Add command --locate-key.

Fix auto-key-locate processing of "nodefault".
2024-12-22 10:19:57 +01:00 · 2008-05-07 15:40:36 +00:00 · 2008-05-07 15:40:36 +00:00 · 69ae16636c
commit 69ae16636c
parent 4254e90426
7 changed files with 103 additions and 13 deletions
--- a/4
+++ b/4
@ -9,6 +9,10 @@ Noteworthy changes in version 2.0.10 (unreleased)

 * [W32] Initialize the socket subsystem for all keyserver helpers.

+ * New gpg2 command --locate-keys.
+
+ * New gpg2 options --with-sig-list and --with-sig-check.
+

 Noteworthy changes in version 2.0.9 (2008-03-26)
 ------------------------------------------------
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -291,6 +291,10 @@ secret key is not usable (for example, if it was created via
@item --list-sigs
@opindex list-sigs
 Same as @option{--list-keys}, but the signatures are listed too.
+@ifclear gpgone
+This command has the same effect as 
+using @option{--list-keys} with @option{--with-sig-list}.
+@end ifclear

 For each signature listed, there are several flags in between the "sig"
 tag and keyid. These flags give additional information about each
@ -308,6 +312,10 @@ command "tsign").
@item --check-sigs
@opindex check-sigs
 Same as @option{--list-sigs}, but the signatures are verified.
+@ifclear gpgone
+This command has the same effect as 
+using @option{--list-keys} with @option{--with-sig-check}.
+@end ifclear

 The status of the verification is indicated by a flag directly following
 the "sig" tag (and thus before the flags described above for
@ -316,6 +324,16 @@ successfully verified, a "-" denotes a bad signature and a "%" is used
 if an error occured while checking the signature (e.g. a non supported
 algorithm).

+@ifclear gpgone
+@item --locate-keys
+@opindex locate-keys
+Locate the keys given as arguments.  This command basically uses the
+same algorithm as used when locating keys for encryption or signing and
+may thus be used to see what keys @command{@gpgname} might use.  In
+particular external methods as defined by @option{--auto-key-locate} may
+be used to locate a key.  Only public keys are listed.
+@end ifclear
+

@item --fingerprint
@opindex fingerprint
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,12 @@
+2008-05-07  Werner Koch  <wk@g10code.com>
+
+	* getkey.c (get_pubkey_byname): Fix nodefault case.
+
+	* gpg.c: New command --locate-keys.  New options --with-sig-list
+	and --with-sig-check.
+	* keylist.c (locate_one): New.
+	(public_key_list): Add arg LOCATE_MODE and use locate_one.
+
 2008-04-18  Werner Koch  <wk@g10code.com>

 	* misc.c (map_cipher_openpgp_to_gcry, map_cipher_gcry_to_openpgp) 
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -925,8 +925,11 @@ get_pubkey_byname (PKT_public_key *pk,
  int rc;
  strlist_t namelist = NULL;
  struct akl *akl;
+  int is_mbox;
  int nodefault = 0;

+  is_mbox = is_valid_mailbox (name);
+
  /* Check whether we the default local search has been disabled.
     This is the case if either the "nodefault" or the "local" keyword
     are in the list of auto key locate mechanisms.  */
@ -940,8 +943,11 @@ get_pubkey_byname (PKT_public_key *pk,
          }
    }

-  if (nodefault)
-    rc = G10ERR_NO_PUBKEY;
+  if (nodefault && is_mbox)
+    {
+      /* Nodefault but a mailbox - let the AKL locate the key.  */
+      rc = G10ERR_NO_PUBKEY;
+    }
  else
    {
      add_to_strlist (&namelist, name);
@ -951,8 +957,7 @@ get_pubkey_byname (PKT_public_key *pk,

  /* If the requested name resembles a valid mailbox and automatic
     retrieval has been enabled, we try to import the key. */
-
-  if (rc == G10ERR_NO_PUBKEY && !no_akl && is_valid_mailbox(name))
+  if (gpg_err_code (rc) == G10ERR_NO_PUBKEY && !no_akl && is_mbox)
    {
      for (akl=opt.auto_key_locate; akl; akl=akl->next)
 	{
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -119,6 +119,7 @@ enum cmd_and_opt_values
    aListSigs,
    aSendKeys,
    aRecvKeys,
+    aLocateKeys,
    aSearchKeys,
    aRefreshKeys,
    aFetchKeys,
@ -229,6 +230,8 @@ enum cmd_and_opt_values
    oHomedir,
    oWithColons,
    oWithKeyData,
+    oWithSigList,
+    oWithSigCheck,
    oSkipVerify,
    oCompressKeys,
    oCompressSigs,
@ -399,6 +402,7 @@ static ARGPARSE_OPTS opts[] = {
                                    N_("search for keys on a key server") },
    { aRefreshKeys, "refresh-keys", 256,
                                    N_("update all keys from a keyserver")},
+    { aLocateKeys, "locate-keys", 256, "@"},
    { aFetchKeys, "fetch-keys" , 256, "@" },
    { aExportSecret, "export-secret-keys" , 256, "@" },
    { aExportSecretSub, "export-secret-subkeys" , 256, "@" },
@ -588,6 +592,8 @@ static ARGPARSE_OPTS opts[] = {
    { oNoBatch, "no-batch", 0, "@" },
    { oWithColons, "with-colons", 0, "@"},
    { oWithKeyData,"with-key-data", 0, "@"},
+    { oWithSigList,"with-sig-list", 0, "@"},
+    { oWithSigCheck,"with-sig-check", 0, "@"},
    { aListKeys, "list-key", 0, "@" }, /* alias */
    { aListSigs, "list-sig", 0, "@" }, /* alias */
    { aCheckKeys, "check-sig",0, "@" }, /* alias */
@ -2099,6 +2105,7 @@ main (int argc, char **argv)
          case aChangePIN:
 #endif /* ENABLE_CARD_SUPPORT*/
 	  case aListKeys: 
+	  case aLocateKeys:
 	  case aListSigs: 
 	  case aExportSecret: 
 	  case aExportSecretSub: 
@ -2264,9 +2271,13 @@ main (int argc, char **argv)
 	  case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */
 	  case oHomedir: break;
 	  case oNoBatch: opt.batch = 0; break;
-	  case oWithKeyData: opt.with_key_data=1; /* fall thru */
+
+	  case oWithKeyData: opt.with_key_data=1; /*FALLTHRU*/
 	  case oWithColons: opt.with_colons=':'; break;

+          case oWithSigCheck: opt.check_sigs = 1; /*FALLTHRU*/
+          case oWithSigList: opt.list_sigs = 1; break;  
+
 	  case oSkipVerify: opt.skip_verify=1; break;
 	  case oCompressKeys: opt.compress_keys = 1; break;
 	  case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
@ -3300,7 +3311,7 @@ main (int argc, char **argv)
      {
        if (ALWAYS_ADD_KEYRINGS
            || (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys
-                && cmd != aVerify && cmd != aSym))
+                && cmd != aVerify && cmd != aSym && cmd != aLocateKeys))
          {
            if (!sec_nrings || default_keyring) /* add default secret rings */
              keydb_add_resource ("secring" EXTSEP_S "gpg", 4, 1);
@ -3583,7 +3594,7 @@ main (int argc, char **argv)
 	sl = NULL;
 	for( ; argc; argc--, argv++ )
 	    add_to_strlist2( &sl, *argv, utf8_strings );
-	public_key_list( sl );
+	public_key_list( sl, 0 );
 	free_strlist(sl);
 	break;
      case aListSecretKeys:
@ -3593,6 +3604,13 @@ main (int argc, char **argv)
 	secret_key_list( sl );
 	free_strlist(sl);
 	break;
+      case aLocateKeys:
+	sl = NULL;
+	for (; argc; argc--, argv++)
+          add_to_strlist2( &sl, *argv, utf8_strings );
+	public_key_list (sl, 1);
+	free_strlist (sl);
+	break;

      case aKeygen: /* generate a key */
 	if( opt.batch ) {
--- a/g10/keylist.c
+++ b/g10/keylist.c
@ -40,6 +40,7 @@

 static void list_all(int);
 static void list_one( strlist_t names, int secret);
+static void locate_one (strlist_t names);
 static void print_card_serialno (PKT_secret_key *sk);

 struct sig_stats
@ -56,9 +57,9 @@ static FILE *attrib_fp=NULL;
 * If list is NULL, all available keys are listed
 */
 void
-public_key_list( strlist_t list )
+public_key_list( strlist_t list, int locate_mode )
 {
-  if(opt.with_colons)
+  if (opt.with_colons)
    {
      byte trust_model,marginals,completes,cert_depth;
      ulong created,nextcheck;
@ -101,12 +102,15 @@ public_key_list( strlist_t list )
     which is associated with the inode of a deleted file.  */
  check_trustdb_stale ();

-  if( !list )
-    list_all(0);
+  if (locate_mode)
+    locate_one (list);
+  else if (!list)
+    list_all (0);
  else
-    list_one( list, 0 );
+    list_one (list, 0);
 }

+
 void
 secret_key_list( strlist_t list )
 {
@ -527,6 +531,38 @@ list_one( strlist_t names, int secret )
      print_signature_stats(&stats);
 }

+
+static void
+locate_one (strlist_t names)
+{
+  int rc = 0;
+  strlist_t sl;
+  KBNODE keyblock = NULL;
+  struct sig_stats stats;
+
+  memset(&stats,0,sizeof(stats));
+    
+  for (sl=names; sl; sl = sl->next)
+    {
+      rc = get_pubkey_byname (NULL, sl->d, &keyblock, NULL, 1, 0);
+      if (rc)
+        {
+          if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY)
+            log_error ("error reading key: %s\n", g10_errstr(rc) );
+	}
+      else
+        {
+          list_keyblock (keyblock, 0, opt.fingerprint,
+                         opt.check_sigs? &stats : NULL );
+          release_kbnode (keyblock);
+	} 
+    }
+  
+  if (opt.check_sigs && !opt.with_colons)
+    print_signature_stats (&stats);
+}
+
+
 static void
 print_key_data( PKT_public_key *pk )
 {
--- a/g10/main.h
+++ b/g10/main.h
@ -286,7 +286,7 @@ struct revocation_reason_info *
 void release_revocation_reason_info( struct revocation_reason_info *reason );

 /*-- keylist.c --*/
-void public_key_list( strlist_t list );
+void public_key_list( strlist_t list, int locate_mode );
 void secret_key_list( strlist_t list );
 void print_subpackets_colon(PKT_signature *sig);
 void reorder_keyblock (KBNODE keyblock);