security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

* options.h, export.c (parse_export_options, do_export_stream): Add

Browse Source 
"export-minimal" option to disregard any sigs except selfsigs.
This commit is contained in:
David Shaw 2004-11-25 03:58:42 +00:00
parent 3d165c4ecf
commit 9a70afe2b3
3 changed files with 45 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
g10/ChangeLog
View File

@ -1,5 +1,8 @@
2004-11-24 David Shaw <dshaw@jabberwocky.com> 2004-11-24 David Shaw <dshaw@jabberwocky.com>
* options.h, export.c (parse_export_options, do_export_stream):
Add "export-minimal" option to disregard any sigs except selfsigs.
* trustdb.c (uid_trust_string_fixed): Use a string that can be * trustdb.c (uid_trust_string_fixed): Use a string that can be
atoi-ed, but also has a comment for the translator. atoi-ed, but also has a comment for the translator.

60
g10/export.c
View File

@ -48,6 +48,7 @@ parse_export_options(char *str,unsigned int *options,int noisy)
{"include-local-sigs",EXPORT_INCLUDE_LOCAL_SIGS,NULL}, {"include-local-sigs",EXPORT_INCLUDE_LOCAL_SIGS,NULL},
{"include-attributes",EXPORT_INCLUDE_ATTRIBUTES,NULL}, {"include-attributes",EXPORT_INCLUDE_ATTRIBUTES,NULL},
{"include-sensitive-revkeys",EXPORT_INCLUDE_SENSITIVE_REVKEYS,NULL}, {"include-sensitive-revkeys",EXPORT_INCLUDE_SENSITIVE_REVKEYS,NULL},
{"export-minimal",EXPORT_MINIMAL,NULL},
{NULL,0,NULL} {NULL,0,NULL}
/* add tags for include revoked and disabled? */ /* add tags for include revoked and disabled? */
}; };
@ -140,6 +141,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
KEYDB_SEARCH_DESC *desc = NULL; KEYDB_SEARCH_DESC *desc = NULL;
KEYDB_HANDLE kdbhd; KEYDB_HANDLE kdbhd;
STRLIST sl; STRLIST sl;
u32 pk_keyid[2];
*any = 0; *any = 0;
init_packet( &pkt ); init_packet( &pkt );
@ -193,8 +195,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
goto leave; goto leave;
} }
node=find_kbnode( keyblock, PKT_SECRET_KEY ); if((node=find_kbnode(keyblock,PKT_SECRET_KEY)))
if(node)
{ {
PKT_secret_key *sk=node->pkt->pkt.secret_key; PKT_secret_key *sk=node->pkt->pkt.secret_key;
@ -216,6 +217,9 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
continue; continue;
} }
} }
else if((options&EXPORT_MINIMAL)
&& (node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
keyid_from_pk(node->pkt->pkt.public_key,pk_keyid);
/* and write it */ /* and write it */
for( kbctx=NULL; (node = walk_kbnode( keyblock, &kbctx, 0 )); ) { for( kbctx=NULL; (node = walk_kbnode( keyblock, &kbctx, 0 )); ) {
@ -301,28 +305,40 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
continue; continue;
} }
if( node->pkt->pkttype == PKT_SIGNATURE ) { if( node->pkt->pkttype == PKT_SIGNATURE )
/* do not export packets which are marked as not exportable */ {
if( !(options&EXPORT_INCLUDE_LOCAL_SIGS) && /* If we have minimal-export turned on, do not include
!node->pkt->pkt.signature->flags.exportable ) any signature that isn't a selfsig. Note that this
continue; /* not exportable */ only applies to uid sigs (0x10, 0x11, 0x12, and
0x13). A designated revocation is not stripped. */
/* Do not export packets with a "sensitive" revocation if((options&EXPORT_MINIMAL)
key unless the user wants us to. Note that we do && IS_UID_SIG(node->pkt->pkt.signature)
export these when issuing the actual revocation (see && (node->pkt->pkt.signature->keyid[0]!=pk_keyid[0]
revoke.c). */ || node->pkt->pkt.signature->keyid[1]!=pk_keyid[1]))
if( !(options&EXPORT_INCLUDE_SENSITIVE_REVKEYS) &&
node->pkt->pkt.signature->revkey ) {
int i;
for(i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
if(node->pkt->pkt.signature->revkey[i]->class & 0x40)
break;
if(i<node->pkt->pkt.signature->numrevkeys)
continue; continue;
/* do not export packets which are marked as not exportable */
if(!(options&EXPORT_INCLUDE_LOCAL_SIGS)
&& !node->pkt->pkt.signature->flags.exportable)
continue; /* not exportable */
/* Do not export packets with a "sensitive" revocation
key unless the user wants us to. Note that we do
export these when issuing the actual revocation
(see revoke.c). */
if(!(options&EXPORT_INCLUDE_SENSITIVE_REVKEYS)
&& node->pkt->pkt.signature->revkey)
{
int i;
for(i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
if(node->pkt->pkt.signature->revkey[i]->class & 0x40)
break;
if(i<node->pkt->pkt.signature->numrevkeys)
continue;
}
} }
}
/* Don't export attribs? */ /* Don't export attribs? */
if( !(options&EXPORT_INCLUDE_ATTRIBUTES) && if( !(options&EXPORT_INCLUDE_ATTRIBUTES) &&

5
g10/options.h
View File

@ -241,7 +241,9 @@ struct {
#define PGP7 (opt.compliance==CO_PGP7) #define PGP7 (opt.compliance==CO_PGP7)
#define PGP8 (opt.compliance==CO_PGP8) #define PGP8 (opt.compliance==CO_PGP8)
/* Various option flags */ /* Various option flags. Note that there should be no common string
names between the IMPORT_ and EXPORT_ flags as they can be mixed in
the keyserver-options option. */
#define IMPORT_ALLOW_LOCAL_SIGS (1<<0) #define IMPORT_ALLOW_LOCAL_SIGS (1<<0)
#define IMPORT_REPAIR_PKS_SUBKEY_BUG (1<<1) #define IMPORT_REPAIR_PKS_SUBKEY_BUG (1<<1)
@ -252,6 +254,7 @@ struct {
#define EXPORT_INCLUDE_LOCAL_SIGS (1<<0) #define EXPORT_INCLUDE_LOCAL_SIGS (1<<0)
#define EXPORT_INCLUDE_ATTRIBUTES (1<<1) #define EXPORT_INCLUDE_ATTRIBUTES (1<<1)
#define EXPORT_INCLUDE_SENSITIVE_REVKEYS (1<<2) #define EXPORT_INCLUDE_SENSITIVE_REVKEYS (1<<2)
#define EXPORT_MINIMAL (1<<3)
#define LIST_SHOW_PHOTOS (1<<0) #define LIST_SHOW_PHOTOS (1<<0)
#define LIST_SHOW_POLICY_URLS (1<<1) #define LIST_SHOW_POLICY_URLS (1<<1)