security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-11 22:52:47 +01:00
Code Activity

Add command --locate-key.

Browse Source 
Fix auto-key-locate processing of "nodefault".
This commit is contained in:
Werner Koch 2008-05-07 15:40:36 +00:00
parent 4254e90426
commit 69ae16636c
7 changed files with 103 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@ -9,6 +9,10 @@ Noteworthy changes in version 2.0.10 (unreleased)
* [W32] Initialize the socket subsystem for all keyserver helpers. * [W32] Initialize the socket subsystem for all keyserver helpers.
* New gpg2 command --locate-keys.
* New gpg2 options --with-sig-list and --with-sig-check.
Noteworthy changes in version 2.0.9 (2008-03-26) Noteworthy changes in version 2.0.9 (2008-03-26)
------------------------------------------------ ------------------------------------------------

18
doc/gpg.texi
View File

@ -291,6 +291,10 @@ secret key is not usable (for example, if it was created via
@item --list-sigs @item --list-sigs
@opindex list-sigs @opindex list-sigs
Same as @option{--list-keys}, but the signatures are listed too. Same as @option{--list-keys}, but the signatures are listed too.
@ifclear gpgone
This command has the same effect as
using @option{--list-keys} with @option{--with-sig-list}.
@end ifclear
For each signature listed, there are several flags in between the "sig" For each signature listed, there are several flags in between the "sig"
tag and keyid. These flags give additional information about each tag and keyid. These flags give additional information about each
@ -308,6 +312,10 @@ command "tsign").
@item --check-sigs @item --check-sigs
@opindex check-sigs @opindex check-sigs
Same as @option{--list-sigs}, but the signatures are verified. Same as @option{--list-sigs}, but the signatures are verified.
@ifclear gpgone
This command has the same effect as
using @option{--list-keys} with @option{--with-sig-check}.
@end ifclear
The status of the verification is indicated by a flag directly following The status of the verification is indicated by a flag directly following
the "sig" tag (and thus before the flags described above for the "sig" tag (and thus before the flags described above for
@ -316,6 +324,16 @@ successfully verified, a "-" denotes a bad signature and a "%" is used
if an error occured while checking the signature (e.g. a non supported if an error occured while checking the signature (e.g. a non supported
algorithm). algorithm).
@ifclear gpgone
@item --locate-keys
@opindex locate-keys
Locate the keys given as arguments. This command basically uses the
same algorithm as used when locating keys for encryption or signing and
may thus be used to see what keys @command{@gpgname} might use. In
particular external methods as defined by @option{--auto-key-locate} may
be used to locate a key. Only public keys are listed.
@end ifclear
@item --fingerprint @item --fingerprint
@opindex fingerprint @opindex fingerprint

9
g10/ChangeLog
View File

@ -1,3 +1,12 @@
2008-05-07 Werner Koch <wk@g10code.com>
* getkey.c (get_pubkey_byname): Fix nodefault case.
* gpg.c: New command --locate-keys. New options --with-sig-list
and --with-sig-check.
* keylist.c (locate_one): New.
(public_key_list): Add arg LOCATE_MODE and use locate_one.
2008-04-18 Werner Koch <wk@g10code.com> 2008-04-18 Werner Koch <wk@g10code.com>
* misc.c (map_cipher_openpgp_to_gcry, map_cipher_gcry_to_openpgp) * misc.c (map_cipher_openpgp_to_gcry, map_cipher_gcry_to_openpgp)

11
g10/getkey.c
View File

@ -925,8 +925,11 @@ get_pubkey_byname (PKT_public_key *pk,
int rc; int rc;
strlist_t namelist = NULL; strlist_t namelist = NULL;
struct akl *akl; struct akl *akl;
int is_mbox;
int nodefault = 0; int nodefault = 0;
is_mbox = is_valid_mailbox (name);
/* Check whether we the default local search has been disabled. /* Check whether we the default local search has been disabled.
This is the case if either the "nodefault" or the "local" keyword This is the case if either the "nodefault" or the "local" keyword
are in the list of auto key locate mechanisms. */ are in the list of auto key locate mechanisms. */
@ -940,8 +943,11 @@ get_pubkey_byname (PKT_public_key *pk,
} }
} }
if (nodefault) if (nodefault && is_mbox)
{
/* Nodefault but a mailbox - let the AKL locate the key. */
rc = G10ERR_NO_PUBKEY; rc = G10ERR_NO_PUBKEY;
}
else else
{ {
add_to_strlist (&namelist, name); add_to_strlist (&namelist, name);
@ -951,8 +957,7 @@ get_pubkey_byname (PKT_public_key *pk,
/* If the requested name resembles a valid mailbox and automatic /* If the requested name resembles a valid mailbox and automatic
retrieval has been enabled, we try to import the key. */ retrieval has been enabled, we try to import the key. */
if (gpg_err_code (rc) == G10ERR_NO_PUBKEY && !no_akl && is_mbox)
if (rc == G10ERR_NO_PUBKEY && !no_akl && is_valid_mailbox(name))
{ {
for (akl=opt.auto_key_locate; akl; akl=akl->next) for (akl=opt.auto_key_locate; akl; akl=akl->next)
{ {

24
g10/gpg.c
View File

@ -119,6 +119,7 @@ enum cmd_and_opt_values
aListSigs, aListSigs,
aSendKeys, aSendKeys,
aRecvKeys, aRecvKeys,
aLocateKeys,
aSearchKeys, aSearchKeys,
aRefreshKeys, aRefreshKeys,
aFetchKeys, aFetchKeys,
@ -229,6 +230,8 @@ enum cmd_and_opt_values
oHomedir, oHomedir,
oWithColons, oWithColons,
oWithKeyData, oWithKeyData,
oWithSigList,
oWithSigCheck,
oSkipVerify, oSkipVerify,
oCompressKeys, oCompressKeys,
oCompressSigs, oCompressSigs,
@ -399,6 +402,7 @@ static ARGPARSE_OPTS opts[] = {
N_("search for keys on a key server") }, N_("search for keys on a key server") },
{ aRefreshKeys, "refresh-keys", 256, { aRefreshKeys, "refresh-keys", 256,
N_("update all keys from a keyserver")}, N_("update all keys from a keyserver")},
{ aLocateKeys, "locate-keys", 256, "@"},
{ aFetchKeys, "fetch-keys" , 256, "@" }, { aFetchKeys, "fetch-keys" , 256, "@" },
{ aExportSecret, "export-secret-keys" , 256, "@" }, { aExportSecret, "export-secret-keys" , 256, "@" },
{ aExportSecretSub, "export-secret-subkeys" , 256, "@" }, { aExportSecretSub, "export-secret-subkeys" , 256, "@" },
@ -588,6 +592,8 @@ static ARGPARSE_OPTS opts[] = {
{ oNoBatch, "no-batch", 0, "@" }, { oNoBatch, "no-batch", 0, "@" },
{ oWithColons, "with-colons", 0, "@"}, { oWithColons, "with-colons", 0, "@"},
{ oWithKeyData,"with-key-data", 0, "@"}, { oWithKeyData,"with-key-data", 0, "@"},
{ oWithSigList,"with-sig-list", 0, "@"},
{ oWithSigCheck,"with-sig-check", 0, "@"},
{ aListKeys, "list-key", 0, "@" }, /* alias */ { aListKeys, "list-key", 0, "@" }, /* alias */
{ aListSigs, "list-sig", 0, "@" }, /* alias */ { aListSigs, "list-sig", 0, "@" }, /* alias */
{ aCheckKeys, "check-sig",0, "@" }, /* alias */ { aCheckKeys, "check-sig",0, "@" }, /* alias */
@ -2099,6 +2105,7 @@ main (int argc, char **argv)
case aChangePIN: case aChangePIN:
#endif /* ENABLE_CARD_SUPPORT*/ #endif /* ENABLE_CARD_SUPPORT*/
case aListKeys: case aListKeys:
case aLocateKeys:
case aListSigs: case aListSigs:
case aExportSecret: case aExportSecret:
case aExportSecretSub: case aExportSecretSub:
@ -2264,9 +2271,13 @@ main (int argc, char **argv)
case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */ case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */
case oHomedir: break; case oHomedir: break;
case oNoBatch: opt.batch = 0; break; case oNoBatch: opt.batch = 0; break;
case oWithKeyData: opt.with_key_data=1; /* fall thru */
case oWithKeyData: opt.with_key_data=1; /*FALLTHRU*/
case oWithColons: opt.with_colons=':'; break; case oWithColons: opt.with_colons=':'; break;
case oWithSigCheck: opt.check_sigs = 1; /*FALLTHRU*/
case oWithSigList: opt.list_sigs = 1; break;
case oSkipVerify: opt.skip_verify=1; break; case oSkipVerify: opt.skip_verify=1; break;
case oCompressKeys: opt.compress_keys = 1; break; case oCompressKeys: opt.compress_keys = 1; break;
case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break; case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
@ -3300,7 +3311,7 @@ main (int argc, char **argv)
{ {
if (ALWAYS_ADD_KEYRINGS if (ALWAYS_ADD_KEYRINGS
|| (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys || (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys
&& cmd != aVerify && cmd != aSym)) && cmd != aVerify && cmd != aSym && cmd != aLocateKeys))
{ {
if (!sec_nrings || default_keyring) /* add default secret rings */ if (!sec_nrings || default_keyring) /* add default secret rings */
keydb_add_resource ("secring" EXTSEP_S "gpg", 4, 1); keydb_add_resource ("secring" EXTSEP_S "gpg", 4, 1);
@ -3583,7 +3594,7 @@ main (int argc, char **argv)
sl = NULL; sl = NULL;
for( ; argc; argc--, argv++ ) for( ; argc; argc--, argv++ )
add_to_strlist2( &sl, *argv, utf8_strings ); add_to_strlist2( &sl, *argv, utf8_strings );
public_key_list( sl ); public_key_list( sl, 0 );
free_strlist(sl); free_strlist(sl);
break; break;
case aListSecretKeys: case aListSecretKeys:
@ -3593,6 +3604,13 @@ main (int argc, char **argv)
secret_key_list( sl ); secret_key_list( sl );
free_strlist(sl); free_strlist(sl);
break; break;
case aLocateKeys:
sl = NULL;
for (; argc; argc--, argv++)
add_to_strlist2( &sl, *argv, utf8_strings );
public_key_list (sl, 1);
free_strlist (sl);
break;
case aKeygen: /* generate a key */ case aKeygen: /* generate a key */
if( opt.batch ) { if( opt.batch ) {

46
g10/keylist.c
View File

@ -40,6 +40,7 @@
static void list_all(int); static void list_all(int);
static void list_one( strlist_t names, int secret); static void list_one( strlist_t names, int secret);
static void locate_one (strlist_t names);
static void print_card_serialno (PKT_secret_key *sk); static void print_card_serialno (PKT_secret_key *sk);
struct sig_stats struct sig_stats
@ -56,9 +57,9 @@ static FILE *attrib_fp=NULL;
* If list is NULL, all available keys are listed * If list is NULL, all available keys are listed
*/ */
void void
public_key_list( strlist_t list ) public_key_list( strlist_t list, int locate_mode )
{ {
if(opt.with_colons) if (opt.with_colons)
{ {
byte trust_model,marginals,completes,cert_depth; byte trust_model,marginals,completes,cert_depth;
ulong created,nextcheck; ulong created,nextcheck;
@ -101,12 +102,15 @@ public_key_list( strlist_t list )
which is associated with the inode of a deleted file. */ which is associated with the inode of a deleted file. */
check_trustdb_stale (); check_trustdb_stale ();
if( !list ) if (locate_mode)
list_all(0); locate_one (list);
else if (!list)
list_all (0);
else else
list_one( list, 0 ); list_one (list, 0);
} }
void void
secret_key_list( strlist_t list ) secret_key_list( strlist_t list )
{ {
@ -527,6 +531,38 @@ list_one( strlist_t names, int secret )
print_signature_stats(&stats); print_signature_stats(&stats);
} }
static void
locate_one (strlist_t names)
{
int rc = 0;
strlist_t sl;
KBNODE keyblock = NULL;
struct sig_stats stats;
memset(&stats,0,sizeof(stats));
for (sl=names; sl; sl = sl->next)
{
rc = get_pubkey_byname (NULL, sl->d, &keyblock, NULL, 1, 0);
if (rc)
{
if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY)
log_error ("error reading key: %s\n", g10_errstr(rc) );
}
else
{
list_keyblock (keyblock, 0, opt.fingerprint,
opt.check_sigs? &stats : NULL );
release_kbnode (keyblock);
}
}
if (opt.check_sigs && !opt.with_colons)
print_signature_stats (&stats);
}
static void static void
print_key_data( PKT_public_key *pk ) print_key_data( PKT_public_key *pk )
{ {

2
g10/main.h
View File

@ -286,7 +286,7 @@ struct revocation_reason_info *
void release_revocation_reason_info( struct revocation_reason_info *reason ); void release_revocation_reason_info( struct revocation_reason_info *reason );
/*-- keylist.c --*/ /*-- keylist.c --*/
void public_key_list( strlist_t list ); void public_key_list( strlist_t list, int locate_mode );
void secret_key_list( strlist_t list ); void secret_key_list( strlist_t list );
void print_subpackets_colon(PKT_signature *sig); void print_subpackets_colon(PKT_signature *sig);
void reorder_keyblock (KBNODE keyblock); void reorder_keyblock (KBNODE keyblock);