mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
b59af0e2a0
* g10/getkey.c (get_seckey_default_or_card): Lookup a missing public key from the current card via LDAP. * g10/call-dirmngr.c: Include keyserver-intetnal.h. (gpg_dirmngr_ks_get): Rename arg quick into flags. Take care of the new LDAP flag. * g10/keyserver-internal.h (KEYSERVER_IMPORT_FLAG_QUICK): New. Replace the use of the value 1 for the former quick arg. (KEYSERVER_IMPORT_FLAG_LDAP): New. * g10/keyserver.c (keyserver_get_chunk): Increase the reserved line length. * dirmngr/ks-action.c (ks_action_get): Add arg ldap_only. * dirmngr/server.c (cmd_ks_get): Add option --ldap. -- This change makes it easy to start working with gnupg: Just insert the smartcard or token provided to you and the first time you sign a message the public key associated with the current card will be imported and everything is set without any configuration. This works only with an LDAP directory because it can be expected that the public key has been put into the LDAP during card personalization. Of course an LDAP server needs to be configured; in a Windows AD domain this can be a mere "keyserver ldap:///" in dirmngr.conf. Other configured keyservers are ignored. Requirements for the card driver: The $SIGNKEYID attribute must exists and a query for the KEY-FPR attribute needs to return the OpenPGP fingerprint for that key. This is currently supported for OpenPGP cards and certain PKCS#15 cards. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit d7e707170fbe2956deb3d81e2802d21352079722)
49 lines
2.3 KiB
C
49 lines
2.3 KiB
C
/* call-dirmngr.h - GPG operations to the Dirmngr
|
|
* Copyright (C) 2011 Free Software Foundation, Inc.
|
|
*
|
|
* This file is part of GnuPG.
|
|
*
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
#ifndef GNUPG_G10_CALL_DIRMNGR_H
|
|
#define GNUPG_G10_CALL_DIRMNGR_H
|
|
|
|
void gpg_dirmngr_deinit_session_data (ctrl_t ctrl);
|
|
|
|
gpg_error_t gpg_dirmngr_ks_list (ctrl_t ctrl, char **r_keyserver);
|
|
gpg_error_t gpg_dirmngr_ks_search (ctrl_t ctrl, const char *searchstr,
|
|
gpg_error_t (*cb)(void*, int, char *),
|
|
void *cb_value);
|
|
gpg_error_t gpg_dirmngr_ks_get (ctrl_t ctrl, char *pattern[],
|
|
keyserver_spec_t override_keyserver,
|
|
unsigned int flags,
|
|
estream_t *r_fp, char **r_source);
|
|
gpg_error_t gpg_dirmngr_ks_fetch (ctrl_t ctrl,
|
|
const char *url, estream_t *r_fp);
|
|
gpg_error_t gpg_dirmngr_ks_put (ctrl_t ctrl, void *data, size_t datalen,
|
|
kbnode_t keyblock);
|
|
gpg_error_t gpg_dirmngr_dns_cert (ctrl_t ctrl,
|
|
const char *name, const char *certtype,
|
|
estream_t *r_key,
|
|
unsigned char **r_fpr, size_t *r_fprlen,
|
|
char **r_url);
|
|
gpg_error_t gpg_dirmngr_get_pka (ctrl_t ctrl, const char *userid,
|
|
unsigned char **r_fpr, size_t *r_fprlen,
|
|
char **r_url);
|
|
gpg_error_t gpg_dirmngr_wkd_get (ctrl_t ctrl, const char *name, int quick,
|
|
estream_t *r_key, char **r_url);
|
|
|
|
|
|
#endif /*GNUPG_G10_CALL_DIRMNGR_H*/
|