From 99ef78aa0ca7e48ceba400e1a43f8185cf9bbf71 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Sat, 13 Nov 2021 20:34:06 +0100
Subject: gpg: Remove stale ultimately trusted keys from the trustdb.

* g10/tdbdump.c (export_ownertrust): Skip records marked with the
option --trusted-key.
(import_ownertrust): Clear the trusted-key flag.
* g10/tdbio.h (struct trust_record): Add field flags.
* g10/tdbio.c (tdbio_dump_record): Improve output.
(tdbio_read_record, tdbio_write_record): Handle flags.
* g10/trustdb.c (verify_own_keys): Clear stale trusted-keys and set
the flag for new --trusted-keys.
(tdb_update_ownertrust): Add arg as_trusted_key.  Update callers.
--

GnuPG-bug-id: 5685
Signed-off-by: Werner Koch <wk@gnupg.org>
---
 g10/trustdb.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'g10/trustdb.h')

diff --git a/g10/trustdb.h b/g10/trustdb.h
index 6c7fd6c8e..4f1e1e2c1 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -119,7 +119,7 @@ const char *get_ownertrust_string (ctrl_t ctrl,
                                    PKT_public_key *pk, int no_create);
 
 void tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk,
-                            unsigned int new_trust);
+                            unsigned int new_trust, int as_trusted_key);
 int tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk);
 
 /*-- tdbdump.c --*/
-- 
cgit v1.2.3