gpg: Change keydb_search to not return legacy keys.

* g10/keyring.c (keyring_search): Take new argument, ignore_legacy. If set, skip any legacy keys. Update callers. * g10/keydb.c (keydb_search): Skip any legacy keys. (keydb_search_first): Don't skip legacy keys. Treat them as an error. (keydb_search_next): Likewise. (keydb_search_fpr): Likewise. * g10/export.c (do_export_stream): Likewise. * g10/getkey.c (lookup): Likewise. (have_secret_key_with_kid): Likewise. * g10/keylist.c (list_all): Likewise. (keyring_rebuild_cache): Likewise. * g10/keyserver.c (keyidlist): Likewise. * g10/trustdb.c (validate_key_list): Likewise. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2025-07-02 22:46:30 +02:00 · 2015-11-17 14:38:03 +01:00 · 2015-11-17 14:38:03 +01:00 · 58e4a492e2
commit 58e4a492e2
parent 848726f5c0
8 changed files with 34 additions and 94 deletions
--- a/g10/keyring.c
+++ b/g10/keyring.c
@ -429,7 +429,8 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
              }
            else
              /* Upper layer needs to handle this.  */
-              ;
+              {
+              }
            break;
          }
 	if (rc) {
@ -967,7 +968,7 @@ compare_name (int mode, const char *name, const char *uid, size_t uidlen)
 */
 int
 keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc,
-		size_t ndesc, size_t *descindex)
+		size_t ndesc, size_t *descindex, int ignore_legacy)
 {
  int rc;
  PACKET pkt;
@ -1106,11 +1107,20 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc,
  if (DBG_LOOKUP)
    log_debug ("%s: %ssearching from start of resource.\n",
               __func__, scanned_from_start ? "" : "not ");
-  while (!(rc=search_packet (hd->current.iobuf, &pkt, &offset, need_uid)))
+  while (1)
    {
      byte afp[MAX_FINGERPRINT_LEN];
      size_t an;

+      rc = search_packet (hd->current.iobuf, &pkt, &offset, need_uid);
+      if (ignore_legacy && gpg_err_code (rc) == GPG_ERR_LEGACY_KEY)
+        {
+          free_packet (&pkt);
+          continue;
+        }
+      if (rc)
+        break;
+
      if (pkt.pkttype == PKT_PUBLIC_KEY  || pkt.pkttype == PKT_SECRET_KEY)
        {
          main_offset = offset;
@ -1486,8 +1496,8 @@ keyring_rebuild_cache (void *token,int noisy)

  for (;;)
    {
-      rc = keyring_search (hd, &desc, 1, NULL);
-      if (rc && gpg_err_code (rc) != GPG_ERR_LEGACY_KEY)
+      rc = keyring_search (hd, &desc, 1, NULL, 0);
+      if (rc)
        break;  /* ready.  */

      desc.mode = KEYDB_SEARCH_MODE_NEXT;