[Pkg-gnupg-commit] [gnupg2] 12/102: gpg: Pass CTRL object down to the trust functions

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jun 17 00:14:49 UTC 2016


This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit 027c4e55522b8e18711a3331932a9869ab89ca26
Author: Werner Koch <wk at gnupg.org>
Date:   Sat May 21 11:41:49 2016 +0200

    gpg: Pass CTRL object down to the trust functions
    
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 g10/gpg.c        |  4 ++--
 g10/gpgv.c       | 17 ++++++++++------
 g10/import.c     |  2 +-
 g10/keydb.h      |  2 +-
 g10/keyedit.c    | 61 ++++++++++++++++++++++++++++---------------------------
 g10/keylist.c    | 27 ++++++++++++------------
 g10/keyserver.c  |  4 ++--
 g10/mainproc.c   | 62 +++++++++++++++++++++++++++++---------------------------
 g10/photoid.c    | 13 ++++++------
 g10/photoid.h    |  5 +++--
 g10/pkclist.c    | 17 ++++++++--------
 g10/seskey.c     |  3 +++
 g10/test-stubs.c | 17 ++++++++++------
 g10/trust.c      | 30 +++++++++++++++------------
 g10/trustdb.c    | 41 +++++++++++++++++++------------------
 g10/trustdb.h    | 27 +++++++++++++-----------
 16 files changed, 180 insertions(+), 152 deletions(-)

diff --git a/g10/gpg.c b/g10/gpg.c
index 006c95b..3e0ae3f 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -4432,12 +4432,12 @@ main (int argc, char **argv)
       case aUpdateTrustDB:
 	if( argc )
 	    wrong_args("--update-trustdb");
-	update_trustdb();
+	update_trustdb (ctrl);
 	break;
 
       case aCheckTrustDB:
         /* Old versions allowed for arguments - ignore them */
-        check_trustdb();
+        check_trustdb (ctrl);
 	break;
 
       case aFixTrustDB:
diff --git a/g10/gpgv.c b/g10/gpgv.c
index 7e87176..ea26659 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -247,8 +247,9 @@ g10_exit( int rc )
  * this utility assumes that all keys in the keyring are trustworthy
  */
 int
-check_signatures_trust( PKT_signature *sig )
+check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
 {
+  (void)ctrl;
   (void)sig;
   return 0;
 }
@@ -280,22 +281,25 @@ cache_disabled_value(PKT_public_key *pk)
 }
 
 void
-check_trustdb_stale(void)
+check_trustdb_stale (ctrl_t ctrl)
 {
+  (void)ctrl;
 }
 
 int
-get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_info (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
 {
+  (void)ctrl;
   (void)pk;
   (void)uid;
   return '?';
 }
 
 unsigned int
-get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
-	      int may_ask)
+get_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
+              PKT_signature *sig, int may_ask)
 {
+  (void)ctrl;
   (void)pk;
   (void)uid;
   (void)sig;
@@ -311,8 +315,9 @@ trust_value_to_string (unsigned int value)
 }
 
 const char *
-uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
+uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
 {
+  (void)ctrl;
   (void)key;
   (void)uid;
   return "err";
diff --git a/g10/import.c b/g10/import.c
index 6707797..7c0d1e2 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -249,7 +249,7 @@ import_keys_internal (ctrl_t ctrl, iobuf_t inp, char **fnames, int nnames,
      interactive or by not setting no-auto-check-trustdb */
 
   if (!(options & IMPORT_FAST))
-    check_or_update_trustdb ();
+    check_or_update_trustdb (ctrl);
 
   return rc;
 }
diff --git a/g10/keydb.h b/g10/keydb.h
index 8896eea..a30cf7a 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -222,7 +222,7 @@ gpg_error_t keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr);
 
 /*-- pkclist.c --*/
 void show_revocation_reason( PKT_public_key *pk, int mode );
-int  check_signatures_trust( PKT_signature *sig );
+int  check_signatures_trust (ctrl_t ctrl, PKT_signature *sig);
 
 void release_pk_list (PK_LIST pk_list);
 int  build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list);
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 200a1ab..c7288b2 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -51,7 +51,8 @@
 
 static void show_prefs (PKT_user_id * uid, PKT_signature * selfsig,
 			int verbose);
-static void show_names (estream_t fp, KBNODE keyblock, PKT_public_key * pk,
+static void show_names (ctrl_t ctrl, estream_t fp,
+                        kbnode_t keyblock, PKT_public_key * pk,
 			unsigned int flag, int with_prefs);
 static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
                                      KBNODE keyblock, int only_marked,
@@ -61,8 +62,8 @@ static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
 static void show_key_and_fingerprint (kbnode_t keyblock, int with_subkeys);
 static void show_key_and_grip (kbnode_t keyblock);
 static void subkey_expire_warning (kbnode_t keyblock);
-static int menu_adduid (KBNODE keyblock, int photo, const char *photo_name,
-                        const char *uidstr);
+static int menu_adduid (ctrl_t ctrl, kbnode_t keyblock,
+                        int photo, const char *photo_name, const char *uidstr);
 static void menu_deluid (KBNODE pub_keyblock);
 static int menu_delsig (KBNODE pub_keyblock);
 static int menu_clean (KBNODE keyblock, int self_only);
@@ -85,13 +86,13 @@ static int count_selected_uids (KBNODE keyblock);
 static int real_uids_left (KBNODE keyblock);
 static int count_selected_keys (KBNODE keyblock);
 static int menu_revsig (KBNODE keyblock);
-static int menu_revuid (KBNODE keyblock);
+static int menu_revuid (ctrl_t ctrl, kbnode_t keyblock);
 static int menu_revkey (KBNODE pub_keyblock);
 static int menu_revsubkey (KBNODE pub_keyblock);
 #ifndef NO_TRUST_MODELS
 static int enable_disable_key (KBNODE keyblock, int disable);
 #endif /*!NO_TRUST_MODELS*/
-static void menu_showphoto (KBNODE keyblock);
+static void menu_showphoto (ctrl_t ctrl, kbnode_t keyblock);
 
 static int update_trust = 0;
 
@@ -2022,7 +2023,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
      and run the stale check as early as possible.  Note, that for
      non- W32 platforms it is run indirectly trough a call to
      get_validity ().  */
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 #endif
 
   /* Get the public key */
@@ -2295,7 +2296,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 	  photo = 1;
 	  /* fall through */
 	case cmdADDUID:
-	  if (menu_adduid (keyblock, photo, arg_string, NULL))
+	  if (menu_adduid (ctrl, keyblock, photo, arg_string, NULL))
 	    {
 	      update_trust = 1;
 	      redisplay = 1;
@@ -2537,7 +2538,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
                       n1 > 1 ? _("Really revoke all selected user IDs? (y/N) ")
 		      :        _("Really revoke this user ID? (y/N) ")))
 	      {
-		if (menu_revuid (keyblock))
+		if (menu_revuid (ctrl, keyblock))
 		  {
 		    modified = 1;
 		    redisplay = 1;
@@ -2631,7 +2632,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 
 	  show_key_with_all_names (ctrl, NULL, keyblock, 0, 0, 0, 1, 0, 0);
 	  tty_printf ("\n");
-	  if (edit_ownertrust (find_kbnode (keyblock,
+	  if (edit_ownertrust (ctrl, find_kbnode (keyblock,
 					    PKT_PUBLIC_KEY)->pkt->pkt.
 			       public_key, 1))
 	    {
@@ -2648,7 +2649,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 	  {
 	    int count = count_selected_uids (keyblock);
 	    log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
-	    show_names (NULL, keyblock, keyblock->pkt->pkt.public_key,
+	    show_names (ctrl, NULL, keyblock, keyblock->pkt->pkt.public_key,
 			count ? NODFLG_SELUID : 0, 1);
 	  }
 	  break;
@@ -2657,7 +2658,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 	  {
 	    int count = count_selected_uids (keyblock);
 	    log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
-	    show_names (NULL, keyblock, keyblock->pkt->pkt.public_key,
+	    show_names (ctrl, NULL, keyblock, keyblock->pkt->pkt.public_key,
 			count ? NODFLG_SELUID : 0, 2);
 	  }
 	  break;
@@ -2733,7 +2734,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 #endif /*!NO_TRUST_MODELS*/
 
 	case cmdSHOWPHOTO:
-	  menu_showphoto (keyblock);
+	  menu_showphoto (ctrl, keyblock);
 	  break;
 
 	case cmdCLEAN:
@@ -2863,7 +2864,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
 
 #ifdef HAVE_W32_SYSTEM
   /* See keyedit_menu for why we need this.  */
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 #endif
 
   /* Search the key; we don't want the whole getkey stuff here.  */
@@ -2914,7 +2915,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
 
   fix_keyblock (&keyblock);
 
-  if (menu_adduid (keyblock, 0, NULL, uidstring))
+  if (menu_adduid (ctrl, keyblock, 0, NULL, uidstring))
     {
       err = keydb_update_keyblock (kdbhd, keyblock);
       if (err)
@@ -2956,7 +2957,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
 
 #ifdef HAVE_W32_SYSTEM
   /* See keyedit_menu for why we need this.  */
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 #endif
 
   /* We require a fingerprint because only this uniquely identifies a
@@ -3371,7 +3372,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
 	    es_putc ('e', fp);
 	  else if (!(opt.fast_list_mode || opt.no_expensive_trust_checks))
 	    {
-	      int trust = get_validity_info (pk, NULL);
+	      int trust = get_validity_info (ctrl, pk, NULL);
 	      if (trust == 'u')
 		ulti_hack = 1;
 	      es_putc (trust, fp);
@@ -3430,7 +3431,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
 	      int uid_validity;
 
 	      if (primary && !ulti_hack)
-		uid_validity = get_validity_info (primary, uid);
+		uid_validity = get_validity_info (ctrl, primary, uid);
 	      else
 		uid_validity = 'u';
 	      es_fprintf (fp, "%c::::::::", uid_validity);
@@ -3497,8 +3498,8 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
 
 
 static void
-show_names (estream_t fp,
-            KBNODE keyblock, PKT_public_key * pk, unsigned int flag,
+show_names (ctrl_t ctrl, estream_t fp,
+            kbnode_t keyblock, PKT_public_key * pk, unsigned int flag,
 	    int with_prefs)
 {
   KBNODE node;
@@ -3513,7 +3514,7 @@ show_names (estream_t fp,
 	  if (!flag || (flag && (node->flag & flag)))
 	    {
 	      if (!(flag & NODFLG_MARK_A) && pk)
-		tty_fprintf (fp, "%s ", uid_trust_string_fixed (pk, uid));
+		tty_fprintf (fp, "%s ", uid_trust_string_fixed (ctrl, pk, uid));
 
 	      if (flag & NODFLG_MARK_A)
 		tty_fprintf (fp, "     ");
@@ -3600,12 +3601,12 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
 	       * output */
 	      static int did_warn = 0;
 
-	      trust = get_validity_string (pk, NULL);
+	      trust = get_validity_string (ctrl, pk, NULL);
 	      otrust = get_ownertrust_string (pk);
 
 	      /* Show a warning once */
 	      if (!did_warn
-		  && (get_validity (pk, NULL, NULL, 0)
+		  && (get_validity (ctrl, pk, NULL, NULL, 0)
 		      & TRUST_FLAG_PENDING_CHECK))
 		{
 		  did_warn = 1;
@@ -3792,7 +3793,7 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
 	}
     }
 
-  show_names (fp,
+  show_names (ctrl, fp,
               keyblock, primary, only_marked ? NODFLG_MARK_A : 0, with_prefs);
 
   if (do_warn && !nowarn)
@@ -4037,8 +4038,8 @@ subkey_expire_warning (kbnode_t keyblock)
  * user id.
  */
 static int
-menu_adduid (kbnode_t pub_keyblock, int photo, const char *photo_name,
-             const char *uidstring)
+menu_adduid (ctrl_t ctrl, kbnode_t pub_keyblock,
+             int photo, const char *photo_name, const char *uidstring)
 {
   PKT_user_id *uid;
   PKT_public_key *pk = NULL;
@@ -4100,7 +4101,7 @@ menu_adduid (kbnode_t pub_keyblock, int photo, const char *photo_name,
 	    }
 	}
 
-      uid = generate_photo_id (pk, photo_name);
+      uid = generate_photo_id (ctrl, pk, photo_name);
     }
   else
     uid = generate_user_id (pub_keyblock, uidstring);
@@ -6015,7 +6016,7 @@ reloop:			/* (must use this, because we are modifing the list) */
 /* Revoke a user ID (i.e. revoke a user ID selfsig).  Return true if
    keyblock changed.  */
 static int
-menu_revuid (KBNODE pub_keyblock)
+menu_revuid (ctrl_t ctrl, kbnode_t pub_keyblock)
 {
   PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
   KBNODE node;
@@ -6096,7 +6097,7 @@ menu_revuid (KBNODE pub_keyblock)
 		/* If the trustdb has an entry for this key+uid then the
 		   trustdb needs an update. */
 		if (!update_trust
-		    && (get_validity (pk, uid, NULL, 0) & TRUST_MASK) >=
+		    && (get_validity (ctrl, pk, uid, NULL, 0) & TRUST_MASK) >=
 		    TRUST_UNDEFINED)
 		  update_trust = 1;
 #endif /*!NO_TRUST_MODELS*/
@@ -6258,7 +6259,7 @@ enable_disable_key (KBNODE keyblock, int disable)
 
 
 static void
-menu_showphoto (KBNODE keyblock)
+menu_showphoto (ctrl_t ctrl, kbnode_t keyblock)
 {
   KBNODE node;
   int select_all = !count_selected_uids (keyblock);
@@ -6295,7 +6296,7 @@ menu_showphoto (KBNODE keyblock)
 				    "key %s (uid %d)\n"),
 				  image_type_to_string (type, 1),
 				  (ulong) size, keystr_from_pk (pk), count);
-		      show_photos (&uid->attribs[i], 1, pk, uid);
+		      show_photos (ctrl, &uid->attribs[i], 1, pk, uid);
 		    }
 		}
 	    }
diff --git a/g10/keylist.c b/g10/keylist.c
index 1649991..763edac 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -130,7 +130,7 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
      is very bad for W32 because of a sharing violation. For real OSes
      it might lead to false results if we are later listing a keyring
      which is associated with the inode of a deleted file.  */
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 
 #ifdef USE_TOFU
   tofu_begin_batch_update ();
@@ -154,7 +154,7 @@ secret_key_list (ctrl_t ctrl, strlist_t list)
 {
   (void)ctrl;
 
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 
   if (!list)
     list_all (ctrl, 1, 0);
@@ -1010,7 +1010,7 @@ list_keyblock_pka (ctrl_t ctrl, kbnode_t keyblock)
 
 
 static void
-list_keyblock_print (KBNODE keyblock, int secret, int fpr,
+list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
                      struct keylist_context *listctx)
 {
   int rc;
@@ -1051,7 +1051,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr,
   else
     s2k_char = ' ';
 
-  check_trustdb_stale ();
+  check_trustdb_stale (ctrl);
 
 
   es_fprintf (es_stdout, "%s%c  %s/%s %s",
@@ -1088,7 +1088,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr,
      include, but it looks sort of confusing in the listing... */
   if (opt.list_options & LIST_SHOW_VALIDITY)
     {
-      int validity = get_validity (pk, NULL, NULL, 0);
+      int validity = get_validity (ctrl, pk, NULL, NULL, 0);
       es_fprintf (es_stdout, " [%s]", trust_value_to_string (validity));
     }
 #endif
@@ -1134,9 +1134,9 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr,
 	    {
 	      const char *validity;
 
-	      validity = uid_trust_string_fixed (pk, uid);
+	      validity = uid_trust_string_fixed (ctrl, pk, uid);
 	      indent = ((keystrlen () + (opt.legacy_list_mode? 9:11))
-                        - atoi (uid_trust_string_fixed (NULL, NULL)));
+                        - atoi (uid_trust_string_fixed (ctrl, NULL, NULL)));
 	      if (indent < 0 || indent > 40)
 		indent = 0;
 
@@ -1174,7 +1174,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr,
             }
 
 	  if ((opt.list_options & LIST_SHOW_PHOTOS) && uid->attribs != NULL)
-	    show_photos (uid->attribs, uid->numattribs, pk, uid);
+	    show_photos (ctrl, uid->attribs, uid->numattribs, pk, uid);
 	}
       else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
 	{
@@ -1390,7 +1390,8 @@ print_revokers (estream_t fp, PKT_public_key * pk)
    record (i.e. requested via --list-secret-key).  If HAS_SECRET a
    secret key is available even if SECRET is not set.  */
 static void
-list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
+list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
+                     int secret, int has_secret, int fpr)
 {
   int rc;
   KBNODE kbctx;
@@ -1437,7 +1438,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
     ;
   else
     {
-      trustletter = get_validity_info (pk, NULL);
+      trustletter = get_validity_info (ctrl, pk, NULL);
       if (trustletter == 'u')
         ulti_hack = 1;
       es_putc (trustletter, es_stdout);
@@ -1519,7 +1520,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
 	      int uid_validity;
 
 	      if (!ulti_hack)
-		uid_validity = get_validity_info (pk, uid);
+		uid_validity = get_validity_info (ctrl, pk, uid);
 	      else
 		uid_validity = 'u';
 	      es_fprintf (es_stdout, "%s:%c::::", str, uid_validity);
@@ -1814,9 +1815,9 @@ list_keyblock (ctrl_t ctrl,
   if (opt.print_pka_records || opt.print_dane_records)
     list_keyblock_pka (ctrl, keyblock);
   else if (opt.with_colons)
-    list_keyblock_colon (keyblock, secret, has_secret, fpr);
+    list_keyblock_colon (ctrl, keyblock, secret, has_secret, fpr);
   else
-    list_keyblock_print (keyblock, secret, fpr, listctx);
+    list_keyblock_print (ctrl, keyblock, secret, fpr, listctx);
   if (secret)
     es_fflush (es_stdout);
 }
diff --git a/g10/keyserver.c b/g10/keyserver.c
index 3486abb..40659f0 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -1464,7 +1464,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
   /* If the original options didn't have fast import, and the trustdb
      is dirty, rebuild. */
   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
-    check_or_update_trustdb ();
+    check_or_update_trustdb (ctrl);
 
   return err;
 }
@@ -1885,7 +1885,7 @@ keyserver_fetch (ctrl_t ctrl, strlist_t urilist)
   /* If the original options didn't have fast import, and the trustdb
      is dirty, rebuild. */
   if (!(opt.keyserver_options.import_options&IMPORT_FAST))
-    check_or_update_trustdb ();
+    check_or_update_trustdb (ctrl);
 
   return 0;
 }
diff --git a/g10/mainproc.c b/g10/mainproc.c
index d56790b..a2bfae3 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1002,7 +1002,7 @@ list_node (CTX c, kbnode_t node)
           keyid_from_pk( pk, keyid );
           if (mainkey)
             c->trustletter = (opt.fast_list_mode?
-                              0 : get_validity_info( pk, NULL));
+                              0 : get_validity_info (c->ctrl, pk, NULL));
           es_printf ("%s:", mainkey? "pub":"sub" );
           if (c->trustletter)
             es_putc (c->trustletter, es_stdout);
@@ -1603,31 +1603,31 @@ check_sig_and_print (CTX c, kbnode_t node)
     }
 
   /* Check that the message composition is valid.
-
-     Per RFC-2440bis (-15) allowed:
-
-     S{1,n}           -- detached signature.
-     S{1,n} P         -- old style PGP2 signature
-     O{1,n} P S{1,n}  -- standard OpenPGP signature.
-     C P S{1,n}       -- cleartext signature.
-
-
-          O = One-Pass Signature packet.
-          S = Signature packet.
-          P = OpenPGP Message packet (Encrypted | Compressed | Literal)
-                 (Note that the current rfc2440bis draft also allows
-                  for a signed message but that does not work as it
-                  introduces ambiguities.)
-              We keep track of these packages using the marker packet
-              CTRLPKT_PLAINTEXT_MARK.
-          C = Marker packet for cleartext signatures.
-
-     We reject all other messages.
-
-     Actually we are calling this too often, i.e. for verification of
-     each message but better have some duplicate work than to silently
-     introduce a bug here.
-  */
+   *
+   * Per RFC-2440bis (-15) allowed:
+   *
+   * S{1,n}           -- detached signature.
+   * S{1,n} P         -- old style PGP2 signature
+   * O{1,n} P S{1,n}  -- standard OpenPGP signature.
+   * C P S{1,n}       -- cleartext signature.
+   *
+   *
+   *      O = One-Pass Signature packet.
+   *      S = Signature packet.
+   *      P = OpenPGP Message packet (Encrypted | Compressed | Literal)
+   *             (Note that the current rfc2440bis draft also allows
+   *              for a signed message but that does not work as it
+   *              introduces ambiguities.)
+   *          We keep track of these packages using the marker packet
+   *          CTRLPKT_PLAINTEXT_MARK.
+   *      C = Marker packet for cleartext signatures.
+   *
+   * We reject all other messages.
+   *
+   * Actually we are calling this too often, i.e. for verification of
+   * each message but better have some duplicate work than to silently
+   * introduce a bug here.
+   */
   {
     kbnode_t n;
     int n_onepass, n_sig;
@@ -1871,7 +1871,7 @@ check_sig_and_print (CTX c, kbnode_t node)
 	     does not print a LF we need to compute the validity
 	     before calling that function.  */
           if ((opt.verify_options & VERIFY_SHOW_UID_VALIDITY))
-            valid = get_validity (pk, un->pkt->pkt.user_id, NULL, 0);
+            valid = get_validity (c->ctrl, pk, un->pkt->pkt.user_id, NULL, 0);
           else
             valid = 0; /* Not used.  */
 
@@ -1950,7 +1950,8 @@ check_sig_and_print (CTX c, kbnode_t node)
                   dump_attribs (un->pkt->pkt.user_id, pk);
 
                   if (opt.verify_options&VERIFY_SHOW_PHOTOS)
-                    show_photos (un->pkt->pkt.user_id->attribs,
+                    show_photos (c->ctrl,
+                                 un->pkt->pkt.user_id->attribs,
                                  un->pkt->pkt.user_id->numattribs,
                                  pk ,un->pkt->pkt.user_id);
                 }
@@ -1973,7 +1974,8 @@ check_sig_and_print (CTX c, kbnode_t node)
 		       actually ask the user to update any trust
 		       information.  */
                     valid = (trust_value_to_string
-                             (get_validity (pk, un->pkt->pkt.user_id, sig, 0)));
+                             (get_validity (c->ctrl, pk,
+                                            un->pkt->pkt.user_id, sig, 0)));
                   log_printf (" [%s]\n",valid);
                 }
               else
@@ -2061,7 +2063,7 @@ check_sig_and_print (CTX c, kbnode_t node)
         {
           if ((opt.verify_options & VERIFY_PKA_LOOKUPS))
             pka_uri_from_sig (c, sig); /* Make sure PKA info is available. */
-          rc = check_signatures_trust (sig);
+          rc = check_signatures_trust (c->ctrl, sig);
         }
 
       /* Print extra information about the signature.  */
diff --git a/g10/photoid.c b/g10/photoid.c
index f6e625a..e188653 100644
--- a/g10/photoid.c
+++ b/g10/photoid.c
@@ -48,7 +48,7 @@
 /* Generate a new photo id packet, or return NULL if canceled.
    FIXME:  Should we add a duplicates check similar to generate_user_id? */
 PKT_user_id *
-generate_photo_id(PKT_public_key *pk,const char *photo_name)
+generate_photo_id (ctrl_t ctrl, PKT_public_key *pk,const char *photo_name)
 {
   PKT_user_id *uid;
   int error=1,i;
@@ -163,7 +163,7 @@ generate_photo_id(PKT_public_key *pk,const char *photo_name)
          "user" may not be able to dismiss a viewer window! */
       if(opt.command_fd==-1)
 	{
-	  show_photos (uid->attribs, uid->numattribs, pk, uid);
+	  show_photos (ctrl, uid->attribs, uid->numattribs, pk, uid);
 	  switch(cpr_get_answer_yes_no_quit("photoid.jpeg.okay",
 					 _("Is this photo correct (y/N/q)? ")))
 	    {
@@ -286,9 +286,10 @@ static const char *get_default_photo_command(void)
 }
 #endif
 
+
 void
-show_photos(const struct user_attribute *attrs, int count,
-            PKT_public_key *pk, PKT_user_id *uid)
+show_photos (ctrl_t ctrl, const struct user_attribute *attrs, int count,
+             PKT_public_key *pk, PKT_user_id *uid)
 {
 #ifdef DISABLE_PHOTO_VIEWER
   (void)attrs;
@@ -303,8 +304,8 @@ show_photos(const struct user_attribute *attrs, int count,
 
   memset (&args, 0, sizeof(args));
   args.pk = pk;
-  args.validity_info = get_validity_info (pk, uid);
-  args.validity_string = get_validity_string (pk, uid);
+  args.validity_info = get_validity_info (ctrl, pk, uid);
+  args.validity_string = get_validity_string (ctrl, pk, uid);
   namehash_from_uid (uid);
   args.namehash = uid->namehash;
 
diff --git a/g10/photoid.h b/g10/photoid.h
index ec2b55f..9fc758e 100644
--- a/g10/photoid.h
+++ b/g10/photoid.h
@@ -24,10 +24,11 @@
 
 #include "packet.h"
 
-PKT_user_id *generate_photo_id(PKT_public_key *pk,const char *filename);
+PKT_user_id *generate_photo_id (ctrl_t ctrl,
+                                PKT_public_key *pk,const char *filename);
 int parse_image_header(const struct user_attribute *attr,byte *type,u32 *len);
 char *image_type_to_string(byte type,int style);
-void show_photos (const struct user_attribute *attrs, int count,
+void show_photos (ctrl_t ctrl, const struct user_attribute *attrs, int count,
                   PKT_public_key *pk, PKT_user_id *uid);
 
 #endif /* !_PHOTOID_H_ */
diff --git a/g10/pkclist.c b/g10/pkclist.c
index de8897a..f284107 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -178,7 +178,7 @@ show_revocation_reason( PKT_public_key *pk, int mode )
  */
 #ifndef NO_TRUST_MODELS
 static int
-do_edit_ownertrust (PKT_public_key *pk, int mode,
+do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
                     unsigned *new_trust, int defer_help )
 {
   char *p;
@@ -248,7 +248,8 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
 
 		if((opt.verify_options&VERIFY_SHOW_PHOTOS)
 		   && un->pkt->pkt.user_id->attrib_data)
-		  show_photos (un->pkt->pkt.user_id->attribs,
+		  show_photos (ctrl,
+                               un->pkt->pkt.user_id->attribs,
                                un->pkt->pkt.user_id->numattribs, pk,
                                un->pkt->pkt.user_id);
 
@@ -376,14 +377,14 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
  */
 #ifndef NO_TRUST_MODELS
 int
-edit_ownertrust (PKT_public_key *pk, int mode )
+edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode )
 {
   unsigned int trust = 0;
   int no_help = 0;
 
   for(;;)
     {
-      switch ( do_edit_ownertrust (pk, mode, &trust, no_help ) )
+      switch ( do_edit_ownertrust (ctrl, pk, mode, &trust, no_help ) )
         {
         case -1: /* quit */
           return -1;
@@ -526,7 +527,7 @@ write_trust_status (int statuscode, int trustlevel)
  * Returns an error code if we should not trust this signature.
  */
 int
-check_signatures_trust( PKT_signature *sig )
+check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
 {
   PKT_public_key *pk = xmalloc_clear( sizeof *pk );
   unsigned int trustlevel = TRUST_UNKNOWN;
@@ -553,7 +554,7 @@ check_signatures_trust( PKT_signature *sig )
     log_info(_("WARNING: this key might be revoked (revocation key"
 	       " not present)\n"));
 
-  trustlevel = get_validity (pk, NULL, sig, 1);
+  trustlevel = get_validity (ctrl, pk, NULL, sig, 1);
 
   if ( (trustlevel & TRUST_FLAG_REVOKED) )
     {
@@ -845,7 +846,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
     }
 
   /* Key found and usable.  Check validity. */
-  trustlevel = get_validity (pk, pk->user_id, NULL, 1);
+  trustlevel = get_validity (ctrl, pk, pk->user_id, NULL, 1);
   if ( (trustlevel & TRUST_FLAG_DISABLED) )
     {
       /* Key has been disabled. */
@@ -1183,7 +1184,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
                 { /* Check validity of this key. */
                   int trustlevel;
 
-                  trustlevel = get_validity (pk, pk->user_id, NULL, 1);
+                  trustlevel = get_validity (ctrl, pk, pk->user_id, NULL, 1);
                   if ( (trustlevel & TRUST_FLAG_DISABLED) )
                     {
                       tty_printf (_("Public key is disabled.\n") );
diff --git a/g10/seskey.c b/g10/seskey.c
index c41a145..d0e6b6f 100644
--- a/g10/seskey.c
+++ b/g10/seskey.c
@@ -347,6 +347,9 @@ encode_md_value (PKT_public_key *pk, gcry_md_hd_t md, int hash_algo)
         return NULL;
       if ( gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, asn, &asnlen) )
         BUG();
+      log_debug ("%s: hash_algo=%d pk=%p\n", __func__, hash_algo, pk);
+      log_debug ("%s: pk->pkey[0]=%p\n", __func__, pk->pkey[0]);
+      gcry_log_debugmpi ("pkey[0]", pk->pkey[0]);
       frame = do_encode_md (md, hash_algo, gcry_md_get_algo_dlen (hash_algo),
                             gcry_mpi_get_nbits (pk->pkey[0]), asn, asnlen);
       xfree (asn);
diff --git a/g10/test-stubs.c b/g10/test-stubs.c
index 2edae18..177f35a 100644
--- a/g10/test-stubs.c
+++ b/g10/test-stubs.c
@@ -58,8 +58,9 @@ g10_exit( int rc )
  * this utility assumes that all keys in the keyring are trustworthy
  */
 int
-check_signatures_trust( PKT_signature *sig )
+check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
 {
+  (void)ctrl;
   (void)sig;
   return 0;
 }
@@ -91,22 +92,25 @@ cache_disabled_value(PKT_public_key *pk)
 }
 
 void
-check_trustdb_stale(void)
+check_trustdb_stale (ctrl_t ctrl)
 {
+  (void)ctrl;
 }
 
 int
-get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_info (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
 {
+  (void)ctrl;
   (void)pk;
   (void)uid;
   return '?';
 }
 
 unsigned int
-get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
-	      int may_ask)
+get_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
+              PKT_signature *sig, int may_ask)
 {
+  (void)ctrl;
   (void)pk;
   (void)uid;
   (void)sig;
@@ -122,8 +126,9 @@ trust_value_to_string (unsigned int value)
 }
 
 const char *
-uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
+uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
 {
+  (void)ctrl;
   (void)key;
   (void)uid;
   return "err";
diff --git a/g10/trust.c b/g10/trust.c
index b15fa04..8790754 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -131,7 +131,7 @@ string_to_trust_value (const char *str)
 
 
 const char *
-uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
+uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
 {
   if (!key && !uid)
     {
@@ -151,7 +151,7 @@ uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid)
     return                         _("[ expired]");
   else if(key)
     {
-      switch (get_validity (key, uid, NULL, 0) & TRUST_MASK)
+      switch (get_validity (ctrl, key, uid, NULL, 0) & TRUST_MASK)
         {
         case TRUST_UNKNOWN:   return _("[ unknown]");
         case TRUST_EXPIRED:   return _("[ expired]");
@@ -275,19 +275,23 @@ revalidation_mark (void)
 
 
 void
-check_trustdb_stale (void)
+check_trustdb_stale (ctrl_t ctrl)
 {
 #ifndef NO_TRUST_MODELS
-  tdb_check_trustdb_stale ();
+  tdb_check_trustdb_stale (ctrl);
+#else
+  (void)ctrl;
 #endif
 }
 
 
 void
-check_or_update_trustdb (void)
+check_or_update_trustdb (ctrl_t ctrl)
 {
 #ifndef NO_TRUST_MODELS
-  tdb_check_or_update ();
+  tdb_check_or_update (ctrl);
+#else
+  (void)ctrl;
 #endif
 }
 
@@ -298,8 +302,8 @@ check_or_update_trustdb (void)
  * otherwise, a reasonable value for the entire key is returned.
  */
 unsigned int
-get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
-	      int may_ask)
+get_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
+              PKT_signature *sig, int may_ask)
 {
   int rc;
   unsigned int validity;
@@ -331,7 +335,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
 #ifdef NO_TRUST_MODELS
   validity = TRUST_UNKNOWN;
 #else
-  validity = tdb_get_validity_core (pk, uid, main_pk, sig, may_ask);
+  validity = tdb_get_validity_core (ctrl, pk, uid, main_pk, sig, may_ask);
 #endif
 
  leave:
@@ -353,14 +357,14 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid, PKT_signature *sig,
 
 
 int
-get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_info (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
 {
   int trustlevel;
 
   if (!pk)
     return '?';  /* Just in case a NULL PK is passed.  */
 
-  trustlevel = get_validity (pk, uid, NULL, 0);
+  trustlevel = get_validity (ctrl, pk, uid, NULL, 0);
   if ((trustlevel & TRUST_FLAG_REVOKED))
     return 'r';
   return trust_letter (trustlevel);
@@ -368,14 +372,14 @@ get_validity_info (PKT_public_key *pk, PKT_user_id *uid)
 
 
 const char *
-get_validity_string (PKT_public_key *pk, PKT_user_id *uid)
+get_validity_string (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid)
 {
   int trustlevel;
 
   if (!pk)
     return "err";  /* Just in case a NULL PK is passed.  */
 
-  trustlevel = get_validity (pk, uid, NULL, 0);
+  trustlevel = get_validity (ctrl, pk, uid, NULL, 0);
   if ((trustlevel & TRUST_FLAG_REVOKED))
     return _("revoked");
   return trust_value_to_string (trustlevel);
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 195a006..e5f7121 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -70,7 +70,7 @@ static struct key_item *utk_list;      /* all ultimately trusted keys */
 
 static int pending_check_trustdb;
 
-static int validate_keys (int interactive);
+static int validate_keys (ctrl_t ctrl, int interactive);
 
 

 /**********************************************
@@ -494,7 +494,7 @@ init_trustdb ()
  * when a check is due.  This can be used to run the check from a crontab
  */
 void
-check_trustdb ()
+check_trustdb (ctrl_t ctrl)
 {
   init_trustdb();
   if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
@@ -519,7 +519,7 @@ check_trustdb ()
 	    }
 	}
 
-      validate_keys (0);
+      validate_keys (ctrl, 0);
     }
   else
     log_info (_("no need for a trustdb check with '%s' trust model\n"),
@@ -531,12 +531,12 @@ check_trustdb ()
  * Recreate the WoT.
  */
 void
-update_trustdb()
+update_trustdb (ctrl_t ctrl)
 {
-  init_trustdb();
+  init_trustdb ();
   if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
       || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU)
-    validate_keys (1);
+    validate_keys (ctrl, 1);
   else
     log_info (_("no need for a trustdb update with '%s' trust model\n"),
 	      trust_model_string(opt.trust_model));
@@ -565,14 +565,14 @@ trustdb_pending_check(void)
 /* If the trustdb is dirty, and we're interactive, update it.
    Otherwise, check it unless no-auto-check-trustdb is set. */
 void
-tdb_check_or_update (void)
+tdb_check_or_update (ctrl_t ctrl)
 {
-  if(trustdb_pending_check())
+  if (trustdb_pending_check ())
     {
-      if(opt.interactive)
-	update_trustdb();
-      else if(!opt.no_auto_check_trustdb)
-	check_trustdb();
+      if (opt.interactive)
+	update_trustdb (ctrl);
+      else if (!opt.no_auto_check_trustdb)
+	check_trustdb (ctrl);
     }
 }
 
@@ -938,7 +938,7 @@ tdb_cache_disabled_value (PKT_public_key *pk)
 
 
 void
-tdb_check_trustdb_stale (void)
+tdb_check_trustdb_stale (ctrl_t ctrl)
 {
   static int did_nextcheck=0;
 
@@ -968,7 +968,7 @@ tdb_check_trustdb_stale (void)
             {
               if (!opt.quiet)
                 log_info (_("checking the trustdb\n"));
-              validate_keys (0);
+              validate_keys (ctrl, 0);
             }
         }
     }
@@ -981,7 +981,8 @@ tdb_check_trustdb_stale (void)
  * by the TOFU code to record statistics.
  */
 unsigned int
-tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid,
+tdb_get_validity_core (ctrl_t ctrl,
+                       PKT_public_key *pk, PKT_user_id *uid,
                        PKT_public_key *main_pk,
 		       PKT_signature *sig,
 		       int may_ask)
@@ -1008,7 +1009,7 @@ tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid,
   if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
     return TRUST_UNKNOWN;
 
-  check_trustdb_stale();
+  check_trustdb_stale (ctrl);
 
   if(opt.trust_model==TM_DIRECT)
     {
@@ -1267,7 +1268,7 @@ enum_cert_paths_print (void **context, FILE *fp,
  ****************************************/
 
 static int
-ask_ownertrust (u32 *kid,int minimum)
+ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum)
 {
   PKT_public_key *pk;
   int rc;
@@ -1291,7 +1292,7 @@ ask_ownertrust (u32 *kid,int minimum)
     }
   else
     {
-      ot=edit_ownertrust(pk,0);
+      ot=edit_ownertrust (ctrl, pk, 0);
       if(ot>0)
 	ot = tdb_get_ownertrust (pk);
       else if(ot==0)
@@ -1881,7 +1882,7 @@ reset_trust_records(void)
  *
  */
 static int
-validate_keys (int interactive)
+validate_keys (ctrl_t ctrl, int interactive)
 {
   int rc = 0;
   int quit=0;
@@ -1989,7 +1990,7 @@ validate_keys (int interactive)
 
           if (interactive && k->ownertrust == TRUST_UNKNOWN)
 	    {
-	      k->ownertrust = ask_ownertrust (k->kid,min);
+	      k->ownertrust = ask_ownertrust (ctrl, k->kid,min);
 
 	      if (k->ownertrust == (unsigned int)(-1))
 		{
diff --git a/g10/trustdb.h b/g10/trustdb.h
index 7e1307d..47d7b72 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -83,20 +83,22 @@ void register_trusted_key (const char *string);
 
 const char *trust_value_to_string (unsigned int value);
 int string_to_trust_value (const char *str);
-const char *uid_trust_string_fixed (PKT_public_key *key, PKT_user_id *uid);
+const char *uid_trust_string_fixed (ctrl_t ctrl,
+                                    PKT_public_key *key, PKT_user_id *uid);
 
 unsigned int get_ownertrust (PKT_public_key *pk);
 void update_ownertrust (PKT_public_key *pk, unsigned int new_trust);
 int clear_ownertrusts (PKT_public_key *pk);
 
 void revalidation_mark (void);
-void check_trustdb_stale (void);
-void check_or_update_trustdb (void);
+void check_trustdb_stale (ctrl_t ctrl);
+void check_or_update_trustdb (ctrl_t ctrl);
 
-unsigned int get_validity (PKT_public_key *pk, PKT_user_id *uid,
+unsigned int get_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid,
 			   PKT_signature *sig, int may_ask);
-int get_validity_info (PKT_public_key *pk, PKT_user_id *uid);
-const char *get_validity_string (PKT_public_key *pk, PKT_user_id *uid);
+int get_validity_info (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid);
+const char *get_validity_string (ctrl_t ctrl,
+                                 PKT_public_key *pk, PKT_user_id *uid);
 
 void mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
                             u32 *main_kid, struct key_item *klist,
@@ -115,22 +117,23 @@ void tdb_register_trusted_keyid (u32 *keyid);
 void tdb_register_trusted_key (const char *string);
 /* Returns whether KID is on the list of ultimately trusted keys.  */
 int tdb_keyid_is_utk (u32 *kid);
-void check_trustdb (void);
-void update_trustdb (void);
+void check_trustdb (ctrl_t ctrl);
+void update_trustdb (ctrl_t ctrl);
 int setup_trustdb( int level, const char *dbname );
 void how_to_fix_the_trustdb (void);
 const char *trust_model_string (int model);
 void init_trustdb( void );
-void tdb_check_trustdb_stale (void);
+void tdb_check_trustdb_stale (ctrl_t ctrl);
 void sync_trustdb( void );
 
 void tdb_revalidation_mark (void);
 int trustdb_pending_check(void);
-void tdb_check_or_update (void);
+void tdb_check_or_update (ctrl_t ctrl);
 
 int tdb_cache_disabled_value (PKT_public_key *pk);
 
-unsigned int tdb_get_validity_core (PKT_public_key *pk, PKT_user_id *uid,
+unsigned int tdb_get_validity_core (ctrl_t ctrl,
+                                    PKT_public_key *pk, PKT_user_id *uid,
                                     PKT_public_key *main_pk,
 				    PKT_signature *sig, int may_ask);
 
@@ -158,6 +161,6 @@ void export_ownertrust(void);
 void import_ownertrust(const char *fname);
 
 /*-- pkclist.c --*/
-int edit_ownertrust (PKT_public_key *pk, int mode );
+int edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode);
 
 #endif /*G10_TRUSTDB_H*/

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git



More information about the Pkg-gnupg-commit mailing list