security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/g10/gpg.c

5361 lines
153 KiB
C
Raw Normal View History

Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* gpg.c - The GnuPG utility (main for gpg)
Change a couple of files to use abbreviated copyright notes. -- Also fixed some of my own copyright notices due to the termination of my assignment. The one displayed by --version is kept at FSF because we had contributors in 2014 with FSF assignments and it gives the FSF some visibility.
2014-11-04 16:28:03 +01:00
* Copyright (C) 1998-2011 Free Software Foundation, Inc.
gpg: New command --quick-set-primary-uid. * g10/gpg.c (aQuickSetPrimaryUid): New const. (opts): New command --quick-set-primary-uid. (main): Implement it. * g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ... (quick_find_keyblock): new func. (keyedit_quick_revuid): Use quick_find_keyblock. (keyedit_quick_set_primary): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 14:47:21 +01:00
* Copyright (C) 1997-2017 Werner Koch
* Copyright (C) 2015-2017 g10 Code GmbH
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
Changed to GPLv3. Removed intl/.
2007-07-04 21:49:40 +02:00
* the Free Software Foundation; either version 3 of the License, or
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
Change all http://www.gnu.org in license notices to https:// --
2016-11-05 12:02:19 +01:00
* along with this program; if not, see <https://www.gnu.org/licenses/>.
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
*/
#include <config.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <unistd.h>
#ifdef HAVE_STAT
#include <sys/stat.h> /* for stat() */
#endif
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#include <fcntl.h>
#ifdef HAVE_W32_SYSTEM
w32: Include winsock2.h to silence warnings.
2014-03-07 09:46:44 +01:00
# ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
# endif
# include <windows.h>
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#endif
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#define INCLUDED_BY_MAIN_MODULE 1
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
#include "gpg.h"
2009-09-23 Marcus Brinkmann <marcus@g10code.de> * configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION): Update to new API (2, 1.1.0). agent/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpg-agent.c (parse_rereadable_options): Don't set global assuan log file (there ain't one anymore). (main): Update to new API. (check_own_socket_pid_cb): Return gpg_error_t instead of int. (check_own_socket_thread, check_for_running_agent): Create assuan context before connecting to server. * command.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (write_and_clear_outbuf): Use gpg_error_t instead of assuan_error_t. (cmd_geteventcounter, cmd_istrusted, cmd_listtrusted) (cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc) (cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey) (cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase) (cmd_get_confirmation, cmd_learn, cmd_passwd) (cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval) (cmd_updatestartuptty, cmd_killagent, cmd_reloadagent) (cmd_getinfo, option_handler): Return gpg_error_t instead of int. (post_cmd_notify): Change type of ERR to gpg_error_t from int. (io_monitor): Add hook argument. Use symbols for constants. (register_commands): Change return type of HANDLER to gpg_error_t. (start_command_handler): Allocate assuan context before starting server. * call-pinentry.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (unlock_pinentry): Call assuan_release instead of assuan_disconnect. (getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int. (start_pinentry): Allocate assuan context before connecting to server. * call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb) (membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru) (pass_data_thru): Change return type to gpg_error_t. (start_scd): Allocate assuan context before connecting to server. common/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * asshelp.c (start_new_gpg_agent): Allocate assuan context before starting server. g10/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * call-agent.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb) (learn_status_cb, inq_writecert_parms, inq_writekey_parms) (scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of int. * gpg.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (main): Update to new Assuan API. * server.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (option_handler, cmd_recipient, cmd_signer, cmd_encrypt) (cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export) (cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys) (cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t instead of int. (register_commands): Allocate assuan context before starting server. (gpg_server): Allocate assuan_context before starting server. scd/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * command.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert) (cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt) (cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey) (cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock) (cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu) (cmd_killscd): Return gpg_error_t instead of int. (scd_command_handler): Allocate assuan context before starting server. * scdaemon.c (main): Update to new Assuan API. sm/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpgsm.c (main): Update to new assuan API. * server.c: Include "gpgsm.h" before <assuan.h> due to check for GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h. (option_handler, cmd_recipient, cmd_signer, cmd_encrypt) (cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export) (cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys) (cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey) (cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int. (register_commands): Same for member HANDLER in table. (gpgsm_server): Allocate assuan context before starting server. * sm/call-dirmngr.c: * call-dirmngr.c (prepare_dirmngr): Check for CTX and error before setting LDAPSERVER. (start_dirmngr_ext): Allocate assuan context before starting server. (inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb) (run_command_cb, run_command_inq_cb, run_command_status_cb): Return gpg_error_t instead of int. tools/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response) (main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
#include <assuan.h>
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#include "../common/iobuf.h"
Remove -I option to common. * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 12:21:23 +01:00
#include "../common/util.h"
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
#include "packet.h"
Remove -I option to common. * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 12:21:23 +01:00
#include "../common/membuf.h"
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#include "main.h"
#include "options.h"
#include "keydb.h"
#include "trustdb.h"
#include "filter.h"
Remove -I option to common. * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 12:21:23 +01:00
#include "../common/ttyio.h"
#include "../common/i18n.h"
#include "../common/sysutils.h"
#include "../common/status.h"
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#include "keyserver-internal.h"
#include "exec.h"
Remove -I option to common. * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 12:21:23 +01:00
#include "../common/gc-opt-flags.h"
#include "../common/asshelp.h"
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
#include "call-dirmngr.h"
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
#include "tofu.h"
common: Add a global variable to for the default error source. For the shared code parts it is cumbersome to pass an error sourse variable to each function. Its value is always a constant for a given binary and thus a global variable makes things a lot easier than the former macro stuff. * common/init.c (default_errsource): New global var. (init_common_subsystems): Rename to _init_common_subsystems. Set DEFAULT_ERRSOURCE. * common/init.h: Assert value of GPG_ERR_SOURCE_DEFAULT. (init_common_subsystems): New macro. * common/util.h (default_errsource): Add declaration. * kbx/keybox-defs.h: Add some GPG_ERR_SOURCE_DEFAULT trickery.
2012-02-06 20:50:47 +01:00
#include "../common/init.h"
gpg: New option --sender * g10/options.h (struct opt): Add field 'sender_list'. * g10/gpg.c: Include mbox-util.h. (oSender): New. (opts): Add option "--sender". (main): Parse option. -- This option will eventually be used for more advanced purposes. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-18 10:08:34 +02:00
#include "../common/mbox-util.h"
gpg: Add pinentry-mode feature. * g10/gpg.c: Include shareddefs.h. (main): Add option --pinentry-mode. * g10/options.h (struct opt): Add field pinentry_mode. * g10/passphrase.c: Include shareddefs.h. (have_static_passphrase): Take care of loopback pinentry_mode. (read_passphrase_from_fd): Ditto. (get_static_passphrase): New. (passphrase_to_dek_ext): Factor some code out to ... (emit_status_need_passphrase): new. * g10/call-agent.c (start_agent): Send the pinentry mode. (default_inq_cb): Take care of the PASSPHRASE inquiry. Return a proper error code. (agent_pksign): Add args keyid, mainkeyid and pubkey_algo. (agent_pkdecrypt): Ditto. * g10/pubkey-enc.c (get_it): Pass new args. * g10/sign.c (do_sign): Pass new args. * g10/call-agent.c (struct default_inq_parm_s): New. Change all similar structs to reference this one. Change all users and inquire callback to use this struct, instead of NULL or some undefined but not used structs. This change will help to eventually get rid of global variables. -- This new features allows to use gpg without a Pinentry. As a prerequisite the agent must be configured to allow the loopback pinentry mode (option --allow-loopback-pinentry). For example gpg2 --pinentry-mode=loopback FILE.gpg may be used to decrypt FILE.gpg while entering the passphrase on the tty. If batch is used, --passphrase et al. may be used, if --command-fd is used, the passphrase may be provided by another process. Note that there are no try-again prompts in case of a bad passphrase.
2013-02-07 20:37:58 +01:00
#include "../common/shareddefs.h"
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#if defined(HAVE_DOSISH_SYSTEM) || defined(__CYGWIN__)
#define MY_O_BINARY O_BINARY
#ifndef S_IRGRP
# define S_IRGRP 0
# define S_IWGRP 0
#endif
#else
#define MY_O_BINARY 0
#endif
w32: Enable wildcard expansion with mingw-w64 * g10/gpg.c: Define _dowildcard = -1; -- If this value is defined wildcard support in the c runtime is enabled again. This fixes a regression caused by switching to mingw 3.0 Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2014-08-12 21:22:23 +02:00
#ifdef __MINGW32__
int _dowildcard = -1;
#endif
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
enum cmd_and_opt_values
{
aNull = 0,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oArmor = 'a',
aDetachedSign = 'b',
aSym = 'c',
aDecrypt = 'd',
aEncr = 'e',
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
oRecipientFile = 'f',
oHiddenRecipientFile = 'F',
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oInteractive = 'i',
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
aListKeys = 'k',
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oDryRun = 'n',
oOutput = 'o',
oQuiet = 'q',
oRecipient = 'r',
oHiddenRecipient = 'R',
aSign = 's',
oTextmodeShort= 't',
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oLocalUser = 'u',
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oVerbose = 'v',
oCompress = 'z',
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
oSetNotation = 'N',
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
aListSecretKeys = 'K',
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oBatch = 500,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oMaxOutput,
gpg: New option --input-size-hint. * g10/options.h: Include stdint.h. (struct opt): Add field 'input_size_hint'. * g10/gpg.c (oInputSizeHint): New. (opts): Add --input-size-hint. (main): Set opt.input_size_hint. * g10/progress.c (write_status_progress): Use the hint. -- This is a prerequisite to fix GnuPG-bug-id: 2368 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-11 21:31:12 +02:00
oInputSizeHint,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oSigNotation,
oCertNotation,
oShowNotation,
oNoShowNotation,
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
aEncrFiles,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
aEncrSym,
aDecryptFiles,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
aClearsign,
aStore,
gpg: Add command --quick-gen-key * g10/gpg.c (aQuickKeygen): New. * g10/misc.c (is_valid_user_id): New stub. * g10/keygen.c (quickgen_set_para): New. (quick_generate_keypair): New. -- Note that the validation of the specified user id has not yet been implemented.
2014-07-23 15:12:43 +02:00
aQuickKeygen,
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
aFullKeygen,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
aKeygen,
aSignEncr,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
aSignEncrSym,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
aSignSym,
aSignKey,
aLSignKey,
gpg: Add commands --quick-sign-key and --quick-lsign-key. * g10/gpg.c (main): Add commands --quick-sign-key and --quick-lsign-key. * g10/keyedit.c (sign_uids): Add args FP and QUICK. (keyedit_quick_sign): New. (show_key_with_all_names): Add arg NOWARN.
2014-03-27 16:33:40 +01:00
aQuickSignKey,
aQuickLSignKey,
gpg: New command --quick-adduid. * g10/keygen.c (ask_user_id): Factor some code out to ... (uid_already_in_keyblock): new. (generate_user_id): Add arg UIDSTR. Fix leaked P. * g10/keyedit.c (menu_adduid): Add new arg uidstring. Adjust caller. (keyedit_quick_adduid): New. * g10/gpg.c (aQuickAddUid): New. (opts): Add command --quick-adduid. (main): Implement that. -- GnuPG-bug-id: 1956 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-08 16:08:57 +02:00
aQuickAddUid,
gpg: New command --quick-addkey. * g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New. (ask_keysize): Factor code out to ... (get_keysize_range, fixup_keysize): new. (parse_parameter_usage): Factor parsing out to ... (parse_usagestr): new. Allow use of "encr" as alias for "encrypt". (parse_subkey_algostr_usagestr): New. (generate_subkeypair): Add new args. Implement unattended mode. * g10/keyedit.c (keyedit_quick_sign): Factor some code out to ... (find_by_primary_fpr): new. (keyedit_quick_addkey): New. * g10/gpg.c (aQuickAddKey): New. (opts): Add --quick-addkey. (main): Implement. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 15:54:48 +02:00
aQuickAddKey,
g10: Implement gpg --quick-revuid * g10/revoke.c (get_default_uid_revocation_reason): New. * g10/keyedit.c (menu_revuid): Break out creation of uid revocation into new function core_revuid. * g10/keyedit.c (keyedit_quick_revuid): New. Selects key and uid, invokes core_revuid. * g10/gpg.c (main): Handle --quick-revuid argument. * doc/gpg.texi: Document --quick-revuid. -- This functionality is a counterpart to --quick-adduid, and will be useful for projects that depend programmatically on gpg to revoke user IDs (one such example is "monkeysphere-host revoke-servicename"). Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> - Minor re-indentation work. - Changed a "0 == memcmp" to "!memcmp" - Removed tests/openpgp/quick-key-manipulation.test from the Makefile. This test needs to be converted to gpgscm. - Removed example from whats-new-in-2.1.txt because that is generated. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 00:05:57 +02:00
aQuickRevUid,
gpg: New option --quick-set-expire. * g10/gpg.c (aQuickSetExpire): New. (opts): New option --quick-set-expire. (main): Implement option. * g10/keyedit.c (menu_expire): Add args FORCE_MAINKEY and NEWEXPIRATION. Change semantics of the return value. Change caller. (keyedit_quick_set_expire): New. -- This patch partly solves GnuPG-bug-id: 2701
2016-12-05 10:58:39 +01:00
aQuickSetExpire,
gpg: New command --quick-set-primary-uid. * g10/gpg.c (aQuickSetPrimaryUid): New const. (opts): New command --quick-set-primary-uid. (main): Implement it. * g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ... (quick_find_keyblock): new func. (keyedit_quick_revuid): Use quick_find_keyblock. (keyedit_quick_set_primary): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 14:47:21 +01:00
aQuickSetPrimaryUid,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
aListConfig,
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
aListGcryptConfig,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
aGPGConfList,
.
2006-10-23 16:02:13 +02:00
aGPGConfTest,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
aListPackets,
aEditKey,
aDeleteKeys,
aDeleteSecretKeys,
aDeleteSecretAndPublicKeys,
aImport,
aFastImport,
aVerify,
aVerifyFiles,
aListSigs,
aSendKeys,
aRecvKeys,
Add command --locate-key. Fix auto-key-locate processing of "nodefault".
2008-05-07 17:40:36 +02:00
aLocateKeys,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
aSearchKeys,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
aRefreshKeys,
aFetchKeys,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
aExport,
aExportSecret,
aExportSecretSub,
gpg: New command --export-ssh-key * g10/export.c: Include membuf.h and host2net.h. (key_to_sshblob): New. (export_ssh_key): New. * g10/gpg.c (aExportSshKey): New. (opts): Add command. (main): Implement that command. -- GnuPG-bug-id: 2212 I have done only a few tests rights now and the ECDSA curves do not yet work. However ssh-keygen -l accept RSA and ed25519 keys exported using this command. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 17:22:32 +01:00
aExportSshKey,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
aCheckKeys,
aGenRevoke,
aDesigRevoke,
aPrimegen,
aPrintMD,
aPrintMDs,
aCheckTrustDB,
aUpdateTrustDB,
aFixTrustDB,
aListTrustDB,
aListTrustPath,
aExportOwnerTrust,
aImportOwnerTrust,
aDeArmor,
aEnArmor,
aGenRandom,
aRebuildKeydbCaches,
* g10.c: New command --card-status. * card-util.c (card_status): New. * call-agent.c (learn_status_cb): Parse more information. * keylist.c (print_pubkey_info): Add FP arg for optinal printing to a stream. Changed all callers.
2003-07-24 11:06:43 +02:00
aCardStatus,
* g10.c: New command --card-edit. * card-util.c (card_status): Use tty_fprintf for all output. (print_sha1_fpr, print_isoname): Ditto. (get_one_name,change_name, change_url, change_login,change_lang) (change_sex): New; taken from keygen.c. * keygen.c (smartcard_get_one_name, smartcard_change_name) (smartcard_change_url, smartcard_change_login_data) (smartcard_change_lang, smartcard_change_sex): Removed. (check_smartcard): Removed most menu items.
2003-09-18 17:51:18 +02:00
aCardEdit,
* keygen.c (generate_keypair): Create an AUTHKEYTYPE entry for cards. (do_generate_keypair): Abd generate the authkey. (check_smartcard): Changed menu accordingly.
2003-07-23 09:11:06 +02:00
aChangePIN,
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
aPasswd,
Started to code a --server mode. It is far from being ready!
2006-12-21 20:40:00 +01:00
aServer,
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
aTOFUPolicy,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
gpg: New option --mimemode. * g10/gpg.c (oMimemode): New. (opts): Add --mimemode. (main): Use --mimemode only in rfc4880bis compliance mode. * g10/options.h (struct opt): Add field "mimemode". * g10/build-packet.c (do_plaintext): Allow for mode 'm'. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested. * g10/plaintext.c (handle_plaintext): Handle 'm' mode. * g10/sign.c (write_plaintext_packet): Handle 'm' mode. (sign_file, sign_symencrypt_file): Use 'm' if requested. -- Thsi patch prepares for a proposed change in RFC4880bis to support a MIME flag. A literal data packet with the mime flag set is handled like a 't' or 'u' but CR are not removed. The PLAINTEXT status line will also indicate a MIME content. If --mimemode is used without --rfc4880bis 't' will be used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 13:31:12 +02:00
oMimemode,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oTextmode,
oNoTextmode,
oExpert,
oNoExpert,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oDefSigExpire,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oAskSigExpire,
oNoAskSigExpire,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oDefCertExpire,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oAskCertExpire,
oNoAskCertExpire,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oDefCertLevel,
oMinCertLevel,
oAskCertLevel,
oNoAskCertLevel,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oFingerprint,
oWithFingerprint,
gpg: Add option --with-subkey-fingerprint. * g10/gpg.c (oWithSubkeyFingerprint): New. (opts): Add --with-subkey-fingerprint[s]. (main): Set that option. * g10/options.h (struct opt): Add 'with_subkey_fingerprint'. * g10/keylist.c (list_keyblock_print): Print subkey fingerprint. (print_fingerprint): Tweak printing to use compact format if desirable. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-06 16:55:03 +02:00
oWithSubkeyFingerprint,
gpg: Add option to print fingerprints in ICAO spelling. * g10/gpg.c: Add option --with-icao-spelling. * g10/options.h (struct opt): Add with_icao_spelling. * g10/keylist.c (print_icao_hexdigit): New. (print_fingerprint): Print ICAO spelling. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-23 17:54:05 +01:00
oWithICAOSpelling,
Add new option --with-keygrip
2010-10-08 13:11:08 +02:00
oWithKeygrip,
Add new option --with-secret. * g10/gpg.c: Add option --with-secret. * g10/options.h (struct opt): Add field with_secret. * g10/keylist.c (public_key_list): Pass opt.with_secret to list_all and list_one. (list_all, list_one): Add arg mark_secret. (list_keyblock_colon): Add arg has_secret. * sm/gpgsm.c: Add option --with-secret. * sm/server.c (option_handler): Add option "with-secret". * sm/gpgsm.h (server_control_s): Add field with_secret. * sm/keylist.c (list_cert_colon): Take care of with_secret. Also move the token string from the wrong field 14 to 15. -- This option is useful for key managers which need to know whether a key has a secret key. This change allows to collect this information in one pass.
2014-06-03 21:35:59 +02:00
oWithSecret,
gpg: Add experimental AKL method "wkd" and option --with-wkd-hash. * g10/getkey.c (parse_auto_key_locate): Add method "wkd". (get_pubkey_byname): Implement that method. Also rename a variable. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New. * g10/keyserver.c (keyserver_import_wkd): New. * g10/test-stubs.c (keyserver_import_wkd): Add stub. * g10/gpgv.c (keyserver_import_wkd): Ditto. * g10/options.h (opt): Add field 'with_wkd_hash'. (AKL_WKD): New. * g10/gpg.c (oWithWKDHash): New. (opts): Add option --with-wkd-hash. (main): Set that option. * g10/keylist.c (list_keyblock_print): Implement that option. -- The Web Key Directory is an experimental feature to retrieve a key via https. It is similar to OpenPGP DANE but also uses an encryption to reveal less information about a key lookup. For example the URI to lookup the key for Joe.Doe@Example.ORG is: https://example.org/.well-known/openpgpkey/ hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q (line has been wrapped for rendering purposes). The hash is a z-Base-32 encoded SHA-1 hash of the mail address' local-part. The address wk@gnupg.org can be used for testing. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:34:29 +02:00
oWithWKDHash,
gpg: New option --with-tofu-info. * g10/gpg.c (oWithTofuInfo): New. (opts): Add --with-tofu-info. (main): Set opt.with_tofu_info. * g10/options.h (struct opt): Add field WITH_TOFU_INFO. * g10/tofu.c (show_statistics): Add optional arg OUTFP and enter special mode if not NULL. Change all callers. (tofu_write_tfs_record): New. * g10/keylist.c (list_keyblock_colon): Do not print the tofu policy as part of the "uid" record. Print a new "tfs" record if the new option is set. * tests/openpgp/tofu.scm (getpolicy): Change from UID to TFS record. -- A separate option is required to avoid slowing down key listings. Foer example the current code takes for a keylisting in tofu+pgp mode 17 seconds while it takes more than 5 minutes if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 09:26:36 +02:00
oWithColons,
oWithKeyData,
oWithTofuInfo,
oWithSigList,
oWithSigCheck,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oAnswerYes,
oAnswerNo,
oKeyring,
oPrimaryKeyring,
oSecretKeyring,
oShowKeyring,
oDefaultKey,
oDefRecipient,
oDefRecipientSelf,
oNoDefRecipient,
More agent support for gpg.
2010-10-13 17:57:08 +02:00
oTrySecretKey,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oOptions,
oDebug,
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
oDebugLevel,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oDebugAll,
gpg: Add new option --debug-iolbf. * g10/gpg.c (oDebugIOLBF): new. (opts): Add --debug-iolbf. (main): Set option. -- This option is convenient for debugging to make sure that debug output to stderr is synced with output to stdout. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-06 14:07:50 +02:00
oDebugIOLBF,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oStatusFD,
oStatusFile,
oAttributeFD,
oAttributeFile,
oEmitVersion,
oNoEmitVersion,
oCompletesNeeded,
oMarginalsNeeded,
oMaxCertDepth,
oLoadExtension,
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
oCompliance,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oGnuPG,
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
oRFC2440,
Ported changes from 1.4. Add copyright notices.
2007-10-25 11:06:21 +02:00
oRFC4880,
gpg: New option --rfc4880bis. * g10/options.h (struct opt): Add field flags.rfc4880bis. * g10/gpg.c (oRFC4880bis): new. (opts): add --rfc4880bis. (main): Implement that and print a warning. -- This is option enables experimental features which may be dropped or changed with the next release. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 22:19:23 +02:00
oRFC4880bis,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oOpenPGP,
oPGP6,
oPGP7,
oPGP8,
gpg: Add new compliance mode "de-vs". * g10/options.h (CO_DE_VS): New. (GNUPG): Also allow CO_DE_VS. * g10/gpg.c (oDE_VS): New. (parse_compliance_option): Add "de-vs". (set_compliance_option): Set "de-vs". * g10/misc.c (compliance_option_string): Return a description string. (compliance_failure): Ditto. * g10/keygen.c (ask_algo): Take care of CO_DE_VS. (get_keysize_range): Ditto. (ask_curve): Add new field to CURVES and trun flags into bit flags. Allow only Brainpool curves in CO_DE_VS mode. -- As of now this compliance mode only restricts the set of algorithms and curves which can be created. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 17:50:03 +01:00
oDE_VS,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oRFC2440Text,
oNoRFC2440Text,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oCipherAlgo,
oDigestAlgo,
oCertDigestAlgo,
oCompressAlgo,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oCompressLevel,
oBZ2CompressLevel,
oBZ2DecompressLowmem,
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
oPassphrase,
oPassphraseFD,
oPassphraseFile,
oPassphraseRepeat,
gpg: Add pinentry-mode feature. * g10/gpg.c: Include shareddefs.h. (main): Add option --pinentry-mode. * g10/options.h (struct opt): Add field pinentry_mode. * g10/passphrase.c: Include shareddefs.h. (have_static_passphrase): Take care of loopback pinentry_mode. (read_passphrase_from_fd): Ditto. (get_static_passphrase): New. (passphrase_to_dek_ext): Factor some code out to ... (emit_status_need_passphrase): new. * g10/call-agent.c (start_agent): Send the pinentry mode. (default_inq_cb): Take care of the PASSPHRASE inquiry. Return a proper error code. (agent_pksign): Add args keyid, mainkeyid and pubkey_algo. (agent_pkdecrypt): Ditto. * g10/pubkey-enc.c (get_it): Pass new args. * g10/sign.c (do_sign): Pass new args. * g10/call-agent.c (struct default_inq_parm_s): New. Change all similar structs to reference this one. Change all users and inquire callback to use this struct, instead of NULL or some undefined but not used structs. This change will help to eventually get rid of global variables. -- This new features allows to use gpg without a Pinentry. As a prerequisite the agent must be configured to allow the loopback pinentry mode (option --allow-loopback-pinentry). For example gpg2 --pinentry-mode=loopback FILE.gpg may be used to decrypt FILE.gpg while entering the passphrase on the tty. If batch is used, --passphrase et al. may be used, if --command-fd is used, the passphrase may be provided by another process. Note that there are no try-again prompts in case of a bad passphrase.
2013-02-07 20:37:58 +01:00
oPinentryMode,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oCommandFD,
oCommandFile,
oQuickRandom,
oNoVerbose,
oTrustDBName,
oNoSecmemWarn,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oRequireSecmem,
oNoRequireSecmem,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oNoPermissionWarn,
oNoMDCWarn,
oNoArmor,
oNoDefKeyring,
gpg: New option --no-keyring. * g10/gpg.c (oNoKeyring): New. (opts): Add "--no-keyring". (main): Do not register any keyring if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 15:33:40 +02:00
oNoKeyring,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oNoGreeting,
oNoTTY,
oNoOptions,
oNoBatch,
oHomedir,
oSkipVerify,
Add gpgconf related dummy options default_pubkey_algo. Add option --skip-hidden-recipients Comment updates.
2009-11-23 20:18:04 +01:00
oSkipHiddenRecipients,
oNoSkipHiddenRecipients,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oAlwaysTrust,
oTrustModel,
oForceOwnertrust,
oSetFilename,
oForYourEyesOnly,
oNoForYourEyesOnly,
oSetPolicyURL,
oSigPolicyURL,
oCertPolicyURL,
oShowPolicyURL,
oNoShowPolicyURL,
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
oSigKeyserverURL,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oUseEmbeddedFilename,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oNoUseEmbeddedFilename,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oComment,
oDefaultComment,
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
oNoComments,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oThrowKeyids,
oNoThrowKeyids,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oShowPhotos,
oNoShowPhotos,
oPhotoViewer,
oForceMDC,
oNoForceMDC,
oDisableMDC,
oNoDisableMDC,
oS2KMode,
oS2KDigest,
oS2KCipher,
* parse-packet.c (parse_symkeyenc): Show the unpacked as well as the packed s2k iteration count. * main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c (hash_passphrase): Add --s2k-count option to specify the number of s2k hash iterations.
2006-10-13 06:06:24 +02:00
oS2KCount,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oDisplayCharset,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oNotDashEscaped,
oEscapeFrom,
oNoEscapeFrom,
oLockOnce,
oLockMultiple,
oLockNever,
oKeyServer,
oKeyServerOptions,
oImportOptions,
gpg: New option --import-filter * g10/gpg.c (oImportFilter): New. (opts): Add --import-filter. (main): Handle option. * g10/import.c: Include recsel.h, init.h, and mbox-util.h. (import_keep_uid): New global var. (cleanup_import_globals): New. (parse_and_set_import_filter): New. (filter_getval): New. (apply_keep_uid_filter): New. (import_one): Apply filter if set. -- Funny new option. It can for example be used to export a key with only one user id: gpg --no-options --import --import-options import-export \ --import-filter keep-uid='mbox=wk@gnupg.org' \ < full-key.pub > key-with-one-uid.pub More features will eventually be added. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-01 16:24:04 +02:00
oImportFilter,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oExportOptions,
gpg: New option --export-filter * g10/gpg.c (oExportFilter): New. (opts): Add --export-filter. (main): Handle option. * g10/export.c: Include recsel.h, init.h, and mbox-util.h. (export_keep_uid): New global var. (cleanup_export_globals): New. (parse_and_set_export_filter): New. (filter_getval): New. (apply_keep_uid_filter): New. (do_export_stream): Apply filter if set. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-01 16:50:12 +02:00
oExportFilter,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oListOptions,
oVerifyOptions,
oTempDir,
oExecPath,
oEncryptTo,
oHiddenEncryptTo,
oNoEncryptTo,
gpg: Add --encrypt-to-default-key. * g10/getkey.c (parse_def_secret_key): Drop the static qualifier and export the function. * g10/gpg.c (enum cmd_and_opt_values): Add value oEncryptToDefaultKey. (opts): Handle oEncryptToDefaultKey. (main): Likewise. * g10/options.h (opt): Add field encrypt_to_default_key. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 807
2015-11-03 23:39:46 +01:00
oEncryptToDefaultKey,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oLoggerFD,
oLoggerFile,
oUtf8Strings,
oNoUtf8Strings,
oDisableCipherAlgo,
oDisablePubkeyAlgo,
oAllowNonSelfsignedUID,
oNoAllowNonSelfsignedUID,
oAllowFreeformUID,
oNoAllowFreeformUID,
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
oAllowSecretKeyImport,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oEnableSpecialFilenames,
oNoLiteral,
oSetFilesize,
oHonorHttpProxy,
oFastListMode,
oListOnly,
oIgnoreTimeConflict,
oIgnoreValidFrom,
oIgnoreCrcError,
oIgnoreMDCError,
oShowSessionKey,
oOverrideSessionKey,
gpg: New option --override-session-key-fd. * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 09:02:53 +01:00
oOverrideSessionKeyFD,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oNoRandomSeedFile,
oAutoKeyRetrieve,
oNoAutoKeyRetrieve,
oUseAgent,
oNoUseAgent,
oGpgAgentInfo,
oMergeOnly,
oTryAllSecrets,
oTrustedKey,
oNoExpensiveTrustChecks,
oFixedListMode,
gpg: Change format for the key size in --list-key and --edit-key. * g10/gpg.c (oLegacyListMode, opts, main): Add --legacy-list-mode. * g10/options.h (struct opt): Add field legacy_list_mode. * g10/keydb.h (PUBKEY_STRING_SIZE): New. * g10/keyid.c (pubkey_string): New. * g10/import.c (import_one, import_secret_one): Use pubkey_string. * g10/keylist.c (print_seckey_info): Ditto. (print_pubkey_info, print_card_key_info): Ditto. (list_keyblock_print): Ditto. * g10/mainproc.c (list_node): Ditto. * g10/pkclist.c (do_edit_ownertrust, build_pk_list): Ditto. * g10/keyedit.c (show_key_with_all_names): Ditto. Also change the format. (show_basic_key_info): Ditto. * common/openpgp-oid.c (openpgp_curve_to_oid): Also allow "ed25519". (openpgp_oid_to_curve): Downcase "ed25519" -- For ECC it seems to be better to show the name of the curve and not just the size of the prime field. The curve name does not anymore fit into the "<size><letter>" descriptor (e.g. "2048R") and a fixed length format does not work either. Thus the new format uses "rsa2048" - RSA with 2048 bit "elg1024" - Elgamal with 1024 bit "ed25519" - ECC using the curve Ed25519. "E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4". unless --legacy-list-mode is given. In does not anymore line up nicely in columns thus I expect further changes to this new format. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-02-05 10:37:59 +01:00
oLegacyListMode,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oNoSigCache,
oAutoCheckTrustDB,
oNoAutoCheckTrustDB,
oPreservePermissions,
oDefaultPreferenceList,
Ported patches from 1.4.x
2006-06-27 16:30:59 +02:00
oDefaultKeyserverURL,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oPersonalCipherPreferences,
oPersonalDigestPreferences,
oPersonalCompressPreferences,
A small step for GnuPG but a huge leap for error codes. (Sorry, it does not build currently - I need to check it in to avoid duplicate work.)
2003-06-05 09:14:21 +02:00
oAgentProgram,
gpg: Add option --dirmngr-program. * g10/gpg.c: Add option --dirmngr-program. * g10/options.h (struct opt): Add field dirmngr_program. * g10/call-dirmngr.c (create_context): Use new var. * dirmngr/dirmngr.c: Include gc-opt-flags.h. (main): Remove GC_OPT_FLAG_*. * tools/gpgconf-comp.c (GC_OPT_FLAG_NO_CHANGE): Move macro to ... * common/gc-opt-flags.h: here.
2014-03-12 18:24:52 +01:00
oDirmngrProgram,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oDisplay,
oTTYname,
oTTYtype,
oLCctype,
oLCmessages,
Started to implement the audit log feature. Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry. Improved support for the quality bar. Minor internal restructuring. Translation fixes.
2007-11-19 17:03:50 +01:00
oXauthority,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oGroup,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oUnGroup,
oNoGroups,
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
oStrict,
oNoStrict,
oMangleDosFilenames,
oNoMangleDosFilenames,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oEnableProgressFilter,
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
oMultifile,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oKeyidFormat,
oExitOnStatusWriteError,
oLimitCardInsertTries,
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
oReaderPort,
octapiDriver,
opcscDriver,
oDisableCCID,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oRequireCrossCert,
oNoRequireCrossCert,
oAutoKeyLocate,
oNoAutoKeyLocate,
oAllowMultisigVerification,
gpg: Add build and runtime support for larger RSA keys * configure.ac: Added --enable-large-secmem option. * g10/options.h: Add opt.flags.large_rsa. * g10/gpg.c: Contingent on configure option: adjust secmem size, add gpg --enable-large-rsa, bound to opt.flags.large_rsa. * g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa * doc/gpg.texi: Document --enable-large-rsa. -- This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from STABLE-BRANCH-1-4 against master Some older implementations built and used RSA keys up to 16Kib, but the larger secret keys now fail when used by more recent GnuPG, due to secure memory limitations. Building with ./configure --enable-large-secmem will make gpg capable of working with those secret keys, as well as permitting the use of a new gpg option --enable-large-rsa, which let gpg generate RSA keys up to 8Kib when used with --batch --gen-key. Debian-bug-id: 739424 Minor edits by wk. GnuPG-bug-id: 1732
2014-10-09 22:54:15 +02:00
oEnableLargeRSA,
oDisableLargeRSA,
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
oEnableDSA2,
oDisableDSA2,
Ported multiple-messages protection.
2007-03-05 15:56:31 +01:00
oAllowMultipleMessages,
oNoAllowMultipleMessages,
gpg: Reject signatures made with MD5. * g10/gpg.c: Add option --allow-weak-digest-algos. (main): Set option also in PGP2 mode. * g10/options.h (struct opt): Add flags.allow_weak_digest_algos. * g10/sig-check.c (do_check): Reject MD5 signatures. * tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.
2014-03-17 17:54:36 +01:00
oAllowWeakDigestAlgos,
Implement --faked-systrem-time for gpg. Typo and comment fixes.
2009-12-17 18:25:26 +01:00
oFakedSystemTime,
Add option --no-autostart. * g10/gpg.c: Add option --no-autostart. * sm/gpgsm.c: Ditto. * g10/options.h (opt): Add field autostart. * sm/gpgsm.h (opt): Ditto. * g10/call-agent.c (start_agent): Print note if agent was not autostarted. * sm/call-agent.c (start_agent): Ditto. * g10/call-dirmngr.c (create_context): Likewise. * sm/call-dirmngr.c (start_dirmngr_ext): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-28 09:44:19 +01:00
oNoAutostart,
gpg: Change --print-pka-records into an option. * g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not use it as a command. * g10/keylist.c (list_keyblock): List PKA rceords also for secret keys. -- An option allows to use it more flexible. For example to select only secret keys. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 13:44:40 +01:00
oPrintPKARecords,
gpg: Add option --print-dane-records. * g10/options.h (opt): Add field "print_dane_records". * g10/gpg.c (oPrintDANERecords): new. (opts): Add --print-dane-records. (main): Set that option. * g10/export.c (do_export): Remove EXPORT_DANE_FORMAT handling. (do_export_stream): Add EXPORT_DANE_FORMAT handling. * g10/keylist.c (list_keyblock_pka): Implement DANE record printing. * g10/gpgv.c (export_pubkey_buffer): New stub. * g10/test-stubs.c (export_pubkey_buffer): New stub. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-08 15:04:45 +02:00
oPrintDANERecords,
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
oTOFUDefaultPolicy,
oTOFUDBFormat,
gpg: New option --default-new-key-algo. * common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg R_ALGO and change all callers. * common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code. * g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO. * g10/gpg.c (oDefaultNewKeyAlgo): New enum. (opts): New option "--default-new-key-algo". (main): Set the option. * g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace them by ... (DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants. (get_keysize_range): Remove arg R_DEF and return that value instead. Change all callers. (gen_rsa): Use get_keysize_range instead of the removed DEFAULT_STD_KEYSIZE. (parse_key_parameter_part): New function. (parse_key_parameter_string): New function. (quick_generate_keypair): Refactor using parse_key_parameter_string. (generate_keypair): Ditto. (parse_algo_usage_expire): Ditto. -- This new option is intended to be used in the forthcoming --set-profile command of gpgconf. It allows to provide a gpg configuration with custom defaults for a new key using the simple commands which use the default algorithm set. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-02 19:43:36 +01:00
oDefaultNewKeyAlgo,
gpg: Add option --weak-digest to gpg and gpgv. * g10/options.h: Add additional_weak_digests linked list to opts. * g10/main.h: Declare weakhash linked list struct and additional_weak_digest() function to insert newly-declared weak digests into opts. * g10/misc.c: (additional_weak_digest): New function. (print_digest_algo_note): Check for deprecated digests; use proper gcry_md_algos type. * g10/sig-check.c: (do_check): Reject weak digests in addition to MD5. * g10/gpg.c: Add --weak-digest option to gpg. * doc/gpg.texi: Document gpg --weak-digest option. * g10/gpgv.c: Add --weak-digest option to gpgv. * doc/gpgv.texi: Document gpgv --weak-digest option. -- gpg and gpgv treat signatures made over MD5 as unreliable, unless the user supplies --allow-weak-digests to gpg. Signatures over any other digest are considered acceptable. Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC 4880, the collision-resistance of SHA-1 is weaker than anyone would like it to be. Some operators of high-value targets that depend on OpenPGP signatures may wish to require their signers to use a stronger digest algorithm than SHA1, even if the OpenPGP ecosystem at large cannot deprecate SHA1 entirely today. This changeset adds a new "--weak-digest DIGEST" option for both gpg and gpgv, which makes it straightforward for anyone to treat any signature or certification made over the specified digest as unreliable. This option can be supplied multiple times if the operator wishes to deprecate multiple digest algorithms, and will be ignored completely if the operator supplies --allow-weak-digests (as before). MD5 is still always considered weak, regardless of any further --weak-digest options supplied. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Capitialized some comments, shorted a line in do_check, and changed subject to name the option. -wk
2015-10-18 23:35:32 +02:00
oWeakDigest,
gpg: Add support for unwrapping the outer level of encryption. * g10/decrypt-data.c (decrypt_data): If OPT.UNWRAP_ENCRYPTION is set, copy the data to the output file instead of continuing to process it. * g10/gpg.c (enum cmd_and_opt_values): Add new value oUnwrap. (opts): Handle oUnwrap. (main): Likewise. * g10/options.h (opt): Add field unwrap_encryption. * g10/plaintext.c (handle_plaintext): Break the output file selection functionality into ... (get_output_file): ... this new function. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1060 Debian-bug-id: 282061
2015-11-05 12:20:42 +01:00
oUnwrap,
gpg: Add new option --only-sign-text-ids. * g10/options.h (opt): Add field only_sign_text_ids. * g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs. (opts): Handle oOnlySignTextIDs. (main): Likewise. * g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't select non-text based IDs automatically. (keyedit_menu): Adapt the prompt asking to sign all user ids according to OPT.ONLY_SIGN_TEXT_IDS. * doc/gpg.texi: Document the new option --only-sign-text-ids. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1241 Debian-bug-id: 569702
2015-11-06 13:14:57 +01:00
oOnlySignTextIDs,
gpg: New option --disable-signer-uid, create Signer's UID sub-packet. * g10/gpg.c (oDisableSignerUID): New. (opts): New option '--disable-signer-uid'. (main): Set option. * g10/options.h (opt): Add field flags.disable_signer_uid. * g10/sign.c: Include mbox-util.h. (mk_notation_policy_etc): Embed the signer's uid. * g10/mainproc.c (check_sig_and_print): Do not use WKD for auto key retrieval if --disable-signer-uid is used. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-13 11:24:09 +02:00
oDisableSignerUID,
gpg: New option --sender * g10/options.h (struct opt): Add field 'sender_list'. * g10/gpg.c: Include mbox-util.h. (oSender): New. (opts): Add option "--sender". (main): Parse option. -- This option will eventually be used for more advanced purposes. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-18 10:08:34 +02:00
oSender,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
oNoop
};
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
static ARGPARSE_OPTS opts[] = {
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_group (300, N_("@Commands:\n ")),
Cleaned up unused gpgsm and gpg options.
2008-11-13 13:37:45 +01:00
ARGPARSE_c (aSign, "sign", N_("make a signature")),
g10: Hyphenate --clearsign. * g10/gpg.c (opts): Hyphenate option. * doc/gpg.texi: Update accordingly. * po: Update translations. * tests/openpgp: Update tests. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-23 14:10:07 +02:00
ARGPARSE_c (aClearsign, "clear-sign", N_("make a clear text signature")),
ARGPARSE_c (aClearsign, "clearsign", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aDetachedSign, "detach-sign", N_("make a detached signature")),
ARGPARSE_c (aEncr, "encrypt", N_("encrypt data")),
ARGPARSE_c (aEncrFiles, "encrypt-files", "@"),
ARGPARSE_c (aSym, "symmetric", N_("encryption only with symmetric cipher")),
ARGPARSE_c (aStore, "store", "@"),
ARGPARSE_c (aDecrypt, "decrypt", N_("decrypt data (default)")),
ARGPARSE_c (aDecryptFiles, "decrypt-files", "@"),
ARGPARSE_c (aVerify, "verify" , N_("verify a signature")),
ARGPARSE_c (aVerifyFiles, "verify-files" , "@" ),
ARGPARSE_c (aListKeys, "list-keys", N_("list keys")),
ARGPARSE_c (aListKeys, "list-public-keys", "@" ),
g10,sm: Spell out --list-sigs. * g10/gpg.c (opts): Spell out option. * sm/gpgsm.c (opts): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-10 14:55:27 +02:00
ARGPARSE_c (aListSigs, "list-signatures", N_("list keys and signatures")),
ARGPARSE_c (aListSigs, "list-sigs", "@"),
g10,sm: Spell out --check-sigs. * g10/gpg.c (opts): Spell out option. * sm/gpgsm.c (opts): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-10 15:20:14 +02:00
ARGPARSE_c (aCheckKeys, "check-signatures",
N_("list and check key signatures")),
ARGPARSE_c (aCheckKeys, "check-sigs", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (oFingerprint, "fingerprint", N_("list keys and fingerprints")),
ARGPARSE_c (aListSecretKeys, "list-secret-keys", N_("list secret keys")),
g10,sm: Spell out --gen-key. * g10/gpg.c (opts): Spell out option. * sm/gpgsm.c (opts): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-11-14 16:59:23 +01:00
ARGPARSE_c (aKeygen, "generate-key",
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
N_("generate a new key pair")),
g10,sm: Spell out --gen-key. * g10/gpg.c (opts): Spell out option. * sm/gpgsm.c (opts): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-11-14 16:59:23 +01:00
ARGPARSE_c (aKeygen, "gen-key", "@"),
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
ARGPARSE_c (aQuickKeygen, "quick-generate-key" ,
gpg: Add command --quick-gen-key * g10/gpg.c (aQuickKeygen): New. * g10/misc.c (is_valid_user_id): New stub. * g10/keygen.c (quickgen_set_para): New. (quick_generate_keypair): New. -- Note that the validation of the specified user id has not yet been implemented.
2014-07-23 15:12:43 +02:00
N_("quickly generate a new key pair")),
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
ARGPARSE_c (aQuickKeygen, "quick-gen-key", "@"),
ARGPARSE_c (aQuickAddUid, "quick-add-uid",
gpg: New command --quick-adduid. * g10/keygen.c (ask_user_id): Factor some code out to ... (uid_already_in_keyblock): new. (generate_user_id): Add arg UIDSTR. Fix leaked P. * g10/keyedit.c (menu_adduid): Add new arg uidstring. Adjust caller. (keyedit_quick_adduid): New. * g10/gpg.c (aQuickAddUid): New. (opts): Add command --quick-adduid. (main): Implement that. -- GnuPG-bug-id: 1956 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-08 16:08:57 +02:00
N_("quickly add a new user-id")),
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
ARGPARSE_c (aQuickAddUid, "quick-adduid", "@"),
ARGPARSE_c (aQuickAddKey, "quick-add-key", "@"),
gpg: New command --quick-addkey. * g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New. (ask_keysize): Factor code out to ... (get_keysize_range, fixup_keysize): new. (parse_parameter_usage): Factor parsing out to ... (parse_usagestr): new. Allow use of "encr" as alias for "encrypt". (parse_subkey_algostr_usagestr): New. (generate_subkeypair): Add new args. Implement unattended mode. * g10/keyedit.c (keyedit_quick_sign): Factor some code out to ... (find_by_primary_fpr): new. (keyedit_quick_addkey): New. * g10/gpg.c (aQuickAddKey): New. (opts): Add --quick-addkey. (main): Implement. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 15:54:48 +02:00
ARGPARSE_c (aQuickAddKey, "quick-addkey", "@"),
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
ARGPARSE_c (aQuickRevUid, "quick-revoke-uid",
g10: Implement gpg --quick-revuid * g10/revoke.c (get_default_uid_revocation_reason): New. * g10/keyedit.c (menu_revuid): Break out creation of uid revocation into new function core_revuid. * g10/keyedit.c (keyedit_quick_revuid): New. Selects key and uid, invokes core_revuid. * g10/gpg.c (main): Handle --quick-revuid argument. * doc/gpg.texi: Document --quick-revuid. -- This functionality is a counterpart to --quick-adduid, and will be useful for projects that depend programmatically on gpg to revoke user IDs (one such example is "monkeysphere-host revoke-servicename"). Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> - Minor re-indentation work. - Changed a "0 == memcmp" to "!memcmp" - Removed tests/openpgp/quick-key-manipulation.test from the Makefile. This test needs to be converted to gpgscm. - Removed example from whats-new-in-2.1.txt because that is generated. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 00:05:57 +02:00
N_("quickly revoke a user-id")),
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
ARGPARSE_c (aQuickRevUid, "quick-revuid", "@"),
gpg: New option --quick-set-expire. * g10/gpg.c (aQuickSetExpire): New. (opts): New option --quick-set-expire. (main): Implement option. * g10/keyedit.c (menu_expire): Add args FORCE_MAINKEY and NEWEXPIRATION. Change semantics of the return value. Change caller. (keyedit_quick_set_expire): New. -- This patch partly solves GnuPG-bug-id: 2701
2016-12-05 10:58:39 +01:00
ARGPARSE_c (aQuickSetExpire, "quick-set-expire",
N_("quickly set a new expiration date")),
gpg: New command --quick-set-primary-uid. * g10/gpg.c (aQuickSetPrimaryUid): New const. (opts): New command --quick-set-primary-uid. (main): Implement it. * g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ... (quick_find_keyblock): new func. (keyedit_quick_revuid): Use quick_find_keyblock. (keyedit_quick_set_primary): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 14:47:21 +01:00
ARGPARSE_c (aQuickSetPrimaryUid, "quick-set-primary-uid", "@"),
g10: Spell out --full-gen-key. * g10/gpg.c (opts): Spell out option. (main): Likewise. * g10/keygen.c (generate_keypair): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-09 15:10:39 +01:00
ARGPARSE_c (aFullKeygen, "full-generate-key" ,
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
N_("full featured key pair generation")),
g10: Spell out --full-gen-key. * g10/gpg.c (opts): Spell out option. (main): Likewise. * g10/keygen.c (generate_keypair): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-09 15:10:39 +01:00
ARGPARSE_c (aFullKeygen, "full-gen-key", "@"),
g10: Shorten unreasonably long option. * g10/gpg.c (opts): Rename 'generate-revocation-certificate' to 'generate-revocation'. * doc/gpg.texi: Update accordingly. * po: Update translations. GnuPG-bug-id: 2700 Fixes-commit: ec1bd3ae685e95563e38077ab3c1655fd55dea07 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 13:01:03 +01:00
ARGPARSE_c (aGenRevoke, "generate-revocation",
g10: Spell out --gen-revoke. * g10/gpg.c (opts): Spell out option. * doc/gpg.texi: Update accordingly. * po: Update translations. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-13 17:43:22 +01:00
N_("generate a revocation certificate")),
ARGPARSE_c (aGenRevoke, "gen-revoke", "@"),
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
ARGPARSE_c (aDeleteKeys,"delete-keys",
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
N_("remove keys from the public keyring")),
ARGPARSE_c (aDeleteSecretKeys, "delete-secret-keys",
N_("remove keys from the secret keyring")),
gpg: Add commands --quick-sign-key and --quick-lsign-key. * g10/gpg.c (main): Add commands --quick-sign-key and --quick-lsign-key. * g10/keyedit.c (sign_uids): Add args FP and QUICK. (keyedit_quick_sign): New. (show_key_with_all_names): Add arg NOWARN.
2014-03-27 16:33:40 +01:00
ARGPARSE_c (aQuickSignKey, "quick-sign-key" ,
N_("quickly sign a key")),
ARGPARSE_c (aQuickLSignKey, "quick-lsign-key",
N_("quickly sign a key locally")),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aSignKey, "sign-key" ,N_("sign a key")),
ARGPARSE_c (aLSignKey, "lsign-key" ,N_("sign a key locally")),
ARGPARSE_c (aEditKey, "edit-key" ,N_("sign or edit a key")),
Ask for the keysize when generating a new card key.
2009-08-05 13:24:43 +02:00
ARGPARSE_c (aEditKey, "key-edit" ,"@"),
g10,sm: Spell out --passwd. * g10/gpg.c (opts): Spell out option. * sm/gpgsm.c (opts): Likewise. * doc/gpg.texi: Update accordingly. * doc/gpgsm.texi: Likewise. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-13 17:49:47 +01:00
ARGPARSE_c (aPasswd, "change-passphrase", N_("change a passphrase")),
ARGPARSE_c (aPasswd, "passwd", "@"),
g10: Spell out --desig-revoke. * g10/gpg.c (opts): Rename option. * doc/gpg.texi: Update accordingly. -- This is a rather long name, but I believe that this command is rarely used, and in places where it is used frequently, the process is likely automated. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 13:59:48 +01:00
ARGPARSE_c (aDesigRevoke, "generate-designated-revocation", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aDesigRevoke, "desig-revoke","@" ),
ARGPARSE_c (aExport, "export" , N_("export keys") ),
doc: Consistently use 'keyserver'. -- GnuPG-bug-id: 2383 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 09:06:44 +02:00
ARGPARSE_c (aSendKeys, "send-keys" , N_("export keys to a keyserver") ),
g10: Spell out --recv-keys. * g10/gpg.c (opts): Spell out option. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-23 13:40:55 +02:00
ARGPARSE_c (aRecvKeys, "receive-keys" , N_("import keys from a keyserver") ),
ARGPARSE_c (aRecvKeys, "recv-keys" , "@"),
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
ARGPARSE_c (aSearchKeys, "search-keys" ,
doc: Consistently use 'keyserver'. -- GnuPG-bug-id: 2383 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 09:06:44 +02:00
N_("search for keys on a keyserver") ),
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
ARGPARSE_c (aRefreshKeys, "refresh-keys",
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
N_("update all keys from a keyserver")),
ARGPARSE_c (aLocateKeys, "locate-keys", "@"),
ARGPARSE_c (aFetchKeys, "fetch-keys" , "@" ),
ARGPARSE_c (aExportSecret, "export-secret-keys" , "@" ),
ARGPARSE_c (aExportSecretSub, "export-secret-subkeys" , "@" ),
gpg: New command --export-ssh-key * g10/export.c: Include membuf.h and host2net.h. (key_to_sshblob): New. (export_ssh_key): New. * g10/gpg.c (aExportSshKey): New. (opts): Add command. (main): Implement that command. -- GnuPG-bug-id: 2212 I have done only a few tests rights now and the ECDSA curves do not yet work. However ssh-keygen -l accept RSA and ed25519 keys exported using this command. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 17:22:32 +01:00
ARGPARSE_c (aExportSshKey, "export-ssh-key", "@" ),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aImport, "import", N_("import/merge keys")),
ARGPARSE_c (aFastImport, "fast-import", "@"),
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#ifdef ENABLE_CARD_SUPPORT
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aCardStatus, "card-status", N_("print the card status")),
g10: Rename 'card-edit' to 'edit-card'. * g10/gpg.c (opts): Rename option. * g10/call-agent.c (agent_scd_learn): Update comment. * doc/gpg.texi: Update accordingly. -- This change has a surprising side effect. Previously, --edit was an alias for --edit-key, because the argument parser actually accepts unique prefixes of all options. With this change, however, --edit is ambiguous. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 14:50:10 +01:00
ARGPARSE_c (aCardEdit, "edit-card", N_("change data on a card")),
ARGPARSE_c (aCardEdit, "card-edit", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aChangePIN, "change-pin", N_("change a card's PIN")),
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#endif
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aListConfig, "list-config", "@"),
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
ARGPARSE_c (aListGcryptConfig, "list-gcrypt-config", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aGPGConfList, "gpgconf-list", "@" ),
ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@" ),
ARGPARSE_c (aListPackets, "list-packets","@"),
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aExportOwnerTrust, "export-ownertrust", "@"),
ARGPARSE_c (aImportOwnerTrust, "import-ownertrust", "@"),
ARGPARSE_c (aUpdateTrustDB,"update-trustdb",
N_("update the trust database")),
ARGPARSE_c (aCheckTrustDB, "check-trustdb", "@"),
ARGPARSE_c (aFixTrustDB, "fix-trustdb", "@"),
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aDeArmor, "dearmor", "@"),
ARGPARSE_c (aDeArmor, "dearmour", "@"),
ARGPARSE_c (aEnArmor, "enarmor", "@"),
ARGPARSE_c (aEnArmor, "enarmour", "@"),
Cleaned up unused gpgsm and gpg options.
2008-11-13 13:37:45 +01:00
ARGPARSE_c (aPrintMD, "print-md", N_("print message digests")),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aPrimegen, "gen-prime", "@" ),
ARGPARSE_c (aGenRandom,"gen-random", "@" ),
ARGPARSE_c (aServer, "server", N_("run in server mode")),
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
ARGPARSE_c (aTOFUPolicy, "tofu-policy",
gpg: Shorten the --tofu-policy help text -- Using "help" as value lists the options. Not having the current options in the help text also makes it easier to keep translations clean. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-27 13:58:20 +01:00
N_("|VALUE|set the TOFU policy for a key")),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_group (301, N_("@\nOptions:\n ")),
ARGPARSE_s_n (oArmor, "armor", N_("create ascii armored output")),
ARGPARSE_s_n (oArmor, "armour", "@"),
Cleaned up unused gpgsm and gpg options.
2008-11-13 13:37:45 +01:00
ARGPARSE_s_s (oRecipient, "recipient", N_("|USER-ID|encrypt for USER-ID")),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oHiddenRecipient, "hidden-recipient", "@"),
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
ARGPARSE_s_s (oRecipientFile, "recipient-file", "@"),
ARGPARSE_s_s (oHiddenRecipientFile, "hidden-recipient-file", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oRecipient, "remote-user", "@"), /* (old option name) */
ARGPARSE_s_s (oDefRecipient, "default-recipient", "@"),
ARGPARSE_s_n (oDefRecipientSelf, "default-recipient-self", "@"),
ARGPARSE_s_n (oNoDefRecipient, "no-default-recipient", "@"),
ARGPARSE_s_s (oTempDir, "temp-directory", "@"),
ARGPARSE_s_s (oExecPath, "exec-path", "@"),
ARGPARSE_s_s (oEncryptTo, "encrypt-to", "@"),
ARGPARSE_s_n (oNoEncryptTo, "no-encrypt-to", "@"),
ARGPARSE_s_s (oHiddenEncryptTo, "hidden-encrypt-to", "@"),
gpg: Add --encrypt-to-default-key. * g10/getkey.c (parse_def_secret_key): Drop the static qualifier and export the function. * g10/gpg.c (enum cmd_and_opt_values): Add value oEncryptToDefaultKey. (opts): Handle oEncryptToDefaultKey. (main): Likewise. * g10/options.h (opt): Add field encrypt_to_default_key. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 807
2015-11-03 23:39:46 +01:00
ARGPARSE_s_n (oEncryptToDefaultKey, "encrypt-to-default-key", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oLocalUser, "local-user",
Cleaned up unused gpgsm and gpg options.
2008-11-13 13:37:45 +01:00
N_("|USER-ID|use USER-ID to sign or decrypt")),
gpg: New option --sender * g10/options.h (struct opt): Add field 'sender_list'. * g10/gpg.c: Include mbox-util.h. (oSender): New. (opts): Add option "--sender". (main): Parse option. -- This option will eventually be used for more advanced purposes. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-18 10:08:34 +02:00
ARGPARSE_s_s (oSender, "sender", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
More agent support for gpg.
2010-10-13 17:57:08 +02:00
ARGPARSE_s_s (oTrySecretKey, "try-secret-key", "@"),
Cleaned up unused gpgsm and gpg options.
2008-11-13 13:37:45 +01:00
ARGPARSE_s_i (oCompress, NULL,
N_("|N|set compress level to N (0 disables)")),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_i (oCompressLevel, "compress-level", "@"),
ARGPARSE_s_i (oBZ2CompressLevel, "bzip2-compress-level", "@"),
ARGPARSE_s_n (oBZ2DecompressLowmem, "bzip2-decompress-lowmem", "@"),
gpg: New option --mimemode. * g10/gpg.c (oMimemode): New. (opts): Add --mimemode. (main): Use --mimemode only in rfc4880bis compliance mode. * g10/options.h (struct opt): Add field "mimemode". * g10/build-packet.c (do_plaintext): Allow for mode 'm'. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested. * g10/plaintext.c (handle_plaintext): Handle 'm' mode. * g10/sign.c (write_plaintext_packet): Handle 'm' mode. (sign_file, sign_symencrypt_file): Use 'm' if requested. -- Thsi patch prepares for a proposed change in RFC4880bis to support a MIME flag. A literal data packet with the mime flag set is handled like a 't' or 'u' but CR are not removed. The PLAINTEXT status line will also indicate a MIME content. If --mimemode is used without --rfc4880bis 't' will be used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 13:31:12 +02:00
ARGPARSE_s_n (oMimemode, "mimemode", "@"),
gpg: Fix regression due to the new --mimemode options. * g10/gpg.c (opts): Re-add oTextmodeShort. -- Regression-due-to: e148c3caa90fbadba32bdbfea9513392e3aea598 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 18:29:40 +02:00
ARGPARSE_s_n (oTextmodeShort, NULL, "@"),
ARGPARSE_s_n (oTextmode, "textmode", N_("use canonical text mode")),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oNoTextmode, "no-textmode", "@"),
ARGPARSE_s_n (oExpert, "expert", "@"),
ARGPARSE_s_n (oNoExpert, "no-expert", "@"),
ARGPARSE_s_s (oDefSigExpire, "default-sig-expire", "@"),
ARGPARSE_s_n (oAskSigExpire, "ask-sig-expire", "@"),
ARGPARSE_s_n (oNoAskSigExpire, "no-ask-sig-expire", "@"),
ARGPARSE_s_s (oDefCertExpire, "default-cert-expire", "@"),
ARGPARSE_s_n (oAskCertExpire, "ask-cert-expire", "@"),
ARGPARSE_s_n (oNoAskCertExpire, "no-ask-cert-expire", "@"),
ARGPARSE_s_i (oDefCertLevel, "default-cert-level", "@"),
ARGPARSE_s_i (oMinCertLevel, "min-cert-level", "@"),
ARGPARSE_s_n (oAskCertLevel, "ask-cert-level", "@"),
ARGPARSE_s_n (oNoAskCertLevel, "no-ask-cert-level", "@"),
ARGPARSE_s_s (oOutput, "output", N_("|FILE|write output to FILE")),
ARGPARSE_p_u (oMaxOutput, "max-output", "@"),
gpg: New option --input-size-hint. * g10/options.h: Include stdint.h. (struct opt): Add field 'input_size_hint'. * g10/gpg.c (oInputSizeHint): New. (opts): Add --input-size-hint. (main): Set opt.input_size_hint. * g10/progress.c (write_status_progress): Use the hint. -- This is a prerequisite to fix GnuPG-bug-id: 2368 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-11 21:31:12 +02:00
ARGPARSE_s_s (oInputSizeHint, "input-size-hint", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
ARGPARSE_s_n (oQuiet, "quiet", "@"),
ARGPARSE_s_n (oNoTTY, "no-tty", "@"),
ARGPARSE_s_n (oForceMDC, "force-mdc", "@"),
ARGPARSE_s_n (oNoForceMDC, "no-force-mdc", "@"),
ARGPARSE_s_n (oDisableMDC, "disable-mdc", "@"),
ARGPARSE_s_n (oNoDisableMDC, "no-disable-mdc", "@"),
gpg: New option --disable-signer-uid, create Signer's UID sub-packet. * g10/gpg.c (oDisableSignerUID): New. (opts): New option '--disable-signer-uid'. (main): Set option. * g10/options.h (opt): Add field flags.disable_signer_uid. * g10/sign.c: Include mbox-util.h. (mk_notation_policy_etc): Embed the signer's uid. * g10/mainproc.c (check_sig_and_print): Do not use WKD for auto key retrieval if --disable-signer-uid is used. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-13 11:24:09 +02:00
ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
ARGPARSE_s_n (oInteractive, "interactive", N_("prompt before overwriting")),
ARGPARSE_s_n (oBatch, "batch", "@"),
ARGPARSE_s_n (oAnswerYes, "yes", "@"),
ARGPARSE_s_n (oAnswerNo, "no", "@"),
ARGPARSE_s_s (oKeyring, "keyring", "@"),
ARGPARSE_s_s (oPrimaryKeyring, "primary-keyring", "@"),
ARGPARSE_s_s (oSecretKeyring, "secret-keyring", "@"),
ARGPARSE_s_n (oShowKeyring, "show-keyring", "@"),
ARGPARSE_s_s (oDefaultKey, "default-key", "@"),
ARGPARSE_s_s (oKeyServer, "keyserver", "@"),
ARGPARSE_s_s (oKeyServerOptions, "keyserver-options", "@"),
ARGPARSE_s_s (oImportOptions, "import-options", "@"),
gpg: New option --import-filter * g10/gpg.c (oImportFilter): New. (opts): Add --import-filter. (main): Handle option. * g10/import.c: Include recsel.h, init.h, and mbox-util.h. (import_keep_uid): New global var. (cleanup_import_globals): New. (parse_and_set_import_filter): New. (filter_getval): New. (apply_keep_uid_filter): New. (import_one): Apply filter if set. -- Funny new option. It can for example be used to export a key with only one user id: gpg --no-options --import --import-options import-export \ --import-filter keep-uid='mbox=wk@gnupg.org' \ < full-key.pub > key-with-one-uid.pub More features will eventually be added. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-01 16:24:04 +02:00
ARGPARSE_s_s (oImportFilter, "import-filter", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oExportOptions, "export-options", "@"),
gpg: New option --export-filter * g10/gpg.c (oExportFilter): New. (opts): Add --export-filter. (main): Handle option. * g10/export.c: Include recsel.h, init.h, and mbox-util.h. (export_keep_uid): New global var. (cleanup_export_globals): New. (parse_and_set_export_filter): New. (filter_getval): New. (apply_keep_uid_filter): New. (do_export_stream): Apply filter if set. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-01 16:50:12 +02:00
ARGPARSE_s_s (oExportFilter, "export-filter", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oListOptions, "list-options", "@"),
ARGPARSE_s_s (oVerifyOptions, "verify-options", "@"),
ARGPARSE_s_s (oDisplayCharset, "display-charset", "@"),
ARGPARSE_s_s (oDisplayCharset, "charset", "@"),
ARGPARSE_s_s (oOptions, "options", "@"),
gpg: Allow debug flag names for --debug. * g10/gpg.c (opts): Change arg for oDebug to a string. (debug_flags): New; factored out from set_debug. (set_debug): Remove "--debug-level help". Use parse_debug_flag to print the used flags. (main): Use parse_debug_flag for oDebug. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 21:01:10 +02:00
ARGPARSE_s_s (oDebug, "debug", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oDebugLevel, "debug-level", "@"),
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
gpg: Add new option --debug-iolbf. * g10/gpg.c (oDebugIOLBF): new. (opts): Add --debug-iolbf. (main): Set option. -- This option is convenient for debugging to make sure that debug output to stderr is synced with output to stdout. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-06 14:07:50 +02:00
ARGPARSE_s_n (oDebugIOLBF, "debug-iolbf", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_i (oStatusFD, "status-fd", "@"),
ARGPARSE_s_s (oStatusFile, "status-file", "@"),
ARGPARSE_s_i (oAttributeFD, "attribute-fd", "@"),
ARGPARSE_s_s (oAttributeFile, "attribute-file", "@"),
ARGPARSE_s_i (oCompletesNeeded, "completes-needed", "@"),
ARGPARSE_s_i (oMarginalsNeeded, "marginals-needed", "@"),
ARGPARSE_s_i (oMaxCertDepth, "max-cert-depth", "@" ),
ARGPARSE_s_s (oTrustedKey, "trusted-key", "@"),
ARGPARSE_s_s (oLoadExtension, "load-extension", "@"), /* Dummy. */
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
ARGPARSE_s_s (oCompliance, "compliance", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oGnuPG, "gnupg", "@"),
ARGPARSE_s_n (oGnuPG, "no-pgp2", "@"),
ARGPARSE_s_n (oGnuPG, "no-pgp6", "@"),
ARGPARSE_s_n (oGnuPG, "no-pgp7", "@"),
ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"),
ARGPARSE_s_n (oRFC2440, "rfc2440", "@"),
ARGPARSE_s_n (oRFC4880, "rfc4880", "@"),
gpg: New option --rfc4880bis. * g10/options.h (struct opt): Add field flags.rfc4880bis. * g10/gpg.c (oRFC4880bis): new. (opts): add --rfc4880bis. (main): Implement that and print a warning. -- This is option enables experimental features which may be dropped or changed with the next release. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 22:19:23 +02:00
ARGPARSE_s_n (oRFC4880bis, "rfc4880bis", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")),
ARGPARSE_s_n (oPGP6, "pgp6", "@"),
ARGPARSE_s_n (oPGP7, "pgp7", "@"),
ARGPARSE_s_n (oPGP8, "pgp8", "@"),
ARGPARSE_s_n (oRFC2440Text, "rfc2440-text", "@"),
ARGPARSE_s_n (oNoRFC2440Text, "no-rfc2440-text", "@"),
ARGPARSE_s_i (oS2KMode, "s2k-mode", "@"),
ARGPARSE_s_s (oS2KDigest, "s2k-digest-algo", "@"),
ARGPARSE_s_s (oS2KCipher, "s2k-cipher-algo", "@"),
ARGPARSE_s_i (oS2KCount, "s2k-count", "@"),
ARGPARSE_s_s (oCipherAlgo, "cipher-algo", "@"),
ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"),
ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"),
ARGPARSE_s_s (oCompressAlgo,"compress-algo", "@"),
ARGPARSE_s_s (oCompressAlgo, "compression-algo", "@"), /* Alias */
ARGPARSE_s_n (oThrowKeyids, "throw-keyids", "@"),
ARGPARSE_s_n (oNoThrowKeyids, "no-throw-keyids", "@"),
ARGPARSE_s_n (oShowPhotos, "show-photos", "@"),
ARGPARSE_s_n (oNoShowPhotos, "no-show-photos", "@"),
ARGPARSE_s_s (oPhotoViewer, "photo-viewer", "@"),
ARGPARSE_s_s (oSetNotation, "set-notation", "@"),
ARGPARSE_s_s (oSigNotation, "sig-notation", "@"),
ARGPARSE_s_s (oCertNotation, "cert-notation", "@"),
ARGPARSE_group (302, N_(
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
"@\n(See the man page for a complete listing of all commands and options)\n"
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
)),
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_group (303, N_("@\nExamples:\n\n"
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
" -se -r Bob [file] sign and encrypt for user Bob\n"
g10: Hyphenate --clearsign. * g10/gpg.c (opts): Hyphenate option. * doc/gpg.texi: Update accordingly. * po: Update translations. * tests/openpgp: Update tests. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-23 14:10:07 +02:00
" --clear-sign [file] make a clear text signature\n"
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
" --detach-sign [file] make a detached signature\n"
" --list-keys [names] show keys\n"
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
" --fingerprint [names] show fingerprints\n")),
/* More hidden commands and options. */
ARGPARSE_c (aPrintMDs, "print-mds", "@"), /* old */
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aListTrustDB, "list-trustdb", "@"),
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
/* Not yet used:
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_c (aListTrustPath, "list-trust-path", "@"), */
ARGPARSE_c (aDeleteSecretAndPublicKeys,
"delete-secret-and-public-keys", "@"),
ARGPARSE_c (aRebuildKeydbCaches, "rebuild-keydb-caches", "@"),
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
ARGPARSE_s_s (oPassphrase, "passphrase", "@"),
ARGPARSE_s_i (oPassphraseFD, "passphrase-fd", "@"),
ARGPARSE_s_s (oPassphraseFile, "passphrase-file", "@"),
ARGPARSE_s_i (oPassphraseRepeat,"passphrase-repeat", "@"),
gpg: Add pinentry-mode feature. * g10/gpg.c: Include shareddefs.h. (main): Add option --pinentry-mode. * g10/options.h (struct opt): Add field pinentry_mode. * g10/passphrase.c: Include shareddefs.h. (have_static_passphrase): Take care of loopback pinentry_mode. (read_passphrase_from_fd): Ditto. (get_static_passphrase): New. (passphrase_to_dek_ext): Factor some code out to ... (emit_status_need_passphrase): new. * g10/call-agent.c (start_agent): Send the pinentry mode. (default_inq_cb): Take care of the PASSPHRASE inquiry. Return a proper error code. (agent_pksign): Add args keyid, mainkeyid and pubkey_algo. (agent_pkdecrypt): Ditto. * g10/pubkey-enc.c (get_it): Pass new args. * g10/sign.c (do_sign): Pass new args. * g10/call-agent.c (struct default_inq_parm_s): New. Change all similar structs to reference this one. Change all users and inquire callback to use this struct, instead of NULL or some undefined but not used structs. This change will help to eventually get rid of global variables. -- This new features allows to use gpg without a Pinentry. As a prerequisite the agent must be configured to allow the loopback pinentry mode (option --allow-loopback-pinentry). For example gpg2 --pinentry-mode=loopback FILE.gpg may be used to decrypt FILE.gpg while entering the passphrase on the tty. If batch is used, --passphrase et al. may be used, if --command-fd is used, the passphrase may be provided by another process. Note that there are no try-again prompts in case of a bad passphrase.
2013-02-07 20:37:58 +01:00
ARGPARSE_s_s (oPinentryMode, "pinentry-mode", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_i (oCommandFD, "command-fd", "@"),
ARGPARSE_s_s (oCommandFile, "command-file", "@"),
ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
ARGPARSE_s_n (oNoVerbose, "no-verbose", "@"),
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oTrustDBName, "trustdb-name", "@"),
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
ARGPARSE_s_n (oAutoCheckTrustDB, "auto-check-trustdb", "@"),
ARGPARSE_s_n (oNoAutoCheckTrustDB, "no-auto-check-trustdb", "@"),
ARGPARSE_s_s (oForceOwnertrust, "force-ownertrust", "@"),
#endif
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"),
ARGPARSE_s_n (oRequireSecmem, "require-secmem", "@"),
ARGPARSE_s_n (oNoRequireSecmem, "no-require-secmem", "@"),
ARGPARSE_s_n (oNoPermissionWarn, "no-permission-warning", "@"),
ARGPARSE_s_n (oNoMDCWarn, "no-mdc-warning", "@"),
ARGPARSE_s_n (oNoArmor, "no-armor", "@"),
ARGPARSE_s_n (oNoArmor, "no-armour", "@"),
ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"),
gpg: New option --no-keyring. * g10/gpg.c (oNoKeyring): New. (opts): Add "--no-keyring". (main): Do not register any keyring if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 15:33:40 +02:00
ARGPARSE_s_n (oNoKeyring, "no-keyring", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
ARGPARSE_s_n (oNoOptions, "no-options", "@"),
ARGPARSE_s_s (oHomedir, "homedir", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oNoBatch, "no-batch", "@"),
ARGPARSE_s_n (oWithColons, "with-colons", "@"),
gpg: New option --with-tofu-info. * g10/gpg.c (oWithTofuInfo): New. (opts): Add --with-tofu-info. (main): Set opt.with_tofu_info. * g10/options.h (struct opt): Add field WITH_TOFU_INFO. * g10/tofu.c (show_statistics): Add optional arg OUTFP and enter special mode if not NULL. Change all callers. (tofu_write_tfs_record): New. * g10/keylist.c (list_keyblock_colon): Do not print the tofu policy as part of the "uid" record. Print a new "tfs" record if the new option is set. * tests/openpgp/tofu.scm (getpolicy): Change from UID to TFS record. -- A separate option is required to avoid slowing down key listings. Foer example the current code takes for a keylisting in tofu+pgp mode 17 seconds while it takes more than 5 minutes if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 09:26:36 +02:00
ARGPARSE_s_n (oWithTofuInfo,"with-tofu-info", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oWithKeyData,"with-key-data", "@"),
ARGPARSE_s_n (oWithSigList,"with-sig-list", "@"),
ARGPARSE_s_n (oWithSigCheck,"with-sig-check", "@"),
gpg: Fix aliases --list-key, --list-sig, and --check-sig. * g10/gpg.c (opts): Define commands with ARGPARSE_c instead of ARGPARSE_s_n. -- These three entries are commands, but they're being treated as a string-based option for some reason. However, if you try to use them concurrently with another command like --clearsign, you'll get "gpg: conflicting commands". Furthermore, because they're marked as options, their flags differ from the commands that they alias, they cause ambiguity in abbreviation (e.g. try "gpg --list-ke") which should have been fixed by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f. Marking them explicitly as commands for argparse should be more accurate and should resolve the abbreviation ambiguity issue. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> gpg: fix aliases --list-key, --list-sig, and --check-sig. * g10/gpg.c: ARGPARSE_OPTS opts[]: define commands with ARGPARSE_c instead of ARGPARSE_s_n. -- These three entries are commands, but they're being treated as a string-based option for some reason. However, if you try to use them concurrently with another command like --clearsign, you'll get "gpg: conflicting commands". Furthermore, because they're marked as options, their flags differ from the commands that they alias, they cause ambiguity in abbreviation (e.g. try "gpg --list-ke") which should have been fixed by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f. Marking them explicitly as commands for argparse should be more accurate and should resolve the abbreviation ambiguity issue. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-02-04 07:23:32 +01:00
ARGPARSE_c (aListKeys, "list-key", "@"), /* alias */
ARGPARSE_c (aListSigs, "list-sig", "@"), /* alias */
ARGPARSE_c (aCheckKeys, "check-sig", "@"), /* alias */
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
Add gpgconf related dummy options default_pubkey_algo. Add option --skip-hidden-recipients Comment updates.
2009-11-23 20:18:04 +01:00
ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"),
ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_i (oDefCertLevel, "default-cert-check-level", "@"), /* old */
g10: Remove option --always-trust if compiled without trust models. * g10/gpg.c (opts): Remove option --always-trust if compiled without trust models. Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-01 14:51:56 +02:00
#ifndef NO_TRUST_MODELS
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oAlwaysTrust, "always-trust", "@"),
g10: Remove option --always-trust if compiled without trust models. * g10/gpg.c (opts): Remove option --always-trust if compiled without trust models. Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-01 14:51:56 +02:00
#endif
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oTrustModel, "trust-model", "@"),
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
ARGPARSE_s_s (oTOFUDefaultPolicy, "tofu-default-policy", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oSetFilename, "set-filename", "@"),
ARGPARSE_s_n (oForYourEyesOnly, "for-your-eyes-only", "@"),
ARGPARSE_s_n (oNoForYourEyesOnly, "no-for-your-eyes-only", "@"),
ARGPARSE_s_s (oSetPolicyURL, "set-policy-url", "@"),
ARGPARSE_s_s (oSigPolicyURL, "sig-policy-url", "@"),
ARGPARSE_s_s (oCertPolicyURL, "cert-policy-url", "@"),
ARGPARSE_s_n (oShowPolicyURL, "show-policy-url", "@"),
ARGPARSE_s_n (oNoShowPolicyURL, "no-show-policy-url", "@"),
ARGPARSE_s_s (oSigKeyserverURL, "sig-keyserver-url", "@"),
ARGPARSE_s_n (oShowNotation, "show-notation", "@"),
ARGPARSE_s_n (oNoShowNotation, "no-show-notation", "@"),
ARGPARSE_s_s (oComment, "comment", "@"),
ARGPARSE_s_n (oDefaultComment, "default-comment", "@"),
ARGPARSE_s_n (oNoComments, "no-comments", "@"),
ARGPARSE_s_n (oEmitVersion, "emit-version", "@"),
ARGPARSE_s_n (oNoEmitVersion, "no-emit-version", "@"),
ARGPARSE_s_n (oNoEmitVersion, "no-version", "@"), /* alias */
ARGPARSE_s_n (oNotDashEscaped, "not-dash-escaped", "@"),
ARGPARSE_s_n (oEscapeFrom, "escape-from-lines", "@"),
ARGPARSE_s_n (oNoEscapeFrom, "no-escape-from-lines", "@"),
ARGPARSE_s_n (oLockOnce, "lock-once", "@"),
ARGPARSE_s_n (oLockMultiple, "lock-multiple", "@"),
ARGPARSE_s_n (oLockNever, "lock-never", "@"),
ARGPARSE_s_i (oLoggerFD, "logger-fd", "@"),
ARGPARSE_s_s (oLoggerFile, "log-file", "@"),
ARGPARSE_s_s (oLoggerFile, "logger-file", "@"), /* 1.4 compatibility. */
ARGPARSE_s_n (oUseEmbeddedFilename, "use-embedded-filename", "@"),
ARGPARSE_s_n (oNoUseEmbeddedFilename, "no-use-embedded-filename", "@"),
ARGPARSE_s_n (oUtf8Strings, "utf8-strings", "@"),
ARGPARSE_s_n (oNoUtf8Strings, "no-utf8-strings", "@"),
ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
gpg: Add option --with-subkey-fingerprint. * g10/gpg.c (oWithSubkeyFingerprint): New. (opts): Add --with-subkey-fingerprint[s]. (main): Set that option. * g10/options.h (struct opt): Add 'with_subkey_fingerprint'. * g10/keylist.c (list_keyblock_print): Print subkey fingerprint. (print_fingerprint): Tweak printing to use compact format if desirable. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-06 16:55:03 +02:00
ARGPARSE_s_n (oWithSubkeyFingerprint, "with-subkey-fingerprint", "@"),
ARGPARSE_s_n (oWithSubkeyFingerprint, "with-subkey-fingerprints", "@"),
gpg: Add option to print fingerprints in ICAO spelling. * g10/gpg.c: Add option --with-icao-spelling. * g10/options.h (struct opt): Add with_icao_spelling. * g10/keylist.c (print_icao_hexdigit): New. (print_fingerprint): Print ICAO spelling. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-23 17:54:05 +01:00
ARGPARSE_s_n (oWithICAOSpelling, "with-icao-spelling", "@"),
Add new option --with-keygrip
2010-10-08 13:11:08 +02:00
ARGPARSE_s_n (oWithKeygrip, "with-keygrip", "@"),
Add new option --with-secret. * g10/gpg.c: Add option --with-secret. * g10/options.h (struct opt): Add field with_secret. * g10/keylist.c (public_key_list): Pass opt.with_secret to list_all and list_one. (list_all, list_one): Add arg mark_secret. (list_keyblock_colon): Add arg has_secret. * sm/gpgsm.c: Add option --with-secret. * sm/server.c (option_handler): Add option "with-secret". * sm/gpgsm.h (server_control_s): Add field with_secret. * sm/keylist.c (list_cert_colon): Take care of with_secret. Also move the token string from the wrong field 14 to 15. -- This option is useful for key managers which need to know whether a key has a secret key. This change allows to collect this information in one pass.
2014-06-03 21:35:59 +02:00
ARGPARSE_s_n (oWithSecret, "with-secret", "@"),
gpg: Add experimental AKL method "wkd" and option --with-wkd-hash. * g10/getkey.c (parse_auto_key_locate): Add method "wkd". (get_pubkey_byname): Implement that method. Also rename a variable. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New. * g10/keyserver.c (keyserver_import_wkd): New. * g10/test-stubs.c (keyserver_import_wkd): Add stub. * g10/gpgv.c (keyserver_import_wkd): Ditto. * g10/options.h (opt): Add field 'with_wkd_hash'. (AKL_WKD): New. * g10/gpg.c (oWithWKDHash): New. (opts): Add option --with-wkd-hash. (main): Set that option. * g10/keylist.c (list_keyblock_print): Implement that option. -- The Web Key Directory is an experimental feature to retrieve a key via https. It is similar to OpenPGP DANE but also uses an encryption to reveal less information about a key lookup. For example the URI to lookup the key for Joe.Doe@Example.ORG is: https://example.org/.well-known/openpgpkey/ hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q (line has been wrapped for rendering purposes). The hash is a z-Base-32 encoded SHA-1 hash of the mail address' local-part. The address wk@gnupg.org can be used for testing. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:34:29 +02:00
ARGPARSE_s_n (oWithWKDHash, "with-wkd-hash", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oDisableCipherAlgo, "disable-cipher-algo", "@"),
ARGPARSE_s_s (oDisablePubkeyAlgo, "disable-pubkey-algo", "@"),
ARGPARSE_s_n (oAllowNonSelfsignedUID, "allow-non-selfsigned-uid", "@"),
ARGPARSE_s_n (oNoAllowNonSelfsignedUID, "no-allow-non-selfsigned-uid", "@"),
ARGPARSE_s_n (oAllowFreeformUID, "allow-freeform-uid", "@"),
ARGPARSE_s_n (oNoAllowFreeformUID, "no-allow-freeform-uid", "@"),
ARGPARSE_s_n (oNoLiteral, "no-literal", "@"),
ARGPARSE_p_u (oSetFilesize, "set-filesize", "@"),
ARGPARSE_s_n (oFastListMode, "fast-list-mode", "@"),
ARGPARSE_s_n (oFixedListMode, "fixed-list-mode", "@"),
gpg: Change format for the key size in --list-key and --edit-key. * g10/gpg.c (oLegacyListMode, opts, main): Add --legacy-list-mode. * g10/options.h (struct opt): Add field legacy_list_mode. * g10/keydb.h (PUBKEY_STRING_SIZE): New. * g10/keyid.c (pubkey_string): New. * g10/import.c (import_one, import_secret_one): Use pubkey_string. * g10/keylist.c (print_seckey_info): Ditto. (print_pubkey_info, print_card_key_info): Ditto. (list_keyblock_print): Ditto. * g10/mainproc.c (list_node): Ditto. * g10/pkclist.c (do_edit_ownertrust, build_pk_list): Ditto. * g10/keyedit.c (show_key_with_all_names): Ditto. Also change the format. (show_basic_key_info): Ditto. * common/openpgp-oid.c (openpgp_curve_to_oid): Also allow "ed25519". (openpgp_oid_to_curve): Downcase "ed25519" -- For ECC it seems to be better to show the name of the curve and not just the size of the prime field. The curve name does not anymore fit into the "<size><letter>" descriptor (e.g. "2048R") and a fixed length format does not work either. Thus the new format uses "rsa2048" - RSA with 2048 bit "elg1024" - Elgamal with 1024 bit "ed25519" - ECC using the curve Ed25519. "E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4". unless --legacy-list-mode is given. In does not anymore line up nicely in columns thus I expect further changes to this new format. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-02-05 10:37:59 +01:00
ARGPARSE_s_n (oLegacyListMode, "legacy-list-mode", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oListOnly, "list-only", "@"),
gpg: Change --print-pka-records into an option. * g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not use it as a command. * g10/keylist.c (list_keyblock): List PKA rceords also for secret keys. -- An option allows to use it more flexible. For example to select only secret keys. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 13:44:40 +01:00
ARGPARSE_s_n (oPrintPKARecords, "print-pka-records", "@"),
gpg: Add option --print-dane-records. * g10/options.h (opt): Add field "print_dane_records". * g10/gpg.c (oPrintDANERecords): new. (opts): Add --print-dane-records. (main): Set that option. * g10/export.c (do_export): Remove EXPORT_DANE_FORMAT handling. (do_export_stream): Add EXPORT_DANE_FORMAT handling. * g10/keylist.c (list_keyblock_pka): Implement DANE record printing. * g10/gpgv.c (export_pubkey_buffer): New stub. * g10/test-stubs.c (export_pubkey_buffer): New stub. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-08 15:04:45 +02:00
ARGPARSE_s_n (oPrintDANERecords, "print-dane-records", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
ARGPARSE_s_n (oIgnoreValidFrom, "ignore-valid-from", "@"),
ARGPARSE_s_n (oIgnoreCrcError, "ignore-crc-error", "@"),
ARGPARSE_s_n (oIgnoreMDCError, "ignore-mdc-error", "@"),
ARGPARSE_s_n (oShowSessionKey, "show-session-key", "@"),
ARGPARSE_s_s (oOverrideSessionKey, "override-session-key", "@"),
gpg: New option --override-session-key-fd. * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 09:02:53 +01:00
ARGPARSE_s_i (oOverrideSessionKeyFD, "override-session-key-fd", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oNoRandomSeedFile, "no-random-seed-file", "@"),
ARGPARSE_s_n (oAutoKeyRetrieve, "auto-key-retrieve", "@"),
ARGPARSE_s_n (oNoAutoKeyRetrieve, "no-auto-key-retrieve", "@"),
ARGPARSE_s_n (oNoSigCache, "no-sig-cache", "@"),
ARGPARSE_s_n (oMergeOnly, "merge-only", "@" ),
ARGPARSE_s_n (oAllowSecretKeyImport, "allow-secret-key-import", "@"),
ARGPARSE_s_n (oTryAllSecrets, "try-all-secrets", "@"),
ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"),
ARGPARSE_s_n (oNoExpensiveTrustChecks, "no-expensive-trust-checks", "@"),
ARGPARSE_s_n (oPreservePermissions, "preserve-permissions", "@"),
ARGPARSE_s_s (oDefaultPreferenceList, "default-preference-list", "@"),
ARGPARSE_s_s (oDefaultKeyserverURL, "default-keyserver-url", "@"),
ARGPARSE_s_s (oPersonalCipherPreferences, "personal-cipher-preferences","@"),
ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"),
ARGPARSE_s_s (oPersonalCompressPreferences,
"personal-compress-preferences", "@"),
Implement --faked-systrem-time for gpg. Typo and comment fixes.
2009-12-17 18:25:26 +01:00
ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
gpg: Add option --weak-digest to gpg and gpgv. * g10/options.h: Add additional_weak_digests linked list to opts. * g10/main.h: Declare weakhash linked list struct and additional_weak_digest() function to insert newly-declared weak digests into opts. * g10/misc.c: (additional_weak_digest): New function. (print_digest_algo_note): Check for deprecated digests; use proper gcry_md_algos type. * g10/sig-check.c: (do_check): Reject weak digests in addition to MD5. * g10/gpg.c: Add --weak-digest option to gpg. * doc/gpg.texi: Document gpg --weak-digest option. * g10/gpgv.c: Add --weak-digest option to gpgv. * doc/gpgv.texi: Document gpgv --weak-digest option. -- gpg and gpgv treat signatures made over MD5 as unreliable, unless the user supplies --allow-weak-digests to gpg. Signatures over any other digest are considered acceptable. Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC 4880, the collision-resistance of SHA-1 is weaker than anyone would like it to be. Some operators of high-value targets that depend on OpenPGP signatures may wish to require their signers to use a stronger digest algorithm than SHA1, even if the OpenPGP ecosystem at large cannot deprecate SHA1 entirely today. This changeset adds a new "--weak-digest DIGEST" option for both gpg and gpgv, which makes it straightforward for anyone to treat any signature or certification made over the specified digest as unreliable. This option can be supplied multiple times if the operator wishes to deprecate multiple digest algorithms, and will be ignored completely if the operator supplies --allow-weak-digests (as before). MD5 is still always considered weak, regardless of any further --weak-digest options supplied. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Capitialized some comments, shorted a line in do_check, and changed subject to name the option. -wk
2015-10-18 23:35:32 +02:00
ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
gpg: Add support for unwrapping the outer level of encryption. * g10/decrypt-data.c (decrypt_data): If OPT.UNWRAP_ENCRYPTION is set, copy the data to the output file instead of continuing to process it. * g10/gpg.c (enum cmd_and_opt_values): Add new value oUnwrap. (opts): Handle oUnwrap. (main): Likewise. * g10/options.h (opt): Add field unwrap_encryption. * g10/plaintext.c (handle_plaintext): Break the output file selection functionality into ... (get_output_file): ... this new function. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1060 Debian-bug-id: 282061
2015-11-05 12:20:42 +01:00
ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
gpg: Add new option --only-sign-text-ids. * g10/options.h (opt): Add field only_sign_text_ids. * g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs. (opts): Handle oOnlySignTextIDs. (main): Likewise. * g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't select non-text based IDs automatically. (keyedit_menu): Adapt the prompt asking to sign all user ids according to OPT.ONLY_SIGN_TEXT_IDS. * doc/gpg.texi: Document the new option --only-sign-text-ids. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1241 Debian-bug-id: 569702
2015-11-06 13:14:57 +01:00
ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
/* Aliases. I constantly mistype these, and assume other people do
as well. */
ARGPARSE_s_s (oPersonalCipherPreferences, "personal-cipher-prefs", "@"),
ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-prefs", "@"),
ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-prefs", "@"),
gpg: Add option --dirmngr-program. * g10/gpg.c: Add option --dirmngr-program. * g10/options.h (struct opt): Add field dirmngr_program. * g10/call-dirmngr.c (create_context): Use new var. * dirmngr/dirmngr.c: Include gc-opt-flags.h. (main): Remove GC_OPT_FLAG_*. * tools/gpgconf-comp.c (GC_OPT_FLAG_NO_CHANGE): Move macro to ... * common/gc-opt-flags.h: here.
2014-03-12 18:24:52 +01:00
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),
gpg: Add option --dirmngr-program. * g10/gpg.c: Add option --dirmngr-program. * g10/options.h (struct opt): Add field dirmngr_program. * g10/call-dirmngr.c (create_context): Use new var. * dirmngr/dirmngr.c: Include gc-opt-flags.h. (main): Remove GC_OPT_FLAG_*. * tools/gpgconf-comp.c (GC_OPT_FLAG_NO_CHANGE): Move macro to ... * common/gc-opt-flags.h: here.
2014-03-12 18:24:52 +01:00
ARGPARSE_s_s (oDirmngrProgram, "dirmngr-program", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_s (oDisplay, "display", "@"),
ARGPARSE_s_s (oTTYname, "ttyname", "@"),
ARGPARSE_s_s (oTTYtype, "ttytype", "@"),
ARGPARSE_s_s (oLCctype, "lc-ctype", "@"),
ARGPARSE_s_s (oLCmessages, "lc-messages","@"),
ARGPARSE_s_s (oXauthority, "xauthority", "@"),
ARGPARSE_s_s (oGroup, "group", "@"),
ARGPARSE_s_s (oUnGroup, "ungroup", "@"),
ARGPARSE_s_n (oNoGroups, "no-groups", "@"),
ARGPARSE_s_n (oStrict, "strict", "@"),
ARGPARSE_s_n (oNoStrict, "no-strict", "@"),
ARGPARSE_s_n (oMangleDosFilenames, "mangle-dos-filenames", "@"),
ARGPARSE_s_n (oNoMangleDosFilenames, "no-mangle-dos-filenames", "@"),
ARGPARSE_s_n (oEnableProgressFilter, "enable-progress-filter", "@"),
ARGPARSE_s_n (oMultifile, "multifile", "@"),
ARGPARSE_s_s (oKeyidFormat, "keyid-format", "@"),
ARGPARSE_s_n (oExitOnStatusWriteError, "exit-on-status-write-error", "@"),
ARGPARSE_s_i (oLimitCardInsertTries, "limit-card-insert-tries", "@"),
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
ARGPARSE_s_n (oAllowMultisigVerification,
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
"allow-multisig-verification", "@"),
gpg: Add build and runtime support for larger RSA keys * configure.ac: Added --enable-large-secmem option. * g10/options.h: Add opt.flags.large_rsa. * g10/gpg.c: Contingent on configure option: adjust secmem size, add gpg --enable-large-rsa, bound to opt.flags.large_rsa. * g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa * doc/gpg.texi: Document --enable-large-rsa. -- This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from STABLE-BRANCH-1-4 against master Some older implementations built and used RSA keys up to 16Kib, but the larger secret keys now fail when used by more recent GnuPG, due to secure memory limitations. Building with ./configure --enable-large-secmem will make gpg capable of working with those secret keys, as well as permitting the use of a new gpg option --enable-large-rsa, which let gpg generate RSA keys up to 8Kib when used with --batch --gen-key. Debian-bug-id: 739424 Minor edits by wk. GnuPG-bug-id: 1732
2014-10-09 22:54:15 +02:00
ARGPARSE_s_n (oEnableLargeRSA, "enable-large-rsa", "@"),
ARGPARSE_s_n (oDisableLargeRSA, "disable-large-rsa", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_s_n (oEnableDSA2, "enable-dsa2", "@"),
ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"),
ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"),
ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
gpg: Reject signatures made with MD5. * g10/gpg.c: Add option --allow-weak-digest-algos. (main): Set option also in PGP2 mode. * g10/options.h (struct opt): Add flags.allow_weak_digest_algos. * g10/sig-check.c (do_check): Reject MD5 signatures. * tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.
2014-03-17 17:54:36 +01:00
ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
gpg: New option --default-new-key-algo. * common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg R_ALGO and change all callers. * common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code. * g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO. * g10/gpg.c (oDefaultNewKeyAlgo): New enum. (opts): New option "--default-new-key-algo". (main): Set the option. * g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace them by ... (DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants. (get_keysize_range): Remove arg R_DEF and return that value instead. Change all callers. (gen_rsa): Use get_keysize_range instead of the removed DEFAULT_STD_KEYSIZE. (parse_key_parameter_part): New function. (parse_key_parameter_string): New function. (quick_generate_keypair): Refactor using parse_key_parameter_string. (generate_keypair): Ditto. (parse_algo_usage_expire): Ditto. -- This new option is intended to be used in the forthcoming --set-profile command of gpgconf. It allows to provide a gpg configuration with custom defaults for a new key using the simple commands which use the default algorithm set. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-02 19:43:36 +01:00
ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
/* These two are aliases to help users of the PGP command line
product use gpg with minimal pain. Many commands are common
already as they seem to have borrowed commands from us. Now I'm
returning the favor. */
ARGPARSE_s_s (oLocalUser, "sign-with", "@"),
ARGPARSE_s_s (oRecipient, "user", "@"),
ARGPARSE_s_n (oRequireCrossCert, "require-backsigs", "@"),
ARGPARSE_s_n (oRequireCrossCert, "require-cross-certification", "@"),
ARGPARSE_s_n (oNoRequireCrossCert, "no-require-backsigs", "@"),
ARGPARSE_s_n (oNoRequireCrossCert, "no-require-cross-certification", "@"),
/* New options. Fixme: Should go more to the top. */
ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"),
ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"),
Add option --no-autostart. * g10/gpg.c: Add option --no-autostart. * sm/gpgsm.c: Ditto. * g10/options.h (opt): Add field autostart. * sm/gpgsm.h (opt): Ditto. * g10/call-agent.c (start_agent): Print note if agent was not autostarted. * sm/call-agent.c (start_agent): Ditto. * g10/call-dirmngr.c (create_context): Likewise. * sm/call-dirmngr.c (start_dirmngr_ext): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-28 09:44:19 +01:00
ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
/* Dummy options with warnings. */
gpg: Do not always print dashes in obsolete_option. * g10/gpg.c (main): Pass option names to obsolete_option without double dash. * g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double dash only for command line options.
2014-09-25 22:13:03 +02:00
ARGPARSE_s_n (oUseAgent, "use-agent", "@"),
ARGPARSE_s_n (oNoUseAgent, "no-use-agent", "@"),
ARGPARSE_s_s (oGpgAgentInfo, "gpg-agent-info", "@"),
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
ARGPARSE_s_s (oReaderPort, "reader-port", "@"),
ARGPARSE_s_s (octapiDriver, "ctapi-driver", "@"),
ARGPARSE_s_s (opcscDriver, "pcsc-driver", "@"),
ARGPARSE_s_n (oDisableCCID, "disable-ccid", "@"),
gpg: Obsolete some keyserver helper options. * g10/options.h (opt): Remove keyserver_options.other. * g10/gpg.c (main): Obsolete option --honor-http-proxt. * g10/keyserver.c (add_canonical_option): Replace by ... (warn_kshelper_option): New. (parse_keyserver_uri): Obsolete "x-broken-http". -- Some of these options are deprecated for 10 years and they do not make any sense without the keyserver helpers. For one we print a hint on how to replace it: gpg: keyserver option 'ca-cert-file' is obsolete; \ please use 'hkp-cacert' in dirmngr.conf Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-08 15:14:35 +01:00
ARGPARSE_s_n (oHonorHttpProxy, "honor-http-proxy", "@"),
gpg: Remove tofu database format "split". * g10/options.h (struct opt): Remove field tofu_db_format. * g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and tofu.batch_update_started. * g10/gpg.c (parse_tofu_db_format): Remove. (main): Make option --tofu-db-format obsolete. * g10/tofu.c: Major rework. Remove the pretty complicated and slower split format and with that all the caching. Use the dbs struct directly. Move global vars for batch update into CTRL. Change calling conventions of some function to take CTRL or DBS pointers instead of the former low-level database pointer. -- The split database format might have been nice for use with Unison but it bypasses the concept of a relational database by doing parts of this itself and also risking deadlocks. Working with the Tofu database for debugging or experiments is also not possible with parts of the database logic implemented in gpg. The Tofu support is quite new and we can assume that it is not in real use now. Thus we better remove that now so that we do not need to maintain it for all future. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-05 14:40:36 +02:00
ARGPARSE_s_s (oTOFUDBFormat, "tofu-db-format", "@"),
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
gpg: Remove --compress-keys and --compress-sigs feature. * g10/gpg.c (oCompressKeys, oCompressSigs): Remove. (opts): Turn --compress-keys and --compress-signs in NOPs. * g10/options.h (opt): Remove fields compress_keys and compress_sigs. * g10/export.c (do_export): Remove compress_keys feature. * g10/sign.c (sign_file): Remove compress_sigs feature. -- These features are disabled in GnuPG since the very early days and they fulfill no real purpose. For now we keep the command line options as dummys.
2014-08-12 10:36:30 +02:00
/* Dummy options. */
ARGPARSE_s_n (oNoop, "sk-comments", "@"),
ARGPARSE_s_n (oNoop, "no-sk-comments", "@"),
ARGPARSE_s_n (oNoop, "compress-keys", "@"),
ARGPARSE_s_n (oNoop, "compress-sigs", "@"),
gpg: Remove all support for v3 keys and always create v4-signatures. * g10/build-packet.c (do_key): Remove support for building v3 keys. * g10/parse-packet.c (read_protected_v3_mpi): Remove. (parse_key): Remove support for v3-keys. Add dedicated warnings for v3-key packets. * g10/keyid.c (hash_public_key): Remove v3-key support. (keyid_from_pk): Ditto. (fingerprint_from_pk): Ditto. * g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs. * g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs, oForceV4Certs, oNoForceV4Certs. (opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs, --no-force-v4-certs int dummy options. (main): Remove setting of the force_v3_sigs force_v4_certs flags. * g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs. * g10/sign.c (hash_uid): Remove support for v3-signatures (hash_sigversion_to_magic): Ditto. (only_old_style): Remove this v3-key function. (write_signature_packets): Remove support for creating v3-signatures. (sign_file): Ditto. (sign_symencrypt_file): Ditto. (clearsign_file): Ditto. Remove code to emit no Hash armor line if only v3-keys are used. (make_keysig_packet): Remove arg SIGVERSION and force using v4-signatures. Change all callers to not pass a value for this arg. Remove all v3-key related code. (update_keysig_packet): Remove v3-signature support. * g10/keyedit.c (sign_uids): Always create v4-signatures. * g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and change caller. -- v3 keys are deprecated for about 15 years and due the severe weaknesses of MD5 it does not make any sense to keep code around to use these old and broken keys. Users who need to decrypt old messages should use gpg 1.4 and best re-encrypt them to modern standards. verification of old (i.e. PGP2) created signatures is thus also not anymore possible but such signatures have no values anyway - MD5 is just too broken. We have also kept support for v3 signatures until now. With the removal of support for v3 keys it is questionable whether it makes any sense to keep support for v3-signatures. What we do now is to keep support for verification of v3-signatures but we force the use of v4-signatures. The latter makes the --pgp6 and --pgp7 switch a bit obsolete because those PGP versions require v3-signatures for messages. These versions of PGP are also really old and not anymore maintained so they have not received any bug fixes and should not be used anyway. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-12 20:07:12 +02:00
ARGPARSE_s_n (oNoop, "force-v3-sigs", "@"),
ARGPARSE_s_n (oNoop, "no-force-v3-sigs", "@"),
ARGPARSE_s_n (oNoop, "force-v4-certs", "@"),
ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"),
gpg: Remove --compress-keys and --compress-sigs feature. * g10/gpg.c (oCompressKeys, oCompressSigs): Remove. (opts): Turn --compress-keys and --compress-signs in NOPs. * g10/options.h (opt): Remove fields compress_keys and compress_sigs. * g10/export.c (do_export): Remove compress_keys feature. * g10/sign.c (sign_file): Remove compress_sigs feature. -- These features are disabled in GnuPG since the very early days and they fulfill no real purpose. For now we keep the command line options as dummys.
2014-08-12 10:36:30 +02:00
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
ARGPARSE_end ()
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
};
gpg: Allow debug flag names for --debug. * g10/gpg.c (opts): Change arg for oDebug to a string. (debug_flags): New; factored out from set_debug. (set_debug): Remove "--debug-level help". Use parse_debug_flag to print the used flags. (main): Use parse_debug_flag for oDebug. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 21:01:10 +02:00
/* The list of supported debug flags. */
static struct debug_flags_s debug_flags [] =
{
{ DBG_PACKET_VALUE , "packet" },
{ DBG_MPI_VALUE , "mpi" },
{ DBG_CRYPTO_VALUE , "crypto" },
{ DBG_FILTER_VALUE , "filter" },
{ DBG_IOBUF_VALUE , "iobuf" },
{ DBG_MEMORY_VALUE , "memory" },
{ DBG_CACHE_VALUE , "cache" },
{ DBG_MEMSTAT_VALUE, "memstat" },
{ DBG_TRUST_VALUE , "trust" },
{ DBG_HASHING_VALUE, "hashing" },
{ DBG_IPC_VALUE , "ipc" },
{ DBG_CLOCK_VALUE , "clock" },
{ DBG_LOOKUP_VALUE , "lookup" },
{ DBG_EXTPROG_VALUE, "extprog" },
{ 0, NULL }
};
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#ifdef ENABLE_SELINUX_HACKS
#define ALWAYS_ADD_KEYRINGS 1
#else
#define ALWAYS_ADD_KEYRINGS 0
#endif
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
int g10_errors_seen = 0;
static int utf8_strings = 0;
static int maybe_setuid = 1;
static char *build_list( const char *text, char letter,
const char *(*mapf)(int), int (*chkf)(int) );
static void set_cmd( enum cmd_and_opt_values *ret_cmd,
enum cmd_and_opt_values new_cmd );
static void print_mds( const char *fname, int algo );
static void add_notation_data( const char *string, int which );
static void add_policy_url( const char *string, int which );
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
static void add_keyserver_url( const char *string, int which );
Key generation and signing using the OpenPGP card does rudimentary work.
2003-06-27 22:53:09 +02:00
static void emergency_cleanup (void);
gpg: New option --override-session-key-fd. * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 09:02:53 +01:00
static void read_sessionkey_from_fd (int fd);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
Print library versions according to GNU standards.
2008-11-18 19:01:03 +01:00
static char *
make_libversion (const char *libname, const char *(*getfnc)(const char*))
{
const char *s;
char *result;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Print library versions according to GNU standards.
2008-11-18 19:01:03 +01:00
if (maybe_setuid)
{
gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
maybe_setuid = 0;
}
s = getfnc (NULL);
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
strcpy (stpcpy (stpcpy (result, libname), " "), s);
return result;
}
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
static int
build_list_pk_test_algo (int algo)
{
gpg: Do not show "MD5" and triplicated "RSA" in --version. * g10/gpg.c (build_list_pk_test_algo): Ignore RSA aliases (build_list_md_test_algo): Ignore MD5.
2014-08-28 16:01:22 +02:00
/* Show only one "RSA" string. If RSA_E or RSA_S is available RSA
is also available. */
if (algo == PUBKEY_ALGO_RSA_E
|| algo == PUBKEY_ALGO_RSA_S)
return GPG_ERR_DIGEST_ALGO;
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
return openpgp_pk_test_algo (algo);
}
static const char *
build_list_pk_algo_name (int algo)
{
return openpgp_pk_algo_name (algo);
}
static int
build_list_cipher_test_algo (int algo)
{
return openpgp_cipher_test_algo (algo);
}
static const char *
build_list_cipher_algo_name (int algo)
{
return openpgp_cipher_algo_name (algo);
}
static int
build_list_md_test_algo (int algo)
{
gpg: Do not show "MD5" and triplicated "RSA" in --version. * g10/gpg.c (build_list_pk_test_algo): Ignore RSA aliases (build_list_md_test_algo): Ignore MD5.
2014-08-28 16:01:22 +02:00
/* By default we do not accept MD5 based signatures. To avoid
confusion we do not announce support for it either. */
if (algo == DIGEST_ALGO_MD5)
return GPG_ERR_DIGEST_ALGO;
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
return openpgp_md_test_algo (algo);
}
static const char *
build_list_md_algo_name (int algo)
{
return openpgp_md_algo_name (algo);
}
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
static const char *
my_strusage( int level )
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Print library versions according to GNU standards.
2008-11-18 19:01:03 +01:00
static char *digests, *pubkeys, *ciphers, *zips, *ver_gcry;
const char *p;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
switch( level ) {
Make use of the *_NAME etc macros. Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt.
2013-11-18 14:09:47 +01:00
case 11: p = "@GPG@ (@GNUPG@)";
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case 13: p = VERSION; break;
case 17: p = PRINTABLE_OS_NAME; break;
Make bug reporting address easier changeable.
2009-07-21 16:21:05 +02:00
case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
Print library versions according to GNU standards.
2008-11-18 19:01:03 +01:00
case 20:
if (!ver_gcry)
ver_gcry = make_libversion ("libgcrypt", gcry_check_version);
p = ver_gcry;
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#ifdef IS_DEVELOPMENT_VERSION
Print library versions according to GNU standards.
2008-11-18 19:01:03 +01:00
case 25:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
p="NOTE: THIS IS A DEVELOPMENT VERSION!";
break;
Print library versions according to GNU standards.
2008-11-18 19:01:03 +01:00
case 26:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
p="It is only intended for test purposes and should NOT be";
break;
Print library versions according to GNU standards.
2008-11-18 19:01:03 +01:00
case 27:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
p="used in a production environment or with production keys!";
break;
#endif
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case 1:
case 40: p =
Make use of the *_NAME etc macros. Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt.
2013-11-18 14:09:47 +01:00
_("Usage: @GPG@ [options] [files] (-h for help)");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case 41: p =
Make use of the *_NAME etc macros. Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt.
2013-11-18 14:09:47 +01:00
_("Syntax: @GPG@ [options] [files]\n"
Fix typos spotted during translations * agent/genkey.c: s/to to/to/ * sm/*.c: s/failed to allocated/failed to allocate/ * sm/certlist.c, ./dirmngr/validate.c: s/should have not/should not have/ * g10/seskey.c: missing closing parenthesis * dirmngr/crlcache.c: s/may has/may have/ Consistency fix: * g10/gpg.c, kbx/kbxutil.c, sm/gpgsm.c: uppercase after Syntax * dirmngr/dirmngr_ldap: no period in Syntax * dirmngr/dirmngr-client.c: infinitive for option description: s/certificates are expected/expect certificates/
2012-08-22 18:54:38 +02:00
"Sign, check, encrypt or decrypt\n"
"Default operation depends on the input data\n");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case 31: p = "\nHome: "; break;
#ifndef __riscos__
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
case 32: p = gnupg_homedir (); break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#else /* __riscos__ */
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
case 32: p = make_filename(gnupg_homedir (), NULL); break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#endif /* __riscos__ */
case 33: p = _("\nSupported algorithms:\n"); break;
case 34:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if (!pubkeys)
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
pubkeys = build_list (_("Pubkey: "), 1,
build_list_pk_algo_name,
build_list_pk_test_algo );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
p = pubkeys;
break;
case 35:
if( !ciphers )
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
ciphers = build_list(_("Cipher: "), 'S',
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
build_list_cipher_algo_name,
build_list_cipher_test_algo );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
p = ciphers;
break;
case 36:
if( !digests )
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
digests = build_list(_("Hash: "), 'H',
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
build_list_md_algo_name,
build_list_md_test_algo );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
p = digests;
break;
case 37:
if( !zips )
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
zips = build_list(_("Compression: "),'Z',
compress_algo_to_string,
check_compress_algo);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
p = zips;
break;
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
default: p = NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
return p;
}
static char *
Fix potential heap corruption in "gpg -v --version". * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org> (cherry picked from commit 3402a84720e7d8c6ad04fc50eacb338a8ca05ca1) Signed-off-by: Werner Koch <wk@gnupg.org>
2012-12-15 11:28:00 +01:00
build_list (const char *text, char letter,
const char * (*mapf)(int), int (*chkf)(int))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Fix potential heap corruption in "gpg -v --version". * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org> (cherry picked from commit 3402a84720e7d8c6ad04fc50eacb338a8ca05ca1) Signed-off-by: Werner Koch <wk@gnupg.org>
2012-12-15 11:28:00 +01:00
membuf_t mb;
int indent;
int i, j, len;
const char *s;
char *string;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Fix potential heap corruption in "gpg -v --version". * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org> (cherry picked from commit 3402a84720e7d8c6ad04fc50eacb338a8ca05ca1) Signed-off-by: Werner Koch <wk@gnupg.org>
2012-12-15 11:28:00 +01:00
if (maybe_setuid)
gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
common: Extend utf8_charcount to include the string's length. * common/stringhelp.c (utf8_charcount): Take additional parameter, len. Process at most LEN bytes. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-11-23 22:13:56 +01:00
indent = utf8_charcount (text, -1);
Fix potential heap corruption in "gpg -v --version". * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org> (cherry picked from commit 3402a84720e7d8c6ad04fc50eacb338a8ca05ca1) Signed-off-by: Werner Koch <wk@gnupg.org>
2012-12-15 11:28:00 +01:00
len = 0;
init_membuf (&mb, 512);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Fix potential heap corruption in "gpg -v --version". * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org> (cherry picked from commit 3402a84720e7d8c6ad04fc50eacb338a8ca05ca1) Signed-off-by: Werner Koch <wk@gnupg.org>
2012-12-15 11:28:00 +01:00
for (i=0; i <= 110; i++ )
{
if (!chkf (i) && (s = mapf (i)))
{
if (mb.len - len > 60)
{
put_membuf_str (&mb, ",\n");
len = mb.len;
for (j=0; j < indent; j++)
put_membuf_str (&mb, " ");
}
else if (mb.len)
put_membuf_str (&mb, ", ");
else
put_membuf_str (&mb, text);
put_membuf_str (&mb, s);
if (opt.verbose && letter)
{
char num[20];
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
if (letter == 1)
snprintf (num, sizeof num, " (%d)", i);
else
snprintf (num, sizeof num, " (%c%d)", letter, i);
Fix potential heap corruption in "gpg -v --version". * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org> (cherry picked from commit 3402a84720e7d8c6ad04fc50eacb338a8ca05ca1) Signed-off-by: Werner Koch <wk@gnupg.org>
2012-12-15 11:28:00 +01:00
put_membuf_str (&mb, num);
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
Fix potential heap corruption in "gpg -v --version". * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org> (cherry picked from commit 3402a84720e7d8c6ad04fc50eacb338a8ca05ca1) Signed-off-by: Werner Koch <wk@gnupg.org>
2012-12-15 11:28:00 +01:00
if (mb.len)
put_membuf_str (&mb, "\n");
put_membuf (&mb, "", 1);
string = get_membuf (&mb, NULL);
return xrealloc (string, strlen (string)+1);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
static void
wrong_args( const char *text)
{
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_fprintf (es_stderr, _("usage: %s [options] %s\n"), GPG_NAME, text);
gpg,gpgsm: Simplify wrong_args function.
2014-06-25 20:25:28 +02:00
g10_exit(2);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
static char *
make_username( const char *string )
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
char *p;
if( utf8_strings )
p = xstrdup(string);
else
p = native_to_utf8( string );
return p;
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
}
Reworked passing of envars to Pinentry.
2009-07-07 12:02:41 +02:00
static void
set_opt_session_env (const char *name, const char *value)
{
gpg_error_t err;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Reworked passing of envars to Pinentry.
2009-07-07 12:02:41 +02:00
err = session_env_setenv (opt.session_env, name, value);
if (err)
log_fatal ("error setting session environment: %s\n",
gpg_strerror (err));
}
gpg: Allow debug flag names for --debug. * g10/gpg.c (opts): Change arg for oDebug to a string. (debug_flags): New; factored out from set_debug. (set_debug): Remove "--debug-level help". Use parse_debug_flag to print the used flags. (main): Use parse_debug_flag for oDebug. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 21:01:10 +02:00
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
/* Setup the debugging. With a LEVEL of NULL only the active debug
flags are propagated to the subsystems. With LEVEL set, a specific
set of debug flags is set; thus overriding all flags already
set. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
static void
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
set_debug (const char *level)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
support numeric debug levels.
2009-12-03 19:04:40 +01:00
int numok = (level && digitp (level));
int numlvl = numok? atoi (level) : 0;
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
if (!level)
;
support numeric debug levels.
2009-12-03 19:04:40 +01:00
else if (!strcmp (level, "none") || (numok && numlvl < 1))
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
opt.debug = 0;
support numeric debug levels.
2009-12-03 19:04:40 +01:00
else if (!strcmp (level, "basic") || (numok && numlvl <= 2))
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
opt.debug = DBG_MEMSTAT_VALUE;
support numeric debug levels.
2009-12-03 19:04:40 +01:00
else if (!strcmp (level, "advanced") || (numok && numlvl <= 5))
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
opt.debug = DBG_MEMSTAT_VALUE|DBG_TRUST_VALUE|DBG_EXTPROG_VALUE;
support numeric debug levels.
2009-12-03 19:04:40 +01:00
else if (!strcmp (level, "expert") || (numok && numlvl <= 8))
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
opt.debug = (DBG_MEMSTAT_VALUE|DBG_TRUST_VALUE|DBG_EXTPROG_VALUE
Fix use of DBG_CACHE and DBG_LOOKUP * dirmngr/dirmngr.h (DBG_LOOKUP_VALUE): Change to 8192. * g10/options.h (DBG_LOOKUP_VALUE, DBG_LOOKUP): New. * g10/getkey.c: Use DBG_LOOKUP instead of DBG_CACHE at most places.
2015-04-06 13:27:26 +02:00
|DBG_CACHE_VALUE|DBG_LOOKUP|DBG_FILTER_VALUE|DBG_PACKET_VALUE);
support numeric debug levels.
2009-12-03 19:04:40 +01:00
else if (!strcmp (level, "guru") || numok)
{
opt.debug = ~0;
/* Unless the "guru" string has been used we don't want to allow
hashing debugging. The rationale is that people tend to
select the highest debug value and would then clutter their
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
disk with debug files which may reveal confidential data. */
support numeric debug levels.
2009-12-03 19:04:40 +01:00
if (numok)
opt.debug &= ~(DBG_HASHING_VALUE);
}
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
else
{
gpg: Allow debug flag names for --debug. * g10/gpg.c (opts): Change arg for oDebug to a string. (debug_flags): New; factored out from set_debug. (set_debug): Remove "--debug-level help". Use parse_debug_flag to print the used flags. (main): Use parse_debug_flag for oDebug. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 21:01:10 +02:00
log_error (_("invalid debug-level '%s' given\n"), level);
g10_exit (2);
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
}
gpg: Put extra parens around bit tests. * g10/options.h (DBG_MPI): New. * g10/gpg.c (set_debug): Use macro or extra parens for binary operator. * g10/parse-packet.c (set_packet_list_mode): Use dbg macro. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-07 07:54:38 +02:00
if ((opt.debug & DBG_MEMORY_VALUE))
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
memory_debug_mode = 1;
gpg: Put extra parens around bit tests. * g10/options.h (DBG_MPI): New. * g10/gpg.c (set_debug): Use macro or extra parens for binary operator. * g10/parse-packet.c (set_packet_list_mode): Use dbg macro. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-07 07:54:38 +02:00
if ((opt.debug & DBG_MEMSTAT_VALUE))
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
memory_stat_debug_mode = 1;
gpg: Put extra parens around bit tests. * g10/options.h (DBG_MPI): New. * g10/gpg.c (set_debug): Use macro or extra parens for binary operator. * g10/parse-packet.c (set_packet_list_mode): Use dbg macro. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-07 07:54:38 +02:00
if (DBG_MPI)
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 2);
gpg: Put extra parens around bit tests. * g10/options.h (DBG_MPI): New. * g10/gpg.c (set_debug): Use macro or extra parens for binary operator. * g10/parse-packet.c (set_packet_list_mode): Use dbg macro. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-07 07:54:38 +02:00
if (DBG_CRYPTO)
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
gpg: Put extra parens around bit tests. * g10/options.h (DBG_MPI): New. * g10/gpg.c (set_debug): Use macro or extra parens for binary operator. * g10/parse-packet.c (set_packet_list_mode): Use dbg macro. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-07 07:54:38 +02:00
if ((opt.debug & DBG_IOBUF_VALUE))
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
iobuf_debug_mode = 1;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
support numeric debug levels.
2009-12-03 19:04:40 +01:00
if (opt.debug)
gpg: Allow debug flag names for --debug. * g10/gpg.c (opts): Change arg for oDebug to a string. (debug_flags): New; factored out from set_debug. (set_debug): Remove "--debug-level help". Use parse_debug_flag to print the used flags. (main): Use parse_debug_flag for oDebug. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 21:01:10 +02:00
parse_debug_flag (NULL, &opt.debug, debug_flags);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* We set the screen dimensions for UI purposes. Do not allow screens
smaller than 80x24 for the sake of simplicity. */
static void
set_screen_dimensions(void)
{
#ifndef HAVE_W32_SYSTEM
char *str;
str=getenv("COLUMNS");
if(str)
opt.screen_columns=atoi(str);
str=getenv("LINES");
if(str)
opt.screen_lines=atoi(str);
#endif
if(opt.screen_columns<80 || opt.screen_columns>255)
opt.screen_columns=80;
if(opt.screen_lines<24 || opt.screen_lines>255)
opt.screen_lines=24;
}
/* Helper to open a file FNAME either for reading or writing to be
used with --status-file etc functions. Not generally useful but it
avoids the riscos specific functions and well some Windows people
might like it too. Prints an error message and returns -1 on
Minor fixes.
2008-12-09 09:58:02 +01:00
error. On success the file descriptor is returned. */
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
static int
Minor fixes.
2008-12-09 09:58:02 +01:00
open_info_file (const char *fname, int for_write, int binary)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
#ifdef __riscos__
return riscos_fdopenfile (fname, for_write);
#elif defined (ENABLE_SELINUX_HACKS)
/* We can't allow these even when testing for a secured filename
because files to be secured might not yet been secured. This is
similar to the option file but in that case it is unlikely that
sensitive information may be retrieved by means of error
messages. */
Minor fixes.
2008-12-09 09:58:02 +01:00
(void)fname;
(void)for_write;
(void)binary;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
return -1;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
#else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
int fd;
Minor fixes.
2008-12-09 09:58:02 +01:00
if (binary)
binary = MY_O_BINARY;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* if (is_secured_filename (fname)) */
/* { */
/* fd = -1; */
Use gpg_err_set_errno to assign values to ERRNO.
2010-04-01 15:24:55 +02:00
/* gpg_err_set_errno (EPERM); */
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* } */
/* else */
/* { */
do
{
if (for_write)
Minor fixes.
2008-12-09 09:58:02 +01:00
fd = open (fname, O_CREAT | O_TRUNC | O_WRONLY | binary,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
else
Minor fixes.
2008-12-09 09:58:02 +01:00
fd = open (fname, O_RDONLY | binary);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
while (fd == -1 && errno == EINTR);
/* } */
if ( fd == -1)
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error ( for_write? _("can't create '%s': %s\n")
: _("can't open '%s': %s\n"), fname, strerror(errno));
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
return fd;
#endif
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
static void
set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd )
{
enum cmd_and_opt_values cmd = *ret_cmd;
if( !cmd || cmd == new_cmd )
cmd = new_cmd;
else if( cmd == aSign && new_cmd == aEncr )
cmd = aSignEncr;
else if( cmd == aEncr && new_cmd == aSign )
cmd = aSignEncr;
else if( cmd == aSign && new_cmd == aSym )
cmd = aSignSym;
else if( cmd == aSym && new_cmd == aSign )
cmd = aSignSym;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else if( cmd == aSym && new_cmd == aEncr )
cmd = aEncrSym;
else if( cmd == aEncr && new_cmd == aSym )
cmd = aEncrSym;
else if (cmd == aSignEncr && new_cmd == aSym)
cmd = aSignEncrSym;
else if (cmd == aSignSym && new_cmd == aEncr)
cmd = aSignEncrSym;
else if (cmd == aEncrSym && new_cmd == aSign)
cmd = aSignEncrSym;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if( ( cmd == aSign && new_cmd == aClearsign )
|| ( cmd == aClearsign && new_cmd == aSign ) )
cmd = aClearsign;
else {
log_error(_("conflicting commands\n"));
g10_exit(2);
}
*ret_cmd = cmd;
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
static void
add_group(char *string)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
char *name,*value;
struct groupitem *item;
/* Break off the group name */
name=strsep(&string,"=");
if(string==NULL)
{
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error(_("no = sign found in group definition '%s'\n"),name);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
return;
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
trim_trailing_ws(name,strlen(name));
/* Does this group already exist? */
for(item=opt.grouplist;item;item=item->next)
if(strcasecmp(item->name,name)==0)
break;
if(!item)
{
item=xmalloc(sizeof(struct groupitem));
item->name=name;
item->next=opt.grouplist;
item->values=NULL;
opt.grouplist=item;
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* Break apart the values */
while ((value= strsep(&string," \t")))
{
if (*value)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
add_to_strlist2(&item->values,value,utf8_strings);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
static void
rm_group(char *name)
{
struct groupitem *item,*last=NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
trim_trailing_ws(name,strlen(name));
for(item=opt.grouplist;item;last=item,item=item->next)
{
if(strcasecmp(item->name,name)==0)
{
if(last)
last->next=item->next;
else
opt.grouplist=item->next;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
free_strlist(item->values);
xfree(item);
break;
}
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* We need to check three things.
0) The homedir. It must be x00, a directory, and owned by the
user.
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
1) The options/gpg.conf file. Okay unless it or its containing
directory is group or other writable or not owned by us. Disable
exec in this case.
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
2) Extensions. Same as #1.
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Returns true if the item is unsafe. */
static int
./autogen.sh --build-w32ce does now succeed.
2010-04-14 16:39:16 +02:00
check_permissions (const char *path, int item)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
#if defined(HAVE_STAT) && !defined(HAVE_DOSISH_SYSTEM)
static int homedir_cache=-1;
char *tmppath,*dir;
struct stat statbuf,dirbuf;
int homedir=0,ret=0,checkonly=0;
int perm=0,own=0,enc_dir_perm=0,enc_dir_own=0;
if(opt.no_perm_warn)
return 0;
gpg: Remove all assert.h and s/assert/log_assert/. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-29 11:05:24 +02:00
log_assert(item==0 || item==1 || item==2);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* extensions may attach a path */
if(item==2 && path[0]!=DIRSEP_C)
{
if(strchr(path,DIRSEP_C))
tmppath=make_filename(path,NULL);
else
A whole bunch of changes to allow building for Windows. See the ChangeLogs for details.
2007-06-14 19:05:07 +02:00
tmppath=make_filename(gnupg_libdir (),path,NULL);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
tmppath=xstrdup(path);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* If the item is located in the homedir, but isn't the homedir,
don't continue if we already checked the homedir itself. This is
to avoid user confusion with an extra options file warning which
could be rectified if the homedir itself had proper
permissions. */
if(item!=0 && homedir_cache>-1
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
&& !ascii_strncasecmp (gnupg_homedir (), tmppath,
strlen (gnupg_homedir ())))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
ret=homedir_cache;
goto end;
}
/* It's okay if the file or directory doesn't exist */
if(stat(tmppath,&statbuf)!=0)
{
ret=0;
goto end;
}
/* Now check the enclosing directory. Theoretically, we could walk
this test up to the root directory /, but for the sake of sanity,
I'm stopping at one level down. */
dir=make_dirname(tmppath);
if(stat(dir,&dirbuf)!=0 || !S_ISDIR(dirbuf.st_mode))
{
/* Weird error */
ret=1;
goto end;
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(dir);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* Assume failure */
ret=1;
if(item==0)
{
/* The homedir must be x00, a directory, and owned by the user. */
if(S_ISDIR(statbuf.st_mode))
{
if(statbuf.st_uid==getuid())
{
if((statbuf.st_mode & (S_IRWXG|S_IRWXO))==0)
ret=0;
else
perm=1;
}
else
own=1;
homedir_cache=ret;
}
}
else if(item==1 || item==2)
{
/* The options or extension file. Okay unless it or its
containing directory is group or other writable or not owned
by us or root. */
if(S_ISREG(statbuf.st_mode))
{
if(statbuf.st_uid==getuid() || statbuf.st_uid==0)
{
if((statbuf.st_mode & (S_IWGRP|S_IWOTH))==0)
{
/* it's not writable, so make sure the enclosing
directory is also not writable */
if(dirbuf.st_uid==getuid() || dirbuf.st_uid==0)
{
if((dirbuf.st_mode & (S_IWGRP|S_IWOTH))==0)
ret=0;
else
enc_dir_perm=1;
}
else
enc_dir_own=1;
}
else
{
/* it's writable, so the enclosing directory had
better not let people get to it. */
if(dirbuf.st_uid==getuid() || dirbuf.st_uid==0)
{
if((dirbuf.st_mode & (S_IRWXG|S_IRWXO))==0)
ret=0;
else
perm=enc_dir_perm=1; /* unclear which one to fix! */
}
else
enc_dir_own=1;
}
}
else
own=1;
}
}
else
BUG();
if(!checkonly)
{
if(own)
{
if(item==0)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe ownership on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" homedir '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if(item==1)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe ownership on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" configuration file '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe ownership on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" extension '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
if(perm)
{
if(item==0)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe permissions on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" homedir '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if(item==1)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe permissions on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" configuration file '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe permissions on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" extension '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
if(enc_dir_own)
{
if(item==0)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe enclosing directory ownership on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" homedir '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if(item==1)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe enclosing directory ownership on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" configuration file '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe enclosing directory ownership on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" extension '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
if(enc_dir_perm)
{
if(item==0)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe enclosing directory permissions on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" homedir '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if(item==1)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe enclosing directory permissions on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" configuration file '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info(_("WARNING: unsafe enclosing directory permissions on"
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
" extension '%s'\n"),tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
end:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(tmppath);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if(homedir)
homedir_cache=ret;
return ret;
./autogen.sh --build-w32ce does now succeed.
2010-04-14 16:39:16 +02:00
#else /*!(HAVE_STAT && !HAVE_DOSISH_SYSTEM)*/
(void)path;
(void)item;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
return 0;
./autogen.sh --build-w32ce does now succeed.
2010-04-14 16:39:16 +02:00
#endif /*!(HAVE_STAT && !HAVE_DOSISH_SYSTEM)*/
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
/* Print the OpenPGP defined algo numbers. */
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
static void
print_algo_numbers(int (*checker)(int))
{
int i,first=1;
for(i=0;i<=110;i++)
{
if(!checker(i))
{
if(first)
first=0;
else
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf (";");
es_printf ("%d",i);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
}
}
Support DSA2. Support Camellia for testing. More audit stuff.
2007-12-12 11:28:30 +01:00
static void
print_algo_names(int (*checker)(int),const char *(*mapper)(int))
{
int i,first=1;
for(i=0;i<=110;i++)
{
if(!checker(i))
{
if(first)
first=0;
else
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf (";");
es_printf ("%s",mapper(i));
Support DSA2. Support Camellia for testing. More audit stuff.
2007-12-12 11:28:30 +01:00
}
}
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* In the future, we can do all sorts of interesting configuration
output here. For now, just give "group" as the Enigmail folks need
it, and pubkey, cipher, hash, and compress as they may be useful
for frontends. */
static void
list_config(char *items)
{
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
int show_all = !items;
char *name = NULL;
const char *s;
struct groupitem *giter;
int first, iter;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(!opt.with_colons)
return;
while(show_all || (name=strsep(&items," ")))
{
int any=0;
if(show_all || ascii_strcasecmp(name,"group")==0)
{
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
for (giter = opt.grouplist; giter; giter = giter->next)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
Fix for bug 537
2006-10-02 13:54:35 +02:00
strlist_t sl;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
es_fprintf (es_stdout, "cfg:group:");
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
es_write_sanitized (es_stdout, giter->name, strlen(giter->name),
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
":", NULL);
es_putc (':', es_stdout);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
for(sl=giter->values; sl; sl=sl->next)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
gpg: Fix buffering problem in --list-config. * g10/gpg.c (list_config): Replace print_sanitized_string2 by es_write_sanitized. * common/stringhelp.c (print_sanitized_buffer2): Remove. (print_sanitized_buffer, print_sanitized_utf8_buffer): Remove. (print_sanitized_utf8_buffer, print_sanitized_utf8_string): Remove. (print_sanitized_string): Remove. * sm/certdump.c (print_dn_part, print_dn_parts): Remove arg FP. (pretty_print_sexp, gpgsm_print_name2, gpgsm_print_name): Remove. -- Mixing stdio and estream is never a good idea. This fix also allows us to remove a lot of garbage. Reported-by: Jason A. Donenfeld <Jason@zx2c4.com> GnuPG-bug-id: 1822 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-28 20:12:21 +01:00
es_write_sanitized (es_stdout, sl->d, strlen (sl->d),
":;", NULL);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(sl->next)
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf(";");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf("\n");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
any=1;
}
if(show_all || ascii_strcasecmp(name,"version")==0)
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf("cfg:version:");
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
es_write_sanitized (es_stdout, VERSION, strlen(VERSION), ":", NULL);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
any=1;
}
if(show_all || ascii_strcasecmp(name,"pubkey")==0)
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("cfg:pubkey:");
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
print_algo_numbers (build_list_pk_test_algo);
es_printf ("\n");
any=1;
}
if(show_all || ascii_strcasecmp(name,"pubkeyname")==0)
{
es_printf ("cfg:pubkeyname:");
print_algo_names (build_list_pk_test_algo,
build_list_pk_algo_name);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
any=1;
}
if(show_all || ascii_strcasecmp(name,"cipher")==0)
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("cfg:cipher:");
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
print_algo_numbers (build_list_cipher_test_algo);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
any=1;
}
Support DSA2. Support Camellia for testing. More audit stuff.
2007-12-12 11:28:30 +01:00
if (show_all || !ascii_strcasecmp (name,"ciphername"))
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("cfg:ciphername:");
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
print_algo_names (build_list_cipher_test_algo,
build_list_cipher_algo_name);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n");
Support DSA2. Support Camellia for testing. More audit stuff.
2007-12-12 11:28:30 +01:00
any = 1;
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(show_all
|| ascii_strcasecmp(name,"digest")==0
|| ascii_strcasecmp(name,"hash")==0)
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("cfg:digest:");
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
print_algo_numbers (build_list_md_test_algo);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
any=1;
}
Support DSA2. Support Camellia for testing. More audit stuff.
2007-12-12 11:28:30 +01:00
if (show_all
|| !ascii_strcasecmp(name,"digestname")
|| !ascii_strcasecmp(name,"hashname"))
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("cfg:digestname:");
gpg: Improve --version algo info output. * g10/misc.c (openpgp_pk_algo_name): Return a different string for each ECC algorithm. * g10/gpg.c (build_list_pk_test_algo): New wrapper to cope with the different algo type enums. (build_list_pk_algo_name): Ditto. (build_list_cipher_test_algo): Ditto. (build_list_cipher_algo_name): Ditto. (build_list_md_test_algo): Ditto. (build_list_md_algo_name): Ditto. (my_strusage): Use them. (list_config): Ditto. Add "pubkeyname". (build_list): Add letter==1 hack.
2014-01-31 15:55:04 +01:00
print_algo_names (build_list_md_test_algo,
build_list_md_algo_name);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n");
Support DSA2. Support Camellia for testing. More audit stuff.
2007-12-12 11:28:30 +01:00
any=1;
}
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(show_all || ascii_strcasecmp(name,"compress")==0)
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("cfg:compress:");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
print_algo_numbers(check_compress_algo);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
any=1;
}
g10: List compression algorithms using human-readable names. * g10/gpg.c (list_config): List all enabled compression algorithms under the key 'compressname'. Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-09 11:46:49 +01:00
if(show_all || ascii_strcasecmp (name, "compressname") == 0)
{
es_printf ("cfg:compressname:");
print_algo_names (check_compress_algo,
compress_algo_to_string);
es_printf ("\n");
any=1;
}
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
if (show_all || !ascii_strcasecmp(name,"ccid-reader-id"))
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
/* We ignore this for GnuPG 1.4 backward compatibility. */
any=1;
}
With --enable-gpg the keyservers are now build and a first test using gpg2 shows no prblems. Needs more testing of course.
2006-08-16 12:47:53 +02:00
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
if (show_all || !ascii_strcasecmp (name,"curve"))
{
es_printf ("cfg:curve:");
for (iter=0, first=1; (s = openpgp_enum_curves (&iter)); first=0)
es_printf ("%s%s", first?"":";", s);
es_printf ("\n");
any=1;
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
/* Curve OIDs are rarely useful and thus only printed if requested. */
if (name && !ascii_strcasecmp (name,"curveoid"))
{
es_printf ("cfg:curveoid:");
for (iter=0, first=1; (s = openpgp_enum_curves (&iter)); first = 0)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
s = openpgp_curve_to_oid (s, NULL);
es_printf ("%s%s", first?"":";", s? s:"[?]");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
es_printf ("\n");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
any=1;
}
if(show_all)
break;
if(!any)
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error(_("unknown configuration item '%s'\n"),name);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
}
/* List options and default values in the GPG Conf format. This is a
new tool distributed with gnupg 1.9.x but we also want some limited
support in older gpg versions. The output is the name of the
configuration file and a list of options available for editing by
gpgconf. */
static void
gpgconf_list (const char *configfile)
{
Made percent_escape more general. Added regression tests support to jnlib. W32 changes.
2007-06-19 11:11:11 +02:00
char *configfile_esc = percent_escape (configfile, NULL);
jnlib/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * stringhelp.h (percent_escape): New prototype. * stringhelp.c (percent_escape): New function. agent/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpg-agent.c (main): Percent escape pathname in --gpgconf-list output. g10/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpg.c (gpgconf_list): Percent escape output of --gpgconf-list. scdaemon/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * scdaemon.c (main): Percent escape output of --gpgconf-list. sm/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpgsm.c (main): Percent escape output of --gpgconf-list.
2007-06-18 22:15:01 +02:00
Make more use of *_NAME macros. * configure.ac (GPG_DISP_NAME, GPGSM_DISP_NAME): New. (GPG_AGENT_DISP_NAME, SCDAEMON_DISP_NAME): New. (DIRMNGR_DISP_NAME, G13_DISP_NAME): New. (GPGCONF_DISP_NAME): New. (SCDAEMON_SOCK_NAME): New. * common/argparse.c (show_help): Map description string.
2014-05-07 18:18:27 +02:00
es_printf ("%s-%s.conf:%lu:\"%s\n",
GPGCONF_NAME, GPG_NAME,
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
GC_OPT_FLAG_DEFAULT,
configfile_esc ? configfile_esc : "/dev/null");
es_printf ("verbose:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("quiet:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("keyserver:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("reader-port:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("default-key:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE);
More agent support for gpg.
2010-10-13 17:57:08 +02:00
es_printf ("try-secret-key:%lu:\n", GC_OPT_FLAG_NONE);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE);
gpg,tools: Make auto-key-retrieve configurable via gpgconf. * g10/gpg.c (gpgconf_list): Add 'auto-key-retrieve'. * tools/gpgconf-comp.c (gc_options_gpg): Likewise. GnuPG-bug-id: 2381 Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-28 14:59:11 +01:00
es_printf ("auto-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE);
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
es_printf ("group:%lu:\n", GC_OPT_FLAG_NONE);
gpg,sm: A few more option for --gpgconf-list. * g10/gpg.c (gpgconf_list): Add --compliance and --default-new-key-algo. (parse_compliance_option): * sm/gpgsm.c (main) <gpgconf-list>: Add --enable-crl-checks. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-16 16:02:02 +01:00
es_printf ("compliance:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, "gnupg");
es_printf ("default-new-key-algo:%lu:\n", GC_OPT_FLAG_NONE);
gpg,tools: Make trust-model configurable via gpgconf. * g10/gpg.c (gpgconf_list): Add 'trust-model'. * tools/gpgconf-comp.c (gc_options_gpg): Likewise. GnuPG-bug-id: 2381 Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-28 13:15:42 +01:00
es_printf ("trust-model:%lu:\n", GC_OPT_FLAG_NONE);
jnlib/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * stringhelp.h (percent_escape): New prototype. * stringhelp.c (percent_escape): New function. agent/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpg-agent.c (main): Percent escape pathname in --gpgconf-list output. g10/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpg.c (gpgconf_list): Percent escape output of --gpgconf-list. scdaemon/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * scdaemon.c (main): Percent escape output of --gpgconf-list. sm/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpgsm.c (main): Percent escape output of --gpgconf-list.
2007-06-18 22:15:01 +02:00
allow for default algorithms in a gpg parameter file
2009-12-04 20:47:54 +01:00
/* The next one is an info only item and should match the macros at
the top of keygen.c */
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT,
gpg: Do not use a fixed string for --gpgconf-list:default_pubkey_algo. * g10/keygen.c (get_default_pubkey_algo): New. (parse_key_parameter_string): Use it. * g10/gpg.c (gpgconf_list): Take value from new function. -- Note that consumers of that gpgconf-list value may need to be adjusted to that new value. It should anyway only be used to display the default algorithm. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-12 10:50:21 +01:00
get_default_pubkey_algo ());
Add gpgconf related dummy options default_pubkey_algo. Add option --skip-hidden-recipients Comment updates.
2009-11-23 20:18:04 +01:00
jnlib/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * stringhelp.h (percent_escape): New prototype. * stringhelp.c (percent_escape): New function. agent/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpg-agent.c (main): Percent escape pathname in --gpgconf-list output. g10/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpg.c (gpgconf_list): Percent escape output of --gpgconf-list. scdaemon/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * scdaemon.c (main): Percent escape output of --gpgconf-list. sm/ 2007-06-18 Marcus Brinkmann <marcus@g10code.de> * gpgsm.c (main): Percent escape output of --gpgconf-list.
2007-06-18 22:15:01 +02:00
xfree (configfile_esc);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
static int
parse_subpacket_list(char *list)
{
char *tok;
byte subpackets[128],i;
int count=0;
if(!list)
{
/* No arguments means all subpackets */
memset(subpackets+1,1,sizeof(subpackets)-1);
count=127;
}
else
{
memset(subpackets,0,sizeof(subpackets));
/* Merge with earlier copy */
if(opt.show_subpackets)
{
byte *in;
for(in=opt.show_subpackets;*in;in++)
{
if(*in>127 || *in<1)
BUG();
if(!subpackets[*in])
count++;
subpackets[*in]=1;
}
}
while((tok=strsep(&list," ,")))
{
if(!*tok)
continue;
i=atoi(tok);
if(i>127 || i<1)
return 0;
if(!subpackets[i])
count++;
subpackets[i]=1;
}
}
xfree(opt.show_subpackets);
opt.show_subpackets=xmalloc(count+1);
opt.show_subpackets[count--]=0;
for(i=1;i<128 && count>=0;i++)
if(subpackets[i])
opt.show_subpackets[count--]=i;
return 1;
}
static int
parse_list_options(char *str)
{
char *subpackets=""; /* something that isn't NULL */
struct parse_options lopts[]=
{
{"show-photos",LIST_SHOW_PHOTOS,NULL,
N_("display photo IDs during key listings")},
gpg: Add list-option "show-usage". * g10/gpg.c (parse_list_options): Add "show-usage". * g10/options.h (LIST_SHOW_USAGE): New. * g10/keyid.c (usagestr_from_pk): Add arg FILL. Change caller. * g10/keylist.c (list_keyblock_print): Print usage info.
2014-08-12 10:36:30 +02:00
{"show-usage",LIST_SHOW_USAGE,NULL,
N_("show key usage information during key listings")},
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{"show-policy-urls",LIST_SHOW_POLICY_URLS,NULL,
N_("show policy URLs during signature listings")},
{"show-notations",LIST_SHOW_NOTATIONS,NULL,
N_("show all notations during signature listings")},
{"show-std-notations",LIST_SHOW_STD_NOTATIONS,NULL,
N_("show IETF standard notations during signature listings")},
{"show-standard-notations",LIST_SHOW_STD_NOTATIONS,NULL,
NULL},
{"show-user-notations",LIST_SHOW_USER_NOTATIONS,NULL,
N_("show user-supplied notations during signature listings")},
{"show-keyserver-urls",LIST_SHOW_KEYSERVER_URLS,NULL,
N_("show preferred keyserver URLs during signature listings")},
{"show-uid-validity",LIST_SHOW_UID_VALIDITY,NULL,
N_("show user ID validity during key listings")},
{"show-unusable-uids",LIST_SHOW_UNUSABLE_UIDS,NULL,
N_("show revoked and expired user IDs in key listings")},
{"show-unusable-subkeys",LIST_SHOW_UNUSABLE_SUBKEYS,NULL,
N_("show revoked and expired subkeys in key listings")},
{"show-keyring",LIST_SHOW_KEYRING,NULL,
N_("show the keyring name in key listings")},
{"show-sig-expire",LIST_SHOW_SIG_EXPIRE,NULL,
N_("show expiration dates during signature listings")},
{"show-sig-subpackets",LIST_SHOW_SIG_SUBPACKETS,NULL,
NULL},
{NULL,0,NULL,NULL}
};
/* C99 allows for non-constant initializers, but we'd like to
compile everywhere, so fill in the show-sig-subpackets argument
here. Note that if the parse_options array changes, we'll have
to change the subscript here. */
gpg: Make show-sig-subpackets work again. * g10/gpg.c (parse_list_options): Fix offset for subpackets. -- Regression-due-to: 7d0492075ea638607309b3ea6a792b0e95ea7d98 GnuPG-bug-id: 2008 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-30 11:01:16 +02:00
lopts[13].value=&subpackets;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(parse_options(str,&opt.list_options,lopts,1))
{
if(opt.list_options&LIST_SHOW_SIG_SUBPACKETS)
{
/* Unset so users can pass multiple lists in. */
opt.list_options&=~LIST_SHOW_SIG_SUBPACKETS;
if(!parse_subpacket_list(subpackets))
return 0;
}
else if(subpackets==NULL && opt.show_subpackets)
{
/* User did 'no-show-subpackets' */
xfree(opt.show_subpackets);
opt.show_subpackets=NULL;
}
return 1;
}
else
return 0;
}
/* Collapses argc/argv into a single string that must be freed */
static char *
collapse_args(int argc,char *argv[])
{
char *str=NULL;
int i,first=1,len=0;
for(i=0;i<argc;i++)
{
len+=strlen(argv[i])+2;
str=xrealloc(str,len);
if(first)
{
str[0]='\0';
first=0;
}
else
strcat(str," ");
strcat(str,argv[i]);
}
return str;
}
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
static void
parse_trust_model(const char *model)
{
if(ascii_strcasecmp(model,"pgp")==0)
opt.trust_model=TM_PGP;
else if(ascii_strcasecmp(model,"classic")==0)
opt.trust_model=TM_CLASSIC;
else if(ascii_strcasecmp(model,"always")==0)
opt.trust_model=TM_ALWAYS;
else if(ascii_strcasecmp(model,"direct")==0)
opt.trust_model=TM_DIRECT;
build: Allow building without SQLlite support. * configure.ac: Add option --dsiable-tofu and --disable-sqlite. (NEED_SQLITE_VERSION): New var. (USE_TOFU): New ac_define and am_conditional. * autogen.sh (build-w32): Add PKG_CONFIG_LIBDIR to configure so that pkg-config find the correct .pc file. * g10/Makefile.am (tofu_source): New. Build only if enabled. * g10/gpg.c (parse_trust_model)[!USE_TOFU]: Disable tofu models. (parse_tofu_policy)[!USE_TOFU]: Disable all. (parse_tofu_db_format)[!USE_TOFU]: Disable all. (main) <aTOFUPolicy>[!USE_TOFU]: Skip. * g10/keyedit.c (show_key_with_all_names_colon)[!USE_TOFU]: Do not call tofu functions. * g10/keylist.c (list_keyblock_colon)[!USE_TOFU]: Ditto. * g10/trustdb.c (tdb_get_validity_core)[!USE_TOFU]: Skip tofu processing. -- This allows to build a minimal version of GnuPG. It is also currently required to build for Windows. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-20 17:32:23 +02:00
#ifdef USE_TOFU
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
else if(ascii_strcasecmp(model,"tofu")==0)
opt.trust_model=TM_TOFU;
else if(ascii_strcasecmp(model,"tofu+pgp")==0)
opt.trust_model=TM_TOFU_PGP;
build: Allow building without SQLlite support. * configure.ac: Add option --dsiable-tofu and --disable-sqlite. (NEED_SQLITE_VERSION): New var. (USE_TOFU): New ac_define and am_conditional. * autogen.sh (build-w32): Add PKG_CONFIG_LIBDIR to configure so that pkg-config find the correct .pc file. * g10/Makefile.am (tofu_source): New. Build only if enabled. * g10/gpg.c (parse_trust_model)[!USE_TOFU]: Disable tofu models. (parse_tofu_policy)[!USE_TOFU]: Disable all. (parse_tofu_db_format)[!USE_TOFU]: Disable all. (main) <aTOFUPolicy>[!USE_TOFU]: Skip. * g10/keyedit.c (show_key_with_all_names_colon)[!USE_TOFU]: Do not call tofu functions. * g10/keylist.c (list_keyblock_colon)[!USE_TOFU]: Ditto. * g10/trustdb.c (tdb_get_validity_core)[!USE_TOFU]: Skip tofu processing. -- This allows to build a minimal version of GnuPG. It is also currently required to build for Windows. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-20 17:32:23 +02:00
#endif /*USE_TOFU*/
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else if(ascii_strcasecmp(model,"auto")==0)
opt.trust_model=TM_AUTO;
else
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error("unknown trust model '%s'\n",model);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif /*NO_TRUST_MODELS*/
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gpg: Allow "help" as value for --tofu-policy. * g10/gpg.c (parse_tofu_policy): Add keyword "help". (parse_tofu_db_format): Ditto. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 16:19:35 +01:00
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
static int
gpg: Allow "help" as value for --tofu-policy. * g10/gpg.c (parse_tofu_policy): Add keyword "help". (parse_tofu_db_format): Ditto. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 16:19:35 +01:00
parse_tofu_policy (const char *policystr)
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
{
build: Allow building without SQLlite support. * configure.ac: Add option --dsiable-tofu and --disable-sqlite. (NEED_SQLITE_VERSION): New var. (USE_TOFU): New ac_define and am_conditional. * autogen.sh (build-w32): Add PKG_CONFIG_LIBDIR to configure so that pkg-config find the correct .pc file. * g10/Makefile.am (tofu_source): New. Build only if enabled. * g10/gpg.c (parse_trust_model)[!USE_TOFU]: Disable tofu models. (parse_tofu_policy)[!USE_TOFU]: Disable all. (parse_tofu_db_format)[!USE_TOFU]: Disable all. (main) <aTOFUPolicy>[!USE_TOFU]: Skip. * g10/keyedit.c (show_key_with_all_names_colon)[!USE_TOFU]: Do not call tofu functions. * g10/keylist.c (list_keyblock_colon)[!USE_TOFU]: Ditto. * g10/trustdb.c (tdb_get_validity_core)[!USE_TOFU]: Skip tofu processing. -- This allows to build a minimal version of GnuPG. It is also currently required to build for Windows. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-20 17:32:23 +02:00
#ifdef USE_TOFU
gpg: Allow "help" as value for --tofu-policy. * g10/gpg.c (parse_tofu_policy): Add keyword "help". (parse_tofu_db_format): Ditto. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 16:19:35 +01:00
struct { const char *keyword; int policy; } list[] = {
{ "auto", TOFU_POLICY_AUTO },
{ "good", TOFU_POLICY_GOOD },
{ "unknown", TOFU_POLICY_UNKNOWN },
{ "bad", TOFU_POLICY_BAD },
{ "ask", TOFU_POLICY_ASK }
};
int i;
if (!ascii_strcasecmp (policystr, "help"))
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
{
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
log_info (_("valid values for option '%s':\n"), "--tofu-policy");
gpg: Allow "help" as value for --tofu-policy. * g10/gpg.c (parse_tofu_policy): Add keyword "help". (parse_tofu_db_format): Ditto. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 16:19:35 +01:00
for (i=0; i < DIM (list); i++)
log_info (" %s\n", list[i].keyword);
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
g10_exit (1);
}
gpg: Allow "help" as value for --tofu-policy. * g10/gpg.c (parse_tofu_policy): Add keyword "help". (parse_tofu_db_format): Ditto. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 16:19:35 +01:00
for (i=0; i < DIM (list); i++)
if (!ascii_strcasecmp (policystr, list[i].keyword))
return list[i].policy;
#endif /*USE_TOFU*/
log_error (_("unknown TOFU policy '%s'\n"), policystr);
if (!opt.quiet)
log_info (_("(use \"help\" to list choices)\n"));
g10_exit (1);
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
}
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
/* Parse the value of --compliance. */
static int
parse_compliance_option (const char *string)
{
struct { const char *keyword; enum cmd_and_opt_values option; } list[] = {
{ "gnupg", oGnuPG },
{ "openpgp", oOpenPGP },
{ "rfc4880bis", oRFC4880bis },
{ "rfc4880", oRFC4880 },
{ "rfc2440", oRFC2440 },
{ "pgp6", oPGP6 },
{ "pgp7", oPGP7 },
gpg: Add new compliance mode "de-vs". * g10/options.h (CO_DE_VS): New. (GNUPG): Also allow CO_DE_VS. * g10/gpg.c (oDE_VS): New. (parse_compliance_option): Add "de-vs". (set_compliance_option): Set "de-vs". * g10/misc.c (compliance_option_string): Return a description string. (compliance_failure): Ditto. * g10/keygen.c (ask_algo): Take care of CO_DE_VS. (get_keysize_range): Ditto. (ask_curve): Add new field to CURVES and trun flags into bit flags. Allow only Brainpool curves in CO_DE_VS mode. -- As of now this compliance mode only restricts the set of algorithms and curves which can be created. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 17:50:03 +01:00
{ "pgp8", oPGP8 },
{ "de-vs", oDE_VS }
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
};
int i;
if (!ascii_strcasecmp (string, "help"))
{
log_info (_("valid values for option '%s':\n"), "--compliance");
for (i=0; i < DIM (list); i++)
log_info (" %s\n", list[i].keyword);
g10_exit (1);
}
for (i=0; i < DIM (list); i++)
if (!ascii_strcasecmp (string, list[i].keyword))
return list[i].option;
log_error (_("invalid value for option '%s'\n"), "--compliance");
if (!opt.quiet)
log_info (_("(use \"help\" to list choices)\n"));
g10_exit (1);
}
Spelling fixes in docs and comments. -- In addition, fix trailing spaces in tests/inittests. GnuPG-bug-id: 3121 Reported-by: ka7 (klemens) Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-28 03:06:33 +02:00
/* Helper to set compliance related options. This is a separate
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
* function so that it can also be used by the --compliance option
* parser. */
static void
set_compliance_option (enum cmd_and_opt_values option)
{
switch (option)
{
case oRFC4880bis:
opt.flags.rfc4880bis = 1;
/* fall through. */
case oOpenPGP:
case oRFC4880:
/* This is effectively the same as RFC2440, but with
"--enable-dsa2 --no-rfc2440-text --escape-from-lines
--require-cross-certification". */
opt.compliance = CO_RFC4880;
opt.flags.dsa2 = 1;
opt.flags.require_cross_cert = 1;
opt.rfc2440_text = 0;
opt.allow_non_selfsigned_uid = 1;
opt.allow_freeform_uid = 1;
opt.escape_from = 1;
opt.not_dash_escaped = 0;
opt.def_cipher_algo = 0;
opt.def_digest_algo = 0;
opt.cert_digest_algo = 0;
opt.compress_algo = -1;
opt.s2k_mode = 3; /* iterated+salted */
opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
break;
case oRFC2440:
opt.compliance = CO_RFC2440;
opt.flags.dsa2 = 0;
opt.rfc2440_text = 1;
opt.allow_non_selfsigned_uid = 1;
opt.allow_freeform_uid = 1;
opt.escape_from = 0;
opt.not_dash_escaped = 0;
opt.def_cipher_algo = 0;
opt.def_digest_algo = 0;
opt.cert_digest_algo = 0;
opt.compress_algo = -1;
opt.s2k_mode = 3; /* iterated+salted */
opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
break;
case oPGP6: opt.compliance = CO_PGP6; break;
case oPGP7: opt.compliance = CO_PGP7; break;
case oPGP8: opt.compliance = CO_PGP8; break;
case oGnuPG: opt.compliance = CO_GNUPG; break;
gpg: Add new compliance mode "de-vs". * g10/options.h (CO_DE_VS): New. (GNUPG): Also allow CO_DE_VS. * g10/gpg.c (oDE_VS): New. (parse_compliance_option): Add "de-vs". (set_compliance_option): Set "de-vs". * g10/misc.c (compliance_option_string): Return a description string. (compliance_failure): Ditto. * g10/keygen.c (ask_algo): Take care of CO_DE_VS. (get_keysize_range): Ditto. (ask_curve): Add new field to CURVES and trun flags into bit flags. Allow only Brainpool curves in CO_DE_VS mode. -- As of now this compliance mode only restricts the set of algorithms and curves which can be created. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 17:50:03 +01:00
case oDE_VS:
set_compliance_option (oOpenPGP);
opt.compliance = CO_DE_VS;
/* Fixme: Change other options. */
break;
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
default:
BUG ();
}
}
Fix typos found using codespell. * agent/cache.c: Fix typos. * agent/call-pinentry.c: Likewise. * agent/call-scd.c: Likewise. * agent/command-ssh.c: Likewise. * agent/command.c: Likewise. * agent/divert-scd.c: Likewise. * agent/findkey.c: Likewise. * agent/gpg-agent.c: Likewise. * agent/w32main.c: Likewise. * common/argparse.c: Likewise. * common/audit.c: Likewise. * common/audit.h: Likewise. * common/convert.c: Likewise. * common/dotlock.c: Likewise. * common/exechelp-posix.c: Likewise. * common/exechelp-w32.c: Likewise. * common/exechelp-w32ce.c: Likewise. * common/exechelp.h: Likewise. * common/helpfile.c: Likewise. * common/i18n.h: Likewise. * common/iobuf.c: Likewise. * common/iobuf.h: Likewise. * common/localename.c: Likewise. * common/logging.c: Likewise. * common/openpgp-oid.c: Likewise. * common/session-env.c: Likewise. * common/sexputil.c: Likewise. * common/sysutils.c: Likewise. * common/t-sexputil.c: Likewise. * common/ttyio.c: Likewise. * common/util.h: Likewise. * dirmngr/cdblib.c: Likewise. * dirmngr/certcache.c: Likewise. * dirmngr/crlcache.c: Likewise. * dirmngr/dirmngr-client.c: Likewise. * dirmngr/dirmngr.c: Likewise. * dirmngr/dirmngr_ldap.c: Likewise. * dirmngr/dns-stuff.c: Likewise. * dirmngr/http.c: Likewise. * dirmngr/ks-engine-hkp.c: Likewise. * dirmngr/ks-engine-ldap.c: Likewise. * dirmngr/ldap-wrapper.c: Likewise. * dirmngr/ldap.c: Likewise. * dirmngr/misc.c: Likewise. * dirmngr/ocsp.c: Likewise. * dirmngr/validate.c: Likewise. * g10/encrypt.c: Likewise. * g10/getkey.c: Likewise. * g10/gpg.c: Likewise. * g10/gpgv.c: Likewise. * g10/import.c: Likewise. * g10/keydb.c: Likewise. * g10/keydb.h: Likewise. * g10/keygen.c: Likewise. * g10/keyid.c: Likewise. * g10/keylist.c: Likewise. * g10/keyring.c: Likewise. * g10/mainproc.c: Likewise. * g10/misc.c: Likewise. * g10/options.h: Likewise. * g10/packet.h: Likewise. * g10/parse-packet.c: Likewise. * g10/pkclist.c: Likewise. * g10/pkglue.c: Likewise. * g10/plaintext.c: Likewise. * g10/server.c: Likewise. * g10/sig-check.c: Likewise. * g10/sqlite.c: Likewise. * g10/tdbio.c: Likewise. * g10/test-stubs.c: Likewise. * g10/tofu.c: Likewise. * g10/trust.c: Likewise. * g10/trustdb.c: Likewise. * g13/create.c: Likewise. * g13/mountinfo.c: Likewise. * kbx/keybox-blob.c: Likewise. * kbx/keybox-file.c: Likewise. * kbx/keybox-init.c: Likewise. * kbx/keybox-search-desc.h: Likewise. * kbx/keybox-search.c: Likewise. * kbx/keybox-update.c: Likewise. * scd/apdu.c: Likewise. * scd/app-openpgp.c: Likewise. * scd/app-p15.c: Likewise. * scd/app.c: Likewise. * scd/ccid-driver.c: Likewise. * scd/command.c: Likewise. * scd/iso7816.c: Likewise. * sm/base64.c: Likewise. * sm/call-agent.c: Likewise. * sm/call-dirmngr.c: Likewise. * sm/certchain.c: Likewise. * sm/gpgsm.c: Likewise. * sm/import.c: Likewise. * sm/keydb.c: Likewise. * sm/minip12.c: Likewise. * sm/qualified.c: Likewise. * sm/server.c: Likewise. * tools/gpg-check-pattern.c: Likewise. * tools/gpgconf-comp.c: Likewise. * tools/gpgkey2ssh.c: Likewise. * tools/gpgparsemail.c: Likewise. * tools/gpgtar.c: Likewise. * tools/rfc822parse.c: Likewise. * tools/symcryptrun.c: Likewise. Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-16 12:41:46 +01:00
/* This function called to initialized a new control object. It is
Started to code a --server mode. It is far from being ready!
2006-12-21 20:40:00 +01:00
assumed that this object has been zeroed out before calling this
function. */
static void
gpg_init_default_ctrl (ctrl_t ctrl)
{
gpg: Assert that an opaque parameter is really what we expect. * g10/gpg.h (SERVER_CONTROL_MAGIC): New const. (server_control_s): Add field 'magic'. * g10/gpg.c (gpg_init_default_ctrl): Init MAGIC. * g10/import.c (impex_filter_getval): Assert MAGIC. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:06:54 +02:00
ctrl->magic = SERVER_CONTROL_MAGIC;
Started to code a --server mode. It is far from being ready!
2006-12-21 20:40:00 +01:00
}
/* This function is called to deinitialize a control object. It is
not deallocated. */
static void
gpg_deinit_default_ctrl (ctrl_t ctrl)
{
gpg, w32: Fix build regression. -- Fixes-commit: 754b1c463034a634a678d8efc76c27fd46aad9b9
2016-05-24 13:01:27 +02:00
#ifdef USE_TOFU
gpg: Store the Tofu meta handle for databases in CTRL. * g10/gpg.h (struct tofu_dbs_s, tofu_dbs_t): New declarations. (struct server_control_s): Add field tofu.dbs. * g10/tofu.c (struct dbs): Rename to tofu_dbs_s. Replace all users by by tofu_dbs_t. (opendbs): Add arg CTRL. Cache the DBS in CTRL. (closedbs): Rename to tofu_closedbs and make global. Add arg CTRL. (tofu_register): Add arg CTRL. Change all callers. Do not call closedbs. (tofu_get_validity): Ditto. (tofu_set_policy): Ditto. (tofu_get_policy): Ditto. (tofu_set_policy_by_keyid): Add arg CTRL. * g10/gpg.c (gpg_deinit_default_ctrl): Call tofu_closedbs. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 12:26:44 +02:00
tofu_closedbs (ctrl);
gpg, w32: Fix build regression. -- Fixes-commit: 754b1c463034a634a678d8efc76c27fd46aad9b9
2016-05-24 13:01:27 +02:00
#endif
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
gpg_dirmngr_deinit_session_data (ctrl);
gpg: Avoid multiple open calls to the keybox file. * g10/keydb.h (KEYDB_HANDLE): Move typedef to ... * g10/gpg.h: here. (struct server_control_s): Add field 'cached_getkey_kdb'. * g10/gpg.c (gpg_deinit_default_ctrl): Release that keydb handle. * g10/getkey.c (getkey_end): Cache keydb handle. (get_pubkey): Use cached keydb handle. * kbx/keybox-search.c (keybox_search_reset): Use lseek instead of closing the file. -- Before this patch a "gpg --check-sigs" opened and closed the keybox file for almost every signature check. By caching the keydb handle and using lseek(2) this can be limited to just 2 times. This might speed up things on Windows. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:44:05 +02:00
keydb_release (ctrl->cached_getkey_kdb);
Started to code a --server mode. It is far from being ready!
2006-12-21 20:40:00 +01:00
}
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
char *
get_default_configname (void)
{
char *configname = NULL;
Make use of the *_NAME etc macros. Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt.
2013-11-18 14:09:47 +01:00
char *name = xstrdup (GPG_NAME EXTSEP_S "conf-" SAFE_VERSION);
char *ver = &name[strlen (GPG_NAME EXTSEP_S "conf-")];
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
do
{
if (configname)
{
char *tok;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
xfree (configname);
configname = NULL;
if ((tok = strrchr (ver, SAFE_VERSION_DASH)))
*tok='\0';
else if ((tok = strrchr (ver, SAFE_VERSION_DOT)))
*tok='\0';
else
break;
}
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
configname = make_filename (gnupg_homedir (), name, NULL);
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
}
while (access (configname, R_OK));
xfree(name);
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
if (! configname)
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
configname = make_filename (gnupg_homedir (),
GPG_NAME EXTSEP_S "conf", NULL);
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
if (! access (configname, R_OK))
{
/* Print a warning when both config files are present. */
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
char *p = make_filename (gnupg_homedir (), "options", NULL);
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
if (! access (p, R_OK))
Use a unique capitalization for "Note:". --
2014-10-10 15:29:42 +02:00
log_info (_("Note: old default options file '%s' ignored\n"), p);
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
xfree (p);
}
else
{
/* Use the old default only if it exists. */
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
char *p = make_filename (gnupg_homedir (), "options", NULL);
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
if (!access (p, R_OK))
{
xfree (configname);
configname = p;
}
else
xfree (p);
}
return configname;
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
int
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
main (int argc, char **argv)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
ARGPARSE_ARGS pargs;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
IOBUF a;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
int rc=0;
int orig_argc;
char **orig_argv;
const char *fname;
char *username;
int may_coredump;
gpg: Do not pre-check keys given on the command line. * g10/keydb.h (PK_LIST_ENCRYPT_TO, PK_LIST_HIDDEN, PK_LIST_CONFIG) (PK_LIST_SHIFT): New. * g10/pkclist.c (build_pk_list): Use them here. * g10/gpg.c (check_user_ids, main): Ditto. * g10/gpg.c (main): Set PK_LIST_CONFIG for REMUSR and LOCUSR. (check_user_ids): Skip check for command line specified options. -- If a key has been given on the command line and it has not been given by one of the encrypt-to options, we now skip the checks. The reason is that the actual key selection code does its own checks and provides proper status message to the caller to detect the wrong keys. Without this we would break most frontends because they expect for example STATUS_INV_RECP. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 08:56:02 +01:00
strlist_t sl;
strlist_t remusr = NULL;
strlist_t locusr = NULL;
Decryption and signi via agent is now implemented.
2010-04-23 13:36:59 +02:00
strlist_t nrings = NULL;
Fixes for CVE-2006-6235
2006-12-06 11:16:50 +01:00
armor_filter_context_t *afx = NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
int detached_sig = 0;
FILE *configfp = NULL;
char *configname = NULL;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
char *save_configname = NULL;
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
char *default_configname = NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
unsigned configlineno;
int parse_debug = 0;
int default_config = 1;
int default_keyring = 1;
int greeting = 0;
int nogreeting = 0;
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
char *logfile = NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
int use_random_seed = 1;
enum cmd_and_opt_values cmd = 0;
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
const char *debug_level = NULL;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
const char *trustdb_name = NULL;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif /*!NO_TRUST_MODELS*/
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
char *def_cipher_string = NULL;
char *def_digest_string = NULL;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
char *compress_algo_string = NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
char *cert_digest_string = NULL;
char *s2k_cipher_string = NULL;
char *s2k_digest_string = NULL;
char *pers_cipher_list = NULL;
char *pers_digest_list = NULL;
char *pers_compress_list = NULL;
int eyes_only=0;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
int multifile=0;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
int pwfd = -1;
gpg: New option --override-session-key-fd. * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 09:02:53 +01:00
int ovrseskeyfd = -1;
Fixed bug#1044. Use of --fingerprint with --with-fingerprint.
2009-05-20 12:23:33 +02:00
int fpr_maybe_cmd = 0; /* --fingerprint maybe a command. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
int any_explicit_recipient = 0;
gpg: Remove options --print-dane-records and --print-pka-records. * g10/gpg.c (main): Remove options but print a dedicated warning. * g10/options.h (struct opt): Remove fields 'print_dane_records' and 'print_pka_records'. * g10/keylist.c (list_keyblock): Do not call list_keyblock_pka. (list_keyblock_pka): Remove. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 15:19:36 +02:00
int require_secmem = 0;
int got_secmem = 0;
2009-09-23 Marcus Brinkmann <marcus@g10code.de> * configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION): Update to new API (2, 1.1.0). agent/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpg-agent.c (parse_rereadable_options): Don't set global assuan log file (there ain't one anymore). (main): Update to new API. (check_own_socket_pid_cb): Return gpg_error_t instead of int. (check_own_socket_thread, check_for_running_agent): Create assuan context before connecting to server. * command.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (write_and_clear_outbuf): Use gpg_error_t instead of assuan_error_t. (cmd_geteventcounter, cmd_istrusted, cmd_listtrusted) (cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc) (cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey) (cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase) (cmd_get_confirmation, cmd_learn, cmd_passwd) (cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval) (cmd_updatestartuptty, cmd_killagent, cmd_reloadagent) (cmd_getinfo, option_handler): Return gpg_error_t instead of int. (post_cmd_notify): Change type of ERR to gpg_error_t from int. (io_monitor): Add hook argument. Use symbols for constants. (register_commands): Change return type of HANDLER to gpg_error_t. (start_command_handler): Allocate assuan context before starting server. * call-pinentry.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (unlock_pinentry): Call assuan_release instead of assuan_disconnect. (getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int. (start_pinentry): Allocate assuan context before connecting to server. * call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb) (membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru) (pass_data_thru): Change return type to gpg_error_t. (start_scd): Allocate assuan context before connecting to server. common/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * asshelp.c (start_new_gpg_agent): Allocate assuan context before starting server. g10/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * call-agent.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb) (learn_status_cb, inq_writecert_parms, inq_writekey_parms) (scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of int. * gpg.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (main): Update to new Assuan API. * server.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (option_handler, cmd_recipient, cmd_signer, cmd_encrypt) (cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export) (cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys) (cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t instead of int. (register_commands): Allocate assuan context before starting server. (gpg_server): Allocate assuan_context before starting server. scd/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * command.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert) (cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt) (cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey) (cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock) (cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu) (cmd_killscd): Return gpg_error_t instead of int. (scd_command_handler): Allocate assuan context before starting server. * scdaemon.c (main): Update to new Assuan API. sm/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpgsm.c (main): Update to new assuan API. * server.c: Include "gpgsm.h" before <assuan.h> due to check for GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h. (option_handler, cmd_recipient, cmd_signer, cmd_encrypt) (cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export) (cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys) (cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey) (cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int. (register_commands): Same for member HANDLER in table. (gpgsm_server): Allocate assuan context before starting server. * sm/call-dirmngr.c: * call-dirmngr.c (prepare_dirmngr): Check for CTX and error before setting LDAPSERVER. (start_dirmngr_ext): Allocate assuan context before starting server. (inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb) (run_command_cb, run_command_inq_cb, run_command_status_cb): Return gpg_error_t instead of int. tools/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response) (main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
struct assuan_malloc_hooks malloc_hooks;
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
ctrl_t ctrl;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
gpg: Remove options --print-dane-records and --print-pka-records. * g10/gpg.c (main): Remove options but print a dedicated warning. * g10/options.h (struct opt): Remove fields 'print_dane_records' and 'print_pka_records'. * g10/keylist.c (list_keyblock): Do not call list_keyblock_pka. (list_keyblock_pka): Remove. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 15:19:36 +02:00
static int print_dane_records;
static int print_pka_records;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#ifdef __riscos__
opt.lock_once = 1;
#endif /* __riscos__ */
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* Please note that we may running SUID(ROOT), so be very CAREFUL
when adding any stuff between here and the call to
secmem_init() somewhere after the option parsing. */
Add a hook to be called right after main. * common/init.c (early_system_init): New stub function. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-28 19:57:22 +01:00
early_system_init ();
Make use of the *_NAME etc macros. Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt.
2013-11-18 14:09:47 +01:00
gnupg_reopen_std (GPG_NAME);
Various updates
2006-09-21 15:30:45 +02:00
trap_unaligned ();
gnupg_rl_initialize ();
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
set_strusage (my_strusage);
gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
Call log_set_prefix() with human-readable labels. * agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c * dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c * g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c * tests/gpgscm/main.c, tools/gpg-check-pattern.c * tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c * tools/symcryptrun.c: Invoke log_set_prefix() with human-readable labels. -- Some invocations of log_set_prefix() were done with raw numeric values instead of values that humans can understand. Use symbolic representations instead of numeric for better readability. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-08-12 07:37:57 +02:00
log_set_prefix (GPG_NAME, GPGRT_LOG_WITH_PREFIX);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
A whole bunch of changes to allow building for Windows. See the ChangeLogs for details.
2007-06-14 19:05:07 +02:00
/* Make sure that our subsystems are ready. */
Minor fixes.
2008-12-09 09:58:02 +01:00
i18n_init();
More chnages to use estream. Add a way to replace the standard descriptors.
2010-03-22 13:46:05 +01:00
init_common_subsystems (&argc, &argv);
A whole bunch of changes to allow building for Windows. See the ChangeLogs for details.
2007-06-14 19:05:07 +02:00
Sample ECC keys and message do now work. Import and export of secret keys does now work. Encryption has been fixed to be compatible with the sample messages. This version tests for new Libgcrypt function and thus needs to be build with a new Libgcrypt installed.
2011-02-02 15:48:54 +01:00
/* Use our own logging handler for Libcgrypt. */
setup_libgcrypt_logging ();
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* Put random number into secure memory */
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
may_coredump = disable_core_dumps();
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
Key generation and signing using the OpenPGP card does rudimentary work.
2003-06-27 22:53:09 +02:00
gnupg_init_signals (0, emergency_cleanup);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
Add a flag parameter to dotlock_create. This allows us to extend this function in the future.
2011-09-28 15:41:58 +02:00
dotlock_create (NULL, 0); /* Register lock file cleanup. */
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
Add option --no-autostart. * g10/gpg.c: Add option --no-autostart. * sm/gpgsm.c: Ditto. * g10/options.h (opt): Add field autostart. * sm/gpgsm.h (opt): Ditto. * g10/call-agent.c (start_agent): Print note if agent was not autostarted. * sm/call-agent.c (start_agent): Ditto. * g10/call-dirmngr.c (create_context): Likewise. * sm/call-dirmngr.c (start_dirmngr_ext): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-28 09:44:19 +01:00
opt.autostart = 1;
Reworked passing of envars to Pinentry.
2009-07-07 12:02:41 +02:00
opt.session_env = session_env_new ();
if (!opt.session_env)
log_fatal ("error allocating session environment block: %s\n",
strerror (errno));
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
opt.command_fd = -1; /* no command fd */
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
opt.compress_level = -1; /* defaults to standard compress level */
opt.bz2_compress_level = -1; /* defaults to standard compress level */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* note: if you change these lines, look at oOpenPGP */
opt.def_cipher_algo = 0;
opt.def_digest_algo = 0;
opt.cert_digest_algo = 0;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
opt.s2k_mode = 3; /* iterated+salted */
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
opt.s2k_count = 0; /* Auto-calibrate when needed. */
gpg: Change default cipher for --symmetric from CAST5 to AES-128. * g10/main.h (DEFAULT_CIPHER_ALGO): Chhange to AES or CAST5 or 3DES depending on configure option. * g10/gpg.c (main): Set opt.s2k_cipher_algo to DEFAULT_CIPHER_ALGO.
2014-08-18 11:45:00 +02:00
opt.s2k_cipher_algo = DEFAULT_CIPHER_ALGO;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
opt.completes_needed = 1;
opt.marginals_needed = 3;
opt.max_cert_depth = 5;
opt.escape_from = 1;
Ported changes from 1.4. Add copyright notices.
2007-10-25 11:06:21 +02:00
opt.flags.require_cross_cert = 1;
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
opt.import_options = 0;
opt.export_options = EXPORT_ATTRIBUTES;
opt.keyserver_options.import_options = IMPORT_REPAIR_PKS_SUBKEY_BUG;
opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
gpg: Do not use honor-keyserver-url sub-option by default.
2015-04-21 15:46:13 +02:00
opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
gpg: Make show-uid-validity the default.
2014-06-24 09:53:46 +02:00
opt.verify_options = (LIST_SHOW_UID_VALIDITY
| VERIFY_SHOW_POLICY_URLS
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
| VERIFY_SHOW_STD_NOTATIONS
| VERIFY_SHOW_KEYSERVER_URLS);
gpg: Make --list-options show-usage the default. * g10/gpg.c (main): Add LIST_SHOW_USAGE. -- The usage flags are often useful and they don't take away much space in a key listing. Thus it is better to have them enabled by default. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-14 12:22:33 +01:00
opt.list_options = (LIST_SHOW_UID_VALIDITY
| LIST_SHOW_USAGE);
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifdef NO_TRUST_MODELS
opt.trust_model = TM_ALWAYS;
#else
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
opt.trust_model = TM_AUTO;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
opt.tofu_default_policy = TOFU_POLICY_AUTO;
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
opt.mangle_dos_filenames = 0;
opt.min_cert_level = 2;
set_screen_dimensions ();
gpg: Use --keyid-format=none by default. * g10/gpg.c (main): Init keyid_format to KF_NONE. * g10/keyid.c (format_keyid): Ditto. (keystrlen): Ditto. -- GnuPG-bug-id: 2379 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-06 17:03:47 +02:00
opt.keyid_format = KF_NONE;
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
opt.def_sig_expire = "0";
opt.def_cert_expire = "0";
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
gnupg_set_homedir (NULL);
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
opt.passphrase_repeat = 1;
gpg: Avoid publishing the GnuPG version by default * g10/gpg.c (main): initialize opt.emit_version to 0 * doc/gpg.texi: document different default for --emit-version -- The version of GnuPG in use is not particularly helpful. It is not cryptographically verifiable, and it doesn't distinguish between significant version differences like 2.0.x and 2.1.x. Additionally, it leaks metadata that can be used to distinguish users from one another, and can potentially be used to target specific attacks if there are known behaviors that differ between major versions. It's probably better to take the more parsimonious approach to metadata production by default. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-08-04 22:58:13 +02:00
opt.emit_version = 0;
gpg: Ensure all weak digest rejection notices are shown * g10/main.h: Add rejection_shown flag to each weakhash struct * g10/misc.c (print_digest_algo_note, additional_weak_digest): Do not treat MD5 separately; (print_digest_rejected_note): Use weakhash.rejection_shown instead of static shown. * g10/options.h (opt): Change from additional_weak_digests to weak_digests. * g10/sig-check.c: Do not treat MD5 separately. * g10/gpg.c (main): Explicitly set MD5 as weak. * g10/gpgv.c (main): Explicitly set MD5 as weak. -- Previously, only one weak digest rejection message was shown, of whichever was the first type encountered. This meant that if "gpg --weak-digest SHA224" encountered both an MD5 digest and a SHA224 digest, it would only show the user that the MD5 digest was rejected. In order to let the user know which algorithms were rejected, we needed to move the "shown" flag into a per-weak-algorithm location. Given this additional complication, it made no sense to continue to treat MD5 specially, so it is added as a default weak algorithm in the same opt.weak_digests data structure as any other. Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2015-10-23 23:46:57 +02:00
opt.weak_digests = NULL;
additional_weak_digest("MD5");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* Check whether we have a config file on the command line. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
orig_argc = argc;
orig_argv = argv;
pargs.argc = &argc;
pargs.argv = &argv;
Print warning for arguments not considered an option. GnuPG requires that options are given before other arguments. This can sometimes be confusing. We now print a warning if we found an argument looking alike a long option without being preceded by the stop option. This is bug#1343. * common/argparse.h (ARGPARSE_FLAG_STOP_SEEN): New. * common/argparse.c (arg_parse): Set new flag. * g10/gpg.c (main): Print the warning. * agent/gpg-agent.c (main): Ditto. * dirmngr/dirmngr.c (main): Ditto. * g13/g13.c (main): Ditto. * scd/scdaemon.c (main): Ditto. * sm/gpgsm.c (main): Ditto. * tools/gpg-connect-agent.c (main): Ditto. * tools/gpgconf.c (main): Ditto.
2012-03-27 12:35:13 +02:00
pargs.flags= (ARGPARSE_FLAG_KEEP | ARGPARSE_FLAG_NOVERSION);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
while( arg_parse( &pargs, opts) ) {
if( pargs.r_opt == oDebug || pargs.r_opt == oDebugAll )
parse_debug++;
gpg: Add new option --debug-iolbf. * g10/gpg.c (oDebugIOLBF): new. (opts): Add --debug-iolbf. (main): Set option. -- This option is convenient for debugging to make sure that debug output to stderr is synced with output to stdout. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-06 14:07:50 +02:00
else if (pargs.r_opt == oDebugIOLBF)
es_setvbuf (es_stdout, NULL, _IOLBF, 0);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if( pargs.r_opt == oOptions ) {
/* yes there is one, so we do not try the default one, but
* read the option file when it is encountered at the commandline
*/
default_config = 0;
}
else if( pargs.r_opt == oNoOptions )
Preparing a release candidate.
2007-12-14 17:08:53 +01:00
{
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
default_config = 0; /* --no-options */
Preparing a release candidate.
2007-12-14 17:08:53 +01:00
opt.no_homedir_creation = 1;
}
else if( pargs.r_opt == oHomedir )
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
gnupg_set_homedir (pargs.r.ret_str);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if( pargs.r_opt == oNoPermissionWarn )
opt.no_perm_warn=1;
else if (pargs.r_opt == oStrict )
{
g10/ does build again.
2006-05-23 18:19:43 +02:00
/* Not used */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else if (pargs.r_opt == oNoStrict )
{
g10/ does build again.
2006-05-23 18:19:43 +02:00
/* Not used */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
#ifdef HAVE_DOSISH_SYSTEM
w32: Fix recent build regression. * common/homedir.c (_gnupg_socketdir_internal) [W32]: Add definition for NAME. * g10/gpg.c (main) [W32]: Fix use og gnupg_homedir. * agent/gpg-agent.c (remove_socket): Remove unused var P. * scd/scdaemon.c (cleanup): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-08 15:14:06 +02:00
if ( strchr (gnupg_homedir (), '\\') ) {
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
char *d, *buf = xmalloc (strlen (gnupg_homedir ())+1);
const char *s;
for (d=buf, s = gnupg_homedir (); *s; s++)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
*d++ = *s == '\\'? '/': *s;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#ifdef HAVE_W32_SYSTEM
if (s[1] && IsDBCSLeadByte (*s))
*d++ = *++s;
#endif
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
*d = 0;
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
gnupg_set_homedir (buf);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
#endif
Cleanups, fixes and PC/SC support
2003-08-05 19:11:04 +02:00
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
/* Initialize the secure memory. */
gpg: Add build and runtime support for larger RSA keys * configure.ac: Added --enable-large-secmem option. * g10/options.h: Add opt.flags.large_rsa. * g10/gpg.c: Contingent on configure option: adjust secmem size, add gpg --enable-large-rsa, bound to opt.flags.large_rsa. * g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa * doc/gpg.texi: Document --enable-large-rsa. -- This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from STABLE-BRANCH-1-4 against master Some older implementations built and used RSA keys up to 16Kib, but the larger secret keys now fail when used by more recent GnuPG, due to secure memory limitations. Building with ./configure --enable-large-secmem will make gpg capable of working with those secret keys, as well as permitting the use of a new gpg option --enable-large-rsa, which let gpg generate RSA keys up to 8Kib when used with --batch --gen-key. Debian-bug-id: 739424 Minor edits by wk. GnuPG-bug-id: 1732
2014-10-09 22:54:15 +02:00
if (!gcry_control (GCRYCTL_INIT_SECMEM, SECMEM_BUFFER_SIZE, 0))
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
got_secmem = 1;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
/* There should be no way to get to this spot while still carrying
Revert that last stupid setuid detection fix.
2008-07-17 21:49:51 +02:00
setuid privs. Just in case, bomb out if we are. */
if ( getuid () != geteuid () )
Do not run the setuid test if running under as root proper. Documentation fixes. Some enhancements for the new OpenPGP Card.
2008-07-17 21:40:53 +02:00
BUG ();
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#endif
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
maybe_setuid = 0;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* Okay, we are now working under our real uid */
Key generation and signing using the OpenPGP card does rudimentary work.
2003-06-27 22:53:09 +02:00
/* malloc hooks go here ... */
2009-09-23 Marcus Brinkmann <marcus@g10code.de> * configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION): Update to new API (2, 1.1.0). agent/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpg-agent.c (parse_rereadable_options): Don't set global assuan log file (there ain't one anymore). (main): Update to new API. (check_own_socket_pid_cb): Return gpg_error_t instead of int. (check_own_socket_thread, check_for_running_agent): Create assuan context before connecting to server. * command.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (write_and_clear_outbuf): Use gpg_error_t instead of assuan_error_t. (cmd_geteventcounter, cmd_istrusted, cmd_listtrusted) (cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc) (cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey) (cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase) (cmd_get_confirmation, cmd_learn, cmd_passwd) (cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval) (cmd_updatestartuptty, cmd_killagent, cmd_reloadagent) (cmd_getinfo, option_handler): Return gpg_error_t instead of int. (post_cmd_notify): Change type of ERR to gpg_error_t from int. (io_monitor): Add hook argument. Use symbols for constants. (register_commands): Change return type of HANDLER to gpg_error_t. (start_command_handler): Allocate assuan context before starting server. * call-pinentry.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (unlock_pinentry): Call assuan_release instead of assuan_disconnect. (getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int. (start_pinentry): Allocate assuan context before connecting to server. * call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb) (membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru) (pass_data_thru): Change return type to gpg_error_t. (start_scd): Allocate assuan context before connecting to server. common/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * asshelp.c (start_new_gpg_agent): Allocate assuan context before starting server. g10/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * call-agent.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb) (learn_status_cb, inq_writecert_parms, inq_writekey_parms) (scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of int. * gpg.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (main): Update to new Assuan API. * server.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (option_handler, cmd_recipient, cmd_signer, cmd_encrypt) (cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export) (cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys) (cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t instead of int. (register_commands): Allocate assuan context before starting server. (gpg_server): Allocate assuan_context before starting server. scd/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * command.c: Include "scdaemon.h" before <assuan.h> because of GPG_ERR_SOURCE_DEFAULT check. (option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert) (cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt) (cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey) (cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock) (cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu) (cmd_killscd): Return gpg_error_t instead of int. (scd_command_handler): Allocate assuan context before starting server. * scdaemon.c (main): Update to new Assuan API. sm/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpgsm.c (main): Update to new assuan API. * server.c: Include "gpgsm.h" before <assuan.h> due to check for GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h. (option_handler, cmd_recipient, cmd_signer, cmd_encrypt) (cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export) (cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys) (cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey) (cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int. (register_commands): Same for member HANDLER in table. (gpgsm_server): Allocate assuan context before starting server. * sm/call-dirmngr.c: * call-dirmngr.c (prepare_dirmngr): Check for CTX and error before setting LDAPSERVER. (start_dirmngr_ext): Allocate assuan context before starting server. (inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb) (run_command_cb, run_command_inq_cb, run_command_status_cb): Return gpg_error_t instead of int. tools/ 2009-09-23 Marcus Brinkmann <marcus@g10code.de> * gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response) (main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
malloc_hooks.malloc = gcry_malloc;
malloc_hooks.realloc = gcry_realloc;
malloc_hooks.free = gcry_free;
assuan_set_malloc_hooks (&malloc_hooks);
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
common: Add an assuan logging monitor. * common/asshelp.c (my_log_monitor): New var. (my_libassuan_log_handler): Run that monitor. (setup_libassuan_logging): Add arg to set a log monitor and change all callers. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-05 10:55:10 +02:00
setup_libassuan_logging (&opt.debug, NULL);
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
/* Try for a version specific config file first */
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
default_configname = get_default_configname ();
if (default_config)
configname = xstrdup (default_configname);
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
argc = orig_argc;
argv = orig_argv;
pargs.argc = &argc;
pargs.argv = &argv;
Print warning for arguments not considered an option. GnuPG requires that options are given before other arguments. This can sometimes be confusing. We now print a warning if we found an argument looking alike a long option without being preceded by the stop option. This is bug#1343. * common/argparse.h (ARGPARSE_FLAG_STOP_SEEN): New. * common/argparse.c (arg_parse): Set new flag. * g10/gpg.c (main): Print the warning. * agent/gpg-agent.c (main): Ditto. * dirmngr/dirmngr.c (main): Ditto. * g13/g13.c (main): Ditto. * scd/scdaemon.c (main): Ditto. * sm/gpgsm.c (main): Ditto. * tools/gpg-connect-agent.c (main): Ditto. * tools/gpgconf.c (main): Ditto.
2012-03-27 12:35:13 +02:00
pargs.flags= ARGPARSE_FLAG_KEEP;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* By this point we have a homedir, and cannot change it. */
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
check_permissions (gnupg_homedir (), 0);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
next_pass:
if( configname ) {
if(check_permissions(configname,1))
{
/* If any options file is unsafe, then disable any external
programs for keyserver calls or photo IDs. Since the
external program to call is set in the options file, a
unsafe options file can lead to an arbitrary program
being run. */
opt.exec_disable=1;
}
configlineno = 0;
configfp = fopen( configname, "r" );
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if (configfp && is_secured_file (fileno (configfp)))
{
fclose (configfp);
configfp = NULL;
Use gpg_err_set_errno to assign values to ERRNO.
2010-04-01 15:24:55 +02:00
gpg_err_set_errno (EPERM);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( !configfp ) {
if( default_config ) {
if( parse_debug )
Use a unique capitalization for "Note:". --
2014-10-10 15:29:42 +02:00
log_info(_("Note: no default option file '%s'\n"),
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
configname );
}
else {
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error(_("option file '%s': %s\n"),
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
configname, strerror(errno) );
g10_exit(2);
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(configname); configname = NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
if( parse_debug && configname )
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_info(_("reading options from '%s'\n"), configname );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
default_config = 0;
}
while( optfile_parse( configfp, configname, &configlineno,
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
&pargs, opts) )
{
switch( pargs.r_opt )
{
case aListConfig:
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
case aListGcryptConfig:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aGPGConfList:
.
2006-10-23 16:02:13 +02:00
case aGPGConfTest:
gpg: Avoid homedir creation by --list-config * g10/gpg.c (main): Do not register a key for the list config commands. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-01 19:22:48 +02:00
set_cmd (&cmd, pargs.r_opt);
/* Do not register a keyring for these commands. */
default_keyring = -1;
break;
case aCheckKeys:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aListPackets:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aImport:
case aFastImport:
case aSendKeys:
case aRecvKeys:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aSearchKeys:
case aRefreshKeys:
case aFetchKeys:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aExport:
Minor changes and typo fixes.
2006-09-06 13:53:24 +02:00
#ifdef ENABLE_CARD_SUPPORT
case aCardStatus:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aCardEdit:
Minor changes and typo fixes.
2006-09-06 13:53:24 +02:00
case aChangePIN:
#endif /* ENABLE_CARD_SUPPORT*/
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aListKeys:
Add command --locate-key. Fix auto-key-locate processing of "nodefault".
2008-05-07 17:40:36 +02:00
case aLocateKeys:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aListSigs:
case aExportSecret:
case aExportSecretSub:
gpg: New command --export-ssh-key * g10/export.c: Include membuf.h and host2net.h. (key_to_sshblob): New. (export_ssh_key): New. * g10/gpg.c (aExportSshKey): New. (opts): Add command. (main): Implement that command. -- GnuPG-bug-id: 2212 I have done only a few tests rights now and the ECDSA curves do not yet work. However ssh-keygen -l accept RSA and ed25519 keys exported using this command. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 17:22:32 +01:00
case aExportSshKey:
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
case aSym:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aClearsign:
case aGenRevoke:
case aDesigRevoke:
case aPrimegen:
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
case aGenRandom:
case aPrintMD:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aPrintMDs:
case aListTrustDB:
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
case aCheckTrustDB:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aUpdateTrustDB:
case aFixTrustDB:
case aListTrustPath:
case aDeArmor:
case aEnArmor:
case aSign:
gpg: Add commands --quick-sign-key and --quick-lsign-key. * g10/gpg.c (main): Add commands --quick-sign-key and --quick-lsign-key. * g10/keyedit.c (sign_uids): Add args FP and QUICK. (keyedit_quick_sign): New. (show_key_with_all_names): Add arg NOWARN.
2014-03-27 16:33:40 +01:00
case aQuickSignKey:
case aQuickLSignKey:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aSignKey:
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
case aLSignKey:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aStore:
gpg: Add command --quick-gen-key * g10/gpg.c (aQuickKeygen): New. * g10/misc.c (is_valid_user_id): New stub. * g10/keygen.c (quickgen_set_para): New. (quick_generate_keypair): New. -- Note that the validation of the specified user id has not yet been implemented.
2014-07-23 15:12:43 +02:00
case aQuickKeygen:
gpg: New command --quick-adduid. * g10/keygen.c (ask_user_id): Factor some code out to ... (uid_already_in_keyblock): new. (generate_user_id): Add arg UIDSTR. Fix leaked P. * g10/keyedit.c (menu_adduid): Add new arg uidstring. Adjust caller. (keyedit_quick_adduid): New. * g10/gpg.c (aQuickAddUid): New. (opts): Add command --quick-adduid. (main): Implement that. -- GnuPG-bug-id: 1956 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-08 16:08:57 +02:00
case aQuickAddUid:
gpg: New command --quick-addkey. * g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New. (ask_keysize): Factor code out to ... (get_keysize_range, fixup_keysize): new. (parse_parameter_usage): Factor parsing out to ... (parse_usagestr): new. Allow use of "encr" as alias for "encrypt". (parse_subkey_algostr_usagestr): New. (generate_subkeypair): Add new args. Implement unattended mode. * g10/keyedit.c (keyedit_quick_sign): Factor some code out to ... (find_by_primary_fpr): new. (keyedit_quick_addkey): New. * g10/gpg.c (aQuickAddKey): New. (opts): Add --quick-addkey. (main): Implement. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 15:54:48 +02:00
case aQuickAddKey:
g10: Implement gpg --quick-revuid * g10/revoke.c (get_default_uid_revocation_reason): New. * g10/keyedit.c (menu_revuid): Break out creation of uid revocation into new function core_revuid. * g10/keyedit.c (keyedit_quick_revuid): New. Selects key and uid, invokes core_revuid. * g10/gpg.c (main): Handle --quick-revuid argument. * doc/gpg.texi: Document --quick-revuid. -- This functionality is a counterpart to --quick-adduid, and will be useful for projects that depend programmatically on gpg to revoke user IDs (one such example is "monkeysphere-host revoke-servicename"). Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> - Minor re-indentation work. - Changed a "0 == memcmp" to "!memcmp" - Removed tests/openpgp/quick-key-manipulation.test from the Makefile. This test needs to be converted to gpgscm. - Removed example from whats-new-in-2.1.txt because that is generated. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 00:05:57 +02:00
case aQuickRevUid:
gpg: New option --quick-set-expire. * g10/gpg.c (aQuickSetExpire): New. (opts): New option --quick-set-expire. (main): Implement option. * g10/keyedit.c (menu_expire): Add args FORCE_MAINKEY and NEWEXPIRATION. Change semantics of the return value. Change caller. (keyedit_quick_set_expire): New. -- This patch partly solves GnuPG-bug-id: 2701
2016-12-05 10:58:39 +01:00
case aQuickSetExpire:
gpg: New command --quick-set-primary-uid. * g10/gpg.c (aQuickSetPrimaryUid): New const. (opts): New command --quick-set-primary-uid. (main): Implement it. * g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ... (quick_find_keyblock): new func. (keyedit_quick_revuid): Use quick_find_keyblock. (keyedit_quick_set_primary): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 14:47:21 +01:00
case aQuickSetPrimaryUid:
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aExportOwnerTrust:
case aImportOwnerTrust:
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
case aRebuildKeydbCaches:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
set_cmd (&cmd, pargs.r_opt);
break;
Minor changes and typo fixes.
2006-09-06 13:53:24 +02:00
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aKeygen:
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
case aFullKeygen:
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
case aEditKey:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aDeleteSecretKeys:
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aDeleteSecretAndPublicKeys:
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
case aDeleteKeys:
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
case aPasswd:
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
set_cmd (&cmd, pargs.r_opt);
greeting=1;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aDecryptFiles: multifile=1; /* fall through */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aDecrypt: set_cmd( &cmd, aDecrypt); break;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
case aEncrFiles: multifile=1; /* fall through */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aEncr: set_cmd( &cmd, aEncr); break;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
case aVerifyFiles: multifile=1; /* fall through */
case aVerify: set_cmd( &cmd, aVerify); break;
Started to code a --server mode. It is far from being ready!
2006-12-21 20:40:00 +01:00
case aServer:
set_cmd (&cmd, pargs.r_opt);
opt.batch = 1;
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
case aTOFUPolicy:
set_cmd (&cmd, pargs.r_opt);
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oArmor: opt.armor = 1; opt.no_armor=0; break;
case oOutput: opt.outfile = pargs.r.ret_str; break;
gpg: New option --input-size-hint. * g10/options.h: Include stdint.h. (struct opt): Add field 'input_size_hint'. * g10/gpg.c (oInputSizeHint): New. (opts): Add --input-size-hint. (main): Set opt.input_size_hint. * g10/progress.c (write_status_progress): Use the hint. -- This is a prerequisite to fix GnuPG-bug-id: 2368 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-11 21:31:12 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oMaxOutput: opt.max_output = pargs.r.ret_ulong; break;
gpg: New option --input-size-hint. * g10/options.h: Include stdint.h. (struct opt): Add field 'input_size_hint'. * g10/gpg.c (oInputSizeHint): New. (opts): Add --input-size-hint. (main): Set opt.input_size_hint. * g10/progress.c (write_status_progress): Use the hint. -- This is a prerequisite to fix GnuPG-bug-id: 2368 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-11 21:31:12 +02:00
case oInputSizeHint:
opt.input_size_hint = string_to_u64 (pargs.r.ret_str);
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oQuiet: opt.quiet = 1; break;
case oNoTTY: tty_no_terminal(1); break;
case oDryRun: opt.dry_run = 1; break;
case oInteractive: opt.interactive = 1; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oVerbose:
opt.verbose++;
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
opt.list_options|=LIST_SHOW_UNUSABLE_UIDS;
opt.list_options|=LIST_SHOW_UNUSABLE_SUBKEYS;
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Added LIBINTL to more Makefile targets. doc/ * com-certs.pem: Added the current root certifcates of D-Trust and S-Trust. g10/ * status.c (write_status_begin_signing): New. * sign.c (sign_file, sign_symencrypt_file): Call it. * textfilter.c (copy_clearsig_text): Call it. * call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if required. * gpg.c (main): Let --no-use-agent and --gpg-agent-info print a warning. * misc.c (obsolete_option): New.
2007-01-30 21:16:28 +01:00
case oBatch:
opt.batch = 1;
nogreeting = 1;
break;
Fixed agent access for gpg.
2006-10-04 18:45:04 +02:00
case oUseAgent: /* Dummy. */
Added LIBINTL to more Makefile targets. doc/ * com-certs.pem: Added the current root certifcates of D-Trust and S-Trust. g10/ * status.c (write_status_begin_signing): New. * sign.c (sign_file, sign_symencrypt_file): Call it. * textfilter.c (copy_clearsig_text): Call it. * call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if required. * gpg.c (main): Let --no-use-agent and --gpg-agent-info print a warning. * misc.c (obsolete_option): New.
2007-01-30 21:16:28 +01:00
break;
gpg: Do not always print dashes in obsolete_option. * g10/gpg.c (main): Pass option names to obsolete_option without double dash. * g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double dash only for command line options.
2014-09-25 22:13:03 +02:00
Added LIBINTL to more Makefile targets. doc/ * com-certs.pem: Added the current root certifcates of D-Trust and S-Trust. g10/ * status.c (write_status_begin_signing): New. * sign.c (sign_file, sign_symencrypt_file): Call it. * textfilter.c (copy_clearsig_text): Call it. * call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if required. * gpg.c (main): Let --no-use-agent and --gpg-agent-info print a warning. * misc.c (obsolete_option): New.
2007-01-30 21:16:28 +01:00
case oNoUseAgent:
gpg: Do not always print dashes in obsolete_option. * g10/gpg.c (main): Pass option names to obsolete_option without double dash. * g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double dash only for command line options.
2014-09-25 22:13:03 +02:00
obsolete_option (configname, configlineno, "no-use-agent");
Added LIBINTL to more Makefile targets. doc/ * com-certs.pem: Added the current root certifcates of D-Trust and S-Trust. g10/ * status.c (write_status_begin_signing): New. * sign.c (sign_file, sign_symencrypt_file): Call it. * textfilter.c (copy_clearsig_text): Call it. * call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if required. * gpg.c (main): Let --no-use-agent and --gpg-agent-info print a warning. * misc.c (obsolete_option): New.
2007-01-30 21:16:28 +01:00
break;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oGpgAgentInfo:
gpg: Do not always print dashes in obsolete_option. * g10/gpg.c (main): Pass option names to obsolete_option without double dash. * g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double dash only for command line options.
2014-09-25 22:13:03 +02:00
obsolete_option (configname, configlineno, "gpg-agent-info");
Added LIBINTL to more Makefile targets. doc/ * com-certs.pem: Added the current root certifcates of D-Trust and S-Trust. g10/ * status.c (write_status_begin_signing): New. * sign.c (sign_file, sign_symencrypt_file): Call it. * textfilter.c (copy_clearsig_text): Call it. * call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if required. * gpg.c (main): Let --no-use-agent and --gpg-agent-info print a warning. * misc.c (obsolete_option): New.
2007-01-30 21:16:28 +01:00
break;
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
case oReaderPort:
gpg: Do not always print dashes in obsolete_option. * g10/gpg.c (main): Pass option names to obsolete_option without double dash. * g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double dash only for command line options.
2014-09-25 22:13:03 +02:00
obsolete_scdaemon_option (configname, configlineno, "reader-port");
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
break;
case octapiDriver:
gpg: Do not always print dashes in obsolete_option. * g10/gpg.c (main): Pass option names to obsolete_option without double dash. * g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double dash only for command line options.
2014-09-25 22:13:03 +02:00
obsolete_scdaemon_option (configname, configlineno, "ctapi-driver");
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
break;
case opcscDriver:
gpg: Do not always print dashes in obsolete_option. * g10/gpg.c (main): Pass option names to obsolete_option without double dash. * g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double dash only for command line options.
2014-09-25 22:13:03 +02:00
obsolete_scdaemon_option (configname, configlineno, "pcsc-driver");
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
break;
case oDisableCCID:
gpg: Do not always print dashes in obsolete_option. * g10/gpg.c (main): Pass option names to obsolete_option without double dash. * g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double dash only for command line options.
2014-09-25 22:13:03 +02:00
obsolete_scdaemon_option (configname, configlineno, "disable-ccid");
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
break;
gpg: Obsolete some keyserver helper options. * g10/options.h (opt): Remove keyserver_options.other. * g10/gpg.c (main): Obsolete option --honor-http-proxt. * g10/keyserver.c (add_canonical_option): Replace by ... (warn_kshelper_option): New. (parse_keyserver_uri): Obsolete "x-broken-http". -- Some of these options are deprecated for 10 years and they do not make any sense without the keyserver helpers. For one we print a hint on how to replace it: gpg: keyserver option 'ca-cert-file' is obsolete; \ please use 'hkp-cacert' in dirmngr.conf Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-08 15:14:35 +01:00
case oHonorHttpProxy:
obsolete_option (configname, configlineno, "honor-http-proxy");
break;
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf. * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 - Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk
2014-09-25 20:45:37 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oAnswerYes: opt.answer_yes = 1; break;
case oAnswerNo: opt.answer_no = 1; break;
case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break;
case oPrimaryKeyring:
gpg: First patches to support a keybox storage backend. * kbx/keybox-defs.h (_keybox_write_header_blob): Move prototype to .. * kbx/keybox.h: here. * kbx/keybox-init.c (keybox_lock): Add dummy function * g10/keydb.c: Include keybox.h. (KeydbResourceType): Add KEYDB_RESOURCE_TYPE_KEYBOX. (struct resource_item): Add field kb. (maybe_create_keyring_or_box): Add error descriptions to diagnostics. Add arg IS_BOX. Write a header for a new keybox file. (keydb_add_resource): No more need for the force flag. Rename the local variable "force" to "create". Add URL scheme "gnupg-kbx". Add magic test to detect a keybox file. Add basic support for keybox. (keydb_new, keydb_get_resource_name, keydb_delete_keyblock) (keydb_locate_writable, keydb_search_reset, keydb_search2): Add support for keybox. (lock_all, unlock_all): Ditto. * g10/Makefile.am (needed_libs): Add libkeybox.a. (gpg2_LDADD, gpgv2_LDADD): Add KSBA_LIBS as a workaround. * g10/keydb.h (KEYDB_RESOURCE_FLAG_PRIMARY) KEYDB_RESOURCE_FLAG_DEFAULT, KEYDB_RESOURCE_FLAG_READONLY): New. * g10/gpg.c, g10/gpgv.c (main): Use new constants. -- I did most of these changes back in 2011 and only cleaned them up now. More to follow soon.
2012-12-27 15:04:29 +01:00
sl = append_to_strlist (&nrings, pargs.r.ret_str);
sl->flags = KEYDB_RESOURCE_FLAG_PRIMARY;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oShowKeyring:
deprecated_warning(configname,configlineno,"--show-keyring",
"--list-options ","show-keyring");
opt.list_options|=LIST_SHOW_KEYRING;
break;
gpg: Allow debug flag names for --debug. * g10/gpg.c (opts): Change arg for oDebug to a string. (debug_flags): New; factored out from set_debug. (set_debug): Remove "--debug-level help". Use parse_debug_flag to print the used flags. (main): Use parse_debug_flag for oDebug. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 21:01:10 +02:00
case oDebug:
if (parse_debug_flag (pargs.r.ret_str, &opt.debug, debug_flags))
{
pargs.r_opt = ARGPARSE_INVALID_ARG;
pargs.err = ARGPARSE_PRINT_ERROR;
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oDebugAll: opt.debug = ~0; break;
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
case oDebugLevel: debug_level = pargs.r.ret_str; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gpg: Add new option --debug-iolbf. * g10/gpg.c (oDebugIOLBF): new. (opts): Add --debug-iolbf. (main): Set option. -- This option is convenient for debugging to make sure that debug output to stderr is synced with output to stdout. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-06 14:07:50 +02:00
case oDebugIOLBF: break; /* Already set in pre-parse step. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oStatusFD:
Minor fixes.
2008-12-09 09:58:02 +01:00
set_status_fd ( translate_sys2libc_fd_int (pargs.r.ret_int, 1) );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oStatusFile:
Minor fixes.
2008-12-09 09:58:02 +01:00
set_status_fd ( open_info_file (pargs.r.ret_str, 1, 0) );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oAttributeFD:
Minor fixes.
2008-12-09 09:58:02 +01:00
set_attrib_fd ( translate_sys2libc_fd_int (pargs.r.ret_int, 1) );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oAttributeFile:
Minor fixes.
2008-12-09 09:58:02 +01:00
set_attrib_fd ( open_info_file (pargs.r.ret_str, 1, 1) );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oLoggerFD:
Translate all file descriptors received from assuan.
2007-07-12 17:28:30 +02:00
log_set_fd (translate_sys2libc_fd_int (pargs.r.ret_int, 1));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oLoggerFile:
logfile = pargs.r.ret_str;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oWithFingerprint:
opt.with_fingerprint = 1;
Fixed bug#1044. Use of --fingerprint with --with-fingerprint.
2009-05-20 12:23:33 +02:00
opt.fingerprint++;
break;
gpg: Add option --with-subkey-fingerprint. * g10/gpg.c (oWithSubkeyFingerprint): New. (opts): Add --with-subkey-fingerprint[s]. (main): Set that option. * g10/options.h (struct opt): Add 'with_subkey_fingerprint'. * g10/keylist.c (list_keyblock_print): Print subkey fingerprint. (print_fingerprint): Tweak printing to use compact format if desirable. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-06 16:55:03 +02:00
case oWithSubkeyFingerprint:
opt.with_subkey_fingerprint = 1;
break;
gpg: Add option to print fingerprints in ICAO spelling. * g10/gpg.c: Add option --with-icao-spelling. * g10/options.h (struct opt): Add with_icao_spelling. * g10/keylist.c (print_icao_hexdigit): New. (print_fingerprint): Print ICAO spelling. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-23 17:54:05 +01:00
case oWithICAOSpelling:
opt.with_icao_spelling = 1;
break;
Fixed bug#1044. Use of --fingerprint with --with-fingerprint.
2009-05-20 12:23:33 +02:00
case oFingerprint:
opt.fingerprint++;
fpr_maybe_cmd = 1;
break;
Add new option --with-keygrip
2010-10-08 13:11:08 +02:00
case oWithKeygrip:
opt.with_keygrip = 1;
break;
Add new option --with-secret. * g10/gpg.c: Add option --with-secret. * g10/options.h (struct opt): Add field with_secret. * g10/keylist.c (public_key_list): Pass opt.with_secret to list_all and list_one. (list_all, list_one): Add arg mark_secret. (list_keyblock_colon): Add arg has_secret. * sm/gpgsm.c: Add option --with-secret. * sm/server.c (option_handler): Add option "with-secret". * sm/gpgsm.h (server_control_s): Add field with_secret. * sm/keylist.c (list_cert_colon): Take care of with_secret. Also move the token string from the wrong field 14 to 15. -- This option is useful for key managers which need to know whether a key has a secret key. This change allows to collect this information in one pass.
2014-06-03 21:35:59 +02:00
case oWithSecret:
opt.with_secret = 1;
break;
gpg: Add experimental AKL method "wkd" and option --with-wkd-hash. * g10/getkey.c (parse_auto_key_locate): Add method "wkd". (get_pubkey_byname): Implement that method. Also rename a variable. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New. * g10/keyserver.c (keyserver_import_wkd): New. * g10/test-stubs.c (keyserver_import_wkd): Add stub. * g10/gpgv.c (keyserver_import_wkd): Ditto. * g10/options.h (opt): Add field 'with_wkd_hash'. (AKL_WKD): New. * g10/gpg.c (oWithWKDHash): New. (opts): Add option --with-wkd-hash. (main): Set that option. * g10/keylist.c (list_keyblock_print): Implement that option. -- The Web Key Directory is an experimental feature to retrieve a key via https. It is similar to OpenPGP DANE but also uses an encryption to reveal less information about a key lookup. For example the URI to lookup the key for Joe.Doe@Example.ORG is: https://example.org/.well-known/openpgpkey/ hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q (line has been wrapped for rendering purposes). The hash is a z-Base-32 encoded SHA-1 hash of the mail address' local-part. The address wk@gnupg.org can be used for testing. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:34:29 +02:00
case oWithWKDHash:
opt.with_wkd_hash = 1;
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oSecretKeyring:
Decryption and signi via agent is now implemented.
2010-04-23 13:36:59 +02:00
/* Ignore this old option. */
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
break;
Decryption and signi via agent is now implemented.
2010-04-23 13:36:59 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oOptions:
/* config files may not be nested (silently ignore them) */
if( !configfp ) {
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(configname);
configname = xstrdup(pargs.r.ret_str);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
goto next_pass;
}
break;
case oNoArmor: opt.no_armor=1; opt.armor=0; break;
gpg: New option --no-keyring. * g10/gpg.c (oNoKeyring): New. (opts): Add "--no-keyring". (main): Do not register any keyring if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 15:33:40 +02:00
case oNoDefKeyring:
if (default_keyring > 0)
default_keyring = 0;
break;
case oNoKeyring:
default_keyring = -1;
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oNoGreeting: nogreeting = 1; break;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oNoVerbose:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
opt.verbose = 0;
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
opt.list_sigs=0;
break;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oQuickRandom:
Migrated more stuff to doc/ Migrated the gpg regression tests. Some changes tp the gpg code to fix bugs and for the use in testing. make distcheck works now with gpg enabled.
2006-08-21 22:20:23 +02:00
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
break;
gpg: Change armor Version header to emit only the major version. * g10/options.h (opt): Rename field no_version to emit_version. * g10/gpg.c (main): Init opt.emit_vesion to 1. Change --emit-version to bump up opt.emit_version. * g10/armor.c (armor_filter): Implement different --emit-version values. -- GnuPG-bug-id: 1572 Signed-off-by: Werner Koch <wk@gnupg.org>
2013-11-27 09:20:02 +01:00
case oEmitVersion: opt.emit_version++; break;
case oNoEmitVersion: opt.emit_version=0; break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break;
case oMarginalsNeeded: opt.marginals_needed = pargs.r.ret_int; break;
case oMaxCertDepth: opt.max_cert_depth = pargs.r.ret_int; break;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oTrustDBName: trustdb_name = pargs.r.ret_str; break;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif /*!NO_TRUST_MODELS*/
gpg: Allow multiple --default-key options. Take the last available key. * g10/getkey.c (parse_def_secret_key): New function. (get_seckey_default): Add parameter ctrl. Update callers. Use parse_def_secret_key to get the default secret key, if any. (getkey_byname): Likewise. (enum_secret_keys): Likewise. * g10/options.h (opt): Change def_secret_key's type from a char * to a strlist_t. * g10/gpg.c (main): When processing --default-key, add the key to OPT.DEF_SECRET_KEY. * g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers. * g10/mainproc.c (proc_pubkey_enc): Likewise. (do_proc_packets): Likewise. * g10/pkclist.c (default_recipient): Likewise. * g10/pubkey-enc.c (get_session_key): Likewise. * g10/sign.c (clearsign_file): Likewise. (sign_symencrypt_file): Likewise. * g10/skclist.c (build_sk_list): Likewise. * g10/test-stubs.c (get_session_key): Likewise. -- Signed-off-by: Neal H. Walield <neal@g10code.com> GnuPG-bug-id: 806
2015-11-03 23:15:27 +01:00
case oDefaultKey:
gpg: Check for ambiguous or non-matching key specs. * g10/gpg.c (check_user_ids): New function. (main): Check that any user id specifications passed to --local-user and --remote-user correspond to exactly 1 user. Check that any user id specifications passed to --default-key correspond to at most 1 user. Warn if any user id specifications passed to --local-user or --default-user are possible ambiguous (are not specified by long keyid or fingerprint). * g10/getkey.c (parse_def_secret_key): Don't warn about possible ambiguous key descriptions here. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1128 Debian-debug-id: 544490
2015-11-05 17:29:53 +01:00
sl = add_to_strlist (&opt.def_secret_key, pargs.r.ret_str);
gpg: Do not pre-check keys given on the command line. * g10/keydb.h (PK_LIST_ENCRYPT_TO, PK_LIST_HIDDEN, PK_LIST_CONFIG) (PK_LIST_SHIFT): New. * g10/pkclist.c (build_pk_list): Use them here. * g10/gpg.c (check_user_ids, main): Ditto. * g10/gpg.c (main): Set PK_LIST_CONFIG for REMUSR and LOCUSR. (check_user_ids): Skip check for command line specified options. -- If a key has been given on the command line and it has not been given by one of the encrypt-to options, we now skip the checks. The reason is that the actual key selection code does its own checks and provides proper status message to the caller to detect the wrong keys. Without this we would break most frontends because they expect for example STATUS_INV_RECP. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 08:56:02 +01:00
sl->flags = (pargs.r_opt << PK_LIST_SHIFT);
gpg: Mark more options as coming from the config file (when this holds) * g10/gpg.c (main): When --default-key or --encrypt-to-default-key is taken from the config file, note this. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Regression-due-to: 28311d1
2015-12-17 10:44:55 +01:00
if (configfp)
sl->flags |= PK_LIST_CONFIG;
gpg: Allow multiple --default-key options. Take the last available key. * g10/getkey.c (parse_def_secret_key): New function. (get_seckey_default): Add parameter ctrl. Update callers. Use parse_def_secret_key to get the default secret key, if any. (getkey_byname): Likewise. (enum_secret_keys): Likewise. * g10/options.h (opt): Change def_secret_key's type from a char * to a strlist_t. * g10/gpg.c (main): When processing --default-key, add the key to OPT.DEF_SECRET_KEY. * g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers. * g10/mainproc.c (proc_pubkey_enc): Likewise. (do_proc_packets): Likewise. * g10/pkclist.c (default_recipient): Likewise. * g10/pubkey-enc.c (get_session_key): Likewise. * g10/sign.c (clearsign_file): Likewise. (sign_symencrypt_file): Likewise. * g10/skclist.c (build_sk_list): Likewise. * g10/test-stubs.c (get_session_key): Likewise. -- Signed-off-by: Neal H. Walield <neal@g10code.com> GnuPG-bug-id: 806
2015-11-03 23:15:27 +01:00
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oDefRecipient:
Migrated more stuff to doc/ Migrated the gpg regression tests. Some changes tp the gpg code to fix bugs and for the use in testing. make distcheck works now with gpg enabled.
2006-08-21 22:20:23 +02:00
if( *pargs.r.ret_str )
gpg: Eliminate a memory leak. * g10/gpg.c (main): Don't leak OPT.DEF_RECIPIENT. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-10-29 09:57:00 +01:00
{
xfree (opt.def_recipient);
opt.def_recipient = make_username(pargs.r.ret_str);
}
Migrated more stuff to doc/ Migrated the gpg regression tests. Some changes tp the gpg code to fix bugs and for the use in testing. make distcheck works now with gpg enabled.
2006-08-21 22:20:23 +02:00
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oDefRecipientSelf:
Migrated more stuff to doc/ Migrated the gpg regression tests. Some changes tp the gpg code to fix bugs and for the use in testing. make distcheck works now with gpg enabled.
2006-08-21 22:20:23 +02:00
xfree(opt.def_recipient); opt.def_recipient = NULL;
opt.def_recipient_self = 1;
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oNoDefRecipient:
Migrated more stuff to doc/ Migrated the gpg regression tests. Some changes tp the gpg code to fix bugs and for the use in testing. make distcheck works now with gpg enabled.
2006-08-21 22:20:23 +02:00
xfree(opt.def_recipient); opt.def_recipient = NULL;
opt.def_recipient_self = 0;
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */
case oHomedir: break;
case oNoBatch: opt.batch = 0; break;
Add command --locate-key. Fix auto-key-locate processing of "nodefault".
2008-05-07 17:40:36 +02:00
gpg: New option --with-tofu-info. * g10/gpg.c (oWithTofuInfo): New. (opts): Add --with-tofu-info. (main): Set opt.with_tofu_info. * g10/options.h (struct opt): Add field WITH_TOFU_INFO. * g10/tofu.c (show_statistics): Add optional arg OUTFP and enter special mode if not NULL. Change all callers. (tofu_write_tfs_record): New. * g10/keylist.c (list_keyblock_colon): Do not print the tofu policy as part of the "uid" record. Print a new "tfs" record if the new option is set. * tests/openpgp/tofu.scm (getpolicy): Change from UID to TFS record. -- A separate option is required to avoid slowing down key listings. Foer example the current code takes for a keylisting in tofu+pgp mode 17 seconds while it takes more than 5 minutes if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 09:26:36 +02:00
case oWithTofuInfo: opt.with_tofu_info = 1; break;
Add command --locate-key. Fix auto-key-locate processing of "nodefault".
2008-05-07 17:40:36 +02:00
case oWithKeyData: opt.with_key_data=1; /*FALLTHRU*/
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oWithColons: opt.with_colons=':'; break;
Add command --locate-key. Fix auto-key-locate processing of "nodefault".
2008-05-07 17:40:36 +02:00
case oWithSigCheck: opt.check_sigs = 1; /*FALLTHRU*/
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oWithSigList: opt.list_sigs = 1; break;
Add command --locate-key. Fix auto-key-locate processing of "nodefault".
2008-05-07 17:40:36 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oSkipVerify: opt.skip_verify=1; break;
Add gpgconf related dummy options default_pubkey_algo. Add option --skip-hidden-recipients Comment updates.
2009-11-23 20:18:04 +01:00
case oSkipHiddenRecipients: opt.skip_hidden_recipients = 1; break;
case oNoSkipHiddenRecipients: opt.skip_hidden_recipients = 0; break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* There are many programs (like mutt) that call gpg with
--always-trust so keep this option around for a long
time. */
case oAlwaysTrust: opt.trust_model=TM_ALWAYS; break;
case oTrustModel:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
parse_trust_model(pargs.r.ret_str);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif /*!NO_TRUST_MODELS*/
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
case oTOFUDefaultPolicy:
opt.tofu_default_policy = parse_tofu_policy (pargs.r.ret_str);
break;
case oTOFUDBFormat:
gpg: Remove tofu database format "split". * g10/options.h (struct opt): Remove field tofu_db_format. * g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and tofu.batch_update_started. * g10/gpg.c (parse_tofu_db_format): Remove. (main): Make option --tofu-db-format obsolete. * g10/tofu.c: Major rework. Remove the pretty complicated and slower split format and with that all the caching. Use the dbs struct directly. Move global vars for batch update into CTRL. Change calling conventions of some function to take CTRL or DBS pointers instead of the former low-level database pointer. -- The split database format might have been nice for use with Unison but it bypasses the concept of a relational database by doing parts of this itself and also risking deadlocks. Working with the Tofu database for debugging or experiments is also not possible with parts of the database logic implemented in gpg. The Tofu support is quite new and we can assume that it is not in real use now. Thus we better remove that now so that we do not need to maintain it for all future. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-05 14:40:36 +02:00
obsolete_option (configname, configlineno, "tofu-db-format");
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
break;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oForceOwnertrust:
Use a unique capitalization for "Note:". --
2014-10-10 15:29:42 +02:00
log_info(_("Note: %s is not for normal use!\n"),
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
"--force-ownertrust");
opt.force_ownertrust=string_to_trust_value(pargs.r.ret_str);
if(opt.force_ownertrust==-1)
{
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error("invalid ownertrust '%s'\n",pargs.r.ret_str);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
opt.force_ownertrust=0;
}
break;
case oLoadExtension:
First steps towards supporting W32. This is mainly source code reorganization. Update gnulib. g10/ does currently not build.
2007-06-06 20:12:30 +02:00
/* Dummy so that gpg 1.4 conf files can work. Should
eventually be removed. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
case oCompliance:
set_compliance_option (parse_compliance_option (pargs.r.ret_str));
break;
case oOpenPGP:
case oRFC2440:
case oRFC4880:
gpg: New option --rfc4880bis. * g10/options.h (struct opt): Add field flags.rfc4880bis. * g10/gpg.c (oRFC4880bis): new. (opts): add --rfc4880bis. (main): Implement that and print a warning. -- This is option enables experimental features which may be dropped or changed with the next release. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 22:19:23 +02:00
case oRFC4880bis:
gpg: New option --compliance. * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 13:03:29 +01:00
case oPGP6:
case oPGP7:
case oPGP8:
case oGnuPG:
set_compliance_option (pargs.r_opt);
break;
case oRFC2440Text: opt.rfc2440_text=1; break;
case oNoRFC2440Text: opt.rfc2440_text=0; break;
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
case oSetFilename:
if(utf8_strings)
opt.set_filename = pargs.r.ret_str;
else
opt.set_filename = native_to_utf8(pargs.r.ret_str);
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oForYourEyesOnly: eyes_only = 1; break;
case oNoForYourEyesOnly: eyes_only = 0; break;
case oSetPolicyURL:
add_policy_url(pargs.r.ret_str,0);
add_policy_url(pargs.r.ret_str,1);
break;
case oSigPolicyURL: add_policy_url(pargs.r.ret_str,0); break;
case oCertPolicyURL: add_policy_url(pargs.r.ret_str,1); break;
case oShowPolicyURL:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
deprecated_warning(configname,configlineno,"--show-policy-url",
"--list-options ","show-policy-urls");
deprecated_warning(configname,configlineno,"--show-policy-url",
"--verify-options ","show-policy-urls");
opt.list_options|=LIST_SHOW_POLICY_URLS;
opt.verify_options|=VERIFY_SHOW_POLICY_URLS;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oNoShowPolicyURL:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
deprecated_warning(configname,configlineno,"--no-show-policy-url",
"--list-options ","no-show-policy-urls");
deprecated_warning(configname,configlineno,"--no-show-policy-url",
"--verify-options ","no-show-policy-urls");
opt.list_options&=~LIST_SHOW_POLICY_URLS;
opt.verify_options&=~VERIFY_SHOW_POLICY_URLS;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
case oSigKeyserverURL: add_keyserver_url(pargs.r.ret_str,0); break;
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
case oUseEmbeddedFilename:
opt.flags.use_embedded_filename=1;
break;
case oNoUseEmbeddedFilename:
opt.flags.use_embedded_filename=0;
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oComment:
if(pargs.r.ret_str[0])
append_to_strlist(&opt.comments,pargs.r.ret_str);
break;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
case oDefaultComment:
deprecated_warning(configname,configlineno,
"--default-comment","--no-comments","");
/* fall through */
case oNoComments:
free_strlist(opt.comments);
opt.comments=NULL;
break;
gpg: Remove option aliases --[no-]throw-keyid and --notation-data. * g10/gpg.c (opts): Remove them. * g10/options.h (opt): s/throw_keyid/throw_keyids/ and change users. -- See mails starting http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029128.html
2014-12-03 11:28:10 +01:00
case oThrowKeyids: opt.throw_keyids = 1; break;
case oNoThrowKeyids: opt.throw_keyids = 0; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oShowPhotos:
deprecated_warning(configname,configlineno,"--show-photos",
"--list-options ","show-photos");
deprecated_warning(configname,configlineno,"--show-photos",
"--verify-options ","show-photos");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
opt.list_options|=LIST_SHOW_PHOTOS;
opt.verify_options|=VERIFY_SHOW_PHOTOS;
break;
case oNoShowPhotos:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
deprecated_warning(configname,configlineno,"--no-show-photos",
"--list-options ","no-show-photos");
deprecated_warning(configname,configlineno,"--no-show-photos",
"--verify-options ","no-show-photos");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
opt.list_options&=~LIST_SHOW_PHOTOS;
opt.verify_options&=~VERIFY_SHOW_PHOTOS;
break;
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
gpg: Remove all support for v3 keys and always create v4-signatures. * g10/build-packet.c (do_key): Remove support for building v3 keys. * g10/parse-packet.c (read_protected_v3_mpi): Remove. (parse_key): Remove support for v3-keys. Add dedicated warnings for v3-key packets. * g10/keyid.c (hash_public_key): Remove v3-key support. (keyid_from_pk): Ditto. (fingerprint_from_pk): Ditto. * g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs. * g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs, oForceV4Certs, oNoForceV4Certs. (opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs, --no-force-v4-certs int dummy options. (main): Remove setting of the force_v3_sigs force_v4_certs flags. * g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs. * g10/sign.c (hash_uid): Remove support for v3-signatures (hash_sigversion_to_magic): Ditto. (only_old_style): Remove this v3-key function. (write_signature_packets): Remove support for creating v3-signatures. (sign_file): Ditto. (sign_symencrypt_file): Ditto. (clearsign_file): Ditto. Remove code to emit no Hash armor line if only v3-keys are used. (make_keysig_packet): Remove arg SIGVERSION and force using v4-signatures. Change all callers to not pass a value for this arg. Remove all v3-key related code. (update_keysig_packet): Remove v3-signature support. * g10/keyedit.c (sign_uids): Always create v4-signatures. * g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and change caller. -- v3 keys are deprecated for about 15 years and due the severe weaknesses of MD5 it does not make any sense to keep code around to use these old and broken keys. Users who need to decrypt old messages should use gpg 1.4 and best re-encrypt them to modern standards. verification of old (i.e. PGP2) created signatures is thus also not anymore possible but such signatures have no values anyway - MD5 is just too broken. We have also kept support for v3 signatures until now. With the removal of support for v3 keys it is questionable whether it makes any sense to keep support for v3-signatures. What we do now is to keep support for verification of v3-signatures but we force the use of v4-signatures. The latter makes the --pgp6 and --pgp7 switch a bit obsolete because those PGP versions require v3-signatures for messages. These versions of PGP are also really old and not anymore maintained so they have not received any bug fixes and should not be used anyway. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-12 20:07:12 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oForceMDC: opt.force_mdc = 1; break;
case oNoForceMDC: opt.force_mdc = 0; break;
case oDisableMDC: opt.disable_mdc = 1; break;
case oNoDisableMDC: opt.disable_mdc = 0; break;
gpg: New option --disable-signer-uid, create Signer's UID sub-packet. * g10/gpg.c (oDisableSignerUID): New. (opts): New option '--disable-signer-uid'. (main): Set option. * g10/options.h (opt): Add field flags.disable_signer_uid. * g10/sign.c: Include mbox-util.h. (mk_notation_policy_etc): Embed the signer's uid. * g10/mainproc.c (check_sig_and_print): Do not use WKD for auto key retrieval if --disable-signer-uid is used. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-13 11:24:09 +02:00
case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oS2KMode: opt.s2k_mode = pargs.r.ret_int; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break;
case oS2KCipher: s2k_cipher_string = xstrdup(pargs.r.ret_str); break;
* parse-packet.c (parse_symkeyenc): Show the unpacked as well as the packed s2k iteration count. * main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c (hash_passphrase): Add --s2k-count option to specify the number of s2k hash iterations.
2006-10-13 06:06:24 +02:00
case oS2KCount:
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
if (pargs.r.ret_int)
opt.s2k_count = encode_s2k_iterations (pargs.r.ret_int);
else
opt.s2k_count = 0; /* Auto-calibrate when needed. */
* parse-packet.c (parse_symkeyenc): Show the unpacked as well as the packed s2k iteration count. * main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c (hash_passphrase): Add --s2k-count option to specify the number of s2k hash iterations.
2006-10-13 06:06:24 +02:00
break;
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
case oRecipient:
case oHiddenRecipient:
case oRecipientFile:
case oHiddenRecipientFile:
/* Store the recipient. Note that we also store the
* option as private data in the flags. This is achieved
* by shifting the option value to the left so to keep
* enough space for the flags. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
sl = add_to_strlist2( &remusr, pargs.r.ret_str, utf8_strings );
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
sl->flags = (pargs.r_opt << PK_LIST_SHIFT);
gpg: Do not pre-check keys given on the command line. * g10/keydb.h (PK_LIST_ENCRYPT_TO, PK_LIST_HIDDEN, PK_LIST_CONFIG) (PK_LIST_SHIFT): New. * g10/pkclist.c (build_pk_list): Use them here. * g10/gpg.c (check_user_ids, main): Ditto. * g10/gpg.c (main): Set PK_LIST_CONFIG for REMUSR and LOCUSR. (check_user_ids): Skip check for command line specified options. -- If a key has been given on the command line and it has not been given by one of the encrypt-to options, we now skip the checks. The reason is that the actual key selection code does its own checks and provides proper status message to the caller to detect the wrong keys. Without this we would break most frontends because they expect for example STATUS_INV_RECP. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 08:56:02 +01:00
if (configfp)
sl->flags |= PK_LIST_CONFIG;
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
if (pargs.r_opt == oHiddenRecipient
|| pargs.r_opt == oHiddenRecipientFile)
sl->flags |= PK_LIST_HIDDEN;
if (pargs.r_opt == oRecipientFile
|| pargs.r_opt == oHiddenRecipientFile)
sl->flags |= PK_LIST_FROM_FILE;
any_explicit_recipient = 1;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
case oEncryptTo:
case oHiddenEncryptTo:
/* Store an additional recipient. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
sl = add_to_strlist2( &remusr, pargs.r.ret_str, utf8_strings );
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
sl->flags = ((pargs.r_opt << PK_LIST_SHIFT) | PK_LIST_ENCRYPT_TO);
gpg: Do not pre-check keys given on the command line. * g10/keydb.h (PK_LIST_ENCRYPT_TO, PK_LIST_HIDDEN, PK_LIST_CONFIG) (PK_LIST_SHIFT): New. * g10/pkclist.c (build_pk_list): Use them here. * g10/gpg.c (check_user_ids, main): Ditto. * g10/gpg.c (main): Set PK_LIST_CONFIG for REMUSR and LOCUSR. (check_user_ids): Skip check for command line specified options. -- If a key has been given on the command line and it has not been given by one of the encrypt-to options, we now skip the checks. The reason is that the actual key selection code does its own checks and provides proper status message to the caller to detect the wrong keys. Without this we would break most frontends because they expect for example STATUS_INV_RECP. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 08:56:02 +01:00
if (configfp)
sl->flags |= PK_LIST_CONFIG;
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
if (pargs.r_opt == oHiddenEncryptTo)
sl->flags |= PK_LIST_HIDDEN;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
gpg: New options --recipient-file and --hidden-recipient-file. * g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New. (opts): Add options --recipient-file and --hidden-recipient-file. (main): Implement them. Also remove duplicate code from similar options. * g10/keydb.h (PK_LIST_FROM_FILE): New. (PK_LIST_SHIFT): Bump up. * g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE. (find_and_check_key): Add and implement arg FROM_FILE. (build_pk_list): Pass new value for new arg. * g10/getkey.c (get_pubkey_fromfile): New. * g10/gpgv.c (read_key_from_file): New stub. * g10/test-stubs.c (read_key_from_file): New stub. * g10/server.c (cmd_recipient): Add flag --file. * g10/import.c (read_key_from_file): New. * tests/openpgp/defs.scm (key-file1): New. (key-file2): New. * tests/openpgp/setup.scm: Add their private keys and import the key-file1. * tests/openpgp/encrypt.scm: Add new test. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 14:03:50 +02:00
case oNoEncryptTo:
opt.no_encrypt_to = 1;
break;
gpg: Add --encrypt-to-default-key. * g10/getkey.c (parse_def_secret_key): Drop the static qualifier and export the function. * g10/gpg.c (enum cmd_and_opt_values): Add value oEncryptToDefaultKey. (opts): Handle oEncryptToDefaultKey. (main): Likewise. * g10/options.h (opt): Add field encrypt_to_default_key. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 807
2015-11-03 23:39:46 +01:00
case oEncryptToDefaultKey:
gpg: Mark more options as coming from the config file (when this holds) * g10/gpg.c (main): When --default-key or --encrypt-to-default-key is taken from the config file, note this. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Regression-due-to: 28311d1
2015-12-17 10:44:55 +01:00
opt.encrypt_to_default_key = configfp ? 2 : 1;
gpg: Add --encrypt-to-default-key. * g10/getkey.c (parse_def_secret_key): Drop the static qualifier and export the function. * g10/gpg.c (enum cmd_and_opt_values): Add value oEncryptToDefaultKey. (opts): Handle oEncryptToDefaultKey. (main): Likewise. * g10/options.h (opt): Add field encrypt_to_default_key. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 807
2015-11-03 23:39:46 +01:00
break;
More agent support for gpg.
2010-10-13 17:57:08 +02:00
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oTrySecretKey:
More agent support for gpg.
2010-10-13 17:57:08 +02:00
add_to_strlist2 (&opt.secret_keys_to_try,
pargs.r.ret_str, utf8_strings);
break;
gpg: New option --mimemode. * g10/gpg.c (oMimemode): New. (opts): Add --mimemode. (main): Use --mimemode only in rfc4880bis compliance mode. * g10/options.h (struct opt): Add field "mimemode". * g10/build-packet.c (do_plaintext): Allow for mode 'm'. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested. * g10/plaintext.c (handle_plaintext): Handle 'm' mode. * g10/sign.c (write_plaintext_packet): Handle 'm' mode. (sign_file, sign_symencrypt_file): Use 'm' if requested. -- Thsi patch prepares for a proposed change in RFC4880bis to support a MIME flag. A literal data packet with the mime flag set is handled like a 't' or 'u' but CR are not removed. The PLAINTEXT status line will also indicate a MIME content. If --mimemode is used without --rfc4880bis 't' will be used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 13:31:12 +02:00
case oMimemode: opt.mimemode = opt.textmode = 1; break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oTextmodeShort: opt.textmode = 2; break;
case oTextmode: opt.textmode=1; break;
gpg: New option --mimemode. * g10/gpg.c (oMimemode): New. (opts): Add --mimemode. (main): Use --mimemode only in rfc4880bis compliance mode. * g10/options.h (struct opt): Add field "mimemode". * g10/build-packet.c (do_plaintext): Allow for mode 'm'. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested. * g10/plaintext.c (handle_plaintext): Handle 'm' mode. * g10/sign.c (write_plaintext_packet): Handle 'm' mode. (sign_file, sign_symencrypt_file): Use 'm' if requested. -- Thsi patch prepares for a proposed change in RFC4880bis to support a MIME flag. A literal data packet with the mime flag set is handled like a 't' or 'u' but CR are not removed. The PLAINTEXT status line will also indicate a MIME content. If --mimemode is used without --rfc4880bis 't' will be used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 13:31:12 +02:00
case oNoTextmode: opt.textmode=opt.mimemode=0; break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oExpert: opt.expert = 1; break;
case oNoExpert: opt.expert = 0; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oDefSigExpire:
if(*pargs.r.ret_str!='\0')
{
if(parse_expire_string(pargs.r.ret_str)==(u32)-1)
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error(_("'%s' is not a valid signature expiration\n"),
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
pargs.r.ret_str);
else
opt.def_sig_expire=pargs.r.ret_str;
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oAskSigExpire: opt.ask_sig_expire = 1; break;
case oNoAskSigExpire: opt.ask_sig_expire = 0; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oDefCertExpire:
if(*pargs.r.ret_str!='\0')
{
if(parse_expire_string(pargs.r.ret_str)==(u32)-1)
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error(_("'%s' is not a valid signature expiration\n"),
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
pargs.r.ret_str);
else
opt.def_cert_expire=pargs.r.ret_str;
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oAskCertExpire: opt.ask_cert_expire = 1; break;
case oNoAskCertExpire: opt.ask_cert_expire = 0; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oDefCertLevel: opt.def_cert_level=pargs.r.ret_int; break;
case oMinCertLevel: opt.min_cert_level=pargs.r.ret_int; break;
case oAskCertLevel: opt.ask_cert_level = 1; break;
case oNoAskCertLevel: opt.ask_cert_level = 0; break;
case oLocalUser: /* store the local users */
gpg: Check for ambiguous or non-matching key specs. * g10/gpg.c (check_user_ids): New function. (main): Check that any user id specifications passed to --local-user and --remote-user correspond to exactly 1 user. Check that any user id specifications passed to --default-key correspond to at most 1 user. Warn if any user id specifications passed to --local-user or --default-user are possible ambiguous (are not specified by long keyid or fingerprint). * g10/getkey.c (parse_def_secret_key): Don't warn about possible ambiguous key descriptions here. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1128 Debian-debug-id: 544490
2015-11-05 17:29:53 +01:00
sl = add_to_strlist2( &locusr, pargs.r.ret_str, utf8_strings );
gpg: Do not pre-check keys given on the command line. * g10/keydb.h (PK_LIST_ENCRYPT_TO, PK_LIST_HIDDEN, PK_LIST_CONFIG) (PK_LIST_SHIFT): New. * g10/pkclist.c (build_pk_list): Use them here. * g10/gpg.c (check_user_ids, main): Ditto. * g10/gpg.c (main): Set PK_LIST_CONFIG for REMUSR and LOCUSR. (check_user_ids): Skip check for command line specified options. -- If a key has been given on the command line and it has not been given by one of the encrypt-to options, we now skip the checks. The reason is that the actual key selection code does its own checks and provides proper status message to the caller to detect the wrong keys. Without this we would break most frontends because they expect for example STATUS_INV_RECP. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 08:56:02 +01:00
sl->flags = (pargs.r_opt << PK_LIST_SHIFT);
if (configfp)
sl->flags |= PK_LIST_CONFIG;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
gpg: New option --sender * g10/options.h (struct opt): Add field 'sender_list'. * g10/gpg.c: Include mbox-util.h. (oSender): New. (opts): Add option "--sender". (main): Parse option. -- This option will eventually be used for more advanced purposes. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-18 10:08:34 +02:00
case oSender:
{
char *mbox = mailbox_from_userid (pargs.r.ret_str);
if (!mbox)
log_error (_("\"%s\" is not a proper mail address\n"),
pargs.r.ret_str);
else
{
add_to_strlist (&opt.sender_list, mbox);
xfree (mbox);
}
}
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oCompress:
/* this is the -z command line option */
opt.compress_level = opt.bz2_compress_level = pargs.r.ret_int;
break;
case oCompressLevel: opt.compress_level = pargs.r.ret_int; break;
case oBZ2CompressLevel: opt.bz2_compress_level = pargs.r.ret_int; break;
case oBZ2DecompressLowmem: opt.bz2_decompress_lowmem=1; break;
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
case oPassphrase:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
set_passphrase_from_string(pargs.r.ret_str);
break;
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
case oPassphraseFD:
Translate all file descriptors received from assuan.
2007-07-12 17:28:30 +02:00
pwfd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
case oPassphraseFile:
Minor fixes.
2008-12-09 09:58:02 +01:00
pwfd = open_info_file (pargs.r.ret_str, 0, 1);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
gpg: Add pinentry-mode feature. * g10/gpg.c: Include shareddefs.h. (main): Add option --pinentry-mode. * g10/options.h (struct opt): Add field pinentry_mode. * g10/passphrase.c: Include shareddefs.h. (have_static_passphrase): Take care of loopback pinentry_mode. (read_passphrase_from_fd): Ditto. (get_static_passphrase): New. (passphrase_to_dek_ext): Factor some code out to ... (emit_status_need_passphrase): new. * g10/call-agent.c (start_agent): Send the pinentry mode. (default_inq_cb): Take care of the PASSPHRASE inquiry. Return a proper error code. (agent_pksign): Add args keyid, mainkeyid and pubkey_algo. (agent_pkdecrypt): Ditto. * g10/pubkey-enc.c (get_it): Pass new args. * g10/sign.c (do_sign): Pass new args. * g10/call-agent.c (struct default_inq_parm_s): New. Change all similar structs to reference this one. Change all users and inquire callback to use this struct, instead of NULL or some undefined but not used structs. This change will help to eventually get rid of global variables. -- This new features allows to use gpg without a Pinentry. As a prerequisite the agent must be configured to allow the loopback pinentry mode (option --allow-loopback-pinentry). For example gpg2 --pinentry-mode=loopback FILE.gpg may be used to decrypt FILE.gpg while entering the passphrase on the tty. If batch is used, --passphrase et al. may be used, if --command-fd is used, the passphrase may be provided by another process. Note that there are no try-again prompts in case of a bad passphrase.
2013-02-07 20:37:58 +01:00
case oPassphraseRepeat:
opt.passphrase_repeat = pargs.r.ret_int;
break;
case oPinentryMode:
opt.pinentry_mode = parse_pinentry_mode (pargs.r.ret_str);
if (opt.pinentry_mode == -1)
log_error (_("invalid pinentry mode '%s'\n"), pargs.r.ret_str);
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oCommandFD:
Translate all file descriptors received from assuan.
2007-07-12 17:28:30 +02:00
opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
gpg,common: Make sure that all fd given are valid. * common/sysutils.c (gnupg_fd_valid): New function. * common/sysutils.h (gnupg_fd_valid): New declaration. * common/logging.c (log_set_file): Use the new function. * g10/cpr.c (set_status_fd): Likewise. * g10/gpg.c (main): Likewise. * g10/keylist.c (read_sessionkey_from_fd): Likewise. * g10/passphrase.c (set_attrib_fd): Likewise. * tests/openpgp/Makefile.am (XTESTS): Add the new test. * tests/openpgp/issue2941.scm: New file. -- Consider a situation where the user passes "--status-fd 3" but file descriptor 3 is not open. During the course of executing the rest of the commands, it's possible that gpg itself will open some files, and file descriptor 3 will get allocated. In this situation, the status information will be appended directly to whatever file happens to have landed on fd 3 (the trustdb? the keyring?). This is a potential data destruction issue for all writable file descriptor options: --status-fd --attribute-fd --logger-fd It's also a potential issue for readable file descriptor options, but the risk is merely weird behavior, and not data corruption: --override-session-key-fd --passphrase-fd --command-fd Fixes this by checking whether the fd is valid early on before using it. GnuPG-bug-id: 2941 Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-08 13:49:41 +01:00
if (! gnupg_fd_valid (opt.command_fd))
log_fatal ("command-fd is invalid: %s\n", strerror (errno));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oCommandFile:
Minor fixes.
2008-12-09 09:58:02 +01:00
opt.command_fd = open_info_file (pargs.r.ret_str, 0, 1);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
break;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oCipherAlgo:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
def_cipher_string = xstrdup(pargs.r.ret_str);
break;
case oDigestAlgo:
def_digest_string = xstrdup(pargs.r.ret_str);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oCompressAlgo:
/* If it is all digits, stick a Z in front of it for
later. This is for backwards compatibility with
versions that took the compress algorithm number. */
{
char *pt=pargs.r.ret_str;
while(*pt)
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if (!isascii (*pt) || !isdigit (*pt))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
pt++;
}
if(*pt=='\0')
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
compress_algo_string=xmalloc(strlen(pargs.r.ret_str)+2);
strcpy(compress_algo_string,"Z");
strcat(compress_algo_string,pargs.r.ret_str);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
compress_algo_string = xstrdup(pargs.r.ret_str);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
break;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oCertDigestAlgo:
g10/ does build again.
2006-05-23 18:19:43 +02:00
cert_digest_string = xstrdup(pargs.r.ret_str);
break;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oNoSecmemWarn:
gcry_control (GCRYCTL_DISABLE_SECMEM_WARN);
g10/ does build again.
2006-05-23 18:19:43 +02:00
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oRequireSecmem: require_secmem=1; break;
case oNoRequireSecmem: require_secmem=0; break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oNoPermissionWarn: opt.no_perm_warn=1; break;
case oNoMDCWarn: opt.no_mdc_warn=1; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oDisplayCharset:
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( set_native_charset( pargs.r.ret_str ) )
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error(_("'%s' is not a valid character set\n"),
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
pargs.r.ret_str);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oNotDashEscaped: opt.not_dash_escaped = 1; break;
case oEscapeFrom: opt.escape_from = 1; break;
case oNoEscapeFrom: opt.escape_from = 0; break;
case oLockOnce: opt.lock_once = 1; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oLockNever:
Renamed the lock functions. Also cleaned up the dotlock code for easier readability.
2011-09-23 14:43:58 +02:00
dotlock_disable ();
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oLockMultiple:
#ifndef __riscos__
opt.lock_once = 0;
#else /* __riscos__ */
riscos_not_implemented("lock-multiple");
#endif /* __riscos__ */
break;
case oKeyServer:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
keyserver_spec_t keyserver;
gpg: Remove unused args from a function. * g10/keyserver.c (parse_keyserver_uri): Remove args configname and configlineno. Change all callers. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-05 15:07:23 +01:00
keyserver = parse_keyserver_uri (pargs.r.ret_str, 0);
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
if (!keyserver)
log_error (_("could not parse keyserver URL\n"));
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else
{
gpg: Only use the last specified keyserver. * g10/gpg.c (main): Only use the last specified keyserver. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-03-28 16:55:10 +01:00
/* We only support a single keyserver. Later ones
override earlier ones. (Since we parse the
config file first and then the command line
arguments, the command line takes
precedence.) */
if (opt.keyserver)
free_keyserver_spec (opt.keyserver);
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
opt.keyserver = keyserver;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oKeyServerOptions:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(!parse_keyserver_options(pargs.r.ret_str))
{
if(configname)
log_error(_("%s:%d: invalid keyserver options\n"),
configname,configlineno);
else
log_error(_("invalid keyserver options\n"));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oImportOptions:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(!parse_import_options(pargs.r.ret_str,&opt.import_options,1))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
if(configname)
log_error(_("%s:%d: invalid import options\n"),
configname,configlineno);
else
log_error(_("invalid import options\n"));
}
break;
gpg: New option --import-filter * g10/gpg.c (oImportFilter): New. (opts): Add --import-filter. (main): Handle option. * g10/import.c: Include recsel.h, init.h, and mbox-util.h. (import_keep_uid): New global var. (cleanup_import_globals): New. (parse_and_set_import_filter): New. (filter_getval): New. (apply_keep_uid_filter): New. (import_one): Apply filter if set. -- Funny new option. It can for example be used to export a key with only one user id: gpg --no-options --import --import-options import-export \ --import-filter keep-uid='mbox=wk@gnupg.org' \ < full-key.pub > key-with-one-uid.pub More features will eventually be added. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-01 16:24:04 +02:00
case oImportFilter:
rc = parse_and_set_import_filter (pargs.r.ret_str);
if (rc)
log_error (_("invalid filter option: %s\n"), gpg_strerror (rc));
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oExportOptions:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(!parse_export_options(pargs.r.ret_str,&opt.export_options,1))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
if(configname)
log_error(_("%s:%d: invalid export options\n"),
configname,configlineno);
else
log_error(_("invalid export options\n"));
}
break;
gpg: New option --export-filter * g10/gpg.c (oExportFilter): New. (opts): Add --export-filter. (main): Handle option. * g10/export.c: Include recsel.h, init.h, and mbox-util.h. (export_keep_uid): New global var. (cleanup_export_globals): New. (parse_and_set_export_filter): New. (filter_getval): New. (apply_keep_uid_filter): New. (do_export_stream): Apply filter if set. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-01 16:50:12 +02:00
case oExportFilter:
rc = parse_and_set_export_filter (pargs.r.ret_str);
if (rc)
log_error (_("invalid filter option: %s\n"), gpg_strerror (rc));
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oListOptions:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(!parse_list_options(pargs.r.ret_str))
{
if(configname)
log_error(_("%s:%d: invalid list options\n"),
configname,configlineno);
else
log_error(_("invalid list options\n"));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oVerifyOptions:
{
struct parse_options vopts[]=
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{"show-photos",VERIFY_SHOW_PHOTOS,NULL,
N_("display photo IDs during signature verification")},
{"show-policy-urls",VERIFY_SHOW_POLICY_URLS,NULL,
N_("show policy URLs during signature verification")},
{"show-notations",VERIFY_SHOW_NOTATIONS,NULL,
N_("show all notations during signature verification")},
{"show-std-notations",VERIFY_SHOW_STD_NOTATIONS,NULL,
N_("show IETF standard notations during signature verification")},
{"show-standard-notations",VERIFY_SHOW_STD_NOTATIONS,NULL,
NULL},
{"show-user-notations",VERIFY_SHOW_USER_NOTATIONS,NULL,
N_("show user-supplied notations during signature verification")},
{"show-keyserver-urls",VERIFY_SHOW_KEYSERVER_URLS,NULL,
N_("show preferred keyserver URLs during signature verification")},
{"show-uid-validity",VERIFY_SHOW_UID_VALIDITY,NULL,
N_("show user ID validity during signature verification")},
{"show-unusable-uids",VERIFY_SHOW_UNUSABLE_UIDS,NULL,
N_("show revoked and expired user IDs in signature verification")},
Add new SVN only file README.maint doc/ * gpg.texi (GPG Configuration): Document envvar LANGUAGE. (GPG Configuration Options): Document show-primary-uid-only. g10/ * gpg.c (main): Add verify option show-primary-uid-only. * options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New. * mainproc.c (check_sig_and_print): Implement it. * encr-data.c (decrypt_data): Correctly test for unknown algorithm. * import.c (check_prefs): Ditto. * keyedit.c (show_prefs): Ditto. * mainproc.c (proc_symkey_enc): Ditto.
2007-02-26 21:24:29 +01:00
{"show-primary-uid-only",VERIFY_SHOW_PRIMARY_UID_ONLY,NULL,
N_("show only the primary user ID in signature verification")},
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{"pka-lookups",VERIFY_PKA_LOOKUPS,NULL,
N_("validate signatures with PKA data")},
{"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL,
N_("elevate the trust of signatures with valid PKA data")},
{NULL,0,NULL,NULL}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
};
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(!parse_options(pargs.r.ret_str,&opt.verify_options,vopts,1))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
if(configname)
log_error(_("%s:%d: invalid verify options\n"),
configname,configlineno);
else
log_error(_("invalid verify options\n"));
}
}
break;
case oTempDir: opt.temp_dir=pargs.r.ret_str; break;
case oExecPath:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(set_exec_path(pargs.r.ret_str))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
log_error(_("unable to set exec-path to %s\n"),pargs.r.ret_str);
else
opt.exec_path_set=1;
break;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
case oSetNotation:
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
add_notation_data( pargs.r.ret_str, 0 );
add_notation_data( pargs.r.ret_str, 1 );
break;
case oSigNotation: add_notation_data( pargs.r.ret_str, 0 ); break;
case oCertNotation: add_notation_data( pargs.r.ret_str, 1 ); break;
case oShowNotation:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
deprecated_warning(configname,configlineno,"--show-notation",
"--list-options ","show-notations");
deprecated_warning(configname,configlineno,"--show-notation",
"--verify-options ","show-notations");
opt.list_options|=LIST_SHOW_NOTATIONS;
opt.verify_options|=VERIFY_SHOW_NOTATIONS;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oNoShowNotation:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
deprecated_warning(configname,configlineno,"--no-show-notation",
"--list-options ","no-show-notations");
deprecated_warning(configname,configlineno,"--no-show-notation",
"--verify-options ","no-show-notations");
opt.list_options&=~LIST_SHOW_NOTATIONS;
opt.verify_options&=~VERIFY_SHOW_NOTATIONS;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oUtf8Strings: utf8_strings = 1; break;
case oNoUtf8Strings: utf8_strings = 0; break;
case oDisableCipherAlgo:
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
{
Still making gpg2 work. At least the keyids are now correctly computed again.
2006-05-24 13:12:28 +02:00
int algo = string_to_cipher_algo (pargs.r.ret_str);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gcry_cipher_ctl (NULL, GCRYCTL_DISABLE_ALGO, &algo, sizeof algo);
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oDisablePubkeyAlgo:
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
{
int algo = gcry_pk_map_name (pargs.r.ret_str);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gcry_pk_ctl (GCRYCTL_DISABLE_ALGO, &algo, sizeof algo);
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oNoSigCache: opt.no_sig_cache = 1; break;
case oAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid = 1; break;
case oNoAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid=0; break;
case oAllowFreeformUID: opt.allow_freeform_uid = 1; break;
case oNoAllowFreeformUID: opt.allow_freeform_uid = 0; break;
case oNoLiteral: opt.no_literal = 1; break;
case oSetFilesize: opt.set_filesize = pargs.r.ret_ulong; break;
case oFastListMode: opt.fast_list_mode = 1; break;
Made --fixed-list-mode obsolete.
2008-06-11 10:07:54 +02:00
case oFixedListMode: /* Dummy */ break;
gpg: Change format for the key size in --list-key and --edit-key. * g10/gpg.c (oLegacyListMode, opts, main): Add --legacy-list-mode. * g10/options.h (struct opt): Add field legacy_list_mode. * g10/keydb.h (PUBKEY_STRING_SIZE): New. * g10/keyid.c (pubkey_string): New. * g10/import.c (import_one, import_secret_one): Use pubkey_string. * g10/keylist.c (print_seckey_info): Ditto. (print_pubkey_info, print_card_key_info): Ditto. (list_keyblock_print): Ditto. * g10/mainproc.c (list_node): Ditto. * g10/pkclist.c (do_edit_ownertrust, build_pk_list): Ditto. * g10/keyedit.c (show_key_with_all_names): Ditto. Also change the format. (show_basic_key_info): Ditto. * common/openpgp-oid.c (openpgp_curve_to_oid): Also allow "ed25519". (openpgp_oid_to_curve): Downcase "ed25519" -- For ECC it seems to be better to show the name of the curve and not just the size of the prime field. The curve name does not anymore fit into the "<size><letter>" descriptor (e.g. "2048R") and a fixed length format does not work either. Thus the new format uses "rsa2048" - RSA with 2048 bit "elg1024" - Elgamal with 1024 bit "ed25519" - ECC using the curve Ed25519. "E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4". unless --legacy-list-mode is given. In does not anymore line up nicely in columns thus I expect further changes to this new format. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-02-05 10:37:59 +01:00
case oLegacyListMode: opt.legacy_list_mode = 1; break;
gpg: Remove options --print-dane-records and --print-pka-records. * g10/gpg.c (main): Remove options but print a dedicated warning. * g10/options.h (struct opt): Remove fields 'print_dane_records' and 'print_pka_records'. * g10/keylist.c (list_keyblock): Do not call list_keyblock_pka. (list_keyblock_pka): Remove. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 15:19:36 +02:00
case oPrintPKARecords: print_pka_records = 1; break;
case oPrintDANERecords: print_dane_records = 1; break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oListOnly: opt.list_only=1; break;
case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
case oIgnoreValidFrom: opt.ignore_valid_from = 1; break;
case oIgnoreCrcError: opt.ignore_crc_error = 1; break;
case oIgnoreMDCError: opt.ignore_mdc_error = 1; break;
case oNoRandomSeedFile: use_random_seed = 0; break;
case oAutoKeyRetrieve:
case oNoAutoKeyRetrieve:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(pargs.r_opt==oAutoKeyRetrieve)
opt.keyserver_options.options|=KEYSERVER_AUTO_KEY_RETRIEVE;
else
opt.keyserver_options.options&=~KEYSERVER_AUTO_KEY_RETRIEVE;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case oShowSessionKey: opt.show_session_key = 1; break;
case oOverrideSessionKey:
opt.override_session_key = pargs.r.ret_str;
break;
gpg: New option --override-session-key-fd. * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 09:02:53 +01:00
case oOverrideSessionKeyFD:
ovrseskeyfd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oMergeOnly:
deprecated_warning(configname,configlineno,"--merge-only",
"--import-options ","merge-only");
opt.import_options|=IMPORT_MERGE_ONLY;
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oAllowSecretKeyImport: /* obsolete */ break;
case oTryAllSecrets: opt.try_all_secrets = 1; break;
case oTrustedKey: register_trusted_key( pargs.r.ret_str ); break;
gpg,sm: Merge the two versions of check_special_filename. * sm/gpgsm.c (check_special_filename): Move to .. * common/sysutils.c (check_special_filename): here. Add arg NOTRANSLATE. (allow_special_filenames): New local var. (enable_special_filenames): New public functions. * sm/gpgsm.c (allow_special_filenames): Remove var. (main): Call enable_special_filenames instead of setting the var. (open_read, open_es_fread, open_es_fwrite): Call check_special_filename with 0 for NOTRANSLATE. * common/iobuf.c (special_names_enabled): Remove var. (iobuf_enable_special_filenames): Remove func. (check_special_filename): Remove func. (iobuf_is_pipe_filename): Call new version of the function with NOTRANSLATE set. (do_open): Ditto. * g10/gpg.c (main): Call enable_special_filenames instead of iobuf_enable_special_filenames. * g10/gpgv.c (main): Ditto. -- Note that we keep the iobuf.c:translate_file_handle because it is a bit different (for whatever reasons) than the translate function from sysutils. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-29 16:18:24 +01:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oEnableSpecialFilenames:
gpg,sm: Merge the two versions of check_special_filename. * sm/gpgsm.c (check_special_filename): Move to .. * common/sysutils.c (check_special_filename): here. Add arg NOTRANSLATE. (allow_special_filenames): New local var. (enable_special_filenames): New public functions. * sm/gpgsm.c (allow_special_filenames): Remove var. (main): Call enable_special_filenames instead of setting the var. (open_read, open_es_fread, open_es_fwrite): Call check_special_filename with 0 for NOTRANSLATE. * common/iobuf.c (special_names_enabled): Remove var. (iobuf_enable_special_filenames): Remove func. (check_special_filename): Remove func. (iobuf_is_pipe_filename): Call new version of the function with NOTRANSLATE set. (do_open): Ditto. * g10/gpg.c (main): Call enable_special_filenames instead of iobuf_enable_special_filenames. * g10/gpgv.c (main): Ditto. -- Note that we keep the iobuf.c:translate_file_handle because it is a bit different (for whatever reasons) than the translate function from sysutils. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-29 16:18:24 +01:00
enable_special_filenames ();
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
gpg,sm: Merge the two versions of check_special_filename. * sm/gpgsm.c (check_special_filename): Move to .. * common/sysutils.c (check_special_filename): here. Add arg NOTRANSLATE. (allow_special_filenames): New local var. (enable_special_filenames): New public functions. * sm/gpgsm.c (allow_special_filenames): Remove var. (main): Call enable_special_filenames instead of setting the var. (open_read, open_es_fread, open_es_fwrite): Call check_special_filename with 0 for NOTRANSLATE. * common/iobuf.c (special_names_enabled): Remove var. (iobuf_enable_special_filenames): Remove func. (check_special_filename): Remove func. (iobuf_is_pipe_filename): Call new version of the function with NOTRANSLATE set. (do_open): Ditto. * g10/gpg.c (main): Call enable_special_filenames instead of iobuf_enable_special_filenames. * g10/gpgv.c (main): Ditto. -- Note that we keep the iobuf.c:translate_file_handle because it is a bit different (for whatever reasons) than the translate function from sysutils. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-29 16:18:24 +01:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break;
case oAutoCheckTrustDB: opt.no_auto_check_trustdb=0; break;
case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break;
case oPreservePermissions: opt.preserve_permissions=1; break;
case oDefaultPreferenceList:
opt.def_preference_list = pargs.r.ret_str;
break;
Ported patches from 1.4.x
2006-06-27 16:30:59 +02:00
case oDefaultKeyserverURL:
{
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
keyserver_spec_t keyserver;
gpg: Remove unused args from a function. * g10/keyserver.c (parse_keyserver_uri): Remove args configname and configlineno. Change all callers. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-05 15:07:23 +01:00
keyserver = parse_keyserver_uri (pargs.r.ret_str,1 );
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
if (!keyserver)
log_error (_("could not parse keyserver URL\n"));
Ported patches from 1.4.x
2006-06-27 16:30:59 +02:00
else
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
free_keyserver_spec (keyserver);
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Ported patches from 1.4.x
2006-06-27 16:30:59 +02:00
opt.def_keyserver_url = pargs.r.ret_str;
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oPersonalCipherPreferences:
pers_cipher_list=pargs.r.ret_str;
break;
case oPersonalDigestPreferences:
pers_digest_list=pargs.r.ret_str;
break;
case oPersonalCompressPreferences:
pers_compress_list=pargs.r.ret_str;
break;
A small step for GnuPG but a huge leap for error codes. (Sorry, it does not build currently - I need to check it in to avoid duplicate work.)
2003-06-05 09:14:21 +02:00
case oAgentProgram: opt.agent_program = pargs.r.ret_str; break;
gpg: Add option --dirmngr-program. * g10/gpg.c: Add option --dirmngr-program. * g10/options.h (struct opt): Add field dirmngr_program. * g10/call-dirmngr.c (create_context): Use new var. * dirmngr/dirmngr.c: Include gc-opt-flags.h. (main): Remove GC_OPT_FLAG_*. * tools/gpgconf-comp.c (GC_OPT_FLAG_NO_CHANGE): Move macro to ... * common/gc-opt-flags.h: here.
2014-03-12 18:24:52 +01:00
case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str; break;
gpg: Add option --weak-digest to gpg and gpgv. * g10/options.h: Add additional_weak_digests linked list to opts. * g10/main.h: Declare weakhash linked list struct and additional_weak_digest() function to insert newly-declared weak digests into opts. * g10/misc.c: (additional_weak_digest): New function. (print_digest_algo_note): Check for deprecated digests; use proper gcry_md_algos type. * g10/sig-check.c: (do_check): Reject weak digests in addition to MD5. * g10/gpg.c: Add --weak-digest option to gpg. * doc/gpg.texi: Document gpg --weak-digest option. * g10/gpgv.c: Add --weak-digest option to gpgv. * doc/gpgv.texi: Document gpgv --weak-digest option. -- gpg and gpgv treat signatures made over MD5 as unreliable, unless the user supplies --allow-weak-digests to gpg. Signatures over any other digest are considered acceptable. Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC 4880, the collision-resistance of SHA-1 is weaker than anyone would like it to be. Some operators of high-value targets that depend on OpenPGP signatures may wish to require their signers to use a stronger digest algorithm than SHA1, even if the OpenPGP ecosystem at large cannot deprecate SHA1 entirely today. This changeset adds a new "--weak-digest DIGEST" option for both gpg and gpgv, which makes it straightforward for anyone to treat any signature or certification made over the specified digest as unreliable. This option can be supplied multiple times if the operator wishes to deprecate multiple digest algorithms, and will be ignored completely if the operator supplies --allow-weak-digests (as before). MD5 is still always considered weak, regardless of any further --weak-digest options supplied. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Capitialized some comments, shorted a line in do_check, and changed subject to name the option. -wk
2015-10-18 23:35:32 +02:00
case oWeakDigest:
additional_weak_digest(pargs.r.ret_str);
break;
gpg: Add support for unwrapping the outer level of encryption. * g10/decrypt-data.c (decrypt_data): If OPT.UNWRAP_ENCRYPTION is set, copy the data to the output file instead of continuing to process it. * g10/gpg.c (enum cmd_and_opt_values): Add new value oUnwrap. (opts): Handle oUnwrap. (main): Likewise. * g10/options.h (opt): Add field unwrap_encryption. * g10/plaintext.c (handle_plaintext): Break the output file selection functionality into ... (get_output_file): ... this new function. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1060 Debian-bug-id: 282061
2015-11-05 12:20:42 +01:00
case oUnwrap:
opt.unwrap_encryption = 1;
break;
gpg: Add new option --only-sign-text-ids. * g10/options.h (opt): Add field only_sign_text_ids. * g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs. (opts): Handle oOnlySignTextIDs. (main): Likewise. * g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't select non-text based IDs automatically. (keyedit_menu): Adapt the prompt asking to sign all user ids according to OPT.ONLY_SIGN_TEXT_IDS. * doc/gpg.texi: Document the new option --only-sign-text-ids. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1241 Debian-bug-id: 569702
2015-11-06 13:14:57 +01:00
case oOnlySignTextIDs:
opt.only_sign_text_ids = 1;
break;
Reworked passing of envars to Pinentry.
2009-07-07 12:02:41 +02:00
case oDisplay:
set_opt_session_env ("DISPLAY", pargs.r.ret_str);
break;
case oTTYname:
set_opt_session_env ("GPG_TTY", pargs.r.ret_str);
break;
case oTTYtype:
set_opt_session_env ("TERM", pargs.r.ret_str);
break;
case oXauthority:
set_opt_session_env ("XAUTHORITY", pargs.r.ret_str);
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oLCctype: opt.lc_ctype = pargs.r.ret_str; break;
case oLCmessages: opt.lc_messages = pargs.r.ret_str; break;
Reworked passing of envars to Pinentry.
2009-07-07 12:02:41 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oGroup: add_group(pargs.r.ret_str); break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oUnGroup: rm_group(pargs.r.ret_str); break;
case oNoGroups:
while(opt.grouplist)
{
struct groupitem *iter=opt.grouplist;
free_strlist(iter->values);
opt.grouplist=opt.grouplist->next;
xfree(iter);
}
break;
g10/ does build again.
2006-05-23 18:19:43 +02:00
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oStrict:
case oNoStrict:
g10/ does build again.
2006-05-23 18:19:43 +02:00
/* Not used */
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case oMangleDosFilenames: opt.mangle_dos_filenames = 1; break;
case oNoMangleDosFilenames: opt.mangle_dos_filenames = 0; break;
case oEnableProgressFilter: opt.enable_progress_filter = 1; break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oMultifile: multifile=1; break;
case oKeyidFormat:
if(ascii_strcasecmp(pargs.r.ret_str,"short")==0)
opt.keyid_format=KF_SHORT;
else if(ascii_strcasecmp(pargs.r.ret_str,"long")==0)
opt.keyid_format=KF_LONG;
else if(ascii_strcasecmp(pargs.r.ret_str,"0xshort")==0)
opt.keyid_format=KF_0xSHORT;
else if(ascii_strcasecmp(pargs.r.ret_str,"0xlong")==0)
opt.keyid_format=KF_0xLONG;
gpg: Implement --keyid-format=none. * g10/gpg.c (main): Add option "none" to --keyid-format. * g10/options.h (KF_NONE): New. * g10/keyid.c (format_keyid): Implement that. (keystr): Use format "long" is KF_NONE is in use. (keystr_with_sub): Ditto. * g10/keylist.c (list_keyblock_print): Adjust indentaion for KF_NONE. Factor some code out to ... (print_key_line): new. (print_fingerprint): Add mode 20. * g10/mainproc.c (list_node): Use print_key_line. Replace MAINKEY by flags.primary in the PK. Fix putting a " revoked..." string into the colons format. * g10/pkclist.c (do_edit_ownertrust): Use print_key_line. This slightly changes the putput format. * g10/revoke.c (gen_standard_revoke): Use print_key_line. This may also put "expires: " into the output. -- Due to user experience problems with the keyid and we better allow to show the fingerprint instead. Note that we do not support v3 keys anymore and thus there is no technical need for a user to know the keyid. GnuPG-bug-id: 2379 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-06 16:00:50 +02:00
else if(ascii_strcasecmp(pargs.r.ret_str,"none")==0)
opt.keyid_format = KF_NONE;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error("unknown keyid-format '%s'\n",pargs.r.ret_str);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
break;
case oExitOnStatusWriteError:
opt.exit_on_status_write_error = 1;
break;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case oLimitCardInsertTries:
opt.limit_card_insert_tries = pargs.r.ret_int;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
break;
case oRequireCrossCert: opt.flags.require_cross_cert=1; break;
case oNoRequireCrossCert: opt.flags.require_cross_cert=0; break;
case oAutoKeyLocate:
if(!parse_auto_key_locate(pargs.r.ret_str))
{
if(configname)
log_error(_("%s:%d: invalid auto-key-locate list\n"),
configname,configlineno);
else
log_error(_("invalid auto-key-locate list\n"));
}
break;
case oNoAutoKeyLocate:
release_akl();
break;
gpg: Add build and runtime support for larger RSA keys * configure.ac: Added --enable-large-secmem option. * g10/options.h: Add opt.flags.large_rsa. * g10/gpg.c: Contingent on configure option: adjust secmem size, add gpg --enable-large-rsa, bound to opt.flags.large_rsa. * g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa * doc/gpg.texi: Document --enable-large-rsa. -- This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from STABLE-BRANCH-1-4 against master Some older implementations built and used RSA keys up to 16Kib, but the larger secret keys now fail when used by more recent GnuPG, due to secure memory limitations. Building with ./configure --enable-large-secmem will make gpg capable of working with those secret keys, as well as permitting the use of a new gpg option --enable-large-rsa, which let gpg generate RSA keys up to 8Kib when used with --batch --gen-key. Debian-bug-id: 739424 Minor edits by wk. GnuPG-bug-id: 1732
2014-10-09 22:54:15 +02:00
case oEnableLargeRSA:
#if SECMEM_BUFFER_SIZE >= 65536
opt.flags.large_rsa=1;
#else
if (configname)
log_info("%s:%d: WARNING: gpg not built with large secure "
"memory buffer. Ignoring enable-large-rsa\n",
configname,configlineno);
else
log_info("WARNING: gpg not built with large secure "
"memory buffer. Ignoring --enable-large-rsa\n");
#endif /* SECMEM_BUFFER_SIZE >= 65536 */
break;
case oDisableLargeRSA: opt.flags.large_rsa=0;
break;
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
case oEnableDSA2: opt.flags.dsa2=1; break;
case oDisableDSA2: opt.flags.dsa2=0; break;
Ported multiple-messages protection.
2007-03-05 15:56:31 +01:00
case oAllowMultisigVerification:
case oAllowMultipleMessages:
opt.flags.allow_multiple_messages=1;
break;
case oNoAllowMultipleMessages:
opt.flags.allow_multiple_messages=0;
break;
gpg: Reject signatures made with MD5. * g10/gpg.c: Add option --allow-weak-digest-algos. (main): Set option also in PGP2 mode. * g10/options.h (struct opt): Add flags.allow_weak_digest_algos. * g10/sig-check.c (do_check): Reject MD5 signatures. * tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.
2014-03-17 17:54:36 +01:00
case oAllowWeakDigestAlgos:
opt.flags.allow_weak_digest_algos = 1;
break;
Implement --faked-systrem-time for gpg. Typo and comment fixes.
2009-12-17 18:25:26 +01:00
case oFakedSystemTime:
{
gpg: Allow to freeze faked system time. * g10/gpg.c (main): If the parameter for --faked-system-time ends with a '!', freeze time at the specified point. * common/gettime.c (gnupg_set_time): Allow to freeze the time at an arbitrary time instead of only the current time. * doc/gpg.texi: Update documentation for --faked-system-time. -- This patch allows the user to modify the behavior of the --faked-system-time option: by appending a '!' to the parameter, time in GnuPG will be frozen at the specified time, instead of advancing normally from that time onward. Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2017-01-18 18:52:12 +01:00
size_t len = strlen (pargs.r.ret_str);
int freeze = 0;
time_t faked_time;
if (len > 0 && pargs.r.ret_str[len-1] == '!')
{
freeze = 1;
pargs.r.ret_str[len-1] = '\0';
}
faked_time = isotime2epoch (pargs.r.ret_str);
Implement --faked-systrem-time for gpg. Typo and comment fixes.
2009-12-17 18:25:26 +01:00
if (faked_time == (time_t)(-1))
faked_time = (time_t)strtoul (pargs.r.ret_str, NULL, 10);
gpg: Allow to freeze faked system time. * g10/gpg.c (main): If the parameter for --faked-system-time ends with a '!', freeze time at the specified point. * common/gettime.c (gnupg_set_time): Allow to freeze the time at an arbitrary time instead of only the current time. * doc/gpg.texi: Update documentation for --faked-system-time. -- This patch allows the user to modify the behavior of the --faked-system-time option: by appending a '!' to the parameter, time in GnuPG will be frozen at the specified time, instead of advancing normally from that time onward. Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2017-01-18 18:52:12 +01:00
gnupg_set_time (faked_time, freeze);
Implement --faked-systrem-time for gpg. Typo and comment fixes.
2009-12-17 18:25:26 +01:00
}
break;
Add option --no-autostart. * g10/gpg.c: Add option --no-autostart. * sm/gpgsm.c: Ditto. * g10/options.h (opt): Add field autostart. * sm/gpgsm.h (opt): Ditto. * g10/call-agent.c (start_agent): Print note if agent was not autostarted. * sm/call-agent.c (start_agent): Ditto. * g10/call-dirmngr.c (create_context): Likewise. * sm/call-dirmngr.c (start_dirmngr_ext): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-28 09:44:19 +01:00
case oNoAutostart: opt.autostart = 0; break;
gpg: New option --default-new-key-algo. * common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg R_ALGO and change all callers. * common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code. * g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO. * g10/gpg.c (oDefaultNewKeyAlgo): New enum. (opts): New option "--default-new-key-algo". (main): Set the option. * g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace them by ... (DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants. (get_keysize_range): Remove arg R_DEF and return that value instead. Change all callers. (gen_rsa): Use get_keysize_range instead of the removed DEFAULT_STD_KEYSIZE. (parse_key_parameter_part): New function. (parse_key_parameter_string): New function. (quick_generate_keypair): Refactor using parse_key_parameter_string. (generate_keypair): Ditto. (parse_algo_usage_expire): Ditto. -- This new option is intended to be used in the forthcoming --set-profile command of gpgconf. It allows to provide a gpg configuration with custom defaults for a new key using the simple commands which use the default algorithm set. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-02 19:43:36 +01:00
case oDefaultNewKeyAlgo:
opt.def_new_key_algo = pargs.r.ret_str;
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case oNoop: break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
default:
Made arg_parse more readable.
2008-11-12 18:41:49 +01:00
pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
}
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if (configfp)
{
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
fclose( configfp );
configfp = NULL;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* Remember the first config file name. */
if (!save_configname)
save_configname = configname;
else
xfree(configname);
configname = NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
goto next_pass;
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
}
xfree(configname); configname = NULL;
if (log_get_errorcount (0))
g10_exit(2);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* The command --gpgconf-list is pretty simple and may be called
directly after the option parsing. */
if (cmd == aGPGConfList)
{
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
gpgconf_list (save_configname ? save_configname : default_configname);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
g10_exit (0);
}
xfree (save_configname);
2008-02-09 Marcus Brinkmann <marcus@g10code.de> * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
2008-02-09 01:05:55 +01:00
xfree (default_configname);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gpg: Remove options --print-dane-records and --print-pka-records. * g10/gpg.c (main): Remove options but print a dedicated warning. * g10/options.h (struct opt): Remove fields 'print_dane_records' and 'print_pka_records'. * g10/keylist.c (list_keyblock): Do not call list_keyblock_pka. (list_keyblock_pka): Remove. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 15:19:36 +02:00
if (print_dane_records)
log_error ("invalid option \"%s\"; use \"%s\" instead\n",
"--print-dane-records",
"--export-options export-dane");
if (print_pka_records)
log_error ("invalid option \"%s\"; use \"%s\" instead\n",
"--print-pks-records",
"--export-options export-pka");
if (log_get_errorcount (0))
g10_exit(2);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( nogreeting )
greeting = 0;
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
if( greeting )
{
es_fprintf (es_stderr, "%s %s; %s\n",
strusage(11), strusage(13), strusage(14) );
es_fprintf (es_stderr, "%s\n", strusage(15) );
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#ifdef IS_DEVELOPMENT_VERSION
Minor bug fix.
2008-12-09 13:32:53 +01:00
if (!opt.batch)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
const char *s;
Minor bug fix.
2008-12-09 13:32:53 +01:00
if((s=strusage(25)))
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info("%s\n",s);
Minor bug fix.
2008-12-09 13:32:53 +01:00
if((s=strusage(26)))
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info("%s\n",s);
Minor bug fix.
2008-12-09 13:32:53 +01:00
if((s=strusage(27)))
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_info("%s\n",s);
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#endif
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* FIXME: We should use logging to a file only in server mode;
however we have not yet implemetyed that. Thus we try to get
away with --batch as indication for logging to file
required. */
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
if (logfile && opt.batch)
{
log_set_file (logfile);
Call log_set_prefix() with human-readable labels. * agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c * dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c * g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c * tests/gpgscm/main.c, tools/gpg-check-pattern.c * tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c * tools/symcryptrun.c: Invoke log_set_prefix() with human-readable labels. -- Some invocations of log_set_prefix() were done with raw numeric values instead of values that humans can understand. Use symbolic representations instead of numeric for better readability. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-08-12 07:37:57 +02:00
log_set_prefix (NULL, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_TIME | GPGRT_LOG_WITH_PID);
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if (opt.verbose > 2)
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_info ("using character set '%s'\n", get_native_charset ());
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( may_coredump && !opt.quiet )
log_info(_("WARNING: program may create a core file!\n"));
gpg: New option --rfc4880bis. * g10/options.h (struct opt): Add field flags.rfc4880bis. * g10/gpg.c (oRFC4880bis): new. (opts): add --rfc4880bis. (main): Implement that and print a warning. -- This is option enables experimental features which may be dropped or changed with the next release. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 22:19:23 +02:00
if (opt.flags.rfc4880bis)
log_info ("WARNING: using experimental features from RFC4880bis!\n");
gpg: New option --mimemode. * g10/gpg.c (oMimemode): New. (opts): Add --mimemode. (main): Use --mimemode only in rfc4880bis compliance mode. * g10/options.h (struct opt): Add field "mimemode". * g10/build-packet.c (do_plaintext): Allow for mode 'm'. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested. * g10/plaintext.c (handle_plaintext): Handle 'm' mode. * g10/sign.c (write_plaintext_packet): Handle 'm' mode. (sign_file, sign_symencrypt_file): Use 'm' if requested. -- Thsi patch prepares for a proposed change in RFC4880bis to support a MIME flag. A literal data packet with the mime flag set is handled like a 't' or 'u' but CR are not removed. The PLAINTEXT status line will also indicate a MIME content. If --mimemode is used without --rfc4880bis 't' will be used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 13:31:12 +02:00
else
{
opt.mimemode = 0; /* This will use text mode instead. */
}
gpg: New option --rfc4880bis. * g10/options.h (struct opt): Add field flags.rfc4880bis. * g10/gpg.c (oRFC4880bis): new. (opts): add --rfc4880bis. (main): Implement that and print a warning. -- This is option enables experimental features which may be dropped or changed with the next release. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 22:19:23 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if (eyes_only) {
if (opt.set_filename)
log_info(_("WARNING: %s overrides %s\n"),
"--for-your-eyes-only","--set-filename");
opt.set_filename="_CONSOLE";
}
if (opt.no_literal) {
Use a unique capitalization for "Note:". --
2014-10-10 15:29:42 +02:00
log_info(_("Note: %s is not for normal use!\n"), "--no-literal");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if (opt.textmode)
log_error(_("%s not allowed with %s!\n"),
"--textmode", "--no-literal" );
if (opt.set_filename)
log_error(_("%s makes no sense with %s!\n"),
eyes_only?"--for-your-eyes-only":"--set-filename",
"--no-literal" );
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if (opt.set_filesize)
Use a unique capitalization for "Note:". --
2014-10-10 15:29:42 +02:00
log_info(_("Note: %s is not for normal use!\n"), "--set-filesize");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( opt.batch )
tty_batchmode( 1 );
Implement --faked-systrem-time for gpg. Typo and comment fixes.
2009-12-17 18:25:26 +01:00
if (gnupg_faked_time_p ())
{
gnupg_isotime_t tbuf;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Implement --faked-systrem-time for gpg. Typo and comment fixes.
2009-12-17 18:25:26 +01:00
log_info (_("WARNING: running with faked system time: "));
gnupg_get_isotime (tbuf);
dump_isotime (tbuf);
log_printf ("\n");
}
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Print warning for arguments not considered an option. GnuPG requires that options are given before other arguments. This can sometimes be confusing. We now print a warning if we found an argument looking alike a long option without being preceded by the stop option. This is bug#1343. * common/argparse.h (ARGPARSE_FLAG_STOP_SEEN): New. * common/argparse.c (arg_parse): Set new flag. * g10/gpg.c (main): Print the warning. * agent/gpg-agent.c (main): Ditto. * dirmngr/dirmngr.c (main): Ditto. * g13/g13.c (main): Ditto. * scd/scdaemon.c (main): Ditto. * sm/gpgsm.c (main): Ditto. * tools/gpg-connect-agent.c (main): Ditto. * tools/gpgconf.c (main): Ditto.
2012-03-27 12:35:13 +02:00
/* Print a warning if an argument looks like an option. */
if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
{
int i;
for (i=0; i < argc; i++)
if (argv[i][0] == '-' && argv[i][1] == '-')
Use a unique capitalization for "Note:". --
2014-10-10 15:29:42 +02:00
log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
Print warning for arguments not considered an option. GnuPG requires that options are given before other arguments. This can sometimes be confusing. We now print a warning if we found an argument looking alike a long option without being preceded by the stop option. This is bug#1343. * common/argparse.h (ARGPARSE_FLAG_STOP_SEEN): New. * common/argparse.c (arg_parse): Set new flag. * g10/gpg.c (main): Print the warning. * agent/gpg-agent.c (main): Ditto. * dirmngr/dirmngr.c (main): Ditto. * g13/g13.c (main): Ditto. * scd/scdaemon.c (main): Ditto. * sm/gpgsm.c (main): Ditto. * tools/gpg-connect-agent.c (main): Ditto. * tools/gpgconf.c (main): Ditto.
2012-03-27 12:35:13 +02:00
}
Implement --faked-systrem-time for gpg. Typo and comment fixes.
2009-12-17 18:25:26 +01:00
* gpgsm.c (main): Add secmem features and set the random seed file. (gpgsm_exit): Update the random seed file and enable debug output. * g10.c (main): Add secmem features and set the random seed file. (g10_exit): Update the random seed file. * parse-packet.c (parse_signature,read_protected_v3_mpi) (parse_key): Fixed use of mpi_set_opaque. * keygen.c (gen_card_key): Ditto.
2003-07-29 10:53:19 +02:00
gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(require_secmem && !got_secmem)
{
log_info(_("will not run with insecure memory due to %s\n"),
"--require-secmem");
g10_exit(2);
}
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
set_debug (debug_level);
New function log_clock. * common/logging.c (log_clock): New. * g10/gpg.c (set_debug): Print clock debug flag. * g10/options.h (DBG_CLOCK_VALUE, DBG_CLOCK): New. -- To actually use log_clock you need to enable the code in logginc.c:log_check() and link against librt. --debug 4096 may then be used to enable it at runtime.
2013-01-07 16:51:24 +01:00
if (DBG_CLOCK)
log_clock ("start");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* Do these after the switch(), so they can override settings. */
gpg: Remove options --pgp2 and --rfc1991. * g10/gpg.c (oRFC1991, oPGP2): Remove (opts): Remove --pgp2 and --rfc1991. * g10/options.h (CO_PGP2, CO_RFC1991): Remove. Remove all users. (RFC2440, PGP2): Remove. Remove all code only enabled by these conditions. * tests/openpgp/clearsig.test: Remove --rfc1991 test. -- The use of PGP 2.c is considered insecure for quite some time now (e.g. due to the use of MD5). Thus we remove all support for _creating_ PGP 2 compatible messages.
2014-08-12 10:36:30 +02:00
if(PGP6)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Fix typos found using codespell. * agent/cache.c: Fix typos. * agent/call-pinentry.c: Likewise. * agent/call-scd.c: Likewise. * agent/command-ssh.c: Likewise. * agent/command.c: Likewise. * agent/divert-scd.c: Likewise. * agent/findkey.c: Likewise. * agent/gpg-agent.c: Likewise. * agent/w32main.c: Likewise. * common/argparse.c: Likewise. * common/audit.c: Likewise. * common/audit.h: Likewise. * common/convert.c: Likewise. * common/dotlock.c: Likewise. * common/exechelp-posix.c: Likewise. * common/exechelp-w32.c: Likewise. * common/exechelp-w32ce.c: Likewise. * common/exechelp.h: Likewise. * common/helpfile.c: Likewise. * common/i18n.h: Likewise. * common/iobuf.c: Likewise. * common/iobuf.h: Likewise. * common/localename.c: Likewise. * common/logging.c: Likewise. * common/openpgp-oid.c: Likewise. * common/session-env.c: Likewise. * common/sexputil.c: Likewise. * common/sysutils.c: Likewise. * common/t-sexputil.c: Likewise. * common/ttyio.c: Likewise. * common/util.h: Likewise. * dirmngr/cdblib.c: Likewise. * dirmngr/certcache.c: Likewise. * dirmngr/crlcache.c: Likewise. * dirmngr/dirmngr-client.c: Likewise. * dirmngr/dirmngr.c: Likewise. * dirmngr/dirmngr_ldap.c: Likewise. * dirmngr/dns-stuff.c: Likewise. * dirmngr/http.c: Likewise. * dirmngr/ks-engine-hkp.c: Likewise. * dirmngr/ks-engine-ldap.c: Likewise. * dirmngr/ldap-wrapper.c: Likewise. * dirmngr/ldap.c: Likewise. * dirmngr/misc.c: Likewise. * dirmngr/ocsp.c: Likewise. * dirmngr/validate.c: Likewise. * g10/encrypt.c: Likewise. * g10/getkey.c: Likewise. * g10/gpg.c: Likewise. * g10/gpgv.c: Likewise. * g10/import.c: Likewise. * g10/keydb.c: Likewise. * g10/keydb.h: Likewise. * g10/keygen.c: Likewise. * g10/keyid.c: Likewise. * g10/keylist.c: Likewise. * g10/keyring.c: Likewise. * g10/mainproc.c: Likewise. * g10/misc.c: Likewise. * g10/options.h: Likewise. * g10/packet.h: Likewise. * g10/parse-packet.c: Likewise. * g10/pkclist.c: Likewise. * g10/pkglue.c: Likewise. * g10/plaintext.c: Likewise. * g10/server.c: Likewise. * g10/sig-check.c: Likewise. * g10/sqlite.c: Likewise. * g10/tdbio.c: Likewise. * g10/test-stubs.c: Likewise. * g10/tofu.c: Likewise. * g10/trust.c: Likewise. * g10/trustdb.c: Likewise. * g13/create.c: Likewise. * g13/mountinfo.c: Likewise. * kbx/keybox-blob.c: Likewise. * kbx/keybox-file.c: Likewise. * kbx/keybox-init.c: Likewise. * kbx/keybox-search-desc.h: Likewise. * kbx/keybox-search.c: Likewise. * kbx/keybox-update.c: Likewise. * scd/apdu.c: Likewise. * scd/app-openpgp.c: Likewise. * scd/app-p15.c: Likewise. * scd/app.c: Likewise. * scd/ccid-driver.c: Likewise. * scd/command.c: Likewise. * scd/iso7816.c: Likewise. * sm/base64.c: Likewise. * sm/call-agent.c: Likewise. * sm/call-dirmngr.c: Likewise. * sm/certchain.c: Likewise. * sm/gpgsm.c: Likewise. * sm/import.c: Likewise. * sm/keydb.c: Likewise. * sm/minip12.c: Likewise. * sm/qualified.c: Likewise. * sm/server.c: Likewise. * tools/gpg-check-pattern.c: Likewise. * tools/gpgconf-comp.c: Likewise. * tools/gpgkey2ssh.c: Likewise. * tools/gpgparsemail.c: Likewise. * tools/gpgtar.c: Likewise. * tools/rfc822parse.c: Likewise. * tools/symcryptrun.c: Likewise. Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-16 12:41:46 +01:00
/* That does not anymore work because we have no more support
gpg: Remove all support for v3 keys and always create v4-signatures. * g10/build-packet.c (do_key): Remove support for building v3 keys. * g10/parse-packet.c (read_protected_v3_mpi): Remove. (parse_key): Remove support for v3-keys. Add dedicated warnings for v3-key packets. * g10/keyid.c (hash_public_key): Remove v3-key support. (keyid_from_pk): Ditto. (fingerprint_from_pk): Ditto. * g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs. * g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs, oForceV4Certs, oNoForceV4Certs. (opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs, --no-force-v4-certs int dummy options. (main): Remove setting of the force_v3_sigs force_v4_certs flags. * g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs. * g10/sign.c (hash_uid): Remove support for v3-signatures (hash_sigversion_to_magic): Ditto. (only_old_style): Remove this v3-key function. (write_signature_packets): Remove support for creating v3-signatures. (sign_file): Ditto. (sign_symencrypt_file): Ditto. (clearsign_file): Ditto. Remove code to emit no Hash armor line if only v3-keys are used. (make_keysig_packet): Remove arg SIGVERSION and force using v4-signatures. Change all callers to not pass a value for this arg. Remove all v3-key related code. (update_keysig_packet): Remove v3-signature support. * g10/keyedit.c (sign_uids): Always create v4-signatures. * g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and change caller. -- v3 keys are deprecated for about 15 years and due the severe weaknesses of MD5 it does not make any sense to keep code around to use these old and broken keys. Users who need to decrypt old messages should use gpg 1.4 and best re-encrypt them to modern standards. verification of old (i.e. PGP2) created signatures is thus also not anymore possible but such signatures have no values anyway - MD5 is just too broken. We have also kept support for v3 signatures until now. With the removal of support for v3 keys it is questionable whether it makes any sense to keep support for v3-signatures. What we do now is to keep support for verification of v3-signatures but we force the use of v4-signatures. The latter makes the --pgp6 and --pgp7 switch a bit obsolete because those PGP versions require v3-signatures for messages. These versions of PGP are also really old and not anymore maintained so they have not received any bug fixes and should not be used anyway. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-12 20:07:12 +02:00
for v3 signatures. */
* gpg.c (main): --pgp6 includes --disable-mdc.
2009-07-31 16:36:59 +02:00
opt.disable_mdc=1;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
opt.escape_from=1;
opt.ask_sig_expire=0;
}
else if(PGP7)
{
gpg: Remove all support for v3 keys and always create v4-signatures. * g10/build-packet.c (do_key): Remove support for building v3 keys. * g10/parse-packet.c (read_protected_v3_mpi): Remove. (parse_key): Remove support for v3-keys. Add dedicated warnings for v3-key packets. * g10/keyid.c (hash_public_key): Remove v3-key support. (keyid_from_pk): Ditto. (fingerprint_from_pk): Ditto. * g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs. * g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs, oForceV4Certs, oNoForceV4Certs. (opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs, --no-force-v4-certs int dummy options. (main): Remove setting of the force_v3_sigs force_v4_certs flags. * g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs. * g10/sign.c (hash_uid): Remove support for v3-signatures (hash_sigversion_to_magic): Ditto. (only_old_style): Remove this v3-key function. (write_signature_packets): Remove support for creating v3-signatures. (sign_file): Ditto. (sign_symencrypt_file): Ditto. (clearsign_file): Ditto. Remove code to emit no Hash armor line if only v3-keys are used. (make_keysig_packet): Remove arg SIGVERSION and force using v4-signatures. Change all callers to not pass a value for this arg. Remove all v3-key related code. (update_keysig_packet): Remove v3-signature support. * g10/keyedit.c (sign_uids): Always create v4-signatures. * g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and change caller. -- v3 keys are deprecated for about 15 years and due the severe weaknesses of MD5 it does not make any sense to keep code around to use these old and broken keys. Users who need to decrypt old messages should use gpg 1.4 and best re-encrypt them to modern standards. verification of old (i.e. PGP2) created signatures is thus also not anymore possible but such signatures have no values anyway - MD5 is just too broken. We have also kept support for v3 signatures until now. With the removal of support for v3 keys it is questionable whether it makes any sense to keep support for v3-signatures. What we do now is to keep support for verification of v3-signatures but we force the use of v4-signatures. The latter makes the --pgp6 and --pgp7 switch a bit obsolete because those PGP versions require v3-signatures for messages. These versions of PGP are also really old and not anymore maintained so they have not received any bug fixes and should not be used anyway. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-12 20:07:12 +02:00
/* That does not anymore work because we have no more support
for v3 signatures. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
opt.escape_from=1;
opt.ask_sig_expire=0;
}
else if(PGP8)
{
opt.escape_from=1;
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( def_cipher_string ) {
Still making gpg2 work. At least the keyids are now correctly computed again.
2006-05-24 13:12:28 +02:00
opt.def_cipher_algo = string_to_cipher_algo (def_cipher_string);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(def_cipher_string); def_cipher_string = NULL;
if ( openpgp_cipher_test_algo (opt.def_cipher_algo) )
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
log_error(_("selected cipher algorithm is invalid\n"));
}
if( def_digest_string ) {
Still making gpg2 work. At least the keyids are now correctly computed again.
2006-05-24 13:12:28 +02:00
opt.def_digest_algo = string_to_digest_algo (def_digest_string);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(def_digest_string); def_digest_string = NULL;
if ( openpgp_md_test_algo (opt.def_digest_algo) )
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
log_error(_("selected digest algorithm is invalid\n"));
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if( compress_algo_string ) {
opt.compress_algo = string_to_compress_algo(compress_algo_string);
xfree(compress_algo_string); compress_algo_string = NULL;
if( check_compress_algo(opt.compress_algo) )
log_error(_("selected compression algorithm is invalid\n"));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
if( cert_digest_string ) {
Still making gpg2 work. At least the keyids are now correctly computed again.
2006-05-24 13:12:28 +02:00
opt.cert_digest_algo = string_to_digest_algo (cert_digest_string);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(cert_digest_string); cert_digest_string = NULL;
if (openpgp_md_test_algo(opt.cert_digest_algo))
log_error(_("selected certification digest algorithm is invalid\n"));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
if( s2k_cipher_string ) {
Still making gpg2 work. At least the keyids are now correctly computed again.
2006-05-24 13:12:28 +02:00
opt.s2k_cipher_algo = string_to_cipher_algo (s2k_cipher_string);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(s2k_cipher_string); s2k_cipher_string = NULL;
if (openpgp_cipher_test_algo (opt.s2k_cipher_algo))
log_error(_("selected cipher algorithm is invalid\n"));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
if( s2k_digest_string ) {
Still making gpg2 work. At least the keyids are now correctly computed again.
2006-05-24 13:12:28 +02:00
opt.s2k_digest_algo = string_to_digest_algo (s2k_digest_string);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(s2k_digest_string); s2k_digest_string = NULL;
if (openpgp_md_test_algo(opt.s2k_digest_algo))
log_error(_("selected digest algorithm is invalid\n"));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
if( opt.completes_needed < 1 )
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_error(_("completes-needed must be greater than 0\n"));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( opt.marginals_needed < 2 )
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_error(_("marginals-needed must be greater than 1\n"));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( opt.max_cert_depth < 1 || opt.max_cert_depth > 255 )
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_error(_("max-cert-depth must be in the range from 1 to 255\n"));
if(opt.def_cert_level<0 || opt.def_cert_level>3)
log_error(_("invalid default-cert-level; must be 0, 1, 2, or 3\n"));
if( opt.min_cert_level < 1 || opt.min_cert_level > 3 )
log_error(_("invalid min-cert-level; must be 1, 2, or 3\n"));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
switch( opt.s2k_mode ) {
case 0:
Use a unique capitalization for "Note:". --
2014-10-10 15:29:42 +02:00
log_info(_("Note: simple S2K mode (0) is strongly discouraged\n"));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case 1: case 3: break;
default:
log_error(_("invalid S2K mode; must be 0, 1 or 3\n"));
}
/* This isn't actually needed, but does serve to error out if the
string is invalid. */
if(opt.def_preference_list &&
keygen_set_std_prefs(opt.def_preference_list,0))
log_error(_("invalid default preferences\n"));
if(pers_cipher_list &&
keygen_set_std_prefs(pers_cipher_list,PREFTYPE_SYM))
log_error(_("invalid personal cipher preferences\n"));
if(pers_digest_list &&
keygen_set_std_prefs(pers_digest_list,PREFTYPE_HASH))
log_error(_("invalid personal digest preferences\n"));
if(pers_compress_list &&
keygen_set_std_prefs(pers_compress_list,PREFTYPE_ZIP))
log_error(_("invalid personal compress preferences\n"));
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
/* We don't support all possible commands with multifile yet */
if(multifile)
{
char *cmdname;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
switch(cmd)
{
case aSign:
cmdname="--sign";
break;
gpg: Print a better error message for --multifile --sign --encrypt. * g10/gpg.c (main): Print a better error message for --multifile --sign --encrypt. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> GnuPG-bug-id: 1009
2015-11-04 13:27:49 +01:00
case aSignEncr:
cmdname="--sign --encrypt";
break;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
case aClearsign:
g10: Hyphenate --clearsign. * g10/gpg.c (opts): Hyphenate option. * doc/gpg.texi: Update accordingly. * po: Update translations. * tests/openpgp: Update tests. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-23 14:10:07 +02:00
cmdname="--clear-sign";
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
break;
case aDetachedSign:
cmdname="--detach-sign";
break;
case aSym:
cmdname="--symmetric";
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aEncrSym:
cmdname="--symmetric --encrypt";
break;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
case aStore:
cmdname="--store";
break;
default:
cmdname=NULL;
break;
}
if(cmdname)
log_error(_("%s does not yet work with %s\n"),cmdname,"--multifile");
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( log_get_errorcount(0) )
g10_exit(2);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(opt.compress_level==0)
opt.compress_algo=COMPRESS_ALGO_NONE;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* Check our chosen algorithms against the list of legal
algorithms. */
if(!GNUPG)
{
const char *badalg=NULL;
preftype_t badtype=PREFTYPE_NONE;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(opt.def_cipher_algo
&& !algo_available(PREFTYPE_SYM,opt.def_cipher_algo,NULL))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Support DSA2. Support Camellia for testing. More audit stuff.
2007-12-12 11:28:30 +01:00
badalg = openpgp_cipher_algo_name (opt.def_cipher_algo);
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
badtype = PREFTYPE_SYM;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else if(opt.def_digest_algo
&& !algo_available(PREFTYPE_HASH,opt.def_digest_algo,NULL))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
badalg = gcry_md_algo_name (opt.def_digest_algo);
badtype = PREFTYPE_HASH;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else if(opt.cert_digest_algo
&& !algo_available(PREFTYPE_HASH,opt.cert_digest_algo,NULL))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
badalg = gcry_md_algo_name (opt.cert_digest_algo);
badtype = PREFTYPE_HASH;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else if(opt.compress_algo!=-1
&& !algo_available(PREFTYPE_ZIP,opt.compress_algo,NULL))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
badalg = compress_algo_to_string(opt.compress_algo);
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
badtype = PREFTYPE_ZIP;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(badalg)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
switch(badtype)
{
case PREFTYPE_SYM:
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_info(_("you may not use cipher algorithm '%s'"
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
" while in %s mode\n"),
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
badalg,compliance_option_string());
break;
case PREFTYPE_HASH:
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_info(_("you may not use digest algorithm '%s'"
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
" while in %s mode\n"),
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
badalg,compliance_option_string());
break;
case PREFTYPE_ZIP:
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_info(_("you may not use compression algorithm '%s'"
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
" while in %s mode\n"),
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
badalg,compliance_option_string());
break;
default:
BUG();
}
compliance_failure();
}
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* Set the random seed file. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( use_random_seed ) {
Replace use of opt.homedir by accessor functions. * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
char *p = make_filename (gnupg_homedir (), "random_seed", NULL );
* gpgsm.c (main): Add secmem features and set the random seed file. (gpgsm_exit): Update the random seed file and enable debug output. * g10.c (main): Add secmem features and set the random seed file. (g10_exit): Update the random seed file. * parse-packet.c (parse_signature,read_protected_v3_mpi) (parse_key): Fixed use of mpi_set_opaque. * keygen.c (gen_card_key): Ditto.
2003-07-29 10:53:19 +02:00
gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if (!access (p, F_OK))
register_secured_file (p);
xfree(p);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Fixed bug#1044. Use of --fingerprint with --with-fingerprint.
2009-05-20 12:23:33 +02:00
/* If there is no command but the --fingerprint is given, default
to the --list-keys command. */
if (!cmd && fpr_maybe_cmd)
{
set_cmd (&cmd, aListKeys);
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( opt.verbose > 1 )
set_packet_list_mode(1);
gpg: New option --no-keyring. * g10/gpg.c (oNoKeyring): New. (opts): Add "--no-keyring". (main): Do not register any keyring if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 15:33:40 +02:00
/* Add the keyrings, but not for some special commands. We always
* need to add the keyrings if we are running under SELinux, this
* is so that the rings are added to the list of secured files.
* We do not add any keyring if --no-keyring has been used. */
if (default_keyring >= 0
&& (ALWAYS_ADD_KEYRINGS
|| (cmd != aDeArmor && cmd != aEnArmor && cmd != aGPGConfTest)))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
gpg: New option --no-keyring. * g10/gpg.c (oNoKeyring): New. (opts): Add "--no-keyring". (main): Do not register any keyring if the option is used. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-06 15:33:40 +02:00
if (!nrings || default_keyring > 0) /* Add default ring. */
Make use of the *_NAME etc macros. Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt.
2013-11-18 14:09:47 +01:00
keydb_add_resource ("pubring" EXTSEP_S GPGEXT_GPG,
gpg: First patches to support a keybox storage backend. * kbx/keybox-defs.h (_keybox_write_header_blob): Move prototype to .. * kbx/keybox.h: here. * kbx/keybox-init.c (keybox_lock): Add dummy function * g10/keydb.c: Include keybox.h. (KeydbResourceType): Add KEYDB_RESOURCE_TYPE_KEYBOX. (struct resource_item): Add field kb. (maybe_create_keyring_or_box): Add error descriptions to diagnostics. Add arg IS_BOX. Write a header for a new keybox file. (keydb_add_resource): No more need for the force flag. Rename the local variable "force" to "create". Add URL scheme "gnupg-kbx". Add magic test to detect a keybox file. Add basic support for keybox. (keydb_new, keydb_get_resource_name, keydb_delete_keyblock) (keydb_locate_writable, keydb_search_reset, keydb_search2): Add support for keybox. (lock_all, unlock_all): Ditto. * g10/Makefile.am (needed_libs): Add libkeybox.a. (gpg2_LDADD, gpgv2_LDADD): Add KSBA_LIBS as a workaround. * g10/keydb.h (KEYDB_RESOURCE_FLAG_PRIMARY) KEYDB_RESOURCE_FLAG_DEFAULT, KEYDB_RESOURCE_FLAG_READONLY): New. * g10/gpg.c, g10/gpgv.c (main): Use new constants. -- I did most of these changes back in 2011 and only cleaned them up now. More to follow soon.
2012-12-27 15:04:29 +01:00
KEYDB_RESOURCE_FLAG_DEFAULT);
Decryption and signi via agent is now implemented.
2010-04-23 13:36:59 +02:00
for (sl = nrings; sl; sl = sl->next )
keydb_add_resource (sl->d, sl->flags);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
FREE_STRLIST(nrings);
Don't prompt for the password multiple times in pinentry loopback mode. * g10/gpg.c (main): If OPT.PINENTRY_MODE is PINENTRY_MODE_LOOPBACK, clear OPT.PASSPHRASE_REPEAT.
2015-06-16 16:00:39 +02:00
if (opt.pinentry_mode == PINENTRY_MODE_LOOPBACK)
/* In loopback mode, never ask for the password multiple
times. */
{
opt.passphrase_repeat = 0;
}
.
2006-10-23 16:02:13 +02:00
if (cmd == aGPGConfTest)
g10_exit(0);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
gpg: New option --override-session-key-fd. * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 09:02:53 +01:00
if (pwfd != -1) /* Read the passphrase now. */
read_passphrase_from_fd (pwfd);
if (ovrseskeyfd != -1 ) /* Read the sessionkey now. */
read_sessionkey_from_fd (ovrseskeyfd);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
fname = argc? *argv : NULL;
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
if(fname && utf8_strings)
opt.flags.utf8_filename=1;
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
ctrl = xcalloc (1, sizeof *ctrl);
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
gpg_init_default_ctrl (ctrl);
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
gpg: No need to create a trustdb when encrypting with --always-trust. * g10/gpg.c (main): Special case setup_trustdb for --encrypt. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-02 09:10:17 +02:00
switch (cmd)
{
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aPrimegen:
case aPrintMD:
case aPrintMDs:
case aGenRandom:
case aDeArmor:
case aEnArmor:
gpg: Avoid homedir creation by --list-config * g10/gpg.c (main): Do not register a key for the list config commands. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-01 19:22:48 +02:00
case aListConfig:
case aListGcryptConfig:
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Print verbose instructions in case of a corrupted trustdb.
2009-07-22 11:43:10 +02:00
case aFixTrustDB:
gpg: No need to create a trustdb when encrypting with --always-trust. * g10/gpg.c (main): Special case setup_trustdb for --encrypt. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-02 09:10:17 +02:00
case aExportOwnerTrust:
rc = setup_trustdb (0, trustdb_name);
break;
case aListTrustDB:
rc = setup_trustdb (argc? 1:0, trustdb_name);
break;
gpg: Always initialize the trust db when generating keys. * g10/gpg.c (main): Always initialize the trust db when generating keys. * g10/keygen.c (do_generate_keypair): We can now assume that there is a trust db. -- It is important to mark keys we create as ultimately trusted. Fixes-commit: 4735ab96aa5577d40ba7b3f72d863057198cc6a7 GnuPG-bug-id: 2695 Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-02 16:25:20 +01:00
case aKeygen:
case aFullKeygen:
case aQuickKeygen:
rc = setup_trustdb (1, trustdb_name);
break;
gpg: Do not require a trustdb with --always-trust. * g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE. * g10/trustdb.c (trustdb_args): Add field no_trustdb. (init_trustdb): Set that field. (revalidation_mark): Take care of a nonexistent trustdb file. (read_trust_options): Ditto. (tdb_get_ownertrust): Ditto. (tdb_get_min_ownertrust): Ditto. (tdb_update_ownertrust): Ditto. (update_min_ownertrust): Ditto. (tdb_clear_ownertrusts): Ditto. (tdb_cache_disabled_value): Ditto. (tdb_check_trustdb_stale): Ditto. (tdb_get_validity_core): Ditto. * g10/gpg.c (main): Do not create a trustdb with most commands for trust-model always. -- This slightly changes the semantics of most commands in that they won't create a trustdb if --trust-model=always is used. It just does not make sense to create a trustdb if there is no need for it. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 1a0eeaacd1bf09fe5125dbc3f56016bc20f3512e) Resolved conflicts: NEWS g10/trustdb.c: Manually apply changes due to changed function names. Note that this also includes the fix for clear_ownertrust, see GnuPG-bug-id: 1622.
2013-10-11 09:25:58 +02:00
default:
gpg: No need to create a trustdb when encrypting with --always-trust. * g10/gpg.c (main): Special case setup_trustdb for --encrypt. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-02 09:10:17 +02:00
/* If we are using TM_ALWAYS, we do not need to create the
trustdb. */
rc = setup_trustdb (opt.trust_model != TM_ALWAYS, trustdb_name);
break;
}
if (rc)
gpg: Replace remaining old error code macros by GPG_ERR_. * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
log_error (_("failed to initialize the TrustDB: %s\n"),
gpg_strerror (rc));
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif /*!NO_TRUST_MODELS*/
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
switch (cmd)
{
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
case aStore:
case aSym:
case aSign:
case aSignSym:
case aClearsign:
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if (!opt.quiet && any_explicit_recipient)
log_info (_("WARNING: recipients (-r) given "
"without using public key encryption\n"));
break;
default:
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
gpg: Auto-migrate existing secring.gpg. * g10/migrate.c: New. * g10/import.c (import_old_secring): New. (import_one): Add arg silent. (transfer_secret_keys): Add arg batch. (import_secret_one): Add args batch and for_migration. * g10/gpg.c (main): Call migration function.
2014-06-05 11:19:59 +02:00
/* Check for certain command whether we need to migrate a
secring.gpg to the gpg-agent. */
switch (cmd)
{
case aListSecretKeys:
case aSign:
case aSignEncr:
case aSignEncrSym:
case aSignSym:
case aClearsign:
case aDecrypt:
case aSignKey:
case aLSignKey:
case aEditKey:
case aPasswd:
case aDeleteSecretKeys:
case aDeleteSecretAndPublicKeys:
gpg: Add command --quick-gen-key * g10/gpg.c (aQuickKeygen): New. * g10/misc.c (is_valid_user_id): New stub. * g10/keygen.c (quickgen_set_para): New. (quick_generate_keypair): New. -- Note that the validation of the specified user id has not yet been implemented.
2014-07-23 15:12:43 +02:00
case aQuickKeygen:
gpg: New command --quick-adduid. * g10/keygen.c (ask_user_id): Factor some code out to ... (uid_already_in_keyblock): new. (generate_user_id): Add arg UIDSTR. Fix leaked P. * g10/keyedit.c (menu_adduid): Add new arg uidstring. Adjust caller. (keyedit_quick_adduid): New. * g10/gpg.c (aQuickAddUid): New. (opts): Add command --quick-adduid. (main): Implement that. -- GnuPG-bug-id: 1956 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-08 16:08:57 +02:00
case aQuickAddUid:
gpg: New command --quick-addkey. * g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New. (ask_keysize): Factor code out to ... (get_keysize_range, fixup_keysize): new. (parse_parameter_usage): Factor parsing out to ... (parse_usagestr): new. Allow use of "encr" as alias for "encrypt". (parse_subkey_algostr_usagestr): New. (generate_subkeypair): Add new args. Implement unattended mode. * g10/keyedit.c (keyedit_quick_sign): Factor some code out to ... (find_by_primary_fpr): new. (keyedit_quick_addkey): New. * g10/gpg.c (aQuickAddKey): New. (opts): Add --quick-addkey. (main): Implement. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 15:54:48 +02:00
case aQuickAddKey:
g10: Implement gpg --quick-revuid * g10/revoke.c (get_default_uid_revocation_reason): New. * g10/keyedit.c (menu_revuid): Break out creation of uid revocation into new function core_revuid. * g10/keyedit.c (keyedit_quick_revuid): New. Selects key and uid, invokes core_revuid. * g10/gpg.c (main): Handle --quick-revuid argument. * doc/gpg.texi: Document --quick-revuid. -- This functionality is a counterpart to --quick-adduid, and will be useful for projects that depend programmatically on gpg to revoke user IDs (one such example is "monkeysphere-host revoke-servicename"). Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> - Minor re-indentation work. - Changed a "0 == memcmp" to "!memcmp" - Removed tests/openpgp/quick-key-manipulation.test from the Makefile. This test needs to be converted to gpgscm. - Removed example from whats-new-in-2.1.txt because that is generated. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 00:05:57 +02:00
case aQuickRevUid:
gpg: New command --quick-set-primary-uid. * g10/gpg.c (aQuickSetPrimaryUid): New const. (opts): New command --quick-set-primary-uid. (main): Implement it. * g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ... (quick_find_keyblock): new func. (keyedit_quick_revuid): Use quick_find_keyblock. (keyedit_quick_set_primary): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 14:47:21 +01:00
case aQuickSetPrimaryUid:
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
case aFullKeygen:
gpg: Auto-migrate existing secring.gpg. * g10/migrate.c: New. * g10/import.c (import_old_secring): New. (import_one): Add arg silent. (transfer_secret_keys): Add arg batch. (import_secret_one): Add args batch and for_migration. * g10/gpg.c (main): Call migration function.
2014-06-05 11:19:59 +02:00
case aKeygen:
case aImport:
case aExportSecret:
case aExportSecretSub:
case aGenRevoke:
case aDesigRevoke:
case aCardEdit:
case aChangePIN:
migrate_secring (ctrl);
break;
case aListKeys:
if (opt.with_secret)
migrate_secring (ctrl);
break;
default:
break;
}
/* The command dispatcher. */
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
switch( cmd )
{
Started to code a --server mode. It is far from being ready!
2006-12-21 20:40:00 +01:00
case aServer:
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
gpg_server (ctrl);
Started to code a --server mode. It is far from being ready!
2006-12-21 20:40:00 +01:00
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aStore: /* only store the file */
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--store [filename]");
Rename encode.c to encrypt.c. Rename function in a simlar way. Re-indent encrypt.c
2009-09-28 16:37:48 +02:00
if( (rc = encrypt_store(fname)) )
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("store", rc);
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error ("storing '%s' failed: %s\n",
gpg: Replace remaining old error code macros by GPG_ERR_. * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
print_fname_stdin(fname),gpg_strerror (rc) );
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aSym: /* encrypt the given file only with the symmetric cipher */
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--symmetric [filename]");
Rename encode.c to encrypt.c. Rename function in a simlar way. Re-indent encrypt.c
2009-09-28 16:37:48 +02:00
if( (rc = encrypt_symmetric(fname)) )
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("symencrypt", rc);
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error (_("symmetric encryption of '%s' failed: %s\n"),
gpg: Replace remaining old error code macros by GPG_ERR_. * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
print_fname_stdin(fname),gpg_strerror (rc) );
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aEncr: /* encrypt the given file */
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
if(multifile)
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
encrypt_crypt_files (ctrl, argc, argv, remusr);
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
else
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--encrypt [filename]");
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if( (rc = encrypt_crypt (ctrl, -1, fname, remusr, 0, NULL, -1)) )
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("encrypt", rc);
log_error("%s: encryption failed: %s\n",
print_fname_stdin(fname), gpg_strerror (rc) );
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
break;
case aEncrSym:
/* This works with PGP 8 in the sense that it acts just like a
symmetric message. It doesn't work at all with 2 or 6. It
might work with 7, but alas, I don't have a copy to test
with right now. */
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--symmetric --encrypt [filename]");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else if(opt.s2k_mode==0)
log_error(_("you cannot use --symmetric --encrypt"
" with --s2k-mode 0\n"));
gpg: Remove options --pgp2 and --rfc1991. * g10/gpg.c (oRFC1991, oPGP2): Remove (opts): Remove --pgp2 and --rfc1991. * g10/options.h (CO_PGP2, CO_RFC1991): Remove. Remove all users. (RFC2440, PGP2): Remove. Remove all code only enabled by these conditions. * tests/openpgp/clearsig.test: Remove --rfc1991 test. -- The use of PGP 2.c is considered insecure for quite some time now (e.g. due to the use of MD5). Thus we remove all support for _creating_ PGP 2 compatible messages.
2014-08-12 10:36:30 +02:00
else if(PGP6 || PGP7)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_error(_("you cannot use --symmetric --encrypt"
" while in %s mode\n"),compliance_option_string());
else
{
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if( (rc = encrypt_crypt (ctrl, -1, fname, remusr, 1, NULL, -1)) )
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("encrypt", rc);
log_error ("%s: encryption failed: %s\n",
print_fname_stdin(fname), gpg_strerror (rc) );
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aSign: /* sign the given file */
sl = NULL;
if( detached_sig ) { /* sign all files */
for( ; argc; argc--, argv++ )
add_to_strlist( &sl, *argv );
}
else {
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--sign [filename]");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( argc ) {
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
sl = xmalloc_clear( sizeof *sl + strlen(fname));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
strcpy(sl->d, fname);
}
}
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
if ((rc = sign_file (ctrl, sl, detached_sig, locusr, 0, NULL, NULL)))
{
write_status_failure ("sign", rc);
log_error ("signing failed: %s\n", gpg_strerror (rc) );
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
break;
case aSignEncr: /* sign and encrypt the given file */
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--sign --encrypt [filename]");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( argc ) {
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
sl = xmalloc_clear( sizeof *sl + strlen(fname));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
strcpy(sl->d, fname);
}
else
sl = NULL;
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if ((rc = sign_file (ctrl, sl, detached_sig, locusr, 1, remusr, NULL)))
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("sign-encrypt", rc);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_error("%s: sign+encrypt failed: %s\n",
gpg: Replace remaining old error code macros by GPG_ERR_. * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
print_fname_stdin(fname), gpg_strerror (rc) );
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aSignEncrSym: /* sign and encrypt the given file */
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--symmetric --sign --encrypt [filename]");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else if(opt.s2k_mode==0)
log_error(_("you cannot use --symmetric --sign --encrypt"
" with --s2k-mode 0\n"));
gpg: Remove options --pgp2 and --rfc1991. * g10/gpg.c (oRFC1991, oPGP2): Remove (opts): Remove --pgp2 and --rfc1991. * g10/options.h (CO_PGP2, CO_RFC1991): Remove. Remove all users. (RFC2440, PGP2): Remove. Remove all code only enabled by these conditions. * tests/openpgp/clearsig.test: Remove --rfc1991 test. -- The use of PGP 2.c is considered insecure for quite some time now (e.g. due to the use of MD5). Thus we remove all support for _creating_ PGP 2 compatible messages.
2014-08-12 10:36:30 +02:00
else if(PGP6 || PGP7)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_error(_("you cannot use --symmetric --sign --encrypt"
" while in %s mode\n"),compliance_option_string());
else
{
if( argc )
{
sl = xmalloc_clear( sizeof *sl + strlen(fname));
strcpy(sl->d, fname);
}
else
sl = NULL;
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if ((rc = sign_file (ctrl, sl, detached_sig, locusr,
2, remusr, NULL)))
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("sign-encrypt", rc);
log_error("%s: symmetric+sign+encrypt failed: %s\n",
print_fname_stdin(fname), gpg_strerror (rc) );
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
free_strlist(sl);
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aSignSym: /* sign and conventionally encrypt the given file */
if (argc > 1)
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--sign --symmetric [filename]");
gpg: Allow multiple --default-key options. Take the last available key. * g10/getkey.c (parse_def_secret_key): New function. (get_seckey_default): Add parameter ctrl. Update callers. Use parse_def_secret_key to get the default secret key, if any. (getkey_byname): Likewise. (enum_secret_keys): Likewise. * g10/options.h (opt): Change def_secret_key's type from a char * to a strlist_t. * g10/gpg.c (main): When processing --default-key, add the key to OPT.DEF_SECRET_KEY. * g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers. * g10/mainproc.c (proc_pubkey_enc): Likewise. (do_proc_packets): Likewise. * g10/pkclist.c (default_recipient): Likewise. * g10/pubkey-enc.c (get_session_key): Likewise. * g10/sign.c (clearsign_file): Likewise. (sign_symencrypt_file): Likewise. * g10/skclist.c (build_sk_list): Likewise. * g10/test-stubs.c (get_session_key): Likewise. -- Signed-off-by: Neal H. Walield <neal@g10code.com> GnuPG-bug-id: 806
2015-11-03 23:15:27 +01:00
rc = sign_symencrypt_file (ctrl, fname, locusr);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if (rc)
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("sign-symencrypt", rc);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
log_error("%s: sign+symmetric failed: %s\n",
gpg: Replace remaining old error code macros by GPG_ERR_. * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
print_fname_stdin(fname), gpg_strerror (rc) );
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aClearsign: /* make a clearsig */
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--clear-sign [filename]");
gpg: Allow multiple --default-key options. Take the last available key. * g10/getkey.c (parse_def_secret_key): New function. (get_seckey_default): Add parameter ctrl. Update callers. Use parse_def_secret_key to get the default secret key, if any. (getkey_byname): Likewise. (enum_secret_keys): Likewise. * g10/options.h (opt): Change def_secret_key's type from a char * to a strlist_t. * g10/gpg.c (main): When processing --default-key, add the key to OPT.DEF_SECRET_KEY. * g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers. * g10/mainproc.c (proc_pubkey_enc): Likewise. (do_proc_packets): Likewise. * g10/pkclist.c (default_recipient): Likewise. * g10/pubkey-enc.c (get_session_key): Likewise. * g10/sign.c (clearsign_file): Likewise. (sign_symencrypt_file): Likewise. * g10/skclist.c (build_sk_list): Likewise. * g10/test-stubs.c (get_session_key): Likewise. -- Signed-off-by: Neal H. Walield <neal@g10code.com> GnuPG-bug-id: 806
2015-11-03 23:15:27 +01:00
if( (rc = clearsign_file (ctrl, fname, locusr, NULL)) )
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("sign", rc);
g10: Hyphenate --clearsign. * g10/gpg.c (opts): Hyphenate option. * doc/gpg.texi: Update accordingly. * po: Update translations. * tests/openpgp: Update tests. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-23 14:10:07 +02:00
log_error("%s: clear-sign failed: %s\n",
gpg: Replace remaining old error code macros by GPG_ERR_. * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
print_fname_stdin(fname), gpg_strerror (rc) );
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aVerify:
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if (multifile)
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
{
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if ((rc = verify_files (ctrl, argc, argv)))
gpg: Replace remaining old error code macros by GPG_ERR_. * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
log_error("verify files failed: %s\n", gpg_strerror (rc) );
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
else
{
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if ((rc = verify_signatures (ctrl, argc, argv)))
gpg: Replace remaining old error code macros by GPG_ERR_. * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
log_error("verify signatures failed: %s\n", gpg_strerror (rc) );
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
}
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
if (rc)
write_status_failure ("verify", rc);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aDecrypt:
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if (multifile)
decrypt_messages (ctrl, argc, argv);
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
{
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--decrypt [filename]");
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
if( (rc = decrypt_message (ctrl, fname) ))
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("decrypt", rc);
log_error("decrypt_message failed: %s\n", gpg_strerror (rc) );
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
gpg: Add commands --quick-sign-key and --quick-lsign-key. * g10/gpg.c (main): Add commands --quick-sign-key and --quick-lsign-key. * g10/keyedit.c (sign_uids): Add args FP and QUICK. (keyedit_quick_sign): New. (show_key_with_all_names): Add arg NOWARN.
2014-03-27 16:33:40 +01:00
case aQuickSignKey:
case aQuickLSignKey:
{
const char *fpr;
if (argc < 1)
wrong_args ("--quick-[l]sign-key fingerprint [userids]");
fpr = *argv++; argc--;
sl = NULL;
for( ; argc; argc--, argv++)
append_to_strlist2 (&sl, *argv, utf8_strings);
keyedit_quick_sign (ctrl, fpr, sl, locusr, (cmd == aQuickLSignKey));
free_strlist (sl);
}
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aSignKey:
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( argc != 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--sign-key user-id");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* fall through */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aLSignKey:
if( argc != 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--lsign-key user-id");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
/* fall through */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
sl=NULL;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(cmd==aSignKey)
append_to_strlist(&sl,"sign");
else if(cmd==aLSignKey)
append_to_strlist(&sl,"lsign");
else
BUG();
append_to_strlist( &sl, "save" );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
username = make_username( fname );
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
keyedit_menu (ctrl, username, locusr, sl, 0, 0 );
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(username);
free_strlist(sl);
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aEditKey: /* Edit a key signature */
if( !argc )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--edit-key user-id [commands]");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
username = make_username( fname );
if( argc > 1 ) {
sl = NULL;
for( argc--, argv++ ; argc; argc--, argv++ )
append_to_strlist( &sl, *argv );
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
keyedit_menu (ctrl, username, locusr, sl, 0, 1 );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
}
else
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
keyedit_menu (ctrl, username, locusr, NULL, 0, 1 );
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(username);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
case aPasswd:
if (argc != 1)
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("--change-passphrase <user-id>");
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
else
{
username = make_username (fname);
Re-implemented GPG's --passwd command and improved it.
2010-10-26 11:10:29 +02:00
keyedit_passwd (ctrl, username);
Add dummu option --passwd for gpg. Collected changes.
2010-01-08 20:18:49 +01:00
xfree (username);
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aDeleteKeys:
case aDeleteSecretKeys:
case aDeleteSecretAndPublicKeys:
sl = NULL;
/* I'm adding these in reverse order as add_to_strlist2
reverses them again, and it's easier to understand in the
proper order :) */
for( ; argc; argc-- )
add_to_strlist2( &sl, argv[argc-1], utf8_strings );
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
delete_keys (ctrl, sl,
cmd==aDeleteSecretKeys, cmd==aDeleteSecretAndPublicKeys);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
break;
case aCheckKeys:
opt.check_sigs = 1;
case aListSigs:
opt.list_sigs = 1;
case aListKeys:
sl = NULL;
for( ; argc; argc--, argv++ )
add_to_strlist2( &sl, *argv, utf8_strings );
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
public_key_list (ctrl, sl, 0);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
break;
case aListSecretKeys:
sl = NULL;
for( ; argc; argc--, argv++ )
add_to_strlist2( &sl, *argv, utf8_strings );
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
secret_key_list (ctrl, sl);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
break;
Add command --locate-key. Fix auto-key-locate processing of "nodefault".
2008-05-07 17:40:36 +02:00
case aLocateKeys:
sl = NULL;
for (; argc; argc--, argv++)
add_to_strlist2( &sl, *argv, utf8_strings );
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
public_key_list (ctrl, sl, 1);
Add command --locate-key. Fix auto-key-locate processing of "nodefault".
2008-05-07 17:40:36 +02:00
free_strlist (sl);
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
gpg: Add command --quick-gen-key * g10/gpg.c (aQuickKeygen): New. * g10/misc.c (is_valid_user_id): New stub. * g10/keygen.c (quickgen_set_para): New. (quick_generate_keypair): New. -- Note that the validation of the specified user id has not yet been implemented.
2014-07-23 15:12:43 +02:00
case aQuickKeygen:
gpg: Extend the --quick-gen-key command. * g10/keygen.c (quickgen_set_para): Add arg 'use'. (quick_generate_keypair): Add args 'algostr', 'usagestr', and 'expirestr'. Implement primary only key mode. (parse_algo_usage_expire): Set NBITS for the default algo. * g10/gpg.c (main): Extend --quick-gen-key command. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 18:38:10 +02:00
{
const char *x_algo, *x_usage, *x_expire;
if (argc < 1 || argc > 4)
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
wrong_args("--quick-generate-key USER-ID [ALGO [USAGE [EXPIRE]]]");
gpg: Extend the --quick-gen-key command. * g10/keygen.c (quickgen_set_para): Add arg 'use'. (quick_generate_keypair): Add args 'algostr', 'usagestr', and 'expirestr'. Implement primary only key mode. (parse_algo_usage_expire): Set NBITS for the default algo. * g10/gpg.c (main): Extend --quick-gen-key command. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 18:38:10 +02:00
username = make_username (fname);
argv++, argc--;
x_algo = "";
x_usage = "";
x_expire = "";
if (argc)
{
x_algo = *argv++; argc--;
if (argc)
{
x_usage = *argv++; argc--;
if (argc)
gpg: Fix command line parsing of --quick-addkey and --quick-gen-key. * g10/gpg.c (main): Compose a block by curly braces. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-06-07 07:16:32 +02:00
{
x_expire = *argv++; argc--;
}
gpg: Extend the --quick-gen-key command. * g10/keygen.c (quickgen_set_para): Add arg 'use'. (quick_generate_keypair): Add args 'algostr', 'usagestr', and 'expirestr'. Implement primary only key mode. (parse_algo_usage_expire): Set NBITS for the default algo. * g10/gpg.c (main): Extend --quick-gen-key command. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 18:38:10 +02:00
}
}
quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire);
xfree (username);
}
gpg: Add command --quick-gen-key * g10/gpg.c (aQuickKeygen): New. * g10/misc.c (is_valid_user_id): New stub. * g10/keygen.c (quickgen_set_para): New. (quick_generate_keypair): New. -- Note that the validation of the specified user id has not yet been implemented.
2014-07-23 15:12:43 +02:00
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aKeygen: /* generate a key */
if( opt.batch ) {
if( argc > 1 )
g10,sm: Spell out --gen-key. * g10/gpg.c (opts): Spell out option. * sm/gpgsm.c (opts): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-11-14 16:59:23 +01:00
wrong_args("--generate-key [parameterfile]");
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
generate_keypair (ctrl, 0, argc? *argv : NULL, NULL, 0);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else {
Allow --gen-key to inquire a passphrase. * g10/gpg.c (main): test for --command-fd during --gen-key parse. When --command-fd is set then imply --batch to let gpg inquire a passphrase rather than requiring a pinentry.
2015-04-15 00:48:57 +02:00
if (opt.command_fd != -1 && argc)
{
if( argc > 1 )
g10,sm: Spell out --gen-key. * g10/gpg.c (opts): Spell out option. * sm/gpgsm.c (opts): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-11-14 16:59:23 +01:00
wrong_args("--generate-key [parameterfile]");
Allow --gen-key to inquire a passphrase. * g10/gpg.c (main): test for --command-fd during --gen-key parse. When --command-fd is set then imply --batch to let gpg inquire a passphrase rather than requiring a pinentry.
2015-04-15 00:48:57 +02:00
opt.batch = 1;
generate_keypair (ctrl, 0, argc? *argv : NULL, NULL, 0);
}
else if (argc)
g10,sm: Spell out --gen-key. * g10/gpg.c (opts): Spell out option. * sm/gpgsm.c (opts): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-11-14 16:59:23 +01:00
wrong_args ("--generate-key");
Allow --gen-key to inquire a passphrase. * g10/gpg.c (main): test for --command-fd during --gen-key parse. When --command-fd is set then imply --batch to let gpg inquire a passphrase rather than requiring a pinentry.
2015-04-15 00:48:57 +02:00
else
generate_keypair (ctrl, 0, NULL, NULL, 0);
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
}
break;
case aFullKeygen: /* Generate a key with all options. */
if (opt.batch)
{
if (argc > 1)
g10: Spell out --full-gen-key. * g10/gpg.c (opts): Spell out option. (main): Likewise. * g10/keygen.c (generate_keypair): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-09 15:10:39 +01:00
wrong_args ("--full-generate-key [parameterfile]");
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
generate_keypair (ctrl, 1, argc? *argv : NULL, NULL, 0);
}
else
{
if (argc)
g10: Spell out --full-gen-key. * g10/gpg.c (opts): Spell out option. (main): Likewise. * g10/keygen.c (generate_keypair): Likewise. * doc/gpg.texi: Update accordingly. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-09 15:10:39 +01:00
wrong_args("--full-generate-key");
gpg: Simplify command --gen-key and add --full-gen-key. * g10/gpg.c (aFullKeygen): New. (opts): Add command --full-key-gen. (main): Implement it. * g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although the value is identical. (DEFAULT_STD_CURVE): New. (DEFAULT_STD_SUBALGO): New. (DEFAULT_STD_SUBKEYSIZE): New. (DEFAULT_STD_SUBCURVE): New. (quick_generate_keypair): Use new macros here. (generate_keypair): Add arg "full" and fix call callers. Do not ask for keysize in non-full node. (ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
generate_keypair (ctrl, 1, NULL, NULL, 0);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
break;
gpg: New command --quick-adduid. * g10/keygen.c (ask_user_id): Factor some code out to ... (uid_already_in_keyblock): new. (generate_user_id): Add arg UIDSTR. Fix leaked P. * g10/keyedit.c (menu_adduid): Add new arg uidstring. Adjust caller. (keyedit_quick_adduid): New. * g10/gpg.c (aQuickAddUid): New. (opts): Add command --quick-adduid. (main): Implement that. -- GnuPG-bug-id: 1956 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-08 16:08:57 +02:00
case aQuickAddUid:
{
const char *uid, *newuid;
if (argc != 2)
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
wrong_args ("--quick-add-uid USER-ID NEW-USER-ID");
gpg: New command --quick-adduid. * g10/keygen.c (ask_user_id): Factor some code out to ... (uid_already_in_keyblock): new. (generate_user_id): Add arg UIDSTR. Fix leaked P. * g10/keyedit.c (menu_adduid): Add new arg uidstring. Adjust caller. (keyedit_quick_adduid): New. * g10/gpg.c (aQuickAddUid): New. (opts): Add command --quick-adduid. (main): Implement that. -- GnuPG-bug-id: 1956 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-08 16:08:57 +02:00
uid = *argv++; argc--;
newuid = *argv++; argc--;
keyedit_quick_adduid (ctrl, uid, newuid);
}
gpg: New command --quick-addkey. * g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New. (ask_keysize): Factor code out to ... (get_keysize_range, fixup_keysize): new. (parse_parameter_usage): Factor parsing out to ... (parse_usagestr): new. Allow use of "encr" as alias for "encrypt". (parse_subkey_algostr_usagestr): New. (generate_subkeypair): Add new args. Implement unattended mode. * g10/keyedit.c (keyedit_quick_sign): Factor some code out to ... (find_by_primary_fpr): new. (keyedit_quick_addkey): New. * g10/gpg.c (aQuickAddKey): New. (opts): Add --quick-addkey. (main): Implement. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 15:54:48 +02:00
break;
case aQuickAddKey:
{
const char *x_fpr, *x_algo, *x_usage, *x_expire;
if (argc < 1 || argc > 4)
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
wrong_args ("--quick-add-key FINGERPRINT [ALGO [USAGE [EXPIRE]]]");
gpg: New command --quick-addkey. * g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New. (ask_keysize): Factor code out to ... (get_keysize_range, fixup_keysize): new. (parse_parameter_usage): Factor parsing out to ... (parse_usagestr): new. Allow use of "encr" as alias for "encrypt". (parse_subkey_algostr_usagestr): New. (generate_subkeypair): Add new args. Implement unattended mode. * g10/keyedit.c (keyedit_quick_sign): Factor some code out to ... (find_by_primary_fpr): new. (keyedit_quick_addkey): New. * g10/gpg.c (aQuickAddKey): New. (opts): Add --quick-addkey. (main): Implement. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 15:54:48 +02:00
x_fpr = *argv++; argc--;
x_algo = "";
x_usage = "";
x_expire = "";
if (argc)
{
x_algo = *argv++; argc--;
if (argc)
{
x_usage = *argv++; argc--;
if (argc)
gpg: Fix command line parsing of --quick-addkey and --quick-gen-key. * g10/gpg.c (main): Compose a block by curly braces. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-06-07 07:16:32 +02:00
{
x_expire = *argv++; argc--;
}
gpg: New command --quick-addkey. * g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New. (ask_keysize): Factor code out to ... (get_keysize_range, fixup_keysize): new. (parse_parameter_usage): Factor parsing out to ... (parse_usagestr): new. Allow use of "encr" as alias for "encrypt". (parse_subkey_algostr_usagestr): New. (generate_subkeypair): Add new args. Implement unattended mode. * g10/keyedit.c (keyedit_quick_sign): Factor some code out to ... (find_by_primary_fpr): new. (keyedit_quick_addkey): New. * g10/gpg.c (aQuickAddKey): New. (opts): Add --quick-addkey. (main): Implement. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 15:54:48 +02:00
}
}
keyedit_quick_addkey (ctrl, x_fpr, x_algo, x_usage, x_expire);
}
gpg: New command --quick-adduid. * g10/keygen.c (ask_user_id): Factor some code out to ... (uid_already_in_keyblock): new. (generate_user_id): Add arg UIDSTR. Fix leaked P. * g10/keyedit.c (menu_adduid): Add new arg uidstring. Adjust caller. (keyedit_quick_adduid): New. * g10/gpg.c (aQuickAddUid): New. (opts): Add command --quick-adduid. (main): Implement that. -- GnuPG-bug-id: 1956 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-08 16:08:57 +02:00
break;
g10: Implement gpg --quick-revuid * g10/revoke.c (get_default_uid_revocation_reason): New. * g10/keyedit.c (menu_revuid): Break out creation of uid revocation into new function core_revuid. * g10/keyedit.c (keyedit_quick_revuid): New. Selects key and uid, invokes core_revuid. * g10/gpg.c (main): Handle --quick-revuid argument. * doc/gpg.texi: Document --quick-revuid. -- This functionality is a counterpart to --quick-adduid, and will be useful for projects that depend programmatically on gpg to revoke user IDs (one such example is "monkeysphere-host revoke-servicename"). Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> - Minor re-indentation work. - Changed a "0 == memcmp" to "!memcmp" - Removed tests/openpgp/quick-key-manipulation.test from the Makefile. This test needs to be converted to gpgscm. - Removed example from whats-new-in-2.1.txt because that is generated. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 00:05:57 +02:00
case aQuickRevUid:
{
const char *uid, *uidtorev;
if (argc != 2)
g10: Rework the --quick-* interface. * g10/gpg.c (opts): Rename options. (main): Update errors. * doc/gpg.texi: Update accordingly. -- I decided not to keep the old versions as aliases in the documentation because the interface is a fairly recent addition. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 15:32:51 +01:00
wrong_args ("--quick-revoke-uid USER-ID USER-ID-TO-REVOKE");
g10: Implement gpg --quick-revuid * g10/revoke.c (get_default_uid_revocation_reason): New. * g10/keyedit.c (menu_revuid): Break out creation of uid revocation into new function core_revuid. * g10/keyedit.c (keyedit_quick_revuid): New. Selects key and uid, invokes core_revuid. * g10/gpg.c (main): Handle --quick-revuid argument. * doc/gpg.texi: Document --quick-revuid. -- This functionality is a counterpart to --quick-adduid, and will be useful for projects that depend programmatically on gpg to revoke user IDs (one such example is "monkeysphere-host revoke-servicename"). Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> - Minor re-indentation work. - Changed a "0 == memcmp" to "!memcmp" - Removed tests/openpgp/quick-key-manipulation.test from the Makefile. This test needs to be converted to gpgscm. - Removed example from whats-new-in-2.1.txt because that is generated. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 00:05:57 +02:00
uid = *argv++; argc--;
uidtorev = *argv++; argc--;
keyedit_quick_revuid (ctrl, uid, uidtorev);
}
break;
gpg: New option --quick-set-expire. * g10/gpg.c (aQuickSetExpire): New. (opts): New option --quick-set-expire. (main): Implement option. * g10/keyedit.c (menu_expire): Add args FORCE_MAINKEY and NEWEXPIRATION. Change semantics of the return value. Change caller. (keyedit_quick_set_expire): New. -- This patch partly solves GnuPG-bug-id: 2701
2016-12-05 10:58:39 +01:00
case aQuickSetExpire:
{
const char *x_fpr, *x_expire;
if (argc != 2)
wrong_args ("--quick-set-exipre FINGERPRINT EXPIRE");
x_fpr = *argv++; argc--;
x_expire = *argv++; argc--;
keyedit_quick_set_expire (ctrl, x_fpr, x_expire);
}
break;
gpg: New command --quick-set-primary-uid. * g10/gpg.c (aQuickSetPrimaryUid): New const. (opts): New command --quick-set-primary-uid. (main): Implement it. * g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ... (quick_find_keyblock): new func. (keyedit_quick_revuid): Use quick_find_keyblock. (keyedit_quick_set_primary): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 14:47:21 +01:00
case aQuickSetPrimaryUid:
{
const char *uid, *primaryuid;
if (argc != 2)
wrong_args ("--quick-set-primary-uid USER-ID PRIMARY-USER-ID");
uid = *argv++; argc--;
primaryuid = *argv++; argc--;
keyedit_quick_set_primary (ctrl, uid, primaryuid);
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aFastImport:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
opt.import_options |= IMPORT_FAST;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aImport:
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
import_keys (ctrl, argc? argv:NULL, argc, NULL, opt.import_options);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
/* TODO: There are a number of command that use this same
"make strlist, call function, report error, free strlist"
pattern. Join them together here and avoid all that
duplicated code. */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aExport:
case aSendKeys:
case aRecvKeys:
sl = NULL;
for( ; argc; argc--, argv++ )
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
append_to_strlist2( &sl, *argv, utf8_strings );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( cmd == aSendKeys )
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
rc = keyserver_export (ctrl, sl );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if( cmd == aRecvKeys )
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
rc = keyserver_import (ctrl, sl );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else
gpg: Print export statistics to the status-fd. * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 16:02:35 +01:00
{
export_stats_t stats = export_new_stats ();
rc = export_pubkeys (ctrl, sl, opt.export_options, stats);
export_print_stats (stats);
export_release_stats (stats);
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if(rc)
{
if(cmd==aSendKeys)
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("send-keys", rc);
log_error(_("keyserver send failed: %s\n"),gpg_strerror (rc));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else if(cmd==aRecvKeys)
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("recv-keys", rc);
log_error (_("keyserver receive failed: %s\n"),
gpg_strerror (rc));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("export", rc);
log_error (_("key export failed: %s\n"), gpg_strerror (rc));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
free_strlist(sl);
break;
gpg: New command --export-ssh-key * g10/export.c: Include membuf.h and host2net.h. (key_to_sshblob): New. (export_ssh_key): New. * g10/gpg.c (aExportSshKey): New. (opts): Add command. (main): Implement that command. -- GnuPG-bug-id: 2212 I have done only a few tests rights now and the ECDSA curves do not yet work. However ssh-keygen -l accept RSA and ed25519 keys exported using this command. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 17:22:32 +01:00
case aExportSshKey:
if (argc != 1)
wrong_args ("--export-ssh-key <user-id>");
rc = export_ssh_key (ctrl, argv[0]);
if (rc)
{
write_status_failure ("export-ssh-key", rc);
log_error (_("export as ssh key failed: %s\n"), gpg_strerror (rc));
}
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aSearchKeys:
sl = NULL;
Keyserver search and get basically works again.
2011-01-18 12:51:16 +01:00
for (; argc; argc--, argv++)
append_to_strlist2 (&sl, *argv, utf8_strings);
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
rc = keyserver_search (ctrl, sl);
Keyserver search and get basically works again.
2011-01-18 12:51:16 +01:00
if (rc)
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("search-keys", rc);
log_error (_("keyserver search failed: %s\n"), gpg_strerror (rc));
}
Keyserver search and get basically works again.
2011-01-18 12:51:16 +01:00
free_strlist (sl);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aRefreshKeys:
sl = NULL;
for( ; argc; argc--, argv++ )
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
append_to_strlist2( &sl, *argv, utf8_strings );
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
rc = keyserver_refresh (ctrl, sl);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if(rc)
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("refresh-keys", rc);
log_error (_("keyserver refresh failed: %s\n"),gpg_strerror (rc));
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
free_strlist(sl);
break;
case aFetchKeys:
sl = NULL;
for( ; argc; argc--, argv++ )
Merged recent changes from 1.4
2006-04-28 16:31:29 +02:00
append_to_strlist2( &sl, *argv, utf8_strings );
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
rc = keyserver_fetch (ctrl, sl);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if(rc)
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("fetch-keys", rc);
log_error ("key fetch failed: %s\n",gpg_strerror (rc));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
break;
case aExportSecret:
sl = NULL;
for( ; argc; argc--, argv++ )
add_to_strlist2( &sl, *argv, utf8_strings );
gpg: Print export statistics to the status-fd. * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 16:02:35 +01:00
{
export_stats_t stats = export_new_stats ();
gpg: Make --export-options work with --export-secret-keys. * g10/export.c (export_seckeys): Add arg OPTIONS and pass it to do_export. (export_secsubkeys): Ditto. * g10/gpg.c (main): Pass opt.export_options to export_seckeys and export_secsubkeys -- Back in the old days we did not used the export options for secret keys export because of a lot of duplicated code and that the old secring.gpg was anyway smaller that the pubring.gpg. With 2.1 it was pretty easy to enable it. Reported-by: Peter Lebbing GnuPG-bug-id: 2973
2017-03-01 14:41:47 +01:00
export_seckeys (ctrl, sl, opt.export_options, stats);
gpg: Print export statistics to the status-fd. * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 16:02:35 +01:00
export_print_stats (stats);
export_release_stats (stats);
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
break;
case aExportSecretSub:
sl = NULL;
for( ; argc; argc--, argv++ )
add_to_strlist2( &sl, *argv, utf8_strings );
gpg: Print export statistics to the status-fd. * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 16:02:35 +01:00
{
export_stats_t stats = export_new_stats ();
gpg: Make --export-options work with --export-secret-keys. * g10/export.c (export_seckeys): Add arg OPTIONS and pass it to do_export. (export_secsubkeys): Ditto. * g10/gpg.c (main): Pass opt.export_options to export_seckeys and export_secsubkeys -- Back in the old days we did not used the export options for secret keys export because of a lot of duplicated code and that the old secring.gpg was anyway smaller that the pubring.gpg. With 2.1 it was pretty easy to enable it. Reported-by: Peter Lebbing GnuPG-bug-id: 2973
2017-03-01 14:41:47 +01:00
export_secsubkeys (ctrl, sl, opt.export_options, stats);
gpg: Print export statistics to the status-fd. * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 16:02:35 +01:00
export_print_stats (stats);
export_release_stats (stats);
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
free_strlist(sl);
break;
case aGenRevoke:
if( argc != 1 )
g10: Shorten unreasonably long option. * g10/gpg.c (opts): Rename 'generate-revocation-certificate' to 'generate-revocation'. * doc/gpg.texi: Update accordingly. * po: Update translations. GnuPG-bug-id: 2700 Fixes-commit: ec1bd3ae685e95563e38077ab3c1655fd55dea07 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 13:01:03 +01:00
wrong_args("--generate-revocation user-id");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
username = make_username(*argv);
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
gen_revoke (ctrl, username );
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree( username );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aDesigRevoke:
gpg: Fix --desig-revoke. * g10/revoke.c (gen_desig_revoke): Add additional parameter ctrl. Check that the secret key is available. If not, display an error message. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Regression-due-to: 8459bcf9
2015-10-19 15:04:45 +02:00
if (argc != 1)
g10: Spell out --desig-revoke. * g10/gpg.c (opts): Rename option. * doc/gpg.texi: Update accordingly. -- This is a rather long name, but I believe that this command is rarely used, and in places where it is used frequently, the process is likely automated. GnuPG-bug-id: 2700 Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 13:59:48 +01:00
wrong_args ("--generate-designated-revocation user-id");
gpg: Fix --desig-revoke. * g10/revoke.c (gen_desig_revoke): Add additional parameter ctrl. Check that the secret key is available. If not, display an error message. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Regression-due-to: 8459bcf9
2015-10-19 15:04:45 +02:00
username = make_username (*argv);
gen_desig_revoke (ctrl, username, locusr);
xfree (username);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aDeArmor:
if( argc > 1 )
wrong_args("--dearmor [file]");
Revert "g10: Support armored keyrings in gpgv." This reverts commit abb352de51bc964c06007fce43ed6f6caea87c15.
2016-04-06 11:34:11 +02:00
rc = dearmor_file( argc? *argv: NULL );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( rc )
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("dearmor", rc);
log_error (_("dearmoring failed: %s\n"), gpg_strerror (rc));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aEnArmor:
if( argc > 1 )
wrong_args("--enarmor [file]");
rc = enarmor_file( argc? *argv: NULL );
if( rc )
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("enarmor", rc);
log_error (_("enarmoring failed: %s\n"), gpg_strerror (rc));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aPrimegen:
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#if 0 /*FIXME*/
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{ int mode = argc < 2 ? 0 : atoi(*argv);
if( mode == 1 && argc == 2 ) {
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
mpi_print (es_stdout,
generate_public_prime( atoi(argv[1]) ), 1);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else if( mode == 2 && argc == 3 ) {
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
mpi_print (es_stdout, generate_elg_prime(
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
0, atoi(argv[1]),
atoi(argv[2]), NULL,NULL ), 1);
}
else if( mode == 3 && argc == 3 ) {
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
MPI *factors;
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
mpi_print (es_stdout, generate_elg_prime(
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
1, atoi(argv[1]),
atoi(argv[2]), NULL,&factors ), 1);
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_putc ('\n', es_stdout);
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
mpi_print (es_stdout, factors[0], 1 ); /* print q */
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else if( mode == 4 && argc == 3 ) {
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
MPI g = mpi_alloc(1);
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
mpi_print (es_stdout, generate_elg_prime(
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
0, atoi(argv[1]),
atoi(argv[2]), g, NULL ), 1);
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_putc ('\n', es_stdout);
Finished the bulk of changes to use estream in most places instead of stdio.
2010-03-15 12:15:45 +01:00
mpi_print (es_stdout, g, 1 );
mpi_free (g);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else
wrong_args("--gen-prime mode bits [qbits] ");
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_putc ('\n', es_stdout);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
#endif
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
wrong_args("--gen-prime not yet supported ");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aGenRandom:
{
int level = argc ? atoi(*argv):0;
int count = argc > 1 ? atoi(argv[1]): 0;
int endless = !count;
if( argc < 1 || argc > 2 || level < 0 || level > 2 || count < 0 )
wrong_args("--gen-random 0|1|2 [count]");
while( endless || count ) {
byte *p;
/* Wee need a multiple of 3, so that in case of
armored output we get a correct string. No
linefolding is done, as it is best to levae this to
other tools */
size_t n = !endless && count < 99? count : 99;
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
p = gcry_random_bytes (n, level);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
#ifdef HAVE_DOSISH_SYSTEM
setmode ( fileno(stdout), O_BINARY );
#endif
if (opt.armor) {
char *tmp = make_radix64_string (p, n);
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_fputs (tmp, es_stdout);
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
xfree (tmp);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if (n%3 == 1)
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_putc ('=', es_stdout);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if (n%3)
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_putc ('=', es_stdout);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
} else {
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_fwrite( p, n, 1, es_stdout );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(p);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( !endless )
count -= n;
}
if (opt.armor)
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_putc ('\n', es_stdout);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
break;
case aPrintMD:
if( argc < 1)
wrong_args("--print-md algo [files]");
{
int all_algos = (**argv=='*' && !(*argv)[1]);
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
int algo = all_algos? 0 : gcry_md_map_name (*argv);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( !algo && !all_algos )
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error(_("invalid hash algorithm '%s'\n"), *argv );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else {
argc--; argv++;
if( !argc )
print_mds(NULL, algo);
else {
for(; argc; argc--, argv++ )
print_mds(*argv, algo);
}
}
}
break;
case aPrintMDs: /* old option */
if( !argc )
print_mds(NULL,0);
else {
for(; argc; argc--, argv++ )
print_mds(*argv,0);
}
break;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#ifndef NO_TRUST_MODELS
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aListTrustDB:
if( !argc )
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
list_trustdb (ctrl, es_stdout, NULL);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else {
for( ; argc; argc--, argv++ )
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
list_trustdb (ctrl, es_stdout, *argv );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
break;
case aUpdateTrustDB:
if( argc )
wrong_args("--update-trustdb");
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
update_trustdb (ctrl);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aCheckTrustDB:
/* Old versions allowed for arguments - ignore them */
gpg: Pass CTRL object down to the trust functions Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 11:41:49 +02:00
check_trustdb (ctrl);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aFixTrustDB:
Print verbose instructions in case of a corrupted trustdb.
2009-07-22 11:43:10 +02:00
how_to_fix_the_trustdb ();
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aListTrustPath:
if( !argc )
wrong_args("--list-trust-path <user-ids>");
for( ; argc; argc--, argv++ ) {
username = make_username( *argv );
list_trust_path( username );
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
xfree(username);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
break;
case aExportOwnerTrust:
if( argc )
wrong_args("--export-ownertrust");
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
export_ownertrust (ctrl);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
case aImportOwnerTrust:
if( argc > 1 )
wrong_args("--import-ownertrust [file]");
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
import_ownertrust (ctrl, argc? *argv:NULL );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
#endif /*!NO_TRUST_MODELS*/
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
case aRebuildKeydbCaches:
if (argc)
wrong_args ("--rebuild-keydb-caches");
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
keydb_rebuild_caches (ctrl, 1);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
#ifdef ENABLE_CARD_SUPPORT
case aCardStatus:
g10: Support specifying SERIALNO for --card-status. * g10/gpg.c (main): Allow an argument for --card-status. * g10/card-util.c (current_card_status): Rename from card_status. (card_status): New, which supports multiple cards. (get_one_name): Use current_card_status. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-27 07:02:01 +02:00
if (argc == 0)
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
card_status (ctrl, es_stdout, NULL);
g10: Support specifying SERIALNO for --card-status. * g10/gpg.c (main): Allow an argument for --card-status. * g10/card-util.c (current_card_status): Rename from card_status. (card_status): New, which supports multiple cards. (get_one_name): Use current_card_status. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-27 07:02:01 +02:00
else if (argc == 1)
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
card_status (ctrl, es_stdout, *argv);
g10: Support specifying SERIALNO for --card-status. * g10/gpg.c (main): Allow an argument for --card-status. * g10/card-util.c (current_card_status): Rename from card_status. (card_status): New, which supports multiple cards. (get_one_name): Use current_card_status. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-27 07:02:01 +02:00
else
wrong_args ("--card-status [serialno]");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
break;
* g10.c: New command --card-status. * card-util.c (card_status): New. * call-agent.c (learn_status_cb): Parse more information. * keylist.c (print_pubkey_info): Add FP arg for optinal printing to a stream. Changed all callers.
2003-07-24 11:06:43 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aCardEdit:
if (argc) {
sl = NULL;
for (argc--, argv++ ; argc; argc--, argv++)
append_to_strlist (&sl, *argv);
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
card_edit (ctrl, sl);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
free_strlist (sl);
* g10.c: New command --card-edit. * card-util.c (card_status): Use tty_fprintf for all output. (print_sha1_fpr, print_isoname): Ditto. (get_one_name,change_name, change_url, change_login,change_lang) (change_sex): New; taken from keygen.c. * keygen.c (smartcard_get_one_name, smartcard_change_name) (smartcard_change_url, smartcard_change_login_data) (smartcard_change_lang, smartcard_change_sex): Removed. (check_smartcard): Removed most menu items.
2003-09-18 17:51:18 +02:00
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
else
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
card_edit (ctrl, NULL);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
break;
* g10.c: New command --card-edit. * card-util.c (card_status): Use tty_fprintf for all output. (print_sha1_fpr, print_isoname): Ditto. (get_one_name,change_name, change_url, change_login,change_lang) (change_sex): New; taken from keygen.c. * keygen.c (smartcard_get_one_name, smartcard_change_name) (smartcard_change_url, smartcard_change_login_data) (smartcard_change_lang, smartcard_change_sex): Removed. (check_smartcard): Removed most menu items.
2003-09-18 17:51:18 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aChangePIN:
if (!argc)
change_pin (0,1);
else if (argc == 1)
change_pin (atoi (*argv),1);
else
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
wrong_args ("--change-pin [no]");
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
break;
#endif /* ENABLE_CARD_SUPPORT*/
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
case aListConfig:
{
char *str=collapse_args(argc,argv);
list_config(str);
xfree(str);
}
break;
* configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT> * g10.c: New options --gpgconf-list, --debug-level and --log-file (set_debug): Add arg DEBUG_LEVEL. (main): Look at less and less version specific config files. From gnupg 1.3.
2004-03-23 14:03:09 +01:00
gpg: Add --list-gcrypt-config and "curve" item for --list-config. * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:26:02 +01:00
case aListGcryptConfig:
/* Fixme: It would be nice to integrate that with
--list-config but unfortunately there is no way yet to have
libgcrypt print it to an estream for further parsing. */
gcry_control (GCRYCTL_PRINT_CONFIG, stdout);
break;
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
case aTOFUPolicy:
build: Allow building without SQLlite support. * configure.ac: Add option --dsiable-tofu and --disable-sqlite. (NEED_SQLITE_VERSION): New var. (USE_TOFU): New ac_define and am_conditional. * autogen.sh (build-w32): Add PKG_CONFIG_LIBDIR to configure so that pkg-config find the correct .pc file. * g10/Makefile.am (tofu_source): New. Build only if enabled. * g10/gpg.c (parse_trust_model)[!USE_TOFU]: Disable tofu models. (parse_tofu_policy)[!USE_TOFU]: Disable all. (parse_tofu_db_format)[!USE_TOFU]: Disable all. (main) <aTOFUPolicy>[!USE_TOFU]: Skip. * g10/keyedit.c (show_key_with_all_names_colon)[!USE_TOFU]: Do not call tofu functions. * g10/keylist.c (list_keyblock_colon)[!USE_TOFU]: Ditto. * g10/trustdb.c (tdb_get_validity_core)[!USE_TOFU]: Skip tofu processing. -- This allows to build a minimal version of GnuPG. It is also currently required to build for Windows. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-20 17:32:23 +02:00
#ifdef USE_TOFU
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
{
int policy;
int i;
KEYDB_HANDLE hd;
if (argc < 2)
gpg: Allow "help" as value for --tofu-policy. * g10/gpg.c (parse_tofu_policy): Add keyword "help". (parse_tofu_db_format): Ditto. -- Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 16:19:35 +01:00
wrong_args ("--tofu-policy POLICY KEYID [KEYID...]");
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
policy = parse_tofu_policy (argv[0]);
hd = keydb_new ();
if (! hd)
gpg: Take care of keydb_new returning NULL. * g10/keydb.c (keydb_new): Print an error message if needed. Also use xtrycalloc because we return an error anyway. * g10/delkey.c (do_delete_key): Handle error retruned by keydb_new. * g10/export.c (do_export_stream): Ditto. * g10/getkey.c (get_pubkey): Ditto. (get_pubkey_fast): Ditto. (get_pubkeyblock): Ditto. (get_seckey): Ditto. (key_byname): Ditto. (get_pubkey_byfprint): Ditto. (get_pubkey_byfprint_fast): Ditto. (parse_def_secret_key): Ditto. (have_secret_key_with_kid): Ditto. * g10/import.c (import_one): Ditto. (import_revoke_cert): Ditto. * g10/keyedit.c (keyedit_quick_adduid): Ditto. * g10/keygen.c (quick_generate_keypair): Ditto. (do_generate_keypair): Ditto. * g10/trustdb.c (validate_keys): Ditto. * g10/keyserver.c (keyidlist): Ditto. * g10/revoke.c (gen_desig_revoke): Ditto. (gen_revoke): Ditto. * g10/gpg.c (check_user_ids): Ditto. (main): Do not print an error message for keydb_new error. * g10/keylist.c (list_all): Use actual error code returned by keydb_new. * g10/t-keydb-get-keyblock.c (do_test): Abort on keydb_new error. * g10/t-keydb.c (do_test): Ditto. * g10/keyring.c (keyring_new): Actually return an error so that the existing keydb_new error checking makes sense for a keyring resource. (keyring_rebuild_cache): Take care of keyring_new returning an error. -- Commit 04a6b903 changed keydb_new to return an error. However the error was not checked at most places which we fix with this patch. To make things easier keydb_new prints an error message itself. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 12:18:32 +01:00
g10_exit (1);
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
g10: Update a key's TOFU policy in a transaction. * g10/tofu.c (tofu_set_policy): Do the update in a transaction. * g10/gpg.c (main): Do a TOFU policy update in a batch transaction. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-08-31 11:40:33 +02:00
tofu_begin_batch_update (ctrl);
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
for (i = 1; i < argc; i ++)
{
KEYDB_SEARCH_DESC desc;
kbnode_t kb;
rc = classify_user_id (argv[i], &desc, 0);
if (rc)
{
gpg: Change some error messages. * g10/getkey.c (parse_def_secret_key): Change error message. Replace log_debug by log_info. * g10/gpg.c (check_user_ids): Make function static. Change error messages. (main): Change error messages. * g10/revoke.c (gen_revoke): Ditto. -- There are other smaller changes not described above. This change tries to avoid new error messages so not to increase the the number of translated strings or break too many existing translations. It also tries to use existing strings and changes the quoting to the most common style used in gpg. Key specifications should in general use double quotes. Other values should use single quotes. However. sometimes it is not easy to distinguish between values given on the command line and key specifications. According to old GNU coding standards diagnostics should not start capitalized - whether this is a good idea is a different thing but we used this rules for most strings. However, strings which are used interactively should be properly capitalized and end with a dot. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 10:39:29 +01:00
log_error (_("error parsing key specification '%s': %s\n"),
argv[i], gpg_strerror (rc));
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
g10_exit (1);
}
if (! (desc.mode == KEYDB_SEARCH_MODE_SHORT_KID
|| desc.mode == KEYDB_SEARCH_MODE_LONG_KID
|| desc.mode == KEYDB_SEARCH_MODE_FPR16
|| desc.mode == KEYDB_SEARCH_MODE_FPR20
|| desc.mode == KEYDB_SEARCH_MODE_FPR
|| desc.mode == KEYDB_SEARCH_MODE_KEYGRIP))
{
log_error (_("'%s' does not appear to be a valid"
gpg: Change some error messages. * g10/getkey.c (parse_def_secret_key): Change error message. Replace log_debug by log_info. * g10/gpg.c (check_user_ids): Make function static. Change error messages. (main): Change error messages. * g10/revoke.c (gen_revoke): Ditto. -- There are other smaller changes not described above. This change tries to avoid new error messages so not to increase the the number of translated strings or break too many existing translations. It also tries to use existing strings and changes the quoting to the most common style used in gpg. Key specifications should in general use double quotes. Other values should use single quotes. However. sometimes it is not easy to distinguish between values given on the command line and key specifications. According to old GNU coding standards diagnostics should not start capitalized - whether this is a good idea is a different thing but we used this rules for most strings. However, strings which are used interactively should be properly capitalized and end with a dot. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 10:39:29 +01:00
" key ID, fingerprint or keygrip\n"),
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
argv[i]);
g10_exit (1);
}
rc = keydb_search_reset (hd);
if (rc)
{
gpg: Change some error messages. * g10/getkey.c (parse_def_secret_key): Change error message. Replace log_debug by log_info. * g10/gpg.c (check_user_ids): Make function static. Change error messages. (main): Change error messages. * g10/revoke.c (gen_revoke): Ditto. -- There are other smaller changes not described above. This change tries to avoid new error messages so not to increase the the number of translated strings or break too many existing translations. It also tries to use existing strings and changes the quoting to the most common style used in gpg. Key specifications should in general use double quotes. Other values should use single quotes. However. sometimes it is not easy to distinguish between values given on the command line and key specifications. According to old GNU coding standards diagnostics should not start capitalized - whether this is a good idea is a different thing but we used this rules for most strings. However, strings which are used interactively should be properly capitalized and end with a dot. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 10:39:29 +01:00
/* This should not happen, thus no need to tranalate
the string. */
log_error ("keydb_search_reset failed: %s\n",
gpg_strerror (rc));
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
g10_exit (1);
}
rc = keydb_search (hd, &desc, 1, NULL);
gpg: Change some error messages. * g10/getkey.c (parse_def_secret_key): Change error message. Replace log_debug by log_info. * g10/gpg.c (check_user_ids): Make function static. Change error messages. (main): Change error messages. * g10/revoke.c (gen_revoke): Ditto. -- There are other smaller changes not described above. This change tries to avoid new error messages so not to increase the the number of translated strings or break too many existing translations. It also tries to use existing strings and changes the quoting to the most common style used in gpg. Key specifications should in general use double quotes. Other values should use single quotes. However. sometimes it is not easy to distinguish between values given on the command line and key specifications. According to old GNU coding standards diagnostics should not start capitalized - whether this is a good idea is a different thing but we used this rules for most strings. However, strings which are used interactively should be properly capitalized and end with a dot. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 10:39:29 +01:00
if (rc)
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
{
gpg: Change some error messages. * g10/getkey.c (parse_def_secret_key): Change error message. Replace log_debug by log_info. * g10/gpg.c (check_user_ids): Make function static. Change error messages. (main): Change error messages. * g10/revoke.c (gen_revoke): Ditto. -- There are other smaller changes not described above. This change tries to avoid new error messages so not to increase the the number of translated strings or break too many existing translations. It also tries to use existing strings and changes the quoting to the most common style used in gpg. Key specifications should in general use double quotes. Other values should use single quotes. However. sometimes it is not easy to distinguish between values given on the command line and key specifications. According to old GNU coding standards diagnostics should not start capitalized - whether this is a good idea is a different thing but we used this rules for most strings. However, strings which are used interactively should be properly capitalized and end with a dot. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 10:39:29 +01:00
log_error (_("key \"%s\" not found: %s\n"), argv[i],
gpg_strerror (rc));
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
g10_exit (1);
}
rc = keydb_get_keyblock (hd, &kb);
if (rc)
{
gpg: Change some error messages. * g10/getkey.c (parse_def_secret_key): Change error message. Replace log_debug by log_info. * g10/gpg.c (check_user_ids): Make function static. Change error messages. (main): Change error messages. * g10/revoke.c (gen_revoke): Ditto. -- There are other smaller changes not described above. This change tries to avoid new error messages so not to increase the the number of translated strings or break too many existing translations. It also tries to use existing strings and changes the quoting to the most common style used in gpg. Key specifications should in general use double quotes. Other values should use single quotes. However. sometimes it is not easy to distinguish between values given on the command line and key specifications. According to old GNU coding standards diagnostics should not start capitalized - whether this is a good idea is a different thing but we used this rules for most strings. However, strings which are used interactively should be properly capitalized and end with a dot. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 10:39:29 +01:00
log_error (_("error reading keyblock: %s\n"),
gpg_strerror (rc));
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
g10_exit (1);
}
gpg: Pass CTRL to many more functions. -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:52 +02:00
merge_keys_and_selfsig (ctrl, kb);
gpg: Store the Tofu meta handle for databases in CTRL. * g10/gpg.h (struct tofu_dbs_s, tofu_dbs_t): New declarations. (struct server_control_s): Add field tofu.dbs. * g10/tofu.c (struct dbs): Rename to tofu_dbs_s. Replace all users by by tofu_dbs_t. (opendbs): Add arg CTRL. Cache the DBS in CTRL. (closedbs): Rename to tofu_closedbs and make global. Add arg CTRL. (tofu_register): Add arg CTRL. Change all callers. Do not call closedbs. (tofu_get_validity): Ditto. (tofu_set_policy): Ditto. (tofu_get_policy): Ditto. (tofu_set_policy_by_keyid): Add arg CTRL. * g10/gpg.c (gpg_deinit_default_ctrl): Call tofu_closedbs. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 12:26:44 +02:00
if (tofu_set_policy (ctrl, kb, policy))
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
g10_exit (1);
g10: Avoid a memory leak. * g10/gpg.c (main): Free KB when we're done with it. Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-12-06 12:14:49 +01:00
release_kbnode (kb);
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
}
g10: Update a key's TOFU policy in a transaction. * g10/tofu.c (tofu_set_policy): Do the update in a transaction. * g10/gpg.c (main): Do a TOFU policy update in a batch transaction. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-08-31 11:40:33 +02:00
tofu_end_batch_update (ctrl);
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
g10: Update a key's TOFU policy in a transaction. * g10/tofu.c (tofu_set_policy): Do the update in a transaction. * g10/gpg.c (main): Do a TOFU policy update in a batch transaction. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-08-31 11:40:33 +02:00
keydb_release (hd);
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
}
build: Allow building without SQLlite support. * configure.ac: Add option --dsiable-tofu and --disable-sqlite. (NEED_SQLITE_VERSION): New var. (USE_TOFU): New ac_define and am_conditional. * autogen.sh (build-w32): Add PKG_CONFIG_LIBDIR to configure so that pkg-config find the correct .pc file. * g10/Makefile.am (tofu_source): New. Build only if enabled. * g10/gpg.c (parse_trust_model)[!USE_TOFU]: Disable tofu models. (parse_tofu_policy)[!USE_TOFU]: Disable all. (parse_tofu_db_format)[!USE_TOFU]: Disable all. (main) <aTOFUPolicy>[!USE_TOFU]: Skip. * g10/keyedit.c (show_key_with_all_names_colon)[!USE_TOFU]: Do not call tofu functions. * g10/keylist.c (list_keyblock_colon)[!USE_TOFU]: Ditto. * g10/trustdb.c (tdb_get_validity_core)[!USE_TOFU]: Skip tofu processing. -- This allows to build a minimal version of GnuPG. It is also currently required to build for Windows. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-20 17:32:23 +02:00
#endif /*USE_TOFU*/
g10: Add TOFU support. * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:44:05 +02:00
break;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
default:
gpg: Print a warning if no command has been given. * g10/gpg.c (main): Print in the default case. -- GnuPG-bug-id: 2943 Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-13 13:09:51 +01:00
if (!opt.quiet)
log_info (_("WARNING: no command supplied."
" Trying to guess what you mean ...\n"));
/*FALLTHU*/
case aListPackets:
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( argc > 1 )
g10: Avoid translating simple error messages. * g10/gpg.c (main): Avoid translating arguments to 'wrong_args'. -- Translating these messages is a burden for translators, and we only have translations for very few of them as it is. If we want to localize these messages, I'd suggest to translate the placeholders (e.g. 'filename'). Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-15 16:06:49 +01:00
wrong_args("[filename]");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* Issue some output for the unix newbie */
./autogen.sh --build-w32ce does now succeed.
2010-04-14 16:39:16 +02:00
if (!fname && !opt.outfile
&& gnupg_isatty (fileno (stdin))
&& gnupg_isatty (fileno (stdout))
&& gnupg_isatty (fileno (stderr)))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
log_info(_("Go ahead and type your message ...\n"));
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
a = iobuf_open(fname);
if (a && is_secured_file (iobuf_get_fd (a)))
{
iobuf_close (a);
a = NULL;
Use gpg_err_set_errno to assign values to ERRNO.
2010-04-01 15:24:55 +02:00
gpg_err_set_errno (EPERM);
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
if( !a )
Change all quotes in strings and comments to the new GNU standard. The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
log_error(_("can't open '%s'\n"), print_fname_stdin(fname));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else {
if( !opt.no_armor ) {
if( use_armor_filter( a ) ) {
Fixes for CVE-2006-6235
2006-12-06 11:16:50 +01:00
afx = new_armor_context ();
push_armor_filter (afx, a);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
if( cmd == aListPackets ) {
opt.list_packets=1;
g10: Fix --list-packets. * g10/gpg.c (main): Call set_packet_list_mode after assignment of opt.list_packets. * g10/mainproc.c (do_proc_packets): Don't stop processing with --list-packets as the comment says. * g10/options.h (list_packets): Fix the comment. * g10/parse-packet.c: Fix the condition for opt.list_packets. -- Debian-bug-id: 828109 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-06-28 08:56:48 +02:00
set_packet_list_mode(1);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
rc = proc_packets (ctrl, NULL, a );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if( rc )
gpg: Print a new FAILURE status after most commands. * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 09:03:31 +02:00
{
write_status_failure ("-", rc);
log_error ("processing message failed: %s\n",
gpg_strerror (rc));
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
iobuf_close(a);
}
break;
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
/* cleanup */
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
gpg_deinit_default_ctrl (ctrl);
xfree (ctrl);
Fixes for CVE-2006-6235
2006-12-06 11:16:50 +01:00
release_armor_context (afx);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
FREE_STRLIST(remusr);
FREE_STRLIST(locusr);
g10_exit(0);
return 8; /*NEVER REACHED*/
}
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
Key generation and signing using the OpenPGP card does rudimentary work.
2003-06-27 22:53:09 +02:00
/* Note: This function is used by signal handlers!. */
static void
emergency_cleanup (void)
{
gcry_control (GCRYCTL_TERM_SECMEM );
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
void
g10_exit( int rc )
{
* gpgsm.c (main): Add secmem features and set the random seed file. (gpgsm_exit): Update the random seed file and enable debug output. * g10.c (main): Add secmem features and set the random seed file. (g10_exit): Update the random seed file. * parse-packet.c (parse_signature,read_protected_v3_mpi) (parse_key): Fixed use of mpi_set_opaque. * keygen.c (gen_card_key): Ditto.
2003-07-29 10:53:19 +02:00
gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
New function log_clock. * common/logging.c (log_clock): New. * g10/gpg.c (set_debug): Print clock debug flag. * g10/options.h (DBG_CLOCK_VALUE, DBG_CLOCK): New. -- To actually use log_clock you need to enable the code in logginc.c:log_check() and link against librt. --debug 4096 may then be used to enable it at runtime.
2013-01-07 16:51:24 +01:00
if (DBG_CLOCK)
log_clock ("stop");
gpg: Improve speed of --check-sigs and --lish-sigs. * g10/keydb.c (kid_list_t): New. (kid_not_found_table, n_kid_not_found_table): New. (kid_not_found_p, kid_not_found_insert, kid_not_found_flush): New. (keydb_insert_keyblock): Flush the new cache. (keydb_delete_keyblock): Ditto. (keydb_update_keyblock): Ditto. (keydb_search): Use the new cache. (keydb_dump_stats): New. * g10/gpg.c (g10_exit): Dump keydb stats. -- What we do here is to keep track of key searches by long keyids (as stored in all signatures) so that we do not need to scan the keybox again after we already found that this keyid will result in not-found. As soon as we change gpg to run as a co-process we should store this table per session because other instances of gpg may have updated the keybox without us knowing. On a test ring with gpg: 94721 good signatures gpg: 6831 bad signatures gpg: 150703 signatures not checked due to missing keys gpg: 5 signatures not checked due to errors gpg: keydb: kid_not_found_table: total: 14132 this new cache speeds a --check-sigs listing up from 28 minutes to less than 3 minutes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-20 15:03:32 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if ( (opt.debug & DBG_MEMSTAT_VALUE) )
* gpgsm.c (main): Add secmem features and set the random seed file. (gpgsm_exit): Update the random seed file and enable debug output. * g10.c (main): Add secmem features and set the random seed file. (g10_exit): Update the random seed file. * parse-packet.c (parse_signature,read_protected_v3_mpi) (parse_key): Fixed use of mpi_set_opaque. * keygen.c (gen_card_key): Ditto.
2003-07-29 10:53:19 +02:00
{
gpg: Improve speed of --check-sigs and --lish-sigs. * g10/keydb.c (kid_list_t): New. (kid_not_found_table, n_kid_not_found_table): New. (kid_not_found_p, kid_not_found_insert, kid_not_found_flush): New. (keydb_insert_keyblock): Flush the new cache. (keydb_delete_keyblock): Ditto. (keydb_update_keyblock): Ditto. (keydb_search): Use the new cache. (keydb_dump_stats): New. * g10/gpg.c (g10_exit): Dump keydb stats. -- What we do here is to keep track of key searches by long keyids (as stored in all signatures) so that we do not need to scan the keybox again after we already found that this keyid will result in not-found. As soon as we change gpg to run as a co-process we should store this table per session because other instances of gpg may have updated the keybox without us knowing. On a test ring with gpg: 94721 good signatures gpg: 6831 bad signatures gpg: 150703 signatures not checked due to missing keys gpg: 5 signatures not checked due to errors gpg: keydb: kid_not_found_table: total: 14132 this new cache speeds a --check-sigs listing up from 28 minutes to less than 3 minutes. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-20 15:03:32 +02:00
keydb_dump_stats ();
gpg: Print more stats for the keydb and the signature cache. * g10/sig-check.c (sig_check_dump_stats): New. (cache_stats): New struct. (check_key_signature2): Update stats. * g10/gpg.c (g10_exit): Call new function. * g10/keydb.c (kid_not_found_cache_count): Replace by ... (kid_not_found_stats): ... new struct. Change users. (keydb_stats): New struct. Update the counters. (keydb_dump_stats): Print all stats. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:03:43 +02:00
sig_check_dump_stats ();
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
gcry_control (GCRYCTL_DUMP_MEMORY_STATS);
gcry_control (GCRYCTL_DUMP_RANDOM_STATS);
* gpgsm.c (main): Add secmem features and set the random seed file. (gpgsm_exit): Update the random seed file and enable debug output. * g10.c (main): Add secmem features and set the random seed file. (g10_exit): Update the random seed file. * parse-packet.c (parse_signature,read_protected_v3_mpi) (parse_key): Fixed use of mpi_set_opaque. * keygen.c (gen_card_key): Ditto.
2003-07-29 10:53:19 +02:00
}
if (opt.debug)
gcry_control (GCRYCTL_DUMP_SECMEM_STATS );
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
* gpgsm.c (main): Add secmem features and set the random seed file. (gpgsm_exit): Update the random seed file and enable debug output. * g10.c (main): Add secmem features and set the random seed file. (g10_exit): Update the random seed file. * parse-packet.c (parse_signature,read_protected_v3_mpi) (parse_key): Fixed use of mpi_set_opaque. * keygen.c (gen_card_key): Ditto.
2003-07-29 10:53:19 +02:00
emergency_cleanup ();
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
rc = rc? rc : log_get_errorcount(0)? 2 : g10_errors_seen? 1 : 0;
exit (rc);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
/* Pretty-print hex hashes. This assumes at least an 80-character
display, but there are a few other similar assumptions in the
display code. */
static void
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
print_hex (gcry_md_hd_t md, int algo, const char *fname)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
int i,n,count,indent=0;
const byte *p;
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
if (fname)
indent = es_printf("%s: ",fname);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
if (indent>40)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_printf ("\n");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
indent=0;
}
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
if (algo==DIGEST_ALGO_RMD160)
indent += es_printf("RMD160 = ");
else if (algo>0)
indent += es_printf("%6s = ", gcry_md_algo_name (algo));
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
else
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
algo = abs(algo);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
count = indent;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
2003-06-18 21:56:13 +02:00
p = gcry_md_read (md, algo);
n = gcry_md_get_algo_dlen (algo);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
count += es_printf ("%02X",*p++);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
for(i=1;i<n;i++,p++)
{
if(n==16)
{
if(count+2>79)
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n%*s",indent," ");
count = indent;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
count += es_printf(" ");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
if (!(i%8))
count += es_printf(" ");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else if (n==20)
{
if(!(i%2))
{
if(count+4>79)
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n%*s",indent," ");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
count=indent;
}
else
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
count += es_printf(" ");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
if (!(i%10))
count += es_printf(" ");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
else
{
if(!(i%4))
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
if (count+8>79)
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n%*s",indent," ");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
count=indent;
}
else
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
count += es_printf(" ");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
count += es_printf("%02X",*p);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("\n");
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
static void
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
print_hashline( gcry_md_hd_t md, int algo, const char *fname )
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
{
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
int i, n;
const byte *p;
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
if ( fname )
{
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
for (p = fname; *p; p++ )
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
{
if ( *p <= 32 || *p > 127 || *p == ':' || *p == '%' )
es_printf ("%%%02X", *p );
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
else
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_putc (*p, es_stdout);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_putc (':', es_stdout);
es_printf ("%d:", algo);
p = gcry_md_read (md, algo);
n = gcry_md_get_algo_dlen (algo);
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
for(i=0; i < n ; i++, p++ )
Fix regression in logging. Add a registry key to enable catch-all remote debugging for W32. Replace more stdio stuff by estream.
2010-08-18 21:25:15 +02:00
es_printf ("%02X", *p);
es_fputs (":\n", es_stdout);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
static void
print_mds( const char *fname, int algo )
{
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
estream_t fp;
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
char buf[1024];
size_t n;
gcry_md_hd_t md;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
if (!fname)
{
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
fp = es_stdin;
es_set_binary (fp);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
else
{
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
fp = es_fopen (fname, "rb" );
if (fp && is_secured_file (es_fileno (fp)))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
{
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
es_fclose (fp);
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
fp = NULL;
gpg_err_set_errno (EPERM);
}
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
if (!fp)
{
log_error("%s: %s\n", fname?fname:"[stdin]", strerror(errno) );
return;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_open (&md, 0, 0);
if (algo)
gcry_md_enable (md, algo);
else
{
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_MD5))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_enable (md, GCRY_MD_MD5);
gcry_md_enable (md, GCRY_MD_SHA1);
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_RMD160))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_enable (md, GCRY_MD_RMD160);
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA224))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_enable (md, GCRY_MD_SHA224);
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA256))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_enable (md, GCRY_MD_SHA256);
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA384))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_enable (md, GCRY_MD_SHA384);
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA512))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_enable (md, GCRY_MD_SHA512);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
while ((n=es_fread (buf, 1, DIM(buf), fp)))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_write (md, buf, n);
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
if (es_ferror(fp))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
log_error ("%s: %s\n", fname?fname:"[stdin]", strerror(errno));
else
{
gcry_md_final (md);
if (opt.with_colons)
{
if ( algo )
print_hashline (md, algo, fname);
else
{
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_MD5))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hashline( md, GCRY_MD_MD5, fname );
print_hashline( md, GCRY_MD_SHA1, fname );
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_RMD160))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hashline( md, GCRY_MD_RMD160, fname );
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA224))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hashline (md, GCRY_MD_SHA224, fname);
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA256))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hashline( md, GCRY_MD_SHA256, fname );
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA384))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hashline ( md, GCRY_MD_SHA384, fname );
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA512))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hashline ( md, GCRY_MD_SHA512, fname );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
else
{
if (algo)
print_hex (md, -algo, fname);
else
{
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_MD5))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hex (md, GCRY_MD_MD5, fname);
print_hex (md, GCRY_MD_SHA1, fname );
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_RMD160))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hex (md, GCRY_MD_RMD160, fname );
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA224))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hex (md, GCRY_MD_SHA224, fname);
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA256))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hex (md, GCRY_MD_SHA256, fname );
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA384))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hex (md, GCRY_MD_SHA384, fname );
gpg: Replace a hash algo test function. * g10/gpg.c (print_mds): Replace openpgp_md_test_algo. -- This is actually not required because as of now the used OpenPGP and Gcrypt hash algorithm numbers are identical. But that might change in the future. This changes the behavior of GnuPG in case it has been build with some algorithms disabled: If those algorithms are available in Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
if (!gcry_md_test_algo (GCRY_MD_SHA512))
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
print_hex (md, GCRY_MD_SHA512, fname );
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
}
gpg: Re-indent a function. --
2014-09-18 14:50:02 +02:00
gcry_md_close (md);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
gpg: Replace remaining uses of stdio by estream. * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <guilhem@fripost.org> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
if (fp != es_stdin)
es_fclose (fp);
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
/****************
* Check the supplied name,value string and add it to the notation
* data to be used for signatures. which==0 for sig notations, and 1
* for cert notations.
*/
static void
add_notation_data( const char *string, int which )
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
struct notation *notation;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
notation=string_to_notation(string,utf8_strings);
if(notation)
{
if(which)
{
notation->next=opt.cert_notations;
opt.cert_notations=notation;
}
else
{
notation->next=opt.sig_notations;
opt.sig_notations=notation;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
}
}
static void
add_policy_url( const char *string, int which )
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
unsigned int i,critical=0;
Fix for bug 537
2006-10-02 13:54:35 +02:00
strlist_t sl;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
if(*string=='!')
{
string++;
critical=1;
}
for(i=0;i<strlen(string);i++)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if( !isascii (string[i]) || iscntrl(string[i]))
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
break;
if(i==0 || i<strlen(string))
{
if(which)
log_error(_("the given certification policy URL is invalid\n"));
else
log_error(_("the given signature policy URL is invalid\n"));
}
if(which)
sl=add_to_strlist( &opt.cert_policy_url, string );
else
sl=add_to_strlist( &opt.sig_policy_url, string );
if(critical)
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
sl->flags |= 1;
This commit was manufactured by cvs2svn to create branch 'GNUPG-1-9-BRANCH'.
2003-06-05 09:14:21 +02:00
}
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
static void
add_keyserver_url( const char *string, int which )
{
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
unsigned int i,critical=0;
Fix for bug 537
2006-10-02 13:54:35 +02:00
strlist_t sl;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
if(*string=='!')
{
string++;
critical=1;
}
for(i=0;i<strlen(string);i++)
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
if( !isascii (string[i]) || iscntrl(string[i]))
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
break;
if(i==0 || i<strlen(string))
{
if(which)
BUG();
else
Merged with gpg 1.4.3 code. The gpg part does not yet build.
2006-04-19 13:26:11 +02:00
log_error(_("the given preferred keyserver URL is invalid\n"));
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
}
if(which)
BUG();
else
sl=add_to_strlist( &opt.sig_keyserver_url, string );
if(critical)
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
sl->flags |= 1;
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2003-09-23 19:48:33 +02:00
}
gpg: New option --override-session-key-fd. * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 09:02:53 +01:00
static void
read_sessionkey_from_fd (int fd)
{
int i, len;
char *line;
gpg,common: Make sure that all fd given are valid. * common/sysutils.c (gnupg_fd_valid): New function. * common/sysutils.h (gnupg_fd_valid): New declaration. * common/logging.c (log_set_file): Use the new function. * g10/cpr.c (set_status_fd): Likewise. * g10/gpg.c (main): Likewise. * g10/keylist.c (read_sessionkey_from_fd): Likewise. * g10/passphrase.c (set_attrib_fd): Likewise. * tests/openpgp/Makefile.am (XTESTS): Add the new test. * tests/openpgp/issue2941.scm: New file. -- Consider a situation where the user passes "--status-fd 3" but file descriptor 3 is not open. During the course of executing the rest of the commands, it's possible that gpg itself will open some files, and file descriptor 3 will get allocated. In this situation, the status information will be appended directly to whatever file happens to have landed on fd 3 (the trustdb? the keyring?). This is a potential data destruction issue for all writable file descriptor options: --status-fd --attribute-fd --logger-fd It's also a potential issue for readable file descriptor options, but the risk is merely weird behavior, and not data corruption: --override-session-key-fd --passphrase-fd --command-fd Fixes this by checking whether the fd is valid early on before using it. GnuPG-bug-id: 2941 Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-08 13:49:41 +01:00
if (! gnupg_fd_valid (fd))
log_fatal ("override-session-key-fd is invalid: %s\n", strerror (errno));
gpg: New option --override-session-key-fd. * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 09:02:53 +01:00
for (line = NULL, i = len = 100; ; i++ )
{
if (i >= len-1 )
{
char *tmp = line;
len += 100;
line = xmalloc_secure (len);
if (tmp)
{
memcpy (line, tmp, i);
xfree (tmp);
}
else
i=0;
}
if (read (fd, line + i, 1) != 1 || line[i] == '\n')
break;
}
line[i] = 0;
log_debug ("seskey: %s\n", line);
gpgrt_annotate_leaked_object (line);
opt.override_session_key = line;
}