[Pkg-gnupg-commit] [gnupg2] 57/159: gpg: Lazily evaluate --default-key.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jan 27 13:23:53 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit dc52995d85048ed12ae8b9f330e9ca41a4030aae
Author: Neal H. Walfield <neal at g10code.com>
Date: Tue Dec 22 14:21:18 2015 +0100
gpg: Lazily evaluate --default-key.
* g10/gpg.c (main): If --encrypt-to-default-key is specified, don't
add --default-key's value to REMUSR here...
* g10/pkclist.c (build_pk_list): ... do it here.
* tests/openpgp/Makefile.am (TESTS): Add default-key.test.
* tests/openpgp/default-key.test: New file.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
---
g10/gpg.c | 21 ------------
g10/pkclist.c | 47 +++++++++++++++++++++++++++
tests/openpgp/Makefile.am | 2 +-
tests/openpgp/default-key.test | 73 ++++++++++++++++++++++++++++++++++++++++++
4 files changed, 121 insertions(+), 22 deletions(-)
diff --git a/g10/gpg.c b/g10/gpg.c
index 11dbf56..71f44ed 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -4281,8 +4281,6 @@ main (int argc, char **argv)
}
{
- int have_def_secret_key = opt.def_secret_key != NULL;
-
rc = check_user_ids (&locusr, 1, 1);
if (rc)
g10_exit (1);
@@ -4292,25 +4290,6 @@ main (int argc, char **argv)
rc = check_user_ids (&opt.def_secret_key, 1, 0);
if (rc)
g10_exit (1);
-
- if (opt.encrypt_to_default_key)
- {
- const char *default_key = parse_def_secret_key (ctrl);
- if (default_key)
- {
- sl = add_to_strlist2 (&remusr, default_key, utf8_strings);
- sl->flags = ((oEncryptToDefaultKey << PK_LIST_SHIFT)
- | PK_LIST_ENCRYPT_TO);
- if (opt.encrypt_to_default_key == 2)
- sl->flags |= PK_LIST_CONFIG;
- }
- else if (have_def_secret_key)
- log_info (_("option '%s' given, but no valid default keys given\n"),
- "--encrypt-to-default-key");
- else
- log_info (_("option '%s' given, but option '%s' not given\n"),
- "--encrypt-to-default-key", "--default-key");
- }
}
/* The command dispatcher. */
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 39a24f7..b6a213f 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -914,6 +914,53 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
else
remusr = rcpts;
+ if (opt.encrypt_to_default_key)
+ {
+ static int warned;
+
+ const char *default_key = parse_def_secret_key (ctrl);
+ if (default_key)
+ {
+ PK_LIST r = xmalloc_clear (sizeof *r);
+
+ r->pk = xmalloc_clear (sizeof *r->pk);
+ r->pk->req_usage = PUBKEY_USAGE_ENC;
+
+ rc = get_pubkey_byname (ctrl, NULL, r->pk, default_key,
+ NULL, NULL, 0, 1);
+ if (rc)
+ {
+ xfree (r->pk);
+ xfree (r);
+
+ log_error (_("Can't encrypt to '%s'.\n"), default_key);
+ if (!opt.quiet)
+ log_info (_("(check argument of option '%s')\n"),
+ "--default-key");
+ }
+ else
+ {
+ r->next = pk_list;
+ r->flags = 0;
+ pk_list = r;
+ }
+ }
+ else if (opt.def_secret_key)
+ {
+ if (! warned)
+ log_info (_("option '%s' given, but no valid default keys given\n"),
+ "--encrypt-to-default-key");
+ warned = 1;
+ }
+ else
+ {
+ if (! warned)
+ log_info (_("option '%s' given, but option '%s' not given\n"),
+ "--encrypt-to-default-key", "--default-key");
+ warned = 1;
+ }
+ }
+
/* Check whether there are any recipients in the list and build the
* list of the encrypt-to ones (we always trust them). */
for ( rov = remusr; rov; rov = rov->next )
diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am
index 914de8c..a04b62c 100644
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@@ -46,7 +46,7 @@ TESTS = version.test mds.test \
multisig.test verify.test armor.test \
import.test ecc.test 4gb-packet.test \
$(sqlite3_dependent_tests) \
- gpgtar.test use-exact-key.test \
+ gpgtar.test use-exact-key.test default-key.test \
finish.test
diff --git a/tests/openpgp/default-key.test b/tests/openpgp/default-key.test
new file mode 100755
index 0000000..bfb84ac
--- /dev/null
+++ b/tests/openpgp/default-key.test
@@ -0,0 +1,73 @@
+#!/bin/sh
+
+. $srcdir/defs.inc || exit 3
+
+#set -x
+
+# Make sure $srcdir is set.
+if test "x$srcdir" = x
+then
+ echo srcdir environment variable not set!
+ exit 1
+fi
+
+# Import the sample key
+#
+# pub 1024R/8BC90111 2015-12-02
+# Key fingerprint = E657 FB60 7BB4 F21C 90BB 6651 BC06 7AF2 8BC9 0111
+# uid [ultimate] Barrett Brown <barrett at example.org>
+# sub 1024R/3E880CFF 2015-12-02 (encryption)
+# sub 1024R/F5F77B83 2015-12-02 (signing)
+# sub 1024R/45117079 2015-12-02 (encryption)
+# sub 1024R/1EA97479 2015-12-02 (signing)
+info "Importing public key."
+if $GPG --import $srcdir/samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc
+then
+ :
+else
+ error "$k: import failed"
+fi
+
+# By default, the most recent, valid signing subkey (1EA97479).
+for x in 8BC90111 3E880CFF F5F77B83 45117079 1EA97479
+do
+ info
+ info "Trying --default-key $x"
+
+ if ! echo | $GPG --default-key "$x" -s | $GPG --verify --status-fd=1 \
+ | grep -q 'VALIDSIG 5FBA84ACE02DCB17DA3DFF6BBCA43C441EA97479'
+ then
+ echo | $GPG --default-key "$x" -s | $GPG --verify --status-fd=2
+ error "Unexpected key used for signing (not the signing subkey, specified \"$x\")."
+ exit 1
+ fi
+done
+
+# By default, the most recent, valid encryption subkey (45117079).
+for x in 8BC90111 3E880CFF F5F77B83 45117079 1EA97479
+do
+ info
+ info "Trying --default-key $x --encrypt-to-default-key"
+
+ # We need another recipient, because --encrypt-to-default-key is
+ # not considered a recipient and gpg doesn't encrypt without any
+ # recipients.
+ #
+ # Note: it doesn't matter whether we specify the primary key or
+ # a subkey: the newest encryption subkey will be used.
+ if ! echo | $GPG --trust-model=always \
+ --default-key "$x" --encrypt-to-default-key \
+ -r 439F02CA -e \
+ | $GPG --list-packets \
+ | grep -q "keyid[ ][A-F0-9]*45117079"
+ then
+ echo | $GPG --trust-model=always \
+ --default-key "$x" --encrypt-to-default-key \
+ -r 439F02CA -e \
+ | $GPG --list-packets 1>&2
+ error "Unexpected key used for signing (specified \"$x\")."
+ exit 1
+ fi
+done
+
+exit 0
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list