mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-09 12:54:23 +01:00
* options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
(keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be consistent with honor-keyserver-url.
This commit is contained in:
David Shaw
parent
7eab1846ca
commit
477defdb1b
@ -1,5 +1,9 @@
|
|||||||
2006-02-22 David Shaw <dshaw@jabberwocky.com>
|
2006-02-22 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* options.h, gpg.c (main), mainproc.c (check_sig_and_print),
|
||||||
|
keyserver.c (keyserver_opts): Rename auto-pka-retrieve to
|
||||||
|
honor-pka-record to be consistent with honor-keyserver-url.
|
||||||
|
|
||||||
* options.h, keydb.h, g10.c (main), getkey.c
|
* options.h, keydb.h, g10.c (main), getkey.c
|
||||||
(parse_auto_key_locate): Parse a list of key access methods.
|
(parse_auto_key_locate): Parse a list of key access methods.
|
||||||
(get_pubkey_byname): Walk the list here to try and retrieve keys
|
(get_pubkey_byname): Walk the list here to try and retrieve keys
|
||||||
|
|||||||
@ -1731,7 +1731,7 @@ main (int argc, char **argv )
|
|||||||
opt.keyserver_options.import_options=IMPORT_REPAIR_PKS_SUBKEY_BUG;
|
opt.keyserver_options.import_options=IMPORT_REPAIR_PKS_SUBKEY_BUG;
|
||||||
opt.keyserver_options.export_options=EXPORT_ATTRIBUTES;
|
opt.keyserver_options.export_options=EXPORT_ATTRIBUTES;
|
||||||
opt.keyserver_options.options=
|
opt.keyserver_options.options=
|
||||||
KEYSERVER_INCLUDE_SUBKEYS|KEYSERVER_INCLUDE_REVOKED|KEYSERVER_TRY_DNS_SRV|KEYSERVER_HONOR_KEYSERVER_URL|KEYSERVER_AUTO_PKA_RETRIEVE;
|
KEYSERVER_INCLUDE_SUBKEYS|KEYSERVER_INCLUDE_REVOKED|KEYSERVER_TRY_DNS_SRV|KEYSERVER_HONOR_KEYSERVER_URL|KEYSERVER_HONOR_PKA_RECORD;
|
||||||
opt.verify_options=
|
opt.verify_options=
|
||||||
VERIFY_SHOW_POLICY_URLS|VERIFY_SHOW_STD_NOTATIONS|VERIFY_SHOW_KEYSERVER_URLS;
|
VERIFY_SHOW_POLICY_URLS|VERIFY_SHOW_STD_NOTATIONS|VERIFY_SHOW_KEYSERVER_URLS;
|
||||||
opt.trust_model=TM_AUTO;
|
opt.trust_model=TM_AUTO;
|
||||||
|
|||||||
@ -85,14 +85,14 @@ static struct parse_options keyserver_opts[]=
|
|||||||
NULL},
|
NULL},
|
||||||
{"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
|
{"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
|
||||||
N_("automatically retrieve keys when verifying signatures")},
|
N_("automatically retrieve keys when verifying signatures")},
|
||||||
{"auto-pka-retrieve",KEYSERVER_AUTO_PKA_RETRIEVE,NULL,
|
|
||||||
N_("automatically retrieve keys from PKA records")},
|
|
||||||
{"auto-cert-retrieve",KEYSERVER_AUTO_CERT_RETRIEVE,NULL,
|
{"auto-cert-retrieve",KEYSERVER_AUTO_CERT_RETRIEVE,NULL,
|
||||||
N_("automatically retrieve keys from DNS")},
|
N_("automatically retrieve keys from DNS")},
|
||||||
{"try-dns-srv",KEYSERVER_TRY_DNS_SRV,NULL,
|
{"try-dns-srv",KEYSERVER_TRY_DNS_SRV,NULL,
|
||||||
NULL},
|
NULL},
|
||||||
{"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
|
{"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
|
||||||
N_("honor the preferred keyserver URL set on the key")},
|
N_("honor the preferred keyserver URL set on the key")},
|
||||||
|
{"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL,
|
||||||
|
N_("honor the PKA record set on a key when retrieving keys")},
|
||||||
{NULL,0,NULL,NULL}
|
{NULL,0,NULL,NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -1740,7 +1740,7 @@ keyidlist(STRLIST users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
|
|||||||
/* Try and parse the keyserver URL. If it doesn't work,
|
/* Try and parse the keyserver URL. If it doesn't work,
|
||||||
then we end up writing NULL which indicates we are
|
then we end up writing NULL which indicates we are
|
||||||
the same as any other key. */
|
the same as any other key. */
|
||||||
if(uid && sig)
|
if(sig)
|
||||||
(*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
|
(*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1977,7 +1977,8 @@ keyserver_import_cert(const char *name)
|
|||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Import key pointed to by a PKA record */
|
/* Import key pointed to by a PKA record. Return the requested
|
||||||
|
fingerprint in fpr. */
|
||||||
int
|
int
|
||||||
keyserver_import_pka(const char *name,unsigned char *fpr)
|
keyserver_import_pka(const char *name,unsigned char *fpr)
|
||||||
{
|
{
|
||||||
@ -2041,6 +2042,11 @@ keyserver_import_ldap(const char *name)
|
|||||||
keyserver->host=xmalloc(5+strlen(domain)+1);
|
keyserver->host=xmalloc(5+strlen(domain)+1);
|
||||||
strcpy(keyserver->host,"keys.");
|
strcpy(keyserver->host,"keys.");
|
||||||
strcat(keyserver->host,domain);
|
strcat(keyserver->host,domain);
|
||||||
|
keyserver->uri=xmalloc(strlen(keyserver->scheme)+
|
||||||
|
3+strlen(keyserver->host)+1);
|
||||||
|
strcpy(keyserver->uri,keyserver->scheme);
|
||||||
|
strcat(keyserver->uri,"://");
|
||||||
|
strcat(keyserver->uri,keyserver->host);
|
||||||
|
|
||||||
rc=keyserver_work(KS_GETNAME,list,NULL,0,keyserver);
|
rc=keyserver_work(KS_GETNAME,list,NULL,0,keyserver);
|
||||||
|
|
||||||
|
|||||||
@ -1530,11 +1530,11 @@ check_sig_and_print( CTX c, KBNODE node )
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* If the preferred keyserver thing above didn't work, our second
|
/* If the preferred keyserver thing above didn't work, our second
|
||||||
try is to use the URI from a DNS PKA record. */
|
try is to use the URI from a DNS PKA record. */
|
||||||
if ( rc == G10ERR_NO_PUBKEY
|
if ( rc == G10ERR_NO_PUBKEY
|
||||||
&& (opt.keyserver_options.options&KEYSERVER_AUTO_PKA_RETRIEVE))
|
&& opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
|
||||||
|
&& opt.keyserver_options.options&KEYSERVER_HONOR_PKA_RECORD)
|
||||||
{
|
{
|
||||||
const char *uri = pka_uri_from_sig (sig);
|
const char *uri = pka_uri_from_sig (sig);
|
||||||
|
|
||||||
@ -1558,12 +1558,11 @@ check_sig_and_print( CTX c, KBNODE node )
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* If the preferred keyserver thing above didn't work and we got
|
/* If the preferred keyserver thing above didn't work and we got
|
||||||
no information from the DNS PKA, this is a third try. */
|
no information from the DNS PKA, this is a third try. */
|
||||||
|
|
||||||
if( rc == G10ERR_NO_PUBKEY && opt.keyserver
|
if( rc == G10ERR_NO_PUBKEY && opt.keyserver
|
||||||
&& (opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE))
|
&& opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE)
|
||||||
{
|
{
|
||||||
int res;
|
int res;
|
||||||
|
|
||||||
|
|||||||
@ -319,7 +319,7 @@ struct {
|
|||||||
#define KEYSERVER_AUTO_KEY_RETRIEVE (1<<5)
|
#define KEYSERVER_AUTO_KEY_RETRIEVE (1<<5)
|
||||||
#define KEYSERVER_TRY_DNS_SRV (1<<6)
|
#define KEYSERVER_TRY_DNS_SRV (1<<6)
|
||||||
#define KEYSERVER_HONOR_KEYSERVER_URL (1<<7)
|
#define KEYSERVER_HONOR_KEYSERVER_URL (1<<7)
|
||||||
#define KEYSERVER_AUTO_PKA_RETRIEVE (1<<8)
|
#define KEYSERVER_HONOR_PKA_RECORD (1<<8)
|
||||||
#define KEYSERVER_AUTO_CERT_RETRIEVE (1<<9)
|
#define KEYSERVER_AUTO_CERT_RETRIEVE (1<<9)
|
||||||
|
|
||||||
#endif /*G10_OPTIONS_H*/
|
#endif /*G10_OPTIONS_H*/
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user