Merge branch 'master' into keyserver-via-dirmngr
[gnupg.git] / g10 / tdbio.c
index f4c97e8..1c775d2 100644 (file)
@@ -1,21 +1,20 @@
-/* tdbio.c
- *     Copyright (C) 1998 Free Software Foundation, Inc.
+/* tdbio.c - trust databse I/O operations
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
  *
- * This file is part of GNUPG.
+ * This file is part of GnuPG.
  *
- * GNUPG is free software; you can redistribute it and/or modify
+ * GnuPG is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
  * (at your option) any later version.
  *
- * GNUPG is distributed in the hope that it will be useful,
+ * GnuPG is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
  */
 
 #include <config.h>
@@ -29,9 +28,9 @@
 #include <fcntl.h>
 #include <unistd.h>
 
-#include "errors.h"
+#include "gpg.h"
+#include "status.h"
 #include "iobuf.h"
-#include "memory.h"
 #include "util.h"
 #include "options.h"
 #include "main.h"
 #include "trustdb.h"
 #include "tdbio.h"
 
+#if defined(HAVE_DOSISH_SYSTEM)
+#define ftruncate chsize
+#endif
+
+#if defined(HAVE_DOSISH_SYSTEM) || defined(__CYGWIN__)
+#define MY_O_BINARY  O_BINARY
+#else
+#define MY_O_BINARY  0
+#endif
+
+/* We use ERRNO despite that the cegcc provided open/read/write
+   functions don't set ERRNO - at least show that ERRNO does not make
+   sense.  */
+#ifdef HAVE_W32CE_SYSTEM
+#undef strerror
+#define strerror(a) ("[errno not available]")
+#endif
 
 /****************
  * Yes, this is a very simple implementation. We should really
@@ -56,8 +72,8 @@ struct cache_ctrl_struct {
     char data[TRUST_RECORD_LEN];
 };
 
-#define MAX_CACHE_ENTRIES_SOFT 200   /* may be increased due while in a */
-#define MAX_CACHE_ENTRIES_HARD 1000  /* transaction to this one */
+#define MAX_CACHE_ENTRIES_SOFT 200    /* may be increased while in a */
+#define MAX_CACHE_ENTRIES_HARD 10000  /* transaction to this one */
 static CACHE_CTRL cache_list;
 static int cache_entries;
 static int cache_is_dirty;
@@ -69,20 +85,22 @@ struct cmp_krec_fpr_struct {
     int fprlen;
 };
 
-/* a type used to pass infomation to cmp_sdir */
-struct cmp_sdir_struct {
+/* a type used to pass infomation to cmp_[s]dir */
+struct cmp_xdir_struct {
     int pubkey_algo;
     u32 keyid[2];
 };
 
 
 static char *db_name;
+static dotlock_t lockhandle;
+static int is_locked;
 static int  db_fd = -1;
 static int in_transaction;
 
-
 static void open_db(void);
 
+
 \f
 /*************************************
  ************* record cache **********
@@ -109,18 +127,21 @@ get_record_from_cache( ulong recno )
 static int
 write_cache_item( CACHE_CTRL r )
 {
+    gpg_error_t err;
     int n;
 
     if( lseek( db_fd, r->recno * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
+        err = gpg_error_from_syserror ();
        log_error(_("trustdb rec %lu: lseek failed: %s\n"),
                                            r->recno, strerror(errno) );
-       return G10ERR_WRITE_FILE;
+       return err;
     }
     n = write( db_fd, r->data, TRUST_RECORD_LEN);
     if( n != TRUST_RECORD_LEN ) {
+        err = gpg_error_from_syserror ();
        log_error(_("trustdb rec %lu: write failed (n=%d): %s\n"),
                                            r->recno, n, strerror(errno) );
-       return G10ERR_WRITE_FILE;
+       return err;
     }
     r->flags.dirty = 0;
     return 0;
@@ -174,7 +195,7 @@ put_record_into_cache( ulong recno, const char *data )
     }
     /* see whether we reached the limit */
     if( cache_entries < MAX_CACHE_ENTRIES_SOFT ) { /* no */
-       r = m_alloc( sizeof *r );
+       r = xmalloc( sizeof *r );
        r->flags.used = 1;
        r->recno = recno;
        memcpy( r->data, data, TRUST_RECORD_LEN );
@@ -215,9 +236,9 @@ put_record_into_cache( ulong recno, const char *data )
        /* but we can't do this while in a transaction
         * we increase the cache size instead */
        if( cache_entries < MAX_CACHE_ENTRIES_HARD ) { /* no */
-           if( !(cache_entries % 100) )
-               log_info("increasing tdbio cache size\n");
-           r = m_alloc( sizeof *r );
+           if( opt.debug && !(cache_entries % 100) )
+               log_debug("increasing tdbio cache size\n");
+           r = xmalloc( sizeof *r );
            r->flags.used = 1;
            r->recno = recno;
            memcpy( r->data, data, TRUST_RECORD_LEN );
@@ -228,13 +249,19 @@ put_record_into_cache( ulong recno, const char *data )
            cache_entries++;
            return 0;
        }
-       log_info("hard cache size limit reached\n");
+       log_info(_("trustdb transaction too large\n"));
        return G10ERR_RESOURCE_LIMIT;
     }
     if( dirty_count ) {
        int n = dirty_count / 5; /* discard some dirty entries */
        if( !n )
            n = 1;
+       if( !is_locked ) {
+           if( make_dotlock( lockhandle, -1 ) )
+               log_fatal("can't acquire lock - giving up\n");
+           else
+               is_locked = 1;
+       }
        for( unused = NULL, r = cache_list; r; r = r->next ) {
            if( r->flags.used && r->flags.dirty ) {
                int rc = write_cache_item( r );
@@ -248,6 +275,10 @@ put_record_into_cache( ulong recno, const char *data )
                    break;
            }
        }
+       if( !opt.lock_once ) {
+           if( !release_dotlock( lockhandle ) )
+               is_locked = 0;
+       }
        assert( unused );
        r = unused;
        r->flags.used = 1;
@@ -276,13 +307,23 @@ int
 tdbio_sync()
 {
     CACHE_CTRL r;
+    int did_lock = 0;
 
+    if( db_fd == -1 )
+       open_db();
     if( in_transaction )
        log_bug("tdbio: syncing while in transaction\n");
 
     if( !cache_is_dirty )
        return 0;
 
+    if( !is_locked ) {
+       if( make_dotlock( lockhandle, -1 ) )
+           log_fatal("can't acquire lock - giving up\n");
+       else
+           is_locked = 1;
+       did_lock = 1;
+    }
     for( r = cache_list; r; r = r->next ) {
        if( r->flags.used && r->flags.dirty ) {
            int rc = write_cache_item( r );
@@ -291,10 +332,17 @@ tdbio_sync()
        }
     }
     cache_is_dirty = 0;
+    if( did_lock && !opt.lock_once ) {
+       if( !release_dotlock( lockhandle ) )
+           is_locked = 0;
+    }
+
     return 0;
 }
 
-
+#if 0
+/* The transaction code is disabled in the 1.2.x branch, as it is not
+   yet used.  It will be enabled in 1.3.x. */
 
 /****************
  * Simple transactions system:
@@ -324,10 +372,20 @@ tdbio_end_transaction()
 
     if( !in_transaction )
        log_bug("tdbio: no active transaction\n");
+    if( !is_locked ) {
+       if( make_dotlock( lockhandle, -1 ) )
+           log_fatal("can't acquire lock - giving up\n");
+       else
+           is_locked = 1;
+    }
     block_all_signals();
     in_transaction = 0;
     rc = tdbio_sync();
     unblock_all_signals();
+    if( !opt.lock_once ) {
+       if( !release_dotlock( lockhandle ) )
+           is_locked = 0;
+    }
     return rc;
 }
 
@@ -354,89 +412,181 @@ tdbio_cancel_transaction()
     in_transaction = 0;
     return 0;
 }
-
+#endif
 
 \f
 /********************************************************
  **************** cached I/O functions ******************
  ********************************************************/
 
+static void
+cleanup(void)
+{
+    if( is_locked ) {
+       if( !release_dotlock(lockhandle) )
+           is_locked = 0;
+    }
+}
+
+/* Caller must sync */
+int
+tdbio_update_version_record (void)
+{
+  TRUSTREC rec;
+  int rc;
+
+  memset( &rec, 0, sizeof rec );
+
+  rc=tdbio_read_record( 0, &rec, RECTYPE_VER);
+  if(rc==0)
+    {
+      rec.r.ver.created     = make_timestamp();
+      rec.r.ver.marginals   = opt.marginals_needed;
+      rec.r.ver.completes   = opt.completes_needed;
+      rec.r.ver.cert_depth  = opt.max_cert_depth;
+      rec.r.ver.trust_model = opt.trust_model;
+      rc=tdbio_write_record(&rec);
+    }
+
+  return rc;
+}
+
+static int
+create_version_record (void)
+{
+  TRUSTREC rec;
+  int rc;
+  
+  memset( &rec, 0, sizeof rec );
+  rec.r.ver.version     = 3;
+  rec.r.ver.created     = make_timestamp();
+  rec.r.ver.marginals   = opt.marginals_needed;
+  rec.r.ver.completes   = opt.completes_needed;
+  rec.r.ver.cert_depth  = opt.max_cert_depth;
+  if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
+    rec.r.ver.trust_model = opt.trust_model;
+  else
+    rec.r.ver.trust_model = TM_PGP;
+  rec.rectype = RECTYPE_VER;
+  rec.recnum = 0;
+  rc = tdbio_write_record( &rec );
+  if( !rc )
+    tdbio_sync();
+  return rc;
+}
+
+
+
 int
 tdbio_set_dbname( const char *new_dbname, int create )
 {
     char *fname;
+    static int initialized = 0;
 
-    fname = new_dbname? m_strdup( new_dbname )
-                     : make_filename(opt.homedir, "trustdb.gpg", NULL );
+    if( !initialized ) {
+       atexit( cleanup );
+       initialized = 1;
+    }
+
+    if(new_dbname==NULL)
+      fname=make_filename(opt.homedir,"trustdb" EXTSEP_S "gpg", NULL);
+    else if (*new_dbname != DIRSEP_C )
+      {
+       if (strchr(new_dbname, DIRSEP_C) )
+         fname = make_filename (new_dbname, NULL);
+       else
+         fname = make_filename (opt.homedir, new_dbname, NULL);
+      }
+    else
+      fname = xstrdup (new_dbname);
 
     if( access( fname, R_OK ) ) {
+#ifdef HAVE_W32CE_SYSTEM
+      /* We know how the cegcc implementation of access works ;-). */
+      if (GetLastError () == ERROR_FILE_NOT_FOUND)
+        gpg_err_set_errno (ENOENT);
+      else
+        gpg_err_set_errno (EIO);
+#endif /*HAVE_W32CE_SYSTEM*/
        if( errno != ENOENT ) {
-           log_error( _("%s: can't access: %s\n"), fname, strerror(errno) );
-           m_free(fname);
+           log_error( _("can't access `%s': %s\n"), fname, strerror(errno) );
+           xfree(fname);
            return G10ERR_TRUSTDB;
        }
        if( create ) {
            FILE *fp;
            TRUSTREC rec;
            int rc;
-           char *p = strrchr( fname, '/' );
-
-           assert(p);
+           char *p = strrchr( fname, DIRSEP_C );
+           mode_t oldmask;
+            int save_slash;
+
+#if HAVE_W32_SYSTEM
+            {
+              /* Windows may either have a slash or a backslash.  Take
+                 care of it.  */
+              char *pp = strrchr (fname, '/');
+              if (!p || pp > p)
+                p = pp;
+            }
+#endif /*HAVE_W32_SYSTEM*/
+           assert (p);
+            save_slash = *p;
            *p = 0;
            if( access( fname, F_OK ) ) {
-               if( strlen(fname) >= 7
-                   && !strcmp(fname+strlen(fname)-7, "/.gnupg" ) ) {
-                 #if __MINGW32__
-                   if( mkdir( fname ) )
-                 #else
-                   if( mkdir( fname, S_IRUSR|S_IWUSR|S_IXUSR ) )
-                 #endif
-                       log_fatal( _("%s: can't create directory: %s\n"),
-                                                   fname,  strerror(errno) );
-                   else
-                       log_info( _("%s: directory created\n"), fname );
-                   copy_options_file( fname );
-               }
-               else
-                   log_fatal( _("%s: directory does not exist!\n"), fname );
+               try_make_homedir( fname );
+                if (access (fname, F_OK ))
+                  log_fatal (_("%s: directory does not exist!\n"), fname);
            }
-           *p = '/';
+           *p = save_slash;
 
-           fp =fopen( fname, "wb" );
+           xfree(db_name);
+           db_name = fname;
+#ifdef __riscos__
+           if( !lockhandle )
+               lockhandle = create_dotlock( db_name );
+           if( !lockhandle )
+               log_fatal( _("can't create lock for `%s'\n"), db_name );
+            if( make_dotlock( lockhandle, -1 ) )
+                log_fatal( _("can't lock `%s'\n"), db_name );
+#endif /* __riscos__ */
+           oldmask=umask(077);
+            if (is_secured_filename (fname)) {
+                fp = NULL;
+                gpg_err_set_errno (EPERM);
+            }
+            else
+                fp =fopen( fname, "wb" );
+           umask(oldmask);
            if( !fp )
-               log_fatal( _("%s: can't create: %s\n"), fname, strerror(errno) );
+               log_fatal( _("can't create `%s': %s\n"), fname, strerror(errno) );
            fclose(fp);
-           m_free(db_name);
-           db_name = fname;
-         #ifdef __MINGW32__
-           db_fd = open( db_name, O_RDWR | O_BINARY );
-         #else
-           db_fd = open( db_name, O_RDWR );
-         #endif
+           db_fd = open( db_name, O_RDWR | MY_O_BINARY );
            if( db_fd == -1 )
-               log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
+               log_fatal( _("can't open `%s': %s\n"), db_name, strerror(errno) );
 
-           memset( &rec, 0, sizeof rec );
-           rec.r.ver.version = 2;
-           rec.r.ver.created = make_timestamp();
-           rec.rectype = RECTYPE_VER;
-           rec.recnum = 0;
-           rc = tdbio_write_record( &rec );
-           if( !rc )
-               tdbio_sync();
+#ifndef __riscos__
+           if( !lockhandle )
+               lockhandle = create_dotlock( db_name );
+           if( !lockhandle )
+               log_fatal( _("can't create lock for `%s'\n"), db_name );
+#endif /* !__riscos__ */
+
+            rc = create_version_record ();
            if( rc )
                log_fatal( _("%s: failed to create version record: %s"),
                                                   fname, g10_errstr(rc));
            /* and read again to check that we are okay */
            if( tdbio_read_record( 0, &rec, RECTYPE_VER ) )
-               log_fatal( _("%s: invalid trust-db created\n"), db_name );
+               log_fatal( _("%s: invalid trustdb created\n"), db_name );
 
-           log_info(_("%s: trust-db created\n"), db_name);
+           if( !opt.quiet )
+               log_info(_("%s: trustdb created\n"), db_name);
 
            return 0;
        }
     }
-    m_free(db_name);
+    xfree(db_name);
     db_name = fname;
     return 0;
 }
@@ -453,24 +603,59 @@ tdbio_get_dbname()
 static void
 open_db()
 {
-    TRUSTREC rec;
-    assert( db_fd == -1 );
-
-  #ifdef __MINGW32__
-    db_fd = open( db_name, O_RDWR | O_BINARY );
-  #else
-    db_fd = open( db_name, O_RDWR );
-  #endif
-    if( db_fd == -1 )
-       log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
-    if( tdbio_read_record( 0, &rec, RECTYPE_VER ) )
-       log_fatal( _("%s: invalid trust-db\n"), db_name );
-    /* fixme: check ->locked and other stuff */
+  TRUSTREC rec;
+
+  assert( db_fd == -1 );
+
+  if (!lockhandle )
+    lockhandle = create_dotlock( db_name );
+  if (!lockhandle )
+    log_fatal( _("can't create lock for `%s'\n"), db_name );
+#ifdef __riscos__
+  if (make_dotlock( lockhandle, -1 ) )
+    log_fatal( _("can't lock `%s'\n"), db_name );
+#endif /* __riscos__ */
+#ifdef HAVE_W32CE_SYSTEM
+  {
+    DWORD prevrc = 0;
+    wchar_t *wname = utf8_to_wchar (db_name);
+    if (wname)
+      {
+        db_fd = (int)CreateFile (wname, GENERIC_READ|GENERIC_WRITE,
+                                 FILE_SHARE_READ|FILE_SHARE_WRITE, NULL,
+                                 OPEN_EXISTING, 0, NULL);
+        xfree (wname);
+      }
+    if (db_fd == -1)
+      log_fatal ("can't open `%s': %d, %d\n", db_name,
+                 (int)prevrc, (int)GetLastError ());
+  }
+#else /*!HAVE_W32CE_SYSTEM*/
+  db_fd = open (db_name, O_RDWR | MY_O_BINARY );
+  if (db_fd == -1 && (errno == EACCES
+#ifdef EROFS
+                      || errno == EROFS
+#endif
+                      )
+      ) {
+      /* Take care of read-only trustdbs.  */
+      db_fd = open (db_name, O_RDONLY | MY_O_BINARY );
+      if (db_fd != -1)
+          log_info (_("NOTE: trustdb not writable\n"));
+  }
+  if ( db_fd == -1 )
+    log_fatal( _("can't open `%s': %s\n"), db_name, strerror(errno) );
+#endif /*!HAVE_W32CE_SYSTEM*/
+  register_secured_file (db_name);
+
+  /* Read the version record. */
+  if (tdbio_read_record (0, &rec, RECTYPE_VER ) )
+    log_fatal( _("%s: invalid trustdb\n"), db_name );
 }
 
 
 /****************
- * Make a hashtable: type 0 = key hash, 1 = sdir hash
+ * Make a hashtable: type 0 = trust hash
  */
 static void
 create_hashtable( TRUSTREC *vr, int type )
@@ -487,9 +672,8 @@ create_hashtable( TRUSTREC *vr, int type )
     assert(recnum); /* this is will never be the first record */
 
     if( !type )
-       vr->r.ver.keyhashtbl = recnum;
-    else
-       vr->r.ver.sdirhashtbl = recnum;
+       vr->r.ver.trusthashtbl = recnum;
+
     /* Now write the records */
     n = (256+ITEMS_PER_HTBL_RECORD-1) / ITEMS_PER_HTBL_RECORD;
     for(i=0; i < n; i++, recnum++ ) {
@@ -511,57 +695,110 @@ create_hashtable( TRUSTREC *vr, int type )
 }
 
 
+int
+tdbio_db_matches_options()
+{
+  static int yes_no = -1;
+
+  if( yes_no == -1 )
+    {
+      TRUSTREC vr;
+      int rc;
+
+      rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
+      if( rc )
+       log_fatal( _("%s: error reading version record: %s\n"),
+                  db_name, g10_errstr(rc) );
+
+      yes_no = vr.r.ver.marginals == opt.marginals_needed
+       && vr.r.ver.completes == opt.completes_needed
+       && vr.r.ver.cert_depth == opt.max_cert_depth
+       && vr.r.ver.trust_model == opt.trust_model;
+    }
+
+  return yes_no;
+}
+
+byte
+tdbio_read_model(void)
+{
+  TRUSTREC vr;
+  int rc;
+  rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
+  if( rc )
+    log_fatal( _("%s: error reading version record: %s\n"),
+              db_name, g10_errstr(rc) );
+  return vr.r.ver.trust_model;
+}
 
 /****************
- * Return the record number of the keyhash tbl or create a new one.
+ * Return the nextstamp value.
  */
-static ulong
-get_keyhashrec()
+ulong
+tdbio_read_nextcheck ()
 {
-    static ulong keyhashtbl; /* record number of the key hashtable */
+    TRUSTREC vr;
+    int rc;
 
-    if( !keyhashtbl ) {
-       TRUSTREC vr;
-       int rc;
+    rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
+    if( rc )
+       log_fatal( _("%s: error reading version record: %s\n"),
+                                                   db_name, g10_errstr(rc) );
+    return vr.r.ver.nextcheck;
+}
 
-       rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
-       if( rc )
-           log_fatal( _("%s: error reading version record: %s\n"),
-                                           db_name, g10_errstr(rc) );
-       if( !vr.r.ver.keyhashtbl )
-           create_hashtable( &vr, 0 );
+/* Return true when the stamp was actually changed. */
+int
+tdbio_write_nextcheck (ulong stamp)
+{
+    TRUSTREC vr;
+    int rc;
 
-       keyhashtbl = vr.r.ver.keyhashtbl;
-    }
-    return keyhashtbl;
+    rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
+    if( rc )
+       log_fatal( _("%s: error reading version record: %s\n"),
+                                      db_name, g10_errstr(rc) );
+
+    if (vr.r.ver.nextcheck == stamp)
+      return 0;
+
+    vr.r.ver.nextcheck = stamp;
+    rc = tdbio_write_record( &vr );
+    if( rc )
+       log_fatal( _("%s: error writing version record: %s\n"),
+                                      db_name, g10_errstr(rc) );
+    return 1;
 }
 
+
+
 /****************
- * Return the record number of the shadow direcory hash table
- * or create a new one.
+ * Return the record number of the trusthash tbl or create a new one.
  */
 static ulong
-get_sdirhashrec()
+get_trusthashrec(void)
 {
-    static ulong sdirhashtbl; /* record number of the hashtable */
+    static ulong trusthashtbl; /* record number of the trust hashtable */
 
-    if( !sdirhashtbl ) {
+    if( !trusthashtbl ) {
        TRUSTREC vr;
        int rc;
 
        rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
        if( rc )
            log_fatal( _("%s: error reading version record: %s\n"),
-                                                   db_name, g10_errstr(rc) );
-       if( !vr.r.ver.sdirhashtbl )
-           create_hashtable( &vr, 1 );
+                                           db_name, g10_errstr(rc) );
+       if( !vr.r.ver.trusthashtbl )
+           create_hashtable( &vr, 0 );
 
-       sdirhashtbl = vr.r.ver.sdirhashtbl;
+       trusthashtbl = vr.r.ver.trusthashtbl;
     }
-    return sdirhashtbl;
+    return trusthashtbl;
 }
 
 
+
 /****************
  * Update a hashtable.
  * table gives the start of the table, key and keylen is the key,
@@ -582,8 +819,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
     hashrec += msb / ITEMS_PER_HTBL_RECORD;
     rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
     if( rc ) {
-       log_error( db_name, "upd_hashtable: read failed: %s\n",
-                                                       g10_errstr(rc) );
+       log_error("upd_hashtable: read failed: %s\n",   g10_errstr(rc) );
        return rc;
     }
 
@@ -592,7 +828,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
        rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum;
        rc = tdbio_write_record( &rec );
        if( rc ) {
-           log_error( db_name, "upd_hashtable: write htbl failed: %s\n",
+           log_error("upd_hashtable: write htbl failed: %s\n",
                                                            g10_errstr(rc) );
            return rc;
        }
@@ -627,7 +863,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
                    rc = tdbio_read_record( rec.r.hlst.next,
                                                       &rec, RECTYPE_HLST);
                    if( rc ) {
-                       log_error( "scan keyhashtbl read hlst failed: %s\n",
+                       log_error( "upd_hashtable: read hlst failed: %s\n",
                                                             g10_errstr(rc) );
                        return rc;
                    }
@@ -676,9 +912,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
                }
            } /* end loop over hlst slots */
        }
-       else if( rec.rectype == RECTYPE_KEY
-                || rec.rectype == RECTYPE_DIR
-                || rec.rectype == RECTYPE_SDIR ) { /* insert a list record */
+       else if( rec.rectype == RECTYPE_TRUST ) { /* insert a list record */
            if( rec.recnum == newrecnum ) {
                return 0;
            }
@@ -703,8 +937,9 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
            return rc; /* ready */
        }
        else {
-           log_error( "hashtbl %lu points to an invalid record\n",
-                                                                   item);
+           log_error( "hashtbl %lu: %lu/%d points to an invalid record %lu\n",
+                      table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
+           list_trustdb(NULL);
            return G10ERR_TRUSTDB;
        }
     }
@@ -713,6 +948,92 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
 }
 
 
+/****************
+ * Drop an entry from a hashtable
+ * table gives the start of the table, key and keylen is the key,
+ */
+static int
+drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum )
+{
+    TRUSTREC rec;
+    ulong hashrec, item;
+    int msb;
+    int level=0;
+    int rc, i;
+
+    hashrec = table;
+  next_level:
+    msb = key[level];
+    hashrec += msb / ITEMS_PER_HTBL_RECORD;
+    rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
+    if( rc ) {
+       log_error("drop_from_hashtable: read failed: %s\n",
+                                                       g10_errstr(rc) );
+       return rc;
+    }
+
+    item = rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
+    if( !item )  /* not found - forget about it  */
+       return 0;
+
+    if( item == recnum ) {  /* tables points direct to the record */
+       rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = 0;
+       rc = tdbio_write_record( &rec );
+       if( rc )
+           log_error("drop_from_hashtable: write htbl failed: %s\n",
+                                                           g10_errstr(rc) );
+       return rc;
+    }
+
+    rc = tdbio_read_record( item, &rec, 0 );
+    if( rc ) {
+       log_error( "drop_from_hashtable: read item failed: %s\n",
+                                                       g10_errstr(rc) );
+       return rc;
+    }
+
+    if( rec.rectype == RECTYPE_HTBL ) {
+       hashrec = item;
+       level++;
+       if( level >= keylen ) {
+           log_error( "hashtable has invalid indirections.\n");
+           return G10ERR_TRUSTDB;
+       }
+       goto next_level;
+    }
+
+    if( rec.rectype == RECTYPE_HLST ) {
+       for(;;) {
+           for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
+               if( rec.r.hlst.rnum[i] == recnum ) {
+                   rec.r.hlst.rnum[i] = 0; /* drop */
+                   rc = tdbio_write_record( &rec );
+                   if( rc )
+                       log_error("drop_from_hashtable: write htbl failed: %s\n",
+                                                                       g10_errstr(rc) );
+                   return rc;
+               }
+           }
+           if( rec.r.hlst.next ) {
+               rc = tdbio_read_record( rec.r.hlst.next,
+                                                  &rec, RECTYPE_HLST);
+               if( rc ) {
+                   log_error( "drop_from_hashtable: read hlst failed: %s\n",
+                                                        g10_errstr(rc) );
+                   return rc;
+               }
+           }
+           else
+               return 0; /* key not in table */
+       }
+    }
+
+    log_error( "hashtbl %lu: %lu/%d points to wrong record %lu\n",
+                   table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
+    return G10ERR_TRUSTDB;
+}
+
+
 
 /****************
  * Lookup a record via the hashtable tablewith key/keylen and return the
@@ -721,8 +1042,8 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
  */
 static int
 lookup_hashtable( ulong table, const byte *key, size_t keylen,
-                 int (*cmpfnc)(void*, const TRUSTREC *), void *cmpdata,
-                                               TRUSTREC *rec )
+                 int (*cmpfnc)(const void*, const TRUSTREC *), 
+                  const void *cmpdata, TRUSTREC *rec )
 {
     int rc;
     ulong hashrec, item;
@@ -735,7 +1056,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
     hashrec += msb / ITEMS_PER_HTBL_RECORD;
     rc = tdbio_read_record( hashrec, rec, RECTYPE_HTBL );
     if( rc ) {
-       log_error( db_name, "lookup_hashtable failed: %s\n", g10_errstr(rc) );
+       log_error("lookup_hashtable failed: %s\n", g10_errstr(rc) );
        return rc;
     }
 
@@ -745,14 +1066,14 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
 
     rc = tdbio_read_record( item, rec, 0 );
     if( rc ) {
-       log_error( db_name, "hashtable read failed: %s\n", g10_errstr(rc) );
+       log_error( "hashtable read failed: %s\n", g10_errstr(rc) );
        return rc;
     }
     if( rec->rectype == RECTYPE_HTBL ) {
        hashrec = item;
        level++;
        if( level >= keylen ) {
-           log_error( db_name, "hashtable has invalid indirections\n");
+           log_error("hashtable has invalid indirections\n");
            return G10ERR_TRUSTDB;
        }
        goto next_level;
@@ -798,144 +1119,43 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen,
 }
 
 
-
-
-/****************
- * Update the key hashtbl or create the table if it does not exist
- */
-static int
-update_keyhashtbl( TRUSTREC *kr )
-{
-    return upd_hashtable( get_keyhashrec(),
-                         kr->r.key.fingerprint,
-                         kr->r.key.fingerprint_len, kr->recnum );
-}
-
 /****************
- * Update the shadow dir hashtbl or create the table if it does not exist
+ * Update the trust hashtbl or create the table if it does not exist
  */
 static int
-update_sdirhashtbl( TRUSTREC *sr )
+update_trusthashtbl( TRUSTREC *tr )
 {
-    byte key[8];
-
-    u32tobuf( key   , sr->r.sdir.keyid[0] );
-    u32tobuf( key+4 , sr->r.sdir.keyid[1] );
-    return upd_hashtable( get_sdirhashrec(), key, 8, sr->recnum );
+    return upd_hashtable( get_trusthashrec(),
+                         tr->r.trust.fingerprint, 20, tr->recnum );
 }
 
 
 
-
 void
 tdbio_dump_record( TRUSTREC *rec, FILE *fp  )
 {
     int i;
     ulong rnum = rec->recnum;
-    byte *p;
 
     fprintf(fp, "rec %5lu, ", rnum );
 
     switch( rec->rectype ) {
       case 0: fprintf(fp, "blank\n");
        break;
-      case RECTYPE_VER: fprintf(fp, "version, kd=%lu, sd=%lu, free=%lu\n",
-           rec->r.ver.keyhashtbl, rec->r.ver.sdirhashtbl,
-                                  rec->r.ver.firstfree );
+      case RECTYPE_VER: fprintf(fp,
+           "version, td=%lu, f=%lu, m/c/d=%d/%d/%d tm=%d nc=%lu (%s)\n",
+                                   rec->r.ver.trusthashtbl,
+                                  rec->r.ver.firstfree,
+                                  rec->r.ver.marginals,
+                                  rec->r.ver.completes,
+                                  rec->r.ver.cert_depth,
+                                  rec->r.ver.trust_model,
+                                   rec->r.ver.nextcheck,
+                                  strtimestamp(rec->r.ver.nextcheck)
+                                 );
        break;
       case RECTYPE_FREE: fprintf(fp, "free, next=%lu\n", rec->r.free.next );
        break;
-      case RECTYPE_DIR:
-       fprintf(fp, "dir %lu, keys=%lu, uids=%lu, cach=%lu, ot=%02x",
-                   rec->r.dir.lid,
-                   rec->r.dir.keylist,
-                   rec->r.dir.uidlist,
-                   rec->r.dir.cacherec,
-                   rec->r.dir.ownertrust );
-       if( rec->r.dir.dirflags & DIRF_CHECKED ) {
-           if( rec->r.dir.dirflags & DIRF_VALID )
-               fputs(", valid", fp );
-           if( rec->r.dir.dirflags & DIRF_EXPIRED )
-               fputs(", expired", fp );
-           if( rec->r.dir.dirflags & DIRF_REVOKED )
-               fputs(", revoked", fp );
-       }
-       putc('\n', fp);
-       break;
-      case RECTYPE_KEY:
-       fprintf(fp, "key %lu, next=%lu, algo=%d, ",
-                  rec->r.key.lid,
-                  rec->r.key.next,
-                  rec->r.key.pubkey_algo );
-       for(i=0; i < rec->r.key.fingerprint_len; i++ )
-           fprintf(fp, "%02X", rec->r.key.fingerprint[i] );
-       if( rec->r.key.keyflags & KEYF_CHECKED ) {
-           if( rec->r.key.keyflags & KEYF_VALID )
-               fputs(", valid", fp );
-           if( rec->r.key.keyflags & KEYF_EXPIRED )
-               fputs(", expired", fp );
-           if( rec->r.key.keyflags & KEYF_REVOKED )
-               fputs(", revoked", fp );
-       }
-       putc('\n', fp);
-       break;
-      case RECTYPE_UID:
-       fprintf(fp, "uid %lu, next=%lu, pref=%lu, sig=%lu, hash=%02X%02X",
-                   rec->r.uid.lid,
-                   rec->r.uid.next,
-                   rec->r.uid.prefrec,
-                   rec->r.uid.siglist,
-                   rec->r.uid.namehash[18], rec->r.uid.namehash[19]);
-       if( rec->r.uid.uidflags & UIDF_CHECKED ) {
-           if( rec->r.uid.uidflags & UIDF_VALID )
-               fputs(", valid", fp );
-           if( rec->r.uid.uidflags & UIDF_REVOKED )
-               fputs(", revoked", fp );
-       }
-       putc('\n', fp);
-       break;
-      case RECTYPE_PREF:
-       fprintf(fp, "pref %lu, next=%lu,",
-                   rec->r.pref.lid, rec->r.pref.next);
-       for(i=0,p=rec->r.pref.data; i < ITEMS_PER_PREF_RECORD; i+=2,p+=2 ) {
-           if( *p )
-               fprintf(fp, " %c%d", *p == PREFTYPE_SYM    ? 'S' :
-                                    *p == PREFTYPE_HASH   ? 'H' :
-                                    *p == PREFTYPE_COMPR  ? 'Z' : '?', p[1]);
-       }
-       putc('\n', fp);
-       break;
-      case RECTYPE_SIG:
-       fprintf(fp, "sig %lu, next=%lu,",
-                        rec->r.sig.lid, rec->r.sig.next );
-       for(i=0; i < SIGS_PER_RECORD; i++ ) {
-           if( rec->r.sig.sig[i].lid ) {
-               fprintf(fp, " %lu:", rec->r.sig.sig[i].lid );
-               if( rec->r.sig.sig[i].flag & SIGF_CHECKED ) {
-                   fprintf(fp,"%c%c%c",
-                      (rec->r.sig.sig[i].flag & SIGF_VALID)   ? 'V':'-',
-                      (rec->r.sig.sig[i].flag & SIGF_EXPIRED) ? 'E':'-',
-                      (rec->r.sig.sig[i].flag & SIGF_REVOKED) ? 'R':'-');
-               }
-               else if( rec->r.sig.sig[i].flag & SIGF_NOPUBKEY)
-                   fputs("?--", fp);
-               else
-                   fputs("---", fp);
-           }
-       }
-       putc('\n', fp);
-       break;
-      case RECTYPE_SDIR:
-       fprintf(fp, "sdir %lu, keyid=%08lX%08lX, algo=%d, hint=%lu\n",
-                   rec->r.sdir.lid,
-                   (ulong)rec->r.sdir.keyid[0],
-                   (ulong)rec->r.sdir.keyid[1],
-                   rec->r.sdir.pubkey_algo,
-                   (ulong)rec->r.sdir.hintlist );
-       break;
-      case RECTYPE_CACH:
-       fprintf(fp, "cach\n");
-       break;
       case RECTYPE_HTBL:
        fprintf(fp, "htbl,");
        for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ )
@@ -948,6 +1168,20 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp  )
            fprintf(fp, " %lu", rec->r.hlst.rnum[i] );
        putc('\n', fp);
        break;
+      case RECTYPE_TRUST:
+       fprintf(fp, "trust ");
+       for(i=0; i < 20; i++ )
+           fprintf(fp, "%02X", rec->r.trust.fingerprint[i] );
+        fprintf (fp, ", ot=%d, d=%d, vl=%lu\n", rec->r.trust.ownertrust,
+                 rec->r.trust.depth, rec->r.trust.validlist);
+       break;
+      case RECTYPE_VALID:
+       fprintf(fp, "valid ");
+       for(i=0; i < 20; i++ )
+           fprintf(fp, "%02X", rec->r.valid.namehash[i] );
+        fprintf (fp, ", v=%d, next=%lu\n", rec->r.valid.validity,
+                 rec->r.valid.next);
+       break;
       default:
        fprintf(fp, "unknown type %d\n", rec->rectype );
        break;
@@ -963,7 +1197,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
 {
     byte readbuf[TRUST_RECORD_LEN];
     const byte *buf, *p;
-    int rc = 0;
+    gpg_error_t err = 0;
     int n, i;
 
     if( db_fd == -1 )
@@ -971,17 +1205,19 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
     buf = get_record_from_cache( recnum );
     if( !buf ) {
        if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
+            err = gpg_error_from_syserror ();
            log_error(_("trustdb: lseek failed: %s\n"), strerror(errno) );
-           return G10ERR_READ_FILE;
+           return err;
        }
        n = read( db_fd, readbuf, TRUST_RECORD_LEN);
        if( !n ) {
            return -1; /* eof */
        }
        else if( n != TRUST_RECORD_LEN ) {
+            err = gpg_error_from_syserror ();
            log_error(_("trustdb: read failed (n=%d): %s\n"), n,
                                                        strerror(errno) );
-           return G10ERR_READ_FILE;
+           return err;
        }
        buf = readbuf;
     }
@@ -992,7 +1228,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
     if( expected && rec->rectype != expected ) {
        log_error("%lu: read expected rec type %d, got %d\n",
                    recnum, expected, rec->rectype );
-       return G10ERR_TRUSTDB;
+       return gpg_error (GPG_ERR_TRUSTDB);
     }
     p++;    /* skip reserved byte */
     switch( rec->rectype ) {
@@ -1001,96 +1237,36 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
       case RECTYPE_VER: /* version record */
        if( memcmp(buf+1, "gpg", 3 ) ) {
            log_error( _("%s: not a trustdb file\n"), db_name );
-           rc = G10ERR_TRUSTDB;
+           err = gpg_error (GPG_ERR_TRUSTDB);
        }
-       p += 2; /* skip "pgp" */
+       p += 2; /* skip "gpg" */
        rec->r.ver.version  = *p++;
-       p += 3; /* reserved bytes */
-       p += 4; /* lock flags */
+       rec->r.ver.marginals = *p++;
+       rec->r.ver.completes = *p++;
+       rec->r.ver.cert_depth = *p++;
+       rec->r.ver.trust_model = *p++;
+       p += 3;
        rec->r.ver.created  = buftoulong(p); p += 4;
-       rec->r.ver.modified = buftoulong(p); p += 4;
-       rec->r.ver.validated= buftoulong(p); p += 4;
-       rec->r.ver.keyhashtbl=buftoulong(p); p += 4;
+       rec->r.ver.nextcheck = buftoulong(p); p += 4;
+       p += 4;
+       p += 4;
        rec->r.ver.firstfree =buftoulong(p); p += 4;
-       rec->r.ver.sdirhashtbl =buftoulong(p); p += 4;
+       p += 4;
+       rec->r.ver.trusthashtbl =buftoulong(p); p += 4;
        if( recnum ) {
            log_error( _("%s: version record with recnum %lu\n"), db_name,
                                                             (ulong)recnum );
-           rc = G10ERR_TRUSTDB;
+           err = gpg_error (GPG_ERR_TRUSTDB);
        }
-       else if( rec->r.ver.version != 2 ) {
+       else if( rec->r.ver.version != 3 ) {
            log_error( _("%s: invalid file version %d\n"), db_name,
                                                        rec->r.ver.version );
-           rc = G10ERR_TRUSTDB;
+           err = gpg_error (GPG_ERR_TRUSTDB);
        }
        break;
       case RECTYPE_FREE:
        rec->r.free.next  = buftoulong(p); p += 4;
        break;
-      case RECTYPE_DIR:   /*directory record */
-       rec->r.dir.lid      = buftoulong(p); p += 4;
-       rec->r.dir.keylist  = buftoulong(p); p += 4;
-       rec->r.dir.uidlist  = buftoulong(p); p += 4;
-       rec->r.dir.cacherec = buftoulong(p); p += 4;
-       rec->r.dir.ownertrust = *p++;
-       rec->r.dir.dirflags   = *p++;
-       if( rec->r.dir.lid != recnum ) {
-           log_error( "%s: dir LID != recnum (%lu,%lu)\n",
-                             db_name, rec->r.dir.lid, (ulong)recnum );
-           rc = G10ERR_TRUSTDB;
-       }
-       break;
-      case RECTYPE_KEY:   /* public key record */
-       rec->r.key.lid      = buftoulong(p); p += 4;
-       rec->r.key.next     = buftoulong(p); p += 4;
-       p += 7;
-       rec->r.key.keyflags = *p++;
-       rec->r.key.pubkey_algo = *p++;
-       rec->r.key.fingerprint_len = *p++;
-       if( rec->r.key.fingerprint_len < 1 || rec->r.key.fingerprint_len > 20 )
-           rec->r.key.fingerprint_len = 20;
-       memcpy( rec->r.key.fingerprint, p, 20);
-       break;
-      case RECTYPE_UID:   /* user id record */
-       rec->r.uid.lid      = buftoulong(p); p += 4;
-       rec->r.uid.next     = buftoulong(p); p += 4;
-       rec->r.uid.prefrec  = buftoulong(p); p += 4;
-       rec->r.uid.siglist  = buftoulong(p); p += 4;
-       rec->r.uid.uidflags = *p++;
-       p ++;
-       memcpy( rec->r.uid.namehash, p, 20);
-       break;
-      case RECTYPE_PREF:  /* preference record */
-       rec->r.pref.lid     = buftoulong(p); p += 4;
-       rec->r.pref.next    = buftoulong(p); p += 4;
-       memcpy( rec->r.pref.data, p, 30 );
-       break;
-      case RECTYPE_SIG:
-       rec->r.sig.lid     = buftoulong(p); p += 4;
-       rec->r.sig.next    = buftoulong(p); p += 4;
-       for(i=0; i < SIGS_PER_RECORD; i++ ) {
-           rec->r.sig.sig[i].lid  = buftoulong(p); p += 4;
-           rec->r.sig.sig[i].flag = *p++;
-       }
-       break;
-      case RECTYPE_SDIR:   /* shadow directory record */
-       rec->r.sdir.lid     = buftoulong(p); p += 4;
-       rec->r.sdir.keyid[0]= buftou32(p); p += 4;
-       rec->r.sdir.keyid[1]= buftou32(p); p += 4;
-       rec->r.sdir.pubkey_algo = *p++;
-       p += 3;
-       rec->r.sdir.hintlist = buftoulong(p);
-       if( rec->r.sdir.lid != recnum ) {
-           log_error( "%s: sdir LID != recnum (%lu,%lu)\n",
-                              db_name, rec->r.sdir.lid, (ulong)recnum );
-           rc = G10ERR_TRUSTDB;
-       }
-       break;
-      case RECTYPE_CACH:   /* cache record */
-       rec->r.cache.lid    = buftoulong(p); p += 4;
-       memcpy(rec->r.cache.blockhash, p, 20); p += 20;
-       rec->r.cache.trustlevel = *p++;
-       break;
       case RECTYPE_HTBL:
        for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
            rec->r.htbl.item[i] = buftoulong(p); p += 4;
@@ -1102,14 +1278,29 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
            rec->r.hlst.rnum[i] = buftoulong(p); p += 4;
        }
        break;
+      case RECTYPE_TRUST:
+       memcpy( rec->r.trust.fingerprint, p, 20); p+=20;
+        rec->r.trust.ownertrust = *p++;
+        rec->r.trust.depth = *p++;
+        rec->r.trust.min_ownertrust = *p++;
+        p++;
+       rec->r.trust.validlist = buftoulong(p); p += 4;
+       break;
+      case RECTYPE_VALID:
+       memcpy( rec->r.valid.namehash, p, 20); p+=20;
+        rec->r.valid.validity = *p++;
+       rec->r.valid.next = buftoulong(p); p += 4;
+       rec->r.valid.full_count = *p++;
+       rec->r.valid.marginal_count = *p++;
+       break;
       default:
        log_error( "%s: invalid record type %d at recnum %lu\n",
                                   db_name, rec->rectype, (ulong)recnum );
-       rc = G10ERR_TRUSTDB;
+       err = gpg_error (GPG_ERR_TRUSTDB);
        break;
     }
 
-    return rc;
+    return err;
 }
 
 /****************
@@ -1137,78 +1328,24 @@ tdbio_write_record( TRUSTREC *rec )
            BUG();
        memcpy(p-1, "gpg", 3 ); p += 2;
        *p++ = rec->r.ver.version;
-       p += 7; /* skip reserved bytes and lock flags */
+       *p++ = rec->r.ver.marginals;
+       *p++ = rec->r.ver.completes;
+       *p++ = rec->r.ver.cert_depth;
+       *p++ = rec->r.ver.trust_model;
+       p += 3;
        ulongtobuf(p, rec->r.ver.created); p += 4;
-       ulongtobuf(p, rec->r.ver.modified); p += 4;
-       ulongtobuf(p, rec->r.ver.validated); p += 4;
-       ulongtobuf(p, rec->r.ver.keyhashtbl); p += 4;
+       ulongtobuf(p, rec->r.ver.nextcheck); p += 4;
+       p += 4;
+       p += 4;
        ulongtobuf(p, rec->r.ver.firstfree ); p += 4;
-       ulongtobuf(p, rec->r.ver.sdirhashtbl ); p += 4;
+       p += 4;
+       ulongtobuf(p, rec->r.ver.trusthashtbl ); p += 4;
        break;
 
       case RECTYPE_FREE:
        ulongtobuf(p, rec->r.free.next); p += 4;
        break;
 
-      case RECTYPE_DIR:   /*directory record */
-       ulongtobuf(p, rec->r.dir.lid); p += 4;
-       ulongtobuf(p, rec->r.dir.keylist); p += 4;
-       ulongtobuf(p, rec->r.dir.uidlist); p += 4;
-       ulongtobuf(p, rec->r.dir.cacherec); p += 4;
-       *p++ = rec->r.dir.ownertrust;
-       *p++ = rec->r.dir.dirflags;
-       assert( rec->r.dir.lid == recnum );
-       break;
-
-      case RECTYPE_KEY:
-       ulongtobuf(p, rec->r.key.lid); p += 4;
-       ulongtobuf(p, rec->r.key.next); p += 4;
-       p += 7;
-       *p++ = rec->r.key.keyflags;
-       *p++ = rec->r.key.pubkey_algo;
-       *p++ = rec->r.key.fingerprint_len;
-       memcpy( p, rec->r.key.fingerprint, 20); p += 20;
-       break;
-
-      case RECTYPE_UID:   /* user id record */
-       ulongtobuf(p, rec->r.uid.lid); p += 4;
-       ulongtobuf(p, rec->r.uid.next); p += 4;
-       ulongtobuf(p, rec->r.uid.prefrec); p += 4;
-       ulongtobuf(p, rec->r.uid.siglist); p += 4;
-       *p++ = rec->r.uid.uidflags;
-       p++;
-       memcpy( p, rec->r.uid.namehash, 20 ); p += 20;
-       break;
-
-      case RECTYPE_PREF:
-       ulongtobuf(p, rec->r.pref.lid); p += 4;
-       ulongtobuf(p, rec->r.pref.next); p += 4;
-       memcpy( p, rec->r.pref.data, 30 );
-       break;
-
-      case RECTYPE_SIG:
-       ulongtobuf(p, rec->r.sig.lid); p += 4;
-       ulongtobuf(p, rec->r.sig.next); p += 4;
-       for(i=0; i < SIGS_PER_RECORD; i++ ) {
-           ulongtobuf(p, rec->r.sig.sig[i].lid); p += 4;
-           *p++ = rec->r.sig.sig[i].flag;
-       }
-       break;
-
-      case RECTYPE_SDIR:
-       ulongtobuf( p, rec->r.sdir.lid); p += 4;
-       u32tobuf( p, rec->r.sdir.keyid[0] ); p += 4;
-       u32tobuf( p, rec->r.sdir.keyid[1] ); p += 4;
-       *p++ = rec->r.sdir.pubkey_algo;
-       p += 3;
-       ulongtobuf( p, rec->r.sdir.hintlist );
-       break;
-
-      case RECTYPE_CACH:
-       ulongtobuf(p, rec->r.cache.lid); p += 4;
-       memcpy(p, rec->r.cache.blockhash, 20); p += 20;
-       *p++ = rec->r.cache.trustlevel;
-       break;
 
       case RECTYPE_HTBL:
        for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
@@ -1223,6 +1360,23 @@ tdbio_write_record( TRUSTREC *rec )
        }
        break;
 
+      case RECTYPE_TRUST:
+       memcpy( p, rec->r.trust.fingerprint, 20); p += 20;
+       *p++ = rec->r.trust.ownertrust;
+       *p++ = rec->r.trust.depth;
+       *p++ = rec->r.trust.min_ownertrust;
+        p++;
+       ulongtobuf( p, rec->r.trust.validlist); p += 4;
+       break;
+
+      case RECTYPE_VALID:
+       memcpy( p, rec->r.valid.namehash, 20); p += 20;
+       *p++ = rec->r.valid.validity;
+       ulongtobuf( p, rec->r.valid.next); p += 4;
+       *p++ = rec->r.valid.full_count;
+       *p++ = rec->r.valid.marginal_count;
+       break;
+
       default:
        BUG();
     }
@@ -1230,10 +1384,8 @@ tdbio_write_record( TRUSTREC *rec )
     rc = put_record_into_cache( recnum, buf );
     if( rc )
        ;
-    if( rec->rectype == RECTYPE_KEY )
-       rc = update_keyhashtbl( rec );
-    else if( rec->rectype == RECTYPE_SDIR )
-       rc = update_sdirhashtbl( rec );
+    else if( rec->rectype == RECTYPE_TRUST )
+       rc = update_trusthashtbl( rec );
 
     return rc;
 }
@@ -1244,6 +1396,19 @@ tdbio_delete_record( ulong recnum )
     TRUSTREC vr, rec;
     int rc;
 
+    /* Must read the record fist, so we can drop it from the hash tables */
+    rc = tdbio_read_record( recnum, &rec, 0 );
+    if( rc )
+       ;
+    else if( rec.rectype == RECTYPE_TRUST ) {
+         rc = drop_from_hashtable( get_trusthashrec(),
+                                  rec.r.trust.fingerprint, 20, rec.recnum );
+    }
+
+    if( rc )
+       return rc;
+
+    /* now we can chnage it to a free record */
     rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
     if( rc )
        log_fatal( _("%s: error reading version record: %s\n"),
@@ -1313,16 +1478,16 @@ tdbio_new_recnum()
        rec.recnum = recnum;
        rc = 0;
        if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
+            rc = gpg_error_from_syserror ();
            log_error(_("trustdb rec %lu: lseek failed: %s\n"),
                                                recnum, strerror(errno) );
-           rc = G10ERR_WRITE_FILE;
        }
        else {
            int n = write( db_fd, &rec, TRUST_RECORD_LEN);
            if( n != TRUST_RECORD_LEN ) {
+                rc = gpg_error_from_syserror ();
                log_error(_("trustdb rec %lu: write failed (n=%d): %s\n"),
                                                 recnum, n, strerror(errno) );
-               rc = G10ERR_WRITE_FILE;
            }
        }
 
@@ -1335,102 +1500,43 @@ tdbio_new_recnum()
 
 
 
-/****************
- * Search the trustdb for a key which matches PK and return the dir record
- * The local_id of PK is set to the correct value
- */
-int
-tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec )
-{
-    byte fingerprint[MAX_FINGERPRINT_LEN];
-    size_t fingerlen;
-    u32 keyid[2];
-    int rc;
-
-    keyid_from_pk( pk, keyid );
-    fingerprint_from_pk( pk, fingerprint, &fingerlen );
-    rc = tdbio_search_dir_byfpr( fingerprint, fingerlen,
-                                pk->pubkey_algo, rec );
-
-    if( !rc ) {
-       if( pk->local_id && pk->local_id != rec->recnum )
-           log_error("%s: found record, but LID from memory does "
-                      "not match recnum (%lu,%lu)\n",
-                           db_name,  pk->local_id, rec->recnum );
-       pk->local_id = rec->recnum;
-    }
-    return rc;
-}
-
-
 static int
-cmp_krec_fpr( void *dataptr, const TRUSTREC *rec )
+cmp_trec_fpr ( const void *fpr, const TRUSTREC *rec )
 {
-    const struct cmp_krec_fpr_struct *d = dataptr;
-
-    return rec->rectype == RECTYPE_KEY
-          && ( !d->pubkey_algo || rec->r.key.pubkey_algo == d->pubkey_algo )
-          && rec->r.key.fingerprint_len == d->fprlen
-          && !memcmp( rec->r.key.fingerprint, d->fpr, d->fprlen );
+  return (rec->rectype == RECTYPE_TRUST
+          && !memcmp (rec->r.trust.fingerprint, fpr, 20));
 }
 
+
 int
-tdbio_search_dir_byfpr( const byte *fingerprint, size_t fingerlen,
-                       int pubkey_algo, TRUSTREC *rec )
+tdbio_search_trust_byfpr( const byte *fingerprint, TRUSTREC *rec )
 {
-    struct cmp_krec_fpr_struct cmpdata;
-    ulong recnum;
     int rc;
 
-    assert( fingerlen == 20 || fingerlen == 16 );
-
-    /* locate the key using the hash table */
-    cmpdata.pubkey_algo = pubkey_algo;
-    cmpdata.fpr = fingerprint;
-    cmpdata.fprlen = fingerlen;
-    rc = lookup_hashtable( get_keyhashrec(), fingerprint, fingerlen,
-                          cmp_krec_fpr, &cmpdata, rec );
-    if( !rc ) {
-       recnum = rec->r.key.lid;
-       /* Now read the dir record */
-       rc = tdbio_read_record( recnum, rec, RECTYPE_DIR);
-       if( rc )
-           log_error("%s: can't read dirrec %lu: %s\n",
-                                    db_name, recnum, g10_errstr(rc) );
-    }
+    /* locate the trust record using the hash table */
+    rc = lookup_hashtable( get_trusthashrec(), fingerprint, 20,
+                          cmp_trec_fpr, fingerprint, rec );
     return rc;
 }
 
-
-
-static int
-cmp_sdir( void *dataptr, const TRUSTREC *rec )
+int
+tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec)
 {
-    const struct cmp_sdir_struct *d = dataptr;
+    byte fingerprint[MAX_FINGERPRINT_LEN];
+    size_t fingerlen;
 
-    return rec->rectype == RECTYPE_SDIR
-          && ( !d->pubkey_algo || rec->r.sdir.pubkey_algo == d->pubkey_algo )
-          && rec->r.sdir.keyid[0] == d->keyid[0]
-          && rec->r.sdir.keyid[1] == d->keyid[1];
+    fingerprint_from_pk( pk, fingerprint, &fingerlen );
+    for (; fingerlen < 20; fingerlen++ )
+      fingerprint[fingerlen] = 0;
+    return tdbio_search_trust_byfpr (fingerprint, rec);
 }
 
 
-int
-tdbio_search_sdir( u32 *keyid, int pubkey_algo, TRUSTREC *rec )
+void
+tdbio_invalid(void)
 {
-    struct cmp_sdir_struct cmpdata;
-    int rc;
-    byte key[8];
-
-    /* locate the shadow dir record using the hash table */
-    u32tobuf( key   , keyid[0] );
-    u32tobuf( key+4 , keyid[1] );
-    cmpdata.pubkey_algo = pubkey_algo;
-    cmpdata.keyid[0] = keyid[0];
-    cmpdata.keyid[1] = keyid[1];
-    rc = lookup_hashtable( get_sdirhashrec(), key, 8,
-                          cmp_sdir, &cmpdata, rec );
-    return rc;
+  log_error (_("Error: The trustdb is corrupted.\n"));
+  how_to_fix_the_trustdb ();
+  g10_exit (2);
 }
 
-