[git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-52-g10cccd4

by Marcus Brinkmann cvs at cvs.gnupg.org
Fri Apr 29 12:32:38 CEST 2011 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  10cccd45af8510ed1a285636193f34dd04472aff (commit)
       via  a286e95f3a3f1feba88c563b92c7227096f69d03 (commit)
      from  25f292ed891a251a296d9af9b1566ffffe5d4582 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 10cccd45af8510ed1a285636193f34dd04472aff
Author: Marcus Brinkmann <marcus.brinkmann at ruhr-uni-bochum.de>
Date:   Fri Apr 29 12:02:46 2011 +0200

    Fix import stat counter and abort secret key import on merge-only error case.

diff --git a/g10/ChangeLog b/g10/ChangeLog
index f8cc49c..cbd3706 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,5 +1,12 @@
 2011-04-29  Marcus Brinkmann  <marcus at g10code.com>
 
+	* import.c (import_secret_one): Leave all checks to import_one.
+	Cancel secret key import if public key was skipped due to
+	merge-only request.  Fix import status for non-new secret key
+	import by checking stat counter.
+
+2011-04-29  Marcus Brinkmann  <marcus at g10code.com>
+
 	* delkey.c (do_delete_key): Access public keyblock even for secret
 	key operations.  But deleting secret key is not supported yet, so
 	give an error.  Limit secret-key-exists error case to public keys.
diff --git a/g10/import.c b/g10/import.c
index 39968ff..05dfd1d 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1521,6 +1521,8 @@ import_secret_one (ctrl_t ctrl, const char *fname, KBNODE keyblock,
   KBNODE node, uidnode;
   u32 keyid[2];
   int rc = 0;
+  int nr_prev;
+  kbnode_t pub_keyblock;
 
   /* Get the key and print some info about it */
   node = find_kbnode (keyblock, PKT_SECRET_KEY);
@@ -1581,24 +1583,30 @@ import_secret_one (ctrl_t ctrl, const char *fname, KBNODE keyblock,
 
   clear_kbnode_flags (keyblock);
 
-  if (!(options&IMPORT_MERGE_ONLY) || !have_secret_key_with_kid (keyid) )
-    {
-      /* We don't have this key, insert as a new key.  */
-      kbnode_t pub_keyblock;
+  nr_prev = stats->skipped_new_keys;
 
-      /* Make a public key out of this. */
-      pub_keyblock = sec_to_pub_keyblock (keyblock);
-      if (!pub_keyblock)
-        log_error ("key %s: failed to create public key from secret key\n",
+  /* Make a public key out of the key. */
+  pub_keyblock = sec_to_pub_keyblock (keyblock);
+  if (!pub_keyblock)
+    log_error ("key %s: failed to create public key from secret key\n",
                    keystr_from_pk (pk));
-      else
-        {
-          import_one (ctrl, fname, pub_keyblock, stats,
-                      NULL, NULL, opt.import_options, 1);
-          /* Fixme: We should check for an invalid keyblock and
-             cancel the secret key import in this case.  */
-          release_kbnode (pub_keyblock);
-
+  else
+    {
+      /* Note that this outputs an IMPORT_OK status message for the
+	 public key block, and below we will output another one for
+	 the secret keys.  FIXME?  */
+      import_one (ctrl, fname, pub_keyblock, stats,
+		  NULL, NULL, opt.import_options, 1);
+
+      /* Fixme: We should check for an invalid keyblock and
+	 cancel the secret key import in this case.  */
+      release_kbnode (pub_keyblock);
+
+      /* At least we cancel the secret key import when the public key
+	 import was skipped due to MERGE_ONLY option and a new
+	 key.  */
+      if (stats->skipped_new_keys <= nr_prev)
+	{
           /* Read the keyblock again to get the effects of a merge.  */
           /* Fixme: we should do this based on the fingerprint or
              even better let import_one return the merged
@@ -1609,27 +1617,23 @@ import_secret_one (ctrl_t ctrl, const char *fname, KBNODE keyblock,
                        keystr_from_pk (pk));
           else
             {
+	      nr_prev = stats->secret_imported;
               if (!transfer_secret_keys (ctrl, stats, keyblock))
                 {
+		  int status = 16;
                   if (!opt.quiet)
                     log_info (_("key %s: secret key imported\n"),
                               keystr_from_pk (pk));
+		  if (stats->secret_imported > nr_prev)
+		    status |= 1;
                   if (is_status_enabled ())
-                    print_import_ok (pk, 1|16);
+                    print_import_ok (pk, status);
                   check_prefs (ctrl, node);
                 }
               release_kbnode (node);
             }
         }
     }
-  else
-    {
-      /* We don't want to merge the secret keys. */
-      log_error (_("key %s: secret key part already available\n"),
-                 keystr_from_pk (pk));
-      if (is_status_enabled ())
-        print_import_ok (pk, 16);
-    }
 
   return rc;
 }

commit a286e95f3a3f1feba88c563b92c7227096f69d03
Author: Marcus Brinkmann <marcus.brinkmann at ruhr-uni-bochum.de>
Date:   Fri Apr 29 12:01:52 2011 +0200

    Give sensible error messages when trying to delete secret key.

diff --git a/g10/ChangeLog b/g10/ChangeLog
index bd53799..f8cc49c 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,9 @@
+2011-04-29  Marcus Brinkmann  <marcus at g10code.com>
+
+	* delkey.c (do_delete_key): Access public keyblock even for secret
+	key operations.  But deleting secret key is not supported yet, so
+	give an error.  Limit secret-key-exists error case to public keys.
+
 2011-04-28  Werner Koch  <wk at g10code.com>
 
 	* ecdh.c (pk_ecdh_encrypt_with_shared_point): Remove memory leak
diff --git a/g10/delkey.c b/g10/delkey.c
index 3b47c40..950af0e 100644
--- a/g10/delkey.c
+++ b/g10/delkey.c
@@ -83,7 +83,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
     }
 
     /* get the keyid from the keyblock */
-    node = find_kbnode( keyblock, secret? PKT_SECRET_KEY:PKT_PUBLIC_KEY );
+    node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
     if( !node ) {
 	log_error("Oops; key not found anymore!\n");
 	rc = G10ERR_GENERAL;
@@ -93,7 +93,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
     pk = node->pkt->pkt.public_key;
     keyid_from_pk( pk, keyid );
 
-    if (!force)
+    if (!secret && !force)
       {
         if (have_secret_key_with_kid (keyid))
           {
@@ -146,20 +146,29 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
 
 
     if( okay ) {
-	rc = keydb_delete_keyblock (hd);
-	if (rc) {
+      if (secret)
+	{
+	  log_error (_("deleting secret key not implemented\n"));
+	  rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED); /* FIXME */
+	  goto leave;
+	}
+      else
+	{
+	  rc = keydb_delete_keyblock (hd);
+	  if (rc) {
 	    log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) );
 	    goto leave;
+	  }
 	}
 
-	/* Note that the ownertrust being cleared will trigger a
-           revalidation_mark().  This makes sense - only deleting keys
-           that have ownertrust set should trigger this. */
+      /* Note that the ownertrust being cleared will trigger a
+	 revalidation_mark().  This makes sense - only deleting keys
+	 that have ownertrust set should trigger this. */
 
-        if (!secret && pk && clear_ownertrusts (pk)) {
-          if (opt.verbose)
-            log_info (_("ownertrust information cleared\n"));
-        }
+      if (!secret && pk && clear_ownertrusts (pk)) {
+	if (opt.verbose)
+	  log_info (_("ownertrust information cleared\n"));
+      }
     }
 
   leave:

-----------------------------------------------------------------------

Summary of changes:
 g10/ChangeLog |   13 +++++++++++++
 g10/delkey.c  |   31 ++++++++++++++++++++-----------
 g10/import.c  |   54 +++++++++++++++++++++++++++++-------------------------
 3 files changed, 62 insertions(+), 36 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list