security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-28 02:12:46 +02:00
Code Activity

* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,

Browse Source 
import_one): Add import-clean-sigs option to automatically clean a key
when importing.  Note that when importing a key that is already on the
local keyring, the clean applies to the merged key - i.e. existing
superceded or invalid signatures are removed.
This commit is contained in:
David Shaw 2005-06-12 21:17:46 +00:00
parent 6e9b751b79
commit f3c4b07d05
3 changed files with 49 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
g10/ChangeLog
View File

@ -1,5 +1,12 @@
2005-06-12 David Shaw <dshaw@jabberwocky.com> 2005-06-12 David Shaw <dshaw@jabberwocky.com>
* options.h, import.c (parse_import_options,
clean_sigs_from_all_uids, import_one): Add import-clean-sigs
option to automatically clean a key when importing. Note that
when importing a key that is already on the local keyring, the
clean applies to the merged key - i.e. existing superceded or
invalid signatures are removed.
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
that even after keys may be merged together, we only have one that even after keys may be merged together, we only have one
chosen selfsig. chosen selfsig.

47
g10/import.c
View File

@ -55,6 +55,7 @@ struct stats_s {
ulong secret_dups; ulong secret_dups;
ulong skipped_new_keys; ulong skipped_new_keys;
ulong not_imported; ulong not_imported;
ulong n_sigs_cleaned;
}; };
@ -94,6 +95,8 @@ parse_import_options(char *str,unsigned int *options,int noisy)
{"fast-import",IMPORT_FAST,NULL}, {"fast-import",IMPORT_FAST,NULL},
{"convert-sk-to-pk",IMPORT_SK2PK,NULL}, {"convert-sk-to-pk",IMPORT_SK2PK,NULL},
{"merge-only",IMPORT_MERGE_ONLY,NULL}, {"merge-only",IMPORT_MERGE_ONLY,NULL},
{"import-clean",IMPORT_CLEAN_SIGS,NULL},
{"import-clean-sigs",IMPORT_CLEAN_SIGS,NULL},
/* Aliases for backward compatibility */ /* Aliases for backward compatibility */
{"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL}, {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL},
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL}, {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL},
@ -302,6 +305,8 @@ import_print_stats (void *hd)
log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups ); log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups );
if( stats->not_imported ) if( stats->not_imported )
log_info(_(" not imported: %lu\n"), stats->not_imported ); log_info(_(" not imported: %lu\n"), stats->not_imported );
if( stats->n_sigs_cleaned)
log_info(_(" signatures cleaned: %lu\n"),stats->n_sigs_cleaned);
} }
if( is_status_enabled() ) { if( is_status_enabled() ) {
@ -649,6 +654,20 @@ check_prefs(KBNODE keyblock)
} }
} }
static int
clean_sigs_from_all_uids(KBNODE keyblock)
{
KBNODE uidnode;
int deleted=0;
for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next)
if(uidnode->pkt->pkttype==PKT_USER_ID)
deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose);
return deleted;
}
/**************** /****************
* Try to import one keyblock. Return an error only in serious cases, but * Try to import one keyblock. Return an error only in serious cases, but
* never for an invalid keyblock. It uses log_error to increase the * never for an invalid keyblock. It uses log_error to increase the
@ -708,6 +727,13 @@ import_one( const char *fname, KBNODE keyblock,
return 0; return 0;
} }
/* Clean the key that we're about to import, to cut down on things
that we have to clean later. This has no practical impact on
the end result, but does result in less logging which might
confuse the user. */
if(options&IMPORT_CLEAN_SIGS)
clean_sigs_from_all_uids(keyblock);
clear_kbnode_flags( keyblock ); clear_kbnode_flags( keyblock );
if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock) if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
@ -808,7 +834,7 @@ import_one( const char *fname, KBNODE keyblock,
} }
else { /* merge */ else { /* merge */
KEYDB_HANDLE hd; KEYDB_HANDLE hd;
int n_uids, n_sigs, n_subk; int n_uids, n_sigs, n_subk, n_sigs_cleaned;
/* Compare the original against the new key; just to be sure nothing /* Compare the original against the new key; just to be sure nothing
* weird is going on */ * weird is going on */
@ -849,14 +875,19 @@ import_one( const char *fname, KBNODE keyblock,
/* and try to merge the block */ /* and try to merge the block */
clear_kbnode_flags( keyblock_orig ); clear_kbnode_flags( keyblock_orig );
clear_kbnode_flags( keyblock ); clear_kbnode_flags( keyblock );
n_uids = n_sigs = n_subk = 0; n_uids = n_sigs = n_subk = n_sigs_cleaned = 0;
rc = merge_blocks( fname, keyblock_orig, keyblock, rc = merge_blocks( fname, keyblock_orig, keyblock,
keyid, &n_uids, &n_sigs, &n_subk ); keyid, &n_uids, &n_sigs, &n_subk );
if( rc ) { if( rc )
{
keydb_release (hd); keydb_release (hd);
goto leave; goto leave;
} }
if( n_uids || n_sigs || n_subk ) {
if(options&IMPORT_CLEAN_SIGS)
n_sigs_cleaned=clean_sigs_from_all_uids(keyblock_orig);
if( n_uids || n_sigs || n_subk || n_sigs_cleaned) {
mod_key = 1; mod_key = 1;
/* keyblock_orig has been updated; write */ /* keyblock_orig has been updated; write */
rc = keydb_update_keyblock (hd, keyblock_orig); rc = keydb_update_keyblock (hd, keyblock_orig);
@ -888,12 +919,16 @@ import_one( const char *fname, KBNODE keyblock,
else if( n_subk ) else if( n_subk )
log_info( _("key %s: \"%s\" %d new subkeys\n"), log_info( _("key %s: \"%s\" %d new subkeys\n"),
keystr(keyid), p, n_subk ); keystr(keyid), p, n_subk );
if(n_sigs_cleaned)
log_info(_("key %s: \"%s\" %d signatures cleaned\n"),
keystr(keyid),p,n_sigs_cleaned);
m_free(p); m_free(p);
} }
stats->n_uids +=n_uids; stats->n_uids +=n_uids;
stats->n_sigs +=n_sigs; stats->n_sigs +=n_sigs;
stats->n_subk +=n_subk; stats->n_subk +=n_subk;
stats->n_sigs_cleaned +=n_sigs_cleaned;
if (is_status_enabled ()) if (is_status_enabled ())
print_import_ok (pk, NULL, print_import_ok (pk, NULL,

1
g10/options.h
View File

@ -251,6 +251,7 @@ struct {
#define IMPORT_FAST (1<<2) #define IMPORT_FAST (1<<2)
#define IMPORT_SK2PK (1<<3) #define IMPORT_SK2PK (1<<3)
#define IMPORT_MERGE_ONLY (1<<4) #define IMPORT_MERGE_ONLY (1<<4)
#define IMPORT_CLEAN_SIGS (1<<5)
#define EXPORT_LOCAL_SIGS (1<<0) #define EXPORT_LOCAL_SIGS (1<<0)
#define EXPORT_ATTRIBUTES (1<<1) #define EXPORT_ATTRIBUTES (1<<1)