gpg: New option --assert-signer.

* g10/gpg.c (enum cmd_and_opt_values): Add oAssertSigner.
(opts): Add "assert-signer".
(main): Set option.
(assert_signer_true): New var.
(g10_exit): Evaluate new var.
* g10/main.h (assert_signer_true): Declare new var.
* common/status.h (STATUS_ASSERT_SIGNER): New.
* g10/options.h (opt): Add field assert_signer_list.
* g10/verify.c (is_fingerprint): New.
(check_assert_signer_list): New.
* g10/mainproc.c (check_sig_and_print): Call that function.  Clear
assert_signer_true on a warning.

* g10/gpgv.c: Add dummy function and vars.
* g10/t-keydb-get-keyblock.c: Ditto.
* g10/t-keydb.c: Ditto.
* g10/t-stutter.c: Ditto.
--

1 files changed, 21 insertions, 3 deletions

diff --git a/g10/gpg.c b/g10/gpg.c
index f52d13a76..b759cc1cf 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -446,6 +446,7 @@ enum cmd_and_opt_values
     oRequireCompliance,
     oCompatibilityFlags,
     oAddDesigRevoker,
+    oAssertSigner,
 
     oNoop
   };
@@ -708,7 +709,7 @@ static gpgrt_opt_t opts[] = {
   ARGPARSE_s_n (oNoAutoTrustNewKey, "no-auto-trust-new-key", "@"),
 #endif
   ARGPARSE_s_s (oAddDesigRevoker, "add-desig-revoker", "@"),
-
+  ARGPARSE_s_s (oAssertSigner,    "assert-signer", "@"),
 
   ARGPARSE_header ("Input", N_("Options controlling the input")),
 
@@ -1032,8 +1033,12 @@ static struct compatibility_flags_s compatibility_flags [] =
 /* The list of the default AKL methods.  */
 #define DEFAULT_AKL_LIST "local,wkd"
 
-
+/* Can be set to true to force gpg to return with EXIT_FAILURE.  */
 int g10_errors_seen = 0;
+/* If opt.assert_signer_list is used and this variabale is not true
+ * gpg will be forced to return EXIT_FAILURE.  */
+int assert_signer_true = 0;
+
 
 static int utf8_strings =
 #ifdef HAVE_W32_SYSTEM
@@ -3734,6 +3739,11 @@ main (int argc, char **argv)
               append_to_strlist (&opt.desig_revokers, pargs.r.ret_str);
 	    break;
 
+          case oAssertSigner:
+            add_to_strlist (&opt.assert_signer_list, pargs.r.ret_str);
+	    break;
+
+
 	  case oNoop: break;
 
 	  default:
@@ -5448,7 +5458,15 @@ g10_exit( int rc )
   gnupg_block_all_signals ();
   emergency_cleanup ();
 
-  rc = rc? rc : log_get_errorcount(0)? 2 : g10_errors_seen? 1 : 0;
+  if (rc)
+    ;
+  else if (log_get_errorcount(0))
+    rc = 2;
+  else if (g10_errors_seen)
+    rc = 1;
+  else if (opt.assert_signer_list && !assert_signer_true)
+    rc = 1;
+
   exit (rc);
 }