[git] GnuPG - branch, master, updated. gnupg-2.1.22-16-g7e1fe79

by Werner Koch cvs at cvs.gnupg.org
Fri Aug 4 22:14:23 CEST 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  7e1fe791d188b078398bf83c9af992cb1bd2a4b3 (commit)
      from  3d78ae4d3de08398fabae5821045a3a1da6dadbe (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7e1fe791d188b078398bf83c9af992cb1bd2a4b3
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Aug 4 21:58:46 2017 +0200

    gpg: Default to --auto-key-locate "local,wkd" and --auto-key-retrieve.
    
    * g10/gpg.c (main): Add KEYSERVER_AUTO_KEY_RETRIEVE to the default
    keyserver options.  Set the default for --auto-key-locate to
    "local,wkd".  Reset that default iff --auto-key-locate has been given
    in the option file or in the commandline.
    * g10/getkey.c (parse_auto_key_locate): Work on a copy of the arg.
    --
    
    GnuPG-bug-id: 3324
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 01dfeb7..19398e6 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1726,14 +1726,18 @@ Set what trust model GnuPG should follow. The models are:
   exists.
 @end table
 
- at item --auto-key-locate @var{parameters}
+ at item --auto-key-locate @var{mechanisms}
 @itemx --no-auto-key-locate
 @opindex auto-key-locate
 GnuPG can automatically locate and retrieve keys as needed using this
-option. This happens when encrypting to an email address (in the
-"user@@example.com" form), and there are no user@@example.com keys on
-the local keyring.  This option takes any number of the following
-mechanisms, in the order they are to be tried:
+option.  This happens when encrypting to an email address (in the
+"user@@example.com" form), and there are no "user@@example.com" keys
+on the local keyring.  This option takes any number of the mechanisms
+listed below, in the order they are to be tried.  Instead of listing
+the mechanisms as comma delimited arguments, the option may also be
+given several times to add more mechanism.  The option
+ at option{--no-auto-key-locate} or the mechanism "clear" resets the
+list.  The default is "local,wkd".
 
 @table @asis
 
@@ -1749,7 +1753,6 @@ mechanisms, in the order they are to be tried:
 
   @item wkd
   Locate a key using the Web Key Directory protocol.
-  This is an experimental method and semantics may change.
 
   @item ldap
   Using DNS Service Discovery, check the domain in question for any LDAP
@@ -1782,13 +1785,14 @@ mechanisms, in the order they are to be tried:
 
 @end table
 
+
 @item --auto-key-retrieve
 @itemx --no-auto-key-retrieve
 @opindex auto-key-retrieve
 @opindex no-auto-key-retrieve
-This option enables the automatic retrieving of keys from a keyserver
-when verifying signatures made by keys that are not on the local
-keyring.
+These options enable or disable the automatic retrieving of keys from
+a keyserver when verifying signatures made by keys that are not on the
+local keyring.  The default is @option{--auto-key-retrieve}.
 
 If the method "wkd" is included in the list of methods given to
 @option{auto-key-locate}, the signer's user ID is part of the
diff --git a/g10/getkey.c b/g10/getkey.c
index 79bce61..5b7aff9 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -4229,9 +4229,10 @@ release_akl (void)
 
 /* Returns false on error. */
 int
-parse_auto_key_locate (char *options)
+parse_auto_key_locate (const char *options_arg)
 {
   char *tok;
+  char *options = xstrdup (options_arg);
 
   while ((tok = optsep (&options)))
     {
@@ -4271,6 +4272,7 @@ parse_auto_key_locate (char *options)
       else
 	{
 	  free_akl (akl);
+          xfree (options);
 	  return 0;
 	}
 
@@ -4299,6 +4301,7 @@ parse_auto_key_locate (char *options)
 	}
     }
 
+  xfree (options);
   return 1;
 }
 
diff --git a/g10/gpg.c b/g10/gpg.c
index d2227b3..39f52eb 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2292,6 +2292,7 @@ main (int argc, char **argv)
     int ovrseskeyfd = -1;
     int fpr_maybe_cmd = 0; /* --fingerprint maybe a command.  */
     int any_explicit_recipient = 0;
+    int default_akl = 1;
     int require_secmem = 0;
     int got_secmem = 0;
     struct assuan_malloc_hooks malloc_hooks;
@@ -2362,7 +2363,8 @@ main (int argc, char **argv)
     opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
 					    | IMPORT_REPAIR_PKS_SUBKEY_BUG);
     opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
-    opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
+    opt.keyserver_options.options = (KEYSERVER_HONOR_PKA_RECORD
+                                     | KEYSERVER_AUTO_KEY_RETRIEVE);
     opt.verify_options = (LIST_SHOW_UID_VALIDITY
                           | VERIFY_SHOW_POLICY_URLS
                           | VERIFY_SHOW_STD_NOTATIONS
@@ -2385,7 +2387,6 @@ main (int argc, char **argv)
     opt.passphrase_repeat = 1;
     opt.emit_version = 0;
     opt.weak_digests = NULL;
-    additional_weak_digest("MD5");
 
     /* Check whether we have a config file on the command line.  */
     orig_argc = argc;
@@ -2461,6 +2462,10 @@ main (int argc, char **argv)
     assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
     setup_libassuan_logging (&opt.debug, NULL);
 
+    /* Set default options which require that malloc stuff is ready.  */
+    additional_weak_digest ("MD5");
+    parse_auto_key_locate ("local,wkd");
+
     /* Try for a version specific config file first */
     default_configname = get_default_configname ();
     if (default_config)
@@ -3457,6 +3462,13 @@ main (int argc, char **argv)
 	  case oNoRequireCrossCert: opt.flags.require_cross_cert=0; break;
 
 	  case oAutoKeyLocate:
+            if (default_akl)
+              {
+                /* This is the first time --aito-key-locate is seen.
+                 * We need to reset the default akl.  */
+                default_akl = 0;
+                release_akl();
+              }
 	    if(!parse_auto_key_locate(pargs.r.ret_str))
 	      {
 		if(configname)
diff --git a/g10/keydb.h b/g10/keydb.h
index f793ada..f503c99 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -396,7 +396,7 @@ char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn);
 char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr);
 
 void release_akl(void);
-int parse_auto_key_locate(char *options);
+int parse_auto_key_locate(const char *options);
 int parse_key_origin (char *string);
 const char *key_origin_string (int origin);
 

-----------------------------------------------------------------------

Summary of changes:
 doc/gpg.texi | 22 +++++++++++++---------
 g10/getkey.c |  5 ++++-
 g10/gpg.c    | 16 ++++++++++++++--
 g10/keydb.h  |  2 +-
 4 files changed, 32 insertions(+), 13 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list