db: correctly unpublish all uids when a key is revoked
This commit is contained in:
parent
860c66515b
commit
927861b881
|
@ -243,7 +243,7 @@ pub trait Database: Sync + Send {
|
|||
if let Ok(email) = Email::try_from(uid) {
|
||||
if is_status_revoked(binding.revoked(None)) {
|
||||
Some((email, EmailAddressStatus::Revoked))
|
||||
} else if published_uids.contains(uid) {
|
||||
} else if !is_revoked && published_uids.contains(uid) {
|
||||
Some((email, EmailAddressStatus::Published))
|
||||
} else {
|
||||
Some((email, EmailAddressStatus::NotPublished))
|
||||
|
@ -261,15 +261,20 @@ pub trait Database: Sync + Send {
|
|||
return Ok(ImportResult::Unchanged(TpkStatus { is_revoked, email_status, unparsed_uids }));
|
||||
}
|
||||
|
||||
let revoked_uids: Vec<UserID> = full_tpk_new
|
||||
.userids()
|
||||
.filter(|binding| is_status_revoked(binding.revoked(None)))
|
||||
.map(|binding| binding.userid().clone())
|
||||
.collect();
|
||||
// If the key is revoked, consider all uids revoked
|
||||
let newly_revoked_uids: Vec<&UserID> = if is_revoked {
|
||||
published_uids.iter().collect()
|
||||
} else {
|
||||
let revoked_uids: Vec<UserID> = full_tpk_new
|
||||
.userids()
|
||||
.filter(|binding| is_status_revoked(binding.revoked(None)))
|
||||
.map(|binding| binding.userid().clone())
|
||||
.collect();
|
||||
|
||||
let newly_revoked_uids: Vec<&UserID> = published_uids.iter()
|
||||
.filter(|uid| revoked_uids.contains(uid))
|
||||
.collect();
|
||||
published_uids.iter()
|
||||
.filter(|uid| revoked_uids.contains(uid))
|
||||
.collect()
|
||||
};
|
||||
|
||||
let published_tpk_new = tpk_filter_userids(
|
||||
&full_tpk_new, |uid| {
|
||||
|
|
|
@ -522,6 +522,14 @@ pub fn test_upload_revoked_tpk(db: &mut impl Database, log_path: &Path) {
|
|||
let email2 = Email::from_str(str_uid2).unwrap();
|
||||
let fpr = Fingerprint::try_from(tpk.fingerprint()).unwrap();
|
||||
|
||||
// upload and publish one of the email addresses. those should be
|
||||
// automatically depublished when we upload the revoked key!
|
||||
db.merge(tpk.clone()).unwrap();
|
||||
db.set_email_published(&fpr, &email1).unwrap();
|
||||
|
||||
assert!(db.by_email(&email1).is_some());
|
||||
assert!(db.by_email(&email2).is_none());
|
||||
|
||||
tpk = tpk.merge_packets(vec![revocation.into()]).unwrap();
|
||||
match tpk.revocation_status() {
|
||||
RevocationStatus::Revoked(_) => (),
|
||||
|
@ -539,6 +547,9 @@ pub fn test_upload_revoked_tpk(db: &mut impl Database, log_path: &Path) {
|
|||
),
|
||||
unparsed_uids: 0,
|
||||
}, tpk_status);
|
||||
|
||||
assert!(db.by_email(&email1).is_none());
|
||||
assert!(db.by_email(&email2).is_none());
|
||||
}
|
||||
|
||||
pub fn test_uid_revocation(db: &mut impl Database, log_path: &Path) {
|
||||
|
|
Loading…
Reference in New Issue