X-Git-Url: https://the.earth.li/gitweb/?a=blobdiff_plain;ds=sidebyside;f=cleankey.c;h=3ef76f9167679b61316f03f817fd81816ac7437c;hb=a0d1c99184eeb07a6a7711e168c3db4b8c0937eb;hp=7d0bfe4b8cb16315926399f395f58b2142061aad;hpb=4c8bebffd4bc105ebaa09256b7a57f4a6201bd52;p=onak.git
diff --git a/cleankey.c b/cleankey.c
index 7d0bfe4..3ef76f9 100644
--- a/cleankey.c
+++ b/cleankey.c
@@ -13,8 +13,7 @@
* more details.
*
* You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 51
- * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * this program. If not, see .
*/
#include
@@ -22,6 +21,7 @@
#include
#include "cleankey.h"
+#include "keyid.h"
#include "keystructs.h"
#include "log.h"
#include "mem.h"
@@ -73,6 +73,53 @@ int dedupuids(struct openpgp_publickey *key)
return merged;
}
+/**
+ * dedupsubkeys - Merge duplicate subkeys on a key.
+ * @key: The key to de-dup subkeys on.
+ *
+ * This function attempts to merge duplicate subkeys on a key. It returns
+ * 0 if the key is unchanged, otherwise the number of dups merged.
+ */
+int dedupsubkeys(struct openpgp_publickey *key)
+{
+ struct openpgp_signedpacket_list *cursubkey = NULL;
+ struct openpgp_signedpacket_list *dup = NULL;
+ struct openpgp_signedpacket_list *tmp = NULL;
+ int merged = 0;
+ uint64_t subkeyid;
+
+ log_assert(key != NULL);
+ cursubkey = key->subkeys;
+ while (cursubkey != NULL) {
+ dup = find_signed_packet(cursubkey->next, cursubkey->packet);
+ while (dup != NULL) {
+ get_packetid(cursubkey->packet, &subkeyid);
+ logthing(LOGTHING_INFO,
+ "Found duplicate subkey: 0x%016" PRIX64,
+ subkeyid);
+ merged++;
+ merge_packet_sigs(cursubkey, dup);
+ /*
+ * Remove the duplicate uid.
+ */
+ tmp = cursubkey;
+ while (tmp != NULL && tmp->next != dup) {
+ tmp = tmp->next;
+ }
+ log_assert(tmp != NULL);
+ tmp->next = dup->next;
+ dup->next = NULL;
+ free_signedpacket_list(dup);
+
+ dup = find_signed_packet(cursubkey->next,
+ cursubkey->packet);
+ }
+ cursubkey = cursubkey->next;
+ }
+
+ return merged;
+}
+
/**
* check_sighashes - Check that sig hashes are correct.
* @key - the check to check the sig hashes of.
@@ -134,25 +181,33 @@ int clean_key_sighashes(struct openpgp_publickey *key)
/**
* cleankeys - Apply all available cleaning options on a list of keys.
- * @keys: The list of keys to clean.
+ * @policies: The cleaning policies to apply.
*
- * Applies all the cleaning options we can (eg duplicate key ids) to a
- * list of keys. Returns 0 if no changes were made, otherwise the number
- * of keys cleaned.
+ * Applies the requested cleaning policies to a list of keys. These are
+ * specified from the ONAK_CLEAN_* set of flags, or ONAK_CLEAN_ALL to
+ * apply all available cleaning options. Returns 0 if no changes were
+ * made, otherwise the number of keys cleaned. Note that some options
+ * may result in keys being removed entirely from the list.
*/
-int cleankeys(struct openpgp_publickey *keys)
+int cleankeys(struct openpgp_publickey **keys, uint64_t policies)
{
+ struct openpgp_publickey *curkey;
int changed = 0, count;
- while (keys != NULL) {
- count = dedupuids(keys);
- if (config.check_sighash) {
- count += clean_key_sighashes(keys);
+ if (keys == NULL)
+ return 0;
+
+ curkey = *keys;
+ while (curkey != NULL) {
+ count = dedupuids(curkey);
+ count += dedupsubkeys(curkey);
+ if (policies & ONAK_CLEAN_CHECK_SIGHASH) {
+ count += clean_key_sighashes(curkey);
}
if (count > 0) {
changed++;
}
- keys = keys->next;
+ curkey = curkey->next;
}
return changed;