summaryrefslogtreecommitdiffstats
path: root/debian/patches/import-merge-without-userid/gpg-allow-import-of-previously-known-keys-even-without-UI.patch
blob: fa6dd9f8524d0ce0f6daf4e8a8c7eb9c323a1b5d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
From: Vincent Breitmoser <look@my.amazin.horse>
Date: Thu, 13 Jun 2019 21:27:42 +0200
Subject: gpg: allow import of previously known keys, even without UIDs

* g10/import.c (import_one): Accept an incoming OpenPGP certificate that
has no user id, as long as we already have a local variant of the cert
that matches the primary key.

--

This fixes two of the three broken tests in import-incomplete.scm.

GnuPG-Bug-id: 4393
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
 g10/import.c | 44 +++++++++++---------------------------------
 1 file changed, 11 insertions(+), 33 deletions(-)

diff --git a/g10/import.c b/g10/import.c
index b2d5c1d..078a78c 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1855,7 +1855,6 @@ import_one_real (ctrl_t ctrl,
   size_t an;
   char pkstrbuf[PUBKEY_STRING_SIZE];
   int merge_keys_done = 0;
-  int any_filter = 0;
   KEYDB_HANDLE hd = NULL;
 
   if (r_valid)
@@ -1892,14 +1891,6 @@ import_one_real (ctrl_t ctrl,
       log_printf ("\n");
     }
 
-
-  if (!uidnode )
-    {
-      if (!silent)
-        log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
-      return 0;
-    }
-
   if (screener && screener (keyblock, screener_arg))
     {
       log_error (_("key %s: %s\n"), keystr_from_pk (pk),
@@ -1974,17 +1965,10 @@ import_one_real (ctrl_t ctrl,
 	  }
     }
 
-  if (!delete_inv_parts (ctrl, keyblock, keyid, options ) )
-    {
-      if (!silent)
-        {
-          log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
-          if (!opt.quiet )
-            log_info(_("this may be caused by a missing self-signature\n"));
-        }
-      stats->no_user_id++;
-      return 0;
-    }
+  /* Delete invalid parts, and note if we have any valid ones left.
+   * We will later abort import if this key is new but contains
+   * no valid uids.  */
+  delete_inv_parts (ctrl, keyblock, keyid, options);
 
   /* Get rid of deleted nodes.  */
   commit_kbnode (&keyblock);
@@ -1994,24 +1978,11 @@ import_one_real (ctrl_t ctrl,
     {
       apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
       commit_kbnode (&keyblock);
-      any_filter = 1;
     }
   if (import_filter.drop_sig)
     {
       apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
       commit_kbnode (&keyblock);
-      any_filter = 1;
-    }
-
-  /* If we ran any filter we need to check that at least one user id
-   * is left in the keyring.  Note that we do not use log_error in
-   * this case. */
-  if (any_filter && !any_uid_left (keyblock))
-    {
-      if (!opt.quiet )
-        log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk));
-      stats->no_user_id++;
-      return 0;
     }
 
   /* The keyblock is valid and ready for real import.  */
@@ -2069,6 +2040,13 @@ import_one_real (ctrl_t ctrl,
       err = 0;
       stats->skipped_new_keys++;
     }
+  else if (err && !any_uid_left (keyblock))
+    {
+      if (!silent)
+        log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid));
+      err = 0;
+      stats->no_user_id++;
+    }
   else if (err)  /* Insert this key. */
     {
       /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY.  */