* options.h, import.c (parse_import_options, delete_inv_parts): Add
authorDavid Shaw <dshaw@jabberwocky.com>
Sat, 1 Jan 2005 21:21:11 +0000 (21:21 +0000)
committerDavid Shaw <dshaw@jabberwocky.com>
Sat, 1 Jan 2005 21:21:11 +0000 (21:21 +0000)
import-unusable-sigs flag to enable importing unusable (currently:
expired) sigs.

* options.h, export.c (parse_export_options, do_export_stream): Add
export-unusable-sigs flag to enable exporting unusable (currently:
expired) sigs.

g10/ChangeLog
g10/export.c
g10/import.c
g10/options.h

index b6ba546..c999e3f 100644 (file)
@@ -1,3 +1,13 @@
+2005-01-01  David Shaw  <dshaw@jabberwocky.com>
+
+       * options.h, import.c (parse_import_options, delete_inv_parts):
+       Add import-unusable-sigs flag to enable importing unusable
+       (currently: expired) sigs.
+
+       * options.h, export.c (parse_export_options, do_export_stream):
+       Add export-unusable-sigs flag to enable exporting unusable
+       (currently: expired) sigs.
+
 2004-12-29  David Shaw  <dshaw@jabberwocky.com>
 
        * packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info),
index 86bc654..73aa750 100644 (file)
@@ -49,6 +49,7 @@ parse_export_options(char *str,unsigned int *options,int noisy)
       {"export-attributes",EXPORT_ATTRIBUTES,NULL},
       {"export-sensitive-revkeys",EXPORT_SENSITIVE_REVKEYS,NULL},
       {"export-minimal",EXPORT_MINIMAL,NULL},
+      {"export-unusable-sigs",EXPORT_UNUSABLE_SIGS,NULL},
       /* Aliases for backward compatibility */
       {"include-local-sigs",EXPORT_LOCAL_SIGS,NULL},
       {"include-attributes",EXPORT_ATTRIBUTES,NULL},
@@ -314,7 +315,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
 
            if( node->pkt->pkttype == PKT_SIGNATURE )
              {
-               /* If we have minimal-export turned on, do not include
+               /* If we have export-minimal turned on, do not include
                   any signature that isn't a selfsig.  Note that this
                   only applies to uid sigs (0x10, 0x11, 0x12, and
                   0x13).  A designated revocation is not stripped. */
@@ -324,6 +325,16 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
                       || node->pkt->pkt.signature->keyid[1]!=keyid[1]))
                  continue;
 
+               /* We do basically the same thing for
+                  export-unusable-sigs.  It only applies to expired
+                  uid sigs that aren't selfsigs. */
+               if(!(options&EXPORT_UNUSABLE_SIGS)
+                  && IS_UID_SIG(node->pkt->pkt.signature)
+                  && node->pkt->pkt.signature->flags.expired
+                  && (node->pkt->pkt.signature->keyid[0]!=keyid[0]
+                      || node->pkt->pkt.signature->keyid[1]!=keyid[1]))
+                 continue;
+
                /* do not export packets which are marked as not exportable */
                if(!(options&EXPORT_LOCAL_SIGS)
                   && !node->pkt->pkt.signature->flags.exportable)
index 283be20..e0d57a5 100644 (file)
@@ -93,6 +93,7 @@ parse_import_options(char *str,unsigned int *options,int noisy)
       {"fast-import",IMPORT_FAST,NULL},
       {"convert-sk-to-pk",IMPORT_SK2PK,NULL},
       {"merge-only",IMPORT_MERGE_ONLY,NULL},
+      {"import-unusable-sigs",IMPORT_UNUSABLE_SIGS,NULL},
       /* Aliases for backward compatibility */
       {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL},
       {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL},
@@ -1557,8 +1558,26 @@ delete_inv_parts( const char *fname, KBNODE keyblock,
                       node->pkt->pkt.signature->sig_class);
            delete_kbnode(node);
          }
+       else if(node->pkt->pkttype==PKT_SIGNATURE
+               && IS_UID_SIG(node->pkt->pkt.signature)
+               && node->pkt->pkt.signature->flags.expired
+               && (node->pkt->pkt.signature->keyid[0]!=keyid[0]
+                   || node->pkt->pkt.signature->keyid[1]!=keyid[1])
+               && !(options&IMPORT_UNUSABLE_SIGS))
+         {
+           if(opt.verbose)
+             {
+               char *kid=m_strdup(keystr(keyid));
+               log_info(_("key %s: expired signature from key %s -"
+                          " skipped\n"),kid,
+                        keystr(node->pkt->pkt.signature->keyid));
+               m_free(kid);
+             }
+
+           delete_kbnode(node);
+         }
        else if( (node->flag & 4) ) /* marked for deletion */
-           delete_kbnode( node );
+         delete_kbnode( node );
     }
 
     /* note: because keyblock is the public key, it is never marked
index 1ad6b44..2f7b03e 100644 (file)
@@ -252,11 +252,13 @@ struct {
 #define IMPORT_FAST                      (1<<2)
 #define IMPORT_SK2PK                     (1<<3)
 #define IMPORT_MERGE_ONLY                (1<<4)
+#define IMPORT_UNUSABLE_SIGS             (1<<5)
 
 #define EXPORT_LOCAL_SIGS                (1<<0)
 #define EXPORT_ATTRIBUTES                (1<<1)
 #define EXPORT_SENSITIVE_REVKEYS         (1<<2)
 #define EXPORT_MINIMAL                   (1<<3)
+#define EXPORT_UNUSABLE_SIGS             (1<<4)
 
 #define LIST_SHOW_PHOTOS                 (1<<0)
 #define LIST_SHOW_POLICY_URLS            (1<<1)