src/pEpEngine.c
branchENGINE-329
changeset 2458 2dfe65bd3613
parent 2445 c061bd2500bd
child 2462 48b526a0daac
     1.1 --- a/src/pEpEngine.c	Fri Jan 26 10:33:37 2018 +0100
     1.2 +++ b/src/pEpEngine.c	Fri Jan 26 16:30:39 2018 +0100
     1.3 @@ -1020,35 +1020,15 @@
     1.4          // are taken as own in order to seamlessly integrate with
     1.5          // pre-existing GPG setup.
     1.6  
     1.7 -        ////////////////////////////// WARNING: ///////////////////////////
     1.8 -        // Considering all PGP priv keys as own is dangerous in case of 
     1.9 -        // re-initialization of pEp DB, while keeping PGP keyring as-is!
    1.10 -        //
    1.11 -        // Indeed, if pEpEngine did import spoofed private keys in previous
    1.12 -        // install, then those keys become automatically trusted in case 
    1.13 -        // management.db is deleted.
    1.14 -        //
    1.15 -        // A solution to distinguish bare GPG keyring from pEp keyring is
    1.16 -        // needed here. Then keys managed by pEpEngine wouldn't be
    1.17 -        // confused with GPG keys managed by the user through GPA.
    1.18 -        ///////////////////////////////////////////////////////////////////
    1.19 -        
    1.20 -        stringlist_t *keylist = NULL;
    1.21 -
    1.22 -        status = find_private_keys(_session, NULL, &keylist);
    1.23 -        assert(status != PEP_OUT_OF_MEMORY);
    1.24 -        if (status == PEP_OUT_OF_MEMORY)
    1.25 -            return PEP_OUT_OF_MEMORY;
    1.26 -        
    1.27 -        if (keylist != NULL && keylist->value != NULL)
    1.28 -        {
    1.29 -            stringlist_t *_keylist;
    1.30 -            for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
    1.31 -                status = set_own_key(_session, 
    1.32 -                                     "" /* address is unused in own_keys */,
    1.33 -                                     _keylist->value);
    1.34 -            }
    1.35 -        }
    1.36 +        // Note: earlier fears about danger because of DB reinitialisation should
    1.37 +        // be a non-issue here, as we ONLY take the ultimately trusted keys now.
    1.38 +        // Thus, unless the user has assigned ultimate trust through PGP, there is
    1.39 +        // no chance of automatically imported pEp keys from a previous run making
    1.40 +        // their way into PEP trusted status without explicit action (Bare imported
    1.41 +        // private keys have an 'unknown' trust designation in PGP).
    1.42 +
    1.43 +        // We don't really worry about the status here.
    1.44 +        status = import_trusted_own_keys(_session);        
    1.45      }
    1.46  
    1.47      // sync_session set to own session by default
    1.48 @@ -3186,6 +3166,14 @@
    1.49                                                                      keylist);
    1.50  }
    1.51  
    1.52 +PEP_STATUS import_trusted_own_keys(PEP_SESSION session) {
    1.53 +    assert(session);
    1.54 +    if (!session)
    1.55 +        return PEP_ILLEGAL_VALUE;
    1.56 +        
    1.57 +    return session->cryptotech[PEP_crypt_OpenPGP].import_trusted_own_keys(session); 
    1.58 +}
    1.59 +
    1.60  DYNAMIC_API const char* get_engine_version() {
    1.61      return PEP_ENGINE_VERSION;
    1.62  }