[Pkg-gnupg-commit] [gnupg2] 167/205: gpg: Re-format some tofu messages.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed May 11 08:38:35 UTC 2016


This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit d73e83c3b678add11a5754e199e528aeb39ec8ce
Author: Werner Koch <wk at gnupg.org>
Date:   Mon May 2 09:48:19 2016 +0200

    gpg: Re-format some tofu messages.
    
    * common/status.h (STATUS_TOFU_USER, STATUS_TOFU_STATS)
    (STATUS_TOFU_STATS_SHORT, STATUS_TOFU_STATS_LONG): New.
    * g10/tofu.c (NO_WARNING_THRESHOLD): New.
    (record_binding, tofu_register): Take care of --dry-run.
    (show_statistics): Print STATUS_TOFU_USER.  Reformat some messages.
    Fix the ngettext/strcmp thing.  Use log_string instead of log_info.
    Use NO_WARNING_THRESHOLD constant.
    (get_trust): Use format_text and print a compact fingerprint.
    
    --
    
    The use of log_string makes long messages better readable; instead of
    
      gpg: Warning: if you think you've seen more[...]
      key, then this key might be a forgery!  Car[...]
      address for small variations.  If the key i[...]
    
    we now have
    
      gpg: Warning: if you think you've seen more[...]
           key, then this key might be a forgery![...]
           address for small variations.  If the [...]
    
    We also put the key information after the message and not between the
    user id and the last used info like here:
    
      gpg: Verified 7 messages signed by "Werner Koch <werner at eifzilla.de>"
           in the past 4 days, 16 hours.
           The most recent message was verified 3 days, 13 hours ago.
           (key: 8061 5870 F5BA D690 3336  [...] 1E42 B367, policy: auto)
    
    This also makes the key info a separate translatable string.
    
    Further a compact version of the fingerprint (hex w/o spaces) is
    printed in some messages.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 common/status.h |   5 ++
 g10/tofu.c      | 258 +++++++++++++++++++++++++++++++++-----------------------
 2 files changed, 156 insertions(+), 107 deletions(-)

diff --git a/common/status.h b/common/status.h
index e50827f..730a75c 100644
--- a/common/status.h
+++ b/common/status.h
@@ -133,6 +133,11 @@ enum
     STATUS_PKA_TRUST_BAD,
     STATUS_PKA_TRUST_GOOD,
 
+    STATUS_TOFU_USER,
+    STATUS_TOFU_STATS,
+    STATUS_TOFU_STATS_SHORT,
+    STATUS_TOFU_STATS_LONG,
+
     STATUS_TRUNCATED,
     STATUS_MOUNTPOINT,
 
diff --git a/g10/tofu.c b/g10/tofu.c
index e3218b9..20fc612 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -40,12 +40,16 @@
 #include "trustdb.h"
 #include "mkdir_p.h"
 #include "sqlite.h"
+#include "status.h"
 
 #include "tofu.h"
 
 
 #define CONTROL_L ('L' - 'A' + 1)
 
+/* Number of signed messages required to not show extra warnings.  */
+#define NO_WARNING_THRESHOLD 10
+
 
 #define DEBUG_TOFU_CACHE 0
 #if DEBUG_TOFU_CACHE
@@ -1205,7 +1209,7 @@ record_binding (struct dbs *dbs, const char *fingerprint, const char *email,
 	{
 	  log_debug ("TOFU: Error reading from binding database"
 		     " (reading policy for <%s, %s>): %s\n",
-		     fingerprint_pp, email, err);
+		     fingerprint, email, err);
 	  sqlite3_free (err);
 	}
     }
@@ -1215,12 +1219,12 @@ record_binding (struct dbs *dbs, const char *fingerprint, const char *email,
       if (policy_old != TOFU_POLICY_NONE)
 	log_debug ("Changing TOFU trust policy for binding <%s, %s>"
 		   " from %s to %s.\n",
-		   fingerprint_pp, email,
+		   fingerprint, email,
 		   tofu_policy_str (policy_old),
 		   tofu_policy_str (policy));
       else
 	log_debug ("Set TOFU trust policy for binding <%s, %s> to %s.\n",
-		   fingerprint_pp, email,
+		   fingerprint, email,
 		   tofu_policy_str (policy));
     }
 
@@ -1228,6 +1232,12 @@ record_binding (struct dbs *dbs, const char *fingerprint, const char *email,
     /* Nothing to do.  */
     goto out;
 
+  if (opt.dry_run)
+    {
+      log_info ("TOFU database update skipped due to --dry-run\n");
+      goto out;
+    }
+
   rc = sqlite3_stepx
     (db_email->db, &db_email->s.record_binding_update, NULL, NULL, &err,
      "insert or replace into bindings\n"
@@ -1246,7 +1256,7 @@ record_binding (struct dbs *dbs, const char *fingerprint, const char *email,
     {
       log_error (_("error updating TOFU database: %s\n"), err);
       print_further_info (" insert bindings <%s, %s> = %s",
-                          fingerprint_pp, email, tofu_policy_str (policy));
+                          fingerprint, email, tofu_policy_str (policy));
       sqlite3_free (err);
       goto out;
     }
@@ -1273,7 +1283,7 @@ record_binding (struct dbs *dbs, const char *fingerprint, const char *email,
 	{
 	  log_error (_("error updating TOFU database: %s\n"), err);
           print_further_info ("insert bindings <%s, %s>",
-                              fingerprint_pp, email);
+                              fingerprint, email);
 	  sqlite3_free (err);
 	  goto out;
 	}
@@ -1680,7 +1690,7 @@ get_trust (struct dbs *dbs, const char *fingerprint, const char *email,
       policy = opt.tofu_default_policy;
       if (DBG_TRUST)
 	log_debug ("TOFU: binding <%s, %s>'s policy is auto (default: %s).\n",
-		   fingerprint_pp, email,
+		   fingerprint, email,
 		   tofu_policy_str (opt.tofu_default_policy));
     }
   switch (policy)
@@ -1693,7 +1703,7 @@ get_trust (struct dbs *dbs, const char *fingerprint, const char *email,
 	 We don't need to ask the user anything.  */
       if (DBG_TRUST)
 	log_debug ("TOFU: Known binding <%s, %s>'s policy: %s\n",
-		   fingerprint_pp, email, tofu_policy_str (policy));
+		   fingerprint, email, tofu_policy_str (policy));
       trust_level = tofu_policy_to_trust_level (policy);
       goto out;
 
@@ -1771,7 +1781,7 @@ get_trust (struct dbs *dbs, const char *fingerprint, const char *email,
 
       if (DBG_TRUST)
 	log_debug ("TOFU: New binding <%s, %s>, no conflict.\n",
-		   email, fingerprint_pp);
+		   email, fingerprint);
 
       if (record_binding (dbs, fingerprint, email, user_id,
 			  TOFU_POLICY_AUTO, 0) != 0)
@@ -1828,8 +1838,6 @@ get_trust (struct dbs *dbs, const char *fingerprint, const char *email,
       ((policy == TOFU_POLICY_NONE && bindings_with_this_email_count > 0)
        || (policy == TOFU_POLICY_ASK && conflict));
     estream_t fp;
-    char *binding;
-    int binding_shown;
     strlist_t other_user_ids = NULL;
     struct signature_stats *stats = NULL;
     struct signature_stats *stats_iter = NULL;
@@ -1838,43 +1846,65 @@ get_trust (struct dbs *dbs, const char *fingerprint, const char *email,
 
     fp = es_fopenmem (0, "rw,samethread");
     if (! fp)
-      log_fatal ("Error creating memory stream\n");
+      log_fatal ("error creating memory stream: %s\n",
+                 gpg_strerror (gpg_error_from_syserror()));
 
-    binding = xasprintf ("<%s, %s>", fingerprint_pp, email);
-    binding_shown = 0;
+    /* Format the first part of the message.  */
+    {
+      estream_t fp1;
+      char *binding = xasprintf ("<%s, %s>", fingerprint, email);
+      int binding_shown = 0;
+      char *tmpstr, *text;
 
-    if (policy == TOFU_POLICY_NONE)
-      {
-	es_fprintf (fp, _("The binding %s is NOT known."), binding);
-        es_fputs ("  ", fp);
-	binding_shown = 1;
-      }
-    else if (policy == TOFU_POLICY_ASK
-	     /* If there the conflict is with itself, then don't
-		display this message.  */
-	     && conflict && strcmp (conflict, fingerprint) != 0)
-      {
-        char *conflict_pp = format_hexfingerprint (conflict, NULL, 0);
-	es_fprintf (fp,
-		    _("The key %s raised a conflict with this binding (%s)."
-                      "  Since this binding's policy was 'auto', it was "
-                      "changed to 'ask'."),
-		    conflict_pp, binding);
-        es_fputs ("  ", fp);
-        xfree (conflict_pp);
-	binding_shown = 1;
-      }
-    /* TRANSLATORS: The %s%s is replaced by either a fingerprint and a
-       blank or by two empty strings.  */
-    es_fprintf (fp,
-		_("Please indicate whether you believe the binding %s%s"
-		  "is legitimate (the key belongs to the stated owner) "
-		  "or a forgery (bad)."),
-		binding_shown ? "" : binding,
-		binding_shown ? "" : " ");
-    es_fputs ("\n\n", fp);
-
-    xfree (binding);
+      fp1 = es_fopenmem (0, "rw,samethread");
+      if (!fp1)
+        log_fatal ("error creating memory stream: %s\n",
+                   gpg_strerror (gpg_error_from_syserror()));
+
+      if (policy == TOFU_POLICY_NONE)
+        {
+          es_fprintf (fp1, _("The binding %s is NOT known."), binding);
+          es_fputs ("  ", fp1);
+          binding_shown = 1;
+        }
+      else if (policy == TOFU_POLICY_ASK
+               /* If there the conflict is with itself, then don't
+                  display this message.  */
+               && conflict && strcmp (conflict, fingerprint) != 0)
+        {
+          es_fprintf (fp1,
+                      _("The key with fingerprint %s raised a conflict "
+                        "with the binding %s."
+                        "  Since this binding's policy was 'auto', it was "
+                        "changed to 'ask'."),
+                      conflict, binding);
+          es_fputs ("  ", fp1);
+          binding_shown = 1;
+        }
+
+      /* TRANSLATORS: The %s%s is replaced by either a fingerprint and a
+         blank or by two empty strings.  */
+      es_fprintf (fp1,
+                  _("Please indicate whether you believe the binding %s%s"
+                    "is legitimate (the key belongs to the stated owner) "
+                    "or a forgery (bad)."),
+                  binding_shown ? "" : binding,
+                  binding_shown ? "" : " ");
+      es_fputc ('\n', fp1);
+
+      xfree (binding);
+
+      es_fputc (0, fp1);
+      if (es_fclose_snatch (fp1, (void **)&tmpstr, NULL))
+        log_fatal ("error snatching memory stream\n");
+      text = format_text (tmpstr, 0, 72, 80);
+      es_free (tmpstr);
+
+      es_fputs (text, fp);
+      xfree (text);
+    }
+
+    es_fputc ('\n', fp);
 
     /* Find other user ids associated with this key and whether the
        bindings are marked as good or bad.  */
@@ -2370,6 +2400,9 @@ show_statistics (struct dbs *dbs, const char *fingerprint,
       goto out;
     }
 
+  write_status_text_and_buffer (STATUS_TOFU_USER, fingerprint,
+                                email, strlen (email), 0);
+
   if (! strlist)
     log_info (_("Have never verified a message signed by key %s!\n"),
               fingerprint_pp);
@@ -2396,8 +2429,8 @@ show_statistics (struct dbs *dbs, const char *fingerprint,
 	}
 
       if (messages == -1 || first_seen_ago == 0)
-        log_info (_("Failed to collect signature statistics"
-                    " for \"%s\" (key %s)\n"),
+        log_info (_("Failed to collect signature statistics for \"%s\"\n"
+                    "(key %s)\n"),
                   user_id, fingerprint_pp);
       else
 	{
@@ -2407,55 +2440,67 @@ show_statistics (struct dbs *dbs, const char *fingerprint,
 
 	  fp = es_fopenmem (0, "rw,samethread");
 	  if (! fp)
-	    log_fatal ("error creating memory stream\n");
+            log_fatal ("error creating memory stream: %s\n",
+                       gpg_strerror (gpg_error_from_syserror()));
 
 	  if (messages == 0)
-            es_fprintf (fp,
-                        _("Verified 0 messages signed by \"%s\""
-                          " (key: %s, policy: %s)."),
-                        user_id, fingerprint_pp, tofu_policy_str (policy));
+            {
+              es_fprintf (fp, _("Verified %ld messages signed by \"%s\"."),
+                          0L, user_id);
+              es_fputc ('\n', fp);
+            }
 	  else
 	    {
-              char *first_seen_ago_str =
-                time_ago_str (first_seen_ago);
-              char *most_recent_seen_ago_str =
-                time_ago_str (most_recent_seen_ago);
+              char *first_seen_ago_str = time_ago_str (first_seen_ago);
 
               /* TRANSLATORS: The final %s is replaced by a string like
                  "7 months, 1 day, 5 minutes, 0 seconds". */
-	      es_fprintf (fp, ngettext("Verified %ld message signed by \"%s\""
-                                       " (key: %s, policy: %s) in the past %s.",
-                                       "Verified %ld messages signed by \"%s\""
-                                       " (key: %s, policy: %s) in the past %s.",
-                                       messages),
-			  messages, user_id,
-			  fingerprint_pp, tofu_policy_str (policy),
-                          first_seen_ago_str);
+	      es_fprintf (fp,
+                          ngettext("Verified %ld message signed by \"%s\"\n"
+                                   "in the past %s.",
+                                   "Verified %ld messages signed by \"%s\"\n"
+                                   "in the past %s.",
+                                   messages),
+			  messages, user_id, first_seen_ago_str);
 
               if (messages > 1)
                 {
+                  char *tmpstr = time_ago_str (most_recent_seen_ago);
                   es_fputs ("  ", fp);
-                  es_fprintf (fp,
-                              _("The most recent message was verified %s ago."),
-                              most_recent_seen_ago_str);
+                  es_fprintf (fp, _("The most recent message was"
+                                    " verified %s ago."), tmpstr);
+                  xfree (tmpstr);
                 }
-
               xfree (first_seen_ago_str);
-              xfree (most_recent_seen_ago_str);
+
+              if (opt.verbose)
+                {
+                  es_fputs ("  ", fp);
+                  es_fputc ('(', fp);
+                  es_fprintf (fp, _("policy: %s"), tofu_policy_str (policy));
+                  es_fputs (")\n", fp);
+                }
+              else
+                es_fputs ("\n", fp);
             }
 
-	  es_fputc (0, fp);
-	  if (es_fclose_snatch (fp, (void **) &msg, NULL))
-	    log_fatal ("error snatching memory stream\n");
+          {
+            char *tmpmsg;
+            es_fputc (0, fp);
+            if (es_fclose_snatch (fp, (void **) &tmpmsg, NULL))
+              log_fatal ("error snatching memory stream\n");
+            msg = format_text (tmpmsg, 0, 72, 80);
+            es_free (tmpmsg);
+          }
 
-	  log_info ("%s\n", msg);
+	  log_string (GPGRT_LOG_INFO, msg);
           xfree (msg);
 
-	  if (policy == TOFU_POLICY_AUTO && messages < 10)
+	  if (policy == TOFU_POLICY_AUTO && messages < NO_WARNING_THRESHOLD)
 	    {
 	      char *set_policy_command;
 	      char *text;
-              char *tmp;
+              char *tmpmsg;
 
 	      if (messages == 0)
 		log_info (_("Warning: we've have yet to see"
@@ -2465,34 +2510,29 @@ show_statistics (struct dbs *dbs, const char *fingerprint,
                             " single message signed by this key!\n"));
 
 	      set_policy_command =
-		xasprintf ("gpg --tofu-policy bad \"%s\"", fingerprint);
-	      /* TRANSLATORS: translate the below text.  We don't
-		 directly internationalize that text so that we can
-		 tweak it without breaking translations.  */
-	      text = ngettext("TOFU: few signatures %d message %s",
-                              "TOFU: few signatures %d messages %s", 1);
-	      if (strcmp (text, "TOFU: few signatures %d message %s") == 0)
-                {
-                  text =
-                    (messages == 1?
-                     "Warning: if you think you've seen more than %d message "
-                     "signed by this key, then this key might be a forgery!  "
-                     "Carefully examine the email address for small variations "
-                     "(e.g., additional white space).  If the key is suspect, "
-                     "then use '%s' to mark it as being bad.\n"
-                     :
-                     "Warning: if you think you've seen more than %d messages "
-                     "signed by this key, then this key might be a forgery!  "
-                     "Carefully examine the email address for small variations "
-                     "(e.g., additional white space).  If the key is suspect, "
-                     "then use '%s' to mark it as being bad.\n");
-                }
-
-              tmp = xasprintf (text, messages, set_policy_command);
-              text = format_text (tmp, 0, 72, 80);
-              xfree (tmp);
-	      log_info ("%s", text);
+		xasprintf ("gpg --tofu-policy bad %s", fingerprint);
+
+              tmpmsg = xasprintf
+                (ngettext
+                 ("Warning: if you think you've seen more than %ld message "
+                  "signed by this key, then this key might be a forgery!  "
+                  "Carefully examine the email address for small "
+                  "variations.  If the key is suspect, then use\n"
+                  "  %s\n"
+                  "to mark it as being bad.\n",
+                  "Warning: if you think you've seen more than %ld messages "
+                  "signed by this key, then this key might be a forgery!  "
+                      "Carefully examine the email address for small "
+                  "variations.  If the key is suspect, then use\n"
+                  "  %s\n"
+                  "to mark it as being bad.\n",
+                  messages),
+                  messages, set_policy_command);
+              text = format_text (tmpmsg, 0, 72, 80);
+              xfree (tmpmsg);
+	      log_string (GPGRT_LOG_INFO, text);
               xfree (text);
+
 	      es_free (set_policy_command);
 	    }
 	}
@@ -2634,26 +2674,30 @@ tofu_register (PKT_public_key *pk, const char *user_id,
        because <fingerprint, email, sig_time, sig_digest> is the
        primary key!  */
     log_debug ("SIGNATURES DB contains duplicate records"
-	       " <key: %s, %s, time: 0x%lx, sig: %s, %s>."
+	       " <%s, %s, 0x%lx, %s, %s>."
 	       "  Please report.\n",
-	       fingerprint_pp, email, (unsigned long) sig_time,
+	       fingerprint, email, (unsigned long) sig_time,
 	       sig_digest, origin);
   else if (c == 1)
     {
       already_verified = 1;
       if (DBG_TRUST)
 	log_debug ("Already observed the signature"
-		   " <key: %s, %s, time: 0x%lx, sig: %s, %s>\n",
-		   fingerprint_pp, email, (unsigned long) sig_time,
+		   " <%s, %s, 0x%lx, %s, %s>\n",
+		   fingerprint, email, (unsigned long) sig_time,
 		   sig_digest, origin);
     }
+  else if (opt.dry_run)
+    {
+      log_info ("TOFU database update skipped due to --dry-run\n");
+    }
   else
     /* This is the first time that we've seen this signature.
        Record it.  */
     {
       if (DBG_TRUST)
 	log_debug ("TOFU: Saving signature <%s, %s, %s>\n",
-		   fingerprint_pp, email, sig_digest);
+		   fingerprint, email, sig_digest);
 
       log_assert (c == 0);
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git



More information about the Pkg-gnupg-commit mailing list