[git] GnuPG - branch, master, updated. gnupg-2.1.0-10-gffc2307

by Werner Koch cvs at cvs.gnupg.org
Wed Nov 12 10:19:28 CET 2014 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  ffc2307843ce6c4ac3c8d99ba8c70ffa1ae28e39 (commit)
      from  b8cdfac353ad96d4ef025c066c16dbde34805661 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ffc2307843ce6c4ac3c8d99ba8c70ffa1ae28e39
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Nov 12 09:56:40 2014 +0100

    gpg: Add import options "keep-ownertrust".
    
    * g10/options.h (IMPORT_KEEP_OWNERTTRUST): New.
    * g10/import.c (parse_import_options): Add "keep-ownertrust".
    (import_one): Act upon new option.
    --
    
    This option is in particular useful to convert from a pubring.gpg to
    the new pubring.kbx in GnuPG 2.1 or vice versa:
    
    gpg1 --export | gpg2 --import-options keep-ownertrust --import

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 1154cd9..499df87 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1991,6 +1991,15 @@ opposite meaning. The options are:
   generally useful unless a shared keyring scheme is being used.
   Defaults to no.
 
+  @item import-keep-ownertrust
+  Normally possible still existing ownertrust values of a key are
+  cleared if a key is imported.  This is in general desirable so that
+  a formerly deleted key does not automatically gain an ownertrust
+  values merely due to import.  On the other hand it is sometimes
+  necessary to re-import a trusted set of keys again but keeping
+  already assigned ownertrust values.  This can be achived by using
+  this option.
+
   @item repair-pks-subkey-bug
   During import, attempt to repair the damage caused by the PKS keyserver
   bug (pre version 0.9.6) that mangles keys with multiple subkeys. Note
diff --git a/g10/import.c b/g10/import.c
index 16e2b0b..6439fd0 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -100,16 +100,25 @@ parse_import_options(char *str,unsigned int *options,int noisy)
     {
       {"import-local-sigs",IMPORT_LOCAL_SIGS,NULL,
        N_("import signatures that are marked as local-only")},
+
       {"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,
        N_("repair damage from the pks keyserver during import")},
+
+      {"keep-ownertrust", IMPORT_KEEP_OWNERTTRUST, NULL,
+       N_("do not clear the ownertrust values during import")},
+
       {"fast-import",IMPORT_FAST,NULL,
        N_("do not update the trustdb after import")},
+
       {"merge-only",IMPORT_MERGE_ONLY,NULL,
        N_("only accept updates to existing keys")},
+
       {"import-clean",IMPORT_CLEAN,NULL,
        N_("remove unusable parts from key after import")},
+
       {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
        N_("remove as much as possible from key after import")},
+
       /* Aliases for backward compatibility */
       {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL},
       {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL},
@@ -989,12 +998,13 @@ import_one (ctrl_t ctrl,
         if (rc)
 	   log_error (_("error writing keyring '%s': %s\n"),
 		       keydb_get_resource_name (hd), g10_errstr(rc));
-	else
+	else if (!(opt.import_options & IMPORT_KEEP_OWNERTTRUST))
 	  {
 	    /* This should not be possible since we delete the
 	       ownertrust when a key is deleted, but it can happen if
 	       the keyring and trustdb are out of sync.  It can also
-	       be made to happen with the trusted-key command. */
+	       be made to happen with the trusted-key command and by
+	       importing and locally exported key. */
 
 	    clear_ownertrusts (pk);
 	    if(non_self)
diff --git a/g10/options.h b/g10/options.h
index 0875eb5..95d1651 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -324,6 +324,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
 #define IMPORT_MINIMAL                   (1<<5)
 #define IMPORT_CLEAN                     (1<<6)
 #define IMPORT_NO_SECKEY                 (1<<7)
+#define IMPORT_KEEP_OWNERTTRUST          (1<<8)
 
 #define EXPORT_LOCAL_SIGS                (1<<0)
 #define EXPORT_ATTRIBUTES                (1<<1)

-----------------------------------------------------------------------

Summary of changes:
 doc/gpg.texi  |    9 +++++++++
 g10/import.c  |   14 ++++++++++++--
 g10/options.h |    1 +
 3 files changed, 22 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list