1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

Add command --locate-key.

Fix auto-key-locate processing of "nodefault".
This commit is contained in:
Werner Koch 2008-05-07 15:40:36 +00:00
parent 4254e90426
commit 69ae16636c
7 changed files with 103 additions and 13 deletions

4
NEWS
View File

@ -9,6 +9,10 @@ Noteworthy changes in version 2.0.10 (unreleased)
* [W32] Initialize the socket subsystem for all keyserver helpers.
* New gpg2 command --locate-keys.
* New gpg2 options --with-sig-list and --with-sig-check.
Noteworthy changes in version 2.0.9 (2008-03-26)
------------------------------------------------

View File

@ -291,6 +291,10 @@ secret key is not usable (for example, if it was created via
@item --list-sigs
@opindex list-sigs
Same as @option{--list-keys}, but the signatures are listed too.
@ifclear gpgone
This command has the same effect as
using @option{--list-keys} with @option{--with-sig-list}.
@end ifclear
For each signature listed, there are several flags in between the "sig"
tag and keyid. These flags give additional information about each
@ -308,6 +312,10 @@ command "tsign").
@item --check-sigs
@opindex check-sigs
Same as @option{--list-sigs}, but the signatures are verified.
@ifclear gpgone
This command has the same effect as
using @option{--list-keys} with @option{--with-sig-check}.
@end ifclear
The status of the verification is indicated by a flag directly following
the "sig" tag (and thus before the flags described above for
@ -316,6 +324,16 @@ successfully verified, a "-" denotes a bad signature and a "%" is used
if an error occured while checking the signature (e.g. a non supported
algorithm).
@ifclear gpgone
@item --locate-keys
@opindex locate-keys
Locate the keys given as arguments. This command basically uses the
same algorithm as used when locating keys for encryption or signing and
may thus be used to see what keys @command{@gpgname} might use. In
particular external methods as defined by @option{--auto-key-locate} may
be used to locate a key. Only public keys are listed.
@end ifclear
@item --fingerprint
@opindex fingerprint

View File

@ -1,3 +1,12 @@
2008-05-07 Werner Koch <wk@g10code.com>
* getkey.c (get_pubkey_byname): Fix nodefault case.
* gpg.c: New command --locate-keys. New options --with-sig-list
and --with-sig-check.
* keylist.c (locate_one): New.
(public_key_list): Add arg LOCATE_MODE and use locate_one.
2008-04-18 Werner Koch <wk@g10code.com>
* misc.c (map_cipher_openpgp_to_gcry, map_cipher_gcry_to_openpgp)

View File

@ -925,8 +925,11 @@ get_pubkey_byname (PKT_public_key *pk,
int rc;
strlist_t namelist = NULL;
struct akl *akl;
int is_mbox;
int nodefault = 0;
is_mbox = is_valid_mailbox (name);
/* Check whether we the default local search has been disabled.
This is the case if either the "nodefault" or the "local" keyword
are in the list of auto key locate mechanisms. */
@ -940,8 +943,11 @@ get_pubkey_byname (PKT_public_key *pk,
}
}
if (nodefault)
if (nodefault && is_mbox)
{
/* Nodefault but a mailbox - let the AKL locate the key. */
rc = G10ERR_NO_PUBKEY;
}
else
{
add_to_strlist (&namelist, name);
@ -951,8 +957,7 @@ get_pubkey_byname (PKT_public_key *pk,
/* If the requested name resembles a valid mailbox and automatic
retrieval has been enabled, we try to import the key. */
if (rc == G10ERR_NO_PUBKEY && !no_akl && is_valid_mailbox(name))
if (gpg_err_code (rc) == G10ERR_NO_PUBKEY && !no_akl && is_mbox)
{
for (akl=opt.auto_key_locate; akl; akl=akl->next)
{

View File

@ -119,6 +119,7 @@ enum cmd_and_opt_values
aListSigs,
aSendKeys,
aRecvKeys,
aLocateKeys,
aSearchKeys,
aRefreshKeys,
aFetchKeys,
@ -229,6 +230,8 @@ enum cmd_and_opt_values
oHomedir,
oWithColons,
oWithKeyData,
oWithSigList,
oWithSigCheck,
oSkipVerify,
oCompressKeys,
oCompressSigs,
@ -399,6 +402,7 @@ static ARGPARSE_OPTS opts[] = {
N_("search for keys on a key server") },
{ aRefreshKeys, "refresh-keys", 256,
N_("update all keys from a keyserver")},
{ aLocateKeys, "locate-keys", 256, "@"},
{ aFetchKeys, "fetch-keys" , 256, "@" },
{ aExportSecret, "export-secret-keys" , 256, "@" },
{ aExportSecretSub, "export-secret-subkeys" , 256, "@" },
@ -588,6 +592,8 @@ static ARGPARSE_OPTS opts[] = {
{ oNoBatch, "no-batch", 0, "@" },
{ oWithColons, "with-colons", 0, "@"},
{ oWithKeyData,"with-key-data", 0, "@"},
{ oWithSigList,"with-sig-list", 0, "@"},
{ oWithSigCheck,"with-sig-check", 0, "@"},
{ aListKeys, "list-key", 0, "@" }, /* alias */
{ aListSigs, "list-sig", 0, "@" }, /* alias */
{ aCheckKeys, "check-sig",0, "@" }, /* alias */
@ -2099,6 +2105,7 @@ main (int argc, char **argv)
case aChangePIN:
#endif /* ENABLE_CARD_SUPPORT*/
case aListKeys:
case aLocateKeys:
case aListSigs:
case aExportSecret:
case aExportSecretSub:
@ -2264,9 +2271,13 @@ main (int argc, char **argv)
case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */
case oHomedir: break;
case oNoBatch: opt.batch = 0; break;
case oWithKeyData: opt.with_key_data=1; /* fall thru */
case oWithKeyData: opt.with_key_data=1; /*FALLTHRU*/
case oWithColons: opt.with_colons=':'; break;
case oWithSigCheck: opt.check_sigs = 1; /*FALLTHRU*/
case oWithSigList: opt.list_sigs = 1; break;
case oSkipVerify: opt.skip_verify=1; break;
case oCompressKeys: opt.compress_keys = 1; break;
case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
@ -3300,7 +3311,7 @@ main (int argc, char **argv)
{
if (ALWAYS_ADD_KEYRINGS
|| (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys
&& cmd != aVerify && cmd != aSym))
&& cmd != aVerify && cmd != aSym && cmd != aLocateKeys))
{
if (!sec_nrings || default_keyring) /* add default secret rings */
keydb_add_resource ("secring" EXTSEP_S "gpg", 4, 1);
@ -3583,7 +3594,7 @@ main (int argc, char **argv)
sl = NULL;
for( ; argc; argc--, argv++ )
add_to_strlist2( &sl, *argv, utf8_strings );
public_key_list( sl );
public_key_list( sl, 0 );
free_strlist(sl);
break;
case aListSecretKeys:
@ -3593,6 +3604,13 @@ main (int argc, char **argv)
secret_key_list( sl );
free_strlist(sl);
break;
case aLocateKeys:
sl = NULL;
for (; argc; argc--, argv++)
add_to_strlist2( &sl, *argv, utf8_strings );
public_key_list (sl, 1);
free_strlist (sl);
break;
case aKeygen: /* generate a key */
if( opt.batch ) {

View File

@ -40,6 +40,7 @@
static void list_all(int);
static void list_one( strlist_t names, int secret);
static void locate_one (strlist_t names);
static void print_card_serialno (PKT_secret_key *sk);
struct sig_stats
@ -56,9 +57,9 @@ static FILE *attrib_fp=NULL;
* If list is NULL, all available keys are listed
*/
void
public_key_list( strlist_t list )
public_key_list( strlist_t list, int locate_mode )
{
if(opt.with_colons)
if (opt.with_colons)
{
byte trust_model,marginals,completes,cert_depth;
ulong created,nextcheck;
@ -101,12 +102,15 @@ public_key_list( strlist_t list )
which is associated with the inode of a deleted file. */
check_trustdb_stale ();
if( !list )
list_all(0);
if (locate_mode)
locate_one (list);
else if (!list)
list_all (0);
else
list_one( list, 0 );
list_one (list, 0);
}
void
secret_key_list( strlist_t list )
{
@ -527,6 +531,38 @@ list_one( strlist_t names, int secret )
print_signature_stats(&stats);
}
static void
locate_one (strlist_t names)
{
int rc = 0;
strlist_t sl;
KBNODE keyblock = NULL;
struct sig_stats stats;
memset(&stats,0,sizeof(stats));
for (sl=names; sl; sl = sl->next)
{
rc = get_pubkey_byname (NULL, sl->d, &keyblock, NULL, 1, 0);
if (rc)
{
if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY)
log_error ("error reading key: %s\n", g10_errstr(rc) );
}
else
{
list_keyblock (keyblock, 0, opt.fingerprint,
opt.check_sigs? &stats : NULL );
release_kbnode (keyblock);
}
}
if (opt.check_sigs && !opt.with_colons)
print_signature_stats (&stats);
}
static void
print_key_data( PKT_public_key *pk )
{

View File

@ -286,7 +286,7 @@ struct revocation_reason_info *
void release_revocation_reason_info( struct revocation_reason_info *reason );
/*-- keylist.c --*/
void public_key_list( strlist_t list );
void public_key_list( strlist_t list, int locate_mode );
void secret_key_list( strlist_t list );
void print_subpackets_colon(PKT_signature *sig);
void reorder_keyblock (KBNODE keyblock);