diff options
| author | David Shaw <dshaw@jabberwocky.com> | 2006-02-22 21:20:58 +0100 |
|---|---|---|
| committer | David Shaw <dshaw@jabberwocky.com> | 2006-02-22 21:20:58 +0100 |
| commit | 477defdb1b5a8e7c2f4be8dace9576203a4650ec (patch) | |
| tree | 43ca4e0810f674549449207a61ceaa2771eec2b6 | |
| parent | * options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate): (diff) | |
| download | gnupg2-477defdb1b5a8e7c2f4be8dace9576203a4650ec.tar.xz gnupg2-477defdb1b5a8e7c2f4be8dace9576203a4650ec.zip | |
* options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
(keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be
consistent with honor-keyserver-url.
| -rw-r--r-- | g10/ChangeLog | 4 | ||||
| -rw-r--r-- | g10/gpg.c | 2 | ||||
| -rw-r--r-- | g10/keyserver.c | 14 | ||||
| -rw-r--r-- | g10/mainproc.c | 7 | ||||
| -rw-r--r-- | g10/options.h | 2 |
5 files changed, 19 insertions, 10 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index bd894faa8..35f20b06e 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,9 @@ 2006-02-22 David Shaw <dshaw@jabberwocky.com> + * options.h, gpg.c (main), mainproc.c (check_sig_and_print), + keyserver.c (keyserver_opts): Rename auto-pka-retrieve to + honor-pka-record to be consistent with honor-keyserver-url. + * options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate): Parse a list of key access methods. (get_pubkey_byname): Walk the list here to try and retrieve keys @@ -1731,7 +1731,7 @@ main (int argc, char **argv ) opt.keyserver_options.import_options=IMPORT_REPAIR_PKS_SUBKEY_BUG; opt.keyserver_options.export_options=EXPORT_ATTRIBUTES; opt.keyserver_options.options= - KEYSERVER_INCLUDE_SUBKEYS|KEYSERVER_INCLUDE_REVOKED|KEYSERVER_TRY_DNS_SRV|KEYSERVER_HONOR_KEYSERVER_URL|KEYSERVER_AUTO_PKA_RETRIEVE; + KEYSERVER_INCLUDE_SUBKEYS|KEYSERVER_INCLUDE_REVOKED|KEYSERVER_TRY_DNS_SRV|KEYSERVER_HONOR_KEYSERVER_URL|KEYSERVER_HONOR_PKA_RECORD; opt.verify_options= VERIFY_SHOW_POLICY_URLS|VERIFY_SHOW_STD_NOTATIONS|VERIFY_SHOW_KEYSERVER_URLS; opt.trust_model=TM_AUTO; diff --git a/g10/keyserver.c b/g10/keyserver.c index 6eef109e4..615794918 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -85,14 +85,14 @@ static struct parse_options keyserver_opts[]= NULL}, {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL, N_("automatically retrieve keys when verifying signatures")}, - {"auto-pka-retrieve",KEYSERVER_AUTO_PKA_RETRIEVE,NULL, - N_("automatically retrieve keys from PKA records")}, {"auto-cert-retrieve",KEYSERVER_AUTO_CERT_RETRIEVE,NULL, N_("automatically retrieve keys from DNS")}, {"try-dns-srv",KEYSERVER_TRY_DNS_SRV,NULL, NULL}, {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL, N_("honor the preferred keyserver URL set on the key")}, + {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL, + N_("honor the PKA record set on a key when retrieving keys")}, {NULL,0,NULL,NULL} }; @@ -1740,7 +1740,7 @@ keyidlist(STRLIST users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3) /* Try and parse the keyserver URL. If it doesn't work, then we end up writing NULL which indicates we are the same as any other key. */ - if(uid && sig) + if(sig) (*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig); } @@ -1977,7 +1977,8 @@ keyserver_import_cert(const char *name) return rc; } -/* Import key pointed to by a PKA record */ +/* Import key pointed to by a PKA record. Return the requested + fingerprint in fpr. */ int keyserver_import_pka(const char *name,unsigned char *fpr) { @@ -2041,6 +2042,11 @@ keyserver_import_ldap(const char *name) keyserver->host=xmalloc(5+strlen(domain)+1); strcpy(keyserver->host,"keys."); strcat(keyserver->host,domain); + keyserver->uri=xmalloc(strlen(keyserver->scheme)+ + 3+strlen(keyserver->host)+1); + strcpy(keyserver->uri,keyserver->scheme); + strcat(keyserver->uri,"://"); + strcat(keyserver->uri,keyserver->host); rc=keyserver_work(KS_GETNAME,list,NULL,0,keyserver); diff --git a/g10/mainproc.c b/g10/mainproc.c index afe4ee1ed..839d94c10 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1530,11 +1530,11 @@ check_sig_and_print( CTX c, KBNODE node ) } } - /* If the preferred keyserver thing above didn't work, our second try is to use the URI from a DNS PKA record. */ if ( rc == G10ERR_NO_PUBKEY - && (opt.keyserver_options.options&KEYSERVER_AUTO_PKA_RETRIEVE)) + && opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE + && opt.keyserver_options.options&KEYSERVER_HONOR_PKA_RECORD) { const char *uri = pka_uri_from_sig (sig); @@ -1558,12 +1558,11 @@ check_sig_and_print( CTX c, KBNODE node ) } } - /* If the preferred keyserver thing above didn't work and we got no information from the DNS PKA, this is a third try. */ if( rc == G10ERR_NO_PUBKEY && opt.keyserver - && (opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE)) + && opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE) { int res; diff --git a/g10/options.h b/g10/options.h index 0b6f1c306..433016a96 100644 --- a/g10/options.h +++ b/g10/options.h @@ -319,7 +319,7 @@ struct { #define KEYSERVER_AUTO_KEY_RETRIEVE (1<<5) #define KEYSERVER_TRY_DNS_SRV (1<<6) #define KEYSERVER_HONOR_KEYSERVER_URL (1<<7) -#define KEYSERVER_AUTO_PKA_RETRIEVE (1<<8) +#define KEYSERVER_HONOR_PKA_RECORD (1<<8) #define KEYSERVER_AUTO_CERT_RETRIEVE (1<<9) #endif /*G10_OPTIONS_H*/ |