mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-10 13:04:23 +01:00
gpg: Add import option "keep-ownertrust".
* g10/options.h (IMPORT_KEEP_OWNERTTRUST): New. * g10/import.c (parse_import_options): Add "keep-ownertrust". (import_one): Act upon new option. -- This option is in particular useful to convert from a pubring.gpg to the new pubring.kbx in GnuPG 2.1 or vice versa: gpg1 --export | gpg2 --import-options keep-ownertrust --import (cherry-picked from commit ffc2307843ce6c4ac3c8d99ba8c70ffa1ae28e39)
This commit is contained in:
parent
eb756e2510
commit
da95d0d378
@ -2039,6 +2039,15 @@ opposite meaning. The options are:
|
|||||||
generally useful unless a shared keyring scheme is being used.
|
generally useful unless a shared keyring scheme is being used.
|
||||||
Defaults to no.
|
Defaults to no.
|
||||||
|
|
||||||
|
@item import-keep-ownertrust
|
||||||
|
Normally possible still existing ownertrust values of a key are
|
||||||
|
cleared if a key is imported. This is in general desirable so that
|
||||||
|
a formerly deleted key does not automatically gain an ownertrust
|
||||||
|
values merely due to import. On the other hand it is sometimes
|
||||||
|
necessary to re-import a trusted set of keys again but keeping
|
||||||
|
already assigned ownertrust values. This can be achived by using
|
||||||
|
this option.
|
||||||
|
|
||||||
@item repair-pks-subkey-bug
|
@item repair-pks-subkey-bug
|
||||||
During import, attempt to repair the damage caused by the PKS keyserver
|
During import, attempt to repair the damage caused by the PKS keyserver
|
||||||
bug (pre version 0.9.6) that mangles keys with multiple subkeys. Note
|
bug (pre version 0.9.6) that mangles keys with multiple subkeys. Note
|
||||||
|
15
g10/import.c
15
g10/import.c
@ -95,18 +95,28 @@ parse_import_options(char *str,unsigned int *options,int noisy)
|
|||||||
{
|
{
|
||||||
{"import-local-sigs",IMPORT_LOCAL_SIGS,NULL,
|
{"import-local-sigs",IMPORT_LOCAL_SIGS,NULL,
|
||||||
N_("import signatures that are marked as local-only")},
|
N_("import signatures that are marked as local-only")},
|
||||||
|
|
||||||
{"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,
|
{"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,
|
||||||
N_("repair damage from the pks keyserver during import")},
|
N_("repair damage from the pks keyserver during import")},
|
||||||
|
|
||||||
|
{"keep-ownertrust", IMPORT_KEEP_OWNERTTRUST, NULL,
|
||||||
|
N_("do not clear the ownertrust values during import")},
|
||||||
|
|
||||||
{"fast-import",IMPORT_FAST,NULL,
|
{"fast-import",IMPORT_FAST,NULL,
|
||||||
N_("do not update the trustdb after import")},
|
N_("do not update the trustdb after import")},
|
||||||
|
|
||||||
{"convert-sk-to-pk",IMPORT_SK2PK,NULL,
|
{"convert-sk-to-pk",IMPORT_SK2PK,NULL,
|
||||||
N_("create a public key when importing a secret key")},
|
N_("create a public key when importing a secret key")},
|
||||||
|
|
||||||
{"merge-only",IMPORT_MERGE_ONLY,NULL,
|
{"merge-only",IMPORT_MERGE_ONLY,NULL,
|
||||||
N_("only accept updates to existing keys")},
|
N_("only accept updates to existing keys")},
|
||||||
|
|
||||||
{"import-clean",IMPORT_CLEAN,NULL,
|
{"import-clean",IMPORT_CLEAN,NULL,
|
||||||
N_("remove unusable parts from key after import")},
|
N_("remove unusable parts from key after import")},
|
||||||
|
|
||||||
{"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
|
{"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
|
||||||
N_("remove as much as possible from key after import")},
|
N_("remove as much as possible from key after import")},
|
||||||
|
|
||||||
/* Aliases for backward compatibility */
|
/* Aliases for backward compatibility */
|
||||||
{"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL},
|
{"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL},
|
||||||
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL},
|
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL},
|
||||||
@ -890,12 +900,13 @@ import_one( const char *fname, KBNODE keyblock, struct stats_s *stats,
|
|||||||
if (rc)
|
if (rc)
|
||||||
log_error (_("error writing keyring `%s': %s\n"),
|
log_error (_("error writing keyring `%s': %s\n"),
|
||||||
keydb_get_resource_name (hd), g10_errstr(rc));
|
keydb_get_resource_name (hd), g10_errstr(rc));
|
||||||
else
|
else if (!(opt.import_options & IMPORT_KEEP_OWNERTTRUST))
|
||||||
{
|
{
|
||||||
/* This should not be possible since we delete the
|
/* This should not be possible since we delete the
|
||||||
ownertrust when a key is deleted, but it can happen if
|
ownertrust when a key is deleted, but it can happen if
|
||||||
the keyring and trustdb are out of sync. It can also
|
the keyring and trustdb are out of sync. It can also
|
||||||
be made to happen with the trusted-key command. */
|
be made to happen with the trusted-key command and by
|
||||||
|
importing and locally exported key. */
|
||||||
|
|
||||||
clear_ownertrusts (pk);
|
clear_ownertrusts (pk);
|
||||||
if(non_self)
|
if(non_self)
|
||||||
|
@ -324,6 +324,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
|
|||||||
#define IMPORT_MINIMAL (1<<5)
|
#define IMPORT_MINIMAL (1<<5)
|
||||||
#define IMPORT_CLEAN (1<<6)
|
#define IMPORT_CLEAN (1<<6)
|
||||||
#define IMPORT_NO_SECKEY (1<<7)
|
#define IMPORT_NO_SECKEY (1<<7)
|
||||||
|
#define IMPORT_KEEP_OWNERTTRUST (1<<8)
|
||||||
|
|
||||||
#define EXPORT_LOCAL_SIGS (1<<0)
|
#define EXPORT_LOCAL_SIGS (1<<0)
|
||||||
#define EXPORT_ATTRIBUTES (1<<1)
|
#define EXPORT_ATTRIBUTES (1<<1)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user