mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-24 15:17:02 +01:00
* options.h, main.h, export.c (parse_export_options, do_export_stream),
g10.c (main): add new --export-options option. Current flags are "include-non-rfc", "include-local-sigs", "include-attributes", and "include-sensitive-revkeys". * options.h, hkp.c (hkp_export), keyserver.c (parse_keyserver_options, keyserver_spawn): try passing unknown keyserver options to export options, and if successful, use them when doing a keyserver --send-key. * build-packet.c (build_sig_subpkt): We do not generate SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
This commit is contained in:
parent
b65aced7b2
commit
002f085c23
@ -1,5 +1,18 @@
|
|||||||
2002-07-22 David Shaw <dshaw@jabberwocky.com>
|
2002-07-22 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* options.h, main.h, export.c (parse_export_options,
|
||||||
|
do_export_stream), g10.c (main): add new --export-options option.
|
||||||
|
Current flags are "include-non-rfc", "include-local-sigs",
|
||||||
|
"include-attributes", and "include-sensitive-revkeys".
|
||||||
|
|
||||||
|
* options.h, hkp.c (hkp_export), keyserver.c
|
||||||
|
(parse_keyserver_options, keyserver_spawn): try passing unknown
|
||||||
|
keyserver options to export options, and if successful, use them
|
||||||
|
when doing a keyserver --send-key.
|
||||||
|
|
||||||
|
* build-packet.c (build_sig_subpkt): We do not generate
|
||||||
|
SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
|
||||||
|
|
||||||
* revoke.c (gen_desig_revoke): Lots more comments about including
|
* revoke.c (gen_desig_revoke): Lots more comments about including
|
||||||
sensitive revkeys along with the revocation sig itself.
|
sensitive revkeys along with the revocation sig itself.
|
||||||
|
|
||||||
|
@ -763,8 +763,10 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
|
|||||||
nlen = 1; /* just a 1 byte length header */
|
nlen = 1; /* just a 1 byte length header */
|
||||||
|
|
||||||
switch( type ) {
|
switch( type ) {
|
||||||
case SIGSUBPKT_ISSUER:
|
|
||||||
case SIGSUBPKT_PRIV_VERIFY_CACHE: /*(obsolete)*/
|
case SIGSUBPKT_PRIV_VERIFY_CACHE: /*(obsolete)*/
|
||||||
|
BUG();
|
||||||
|
break;
|
||||||
|
case SIGSUBPKT_ISSUER:
|
||||||
hashed = 0;
|
hashed = 0;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
79
g10/export.c
79
g10/export.c
@ -34,21 +34,65 @@
|
|||||||
#include "main.h"
|
#include "main.h"
|
||||||
#include "i18n.h"
|
#include "i18n.h"
|
||||||
|
|
||||||
static int do_export( STRLIST users, int secret, int flags );
|
static int do_export( STRLIST users, int secret, unsigned int options );
|
||||||
static int do_export_stream( IOBUF out, STRLIST users,
|
static int do_export_stream( IOBUF out, STRLIST users,
|
||||||
int secret, int flags, int *any );
|
int secret, unsigned int options, int *any );
|
||||||
|
|
||||||
|
int
|
||||||
|
parse_export_options(char *str,unsigned int *options)
|
||||||
|
{
|
||||||
|
char *tok;
|
||||||
|
int hit=0;
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
char *name;
|
||||||
|
unsigned int bit;
|
||||||
|
} export_opts[]=
|
||||||
|
{
|
||||||
|
{"include-non-rfc",EXPORT_INCLUDE_NON_RFC},
|
||||||
|
{"include-local-sigs",EXPORT_INCLUDE_LOCAL_SIGS},
|
||||||
|
{"include-attributes",EXPORT_INCLUDE_ATTRIBUTES},
|
||||||
|
{"include-sensitive-revkeys",EXPORT_INCLUDE_SENSITIVE_REVKEYS},
|
||||||
|
{NULL,0}
|
||||||
|
/* add tags for include revoked and disabled? */
|
||||||
|
};
|
||||||
|
|
||||||
|
while((tok=strsep(&str," ,")))
|
||||||
|
{
|
||||||
|
int i,rev=0;
|
||||||
|
|
||||||
|
if(ascii_memcasecmp("no-",tok,3)==0)
|
||||||
|
rev=1;
|
||||||
|
|
||||||
|
for(i=0;export_opts[i].name;i++)
|
||||||
|
{
|
||||||
|
if(ascii_strcasecmp(export_opts[i].name,tok)==0)
|
||||||
|
{
|
||||||
|
if(rev)
|
||||||
|
*options&=~export_opts[i].bit;
|
||||||
|
else
|
||||||
|
*options|=export_opts[i].bit;
|
||||||
|
hit=1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!hit && !export_opts[i].name)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
return hit;
|
||||||
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Export the public keys (to standard out or --output).
|
* Export the public keys (to standard out or --output).
|
||||||
* Depending on opt.armor the output is armored.
|
* Depending on opt.armor the output is armored.
|
||||||
* flags has two bits: EXPORT_FLAG_ONLYRFC, so that only RFC2440
|
* options are defined in main.h.
|
||||||
* compatible keys are exported, and EXPORT_FLAG_SKIPATTRIBS to not
|
|
||||||
* export attribute packets (photo IDs).
|
|
||||||
* If USERS is NULL, the complete ring will be exported. */
|
* If USERS is NULL, the complete ring will be exported. */
|
||||||
int
|
int
|
||||||
export_pubkeys( STRLIST users, int flags )
|
export_pubkeys( STRLIST users, unsigned int options )
|
||||||
{
|
{
|
||||||
return do_export( users, 0, flags );
|
return do_export( users, 0, options );
|
||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
@ -56,11 +100,11 @@ export_pubkeys( STRLIST users, int flags )
|
|||||||
* been exported
|
* been exported
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
export_pubkeys_stream( IOBUF out, STRLIST users, int flags )
|
export_pubkeys_stream( IOBUF out, STRLIST users, unsigned int options )
|
||||||
{
|
{
|
||||||
int any, rc;
|
int any, rc;
|
||||||
|
|
||||||
rc = do_export_stream( out, users, 0, flags, &any );
|
rc = do_export_stream( out, users, 0, options, &any );
|
||||||
if( !rc && !any )
|
if( !rc && !any )
|
||||||
rc = -1;
|
rc = -1;
|
||||||
return rc;
|
return rc;
|
||||||
@ -79,7 +123,7 @@ export_secsubkeys( STRLIST users )
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
do_export( STRLIST users, int secret, int flags )
|
do_export( STRLIST users, int secret, unsigned int options )
|
||||||
{
|
{
|
||||||
IOBUF out = NULL;
|
IOBUF out = NULL;
|
||||||
int any, rc;
|
int any, rc;
|
||||||
@ -99,7 +143,7 @@ do_export( STRLIST users, int secret, int flags )
|
|||||||
}
|
}
|
||||||
if( opt.compress_keys && opt.compress )
|
if( opt.compress_keys && opt.compress )
|
||||||
iobuf_push_filter( out, compress_filter, &zfx );
|
iobuf_push_filter( out, compress_filter, &zfx );
|
||||||
rc = do_export_stream( out, users, secret, flags, &any );
|
rc = do_export_stream( out, users, secret, options, &any );
|
||||||
|
|
||||||
if( rc || !any )
|
if( rc || !any )
|
||||||
iobuf_cancel(out);
|
iobuf_cancel(out);
|
||||||
@ -110,7 +154,8 @@ do_export( STRLIST users, int secret, int flags )
|
|||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
do_export_stream( IOBUF out, STRLIST users, int secret, int flags, int *any )
|
do_export_stream( IOBUF out, STRLIST users, int secret,
|
||||||
|
unsigned int options, int *any )
|
||||||
{
|
{
|
||||||
int rc = 0;
|
int rc = 0;
|
||||||
PACKET pkt;
|
PACKET pkt;
|
||||||
@ -167,7 +212,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int flags, int *any )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* do not export keys which are incompatible with rfc2440 */
|
/* do not export keys which are incompatible with rfc2440 */
|
||||||
if( (flags&EXPORT_FLAG_ONLYRFC) &&
|
if( !(options&EXPORT_INCLUDE_NON_RFC) &&
|
||||||
(node = find_kbnode( keyblock, PKT_PUBLIC_KEY )) ) {
|
(node = find_kbnode( keyblock, PKT_PUBLIC_KEY )) ) {
|
||||||
PKT_public_key *pk = node->pkt->pkt.public_key;
|
PKT_public_key *pk = node->pkt->pkt.public_key;
|
||||||
if( pk->version == 3 && pk->pubkey_algo > 3 ) {
|
if( pk->version == 3 && pk->pubkey_algo > 3 ) {
|
||||||
@ -213,14 +258,16 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int flags, int *any )
|
|||||||
|
|
||||||
if( node->pkt->pkttype == PKT_SIGNATURE ) {
|
if( node->pkt->pkttype == PKT_SIGNATURE ) {
|
||||||
/* do not export packets which are marked as not exportable */
|
/* do not export packets which are marked as not exportable */
|
||||||
if( !node->pkt->pkt.signature->flags.exportable )
|
if( !(options&EXPORT_INCLUDE_LOCAL_SIGS) &&
|
||||||
|
!node->pkt->pkt.signature->flags.exportable )
|
||||||
continue; /* not exportable */
|
continue; /* not exportable */
|
||||||
|
|
||||||
/* do not export packets with a "sensitive" revocation
|
/* do not export packets with a "sensitive" revocation
|
||||||
key. This will need revisiting when we start
|
key. This will need revisiting when we start
|
||||||
supporting creating revocation keys and not just
|
supporting creating revocation keys and not just
|
||||||
reading them. */
|
reading them. */
|
||||||
if( node->pkt->pkt.signature->revkey ) {
|
if( !(options&EXPORT_INCLUDE_SENSITIVE_REVKEYS) &&
|
||||||
|
node->pkt->pkt.signature->revkey ) {
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
for(i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
|
for(i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
|
||||||
@ -234,7 +281,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int flags, int *any )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Don't export attribs? */
|
/* Don't export attribs? */
|
||||||
if( (flags&EXPORT_FLAG_SKIPATTRIBS) &&
|
if( !(options&EXPORT_INCLUDE_ATTRIBUTES) &&
|
||||||
node->pkt->pkttype == PKT_USER_ID &&
|
node->pkt->pkttype == PKT_USER_ID &&
|
||||||
node->pkt->pkt.user_id->attrib_data ) {
|
node->pkt->pkt.user_id->attrib_data ) {
|
||||||
/* Skip until we get to something that is not an attrib
|
/* Skip until we get to something that is not an attrib
|
||||||
|
16
g10/g10.c
16
g10/g10.c
@ -237,6 +237,7 @@ enum cmd_and_opt_values { aNull = 0,
|
|||||||
oLockNever,
|
oLockNever,
|
||||||
oKeyServer,
|
oKeyServer,
|
||||||
oKeyServerOptions,
|
oKeyServerOptions,
|
||||||
|
oExportOptions,
|
||||||
oTempDir,
|
oTempDir,
|
||||||
oExecPath,
|
oExecPath,
|
||||||
oEncryptTo,
|
oEncryptTo,
|
||||||
@ -409,6 +410,7 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ oDefaultKey, "default-key" ,2, N_("|NAME|use NAME as default secret key")},
|
{ oDefaultKey, "default-key" ,2, N_("|NAME|use NAME as default secret key")},
|
||||||
{ oKeyServer, "keyserver",2, N_("|HOST|use this keyserver to lookup keys")},
|
{ oKeyServer, "keyserver",2, N_("|HOST|use this keyserver to lookup keys")},
|
||||||
{ oKeyServerOptions, "keyserver-options",2,"@"},
|
{ oKeyServerOptions, "keyserver-options",2,"@"},
|
||||||
|
{ oExportOptions, "export-options",2,"@"},
|
||||||
{ oCharset, "charset" , 2, N_("|NAME|set terminal charset to NAME") },
|
{ oCharset, "charset" , 2, N_("|NAME|set terminal charset to NAME") },
|
||||||
{ oOptions, "options" , 2, N_("read options from file")},
|
{ oOptions, "options" , 2, N_("read options from file")},
|
||||||
|
|
||||||
@ -902,6 +904,8 @@ main( int argc, char **argv )
|
|||||||
opt.pgp2_workarounds = 1;
|
opt.pgp2_workarounds = 1;
|
||||||
opt.force_v3_sigs = 1;
|
opt.force_v3_sigs = 1;
|
||||||
opt.escape_from = 1;
|
opt.escape_from = 1;
|
||||||
|
opt.export_options=EXPORT_DEFAULT;
|
||||||
|
opt.keyserver_options.export_options=EXPORT_DEFAULT;
|
||||||
opt.keyserver_options.include_subkeys=1;
|
opt.keyserver_options.include_subkeys=1;
|
||||||
opt.keyserver_options.include_attributes=1;
|
opt.keyserver_options.include_attributes=1;
|
||||||
#if defined (__MINGW32__) || defined (__CYGWIN32__)
|
#if defined (__MINGW32__) || defined (__CYGWIN32__)
|
||||||
@ -1331,6 +1335,16 @@ main( int argc, char **argv )
|
|||||||
case oKeyServerOptions:
|
case oKeyServerOptions:
|
||||||
parse_keyserver_options(pargs.r.ret_str);
|
parse_keyserver_options(pargs.r.ret_str);
|
||||||
break;
|
break;
|
||||||
|
case oExportOptions:
|
||||||
|
if(!parse_export_options(pargs.r.ret_str,&opt.export_options))
|
||||||
|
{
|
||||||
|
if(configname)
|
||||||
|
log_error(_("%s:%d: invalid export options\n"),
|
||||||
|
configname,configlineno);
|
||||||
|
else
|
||||||
|
log_error(_("invalid export options\n"));
|
||||||
|
}
|
||||||
|
break;
|
||||||
case oTempDir: opt.temp_dir=pargs.r.ret_str; break;
|
case oTempDir: opt.temp_dir=pargs.r.ret_str; break;
|
||||||
case oExecPath:
|
case oExecPath:
|
||||||
#ifndef FIXED_EXEC_PATH
|
#ifndef FIXED_EXEC_PATH
|
||||||
@ -2009,7 +2023,7 @@ main( int argc, char **argv )
|
|||||||
else if( cmd == aRecvKeys )
|
else if( cmd == aRecvKeys )
|
||||||
keyserver_import( sl );
|
keyserver_import( sl );
|
||||||
else
|
else
|
||||||
export_pubkeys( sl, (cmd == aExport)?EXPORT_FLAG_ONLYRFC:0 );
|
export_pubkeys( sl, opt.export_options );
|
||||||
free_strlist(sl);
|
free_strlist(sl);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
@ -114,7 +114,6 @@ hkp_export( STRLIST users )
|
|||||||
IOBUF temp = iobuf_temp();
|
IOBUF temp = iobuf_temp();
|
||||||
struct http_context hd;
|
struct http_context hd;
|
||||||
char *request;
|
char *request;
|
||||||
int attribs=EXPORT_FLAG_ONLYRFC;
|
|
||||||
unsigned int status;
|
unsigned int status;
|
||||||
unsigned int hflags = opt.keyserver_options.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
|
unsigned int hflags = opt.keyserver_options.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
|
||||||
|
|
||||||
@ -124,10 +123,8 @@ hkp_export( STRLIST users )
|
|||||||
afx.what = 1;
|
afx.what = 1;
|
||||||
iobuf_push_filter( temp, armor_filter, &afx );
|
iobuf_push_filter( temp, armor_filter, &afx );
|
||||||
|
|
||||||
if(!opt.keyserver_options.include_attributes)
|
rc = export_pubkeys_stream( temp, users,
|
||||||
attribs|=EXPORT_FLAG_SKIPATTRIBS;
|
opt.keyserver_options.export_options );
|
||||||
|
|
||||||
rc = export_pubkeys_stream( temp, users, attribs );
|
|
||||||
if( rc == -1 ) {
|
if( rc == -1 ) {
|
||||||
iobuf_close(temp);
|
iobuf_close(temp);
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -110,7 +110,8 @@ parse_keyserver_options(char *options)
|
|||||||
else if(ascii_strcasecmp(tok,"no-use-temp-files")==0)
|
else if(ascii_strcasecmp(tok,"no-use-temp-files")==0)
|
||||||
opt.keyserver_options.use_temp_files=0;
|
opt.keyserver_options.use_temp_files=0;
|
||||||
#endif
|
#endif
|
||||||
else if(strlen(tok)>0)
|
else if(!parse_export_options(tok,
|
||||||
|
&opt.keyserver_options.export_options))
|
||||||
add_to_strlist(&opt.keyserver_options.other,tok);
|
add_to_strlist(&opt.keyserver_options.other,tok);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -451,10 +452,6 @@ keyserver_spawn(int action,STRLIST list,
|
|||||||
{
|
{
|
||||||
armor_filter_context_t afx;
|
armor_filter_context_t afx;
|
||||||
IOBUF buffer=iobuf_temp();
|
IOBUF buffer=iobuf_temp();
|
||||||
int attribs=EXPORT_FLAG_ONLYRFC;
|
|
||||||
|
|
||||||
if(!opt.keyserver_options.include_attributes)
|
|
||||||
attribs|=EXPORT_FLAG_SKIPATTRIBS;
|
|
||||||
|
|
||||||
temp=NULL;
|
temp=NULL;
|
||||||
add_to_strlist(&temp,key->d);
|
add_to_strlist(&temp,key->d);
|
||||||
@ -463,7 +460,8 @@ keyserver_spawn(int action,STRLIST list,
|
|||||||
afx.what=1;
|
afx.what=1;
|
||||||
iobuf_push_filter(buffer,armor_filter,&afx);
|
iobuf_push_filter(buffer,armor_filter,&afx);
|
||||||
|
|
||||||
if(export_pubkeys_stream(buffer,temp,attribs)==-1)
|
if(export_pubkeys_stream(buffer,temp,
|
||||||
|
opt.keyserver_options.export_options)==-1)
|
||||||
iobuf_close(buffer);
|
iobuf_close(buffer);
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
13
g10/main.h
13
g10/main.h
@ -159,10 +159,15 @@ void import_print_stats (void *hd);
|
|||||||
int collapse_uids( KBNODE *keyblock );
|
int collapse_uids( KBNODE *keyblock );
|
||||||
|
|
||||||
/*-- export.c --*/
|
/*-- export.c --*/
|
||||||
#define EXPORT_FLAG_ONLYRFC 1
|
#define EXPORT_INCLUDE_NON_RFC 1
|
||||||
#define EXPORT_FLAG_SKIPATTRIBS 2
|
#define EXPORT_INCLUDE_LOCAL_SIGS 2
|
||||||
int export_pubkeys( STRLIST users, int flags );
|
#define EXPORT_INCLUDE_ATTRIBUTES 4
|
||||||
int export_pubkeys_stream( IOBUF out, STRLIST users, int flags );
|
#define EXPORT_INCLUDE_SENSITIVE_REVKEYS 8
|
||||||
|
#define EXPORT_DEFAULT (1|4)
|
||||||
|
|
||||||
|
int parse_export_options(char *str,unsigned int *options);
|
||||||
|
int export_pubkeys( STRLIST users, unsigned int options );
|
||||||
|
int export_pubkeys_stream( IOBUF out, STRLIST users, unsigned int options );
|
||||||
int export_seckeys( STRLIST users );
|
int export_seckeys( STRLIST users );
|
||||||
int export_secsubkeys( STRLIST users );
|
int export_secsubkeys( STRLIST users );
|
||||||
|
|
||||||
|
@ -129,9 +129,11 @@ struct {
|
|||||||
int keep_temp_files;
|
int keep_temp_files;
|
||||||
int fake_v3_keyids;
|
int fake_v3_keyids;
|
||||||
int auto_key_retrieve;
|
int auto_key_retrieve;
|
||||||
|
unsigned int export_options;
|
||||||
STRLIST other;
|
STRLIST other;
|
||||||
} keyserver_options;
|
} keyserver_options;
|
||||||
int exec_disable;
|
int exec_disable;
|
||||||
|
unsigned int export_options;
|
||||||
char *def_preference_list;
|
char *def_preference_list;
|
||||||
prefitem_t *personal_cipher_prefs,
|
prefitem_t *personal_cipher_prefs,
|
||||||
*personal_digest_prefs,
|
*personal_digest_prefs,
|
||||||
|
Loading…
x
Reference in New Issue
Block a user