* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since

they at least handle subkeys correctly. * options.h, g10.c (main), main.h, keylist.c (show_keyserver_url), mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt, can_handle_critical): Add read-only support for preferred keyserver subpackets. They're basically policy URLs with a different name. Add a verify-option "show-preferred-keyserver" to turn them on and off (on by default, as per stable branch). * g10.c (main): Add "--set-notation" as alias to "--notation-data" this is to make things consistent with --set-policy-url meaning both sigs and certs.
2025-03-21 21:39:58 +01:00 · 2003-06-05 02:06:12 +00:00 · 2003-06-05 02:06:12 +00:00 · 4d3fecee56
commit 4d3fecee56
parent a58ce94d8e
8 changed files with 86 additions and 14 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,20 @@
 2003-06-04  David Shaw  <dshaw@jabberwocky.com>
 	* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver
 	since they at least handle subkeys correctly.
 	* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
 	mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
 	parse_one_sig_subpkt, can_handle_critical): Add read-only support
 	for preferred keyserver subpackets.  They're basically policy URLs
 	with a different name.  Add a verify-option
 	"show-preferred-keyserver" to turn them on and off (on by default,
 	as per stable branch).
 	* g10.c (main): Add "--set-notation" as alias to "--notation-data"
 	this is to make things consistent with --set-policy-url meaning
 	both sigs and certs.
 2003-06-03  David Shaw  <dshaw@jabberwocky.com>
 	* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
--- a/g10/g10.c
+++ b/g10/g10.c
@ -71,7 +71,7 @@ enum cmd_and_opt_values { aNull = 0,
    oUser	  = 'u',
    oVerbose	  = 'v',
    oCompress	  = 'z',
-    oNotation	  = 'N',
+    oSetNotation  = 'N',
    oBatch	  = 500,
    oSigNotation,
    oCertNotation,
@ -485,9 +485,10 @@ static ARGPARSE_OPTS opts[] = {
    { oShowPhotos,   "show-photos", 0, "@" },
    { oNoShowPhotos, "no-show-photos", 0, "@" },
    { oPhotoViewer,  "photo-viewer", 2, "@" },
-    { oNotation,   "notation-data", 2, "@" },
+    { oSetNotation,  "set-notation", 2, "@" },
-    { oSigNotation,   "sig-notation", 2, "@" },
+    { oSetNotation,  "notation-data", 2, "@" }, /* Alias */
-    { oCertNotation,  "cert-notation", 2, "@" },
+    { oSigNotation,  "sig-notation", 2, "@" },
    { oCertNotation, "cert-notation", 2, "@" },
    { 302, NULL, 0, N_(
  "@\n(See the man page for a complete listing of all commands and options)\n"
@ -1176,7 +1177,8 @@ main( int argc, char **argv )
    opt.keyserver_options.include_subkeys=1;
    opt.keyserver_options.include_revoked=1;
    opt.keyserver_options.try_dns_srv=1;
-    opt.verify_options=VERIFY_SHOW_POLICY|VERIFY_SHOW_NOTATION;
+    opt.verify_options=
      VERIFY_SHOW_POLICY|VERIFY_SHOW_NOTATION|VERIFY_SHOW_KEYSERVER;
    opt.trust_model=TM_AUTO;
    opt.mangle_dos_filenames = 1;
@ -1775,6 +1777,7 @@ main( int argc, char **argv )
 		  {"show-photos",VERIFY_SHOW_PHOTOS},
 		  {"show-policy-url",VERIFY_SHOW_POLICY},
 		  {"show-notation",VERIFY_SHOW_NOTATION},
 		  {"show-preferred-keyserver",VERIFY_SHOW_KEYSERVER},
 		  {NULL,0}
 		};
@ -1795,7 +1798,7 @@ main( int argc, char **argv )
 	    else
 	      opt.exec_path_set=1;
 	    break;
-	  case oNotation:
+	  case oSetNotation:
 	    add_notation_data( pargs.r.ret_str, 0 );
 	    add_notation_data( pargs.r.ret_str, 1 );
 	    break;
--- a/g10/keylist.c
+++ b/g10/keylist.c
@ -162,6 +162,47 @@ show_policy_url(PKT_signature *sig,int indent,int mode)
  mode=2 for status messages only
 */
 void
 show_keyserver_url(PKT_signature *sig,int indent,int mode)
 {
  const byte *p;
  size_t len;
  int seq=0,crit;
  FILE *fp=mode?log_stream():stdout;
  while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&len,&seq,&crit)))
    {
      if(mode!=2)
 	{
 	  int i;
 	  char *str;
 	  for(i=0;i<indent;i++)
 	    putchar(' ');
 	  /* This isn't UTF8 as it is a URL(?) */
 	  if(crit)
 	    str=_("Critical preferred keyserver: ");
 	  else
 	    str=_("Preferred keyserver: ");
 	  if(mode)
 	    log_info("%s",str);
 	  else
 	    printf("%s",str);
 	  print_string(fp,p,len,0);
 	  fprintf(fp,"\n");
 	}
      /* TODO: put in a status-fd tag for preferred keyservers */
    }
 }
 /*
  mode=0 for stdout.
  mode=1 for log_info + status messages
  mode=2 for status messages only
 */
 void
 show_notation(PKT_signature *sig,int indent,int mode)
 {
--- a/g10/main.h
+++ b/g10/main.h
@ -209,6 +209,7 @@ void reorder_keyblock (KBNODE keyblock);
 void list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque );
 void print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode);
 void show_policy_url(PKT_signature *sig,int indent,int mode);
 void show_keyserver_url(PKT_signature *sig,int indent,int mode);
 void show_notation(PKT_signature *sig,int indent,int mode);
 void dump_attribs(const PKT_user_id *uid,
 		  PKT_public_key *pk,PKT_secret_key *sk);
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -1411,6 +1411,11 @@ check_sig_and_print( CTX c, KBNODE node )
 	      show_notation(sig,0,1);
 	    else
 	      show_notation(sig,0,2);
 	    if(opt.verify_options&VERIFY_SHOW_KEYSERVER)
 	      show_keyserver_url(sig,0,1);
 	    else
 	      show_keyserver_url(sig,0,2);
 	  }
 	if( !rc && is_status_enabled() ) {
--- a/g10/options.h
+++ b/g10/options.h
@ -234,8 +234,9 @@ struct {
 #define LIST_SHOW_VALIDITY   16
 #define LIST_SHOW_LONG_KEYID 32
-#define VERIFY_SHOW_PHOTOS   1
+#define VERIFY_SHOW_PHOTOS    1
-#define VERIFY_SHOW_POLICY   2
+#define VERIFY_SHOW_POLICY    2
-#define VERIFY_SHOW_NOTATION 4
+#define VERIFY_SHOW_NOTATION  4
 #define VERIFY_SHOW_KEYSERVER 8
 #endif /*G10_OPTIONS_H*/
--- a/g10/options.skel
+++ b/g10/options.skel
@ -90,10 +90,10 @@
 # support).
 #
 # Example HKP keyserver:
-#      x-hkp://pgp.mit.edu
+#      x-hkp://subkeys.pgp.net
 #
 # Example email keyserver:
-#      mailto:pgp-public-keys@keys.nl.pgp.net
+#      mailto:pgp-public-keys@keys.pgp.net
 #
 # Example LDAP keyservers:
 #      ldap://pgp.surfnet.nl:11370
@ -112,7 +112,7 @@
 # Most servers do synchronize with each other and DNS round-robin may
 # give you a quasi-random server each time.
-#keyserver x-hkp://pgp.mit.edu
+#keyserver x-hkp://subkeys.pgp.net
 #keyserver mailto:pgp-public-keys@keys.nl.pgp.net
 #keyserver ldap://pgp.surfnet.nl:11370
 #keyserver ldap://keyserver.pgp.com
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -861,7 +861,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	  printf(" %02X", buffer[i]);
 	break;
      case SIGSUBPKT_PREF_KS:
-	p = "preferred key server";
+	fputs("preferred key server: ", stdout );
 	print_string( stdout, buffer, length, ')' );
 	break;
      case SIGSUBPKT_PRIMARY_UID:
 	p = "primary user ID";
@ -937,6 +938,7 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
      case SIGSUBPKT_PREF_HASH:
      case SIGSUBPKT_PREF_COMPR:
      case SIGSUBPKT_POLICY:
      case SIGSUBPKT_PREF_KS:
      case SIGSUBPKT_FEATURES:
      case SIGSUBPKT_REGEXP:
 	return 0;
@ -993,9 +995,11 @@ can_handle_critical( const byte *buffer, size_t n, int type )
      case SIGSUBPKT_KEY_FLAGS:
      case SIGSUBPKT_PRIMARY_UID:
      case SIGSUBPKT_FEATURES:
      case SIGSUBPKT_POLICY: /* Is it enough to show the policy? */
      case SIGSUBPKT_TRUST:
      case SIGSUBPKT_REGEXP:
 	/* Is it enough to show the policy or keyserver? */
      case SIGSUBPKT_POLICY:
      case SIGSUBPKT_PREF_KS:
 	return 1;
      default: