits); r->next = para; para = r; } - nbits = 0; - } - if (algo == PUBKEY_ALGO_ECDSA - || algo == PUBKEY_ALGO_EDDSA - || algo == PUBKEY_ALGO_ECDH) - { - /* The curve has already been set. */ + xfree (curve); } - else - { - nbits = ask_keysize (both? subkey_algo : algo, nbits); - r = xmalloc_clear( sizeof *r + 20 ); - r->key = both? pSUBKEYLENGTH : pKEYLENGTH; - sprintf( r->u.value, "%u", nbits); - r->next = para; - para = r; - } - - xfree (curve); } else /* Default key generation. */ { @@ -4547,6 +4562,9 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, int did_sub = 0; u32 timestamp; char *cache_nonce = NULL; + int algo; + u32 expire; + const char *key_from_hexgrip = NULL; if (outctrl->dryrun) { @@ -4612,20 +4630,26 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, node of the subkey but that is more work than just to pass the current timestamp. */ - if (!card) - err = do_create (get_parameter_algo( para, pKEYTYPE, NULL ), + algo = get_parameter_algo( para, pKEYTYPE, NULL ); + expire = get_parameter_u32( para, pKEYEXPIRE ); + key_from_hexgrip = get_parameter_value (para, pKEYGRIP); + if (key_from_hexgrip) + err = do_create_from_keygrip (ctrl, algo, key_from_hexgrip, + pub_root, timestamp, expire, 0); + else if (!card) + err = do_create (algo, get_parameter_uint( para, pKEYLENGTH ), get_parameter_value (para, pKEYCURVE), pub_root, timestamp, - get_parameter_u32( para, pKEYEXPIRE ), 0, + expire, 0, outctrl->keygen_flags, get_parameter_passphrase (para), &cache_nonce, NULL); else - err = gen_card_key (1, get_parameter_algo( para, pKEYTYPE, NULL ), + err = gen_card_key (1, algo, 1, pub_root, ×tamp, - get_parameter_u32 (para, pKEYEXPIRE)); + expire); /* Get the pointer to the generated public key packet. */ if (!err) @@ -5109,7 +5133,7 @@ generate_card_subkeypair (kbnode_t pub_keyblock, node = find_kbnode (pub_keyblock, PKT_PUBLIC_KEY); if (!node) { - log_error ("Oops; publkic key lost!\n"); + log_error ("Oops; public key lost!\n"); err = gpg_error (GPG_ERR_INTERNAL); goto leave; } diff --git a/g10/keyid.c b/g10/keyid.c index dd098fd..6e8d97f 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -202,7 +202,7 @@ hash_public_key (gcry_md_hd_t md, PKT_public_key *pk) } gcry_md_putc ( md, 0x99 ); /* ctb */ - /* What does it mean if n is greater than than 0xFFFF ? */ + /* What does it mean if n is greater than 0xFFFF ? */ gcry_md_putc ( md, n >> 8 ); /* 2 byte length header */ gcry_md_putc ( md, n ); gcry_md_putc ( md, pk->version ); diff --git a/g10/keylist.c b/g10/keylist.c index 4fe1e40..2684f59 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -1232,7 +1232,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, } if (!opt.fast_list_mode && !opt.no_expensive_trust_checks) - ownertrust_print = get_ownertrust_info (pk); + ownertrust_print = get_ownertrust_info (pk, 0); else ownertrust_print = 0; @@ -1900,6 +1900,9 @@ set_attrib_fd (int fd) if (fd == -1) return; + if (! gnupg_fd_valid (fd)) + log_fatal ("attribute-fd is invalid: %s\n", strerror (errno)); + #ifdef HAVE_DOSISH_SYSTEM setmode (fd, O_BINARY); #endif diff --git a/g10/keyring.c b/g10/keyring.c index f1281e9..9b7b5fd 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -777,7 +777,7 @@ prepare_search (KEYRING_HANDLE hd) /* A map of the all characters valid used for word_match() - * Valid characters are in in this table converted to uppercase. + * Valid characters are in this table converted to uppercase. * because the upper 128 bytes have special meaning, we assume * that they are all valid. * Note: We must use numerical values here in case that this program @@ -928,13 +928,27 @@ compare_name (int mode, const char *name, const char *uid, size_t uidlen) else if ( mode == KEYDB_SEARCH_MODE_MAIL || mode == KEYDB_SEARCH_MODE_MAILSUB || mode == KEYDB_SEARCH_MODE_MAILEND) { + int have_angles = 1; for (i=0, s= uid; i < uidlen && *s != '<'; s++, i++) ; + if (i == uidlen) + { + /* The UID is a plain addr-spec (cf. RFC2822 section 4.3). */ + have_angles = 0; + s = uid; + i = 0; + } if (i < uidlen) { - /* skip opening delim and one char and look for the closing one*/ - s++; i++; - for (se=s+1, i++; i < uidlen && *se != '>'; se++, i++) - ; + if (have_angles) + { + /* skip opening delim and one char and look for the closing one*/ + s++; i++; + for (se=s+1, i++; i < uidlen && *se != '>'; se++, i++) + ; + } + else + se = s + uidlen; + if (i < uidlen) { i = se - s; if (mode == KEYDB_SEARCH_MODE_MAIL) { @@ -397,8 +397,10 @@ gpg_error_t parse_and_set_export_filter (const char *string); int export_pubkeys (ctrl_t ctrl, strlist_t users, unsigned int options, export_stats_t stats); -int export_seckeys (ctrl_t ctrl, strlist_t users, export_stats_t stats); -int export_secsubkeys (ctrl_t ctrl, strlist_t users, export_stats_t stats); +int export_seckeys (ctrl_t ctrl, strlist_t users, unsigned int options, + export_stats_t stats); +int export_secsubkeys (ctrl_t ctrl, strlist_t users, unsigned int options, + export_stats_t stats); gpg_error_t export_pubkey_buffer (ctrl_t ctrl, const char *keyspec, unsigned int options, diff --git a/g10/mainproc.c b/g10/mainproc.c index ac2ab03..4f8d0be 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -78,7 +78,7 @@ struct mainproc_context signature. */ struct { - /* A file descriptor of the the signed data. Only used if not -1. */ + /* A file descriptor of the signed data. Only used if not -1. */ int data_fd; /* A list of filenames with the data files or NULL. This is only used if DATA_FD is -1. */ @@ -1032,7 +1032,7 @@ list_node (CTX c, kbnode_t node) colon_datestr_from_pk( pk ), colon_strtime (pk->expiredate) ); if (pk->flags.primary && !opt.fast_list_mode) - es_putc (get_ownertrust_info (pk), es_stdout); + es_putc (get_ownertrust_info (pk, 1), es_stdout); es_putc (':', es_stdout); es_putc ('\n', es_stdout); } @@ -1997,7 +1997,7 @@ check_sig_and_print (CTX c, kbnode_t node) log_assert (mainpk); - /* In case we did not found a valid valid textual userid above + /* In case we did not found a valid textual userid above we print the first user id packet or a "[?]" instead along with the "Good|Expired|Bad signature" line. */ if (!count) @@ -522,7 +522,7 @@ openpgp_cipher_blocklen (cipher_algo_t algo) block length. This is so that the packet parsing code works even for unknown algorithms (for which we assume 8 due to tradition). - NOTE: If you change the the returned blocklen above 16, check + NOTE: If you change the returned blocklen above 16, check the callers because they may use a fixed size buffer of that size. */ switch (algo) diff --git a/g10/passphrase.c b/g10/passphrase.c index fb4ec4c..37abc0f 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -166,6 +166,9 @@ read_passphrase_from_fd( int fd ) int i, len; char *pw; + if (! gnupg_fd_valid (fd)) + log_fatal ("passphrase-fd is invalid: %s\n", strerror (errno)); + if ( !opt.batch && opt.pinentry_mode != PINENTRY_MODE_LOOPBACK) { /* Not used but we have to do a dummy read, so that it won't end up at the begin of the message if the quite usual trick to diff --git a/g10/pkclist.c b/g10/pkclist.c index 288affc..012f751 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -188,7 +188,7 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode, int show=0; int min_num; int did_help=defer_help; - unsigned int minimum = tdb_get_min_ownertrust (pk); + unsigned int minimum = tdb_get_min_ownertrust (pk, 0); switch(minimum) { @@ -818,7 +818,7 @@ expand_group (strlist_t input) * success the new key is added to PK_LIST_ADDR. NAME is the user id * of the key. USE the requested usage and a set MARK_HIDDEN will * mark the key in the updated list as a hidden recipient. If - * FROM_FILE is true, NAME is is not a user ID but the name of a file + * FROM_FILE is true, NAME is not a user ID but the name of a file * holding a key. */ gpg_error_t find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use, diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index 117744f..e037c12 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -211,7 +211,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) /* Now get the DEK (data encryption key) from the frame * - * Old versions encode the DEK in in this format (msb is left): + * Old versions encode the DEK in this format (msb is left): * * 0 1 DEK(16 bytes) CSUM(2 bytes) 0 RND(n bytes) 2 * @@ -335,9 +335,11 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) if (DBG_CRYPTO) log_printhex ("DEK is:", dek->key, dek->keylen); - /* Check that the algo is in the preferences and whether it has expired. */ + /* Check that the algo is in the preferences and whether it has + * expired. Also print a status line with the key's fingerprint. */ { PKT_public_key *pk = NULL; + PKT_public_key *mainpk = NULL; KBNODE pkb = get_pubkeyblock (keyid); if (!pkb) @@ -351,9 +353,11 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) && !is_algo_in_prefs (pkb, PREFTYPE_SYM, dek->algo)) log_info (_("WARNING: cipher algorithm %s not found in recipient" " preferences\n"), openpgp_cipher_algo_name (dek->algo)); + if (!err) { - KBNODE k; + kbnode_t k; + int first = 1; for (k = pkb; k; k = k->next) { @@ -361,8 +365,14 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) || k->pkt->pkttype == PKT_PUBLIC_SUBKEY) { u32 aki[2]; - keyid_from_pk (k->pkt->pkt.public_key, aki); + if (first) + { + first = 0; + mainpk = k->pkt->pkt.public_key; + } + + keyid_from_pk (k->pkt->pkt.public_key, aki); if (aki[0] == keyid[0] && aki[1] == keyid[1]) { pk = k->pkt->pkt.public_key; @@ -386,6 +396,24 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) show_revocation_reason (pk, 1); } + if (is_status_enabled () && pk && mainpk) + { + char pkhex[MAX_FINGERPRINT_LEN*2+1]; + char mainpkhex[MAX_FINGERPRINT_LEN*2+1]; + + hexfingerprint (pk, pkhex, sizeof pkhex); + hexfingerprint (mainpk, mainpkhex, sizeof mainpkhex); + + /* Note that we do not want to create a trustdb just for + * getting the ownertrust: If there is no trustdb there can't + * be ulitmately trusted key anyway and thus the ownertrust + * value is irrelevant. */ + write_status_printf (STATUS_DECRYPTION_KEY, "%s %s %c", + pkhex, mainpkhex, + get_ownertrust_info (mainpk, 1)); + + } + release_kbnode (pkb); err = 0; } diff --git a/g10/revoke.c b/g10/revoke.c index 591b641..3a2b068 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -442,7 +442,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr) to stdout or the filename given by --output. REASON describes the revocation reason. PSK is the public primary key - we expect that a corresponding secret key is available. KEYBLOCK is the entire - KEYBLOCK which is used in PGP mode to write a a minimal key and not + KEYBLOCK which is used in PGP mode to write a minimal key and not just the naked revocation signature; it may be NULL. If LEADINTEXT is not NULL, it is written right before the (armored) output.*/ static int diff --git a/g10/rmd160.c b/g10/rmd160.c index 7c77ca5..cf27796 100644 --- a/g10/rmd160.c +++ b/g10/rmd160.c @@ -17,7 +17,7 @@ * along with this program; if not, see <https://www.gnu.org/licenses/>. */ -/* For historic reasons gpg uses RIPE-MD160 to to identify names in +/* For historic reasons gpg uses RIPE-MD160 to identify names in the trustdb. It would be better to change that to SHA-1, to take advantage of a SHA-1 hardware operation provided by some CPUs. This would break trustdb compatibility and thus we don't want to do diff --git a/g10/server.c b/g10/server.c index b89f0be..e3a3bad 100644 --- a/g10/server.c +++ b/g10/server.c @@ -770,18 +770,15 @@ gpg_server (ctrl_t ctrl) gpg_error_t gpg_proxy_pinentry_notify (ctrl_t ctrl, const unsigned char *line) { - if (opt.verbose) - { - char *linecopy = xtrystrdup (line); - char *fields[4]; - - if (linecopy - && split_fields (linecopy, fields, DIM (fields)) >= 4 - && !strcmp (fields[0], "PINENTRY_LAUNCHED")) - log_info (_("pinentry launched (pid %s, flavor %s, version %s)\n"), - fields[1], fields[2], fields[3]); + const char *s; - xfree (linecopy); + if (opt.verbose + && !strncmp (line, "PINENTRY_LAUNCHED", 17) + && (line[17]==' '||!line[17])) + { + for (s = line + 17; *s && spacep (s); s++) + ; + log_info (_("pinentry launched (%s)\n"), s); } if (!ctrl || !ctrl->server_local @@ -686,7 +686,10 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, pk = sk_rover->pk; /* Build the signature packet. */ - sig = xmalloc_clear (sizeof *sig); + sig = xtrycalloc (1, sizeof *sig); + if (!sig) + return gpg_error_from_syserror (); + if (duration || opt.sig_policy_url || opt.sig_notations || opt.sig_keyserver_url) sig->version = 4; @@ -731,8 +734,12 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, print_status_sig_created (pk, sig, status_letter); free_packet (&pkt); if (rc) - log_error ("build signature packet failed: %s\n", gpg_strerror (rc)); + log_error ("build signature packet failed: %s\n", + gpg_strerror (rc)); } + else + xfree (sig); + if (rc) return rc; } diff --git a/g10/tdbdump.c b/g10/tdbdump.c index 41a0258..ab2f072 100644 --- a/g10/tdbdump.c +++ b/g10/tdbdump.c @@ -70,7 +70,7 @@ list_trustdb (estream_t fp, const char *username) (void)username; - init_trustdb(); + init_trustdb (0); /* For now we ignore the user ID. */ if (1) { @@ -101,7 +101,7 @@ export_ownertrust() int i; byte *p; - init_trustdb(); + init_trustdb (0); es_printf (_("# List of assigned trustvalues, created %s\n" "# (Use \"gpg --import-ownertrust\" to restore them)\n"), asctimestamp( make_timestamp() ) ); @@ -133,7 +133,7 @@ import_ownertrust( const char *fname ) int any = 0; int rc; - init_trustdb(); + init_trustdb (0); if( iobuf_is_pipe_filename (fname) ) { fp = es_stdin; fname = "[stdin]"; @@ -193,18 +193,22 @@ import_ownertrust( const char *fname ) if( !rc ) { /* found: update */ if (rec.r.trust.ownertrust != otrust) { - if( rec.r.trust.ownertrust ) - log_info("changing ownertrust from %u to %u\n", - rec.r.trust.ownertrust, otrust ); - else - log_info("setting ownertrust to %u\n", otrust ); + if (!opt.quiet) + { + if( rec.r.trust.ownertrust ) + log_info("changing ownertrust from %u to %u\n", + rec.r.trust.ownertrust, otrust ); + else + log_info("setting ownertrust to %u\n", otrust ); + } rec.r.trust.ownertrust = otrust; write_record (&rec ); any = 1; } } else if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) { /* insert */ - log_info("inserting ownertrust of %u\n", otrust ); + if (!opt.quiet) + log_info("inserting ownertrust of %u\n", otrust ); memset (&rec, 0, sizeof rec); rec.recnum = tdbio_new_recnum (); rec.rectype = RECTYPE_TRUST; diff --git a/g10/test-stubs.c b/g10/test-stubs.c index 8752f88..a74df20 100644 --- a/g10/test-stubs.c +++ b/g10/test-stubs.c @@ -138,9 +138,10 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid) } int -get_ownertrust_info (PKT_public_key *pk) +get_ownertrust_info (PKT_public_key *pk, int no_create) { (void)pk; + (void)no_create; return '?'; } @@ -1969,7 +1969,7 @@ ask_about_binding (ctrl_t ctrl, else if (!response[0]) /* Default to unknown. Don't save it. */ { - tty_printf (_("Defaulting to unknown.")); + tty_printf (_("Defaulting to unknown.\n")); *policy = TOFU_POLICY_UNKNOWN; break; } @@ -2306,7 +2306,11 @@ build_conflict_set (tofu_dbs_t dbs, /* Return the effective policy for the binding <FINGERPRINT, EMAIL> * (email has already been normalized) and any conflict information in * *CONFLICT_SETP, if CONFLICT_SETP is not NULL. Returns - * _tofu_GET_POLICY_ERROR if an error occurs. */ + * _tofu_GET_POLICY_ERROR if an error occurs. + * + * This function registers the binding in the bindings table if it has + * not yet been registered. + */ static enum tofu_policy get_policy (tofu_dbs_t dbs, PKT_public_key *pk, const char *fingerprint, const char *user_id, const char *email, @@ -2644,7 +2648,9 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk, static enum tofu_policy get_trust (ctrl_t ctrl, PKT_public_key *pk, const char *fingerprint, const char *email, - const char *user_id, int may_ask, time_t now) + const char *user_id, int may_ask, + enum tofu_policy *policyp, strlist_t *conflict_setp, + time_t now) { tofu_dbs_t dbs = ctrl->tofu.dbs; int in_transaction = 0; @@ -2675,6 +2681,14 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, && _tofu_GET_TRUST_ERROR != TRUST_FULLY && _tofu_GET_TRUST_ERROR != TRUST_ULTIMATE); + begin_transaction (ctrl, 0); + in_transaction = 1; + + /* We need to call get_policy even if the key is ultimately trusted + * to make sure the binding has been registered. */ + policy = get_policy (dbs, pk, fingerprint, user_id, email, + &conflict_set, now); + /* If the key is ultimately trusted, there is nothing to do. */ { u32 kid[2]; @@ -2683,14 +2697,11 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, if (tdb_keyid_is_utk (kid)) { trust_level = TRUST_ULTIMATE; + policy = TOFU_POLICY_GOOD; goto out; } } - begin_transaction (ctrl, 0); - in_transaction = 1; - - policy = get_policy (dbs, pk, fingerprint, user_id, email, &conflict_set, now); if (policy == TOFU_POLICY_AUTO) { policy = opt.tofu_default_policy; @@ -2758,10 +2769,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, } else { - for (iter = conflict_set; iter; iter = iter->next) - show_statistics (dbs, iter->d, email, - TOFU_POLICY_ASK, NULL, 1, now); - trust_level = TRUST_UNDEFINED; } @@ -2807,7 +2814,13 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, if (in_transaction) end_transaction (ctrl, 0); - free_strlist (conflict_set); + if (policyp) + *policyp = policy; + + if (conflict_setp) + *conflict_setp = conflict_set; + else + free_strlist (conflict_set); return trust_level; } @@ -2936,7 +2949,7 @@ write_stats_status (estream_t fp, * * POLICY is the key's policy (as returned by get_policy). * - * Returns 0 if if ONLY_STATUS_FD is set. Otherwise, returns whether + * Returns 0 if ONLY_STATUS_FD is set. Otherwise, returns whether * the caller should call show_warning after iterating over all user * ids. */ @@ -2970,7 +2983,8 @@ show_statistics (tofu_dbs_t dbs, /* Get the signature stats. */ rc = gpgsql_exec_printf (dbs->db, strings_collect_cb, &strlist, &err, - "select count (*), min (signatures.time), max (signatures.time)\n" + "select count (*), coalesce (min (signatures.time), 0),\n" + " coalesce (max (signatures.time), 0)\n" " from signatures\n" " left join bindings on signatures.binding = bindings.oid\n" " where fingerprint = %Q and email = %Q;", @@ -3023,7 +3037,8 @@ show_statistics (tofu_dbs_t dbs, /* Get the encryption stats. */ rc = gpgsql_exec_printf (dbs->db, strings_collect_cb, &strlist, &err, - "select count (*), min (encryptions.time), max (encryptions.time)\n" + "select count (*), coalesce (min (encryptions.time), 0),\n" + " coalesce (max (encryptions.time), 0)\n" " from encryptions\n" " left join bindings on encryptions.binding = bindings.oid\n" " where fingerprint = %Q and email = %Q;", @@ -3326,7 +3341,8 @@ tofu_register_signature (ctrl_t ctrl, /* Make sure the binding exists and record any TOFU conflicts. */ - if (get_trust (ctrl, pk, fingerprint, email, user_id->d, 0, now) + if (get_trust (ctrl, pk, fingerprint, email, user_id->d, + 0, NULL, NULL, now) == _tofu_GET_TRUST_ERROR) { rc = gpg_error (GPG_ERR_GENERAL); @@ -3480,7 +3496,7 @@ tofu_register_encryption (ctrl_t ctrl, if (! user_id_list) log_info (_("WARNING: Encrypting to %s, which has no " - "non-revoked user ids.\n"), + "non-revoked user ids\n"), keystr (pk->keyid)); } @@ -3492,11 +3508,13 @@ tofu_register_encryption (ctrl_t ctrl, for (user_id = user_id_list; user_id; user_id = user_id->next) { char *email = email_from_user_id (user_id->d); + strlist_t conflict_set = NULL; + enum tofu_policy policy; /* Make sure the binding exists and that we recognize any conflicts. */ int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d, - may_ask, now); + may_ask, &policy, &conflict_set, now); if (tl == _tofu_GET_TRUST_ERROR) { /* An error. */ @@ -3505,6 +3523,28 @@ tofu_register_encryption (ctrl_t ctrl, goto die; } + + /* If there is a conflict and MAY_ASK is true, we need to show + * the TOFU statistics for the current binding and the + * conflicting bindings. But, if we are not in batch mode, then + * they have already been printed (this is required to make sure + * the information is available to the caller before cpr_get is + * called). */ + if (policy == TOFU_POLICY_ASK && may_ask && opt.batch) + { + strlist_t iter; + + /* The conflict set should contain at least the current + * key. */ + log_assert (conflict_set); + + for (iter = conflict_set; iter; iter = iter->next) + show_statistics (dbs, iter->d, email, + TOFU_POLICY_ASK, NULL, 1, now); + } + + free_strlist (conflict_set); + rc = gpgsql_stepx (dbs->db, &dbs->s.register_encryption, NULL, NULL, &err, "insert into encryptions\n" @@ -3663,6 +3703,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, int bindings = 0; int bindings_valid = 0; int need_warning = 0; + int had_conflict = 0; dbs = opendbs (ctrl); if (! dbs) @@ -3681,11 +3722,13 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, for (user_id = user_id_list; user_id; user_id = user_id->next, bindings ++) { char *email = email_from_user_id (user_id->d); + strlist_t conflict_set = NULL; + enum tofu_policy policy; /* Always call get_trust to make sure the binding is registered. */ int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d, - may_ask, now); + may_ask, &policy, &conflict_set, now); if (tl == _tofu_GET_TRUST_ERROR) { /* An error. */ @@ -3708,13 +3751,36 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, if (may_ask && tl != TRUST_ULTIMATE && tl != TRUST_EXPIRED) { - enum tofu_policy policy = - get_policy (dbs, pk, fingerprint, user_id->d, email, NULL, now); + /* If policy is ask, then we already printed out the + * conflict information in ask_about_binding or will do so + * in a moment. */ + if (policy != TOFU_POLICY_ASK) + need_warning |= + show_statistics (dbs, fingerprint, email, policy, NULL, 0, now); + + /* If there is a conflict and MAY_ASK is true, we need to + * show the TOFU statistics for the current binding and the + * conflicting bindings. But, if we are not in batch mode, + * then they have already been printed (this is required to + * make sure the information is available to the caller + * before cpr_get is called). */ + if (policy == TOFU_POLICY_ASK && opt.batch) + { + strlist_t iter; + + /* The conflict set should contain at least the current + * key. */ + log_assert (conflict_set); - need_warning |= - show_statistics (dbs, fingerprint, email, policy, NULL, 0, now); + had_conflict = 1; + for (iter = conflict_set; iter; iter = iter->next) + show_statistics (dbs, iter->d, email, + TOFU_POLICY_ASK, NULL, 1, now); + } } + free_strlist (conflict_set); + if (tl == TRUST_NEVER) trust_level = TRUST_NEVER; else if (tl == TRUST_EXPIRED) @@ -3739,7 +3805,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, xfree (email); } - if (need_warning) + if (need_warning && ! had_conflict) show_warning (fingerprint, user_id_list); die: diff --git a/g10/trust.c b/g10/trust.c index 888b4ca..d0ea77e 100644 --- a/g10/trust.c +++ b/g10/trust.c @@ -179,17 +179,18 @@ get_ownertrust (PKT_public_key *pk) (void)pk; return TRUST_UNKNOWN; #else - return tdb_get_ownertrust (pk); + return tdb_get_ownertrust (pk, 0); #endif } /* * Same as get_ownertrust but this takes the minimum ownertrust value - * into into account, and will bump up the value as needed. + * into account, and will bump up the value as needed. NO_CREATE + * inhibits creation of a trustdb it that does not yet exists. */ static int -get_ownertrust_with_min (PKT_public_key *pk) +get_ownertrust_with_min (PKT_public_key *pk, int no_create) { #ifdef NO_TRUST_MODELS (void)pk; @@ -197,8 +198,15 @@ get_ownertrust_with_min (PKT_public_key *pk) #else unsigned int otrust, otrust_min; - otrust = (tdb_get_ownertrust (pk) & TRUST_MASK); - otrust_min = tdb_get_min_ownertrust (pk); + /* Shortcut instead of doing the same twice in the two tdb_get + * functions: If the caller asked not to create a trustdb we call + * init_trustdb directly and allow it to fail with an error code for + * a non-existing trustdb. */ + if (no_create && init_trustdb (1)) + return TRUST_UNKNOWN; + + otrust = (tdb_get_ownertrust (pk, no_create) & TRUST_MASK); + otrust_min = tdb_get_min_ownertrust (pk, no_create); if (otrust < otrust_min) { /* If the trust that the user has set is less than the trust @@ -217,23 +225,25 @@ get_ownertrust_with_min (PKT_public_key *pk) /* * Same as get_ownertrust but return a trust letter instead of an - * value. This takes the minimum ownertrust value into account. + * value. This takes the minimum ownertrust value into account. If + * NO_CREATE is set, no efforts for creating a trustdb will be taken. */ int -get_ownertrust_info (PKT_public_key *pk) +get_ownertrust_info (PKT_public_key *pk, int no_create) { - return trust_letter (get_ownertrust_with_min (pk)); + return trust_letter (get_ownertrust_with_min (pk, no_create)); } /* * Same as get_ownertrust but return a trust string instead of an - * value. This takes the minimum ownertrust value into account. + * value. This takes the minimum ownertrust value into account. If + * NO_CREATE is set, no efforts for creating a trustdb will be taken. */ const char * -get_ownertrust_string (PKT_public_key *pk) +get_ownertrust_string (PKT_public_key *pk, int no_create) { - return trust_value_to_string (get_ownertrust_with_min (pk)); + return trust_value_to_string (get_ownertrust_with_min (pk, no_create)); } diff --git a/g10/trustdb.c b/g10/trustdb.c index 75714ab..f4df4c8 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -222,7 +222,7 @@ tdb_register_trusted_key( const char *string ) /* * Helper to add a key to the global list of ultimately trusted keys. - * Retruns: true = inserted, false = already in in list. + * Returns: true = inserted, false = already in list. */ static int add_utk (u32 *kid) @@ -296,9 +296,9 @@ verify_own_keys(void) keystr(k->kid)); else { - tdb_update_ownertrust (&pk, - ((tdb_get_ownertrust (&pk) & ~TRUST_MASK) - | TRUST_ULTIMATE )); + tdb_update_ownertrust + (&pk, ((tdb_get_ownertrust (&pk, 0) & ~TRUST_MASK) + | TRUST_ULTIMATE )); release_public_key_parts (&pk); } @@ -439,21 +439,34 @@ how_to_fix_the_trustdb () } -void -init_trustdb () +/* Initialize the trustdb. With NO_CREATE set a missing trustdb is + * not an error and the function won't terminate the process on error; + * in that case 0 is returned if there is a trustdb or an error code + * if no trustdb is available. */ +gpg_error_t +init_trustdb (int no_create) { int level = trustdb_args.level; const char* dbname = trustdb_args.dbname; if( trustdb_args.init ) - return; + return 0; trustdb_args.init = 1; if(level==0 || level==1) { - int rc = tdbio_set_dbname( dbname, !!level, &trustdb_args.no_trustdb); - if( rc ) + int rc = tdbio_set_dbname (dbname, (!no_create && level), + &trustdb_args.no_trustdb); + if (no_create && trustdb_args.no_trustdb) + { + /* No trustdb found and the caller asked us not to create + * it. Return an error and set the initialization state + * back so that we always test for an existing trustdb. */ + trustdb_args.init = 0; + return gpg_error (GPG_ERR_ENOENT); + } + if (rc) log_fatal("can't init trustdb: %s\n", gpg_strerror (rc) ); } else @@ -493,6 +506,8 @@ init_trustdb () if(!tdbio_db_matches_options()) pending_check_trustdb=1; } + + return 0; } @@ -504,7 +519,7 @@ init_trustdb () void check_trustdb (ctrl_t ctrl) { - init_trustdb(); + init_trustdb (0); if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU) { @@ -541,7 +556,7 @@ check_trustdb (ctrl_t ctrl) void update_trustdb (ctrl_t ctrl) { - init_trustdb (); + init_trustdb (0); if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU) validate_keys (ctrl, 1); @@ -553,7 +568,7 @@ update_trustdb (ctrl_t ctrl) void tdb_revalidation_mark (void) { - init_trustdb(); + init_trustdb (0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return; @@ -591,7 +606,7 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, { TRUSTREC opts; - init_trustdb(); + init_trustdb (0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) memset (&opts, 0, sizeof opts); else @@ -622,7 +637,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec) { int rc; - init_trustdb(); + init_trustdb (0); rc = tdbio_search_trust_bypk (pk, rec); if (rc) { @@ -642,12 +657,16 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec) return 0; } -/**************** - * Return the assigned ownertrust value for the given public key. - * The key should be the primary key. + +/* + * Return the assigned ownertrust value for the given public key. The + * key should be the primary key. If NO_CREATE is set a missing + * trustdb will not be created. This comes for example handy when we + * want to print status lines (DECRYPTION_KEY) which carry ownertrust + * values but we usually use --always-trust. */ unsigned int -tdb_get_ownertrust ( PKT_public_key *pk) +tdb_get_ownertrust (PKT_public_key *pk, int no_create) { TRUSTREC rec; gpg_error_t err; @@ -655,6 +674,12 @@ tdb_get_ownertrust ( PKT_public_key *pk) if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return TRUST_UNKNOWN; + /* If the caller asked not to create a trustdb we call init_trustdb + * directly and allow it to fail with an error code for a + * non-existing trustdb. */ + if (no_create && init_trustdb (1)) + return TRUST_UNKNOWN; + err = read_trust_record (pk, &rec); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) return TRUST_UNKNOWN; /* no record yet */ @@ -669,7 +694,7 @@ tdb_get_ownertrust ( PKT_public_key *pk) unsigned int -tdb_get_min_ownertrust (PKT_public_key *pk) +tdb_get_min_ownertrust (PKT_public_key *pk, int no_create) { TRUSTREC rec; gpg_error_t err; @@ -677,6 +702,12 @@ tdb_get_min_ownertrust (PKT_public_key *pk) if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return TRUST_UNKNOWN; + /* If the caller asked not to create a trustdb we call init_trustdb + * directly and allow it to fail with an error code for a + * non-existing trustdb. */ + if (no_create && init_trustdb (1)) + return TRUST_UNKNOWN; + err = read_trust_record (pk, &rec); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) return TRUST_UNKNOWN; /* no record yet */ @@ -808,7 +839,7 @@ tdb_clear_ownertrusts (PKT_public_key *pk) TRUSTREC rec; gpg_error_t err; - init_trustdb (); + init_trustdb (0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return 0; @@ -915,7 +946,7 @@ tdb_cache_disabled_value (PKT_public_key *pk) if (pk->flags.disabled_valid) return pk->flags.disabled; - init_trustdb(); + init_trustdb (0); if (trustdb_args.no_trustdb) return 0; /* No trustdb => not disabled. */ @@ -950,7 +981,7 @@ tdb_check_trustdb_stale (ctrl_t ctrl) { static int did_nextcheck=0; - init_trustdb (); + init_trustdb (0); if (trustdb_args.no_trustdb) return; /* No trustdb => can't be stale. */ @@ -1021,7 +1052,7 @@ tdb_get_validity_core (ctrl_t ctrl, (void)may_ask; #endif - init_trustdb (); + init_trustdb (0); /* If we have no trustdb (which also means it has not been created) and the trust-model is always, we don't know the validity - @@ -1036,7 +1067,7 @@ tdb_get_validity_core (ctrl_t ctrl, { /* Note that this happens BEFORE any user ID stuff is checked. The direct trust model applies to keys as a whole. */ - validity = tdb_get_ownertrust (main_pk); + validity = tdb_get_ownertrust (main_pk, 0); goto leave; } @@ -1248,7 +1279,7 @@ get_validity_counts (PKT_public_key *pk, PKT_user_id *uid) uid->help_marginal_count=uid->help_full_count=0; - init_trustdb (); + init_trustdb (0); if(read_trust_record (pk, &trec)) return; @@ -1353,7 +1384,7 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum) { ot=edit_ownertrust (ctrl, pk, 0); if(ot>0) - ot = tdb_get_ownertrust (pk); + ot = tdb_get_ownertrust (pk, 0); else if(ot==0) ot = minimum?minimum:TRUST_UNDEFINED; else @@ -2142,9 +2173,9 @@ validate_keys (ctrl_t ctrl, int interactive) k->kid[1]=kid[1]; k->ownertrust = (tdb_get_ownertrust - (kar->keyblock->pkt->pkt.public_key) & TRUST_MASK); + (kar->keyblock->pkt->pkt.public_key, 0) & TRUST_MASK); k->min_ownertrust = tdb_get_min_ownertrust - (kar->keyblock->pkt->pkt.public_key); + (kar->keyblock->pkt->pkt.public_key, 0); k->trust_depth= kar->keyblock->pkt->pkt.public_key->trust_depth; k->trust_value= diff --git a/g10/trustdb.h b/g10/trustdb.h index 6081d10..3088063 100644 --- a/g10/trustdb.h +++ b/g10/trustdb.h @@ -127,7 +127,7 @@ void update_trustdb (ctrl_t ctrl); int setup_trustdb( int level, const char *dbname ); void how_to_fix_the_trustdb (void); const char *trust_model_string (int model); -void init_trustdb( void ); +gpg_error_t init_trustdb (int no_create); void tdb_check_trustdb_stale (ctrl_t ctrl); void sync_trustdb( void ); @@ -152,10 +152,10 @@ void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, byte *marginals,byte *completes,byte *cert_depth, byte *min_cert_level); -unsigned int tdb_get_ownertrust (PKT_public_key *pk); -unsigned int tdb_get_min_ownertrust (PKT_public_key *pk); -int get_ownertrust_info (PKT_public_key *pk); -const char *get_ownertrust_string (PKT_public_key *pk); +unsigned int tdb_get_ownertrust (PKT_public_key *pk, int no_create); +unsigned int tdb_get_min_ownertrust (PKT_public_key *pk, int no_create); +int get_ownertrust_info (PKT_public_key *pk, int no_create); +const char *get_ownertrust_string (PKT_public_key *pk, int no_create); void tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust); int tdb_clear_ownertrusts (PKT_public_key *pk); |