gpg: New option --disable-signer-uid, create Signer's UID sub-packet.

* g10/gpg.c (oDisableSignerUID): New.
(opts): New option '--disable-signer-uid'.
(main): Set option.
* g10/options.h (opt): Add field flags.disable_signer_uid.
* g10/sign.c: Include mbox-util.h.
(mk_notation_policy_etc): Embed the signer's uid.
* g10/mainproc.c (check_sig_and_print): Do not use WKD for auto key
retrieval if --disable-signer-uid is used.
--

Signed-off-by: Werner Koch <[email protected]>

4 files changed, 24 insertions, 2 deletions

diff --git a/g10/gpg.c b/g10/gpg.c
index 87d06afef..f6088f061 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -396,6 +396,7 @@ enum cmd_and_opt_values
     oWeakDigest,
     oUnwrap,
     oOnlySignTextIDs,
+    oDisableSignerUID,
 
     oNoop
   };
@@ -550,6 +551,8 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oDisableMDC, "disable-mdc", "@"),
   ARGPARSE_s_n (oNoDisableMDC, "no-disable-mdc", "@"),
 
+  ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"),
+
   ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
   ARGPARSE_s_n (oInteractive, "interactive", N_("prompt before overwriting")),
 
@@ -2799,6 +2802,9 @@ main (int argc, char **argv)
 	  case oNoForceMDC: opt.force_mdc = 0; break;
 	  case oDisableMDC: opt.disable_mdc = 1; break;
 	  case oNoDisableMDC: opt.disable_mdc = 0; break;
+
+          case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
+
 	  case oS2KMode:   opt.s2k_mode = pargs.r.ret_int; break;
 	  case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break;
 	  case oS2KCipher: s2k_cipher_string = xstrdup(pargs.r.ret_str); break;
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 7033de7dd..453d1b07b 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1823,6 +1823,7 @@ check_sig_and_print (CTX c, kbnode_t node)
    * key from the WKD. */
   if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
       && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE)
+      && !opt.flags.disable_signer_uid
       && akl_has_wkd_method ()
       && sig->signers_uid)
     {
diff --git a/g10/options.h b/g10/options.h
index bf5831d6c..0a87b9011 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -234,6 +234,7 @@ struct
     unsigned int allow_multiple_messages:1;
     unsigned int allow_weak_digest_algos:1;
     unsigned int large_rsa:1;
+    unsigned int disable_signer_uid:1;
   } flags;
 
   /* Linked list of ways to find a key if the key isn't on the local
@@ -290,7 +291,7 @@ struct {
 #define DBG_IPC_VALUE     1024  /* debug assuan communication */
 #define DBG_CARD_IO_VALUE 2048  /* debug smart card I/O.  */
 #define DBG_CLOCK_VALUE   4096
-#define DBG_LOOKUP_VALUE  8192	/* debug the kety lookup */
+#define DBG_LOOKUP_VALUE  8192	/* debug the key lookup */
 #define DBG_EXTPROG_VALUE 16384 /* debug external program calls */
 
 /* Tests for the debugging flags.  */
diff --git a/g10/sign.c b/g10/sign.c
index 833b6ef06..a4974be85 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -40,7 +40,7 @@
 #include "pkglue.h"
 #include "sysutils.h"
 #include "call-agent.h"
-
+#include "mbox-util.h"
 
 #ifdef HAVE_DOSISH_SYSTEM
 #define LF "\r\n"
@@ -144,6 +144,20 @@ mk_notation_policy_etc (PKT_signature *sig,
                         p, strlen (p));
       xfree (p);
     }
+
+  /* Set signer's user id.  */
+  if (IS_SIG (sig) && !opt.flags.disable_signer_uid)
+    {
+      char *mbox;
+
+      /* For now we use the uid which was used to locate the key.  */
+      if (pksk->user_id && (mbox = mailbox_from_userid (pksk->user_id->name)))
+        {
+          if (DBG_LOOKUP)
+            log_debug ("setting Signer's UID to '%s'\n", mbox);
+          build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID, mbox, strlen (mbox));
+        }
+    }
 }