mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
gpg: Allow fingerprint based lookup with --locate-external-key.
* g10/keyserver.c (keyserver_import_fprint_ntds): New.
* g10/getkey.c (get_pubkey_byname): Detect an attempt to search by
fingerprint in no_local mode.
--
See the man page. For testing use
gpg --auto-key-locate local,wkd,keyserver --locate-external-key \
FINGERPRINT
with at least one LDAP keyserver given in dirmngr.conf. On Windows
"ntds" may be used instead or in addtion to "keyserver".
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
f79e9540ca
commit
ec36eca08c
7 changed files with 181 additions and 46 deletions
26
doc/gpg.texi
26
doc/gpg.texi
|
|
@ -355,11 +355,17 @@ numbers 1-9 or "T" for 10 and above to indicate trust signature levels
|
|||
Locate the keys given as arguments. This command basically uses the
|
||||
same algorithm as used when locating keys for encryption and may thus
|
||||
be used to see what keys @command{@gpgname} might use. In particular
|
||||
external methods as defined by @option{--auto-key-locate} may be used
|
||||
to locate a key. Only public keys are listed. The variant
|
||||
@option{--locate-external-keys} does not consider a locally existing
|
||||
key and can thus be used to force the refresh of a key via the defined
|
||||
external methods.
|
||||
external methods as defined by @option{--auto-key-locate} are used to
|
||||
locate a key if the arguments comain valid mail addresses. Only
|
||||
public keys are listed.
|
||||
|
||||
The variant @option{--locate-external-keys} does not consider a
|
||||
locally existing key and can thus be used to force the refresh of a
|
||||
key via the defined external methods. If a fingerprint is given and
|
||||
and the methods defined by --auto-key-locate define LDAP servers, the
|
||||
key is fetched from these resources; defined non-LDAP keyservers are
|
||||
skipped.
|
||||
|
||||
|
||||
@item --show-keys
|
||||
@opindex show-keys
|
||||
|
|
@ -1842,14 +1848,20 @@ list. The default is "local,wkd".
|
|||
PGP Universal method of checking @samp{ldap://keys.(thedomain)}.
|
||||
|
||||
@item ntds
|
||||
Locate the key using the Active Directory (Windows only).
|
||||
Locate the key using the Active Directory (Windows only). This
|
||||
method also allows to search by fingerprint using the command
|
||||
@option{--locate-external-key}.
|
||||
|
||||
@item keyserver
|
||||
Locate a key using a keyserver.
|
||||
Locate a key using a keyserver. This method also allows to search
|
||||
by fingerprint using the command @option{--locate-external-key} if
|
||||
any of the configured keyservers is an LDAP server.
|
||||
|
||||
@item keyserver-URL
|
||||
In addition, a keyserver URL as used in the @command{dirmngr}
|
||||
configuration may be used here to query that particular keyserver.
|
||||
This method also allows to search by fingerprint using the command
|
||||
@option{--locate-external-key} if the URL specifies an LDAP server.
|
||||
|
||||
@item local
|
||||
Locate the key using the local keyrings. This mechanism allows the user to
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue