gpg: expand GPG groups when resolving a key

* g10/expand-group.c: New * g10/pkclist.c: Extract expand_group and expand_id into expand-group.c. * g10/keydb.h: Add prototypes of expand_id and expand_group. * g10/getkey.c: Use expand_group before resolving key references. * g10/Makefile.am: Compile expand-group.c. -- When searching a key by its name, try to expand the provided name in case it is a GPG group reference. This GPG group resolution is performed before the individual keys are verified. This allows key listing using a GPG group reference. In particular, this modification fixes the encryption to group support in KDE's Kmail which is broken since version 18.04. Signed-off-by: Stephan Mueller <stephan.mueller@atsec.com> - Changed new filename to use a dash instead of an underscore. - Indendation changes. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-03 22:56:33 +02:00 · 2019-02-19 08:14:41 +01:00 · 2019-02-19 08:14:41 +01:00 · e825aea2ba
commit e825aea2ba
parent d9c4c3776b
5 changed files with 99 additions and 52 deletions
--- a/g10/expand-group.c
+++ b/g10/expand-group.c
@ -0,0 +1,73 @@
+/* expand-group.c - expand GPG group definitions
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
+ *               2008, 2009, 2010 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+
+#include "gpg.h"
+#include "options.h"
+#include "keydb.h"
+
+int
+expand_id (const char *id, strlist_t *into, unsigned int flags)
+{
+  struct groupitem *groups;
+  int count=0;
+
+  for (groups = opt.grouplist; groups; groups=groups->next)
+    {
+      /* need strcasecmp() here, as this should be localized */
+      if (strcasecmp (groups->name,id) == 0)
+	 {
+	   strlist_t each,sl;
+
+	   /* This maintains the current utf8-ness */
+	   for (each = groups->values; each; each=each->next)
+	     {
+	       sl = add_to_strlist (into, each->d);
+	       sl->flags = flags;
+	       count++;
+	     }
+
+	   break;
+	 }
+    }
+
+  return count;
+}
+
+/* For simplicity, and to avoid potential loops, we only expand once -
+ * you can't make an alias that points to an alias.  */
+strlist_t
+expand_group (strlist_t input)
+{
+  strlist_t output = NULL;
+  strlist_t sl, rover;
+
+  for (rover = input; rover; rover = rover->next)
+    if (!(rover->flags & PK_LIST_FROM_FILE)
+        && !expand_id (rover->d, &output, rover->flags))
+      {
+	 /* Didn't find any groups, so use the existing string */
+	 sl = add_to_strlist (&output, rover->d);
+	 sl->flags = rover->flags;
+      }
+
+  return output;
+}