1 files changed, 88 insertions, 16 deletions

diff --git a/g10/import.c b/g10/import.c
index 5be7952d6..8ea5144b5 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -41,6 +41,7 @@
 #include "../common/init.h"
 #include "../common/mbox-util.h"
 #include "key-check.h"
+#include "key-clean.h"
 
 
 struct import_stats_s
@@ -120,6 +121,7 @@ static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
 static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock,
                              u32 *keyid, unsigned int options);
 static int any_uid_left (kbnode_t keyblock);
+static int remove_all_uids (kbnode_t *keyblock);
 static int merge_blocks (ctrl_t ctrl, unsigned int options,
                          kbnode_t keyblock_orig,
 			 kbnode_t keyblock, u32 *keyid,
@@ -180,6 +182,9 @@ parse_import_options(char *str,unsigned int *options,int noisy)
       {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
        N_("remove as much as possible from key after import")},
 
+      {"import-drop-uids", IMPORT_DROP_UIDS, NULL,
+       N_("Do not import user id or attribute packets")},
+
       {"import-export", IMPORT_EXPORT, NULL,
        N_("run import filters and export key immediately")},
 
@@ -923,6 +928,8 @@ read_block( IOBUF a, int with_meta,
                 add_kbnode (root, new_kbnode (pkt));
               pkt = xmalloc (sizeof *pkt);
             }
+          else
+            free_packet (pkt, &parsectx);
           init_packet(pkt);
           break;
         }
@@ -1257,7 +1264,7 @@ impex_filter_getval (void *cookie, const char *propname)
         {
           if (!uid->mbox)
             {
-              uid->mbox = mailbox_from_userid (uid->name);
+              uid->mbox = mailbox_from_userid (uid->name, 0);
             }
           result = uid->mbox;
         }
@@ -1725,7 +1732,9 @@ import_one (ctrl_t ctrl,
     }
 
 
-  if (!uidnode )
+  /* Unless import-drop-uids has been requested we don't allow import
+   * of a key without UIDs.  */
+  if (!uidnode && !(options & IMPORT_DROP_UIDS))
     {
       if (!silent)
         log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
@@ -1752,15 +1761,24 @@ import_one (ctrl_t ctrl,
         return 0;
     }
 
-  collapse_uids(&keyblock);
+  /* Remove or collapse the user ids.  */
+  if ((options & IMPORT_DROP_UIDS))
+    remove_all_uids (&keyblock);
+  else
+    collapse_uids (&keyblock);
 
   /* Clean the key that we're about to import, to cut down on things
      that we have to clean later.  This has no practical impact on the
      end result, but does result in less logging which might confuse
      the user. */
-  if (options&IMPORT_CLEAN)
-    clean_key (ctrl, keyblock,
-               opt.verbose, (options&IMPORT_MINIMAL), NULL, NULL);
+  if ((options & IMPORT_CLEAN))
+    {
+      merge_keys_and_selfsig (ctrl, keyblock);
+      clean_all_uids (ctrl, keyblock,
+                      opt.verbose, (options&IMPORT_MINIMAL), NULL, NULL);
+      clean_all_subkeys (ctrl, keyblock, opt.verbose, KEY_CLEAN_NONE,
+                         NULL, NULL);
+    }
 
   clear_kbnode_flags( keyblock );
 
@@ -1794,7 +1812,10 @@ import_one (ctrl_t ctrl,
 	  }
     }
 
-  if (!delete_inv_parts (ctrl, keyblock, keyid, options ) )
+  /* Delete invalid parts and without the drop option bail out if
+   * there are no user ids.  */
+  if (!delete_inv_parts (ctrl, keyblock, keyid, options)
+      && !(options & IMPORT_DROP_UIDS) )
     {
       if (!silent)
         {
@@ -1901,8 +1922,13 @@ import_one (ctrl_t ctrl,
         log_info (_("writing to '%s'\n"), keydb_get_resource_name (hd) );
 
       if ((options & IMPORT_CLEAN))
-        clean_key (ctrl, keyblock, opt.verbose, (options&IMPORT_MINIMAL),
-                   &n_uids_cleaned,&n_sigs_cleaned);
+        {
+          merge_keys_and_selfsig (ctrl, keyblock);
+          clean_all_uids (ctrl, keyblock, opt.verbose, (options&IMPORT_MINIMAL),
+                          &n_uids_cleaned,&n_sigs_cleaned);
+          clean_all_subkeys (ctrl, keyblock, opt.verbose, KEY_CLEAN_NONE,
+                             NULL, NULL);
+        }
 
       /* Unless we are in restore mode apply meta data to the
        * keyblock.  Note that this will never change the first packet
@@ -1987,8 +2013,14 @@ import_one (ctrl_t ctrl,
         goto leave;
 
       if ((options & IMPORT_CLEAN))
-        clean_key (ctrl, keyblock_orig, opt.verbose, (options&IMPORT_MINIMAL),
-                   &n_uids_cleaned,&n_sigs_cleaned);
+        {
+          merge_keys_and_selfsig (ctrl, keyblock_orig);
+          clean_all_uids (ctrl, keyblock_orig, opt.verbose,
+                          (options&IMPORT_MINIMAL),
+                          &n_uids_cleaned,&n_sigs_cleaned);
+          clean_all_subkeys (ctrl, keyblock_orig, opt.verbose, KEY_CLEAN_NONE,
+                             NULL, NULL);
+        }
 
       if (n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned)
         {
@@ -2071,9 +2103,12 @@ import_one (ctrl_t ctrl,
           keydb_release (hd);
           hd = NULL;
 
-          /* Fixme: we do not track the time we last checked a key for
+          /* FIXME: We do not track the time we last checked a key for
            * updates.  To do this we would need to rewrite even the
-           * keys which have no changes.  */
+           * keys which have no changes.  Adding this would be useful
+           * for the automatic update of expired keys via the WKD in
+           * case the WKD still carries the expired key.  See
+           * get_best_pubkey_byname.  */
           same_key = 1;
           if (is_status_enabled ())
             print_import_ok (pk, 0);
@@ -3038,7 +3073,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
   kbnode_t bsnode = NULL;  /* Subkey binding signature node.  */
   u32 bsdate = 0;          /* Timestamp of that node.   */
   kbnode_t rsnode = NULL;  /* Subkey recocation signature node.  */
-  u32 rsdate = 0;          /* Timestamp of tha node.  */
+  u32 rsdate = 0;          /* Timestamp of that node.  */
   PKT_signature *sig;
   int rc;
   kbnode_t n;
@@ -3395,14 +3430,51 @@ any_uid_left (kbnode_t keyblock)
 
 
 
-/****************
+/* Delete all user ids from KEYBLOCK.
+ * Returns: True if the keyblock has changed.  */
+static int
+remove_all_uids (kbnode_t *keyblock)
+{
+  kbnode_t node;
+  int any = 0;
+
+  for (node = *keyblock; node; node = node->next)
+    {
+      if (is_deleted_kbnode (node))
+	continue;
+
+      if (node->pkt->pkttype != PKT_USER_ID)
+	continue;
+
+      /* We are at the first user id.  Delete everything up to the
+       * first subkey.  */
+      for (; node; node = node->next)
+	{
+	  if (is_deleted_kbnode (node))
+	    continue;
+
+	  if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+              || node->pkt->pkttype == PKT_SECRET_SUBKEY)
+	    break;
+          delete_kbnode (node);
+          any = 1;
+	}
+      break;  /* All done.  */
+    }
+
+  commit_kbnode (keyblock);
+  return any;
+}
+
+
+/*
  * It may happen that the imported keyblock has duplicated user IDs.
  * We check this here and collapse those user IDs together with their
  * sigs into one.
  * Returns: True if the keyblock has changed.
  */
 int
-collapse_uids( kbnode_t *keyblock )
+collapse_uids (kbnode_t *keyblock)
 {
   kbnode_t uid1;
   int any=0;