mirror of
git://git.gnupg.org/gnupg.git
synced 2024-09-24 15:31:41 +02:00
* options.h, export.c (parse_export_options, do_export_stream): Add
"export-minimal" option to disregard any sigs except selfsigs.
This commit is contained in:
David Shaw
parent
3d165c4ecf
commit
9a70afe2b3
@ -1,5 +1,8 @@
|
||||
2004-11-24 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* options.h, export.c (parse_export_options, do_export_stream):
|
||||
Add "export-minimal" option to disregard any sigs except selfsigs.
|
||||
|
||||
* trustdb.c (uid_trust_string_fixed): Use a string that can be
|
||||
atoi-ed, but also has a comment for the translator.
|
||||
|
||||
|
||||
60
g10/export.c
60
g10/export.c
@ -48,6 +48,7 @@ parse_export_options(char *str,unsigned int *options,int noisy)
|
||||
{"include-local-sigs",EXPORT_INCLUDE_LOCAL_SIGS,NULL},
|
||||
{"include-attributes",EXPORT_INCLUDE_ATTRIBUTES,NULL},
|
||||
{"include-sensitive-revkeys",EXPORT_INCLUDE_SENSITIVE_REVKEYS,NULL},
|
||||
{"export-minimal",EXPORT_MINIMAL,NULL},
|
||||
{NULL,0,NULL}
|
||||
/* add tags for include revoked and disabled? */
|
||||
};
|
||||
@ -140,6 +141,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
||||
KEYDB_SEARCH_DESC *desc = NULL;
|
||||
KEYDB_HANDLE kdbhd;
|
||||
STRLIST sl;
|
||||
u32 pk_keyid[2];
|
||||
|
||||
*any = 0;
|
||||
init_packet( &pkt );
|
||||
@ -193,8 +195,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
||||
goto leave;
|
||||
}
|
||||
|
||||
node=find_kbnode( keyblock, PKT_SECRET_KEY );
|
||||
if(node)
|
||||
if((node=find_kbnode(keyblock,PKT_SECRET_KEY)))
|
||||
{
|
||||
PKT_secret_key *sk=node->pkt->pkt.secret_key;
|
||||
|
||||
@ -216,6 +217,9 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
||||
continue;
|
||||
}
|
||||
}
|
||||
else if((options&EXPORT_MINIMAL)
|
||||
&& (node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
|
||||
keyid_from_pk(node->pkt->pkt.public_key,pk_keyid);
|
||||
|
||||
/* and write it */
|
||||
for( kbctx=NULL; (node = walk_kbnode( keyblock, &kbctx, 0 )); ) {
|
||||
@ -301,28 +305,40 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
||||
continue;
|
||||
}
|
||||
|
||||
if( node->pkt->pkttype == PKT_SIGNATURE ) {
|
||||
/* do not export packets which are marked as not exportable */
|
||||
if( !(options&EXPORT_INCLUDE_LOCAL_SIGS) &&
|
||||
!node->pkt->pkt.signature->flags.exportable )
|
||||
continue; /* not exportable */
|
||||
|
||||
/* Do not export packets with a "sensitive" revocation
|
||||
key unless the user wants us to. Note that we do
|
||||
export these when issuing the actual revocation (see
|
||||
revoke.c). */
|
||||
if( !(options&EXPORT_INCLUDE_SENSITIVE_REVKEYS) &&
|
||||
node->pkt->pkt.signature->revkey ) {
|
||||
int i;
|
||||
|
||||
for(i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
|
||||
if(node->pkt->pkt.signature->revkey[i]->class & 0x40)
|
||||
break;
|
||||
|
||||
if(i<node->pkt->pkt.signature->numrevkeys)
|
||||
if( node->pkt->pkttype == PKT_SIGNATURE )
|
||||
{
|
||||
/* If we have minimal-export turned on, do not include
|
||||
any signature that isn't a selfsig. Note that this
|
||||
only applies to uid sigs (0x10, 0x11, 0x12, and
|
||||
0x13). A designated revocation is not stripped. */
|
||||
if((options&EXPORT_MINIMAL)
|
||||
&& IS_UID_SIG(node->pkt->pkt.signature)
|
||||
&& (node->pkt->pkt.signature->keyid[0]!=pk_keyid[0]
|
||||
|| node->pkt->pkt.signature->keyid[1]!=pk_keyid[1]))
|
||||
continue;
|
||||
|
||||
/* do not export packets which are marked as not exportable */
|
||||
if(!(options&EXPORT_INCLUDE_LOCAL_SIGS)
|
||||
&& !node->pkt->pkt.signature->flags.exportable)
|
||||
continue; /* not exportable */
|
||||
|
||||
/* Do not export packets with a "sensitive" revocation
|
||||
key unless the user wants us to. Note that we do
|
||||
export these when issuing the actual revocation
|
||||
(see revoke.c). */
|
||||
if(!(options&EXPORT_INCLUDE_SENSITIVE_REVKEYS)
|
||||
&& node->pkt->pkt.signature->revkey)
|
||||
{
|
||||
int i;
|
||||
|
||||
for(i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
|
||||
if(node->pkt->pkt.signature->revkey[i]->class & 0x40)
|
||||
break;
|
||||
|
||||
if(i<node->pkt->pkt.signature->numrevkeys)
|
||||
continue;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Don't export attribs? */
|
||||
if( !(options&EXPORT_INCLUDE_ATTRIBUTES) &&
|
||||
|
||||
@ -241,7 +241,9 @@ struct {
|
||||
#define PGP7 (opt.compliance==CO_PGP7)
|
||||
#define PGP8 (opt.compliance==CO_PGP8)
|
||||
|
||||
/* Various option flags */
|
||||
/* Various option flags. Note that there should be no common string
|
||||
names between the IMPORT_ and EXPORT_ flags as they can be mixed in
|
||||
the keyserver-options option. */
|
||||
|
||||
#define IMPORT_ALLOW_LOCAL_SIGS (1<<0)
|
||||
#define IMPORT_REPAIR_PKS_SUBKEY_BUG (1<<1)
|
||||
@ -252,6 +254,7 @@ struct {
|
||||
#define EXPORT_INCLUDE_LOCAL_SIGS (1<<0)
|
||||
#define EXPORT_INCLUDE_ATTRIBUTES (1<<1)
|
||||
#define EXPORT_INCLUDE_SENSITIVE_REVKEYS (1<<2)
|
||||
#define EXPORT_MINIMAL (1<<3)
|
||||
|
||||
#define LIST_SHOW_PHOTOS (1<<0)
|
||||
#define LIST_SHOW_POLICY_URLS (1<<1)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user