mirror of git://git.gnupg.org/gnupg.git
* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
non-selfsigs from key during cleaning. Change all callers. * export.c (do_export_stream): Use it here so we don't need additional minimize code in the export path.
This commit is contained in:
David Shaw
parent
11c7699c45
commit
debc169f88
|
|
@ -1,3 +1,11 @@
|
|||
2005-11-10 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove
|
||||
all non-selfsigs from key during cleaning. Change all callers.
|
||||
|
||||
* export.c (do_export_stream): Use it here so we don't need
|
||||
additional minimize code in the export path.
|
||||
|
||||
2005-11-06 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* options.skel: Add a section for --encrypt-to. This is Debian
|
||||
|
|
|
|||
25
g10/export.c
25
g10/export.c
|
|
@ -293,7 +293,6 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
|||
subkey_list_t subkey_list = NULL; /* Track alreay processed subkeys. */
|
||||
KEYDB_HANDLE kdbhd;
|
||||
STRLIST sl;
|
||||
u32 keyid[2];
|
||||
|
||||
*any = 0;
|
||||
init_packet( &pkt );
|
||||
|
|
@ -383,10 +382,6 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
|||
else
|
||||
{
|
||||
/* It's a public key export. */
|
||||
if((options&EXPORT_MINIMAL)
|
||||
&& (node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
|
||||
keyid_from_pk(node->pkt->pkt.public_key,keyid);
|
||||
|
||||
if(options&EXPORT_CLEAN_UIDS)
|
||||
clean_uids_from_key(keyblock,opt.verbose);
|
||||
}
|
||||
|
|
@ -460,26 +455,20 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
if(node->pkt->pkttype==PKT_USER_ID)
|
||||
{
|
||||
/* Run clean_sigs_from_uid against each uid if
|
||||
export-clean-sigs is on. */
|
||||
export-clean-sigs is on. export-minimal causes it
|
||||
to remove all non-selfsigs as well. Note that
|
||||
export-minimal only applies to UID sigs (0x10,
|
||||
0x11, 0x12, and 0x13). A designated revocation is
|
||||
not stripped. */
|
||||
if(options&EXPORT_CLEAN_SIGS)
|
||||
clean_sigs_from_uid(keyblock,node,opt.verbose);
|
||||
clean_sigs_from_uid(keyblock,node,
|
||||
opt.verbose,options&EXPORT_MINIMAL);
|
||||
}
|
||||
else if(node->pkt->pkttype==PKT_SIGNATURE)
|
||||
{
|
||||
/* If we have export-minimal turned on, do not include
|
||||
any signature that isn't a selfsig. Note that this
|
||||
only applies to uid sigs (0x10, 0x11, 0x12, and
|
||||
0x13). A designated revocation is not stripped. */
|
||||
if((options&EXPORT_MINIMAL)
|
||||
&& IS_UID_SIG(node->pkt->pkt.signature)
|
||||
&& (node->pkt->pkt.signature->keyid[0]!=keyid[0]
|
||||
|| node->pkt->pkt.signature->keyid[1]!=keyid[1]))
|
||||
continue;
|
||||
|
||||
/* do not export packets which are marked as not
|
||||
exportable */
|
||||
if(!(options&EXPORT_LOCAL_SIGS)
|
||||
|
|
|
|||
|
|
@ -674,7 +674,7 @@ clean_sigs_from_all_uids(KBNODE keyblock)
|
|||
|
||||
for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next)
|
||||
if(uidnode->pkt->pkttype==PKT_USER_ID)
|
||||
deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose);
|
||||
deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0);
|
||||
|
||||
return deleted;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3199,7 +3199,7 @@ menu_clean_sigs_from_uids(KBNODE keyblock)
|
|||
char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
|
||||
uidnode->pkt->pkt.user_id->len,
|
||||
0);
|
||||
deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose);
|
||||
deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0);
|
||||
if(deleted)
|
||||
{
|
||||
tty_printf(deleted==1?
|
||||
|
|
|
|||
|
|
@ -1575,13 +1575,16 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
|
|||
}
|
||||
|
||||
int
|
||||
clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy)
|
||||
clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only)
|
||||
{
|
||||
int deleted=0;
|
||||
KBNODE node;
|
||||
u32 keyid[2];
|
||||
|
||||
assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
|
||||
|
||||
keyid_from_pk(keyblock->pkt->pkt.public_key,keyid);
|
||||
|
||||
/* Passing in a 0 for current time here means that we'll never weed
|
||||
out an expired sig. This is correct behavior since we want to
|
||||
keep the most recent expired sig in a series. */
|
||||
|
|
@ -1607,12 +1610,15 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy)
|
|||
node && node->pkt->pkttype==PKT_SIGNATURE;
|
||||
node=node->next)
|
||||
{
|
||||
int keep=self_only?(node->pkt->pkt.signature->keyid[0]==keyid[0]
|
||||
&& node->pkt->pkt.signature->keyid[1]==keyid[1]):1;
|
||||
|
||||
/* Keep usable uid sigs ... */
|
||||
if(node->flag & (1<<8))
|
||||
if((node->flag & (1<<8)) && keep)
|
||||
continue;
|
||||
|
||||
/* ... and usable revocations... */
|
||||
if(node->flag & (1<<11))
|
||||
if((node->flag & (1<<11)) && keep)
|
||||
continue;
|
||||
|
||||
/* ... and sigs from unavailable keys. */
|
||||
|
|
|
|||
|
|
@ -82,7 +82,7 @@ const char *get_ownertrust_string (PKT_public_key *pk);
|
|||
void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
|
||||
int clear_ownertrusts (PKT_public_key *pk);
|
||||
|
||||
int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy);
|
||||
int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only);
|
||||
int clean_uids_from_key(KBNODE keyblock,int noisy);
|
||||
|
||||
/*-- tdbdump.c --*/
|
||||
|
|
|
|||
Loading…
Reference in New Issue