* options.h, main.h, g10.c (main), import.c (parse_import_options,

delete_inv_parts), keyserver.c (parse_keyserver_options): add new
--import-options option.  The only current flag is "allow-local-sigs".

* g10.c (main): Don't disable MDC in pgp7 mode.

* options.h, g10.c (main), keyserver.c (parse_keyserver_options): Remove
old keyserver-option include-attributes now that there is an export-option
for the same thing.

g10/ChangeLog

@@ -1,5 +1,16 @@
 2002-07-22  David Shaw  <dshaw@jabberwocky.com>
 
+	* options.h, main.h, g10.c (main), import.c
+	(parse_import_options, delete_inv_parts), keyserver.c
+	(parse_keyserver_options): add new --import-options option.  The
+	only current flag is "allow-local-sigs".
+
+	* g10.c (main): Don't disable MDC in pgp7 mode.
+
+	* options.h, g10.c (main), keyserver.c (parse_keyserver_options):
+	Remove old keyserver-option include-attributes now that there is
+	an export-option for the same thing.
+
 	* options.h, main.h, export.c (parse_export_options,
 	do_export_stream), g10.c (main): add new --export-options option.
 	Current flags are "include-non-rfc", "include-local-sigs",

g10/g10.c

@@ -237,6 +237,7 @@ enum cmd_and_opt_values { aNull = 0,
     oLockNever,
     oKeyServer,
     oKeyServerOptions,
+    oImportOptions,
     oExportOptions,
     oTempDir,
     oExecPath,
@@ -410,6 +411,7 @@ static ARGPARSE_OPTS opts[] = {
     { oDefaultKey, "default-key" ,2, N_("|NAME|use NAME as default secret key")},
     { oKeyServer, "keyserver",2, N_("|HOST|use this keyserver to lookup keys")},
     { oKeyServerOptions, "keyserver-options",2,"@"},
+    { oImportOptions, "import-options",2,"@"},
     { oExportOptions, "export-options",2,"@"},
     { oCharset, "charset"   , 2, N_("|NAME|set terminal charset to NAME") },
     { oOptions, "options"   , 2, N_("read options from file")},
@@ -904,10 +906,11 @@ main( int argc, char **argv )
     opt.pgp2_workarounds = 1;
     opt.force_v3_sigs = 1;
     opt.escape_from = 1;
+    opt.import_options=IMPORT_DEFAULT;
     opt.export_options=EXPORT_DEFAULT;
+    opt.keyserver_options.import_options=IMPORT_DEFAULT;
     opt.keyserver_options.export_options=EXPORT_DEFAULT;
     opt.keyserver_options.include_subkeys=1;
-    opt.keyserver_options.include_attributes=1;
 #if defined (__MINGW32__) || defined (__CYGWIN32__)
     opt.homedir = read_w32_registry_string( NULL, "Software\\GNU\\GnuPG", "HomeDir" );
 #else
@@ -1335,6 +1338,16 @@ main( int argc, char **argv )
 	  case oKeyServerOptions:
 	    parse_keyserver_options(pargs.r.ret_str);
 	    break;
+	  case oImportOptions:
+	    if(!parse_import_options(pargs.r.ret_str,&opt.import_options))
+	      {
+		if(configname)
+		  log_error(_("%s:%d: invalid import options\n"),
+			    configname,configlineno);
+		else
+		  log_error(_("invalid import options\n"));
+	      }
+	    break;
 	  case oExportOptions:
 	    if(!parse_export_options(pargs.r.ret_str,&opt.export_options))
 	      {
@@ -1591,13 +1604,17 @@ main( int argc, char **argv )
 
 	if(opt.pgp6 || opt.pgp7)
 	  {
-	    opt.force_mdc=0;
-	    opt.disable_mdc=1;
 	    opt.sk_comments=0;
 	    opt.escape_from=1;
 	    opt.force_v3_sigs=1;
 	    opt.ask_sig_expire=0;
 	    opt.def_compress_algo=1;
+
+	    if(opt.pgp6) /* pgp7 has MDC */
+	      {
+		opt.force_mdc=0;
+		opt.disable_mdc=1;
+	      }
 	  }
       }
 

g10/import.c

@@ -81,6 +81,48 @@ static int merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs,
 			     const char *fname, u32 *keyid );
 
 
+int
+parse_import_options(char *str,unsigned int *options)
+{
+  char *tok;
+  int hit=0;
+  struct
+  {
+    char *name;
+    unsigned int bit;
+  } import_opts[]=
+    {
+      {"allow-local-sigs",IMPORT_ALLOW_LOCAL_SIGS},
+      {NULL,0}
+    };
+
+  while((tok=strsep(&str," ,")))
+    {
+      int i,rev=0;
+
+      if(ascii_memcasecmp("no-",tok,3)==0)
+	rev=1;
+
+      for(i=0;import_opts[i].name;i++)
+	{
+	  if(ascii_strcasecmp(import_opts[i].name,tok)==0)
+	    {
+	      if(rev)
+		*options&=~import_opts[i].bit;
+	      else
+		*options|=import_opts[i].bit;
+	      hit=1;
+	      break;
+	    }
+	}
+
+      if(!hit && !import_opts[i].name)
+	return 0;
+    }
+
+  return hit;
+}
+
 void *
 import_new_stats_handle (void)
 {
@@ -1039,6 +1081,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
 	    delete_kbnode( node ); /* build_packet() can't handle this */
 	else if( node->pkt->pkttype == PKT_SIGNATURE &&
 		 !node->pkt->pkt.signature->flags.exportable &&
+		 !(opt.import_options&IMPORT_ALLOW_LOCAL_SIGS) &&
 		 seckey_available( node->pkt->pkt.signature->keyid ) ) {
 	    /* here we violate the rfc a bit by still allowing
 	     * to import non-exportable signature when we have the

g10/keyserver.c

@@ -54,7 +54,6 @@ struct kopts
   {"include-revoked",1,&opt.keyserver_options.include_revoked},
   {"include-disabled",1,&opt.keyserver_options.include_disabled},
   {"include-subkeys",1,&opt.keyserver_options.include_subkeys},
-  {"include-attributes",0,&opt.keyserver_options.include_attributes},
   {"keep-temp-files",0,&opt.keyserver_options.keep_temp_files},
   {"honor-http-proxy",1,&opt.keyserver_options.honor_http_proxy},
   {"broken-http-proxy",1,&opt.keyserver_options.broken_http_proxy},
@@ -110,9 +109,12 @@ parse_keyserver_options(char *options)
 	  else if(ascii_strcasecmp(tok,"no-use-temp-files")==0)
 	    opt.keyserver_options.use_temp_files=0;
 #endif
-	  else if(!parse_export_options(tok,
-					&opt.keyserver_options.export_options))
-	    add_to_strlist(&opt.keyserver_options.other,tok);
+	  else
+	    if(!parse_import_options(tok,
+				     &opt.keyserver_options.import_options) &&
+	       !parse_export_options(tok,
+				     &opt.keyserver_options.export_options))
+	      add_to_strlist(&opt.keyserver_options.other,tok);
 	}
     }
 }

g10/main.h

@@ -150,6 +150,11 @@ KBNODE make_comment_node( const char *s );
 KBNODE make_mpi_comment_node( const char *s, MPI a );
 
 /*-- import.c --*/
+/* 1, 4, and 8 are reserved so they match the EXPORT_* flags below */
+#define IMPORT_ALLOW_LOCAL_SIGS 2
+#define IMPORT_DEFAULT          0
+
+int parse_import_options(char *str,unsigned int *options);
 void import_keys( char **fnames, int nnames, int fast, void *stats_hd );
 int import_keys_stream( IOBUF inp, int fast, void *stats_hd );
 void *import_new_stats_handle (void);
@@ -159,11 +164,11 @@ void import_print_stats (void *hd);
 int collapse_uids( KBNODE *keyblock );
 
 /*-- export.c --*/
-#define EXPORT_INCLUDE_NON_RFC    1
-#define EXPORT_INCLUDE_LOCAL_SIGS 2
-#define EXPORT_INCLUDE_ATTRIBUTES 4
+#define EXPORT_INCLUDE_NON_RFC           1
+#define EXPORT_INCLUDE_LOCAL_SIGS        2
+#define EXPORT_INCLUDE_ATTRIBUTES        4
 #define EXPORT_INCLUDE_SENSITIVE_REVKEYS 8
-#define EXPORT_DEFAULT (1|4)
+#define EXPORT_DEFAULT                   (1|4)
 
 int parse_export_options(char *str,unsigned int *options);
 int export_pubkeys( STRLIST users, unsigned int options );

g10/options.h

@@ -122,17 +122,18 @@ struct {
       int include_revoked;
       int include_disabled;
       int include_subkeys;
-      int include_attributes;
       int honor_http_proxy;
       int broken_http_proxy;
       int use_temp_files;
       int keep_temp_files;
       int fake_v3_keyids;
       int auto_key_retrieve;
+      unsigned int import_options;
       unsigned int export_options;
       STRLIST other;
     } keyserver_options;
     int exec_disable;
+    unsigned int import_options;
     unsigned int export_options;
     char *def_preference_list;
     prefitem_t *personal_cipher_prefs,