gpg: New option --auto-key-import

* g10/gpg.c (opts): New options --auto-key-import, --no-auto-key-import, and --no-include-key-block. (gpgconf_list): Add them. * g10/options.h (opt): Add field flags.auto_key_import. * g10/mainproc.c (check_sig_and_print): Use flag to enable that feature. * tools/gpgconf-comp.c: Give the new options a Basic config level. -- Note that the --no variants of the options are intended for easy disabling at the command line. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <wk@gnupg.org> Backported from master. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-03 22:56:33 +02:00 · 2020-03-14 18:04:47 +01:00 · 2020-03-14 18:04:47 +01:00 · 95b42278ca
commit 95b42278ca
parent b42d9f540c
5 changed files with 44 additions and 11 deletions
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -1905,14 +1905,11 @@ check_sig_and_print (CTX c, kbnode_t node)

  rc = do_check_sig (c, node, NULL, NULL, &is_expkey, &is_revkey, &pk);

-  /* If the key is not found but the signaure includes a key bnlock we
-   * import that key block and trry again.  We keep this key block
-   * only if the signature verifies.  */
-  /* FIXME: Shall we add an option to disable it or use it only if
-   * --auto-key-retriueve is set?  */
+  /* If the key is not found but the signature includes a key block we
+   * use that key block for verification and on success import it.  */
  if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
-      && sig->flags.key_block)
-      /* && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE)) */
+      && sig->flags.key_block
+      && opt.flags.auto_key_import)
    {
      PKT_public_key *included_pk;
      const byte *kblock;