-/* tdbio.c
- * Copyright (C) 1998 Free Software Foundation, Inc.
+/* tdbio.c - trust database I/O operations
+ * Copyright (C) 1998-2002, 2012 Free Software Foundation, Inc.
+ * Copyright (C) 1998-2015 Werner Koch
*
- * This file is part of GNUPG.
+ * This file is part of GnuPG.
*
- * GNUPG is free software; you can redistribute it and/or modify
+ * GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
- * GNUPG is distributed in the hope that it will be useful,
+ * GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <assert.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
-#include "errors.h"
+#include "gpg.h"
+#include "status.h"
#include "iobuf.h"
-#include "memory.h"
#include "util.h"
#include "options.h"
#include "main.h"
#include "trustdb.h"
#include "tdbio.h"
-
-/****************
+#if defined(HAVE_DOSISH_SYSTEM) && !defined(ftruncate)
+#define ftruncate chsize
+#endif
+
+#if defined(HAVE_DOSISH_SYSTEM) || defined(__CYGWIN__)
+#define MY_O_BINARY O_BINARY
+#else
+#define MY_O_BINARY 0
+#endif
+
+/* We use ERRNO despite that the cegcc provided open/read/write
+ functions don't set ERRNO - at least show that ERRNO does not make
+ sense. */
+#ifdef HAVE_W32CE_SYSTEM
+#undef strerror
+#define strerror(a) ("[errno not available]")
+#endif
+
+/*
* Yes, this is a very simple implementation. We should really
* use a page aligned buffer and read complete pages.
* To implement a simple trannsaction system, this is sufficient.
*/
typedef struct cache_ctrl_struct *CACHE_CTRL;
-struct cache_ctrl_struct {
- CACHE_CTRL next;
- struct {
- unsigned used:1;
- unsigned dirty:1;
- } flags;
- ulong recno;
- char data[TRUST_RECORD_LEN];
+struct cache_ctrl_struct
+{
+ CACHE_CTRL next;
+ struct {
+ unsigned used:1;
+ unsigned dirty:1;
+ } flags;
+ ulong recno;
+ char data[TRUST_RECORD_LEN];
};
-#define MAX_CACHE_ENTRIES_SOFT 200 /* may be increased while in a */
-#define MAX_CACHE_ENTRIES_HARD 1000 /* transaction to this one */
+/* Size of the cache. The SOFT value is the general one. While in a
+ transaction this may not be sufficient and thus we may increase it
+ then up to the HARD limit. */
+#define MAX_CACHE_ENTRIES_SOFT 200
+#define MAX_CACHE_ENTRIES_HARD 10000
+
+
+/* The cache is controlled by these variables. */
static CACHE_CTRL cache_list;
static int cache_entries;
static int cache_is_dirty;
-/* a type used to pass infomation to cmp_krec_fpr */
-struct cmp_krec_fpr_struct {
- int pubkey_algo;
- const char *fpr;
- int fprlen;
+
+/* An object to pass information to cmp_krec_fpr. */
+struct cmp_krec_fpr_struct
+{
+ int pubkey_algo;
+ const char *fpr;
+ int fprlen;
};
-/* a type used to pass infomation to cmp_sdir */
-struct cmp_sdir_struct {
- int pubkey_algo;
- u32 keyid[2];
+/* An object used to pass information to cmp_[s]dir. */
+struct cmp_xdir_struct
+{
+ int pubkey_algo;
+ u32 keyid[2];
};
+/* The name of the trustdb file. */
static char *db_name;
+
+/* The handle for locking the trustdb file and a flag to record
+ whether a lock has been taken. */
+static dotlock_t lockhandle;
+static int is_locked;
+
+/* The file descriptor of the trustdb. */
static int db_fd = -1;
+
+/* A flag indicating that a transaction is active. */
static int in_transaction;
-static void open_db(void);
+\f
+static void open_db (void);
+static void create_hashtable (TRUSTREC *vr, int type);
+
+
+\f
+/*
+ * Take a lock on the trustdb file name. I a lock file can't be
+ * created the function terminates the process. Excvept for a
+ * different return code the function does nothing if the lock has
+ * already been taken.
+ *
+ * Returns: True if lock already exists, False if the lock has
+ * actually been taken.
+ */
+static int
+take_write_lock (void)
+{
+ if (!lockhandle)
+ lockhandle = dotlock_create (db_name, 0);
+ if (!lockhandle)
+ log_fatal ( _("can't create lock for '%s'\n"), db_name );
+
+ if (!is_locked)
+ {
+ if (dotlock_take (lockhandle, -1) )
+ log_fatal ( _("can't lock '%s'\n"), db_name );
+ else
+ is_locked = 1;
+ return 0;
+ }
+ else
+ return 1;
+}
+
+/*
+ * Release a lock from the trustdb file unless the global option
+ * --lock-once has been used.
+ */
+static void
+release_write_lock (void)
+{
+ if (!opt.lock_once)
+ if (!dotlock_release (lockhandle))
+ is_locked = 0;
+}
\f
/*************************************
************* record cache **********
*************************************/
-/****************
- * Get the data from therecord cache and return a
- * pointer into that cache. Caller should copy
- * the return data. NULL is returned on a cache miss.
+/*
+ * Get the data from the record cache and return a pointer into that
+ * cache. Caller should copy the returned data. NULL is returned on
+ * a cache miss.
*/
static const char *
-get_record_from_cache( ulong recno )
+get_record_from_cache (ulong recno)
{
- CACHE_CTRL r;
+ CACHE_CTRL r;
- for( r = cache_list; r; r = r->next ) {
- if( r->flags.used && r->recno == recno )
- return r->data;
+ for (r = cache_list; r; r = r->next)
+ {
+ if (r->flags.used && r->recno == recno)
+ return r->data;
}
- return NULL;
+ return NULL;
}
+/*
+ * Write a cached item back to the trustdb file.
+ *
+ * Returns: 0 on success or an error code.
+ */
static int
-write_cache_item( CACHE_CTRL r )
+write_cache_item (CACHE_CTRL r)
{
- int n;
-
- if( lseek( db_fd, r->recno * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
- log_error(_("trustdb rec %lu: lseek failed: %s\n"),
- r->recno, strerror(errno) );
- return G10ERR_WRITE_FILE;
+ gpg_error_t err;
+ int n;
+
+ if (lseek (db_fd, r->recno * TRUST_RECORD_LEN, SEEK_SET) == -1)
+ {
+ err = gpg_error_from_syserror ();
+ log_error (_("trustdb rec %lu: lseek failed: %s\n"),
+ r->recno, strerror (errno));
+ return err;
}
- n = write( db_fd, r->data, TRUST_RECORD_LEN);
- if( n != TRUST_RECORD_LEN ) {
- log_error(_("trustdb rec %lu: write failed (n=%d): %s\n"),
- r->recno, n, strerror(errno) );
- return G10ERR_WRITE_FILE;
+ n = write (db_fd, r->data, TRUST_RECORD_LEN);
+ if (n != TRUST_RECORD_LEN)
+ {
+ err = gpg_error_from_syserror ();
+ log_error (_("trustdb rec %lu: write failed (n=%d): %s\n"),
+ r->recno, n, strerror (errno) );
+ return err;
}
- r->flags.dirty = 0;
- return 0;
+ r->flags.dirty = 0;
+ return 0;
}
-/****************
- * Put data into the cache. This function may flush the
- * some cache entries if there is not enough space available.
+
+/*
+ * Put data into the cache. This function may flush
+ * some cache entries if the cache is filled up.
+ *
+ * Returns: 0 on success or an error code.
*/
-int
-put_record_into_cache( ulong recno, const char *data )
+static int
+put_record_into_cache (ulong recno, const char *data)
{
- CACHE_CTRL r, unused;
- int dirty_count = 0;
- int clean_count = 0;
-
- /* see whether we already cached this one */
- for( unused = NULL, r = cache_list; r; r = r->next ) {
- if( !r->flags.used ) {
- if( !unused )
- unused = r;
+ CACHE_CTRL r, unused;
+ int dirty_count = 0;
+ int clean_count = 0;
+
+ /* See whether we already cached this one. */
+ for (unused = NULL, r = cache_list; r; r = r->next)
+ {
+ if (!r->flags.used)
+ {
+ if (!unused)
+ unused = r;
}
- else if( r->recno == recno ) {
- if( !r->flags.dirty ) {
- /* Hmmm: should we use a a copy and compare? */
- if( memcmp(r->data, data, TRUST_RECORD_LEN ) ) {
- r->flags.dirty = 1;
- cache_is_dirty = 1;
+ else if (r->recno == recno)
+ {
+ if (!r->flags.dirty)
+ {
+ /* Hmmm: should we use a copy and compare? */
+ if (memcmp (r->data, data, TRUST_RECORD_LEN))
+ {
+ r->flags.dirty = 1;
+ cache_is_dirty = 1;
}
}
- memcpy( r->data, data, TRUST_RECORD_LEN );
- return 0;
+ memcpy (r->data, data, TRUST_RECORD_LEN);
+ return 0;
}
- if( r->flags.used ) {
- if( r->flags.dirty )
- dirty_count++;
- else
- clean_count++;
+ if (r->flags.used)
+ {
+ if (r->flags.dirty)
+ dirty_count++;
+ else
+ clean_count++;
}
}
- /* not in the cache: add a new entry */
- if( unused ) { /* reuse this entry */
- r = unused;
- r->flags.used = 1;
- r->recno = recno;
- memcpy( r->data, data, TRUST_RECORD_LEN );
- r->flags.dirty = 1;
- cache_is_dirty = 1;
- cache_entries++;
- return 0;
+
+ /* Not in the cache: add a new entry. */
+ if (unused)
+ {
+ /* Reuse this entry. */
+ r = unused;
+ r->flags.used = 1;
+ r->recno = recno;
+ memcpy (r->data, data, TRUST_RECORD_LEN);
+ r->flags.dirty = 1;
+ cache_is_dirty = 1;
+ cache_entries++;
+ return 0;
}
- /* see whether we reached the limit */
- if( cache_entries < MAX_CACHE_ENTRIES_SOFT ) { /* no */
- r = m_alloc( sizeof *r );
- r->flags.used = 1;
- r->recno = recno;
- memcpy( r->data, data, TRUST_RECORD_LEN );
- r->flags.dirty = 1;
- r->next = cache_list;
- cache_list = r;
- cache_is_dirty = 1;
- cache_entries++;
- return 0;
+
+ /* See whether we reached the limit. */
+ if (cache_entries < MAX_CACHE_ENTRIES_SOFT)
+ {
+ /* No: Put into cache. */
+ r = xmalloc (sizeof *r);
+ r->flags.used = 1;
+ r->recno = recno;
+ memcpy (r->data, data, TRUST_RECORD_LEN);
+ r->flags.dirty = 1;
+ r->next = cache_list;
+ cache_list = r;
+ cache_is_dirty = 1;
+ cache_entries++;
+ return 0;
}
- /* cache is full: discard some clean entries */
- if( clean_count ) {
- int n = clean_count / 3; /* discard a third of the clean entries */
- if( !n )
- n = 1;
- for( unused = NULL, r = cache_list; r; r = r->next ) {
- if( r->flags.used && !r->flags.dirty ) {
- if( !unused )
- unused = r;
- r->flags.used = 0;
- cache_entries--;
- if( !--n )
- break;
+
+ /* Cache is full: discard some clean entries. */
+ if (clean_count)
+ {
+ int n;
+
+ /* We discard a third of the clean entries. */
+ n = clean_count / 3;
+ if (!n)
+ n = 1;
+
+ for (unused = NULL, r = cache_list; r; r = r->next)
+ {
+ if (r->flags.used && !r->flags.dirty)
+ {
+ if (!unused)
+ unused = r;
+ r->flags.used = 0;
+ cache_entries--;
+ if (!--n)
+ break;
}
}
- assert( unused );
- r = unused;
- r->flags.used = 1;
- r->recno = recno;
- memcpy( r->data, data, TRUST_RECORD_LEN );
- r->flags.dirty = 1;
- cache_is_dirty = 1;
- cache_entries++;
- return 0;
+
+ /* Now put into the cache. */
+ log_assert (unused);
+ r = unused;
+ r->flags.used = 1;
+ r->recno = recno;
+ memcpy (r->data, data, TRUST_RECORD_LEN);
+ r->flags.dirty = 1;
+ cache_is_dirty = 1;
+ cache_entries++;
+ return 0;
}
- /* no clean entries: have to flush some dirty entries */
- if( in_transaction ) {
- /* but we can't do this while in a transaction
- * we increase the cache size instead */
- if( cache_entries < MAX_CACHE_ENTRIES_HARD ) { /* no */
- if( opt.debug && !(cache_entries % 100) )
- log_debug("increasing tdbio cache size\n");
- r = m_alloc( sizeof *r );
- r->flags.used = 1;
- r->recno = recno;
- memcpy( r->data, data, TRUST_RECORD_LEN );
- r->flags.dirty = 1;
- r->next = cache_list;
- cache_list = r;
- cache_is_dirty = 1;
- cache_entries++;
- return 0;
+
+ /* No clean entries: We have to flush some dirty entries. */
+ if (in_transaction)
+ {
+ /* But we can't do this while in a transaction. Thus we
+ * increase the cache size instead. */
+ if (cache_entries < MAX_CACHE_ENTRIES_HARD)
+ {
+ if (opt.debug && !(cache_entries % 100))
+ log_debug ("increasing tdbio cache size\n");
+ r = xmalloc (sizeof *r);
+ r->flags.used = 1;
+ r->recno = recno;
+ memcpy (r->data, data, TRUST_RECORD_LEN);
+ r->flags.dirty = 1;
+ r->next = cache_list;
+ cache_list = r;
+ cache_is_dirty = 1;
+ cache_entries++;
+ return 0;
}
- log_info(_("trustdb transaction to large\n"));
- return G10ERR_RESOURCE_LIMIT;
+ /* Hard limit for the cache size reached. */
+ log_info (_("trustdb transaction too large\n"));
+ return GPG_ERR_RESOURCE_LIMIT;
}
- if( dirty_count ) {
- int n = dirty_count / 5; /* discard some dirty entries */
- if( !n )
- n = 1;
- for( unused = NULL, r = cache_list; r; r = r->next ) {
- if( r->flags.used && r->flags.dirty ) {
- int rc = write_cache_item( r );
- if( rc )
- return rc;
- if( !unused )
- unused = r;
- r->flags.used = 0;
- cache_entries--;
- if( !--n )
- break;
+
+ if (dirty_count)
+ {
+ int n;
+
+ /* Discard some dirty entries. */
+ n = dirty_count / 5;
+ if (!n)
+ n = 1;
+
+ take_write_lock ();
+ for (unused = NULL, r = cache_list; r; r = r->next)
+ {
+ if (r->flags.used && r->flags.dirty)
+ {
+ int rc;
+
+ rc = write_cache_item (r);
+ if (rc)
+ return rc;
+ if (!unused)
+ unused = r;
+ r->flags.used = 0;
+ cache_entries--;
+ if (!--n)
+ break;
}
}
- assert( unused );
- r = unused;
- r->flags.used = 1;
- r->recno = recno;
- memcpy( r->data, data, TRUST_RECORD_LEN );
- r->flags.dirty = 1;
- cache_is_dirty = 1;
- cache_entries++;
- return 0;
+ release_write_lock ();
+
+ /* Now put into the cache. */
+ log_assert (unused);
+ r = unused;
+ r->flags.used = 1;
+ r->recno = recno;
+ memcpy (r->data, data, TRUST_RECORD_LEN);
+ r->flags.dirty = 1;
+ cache_is_dirty = 1;
+ cache_entries++;
+ return 0;
}
- BUG();
+
+ /* We should never reach this. */
+ BUG();
}
+/* Return true if the cache is dirty. */
int
tdbio_is_dirty()
{
- return cache_is_dirty;
+ return cache_is_dirty;
}
-/****************
+/*
* Flush the cache. This cannot be used while in a transaction.
*/
int
tdbio_sync()
{
CACHE_CTRL r;
+ int did_lock = 0;
+ if( db_fd == -1 )
+ open_db();
if( in_transaction )
log_bug("tdbio: syncing while in transaction\n");
if( !cache_is_dirty )
return 0;
+ if (!take_write_lock ())
+ did_lock = 1;
+
for( r = cache_list; r; r = r->next ) {
if( r->flags.used && r->flags.dirty ) {
int rc = write_cache_item( r );
}
}
cache_is_dirty = 0;
+ if (did_lock)
+ release_write_lock ();
+
return 0;
}
-
-/****************
+#if 0 /* Not yet used. */
+/*
* Simple transactions system:
* Everything between begin_transaction and end/cancel_transaction
- * is not immediatly written but at the time of end_transaction.
+ * is not immediately written but at the time of end_transaction.
*
+ * NOTE: The transaction code is disabled in the 1.2 branch, as it is
+ * not yet used.
*/
int
-tdbio_begin_transaction()
+tdbio_begin_transaction () /* Not yet used. */
{
- int rc;
+ int rc;
- if( in_transaction )
- log_bug("tdbio: nested transactions\n");
- /* flush everything out */
- rc = tdbio_sync();
- if( rc )
- return rc;
- in_transaction = 1;
- return 0;
+ if (in_transaction)
+ log_bug ("tdbio: nested transactions\n");
+ /* Flush everything out. */
+ rc = tdbio_sync();
+ if (rc)
+ return rc;
+ in_transaction = 1;
+ return 0;
}
int
-tdbio_end_transaction()
+tdbio_end_transaction () /* Not yet used. */
{
- int rc;
-
- if( !in_transaction )
- log_bug("tdbio: no active transaction\n");
- block_all_signals();
- in_transaction = 0;
- rc = tdbio_sync();
- unblock_all_signals();
- return rc;
+ int rc;
+
+ if (!in_transaction)
+ log_bug ("tdbio: no active transaction\n");
+ take_write_lock ();
+ gnupg_block_all_signals ();
+ in_transaction = 0;
+ rc = tdbio_sync();
+ gnupg_unblock_all_signals();
+ release_write_lock ();
+ return rc;
}
int
-tdbio_cancel_transaction()
+tdbio_cancel_transaction () /* Not yet used. */
{
- CACHE_CTRL r;
-
- if( !in_transaction )
- log_bug("tdbio: no active transaction\n");
-
- /* remove all dirty marked entries, so that the original ones
- * are read back the next time */
- if( cache_is_dirty ) {
- for( r = cache_list; r; r = r->next ) {
- if( r->flags.used && r->flags.dirty ) {
- r->flags.used = 0;
- cache_entries--;
+ CACHE_CTRL r;
+
+ if (!in_transaction)
+ log_bug ("tdbio: no active transaction\n");
+
+ /* Remove all dirty marked entries, so that the original ones are
+ * read back the next time. */
+ if (cache_is_dirty)
+ {
+ for (r = cache_list; r; r = r->next)
+ {
+ if (r->flags.used && r->flags.dirty)
+ {
+ r->flags.used = 0;
+ cache_entries--;
}
}
- cache_is_dirty = 0;
+ cache_is_dirty = 0;
}
- in_transaction = 0;
- return 0;
+ in_transaction = 0;
+ return 0;
}
+#endif /* Not yet used. */
\f
**************** cached I/O functions ******************
********************************************************/
+/* The cleanup handler for this module. */
+static void
+cleanup (void)
+{
+ if (is_locked)
+ {
+ if (!dotlock_release (lockhandle))
+ is_locked = 0;
+ }
+}
+
+
+/*
+ * Update an existing trustdb record. The caller must call
+ * tdbio_sync.
+ *
+ * Returns: 0 on success or an error code.
+ */
int
-tdbio_set_dbname( const char *new_dbname, int create )
+tdbio_update_version_record (void)
{
- char *fname;
+ TRUSTREC rec;
+ int rc;
+
+ memset (&rec, 0, sizeof rec);
+
+ rc = tdbio_read_record (0, &rec, RECTYPE_VER);
+ if (!rc)
+ {
+ rec.r.ver.created = make_timestamp();
+ rec.r.ver.marginals = opt.marginals_needed;
+ rec.r.ver.completes = opt.completes_needed;
+ rec.r.ver.cert_depth = opt.max_cert_depth;
+ rec.r.ver.trust_model = opt.trust_model;
+ rec.r.ver.min_cert_level = opt.min_cert_level;
+ rc=tdbio_write_record(&rec);
+ }
- fname = new_dbname? m_strdup( new_dbname )
- : make_filename(opt.homedir, "trustdb.gpg", NULL );
+ return rc;
+}
- if( access( fname, R_OK ) ) {
- if( errno != ENOENT ) {
- log_error( _("%s: can't access: %s\n"), fname, strerror(errno) );
- m_free(fname);
- return G10ERR_TRUSTDB;
- }
- if( create ) {
- FILE *fp;
- TRUSTREC rec;
- int rc;
- char *p = strrchr( fname, '/' );
-
- assert(p);
- *p = 0;
- if( access( fname, F_OK ) ) {
- if( strlen(fname) >= 7
- && !strcmp(fname+strlen(fname)-7, "/.gnupg" ) ) {
- #if __MINGW32__
- if( mkdir( fname ) )
- #else
- if( mkdir( fname, S_IRUSR|S_IWUSR|S_IXUSR ) )
- #endif
- log_fatal( _("%s: can't create directory: %s\n"),
- fname, strerror(errno) );
- else
- log_info( _("%s: directory created\n"), fname );
- copy_options_file( fname );
- }
- else
- log_fatal( _("%s: directory does not exist!\n"), fname );
- }
- *p = '/';
-
- fp =fopen( fname, "wb" );
- if( !fp )
- log_fatal( _("%s: can't create: %s\n"), fname, strerror(errno) );
- fclose(fp);
- m_free(db_name);
- db_name = fname;
- #ifdef __MINGW32__
- db_fd = open( db_name, O_RDWR | O_BINARY );
- #else
- db_fd = open( db_name, O_RDWR );
- #endif
- if( db_fd == -1 )
- log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
-
- memset( &rec, 0, sizeof rec );
- rec.r.ver.version = 2;
- rec.r.ver.created = make_timestamp();
- rec.r.ver.marginals = opt.marginals_needed;
- rec.r.ver.completes = opt.completes_needed;
- rec.r.ver.cert_depth = opt.max_cert_depth;
- rec.rectype = RECTYPE_VER;
- rec.recnum = 0;
- rc = tdbio_write_record( &rec );
- if( !rc )
- tdbio_sync();
- if( rc )
- log_fatal( _("%s: failed to create version record: %s"),
- fname, g10_errstr(rc));
- /* and read again to check that we are okay */
- if( tdbio_read_record( 0, &rec, RECTYPE_VER ) )
- log_fatal( _("%s: invalid trust-db created\n"), db_name );
- log_info(_("%s: trust-db created\n"), db_name);
+/*
+ * Create and write the trustdb version record.
+ *
+ * Returns: 0 on success or an error code.
+ */
+static int
+create_version_record (void)
+{
+ TRUSTREC rec;
+ int rc;
+
+ memset (&rec, 0, sizeof rec);
+ rec.r.ver.version = 3;
+ rec.r.ver.created = make_timestamp ();
+ rec.r.ver.marginals = opt.marginals_needed;
+ rec.r.ver.completes = opt.completes_needed;
+ rec.r.ver.cert_depth = opt.max_cert_depth;
+ if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC)
+ rec.r.ver.trust_model = opt.trust_model;
+ else
+ rec.r.ver.trust_model = TM_PGP;
+ rec.r.ver.min_cert_level = opt.min_cert_level;
+ rec.rectype = RECTYPE_VER;
+ rec.recnum = 0;
+ rc = tdbio_write_record (&rec);
+
+ if (!rc)
+ tdbio_sync ();
+
+ if (!rc)
+ create_hashtable (&rec, 0);
+
+ return rc;
+}
+
- return 0;
- }
+/*
+ * Set the file name for the trustdb to NEW_DBNAME and if CREATE is
+ * true create that file. If NEW_DBNAME is NULL a default name is
+ * used, if the it does not contain a path component separator ('/')
+ * the global GnuPG home directory is used.
+ *
+ * Returns: 0 on success or an error code.
+ *
+ * On the first call this function registers an atexit handler.
+ *
+ */
+int
+tdbio_set_dbname (const char *new_dbname, int create, int *r_nofile)
+{
+ char *fname, *p;
+ struct stat statbuf;
+ static int initialized = 0;
+ int save_slash;
+
+ if (!initialized)
+ {
+ atexit (cleanup);
+ initialized = 1;
}
- m_free(db_name);
- db_name = fname;
- return 0;
+
+ *r_nofile = 0;
+
+ if (!new_dbname)
+ {
+ fname = make_filename (gnupg_homedir (),
+ "trustdb" EXTSEP_S GPGEXT_GPG, NULL);
+ }
+ else if (*new_dbname != DIRSEP_C )
+ {
+ if (strchr (new_dbname, DIRSEP_C))
+ fname = make_filename (new_dbname, NULL);
+ else
+ fname = make_filename (gnupg_homedir (), new_dbname, NULL);
+ }
+ else
+ {
+ fname = xstrdup (new_dbname);
+ }
+
+ xfree (db_name);
+ db_name = fname;
+
+ /* Quick check for (likely) case where there already is a
+ * trustdb.gpg. This check is not required in theory, but it helps
+ * in practice avoiding costly operations of preparing and taking
+ * the lock. */
+ if (!stat (fname, &statbuf) && statbuf.st_size > 0)
+ {
+ /* OK, we have the valid trustdb.gpg already. */
+ return 0;
+ }
+ else if (!create)
+ {
+ *r_nofile = 1;
+ return 0;
+ }
+
+ /* Here comes: No valid trustdb.gpg AND CREATE==1 */
+
+ /*
+ * Make sure the directory exists. This should be done before
+ * acquiring the lock, which assumes the existence of the directory.
+ */
+ p = strrchr (fname, DIRSEP_C);
+#if HAVE_W32_SYSTEM
+ {
+ /* Windows may either have a slash or a backslash. Take
+ care of it. */
+ char *pp = strrchr (fname, '/');
+ if (!p || pp > p)
+ p = pp;
+ }
+#endif /*HAVE_W32_SYSTEM*/
+ log_assert (p);
+ save_slash = *p;
+ *p = 0;
+ if (access (fname, F_OK))
+ {
+ try_make_homedir (fname);
+ if (access (fname, F_OK))
+ log_fatal (_("%s: directory does not exist!\n"), fname);
+ }
+ *p = save_slash;
+
+ take_write_lock ();
+
+ if (access (fname, R_OK) || stat (fname, &statbuf) || statbuf.st_size == 0)
+ {
+ FILE *fp;
+ TRUSTREC rec;
+ int rc;
+ mode_t oldmask;
+
+#ifdef HAVE_W32CE_SYSTEM
+ /* We know how the cegcc implementation of access works ;-). */
+ if (GetLastError () == ERROR_FILE_NOT_FOUND)
+ gpg_err_set_errno (ENOENT);
+ else
+ gpg_err_set_errno (EIO);
+#endif /*HAVE_W32CE_SYSTEM*/
+ if (errno && errno != ENOENT)
+ log_fatal ( _("can't access '%s': %s\n"), fname, strerror (errno));
+
+ oldmask = umask (077);
+ if (is_secured_filename (fname))
+ {
+ fp = NULL;
+ gpg_err_set_errno (EPERM);
+ }
+ else
+ fp = fopen (fname, "wb");
+ umask(oldmask);
+ if (!fp)
+ log_fatal (_("can't create '%s': %s\n"), fname, strerror (errno));
+ fclose (fp);
+
+ db_fd = open (db_name, O_RDWR | MY_O_BINARY);
+ if (db_fd == -1)
+ log_fatal (_("can't open '%s': %s\n"), db_name, strerror (errno));
+
+ rc = create_version_record ();
+ if (rc)
+ log_fatal (_("%s: failed to create version record: %s"),
+ fname, gpg_strerror (rc));
+
+ /* Read again to check that we are okay. */
+ if (tdbio_read_record (0, &rec, RECTYPE_VER))
+ log_fatal (_("%s: invalid trustdb created\n"), db_name);
+
+ if (!opt.quiet)
+ log_info (_("%s: trustdb created\n"), db_name);
+ }
+
+ release_write_lock ();
+ return 0;
}
+/*
+ * Return the full name of the trustdb.
+ */
const char *
-tdbio_get_dbname()
+tdbio_get_dbname ()
{
- return db_name;
+ return db_name;
}
-
+/*
+ * Open the trustdb. This may only be called if it has not yet been
+ * opened and after a successful call to tdbio_set_dbname. On return
+ * the trustdb handle (DB_FD) is guaranteed to be open.
+ */
static void
-open_db()
+open_db ()
{
- TRUSTREC rec;
- assert( db_fd == -1 );
-
- #ifdef __MINGW32__
- db_fd = open( db_name, O_RDWR | O_BINARY );
- #else
- db_fd = open( db_name, O_RDWR );
- #endif
- if( db_fd == -1 )
- log_fatal( _("%s: can't open: %s\n"), db_name, strerror(errno) );
- if( tdbio_read_record( 0, &rec, RECTYPE_VER ) )
- log_fatal( _("%s: invalid trust-db\n"), db_name );
- /* fixme: check ->locked and other stuff */
+ TRUSTREC rec;
+
+ log_assert( db_fd == -1 );
+
+#ifdef HAVE_W32CE_SYSTEM
+ {
+ DWORD prevrc = 0;
+ wchar_t *wname = utf8_to_wchar (db_name);
+ if (wname)
+ {
+ db_fd = (int)CreateFile (wname, GENERIC_READ|GENERIC_WRITE,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, NULL,
+ OPEN_EXISTING, 0, NULL);
+ xfree (wname);
+ }
+ if (db_fd == -1)
+ log_fatal ("can't open '%s': %d, %d\n", db_name,
+ (int)prevrc, (int)GetLastError ());
+ }
+#else /*!HAVE_W32CE_SYSTEM*/
+ db_fd = open (db_name, O_RDWR | MY_O_BINARY );
+ if (db_fd == -1 && (errno == EACCES
+#ifdef EROFS
+ || errno == EROFS
+#endif
+ )
+ ) {
+ /* Take care of read-only trustdbs. */
+ db_fd = open (db_name, O_RDONLY | MY_O_BINARY );
+ if (db_fd != -1 && !opt.quiet)
+ log_info (_("Note: trustdb not writable\n"));
+ }
+ if ( db_fd == -1 )
+ log_fatal( _("can't open '%s': %s\n"), db_name, strerror(errno) );
+#endif /*!HAVE_W32CE_SYSTEM*/
+ register_secured_file (db_name);
+
+ /* Read the version record. */
+ if (tdbio_read_record (0, &rec, RECTYPE_VER ) )
+ log_fatal( _("%s: invalid trustdb\n"), db_name );
}
-/****************
- * Make a hashtable: type 0 = key hash, 1 = sdir hash
+/*
+ * Append a new empty hashtable to the trustdb. TYPE gives the type
+ * of the hash table. The only defined type is 0 for a trust hash.
+ * On return the hashtable has been created, written, the version
+ * record update, and the data flushed to the disk. On a fatal error
+ * the function terminates the process.
*/
static void
create_hashtable( TRUSTREC *vr, int type )
{
- TRUSTREC rec;
- off_t offset;
- ulong recnum;
- int i, n, rc;
-
- offset = lseek( db_fd, 0, SEEK_END );
- if( offset == -1 )
- log_fatal("trustdb: lseek to end failed: %s\n", strerror(errno) );
- recnum = offset / TRUST_RECORD_LEN;
- assert(recnum); /* this is will never be the first record */
-
- if( !type )
- vr->r.ver.keyhashtbl = recnum;
- else
- vr->r.ver.sdirhashtbl = recnum;
- /* Now write the records */
- n = (256+ITEMS_PER_HTBL_RECORD-1) / ITEMS_PER_HTBL_RECORD;
- for(i=0; i < n; i++, recnum++ ) {
- memset( &rec, 0, sizeof rec );
- rec.rectype = RECTYPE_HTBL;
- rec.recnum = recnum;
- rc = tdbio_write_record( &rec );
- if( rc )
- log_fatal( _("%s: failed to create hashtable: %s\n"),
- db_name, g10_errstr(rc));
+ TRUSTREC rec;
+ off_t offset;
+ ulong recnum;
+ int i, n, rc;
+
+ offset = lseek (db_fd, 0, SEEK_END);
+ if (offset == -1)
+ log_fatal ("trustdb: lseek to end failed: %s\n", strerror(errno));
+ recnum = offset / TRUST_RECORD_LEN;
+ log_assert (recnum); /* This is will never be the first record. */
+
+ if (!type)
+ vr->r.ver.trusthashtbl = recnum;
+
+ /* Now write the records making up the hash table. */
+ n = (256+ITEMS_PER_HTBL_RECORD-1) / ITEMS_PER_HTBL_RECORD;
+ for (i=0; i < n; i++, recnum++)
+ {
+ memset (&rec, 0, sizeof rec);
+ rec.rectype = RECTYPE_HTBL;
+ rec.recnum = recnum;
+ rc = tdbio_write_record (&rec);
+ if (rc)
+ log_fatal (_("%s: failed to create hashtable: %s\n"),
+ db_name, gpg_strerror (rc));
}
- /* update the version record */
- rc = tdbio_write_record( vr );
- if( !rc )
- rc = tdbio_sync();
- if( rc )
- log_fatal( _("%s: error updating version record: %s\n"),
- db_name, g10_errstr(rc));
+ /* Update the version record and flush. */
+ rc = tdbio_write_record (vr);
+ if (!rc)
+ rc = tdbio_sync ();
+ if (rc)
+ log_fatal (_("%s: error updating version record: %s\n"),
+ db_name, gpg_strerror (rc));
}
+/*
+ * Check whether open trustdb matches the global trust options given
+ * for this process. On a read problem the process is terminated.
+ *
+ * Return: 1 for yes, 0 for no.
+ */
int
tdbio_db_matches_options()
{
- static int yes_no = -1;
-
- if( yes_no == -1 ) {
- TRUSTREC vr;
- int rc;
-
- rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
- if( rc )
- log_fatal( _("%s: error reading version record: %s\n"),
- db_name, g10_errstr(rc) );
-
- if( !vr.r.ver.marginals && !vr.r.ver.completes
- && !vr.r.ver.cert_depth )
- { /* special hack for trustdbs created by old versions of GnuPG */
- vr.r.ver.marginals = opt.marginals_needed;
- vr.r.ver.completes = opt.completes_needed;
- vr.r.ver.cert_depth = opt.max_cert_depth;
- rc = tdbio_write_record( &vr );
- if( !rc && !in_transaction )
- rc = tdbio_sync();
- if( rc )
- log_error( _("%s: error writing version record: %s\n"),
- db_name, g10_errstr(rc) );
- }
+ static int yes_no = -1;
+
+ if (yes_no == -1)
+ {
+ TRUSTREC vr;
+ int rc;
+
+ rc = tdbio_read_record (0, &vr, RECTYPE_VER);
+ if( rc )
+ log_fatal( _("%s: error reading version record: %s\n"),
+ db_name, gpg_strerror (rc) );
- yes_no = vr.r.ver.marginals == opt.marginals_needed
- && vr.r.ver.completes == opt.completes_needed
- && vr.r.ver.cert_depth == opt.max_cert_depth;
+ yes_no = vr.r.ver.marginals == opt.marginals_needed
+ && vr.r.ver.completes == opt.completes_needed
+ && vr.r.ver.cert_depth == opt.max_cert_depth
+ && vr.r.ver.trust_model == opt.trust_model
+ && vr.r.ver.min_cert_level == opt.min_cert_level;
}
- return yes_no;
+
+ return yes_no;
}
-/****************
- * Return the record number of the keyhash tbl or create a new one.
+/*
+ * Read and return the trust model identifier from the trustdb. On a
+ * read problem the process is terminated.
*/
-static ulong
-get_keyhashrec()
+byte
+tdbio_read_model (void)
{
- static ulong keyhashtbl; /* record number of the key hashtable */
+ TRUSTREC vr;
+ int rc;
+
+ rc = tdbio_read_record (0, &vr, RECTYPE_VER );
+ if (rc)
+ log_fatal (_("%s: error reading version record: %s\n"),
+ db_name, gpg_strerror (rc) );
+ return vr.r.ver.trust_model;
+}
- if( !keyhashtbl ) {
- TRUSTREC vr;
- int rc;
- rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
- if( rc )
- log_fatal( _("%s: error reading version record: %s\n"),
- db_name, g10_errstr(rc) );
- if( !vr.r.ver.keyhashtbl )
- create_hashtable( &vr, 0 );
+/*
+ * Read and return the nextstamp value from the trustdb. On a read
+ * problem the process is terminated.
+ */
+ulong
+tdbio_read_nextcheck ()
+{
+ TRUSTREC vr;
+ int rc;
+
+ rc = tdbio_read_record (0, &vr, RECTYPE_VER);
+ if (rc)
+ log_fatal (_("%s: error reading version record: %s\n"),
+ db_name, gpg_strerror (rc));
+ return vr.r.ver.nextcheck;
+}
- keyhashtbl = vr.r.ver.keyhashtbl;
- }
- return keyhashtbl;
+
+/*
+ * Write the STAMP nextstamp timestamp to the trustdb. On a read or
+ * write problem the process is terminated.
+ *
+ * Return: True if the stamp actually changed.
+ */
+int
+tdbio_write_nextcheck (ulong stamp)
+{
+ TRUSTREC vr;
+ int rc;
+
+ rc = tdbio_read_record (0, &vr, RECTYPE_VER);
+ if (rc)
+ log_fatal (_("%s: error reading version record: %s\n"),
+ db_name, gpg_strerror (rc));
+
+ if (vr.r.ver.nextcheck == stamp)
+ return 0;
+
+ vr.r.ver.nextcheck = stamp;
+ rc = tdbio_write_record( &vr );
+ if (rc)
+ log_fatal (_("%s: error writing version record: %s\n"),
+ db_name, gpg_strerror (rc));
+ return 1;
}
-/****************
- * Return the record number of the shadow direcory hash table
- * or create a new one.
+
+
+/*
+ * Return the record number of the trusthash table or create one if it
+ * does not yet exist. On a read or write problem the process is
+ * terminated.
+ *
+ * Return: record number
*/
static ulong
-get_sdirhashrec()
+get_trusthashrec(void)
{
- static ulong sdirhashtbl; /* record number of the hashtable */
+ static ulong trusthashtbl; /* Record number of the trust hashtable. */
- if( !sdirhashtbl ) {
- TRUSTREC vr;
- int rc;
+ if (!trusthashtbl)
+ {
+ TRUSTREC vr;
+ int rc;
- rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
- if( rc )
- log_fatal( _("%s: error reading version record: %s\n"),
- db_name, g10_errstr(rc) );
- if( !vr.r.ver.sdirhashtbl )
- create_hashtable( &vr, 1 );
+ rc = tdbio_read_record (0, &vr, RECTYPE_VER );
+ if (rc)
+ log_fatal (_("%s: error reading version record: %s\n"),
+ db_name, gpg_strerror (rc) );
- sdirhashtbl = vr.r.ver.sdirhashtbl;
+ trusthashtbl = vr.r.ver.trusthashtbl;
}
- return sdirhashtbl;
+
+ return trusthashtbl;
}
-/****************
- * Update a hashtable.
- * table gives the start of the table, key and keylen is the key,
- * newrecnum is the record number to insert.
+
+/*
+ * Update a hashtable in the trustdb. TABLE gives the start of the
+ * table, KEY and KEYLEN are the key, NEWRECNUM is the record number
+ * to insert into the table.
+ *
+ * Return: 0 on success or an error code.
*/
static int
-upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
+upd_hashtable (ulong table, byte *key, int keylen, ulong newrecnum)
{
- TRUSTREC lastrec, rec;
- ulong hashrec, item;
- int msb;
- int level=0;
- int rc, i;
-
- hashrec = table;
- next_level:
- msb = key[level];
- hashrec += msb / ITEMS_PER_HTBL_RECORD;
- rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
- if( rc ) {
- log_error( db_name, "upd_hashtable: read failed: %s\n",
- g10_errstr(rc) );
- return rc;
+ TRUSTREC lastrec, rec;
+ ulong hashrec, item;
+ int msb;
+ int level = 0;
+ int rc, i;
+
+ hashrec = table;
+ next_level:
+ msb = key[level];
+ hashrec += msb / ITEMS_PER_HTBL_RECORD;
+ rc = tdbio_read_record (hashrec, &rec, RECTYPE_HTBL);
+ if (rc)
+ {
+ log_error ("upd_hashtable: read failed: %s\n", gpg_strerror (rc));
+ return rc;
}
- item = rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
- if( !item ) { /* insert a new item into the hash table */
- rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum;
- rc = tdbio_write_record( &rec );
- if( rc ) {
- log_error( db_name, "upd_hashtable: write htbl failed: %s\n",
- g10_errstr(rc) );
- return rc;
+ item = rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
+ if (!item) /* Insert a new item into the hash table. */
+ {
+ rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum;
+ rc = tdbio_write_record (&rec);
+ if (rc)
+ {
+ log_error ("upd_hashtable: write htbl failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
}
}
- else if( item != newrecnum ) { /* must do an update */
- lastrec = rec;
- rc = tdbio_read_record( item, &rec, 0 );
- if( rc ) {
- log_error( "upd_hashtable: read item failed: %s\n",
- g10_errstr(rc) );
- return rc;
+ else if (item != newrecnum) /* Must do an update. */
+ {
+ lastrec = rec;
+ rc = tdbio_read_record (item, &rec, 0);
+ if (rc)
+ {
+ log_error ("upd_hashtable: read item failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
}
- if( rec.rectype == RECTYPE_HTBL ) {
- hashrec = item;
- level++;
- if( level >= keylen ) {
- log_error( "hashtable has invalid indirections.\n");
- return G10ERR_TRUSTDB;
+ if (rec.rectype == RECTYPE_HTBL)
+ {
+ hashrec = item;
+ level++;
+ if (level >= keylen)
+ {
+ log_error ("hashtable has invalid indirections.\n");
+ return GPG_ERR_TRUSTDB;
}
- goto next_level;
+ goto next_level;
}
- else if( rec.rectype == RECTYPE_HLST ) { /* extend list */
- /* see whether the key is already in this list */
- for(;;) {
- for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
- if( rec.r.hlst.rnum[i] == newrecnum ) {
- return 0; /* okay, already in the list */
+ else if (rec.rectype == RECTYPE_HLST) /* Extend the list. */
+ {
+ /* Check whether the key is already in this list. */
+ for (;;)
+ {
+ for (i=0; i < ITEMS_PER_HLST_RECORD; i++)
+ {
+ if (rec.r.hlst.rnum[i] == newrecnum)
+ {
+ return 0; /* Okay, already in the list. */
}
}
- if( rec.r.hlst.next ) {
- rc = tdbio_read_record( rec.r.hlst.next,
- &rec, RECTYPE_HLST);
- if( rc ) {
- log_error( "scan keyhashtbl read hlst failed: %s\n",
- g10_errstr(rc) );
- return rc;
+ if (rec.r.hlst.next)
+ {
+ rc = tdbio_read_record (rec.r.hlst.next, &rec, RECTYPE_HLST);
+ if (rc)
+ {
+ log_error ("upd_hashtable: read hlst failed: %s\n",
+ gpg_strerror (rc) );
+ return rc;
}
}
- else
- break; /* not there */
+ else
+ break; /* key is not in the list */
}
- /* find the next free entry and put it in */
- for(;;) {
- for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
- if( !rec.r.hlst.rnum[i] ) {
- rec.r.hlst.rnum[i] = newrecnum;
- rc = tdbio_write_record( &rec );
- if( rc )
- log_error( "upd_hashtable: write hlst failed: %s\n",
- g10_errstr(rc) );
- return rc; /* done */
+
+ /* Find the next free entry and put it in. */
+ for (;;)
+ {
+ for (i=0; i < ITEMS_PER_HLST_RECORD; i++)
+ {
+ if (!rec.r.hlst.rnum[i])
+ {
+ /* Empty slot found. */
+ rec.r.hlst.rnum[i] = newrecnum;
+ rc = tdbio_write_record (&rec);
+ if (rc)
+ log_error ("upd_hashtable: write hlst failed: %s\n",
+ gpg_strerror (rc));
+ return rc; /* Done. */
}
}
- if( rec.r.hlst.next ) {
- rc = tdbio_read_record( rec.r.hlst.next,
- &rec, RECTYPE_HLST );
- if( rc ) {
- log_error( "upd_hashtable: read hlst failed: %s\n",
- g10_errstr(rc) );
- return rc;
+
+ if (rec.r.hlst.next)
+ {
+ /* read the next reord of the list. */
+ rc = tdbio_read_record (rec.r.hlst.next, &rec, RECTYPE_HLST);
+ if (rc)
+ {
+ log_error ("upd_hashtable: read hlst failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
}
}
- else { /* add a new list record */
- rec.r.hlst.next = item = tdbio_new_recnum();
- rc = tdbio_write_record( &rec );
- if( rc ) {
- log_error( "upd_hashtable: write hlst failed: %s\n",
- g10_errstr(rc) );
- return rc;
+ else
+ {
+ /* Append a new record to the list. */
+ rec.r.hlst.next = item = tdbio_new_recnum ();
+ rc = tdbio_write_record (&rec);
+ if (rc)
+ {
+ log_error ("upd_hashtable: write hlst failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
}
- memset( &rec, 0, sizeof rec );
- rec.rectype = RECTYPE_HLST;
- rec.recnum = item;
- rec.r.hlst.rnum[0] = newrecnum;
- rc = tdbio_write_record( &rec );
- if( rc )
- log_error( "upd_hashtable: write ext hlst failed: %s\n",
- g10_errstr(rc) );
- return rc; /* done */
+ memset (&rec, 0, sizeof rec);
+ rec.rectype = RECTYPE_HLST;
+ rec.recnum = item;
+ rec.r.hlst.rnum[0] = newrecnum;
+ rc = tdbio_write_record (&rec);
+ if (rc)
+ log_error ("upd_hashtable: write ext hlst failed: %s\n",
+ gpg_strerror (rc));
+ return rc; /* Done. */
}
- } /* end loop over hlst slots */
- }
- else if( rec.rectype == RECTYPE_KEY
- || rec.rectype == RECTYPE_DIR
- || rec.rectype == RECTYPE_SDIR ) { /* insert a list record */
- if( rec.recnum == newrecnum ) {
- return 0;
- }
- item = rec.recnum; /* save number of key record */
- memset( &rec, 0, sizeof rec );
- rec.rectype = RECTYPE_HLST;
- rec.recnum = tdbio_new_recnum();
- rec.r.hlst.rnum[0] = item; /* old keyrecord */
- rec.r.hlst.rnum[1] = newrecnum; /* and new one */
- rc = tdbio_write_record( &rec );
- if( rc ) {
- log_error( "upd_hashtable: write new hlst failed: %s\n",
- g10_errstr(rc) );
- return rc;
- }
- /* update the hashtable record */
- lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum;
- rc = tdbio_write_record( &lastrec );
- if( rc )
- log_error( "upd_hashtable: update htbl failed: %s\n",
- g10_errstr(rc) );
- return rc; /* ready */
+ } /* end loop over list slots */
+
}
- else {
- log_error( "hashtbl %lu points to an invalid record\n",
- item);
- return G10ERR_TRUSTDB;
+ else if (rec.rectype == RECTYPE_TRUST) /* Insert a list record. */
+ {
+ if (rec.recnum == newrecnum)
+ {
+ return 0;
+ }
+ item = rec.recnum; /* Save number of key record. */
+ memset (&rec, 0, sizeof rec);
+ rec.rectype = RECTYPE_HLST;
+ rec.recnum = tdbio_new_recnum ();
+ rec.r.hlst.rnum[0] = item; /* Old key record */
+ rec.r.hlst.rnum[1] = newrecnum; /* and new key record */
+ rc = tdbio_write_record (&rec);
+ if (rc)
+ {
+ log_error( "upd_hashtable: write new hlst failed: %s\n",
+ gpg_strerror (rc) );
+ return rc;
+ }
+ /* Update the hashtable record. */
+ lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum;
+ rc = tdbio_write_record (&lastrec);
+ if (rc)
+ log_error ("upd_hashtable: update htbl failed: %s\n",
+ gpg_strerror (rc));
+ return rc; /* Ready. */
+ }
+ else
+ {
+ log_error ("hashtbl %lu: %lu/%d points to an invalid record %lu\n",
+ table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
+ if (opt.verbose > 1)
+ list_trustdb (es_stderr, NULL);
+ return GPG_ERR_TRUSTDB;
}
}
- return 0;
+ return 0;
}
-
-/****************
- * Lookup a record via the hashtable tablewith key/keylen and return the
- * result in rec. cmp() should return if the record is the desired one.
- * Returns -1 if not found, 0 if found or another errocode
+/*
+ * Drop an entry from a hashtable. TABLE gives the start of the
+ * table, KEY and KEYLEN are the key.
+ *
+ * Return: 0 on success or an error code.
*/
static int
-lookup_hashtable( ulong table, const byte *key, size_t keylen,
- int (*cmpfnc)(void*, const TRUSTREC *), void *cmpdata,
- TRUSTREC *rec )
+drop_from_hashtable (ulong table, byte *key, int keylen, ulong recnum)
{
- int rc;
- ulong hashrec, item;
- int msb;
- int level=0;
-
- hashrec = table;
- next_level:
- msb = key[level];
- hashrec += msb / ITEMS_PER_HTBL_RECORD;
- rc = tdbio_read_record( hashrec, rec, RECTYPE_HTBL );
- if( rc ) {
- log_error( db_name, "lookup_hashtable failed: %s\n", g10_errstr(rc) );
- return rc;
+ TRUSTREC rec;
+ ulong hashrec, item;
+ int msb;
+ int level = 0;
+ int rc, i;
+
+ hashrec = table;
+ next_level:
+ msb = key[level];
+ hashrec += msb / ITEMS_PER_HTBL_RECORD;
+ rc = tdbio_read_record (hashrec, &rec, RECTYPE_HTBL );
+ if (rc)
+ {
+ log_error ("drop_from_hashtable: read failed: %s\n", gpg_strerror (rc));
+ return rc;
}
- item = rec->r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
- if( !item )
- return -1; /* not found */
+ item = rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
+ if (!item)
+ return 0; /* Not found - forget about it. */
+
+ if (item == recnum) /* Table points direct to the record. */
+ {
+ rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = 0;
+ rc = tdbio_write_record( &rec );
+ if (rc)
+ log_error ("drop_from_hashtable: write htbl failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
+ }
- rc = tdbio_read_record( item, rec, 0 );
- if( rc ) {
- log_error( db_name, "hashtable read failed: %s\n", g10_errstr(rc) );
- return rc;
+ rc = tdbio_read_record (item, &rec, 0);
+ if (rc)
+ {
+ log_error ("drop_from_hashtable: read item failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
}
- if( rec->rectype == RECTYPE_HTBL ) {
- hashrec = item;
- level++;
- if( level >= keylen ) {
- log_error( db_name, "hashtable has invalid indirections\n");
- return G10ERR_TRUSTDB;
+
+ if (rec.rectype == RECTYPE_HTBL)
+ {
+ hashrec = item;
+ level++;
+ if (level >= keylen)
+ {
+ log_error ("hashtable has invalid indirections.\n");
+ return GPG_ERR_TRUSTDB;
}
- goto next_level;
+ goto next_level;
}
- else if( rec->rectype == RECTYPE_HLST ) {
- for(;;) {
- int i;
-
- for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
- if( rec->r.hlst.rnum[i] ) {
- TRUSTREC tmp;
-
- rc = tdbio_read_record( rec->r.hlst.rnum[i], &tmp, 0 );
- if( rc ) {
- log_error( "lookup_hashtable: read item failed: %s\n",
- g10_errstr(rc) );
- return rc;
- }
- if( (*cmpfnc)( cmpdata, &tmp ) ) {
- *rec = tmp;
- return 0;
- }
+
+ if (rec.rectype == RECTYPE_HLST)
+ {
+ for (;;)
+ {
+ for (i=0; i < ITEMS_PER_HLST_RECORD; i++)
+ {
+ if (rec.r.hlst.rnum[i] == recnum)
+ {
+ rec.r.hlst.rnum[i] = 0; /* Mark as free. */
+ rc = tdbio_write_record (&rec);
+ if (rc)
+ log_error("drop_from_hashtable: write htbl failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
}
}
- if( rec->r.hlst.next ) {
- rc = tdbio_read_record( rec->r.hlst.next, rec, RECTYPE_HLST );
- if( rc ) {
- log_error( "lookup_hashtable: read hlst failed: %s\n",
- g10_errstr(rc) );
- return rc;
+ if (rec.r.hlst.next)
+ {
+ rc = tdbio_read_record (rec.r.hlst.next, &rec, RECTYPE_HLST);
+ if (rc)
+ {
+ log_error ("drop_from_hashtable: read hlst failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
}
}
- else
- return -1; /* not found */
+ else
+ return 0; /* Key not in table. */
}
}
-
- if( (*cmpfnc)( cmpdata, rec ) )
- return 0; /* really found */
-
- return -1; /* no: not found */
+ log_error ("hashtbl %lu: %lu/%d points to wrong record %lu\n",
+ table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
+ return GPG_ERR_TRUSTDB;
}
-
-/****************
- * Update the key hashtbl or create the table if it does not exist
+/*
+ * Lookup a record via the hashtable TABLE by (KEY,KEYLEN) and return
+ * the result in REC. The return value of CMP() should be True if the
+ * record is the desired one.
+ *
+ * Return: 0 if found, GPG_ERR_NOT_FOUND, or another error code.
*/
-static int
-update_keyhashtbl( TRUSTREC *kr )
+static gpg_error_t
+lookup_hashtable (ulong table, const byte *key, size_t keylen,
+ int (*cmpfnc)(const void*, const TRUSTREC *),
+ const void *cmpdata, TRUSTREC *rec )
{
- return upd_hashtable( get_keyhashrec(),
- kr->r.key.fingerprint,
- kr->r.key.fingerprint_len, kr->recnum );
+ int rc;
+ ulong hashrec, item;
+ int msb;
+ int level = 0;
+
+ hashrec = table;
+ next_level:
+ msb = key[level];
+ hashrec += msb / ITEMS_PER_HTBL_RECORD;
+ rc = tdbio_read_record (hashrec, rec, RECTYPE_HTBL);
+ if (rc)
+ {
+ log_error("lookup_hashtable failed: %s\n", gpg_strerror (rc) );
+ return rc;
+ }
+
+ item = rec->r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
+ if (!item)
+ return gpg_error (GPG_ERR_NOT_FOUND);
+
+ rc = tdbio_read_record (item, rec, 0);
+ if (rc)
+ {
+ log_error( "hashtable read failed: %s\n", gpg_strerror (rc) );
+ return rc;
+ }
+ if (rec->rectype == RECTYPE_HTBL)
+ {
+ hashrec = item;
+ level++;
+ if (level >= keylen)
+ {
+ log_error ("hashtable has invalid indirections\n");
+ return GPG_ERR_TRUSTDB;
+ }
+ goto next_level;
+ }
+ else if (rec->rectype == RECTYPE_HLST)
+ {
+ for (;;)
+ {
+ int i;
+
+ for (i=0; i < ITEMS_PER_HLST_RECORD; i++)
+ {
+ if (rec->r.hlst.rnum[i])
+ {
+ TRUSTREC tmp;
+
+ rc = tdbio_read_record (rec->r.hlst.rnum[i], &tmp, 0);
+ if (rc)
+ {
+ log_error ("lookup_hashtable: read item failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
+ }
+ if ((*cmpfnc)(cmpdata, &tmp))
+ {
+ *rec = tmp;
+ return 0;
+ }
+ }
+ }
+ if (rec->r.hlst.next)
+ {
+ rc = tdbio_read_record (rec->r.hlst.next, rec, RECTYPE_HLST);
+ if (rc)
+ {
+ log_error ("lookup_hashtable: read hlst failed: %s\n",
+ gpg_strerror (rc) );
+ return rc;
+ }
+ }
+ else
+ return gpg_error (GPG_ERR_NOT_FOUND);
+ }
+ }
+
+ if ((*cmpfnc)(cmpdata, rec))
+ return 0; /* really found */
+
+ return gpg_error (GPG_ERR_NOT_FOUND); /* no: not found */
}
-/****************
- * Update the shadow dir hashtbl or create the table if it does not exist
+
+/*
+ * Update the trust hash table TR or create the table if it does not
+ * exist.
+ *
+ * Return: 0 on success or an error code.
*/
static int
-update_sdirhashtbl( TRUSTREC *sr )
+update_trusthashtbl( TRUSTREC *tr )
{
- byte key[8];
-
- u32tobuf( key , sr->r.sdir.keyid[0] );
- u32tobuf( key+4 , sr->r.sdir.keyid[1] );
- return upd_hashtable( get_sdirhashrec(), key, 8, sr->recnum );
+ return upd_hashtable (get_trusthashrec(),
+ tr->r.trust.fingerprint, 20, tr->recnum);
}
-
-
+/*
+ * Dump the trustdb record REC to stream FP.
+ */
void
-tdbio_dump_record( TRUSTREC *rec, FILE *fp )
+tdbio_dump_record (TRUSTREC *rec, estream_t fp)
{
- int i;
- ulong rnum = rec->recnum;
- byte *p;
-
- fprintf(fp, "rec %5lu, ", rnum );
-
- switch( rec->rectype ) {
- case 0: fprintf(fp, "blank\n");
- break;
- case RECTYPE_VER: fprintf(fp,
- "version, kd=%lu, sd=%lu, free=%lu, m/c/d=%d/%d/%d\n",
- rec->r.ver.keyhashtbl, rec->r.ver.sdirhashtbl,
- rec->r.ver.firstfree,
- rec->r.ver.marginals,
- rec->r.ver.completes,
- rec->r.ver.cert_depth );
- break;
- case RECTYPE_FREE: fprintf(fp, "free, next=%lu\n", rec->r.free.next );
- break;
- case RECTYPE_DIR:
- fprintf(fp, "dir %lu, keys=%lu, uids=%lu, t=%02x",
- rec->r.dir.lid,
- rec->r.dir.keylist,
- rec->r.dir.uidlist,
- rec->r.dir.ownertrust );
- if( rec->r.dir.dirflags & DIRF_VALVALID )
- fprintf( fp, ", v=%02x", rec->r.dir.validity );
- if( rec->r.dir.dirflags & DIRF_CHECKED ) {
- if( rec->r.dir.dirflags & DIRF_VALID )
- fputs(", valid", fp );
- if( rec->r.dir.dirflags & DIRF_EXPIRED )
- fputs(", expired", fp );
- if( rec->r.dir.dirflags & DIRF_REVOKED )
- fputs(", revoked", fp );
- }
- putc('\n', fp);
- break;
- case RECTYPE_KEY:
- fprintf(fp, "key %lu, n=%lu a=%d ",
- rec->r.key.lid,
- rec->r.key.next,
- rec->r.key.pubkey_algo );
- for(i=0; i < rec->r.key.fingerprint_len; i++ )
- fprintf(fp, "%02X", rec->r.key.fingerprint[i] );
- if( rec->r.key.keyflags & KEYF_CHECKED ) {
- if( rec->r.key.keyflags & KEYF_VALID )
- fputs(", valid", fp );
- if( rec->r.key.keyflags & KEYF_EXPIRED )
- fputs(", expired", fp );
- if( rec->r.key.keyflags & KEYF_REVOKED )
- fputs(", revoked", fp );
- }
- putc('\n', fp);
- break;
- case RECTYPE_UID:
- fprintf(fp, "uid %lu, next=%lu, pref=%lu, sig=%lu, hash=%02X%02X",
- rec->r.uid.lid,
- rec->r.uid.next,
- rec->r.uid.prefrec,
- rec->r.uid.siglist,
- rec->r.uid.namehash[18], rec->r.uid.namehash[19]);
- if( rec->r.uid.uidflags & UIDF_CHECKED ) {
- if( rec->r.uid.uidflags & UIDF_VALID )
- fputs(", valid", fp );
- if( rec->r.uid.uidflags & UIDF_REVOKED )
- fputs(", revoked", fp );
- }
- putc('\n', fp);
- break;
- case RECTYPE_PREF:
- fprintf(fp, "pref %lu, next=%lu,",
- rec->r.pref.lid, rec->r.pref.next);
- for(i=0,p=rec->r.pref.data; i < ITEMS_PER_PREF_RECORD; i+=2,p+=2 ) {
- if( *p )
- fprintf(fp, " %c%d", *p == PREFTYPE_SYM ? 'S' :
- *p == PREFTYPE_HASH ? 'H' :
- *p == PREFTYPE_COMPR ? 'Z' : '?', p[1]);
- }
- putc('\n', fp);
- break;
- case RECTYPE_SIG:
- fprintf(fp, "sig %lu, next=%lu,",
- rec->r.sig.lid, rec->r.sig.next );
- for(i=0; i < SIGS_PER_RECORD; i++ ) {
- if( rec->r.sig.sig[i].lid ) {
- fprintf(fp, " %lu:", rec->r.sig.sig[i].lid );
- if( rec->r.sig.sig[i].flag & SIGF_CHECKED ) {
- fprintf(fp,"%c%c%c",
- (rec->r.sig.sig[i].flag & SIGF_VALID) ? 'V':'-',
- (rec->r.sig.sig[i].flag & SIGF_EXPIRED) ? 'E':'-',
- (rec->r.sig.sig[i].flag & SIGF_REVOKED) ? 'R':'-');
- }
- else if( rec->r.sig.sig[i].flag & SIGF_NOPUBKEY)
- fputs("?--", fp);
- else
- fputs("---", fp);
- }
- }
- putc('\n', fp);
- break;
- case RECTYPE_SDIR:
- fprintf(fp, "sdir %lu, keyid=%08lX%08lX, algo=%d, hint=%lu\n",
- rec->r.sdir.lid,
- (ulong)rec->r.sdir.keyid[0],
- (ulong)rec->r.sdir.keyid[1],
- rec->r.sdir.pubkey_algo,
- (ulong)rec->r.sdir.hintlist );
- break;
- case RECTYPE_CACH:
- fprintf(fp, "cach\n");
- break;
- case RECTYPE_HTBL:
- fprintf(fp, "htbl,");
- for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ )
- fprintf(fp, " %lu", rec->r.htbl.item[i] );
- putc('\n', fp);
- break;
- case RECTYPE_HLST:
- fprintf(fp, "hlst, next=%lu,", rec->r.hlst.next );
- for(i=0; i < ITEMS_PER_HLST_RECORD; i++ )
- fprintf(fp, " %lu", rec->r.hlst.rnum[i] );
- putc('\n', fp);
- break;
- default:
- fprintf(fp, "unknown type %d\n", rec->rectype );
- break;
+ int i;
+ ulong rnum = rec->recnum;
+
+ es_fprintf (fp, "rec %5lu, ", rnum);
+
+ switch (rec->rectype)
+ {
+ case 0:
+ es_fprintf (fp, "blank\n");
+ break;
+
+ case RECTYPE_VER:
+ es_fprintf (fp,
+ "version, td=%lu, f=%lu, m/c/d=%d/%d/%d tm=%d mcl=%d nc=%lu (%s)\n",
+ rec->r.ver.trusthashtbl,
+ rec->r.ver.firstfree,
+ rec->r.ver.marginals,
+ rec->r.ver.completes,
+ rec->r.ver.cert_depth,
+ rec->r.ver.trust_model,
+ rec->r.ver.min_cert_level,
+ rec->r.ver.nextcheck,
+ strtimestamp(rec->r.ver.nextcheck)
+ );
+ break;
+
+ case RECTYPE_FREE:
+ es_fprintf (fp, "free, next=%lu\n", rec->r.free.next);
+ break;
+
+ case RECTYPE_HTBL:
+ es_fprintf (fp, "htbl,");
+ for (i=0; i < ITEMS_PER_HTBL_RECORD; i++)
+ es_fprintf (fp, " %lu", rec->r.htbl.item[i]);
+ es_putc ('\n', fp);
+ break;
+
+ case RECTYPE_HLST:
+ es_fprintf (fp, "hlst, next=%lu,", rec->r.hlst.next);
+ for (i=0; i < ITEMS_PER_HLST_RECORD; i++)
+ es_fprintf (fp, " %lu", rec->r.hlst.rnum[i]);
+ es_putc ('\n', fp);
+ break;
+
+ case RECTYPE_TRUST:
+ es_fprintf (fp, "trust ");
+ for (i=0; i < 20; i++)
+ es_fprintf (fp, "%02X", rec->r.trust.fingerprint[i]);
+ es_fprintf (fp, ", ot=%d, d=%d, vl=%lu\n", rec->r.trust.ownertrust,
+ rec->r.trust.depth, rec->r.trust.validlist);
+ break;
+
+ case RECTYPE_VALID:
+ es_fprintf (fp, "valid ");
+ for (i=0; i < 20; i++)
+ es_fprintf(fp, "%02X", rec->r.valid.namehash[i]);
+ es_fprintf (fp, ", v=%d, next=%lu\n", rec->r.valid.validity,
+ rec->r.valid.next);
+ break;
+
+ default:
+ es_fprintf (fp, "unknown type %d\n", rec->rectype );
+ break;
}
}
-/****************
- * read the record with number recnum
- * returns: -1 on error, 0 on success
+
+/*
+ * Read the record with number RECNUM into the structure REC. If
+ * EXPECTED is not 0 reading any other record type will return an
+ * error.
+ *
+ * Return: 0 on success, -1 on EOF, or an error code.
*/
int
-tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
+tdbio_read_record (ulong recnum, TRUSTREC *rec, int expected)
{
- byte readbuf[TRUST_RECORD_LEN];
- const byte *buf, *p;
- int rc = 0;
- int n, i;
-
- if( db_fd == -1 )
- open_db();
- buf = get_record_from_cache( recnum );
- if( !buf ) {
- if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
- log_error(_("trustdb: lseek failed: %s\n"), strerror(errno) );
- return G10ERR_READ_FILE;
+ byte readbuf[TRUST_RECORD_LEN];
+ const byte *buf, *p;
+ gpg_error_t err = 0;
+ int n, i;
+
+ if (db_fd == -1)
+ open_db ();
+
+ buf = get_record_from_cache( recnum );
+ if (!buf)
+ {
+ if (lseek (db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET) == -1)
+ {
+ err = gpg_error_from_syserror ();
+ log_error (_("trustdb: lseek failed: %s\n"), strerror (errno));
+ return err;
}
- n = read( db_fd, readbuf, TRUST_RECORD_LEN);
- if( !n ) {
- return -1; /* eof */
+ n = read (db_fd, readbuf, TRUST_RECORD_LEN);
+ if (!n)
+ {
+ return -1; /* eof */
}
- else if( n != TRUST_RECORD_LEN ) {
- log_error(_("trustdb: read failed (n=%d): %s\n"), n,
- strerror(errno) );
- return G10ERR_READ_FILE;
+ else if (n != TRUST_RECORD_LEN)
+ {
+ err = gpg_error_from_syserror ();
+ log_error (_("trustdb: read failed (n=%d): %s\n"),
+ n, strerror(errno));
+ return err;
}
- buf = readbuf;
+ buf = readbuf;
}
- rec->recnum = recnum;
- rec->dirty = 0;
- p = buf;
- rec->rectype = *p++;
- if( expected && rec->rectype != expected ) {
- log_error("%lu: read expected rec type %d, got %d\n",
- recnum, expected, rec->rectype );
- return G10ERR_TRUSTDB;
+ rec->recnum = recnum;
+ rec->dirty = 0;
+ p = buf;
+ rec->rectype = *p++;
+ if (expected && rec->rectype != expected)
+ {
+ log_error ("%lu: read expected rec type %d, got %d\n",
+ recnum, expected, rec->rectype);
+ return gpg_error (GPG_ERR_TRUSTDB);
}
- p++; /* skip reserved byte */
- switch( rec->rectype ) {
- case 0: /* unused (free) record */
- break;
- case RECTYPE_VER: /* version record */
- if( memcmp(buf+1, "gpg", 3 ) ) {
- log_error( _("%s: not a trustdb file\n"), db_name );
- rc = G10ERR_TRUSTDB;
- }
- p += 2; /* skip "pgp" */
- rec->r.ver.version = *p++;
- rec->r.ver.marginals = *p++;
- rec->r.ver.completes = *p++;
- rec->r.ver.cert_depth = *p++;
- p += 4; /* lock flags */
- rec->r.ver.created = buftoulong(p); p += 4;
- rec->r.ver.modified = buftoulong(p); p += 4;
- rec->r.ver.validated= buftoulong(p); p += 4;
- rec->r.ver.keyhashtbl=buftoulong(p); p += 4;
- rec->r.ver.firstfree =buftoulong(p); p += 4;
- rec->r.ver.sdirhashtbl =buftoulong(p); p += 4;
- if( recnum ) {
- log_error( _("%s: version record with recnum %lu\n"), db_name,
- (ulong)recnum );
- rc = G10ERR_TRUSTDB;
- }
- else if( rec->r.ver.version != 2 ) {
- log_error( _("%s: invalid file version %d\n"), db_name,
- rec->r.ver.version );
- rc = G10ERR_TRUSTDB;
- }
- break;
- case RECTYPE_FREE:
- rec->r.free.next = buftoulong(p); p += 4;
- break;
- case RECTYPE_DIR: /*directory record */
- rec->r.dir.lid = buftoulong(p); p += 4;
- rec->r.dir.keylist = buftoulong(p); p += 4;
- rec->r.dir.uidlist = buftoulong(p); p += 4;
- rec->r.dir.cacherec = buftoulong(p); p += 4;
- rec->r.dir.ownertrust = *p++;
- rec->r.dir.dirflags = *p++;
- rec->r.dir.validity = *p++;
- switch( rec->r.dir.validity ) {
- case 0:
- case TRUST_UNDEFINED:
- case TRUST_NEVER:
- case TRUST_MARGINAL:
- case TRUST_FULLY:
- case TRUST_ULTIMATE:
- break;
- default:
- log_info("lid %lu: invalid validity value - cleared\n", recnum);
- }
- if( rec->r.dir.lid != recnum ) {
- log_error( "%s: dir LID != recnum (%lu,%lu)\n",
- db_name, rec->r.dir.lid, (ulong)recnum );
- rc = G10ERR_TRUSTDB;
- }
- break;
- case RECTYPE_KEY: /* public key record */
- rec->r.key.lid = buftoulong(p); p += 4;
- rec->r.key.next = buftoulong(p); p += 4;
- p += 7;
- rec->r.key.keyflags = *p++;
- rec->r.key.pubkey_algo = *p++;
- rec->r.key.fingerprint_len = *p++;
- if( rec->r.key.fingerprint_len < 1 || rec->r.key.fingerprint_len > 20 )
- rec->r.key.fingerprint_len = 20;
- memcpy( rec->r.key.fingerprint, p, 20);
- break;
- case RECTYPE_UID: /* user id record */
- rec->r.uid.lid = buftoulong(p); p += 4;
- rec->r.uid.next = buftoulong(p); p += 4;
- rec->r.uid.prefrec = buftoulong(p); p += 4;
- rec->r.uid.siglist = buftoulong(p); p += 4;
- rec->r.uid.uidflags = *p++;
- p ++;
- memcpy( rec->r.uid.namehash, p, 20);
- break;
- case RECTYPE_PREF: /* preference record */
- rec->r.pref.lid = buftoulong(p); p += 4;
- rec->r.pref.next = buftoulong(p); p += 4;
- memcpy( rec->r.pref.data, p, 30 );
- break;
- case RECTYPE_SIG:
- rec->r.sig.lid = buftoulong(p); p += 4;
- rec->r.sig.next = buftoulong(p); p += 4;
- for(i=0; i < SIGS_PER_RECORD; i++ ) {
- rec->r.sig.sig[i].lid = buftoulong(p); p += 4;
- rec->r.sig.sig[i].flag = *p++;
- }
- break;
- case RECTYPE_SDIR: /* shadow directory record */
- rec->r.sdir.lid = buftoulong(p); p += 4;
- rec->r.sdir.keyid[0]= buftou32(p); p += 4;
- rec->r.sdir.keyid[1]= buftou32(p); p += 4;
- rec->r.sdir.pubkey_algo = *p++;
- p += 3;
- rec->r.sdir.hintlist = buftoulong(p);
- if( rec->r.sdir.lid != recnum ) {
- log_error( "%s: sdir LID != recnum (%lu,%lu)\n",
- db_name, rec->r.sdir.lid, (ulong)recnum );
- rc = G10ERR_TRUSTDB;
- }
- break;
- case RECTYPE_CACH: /* cache record */
- rec->r.cache.lid = buftoulong(p); p += 4;
- memcpy(rec->r.cache.blockhash, p, 20); p += 20;
- rec->r.cache.trustlevel = *p++;
- break;
- case RECTYPE_HTBL:
- for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
- rec->r.htbl.item[i] = buftoulong(p); p += 4;
+ p++; /* Skip reserved byte. */
+ switch (rec->rectype)
+ {
+ case 0: /* unused (free) record */
+ break;
+
+ case RECTYPE_VER: /* version record */
+ if (memcmp(buf+1, GPGEXT_GPG, 3))
+ {
+ log_error (_("%s: not a trustdb file\n"), db_name );
+ err = gpg_error (GPG_ERR_TRUSTDB);
+ }
+ else
+ {
+ p += 2; /* skip "gpg" */
+ rec->r.ver.version = *p++;
+ rec->r.ver.marginals = *p++;
+ rec->r.ver.completes = *p++;
+ rec->r.ver.cert_depth = *p++;
+ rec->r.ver.trust_model = *p++;
+ rec->r.ver.min_cert_level = *p++;
+ p += 2;
+ rec->r.ver.created = buf32_to_ulong(p);
+ p += 4;
+ rec->r.ver.nextcheck = buf32_to_ulong(p);
+ p += 4;
+ p += 4;
+ p += 4;
+ rec->r.ver.firstfree = buf32_to_ulong(p);
+ p += 4;
+ p += 4;
+ rec->r.ver.trusthashtbl = buf32_to_ulong(p);
+ if (recnum)
+ {
+ log_error( _("%s: version record with recnum %lu\n"), db_name,
+ (ulong)recnum );
+ err = gpg_error (GPG_ERR_TRUSTDB);
+ }
+ else if (rec->r.ver.version != 3)
+ {
+ log_error( _("%s: invalid file version %d\n"), db_name,
+ rec->r.ver.version );
+ err = gpg_error (GPG_ERR_TRUSTDB);
+ }
+ }
+ break;
+
+ case RECTYPE_FREE:
+ rec->r.free.next = buf32_to_ulong(p);
+ break;
+
+ case RECTYPE_HTBL:
+ for (i=0; i < ITEMS_PER_HTBL_RECORD; i++)
+ {
+ rec->r.htbl.item[i] = buf32_to_ulong(p);
+ p += 4;
}
- break;
- case RECTYPE_HLST:
- rec->r.hlst.next = buftoulong(p); p += 4;
- for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
- rec->r.hlst.rnum[i] = buftoulong(p); p += 4;
+ break;
+
+ case RECTYPE_HLST:
+ rec->r.hlst.next = buf32_to_ulong(p);
+ p += 4;
+ for (i=0; i < ITEMS_PER_HLST_RECORD; i++)
+ {
+ rec->r.hlst.rnum[i] = buf32_to_ulong(p);
+ p += 4;
}
- break;
- default:
- log_error( "%s: invalid record type %d at recnum %lu\n",
- db_name, rec->rectype, (ulong)recnum );
- rc = G10ERR_TRUSTDB;
- break;
+ break;
+
+ case RECTYPE_TRUST:
+ memcpy (rec->r.trust.fingerprint, p, 20);
+ p+=20;
+ rec->r.trust.ownertrust = *p++;
+ rec->r.trust.depth = *p++;
+ rec->r.trust.min_ownertrust = *p++;
+ p++;
+ rec->r.trust.validlist = buf32_to_ulong(p);
+ break;
+
+ case RECTYPE_VALID:
+ memcpy (rec->r.valid.namehash, p, 20);
+ p+=20;
+ rec->r.valid.validity = *p++;
+ rec->r.valid.next = buf32_to_ulong(p);
+ p += 4;
+ rec->r.valid.full_count = *p++;
+ rec->r.valid.marginal_count = *p++;
+ break;
+
+ default:
+ log_error ("%s: invalid record type %d at recnum %lu\n",
+ db_name, rec->rectype, (ulong)recnum);
+ err = gpg_error (GPG_ERR_TRUSTDB);
+ break;
}
- return rc;
+ return err;
}
-/****************
- * Write the record at RECNUM
+
+/*
+ * Write the record from the struct REC.
+ *
+ * Return: 0 on success or an error code.
*/
int
tdbio_write_record( TRUSTREC *rec )
{
- byte buf[TRUST_RECORD_LEN], *p;
- int rc = 0;
- int i;
- ulong recnum = rec->recnum;
-
- if( db_fd == -1 )
- open_db();
-
- memset(buf, 0, TRUST_RECORD_LEN);
- p = buf;
- *p++ = rec->rectype; p++;
- switch( rec->rectype ) {
- case 0: /* unused record */
- break;
- case RECTYPE_VER: /* version record */
- if( recnum )
- BUG();
- memcpy(p-1, "gpg", 3 ); p += 2;
- *p++ = rec->r.ver.version;
- *p++ = rec->r.ver.marginals;
- *p++ = rec->r.ver.completes;
- *p++ = rec->r.ver.cert_depth;
- p += 4; /* skip lock flags */
- ulongtobuf(p, rec->r.ver.created); p += 4;
- ulongtobuf(p, rec->r.ver.modified); p += 4;
- ulongtobuf(p, rec->r.ver.validated); p += 4;
- ulongtobuf(p, rec->r.ver.keyhashtbl); p += 4;
- ulongtobuf(p, rec->r.ver.firstfree ); p += 4;
- ulongtobuf(p, rec->r.ver.sdirhashtbl ); p += 4;
- break;
-
- case RECTYPE_FREE:
- ulongtobuf(p, rec->r.free.next); p += 4;
- break;
-
- case RECTYPE_DIR: /*directory record */
- ulongtobuf(p, rec->r.dir.lid); p += 4;
- ulongtobuf(p, rec->r.dir.keylist); p += 4;
- ulongtobuf(p, rec->r.dir.uidlist); p += 4;
- ulongtobuf(p, rec->r.dir.cacherec); p += 4;
- *p++ = rec->r.dir.ownertrust;
- *p++ = rec->r.dir.dirflags;
- *p++ = rec->r.dir.validity;
- assert( rec->r.dir.lid == recnum );
- break;
-
- case RECTYPE_KEY:
- ulongtobuf(p, rec->r.key.lid); p += 4;
- ulongtobuf(p, rec->r.key.next); p += 4;
- p += 7;
- *p++ = rec->r.key.keyflags;
- *p++ = rec->r.key.pubkey_algo;
- *p++ = rec->r.key.fingerprint_len;
- memcpy( p, rec->r.key.fingerprint, 20); p += 20;
- break;
-
- case RECTYPE_UID: /* user id record */
- ulongtobuf(p, rec->r.uid.lid); p += 4;
- ulongtobuf(p, rec->r.uid.next); p += 4;
- ulongtobuf(p, rec->r.uid.prefrec); p += 4;
- ulongtobuf(p, rec->r.uid.siglist); p += 4;
- *p++ = rec->r.uid.uidflags;
- p++;
- memcpy( p, rec->r.uid.namehash, 20 ); p += 20;
- break;
-
- case RECTYPE_PREF:
- ulongtobuf(p, rec->r.pref.lid); p += 4;
- ulongtobuf(p, rec->r.pref.next); p += 4;
- memcpy( p, rec->r.pref.data, 30 );
- break;
-
- case RECTYPE_SIG:
- ulongtobuf(p, rec->r.sig.lid); p += 4;
- ulongtobuf(p, rec->r.sig.next); p += 4;
- for(i=0; i < SIGS_PER_RECORD; i++ ) {
- ulongtobuf(p, rec->r.sig.sig[i].lid); p += 4;
- *p++ = rec->r.sig.sig[i].flag;
- }
- break;
-
- case RECTYPE_SDIR:
- ulongtobuf( p, rec->r.sdir.lid); p += 4;
- u32tobuf( p, rec->r.sdir.keyid[0] ); p += 4;
- u32tobuf( p, rec->r.sdir.keyid[1] ); p += 4;
- *p++ = rec->r.sdir.pubkey_algo;
- p += 3;
- ulongtobuf( p, rec->r.sdir.hintlist );
- break;
-
- case RECTYPE_CACH:
- ulongtobuf(p, rec->r.cache.lid); p += 4;
- memcpy(p, rec->r.cache.blockhash, 20); p += 20;
- *p++ = rec->r.cache.trustlevel;
- break;
-
- case RECTYPE_HTBL:
- for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
- ulongtobuf( p, rec->r.htbl.item[i]); p += 4;
+ byte buf[TRUST_RECORD_LEN];
+ byte *p;
+ int rc = 0;
+ int i;
+ ulong recnum = rec->recnum;
+
+ if (db_fd == -1)
+ open_db ();
+
+ memset (buf, 0, TRUST_RECORD_LEN);
+ p = buf;
+ *p++ = rec->rectype; p++;
+
+ switch (rec->rectype)
+ {
+ case 0: /* unused record */
+ break;
+
+ case RECTYPE_VER: /* version record */
+ if (recnum)
+ BUG ();
+ memcpy(p-1, GPGEXT_GPG, 3 ); p += 2;
+ *p++ = rec->r.ver.version;
+ *p++ = rec->r.ver.marginals;
+ *p++ = rec->r.ver.completes;
+ *p++ = rec->r.ver.cert_depth;
+ *p++ = rec->r.ver.trust_model;
+ *p++ = rec->r.ver.min_cert_level;
+ p += 2;
+ ulongtobuf(p, rec->r.ver.created); p += 4;
+ ulongtobuf(p, rec->r.ver.nextcheck); p += 4;
+ p += 4;
+ p += 4;
+ ulongtobuf(p, rec->r.ver.firstfree ); p += 4;
+ p += 4;
+ ulongtobuf(p, rec->r.ver.trusthashtbl ); p += 4;
+ break;
+
+ case RECTYPE_FREE:
+ ulongtobuf(p, rec->r.free.next); p += 4;
+ break;
+
+ case RECTYPE_HTBL:
+ for (i=0; i < ITEMS_PER_HTBL_RECORD; i++)
+ {
+ ulongtobuf( p, rec->r.htbl.item[i]); p += 4;
+ }
+ break;
+
+ case RECTYPE_HLST:
+ ulongtobuf( p, rec->r.hlst.next); p += 4;
+ for (i=0; i < ITEMS_PER_HLST_RECORD; i++ )
+ {
+ ulongtobuf( p, rec->r.hlst.rnum[i]); p += 4;
}
- break;
-
- case RECTYPE_HLST:
- ulongtobuf( p, rec->r.hlst.next); p += 4;
- for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
- ulongtobuf( p, rec->r.hlst.rnum[i]); p += 4;
- }
- break;
-
- default:
- BUG();
+ break;
+
+ case RECTYPE_TRUST:
+ memcpy (p, rec->r.trust.fingerprint, 20); p += 20;
+ *p++ = rec->r.trust.ownertrust;
+ *p++ = rec->r.trust.depth;
+ *p++ = rec->r.trust.min_ownertrust;
+ p++;
+ ulongtobuf( p, rec->r.trust.validlist); p += 4;
+ break;
+
+ case RECTYPE_VALID:
+ memcpy (p, rec->r.valid.namehash, 20); p += 20;
+ *p++ = rec->r.valid.validity;
+ ulongtobuf( p, rec->r.valid.next); p += 4;
+ *p++ = rec->r.valid.full_count;
+ *p++ = rec->r.valid.marginal_count;
+ break;
+
+ default:
+ BUG();
}
- rc = put_record_into_cache( recnum, buf );
- if( rc )
- ;
- if( rec->rectype == RECTYPE_KEY )
- rc = update_keyhashtbl( rec );
- else if( rec->rectype == RECTYPE_SDIR )
- rc = update_sdirhashtbl( rec );
+ rc = put_record_into_cache (recnum, buf);
+ if (rc)
+ ;
+ else if (rec->rectype == RECTYPE_TRUST)
+ rc = update_trusthashtbl (rec);
- return rc;
+ return rc;
}
+
+/*
+ * Delete the record at record number RECNUm from the trustdb.
+ *
+ * Return: 0 on success or an error code.
+ */
int
-tdbio_delete_record( ulong recnum )
+tdbio_delete_record (ulong recnum)
{
- TRUSTREC vr, rec;
- int rc;
+ TRUSTREC vr, rec;
+ int rc;
+
+ /* Must read the record fist, so we can drop it from the hash tables */
+ rc = tdbio_read_record (recnum, &rec, 0);
+ if (rc)
+ ;
+ else if (rec.rectype == RECTYPE_TRUST)
+ {
+ rc = drop_from_hashtable (get_trusthashrec(),
+ rec.r.trust.fingerprint, 20, rec.recnum);
+ }
- rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
- if( rc )
- log_fatal( _("%s: error reading version record: %s\n"),
- db_name, g10_errstr(rc) );
-
- rec.recnum = recnum;
- rec.rectype = RECTYPE_FREE;
- rec.r.free.next = vr.r.ver.firstfree;
- vr.r.ver.firstfree = recnum;
- rc = tdbio_write_record( &rec );
- if( !rc )
- rc = tdbio_write_record( &vr );
+ if (rc)
return rc;
+
+ /* Now we can chnage it to a free record. */
+ rc = tdbio_read_record (0, &vr, RECTYPE_VER);
+ if (rc)
+ log_fatal (_("%s: error reading version record: %s\n"),
+ db_name, gpg_strerror (rc));
+
+ rec.recnum = recnum;
+ rec.rectype = RECTYPE_FREE;
+ rec.r.free.next = vr.r.ver.firstfree;
+ vr.r.ver.firstfree = recnum;
+ rc = tdbio_write_record (&rec);
+ if (!rc)
+ rc = tdbio_write_record (&vr);
+
+ return rc;
}
-/****************
- * create a new record and return its record number
+
+/*
+ * Create a new record and return its record number.
*/
ulong
-tdbio_new_recnum()
+tdbio_new_recnum ()
{
- off_t offset;
- ulong recnum;
- TRUSTREC vr, rec;
- int rc;
-
- /* look for unused records */
- rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
- if( rc )
- log_fatal( _("%s: error reading version record: %s\n"),
- db_name, g10_errstr(rc) );
- if( vr.r.ver.firstfree ) {
- recnum = vr.r.ver.firstfree;
- rc = tdbio_read_record( recnum, &rec, RECTYPE_FREE );
- if( rc ) {
- log_error( _("%s: error reading free record: %s\n"),
- db_name, g10_errstr(rc) );
- return rc;
+ off_t offset;
+ ulong recnum;
+ TRUSTREC vr, rec;
+ int rc;
+
+ /* Look for unused records. */
+ rc = tdbio_read_record (0, &vr, RECTYPE_VER);
+ if (rc)
+ log_fatal( _("%s: error reading version record: %s\n"),
+ db_name, gpg_strerror (rc));
+ if (vr.r.ver.firstfree)
+ {
+ recnum = vr.r.ver.firstfree;
+ rc = tdbio_read_record (recnum, &rec, RECTYPE_FREE);
+ if (rc)
+ {
+ log_error (_("%s: error reading free record: %s\n"),
+ db_name, gpg_strerror (rc));
+ return rc;
}
- /* update dir record */
- vr.r.ver.firstfree = rec.r.free.next;
- rc = tdbio_write_record( &vr );
- if( rc ) {
- log_error( _("%s: error writing dir record: %s\n"),
- db_name, g10_errstr(rc) );
- return rc;
+ /* Update dir record. */
+ vr.r.ver.firstfree = rec.r.free.next;
+ rc = tdbio_write_record (&vr);
+ if (rc)
+ {
+ log_error (_("%s: error writing dir record: %s\n"),
+ db_name, gpg_strerror (rc));
+ return rc;
}
- /*zero out the new record */
- memset( &rec, 0, sizeof rec );
- rec.rectype = 0; /* unused record */
- rec.recnum = recnum;
- rc = tdbio_write_record( &rec );
- if( rc )
- log_fatal(_("%s: failed to zero a record: %s\n"),
- db_name, g10_errstr(rc));
+ /* Zero out the new record. */
+ memset (&rec, 0, sizeof rec);
+ rec.rectype = 0; /* Mark as unused record (actually already done
+ my the memset). */
+ rec.recnum = recnum;
+ rc = tdbio_write_record (&rec);
+ if (rc)
+ log_fatal (_("%s: failed to zero a record: %s\n"),
+ db_name, gpg_strerror (rc));
}
- else { /* not found, append a new record */
- offset = lseek( db_fd, 0, SEEK_END );
- if( offset == -1 )
- log_fatal("trustdb: lseek to end failed: %s\n", strerror(errno) );
- recnum = offset / TRUST_RECORD_LEN;
- assert(recnum); /* this is will never be the first record */
- /* we must write a record, so that the next call to this function
- * returns another recnum */
- memset( &rec, 0, sizeof rec );
- rec.rectype = 0; /* unused record */
- rec.recnum = recnum;
- rc = 0;
- if( lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET ) == -1 ) {
- log_error(_("trustdb rec %lu: lseek failed: %s\n"),
- recnum, strerror(errno) );
- rc = G10ERR_WRITE_FILE;
+ else /* Not found - append a new record. */
+ {
+ offset = lseek (db_fd, 0, SEEK_END);
+ if (offset == (off_t)(-1))
+ log_fatal ("trustdb: lseek to end failed: %s\n", strerror (errno));
+ recnum = offset / TRUST_RECORD_LEN;
+ log_assert (recnum); /* this is will never be the first record */
+ /* We must write a record, so that the next call to this
+ * function returns another recnum. */
+ memset (&rec, 0, sizeof rec);
+ rec.rectype = 0; /* unused record */
+ rec.recnum = recnum;
+ rc = 0;
+ if (lseek( db_fd, recnum * TRUST_RECORD_LEN, SEEK_SET) == -1)
+ {
+ rc = gpg_error_from_syserror ();
+ log_error (_("trustdb rec %lu: lseek failed: %s\n"),
+ recnum, strerror (errno));
}
- else {
- int n = write( db_fd, &rec, TRUST_RECORD_LEN);
- if( n != TRUST_RECORD_LEN ) {
- log_error(_("trustdb rec %lu: write failed (n=%d): %s\n"),
- recnum, n, strerror(errno) );
- rc = G10ERR_WRITE_FILE;
+ else
+ {
+ int n;
+
+ n = write (db_fd, &rec, TRUST_RECORD_LEN);
+ if (n != TRUST_RECORD_LEN)
+ {
+ rc = gpg_error_from_syserror ();
+ log_error (_("trustdb rec %lu: write failed (n=%d): %s\n"),
+ recnum, n, strerror (errno));
}
}
- if( rc )
- log_fatal(_("%s: failed to append a record: %s\n"),
- db_name, g10_errstr(rc));
+ if (rc)
+ log_fatal (_("%s: failed to append a record: %s\n"),
+ db_name, gpg_strerror (rc));
}
- return recnum ;
+
+ return recnum ;
}
-/****************
- * Search the trustdb for a key which matches PK and return the dir record
- * The local_id of PK is set to the correct value
- */
-int
-tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec )
+/* Helper function for tdbio_search_trust_byfpr. */
+static int
+cmp_trec_fpr ( const void *fpr, const TRUSTREC *rec )
{
- byte fingerprint[MAX_FINGERPRINT_LEN];
- size_t fingerlen;
- u32 keyid[2];
- int rc;
-
- keyid_from_pk( pk, keyid );
- fingerprint_from_pk( pk, fingerprint, &fingerlen );
- rc = tdbio_search_dir_byfpr( fingerprint, fingerlen,
- pk->pubkey_algo, rec );
-
- if( !rc ) {
- if( pk->local_id && pk->local_id != rec->recnum )
- log_error("%s: found record, but LID from memory does "
- "not match recnum (%lu,%lu)\n",
- db_name, pk->local_id, rec->recnum );
- pk->local_id = rec->recnum;
- }
- return rc;
+ return (rec->rectype == RECTYPE_TRUST
+ && !memcmp (rec->r.trust.fingerprint, fpr, 20));
}
-static int
-cmp_krec_fpr( void *dataptr, const TRUSTREC *rec )
+/*
+ * Given a 20 byte FINGERPRINT search its trust record and return
+ * that at REC.
+ *
+ * Return: 0 if found, GPG_ERR_NOT_FOUND, or another error code.
+ */
+gpg_error_t
+tdbio_search_trust_byfpr (const byte *fingerprint, TRUSTREC *rec)
{
- const struct cmp_krec_fpr_struct *d = dataptr;
-
- return rec->rectype == RECTYPE_KEY
- && ( !d->pubkey_algo || rec->r.key.pubkey_algo == d->pubkey_algo )
- && rec->r.key.fingerprint_len == d->fprlen
- && !memcmp( rec->r.key.fingerprint, d->fpr, d->fprlen );
-}
+ int rc;
-int
-tdbio_search_dir_byfpr( const byte *fingerprint, size_t fingerlen,
- int pubkey_algo, TRUSTREC *rec )
-{
- struct cmp_krec_fpr_struct cmpdata;
- ulong recnum;
- int rc;
-
- assert( fingerlen == 20 || fingerlen == 16 );
-
- /* locate the key using the hash table */
- cmpdata.pubkey_algo = pubkey_algo;
- cmpdata.fpr = fingerprint;
- cmpdata.fprlen = fingerlen;
- rc = lookup_hashtable( get_keyhashrec(), fingerprint, fingerlen,
- cmp_krec_fpr, &cmpdata, rec );
- if( !rc ) {
- recnum = rec->r.key.lid;
- /* Now read the dir record */
- rc = tdbio_read_record( recnum, rec, RECTYPE_DIR);
- if( rc )
- log_error("%s: can't read dirrec %lu: %s\n",
- db_name, recnum, g10_errstr(rc) );
- }
- return rc;
+ /* Locate the trust record using the hash table */
+ rc = lookup_hashtable (get_trusthashrec(), fingerprint, 20,
+ cmp_trec_fpr, fingerprint, rec );
+ return rc;
}
-
-static int
-cmp_sdir( void *dataptr, const TRUSTREC *rec )
+/*
+ * Given a primary public key object PK search its trust record and
+ * return that at REC.
+ *
+ * Return: 0 if found, GPG_ERR_NOT_FOUND, or another error code.
+ */
+gpg_error_t
+tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec)
{
- const struct cmp_sdir_struct *d = dataptr;
+ byte fingerprint[MAX_FINGERPRINT_LEN];
+ size_t fingerlen;
- return rec->rectype == RECTYPE_SDIR
- && ( !d->pubkey_algo || rec->r.sdir.pubkey_algo == d->pubkey_algo )
- && rec->r.sdir.keyid[0] == d->keyid[0]
- && rec->r.sdir.keyid[1] == d->keyid[1];
+ fingerprint_from_pk( pk, fingerprint, &fingerlen );
+ for (; fingerlen < 20; fingerlen++)
+ fingerprint[fingerlen] = 0;
+ return tdbio_search_trust_byfpr (fingerprint, rec);
}
-int
-tdbio_search_sdir( u32 *keyid, int pubkey_algo, TRUSTREC *rec )
+/*
+ * Terminate the process with a message about a corrupted trustdb.
+ */
+void
+tdbio_invalid (void)
{
- struct cmp_sdir_struct cmpdata;
- int rc;
- byte key[8];
-
- /* locate the shadow dir record using the hash table */
- u32tobuf( key , keyid[0] );
- u32tobuf( key+4 , keyid[1] );
- cmpdata.pubkey_algo = pubkey_algo;
- cmpdata.keyid[0] = keyid[0];
- cmpdata.keyid[1] = keyid[1];
- rc = lookup_hashtable( get_sdirhashrec(), key, 8,
- cmp_sdir, &cmpdata, rec );
- return rc;
+ log_error (_("Error: The trustdb is corrupted.\n"));
+ how_to_fix_the_trustdb ();
+ g10_exit (2);
}
-
-
projects / gnupg.git / blobdiff