gnupg/g10 (ChangeLog keyedit.c trustdb.c trustdb.h)
cvs user dshaw
cvs at cvs.gnupg.org
Mon May 30 05:22:43 CEST 2005
Date: Monday, May 30, 2005 @ 05:43:30
Author: dshaw
Path: /cvs/gnupg/gnupg/g10
Modified: ChangeLog keyedit.c trustdb.c trustdb.h
* trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through the
user IDs on a key, and mark any that aren't valid for deletion.
* keyedit.c (menu_clean_uids_from_key): New function to call
clean_uids_from_key() on a key. (keyedit_menu): Call it from here as
part of the "clean" command.
-----------+
ChangeLog | 10 ++++++++
keyedit.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++----------
trustdb.c | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
trustdb.h | 3 +-
4 files changed, 144 insertions(+), 14 deletions(-)
Index: gnupg/g10/ChangeLog
diff -u gnupg/g10/ChangeLog:1.743 gnupg/g10/ChangeLog:1.744
--- gnupg/g10/ChangeLog:1.743 Fri May 27 05:00:26 2005
+++ gnupg/g10/ChangeLog Mon May 30 05:43:30 2005
@@ -1,3 +1,13 @@
+2005-05-29 David Shaw <dshaw at jabberwocky.com>
+
+ * trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through
+ the user IDs on a key, and mark any that aren't valid for
+ deletion.
+
+ * keyedit.c (menu_clean_uids_from_key): New function to call
+ clean_uids_from_key() on a key.
+ (keyedit_menu): Call it from here as part of the "clean" command.
+
2005-05-26 David Shaw <dshaw at jabberwocky.com>
* g10.c (main): Default {export|import}-unusable-sigs to off until
Index: gnupg/g10/keyedit.c
diff -u gnupg/g10/keyedit.c:1.180 gnupg/g10/keyedit.c:1.181
--- gnupg/g10/keyedit.c:1.180 Fri May 6 21:25:19 2005
+++ gnupg/g10/keyedit.c Mon May 30 05:43:30 2005
@@ -53,7 +53,8 @@
static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock, int photo );
static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
static int menu_delsig( KBNODE pub_keyblock );
-static int menu_clean_uids(KBNODE keyblock);
+static int menu_clean_sigs_from_uids(KBNODE keyblock);
+static int menu_clean_uids_from_key(KBNODE keyblock);
static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
static int menu_addrevoker( KBNODE pub_keyblock,
KBNODE sec_keyblock, int sensitive );
@@ -2138,17 +2139,25 @@
{
if(*arg_string)
{
- if(ascii_strcasecmp(arg_string,"sigs")!=0
- && ascii_strcasecmp(arg_string,"signatures")!=0
- && ascii_strcasecmp(arg_string,"certs")!=0
- && ascii_strcasecmp(arg_string,"certificates")!=0)
+ if(ascii_strcasecmp(arg_string,"sigs")==0
+ || ascii_strcasecmp(arg_string,"signatures")==0
+ || ascii_strcasecmp(arg_string,"certs")==0
+ || ascii_strcasecmp(arg_string,"certificates")==0)
+ modified=menu_clean_sigs_from_uids(keyblock);
+ else if(ascii_strcasecmp(arg_string,"uids")==0)
+ redisplay=modified=menu_clean_uids_from_key(keyblock);
+ else if(ascii_strcasecmp(arg_string,"all")==0)
{
- tty_printf(_("Unable to clean `%s'\n"),arg_string);
- break;
+ modified=menu_clean_sigs_from_uids(keyblock);
+ modified+=menu_clean_uids_from_key(keyblock);
+ redisplay=modified;
}
+ else
+ tty_printf(_("Unable to clean `%s'\n"),arg_string);
}
-
- modified=menu_clean_uids(keyblock);
+ else
+ tty_printf(_("Please specify item to clean: `sigs',"
+ " `uids', or `all'\n"));
}
break;
@@ -2699,7 +2708,8 @@
i = 0;
for( node = keyblock; node; node = node->next )
{
- if( node->pkt->pkttype == PKT_USER_ID )
+ if( node->pkt->pkttype == PKT_USER_ID
+ && !is_deleted_kbnode(node))
{
PKT_user_id *uid = node->pkt->pkt.user_id;
++i;
@@ -3134,7 +3144,7 @@
}
static int
-menu_clean_uids(KBNODE keyblock)
+menu_clean_sigs_from_uids(KBNODE keyblock)
{
KBNODE uidnode;
int modified=0;
@@ -3149,7 +3159,7 @@
char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
uidnode->pkt->pkt.user_id->len,
0);
- deleted=clean_uid(keyblock,uidnode,opt.verbose);
+ deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose);
if(deleted)
{
tty_printf(deleted==1?
@@ -3168,6 +3178,42 @@
return modified;
}
+static int
+menu_clean_uids_from_key(KBNODE keyblock)
+{
+ KBNODE node;
+ int modified;
+
+ modified=clean_uids_from_key(keyblock,opt.verbose);
+
+ if(modified)
+ {
+ for(node=keyblock->next;node;node=node->next)
+ {
+ if(node->pkt->pkttype==PKT_USER_ID && is_deleted_kbnode(node))
+ {
+ char *reason;
+ char *user=utf8_to_native(node->pkt->pkt.user_id->name,
+ node->pkt->pkt.user_id->len,0);
+
+ if(node->pkt->pkt.user_id->is_revoked)
+ reason=_("revoked");
+ else if(node->pkt->pkt.user_id->is_expired)
+ reason=_("expired");
+ else
+ reason=_("invalid");
+
+ tty_printf(_("User ID \"%s\" removed: %s\n"),user,reason);
+
+ m_free(user);
+ }
+ }
+ }
+ else
+ tty_printf(_("No user IDs are removable.\n"));
+
+ return modified;
+}
/****************
* Remove some of the secondary keys
Index: gnupg/g10/trustdb.c
diff -u gnupg/g10/trustdb.c:1.138 gnupg/g10/trustdb.c:1.139
--- gnupg/g10/trustdb.c:1.138 Sun Apr 24 20:35:30 2005
+++ gnupg/g10/trustdb.c Mon May 30 05:43:30 2005
@@ -1574,7 +1574,7 @@
}
int
-clean_uid(KBNODE keyblock,KBNODE uidnode,int noisy)
+clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy)
{
int deleted=0;
KBNODE node;
@@ -1635,6 +1635,79 @@
return deleted;
}
+/* This is substantially easier than clean_sigs_from_uid since we just
+ have to establish if the uid has a valid self-sig, is not revoked,
+ and is not expired. Note that this does not take into account
+ whether the uid has a trust path to it - just whether the keyholder
+ themselves has certified the uid. Returns how many user IDs were
+ removed. */
+int
+clean_uids_from_key(KBNODE keyblock,int noisy)
+{
+ int uidcount=0,delete_until_next,deleted=0;
+ KBNODE node;
+
+ assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+
+ merge_keys_and_selfsig(keyblock);
+
+ /* First count how many user IDs we have. We need to be careful
+ that we don't delete them all as some keys could actually have NO
+ valid user IDs. 2440 requires at least 1 user ID packet, valid
+ or not. */
+ for(node=keyblock->next;
+ node && node->pkt->pkttype!=PKT_PUBLIC_SUBKEY;
+ node=node->next)
+ if(node->pkt->pkttype==PKT_USER_ID)
+ uidcount++;
+
+ for(node=keyblock->next;
+ node && node->pkt->pkttype!=PKT_PUBLIC_SUBKEY && uidcount>deleted+1;
+ node=node->next)
+ {
+ if(node->pkt->pkttype==PKT_USER_ID)
+ {
+ /* Skip valid user IDs, and non-self-signed user IDs if
+ --allow-non-selfsigned-uid is set. */
+ if(node->pkt->pkt.user_id->created
+ || (!node->pkt->pkt.user_id->is_expired
+ && !node->pkt->pkt.user_id->is_revoked
+ && opt.allow_non_selfsigned_uid))
+ delete_until_next=0;
+ else
+ {
+ delete_until_next=1;
+ deleted++;
+
+ if(noisy)
+ {
+ char *reason;
+ char *user=utf8_to_native(node->pkt->pkt.user_id->name,
+ node->pkt->pkt.user_id->len,0);
+
+ if(node->pkt->pkt.user_id->is_revoked)
+ reason=_("revoked");
+ else if(node->pkt->pkt.user_id->is_expired)
+ reason=_("expired");
+ else
+ reason=_("invalid");
+
+ log_info("removing user ID \"%s\" from key %s: %s\n",
+ user,keystr(keyblock->pkt->pkt.public_key->keyid),
+ reason);
+
+ m_free(user);
+ }
+ }
+ }
+
+ if(delete_until_next)
+ delete_kbnode(node);
+ }
+
+ return deleted;
+}
+
/* Used by validate_one_keyblock to confirm a regexp within a trust
signature. Returns 1 for match, and 0 for no match or regex
error. */
Index: gnupg/g10/trustdb.h
diff -u gnupg/g10/trustdb.h:1.52 gnupg/g10/trustdb.h:1.53
--- gnupg/g10/trustdb.h:1.52 Sun Apr 24 20:35:30 2005
+++ gnupg/g10/trustdb.h Mon May 30 05:43:30 2005
@@ -81,7 +81,8 @@
void update_ownertrust (PKT_public_key *pk, unsigned int new_trust );
int clear_ownertrusts (PKT_public_key *pk);
-int clean_uid(KBNODE keyblock,KBNODE uidnode,int noisy);
+int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy);
+int clean_uids_from_key(KBNODE keyblock,int noisy);
/*-- tdbdump.c --*/
void list_trustdb(const char *username);
More information about the Gnupg-commits
mailing list