diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/gpg.c | 11 | ||||
| -rw-r--r-- | g10/mainproc.c | 11 | ||||
| -rw-r--r-- | g10/options.h | 1 |
3 files changed, 16 insertions, 7 deletions
@@ -352,6 +352,8 @@ enum cmd_and_opt_values oNoRandomSeedFile, oAutoKeyRetrieve, oNoAutoKeyRetrieve, + oAutoKeyImport, + oNoAutoKeyImport, oUseAgent, oNoUseAgent, oGpgAgentInfo, @@ -425,6 +427,7 @@ enum cmd_and_opt_values oNoSymkeyCache, oUseOnlyOpenPGPCard, oIncludeKeyBlock, + oNoIncludeKeyBlock, oNoop }; @@ -890,6 +893,8 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"), ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"), ARGPARSE_s_n (oIncludeKeyBlock, "include-key-block", "@"), + ARGPARSE_s_n (oAutoKeyImport, "auto-key-import", "@"), + ARGPARSE_s_n (oNoAutoKeyImport, "no-auto-key-import", "@"), /* Options to override new security defaults. */ ARGPARSE_s_n (oAllowWeakKeySignatures, "allow-weak-key-signatures", "@"), @@ -1873,6 +1878,8 @@ gpgconf_list (const char *configfile) es_printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("try-secret-key:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("auto-key-import:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("include-key-block:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("auto-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT); @@ -2993,6 +3000,7 @@ main (int argc, char **argv) case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break; case oIncludeKeyBlock: opt.flags.include_key_block = 1; break; + case oNoIncludeKeyBlock: opt.flags.include_key_block = 0; break; case oS2KMode: opt.s2k_mode = pargs.r.ret_int; break; case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break; @@ -3375,6 +3383,9 @@ main (int argc, char **argv) case oIgnoreMDCError: opt.ignore_mdc_error = 1; break; case oNoRandomSeedFile: use_random_seed = 0; break; + case oAutoKeyImport: opt.flags.auto_key_import = 1; break; + case oNoAutoKeyImport: opt.flags.auto_key_import = 0; break; + case oAutoKeyRetrieve: opt.keyserver_options.options |= KEYSERVER_AUTO_KEY_RETRIEVE; break; diff --git a/g10/mainproc.c b/g10/mainproc.c index 07366b068..d278c2dc7 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1905,14 +1905,11 @@ check_sig_and_print (CTX c, kbnode_t node) rc = do_check_sig (c, node, NULL, NULL, &is_expkey, &is_revkey, &pk); - /* If the key is not found but the signaure includes a key bnlock we - * import that key block and trry again. We keep this key block - * only if the signature verifies. */ - /* FIXME: Shall we add an option to disable it or use it only if - * --auto-key-retriueve is set? */ + /* If the key is not found but the signature includes a key block we + * use that key block for verification and on success import it. */ if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY - && sig->flags.key_block) - /* && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE)) */ + && sig->flags.key_block + && opt.flags.auto_key_import) { PKT_public_key *included_pk; const byte *kblock; diff --git a/g10/options.h b/g10/options.h index cb3d00d59..352c61275 100644 --- a/g10/options.h +++ b/g10/options.h @@ -233,6 +233,7 @@ struct unsigned int large_rsa:1; unsigned int disable_signer_uid:1; unsigned int include_key_block:1; + unsigned int auto_key_import:1; /* Flag to enable experimental features from RFC4880bis. */ unsigned int rfc4880bis:1; /* Hack: --output is not given but OUTFILE was temporary set to "-". */ |