From 8238e7698b4af78ce6363345f25ccef201643f74 Mon Sep 17 00:00:00 2001 From: David Shaw Date: Sat, 9 Jul 2005 02:34:04 +0000 Subject: [PATCH] * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around when compacting a uid. There is no reason to make an attacker's job easier - this way they only have a revocation which is useless in bringing the uid back. * keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed. * import.c (chk_self_sigs): Allow a uid revocation to be enough to allow importing a particular uid (no self sig needed). This allows importing compacted uids. --- g10/ChangeLog | 13 +++++++++++++ g10/import.c | 13 +++++++------ g10/kbnode.c | 7 ------- g10/keydb.h | 1 - g10/trustdb.c | 12 ++++-------- 5 files changed, 24 insertions(+), 22 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index bec4c38e0..0a49037a0 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,16 @@ +2005-07-08 David Shaw + + * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig + around when compacting a uid. There is no reason to make an + attacker's job easier - this way they only have a revocation which + is useless in bringing the uid back. + + * keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed. + + * import.c (chk_self_sigs): Allow a uid revocation to be enough to + allow importing a particular uid (no self sig needed). This + allows importing compacted uids. + 2005-06-20 David Shaw * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 diff --git a/g10/import.c b/g10/import.c index 1818a28c6..8c96e5a6a 100644 --- a/g10/import.c +++ b/g10/import.c @@ -1346,12 +1346,13 @@ chk_self_sigs( const char *fname, KBNODE keyblock, sig = n->pkt->pkt.signature; if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) { - /* This just caches the sigs for later use. That way we - import a fully-cached key which speeds things up. */ - if(!opt.no_sig_cache) - check_key_signature(keyblock,n,NULL); + /* This just caches the sigs for later use. That way we + import a fully-cached key which speeds things up. */ + if(!opt.no_sig_cache) + check_key_signature(keyblock,n,NULL); - if( (sig->sig_class&~3) == 0x10 ) { + if( IS_UID_SIG(sig) || IS_UID_REV(sig) ) + { KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID ); if( !unode ) { @@ -1381,7 +1382,7 @@ chk_self_sigs( const char *fname, KBNODE keyblock, else unode->flag |= 1; /* mark that signature checked */ } - } + } else if( sig->sig_class == 0x18 ) { /* Note that this works based solely on the timestamps like the rest of gpg. If the standard gets diff --git a/g10/kbnode.c b/g10/kbnode.c index cd3bf5fd2..f273c8005 100644 --- a/g10/kbnode.c +++ b/g10/kbnode.c @@ -114,13 +114,6 @@ delete_kbnode( KBNODE node ) node->private_flag |= 1; } -void -undelete_kbnode( KBNODE node ) -{ - node->private_flag &= ~1; -} - - /**************** * Append NODE to ROOT. ROOT must exist! */ diff --git a/g10/keydb.h b/g10/keydb.h index f716a7390..e7b4292f6 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -293,7 +293,6 @@ KBNODE new_kbnode( PACKET *pkt ); KBNODE clone_kbnode( KBNODE node ); void release_kbnode( KBNODE n ); void delete_kbnode( KBNODE node ); -void undelete_kbnode( KBNODE node ); void add_kbnode( KBNODE root, KBNODE node ); void insert_kbnode( KBNODE root, KBNODE node, int pkttype ); void move_kbnode( KBNODE *root, KBNODE node, KBNODE where ); diff --git a/g10/trustdb.c b/g10/trustdb.c index c72dc2059..518ccd332 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -1672,9 +1672,6 @@ clean_uids_from_key(KBNODE keyblock,int noisy) { PKT_user_id *uid=node->pkt->pkt.user_id; - if(signode && !signode->pkt->pkt.signature->flags.chosen_selfsig) - undelete_kbnode(signode); - sigdate=0; signode=NULL; @@ -1687,7 +1684,6 @@ clean_uids_from_key(KBNODE keyblock,int noisy) else { delete_until_next=1; - deleted++; if(noisy) { @@ -1724,13 +1720,13 @@ clean_uids_from_key(KBNODE keyblock,int noisy) } if(delete_until_next && !sig->flags.chosen_selfsig) - delete_kbnode(node); + { + delete_kbnode(node); + deleted++; + } } } - if(signode && !signode->pkt->pkt.signature->flags.chosen_selfsig) - undelete_kbnode(signode); - return deleted; }