* trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around

when compacting a uid.  There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.

* keydb.h, kbnode.c (undelete_kbnode): Removed.  No longer needed.

* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed).  This allows
importing compacted uids.

g10/ChangeLog

@@ -1,3 +1,16 @@
+2005-07-08  David Shaw  <dshaw@jabberwocky.com>
+
+	* trustdb.c (clean_uids_from_key): Don't keep a valid selfsig
+	around when compacting a uid.  There is no reason to make an
+	attacker's job easier - this way they only have a revocation which
+	is useless in bringing the uid back.
+
+	* keydb.h, kbnode.c (undelete_kbnode): Removed.  No longer needed.
+
+	* import.c (chk_self_sigs): Allow a uid revocation to be enough to
+	allow importing a particular uid (no self sig needed).  This
+	allows importing compacted uids.
+
 2005-06-20  David Shaw  <dshaw@jabberwocky.com>
 
 	* keygen.c (save_unprotected_key_to_card): Better fix for gcc4

g10/import.c

@@ -1346,12 +1346,13 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
 	sig = n->pkt->pkt.signature;
 	if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
 
-	  /* This just caches the sigs for later use.  That way we
-	     import a fully-cached key which speeds things up. */
-	  if(!opt.no_sig_cache)
-	    check_key_signature(keyblock,n,NULL);
+	    /* This just caches the sigs for later use.  That way we
+	       import a fully-cached key which speeds things up. */
+	    if(!opt.no_sig_cache)
+	      check_key_signature(keyblock,n,NULL);
 
-	    if( (sig->sig_class&~3) == 0x10 ) {
+	    if( IS_UID_SIG(sig) || IS_UID_REV(sig) )
+	      {
 		KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
 		if( !unode )
 		  {
@@ -1381,7 +1382,7 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
 		  else
 		    unode->flag |= 1; /* mark that signature checked */
 		}
-	    }
+	      }
 	    else if( sig->sig_class == 0x18 ) {
 	      /* Note that this works based solely on the timestamps
 		 like the rest of gpg.  If the standard gets

g10/kbnode.c

@@ -114,13 +114,6 @@ delete_kbnode( KBNODE node )
     node->private_flag |= 1;
 }
 
-void
-undelete_kbnode( KBNODE node )
-{
-    node->private_flag &= ~1;
-}
-
-
 /****************
  * Append NODE to ROOT.  ROOT must exist!
  */

g10/keydb.h

@@ -293,7 +293,6 @@ KBNODE new_kbnode( PACKET *pkt );
 KBNODE clone_kbnode( KBNODE node );
 void release_kbnode( KBNODE n );
 void delete_kbnode( KBNODE node );
-void undelete_kbnode( KBNODE node );
 void add_kbnode( KBNODE root, KBNODE node );
 void insert_kbnode( KBNODE root, KBNODE node, int pkttype );
 void move_kbnode( KBNODE *root, KBNODE node, KBNODE where );

g10/trustdb.c

@@ -1672,9 +1672,6 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
 	{
 	  PKT_user_id *uid=node->pkt->pkt.user_id;
 
-	  if(signode && !signode->pkt->pkt.signature->flags.chosen_selfsig)
-	    undelete_kbnode(signode);
-
 	  sigdate=0;
 	  signode=NULL;
 
@@ -1687,7 +1684,6 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
 	  else
 	    {
 	      delete_until_next=1;
-	      deleted++;
 
 	      if(noisy)
 		{
@@ -1724,13 +1720,13 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
 	    }
 
 	  if(delete_until_next && !sig->flags.chosen_selfsig)
-	    delete_kbnode(node);
+	    {
+	      delete_kbnode(node);
+	      deleted++;
+	    }
 	}
     }
 
-  if(signode && !signode->pkt->pkt.signature->flags.chosen_selfsig)
-    undelete_kbnode(signode);
-
   return deleted;
 }