-/* tdbio.c
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+/* tdbio.c - trust database I/O operations
+ * Copyright (C) 1998-2002, 2012 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <unistd.h>
#include "gpg.h"
-#include "errors.h"
+#include "status.h"
#include "iobuf.h"
-#include "memory.h"
#include "util.h"
#include "options.h"
#include "main.h"
#include "trustdb.h"
#include "tdbio.h"
-#if defined(HAVE_DOSISH_SYSTEM)
+#if defined(HAVE_DOSISH_SYSTEM) && !defined(ftruncate)
#define ftruncate chsize
#endif
#define MY_O_BINARY 0
#endif
+/* We use ERRNO despite that the cegcc provided open/read/write
+ functions don't set ERRNO - at least show that ERRNO does not make
+ sense. */
+#ifdef HAVE_W32CE_SYSTEM
+#undef strerror
+#define strerror(a) ("[errno not available]")
+#endif
/****************
* Yes, this is a very simple implementation. We should really
static char *db_name;
-static DOTLOCK lockhandle;
+static dotlock_t lockhandle;
static int is_locked;
static int db_fd = -1;
static int in_transaction;
static void open_db(void);
-static void migrate_from_v2 (void);
\f
static int
write_cache_item( CACHE_CTRL r )
{
+ gpg_error_t err;
int n;
- gpg_error_t rc;
if( lseek( db_fd, r->recno * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
- rc = gpg_error_from_errno (errno);
+ err = gpg_error_from_syserror ();
log_error(_("trustdb rec %lu: lseek failed: %s\n"),
r->recno, strerror(errno) );
- return rc;
+ return err;
}
n = write( db_fd, r->data, TRUST_RECORD_LEN);
if( n != TRUST_RECORD_LEN ) {
- rc = gpg_error_from_errno (errno);
+ err = gpg_error_from_syserror ();
log_error(_("trustdb rec %lu: write failed (n=%d): %s\n"),
r->recno, n, strerror(errno) );
- return rc;
+ return err;
}
r->flags.dirty = 0;
return 0;
}
/* see whether we reached the limit */
if( cache_entries < MAX_CACHE_ENTRIES_SOFT ) { /* no */
- r = xmalloc ( sizeof *r );
+ r = xmalloc( sizeof *r );
r->flags.used = 1;
r->recno = recno;
memcpy( r->data, data, TRUST_RECORD_LEN );
if( cache_entries < MAX_CACHE_ENTRIES_HARD ) { /* no */
if( opt.debug && !(cache_entries % 100) )
log_debug("increasing tdbio cache size\n");
- r = xmalloc ( sizeof *r );
+ r = xmalloc( sizeof *r );
r->flags.used = 1;
r->recno = recno;
memcpy( r->data, data, TRUST_RECORD_LEN );
if( !n )
n = 1;
if( !is_locked ) {
- if( make_dotlock( lockhandle, -1 ) )
+ if( dotlock_take( lockhandle, -1 ) )
log_fatal("can't acquire lock - giving up\n");
else
is_locked = 1;
}
}
if( !opt.lock_once ) {
- if( !release_dotlock( lockhandle ) )
+ if( !dotlock_release( lockhandle ) )
is_locked = 0;
}
assert( unused );
return 0;
if( !is_locked ) {
- if( make_dotlock( lockhandle, -1 ) )
+ if( dotlock_take( lockhandle, -1 ) )
log_fatal("can't acquire lock - giving up\n");
else
is_locked = 1;
}
cache_is_dirty = 0;
if( did_lock && !opt.lock_once ) {
- if( !release_dotlock( lockhandle ) )
+ if( !dotlock_release (lockhandle) )
is_locked = 0;
}
return 0;
}
-
#if 0
/* The transaction code is disabled in the 1.2.x branch, as it is not
yet used. It will be enabled in 1.3.x. */
if( !in_transaction )
log_bug("tdbio: no active transaction\n");
if( !is_locked ) {
- if( make_dotlock( lockhandle, -1 ) )
+ if( dotlock_take( lockhandle, -1 ) )
log_fatal("can't acquire lock - giving up\n");
else
is_locked = 1;
}
-#warning block_all_signals is not yet available in ../common/signals.c
- /* block_all_signals(); */
+ block_all_signals();
in_transaction = 0;
rc = tdbio_sync();
-/* unblock_all_signals(); */
+ unblock_all_signals();
if( !opt.lock_once ) {
- if( !release_dotlock( lockhandle ) )
+ if( !dotlock_release (lockhandle) )
is_locked = 0;
}
return rc;
in_transaction = 0;
return 0;
}
-
-#endif /* transaction code */
-
+#endif
\f
/********************************************************
cleanup(void)
{
if( is_locked ) {
- if( !release_dotlock(lockhandle) )
+ if( !dotlock_release (lockhandle) )
is_locked = 0;
}
}
rec.r.ver.completes = opt.completes_needed;
rec.r.ver.cert_depth = opt.max_cert_depth;
rec.r.ver.trust_model = opt.trust_model;
+ rec.r.ver.min_cert_level = opt.min_cert_level;
rc=tdbio_write_record(&rec);
}
{
TRUSTREC rec;
int rc;
-
+
memset( &rec, 0, sizeof rec );
rec.r.ver.version = 3;
rec.r.ver.created = make_timestamp();
rec.r.ver.trust_model = opt.trust_model;
else
rec.r.ver.trust_model = TM_PGP;
+ rec.r.ver.min_cert_level = opt.min_cert_level;
rec.rectype = RECTYPE_VER;
rec.recnum = 0;
rc = tdbio_write_record( &rec );
int
-tdbio_set_dbname( const char *new_dbname, int create )
+tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
{
char *fname;
static int initialized = 0;
initialized = 1;
}
+ *r_nofile = 0;
+
if(new_dbname==NULL)
- fname=make_filename(opt.homedir,"trustdb" EXTSEP_S "gpg", NULL);
+ fname=make_filename(opt.homedir,"trustdb" EXTSEP_S GPGEXT_GPG, NULL);
else if (*new_dbname != DIRSEP_C )
{
if (strchr(new_dbname, DIRSEP_C) )
fname = xstrdup (new_dbname);
if( access( fname, R_OK ) ) {
+#ifdef HAVE_W32CE_SYSTEM
+ /* We know how the cegcc implementation of access works ;-). */
+ if (GetLastError () == ERROR_FILE_NOT_FOUND)
+ gpg_err_set_errno (ENOENT);
+ else
+ gpg_err_set_errno (EIO);
+#endif /*HAVE_W32CE_SYSTEM*/
if( errno != ENOENT ) {
- log_error( _("%s: can't access: %s\n"), fname, strerror(errno) );
- xfree (fname);
+ log_error( _("can't access '%s': %s\n"), fname, strerror(errno) );
+ xfree(fname);
return GPG_ERR_TRUSTDB;
}
- if( create ) {
+ if (!create)
+ *r_nofile = 1;
+ else {
FILE *fp;
TRUSTREC rec;
int rc;
char *p = strrchr( fname, DIRSEP_C );
mode_t oldmask;
+ int save_slash;
- assert(p);
+#if HAVE_W32_SYSTEM
+ {
+ /* Windows may either have a slash or a backslash. Take
+ care of it. */
+ char *pp = strrchr (fname, '/');
+ if (!p || pp > p)
+ p = pp;
+ }
+#endif /*HAVE_W32_SYSTEM*/
+ assert (p);
+ save_slash = *p;
*p = 0;
if( access( fname, F_OK ) ) {
try_make_homedir( fname );
- log_fatal( _("%s: directory does not exist!\n"), fname );
+ if (access (fname, F_OK ))
+ log_fatal (_("%s: directory does not exist!\n"), fname);
}
- *p = DIRSEP_C;
+ *p = save_slash;
- xfree (db_name);
+ xfree(db_name);
db_name = fname;
#ifdef __riscos__
if( !lockhandle )
- lockhandle = create_dotlock( db_name );
+ lockhandle = dotlock_create (db_name, 0);
if( !lockhandle )
- log_fatal( _("%s: can't create lock\n"), db_name );
- if( make_dotlock( lockhandle, -1 ) )
- log_fatal( _("%s: can't make lock\n"), db_name );
+ log_fatal( _("can't create lock for '%s'\n"), db_name );
+ if( dotlock_make (lockhandle, -1) )
+ log_fatal( _("can't lock '%s'\n"), db_name );
#endif /* __riscos__ */
oldmask=umask(077);
- fp =fopen( fname, "wb" );
+ if (is_secured_filename (fname)) {
+ fp = NULL;
+ gpg_err_set_errno (EPERM);
+ }
+ else
+ fp =fopen( fname, "wb" );
umask(oldmask);
if( !fp )
- log_fatal( _("%s: can't create: %s\n"), fname, strerror(errno) );
+ log_fatal (_("can't create '%s': %s\n"),
+ fname, strerror (errno));
fclose(fp);
db_fd = open( db_name, O_RDWR | MY_O_BINARY );
if( db_fd == -1 )
- log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
+ log_fatal (_("can't open '%s': %s\n"),
+ db_name, strerror (errno));
#ifndef __riscos__
if( !lockhandle )
- lockhandle = create_dotlock( db_name );
+ lockhandle = dotlock_create (db_name, 0);
if( !lockhandle )
- log_fatal( _("%s: can't create lock\n"), db_name );
+ log_fatal( _("can't create lock for '%s'\n"), db_name );
#endif /* !__riscos__ */
rc = create_version_record ();
return 0;
}
}
- xfree (db_name);
+ xfree(db_name);
db_name = fname;
return 0;
}
static void
open_db()
{
- byte buf[10];
- int n;
TRUSTREC rec;
assert( db_fd == -1 );
if (!lockhandle )
- lockhandle = create_dotlock( db_name );
+ lockhandle = dotlock_create (db_name, 0);
if (!lockhandle )
- log_fatal( _("%s: can't create lock\n"), db_name );
+ log_fatal( _("can't create lock for '%s'\n"), db_name );
#ifdef __riscos__
- if (make_dotlock( lockhandle, -1 ) )
- log_fatal( _("%s: can't make lock\n"), db_name );
+ if (dotlock_take (lockhandle, -1) )
+ log_fatal( _("can't lock '%s'\n"), db_name );
#endif /* __riscos__ */
+#ifdef HAVE_W32CE_SYSTEM
+ {
+ DWORD prevrc = 0;
+ wchar_t *wname = utf8_to_wchar (db_name);
+ if (wname)
+ {
+ db_fd = (int)CreateFile (wname, GENERIC_READ|GENERIC_WRITE,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, NULL,
+ OPEN_EXISTING, 0, NULL);
+ xfree (wname);
+ }
+ if (db_fd == -1)
+ log_fatal ("can't open '%s': %d, %d\n", db_name,
+ (int)prevrc, (int)GetLastError ());
+ }
+#else /*!HAVE_W32CE_SYSTEM*/
db_fd = open (db_name, O_RDWR | MY_O_BINARY );
- if (db_fd == -1 && errno == EACCES) {
+ if (db_fd == -1 && (errno == EACCES
+#ifdef EROFS
+ || errno == EROFS
+#endif
+ )
+ ) {
+ /* Take care of read-only trustdbs. */
db_fd = open (db_name, O_RDONLY | MY_O_BINARY );
- if (db_fd != -1)
- log_info (_("NOTE: trustdb not writable\n"));
+ if (db_fd != -1 && !opt.quiet)
+ log_info (_("Note: trustdb not writable\n"));
}
if ( db_fd == -1 )
- log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
+ log_fatal( _("can't open '%s': %s\n"), db_name, strerror(errno) );
+#endif /*!HAVE_W32CE_SYSTEM*/
+ register_secured_file (db_name);
- /* check whether we need to do a version migration */
- do
- n = read (db_fd, buf, 5);
- while (n==-1 && errno == EINTR);
- if (n == 5 && !memcmp (buf, "\x01gpg\x02", 5))
- {
- migrate_from_v2 ();
- }
-
- /* read the version record */
+ /* Read the version record. */
if (tdbio_read_record (0, &rec, RECTYPE_VER ) )
log_fatal( _("%s: invalid trustdb\n"), db_name );
}
yes_no = vr.r.ver.marginals == opt.marginals_needed
&& vr.r.ver.completes == opt.completes_needed
&& vr.r.ver.cert_depth == opt.max_cert_depth
- && vr.r.ver.trust_model == opt.trust_model;
+ && vr.r.ver.trust_model == opt.trust_model
+ && vr.r.ver.min_cert_level == opt.min_cert_level;
}
return yes_no;
{
TRUSTREC vr;
int rc;
-
+
rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
if( rc )
log_fatal( _("%s: error reading version record: %s\n"),
rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
if( rc )
log_fatal( _("%s: error reading version record: %s\n"),
- db_name, gpg_strerror (rc) );
+ db_name, gpg_strerror (rc));
return vr.r.ver.nextcheck;
}
hashrec += msb / ITEMS_PER_HTBL_RECORD;
rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
if( rc ) {
- log_error( db_name, "upd_hashtable: read failed: %s\n",
- gpg_strerror (rc) );
+ log_error("upd_hashtable: read failed: %s\n", gpg_strerror (rc) );
return rc;
}
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum;
rc = tdbio_write_record( &rec );
if( rc ) {
- log_error( db_name, "upd_hashtable: write htbl failed: %s\n",
+ log_error("upd_hashtable: write htbl failed: %s\n",
gpg_strerror (rc) );
return rc;
}
rc = tdbio_read_record( rec.r.hlst.next,
&rec, RECTYPE_HLST);
if( rc ) {
- log_error( "upd_hashtable: read hlst failed: %s\n",
- gpg_strerror (rc) );
+ log_error ("upd_hashtable: read hlst failed: %s\n",
+ gpg_strerror (rc) );
return rc;
}
}
rec.r.hlst.rnum[i] = newrecnum;
rc = tdbio_write_record( &rec );
if( rc )
- log_error( "upd_hashtable: write hlst failed: %s\n",
- gpg_strerror (rc) );
+ log_error ("upd_hashtable: write hlst failed: %s\n",
+ gpg_strerror (rc));
return rc; /* done */
}
}
rc = tdbio_read_record( rec.r.hlst.next,
&rec, RECTYPE_HLST );
if( rc ) {
- log_error( "upd_hashtable: read hlst failed: %s\n",
- gpg_strerror (rc) );
+ log_error ("upd_hashtable: read hlst failed: %s\n",
+ gpg_strerror (rc));
return rc;
}
}
lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum;
rc = tdbio_write_record( &lastrec );
if( rc )
- log_error( "upd_hashtable: update htbl failed: %s\n",
- gpg_strerror (rc) );
+ log_error ("upd_hashtable: update htbl failed: %s\n",
+ gpg_strerror (rc));
return rc; /* ready */
}
else {
hashrec += msb / ITEMS_PER_HTBL_RECORD;
rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
if( rc ) {
- log_error( db_name, "drop_from_hashtable: read failed: %s\n",
+ log_error("drop_from_hashtable: read failed: %s\n",
gpg_strerror (rc) );
return rc;
}
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = 0;
rc = tdbio_write_record( &rec );
if( rc )
- log_error( db_name, "drop_from_hashtable: write htbl failed: %s\n",
+ log_error("drop_from_hashtable: write htbl failed: %s\n",
gpg_strerror (rc) );
return rc;
}
rec.r.hlst.rnum[i] = 0; /* drop */
rc = tdbio_write_record( &rec );
if( rc )
- log_error( db_name, "drop_from_hashtable: write htbl failed: %s\n",
- gpg_strerror (rc) );
+ log_error("drop_from_hashtable: write htbl failed: %s\n",
+ gpg_strerror (rc));
return rc;
}
}
*/
static int
lookup_hashtable( ulong table, const byte *key, size_t keylen,
- int (*cmpfnc)(void*, const TRUSTREC *), void *cmpdata,
- TRUSTREC *rec )
+ int (*cmpfnc)(const void*, const TRUSTREC *),
+ const void *cmpdata, TRUSTREC *rec )
{
int rc;
ulong hashrec, item;
hashrec += msb / ITEMS_PER_HTBL_RECORD;
rc = tdbio_read_record( hashrec, rec, RECTYPE_HTBL );
if( rc ) {
- log_error( db_name, "lookup_hashtable failed: %s\n", gpg_strerror (rc) );
+ log_error("lookup_hashtable failed: %s\n", gpg_strerror (rc) );
return rc;
}
rc = tdbio_read_record( item, rec, 0 );
if( rc ) {
- log_error( db_name, "hashtable read failed: %s\n", gpg_strerror (rc) );
+ log_error( "hashtable read failed: %s\n", gpg_strerror (rc) );
return rc;
}
if( rec->rectype == RECTYPE_HTBL ) {
hashrec = item;
level++;
if( level >= keylen ) {
- log_error( db_name, "hashtable has invalid indirections\n");
+ log_error("hashtable has invalid indirections\n");
return GPG_ERR_TRUSTDB;
}
goto next_level;
rc = tdbio_read_record( rec->r.hlst.rnum[i], &tmp, 0 );
if( rc ) {
- log_error( "lookup_hashtable: read item failed: %s\n",
- gpg_strerror (rc) );
+ log_error ("lookup_hashtable: read item failed: %s\n",
+ gpg_strerror (rc));
return rc;
}
if( (*cmpfnc)( cmpdata, &tmp ) ) {
if( rec->r.hlst.next ) {
rc = tdbio_read_record( rec->r.hlst.next, rec, RECTYPE_HLST );
if( rc ) {
- log_error( "lookup_hashtable: read hlst failed: %s\n",
- gpg_strerror (rc) );
+ log_error ("lookup_hashtable: read hlst failed: %s\n",
+ gpg_strerror (rc) );
return rc;
}
}
void
-tdbio_dump_record( TRUSTREC *rec, FILE *fp )
+tdbio_dump_record (TRUSTREC *rec, estream_t fp)
{
int i;
ulong rnum = rec->recnum;
- fprintf(fp, "rec %5lu, ", rnum );
+ es_fprintf ( fp, "rec %5lu, ", rnum );
switch( rec->rectype ) {
- case 0: fprintf(fp, "blank\n");
+ case 0:
+ es_fprintf (fp, "blank\n");
break;
- case RECTYPE_VER: fprintf(fp,
- "version, td=%lu, f=%lu, m/c/d=%d/%d/%d tm=%d nc=%lu (%s)\n",
- rec->r.ver.trusthashtbl,
- rec->r.ver.firstfree,
- rec->r.ver.marginals,
- rec->r.ver.completes,
- rec->r.ver.cert_depth,
- rec->r.ver.trust_model,
- rec->r.ver.nextcheck,
- strtimestamp(rec->r.ver.nextcheck)
- );
+ case RECTYPE_VER:
+ es_fprintf (fp,
+ "version, td=%lu, f=%lu, m/c/d=%d/%d/%d tm=%d mcl=%d nc=%lu (%s)\n",
+ rec->r.ver.trusthashtbl,
+ rec->r.ver.firstfree,
+ rec->r.ver.marginals,
+ rec->r.ver.completes,
+ rec->r.ver.cert_depth,
+ rec->r.ver.trust_model,
+ rec->r.ver.min_cert_level,
+ rec->r.ver.nextcheck,
+ strtimestamp(rec->r.ver.nextcheck)
+ );
break;
- case RECTYPE_FREE: fprintf(fp, "free, next=%lu\n", rec->r.free.next );
+ case RECTYPE_FREE:
+ es_fprintf (fp, "free, next=%lu\n", rec->r.free.next );
break;
case RECTYPE_HTBL:
- fprintf(fp, "htbl,");
+ es_fprintf (fp, "htbl,");
for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ )
- fprintf(fp, " %lu", rec->r.htbl.item[i] );
- putc('\n', fp);
+ es_fprintf (fp, " %lu", rec->r.htbl.item[i] );
+ es_putc ('\n', fp);
break;
case RECTYPE_HLST:
- fprintf(fp, "hlst, next=%lu,", rec->r.hlst.next );
+ es_fprintf (fp, "hlst, next=%lu,", rec->r.hlst.next );
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ )
- fprintf(fp, " %lu", rec->r.hlst.rnum[i] );
- putc('\n', fp);
+ es_fprintf (fp, " %lu", rec->r.hlst.rnum[i] );
+ es_putc ('\n', fp);
break;
case RECTYPE_TRUST:
- fprintf(fp, "trust ");
+ es_fprintf (fp, "trust ");
for(i=0; i < 20; i++ )
- fprintf(fp, "%02X", rec->r.trust.fingerprint[i] );
- fprintf (fp, ", ot=%d, d=%d, vl=%lu\n", rec->r.trust.ownertrust,
- rec->r.trust.depth, rec->r.trust.validlist);
+ es_fprintf (fp, "%02X", rec->r.trust.fingerprint[i] );
+ es_fprintf (fp, ", ot=%d, d=%d, vl=%lu\n", rec->r.trust.ownertrust,
+ rec->r.trust.depth, rec->r.trust.validlist);
break;
case RECTYPE_VALID:
- fprintf(fp, "valid ");
+ es_fprintf (fp, "valid ");
for(i=0; i < 20; i++ )
- fprintf(fp, "%02X", rec->r.valid.namehash[i] );
- fprintf (fp, ", v=%d, next=%lu\n", rec->r.valid.validity,
- rec->r.valid.next);
+ es_fprintf(fp, "%02X", rec->r.valid.namehash[i] );
+ es_fprintf (fp, ", v=%d, next=%lu\n", rec->r.valid.validity,
+ rec->r.valid.next);
break;
default:
- fprintf(fp, "unknown type %d\n", rec->rectype );
+ es_fprintf (fp, "unknown type %d\n", rec->rectype );
break;
}
}
{
byte readbuf[TRUST_RECORD_LEN];
const byte *buf, *p;
- int rc = 0;
+ gpg_error_t err = 0;
int n, i;
if( db_fd == -1 )
buf = get_record_from_cache( recnum );
if( !buf ) {
if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
- rc = gpg_error_from_errno (errno);
+ err = gpg_error_from_syserror ();
log_error(_("trustdb: lseek failed: %s\n"), strerror(errno) );
- return rc;
+ return err;
}
n = read( db_fd, readbuf, TRUST_RECORD_LEN);
if( !n ) {
return -1; /* eof */
}
else if( n != TRUST_RECORD_LEN ) {
- rc = gpg_error_from_errno (errno);
+ err = gpg_error_from_syserror ();
log_error(_("trustdb: read failed (n=%d): %s\n"), n,
strerror(errno) );
- return rc;
+ return err;
}
buf = readbuf;
}
if( expected && rec->rectype != expected ) {
log_error("%lu: read expected rec type %d, got %d\n",
recnum, expected, rec->rectype );
- return GPG_ERR_TRUSTDB;
+ return gpg_error (GPG_ERR_TRUSTDB);
}
p++; /* skip reserved byte */
switch( rec->rectype ) {
case 0: /* unused (free) record */
break;
case RECTYPE_VER: /* version record */
- if( memcmp(buf+1, "gpg", 3 ) ) {
+ if( memcmp(buf+1, GPGEXT_GPG, 3 ) ) {
log_error( _("%s: not a trustdb file\n"), db_name );
- rc = GPG_ERR_TRUSTDB;
+ err = gpg_error (GPG_ERR_TRUSTDB);
}
p += 2; /* skip "gpg" */
rec->r.ver.version = *p++;
rec->r.ver.completes = *p++;
rec->r.ver.cert_depth = *p++;
rec->r.ver.trust_model = *p++;
- p += 3;
- rec->r.ver.created = buftoulong(p); p += 4;
- rec->r.ver.nextcheck = buftoulong(p); p += 4;
+ rec->r.ver.min_cert_level = *p++;
+ p += 2;
+ rec->r.ver.created = buf32_to_ulong(p); p += 4;
+ rec->r.ver.nextcheck = buf32_to_ulong(p); p += 4;
p += 4;
p += 4;
- rec->r.ver.firstfree =buftoulong(p); p += 4;
+ rec->r.ver.firstfree =buf32_to_ulong(p); p += 4;
p += 4;
- rec->r.ver.trusthashtbl =buftoulong(p); p += 4;
+ rec->r.ver.trusthashtbl =buf32_to_ulong(p); p += 4;
if( recnum ) {
log_error( _("%s: version record with recnum %lu\n"), db_name,
(ulong)recnum );
- rc = GPG_ERR_TRUSTDB;
+ err = gpg_error (GPG_ERR_TRUSTDB);
}
else if( rec->r.ver.version != 3 ) {
log_error( _("%s: invalid file version %d\n"), db_name,
rec->r.ver.version );
- rc = GPG_ERR_TRUSTDB;
+ err = gpg_error (GPG_ERR_TRUSTDB);
}
break;
case RECTYPE_FREE:
- rec->r.free.next = buftoulong(p); p += 4;
+ rec->r.free.next = buf32_to_ulong(p); p += 4;
break;
case RECTYPE_HTBL:
for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
- rec->r.htbl.item[i] = buftoulong(p); p += 4;
+ rec->r.htbl.item[i] = buf32_to_ulong(p); p += 4;
}
break;
case RECTYPE_HLST:
- rec->r.hlst.next = buftoulong(p); p += 4;
+ rec->r.hlst.next = buf32_to_ulong(p); p += 4;
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
- rec->r.hlst.rnum[i] = buftoulong(p); p += 4;
+ rec->r.hlst.rnum[i] = buf32_to_ulong(p); p += 4;
}
break;
case RECTYPE_TRUST:
rec->r.trust.depth = *p++;
rec->r.trust.min_ownertrust = *p++;
p++;
- rec->r.trust.validlist = buftoulong(p); p += 4;
+ rec->r.trust.validlist = buf32_to_ulong(p); p += 4;
break;
case RECTYPE_VALID:
memcpy( rec->r.valid.namehash, p, 20); p+=20;
rec->r.valid.validity = *p++;
- rec->r.valid.next = buftoulong(p); p += 4;
+ rec->r.valid.next = buf32_to_ulong(p); p += 4;
rec->r.valid.full_count = *p++;
rec->r.valid.marginal_count = *p++;
break;
default:
log_error( "%s: invalid record type %d at recnum %lu\n",
db_name, rec->rectype, (ulong)recnum );
- rc = GPG_ERR_TRUSTDB;
+ err = gpg_error (GPG_ERR_TRUSTDB);
break;
}
- return rc;
+ return err;
}
/****************
case RECTYPE_VER: /* version record */
if( recnum )
BUG();
- memcpy(p-1, "gpg", 3 ); p += 2;
+ memcpy(p-1, GPGEXT_GPG, 3 ); p += 2;
*p++ = rec->r.ver.version;
*p++ = rec->r.ver.marginals;
*p++ = rec->r.ver.completes;
*p++ = rec->r.ver.cert_depth;
*p++ = rec->r.ver.trust_model;
- p += 3;
+ *p++ = rec->r.ver.min_cert_level;
+ p += 2;
ulongtobuf(p, rec->r.ver.created); p += 4;
ulongtobuf(p, rec->r.ver.nextcheck); p += 4;
p += 4;
vr.r.ver.firstfree = rec.r.free.next;
rc = tdbio_write_record( &vr );
if( rc ) {
- log_error( _("%s: error writing dir record: %s\n"),
- db_name, gpg_strerror (rc) );
+ log_error (_("%s: error writing dir record: %s\n"),
+ db_name, gpg_strerror (rc));
return rc;
}
/*zero out the new record */
rec.recnum = recnum;
rc = 0;
if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
- rc = gpg_error_from_errno (errno);
+ rc = gpg_error_from_syserror ();
log_error(_("trustdb rec %lu: lseek failed: %s\n"),
recnum, strerror(errno) );
}
else {
int n = write( db_fd, &rec, TRUST_RECORD_LEN);
if( n != TRUST_RECORD_LEN ) {
- rc = gpg_error_from_errno (errno);
+ rc = gpg_error_from_syserror ();
log_error(_("trustdb rec %lu: write failed (n=%d): %s\n"),
recnum, n, strerror(errno) );
}
static int
-cmp_trec_fpr ( void *fpr, const TRUSTREC *rec )
+cmp_trec_fpr ( const void *fpr, const TRUSTREC *rec )
{
- return rec->rectype == RECTYPE_TRUST
- && !memcmp( rec->r.trust.fingerprint, fpr, 20);
+ return (rec->rectype == RECTYPE_TRUST
+ && !memcmp (rec->r.trust.fingerprint, fpr, 20));
}
/* locate the trust record using the hash table */
rc = lookup_hashtable( get_trusthashrec(), fingerprint, 20,
- cmp_trec_fpr, (void*)fingerprint, rec );
+ cmp_trec_fpr, fingerprint, rec );
return rc;
}
}
-
void
tdbio_invalid(void)
{
- log_error(_(
- "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n") );
- g10_exit(2);
-}
-
-/*
- * Migrate the trustdb as just up to gpg 1.0.6 (trustdb version 2)
- * to the 2.1 version as used with 1.0.6b - This is pretty trivial as needs
- * only to scan the tdb and insert new the new trust records. The old ones are
- * obsolte from now on
- */
-static void
-migrate_from_v2 ()
-{
- TRUSTREC rec;
- int i, n;
- struct {
- ulong keyrecno;
- byte ot;
- byte okay;
- byte fpr[20];
- } *ottable;
- int ottable_size, ottable_used;
- byte oldbuf[40];
- ulong recno;
- int rc, count;
-
- ottable_size = 5;
- ottable = xmalloc (ottable_size * sizeof *ottable);
- ottable_used = 0;
-
- /* We have some restrictions here. We can't use the version record
- * and we can't use any of the old hashtables because we dropped the
- * code. So we first collect all ownertrusts and then use a second
- * pass fo find the associated keys. We have to do this all without using
- * the regular record read functions.
- */
-
- /* get all the ownertrusts */
- if (lseek (db_fd, 0, SEEK_SET ) == -1 )
- log_fatal ("migrate_from_v2: lseek failed: %s\n", strerror (errno));
- for (recno=0;;recno++)
- {
- do
- n = read (db_fd, oldbuf, 40);
- while (n==-1 && errno == EINTR);
- if (!n)
- break; /* eof */
- if (n != 40)
- log_fatal ("migrate_vfrom_v2: read error or short read\n");
-
- if (*oldbuf != 2)
- continue;
-
- /* v2 dir record */
- if (ottable_used == ottable_size)
- {
- ottable_size += 1000;
- ottable = xrealloc (ottable, ottable_size * sizeof *ottable);
- }
- ottable[ottable_used].keyrecno = buftoulong (oldbuf+6);
- ottable[ottable_used].ot = oldbuf[18];
- ottable[ottable_used].okay = 0;
- memset (ottable[ottable_used].fpr,0, 20);
- if (ottable[ottable_used].keyrecno && ottable[ottable_used].ot)
- ottable_used++;
- }
- log_info ("found %d ownertrust records\n", ottable_used);
-
- /* Read again and find the fingerprints */
- if (lseek (db_fd, 0, SEEK_SET ) == -1 )
- log_fatal ("migrate_from_v2: lseek failed: %s\n", strerror (errno));
- for (recno=0;;recno++)
- {
- do
- n = read (db_fd, oldbuf, 40);
- while (n==-1 && errno == EINTR);
- if (!n)
- break; /* eof */
- if (n != 40)
- log_fatal ("migrate_from_v2: read error or short read\n");
-
- if (*oldbuf != 3)
- continue;
-
- /* v2 key record */
- for (i=0; i < ottable_used; i++)
- {
- if (ottable[i].keyrecno == recno)
- {
- memcpy (ottable[i].fpr, oldbuf+20, 20);
- ottable[i].okay = 1;
- break;
- }
- }
- }
-
- /* got everything - create the v3 trustdb */
- if (ftruncate (db_fd, 0))
- log_fatal ("can't truncate `%s': %s\n", db_name, strerror (errno) );
- if (create_version_record ())
- log_fatal ("failed to recreate version record of `%s'\n", db_name);
-
- /* access the hash table, so it is store just after the version record,
- * this is not needed put a dump is more pretty */
- get_trusthashrec ();
-
- /* And insert the old ownertrust values */
- count = 0;
- for (i=0; i < ottable_used; i++)
- {
- if (!ottable[i].okay)
- continue;
-
- memset (&rec, 0, sizeof rec);
- rec.recnum = tdbio_new_recnum ();
- rec.rectype = RECTYPE_TRUST;
- memcpy(rec.r.trust.fingerprint, ottable[i].fpr, 20);
- rec.r.trust.ownertrust = ottable[i].ot;
- if (tdbio_write_record (&rec))
- log_fatal ("failed to write trust record of `%s'\n", db_name);
- count++;
- }
-
- revalidation_mark ();
- rc = tdbio_sync ();
- if (rc)
- log_fatal ("failed to sync `%s'\n", db_name);
- log_info ("migrated %d version 2 ownertrusts\n", count);
- xfree (ottable);
+ log_error (_("Error: The trustdb is corrupted.\n"));
+ how_to_fix_the_trustdb ();
+ g10_exit (2);
}
projects / gnupg.git / blobdiff