From c5ca275573f147c83d06a64ba60053d4e646c6c0 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 8 Jul 1999 14:24:35 +0000 Subject: [PATCH] See ChangeLog: Thu Jul 8 16:21:27 CEST 1999 Werner Koch --- NEWS | 4 ++++ doc/FAQ | 6 ++++++ doc/gpg.sgml | 8 ++++++++ g10/ChangeLog | 13 +++++++++++++ g10/build-packet.c | 1 + g10/g10.c | 7 ++++++- g10/mainproc.c | 24 ++++++++++++++++++++++++ g10/packet.h | 5 +++++ g10/parse-packet.c | 11 +++++++---- g10/trustdb.c | 4 ++++ tools/ChangeLog | 5 +++++ tools/Makefile.am | 1 + tools/lspgpot | 15 +++++++++++++++ 13 files changed, 99 insertions(+), 5 deletions(-) create mode 100755 tools/lspgpot diff --git a/NEWS b/NEWS index da00e57f4..fbf97adaf 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,10 @@ * Changes to support libtool which is needed for the development of libgcrypt. + * New script tools/lspgpot to help transferring assigned + trustvalues from PGP to GnuPG. + + Noteworthy changes in version 0.9.8 ----------------------------------- diff --git a/doc/FAQ b/doc/FAQ index 620b27ef1..c57b490ae 100644 --- a/doc/FAQ +++ b/doc/FAQ @@ -336,3 +336,9 @@ you active characterset matches the one displayed - if not, restrict yourself to plain 7 bit ASCII and no mapping has to be done. + Q: How do I transfer owner trust values from PGP to GnuPG? + A: There is a script in the tools directory to help you: + After you have imported the PGP keyring you can give this command: + $ lspgpot pgpkeyring | gpg --import-ownertrust + + diff --git a/doc/gpg.sgml b/doc/gpg.sgml index 21d74fc83..83eac9de9 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -1087,6 +1087,14 @@ Print key listings delimited by colons. Print key listings delimited by colons and print the public key data. + +--with-fingerprint + +Same as the command --fingerprint but changes only the format of the output +and may be used together with another command. + + + diff --git a/g10/ChangeLog b/g10/ChangeLog index 6828cab45..fcc2a97eb 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,16 @@ +Thu Jul 8 16:21:27 CEST 1999 Werner Koch + + + * packet.h (PKT_ring_trust): New + * parse-packet.c (parse_trust): Store trust value + * build-packet (build_packet): Ignore ring trust packets. + * mainproc.c (add_ring_trust): New. + (list_node): Print "rtv" records. + * g10.c: New option --with-fingerprint. + + * trustdb.c (verify_own_keys): Don't insert if we are dry running + (check_trust): Ditto. + Wed Jul 7 13:08:40 CEST 1999 Werner Koch diff --git a/g10/build-packet.c b/g10/build-packet.c index 75066de2b..4049f370f 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -125,6 +125,7 @@ build_packet( IOBUF out, PACKET *pkt ) rc = do_onepass_sig( out, ctb, pkt->pkt.onepass_sig ); break; case PKT_RING_TRUST: + break; /* ignore it */ default: log_bug("invalid packet type in build_packet()\n"); break; diff --git a/g10/g10.c b/g10/g10.c index 48774ebd1..092def68a 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -105,6 +105,7 @@ enum cmd_and_opt_values { aNull = 0, oTextmode, oFingerprint, + oWithFingerprint, oAnswerYes, oAnswerNo, oKeyring, @@ -319,6 +320,7 @@ static ARGPARSE_OPTS opts[] = { { oUseEmbeddedFilename, "use-embedded-filename", 0, "@" }, { oUtf8Strings, "utf8-strings", 0, "@" }, { oNoUtf8Strings, "no-utf8-strings", 0, "@" }, + { oWithFingerprint, "with-fingerprint", 0, "@" }, {0} }; @@ -510,6 +512,7 @@ main( int argc, char **argv ) char *s2k_cipher_string = NULL; char *s2k_digest_string = NULL; int pwfd = -1; + int with_fpr = 0; /* make an option out of --fingerprint */ #ifdef USE_SHM_COPROCESSING ulong requested_shm_size=0; #endif @@ -684,6 +687,8 @@ main( int argc, char **argv ) case oDebugAll: opt.debug = ~0; break; case oStatusFD: set_status_fd( pargs.r.ret_int ); break; case oLoggerFD: log_set_logfile( NULL, pargs.r.ret_int ); break; + case oWithFingerprint: + with_fpr=1; /*fall thru*/ case oFingerprint: opt.fingerprint++; break; case oSecretKeyring: append_to_strlist( &sec_nrings, pargs.r.ret_str); break; case oOptions: @@ -875,7 +880,7 @@ main( int argc, char **argv ) if( log_get_errorcount(0) ) g10_exit(2); - if( !cmd && opt.fingerprint ) + if( !cmd && opt.fingerprint && !with_fpr ) set_cmd( &cmd, aListKeys); if( cmd == aKMode || cmd == aKModeC ) { /* kludge to be compatible to pgp */ diff --git a/g10/mainproc.c b/g10/mainproc.c index 51d436127..edd393a1e 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -124,6 +124,17 @@ add_subkey( CTX c, PACKET *pkt ) return 1; } +static int +add_ring_trust( CTX c, PACKET *pkt ) +{ + if( !c->list ) { + log_error("ring trust w/o key\n" ); + return 0; + } + add_kbnode( c->list, new_kbnode( pkt ) ); + return 1; +} + static int add_signature( CTX c, PACKET *pkt ) @@ -570,6 +581,13 @@ list_node( CTX c, KBNODE node ) if( c->local_id ) putchar( get_ownertrust_info( c->local_id ) ); putchar(':'); + if( node->next && node->next->pkt->pkttype == PKT_RING_TRUST) { + putchar('\n'); any=1; + if( opt.fingerprint ) + print_fingerprint( pk, NULL ); + printf("rtv:1:%u:\n", + node->next->pkt->pkt.ring_trust->trustval ); + } } else printf("%s %4u%c/%08lX %s ", @@ -604,6 +622,11 @@ list_node( CTX c, KBNODE node ) putchar('\n'); if( opt.fingerprint && !any ) print_fingerprint( pk, NULL ); + if( node->next + && node->next->pkt->pkttype == PKT_RING_TRUST ) { + printf("rtv:2:%u:\n", + node->next->pkt->pkt.ring_trust->trustval ); + } any=1; } else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) { @@ -886,6 +909,7 @@ do_proc_packets( CTX c, IOBUF a ) case PKT_PLAINTEXT: proc_plaintext( c, pkt ); break; case PKT_COMPRESSED: proc_compressed( c, pkt ); break; case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break; + case PKT_RING_TRUST: newpkt = add_ring_trust( c, pkt ); break; default: newpkt = 0; break; } } diff --git a/g10/packet.h b/g10/packet.h index ac44a4fd3..91253ebe2 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -172,6 +172,10 @@ typedef struct { IOBUF buf; /* IOBUF reference */ } PKT_encrypted; +typedef struct { + unsigned int trustval; +} PKT_ring_trust; + typedef struct { u32 len; /* length of encrypted data */ IOBUF buf; /* IOBUF reference */ @@ -198,6 +202,7 @@ struct packet_struct { PKT_user_id *user_id; /* PKT_USER_ID */ PKT_compressed *compressed; /* PKT_COMPRESSED */ PKT_encrypted *encrypted; /* PKT_ENCRYPTED[_MDC] */ + PKT_ring_trust *ring_trust; /* PKT_RING_TRUST */ PKT_plaintext *plaintext; /* PKT_PLAINTEXT */ } pkt; }; diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 5ce7e2660..577a1fcfe 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -63,7 +63,8 @@ static int parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet ); static int parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet ); -static void parse_trust( IOBUF inp, int pkttype, unsigned long pktlen ); +static void parse_trust( IOBUF inp, int pkttype, unsigned long pktlen, + PACKET *packet ); static int parse_plaintext( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet, int new_ctb); static int parse_compressed( IOBUF inp, int pkttype, unsigned long pktlen, @@ -421,8 +422,8 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos, rc = parse_comment(inp, pkttype, pktlen, pkt); break; case PKT_RING_TRUST: - parse_trust(inp, pkttype, pktlen); - rc = G10ERR_UNKNOWN_PACKET; + parse_trust(inp, pkttype, pktlen, pkt); + rc = 0; break; case PKT_PLAINTEXT: rc = parse_plaintext(inp, pkttype, pktlen, pkt, new_ctb ); @@ -1517,11 +1518,13 @@ parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet ) static void -parse_trust( IOBUF inp, int pkttype, unsigned long pktlen ) +parse_trust( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *pkt ) { int c; c = iobuf_get_noeof(inp); + pkt->pkt.ring_trust = m_alloc( sizeof *pkt->pkt.ring_trust ); + pkt->pkt.ring_trust->trustval = c; if( list_mode ) printf(":trust packet: flag=%02x\n", c ); } diff --git a/g10/trustdb.c b/g10/trustdb.c index 497fa9e65..3f5b4fc64 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -477,6 +477,8 @@ verify_own_keys(void) /* make sure that the pubkey is in the trustdb */ rc = query_trust_record( pk ); + if( rc == -1 && opt.dry_run ) + goto skip; if( rc == -1 ) { /* put it into the trustdb */ rc = insert_trust_record_by_pk( pk ); if( rc ) { @@ -2217,6 +2219,8 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel, g10_errstr(rc)); return rc; } + else if( rc == -1 && opt.dry_run ) + return G10ERR_GENERAL; else if( rc == -1 ) { /* not found - insert */ rc = insert_trust_record_by_pk( pk ); if( rc ) { diff --git a/tools/ChangeLog b/tools/ChangeLog index b59145f02..f3b32eac0 100644 --- a/tools/ChangeLog +++ b/tools/ChangeLog @@ -1,3 +1,8 @@ +Thu Jul 8 16:21:27 CEST 1999 Werner Koch + + + * lspgpot: New + Wed Jul 7 13:08:40 CEST 1999 Werner Koch diff --git a/tools/Makefile.am b/tools/Makefile.am index 403aa6761..2cf2e20ea 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -1,5 +1,6 @@ ## Process this file with automake to produce Makefile.in +EXTRA_DIST = lspgpot INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl needed_libs = ../cipher/libcipher.la \ ../mpi/libmpi.la ../util/libutil.la @INTLLIBS@ diff --git a/tools/lspgpot b/tools/lspgpot new file mode 100755 index 000000000..4041367f5 --- /dev/null +++ b/tools/lspgpot @@ -0,0 +1,15 @@ +#!/bin/sh +# lspgpot - script to extract the ownertrust values +# from a PGP keyrings and list them in GnuPG ownertrust format. + +../g10/gpg --dry-run --with-fingerprint --with-colons $* | awk ' +BEGIN { FS=":" + printf "# Ownertrust listing generated by lspgpot\n" + printf "# This can be imported using the command:\n" + printf "# ggp --import-ownertrust\n\n" } +$1 == "fpr" { fpr = $10 } +$1 == "rtv" && $2 == 1 && $3 == 2 { printf "%s:3:\n", fpr; next } +$1 == "rtv" && $2 == 1 && $3 == 5 { printf "%s:4:\n", fpr; next } +$1 == "rtv" && $2 == 1 && $3 == 6 { printf "%s:5:\n", fpr; next } +' +