* gpgv.c: Add stub for get_ownertrust().

* g10.c (main): --allow-freeform-uid should be implied by OpenPGP. Add --no-allow-freeform-uid. * keyedit.c (sign_uids): Issue a warning when signing a non-selfsigned uid. * getkey.c (merge_selfsigs_main): If a key has no selfsigs, and allow-non-selfsigned-uid is not set, still try and make the key valid by checking all uids for a signature from an ultimately trusted key.
2025-07-03 22:56:33 +02:00 · 2002-05-17 18:49:30 +00:00 · 2002-05-17 18:49:30 +00:00 · 28ae0d878f
commit 28ae0d878f
parent 5c759fee31
5 changed files with 85 additions and 19 deletions
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -1440,8 +1440,40 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
 	pk->is_valid = 1;
      }

-    if ( sigdate > uiddate )
-        uiddate = sigdate;
+    /* The key STILL isn't valid, so try and find an ultimately
+       trusted signature. */
+    if(!pk->is_valid)
+      {
+	uidnode=NULL;
+
+	for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k=k->next)
+	  {
+	    if ( k->pkt->pkttype == PKT_USER_ID )
+	      uidnode = k;
+	    else if ( k->pkt->pkttype == PKT_SIGNATURE && uidnode )
+	      {
+		PKT_signature *sig = k->pkt->pkt.signature;
+
+		if(sig->keyid[0] != kid[0] || sig->keyid[1]!=kid[1])
+		  {
+		    PKT_public_key *ultimate_pk;
+
+		    ultimate_pk=m_alloc_clear(sizeof(*ultimate_pk));
+
+		    if(get_pubkey(ultimate_pk,sig->keyid)==0 &&
+		       check_key_signature(keyblock,k,NULL)==0 &&
+		       get_ownertrust(ultimate_pk)==TRUST_ULTIMATE)
+		      {
+			free_public_key(ultimate_pk);
+			pk->is_valid=1;
+			break;
+		      }
+
+		    free_public_key(ultimate_pk);
+		  }
+	      }
+	  }
+      }

    /* Record the highest selfsigversion so we know if this is a v3
       key through and through, or a v3 key with a v4 selfsig, which