security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-28 22:49:59 +01:00
Code Activity

* keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.

Browse Source 
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing.  Like import-clean-sigs, this may nodify the local keyring.

* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
This commit is contained in:
David Shaw 2005-06-14 03:55:19 +00:00
parent 1067c01c93
commit 07e9d532b1
5 changed files with 45 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
g10/ChangeLog
View File

@ -1,3 +1,15 @@
2005-06-13 David Shaw <dshaw@jabberwocky.com>
* keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids
when importing. Like import-clean-sigs, this may nodify the local
keyring.
* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
2005-06-12 David Shaw <dshaw@jabberwocky.com> 2005-06-12 David Shaw <dshaw@jabberwocky.com>
* options.h, import.c (parse_import_options, * options.h, import.c (parse_import_options,

30
g10/import.c
View File

@ -56,6 +56,7 @@ struct stats_s {
ulong skipped_new_keys; ulong skipped_new_keys;
ulong not_imported; ulong not_imported;
ulong n_sigs_cleaned; ulong n_sigs_cleaned;
ulong n_uids_cleaned;
}; };
@ -95,8 +96,9 @@ parse_import_options(char *str,unsigned int *options,int noisy)
{"fast-import",IMPORT_FAST,NULL}, {"fast-import",IMPORT_FAST,NULL},
{"convert-sk-to-pk",IMPORT_SK2PK,NULL}, {"convert-sk-to-pk",IMPORT_SK2PK,NULL},
{"merge-only",IMPORT_MERGE_ONLY,NULL}, {"merge-only",IMPORT_MERGE_ONLY,NULL},
{"import-clean",IMPORT_CLEAN_SIGS,NULL}, {"import-clean",IMPORT_CLEAN_SIGS|IMPORT_CLEAN_UIDS,NULL},
{"import-clean-sigs",IMPORT_CLEAN_SIGS,NULL}, {"import-clean-sigs",IMPORT_CLEAN_SIGS,NULL},
{"import-clean-uids",IMPORT_CLEAN_UIDS,NULL},
/* Aliases for backward compatibility */ /* Aliases for backward compatibility */
{"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL}, {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL},
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL}, {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL},
@ -307,6 +309,8 @@ import_print_stats (void *hd)
log_info(_(" not imported: %lu\n"), stats->not_imported ); log_info(_(" not imported: %lu\n"), stats->not_imported );
if( stats->n_sigs_cleaned) if( stats->n_sigs_cleaned)
log_info(_(" signatures cleaned: %lu\n"),stats->n_sigs_cleaned); log_info(_(" signatures cleaned: %lu\n"),stats->n_sigs_cleaned);
if( stats->n_uids_cleaned)
log_info(_(" user IDs cleaned: %lu\n"),stats->n_uids_cleaned);
} }
if( is_status_enabled() ) { if( is_status_enabled() ) {
@ -734,6 +738,9 @@ import_one( const char *fname, KBNODE keyblock,
if(options&IMPORT_CLEAN_SIGS) if(options&IMPORT_CLEAN_SIGS)
clean_sigs_from_all_uids(keyblock); clean_sigs_from_all_uids(keyblock);
if(options&IMPORT_CLEAN_UIDS)
clean_uids_from_key(keyblock,opt.verbose);
clear_kbnode_flags( keyblock ); clear_kbnode_flags( keyblock );
if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock) if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
@ -834,7 +841,7 @@ import_one( const char *fname, KBNODE keyblock,
} }
else { /* merge */ else { /* merge */
KEYDB_HANDLE hd; KEYDB_HANDLE hd;
int n_uids, n_sigs, n_subk, n_sigs_cleaned; int n_uids, n_sigs, n_subk, n_sigs_cleaned, n_uids_cleaned;
/* Compare the original against the new key; just to be sure nothing /* Compare the original against the new key; just to be sure nothing
* weird is going on */ * weird is going on */
@ -875,7 +882,7 @@ import_one( const char *fname, KBNODE keyblock,
/* and try to merge the block */ /* and try to merge the block */
clear_kbnode_flags( keyblock_orig ); clear_kbnode_flags( keyblock_orig );
clear_kbnode_flags( keyblock ); clear_kbnode_flags( keyblock );
n_uids = n_sigs = n_subk = n_sigs_cleaned = 0; n_uids = n_sigs = n_subk = n_sigs_cleaned = n_uids_cleaned = 0;
rc = merge_blocks( fname, keyblock_orig, keyblock, rc = merge_blocks( fname, keyblock_orig, keyblock,
keyid, &n_uids, &n_sigs, &n_subk ); keyid, &n_uids, &n_sigs, &n_subk );
if( rc ) if( rc )
@ -887,7 +894,10 @@ import_one( const char *fname, KBNODE keyblock,
if(options&IMPORT_CLEAN_SIGS) if(options&IMPORT_CLEAN_SIGS)
n_sigs_cleaned=clean_sigs_from_all_uids(keyblock_orig); n_sigs_cleaned=clean_sigs_from_all_uids(keyblock_orig);
if( n_uids || n_sigs || n_subk || n_sigs_cleaned) { if(options&IMPORT_CLEAN_UIDS)
n_uids_cleaned=clean_uids_from_key(keyblock_orig,opt.verbose);
if( n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned) {
mod_key = 1; mod_key = 1;
/* keyblock_orig has been updated; write */ /* keyblock_orig has been updated; write */
rc = keydb_update_keyblock (hd, keyblock_orig); rc = keydb_update_keyblock (hd, keyblock_orig);
@ -919,9 +929,18 @@ import_one( const char *fname, KBNODE keyblock,
else if( n_subk ) else if( n_subk )
log_info( _("key %s: \"%s\" %d new subkeys\n"), log_info( _("key %s: \"%s\" %d new subkeys\n"),
keystr(keyid), p, n_subk ); keystr(keyid), p, n_subk );
if(n_sigs_cleaned) if(n_sigs_cleaned==1)
log_info(_("key %s: \"%s\" %d signature cleaned\n"),
keystr(keyid),p,n_sigs_cleaned);
else if(n_sigs_cleaned)
log_info(_("key %s: \"%s\" %d signatures cleaned\n"), log_info(_("key %s: \"%s\" %d signatures cleaned\n"),
keystr(keyid),p,n_sigs_cleaned); keystr(keyid),p,n_sigs_cleaned);
if(n_uids_cleaned==1)
log_info(_("key %s: \"%s\" %d user ID cleaned\n"),
keystr(keyid),p,n_uids_cleaned);
else if(n_uids_cleaned)
log_info(_("key %s: \"%s\" %d user IDs cleaned\n"),
keystr(keyid),p,n_uids_cleaned);
m_free(p); m_free(p);
} }
@ -929,6 +948,7 @@ import_one( const char *fname, KBNODE keyblock,
stats->n_sigs +=n_sigs; stats->n_sigs +=n_sigs;
stats->n_subk +=n_subk; stats->n_subk +=n_subk;
stats->n_sigs_cleaned +=n_sigs_cleaned; stats->n_sigs_cleaned +=n_sigs_cleaned;
stats->n_uids_cleaned +=n_uids_cleaned;
if (is_status_enabled ()) if (is_status_enabled ())
print_import_ok (pk, NULL, print_import_ok (pk, NULL,

2
g10/keygen.c
View File

@ -3543,7 +3543,7 @@ save_unprotected_key_to_card (PKT_secret_key *sk, int keyno)
p = stpcpy (p,"))(10:created-at"); p = stpcpy (p,"))(10:created-at");
sprintf (numbuf2, "%lu", (unsigned long)sk->timestamp); sprintf (numbuf2, "%lu", (unsigned long)sk->timestamp);
sprintf (numbuf, "%d:", strlen (numbuf2)); sprintf (numbuf, "%u:", (unsigned int)strlen (numbuf2));
p = stpcpy (stpcpy (stpcpy (p, numbuf), numbuf2), "))"); p = stpcpy (stpcpy (stpcpy (p, numbuf), numbuf2), "))");
rc = agent_scd_writekey (keyno, sexp, p - sexp); rc = agent_scd_writekey (keyno, sexp, p - sexp);

1
g10/options.h
View File

@ -252,6 +252,7 @@ struct {
#define IMPORT_SK2PK (1<<3) #define IMPORT_SK2PK (1<<3)
#define IMPORT_MERGE_ONLY (1<<4) #define IMPORT_MERGE_ONLY (1<<4)
#define IMPORT_CLEAN_SIGS (1<<5) #define IMPORT_CLEAN_SIGS (1<<5)
#define IMPORT_CLEAN_UIDS (1<<6)
#define EXPORT_LOCAL_SIGS (1<<0) #define EXPORT_LOCAL_SIGS (1<<0)
#define EXPORT_ATTRIBUTES (1<<1) #define EXPORT_ATTRIBUTES (1<<1)

8
g10/trustdb.c
View File

@ -1625,8 +1625,9 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy)
otherwise, it's invalid */ otherwise, it's invalid */
if(noisy) if(noisy)
log_info("removing signature issued by key %s: %s\n", log_info("removing signature from %s on uid \"%s\": %s\n",
keystr(node->pkt->pkt.signature->keyid), keystr(node->pkt->pkt.signature->keyid),
uidnode->pkt->pkt.user_id->name,
node->flag&(1<<9)?"superceded":"invalid"); node->flag&(1<<9)?"superceded":"invalid");
delete_kbnode(node); delete_kbnode(node);
@ -1655,10 +1656,12 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
{ {
int delete_until_next=0,deleted=0; int delete_until_next=0,deleted=0;
KBNODE node,signode=NULL; KBNODE node,signode=NULL;
u32 sigdate=0; u32 keyid[2],sigdate=0;
assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY); assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
keyid_from_pk(keyblock->pkt->pkt.public_key,keyid);
merge_keys_and_selfsig(keyblock); merge_keys_and_selfsig(keyblock);
for(node=keyblock->next; for(node=keyblock->next;
@ -1713,6 +1716,7 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
/* This isn't actually slow - the key signature validation /* This isn't actually slow - the key signature validation
is cached from merge_keys_and_selfsig() */ is cached from merge_keys_and_selfsig() */
if(IS_UID_SIG(sig) && sig->timestamp>sigdate if(IS_UID_SIG(sig) && sig->timestamp>sigdate
&& keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1]
&& check_key_signature(keyblock,node,NULL)==0) && check_key_signature(keyblock,node,NULL)==0)
{ {
sigdate=sig->timestamp; sigdate=sig->timestamp;