From 69ae16636cb0800d37f5d9eee6bb3d4749e645f7 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 7 May 2008 15:40:36 +0000
Subject: [PATCH] Add command --locate-key. Fix auto-key-locate processing of
 "nodefault".

---
 NEWS          |  4 ++++
 doc/gpg.texi  | 18 ++++++++++++++++++
 g10/ChangeLog |  9 +++++++++
 g10/getkey.c  | 13 +++++++++----
 g10/gpg.c     | 24 +++++++++++++++++++++---
 g10/keylist.c | 46 +++++++++++++++++++++++++++++++++++++++++-----
 g10/main.h    |  2 +-
 7 files changed, 103 insertions(+), 13 deletions(-)

diff --git a/NEWS b/NEWS
index 4d776dcdd..b70005342 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,10 @@ Noteworthy changes in version 2.0.10 (unreleased)
 
  * [W32] Initialize the socket subsystem for all keyserver helpers.
 
+ * New gpg2 command --locate-keys.
+
+ * New gpg2 options --with-sig-list and --with-sig-check.
+
 
 Noteworthy changes in version 2.0.9 (2008-03-26)
 ------------------------------------------------
diff --git a/doc/gpg.texi b/doc/gpg.texi
index ed8661302..267870267 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -291,6 +291,10 @@ secret key is not usable (for example, if it was created via
 @item --list-sigs
 @opindex list-sigs
 Same as @option{--list-keys}, but the signatures are listed too.
+@ifclear gpgone
+This command has the same effect as 
+using @option{--list-keys} with @option{--with-sig-list}.
+@end ifclear
 
 For each signature listed, there are several flags in between the "sig"
 tag and keyid. These flags give additional information about each
@@ -308,6 +312,10 @@ command "tsign").
 @item --check-sigs
 @opindex check-sigs
 Same as @option{--list-sigs}, but the signatures are verified.
+@ifclear gpgone
+This command has the same effect as 
+using @option{--list-keys} with @option{--with-sig-check}.
+@end ifclear
 
 The status of the verification is indicated by a flag directly following
 the "sig" tag (and thus before the flags described above for
@@ -316,6 +324,16 @@ successfully verified, a "-" denotes a bad signature and a "%" is used
 if an error occured while checking the signature (e.g. a non supported
 algorithm).
 
+@ifclear gpgone
+@item --locate-keys
+@opindex locate-keys
+Locate the keys given as arguments.  This command basically uses the
+same algorithm as used when locating keys for encryption or signing and
+may thus be used to see what keys @command{@gpgname} might use.  In
+particular external methods as defined by @option{--auto-key-locate} may
+be used to locate a key.  Only public keys are listed.
+@end ifclear
+
 
 @item --fingerprint
 @opindex fingerprint
diff --git a/g10/ChangeLog b/g10/ChangeLog
index b7c3d1d50..52efafd48 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,12 @@
+2008-05-07  Werner Koch  <wk@g10code.com>
+
+	* getkey.c (get_pubkey_byname): Fix nodefault case.
+
+	* gpg.c: New command --locate-keys.  New options --with-sig-list
+	and --with-sig-check.
+	* keylist.c (locate_one): New.
+	(public_key_list): Add arg LOCATE_MODE and use locate_one.
+
 2008-04-18  Werner Koch  <wk@g10code.com>
 
 	* misc.c (map_cipher_openpgp_to_gcry, map_cipher_gcry_to_openpgp) 
diff --git a/g10/getkey.c b/g10/getkey.c
index 5c1ed10e6..93f8f14ce 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -925,8 +925,11 @@ get_pubkey_byname (PKT_public_key *pk,
   int rc;
   strlist_t namelist = NULL;
   struct akl *akl;
+  int is_mbox;
   int nodefault = 0;
 
+  is_mbox = is_valid_mailbox (name);
+
   /* Check whether we the default local search has been disabled.
      This is the case if either the "nodefault" or the "local" keyword
      are in the list of auto key locate mechanisms.  */
@@ -940,8 +943,11 @@ get_pubkey_byname (PKT_public_key *pk,
           }
     }
 
-  if (nodefault)
-    rc = G10ERR_NO_PUBKEY;
+  if (nodefault && is_mbox)
+    {
+      /* Nodefault but a mailbox - let the AKL locate the key.  */
+      rc = G10ERR_NO_PUBKEY;
+    }
   else
     {
       add_to_strlist (&namelist, name);
@@ -951,8 +957,7 @@ get_pubkey_byname (PKT_public_key *pk,
 
   /* If the requested name resembles a valid mailbox and automatic
      retrieval has been enabled, we try to import the key. */
-
-  if (rc == G10ERR_NO_PUBKEY && !no_akl && is_valid_mailbox(name))
+  if (gpg_err_code (rc) == G10ERR_NO_PUBKEY && !no_akl && is_mbox)
     {
       for (akl=opt.auto_key_locate; akl; akl=akl->next)
 	{
diff --git a/g10/gpg.c b/g10/gpg.c
index f1f52813e..50ce0762b 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -119,6 +119,7 @@ enum cmd_and_opt_values
     aListSigs,
     aSendKeys,
     aRecvKeys,
+    aLocateKeys,
     aSearchKeys,
     aRefreshKeys,
     aFetchKeys,
@@ -229,6 +230,8 @@ enum cmd_and_opt_values
     oHomedir,
     oWithColons,
     oWithKeyData,
+    oWithSigList,
+    oWithSigCheck,
     oSkipVerify,
     oCompressKeys,
     oCompressSigs,
@@ -399,6 +402,7 @@ static ARGPARSE_OPTS opts[] = {
                                     N_("search for keys on a key server") },
     { aRefreshKeys, "refresh-keys", 256,
                                     N_("update all keys from a keyserver")},
+    { aLocateKeys, "locate-keys", 256, "@"},
     { aFetchKeys, "fetch-keys" , 256, "@" },
     { aExportSecret, "export-secret-keys" , 256, "@" },
     { aExportSecretSub, "export-secret-subkeys" , 256, "@" },
@@ -588,6 +592,8 @@ static ARGPARSE_OPTS opts[] = {
     { oNoBatch, "no-batch", 0, "@" },
     { oWithColons, "with-colons", 0, "@"},
     { oWithKeyData,"with-key-data", 0, "@"},
+    { oWithSigList,"with-sig-list", 0, "@"},
+    { oWithSigCheck,"with-sig-check", 0, "@"},
     { aListKeys, "list-key", 0, "@" }, /* alias */
     { aListSigs, "list-sig", 0, "@" }, /* alias */
     { aCheckKeys, "check-sig",0, "@" }, /* alias */
@@ -2099,6 +2105,7 @@ main (int argc, char **argv)
           case aChangePIN:
 #endif /* ENABLE_CARD_SUPPORT*/
 	  case aListKeys: 
+	  case aLocateKeys:
 	  case aListSigs: 
 	  case aExportSecret: 
 	  case aExportSecretSub: 
@@ -2264,9 +2271,13 @@ main (int argc, char **argv)
 	  case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */
 	  case oHomedir: break;
 	  case oNoBatch: opt.batch = 0; break;
-	  case oWithKeyData: opt.with_key_data=1; /* fall thru */
+
+	  case oWithKeyData: opt.with_key_data=1; /*FALLTHRU*/
 	  case oWithColons: opt.with_colons=':'; break;
 
+          case oWithSigCheck: opt.check_sigs = 1; /*FALLTHRU*/
+          case oWithSigList: opt.list_sigs = 1; break;  
+
 	  case oSkipVerify: opt.skip_verify=1; break;
 	  case oCompressKeys: opt.compress_keys = 1; break;
 	  case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
@@ -3300,7 +3311,7 @@ main (int argc, char **argv)
       {
         if (ALWAYS_ADD_KEYRINGS
             || (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys
-                && cmd != aVerify && cmd != aSym))
+                && cmd != aVerify && cmd != aSym && cmd != aLocateKeys))
           {
             if (!sec_nrings || default_keyring) /* add default secret rings */
               keydb_add_resource ("secring" EXTSEP_S "gpg", 4, 1);
@@ -3583,7 +3594,7 @@ main (int argc, char **argv)
 	sl = NULL;
 	for( ; argc; argc--, argv++ )
 	    add_to_strlist2( &sl, *argv, utf8_strings );
-	public_key_list( sl );
+	public_key_list( sl, 0 );
 	free_strlist(sl);
 	break;
       case aListSecretKeys:
@@ -3593,6 +3604,13 @@ main (int argc, char **argv)
 	secret_key_list( sl );
 	free_strlist(sl);
 	break;
+      case aLocateKeys:
+	sl = NULL;
+	for (; argc; argc--, argv++)
+          add_to_strlist2( &sl, *argv, utf8_strings );
+	public_key_list (sl, 1);
+	free_strlist (sl);
+	break;
 
       case aKeygen: /* generate a key */
 	if( opt.batch ) {
diff --git a/g10/keylist.c b/g10/keylist.c
index db4ef50f3..a98a4f9f6 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -40,6 +40,7 @@
 
 static void list_all(int);
 static void list_one( strlist_t names, int secret);
+static void locate_one (strlist_t names);
 static void print_card_serialno (PKT_secret_key *sk);
 
 struct sig_stats
@@ -56,9 +57,9 @@ static FILE *attrib_fp=NULL;
  * If list is NULL, all available keys are listed
  */
 void
-public_key_list( strlist_t list )
+public_key_list( strlist_t list, int locate_mode )
 {
-  if(opt.with_colons)
+  if (opt.with_colons)
     {
       byte trust_model,marginals,completes,cert_depth;
       ulong created,nextcheck;
@@ -101,12 +102,15 @@ public_key_list( strlist_t list )
      which is associated with the inode of a deleted file.  */
   check_trustdb_stale ();
 
-  if( !list )
-    list_all(0);
+  if (locate_mode)
+    locate_one (list);
+  else if (!list)
+    list_all (0);
   else
-    list_one( list, 0 );
+    list_one (list, 0);
 }
 
+
 void
 secret_key_list( strlist_t list )
 {
@@ -527,6 +531,38 @@ list_one( strlist_t names, int secret )
       print_signature_stats(&stats);
 }
 
+
+static void
+locate_one (strlist_t names)
+{
+  int rc = 0;
+  strlist_t sl;
+  KBNODE keyblock = NULL;
+  struct sig_stats stats;
+
+  memset(&stats,0,sizeof(stats));
+    
+  for (sl=names; sl; sl = sl->next)
+    {
+      rc = get_pubkey_byname (NULL, sl->d, &keyblock, NULL, 1, 0);
+      if (rc)
+        {
+          if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY)
+            log_error ("error reading key: %s\n", g10_errstr(rc) );
+	}
+      else
+        {
+          list_keyblock (keyblock, 0, opt.fingerprint,
+                         opt.check_sigs? &stats : NULL );
+          release_kbnode (keyblock);
+	} 
+    }
+  
+  if (opt.check_sigs && !opt.with_colons)
+    print_signature_stats (&stats);
+}
+
+
 static void
 print_key_data( PKT_public_key *pk )
 {
diff --git a/g10/main.h b/g10/main.h
index 179c06757..f34e4b381 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -286,7 +286,7 @@ struct revocation_reason_info *
 void release_revocation_reason_info( struct revocation_reason_info *reason );
 
 /*-- keylist.c --*/
-void public_key_list( strlist_t list );
+void public_key_list( strlist_t list, int locate_mode );
 void secret_key_list( strlist_t list );
 void print_subpackets_colon(PKT_signature *sig);
 void reorder_keyblock (KBNODE keyblock);