Blame SOURCES/gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch

b5a5d8
From: Vincent Breitmoser <look@my.amazin.horse>
b5a5d8
Date: Thu, 13 Jun 2019 21:27:42 +0200
b5a5d8
Subject: gpg: allow import of previously known keys, even without UIDs
b5a5d8
b5a5d8
* g10/import.c (import_one): Accept an incoming OpenPGP certificate that
b5a5d8
has no user id, as long as we already have a local variant of the cert
b5a5d8
that matches the primary key.
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
This fixes two of the three broken tests in import-incomplete.scm.
b5a5d8
b5a5d8
GnuPG-Bug-id: 4393
b5a5d8
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
b5a5d8
---
b5a5d8
 g10/import.c | 44 +++++++++++---------------------------------
b5a5d8
 1 file changed, 11 insertions(+), 33 deletions(-)
b5a5d8
b5a5d8
diff --git a/g10/import.c b/g10/import.c
b5a5d8
index 5d3162c..f9acf95 100644
b5a5d8
--- a/g10/import.c
b5a5d8
+++ b/g10/import.c
b5a5d8
@@ -1788,7 +1788,6 @@ import_one_real (ctrl_t ctrl,
b5a5d8
   size_t an;
b5a5d8
   char pkstrbuf[PUBKEY_STRING_SIZE];
b5a5d8
   int merge_keys_done = 0;
b5a5d8
-  int any_filter = 0;
b5a5d8
   KEYDB_HANDLE hd = NULL;
b5a5d8
 
b5a5d8
   if (r_valid)
b5a5d8
@@ -1825,14 +1824,6 @@ import_one_real (ctrl_t ctrl,
b5a5d8
       log_printf ("\n");
b5a5d8
     }
b5a5d8
 
b5a5d8
-
b5a5d8
-  if (!uidnode)
b5a5d8
-    {
b5a5d8
-      if (!silent)
b5a5d8
-        log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
b5a5d8
-      return 0;
b5a5d8
-    }
b5a5d8
-
b5a5d8
   if (screener && screener (keyblock, screener_arg))
b5a5d8
     {
b5a5d8
       log_error (_("key %s: %s\n"), keystr_from_pk (pk),
b5a5d8
@@ -1907,18 +1898,10 @@ import_one_real (ctrl_t ctrl,
b5a5d8
 	  }
b5a5d8
     }
b5a5d8
 
b5a5d8
-  /* Delete invalid parts and bail out if there are no user ids left.  */
b5a5d8
-  if (!delete_inv_parts (ctrl, keyblock, keyid, options))
b5a5d8
-    {
b5a5d8
-      if (!silent)
b5a5d8
-        {
b5a5d8
-          log_error ( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
b5a5d8
-          if (!opt.quiet)
b5a5d8
-            log_info(_("this may be caused by a missing self-signature\n"));
b5a5d8
-        }
b5a5d8
-      stats->no_user_id++;
b5a5d8
-      return 0;
b5a5d8
-    }
b5a5d8
+  /* Delete invalid parts, and note if we have any valid ones left.
b5a5d8
+   * We will later abort import if this key is new but contains
b5a5d8
+   * no valid uids.  */
b5a5d8
+  delete_inv_parts (ctrl, keyblock, keyid, options);
b5a5d8
 
b5a5d8
   /* Get rid of deleted nodes.  */
b5a5d8
   commit_kbnode (&keyblock);
b5a5d8
@@ -1927,24 +1911,11 @@ import_one_real (ctrl_t ctrl,
b5a5d8
     {
b5a5d8
       apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
b5a5d8
       commit_kbnode (&keyblock);
b5a5d8
-      any_filter = 1;
b5a5d8
     }
b5a5d8
   if (import_filter.drop_sig)
b5a5d8
     {
b5a5d8
       apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
b5a5d8
       commit_kbnode (&keyblock);
b5a5d8
-      any_filter = 1;
b5a5d8
-    }
b5a5d8
-
b5a5d8
-  /* If we ran any filter we need to check that at least one user id
b5a5d8
-   * is left in the keyring.  Note that we do not use log_error in
b5a5d8
-   * this case. */
b5a5d8
-  if (any_filter && !any_uid_left (keyblock))
b5a5d8
-    {
b5a5d8
-      if (!opt.quiet )
b5a5d8
-        log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk));
b5a5d8
-      stats->no_user_id++;
b5a5d8
-      return 0;
b5a5d8
     }
b5a5d8
 
b5a5d8
   /* The keyblock is valid and ready for real import.  */
b5a5d8
@@ -2002,6 +1973,13 @@ import_one_real (ctrl_t ctrl,
b5a5d8
       err = 0;
b5a5d8
       stats->skipped_new_keys++;
b5a5d8
     }
b5a5d8
+  else if (err && !any_uid_left (keyblock))
b5a5d8
+    {
b5a5d8
+      if (!silent)
b5a5d8
+        log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid));
b5a5d8
+      err = 0;
b5a5d8
+      stats->no_user_id++;
b5a5d8
+    }
b5a5d8
   else if (err)  /* Insert this key. */
b5a5d8
     {
b5a5d8
       /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY.  */