From 07e9d532b1ea3a196dfec192960f9ef811654571 Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Tue, 14 Jun 2005 03:55:19 +0000
Subject: [PATCH] * keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.

* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing.  Like import-clean-sigs, this may nodify the local keyring.

* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
---
 g10/ChangeLog | 12 ++++++++++++
 g10/import.c  | 30 +++++++++++++++++++++++++-----
 g10/keygen.c  |  2 +-
 g10/options.h |  1 +
 g10/trustdb.c |  8 ++++++--
 5 files changed, 45 insertions(+), 8 deletions(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index c123d8e03..fe586345d 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,15 @@
+2005-06-13  David Shaw  <dshaw@jabberwocky.com>
+
+	* keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.
+
+	* options.h, import.c (parse_import_options, import_one): Add
+	import-clean-uids option to automatically compact unusable uids
+	when importing.  Like import-clean-sigs, this may nodify the local
+	keyring.
+
+	* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
+	candidate for re-inclusion.
+
 2005-06-12  David Shaw  <dshaw@jabberwocky.com>
 
 	* options.h, import.c (parse_import_options,
diff --git a/g10/import.c b/g10/import.c
index 145bee84a..1818a28c6 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -56,6 +56,7 @@ struct stats_s {
     ulong skipped_new_keys;
     ulong not_imported;
     ulong n_sigs_cleaned;
+    ulong n_uids_cleaned;
 };
 
 
@@ -95,8 +96,9 @@ parse_import_options(char *str,unsigned int *options,int noisy)
       {"fast-import",IMPORT_FAST,NULL},
       {"convert-sk-to-pk",IMPORT_SK2PK,NULL},
       {"merge-only",IMPORT_MERGE_ONLY,NULL},
-      {"import-clean",IMPORT_CLEAN_SIGS,NULL},
+      {"import-clean",IMPORT_CLEAN_SIGS|IMPORT_CLEAN_UIDS,NULL},
       {"import-clean-sigs",IMPORT_CLEAN_SIGS,NULL},
+      {"import-clean-uids",IMPORT_CLEAN_UIDS,NULL},
       /* Aliases for backward compatibility */
       {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL},
       {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL},
@@ -307,6 +309,8 @@ import_print_stats (void *hd)
 	    log_info(_("          not imported: %lu\n"), stats->not_imported );
 	if( stats->n_sigs_cleaned)
 	    log_info(_("    signatures cleaned: %lu\n"),stats->n_sigs_cleaned);
+	if( stats->n_uids_cleaned)
+	    log_info(_("      user IDs cleaned: %lu\n"),stats->n_uids_cleaned);
     }
 
     if( is_status_enabled() ) {
@@ -734,6 +738,9 @@ import_one( const char *fname, KBNODE keyblock,
     if(options&IMPORT_CLEAN_SIGS)
       clean_sigs_from_all_uids(keyblock);
 
+    if(options&IMPORT_CLEAN_UIDS)
+      clean_uids_from_key(keyblock,opt.verbose);
+
     clear_kbnode_flags( keyblock );
 
     if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
@@ -834,7 +841,7 @@ import_one( const char *fname, KBNODE keyblock,
     }
     else { /* merge */
         KEYDB_HANDLE hd;
-	int n_uids, n_sigs, n_subk, n_sigs_cleaned;
+	int n_uids, n_sigs, n_subk, n_sigs_cleaned, n_uids_cleaned;
 
 	/* Compare the original against the new key; just to be sure nothing
 	 * weird is going on */
@@ -875,7 +882,7 @@ import_one( const char *fname, KBNODE keyblock,
 	/* and try to merge the block */
 	clear_kbnode_flags( keyblock_orig );
 	clear_kbnode_flags( keyblock );
-	n_uids = n_sigs = n_subk = n_sigs_cleaned = 0;
+	n_uids = n_sigs = n_subk = n_sigs_cleaned = n_uids_cleaned = 0;
 	rc = merge_blocks( fname, keyblock_orig, keyblock,
 			   keyid, &n_uids, &n_sigs, &n_subk );
 	if( rc )
@@ -887,7 +894,10 @@ import_one( const char *fname, KBNODE keyblock,
 	if(options&IMPORT_CLEAN_SIGS)
 	  n_sigs_cleaned=clean_sigs_from_all_uids(keyblock_orig);
 
-	if( n_uids || n_sigs || n_subk || n_sigs_cleaned) {
+        if(options&IMPORT_CLEAN_UIDS)
+	  n_uids_cleaned=clean_uids_from_key(keyblock_orig,opt.verbose);
+
+	if( n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned) {
 	    mod_key = 1;
 	    /* keyblock_orig has been updated; write */
 	    rc = keydb_update_keyblock (hd, keyblock_orig);
@@ -919,9 +929,18 @@ import_one( const char *fname, KBNODE keyblock,
 		else if( n_subk )
 		  log_info( _("key %s: \"%s\" %d new subkeys\n"),
 			    keystr(keyid), p, n_subk );
-		if(n_sigs_cleaned)
+		if(n_sigs_cleaned==1)
+		  log_info(_("key %s: \"%s\" %d signature cleaned\n"),
+			   keystr(keyid),p,n_sigs_cleaned);
+		else if(n_sigs_cleaned)
 		  log_info(_("key %s: \"%s\" %d signatures cleaned\n"),
 			   keystr(keyid),p,n_sigs_cleaned);
+		if(n_uids_cleaned==1)
+		  log_info(_("key %s: \"%s\" %d user ID cleaned\n"),
+			   keystr(keyid),p,n_uids_cleaned);
+		else if(n_uids_cleaned)
+		  log_info(_("key %s: \"%s\" %d user IDs cleaned\n"),
+			   keystr(keyid),p,n_uids_cleaned);
 		m_free(p);
 	      }
 
@@ -929,6 +948,7 @@ import_one( const char *fname, KBNODE keyblock,
 	    stats->n_sigs +=n_sigs;
 	    stats->n_subk +=n_subk;
 	    stats->n_sigs_cleaned +=n_sigs_cleaned;
+	    stats->n_uids_cleaned +=n_uids_cleaned;
 
             if (is_status_enabled ()) 
                  print_import_ok (pk, NULL,
diff --git a/g10/keygen.c b/g10/keygen.c
index fb7270d2c..29f76d149 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -3543,7 +3543,7 @@ save_unprotected_key_to_card (PKT_secret_key *sk, int keyno)
 
   p = stpcpy (p,"))(10:created-at");
   sprintf (numbuf2, "%lu", (unsigned long)sk->timestamp);
-  sprintf (numbuf, "%d:", strlen (numbuf2));
+  sprintf (numbuf, "%u:", (unsigned int)strlen (numbuf2));
   p = stpcpy (stpcpy (stpcpy (p, numbuf), numbuf2), "))");
 
   rc = agent_scd_writekey (keyno, sexp, p - sexp);
diff --git a/g10/options.h b/g10/options.h
index f0b6f199f..8635d9b93 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -252,6 +252,7 @@ struct {
 #define IMPORT_SK2PK                     (1<<3)
 #define IMPORT_MERGE_ONLY                (1<<4)
 #define IMPORT_CLEAN_SIGS                (1<<5)
+#define IMPORT_CLEAN_UIDS                (1<<6)
 
 #define EXPORT_LOCAL_SIGS                (1<<0)
 #define EXPORT_ATTRIBUTES                (1<<1)
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 6d11cdc27..c72dc2059 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1625,8 +1625,9 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy)
 	 otherwise, it's invalid */
 
       if(noisy)
-	log_info("removing signature issued by key %s: %s\n",
+	log_info("removing signature from %s on uid \"%s\": %s\n",
 		 keystr(node->pkt->pkt.signature->keyid),
+		 uidnode->pkt->pkt.user_id->name,
 		 node->flag&(1<<9)?"superceded":"invalid");
 
       delete_kbnode(node);
@@ -1655,10 +1656,12 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
 {
   int delete_until_next=0,deleted=0;
   KBNODE node,signode=NULL;
-  u32 sigdate=0;
+  u32 keyid[2],sigdate=0;
 
   assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
 
+  keyid_from_pk(keyblock->pkt->pkt.public_key,keyid);
+
   merge_keys_and_selfsig(keyblock);
 
   for(node=keyblock->next;
@@ -1713,6 +1716,7 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
 	  /* This isn't actually slow - the key signature validation
 	     is cached from merge_keys_and_selfsig() */
 	  if(IS_UID_SIG(sig) && sig->timestamp>sigdate
+	     && keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1]
 	     && check_key_signature(keyblock,node,NULL)==0)
 	    {
 	      sigdate=sig->timestamp;