security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-02 12:01:32 +01:00
Code Activity

gpg: allow import of previously known keys, even without UIDs

Browse Source 
* g10/import.c (import_one): Accept an incoming OpenPGP certificate that
has no user id, as long as we already have a local variant of the cert
that matches the primary key.

--

This fixes two of the three broken tests in import-incomplete.scm.

GnuPG-Bug-id: 4393
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Vincent Breitmoser 2019-06-13 21:27:42 +02:00 committed by Daniel Kahn Gillmor
parent 4c40bfa90b
commit a1db83d8a3
1 changed files with 11 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
g10/import.c
View File

@ -1769,7 +1769,6 @@ import_one (ctrl_t ctrl,
size_t an; size_t an;
char pkstrbuf[PUBKEY_STRING_SIZE]; char pkstrbuf[PUBKEY_STRING_SIZE];
int merge_keys_done = 0; int merge_keys_done = 0;
int any_filter = 0;
KEYDB_HANDLE hd = NULL; KEYDB_HANDLE hd = NULL;
if (r_valid) if (r_valid)
@ -1806,16 +1805,6 @@ import_one (ctrl_t ctrl,
log_printf ("\n"); log_printf ("\n");
} }
/* Unless import-drop-uids has been requested we don't allow import
* of a key without UIDs. */
if (!uidnode && !(options & IMPORT_DROP_UIDS))
{
if (!silent)
log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
return 0;
}
if (screener && screener (keyblock, screener_arg)) if (screener && screener (keyblock, screener_arg))
{ {
log_error (_("key %s: %s\n"), keystr_from_pk (pk), log_error (_("key %s: %s\n"), keystr_from_pk (pk),
@ -1887,20 +1876,10 @@ import_one (ctrl_t ctrl,
} }
} }
/* Delete invalid parts and without the drop option bail out if /* Delete invalid parts, and note if we have any valid ones left.
* there are no user ids. */ * We will later abort import if this key is new but contains
if (!delete_inv_parts (ctrl, keyblock, keyid, options) * no valid uids. */
&& !(options & IMPORT_DROP_UIDS) ) delete_inv_parts (ctrl, keyblock, keyid, options);
{
if (!silent)
{
log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
if (!opt.quiet )
log_info(_("this may be caused by a missing self-signature\n"));
}
stats->no_user_id++;
return 0;
}
/* Get rid of deleted nodes. */ /* Get rid of deleted nodes. */
commit_kbnode (&keyblock); commit_kbnode (&keyblock);
@ -1910,24 +1889,11 @@ import_one (ctrl_t ctrl,
{ {
apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid); apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
commit_kbnode (&keyblock); commit_kbnode (&keyblock);
any_filter = 1;
} }
if (import_filter.drop_sig) if (import_filter.drop_sig)
{ {
apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig); apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
commit_kbnode (&keyblock); commit_kbnode (&keyblock);
any_filter = 1;
}
/* If we ran any filter we need to check that at least one user id
* is left in the keyring. Note that we do not use log_error in
* this case. */
if (any_filter && !any_uid_left (keyblock))
{
if (!opt.quiet )
log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk));
stats->no_user_id++;
return 0;
} }
/* The keyblock is valid and ready for real import. */ /* The keyblock is valid and ready for real import. */
@ -1985,6 +1951,13 @@ import_one (ctrl_t ctrl,
err = 0; err = 0;
stats->skipped_new_keys++; stats->skipped_new_keys++;
} }
else if (err && !any_uid_left (keyblock) && !(options & IMPORT_DROP_UIDS) )
{
if (!silent)
log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid));
err = 0;
stats->no_user_id++;
}
else if (err) /* Insert this key. */ else if (err) /* Insert this key. */
{ {
/* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */ /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */