[git] GnuPG - branch, master, updated. gnupg-2.1.13-131-g9b07557
by Werner Koch
cvs at cvs.gnupg.org
Tue Jul 12 15:16:00 CEST 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 9b075575cdc5851b019aed5ca5d5e18416beec8e (commit)
via 0f5b105d96780a29cc58893285e6c38482e0cc2d (commit)
via 3ccfd58b25a53def9c7e990c4f2f4091b95ae333 (commit)
from a346dc227515f8da22a2eba000ccf0efe11e5e4d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9b075575cdc5851b019aed5ca5d5e18416beec8e
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jul 12 15:09:18 2016 +0200
gpg: Extend import-option import-export to print PKA or DANE.
* g10/export.c (do_export_stream): Move PKA and DANE printing helper
code to ...
(print_pka_or_dane_records): this fucntion.
(write_keyblock_to_output): Add arg OPTIOSN and call
print_pka_or_dane_records if requested.
--
It is now possible to print a DANE record given a a file with a key
without importing the key first:
gpg --export-options export-dane \
--import-options import-export \
--import-filter keep-uid='mbox =~ alpha' \
--import FILE_WITH_KEY
Using the filter we only print a user id with the substring "alpha" in
the addr-spec.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/export.c b/g10/export.c
index 3ce8185..92235fb 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -77,6 +77,10 @@ static int do_export_stream (ctrl_t ctrl, iobuf_t out,
strlist_t users, int secret,
kbnode_t *keyblock_out, unsigned int options,
export_stats_t stats, int *any);
+static gpg_error_t print_pka_or_dane_records
+/**/ (iobuf_t out, kbnode_t keyblock, PKT_public_key *pk,
+ const void *data, size_t datalen,
+ int print_pka, int print_dane);
static void
@@ -1204,15 +1208,19 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
/* Write KEYBLOCK either to stdout or to the file set with the
- * --output option. */
+ * --output option. This is a simplified version of do_export_stream
+ * which supports only a few export options. */
gpg_error_t
-write_keyblock_to_output (kbnode_t keyblock, int with_armor)
+write_keyblock_to_output (kbnode_t keyblock, int with_armor,
+ unsigned int options)
{
gpg_error_t err;
const char *fname;
iobuf_t out;
kbnode_t node;
armor_filter_context_t *afx = NULL;
+ iobuf_t out_help = NULL;
+ PKT_public_key *pk = NULL;
fname = opt.outfile? opt.outfile : "-";
if (is_secured_filename (fname) )
@@ -1228,6 +1236,12 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor)
if (opt.verbose)
log_info (_("writing to '%s'\n"), iobuf_get_fname_nonnull (out));
+ if ((options & (EXPORT_PKA_FORMAT|EXPORT_DANE_FORMAT)))
+ {
+ with_armor = 0;
+ out_help = iobuf_temp ();
+ }
+
if (with_armor)
{
afx = new_armor_context ();
@@ -1237,24 +1251,43 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor)
for (node = keyblock; node; node = node->next)
{
- if (!is_deleted_kbnode (node) && node->pkt->pkttype != PKT_RING_TRUST)
- {
- err = build_packet (out, node->pkt);
- if (err)
- {
- log_error ("build_packet(%d) failed: %s\n",
- node->pkt->pkttype, gpg_strerror (err) );
- goto leave;
- }
- }
+ if (is_deleted_kbnode (node) || node->pkt->pkttype == PKT_RING_TRUST)
+ continue;
+ if (!pk && (node->pkt->pkttype == PKT_PUBLIC_KEY
+ || node->pkt->pkttype == PKT_SECRET_KEY))
+ pk = node->pkt->pkt.public_key;
+
+ err = build_packet (out_help? out_help : out, node->pkt);
+ if (err)
+ {
+ log_error ("build_packet(%d) failed: %s\n",
+ node->pkt->pkttype, gpg_strerror (err) );
+ goto leave;
+ }
}
err = 0;
+ if (out_help && pk)
+ {
+ const void *data;
+ size_t datalen;
+
+ iobuf_flush_temp (out_help);
+ data = iobuf_get_temp_buffer (out_help);
+ datalen = iobuf_get_temp_length (out_help);
+
+ err = print_pka_or_dane_records (out,
+ keyblock, pk, data, datalen,
+ (options & EXPORT_PKA_FORMAT),
+ (options & EXPORT_DANE_FORMAT));
+ }
+
leave:
if (err)
iobuf_cancel (out);
else
iobuf_close (out);
+ iobuf_cancel (out_help);
release_armor_context (afx);
return err;
}
@@ -1327,12 +1360,12 @@ apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
}
-/* Print DANE or PKA records for all user IDs in KEYBLOCK to the
- * stream FP. The data for the record is taken from HEXDATA. HEXFPR
- * is the fingerprint of the primary key. */
+/* Print DANE or PKA records for all user IDs in KEYBLOCK to OUT. The
+ * data for the record is taken from (DATA,DATELEN). PK is the public
+ * key packet with the primary key. */
static gpg_error_t
-print_pka_or_dane_records (kbnode_t keyblock, const char *hexdata,
- const char *hexfpr, estream_t fp,
+print_pka_or_dane_records (iobuf_t out, kbnode_t keyblock, PKT_public_key *pk,
+ const void *data, size_t datalen,
int print_pka, int print_dane)
{
gpg_error_t err = 0;
@@ -1344,6 +1377,24 @@ print_pka_or_dane_records (kbnode_t keyblock, const char *hexdata,
char *domain;
const char *s;
unsigned int len;
+ estream_t fp = NULL;
+ char *hexdata = NULL;
+ char *hexfpr;
+
+ hexfpr = hexfingerprint (pk, NULL, 0);
+ hexdata = bin2hex (data, datalen, NULL);
+ if (!hexdata)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ ascii_strlwr (hexdata);
+ fp = es_fopenmem (0, "rw,samethread");
+ if (!fp)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
{
@@ -1407,9 +1458,28 @@ print_pka_or_dane_records (kbnode_t keyblock, const char *hexdata,
}
}
+ /* Make sure it is a string and write it. */
+ es_fputc (0, fp);
+ {
+ void *vp;
+
+ if (es_fclose_snatch (fp, &vp, NULL))
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ fp = NULL;
+ iobuf_writestr (out, vp);
+ es_free (vp);
+ }
+ err = 0;
+
leave:
xfree (hash);
xfree (mbox);
+ es_fclose (fp);
+ xfree (hexdata);
+ xfree (hexfpr);
return err;
}
@@ -1901,52 +1971,22 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret,
{
/* We want to write PKA or DANE records. OUT_HELP has the
* keyblock and we print a record for each uid to OUT. */
- char *hexdata;
const void *data;
- void *vp;
size_t datalen;
- estream_t fp;
iobuf_flush_temp (out_help);
data = iobuf_get_temp_buffer (out_help);
datalen = iobuf_get_temp_length (out_help);
- hexdata = bin2hex (data, datalen, NULL);
- if (!hexdata)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- iobuf_close (out_help);
- out_help = iobuf_temp ();
- ascii_strlwr (hexdata);
- fp = es_fopenmem (0, "rw,samethread");
- if (!fp)
- {
- err = gpg_error_from_syserror ();
- xfree (hexdata);
- goto leave;
- }
- {
- char *hexfpr = hexfingerprint (pk, NULL, 0);
- err = print_pka_or_dane_records (keyblock, hexdata, hexfpr, fp,
- (options & EXPORT_PKA_FORMAT),
- (options & EXPORT_DANE_FORMAT));
- xfree (hexfpr);
- }
- xfree (hexdata);
+ err = print_pka_or_dane_records (out,
+ keyblock, pk, data, datalen,
+ (options & EXPORT_PKA_FORMAT),
+ (options & EXPORT_DANE_FORMAT));
if (err)
- {
- es_fclose (fp);
- goto leave;
- }
- es_fputc (0, fp);
- if (es_fclose_snatch (fp, &vp, NULL))
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- iobuf_writestr (out, vp);
+ goto leave;
+
+ iobuf_close (out_help);
+ out_help = iobuf_temp ();
}
}
diff --git a/g10/import.c b/g10/import.c
index 371f095..375bd03 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1330,7 +1330,7 @@ import_one (ctrl_t ctrl,
merge_keys_and_selfsig (keyblock);
merge_keys_done = 1;
}
- rc = write_keyblock_to_output (keyblock, opt.armor);
+ rc = write_keyblock_to_output (keyblock, opt.armor, opt.export_options);
goto leave;
}
diff --git a/g10/main.h b/g10/main.h
index 92a26a7..0956f66 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -400,7 +400,8 @@ gpg_error_t receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
const char *hexgrip,
PKT_public_key *pk);
-gpg_error_t write_keyblock_to_output (kbnode_t keyblock, int with_armor);
+gpg_error_t write_keyblock_to_output (kbnode_t keyblock,
+ int with_armor, unsigned int options);
gpg_error_t export_ssh_key (ctrl_t ctrl, const char *userid);
commit 0f5b105d96780a29cc58893285e6c38482e0cc2d
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jul 12 13:59:10 2016 +0200
gpg: Move a function from import.c to export.c.
* g10/import.c (write_keyblock_to_output): Move to ...
* g10/export.c (write_keyblock_to_output): here. Add arg WITH_ARMOR.
Also make sure never to export ring trust packets.
diff --git a/g10/export.c b/g10/export.c
index d31b09a..3ce8185 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -1203,6 +1203,63 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
}
+/* Write KEYBLOCK either to stdout or to the file set with the
+ * --output option. */
+gpg_error_t
+write_keyblock_to_output (kbnode_t keyblock, int with_armor)
+{
+ gpg_error_t err;
+ const char *fname;
+ iobuf_t out;
+ kbnode_t node;
+ armor_filter_context_t *afx = NULL;
+
+ fname = opt.outfile? opt.outfile : "-";
+ if (is_secured_filename (fname) )
+ return gpg_error (GPG_ERR_EPERM);
+
+ out = iobuf_create (fname, 0);
+ if (!out)
+ {
+ err = gpg_error_from_syserror ();
+ log_error(_("can't create '%s': %s\n"), fname, gpg_strerror (err));
+ return err;
+ }
+ if (opt.verbose)
+ log_info (_("writing to '%s'\n"), iobuf_get_fname_nonnull (out));
+
+ if (with_armor)
+ {
+ afx = new_armor_context ();
+ afx->what = 1;
+ push_armor_filter (afx, out);
+ }
+
+ for (node = keyblock; node; node = node->next)
+ {
+ if (!is_deleted_kbnode (node) && node->pkt->pkttype != PKT_RING_TRUST)
+ {
+ err = build_packet (out, node->pkt);
+ if (err)
+ {
+ log_error ("build_packet(%d) failed: %s\n",
+ node->pkt->pkttype, gpg_strerror (err) );
+ goto leave;
+ }
+ }
+ }
+ err = 0;
+
+ leave:
+ if (err)
+ iobuf_cancel (out);
+ else
+ iobuf_close (out);
+ release_armor_context (afx);
+ return err;
+}
+
+
/* Helper for apply_keep_uid_filter. */
static const char *
filter_getval (void *cookie, const char *propname)
diff --git a/g10/import.c b/g10/import.c
index e035328..371f095 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -937,63 +937,6 @@ fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
}
-/* Write the keyblock either to stdin or to the file set with
- * the --output option. */
-static gpg_error_t
-write_keyblock_to_output (kbnode_t keyblock)
-{
- gpg_error_t err;
- const char *fname;
- iobuf_t out;
- kbnode_t node;
- armor_filter_context_t *afx = NULL;
-
- fname = opt.outfile? opt.outfile : "-";
- if (is_secured_filename (fname) )
- return gpg_error (GPG_ERR_EPERM);
-
- out = iobuf_create (fname, 0);
- if (!out)
- {
- err = gpg_error_from_syserror ();
- log_error(_("can't create '%s': %s\n"), fname, gpg_strerror (err));
- return err;
- }
- if (opt.verbose)
- log_info (_("writing to '%s'\n"), iobuf_get_fname_nonnull (out));
-
- if (opt.armor)
- {
- afx = new_armor_context ();
- afx->what = 1;
- push_armor_filter (afx, out);
- }
-
- for (node = keyblock; node; node = node->next)
- {
- if (!is_deleted_kbnode (node))
- {
- err = build_packet (out, node->pkt);
- if (err)
- {
- log_error ("build_packet(%d) failed: %s\n",
- node->pkt->pkttype, gpg_strerror (err) );
- goto leave;
- }
- }
- }
- err = 0;
-
- leave:
- if (err)
- iobuf_cancel (out);
- else
- iobuf_close (out);
- release_armor_context (afx);
- return err;
-}
-
-
static void
print_import_ok (PKT_public_key *pk, unsigned int reason)
{
@@ -1387,7 +1330,7 @@ import_one (ctrl_t ctrl,
merge_keys_and_selfsig (keyblock);
merge_keys_done = 1;
}
- rc = write_keyblock_to_output (keyblock);
+ rc = write_keyblock_to_output (keyblock, opt.armor);
goto leave;
}
diff --git a/g10/main.h b/g10/main.h
index ec20b28..92a26a7 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -396,9 +396,12 @@ gpg_error_t export_pubkey_buffer (ctrl_t ctrl, const char *keyspec,
gpg_error_t receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
int cleartext,
- char **cache_nonce_addr, const char *hexgrip,
+ char **cache_nonce_addr,
+ const char *hexgrip,
PKT_public_key *pk);
+gpg_error_t write_keyblock_to_output (kbnode_t keyblock, int with_armor);
+
gpg_error_t export_ssh_key (ctrl_t ctrl, const char *userid);
/*-- dearmor.c --*/
commit 3ccfd58b25a53def9c7e990c4f2f4091b95ae333
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jul 12 13:57:49 2016 +0200
Register DCO for Yann E. MORIN.
--
diff --git a/AUTHORS b/AUTHORS
index 242d28e..861258f 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -194,6 +194,9 @@ Stefan Tomanek <tomanek at internet-sicherheit.de>
Werner Koch <wk at gnupg.org>
2013-03-29:87620ahchj.fsf at vigenere.g10code.de:
+Yann E. MORIN <yann.morin.1998 at free.fr>
+2016-07-10:20160710093202.GA3688 at free.fr:
+
Other authors
=============
-----------------------------------------------------------------------
Summary of changes:
AUTHORS | 3 +
g10/export.c | 183 +++++++++++++++++++++++++++++++++++++++++++++--------------
g10/import.c | 59 +------------------
g10/main.h | 6 +-
4 files changed, 149 insertions(+), 102 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list