mirror of
git://git.gnupg.org/gnupg.git
synced 2024-06-17 00:39:50 +02:00
* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
non-selfsigs from key during cleaning. Change all callers. * export.c (do_export_stream): Use it here so we don't need additional minimize code in the export path.
This commit is contained in:
David Shaw
parent
11c7699c45
commit
debc169f88
|
|
@ -1,3 +1,11 @@
|
||||||
|
2005-11-10 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove
|
||||||
|
all non-selfsigs from key during cleaning. Change all callers.
|
||||||
|
|
||||||
|
* export.c (do_export_stream): Use it here so we don't need
|
||||||
|
additional minimize code in the export path.
|
||||||
|
|
||||||
2005-11-06 David Shaw <dshaw@jabberwocky.com>
|
2005-11-06 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* options.skel: Add a section for --encrypt-to. This is Debian
|
* options.skel: Add a section for --encrypt-to. This is Debian
|
||||||
|
|
|
||||||
25
g10/export.c
25
g10/export.c
|
|
@ -293,7 +293,6 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
||||||
subkey_list_t subkey_list = NULL; /* Track alreay processed subkeys. */
|
subkey_list_t subkey_list = NULL; /* Track alreay processed subkeys. */
|
||||||
KEYDB_HANDLE kdbhd;
|
KEYDB_HANDLE kdbhd;
|
||||||
STRLIST sl;
|
STRLIST sl;
|
||||||
u32 keyid[2];
|
|
||||||
|
|
||||||
*any = 0;
|
*any = 0;
|
||||||
init_packet( &pkt );
|
init_packet( &pkt );
|
||||||
|
|
@ -383,10 +382,6 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
/* It's a public key export. */
|
/* It's a public key export. */
|
||||||
if((options&EXPORT_MINIMAL)
|
|
||||||
&& (node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
|
|
||||||
keyid_from_pk(node->pkt->pkt.public_key,keyid);
|
|
||||||
|
|
||||||
if(options&EXPORT_CLEAN_UIDS)
|
if(options&EXPORT_CLEAN_UIDS)
|
||||||
clean_uids_from_key(keyblock,opt.verbose);
|
clean_uids_from_key(keyblock,opt.verbose);
|
||||||
}
|
}
|
||||||
|
|
@ -460,26 +455,20 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if(node->pkt->pkttype==PKT_USER_ID)
|
if(node->pkt->pkttype==PKT_USER_ID)
|
||||||
{
|
{
|
||||||
/* Run clean_sigs_from_uid against each uid if
|
/* Run clean_sigs_from_uid against each uid if
|
||||||
export-clean-sigs is on. */
|
export-clean-sigs is on. export-minimal causes it
|
||||||
|
to remove all non-selfsigs as well. Note that
|
||||||
|
export-minimal only applies to UID sigs (0x10,
|
||||||
|
0x11, 0x12, and 0x13). A designated revocation is
|
||||||
|
not stripped. */
|
||||||
if(options&EXPORT_CLEAN_SIGS)
|
if(options&EXPORT_CLEAN_SIGS)
|
||||||
clean_sigs_from_uid(keyblock,node,opt.verbose);
|
clean_sigs_from_uid(keyblock,node,
|
||||||
|
opt.verbose,options&EXPORT_MINIMAL);
|
||||||
}
|
}
|
||||||
else if(node->pkt->pkttype==PKT_SIGNATURE)
|
else if(node->pkt->pkttype==PKT_SIGNATURE)
|
||||||
{
|
{
|
||||||
/* If we have export-minimal turned on, do not include
|
|
||||||
any signature that isn't a selfsig. Note that this
|
|
||||||
only applies to uid sigs (0x10, 0x11, 0x12, and
|
|
||||||
0x13). A designated revocation is not stripped. */
|
|
||||||
if((options&EXPORT_MINIMAL)
|
|
||||||
&& IS_UID_SIG(node->pkt->pkt.signature)
|
|
||||||
&& (node->pkt->pkt.signature->keyid[0]!=keyid[0]
|
|
||||||
|| node->pkt->pkt.signature->keyid[1]!=keyid[1]))
|
|
||||||
continue;
|
|
||||||
|
|
||||||
/* do not export packets which are marked as not
|
/* do not export packets which are marked as not
|
||||||
exportable */
|
exportable */
|
||||||
if(!(options&EXPORT_LOCAL_SIGS)
|
if(!(options&EXPORT_LOCAL_SIGS)
|
||||||
|
|
|
||||||
|
|
@ -674,7 +674,7 @@ clean_sigs_from_all_uids(KBNODE keyblock)
|
||||||
|
|
||||||
for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next)
|
for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next)
|
||||||
if(uidnode->pkt->pkttype==PKT_USER_ID)
|
if(uidnode->pkt->pkttype==PKT_USER_ID)
|
||||||
deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose);
|
deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0);
|
||||||
|
|
||||||
return deleted;
|
return deleted;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3199,7 +3199,7 @@ menu_clean_sigs_from_uids(KBNODE keyblock)
|
||||||
char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
|
char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
|
||||||
uidnode->pkt->pkt.user_id->len,
|
uidnode->pkt->pkt.user_id->len,
|
||||||
0);
|
0);
|
||||||
deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose);
|
deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0);
|
||||||
if(deleted)
|
if(deleted)
|
||||||
{
|
{
|
||||||
tty_printf(deleted==1?
|
tty_printf(deleted==1?
|
||||||
|
|
|
||||||
|
|
@ -1575,13 +1575,16 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy)
|
clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only)
|
||||||
{
|
{
|
||||||
int deleted=0;
|
int deleted=0;
|
||||||
KBNODE node;
|
KBNODE node;
|
||||||
|
u32 keyid[2];
|
||||||
|
|
||||||
assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
|
assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
|
||||||
|
|
||||||
|
keyid_from_pk(keyblock->pkt->pkt.public_key,keyid);
|
||||||
|
|
||||||
/* Passing in a 0 for current time here means that we'll never weed
|
/* Passing in a 0 for current time here means that we'll never weed
|
||||||
out an expired sig. This is correct behavior since we want to
|
out an expired sig. This is correct behavior since we want to
|
||||||
keep the most recent expired sig in a series. */
|
keep the most recent expired sig in a series. */
|
||||||
|
|
@ -1607,12 +1610,15 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy)
|
||||||
node && node->pkt->pkttype==PKT_SIGNATURE;
|
node && node->pkt->pkttype==PKT_SIGNATURE;
|
||||||
node=node->next)
|
node=node->next)
|
||||||
{
|
{
|
||||||
|
int keep=self_only?(node->pkt->pkt.signature->keyid[0]==keyid[0]
|
||||||
|
&& node->pkt->pkt.signature->keyid[1]==keyid[1]):1;
|
||||||
|
|
||||||
/* Keep usable uid sigs ... */
|
/* Keep usable uid sigs ... */
|
||||||
if(node->flag & (1<<8))
|
if((node->flag & (1<<8)) && keep)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
/* ... and usable revocations... */
|
/* ... and usable revocations... */
|
||||||
if(node->flag & (1<<11))
|
if((node->flag & (1<<11)) && keep)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
/* ... and sigs from unavailable keys. */
|
/* ... and sigs from unavailable keys. */
|
||||||
|
|
|
||||||
|
|
@ -82,7 +82,7 @@ const char *get_ownertrust_string (PKT_public_key *pk);
|
||||||
void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
|
void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
|
||||||
int clear_ownertrusts (PKT_public_key *pk);
|
int clear_ownertrusts (PKT_public_key *pk);
|
||||||
|
|
||||||
int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy);
|
int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only);
|
||||||
int clean_uids_from_key(KBNODE keyblock,int noisy);
|
int clean_uids_from_key(KBNODE keyblock,int noisy);
|
||||||
|
|
||||||
/*-- tdbdump.c --*/
|
/*-- tdbdump.c --*/
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user