gpg: New command --locate-external-key.

* g10/gpg.c (aLocateExtKeys): New.
(opts): Add --locate-external-keys.
(main): Implement that.
* g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL.
(get_best_pubkey_byname): Add arg 'mode' and pass on to
get_pubkey_byname.  Change callers.
* g10/keylist.c (public_key_list): Add arg 'no_local'.
(locate_one): Ditto.  Pass on to get_best_pubkey_byname.
--

This new command is a shortcut for

  --auto-key-locate nodefault,clear,wkd,... --locate-key

and uses the default or configured AKL list but does so without local.

See also
GnuPG-bug-id: 4599

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d00c8024e58822e0623b3fad99248ce68a8b7725)

doc/gpg.texi

@@ -346,12 +346,17 @@ numbers 1-9 or "T" for 10 and above to indicate trust signature levels
 
 
 @item --locate-keys
+@itemx --locate-external-keys
 @opindex locate-keys
+@opindex locate-external-keys
 Locate the keys given as arguments.  This command basically uses the
-same algorithm as used when locating keys for encryption or signing and
+same algorithm as used when locating keys for encryption or signing
-may thus be used to see what keys @command{@gpgname} might use.  In
+and may thus be used to see what keys @command{@gpgname} might use.
-particular external methods as defined by @option{--auto-key-locate} may
+In particular external methods as defined by
-be used to locate a key.  Only public keys are listed.
+@option{--auto-key-locate} may be used to locate a key.  Only public
+keys are listed.  The variant @option{--locate-external-keys} does not
+consider a locally existing key and can thus be used to force the
+refresh of a key via the defined external methods.
 
 @item --show-keys
 @opindex show-keys

g10/getkey.c

@@ -1043,7 +1043,9 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
    * Note: we only save the search context in RETCTX if the local
    * method is the first method tried (either explicitly or
    * implicitly).  */
-  if (mode != GET_PUBKEY_NO_AKL)
+  if (mode == GET_PUBKEY_NO_LOCAL)
+    nodefault = 1;  /* Auto-key-locate but ignore "local".  */
+  else if (mode != GET_PUBKEY_NO_AKL)
     {
       /* auto-key-locate is enabled.  */
 
@@ -1072,7 +1074,13 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
       anylocalfirst = 1;
     }
 
-  if (nodefault && is_mbox)
+  if (mode == GET_PUBKEY_NO_LOCAL)
+    {
+      /* Force using the AKL.  If IS_MBOX is not set this is the final
+       * error code.  */
+      rc = GPG_ERR_NO_PUBKEY;
+    }
+  else if (nodefault && is_mbox)
     {
       /* Either "nodefault" or "local" (explicitly) appeared in the
        * auto key locate list and NAME appears to be an email address.
@@ -1119,17 +1127,25 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
 	      break;
 
 	    case AKL_LOCAL:
-	      mechanism_string = "Local";
+              if (mode == GET_PUBKEY_NO_LOCAL)
-	      did_akl_local = 1;
+                {
-	      if (retctx)
+                  mechanism_string = "None";
-		{
+                  rc = GPG_ERR_NO_PUBKEY;
-		  getkey_end (ctrl, *retctx);
+                }
-		  *retctx = NULL;
+              else
-		}
+                {
-	      add_to_strlist (&namelist, name);
+                  mechanism_string = "Local";
-	      rc = key_byname (ctrl, anylocalfirst ? retctx : NULL,
+                  did_akl_local = 1;
-			       namelist, pk, 0,
+                  if (retctx)
-			       include_unusable, ret_keyblock, ret_kdbhd);
+                    {
+                      getkey_end (ctrl, *retctx);
+                      *retctx = NULL;
+                    }
+                  add_to_strlist (&namelist, name);
+                  rc = key_byname (ctrl, anylocalfirst ? retctx : NULL,
+                                   namelist, pk, 0,
+                                   include_unusable, ret_keyblock, ret_kdbhd);
+                }
 	      break;
 
 	    case AKL_CERT:
@@ -1264,7 +1280,6 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
 	}
     }
 
-
   if (rc && retctx)
     {
       getkey_end (ctrl, *retctx);
@@ -1417,7 +1432,8 @@ pubkey_cmp (ctrl_t ctrl, const char *name, struct pubkey_cmp_cookie *old,
  * resembles a mail address, the results are ranked and only the best
  * result is returned.  */
 gpg_error_t
-get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
+get_best_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
+                        GETKEY_CTX *retctx, PKT_public_key *pk,
                         const char *name, KBNODE *ret_keyblock,
                         int include_unusable)
 {
@@ -1440,7 +1456,7 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
       getkey_end (ctrl, ctx);
       ctx = NULL;
     }
-  err = get_pubkey_byname (ctrl, GET_PUBKEY_NORMAL,
+  err = get_pubkey_byname (ctrl, mode,
                            &ctx, pk, name, ret_keyblock,
                            NULL, include_unusable);
   if (err)

g10/gpg.c

@@ -147,6 +147,7 @@ enum cmd_and_opt_values
     aSendKeys,
     aRecvKeys,
     aLocateKeys,
+    aLocateExtKeys,
     aSearchKeys,
     aRefreshKeys,
     aFetchKeys,
@@ -499,6 +500,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_c (aRefreshKeys, "refresh-keys",
               N_("update all keys from a keyserver")),
   ARGPARSE_c (aLocateKeys, "locate-keys", "@"),
+  ARGPARSE_c (aLocateExtKeys, "locate-external-keys", "@"),
   ARGPARSE_c (aFetchKeys, "fetch-keys" , "@" ),
   ARGPARSE_c (aShowKeys, "show-keys" , "@" ),
   ARGPARSE_c (aExportSecret, "export-secret-keys" , "@" ),
@@ -2561,6 +2563,7 @@ main (int argc, char **argv)
 #endif /* ENABLE_CARD_SUPPORT*/
 	  case aListKeys:
 	  case aLocateKeys:
+	  case aLocateExtKeys:
 	  case aListSigs:
 	  case aExportSecret:
 	  case aExportSecretSub:
@@ -4415,7 +4418,7 @@ main (int argc, char **argv)
 	sl = NULL;
 	for( ; argc; argc--, argv++ )
 	    add_to_strlist2( &sl, *argv, utf8_strings );
-	public_key_list (ctrl, sl, 0);
+	public_key_list (ctrl, sl, 0, 0);
 	free_strlist(sl);
 	break;
       case aListSecretKeys:
@@ -4426,10 +4429,11 @@ main (int argc, char **argv)
 	free_strlist(sl);
 	break;
       case aLocateKeys:
+      case aLocateExtKeys:
 	sl = NULL;
 	for (; argc; argc--, argv++)
           add_to_strlist2( &sl, *argv, utf8_strings );
-	public_key_list (ctrl, sl, 1);
+	public_key_list (ctrl, sl, 1, cmd == aLocateExtKeys);
 	free_strlist (sl);
 	break;
 

g10/keydb.h

@@ -363,7 +363,7 @@ int get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
 
 /* Likewise, but only return the best match if NAME resembles a mail
  * address.  */
-gpg_error_t get_best_pubkey_byname (ctrl_t ctrl,
+gpg_error_t get_best_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
                                     GETKEY_CTX *retctx, PKT_public_key *pk,
                                     const char *name, KBNODE *ret_keyblock,
                                     int include_unusable);

g10/keylist.c

@@ -50,7 +50,7 @@
 static void list_all (ctrl_t, int, int);
 static void list_one (ctrl_t ctrl,
                       strlist_t names, int secret, int mark_secret);
-static void locate_one (ctrl_t ctrl, strlist_t names);
+static void locate_one (ctrl_t ctrl, strlist_t names, int no_local);
 static void print_card_serialno (const char *serialno);
 
 struct keylist_context
@@ -82,10 +82,11 @@ keylist_context_release (struct keylist_context *listctx)
 
 
 /* List the keys.  If list is NULL, all available keys are listed.
-   With LOCATE_MODE set the locate algorithm is used to find a
+ * With LOCATE_MODE set the locate algorithm is used to find a key; if
-   key.  */
+ * in addition NO_LOCAL is set the locate does not look into the local
+ * keyring.  */
 void
-public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
+public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode, int no_local)
 {
 #ifndef NO_TRUST_MODELS
   if (opt.with_colons)
@@ -139,7 +140,7 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
 #endif
 
   if (locate_mode)
-    locate_one (ctrl, list);
+    locate_one (ctrl, list, no_local);
   else if (!list)
     list_all (ctrl, 0, opt.with_secret);
   else
@@ -641,7 +642,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
 
 
 static void
-locate_one (ctrl_t ctrl, strlist_t names)
+locate_one (ctrl_t ctrl, strlist_t names, int no_local)
 {
   int rc = 0;
   strlist_t sl;
@@ -655,7 +656,10 @@ locate_one (ctrl_t ctrl, strlist_t names)
 
   for (sl = names; sl; sl = sl->next)
     {
-      rc = get_best_pubkey_byname (ctrl, &ctx, NULL, sl->d, &keyblock, 1);
+      rc = get_best_pubkey_byname (ctrl,
+                                   no_local? GET_PUBKEY_NO_LOCAL
+                                   /*    */: GET_PUBKEY_NORMAL,
+                                   &ctx, NULL, sl->d, &keyblock, 1);
       if (rc)
 	{
 	  if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY)

g10/main.h

@@ -438,7 +438,8 @@ struct revocation_reason_info * get_default_uid_revocation_reason(void);
 void release_revocation_reason_info( struct revocation_reason_info *reason );
 
 /*-- keylist.c --*/
-void public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode );
+void public_key_list (ctrl_t ctrl, strlist_t list,
+                      int locate_mode, int no_local);
 void secret_key_list (ctrl_t ctrl, strlist_t list );
 void print_subpackets_colon(PKT_signature *sig);
 void reorder_keyblock (KBNODE keyblock);

g10/pkclist.c

@@ -834,7 +834,8 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
   if (from_file)
     rc = get_pubkey_fromfile (ctrl, pk, name);
   else
-    rc = get_best_pubkey_byname (ctrl, NULL, pk, name, &keyblock, 0);
+    rc = get_best_pubkey_byname (ctrl, GET_PUBKEY_NORMAL,
+                                 NULL, pk, name, &keyblock, 0);
   if (rc)
     {
       int code;