[Pkg-gnupg-commit] [gnupg2] 84/112: gpg: New option --sender

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Aug 30 17:48:23 UTC 2016 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit de6e3217cde81df370926571e0fd65e468619803
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Aug 18 10:08:34 2016 +0200

    gpg: New option --sender
    
    * g10/options.h (struct opt): Add field 'sender_list'.
    * g10/gpg.c: Include mbox-util.h.
    (oSender): New.
    (opts): Add option "--sender".
    (main): Parse option.
    --
    
    This option will eventually be used for more advanced purposes.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 doc/gpg.texi  |  9 +++++++++
 g10/gpg.c     | 16 ++++++++++++++++
 g10/options.h |  4 ++++
 g10/sign.c    | 15 +++++++++++++++
 4 files changed, 44 insertions(+)

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 894d384..b9a3ddc 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2087,6 +2087,15 @@ Remove all entries from the @option{--group} list.
 Use @var{name} as the key to sign with. Note that this option overrides
 @option{--default-key}.
 
+ at item --sender @var{mbox}
+ at opindex sender
+This option has two purposes.  @var{mbox} must either be a complete
+user id with a proper mail address or just a mail address.  When
+creating a signature this option tells gpg the user id of a key used
+to make a signature if the key was not directly specified by a user
+id.  When verifying a signature the @var{mbox} is used to restrict the
+information printed by the TOFU code to matching user ids.
+
 @item --try-secret-key @var{name}
 @opindex try-secret-key
 For hidden recipients GPG needs to know the keys to use for trial
diff --git a/g10/gpg.c b/g10/gpg.c
index 891c85f..e02efe4 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -60,6 +60,7 @@
 #include "call-dirmngr.h"
 #include "tofu.h"
 #include "../common/init.h"
+#include "../common/mbox-util.h"
 #include "../common/shareddefs.h"
 
 #if defined(HAVE_DOSISH_SYSTEM) || defined(__CYGWIN__)
@@ -406,6 +407,7 @@ enum cmd_and_opt_values
     oUnwrap,
     oOnlySignTextIDs,
     oDisableSignerUID,
+    oSender,
 
     oNoop
   };
@@ -525,6 +527,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oEncryptToDefaultKey, "encrypt-to-default-key", "@"),
   ARGPARSE_s_s (oLocalUser, "local-user",
                 N_("|USER-ID|use USER-ID to sign or decrypt")),
+  ARGPARSE_s_s (oSender, "sender", "@"),
 
   ARGPARSE_s_s (oTrySecretKey, "try-secret-key", "@"),
 
@@ -2907,6 +2910,19 @@ main (int argc, char **argv)
             if (configfp)
               sl->flags |= PK_LIST_CONFIG;
 	    break;
+	  case oSender:
+            {
+              char *mbox = mailbox_from_userid (pargs.r.ret_str);
+              if (!mbox)
+                log_error (_("\"%s\" is not a proper mail address\n"),
+                           pargs.r.ret_str);
+              else
+                {
+                  add_to_strlist (&opt.sender_list, mbox);
+                  xfree (mbox);
+                }
+            }
+	    break;
 	  case oCompress:
 	    /* this is the -z command line option */
 	    opt.compress_level = opt.bz2_compress_level = pargs.r.ret_int;
diff --git a/g10/options.h b/g10/options.h
index 230c96a..6b8f649 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -101,6 +101,10 @@ struct
   int def_recipient_self;
   strlist_t secret_keys_to_try;
 
+  /* A list of mail addresses (addr-spec) provided by the user with
+   * the option --sender.  */
+  strlist_t sender_list;
+
   int def_cert_level;
   int min_cert_level;
   int ask_cert_level;
diff --git a/g10/sign.c b/g10/sign.c
index 217196d..e5fbd9d 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -158,6 +158,21 @@ mk_notation_policy_etc (PKT_signature *sig,
           build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID, mbox, strlen (mbox));
           xfree (mbox);
         }
+      else if (opt.sender_list)
+        {
+          /* If a list of --sender was given we scan that list and use
+           * the first one matching a user id of the current key.  */
+
+          /* FIXME: We need to get the list of user ids for the PKSK
+           * packet.  That requires either a function to look it up
+           * again or we need to extend the key packet struct to link
+           * to the primary key which in turn could link to the user
+           * ids.  Too much of a change right now.  Let's take just
+           * one from the supplied list and hope that the caller
+           * passed a matching one.  */
+          build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID,
+                            opt.sender_list->d, strlen (opt.sender_list->d));
+        }
     }
 }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list