mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Add import-clean-sigs option to automatically clean a key when importing. Note that when importing a key that is already on the local keyring, the clean applies to the merged key - i.e. existing superceded or invalid signatures are removed.
This commit is contained in:
parent
6e9b751b79
commit
f3c4b07d05
@ -1,5 +1,12 @@
|
|||||||
2005-06-12 David Shaw <dshaw@jabberwocky.com>
|
2005-06-12 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* options.h, import.c (parse_import_options,
|
||||||
|
clean_sigs_from_all_uids, import_one): Add import-clean-sigs
|
||||||
|
option to automatically clean a key when importing. Note that
|
||||||
|
when importing a key that is already on the local keyring, the
|
||||||
|
clean applies to the merged key - i.e. existing superceded or
|
||||||
|
invalid signatures are removed.
|
||||||
|
|
||||||
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
|
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
|
||||||
that even after keys may be merged together, we only have one
|
that even after keys may be merged together, we only have one
|
||||||
chosen selfsig.
|
chosen selfsig.
|
||||||
|
47
g10/import.c
47
g10/import.c
@ -55,6 +55,7 @@ struct stats_s {
|
|||||||
ulong secret_dups;
|
ulong secret_dups;
|
||||||
ulong skipped_new_keys;
|
ulong skipped_new_keys;
|
||||||
ulong not_imported;
|
ulong not_imported;
|
||||||
|
ulong n_sigs_cleaned;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
@ -94,6 +95,8 @@ parse_import_options(char *str,unsigned int *options,int noisy)
|
|||||||
{"fast-import",IMPORT_FAST,NULL},
|
{"fast-import",IMPORT_FAST,NULL},
|
||||||
{"convert-sk-to-pk",IMPORT_SK2PK,NULL},
|
{"convert-sk-to-pk",IMPORT_SK2PK,NULL},
|
||||||
{"merge-only",IMPORT_MERGE_ONLY,NULL},
|
{"merge-only",IMPORT_MERGE_ONLY,NULL},
|
||||||
|
{"import-clean",IMPORT_CLEAN_SIGS,NULL},
|
||||||
|
{"import-clean-sigs",IMPORT_CLEAN_SIGS,NULL},
|
||||||
/* Aliases for backward compatibility */
|
/* Aliases for backward compatibility */
|
||||||
{"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL},
|
{"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL},
|
||||||
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL},
|
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL},
|
||||||
@ -302,6 +305,8 @@ import_print_stats (void *hd)
|
|||||||
log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups );
|
log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups );
|
||||||
if( stats->not_imported )
|
if( stats->not_imported )
|
||||||
log_info(_(" not imported: %lu\n"), stats->not_imported );
|
log_info(_(" not imported: %lu\n"), stats->not_imported );
|
||||||
|
if( stats->n_sigs_cleaned)
|
||||||
|
log_info(_(" signatures cleaned: %lu\n"),stats->n_sigs_cleaned);
|
||||||
}
|
}
|
||||||
|
|
||||||
if( is_status_enabled() ) {
|
if( is_status_enabled() ) {
|
||||||
@ -649,6 +654,20 @@ check_prefs(KBNODE keyblock)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
clean_sigs_from_all_uids(KBNODE keyblock)
|
||||||
|
{
|
||||||
|
KBNODE uidnode;
|
||||||
|
int deleted=0;
|
||||||
|
|
||||||
|
for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next)
|
||||||
|
if(uidnode->pkt->pkttype==PKT_USER_ID)
|
||||||
|
deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose);
|
||||||
|
|
||||||
|
return deleted;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Try to import one keyblock. Return an error only in serious cases, but
|
* Try to import one keyblock. Return an error only in serious cases, but
|
||||||
* never for an invalid keyblock. It uses log_error to increase the
|
* never for an invalid keyblock. It uses log_error to increase the
|
||||||
@ -708,6 +727,13 @@ import_one( const char *fname, KBNODE keyblock,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Clean the key that we're about to import, to cut down on things
|
||||||
|
that we have to clean later. This has no practical impact on
|
||||||
|
the end result, but does result in less logging which might
|
||||||
|
confuse the user. */
|
||||||
|
if(options&IMPORT_CLEAN_SIGS)
|
||||||
|
clean_sigs_from_all_uids(keyblock);
|
||||||
|
|
||||||
clear_kbnode_flags( keyblock );
|
clear_kbnode_flags( keyblock );
|
||||||
|
|
||||||
if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
|
if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
|
||||||
@ -808,7 +834,7 @@ import_one( const char *fname, KBNODE keyblock,
|
|||||||
}
|
}
|
||||||
else { /* merge */
|
else { /* merge */
|
||||||
KEYDB_HANDLE hd;
|
KEYDB_HANDLE hd;
|
||||||
int n_uids, n_sigs, n_subk;
|
int n_uids, n_sigs, n_subk, n_sigs_cleaned;
|
||||||
|
|
||||||
/* Compare the original against the new key; just to be sure nothing
|
/* Compare the original against the new key; just to be sure nothing
|
||||||
* weird is going on */
|
* weird is going on */
|
||||||
@ -849,14 +875,19 @@ import_one( const char *fname, KBNODE keyblock,
|
|||||||
/* and try to merge the block */
|
/* and try to merge the block */
|
||||||
clear_kbnode_flags( keyblock_orig );
|
clear_kbnode_flags( keyblock_orig );
|
||||||
clear_kbnode_flags( keyblock );
|
clear_kbnode_flags( keyblock );
|
||||||
n_uids = n_sigs = n_subk = 0;
|
n_uids = n_sigs = n_subk = n_sigs_cleaned = 0;
|
||||||
rc = merge_blocks( fname, keyblock_orig, keyblock,
|
rc = merge_blocks( fname, keyblock_orig, keyblock,
|
||||||
keyid, &n_uids, &n_sigs, &n_subk );
|
keyid, &n_uids, &n_sigs, &n_subk );
|
||||||
if( rc ) {
|
if( rc )
|
||||||
|
{
|
||||||
keydb_release (hd);
|
keydb_release (hd);
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
if( n_uids || n_sigs || n_subk ) {
|
|
||||||
|
if(options&IMPORT_CLEAN_SIGS)
|
||||||
|
n_sigs_cleaned=clean_sigs_from_all_uids(keyblock_orig);
|
||||||
|
|
||||||
|
if( n_uids || n_sigs || n_subk || n_sigs_cleaned) {
|
||||||
mod_key = 1;
|
mod_key = 1;
|
||||||
/* keyblock_orig has been updated; write */
|
/* keyblock_orig has been updated; write */
|
||||||
rc = keydb_update_keyblock (hd, keyblock_orig);
|
rc = keydb_update_keyblock (hd, keyblock_orig);
|
||||||
@ -888,12 +919,16 @@ import_one( const char *fname, KBNODE keyblock,
|
|||||||
else if( n_subk )
|
else if( n_subk )
|
||||||
log_info( _("key %s: \"%s\" %d new subkeys\n"),
|
log_info( _("key %s: \"%s\" %d new subkeys\n"),
|
||||||
keystr(keyid), p, n_subk );
|
keystr(keyid), p, n_subk );
|
||||||
|
if(n_sigs_cleaned)
|
||||||
|
log_info(_("key %s: \"%s\" %d signatures cleaned\n"),
|
||||||
|
keystr(keyid),p,n_sigs_cleaned);
|
||||||
m_free(p);
|
m_free(p);
|
||||||
}
|
}
|
||||||
|
|
||||||
stats->n_uids +=n_uids;
|
stats->n_uids +=n_uids;
|
||||||
stats->n_sigs +=n_sigs;
|
stats->n_sigs +=n_sigs;
|
||||||
stats->n_subk +=n_subk;
|
stats->n_subk +=n_subk;
|
||||||
|
stats->n_sigs_cleaned +=n_sigs_cleaned;
|
||||||
|
|
||||||
if (is_status_enabled ())
|
if (is_status_enabled ())
|
||||||
print_import_ok (pk, NULL,
|
print_import_ok (pk, NULL,
|
||||||
|
@ -251,6 +251,7 @@ struct {
|
|||||||
#define IMPORT_FAST (1<<2)
|
#define IMPORT_FAST (1<<2)
|
||||||
#define IMPORT_SK2PK (1<<3)
|
#define IMPORT_SK2PK (1<<3)
|
||||||
#define IMPORT_MERGE_ONLY (1<<4)
|
#define IMPORT_MERGE_ONLY (1<<4)
|
||||||
|
#define IMPORT_CLEAN_SIGS (1<<5)
|
||||||
|
|
||||||
#define EXPORT_LOCAL_SIGS (1<<0)
|
#define EXPORT_LOCAL_SIGS (1<<0)
|
||||||
#define EXPORT_ATTRIBUTES (1<<1)
|
#define EXPORT_ATTRIBUTES (1<<1)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user