diff --git a/dirmngr/ks-action.c b/dirmngr/ks-action.c index 2e04582a1..6be2072e9 100644 --- a/dirmngr/ks-action.c +++ b/dirmngr/ks-action.c @@ -548,6 +548,40 @@ ks_action_put (ctrl_t ctrl, uri_item_t keyservers, +/* Delete an OpenPGP key from all KEYSERVERS which use LDAP. The key + * is specifified by PATTERNS. */ +gpg_error_t +ks_action_del (ctrl_t ctrl, uri_item_t keyservers, strlist_t patterns) +{ + gpg_error_t err = 0; + gpg_error_t first_err = 0; + int any_server = 0; + uri_item_t uri; + + for (uri = keyservers; uri; uri = uri->next) + { +#if USE_LDAP + if ( !strcmp (uri->parsed_uri->scheme, "ldap") + || !strcmp (uri->parsed_uri->scheme, "ldaps") + || !strcmp (uri->parsed_uri->scheme, "ldapi") + || uri->parsed_uri->opaque ) + { + any_server = 1; + err = ks_ldap_del (ctrl, uri->parsed_uri, patterns); + if (err && !first_err) + first_err = err; + } +#endif + } + + if (!any_server) + err = gpg_error (GPG_ERR_NO_KEYSERVER); /* Actual: No LDAP keyserver */ + else if (!err && first_err) + err = first_err; + return err; +} + + /* Query the default LDAP server or the one given by URL using * the filter expression FILTER. Write the result to OUTFP. */ gpg_error_t diff --git a/dirmngr/ks-action.h b/dirmngr/ks-action.h index 223aae2da..d222d6afe 100644 --- a/dirmngr/ks-action.h +++ b/dirmngr/ks-action.h @@ -33,6 +33,8 @@ gpg_error_t ks_action_fetch (ctrl_t ctrl, const char *url, estream_t outfp); gpg_error_t ks_action_put (ctrl_t ctrl, uri_item_t keyservers, void *data, size_t datalen, void *info, size_t infolen); +gpg_error_t ks_action_del (ctrl_t ctrl, uri_item_t keyservers, + strlist_t patterns); gpg_error_t ks_action_query (ctrl_t ctrl, const char *ldapserver, unsigned int ks_get_flags, const char *filter, char **attr, diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c index c2c57d819..4ad021b73 100644 --- a/dirmngr/ks-engine-ldap.c +++ b/dirmngr/ks-engine-ldap.c @@ -2984,6 +2984,18 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri, } +/* Delete the keys given by PATTERNS from the keyserver identified by + * URI. */ +gpg_error_t +ks_ldap_del (ctrl_t ctrl, parsed_uri_t uri, strlist_t patterns) +{ + (void)ctrl; + (void)uri; + (void)patterns; + return gpg_error (GPG_ERR_NOT_IMPLEMENTED); +} + + /* Get the data described by FILTER_ARG from URI. On success R_FP has * an open stream to read the data. KS_GET_FLAGS conveys flags from diff --git a/dirmngr/server.c b/dirmngr/server.c index 3097d5eed..66a74a890 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -2727,6 +2727,52 @@ cmd_ks_put (assuan_context_t ctx, char *line) } +static const char hlp_ks_del[] = + "KS_DEL --ldap {}\n" + "\n" + "Delete the keys matching PATTERN from the configured OpenPGP LDAP server\n" + "The pattern should be a fingerprint.\n" + "The option --ldap is mandatory.\n"; +static gpg_error_t +cmd_ks_del (assuan_context_t ctx, char *line) +{ + ctrl_t ctrl = assuan_get_pointer (ctx); + gpg_error_t err; + strlist_t list = NULL; + unsigned int flags = 0; + + if (has_option (line, "--ldap")) + flags |= KS_GET_FLAG_ONLY_LDAP; + line = skip_options (line); + + err = percentplus_line_to_strlist (line, &list); + if (err) + goto leave; + + if (!(flags & KS_GET_FLAG_ONLY_LDAP)) + { + err = set_error (GPG_ERR_SYNTAX, "option --ldap is mandatory"); + goto leave; + } + + if (!list) + { + err = set_error (GPG_ERR_SYNTAX, "no fingerprints given"); + goto leave; + } + + err = ensure_keyserver (ctrl); + if (err) + goto leave; + + err = ks_action_del (ctrl, ctrl->server_local->keyservers, list); + + leave: + free_strlist (list); + return leave_cmd (ctx, err); +} + + static const char hlp_ad_query[] = "AD_QUERY [--first|--next] [--] \n" @@ -3067,6 +3113,7 @@ register_commands (assuan_context_t ctx) { "KS_GET", cmd_ks_get, hlp_ks_get }, { "KS_FETCH", cmd_ks_fetch, hlp_ks_fetch }, { "KS_PUT", cmd_ks_put, hlp_ks_put }, + { "KS_DEL", cmd_ks_del, hlp_ks_del }, { "AD_QUERY", cmd_ad_query, hlp_ad_query }, { "GETINFO", cmd_getinfo, hlp_getinfo }, { "LOADSWDB", cmd_loadswdb, hlp_loadswdb },