diff options
| author | Werner Koch <[email protected]> | 2019-07-04 13:13:26 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-07-04 13:14:43 +0000 |
| commit | 46f3283b345e1cabca4b0320cf98274ade8ec162 (patch) | |
| tree | 4830956ab17e90720a86199c145ca50e9d0f48be | |
| parent | gpg: Make the get_pubkey_byname interface easier to understand. (diff) | |
| download | gnupg-46f3283b345e1cabca4b0320cf98274ade8ec162.tar.gz gnupg-46f3283b345e1cabca4b0320cf98274ade8ec162.zip | |
gpg: New command --locate-external-key.
* g10/gpg.c (aLocateExtKeys): New.
(opts): Add --locate-external-keys.
(main): Implement that.
* g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL.
(get_best_pubkey_byname): Add arg 'mode' and pass on to
get_pubkey_byname. Change callers.
* g10/keylist.c (public_key_list): Add arg 'no_local'.
(locate_one): Ditto. Pass on to get_best_pubkey_byname.
--
This new command is a shortcut for
--auto-key-locate nodefault,clear,wkd,... --locate-key
and uses the default or configured AKL list but does so without local.
See also
GnuPG-bug-id: 4599
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit d00c8024e58822e0623b3fad99248ce68a8b7725)
| -rw-r--r-- | doc/gpg.texi | 13 | ||||
| -rw-r--r-- | g10/getkey.c | 48 | ||||
| -rw-r--r-- | g10/gpg.c | 8 | ||||
| -rw-r--r-- | g10/keydb.h | 2 | ||||
| -rw-r--r-- | g10/keylist.c | 18 | ||||
| -rw-r--r-- | g10/main.h | 3 | ||||
| -rw-r--r-- | g10/pkclist.c | 3 |
7 files changed, 63 insertions, 32 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi index faaaf1d88..11193afdb 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -346,12 +346,17 @@ numbers 1-9 or "T" for 10 and above to indicate trust signature levels @item --locate-keys +@itemx --locate-external-keys @opindex locate-keys +@opindex locate-external-keys Locate the keys given as arguments. This command basically uses the -same algorithm as used when locating keys for encryption or signing and -may thus be used to see what keys @command{@gpgname} might use. In -particular external methods as defined by @option{--auto-key-locate} may -be used to locate a key. Only public keys are listed. +same algorithm as used when locating keys for encryption or signing +and may thus be used to see what keys @command{@gpgname} might use. +In particular external methods as defined by +@option{--auto-key-locate} may be used to locate a key. Only public +keys are listed. The variant @option{--locate-external-keys} does not +consider a locally existing key and can thus be used to force the +refresh of a key via the defined external methods. @item --show-keys @opindex show-keys diff --git a/g10/getkey.c b/g10/getkey.c index 681e329c6..f7f7a726f 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1043,7 +1043,9 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, * Note: we only save the search context in RETCTX if the local * method is the first method tried (either explicitly or * implicitly). */ - if (mode != GET_PUBKEY_NO_AKL) + if (mode == GET_PUBKEY_NO_LOCAL) + nodefault = 1; /* Auto-key-locate but ignore "local". */ + else if (mode != GET_PUBKEY_NO_AKL) { /* auto-key-locate is enabled. */ @@ -1072,7 +1074,13 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, anylocalfirst = 1; } - if (nodefault && is_mbox) + if (mode == GET_PUBKEY_NO_LOCAL) + { + /* Force using the AKL. If IS_MBOX is not set this is the final + * error code. */ + rc = GPG_ERR_NO_PUBKEY; + } + else if (nodefault && is_mbox) { /* Either "nodefault" or "local" (explicitly) appeared in the * auto key locate list and NAME appears to be an email address. @@ -1119,17 +1127,25 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, break; case AKL_LOCAL: - mechanism_string = "Local"; - did_akl_local = 1; - if (retctx) - { - getkey_end (ctrl, *retctx); - *retctx = NULL; - } - add_to_strlist (&namelist, name); - rc = key_byname (ctrl, anylocalfirst ? retctx : NULL, - namelist, pk, 0, - include_unusable, ret_keyblock, ret_kdbhd); + if (mode == GET_PUBKEY_NO_LOCAL) + { + mechanism_string = "None"; + rc = GPG_ERR_NO_PUBKEY; + } + else + { + mechanism_string = "Local"; + did_akl_local = 1; + if (retctx) + { + getkey_end (ctrl, *retctx); + *retctx = NULL; + } + add_to_strlist (&namelist, name); + rc = key_byname (ctrl, anylocalfirst ? retctx : NULL, + namelist, pk, 0, + include_unusable, ret_keyblock, ret_kdbhd); + } break; case AKL_CERT: @@ -1264,7 +1280,6 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, } } - if (rc && retctx) { getkey_end (ctrl, *retctx); @@ -1417,7 +1432,8 @@ pubkey_cmp (ctrl_t ctrl, const char *name, struct pubkey_cmp_cookie *old, * resembles a mail address, the results are ranked and only the best * result is returned. */ gpg_error_t -get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk, +get_best_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, + GETKEY_CTX *retctx, PKT_public_key *pk, const char *name, KBNODE *ret_keyblock, int include_unusable) { @@ -1440,7 +1456,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk, getkey_end (ctrl, ctx); ctx = NULL; } - err = get_pubkey_byname (ctrl, GET_PUBKEY_NORMAL, + err = get_pubkey_byname (ctrl, mode, &ctx, pk, name, ret_keyblock, NULL, include_unusable); if (err) @@ -147,6 +147,7 @@ enum cmd_and_opt_values aSendKeys, aRecvKeys, aLocateKeys, + aLocateExtKeys, aSearchKeys, aRefreshKeys, aFetchKeys, @@ -499,6 +500,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_c (aRefreshKeys, "refresh-keys", N_("update all keys from a keyserver")), ARGPARSE_c (aLocateKeys, "locate-keys", "@"), + ARGPARSE_c (aLocateExtKeys, "locate-external-keys", "@"), ARGPARSE_c (aFetchKeys, "fetch-keys" , "@" ), ARGPARSE_c (aShowKeys, "show-keys" , "@" ), ARGPARSE_c (aExportSecret, "export-secret-keys" , "@" ), @@ -2561,6 +2563,7 @@ main (int argc, char **argv) #endif /* ENABLE_CARD_SUPPORT*/ case aListKeys: case aLocateKeys: + case aLocateExtKeys: case aListSigs: case aExportSecret: case aExportSecretSub: @@ -4415,7 +4418,7 @@ main (int argc, char **argv) sl = NULL; for( ; argc; argc--, argv++ ) add_to_strlist2( &sl, *argv, utf8_strings ); - public_key_list (ctrl, sl, 0); + public_key_list (ctrl, sl, 0, 0); free_strlist(sl); break; case aListSecretKeys: @@ -4426,10 +4429,11 @@ main (int argc, char **argv) free_strlist(sl); break; case aLocateKeys: + case aLocateExtKeys: sl = NULL; for (; argc; argc--, argv++) add_to_strlist2( &sl, *argv, utf8_strings ); - public_key_list (ctrl, sl, 1); + public_key_list (ctrl, sl, 1, cmd == aLocateExtKeys); free_strlist (sl); break; diff --git a/g10/keydb.h b/g10/keydb.h index f3d28e365..a0ac12fd1 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -363,7 +363,7 @@ int get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, /* Likewise, but only return the best match if NAME resembles a mail * address. */ -gpg_error_t get_best_pubkey_byname (ctrl_t ctrl, +gpg_error_t get_best_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, GETKEY_CTX *retctx, PKT_public_key *pk, const char *name, KBNODE *ret_keyblock, int include_unusable); diff --git a/g10/keylist.c b/g10/keylist.c index 85fcdbaff..62b787557 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -50,7 +50,7 @@ static void list_all (ctrl_t, int, int); static void list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret); -static void locate_one (ctrl_t ctrl, strlist_t names); +static void locate_one (ctrl_t ctrl, strlist_t names, int no_local); static void print_card_serialno (const char *serialno); struct keylist_context @@ -82,10 +82,11 @@ keylist_context_release (struct keylist_context *listctx) /* List the keys. If list is NULL, all available keys are listed. - With LOCATE_MODE set the locate algorithm is used to find a - key. */ + * With LOCATE_MODE set the locate algorithm is used to find a key; if + * in addition NO_LOCAL is set the locate does not look into the local + * keyring. */ void -public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode) +public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode, int no_local) { #ifndef NO_TRUST_MODELS if (opt.with_colons) @@ -139,7 +140,7 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode) #endif if (locate_mode) - locate_one (ctrl, list); + locate_one (ctrl, list, no_local); else if (!list) list_all (ctrl, 0, opt.with_secret); else @@ -641,7 +642,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret) static void -locate_one (ctrl_t ctrl, strlist_t names) +locate_one (ctrl_t ctrl, strlist_t names, int no_local) { int rc = 0; strlist_t sl; @@ -655,7 +656,10 @@ locate_one (ctrl_t ctrl, strlist_t names) for (sl = names; sl; sl = sl->next) { - rc = get_best_pubkey_byname (ctrl, &ctx, NULL, sl->d, &keyblock, 1); + rc = get_best_pubkey_byname (ctrl, + no_local? GET_PUBKEY_NO_LOCAL + /* */: GET_PUBKEY_NORMAL, + &ctx, NULL, sl->d, &keyblock, 1); if (rc) { if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY) diff --git a/g10/main.h b/g10/main.h index 150aea0f4..9136e4cc3 100644 --- a/g10/main.h +++ b/g10/main.h @@ -438,7 +438,8 @@ struct revocation_reason_info * get_default_uid_revocation_reason(void); void release_revocation_reason_info( struct revocation_reason_info *reason ); /*-- keylist.c --*/ -void public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode ); +void public_key_list (ctrl_t ctrl, strlist_t list, + int locate_mode, int no_local); void secret_key_list (ctrl_t ctrl, strlist_t list ); void print_subpackets_colon(PKT_signature *sig); void reorder_keyblock (KBNODE keyblock); diff --git a/g10/pkclist.c b/g10/pkclist.c index 9a7e82f15..8d924ad5c 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -834,7 +834,8 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use, if (from_file) rc = get_pubkey_fromfile (ctrl, pk, name); else - rc = get_best_pubkey_byname (ctrl, NULL, pk, name, &keyblock, 0); + rc = get_best_pubkey_byname (ctrl, GET_PUBKEY_NORMAL, + NULL, pk, name, &keyblock, 0); if (rc) { int code; |