mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
--openpgp implies --allow-non-selfsigned-uid
If none of the uids are primary (because none are valid) then pick the first to be primary (but still invalid). This is for cosmetics in case some display needs to print a user ID from a non-selfsigned key. Also use --allow-non-selfsigned-uid to make such a key valid and not --always-trust. The key is *not* automatically trusted via --allow-non-selfsigned-uid. Make sure non-selfsigned uids print [uncertain] on verification even though one is primary now. If the main key is not valid, then neither are the subkeys. Allow --allow-non-selfsigned-uid to work on completely unsigned keys. Print the uids in UTF8. Remove mark_non_selfsigned_uids_valid() Show revocation key as UTF8. Allow --not-dash-escaped to work with v3 keys.
This commit is contained in:
David Shaw
parent
8cb9dd7a39
commit
b8858a3ef1
7 changed files with 75 additions and 39 deletions
37
g10/import.c
37
g10/import.c
|
|
@ -67,7 +67,6 @@ static int import_revoke_cert( const char *fname, KBNODE node,
|
|||
struct stats_s *stats);
|
||||
static int chk_self_sigs( const char *fname, KBNODE keyblock,
|
||||
PKT_public_key *pk, u32 *keyid );
|
||||
static void mark_non_selfsigned_uids_valid( KBNODE keyblock, u32 *kid );
|
||||
static int delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid );
|
||||
static int merge_blocks( const char *fname, KBNODE keyblock_orig,
|
||||
KBNODE keyblock, u32 *keyid,
|
||||
|
|
@ -445,8 +444,18 @@ import_one( const char *fname, KBNODE keyblock, int fast,
|
|||
if( rc )
|
||||
return rc== -1? 0:rc;
|
||||
|
||||
/* If we allow such a thing, mark unsigned uids as valid */
|
||||
if( opt.allow_non_selfsigned_uid )
|
||||
mark_non_selfsigned_uids_valid( keyblock, keyid );
|
||||
for( node=keyblock; node; node = node->next )
|
||||
if( node->pkt->pkttype == PKT_USER_ID && !(node->flag & 1) )
|
||||
{
|
||||
char *user=utf8_to_native(node->pkt->pkt.user_id->name,
|
||||
node->pkt->pkt.user_id->len,0);
|
||||
node->flag |= 1;
|
||||
log_info( _("key %08lX: accepted non self-signed user ID '%s'\n"),
|
||||
(ulong)keyid[1],user);
|
||||
m_free(user);
|
||||
}
|
||||
|
||||
if( !delete_inv_parts( fname, keyblock, keyid ) ) {
|
||||
if( !opt.quiet ) {
|
||||
|
|
@ -866,30 +875,6 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
|
|||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/****************
|
||||
* If a user ID has at least one signature, mark it as valid
|
||||
*/
|
||||
static void
|
||||
mark_non_selfsigned_uids_valid( KBNODE keyblock, u32 *kid )
|
||||
{
|
||||
KBNODE node;
|
||||
for(node=keyblock->next; node; node = node->next ) {
|
||||
if( node->pkt->pkttype == PKT_USER_ID && !(node->flag & 1) ) {
|
||||
if( (node->next && node->next->pkt->pkttype == PKT_SIGNATURE)
|
||||
|| !node->next ) {
|
||||
node->flag |= 1;
|
||||
log_info( _("key %08lX: accepted non self-signed user ID '"),
|
||||
(ulong)kid[1]);
|
||||
print_string( log_stream(), node->pkt->pkt.user_id->name,
|
||||
node->pkt->pkt.user_id->len, 0 );
|
||||
fputs("'\n", log_stream() );
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/****************
|
||||
* delete all parts which are invalid and those signatures whose
|
||||
* public key algorithm is not available in this implemenation;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue