diff options
| author | David Shaw <[email protected]> | 2005-11-10 21:18:49 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2005-11-10 21:18:49 +0000 |
| commit | debc169f8858f3066a6cce7d04614a4ac927e2b1 (patch) | |
| tree | fd2209037edc8e9524c89979b135a6be3b777cf2 | |
| parent | * options.skel: Add a section for --encrypt-to. This is Debian bug (diff) | |
| download | gnupg-debc169f8858f3066a6cce7d04614a4ac927e2b1.tar.gz gnupg-debc169f8858f3066a6cce7d04614a4ac927e2b1.zip | |
* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
non-selfsigs from key during cleaning. Change all callers.
* export.c (do_export_stream): Use it here so we don't need additional
minimize code in the export path.
| -rw-r--r-- | g10/ChangeLog | 8 | ||||
| -rw-r--r-- | g10/export.c | 25 | ||||
| -rw-r--r-- | g10/import.c | 2 | ||||
| -rw-r--r-- | g10/keyedit.c | 2 | ||||
| -rw-r--r-- | g10/trustdb.c | 12 | ||||
| -rw-r--r-- | g10/trustdb.h | 2 |
6 files changed, 27 insertions, 24 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index a09a0ddce..76a93d711 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,11 @@ +2005-11-10 David Shaw <[email protected]> + + * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove + all non-selfsigs from key during cleaning. Change all callers. + + * export.c (do_export_stream): Use it here so we don't need + additional minimize code in the export path. + 2005-11-06 David Shaw <[email protected]> * options.skel: Add a section for --encrypt-to. This is Debian diff --git a/g10/export.c b/g10/export.c index 053e1c185..a57105402 100644 --- a/g10/export.c +++ b/g10/export.c @@ -293,7 +293,6 @@ do_export_stream( IOBUF out, STRLIST users, int secret, subkey_list_t subkey_list = NULL; /* Track alreay processed subkeys. */ KEYDB_HANDLE kdbhd; STRLIST sl; - u32 keyid[2]; *any = 0; init_packet( &pkt ); @@ -383,10 +382,6 @@ do_export_stream( IOBUF out, STRLIST users, int secret, else { /* It's a public key export. */ - if((options&EXPORT_MINIMAL) - && (node=find_kbnode(keyblock,PKT_PUBLIC_KEY))) - keyid_from_pk(node->pkt->pkt.public_key,keyid); - if(options&EXPORT_CLEAN_UIDS) clean_uids_from_key(keyblock,opt.verbose); } @@ -460,26 +455,20 @@ do_export_stream( IOBUF out, STRLIST users, int secret, } } - if(node->pkt->pkttype==PKT_USER_ID) { /* Run clean_sigs_from_uid against each uid if - export-clean-sigs is on. */ + export-clean-sigs is on. export-minimal causes it + to remove all non-selfsigs as well. Note that + export-minimal only applies to UID sigs (0x10, + 0x11, 0x12, and 0x13). A designated revocation is + not stripped. */ if(options&EXPORT_CLEAN_SIGS) - clean_sigs_from_uid(keyblock,node,opt.verbose); + clean_sigs_from_uid(keyblock,node, + opt.verbose,options&EXPORT_MINIMAL); } else if(node->pkt->pkttype==PKT_SIGNATURE) { - /* If we have export-minimal turned on, do not include - any signature that isn't a selfsig. Note that this - only applies to uid sigs (0x10, 0x11, 0x12, and - 0x13). A designated revocation is not stripped. */ - if((options&EXPORT_MINIMAL) - && IS_UID_SIG(node->pkt->pkt.signature) - && (node->pkt->pkt.signature->keyid[0]!=keyid[0] - || node->pkt->pkt.signature->keyid[1]!=keyid[1])) - continue; - /* do not export packets which are marked as not exportable */ if(!(options&EXPORT_LOCAL_SIGS) diff --git a/g10/import.c b/g10/import.c index d8a7b2a61..f367b033e 100644 --- a/g10/import.c +++ b/g10/import.c @@ -674,7 +674,7 @@ clean_sigs_from_all_uids(KBNODE keyblock) for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next) if(uidnode->pkt->pkttype==PKT_USER_ID) - deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose); + deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0); return deleted; } diff --git a/g10/keyedit.c b/g10/keyedit.c index 1e07b1d41..18ae1f45c 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -3199,7 +3199,7 @@ menu_clean_sigs_from_uids(KBNODE keyblock) char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name, uidnode->pkt->pkt.user_id->len, 0); - deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose); + deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0); if(deleted) { tty_printf(deleted==1? diff --git a/g10/trustdb.c b/g10/trustdb.c index ae0a6cc1c..47c418688 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -1575,13 +1575,16 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode, } int -clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy) +clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only) { int deleted=0; KBNODE node; + u32 keyid[2]; assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY); + keyid_from_pk(keyblock->pkt->pkt.public_key,keyid); + /* Passing in a 0 for current time here means that we'll never weed out an expired sig. This is correct behavior since we want to keep the most recent expired sig in a series. */ @@ -1607,12 +1610,15 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy) node && node->pkt->pkttype==PKT_SIGNATURE; node=node->next) { + int keep=self_only?(node->pkt->pkt.signature->keyid[0]==keyid[0] + && node->pkt->pkt.signature->keyid[1]==keyid[1]):1; + /* Keep usable uid sigs ... */ - if(node->flag & (1<<8)) + if((node->flag & (1<<8)) && keep) continue; /* ... and usable revocations... */ - if(node->flag & (1<<11)) + if((node->flag & (1<<11)) && keep) continue; /* ... and sigs from unavailable keys. */ diff --git a/g10/trustdb.h b/g10/trustdb.h index b9dae3578..e75e7f83c 100644 --- a/g10/trustdb.h +++ b/g10/trustdb.h @@ -82,7 +82,7 @@ const char *get_ownertrust_string (PKT_public_key *pk); void update_ownertrust (PKT_public_key *pk, unsigned int new_trust ); int clear_ownertrusts (PKT_public_key *pk); -int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy); +int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only); int clean_uids_from_key(KBNODE keyblock,int noisy); /*-- tdbdump.c --*/ |