diff options
| author | Werner Koch <wk@gnupg.org> | 2017-03-31 20:03:52 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2017-03-31 20:07:20 +0200 |
| commit | 8f2671d2cc022af2f564e296bdeb3bb2d2734ef4 (patch) | |
| tree | 0a5dfac0bb36cf364e313b000967863e42783793 /g10/trustdb.c | |
| parent | gpg: Consistent use of preprocessor conditionals. (diff) | |
| download | gnupg2-8f2671d2cc022af2f564e296bdeb3bb2d2734ef4.tar.xz gnupg2-8f2671d2cc022af2f564e296bdeb3bb2d2734ef4.zip | |
gpg: Pass CTRL to many more functions.
--
For proper operations as a server we need to avoid global variables.
Thus we need to pass the session state CTRL to most functions. Quite
a lot of changes but fortunately straightforward to do.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'g10/trustdb.c')
| -rw-r--r-- | g10/trustdb.c | 189 |
1 files changed, 97 insertions, 92 deletions
diff --git a/g10/trustdb.c b/g10/trustdb.c index 7b76ac841..f8a0bc9b3 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -248,7 +248,7 @@ add_utk (u32 *kid) * Verify that all our secret keys are usable and put them into the utk_list. */ static void -verify_own_keys(void) +verify_own_keys (ctrl_t ctrl) { TRUSTREC rec; ulong recnum; @@ -275,7 +275,7 @@ verify_own_keys(void) * the whole validation code to only work with * fingerprints */ fprlen = (!fpr[16] && !fpr[17] && !fpr[18] && !fpr[19])? 16:20; - keyid_from_fingerprint (fpr, fprlen, kid); + keyid_from_fingerprint (ctrl, fpr, fprlen, kid); if (!add_utk (kid)) log_info(_("key %s occurs more than once in the trustdb\n"), keystr(kid)); @@ -290,15 +290,15 @@ verify_own_keys(void) PKT_public_key pk; memset (&pk, 0, sizeof pk); - rc = get_pubkey (&pk, k->kid); + rc = get_pubkey (ctrl, &pk, k->kid); if (rc) log_info(_("key %s: no public key for trusted key - skipped\n"), keystr(k->kid)); else { tdb_update_ownertrust - (&pk, ((tdb_get_ownertrust (&pk, 0) & ~TRUST_MASK) - | TRUST_ULTIMATE )); + (ctrl, &pk, ((tdb_get_ownertrust (ctrl, &pk, 0) & ~TRUST_MASK) + | TRUST_ULTIMATE )); release_public_key_parts (&pk); } @@ -361,9 +361,9 @@ read_record (ulong recno, TRUSTREC *rec, int rectype ) * Write a record and die on error */ static void -write_record (TRUSTREC *rec) +write_record (ctrl_t ctrl, TRUSTREC *rec) { - int rc = tdbio_write_record (rec); + int rc = tdbio_write_record (ctrl, rec); if (rc) { log_error(_("trust record %lu, type %d: write failed: %s\n"), @@ -444,7 +444,7 @@ how_to_fix_the_trustdb () * in that case 0 is returned if there is a trustdb or an error code * if no trustdb is available. */ gpg_error_t -init_trustdb (int no_create) +init_trustdb (ctrl_t ctrl, int no_create) { int level = trustdb_args.level; const char* dbname = trustdb_args.dbname; @@ -456,7 +456,7 @@ init_trustdb (int no_create) if(level==0 || level==1) { - int rc = tdbio_set_dbname (dbname, (!no_create && level), + int rc = tdbio_set_dbname (ctrl, dbname, (!no_create && level), &trustdb_args.no_trustdb); if (no_create && trustdb_args.no_trustdb) { @@ -501,7 +501,7 @@ init_trustdb (int no_create) /* Verify the list of ultimately trusted keys and move the --trusted-keys list there as well. */ if(level==1) - verify_own_keys(); + verify_own_keys (ctrl); if(!tdbio_db_matches_options()) pending_check_trustdb=1; @@ -515,9 +515,9 @@ init_trustdb (int no_create) necessary if the trust model is not 'always trust'. Returns true if we do have a usable trust database. */ int -have_trustdb (void) +have_trustdb (ctrl_t ctrl) { - return init_trustdb (opt.trust_model == TM_ALWAYS) == 0; + return !init_trustdb (ctrl, opt.trust_model == TM_ALWAYS); } @@ -529,7 +529,7 @@ have_trustdb (void) void check_trustdb (ctrl_t ctrl) { - init_trustdb (0); + init_trustdb (ctrl, 0); if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU) { @@ -566,7 +566,7 @@ check_trustdb (ctrl_t ctrl) void update_trustdb (ctrl_t ctrl) { - init_trustdb (0); + init_trustdb (ctrl, 0); if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC || opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU) validate_keys (ctrl, 1); @@ -576,15 +576,15 @@ update_trustdb (ctrl_t ctrl) } void -tdb_revalidation_mark (void) +tdb_revalidation_mark (ctrl_t ctrl) { - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return; /* We simply set the time for the next check to 1 (far back in 1970) so that a --update-trustdb will be scheduled. */ - if (tdbio_write_nextcheck (1)) + if (tdbio_write_nextcheck (ctrl, 1)) do_sync (); pending_check_trustdb = 1; } @@ -610,13 +610,14 @@ tdb_check_or_update (ctrl_t ctrl) } void -read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, - byte *marginals,byte *completes,byte *cert_depth, - byte *min_cert_level) +read_trust_options (ctrl_t ctrl, + byte *trust_model, ulong *created, ulong *nextcheck, + byte *marginals, byte *completes, byte *cert_depth, + byte *min_cert_level) { TRUSTREC opts; - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) memset (&opts, 0, sizeof opts); else @@ -643,11 +644,11 @@ read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck, ***********************************************/ static int -read_trust_record (PKT_public_key *pk, TRUSTREC *rec) +read_trust_record (ctrl_t ctrl, PKT_public_key *pk, TRUSTREC *rec) { int rc; - init_trustdb (0); + init_trustdb (ctrl, 0); rc = tdbio_search_trust_bypk (pk, rec); if (rc) { @@ -676,7 +677,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec) * values but we usually use --always-trust. */ unsigned int -tdb_get_ownertrust (PKT_public_key *pk, int no_create) +tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create) { TRUSTREC rec; gpg_error_t err; @@ -687,10 +688,10 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create) /* If the caller asked not to create a trustdb we call init_trustdb * directly and allow it to fail with an error code for a * non-existing trustdb. */ - if (no_create && init_trustdb (1)) + if (no_create && init_trustdb (ctrl, 1)) return TRUST_UNKNOWN; - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) return TRUST_UNKNOWN; /* no record yet */ if (err) @@ -704,7 +705,7 @@ tdb_get_ownertrust (PKT_public_key *pk, int no_create) unsigned int -tdb_get_min_ownertrust (PKT_public_key *pk, int no_create) +tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int no_create) { TRUSTREC rec; gpg_error_t err; @@ -715,10 +716,10 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create) /* If the caller asked not to create a trustdb we call init_trustdb * directly and allow it to fail with an error code for a * non-existing trustdb. */ - if (no_create && init_trustdb (1)) + if (no_create && init_trustdb (ctrl, 1)) return TRUST_UNKNOWN; - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) return TRUST_UNKNOWN; /* no record yet */ if (err) @@ -736,7 +737,7 @@ tdb_get_min_ownertrust (PKT_public_key *pk, int no_create) * The key should be a primary one. */ void -tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) +tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, unsigned int new_trust ) { TRUSTREC rec; gpg_error_t err; @@ -744,7 +745,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return; - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (!err) { if (DBG_TRUST) @@ -753,8 +754,8 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) if (rec.r.trust.ownertrust != new_trust) { rec.r.trust.ownertrust = new_trust; - write_record( &rec ); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); } } @@ -766,12 +767,12 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) log_debug ("insert ownertrust %u\n", new_trust ); memset (&rec, 0, sizeof rec); - rec.recnum = tdbio_new_recnum (); + rec.recnum = tdbio_new_recnum (ctrl); rec.rectype = RECTYPE_TRUST; fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy); rec.r.trust.ownertrust = new_trust; - write_record (&rec); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); } else @@ -781,7 +782,7 @@ tdb_update_ownertrust (PKT_public_key *pk, unsigned int new_trust ) } static void -update_min_ownertrust (u32 *kid, unsigned int new_trust ) +update_min_ownertrust (ctrl_t ctrl, u32 *kid, unsigned int new_trust) { PKT_public_key *pk; TRUSTREC rec; @@ -791,7 +792,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) return; pk = xmalloc_clear (sizeof *pk); - err = get_pubkey (pk, kid); + err = get_pubkey (ctrl, pk, kid); if (err) { log_error (_("public key %s not found: %s\n"), @@ -799,7 +800,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) return; } - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (!err) { if (DBG_TRUST) @@ -810,8 +811,8 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) if (rec.r.trust.min_ownertrust != new_trust) { rec.r.trust.min_ownertrust = new_trust; - write_record( &rec ); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); } } @@ -823,12 +824,12 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) log_debug ("insert min_ownertrust %u\n", new_trust ); memset (&rec, 0, sizeof rec); - rec.recnum = tdbio_new_recnum (); + rec.recnum = tdbio_new_recnum (ctrl); rec.rectype = RECTYPE_TRUST; fingerprint_from_pk (pk, rec.r.trust.fingerprint, &dummy); rec.r.trust.min_ownertrust = new_trust; - write_record (&rec); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); } else @@ -844,17 +845,17 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) * Return: True if a change actually happened. */ int -tdb_clear_ownertrusts (PKT_public_key *pk) +tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk) { TRUSTREC rec; gpg_error_t err; - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) return 0; - err = read_trust_record (pk, &rec); + err = read_trust_record (ctrl, pk, &rec); if (!err) { if (DBG_TRUST) @@ -868,8 +869,8 @@ tdb_clear_ownertrusts (PKT_public_key *pk) { rec.r.trust.ownertrust = 0; rec.r.trust.min_ownertrust = 0; - write_record( &rec ); - tdb_revalidation_mark (); + write_record (ctrl, &rec); + tdb_revalidation_mark (ctrl); do_sync (); return 1; } @@ -885,7 +886,7 @@ tdb_clear_ownertrusts (PKT_public_key *pk) * Note: Caller has to do a sync */ static void -update_validity (PKT_public_key *pk, PKT_user_id *uid, +update_validity (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid, int depth, int validity) { TRUSTREC trec, vrec; @@ -894,7 +895,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, namehash_from_uid(uid); - err = read_trust_record (pk, &trec); + err = read_trust_record (ctrl, pk, &trec); if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND) { tdbio_invalid (); @@ -906,7 +907,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, size_t dummy; memset (&trec, 0, sizeof trec); - trec.recnum = tdbio_new_recnum (); + trec.recnum = tdbio_new_recnum (ctrl); trec.rectype = RECTYPE_TRUST; fingerprint_from_pk (pk, trec.r.trust.fingerprint, &dummy); trec.r.trust.ownertrust = 0; @@ -925,7 +926,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, if (!recno) /* insert a new validity record */ { memset (&vrec, 0, sizeof vrec); - vrec.recnum = tdbio_new_recnum (); + vrec.recnum = tdbio_new_recnum (ctrl); vrec.rectype = RECTYPE_VALID; memcpy (vrec.r.valid.namehash, uid->namehash, 20); vrec.r.valid.next = trec.r.trust.validlist; @@ -934,9 +935,9 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, vrec.r.valid.validity = validity; vrec.r.valid.full_count = uid->help_full_count; vrec.r.valid.marginal_count = uid->help_marginal_count; - write_record (&vrec); + write_record (ctrl, &vrec); trec.r.trust.depth = depth; - write_record (&trec); + write_record (ctrl, &trec); } @@ -947,7 +948,7 @@ update_validity (PKT_public_key *pk, PKT_user_id *uid, /* Return true if key is disabled. Note that this is usually used via the pk_is_disabled macro. */ int -tdb_cache_disabled_value (PKT_public_key *pk) +tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk) { gpg_error_t err; TRUSTREC trec; @@ -956,12 +957,12 @@ tdb_cache_disabled_value (PKT_public_key *pk) if (pk->flags.disabled_valid) return pk->flags.disabled; - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb) return 0; /* No trustdb => not disabled. */ - err = read_trust_record (pk, &trec); + err = read_trust_record (ctrl, pk, &trec); if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND) { tdbio_invalid (); @@ -991,7 +992,7 @@ tdb_check_trustdb_stale (ctrl_t ctrl) { static int did_nextcheck=0; - init_trustdb (0); + init_trustdb (ctrl, 0); if (trustdb_args.no_trustdb) return; /* No trustdb => can't be stale. */ @@ -1062,7 +1063,7 @@ tdb_get_validity_core (ctrl_t ctrl, (void)may_ask; #endif - init_trustdb (0); + init_trustdb (ctrl, 0); /* If we have no trustdb (which also means it has not been created) and the trust-model is always, we don't know the validity - @@ -1077,7 +1078,7 @@ tdb_get_validity_core (ctrl_t ctrl, { /* Note that this happens BEFORE any user ID stuff is checked. The direct trust model applies to keys as a whole. */ - validity = tdb_get_ownertrust (main_pk, 0); + validity = tdb_get_ownertrust (ctrl, main_pk, 0); goto leave; } @@ -1093,7 +1094,7 @@ tdb_get_validity_core (ctrl_t ctrl, { if (! kb) { - kb = get_pubkeyblock (main_pk->keyid); + kb = get_pubkeyblock (ctrl, main_pk->keyid); free_kb = 1; } n = kb; @@ -1201,7 +1202,7 @@ tdb_get_validity_core (ctrl_t ctrl, || opt.trust_model == TM_CLASSIC || opt.trust_model == TM_PGP) { - err = read_trust_record (main_pk, &trec); + err = read_trust_record (ctrl, main_pk, &trec); if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND) { tdbio_invalid (); @@ -1277,7 +1278,7 @@ tdb_get_validity_core (ctrl_t ctrl, static void -get_validity_counts (PKT_public_key *pk, PKT_user_id *uid) +get_validity_counts (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *uid) { TRUSTREC trec, vrec; ulong recno; @@ -1289,9 +1290,9 @@ get_validity_counts (PKT_public_key *pk, PKT_user_id *uid) uid->help_marginal_count=uid->help_full_count=0; - init_trustdb (0); + init_trustdb (ctrl, 0); - if(read_trust_record (pk, &trec)) + if(read_trust_record (ctrl, pk, &trec)) return; /* loop over all user IDs */ @@ -1375,7 +1376,7 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum) int ot; pk = xmalloc_clear (sizeof *pk); - rc = get_pubkey (pk, kid); + rc = get_pubkey (ctrl, pk, kid); if (rc) { log_error (_("public key %s not found: %s\n"), @@ -1387,14 +1388,14 @@ ask_ownertrust (ctrl_t ctrl, u32 *kid, int minimum) { log_info("force trust for key %s to %s\n", keystr(kid),trust_value_to_string(opt.force_ownertrust)); - tdb_update_ownertrust (pk, opt.force_ownertrust); + tdb_update_ownertrust (ctrl, pk, opt.force_ownertrust); ot=opt.force_ownertrust; } else { ot=edit_ownertrust (ctrl, pk, 0); if(ot>0) - ot = tdb_get_ownertrust (pk, 0); + ot = tdb_get_ownertrust (ctrl, pk, 0); else if(ot==0) ot = minimum?minimum:TRUST_UNDEFINED; else @@ -1460,7 +1461,8 @@ dump_key_array (int depth, struct key_array *keys) static void -store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored) +store_validation_status (ctrl_t ctrl, int depth, + kbnode_t keyblock, KeyHashTable stored) { KBNODE node; int status; @@ -1482,7 +1484,7 @@ store_validation_status (int depth, KBNODE keyblock, KeyHashTable stored) if (status) { - update_validity (keyblock->pkt->pkt.public_key, + update_validity (ctrl, keyblock->pkt->pkt.public_key, uid, depth, status); mark_keyblock_seen(stored,keyblock); @@ -1619,7 +1621,7 @@ check_regexp(const char *expr,const char *string) * This function assumes that all kbnode flags are cleared on entry. */ static int -validate_one_keyblock (KBNODE kb, struct key_item *klist, +validate_one_keyblock (ctrl_t ctrl, kbnode_t kb, struct key_item *klist, u32 curtime, u32 *next_expire) { struct key_item *kr; @@ -1666,8 +1668,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist, *next_expire = uid->expiredate; issigned = 0; - get_validity_counts(pk,uid); - mark_usable_uid_certs (kb, uidnode, main_kid, klist, + get_validity_counts (ctrl, pk, uid); + mark_usable_uid_certs (ctrl, kb, uidnode, main_kid, klist, curtime, next_expire); } else if (node->pkt->pkttype == PKT_SIGNATURE @@ -1799,7 +1801,7 @@ search_skipfnc (void *opaque, u32 *kid, int dummy_uid_no) * Caller hast to release the returned array. */ static struct key_array * -validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, +validate_key_list (ctrl_t ctrl, KEYDB_HANDLE hd, KeyHashTable full_trust, struct key_item *klist, u32 curtime, u32 *next_expire) { KBNODE keyblock = NULL; @@ -1858,7 +1860,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, } /* prepare the keyblock for further processing */ - merge_keys_and_selfsig (keyblock); + merge_keys_and_selfsig (ctrl, keyblock); clear_kbnode_flags (keyblock); pk = keyblock->pkt->pkt.public_key; if (pk->has_expired || pk->flags.revoked) @@ -1866,7 +1868,8 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, /* it does not make sense to look further at those keys */ mark_keyblock_seen (full_trust, keyblock); } - else if (validate_one_keyblock (keyblock, klist, curtime, next_expire)) + else if (validate_one_keyblock (ctrl, keyblock, klist, + curtime, next_expire)) { KBNODE node; @@ -1915,7 +1918,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, /* Caller must sync */ static void -reset_trust_records(void) +reset_trust_records (ctrl_t ctrl) { TRUSTREC rec; ulong recnum; @@ -1929,7 +1932,7 @@ reset_trust_records(void) if(rec.r.trust.min_ownertrust) { rec.r.trust.min_ownertrust=0; - write_record(&rec); + write_record (ctrl, &rec); } } @@ -1941,7 +1944,7 @@ reset_trust_records(void) rec.r.valid.validity &= ~TRUST_MASK; rec.r.valid.marginal_count=rec.r.valid.full_count=0; nreset++; - write_record(&rec); + write_record (ctrl, &rec); } } @@ -2002,7 +2005,7 @@ validate_keys (ctrl_t ctrl, int interactive) Perhaps combine this with reset_trust_records(), or only check the caches on keys that are actually involved in the web of trust. */ - keydb_rebuild_caches(0); + keydb_rebuild_caches (ctrl, 0); kdb = keydb_new (); if (!kdb) @@ -2014,7 +2017,7 @@ validate_keys (ctrl_t ctrl, int interactive) used = new_key_hash_table (); full_trust = new_key_hash_table (); - reset_trust_records(); + reset_trust_records (ctrl); /* Fixme: Instead of always building a UTK list, we could just build it * here when needed */ @@ -2032,7 +2035,7 @@ validate_keys (ctrl_t ctrl, int interactive) KBNODE keyblock; PKT_public_key *pk; - keyblock = get_pubkeyblock (k->kid); + keyblock = get_pubkeyblock (ctrl, k->kid); if (!keyblock) { log_error (_("public key of ultimately" @@ -2046,7 +2049,8 @@ validate_keys (ctrl_t ctrl, int interactive) for (node=keyblock; node; node = node->next) { if (node->pkt->pkttype == PKT_USER_ID) - update_validity (pk, node->pkt->pkt.user_id, 0, TRUST_ULTIMATE); + update_validity (ctrl, pk, node->pkt->pkt.user_id, + 0, TRUST_ULTIMATE); } if ( pk->expiredate && pk->expiredate >= start_time && pk->expiredate < next_expire) @@ -2086,7 +2090,7 @@ validate_keys (ctrl_t ctrl, int interactive) min=TRUST_MARGINAL; if(min!=k->min_ownertrust) - update_min_ownertrust(k->kid,min); + update_min_ownertrust (ctrl, k->kid,min); if (interactive && k->ownertrust == TRUST_UNKNOWN) { @@ -2132,7 +2136,7 @@ validate_keys (ctrl_t ctrl, int interactive) } /* Find all keys which are signed by a key in kdlist */ - keys = validate_key_list (kdb, full_trust, klist, + keys = validate_key_list (ctrl, kdb, full_trust, klist, start_time, &next_expire); if (!keys) { @@ -2149,7 +2153,7 @@ validate_keys (ctrl_t ctrl, int interactive) dump_key_array (depth, keys); for (kar=keys; kar->keyblock; kar++) - store_validation_status (depth, kar->keyblock, stored); + store_validation_status (ctrl, depth, kar->keyblock, stored); if (!opt.quiet) log_info (_("depth: %d valid: %3d signed: %3d" @@ -2183,9 +2187,10 @@ validate_keys (ctrl_t ctrl, int interactive) k->kid[1]=kid[1]; k->ownertrust = (tdb_get_ownertrust - (kar->keyblock->pkt->pkt.public_key, 0) & TRUST_MASK); + (ctrl, kar->keyblock->pkt->pkt.public_key, 0) + & TRUST_MASK); k->min_ownertrust = tdb_get_min_ownertrust - (kar->keyblock->pkt->pkt.public_key, 0); + (ctrl, kar->keyblock->pkt->pkt.public_key, 0); k->trust_depth= kar->keyblock->pkt->pkt.public_key->trust_depth; k->trust_value= @@ -2220,16 +2225,16 @@ validate_keys (ctrl_t ctrl, int interactive) int rc2; if (next_expire == 0xffffffff || next_expire < start_time ) - tdbio_write_nextcheck (0); + tdbio_write_nextcheck (ctrl, 0); else { - tdbio_write_nextcheck (next_expire); + tdbio_write_nextcheck (ctrl, next_expire); if (!opt.quiet) log_info (_("next trustdb check due at %s\n"), strtimestamp (next_expire)); } - rc2 = tdbio_update_version_record (); + rc2 = tdbio_update_version_record (ctrl); if (rc2) { log_error (_("unable to update trustdb version record: " |