gpg: Allow fingerprint based lookup with --locate-external-key.

* g10/keyserver.c (keyserver_import_fprint_ntds): New.
* g10/getkey.c (get_pubkey_byname): Detect an attempt to search by
fingerprint in no_local mode.
--

See the man page.  For testing use

  gpg --auto-key-locate local,wkd,keyserver --locate-external-key  \
    FINGERPRINT

with at least one LDAP keyserver given in dirmngr.conf.  On Windows
"ntds" may be used instead or in addtion to "keyserver".

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 16 insertions, 6 deletions

diff --git a/g10/keyserver.c b/g10/keyserver.c
index a0620565c..492ce0ce5 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -1155,27 +1155,37 @@ keyserver_import_ntds (ctrl_t ctrl, const char *mbox,
 
 
 int
-keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len,
+keyserver_import_fprint (ctrl_t ctrl, const byte *fprint, size_t fprint_len,
 			 struct keyserver_spec *keyserver,
                          unsigned int flags)
 {
   KEYDB_SEARCH_DESC desc;
 
-  memset(&desc,0,sizeof(desc));
+  memset (&desc, 0, sizeof(desc));
 
   if (fprint_len == 16 || fprint_len == 20 || fprint_len == 32)
     desc.mode = KEYDB_SEARCH_MODE_FPR;
   else
-    return -1;
+    return gpg_error (GPG_ERR_INV_ARG);
 
-  memcpy(desc.u.fpr,fprint,fprint_len);
+  memcpy (desc.u.fpr, fprint, fprint_len);
   desc.fprlen = fprint_len;
 
-  /* TODO: Warn here if the fingerprint we got doesn't match the one
-     we asked for? */
   return keyserver_get (ctrl, &desc, 1, keyserver, flags, NULL, NULL);
 }
 
+
+int
+keyserver_import_fprint_ntds (ctrl_t ctrl,
+                              const byte *fprint, size_t fprint_len)
+{
+  struct keyserver_spec keyserver = { NULL, "ldap:///" };
+
+  return keyserver_import_fprint (ctrl, fprint, fprint_len,
+                                  &keyserver, KEYSERVER_IMPORT_FLAG_LDAP);
+}
+
+
 int
 keyserver_import_keyid (ctrl_t ctrl,
                         u32 *keyid,struct keyserver_spec *keyserver,