[Pkg-gnupg-commit] [gnupg2] 06/124: gpg: Fix (quick) key generation with --always-trust.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Apr 5 15:55:27 UTC 2017
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch experimental
in repository gnupg2.
commit 4735ab96aa5577d40ba7b3f72d863057198cc6a7
Author: Justus Winter <justus at g10code.com>
Date: Thu Mar 2 14:35:09 2017 +0100
gpg: Fix (quick) key generation with --always-trust.
* g10/keygen.c (do_generate_keypair): Only update the ownertrust if we
do have a trust database.
* g10/trustdb.c (have_trustdb): New function.
* g10/trustdb.h (have_trustdb): New prototype.
* tests/openpgp/quick-key-manipulation.scm: Remove workaround.
GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <justus at g10code.com>
---
g10/keygen.c | 5 +++--
g10/trustdb.c | 10 ++++++++++
g10/trustdb.h | 1 +
tests/openpgp/quick-key-manipulation.scm | 4 ----
4 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/g10/keygen.c b/g10/keygen.c
index 24cf93c..f044257 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -4791,8 +4791,9 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
keyid_from_pk (pk, pk->main_keyid);
register_trusted_keyid (pk->main_keyid);
- update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK)
- | TRUST_ULTIMATE ));
+ if (have_trustdb ())
+ update_ownertrust (pk, ((get_ownertrust (pk) & ~TRUST_MASK)
+ | TRUST_ULTIMATE ));
gen_standard_revoke (pk, cache_nonce);
diff --git a/g10/trustdb.c b/g10/trustdb.c
index f4df4c8..7443051 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -511,6 +511,16 @@ init_trustdb (int no_create)
}
+/* Check whether we have a trust database, initializing it if
+ necessary if the trust model is not 'always trust'. Returns true
+ if we do have a usable trust database. */
+int
+have_trustdb (void)
+{
+ return init_trustdb (opt.trust_model == TM_ALWAYS) == 0;
+}
+
+
/****************
* Recreate the WoT but do not ask for new ownertrusts. Special
* feature: In batch mode and without a forced yes, this is only done
diff --git a/g10/trustdb.h b/g10/trustdb.h
index 3088063..00be4df 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -128,6 +128,7 @@ int setup_trustdb( int level, const char *dbname );
void how_to_fix_the_trustdb (void);
const char *trust_model_string (int model);
gpg_error_t init_trustdb (int no_create);
+int have_trustdb (void);
void tdb_check_trustdb_stale (ctrl_t ctrl);
void sync_trustdb( void );
diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm
index 8ceb035..10f0bfe 100755
--- a/tests/openpgp/quick-key-manipulation.scm
+++ b/tests/openpgp/quick-key-manipulation.scm
@@ -21,10 +21,6 @@
(load (with-path "time.scm"))
(setup-environment)
- ;; XXX because of --always-trust, the trustdb is not created.
- ;; Therefore, we redefine GPG without --always-trust.
-(define GPG `(,(tool 'gpg) --no-permission-warning))
-
(define (exact id)
(string-append "=" id))
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list