gpg: Detect already compressed data also when using a pipe.

* common/iobuf.c (file_filter_ctx_t): Add fields for the peek feature. (file_filter): Implement peeking. (iobuf_ioctl): Add new IOBUF_IOCTL_PEEK. * common/iobuf.h (IOBUF_IOCTL_PEEK, IOBUFCTRL_PEEK): New. * common/miscellaneous.c (is_file_compressed): Rewrite. Detect PDF. * g10/encrypt.c (encrypt_simple): Peek before detecting compression. (encrypt_crypt): Ditto. * g10/sign.c (sign_file): Also detect already compressed data. * g10/options.h (opt): Add explicit_compress_option. * g10/gpg.c (main): Set opt.explicit_compress_option for -z. -- Note that this patch also introduces a compression check for signing which was never done in the past. GnuPG-bug-id: 6332
2025-07-02 22:46:30 +02:00 · 2023-01-18 18:04:50 +01:00 · 2023-01-18 18:04:50 +01:00 · 60963d98cf
commit 60963d98cf
parent 94ae43be36
9 changed files with 201 additions and 64 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -635,12 +635,13 @@ The @option{--dearmor} command can also be used to dearmor PEM armors.

@item --unwrap
@opindex unwrap
-This command is similar to @option{--decrypt} with the change that the
+This command is similar to @option{--decrypt} with the difference that the
 output is not the usual plaintext but the original message with the
-decryption layer removed.  Thus the output will be an OpenPGP data
+encryption layer removed.  Thus the output will be an OpenPGP data
 structure which often means a signed OpenPGP message.  Note that this
 command may or may not remove a compression layer which is often found
-beneath the encryption layer.
+beneath the encryption layer.  Without the option @option{--output}
+the result is written to a file with the suffix stripped.

@item --tofu-policy @{auto|good|unknown|bad|ask@}  @var{keys}
@opindex tofu-policy
@ -860,9 +861,10 @@ line.
  @opindex keyedit:tsign
  Make a trust signature. This is a signature that combines the notions
  of certification (like a regular signature), and trust (like the
-  "trust" command). It is generally only useful in distinct communities
-  or groups.  For more information please read the sections
-  ``Trust Signature'' and ``Regular Expression'' in RFC-4880.
+  "trust" command). It is generally useful in distinct communities
+  or groups to implement the concept of a Trusted Introducer.  For
+  more information please read the sections ``Trust Signature'' and
+  ``Regular Expression'' in RFC-4880.
@end table

@c man:.RS
@ -1658,6 +1660,16 @@ for the BZIP2 compression algorithm (defaulting to 6 as well). This is a
 different option from @option{--compress-level} since BZIP2 uses a
 significant amount of memory for each additional compression level.
@option{-z} sets both. A value of 0 for @var{n} disables compression.
+A value of -1 forces compression using the default level.
+
+Except for the @option{--store} command compression is always used
+unless @command{gpg} detects that the input is already compressed.  To
+inhibit the use of compression use @option{-z0}; to force compression
+use @option{-z-1} or option @option{z} with another compression level
+than the default as indicated by -1.  Note that this overriding of the
+default deection works only with @option{z} and not with the long
+variant of this option.
+

@item --bzip2-decompress-lowmem
@opindex bzip2-decompress-lowmem