From 6b306f45f4fbe36b90cec4685aabb267a61e283f Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Sat, 14 Mar 2020 18:04:47 +0100 Subject: gpg: New option --auto-key-import * g10/gpg.c (opts): New options --auto-key-import, --no-auto-key-import, and --no-include-key-block. (gpgconf_list): Add them. * g10/options.h (opt): Add field flags.auto_key_import. * g10/mainproc.c (check_sig_and_print): Use flag to enable that feature. * tools/gpgconf-comp.c: Give the new options a Basic config level. -- Note that the --no variants of the options are intended for easy disabling at the command line. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch --- g10/mainproc.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'g10/mainproc.c') diff --git a/g10/mainproc.c b/g10/mainproc.c index ffde748c0..941ffaa76 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -2012,14 +2012,11 @@ check_sig_and_print (CTX c, kbnode_t node) rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, NULL, &is_expkey, &is_revkey, &pk); - /* If the key is not found but the signaure includes a key bnlock we - * import that key block and trry again. We keep this key block - * only if the signature verifies. */ - /* FIXME: Shall we add an option to disable it or use it only if - * --auto-key-retriueve is set? */ + /* If the key is not found but the signature includes a key block we + * use that key block for verification and on success import it. */ if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY - && sig->flags.key_block) - /* && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE)) */ + && sig->flags.key_block + && opt.flags.auto_key_import) { PKT_public_key *included_pk; const byte *kblock; -- cgit v1.2.3