From aff9aaac68450e76f84d0f9a3feabffe9e82dd7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= Date: Wed, 27 Apr 2022 16:57:17 +0200 Subject: [PATCH] core: Support --locate-external-keys command of gpg * src/gpgme.h.in (GPGME_KEYLIST_MODE_FORCE_EXTERN): New. (GPGME_KEYLIST_MODE_LOCATE_EXTERNAL): New. * src/gpgme.c (gpgme_set_keylist_mode): Check for invalid mode. * src/engine-gpg.c (gpg_keylist_build_options): Use "--locate-external-keys" instead of "--locate-keys" if flag is set. * src/gpgme-json.c (op_keylist): New flag "force-extern". * src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Handle new mode. -- GnuPG-bug-id: 5951 --- NEWS | 8 ++++++-- doc/gpgme.texi | 20 ++++++++++++++++++++ src/engine-gpg.c | 7 +++++-- src/gpgme-json.c | 5 +++++ src/gpgme-tool.c | 4 ++++ src/gpgme.c | 4 ++++ src/gpgme.h.in | 2 ++ 7 files changed, 46 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index ec6d9b8e..b7ccf0b1 100644 --- a/NEWS +++ b/NEWS @@ -1,20 +1,24 @@ Noteworthy changes in version 1.17.2 (unreleased) ------------------------------------------------- - Release-info: https://dev.gnupg.org/Txxxx + * New keylist mode to force refresh via external methods. [#5951] - * cpp, qt: Do not export internal symbols anymore. [T5906] + * cpp, qt: Do not export internal symbols anymore. [#5906] * cpp, qt: Support revocation of own OpenPGP keys. [#5904] * Interface changes relative to the 1.17.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + GPGME_KEYLIST_MODE_FORCE_EXTERN NEW. + GPGME_KEYLIST_MODE_LOCATE_EXTERNAL NEW. cpp: RevocationReason NEW. cpp: GpgRevokeKeyEditInteractor NEW. cpp: Result::setError NEW. qt: RevokeKeyJob NEW. qt: Protocol::revokeKeyJob NEW. + Release-info: https://dev.gnupg.org/Txxxx + Noteworthy changes in version 1.17.1 (2022-03-06) ------------------------------------------------- diff --git a/doc/gpgme.texi b/doc/gpgme.texi index a7392d78..7f178158 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -2872,6 +2872,26 @@ validity information from an internal cache. This might be an expensive operation and is in general not useful. Currently only implemented for the S/MIME backend and ignored for other backends. +@item GPGME_KEYLIST_MODE_FORCE_EXTERN +@since{1.18.0} + +The @code{GPGME_KEYLIST_MODE_FORCE_EXTERN} symbol specifies that only +external sources should be searched for keys in the keylisting +operation. If used in combination with @code{GPGME_KEYLIST_MODE_LOCATE}, +the keylisting results in a @code{--locate-external-keys} for +@code{GPGME_PROTOCOL_OpenPGP}. The combination with +@code{GPGME_KEYLIST_MODE_LOCAL}, but without @code{GPGME_KEYLIST_MODE_EXTERN} +is not allowed. Currently only implemented for the OpenPGP backend and +ignored for other backends. + +@item GPGME_KEYLIST_MODE_LOCATE_EXTERNAL +@since{1.18.0} + +This is a shortcut for the combination of +@code{GPGME_KEYLIST_MODE_LOCATE} and @code{GPGME_KEYLIST_MODE_FORCE_EXTERN}, +which results in a @code{--locate-external-keys} for +@code{GPGME_PROTOCOL_OpenPGP}. + @end table At least one of @code{GPGME_KEYLIST_MODE_LOCAL} and diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 6528e3d5..3bf5223c 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -3105,8 +3105,11 @@ gpg_keylist_build_options (engine_gpg_t gpg, int secret_only, code. The problem is that we don't know the context here and thus can't access the cached version number for the engine info structure. */ - err = add_arg (gpg, "--locate-keys"); - if ((mode & GPGME_KEYLIST_MODE_SIGS)) + if ((mode & GPGME_KEYLIST_MODE_FORCE_EXTERN)) + err = add_arg (gpg, "--locate-external-keys"); + else + err = add_arg (gpg, "--locate-keys"); + if (!err && (mode & GPGME_KEYLIST_MODE_SIGS)) err = add_arg (gpg, "--with-sig-check"); } else diff --git a/src/gpgme-json.c b/src/gpgme-json.c index d3b8035a..6077278c 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -2471,6 +2471,11 @@ op_keylist (cjson_t request, cjson_t result) if (abool) mode |= GPGME_KEYLIST_MODE_LOCATE; + if ((err = get_boolean_flag (request, "force-extern", 0, &abool))) + goto leave; + if (abool) + mode |= GPGME_KEYLIST_MODE_FORCE_EXTERN; + if (!mode) { /* default to local */ diff --git a/src/gpgme-tool.c b/src/gpgme-tool.c index e45ea12d..7d3ca16d 100644 --- a/src/gpgme-tool.c +++ b/src/gpgme-tool.c @@ -1459,6 +1459,8 @@ gt_get_keylist_mode (gpgme_tool_t gt) modes[idx++] = "ephemeral"; if (mode & GPGME_KEYLIST_MODE_VALIDATE) modes[idx++] = "validate"; + if (mode & GPGME_KEYLIST_MODE_FORCE_EXTERN) + modes[idx++] = "force_extern"; modes[idx++] = NULL; gt_write_status (gt, STATUS_KEYLIST_MODE, modes[0], modes[1], modes[2], @@ -2200,6 +2202,8 @@ cmd_keylist_mode (assuan_context_t ctx, char *line) mode |= GPGME_KEYLIST_MODE_EPHEMERAL; if (strstr (line, "validate")) mode |= GPGME_KEYLIST_MODE_VALIDATE; + if (strstr (line, "force_extern")) + mode |= GPGME_KEYLIST_MODE_FORCE_EXTERN; return gt_set_keylist_mode (server->gt, mode); } diff --git a/src/gpgme.c b/src/gpgme.c index 6a5232e1..2c5b51ea 100644 --- a/src/gpgme.c +++ b/src/gpgme.c @@ -782,6 +782,10 @@ gpgme_set_keylist_mode (gpgme_ctx_t ctx, gpgme_keylist_mode_t mode) if (!ctx) return gpg_error (GPG_ERR_INV_VALUE); + if ((mode & GPGME_KEYLIST_MODE_LOCATE_EXTERNAL) == + (GPGME_KEYLIST_MODE_LOCAL|GPGME_KEYLIST_MODE_FORCE_EXTERN)) + return gpg_error (GPG_ERR_INV_VALUE); + ctx->keylist_mode = mode; return 0; } diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 0f7c3619..502d68cd 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -382,8 +382,10 @@ gpgme_protocol_t; #define GPGME_KEYLIST_MODE_WITH_KEYGRIP 64 #define GPGME_KEYLIST_MODE_EPHEMERAL 128 #define GPGME_KEYLIST_MODE_VALIDATE 256 +#define GPGME_KEYLIST_MODE_FORCE_EXTERN 512 #define GPGME_KEYLIST_MODE_LOCATE (1|2) +#define GPGME_KEYLIST_MODE_LOCATE_EXTERNAL (1|2|512) typedef unsigned int gpgme_keylist_mode_t;