diff options
| author | Werner Koch <wk@gnupg.org> | 2016-05-02 19:10:59 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2016-05-02 19:10:59 +0200 |
| commit | ae1889320b822d48f7118a29391605e9ac992701 (patch) | |
| tree | 7b9eb9593da3ba38ba323c2c6310bc2fa5843007 /g10/pkclist.c | |
| parent | gpg: Improve line wrapping for a tofu message. (diff) | |
| download | gnupg2-ae1889320b822d48f7118a29391605e9ac992701.tar.xz gnupg2-ae1889320b822d48f7118a29391605e9ac992701.zip | |
gpg: Extend TRUST_foo status lines with the trust model.
* g10/trustdb.h (TRUST_FLAG_TOFU_BASED): New.
* g10/trustdb.c (trust_model_string): Lowercase the strings. Add arg
"model" and change callers to call with OPT.TRUST_MODEL.
* g10/tofu.c (tofu_wot_trust_combine): Set TRUST_FLAG_TOFU_BASED.
* g10/pkclist.c (write_trust_status): New.
(check_signatures_trust): Call new function.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'g10/pkclist.c')
| -rw-r--r-- | g10/pkclist.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/g10/pkclist.c b/g10/pkclist.c index b659cb861..de8897a3a 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -505,6 +505,22 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel ) } +/* Write a TRUST_foo status line inclduing the validation model. */ +static void +write_trust_status (int statuscode, int trustlevel) +{ + int tm; + + /* For the combined tofu+pgp method, we return the trust model which + * was responsible for the trustlevel. */ + if (opt.trust_model == TM_TOFU_PGP) + tm = (trustlevel & TRUST_FLAG_TOFU_BASED)? TM_TOFU : TM_PGP; + else + tm = opt.trust_model; + write_status_strings (statuscode, "0 ", trust_model_string (tm), NULL); +} + + /**************** * Check whether we can trust this signature. * Returns an error code if we should not trust this signature. @@ -626,7 +642,7 @@ check_signatures_trust( PKT_signature *sig ) /* fall thru */ case TRUST_UNKNOWN: case TRUST_UNDEFINED: - write_status( STATUS_TRUST_UNDEFINED ); + write_trust_status (STATUS_TRUST_UNDEFINED, trustlevel); log_info(_("WARNING: This key is not certified with" " a trusted signature!\n")); log_info(_(" There is no indication that the " @@ -636,7 +652,7 @@ check_signatures_trust( PKT_signature *sig ) case TRUST_NEVER: /* currently we won't get that status */ - write_status( STATUS_TRUST_NEVER ); + write_trust_status (STATUS_TRUST_NEVER, trustlevel); log_info(_("WARNING: We do NOT trust this key!\n")); log_info(_(" The signature is probably a FORGERY.\n")); if (opt.with_fingerprint) @@ -645,7 +661,7 @@ check_signatures_trust( PKT_signature *sig ) break; case TRUST_MARGINAL: - write_status( STATUS_TRUST_MARGINAL ); + write_trust_status (STATUS_TRUST_MARGINAL, trustlevel); log_info(_("WARNING: This key is not certified with" " sufficiently trusted signatures!\n")); log_info(_(" It is not certain that the" @@ -654,13 +670,13 @@ check_signatures_trust( PKT_signature *sig ) break; case TRUST_FULLY: - write_status( STATUS_TRUST_FULLY ); + write_trust_status (STATUS_TRUST_FULLY, trustlevel); if (opt.with_fingerprint) print_fingerprint (NULL, pk, 1); break; case TRUST_ULTIMATE: - write_status( STATUS_TRUST_ULTIMATE ); + write_trust_status (STATUS_TRUST_ULTIMATE, trustlevel); if (opt.with_fingerprint) print_fingerprint (NULL, pk, 1); break; |