7 files changed, 88 insertions, 136 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 3a653ade1..3fed50a21 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,17 @@
+2005-11-17  David Shaw  <[email protected]>
+
+	* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to
+	just "clean", and add "minimize".
+
+	* import.c (parse_import_options): Make help text match the export
+	versions of the options.
+
+	* options.h, export.c (parse_export_options, do_export_stream):
+	Reduce clean options to two: clean and minimize.
+
+	* trustdb.h, trustdb.c (clean_one_uid): New function that joins
+	uid and sig cleaning into one for a simple API outside trustdb.
+
 2005-11-13  David Shaw  <[email protected]>
 
 	* armor.c (parse_header_line): A fussy bit of 2440: header lines
diff --git a/g10/export.c b/g10/export.c
index 4052fb7b1..626b7d06c 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -47,7 +47,6 @@ struct subkey_list_s
 typedef struct subkey_list_s *subkey_list_t;
 
 
-
 static int do_export( STRLIST users, int secret, unsigned int options );
 static int do_export_stream( IOBUF out, STRLIST users, int secret,
 			     KBNODE *keyblock_out, unsigned int options,
@@ -63,24 +62,21 @@ parse_export_options(char *str,unsigned int *options,int noisy)
       {"export-attributes",EXPORT_ATTRIBUTES,NULL,
        N_("export attribute user IDs (generally photo IDs)")},
       {"export-sensitive-revkeys",EXPORT_SENSITIVE_REVKEYS,NULL,
-       N_("export revocation keys that are marked as \"sensitive\"")},
-      {"export-clean",EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL,
-       N_("all export-clean-* options from above")},
-      {"export-clean-sigs",EXPORT_CLEAN_SIGS,NULL,
-       N_("remove unusable signatures during export")},
-      {"export-clean-uids",EXPORT_CLEAN_UIDS,NULL,
-       N_("remove unusable user IDs during export")},
-      {"export-minimal",
-       EXPORT_MINIMAL|EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL,
-       N_("remove unusable user IDs and all signatures during export")},
+       N_("export revocation keys marked as \"sensitive\"")},
       {"export-reset-subkey-passwd",EXPORT_RESET_SUBKEY_PASSWD,NULL,
        N_("remove the passphrase from exported subkeys")},
+      {"export-clean",EXPORT_CLEAN,NULL,
+       N_("remove unusable parts from key during export")},
+      {"export-minimal",EXPORT_MINIMAL|EXPORT_CLEAN,NULL,
+       N_("remove as much as possible from key during export")},
       /* Aliases for backward compatibility */
       {"include-local-sigs",EXPORT_LOCAL_SIGS,NULL,NULL},
       {"include-attributes",EXPORT_ATTRIBUTES,NULL,NULL},
       {"include-sensitive-revkeys",EXPORT_SENSITIVE_REVKEYS,NULL,NULL},
       /* dummy */
       {"export-unusable-sigs",0,NULL,NULL},
+      {"export-clean-sigs",0,NULL,NULL},
+      {"export-clean-uids",0,NULL,NULL},
       {NULL,0,NULL,NULL}
       /* add tags for include revoked and disabled? */
     };
@@ -381,9 +377,14 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
 	  }
 	else
 	  {
-	    /* It's a public key export. */
-	    if(options&EXPORT_CLEAN_UIDS)
-	      clean_uids_from_key(keyblock,opt.verbose);
+	    /* It's a public key export, so do the cleaning if
+	       requested.  Note that both export-clean and
+	       export-minimal only apply to UID sigs (0x10, 0x11,
+	       0x12, and 0x13).  A designated revocation is never
+	       stripped, even with export-minimal set. */
+
+	    if(options&EXPORT_CLEAN)
+	      clean_key(keyblock,opt.verbose,options&EXPORT_MINIMAL,NULL,NULL);
 	  }
 
 	/* And write it. */
@@ -455,19 +456,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
                 }
 	      }
 
-	    if(node->pkt->pkttype==PKT_USER_ID)
-	      {
-		/* Run clean_sigs_from_uid against each uid if
-		   export-clean-sigs is on.  export-minimal causes it
-		   to remove all non-selfsigs as well.  Note that
-		   export-minimal only applies to UID sigs (0x10,
-		   0x11, 0x12, and 0x13).  A designated revocation is
-		   not stripped. */
-		if(options&EXPORT_CLEAN_SIGS)
-		  clean_sigs_from_uid(keyblock,node,
-				      opt.verbose,options&EXPORT_MINIMAL);
-	      }
-	    else if(node->pkt->pkttype==PKT_SIGNATURE)
+	    if(node->pkt->pkttype==PKT_SIGNATURE)
 	      {
 		/* do not export packets which are marked as not
 		   exportable */
diff --git a/g10/import.c b/g10/import.c
index 52118ec7a..30e47a2e4 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -102,18 +102,16 @@ parse_import_options(char *str,unsigned int *options,int noisy)
       {"merge-only",IMPORT_MERGE_ONLY,NULL,
        N_("only accept updates to existing keys")},
       {"import-clean",IMPORT_CLEAN,NULL,
-       N_("remove unusable user IDs and signatures after import")},
-      {"import-clean-sigs",0,NULL,NULL},
-      {"import-clean-uids",0,NULL,NULL},
+       N_("remove unusable parts from key after import")},
       {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
-       N_("remove unusable user IDs and all signatures after import")},
-      /* Alias */
-      {"import-minimize",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,NULL},
+       N_("remove as much as possible from key after import")},
       /* Aliases for backward compatibility */
       {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL},
       {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL},
       /* dummy */
       {"import-unusable-sigs",0,NULL,NULL},
+      {"import-clean-sigs",0,NULL,NULL},
+      {"import-clean-uids",0,NULL,NULL},
       {NULL,0,NULL,NULL}
     };
 
diff --git a/g10/keyedit.c b/g10/keyedit.c
index b33105210..174fef90c 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -57,8 +57,7 @@ static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock,
 			int photo, const char *photo_name );
 static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
 static int menu_delsig( KBNODE pub_keyblock );
-static int menu_clean_sigs_from_uids(KBNODE keyblock,int self_only);
-static int menu_clean_uids_from_key(KBNODE keyblock);
+static int menu_clean(KBNODE keyblock,int self_only);
 static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
 static int menu_addrevoker( KBNODE pub_keyblock,
 			    KBNODE sec_keyblock, int sensitive );
@@ -1442,13 +1441,12 @@ static struct
     { "disable" , cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key") },
     { "showphoto",cmdSHOWPHOTO , 0, N_("show selected photo IDs") },
     { "clean",    cmdCLEAN     , KEYEDIT_NOT_SK,
-      N_("clean unusable parts from key") },
+      N_("compact unusable user IDs and remove unusable signatures from key")},
     { "minimize", cmdMINIMIZE  , KEYEDIT_NOT_SK,
-      N_("clean unusable parts from key and remove all signatures") },
+      N_("compact unusable user IDs and remove all signatures from key") },
     { NULL, cmdNONE, 0, NULL }
   };
 
-
 #ifdef HAVE_LIBREADLINE
 
 /* These two functions are used by readline for command completion. */
@@ -2175,32 +2173,11 @@ keyedit_menu( const char *username, STRLIST locusr,
 	    break;
 
 	  case cmdCLEAN:
-	    {
-	      if(*arg_string)
-		{
-		  if(ascii_strcasecmp(arg_string,"sigs")==0
-		     || ascii_strcasecmp(arg_string,"signatures")==0
-		     || ascii_strcasecmp(arg_string,"certs")==0
-		     || ascii_strcasecmp(arg_string,"certificates")==0)
-		    modified=menu_clean_sigs_from_uids(keyblock,0);
-		  else if(ascii_strcasecmp(arg_string,"uids")==0)
-		    redisplay=modified=menu_clean_uids_from_key(keyblock);
-		  else
-		    tty_printf("Unable to clean `%s'\n",arg_string);
-		}
-	      else
-		{
-		  modified=menu_clean_sigs_from_uids(keyblock,0);
-		  modified+=menu_clean_uids_from_key(keyblock);
-		  redisplay=modified;
-		}
-	    }
+	    redisplay=modified=menu_clean(keyblock,0);
 	    break;
 
 	  case cmdMINIMIZE:
-	    modified=menu_clean_sigs_from_uids(keyblock,1);
-	    modified+=menu_clean_uids_from_key(keyblock);
-	    redisplay=modified;
+	    redisplay=modified=menu_clean(keyblock,1);
 	    break;
 
 	  case cmdQUIT:
@@ -3192,73 +3169,54 @@ menu_delsig( KBNODE pub_keyblock )
 }
 
 static int
-menu_clean_sigs_from_uids(KBNODE keyblock,int self_only)
+menu_clean(KBNODE keyblock,int self_only)
 {
   KBNODE uidnode;
-  int modified=0;
-  int select_all=!count_selected_uids(keyblock);
+  int modified=0,select_all=!count_selected_uids(keyblock);
 
-  for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next)
+  for(uidnode=keyblock->next;
+      uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY;
+      uidnode=uidnode->next)
     {
       if(uidnode->pkt->pkttype==PKT_USER_ID
 	 && (uidnode->flag&NODFLG_SELUID || select_all))
 	{
-	  int deleted;
+	  int uids=0,sigs=0;
 	  char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
 				    uidnode->pkt->pkt.user_id->len,
 				    0);
-	  deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,self_only);
-	  if(deleted)
-	    {
-	      tty_printf(deleted==1?
-			 "User ID \"%s\": %d signature removed.\n":
-			 "User ID \"%s\": %d signatures removed.\n",
-			 user,deleted);
-	      modified=1;
-	    }
-	  else
-	    tty_printf(_("User ID \"%s\": already clean.\n"),user);
-
-	  xfree(user);
-	}
-    }
-
-  return modified;
-}
-
-static int
-menu_clean_uids_from_key(KBNODE keyblock)
-{
-  int modified=clean_uids_from_key(keyblock,0);
 
-  if(modified)
-    {
-      KBNODE node;
-
-      for(node=keyblock->next;node;node=node->next)
-	{
-	  if(node->pkt->pkttype==PKT_USER_ID
-	     && node->pkt->pkt.user_id->flags.compacted)
+	  clean_one_uid(keyblock,uidnode,opt.verbose,self_only,&uids,&sigs);
+	  if(uids)
 	    {
 	      const char *reason;
-	      char *user=utf8_to_native(node->pkt->pkt.user_id->name,
-					node->pkt->pkt.user_id->len,0);
 
-	      if(node->pkt->pkt.user_id->is_revoked)
+	      if(uidnode->pkt->pkt.user_id->is_revoked)
 		reason=_("revoked");
-	      else if(node->pkt->pkt.user_id->is_expired)
+	      else if(uidnode->pkt->pkt.user_id->is_expired)
 		reason=_("expired");
 	      else
 		reason=_("invalid");
 
 	      tty_printf("User ID \"%s\" compacted: %s\n",user,reason);
 
-	      xfree(user);
+	      modified=1;
+	    }
+	  else if(sigs)
+	    {
+	      tty_printf(sigs==1?
+			 "User ID \"%s\": %d signature removed\n":
+			 "User ID \"%s\": %d signatures removed\n",
+			 user,sigs);
+
+	      modified=1;
 	    }
+	  else
+	    tty_printf(_("User ID \"%s\": already clean\n"),user);
+
+	  xfree(user);
 	}
     }
-  else
-    tty_printf("No user IDs are compactable.\n");
 
   return modified;
 }
diff --git a/g10/options.h b/g10/options.h
index 20544b9a6..ade26dcc4 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -271,10 +271,9 @@ struct {
 #define EXPORT_LOCAL_SIGS                (1<<0)
 #define EXPORT_ATTRIBUTES                (1<<1)
 #define EXPORT_SENSITIVE_REVKEYS         (1<<2)
-#define EXPORT_MINIMAL                   (1<<3)
-#define EXPORT_CLEAN_SIGS                (1<<4)
-#define EXPORT_CLEAN_UIDS                (1<<5)
-#define EXPORT_RESET_SUBKEY_PASSWD       (1<<6)
+#define EXPORT_RESET_SUBKEY_PASSWD       (1<<3)
+#define EXPORT_MINIMAL                   (1<<4)
+#define EXPORT_CLEAN                     (1<<5)
 
 #define LIST_SHOW_PHOTOS                 (1<<0)
 #define LIST_SHOW_POLICY_URLS            (1<<1)
diff --git a/g10/trustdb.c b/g10/trustdb.c
index dd45e959f..7269afc31 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1574,7 +1574,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
     }
 }
 
-int
+static int
 clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only)
 {
   int deleted=0;
@@ -1712,21 +1712,27 @@ clean_uid_from_key(KBNODE keyblock,KBNODE uidnode,int noisy)
   return deleted;
 }
 
-int
-clean_uids_from_key(KBNODE keyblock,int noisy)
+/* Needs to be called after a merge_keys_and_selfsig() */
+void
+clean_one_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only,
+	      int *uids_cleaned,int *sigs_cleaned)
 {
-  KBNODE uidnode;
-  int deleted=0;
+  int dummy;
 
-  merge_keys_and_selfsig(keyblock);
+  assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+  assert(uidnode->pkt->pkttype==PKT_USER_ID);
 
-  for(uidnode=keyblock->next;
-      uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY;
-      uidnode=uidnode->next)
-    if(uidnode->pkt->pkttype==PKT_USER_ID)
-      deleted+=clean_uid_from_key(keyblock,uidnode,noisy);
+  if(!uids_cleaned)
+    uids_cleaned=&dummy;
 
-  return deleted;
+  if(!sigs_cleaned)
+    sigs_cleaned=&dummy;
+
+  /* Do clean_uid_from_key first since if it fires off, we don't
+     have to bother with the other */
+  *uids_cleaned+=clean_uid_from_key(keyblock,uidnode,noisy);
+  if(!uidnode->pkt->pkt.user_id->flags.compacted)
+    *sigs_cleaned+=clean_sigs_from_uid(keyblock,uidnode,noisy,self_only);
 }
 
 void
@@ -1734,13 +1740,6 @@ clean_key(KBNODE keyblock,int noisy,int self_only,
 	  int *uids_cleaned,int *sigs_cleaned)
 {
   KBNODE uidnode;
-  int dummy;
-
-  if(!uids_cleaned)
-    uids_cleaned=&dummy;
-
-  if(!sigs_cleaned)
-    sigs_cleaned=&dummy;
 
   merge_keys_and_selfsig(keyblock);
 
@@ -1748,13 +1747,8 @@ clean_key(KBNODE keyblock,int noisy,int self_only,
       uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY;
       uidnode=uidnode->next)
     if(uidnode->pkt->pkttype==PKT_USER_ID)
-      {
-	/* Do clean_uid_from_key first since if it fires off, we don't
-	   have to bother with the other */
-	*uids_cleaned+=clean_uid_from_key(keyblock,uidnode,noisy);
-	if(!uidnode->pkt->pkt.user_id->flags.compacted)
-	  *sigs_cleaned+=clean_sigs_from_uid(keyblock,uidnode,noisy,self_only);
-      }
+      clean_one_uid(keyblock,uidnode,noisy,self_only,
+		    uids_cleaned,sigs_cleaned);
 }
 
 /* Used by validate_one_keyblock to confirm a regexp within a trust
diff --git a/g10/trustdb.h b/g10/trustdb.h
index 8e6a842e7..2d0581f9b 100644
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@@ -82,8 +82,8 @@ const char *get_ownertrust_string (PKT_public_key *pk);
 void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
 int clear_ownertrusts (PKT_public_key *pk);
 
-int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only);
-int clean_uids_from_key(KBNODE keyblock,int noisy);
+void clean_one_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only,
+		   int *uids_cleaned,int *sigs_cleaned);
 void clean_key(KBNODE keyblock,int noisy,int self_only,
 	       int *uids_cleaned,int *sigs_cleaned);