* trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around

when compacting a uid.  There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.

* keydb.h, kbnode.c (undelete_kbnode): Removed.  No longer needed.

* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed).  This allows
importing compacted uids.

1 files changed, 4 insertions, 8 deletions

diff --git a/g10/trustdb.c b/g10/trustdb.c
index c72dc2059..518ccd332 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1672,9 +1672,6 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
 	{
 	  PKT_user_id *uid=node->pkt->pkt.user_id;
 
-	  if(signode && !signode->pkt->pkt.signature->flags.chosen_selfsig)
-	    undelete_kbnode(signode);
-
 	  sigdate=0;
 	  signode=NULL;
 
@@ -1687,7 +1684,6 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
 	  else
 	    {
 	      delete_until_next=1;
-	      deleted++;
 
 	      if(noisy)
 		{
@@ -1724,13 +1720,13 @@ clean_uids_from_key(KBNODE keyblock,int noisy)
 	    }
 
 	  if(delete_until_next && !sig->flags.chosen_selfsig)
-	    delete_kbnode(node);
+	    {
+	      delete_kbnode(node);
+	      deleted++;
+	    }
 	}
     }
 
-  if(signode && !signode->pkt->pkt.signature->flags.chosen_selfsig)
-    undelete_kbnode(signode);
-
   return deleted;
 }