Changes to --min-cert-level should cause a trustdb rebuild (issue 1366)
authorDavid Shaw <dshaw@jabberwocky.com>
Fri, 20 Jan 2012 03:33:51 +0000 (22:33 -0500)
committerDavid Shaw <dshaw@jabberwocky.com>
Fri, 20 Jan 2012 04:03:56 +0000 (23:03 -0500)
* g10/gpgv.c, g10/trustdb.c (read_trust_options): Add min_cert_level

* g10/trustdb.c (check_trustdb_stale): Request a rebuild if
  pending_check_trustdb is true (set when we detect a trustdb
  parameter has changed).

* g10/keylist.c (public_key_list): Use 'l' in the "tru" with-colons
  listing for min_cert_level not matching.

* g10/tdbio.c (tdbio_update_version_record, create_version_record,
  tdbio_db_matches_options, tdbio_dump_record, tdbio_read_record,
  tdbio_write_record): Add a byte for min_cert_level in the tdbio
  version record.

g10/gpgv.c
g10/keylist.c
g10/tdbio.c
g10/tdbio.h
g10/trustdb.c
g10/trustdb.h

index 747b05f..42452b7 100644 (file)
@@ -1,6 +1,6 @@
 /* gpgv.c - The GnuPG signature verify utility
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2005,
- *               2006, 2008 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2005, 2006,
+ *               2008, 2009, 2012 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -232,7 +232,8 @@ check_signatures_trust( PKT_signature *sig )
 
 void
 read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
-                  byte *marginals, byte *completes, byte *cert_depth) 
+                  byte *marginals, byte *completes, byte *cert_depth,
+                  byte *min_cert_level)
 {
   (void)trust_model;
   (void)created;
@@ -240,6 +241,7 @@ read_trust_options(byte *trust_model, ulong *created, ulong *nextcheck,
   (void)marginals;
   (void)completes;
   (void)cert_depth;
+  (void)min_cert_level;
 }
 
 /* Stub: 
index 4a76ee0..8201260 100644 (file)
@@ -1,6 +1,6 @@
 /* keylist.c - print keys
  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
- *               2008 Free Software Foundation, Inc.
+ *               2008, 2012 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -65,11 +65,11 @@ public_key_list( strlist_t list, int locate_mode )
 {
   if (opt.with_colons)
     {
-      byte trust_model,marginals,completes,cert_depth;
+      byte trust_model,marginals,completes,cert_depth,min_cert_level;
       ulong created,nextcheck;
 
       read_trust_options(&trust_model,&created,&nextcheck,
-                        &marginals,&completes,&cert_depth);
+                        &marginals,&completes,&cert_depth,&min_cert_level);
 
       printf("tru:");
 
@@ -85,6 +85,8 @@ public_key_list( strlist_t list, int locate_mode )
            printf("c");
          if(cert_depth!=opt.max_cert_depth)
            printf("d");
+         if(min_cert_level!=opt.min_cert_level)
+           printf("l");
        }
 
       printf(":%d:%lu:%lu",trust_model,created,nextcheck);
index 306935c..3e6091c 100644 (file)
@@ -1,5 +1,5 @@
-/* tdbio.c - trust databse I/O operations
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+/* tdbio.c - trust database I/O operations
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2012 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -438,6 +438,7 @@ tdbio_update_version_record (void)
       rec.r.ver.completes   = opt.completes_needed;
       rec.r.ver.cert_depth  = opt.max_cert_depth;
       rec.r.ver.trust_model = opt.trust_model;
+      rec.r.ver.min_cert_level = opt.min_cert_level;
       rc=tdbio_write_record(&rec);
     }
 
@@ -460,6 +461,7 @@ create_version_record (void)
     rec.r.ver.trust_model = opt.trust_model;
   else
     rec.r.ver.trust_model = TM_PGP;
+  rec.r.ver.min_cert_level = opt.min_cert_level;
   rec.rectype = RECTYPE_VER;
   rec.recnum = 0;
   rc = tdbio_write_record( &rec );
@@ -681,7 +683,8 @@ tdbio_db_matches_options()
       yes_no = vr.r.ver.marginals == opt.marginals_needed
        && vr.r.ver.completes == opt.completes_needed
        && vr.r.ver.cert_depth == opt.max_cert_depth
-       && vr.r.ver.trust_model == opt.trust_model;
+       && vr.r.ver.trust_model == opt.trust_model
+       && vr.r.ver.min_cert_level == opt.min_cert_level;
     }
 
   return yes_no;
@@ -1111,13 +1114,14 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp  )
       case 0: fprintf(fp, "blank\n");
        break;
       case RECTYPE_VER: fprintf(fp,
-           "version, td=%lu, f=%lu, m/c/d=%d/%d/%d tm=%d nc=%lu (%s)\n",
+           "version, td=%lu, f=%lu, m/c/d=%d/%d/%d tm=%d mcl=%d nc=%lu (%s)\n",
                                    rec->r.ver.trusthashtbl,
                                   rec->r.ver.firstfree,
                                   rec->r.ver.marginals,
                                   rec->r.ver.completes,
                                   rec->r.ver.cert_depth,
                                   rec->r.ver.trust_model,
+                                  rec->r.ver.min_cert_level,
                                    rec->r.ver.nextcheck,
                                   strtimestamp(rec->r.ver.nextcheck)
                                  );
@@ -1213,7 +1217,8 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
        rec->r.ver.completes = *p++;
        rec->r.ver.cert_depth = *p++;
        rec->r.ver.trust_model = *p++;
-       p += 3;
+       rec->r.ver.min_cert_level = *p++;
+       p += 2;
        rec->r.ver.created  = buftoulong(p); p += 4;
        rec->r.ver.nextcheck = buftoulong(p); p += 4;
        p += 4;
@@ -1300,7 +1305,8 @@ tdbio_write_record( TRUSTREC *rec )
        *p++ = rec->r.ver.completes;
        *p++ = rec->r.ver.cert_depth;
        *p++ = rec->r.ver.trust_model;
-       p += 3;
+       *p++ = rec->r.ver.min_cert_level;
+       p += 2;
        ulongtobuf(p, rec->r.ver.created); p += 4;
        ulongtobuf(p, rec->r.ver.nextcheck); p += 4;
        p += 4;
index ddc5afc..b99b491 100644 (file)
@@ -1,5 +1,5 @@
 /* tdbio.h - Trust database I/O functions
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2012 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -54,6 +54,7 @@ struct trust_record {
            byte  completes;
            byte  cert_depth;
            byte  trust_model;
+           byte  min_cert_level;
            ulong created;   /* timestamp of trustdb creation  */
            ulong nextcheck; /* timestamp of next scheduled check */
            ulong reserved;  
index c83e169..fe8b833 100644 (file)
@@ -1,6 +1,6 @@
 /* trustdb.c
  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- *               2008 Free Software Foundation, Inc.
+ *               2008, 2012 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -656,7 +656,8 @@ trustdb_check_or_update(void)
 
 void
 read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
-                  byte *marginals,byte *completes,byte *cert_depth)
+                  byte *marginals,byte *completes,byte *cert_depth,
+                  byte *min_cert_level)
 {
   TRUSTREC opts;
 
@@ -676,6 +677,8 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
     *completes=opts.r.ver.completes;
   if(cert_depth)
     *cert_depth=opts.r.ver.cert_depth;
+  if(min_cert_level)
+    *min_cert_level=opts.r.ver.min_cert_level;
 }
 
 /***********************************************
@@ -1041,7 +1044,8 @@ check_trustdb_stale(void)
 
       did_nextcheck = 1;
       scheduled = tdbio_read_nextcheck ();
-      if (scheduled && scheduled <= make_timestamp ())
+      if ((scheduled && scheduled <= make_timestamp ())
+         || pending_check_trustdb)
         {
           if (opt.no_auto_check_trustdb) 
             {
index e2202f3..0a9ce33 100644 (file)
@@ -1,6 +1,6 @@
 /* trustdb.h - Trust database
  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- *               2005 Free Software Foundation, Inc.
+ *               2005, 2012 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -70,7 +70,8 @@ void enum_cert_paths_print( void **context, FILE *fp,
                                           int refresh, ulong selected_lid );
 
 void read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
-                       byte *marginals,byte *completes,byte *cert_depth);
+                       byte *marginals,byte *completes,byte *cert_depth,
+                       byte *min_cert_level);
 
 unsigned int get_ownertrust (PKT_public_key *pk);
 unsigned int get_min_ownertrust (PKT_public_key *pk);