gpg: Do not use self-sigs-only for LDAP keyserver imports.

* dirmngr/ks-engine-ldap.c (ks_ldap_get): Print a SOURCE status. * g10/options.h (opts): New field expl_import_self_sigs_only. * g10/import.c (parse_import_options): Set it. * g10/keyserver.c (keyserver_get_chunk): Add special options for LDAP. -- I can be assumed that configured LDAP servers are somehow curated and not affected by rogue key signatures as the HKP servers are. Thus we can allow the import of key signature from LDAP keyservers by default. GnuPG-bug-id: 5387
2025-07-02 22:46:30 +02:00 · 2021-04-13 14:25:16 +02:00 · 2021-04-13 14:25:16 +02:00 · 1303b0ed84
commit 1303b0ed84
parent b0a7132856
5 changed files with 37 additions and 5 deletions
--- a/g10/import.c
+++ b/g10/import.c
@ -218,8 +218,20 @@ parse_import_options(char *str,unsigned int *options,int noisy)
      {NULL,0,NULL,NULL}
    };
  int rc;
+  int saved_self_sigs_only;
+
+  /* We need to set a flag indicating wether the user has set
+   * IMPORT_SELF_SIGS_ONLY or it came from the default.  */
+  saved_self_sigs_only = (*options & IMPORT_SELF_SIGS_ONLY);
+  saved_self_sigs_only &= ~IMPORT_SELF_SIGS_ONLY;

  rc = parse_options (str, options, import_opts, noisy);
+
+  if (rc && (*options & IMPORT_SELF_SIGS_ONLY))
+    opt.flags.expl_import_self_sigs_only = 1;
+  else
+    *options |= saved_self_sigs_only;
+
  if (rc && (*options & IMPORT_RESTORE))
    {
      /* Alter other options we want or don't want for restore.  */
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@ -1763,9 +1763,12 @@ keyserver_get_chunk (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc,
  if (opt.verbose && source)
    log_info ("data source: %s\n", source);

+
+
  if (!err)
    {
      struct ks_retrieval_screener_arg_s screenerarg;
+      unsigned int options;

      /* FIXME: Check whether this comment should be moved to dirmngr.

@ -1779,12 +1782,18 @@ keyserver_get_chunk (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc,
         never accept or send them but we better protect against rogue
         keyservers. */

+      /* For LDAP servers we reset IMPORT_SELF_SIGS_ONLY unless it has
+       * been set explicitly.  */
+      options = (opt.keyserver_options.import_options | IMPORT_NO_SECKEY);
+      if (source && (!strncmp (source, "ldap:", 5)
+                     || !strncmp (source, "ldaps:", 6))
+          && !opt.flags.expl_import_self_sigs_only)
+        options &= ~IMPORT_SELF_SIGS_ONLY;
+
      screenerarg.desc = desc;
      screenerarg.ndesc = *r_ndesc_used;
      import_keys_es_stream (ctrl, datastream, stats_handle,
-                             r_fpr, r_fprlen,
-                             (opt.keyserver_options.import_options
-                              | IMPORT_NO_SECKEY),
+                             r_fpr, r_fprlen, options,
                             keyserver_retrieval_screener, &screenerarg,
                             only_fprs? KEYORG_KS : 0,
                             source);
--- a/g10/options.h
+++ b/g10/options.h
@ -243,6 +243,9 @@ struct
    unsigned int use_only_openpgp_card:1;
    /* Force signing keys even if a key signature already exists.  */
    unsigned int force_sign_key:1;
+    /* The next flag is set internally iff IMPORT_SELF_SIGS_ONLY has
+     * been set by the user and is not the default value.  */
+    unsigned int expl_import_self_sigs_only:1;
  } flags;

  /* Linked list of ways to find a key if the key isn't on the local