pool/gpg2
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fb0ed03b15
gpg2/gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
Pedro Monreal Gonzalez fb0ed03b15 Accepting request 1112814 from home:pmonrealgonzalez:branches:Base:System 
- Install the systemd user units in the _userunitdir [bsc#1201564]
  * Note that, there is no activation by default.

- Temporarily revert back to the pre-2.4 default for key generation.
  The new rfc4880bis has been set as the default in 2.4 version and
  might create incompatible keys. Note that, rfc4880bis can still
  be used with the option flag --rfc4880bis as in previous versions.
  * More info in the gnupg-devel ML:
    https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html
  * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9
  * Add gnupg-revert-rfc4880bis.patch

- Allow 8192 bit RSA keys in keygen UI when large_rsa is set
  * Add gnupg-allow-large-rsa.patch

- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313
  * The original patch has been modified to expand the changes
    also to the tests/gpgme/Makefile.in file.
  * Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch

- Updated to require libgpg-error-devel >= 1.46
- Rebased patches:
  * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
  * gnupg-add_legacy_FIPS_mode_option.patch
- GnuPG 2.4.0:
  * common: Fix translations in --help for gpgrt < 1.47.
  * gpg: Do not continue the export after a cancel for the primary key.
  * gpg: Replace use of PRIu64 in log_debug.
  * Update NEWS for 2.4.0.
  * tests: Fix make check with GPGME.

OBS-URL: https://build.opensuse.org/request/show/1112814
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=289
2023-09-25 10:24:20 +00:00

109 lines
3.3 KiB
Diff
Raw Blame History

From a1db83d8a3308277f01b96833c13693bd7e13ff9 Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <look@my.amazin.horse>
Date: Thu, 13 Jun 2019 21:27:42 +0200
Subject: [PATCH] gpg: allow import of previously known keys, even without UIDs
* g10/import.c (import_one): Accept an incoming OpenPGP certificate that
has no user id, as long as we already have a local variant of the cert
that matches the primary key.
--
This fixes two of the three broken tests in import-incomplete.scm.
GnuPG-Bug-id: 4393
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
g10/import.c | 49 +++++++++++--------------------------------------
1 file changed, 11 insertions(+), 38 deletions(-)
Index: gnupg-2.4.0/g10/import.c
===================================================================
--- gnupg-2.4.0.orig/g10/import.c
+++ gnupg-2.4.0/g10/import.c
@@ -1954,7 +1954,6 @@ import_one_real (ctrl_t ctrl,
size_t an;
char pkstrbuf[PUBKEY_STRING_SIZE];
int merge_keys_done = 0;
- int any_filter = 0;
KEYDB_HANDLE hd = NULL;
if (r_valid)
@@ -1991,14 +1990,6 @@ import_one_real (ctrl_t ctrl,
log_printf ("\n");
}
-
- if (!uidnode)
- {
- if (!silent)
- log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
- return 0;
- }
-
if (screener && screener (keyblock, screener_arg))
{
log_error (_("key %s: %s\n"), keystr_from_pk (pk),
@@ -2078,18 +2069,10 @@ import_one_real (ctrl_t ctrl,
}
}
- /* Delete invalid parts and bail out if there are no user ids left. */
- if (!delete_inv_parts (ctrl, keyblock, keyid, options, otherrevsigs))
- {
- if (!silent)
- {
- log_error ( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
- if (!opt.quiet)
- log_info(_("this may be caused by a missing self-signature\n"));
- }
- stats->no_user_id++;
- return 0;
- }
+ /* Delete invalid parts, and note if we have any valid ones left.
+ * We will later abort import if this key is new but contains
+ * no valid uids. */
+ delete_inv_parts (ctrl, keyblock, keyid, options, otherrevsigs);
/* Get rid of deleted nodes. */
commit_kbnode (&keyblock);
@@ -2099,24 +2082,11 @@ import_one_real (ctrl_t ctrl,
{
apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
commit_kbnode (&keyblock);
- any_filter = 1;
}
if (import_filter.drop_sig)
{
apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
commit_kbnode (&keyblock);
- any_filter = 1;
- }
-
- /* If we ran any filter we need to check that at least one user id
- * is left in the keyring. Note that we do not use log_error in
- * this case. */
- if (any_filter && !any_uid_left (keyblock))
- {
- if (!opt.quiet )
- log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk));
- stats->no_user_id++;
- return 0;
}
/* The keyblock is valid and ready for real import. */
@@ -2174,6 +2144,13 @@ import_one_real (ctrl_t ctrl,
err = 0;
stats->skipped_new_keys++;
}
+ else if (err && !any_uid_left (keyblock))
+ {
+ if (!silent)
+ log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid));
+ err = 0;
+ stats->no_user_id++;
+ }
else if (err) /* Insert this key. */
{
/* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */
Reference in New Issue View Git Blame Copy Permalink