* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since

they at least handle subkeys correctly. * options.h, g10.c (main), main.h, keylist.c (show_keyserver_url), mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt, can_handle_critical): Add read-only support for preferred keyserver subpackets. They're basically policy URLs with a different name. Add a verify-option "show-preferred-keyserver" to turn them on and off (on by default, as per stable branch). * g10.c (main): Add "--set-notation" as alias to "--notation-data" this is to make things consistent with --set-policy-url meaning both sigs and certs.
2025-03-20 21:29:58 +01:00 · 2003-06-05 02:06:12 +00:00 · 2003-06-05 02:06:12 +00:00 · 4d3fecee56
commit 4d3fecee56
parent a58ce94d8e
8 changed files with 86 additions and 14 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,20 @@
+2003-06-04  David Shaw  <dshaw@jabberwocky.com>
+
+	* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver
+	since they at least handle subkeys correctly.
+
+	* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
+	mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
+	parse_one_sig_subpkt, can_handle_critical): Add read-only support
+	for preferred keyserver subpackets.  They're basically policy URLs
+	with a different name.  Add a verify-option
+	"show-preferred-keyserver" to turn them on and off (on by default,
+	as per stable branch).
+
+	* g10.c (main): Add "--set-notation" as alias to "--notation-data"
+	this is to make things consistent with --set-policy-url meaning
+	both sigs and certs.
+
 2003-06-03  David Shaw  <dshaw@jabberwocky.com>

 	* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
--- a/g10/g10.c
+++ b/g10/g10.c
@ -71,7 +71,7 @@ enum cmd_and_opt_values { aNull = 0,
    oUser	  = 'u',
    oVerbose	  = 'v',
    oCompress	  = 'z',
-    oNotation	  = 'N',
+    oSetNotation  = 'N',
    oBatch	  = 500,
    oSigNotation,
    oCertNotation,
@ -485,9 +485,10 @@ static ARGPARSE_OPTS opts[] = {
    { oShowPhotos,   "show-photos", 0, "@" },
    { oNoShowPhotos, "no-show-photos", 0, "@" },
    { oPhotoViewer,  "photo-viewer", 2, "@" },
-    { oNotation,   "notation-data", 2, "@" },
-    { oSigNotation,   "sig-notation", 2, "@" },
-    { oCertNotation,  "cert-notation", 2, "@" },
+    { oSetNotation,  "set-notation", 2, "@" },
+    { oSetNotation,  "notation-data", 2, "@" }, /* Alias */
+    { oSigNotation,  "sig-notation", 2, "@" },
+    { oCertNotation, "cert-notation", 2, "@" },

    { 302, NULL, 0, N_(
  "@\n(See the man page for a complete listing of all commands and options)\n"
@ -1176,7 +1177,8 @@ main( int argc, char **argv )
    opt.keyserver_options.include_subkeys=1;
    opt.keyserver_options.include_revoked=1;
    opt.keyserver_options.try_dns_srv=1;
-    opt.verify_options=VERIFY_SHOW_POLICY|VERIFY_SHOW_NOTATION;
+    opt.verify_options=
+      VERIFY_SHOW_POLICY|VERIFY_SHOW_NOTATION|VERIFY_SHOW_KEYSERVER;
    opt.trust_model=TM_AUTO;
    opt.mangle_dos_filenames = 1;

@ -1775,6 +1777,7 @@ main( int argc, char **argv )
 		  {"show-photos",VERIFY_SHOW_PHOTOS},
 		  {"show-policy-url",VERIFY_SHOW_POLICY},
 		  {"show-notation",VERIFY_SHOW_NOTATION},
+		  {"show-preferred-keyserver",VERIFY_SHOW_KEYSERVER},
 		  {NULL,0}
 		};

@ -1795,7 +1798,7 @@ main( int argc, char **argv )
 	    else
 	      opt.exec_path_set=1;
 	    break;
-	  case oNotation:
+	  case oSetNotation:
 	    add_notation_data( pargs.r.ret_str, 0 );
 	    add_notation_data( pargs.r.ret_str, 1 );
 	    break;
--- a/g10/keylist.c
+++ b/g10/keylist.c
@ -162,6 +162,47 @@ show_policy_url(PKT_signature *sig,int indent,int mode)
  mode=2 for status messages only
 */

+void
+show_keyserver_url(PKT_signature *sig,int indent,int mode)
+{
+  const byte *p;
+  size_t len;
+  int seq=0,crit;
+  FILE *fp=mode?log_stream():stdout;
+
+  while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&len,&seq,&crit)))
+    {
+      if(mode!=2)
+	{
+	  int i;
+	  char *str;
+
+	  for(i=0;i<indent;i++)
+	    putchar(' ');
+
+	  /* This isn't UTF8 as it is a URL(?) */
+	  if(crit)
+	    str=_("Critical preferred keyserver: ");
+	  else
+	    str=_("Preferred keyserver: ");
+	  if(mode)
+	    log_info("%s",str);
+	  else
+	    printf("%s",str);
+	  print_string(fp,p,len,0);
+	  fprintf(fp,"\n");
+	}
+
+      /* TODO: put in a status-fd tag for preferred keyservers */
+    }
+}
+
+/*
+  mode=0 for stdout.
+  mode=1 for log_info + status messages
+  mode=2 for status messages only
+*/
+
 void
 show_notation(PKT_signature *sig,int indent,int mode)
 {
--- a/g10/main.h
+++ b/g10/main.h
@ -209,6 +209,7 @@ void reorder_keyblock (KBNODE keyblock);
 void list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque );
 void print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode);
 void show_policy_url(PKT_signature *sig,int indent,int mode);
+void show_keyserver_url(PKT_signature *sig,int indent,int mode);
 void show_notation(PKT_signature *sig,int indent,int mode);
 void dump_attribs(const PKT_user_id *uid,
 		  PKT_public_key *pk,PKT_secret_key *sk);
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -1411,6 +1411,11 @@ check_sig_and_print( CTX c, KBNODE node )
 	      show_notation(sig,0,1);
 	    else
 	      show_notation(sig,0,2);
+
+	    if(opt.verify_options&VERIFY_SHOW_KEYSERVER)
+	      show_keyserver_url(sig,0,1);
+	    else
+	      show_keyserver_url(sig,0,2);
 	  }

 	if( !rc && is_status_enabled() ) {
--- a/g10/options.h
+++ b/g10/options.h
@ -234,8 +234,9 @@ struct {
 #define LIST_SHOW_VALIDITY   16
 #define LIST_SHOW_LONG_KEYID 32

-#define VERIFY_SHOW_PHOTOS   1
-#define VERIFY_SHOW_POLICY   2
-#define VERIFY_SHOW_NOTATION 4
+#define VERIFY_SHOW_PHOTOS    1
+#define VERIFY_SHOW_POLICY    2
+#define VERIFY_SHOW_NOTATION  4
+#define VERIFY_SHOW_KEYSERVER 8

 #endif /*G10_OPTIONS_H*/
--- a/g10/options.skel
+++ b/g10/options.skel
@ -90,10 +90,10 @@
 # support).
 #
 # Example HKP keyserver:
-#      x-hkp://pgp.mit.edu
+#      x-hkp://subkeys.pgp.net
 #
 # Example email keyserver:
-#      mailto:pgp-public-keys@keys.nl.pgp.net
+#      mailto:pgp-public-keys@keys.pgp.net
 #
 # Example LDAP keyservers:
 #      ldap://pgp.surfnet.nl:11370
@ -112,7 +112,7 @@
 # Most servers do synchronize with each other and DNS round-robin may
 # give you a quasi-random server each time.

-#keyserver x-hkp://pgp.mit.edu
+#keyserver x-hkp://subkeys.pgp.net
 #keyserver mailto:pgp-public-keys@keys.nl.pgp.net
 #keyserver ldap://pgp.surfnet.nl:11370
 #keyserver ldap://keyserver.pgp.com
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -861,7 +861,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	  printf(" %02X", buffer[i]);
 	break;
      case SIGSUBPKT_PREF_KS:
-	p = "preferred key server";
+	fputs("preferred key server: ", stdout );
+	print_string( stdout, buffer, length, ')' );
 	break;
      case SIGSUBPKT_PRIMARY_UID:
 	p = "primary user ID";
@ -937,6 +938,7 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
      case SIGSUBPKT_PREF_HASH:
      case SIGSUBPKT_PREF_COMPR:
      case SIGSUBPKT_POLICY:
+      case SIGSUBPKT_PREF_KS:
      case SIGSUBPKT_FEATURES:
      case SIGSUBPKT_REGEXP:
 	return 0;
@ -993,9 +995,11 @@ can_handle_critical( const byte *buffer, size_t n, int type )
      case SIGSUBPKT_KEY_FLAGS:
      case SIGSUBPKT_PRIMARY_UID:
      case SIGSUBPKT_FEATURES:
-      case SIGSUBPKT_POLICY: /* Is it enough to show the policy? */
      case SIGSUBPKT_TRUST:
      case SIGSUBPKT_REGEXP:
+	/* Is it enough to show the policy or keyserver? */
+      case SIGSUBPKT_POLICY:
+      case SIGSUBPKT_PREF_KS:
 	return 1;

      default: