From c2fd65ec8498a08ee36ca52d99b6b014f6db8d93 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 9 Jul 2018 09:49:09 +0200 Subject: gpg: Let export-clean remove expired subkeys. * g10/key-clean.h (KEY_CLEAN_NONE, KEY_CLEAN_INVALID) (KEY_CLEAN_ENCR, KEY_CLEAN_AUTHENCR, KEY_CLEAN_ALL): New. * g10/key-clean.c (clean_one_subkey): New. (clean_all_subkeys): Add arg CLEAN_LEVEL. * g10/import.c (import_one): Call clean_all_subkeys with KEY_CLEAN_NONE. * g10/export.c (do_export_stream): Call clean_all_subkeys depedning on the export clean options. -- GnuPG-bug-id: 3622 Signed-off-by: Werner Koch --- g10/export.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'g10/export.c') diff --git a/g10/export.c b/g10/export.c index 21ff23c8d..e94e959fb 100644 --- a/g10/export.c +++ b/g10/export.c @@ -2003,15 +2003,18 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, } /* Always do the cleaning on the public key part if requested. - * Note that both export-clean and export-minimal only apply to - * UID sigs (0x10, 0x11, 0x12, and 0x13). A designated - * revocation is never stripped, even with export-minimal set. */ + * A designated revocation is never stripped, even with + * export-minimal set. */ if ((options & EXPORT_CLEAN)) { merge_keys_and_selfsig (ctrl, keyblock); clean_all_uids (ctrl, keyblock, opt.verbose, (options&EXPORT_MINIMAL), NULL, NULL); - clean_all_subkeys (ctrl, keyblock, opt.verbose, NULL, NULL); + clean_all_subkeys (ctrl, keyblock, opt.verbose, + (options&EXPORT_MINIMAL)? KEY_CLEAN_ALL + /**/ : KEY_CLEAN_AUTHENCR, + NULL, NULL); + commit_kbnode (&keyblock); } if (export_keep_uid) -- cgit v1.2.3