mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
* options.h, export.c (do_export_stream), keyedit.c (keyedit_menu,
menu_clean_subkeys_from_key), trustdb.h, trustdb.c (clean_subkeys_from_key): Remove subkey cleaning function. It is of very limited usefulness since it cannot be used on any subkey that can sign, and can only affect multiple selfsigs on encryption-only subkeys.
This commit is contained in:
parent
31522bac1d
commit
045433e35c
@ -1,5 +1,12 @@
|
|||||||
2005-06-09 David Shaw <dshaw@jabberwocky.com>
|
2005-06-09 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* options.h, export.c (do_export_stream), keyedit.c (keyedit_menu,
|
||||||
|
menu_clean_subkeys_from_key), trustdb.h, trustdb.c
|
||||||
|
(clean_subkeys_from_key): Remove subkey cleaning function. It is
|
||||||
|
of very limited usefulness since it cannot be used on any subkey
|
||||||
|
that can sign, and can only affect multiple selfsigs on
|
||||||
|
encryption-only subkeys.
|
||||||
|
|
||||||
* keydb.h, kbnode.c (undelete_kbnode): New function to undelete a
|
* keydb.h, kbnode.c (undelete_kbnode): New function to undelete a
|
||||||
kbnode.
|
kbnode.
|
||||||
|
|
||||||
|
11
g10/export.c
11
g10/export.c
@ -50,14 +50,10 @@ parse_export_options(char *str,unsigned int *options,int noisy)
|
|||||||
{"export-local-sigs",EXPORT_LOCAL_SIGS,NULL},
|
{"export-local-sigs",EXPORT_LOCAL_SIGS,NULL},
|
||||||
{"export-attributes",EXPORT_ATTRIBUTES,NULL},
|
{"export-attributes",EXPORT_ATTRIBUTES,NULL},
|
||||||
{"export-sensitive-revkeys",EXPORT_SENSITIVE_REVKEYS,NULL},
|
{"export-sensitive-revkeys",EXPORT_SENSITIVE_REVKEYS,NULL},
|
||||||
{"export-minimal",
|
{"export-minimal",EXPORT_MINIMAL|EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL},
|
||||||
EXPORT_MINIMAL|EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS|EXPORT_CLEAN_SUBKEYS,
|
{"export-clean",EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL},
|
||||||
NULL},
|
|
||||||
{"export-clean",
|
|
||||||
EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS|EXPORT_CLEAN_SUBKEYS,NULL},
|
|
||||||
{"export-clean-sigs",EXPORT_CLEAN_SIGS,NULL},
|
{"export-clean-sigs",EXPORT_CLEAN_SIGS,NULL},
|
||||||
{"export-clean-uids",EXPORT_CLEAN_UIDS,NULL},
|
{"export-clean-uids",EXPORT_CLEAN_UIDS,NULL},
|
||||||
{"export-clean-subkeys",EXPORT_CLEAN_SUBKEYS,NULL},
|
|
||||||
/* Aliases for backward compatibility */
|
/* Aliases for backward compatibility */
|
||||||
{"include-local-sigs",EXPORT_LOCAL_SIGS,NULL},
|
{"include-local-sigs",EXPORT_LOCAL_SIGS,NULL},
|
||||||
{"include-attributes",EXPORT_ATTRIBUTES,NULL},
|
{"include-attributes",EXPORT_ATTRIBUTES,NULL},
|
||||||
@ -241,9 +237,6 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
|||||||
|
|
||||||
if(options&EXPORT_CLEAN_UIDS)
|
if(options&EXPORT_CLEAN_UIDS)
|
||||||
clean_uids_from_key(keyblock,opt.verbose);
|
clean_uids_from_key(keyblock,opt.verbose);
|
||||||
|
|
||||||
if(options&EXPORT_CLEAN_SUBKEYS)
|
|
||||||
clean_subkeys_from_key(keyblock,opt.verbose);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* and write it */
|
/* and write it */
|
||||||
|
@ -53,10 +53,9 @@ static void show_key_with_all_names( KBNODE keyblock, int only_marked,
|
|||||||
static void show_key_and_fingerprint( KBNODE keyblock );
|
static void show_key_and_fingerprint( KBNODE keyblock );
|
||||||
static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock, int photo );
|
static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock, int photo );
|
||||||
static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
|
static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
|
||||||
static int menu_delsig( KBNODE pub_keyblock );
|
static int menu_delsig( KBNODE pub_keyblock );
|
||||||
static int menu_clean_sigs_from_uids(KBNODE keyblock);
|
static int menu_clean_sigs_from_uids(KBNODE keyblock);
|
||||||
static int menu_clean_uids_from_key(KBNODE keyblock);
|
static int menu_clean_uids_from_key(KBNODE keyblock);
|
||||||
static int menu_clean_subkeys_from_key(KBNODE keyblock);
|
|
||||||
static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
|
static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
|
||||||
static int menu_addrevoker( KBNODE pub_keyblock,
|
static int menu_addrevoker( KBNODE pub_keyblock,
|
||||||
KBNODE sec_keyblock, int sensitive );
|
KBNODE sec_keyblock, int sensitive );
|
||||||
@ -2149,8 +2148,6 @@ keyedit_menu( const char *username, STRLIST locusr,
|
|||||||
modified=menu_clean_sigs_from_uids(keyblock);
|
modified=menu_clean_sigs_from_uids(keyblock);
|
||||||
else if(ascii_strcasecmp(arg_string,"uids")==0)
|
else if(ascii_strcasecmp(arg_string,"uids")==0)
|
||||||
redisplay=modified=menu_clean_uids_from_key(keyblock);
|
redisplay=modified=menu_clean_uids_from_key(keyblock);
|
||||||
else if(ascii_strcasecmp(arg_string,"subkeys")==0)
|
|
||||||
redisplay=modified=menu_clean_subkeys_from_key(keyblock);
|
|
||||||
else
|
else
|
||||||
tty_printf("Unable to clean `%s'\n",arg_string);
|
tty_printf("Unable to clean `%s'\n",arg_string);
|
||||||
}
|
}
|
||||||
@ -2158,7 +2155,6 @@ keyedit_menu( const char *username, STRLIST locusr,
|
|||||||
{
|
{
|
||||||
modified=menu_clean_sigs_from_uids(keyblock);
|
modified=menu_clean_sigs_from_uids(keyblock);
|
||||||
modified+=menu_clean_uids_from_key(keyblock);
|
modified+=menu_clean_uids_from_key(keyblock);
|
||||||
modified+=menu_clean_subkeys_from_key(keyblock);
|
|
||||||
redisplay=modified;
|
redisplay=modified;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -3223,38 +3219,6 @@ menu_clean_uids_from_key(KBNODE keyblock)
|
|||||||
return modified;
|
return modified;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
|
||||||
menu_clean_subkeys_from_key(KBNODE keyblock)
|
|
||||||
{
|
|
||||||
KBNODE node;
|
|
||||||
int modified=clean_subkeys_from_key(keyblock,0);
|
|
||||||
|
|
||||||
if(modified)
|
|
||||||
{
|
|
||||||
for(node=keyblock->next;node;node=node->next)
|
|
||||||
{
|
|
||||||
if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY && is_deleted_kbnode(node))
|
|
||||||
{
|
|
||||||
const char *reason;
|
|
||||||
|
|
||||||
if(node->pkt->pkt.public_key->is_revoked)
|
|
||||||
reason=_("revoked");
|
|
||||||
else if(node->pkt->pkt.public_key->has_expired)
|
|
||||||
reason=_("expired");
|
|
||||||
else
|
|
||||||
reason=_("invalid");
|
|
||||||
|
|
||||||
tty_printf("Subkey %s removed: %s\n",
|
|
||||||
keystr(node->pkt->pkt.public_key->keyid),reason);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
tty_printf("No subkeys are removable.\n");
|
|
||||||
|
|
||||||
return modified;
|
|
||||||
}
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Remove some of the secondary keys
|
* Remove some of the secondary keys
|
||||||
*/
|
*/
|
||||||
|
@ -259,7 +259,6 @@ struct {
|
|||||||
#define EXPORT_MINIMAL (1<<3)
|
#define EXPORT_MINIMAL (1<<3)
|
||||||
#define EXPORT_CLEAN_SIGS (1<<4)
|
#define EXPORT_CLEAN_SIGS (1<<4)
|
||||||
#define EXPORT_CLEAN_UIDS (1<<5)
|
#define EXPORT_CLEAN_UIDS (1<<5)
|
||||||
#define EXPORT_CLEAN_SUBKEYS (1<<6)
|
|
||||||
|
|
||||||
#define LIST_SHOW_PHOTOS (1<<0)
|
#define LIST_SHOW_PHOTOS (1<<0)
|
||||||
#define LIST_SHOW_POLICY_URLS (1<<1)
|
#define LIST_SHOW_POLICY_URLS (1<<1)
|
||||||
|
@ -1730,66 +1730,6 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
|
|||||||
return deleted;
|
return deleted;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Another cleaning function. This only cleans encrypt-only subkeys
|
|
||||||
since an expired/revoked encryption key is basically useless, but
|
|
||||||
an expired/revoked key that can sign is still needed to verify old
|
|
||||||
signatures. */
|
|
||||||
int
|
|
||||||
clean_subkeys_from_key(KBNODE keyblock,int noisy)
|
|
||||||
{
|
|
||||||
int delete_until_next=0,deleted=0;
|
|
||||||
KBNODE node;
|
|
||||||
char *main_key=NULL;
|
|
||||||
|
|
||||||
assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
|
|
||||||
|
|
||||||
merge_keys_and_selfsig(keyblock);
|
|
||||||
|
|
||||||
if(noisy)
|
|
||||||
main_key=m_strdup(keystr(keyblock->pkt->pkt.public_key->keyid));
|
|
||||||
|
|
||||||
for(node=keyblock->next;node;node=node->next)
|
|
||||||
{
|
|
||||||
if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY)
|
|
||||||
{
|
|
||||||
PKT_public_key *pk=node->pkt->pkt.public_key;
|
|
||||||
|
|
||||||
/* If it is valid, not expired, and not revoked, leave it
|
|
||||||
alone. If a key can make signatures, leave it alone. */
|
|
||||||
if(pk->pubkey_usage!=PUBKEY_USAGE_ENC
|
|
||||||
|| (pk->is_valid && !pk->has_expired && !pk->is_revoked))
|
|
||||||
delete_until_next=0;
|
|
||||||
else
|
|
||||||
{
|
|
||||||
delete_until_next=1;
|
|
||||||
deleted++;
|
|
||||||
|
|
||||||
if(noisy)
|
|
||||||
{
|
|
||||||
const char *reason;
|
|
||||||
|
|
||||||
if(pk->is_revoked)
|
|
||||||
reason=_("revoked");
|
|
||||||
else if(pk->has_expired)
|
|
||||||
reason=_("expired");
|
|
||||||
else
|
|
||||||
reason=_("invalid");
|
|
||||||
|
|
||||||
log_info("removing subkey %s from key %s: %s\n",
|
|
||||||
keystr_from_pk(pk),main_key,reason);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if(delete_until_next)
|
|
||||||
delete_kbnode(node);
|
|
||||||
}
|
|
||||||
|
|
||||||
m_free(main_key);
|
|
||||||
|
|
||||||
return deleted;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Used by validate_one_keyblock to confirm a regexp within a trust
|
/* Used by validate_one_keyblock to confirm a regexp within a trust
|
||||||
signature. Returns 1 for match, and 0 for no match or regex
|
signature. Returns 1 for match, and 0 for no match or regex
|
||||||
error. */
|
error. */
|
||||||
|
@ -84,7 +84,6 @@ int clear_ownertrusts (PKT_public_key *pk);
|
|||||||
|
|
||||||
int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy);
|
int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy);
|
||||||
int clean_uids_from_key(KBNODE keyblock,int noisy);
|
int clean_uids_from_key(KBNODE keyblock,int noisy);
|
||||||
int clean_subkeys_from_key(KBNODE keyblock,int noisy);
|
|
||||||
|
|
||||||
/*-- tdbdump.c --*/
|
/*-- tdbdump.c --*/
|
||||||
void list_trustdb(const char *username);
|
void list_trustdb(const char *username);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user