diff --git a/AUTHORS b/AUTHORS index 0de6a8662..d554ac7c9 100644 --- a/AUTHORS +++ b/AUTHORS @@ -3,8 +3,6 @@ Maintainer: Werner Koch Bug reports: Security related bug reports: -Please note that this file is for the 1.9 branch of GnuPG. - Authors ======= diff --git a/ChangeLog b/ChangeLog index 47d0ca810..bd8b0178a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2006-08-17 Werner Koch + + * THANKS: Merged with the 1.4 one. + +2006-08-16 Werner Koch + + * configure.ac: Removed test for capabilities and mlock. + 2006-08-15 Werner Koch * Makefile.am (keyserver): Enable building of keyserver helpers. diff --git a/THANKS b/THANKS index 0f31642ac..ed184ebaa 100644 --- a/THANKS +++ b/THANKS @@ -1,9 +1,272 @@ +GnuPG was originally written by Werner Koch. Other people contributed +by reporting problems, suggesting various improvements or submitting +actual code. Here is a list of those people. Help us keep it +complete and free of errors. -Alexander Belopolsky belopolsky at mac.com -Andrew J. Schorr aschorr at telemetry-investments.com -Carl Meijer carlm at prism.co.za -Charly Avital shavital at mac.com -Kazu Yamamoto kazu at iij.ad.jp -Michael Nottebrock michaelnottebrock at gmx.net -Ray Link rlink at pitt.edu -Richard Lefebvre rick at cerca.umontreal.ca + +Adam Mitchell adam at cafe21.org +Albert Chin china at thewrittenword.com +Alec Habig habig at budoe2.bu.edu +Alexander Belopolsky belopolsky at mac.com +Allan Clark allanc at sco.com +Anand Kumria wildfire at progsoc.uts.edu.au +Andreas Haumer andreas at xss.co.at +Andrew J. Schorr aschorr at telemetry-investments.com +Anthony Carrico acarrico at memebeam.org +Anthony Mulcahy anthony at kcn.ne.jp +Ariel T Glenn ariel at columbia.edu +Bernhard Herzog bh at intevation.de +Bernhard Reiter bernhard de intevation.de +Bob Mathews bobmathews at mindspring.com +Bodo Moeller Bodo_Moeller at public.uni-hamburg.de +Brendan O'Dea bod at debian.org +Brenno de Winter brenno at dewinter.com +Brian M. Carlson karlsson at hal-pc.org +Brian Moore bem at cmc.net +Brian Warner warner at lothar.com +Bryan Fullerton bryanf at samurai.com +Bryce Nichols bryce at bnichols.org +Carl Meijer carlm at prism.co.za +Caskey L. Dickson caskey at technocage.com +Cees van de Griend cees-list at griend.xs4all.nl +Charles Levert charles at comm.polymtl.ca +Charly Avital shavital at mac.com +Chip Salzenberg chip at valinux.com +Chris Adams cmadams at hiwaay.net +Christian Biere christianbiere at gmx.de +Christian Kurz shorty at debian.org +Christian von Roques roques at pond.sub.org +Christopher Oliver oliver at fritz.traverse.net +Christian Recktenwald chris at citecs.de +Daiki Ueno ueno at unixuser.org +Dan Winship danw at helixcode.com +Daniel Eisenbud eisenbud at cs.swarthmore.edu +Daniel Koening dan at chaosdorf.de +Daniel Resare daniel at resare.com +Dany Nativel dany at natzo.com +Dave Dykstra dwd at bell-labs.com +David C Niemi niemi at tuxers.net +David Champion dgc at uchicago.edu +David D. Scribner dscribner at bigfoot.com +David Ellement ellement at sdd.hp.com +David Hallinan hallinan at rtd.com +David Hollenberg dhollen at ISI.EDU +David Mathog MATHOG at seqaxp.bio.caltech.edu +David R. Bergstein dbergstein at home.com +David Shaw dshaw at jabberwocky.com +Detlef Lannert lannert at lannert.rz.uni-duesseldorf.de +Dimitri dmitri at advantrix.com +Dirk Lattermann dlatt at t-online.de +Dirk Meyer dirk.meyer at dinoex.sub.org +Disastry Disastry at saiknes.lv +Douglas Calvert dfc at anize.org +Ed Boraas ecxjo at esperanto.org +Edmund GRIMLEY EVANS edmundo at rano.org +Edwin Woudt edwin at woudt.nl +Enzo Michelangeli em at MailAndNews.com +Ernst Molitor ernst.molitor at uni-bonn.de +Evgeny Legerov +Fabio Coatti cova at ferrara.linux.it +Felix von Leitner leitner at amdiv.de +fish stiqz fish at analog.org +Florian Weimer Florian.Weimer at rus.uni-stuttgart.de +Francesco Potorti pot at gnu.org +Frank Donahoe fdonahoe at wilkes1.wilkes.edu +Frank Heckenbach heckenb at mi.uni-erlangen.de +Frank Stajano frank.stajano at cl.cam.ac.uk +Frank Tobin ftobin at uiuc.edu +Gabriel Rosenkoetter gr at eclipsed.net +Gaël Quéri gael at lautre.net +Gene Carter gcarter at lanier.com +Geoff Keating geoffk at ozemail.com.au +Georg Schwarz georg.schwarz at iname.com +Giampaolo Tomassoni g.tomassoni at libero.it +Gilbert Fernandes gilbert_fernandes at hotmail.com +Greg Louis glouis at dynamicro.on.ca +Greg Troxel gdt at ir.bbn.com +Gregory Steuck steuck at iname.com +Harald Denker harry at hal.westfalen.de +Holger Baust Holger.Baust at freenet-ag.de +Hendrik Buschkamp buschkamp at rheumanet.org +Holger Schurig holger at d.om.org +Holger Smolinski smolinsk at de.ibm.com +Holger Trapp Holger.Trapp at informatik.tu-chemnitz.de +Hugh Daniel hugh at toad.com +Huy Le huyle at ugcs.caltech.edu +Ian McKellar imckellar at harvestroad.com.au +Ingo Klöcker kloecker at kde.org +Ivo Timmermans itimmermans at bigfoot.com +Jan Krueger max at physics.otago.ac.nz +Jan Niehusmann jan at gondor.com +Jan-0liver Wagner jan @ intevation.de +Janusz A. Urbanowicz alex at bofh.torun.pl +James Troup james at nocrew.org +Jean-loup Gailly gzip at prep.ai.mit.edu +Jeff Long long at kestrel.cc.ukans.edu +Jeffery Von Ronne jronne at ics.uci.edu +Jens Bachem bachem at rrz.uni-koeln.de +Jeroen C. van Gelderen jeroen at vangelderen.org +J Horacio MG homega at ciberia.es +J. Michael Ashley jashley at acm.org +Jim Bauer jfbauer at home.com +Jim Small cavenewt at my-deja.com +Joachim Backes backes at rhrk.uni-kl.de +Joe Rhett jrhett at isite.net +Joerg Honegger Joerg.Honegger at hp.com +John A. Martin jam at jamux.com +John Clizbe JPClizbe at comcast.net +John R. Shannon john at johnrshannon.com +Johnny Teveßen j.tevessen at gmx.de +Jörg Schilling schilling at fokus.gmd.de +Jos Backus Jos.Backus at nl.origin-it.com +Joseph Walton joe at kafsemo.org +Juan F. Codagnone juam at arnet.com.ar +Jun Kuriyama kuriyama at sky.rim.or.jp +Kahil D. Jallad kdj4 at cs.columbia.edu +Karl Fogel kfogel at guanabana.onshore.com +Karsten Thygesen karthy at kom.auc.dk +Katsuhiro Kondou kondou at nec.co.jp +Kazu Yamamoto kazu at iij.ad.jp +Kazuyoshi Kakihara +Keith Clayton keith at claytons.org +Kevin Ryde user42 at zip.com.au +Klaus Singvogel ks at caldera.de +Kurt Garloff garloff at suse.de +Lars Kellogg-Stedman lars at bu.edu +L. Sassaman rabbi at quickie.net +M Taylor mctaylor at privacy.nb.ca +Marcel Waldvogel mwa at arl.wustl.edu +Marco d'Itri md at linux.it +Marco Parrone marc0 at autistici.org +Marcus Brinkmann Marcus.Brinkmann at ruhr-uni-bochum.de +Mark Adler madler at alumni.caltech.edu +Mark Elbrecht snowball3 at bigfoot.com +Mark Pettit pettit at yahoo-inc.com +Markus Friedl Markus.Friedl at informatik.uni-erlangen.de +Martin Kahlert martin.kahlert at provi.de +Martin Hamilton +Martin Schulte schulte at thp.uni-koeln.de +Matt Kraai kraai at alumni.carnegiemellon.edu +Matthew Skala mskala at ansuz.sooke.bc.ca +Matthew Wilcox matthew at wil.cx +Matthias Urlichs smurf at noris.de +Max Valianskiy maxcom at maxcom.ml.org +Michael Engels michael.engels at uni-duesseldorf.de +Michael Fischer v. Mollard mfvm at gmx.de +Michael Nottebrock michaelnottebrock at gmx.net +Michael Roth mroth at nessie.de +Michael Sobolev mss at despair.transas.com +Michael Tokarev mjt at tls.msk.ru +Mike Dowling ML.Dowling at tu-bs.de +Mike McEwan mike at lotusland.demon.co.uk +Moritz Schulte moritz at chaosdorf.de +Neal H Walfield neal at cs.uml.edu +Nelson H. F. Beebe beebe at math.utah.edu +Nicolas Graner Nicolas.Graner at cri.u-psud.fr +NIIBE Yutaka gniibe at chroot.org +Niklas Hernaeus +Nimrod Zimerman zimerman at forfree.at +Norihiko Murase skeleten at shillest.net +N J Doye nic at niss.ac.uk +Oliver Haakert haakert at hsp.de +Oskari Jääskeläinen f33003a at cc.hut.fi +Pascal Scheffers Pascal at scheffers.net +Paul D. Smith psmith at baynetworks.com +Per Cederqvist ceder at lysator.liu.se +Phil Blundell pb at debian.org +Philippe Laliberte arsphl at oeil.qc.ca +Peter Fales psfales at lucent.com +Peter Gutmann pgut001 at cs.auckland.ac.nz +Peter Marschall Peter.Marschall at gedos.de +Peter Valchev pvalchev at openbsd.org +Phong Nguyen Phong.Nguyen at ens.fr +Piotr Krukowiecki piotr at pingu.ii.uj.edu.pl +QingLong qinglong at bolizm.ihep.su +Ralph Gillen gillen at theochem.uni-duesseldorf.de +Rat ratinox at peorth.gweep.net +Ray Link rlink at pitt.edu +Reinhard Wobst R.Wobst at ifw-dresden.de +Rémi Guyomarch rguyom at mail.dotcom.fr +Reuben Sumner rasumner at wisdom.weizmann.ac.il +Richard Lefebvre rick at cerca.umontreal.ca +Richard Outerbridge outer at interlog.com +Richard Patterson vectro at yahoo.com +Robert Joop rj at rainbow.in-berlin.de +Roddy Strachan roddy at satlink.com.au +Roger Sondermann r.so at bigfoot.com +Roland Rosenfeld roland at spinnaker.rhein.de +Roman Pavlik rp at tns.cz +Ross Golder rossigee at bigfoot.com +Russell Coker russell at coker.com.au +Ryan Malayter rmalayter at bai.org +Sam Roberts sam at cogent.ca +Sami Tolvanen sami at tolvanen.com +Sascha Kiefer sk at intertivity.com +Scott Worley sworley at chkno.net +Sean MacLennan seanm at netwinder.org +Sebastian Klemke packet at convergence.de +Serge Munhoven munhoven at mema.ucl.ac.be +SL Baur steve at xemacs.org +Stefan Bellon sbellon at sbellon.de +Dr.Stefan.Dalibor Dr.Stefan.Dalibor at bfa.de +Stefan Karrmann S.Karrmann at gmx.net +Stefan Keller dres at cs.tu-berlin.de +Steffen Ullrich ccrlphr at xensei.com +Steffen Zahn zahn at berlin.snafu.de +Steven Bakker steven at icoe.att.com +Steven Murdoch sjmurdoch at bigfoot.com +Susanne Schultz schultz at hsp.de +Tavis Ormandy taviso at gentoo.org +Ted Cabeen secabeen at pobox.com +Thiago Jung Bauermann jungmann at cwb.matrix.com.br +Thijmen Klok thijmen at xs4all.nl +Thomas Roessler roessler at guug.de +Tim Mooney mooney at dogbert.cc.ndsu.nodak.edu +Timo Schulz twoaday at freakmail.de +Tobias Winkler tobias.winkler at s1998.tu-chemnitz.de +Todd Vierling tv at pobox.com +TOGAWA Satoshi Satoshi.Togawa at jp.yokogawa.com +Tom Spindler dogcow at home.merit.edu +Tom Zerucha tzeruch at ceddec.com +Tomas Fasth tomas.fasth at twinspot.net +Tommi Komulainen Tommi.Komulainen at iki.fi +Thomas Klausner wiz at danbala.ifoer.tuwien.ac.at +Tomasz Kozlowski tomek at rentec.com +Thomas Mikkelsen tbm at image.dk +Ulf Möller 3umoelle at informatik.uni-hamburg.de +Urko Lusa ulusa at euskalnet.net +Vincent P. Broman broman at spawar.navy.mil +Volker Quetschke quetschke at scytek.de +W Lewis wiml at hhhh.org +Walter Hofmann Walter.Hofmann at physik.stud.uni-erlangen.de +Walter Koch koch at hsp.de +Wayne Chapeskie waynec at spinnaker.com +Werner Koch wk at gnupg.org +Wim Vandeputte bunbun at reptile.rug.ac.be +Winona Brown win at huh.org +Yosiaki IIDA iida at ring.gr.jp +Yoshihiro Kajiki kajiki at ylug.org + nbecker at hns.com + + +Thanks to the German Unix User Group for sponsoring this project, +Martin Hamilton for hosting the first mailing list and OpenIT for +hosting the server. + +The development of this software has partly (i.e. the Windows port) +been funded by the German Ministry for Economics and Technology under +grant VIB3-68553.168-001/1999. + +Many thanks to my wife Gerlinde for having so much patience with +me while hacking late in the evening. + + Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004 + 2006 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/TODO b/TODO index 31846e566..cce9e0dee 100644 --- a/TODO +++ b/TODO @@ -98,11 +98,14 @@ might want to have an agent context for each service request * sm/ ** check that we issue NO_SECKEY xxx if a -u key was not found + We don't. The messages retruned are also wrong (recipient vs. signer). * jnlib/ ** provide jnlib_malloc and try to remove all jnlib_xmalloc. +** Extend utf8conv.c to make use of iconv. + Need to merge with the code in 1.4/util/strgutil.c. -* gpg/ +* g10/ ** issue a NO_SECKEY xxxx if a -u key was not found. ** Replace DIGEST_ALGO_SHA224 We can't do that right now because it is only defined by newer @@ -121,7 +124,6 @@ might want to have an agent context for each service request Update to gpg 1.4.3 version -what about gnupg_use_iconv? -Extend selinux support to other modules -Does the check for Linux capabilities still makes sense? +* Extend selinux support to other modules + diff --git a/configure.ac b/configure.ac index eda69d4f0..99a074bc3 100644 --- a/configure.ac +++ b/configure.ac @@ -988,41 +988,11 @@ AC_CHECK_FUNCS([getrusage setrlimit stat setlocale]) AC_CHECK_FUNCS([flockfile funlockfile fopencookie funopen]) - -GNUPG_CHECK_MLOCK - +# +# W32 specific test +# GNUPG_FUNC_MKDIR_TAKES_ONE_ARG -# -# Check whether we can use Linux capabilities as requested -# -# fixme: Still required? -# -if test "$use_capabilities" = "yes" ; then -use_capabilities=no -AC_CHECK_HEADERS(sys/capability.h) -if test "$ac_cv_header_sys_capability_h" = "yes" ; then - AC_CHECK_LIB(cap, cap_init, ac_need_libcap=1) - if test "$ac_cv_lib_cap_cap_init" = "yes"; then - AC_DEFINE(USE_CAPABILITIES,1, - [define if capabilities should be used]) - AC_SUBST(CAPLIBS,"-lcap") - use_capabilities=yes - fi -fi -if test "$use_capabilities" = "no" ; then - AC_MSG_WARN([[ -*** -*** The use of capabilities on this system is not possible. -*** You need a recent Linux kernel and some patches: -*** fcaps-2.2.9-990610.patch (kernel patch for 2.2.9) -*** fcap-module-990613.tar.gz (kernel module) -*** libcap-1.92.tar.gz (user mode library and utilities) -*** And you have to configure the kernel with CONFIG_VFS_CAP_PLUGIN -*** set (filesystems menu). Be warned: This code is *really* ALPHA. -***]]) -fi -fi # # Sanity check regex. Tests adapted from mutt. diff --git a/doc/ChangeLog b/doc/ChangeLog index 0c60d29a7..a697b2605 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,9 @@ +2006-08-17 Werner Koch + + * Makefile.am: Added rules to build man pages. + + * yat2m.c: New. + 2006-02-14 Werner Koch * gpgsm.texi (GPGSM Configuration): New section. diff --git a/doc/Makefile.am b/doc/Makefile.am index 6c56ae2d3..872a7448e 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -27,6 +27,8 @@ EXTRA_DIST = gnupg-badge-openpgp.eps gnupg-badge-openpgp.jpg \ BUILT_SOURCES = gnupg-card-architecture.eps gnupg-card-architecture.png \ gnupg-card-architecture.pdf +noinst_PROGRAMS = yat2m + info_TEXINFOS = gnupg.texi dist_pkgdata_DATA = qualified.txt @@ -36,8 +38,22 @@ gnupg_TEXINFOS = \ tools.texi debugging.texi glossary.texi contrib.texi gpl.texi \ sysnotes.texi gnupg-card-architecture.fig -DISTCLEANFILES = gnupg.tmp gnupg.ops +YAT2M_OPTIONS = \ + --release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard" +myman_sources = gpg.texi gpgsm.texi gpg-agent.texi scdaemon.texi tools.texi +myman_pages = gpg2.1 gpgsm.1 gpg-agent.1 scdaemon.1 \ + watchgnupg.1 gpgconf.1 addgnupghome.8 + +man_MANS = $(myman_pages) + + +watchgnupg_SOURCE = gnupg.texi + +DISTCLEANFILES = gnupg.tmp gnupg.ops yat2m-stamp.tmp yat2m-stamp \ + $(myman_pages) + +yat2m_SOURCES = yat2m.c .fig.png: @@ -53,3 +69,26 @@ DISTCLEANFILES = gnupg.tmp gnupg.ops fig2dev -L pdf `test -f '$<' || echo '$(srcdir)/'`$< $@ +yat2m-stamp: $(myman_sources) + @rm -f yat2m-stamp.tmp + @touch yat2m-stamp.tmp + for file in $(myman_sources) ; do \ + ./yat2m $(YAT2M_OPTIONS) --store \ + `test -f '$$file' || echo '$(srcdir)/'`$$file ; done + @mv -f yat2m-stamp.tmp $@ + +yat2m-stamp: yat2m + +$(myman_pages) : yat2m-stamp + @if test -f $@; then :; else \ + trap 'rm -rf yat2m-stamp yat2m-lock' 1 2 13 15; \ + if mkdir yat2m-lock 2>/dev/null; then \ + rm -f yat2m-stamp; \ + $(MAKE) $(AM_MAKEFLAGS) yat2m-stamp; \ + rmdir yat2m-lock; \ + else \ + while test -d yat2m-lock; do sleep 1; done; \ + test -f yat2m-stamp; exit $$?; \ + fi; \ + fi + diff --git a/doc/gnupg.texi b/doc/gnupg.texi index dd0b12fc6..fbd1b997f 100644 --- a/doc/gnupg.texi +++ b/doc/gnupg.texi @@ -34,7 +34,7 @@ Published by the Free Software Foundation@* Boston, MA 02111-1307 USA @end iftex -Copyright @copyright{} 2002, 2004, 2005 Free Software Foundation, Inc. +Copyright @copyright{} 2002, 2004, 2005, 2006 Free Software Foundation, Inc. @quotation Permission is granted to copy, distribute and/or modify this document diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index e4022bb8e..b9f02b462 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -8,8 +8,40 @@ @cindex command options @cindex options, GPG-AGENT command -@c man begin DESCRIPTION +@manpage gpg-agent.1 +@ifset manverb +.B gpg-agent +.R \- Secret key management for GnuPG +@end ifset +@mansect synopsis +@ifset manverb +.B gpg-agent +.RB [ \-\-homedir +.IR dir ] +.RB [ \-\-options +.IR file ] +.RI [ options ] +.br +.B gpg-agent +.RB [ \-\-homedir +.IR dir ] +.RB [ \-\-options +.IR file ] +.RI [ options ] +.B \-\-server +.br +.B gpg-agent +.RB [ \-\-homedir +.IR dir ] +.RB [ \-\-options +.IR file ] +.RI [ options ] +.B \-\-daemon +.RI [ command_line ] +@end ifset + +@mansect description @command{gpg-agent} is a daemon to manage secret (private) keys independently from any protocol. It is used as a backend for @command{gpg} and @command{gpgsm} as well as for a couple of other @@ -67,10 +99,10 @@ It is often useful to install a symbolic link from the actual used pinentry (e.g. @file{/usr/bin/pinentry-gtk}) to the expected one (e.g. @file{/usr/bin/pinentry}). -@c man end - +@manpause @noindent -@xref{Option Index}, for an index to @command{GPG-AGENT}'s commands and options. +@xref{Option Index},for an index to @command{GPG-AGENT}'s commands and options. +@mancont @menu * Agent Commands:: List of all commands. @@ -81,8 +113,7 @@ one (e.g. @file{/usr/bin/pinentry}). * Agent Protocol:: The protocol the agent uses. @end menu -@c man begin COMMANDS - +@mansect commands @node Agent Commands @section Commands @@ -95,9 +126,10 @@ only one one command is allowed. Print the program version and licensing information. Not that you can abbreviate this command. -@item --help, -h +@item --help +@itemx -h @opindex help -Print a usage message summarizing the most usefule command-line options. +Print a usage message summarizing the most useful command-line options. Not that you can abbreviate this command. @item --dump-options @@ -110,7 +142,7 @@ abbreviate this command. Run in server mode and wait for commands on the @code{stdin}. The default mode is to create a socket and listen for commands there. -@item --daemon +@item --daemon [@var{command line}] @opindex daemon Run the program in the background. This option is required to prevent it from being accidently running in the background. A common way to do @@ -121,8 +153,7 @@ $ eval `gpg-agent --daemon` @end table -@c man begin OPTIONS - +@mansect options @node Agent Options @section Option Summary @@ -152,7 +183,7 @@ directory stated through the environment variable @env{GNUPGHOME} or @opindex verbose Outputs additional information while running. You can increase the verbosity by giving several -verbose commands to @sc{gpgsm}, such as @samp{-vv}. +verbose commands to @command{gpgsm}, such as @samp{-vv}. @item -q @item --quiet @@ -198,26 +229,26 @@ This option is only useful for debugging and the behaviour may change at any time without notice. FLAGS are bit encoded and may be given in usual C-Syntax. The currently defined bits are: - @table @code - @item 0 (1) - X.509 or OpenPGP protocol related data - @item 1 (2) - values of big number integers - @item 2 (4) - low level crypto operations - @item 5 (32) - memory allocation - @item 6 (64) - caching - @item 7 (128) - show memory statistics. - @item 9 (512) - write hashed data to files named @code{dbgmd-000*} - @item 10 (1024) - trace Assuan protocol - @item 12 (4096) - bypass all certificate validation - @end table +@table @code +@item 0 (1) +X.509 or OpenPGP protocol related data +@item 1 (2) +values of big number integers +@item 2 (4) +low level crypto operations +@item 5 (32) +memory allocation +@item 6 (64) +caching +@item 7 (128) +show memory statistics. +@item 9 (512) +write hashed data to files named @code{dbgmd-000*} +@item 10 (1024) +trace Assuan protocol +@item 12 (4096) +bypass all certificate validation +@end table @item --debug-all @opindex debug-all @@ -359,9 +390,9 @@ information. @itemx --keep-display @opindex keep-tty @opindex keep-display -Ignore requests to change change the current @sc{tty} respective the X +Ignore requests to change change the current @code{tty} respective the X window system's @code{DISPLAY} variable. This is useful to lock the -pinentry to pop up at the @sc{tty} or display you started the agent. +pinentry to pop up at the @code{tty} or display you started the agent. @anchor{option --enable-ssh-support} @item --enable-ssh-support @@ -405,8 +436,7 @@ All the long options may also be given in the configuration file after stripping off the two leading dashes. -@c man begin FILES - +@mansect files @node Agent Configuration @section Configuration @@ -455,7 +485,7 @@ agent. By default they may all be found in the current home directory even advisable to change the permissions to read-only so that this file can't be changed inadvertently. - @item sshcontrol +@item sshcontrol This file is used when support for the secure shell agent protocol has been enabled (@pxref{option --enable-ssh-support}). Only keys present in @@ -488,6 +518,7 @@ a small helper script is provied to create these files (@pxref{addgnupghome}). @c @c Agent Signals @c +@mansect signals @node Agent Signals @section Use of some signals. A running @command{gpg-agent} may be controlled by signals, i.e. using @@ -533,19 +564,16 @@ This signal is used for internal purposes. @c @c Examples @c +@mansect examples @node Agent Examples @section Examples -@c man begin EXAMPLES - The usual way to invoke @command{gpg-agent} is @example $ eval `gpg-agent --daemon` @end example -@c man end - An alternative way is by replacing @command{ssh-agent} with @command{gpg-agent}. If for example @command{ssh-agent} is started as part of the Xsession intialization you may simply replace @@ -580,6 +608,7 @@ to your shell initialization file (e.g. @file{~/.bashrc}). @c @c Assuan Protocol @c +@mansect assuan @node Agent Protocol @section Agent's Assuan Protocol diff --git a/doc/gpg.texi b/doc/gpg.texi index 3459c65af..ee75e4f5c 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -9,14 +9,33 @@ @cindex command options @cindex options, GPG command -@c man begin DESCRIPTION -@command{gpg2} is the OpenPGP part of GnuPG. It is a tool to provide -digitla encryption and signing services using the OpenPGP -standard. @command{gpg2} features complete key management and all bells -and whistles you can expect from a decent OpenPGP implementation. +@manpage gpg2.1 +@ifset manverb +.B gpg2 +.R \- OpenPGP encryption and signing tool +@end ifset -In contrast to the standalone version @command{gpg,} which is more +@mansect synopsis +@ifset manverb +.B gpg2 +.RB [ \-\-homedir +.IR dir ] +.RB [ \-\-options +.IR file ] +.RI [ options ] +.I command +.RI [ args ] +@end ifset + +@mansect description +@command{gpg2} is the OpenPGP part of the GNU Privacy Guard (GnuPG). It +is a tool to provide digitla encryption and signing services using the +OpenPGP standard. @command{gpg2} features complete key management and +all bells and whistles you can expect from a decent OpenPGP +implementation. + +In contrast to the standalone version @command{gpg}, which is more suited for server and embedded platforms, this version is installed under the name @command{gpg2} and more targeted to the desktop as it requires several other modules to be installed. The standalone version @@ -25,12 +44,12 @@ the same system. If you need to use different configuration files, you should make use of something like @file{gpg.conf-2} instead of just @file{gpg.conf}. +@manpause Documentation for the old standard @command{gpg} is available as man page man page and at @inforef{Top,GnuPG 1,gpg}. -@c man end - @xref{Option Index}, for an index to @command{GPG}'s commands and options. +@mancont @menu * GPG Commands:: List of all commands. @@ -44,13 +63,13 @@ Developer information: @end menu + @c ******************************************* @c *************** **************** @c *************** COMMANDS **************** @c *************** **************** @c ******************************************* -@c man begin COMMANDS - +@mansect commands @node GPG Commands @section Commands @@ -86,7 +105,8 @@ using the special option "--". Print the program version and licensing information. Note that you cannot abbreviate this command. -@item --help, -h +@item --help +@itemx -h @opindex help Print a usage message summarizing the most useful command line options. Not that you cannot abbreviate this command. @@ -111,7 +131,7 @@ abbreviate this command. @table @gnupgtabopt -@item --sign +@item --sign @itemx -s @opindex sign Make a signature. This command may be combined with --encrypt (for a @@ -120,7 +140,7 @@ symmetrically encrypted message), or --encrypt and --symmetric together (for a signed message that may be decrypted via a secret key or a passphrase). -@item --clearsign +@item --clearsign @opindex clearsign Make a clear text signature. The content in a clear text signature is readable without any special software. OpenPGP software is only @@ -128,12 +148,12 @@ needed to verify the signature. Clear text signatures may modify end-of-line whitespace for platform independence and are not intended to be reversible. -@item --detach-sign +@item --detach-sign @itemx -b @opindex detach-sign Make a detached signature. -@item --encrypt +@item --encrypt @itemx -e @opindex encrypt Encrypt data. This option may be combined with --sign (for a signed @@ -142,7 +162,7 @@ decrypted via a secret key or a passphrase), or --sign and --symmetric together (for a signed message that may be decrypted via a secret key or a passphrase). -@item --symmetric +@item --symmetric @itemx -c @opindex symmetric Encrypt with a symmetric cipher using a passphrase. The default @@ -153,11 +173,11 @@ that may be decrypted via a secret key or a passphrase), or --sign and --encrypt together (for a signed message that may be decrypted via a secret key or a passphrase). -@item --store +@item --store @opindex store Store only (make a simple RFC1991 literal data packet). -@item --decrypt +@item --decrypt @itemx -d @opindex decrypt Decrypt the file given on the command line (or @code{stdin} if no file @@ -167,7 +187,7 @@ verified. This command differs from the default operation, as it never writes to the filename which is included in the file and it rejects files which don't begin with an encrypted message. -@item --verify +@item --verify @opindex verify Assume that the first argument is a signed file or a detached signature and verify it without generating any output. With no arguments, the @@ -189,21 +209,21 @@ once. --multifile may currently be used along with --verify, --encrypt, and --decrypt. Note that `--multifile --verify' may not be used with detached signatures. -@item --verify-files +@item --verify-files @opindex verify-files Identical to `--multifile --verify'. -@item --encrypt-files +@item --encrypt-files @opindex encrypt-files Identical to `--multifile --encrypt'. -@item --decrypt-files +@item --decrypt-files @opindex decrypt-files Identical to `--multifile --decrypt'. -@item --list-keys +@item --list-keys @itemx -k -@itemx --list-public-keys +@itemx --list-public-keys @opindex list-keys List all keys from the public keyrings, or just the ones given on the command line. @@ -213,7 +233,7 @@ it is likely to change as GnuPG changes. See --with-colons for a machine-parseable key listing command that is appropriate for use in scripts and other programs. -@item --list-secret-keys +@item --list-secret-keys @itemx -K @opindex list-secret-keys List all keys from the secret keyrings, or just the ones given on the @@ -221,7 +241,7 @@ command line. A @code{#} after the letters @code{sec} means that the secret key is not usable (for example, if it was created via --export-secret-subkeys). -@item --list-sigs +@item --list-sigs @opindex list-sigs Same as --list-keys, but the signatures are listed too. @@ -236,11 +256,11 @@ notation (see --cert-notation), "X" for an eXpired signature (see --ask-cert-expire), and the numbers 1-9 or "T" for 10 and above to indicate trust signature levels (see the --edit-key command "tsign"). -@item --check-sigs +@item --check-sigs @opindex check-sigs Same as --list-sigs, but the signatures are verified. -@item --fingerprint +@item --fingerprint @opindex fingerprint List all keys (or the specified ones) along with their fingerprints. This is the same output as --list-keys but with the @@ -258,7 +278,7 @@ useful for debugging. @opindex card-edit Present a menu to work with a smartcard. The subcommand "help" provides an overview on available commands. For a detailed description, please -see the Card HOWTO at +see the Card HOWTO at http://www.gnupg.org/documentation/howtos.html#GnuPG-cardHOWTO . @item --card-status @@ -284,10 +304,10 @@ must be specified by fingerprint. @item --delete-secret-and-public-key @code{name} @opindex delete-secret-and-public-key -Same as --delete-key, but if a secret key exists, it will be removed +Same as --delete-key, but if a secret key exists, it will be removed first. In batch mode the key must be specified by fingerprint. -@item --export +@item --export @opindex export Either export all keys from all keyrings (default keyrings and those registered via option --keyring), or if at least one name is given, @@ -295,15 +315,15 @@ those of the given name. The new keyring is written to stdout or to the file given with option "output". Use together with --armor to mail those keys. -@item --send-keys +@item --send-keys @opindex send-keys Same as --export but sends the keys to a keyserver. Option --keyserver must be used to give the name of this keyserver. Don't send your complete keyring to a keyserver - select only those keys which are new or changed by you. -@item --export-secret-keys -@itemx --export-secret-subkeys +@item --export-secret-keys +@itemx --export-secret-subkeys @opindex export-secret-keys @opindex export-secret-subkeys Same as --export, but exports the secret keys instead. This is normally @@ -314,8 +334,8 @@ can not be expected to successfully import such a key. See the option --simple-sk-checksum if you want to import such an exported key with an older OpenPGP implementation. -@item --import -@itemx --fast-import +@item --import +@itemx --fast-import @opindex import Import/merge keys. This adds the given keys to the keyring. The fast version is currently just a synonym. @@ -330,7 +350,7 @@ user-IDs and subkeys. Import the keys with the given key IDs from a keyserver. Option --keyserver must be used to give the name of this keyserver. -@item --refresh-keys +@item --refresh-keys @opindex refresh-keys Request updates from a keyserver for keys that already exist on the local keyring. This is useful for updating a key with the latest @@ -386,7 +406,7 @@ Send the ownertrust values to stdout. This is useful for backup purposes as these values are the only ones which can't be re-created from a corrupted trust DB. -@item --import-ownertrust +@item --import-ownertrust @opindex import-ownertrust Update the trustdb with the ownertrust values stored in @code{files} (or stdin if not given); existing values will be overwritten. @@ -397,21 +417,21 @@ ThisWhen updating from version 1.0.6 to 1.0.7 this command should be used to create signature caches in the keyring. It might be handy in other situations too. -@item --print-md @code{algo} -@itemx --print-mds +@item --print-md @code{algo} +@itemx --print-mds @opindex print-md Print message digest of algorithm ALGO for all given files or stdin. With the second form (or a deprecated "*" as algo) digests for all available algorithms are printed. -@item --gen-random @code{0|1|2} +@item --gen-random @code{0|1|2} @opindex gen-random Emit @var{count} random bytes of the given quality level. If count is not given or zero, an endless sequence of random bytes will be emitted. PLEASE, don't use this command unless you know what you are doing; it may remove precious entropy from the system! -@item --gen-prime @code{mode} @code{bits} +@item --gen-prime @code{mode} @code{bits} @opindex gen-prime Use the source, Luke :-). The output format is still subject to change. @@ -449,7 +469,7 @@ user (with the permission of the keyholder) to revoke someone else's key. -@item --edit-key +@item --edit-key @opindex edit-key Present a menu which enables you to do most of the key management related tasks. It expects the specification of a key on the command @@ -486,9 +506,11 @@ of certification (like a regular signature), and trust (like the or groups. @end table +@c man:.RS Note that "l" (for local / non-exportable), "nr" (for non-revocable, and "t" (for trust) may be freely mixed and prefixed to "sign" to create a signature of any type desired. +@c man:.RE @table @asis @@ -573,7 +595,7 @@ Remove a subkey (secondart key). Note that it is not possible to retract a subkey, once it has been send to the public (i.e. to a keyserver). In that case you better use @code{revkey}. -@item addrevoker +@item addrevoker @opindex keyedit:addrevoker Add a designated revoker. This takes one optional argument: "sensitive". If a designated revoker is marked as sensitive, it will not @@ -698,11 +720,13 @@ key rings. @end table +@c man:.RS The listing shows you the key with its secondary keys and all user ids. Selected keys or user ids are indicated by an asterisk. The trust value is displayed with the primary key: the first is the assigned owner trust and the second is the calculated trust value. Letters are used for the values: +@c man:.RE @table @asis @@ -733,10 +757,10 @@ Ultimately trusted. @item --sign-key @code{name} @opindex sign-key Signs a public key with your secret key. This is a shortcut version of -the subcommand "sign" from --edit. +the subcommand "sign" from --edit. @item --lsign-key @code{name} -@opindex lsign-ket +@opindex lsign-key Signs a public key with your secret key but marks it as non-exportable. This is a shortcut version of the subcommand "lsign" from --edit. @@ -750,13 +774,14 @@ from --edit. @c *************** OPTIONS **************** @c *************** **************** @c ******************************************* +@mansect options @node GPG Options @section Option Summary @command{GPG} comes features a bunch of options to control the exact behaviour and to change the default configuration. -@menu +@menu * GPG Configuration Options:: How to change the configuration. * GPG Key related Options:: Key related options. * GPG Input and Output:: Input and Output. @@ -764,8 +789,6 @@ behaviour and to change the default configuration. * GPG Esoteric Options:: Doing things one usually don't want to do. @end menu -@c man begin OPTIONS - Long options can be put in an options file (default "~/.gnupg/gpg.conf"). Short option names will not work - for example, "armor" is a valid option for the options file, while "a" is not. Do not @@ -1053,7 +1076,7 @@ as a full 8 byte key ID) is as trustworthy as one of your own secret keys. This option is useful if you don't want to keep your secret keys (or one of them) online but still want to be able to check the validity of a given -recipient's or signator's key. +recipient's or signator's key. @item --trust-model @code{pgp|classic|direct|always|auto} Set what trust model GnuPG should follow. The models are: @@ -1124,7 +1147,7 @@ key ID. "long" is the more accurate (but less convenient) 16-character key ID. Add an "0x" to either to include an "0x" at the beginning of the key ID, as in 0x99242560. -@item --keyserver @code{name} +@item --keyserver @code{name} Use @code{name} as your keyserver. This is the server that --recv-keys, --send-keys, and --search-keys will communicate with to receive keys from, send keys to, and search for keys on. The format @@ -1555,7 +1578,7 @@ in an options file. @item --no-options Shortcut for "--options /dev/null". This option is detected before an attempt to open an option file. -Using this option will also prevent the creation of a +Using this option will also prevent the creation of a "~./gnupg" homedir. @item --load-extension @code{name} @@ -1677,7 +1700,7 @@ are deprecated. Use `--list-options [no-]show-policy-url' and/or @item --sig-keyserver-url @code{string} Use @code{string} as a preferred keyserver URL for data signatures. If you prefix it with an exclamation mark, the keyserver URL packet will -be flagged as critical. +be flagged as critical. The same %-expandos used for notation data are available here as well. @@ -1851,7 +1874,7 @@ one passphrase is supplied. @item --passphrase-file @code{file} Read the passphrase from file @code{file}. Only the first line will -be read from file @code{file}. This can only be used if only one +be read from file @code{file}. This can only be used if only one passphrase is supplied. Obviously, a passphrase stored in a file is of questionable security if other users can read this file. Don't use this option if you can avoid it. @@ -2290,7 +2313,7 @@ Set the default keyserver URL to @code{name}. This keyserver will be used as the keyserver URL when writing a new self-signature on a key, which includes key generation and changing preferences. -@item --list-config +@item --list-config @opindex list-config Display various internal configuration parameters of GnuPG. This option is intended for external programs that call GnuPG to perform @@ -2309,7 +2332,7 @@ only usable with --with-colons set. @c *************** FILES **************** @c *************** **************** @c ******************************************* -@c man begin FILES +@mansect files @node GPG Configuration @section Configuration files @@ -2329,6 +2352,7 @@ name may be changed on the command line (@pxref{option @end table +@c man:.RE Note that on larger installations, it is useful to put predefined files into the directory @file{/etc/skel/.gnupg/} so that newly created users start up with a working configuration. For existing users the a small @@ -2338,14 +2362,60 @@ For internal purposes @command{gpg2} creates and maintaines a few other files; They all live in in the current home directory (@pxref{option --homedir}). Only the @command{gpg2} may modify these files. + @table @file -@item pubring.gpg -@cindex pubring.gpg -xxx - -@item random_seed -@cindex random_seed -xxxx +@item ~/.gnupg/secring.gpg +The secret keyring. + +@item ~/.gnupg/secring.gpg.lock +and the lock file + +@item ~/.gnupg/pubring.gpg +The public keyring + +@item ~/.gnupg/pubring.gpg.lock +and the lock file + +@item ~/.gnupg/trustdb.gpg +The trust database + +@item ~/.gnupg/trustdb.gpg.lock +and the lock file + +@item ~/.gnupg/random_seed +used to preserve the internal random pool + +@item /usr[/local]/share/gnupg/options.skel +Skeleton options file + +@item /usr[/local]/lib/gnupg/ +Default location for extensions + +@end table + +@c man:.RE +Operation is further controlled by a few environment variables: + +@table @asis + +@item HOME +Used to locate the default home directory. + +@item GNUPGHOME +If set directory used instead of "~/.gnupg". + +@item GPG_AGENT_INFO +Used to locate the gpg-agent; only honored when +--use-agent is set. The value consists of 3 colon delimited fields: +The first is the path to the Unix Domain Socket, the second the PID of +the gpg-agent and the protocol version which should be set to 1. When +starting the gpg-agent as described in its documentation, this +variable is set to the correct value. The option --gpg-agent-info can +be used to override it. + +@item COLUMNS +@itemx LINES +Used to size some displays to the full size of the screen. @end table @@ -2355,33 +2425,48 @@ xxxx @c *************** EXAMPLES **************** @c *************** **************** @c ******************************************* +@mansect examples @node GPG Examples @section Examples -@c man begin EXAMPLES +@table @asis -@example - fooo -@end example +@item gpg -se -r @code{Bob} @code{file} +sign and encrypt for user Bob -@c man end +@item gpg --clearsign @code{file} +make a clear text signature + +@item gpg -sb @code{file} +make a detached signature + +@item gpg --list-keys @code{user_ID} +show keys + +@item gpg --fingerprint @code{user_ID} +show fingerprint + +@item gpg --verify @code{pgpfile} +@itemx gpg --verify @code{sigfile} +Verify the signature of the file but do not output the data. The +second form is used for detached signatures, where @code{sigfile} +is the detached signature (either ASCII armored or binary) and +are the signed data; if this is not given, the name of +the file holding the signed data is constructed by cutting off the +extension (".asc" or ".sig") of @code{sigfile} or by asking the +user for the filename. +@end table - - -ENDEND - - - - -@c @chapheading How to specify a user ID +@mansect how to specify a user id +@chapheading How to specify a user ID There are different ways to specify a user ID to GnuPG; here are some examples: @table @asis -@item +@item @item 234567C4 @itemx 0F34E556E @@ -2426,103 +2511,15 @@ Note that you can append an exclamation mark (!) to key IDs or fingerprints. This flag tells GnuPG to use the specified primary or secondary key and not to try and calculate which primary or secondary key to use. + +@mansect return vaue @chapheading RETURN VALUE The program returns 0 if everything was fine, 1 if at least a signature was bad, and other error codes for fatal errors. -@chapheading EXAMPLES -@table @asis - -@item gpg -se -r @code{Bob} @code{file} -sign and encrypt for user Bob - -@item gpg --clearsign @code{file} -make a clear text signature - -@item gpg -sb @code{file} -make a detached signature - -@item gpg --list-keys @code{user_ID} -show keys - -@item gpg --fingerprint @code{user_ID} -show fingerprint - -@item gpg --verify @code{pgpfile} -@itemx gpg --verify @code{sigfile} -Verify the signature of the file but do not output the data. The -second form is used for detached signatures, where @code{sigfile} -is the detached signature (either ASCII armored or binary) and -are the signed data; if this is not given, the name of -the file holding the signed data is constructed by cutting off the -extension (".asc" or ".sig") of @code{sigfile} or by asking the -user for the filename. -@end table - -@c @chapheading ENVIRONMENT - -@table @asis - -@item HOME -Used to locate the default home directory. - -@item GNUPGHOME -If set directory used instead of "~/.gnupg". - -@item GPG_AGENT_INFO -Used to locate the gpg-agent; only honored when ---use-agent is set. The value consists of 3 colon delimited fields: -The first is the path to the Unix Domain Socket, the second the PID of -the gpg-agent and the protocol version which should be set to 1. When -starting the gpg-agent as described in its documentation, this -variable is set to the correct value. The option --gpg-agent-info can -be used to override it. - -@item COLUMNS -@itemx LINES -Used to size some displays to the full size of the screen. -@end table -@chapheading FILES - -@table @asis - -@item ~/.gnupg/secring.gpg -The secret keyring - -@item ~/.gnupg/secring.gpg.lock -and the lock file - -@item ~/.gnupg/pubring.gpg -The public keyring - -@item ~/.gnupg/pubring.gpg.lock -and the lock file - -@item ~/.gnupg/trustdb.gpg -The trust database - -@item ~/.gnupg/trustdb.gpg.lock -and the lock file - -@item ~/.gnupg/random_seed -used to preserve the internal random pool - -@item ~/.gnupg/gpg.conf -Default configuration file - -@item ~/.gnupg/options -Old style configuration file; only used when gpg.conf -is not found - -@item /usr[/local]/share/gnupg/options.skel -Skeleton options file - -@item /usr[/local]/lib/gnupg/ -Default location for extensions -@end table - -@c @chapheading WARNINGS +@mansect warnings +@chapheading WARNINGS Use a *good* password for your user account and a *good* passphrase to protect your secret key. This passphrase is the weakest part of the @@ -2536,6 +2533,8 @@ is *very* easy to spy out your passphrase! If you are going to verify detached signatures, make sure that the program knows about it; either give both filenames on the command line or use @samp{-} to specify stdin. + +@mansect interoperability @chapheading INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS GnuPG tries to be a very flexible implementation of the OpenPGP @@ -2564,6 +2563,8 @@ better off using the --pgp6, --pgp7, or --pgp8 options. These options are safe as they do not force any particular algorithms in violation of OpenPGP, but rather reduce the available algorithms to a "PGP-safe" list. + +@mansect bugs @chapheading BUGS On many systems this program should be installed as setuid(root). This @@ -2574,5 +2575,3 @@ warning message about insecure memory your operating system supports locking without being root. The program drops root privileges as soon as locked memory is allocated. - - diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 6a30a84b7..9057f5d1b 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -8,17 +8,35 @@ @cindex command options @cindex options, GPGSM command -@c man begin DESCRIPTION +@manpage gpgsm.1 +@ifset manverb +.B gpgsm +.R \- CMS encryption and signing tool +@end ifset +@mansect synopsis +@ifset manverb +.B gpgsm +.RB [ \-\-homedir +.IR dir ] +.RB [ \-\-options +.IR file ] +.RI [ options ] +.I command +.RI [ args ] +@end ifset + + +@mansect description @command{gpgsm} is a tool similar to @command{gpg} to provide digital encryption and signing servicesd on X.509 certificates and the CMS protocol. It is mainly used as a backend for S/MIME mail processing. @command{gpgsm} includes a full features certificate management and complies with all rules defined for the German Sphinx project. -@c man end - +@manpause @xref{Option Index}, for an index to @command{GPGSM}'s commands and options. +@mancont @menu * GPGSM Commands:: List of all commands. @@ -31,8 +49,12 @@ Developer information: * GPGSM Protocol:: The protocol the server mode uses. @end menu -@c man begin COMMANDS - +@c ******************************************* +@c *************** **************** +@c *************** COMMANDS **************** +@c *************** **************** +@c ******************************************* +@mansect commands @node GPGSM Commands @section Commands @@ -45,6 +67,10 @@ only one command is allowed. * Certificate Management:: How to manage certificates. @end menu + +@c ******************************************* +@c ********** GENERAL COMMANDS ************* +@c ******************************************* @node General GPGSM Commands @subsection Commands not specific to the function @@ -59,6 +85,10 @@ abbreviate this command. Print a usage message summarizing the most usefule command-line options. Not that you can abbreviate this command. +@item --warranty +@opindex warranty +Print warranty information. + @item --dump-options @opindex dump-options Print a list of all available options and commands. Not that you can @@ -66,7 +96,9 @@ abbreviate this command. @end table - +@c ******************************************* +@c ******** OPERATIONAL COMMANDS *********** +@c ******************************************* @node Operational GPGSM Commands @subsection Commands to select the type of operation @@ -122,8 +154,11 @@ use @samp{--help} to get a list of supported operations. @end table +@c ******************************************* +@c ******* CERTIFICATE MANAGEMENT ********** +@c ******************************************* @node Certificate Management -@subsection How to manage the certificate and keys +@subsection How to manage the certificates and keys @table @gnupgtabopt @item --gen-key @@ -200,8 +235,8 @@ secret key from a PKCS#12 file. @item --learn-card @opindex learn-card Read information about the private keys from the smartcard and import -the certificates from there. This command utilizes the @sc{gpg-agent} -and in turn the @sc{scdaemon}. +the certificates from there. This command utilizes the @command{gpg-agent} +and in turn the @command{scdaemon}. @item --passwd @var{user_id} @opindex passwd @@ -212,6 +247,12 @@ smartcard is not yet supported. @end table +@c ******************************************* +@c *************** **************** +@c *************** OPTIONS **************** +@c *************** **************** +@c ******************************************* +@mansect options @node GPGSM Options @section Option Summary @@ -226,8 +267,10 @@ and to change the default configuration. * Esoteric Options:: Doing things one usually don't want to do. @end menu -@c man begin OPTIONS +@c ******************************************* +@c ******** CONFIGURATION OPTIONS ********** +@c ******************************************* @node Configuration Options @subsection How to change the configuration @@ -296,6 +339,9 @@ When running in server mode, append all logging output to @var{file}. @end table +@c ******************************************* +@c ******** CERTIFICATE OPTIONS ************ +@c ******************************************* @node Certificate Options @subsection Certificate related options @@ -335,7 +381,7 @@ performance, the dirmngr will actually optimize this by suppressing the loading for short time intervalls (e.g. 30 minutes). This option is useful to make sure that a fresh CRL is available for certificates hold in the keybox. The suggested way of doing this is by using it -along with the option @option{--with-validation} for a ke listing +along with the option @option{--with-validation} for a key listing command. This option should not be used in a configuration file. @item --enable-ocsp @@ -352,6 +398,9 @@ so you will get the error code @samp{Not supported}. @end table +@c ******************************************* +@c *********** INPUT AND OUTPUT ************ +@c ******************************************* @node Input and Output @subsection Input and Output @@ -411,6 +460,9 @@ certificate. @end table +@c ******************************************* +@c ************* CMS OPTIONS *************** +@c ******************************************* @node CMS Options @subsection How to change how the CMS is created. @@ -425,6 +477,9 @@ values include up to @var{n} certificates starting with the signer cert. +@c ******************************************* +@c ******** ESOTERIC OPTIONS *************** +@c ******************************************* @node Esoteric Options @subsection Doing things one usually don't want to do. @@ -527,8 +582,12 @@ All the long options may also be given in the configuration file after stripping off the two leading dashes. -@c man begin FILES - +@c ******************************************* +@c *************** **************** +@c *************** FILES **************** +@c *************** **************** +@c ******************************************* +@mansect files @node GPGSM Configuration @section Configuration files @@ -558,10 +617,12 @@ in this file will fail the signature verification. For example, to allow only the policy 2.289.9.9, the file should look like this: +@c man:.RS @example # Allowed policies 2.289.9.9 @end example +@c man:.RE @item qualified.txt @cindex qualified.txt @@ -601,16 +662,17 @@ certificates, appropriate notices will be shown to indicate this fact. @end table +@c man:.RE Note that on larger installations, it is useful to put predefined files into the directory @file{/etc/skel/.gnupg/} so that newly created users start up with a working configuration. For existing users the a small helper script is provided to create these files (@pxref{addgnupghome}). - For internal purposes gpgsm creates and maintaines a few other files; They all live in in the current home directory (@pxref{option --homedir}). Only @command{gpgsm} may modify these files. + @table @file @item pubring.kbx @cindex pubring.kbx @@ -627,25 +689,28 @@ other programs of this software too. @end table -@c -@c Examples -@c +@c ******************************************* +@c *************** **************** +@c *************** EXAMPLES **************** +@c *************** **************** +@c ******************************************* +@mansect examples @node GPGSM Examples @section Examples -@c man begin EXAMPLES - @example $ gpgsm -er goo@@bar.net ciphertext @end example + @c man end - -@c --------------------------------- -@c The machine interface -@c -------------------------------- +@c ******************************************* +@c *************** ************** +@c *************** UNATTENDED ************** +@c *************** ************** +@c ******************************************* @node Unattended Usage @section Unattended Usage @@ -704,9 +769,12 @@ this is a missing certificate. @end table -@c -@c Assuan Protocol -@c +@c ******************************************* +@c *************** ***************** +@c *************** ASSSUAN ***************** +@c *************** ***************** +@c ******************************************* +@mansect assuan @node GPGSM Protocol @section The Protocol the Server Mode Uses. diff --git a/doc/scdaemon.texi b/doc/scdaemon.texi index 6ddb55679..ee018ed0c 100644 --- a/doc/scdaemon.texi +++ b/doc/scdaemon.texi @@ -8,14 +8,41 @@ @cindex command options @cindex options, SCDAEMON command -@c man begin DESCRIPTION +@manpage scdaemon.1 +@ifset manverb +.B scdaemon +.R \- Smartcard daemon for the GnuPG system +@end ifset +@mansect synopsis +@ifset manverb +.B scdaemon +.RB [ \-\-homedir +.IR dir ] +.RB [ \-\-options +.IR file ] +.RI [ options ] +.B \-\-server +.br +.B scdaemon +.RB [ \-\-homedir +.IR dir ] +.RB [ \-\-options +.IR file ] +.RI [ options ] +.B \-\-daemon +.RI [ command_line ] +@end ifset + + +@mansect description The @command{scdaemon} is a daemon to manage smartcards. It is usually -invoked by gpg-agent and in general not used directly. +invoked by @command{gpg-agent} and in general not used directly. -@c man end - -@xref{Option Index}, for an index to GPG-AGENTS's commands and options. +@manpause +@xref{Option Index}, for an index to @command{scdaemon}'s commands and +options. +@mancont @menu * Scdaemon Commands:: List of all commands. @@ -25,7 +52,7 @@ invoked by gpg-agent and in general not used directly. * Scdaemon Protocol:: The protocol the daemon uses. @end menu -@c man begin COMMANDS +@mansect commands @node Scdaemon Commands @section Commands @@ -73,7 +100,7 @@ This is mainly a debugging command, used to print the ATR @end table -@c man begin OPTIONS +@mansect options @node Scdaemon Options @section Option Summary @@ -109,18 +136,18 @@ verbose commands to @command{gpgsm}, such as @samp{-vv}. Select the debug level for investigating problems. @var{level} may be one of: - @table @code - @item none - no debugging at all. - @item basic - some basic debug messages - @item advanced - more verbose debug messages - @item expert - even more detailed messages - @item guru - all of the debug messages you can get - @end table +@table @code +@item none +no debugging at all. +@item basic +some basic debug messages +@item advanced +more verbose debug messages +@item expert +even more detailed messages +@item guru +all of the debug messages you can get +@end table How these messages are mapped to the actual debugging flags is not specified and may change with newer releaes of this program. They are @@ -139,26 +166,26 @@ This option is only useful for debugging and the behaviour may change at any time without notice. FLAGS are bit encoded and may be given in usual C-Syntax. The currently defined bits are: - @table @code - @item 0 (1) - command I/O - @item 1 (2) - values of big number integers - @item 2 (4) - low level crypto operations - @item 5 (32) - memory allocation - @item 6 (64) - caching - @item 7 (128) - show memory statistics. - @item 9 (512) - write hashed data to files named @code{dbgmd-000*} - @item 10 (1024) - trace Assuan protocol - @item 11 (2048) - trace APDU I/O to the card. This may reveal sensitive data. - @end table +@table @code +@item 0 (1) +command I/O +@item 1 (2) +values of big number integers +@item 2 (4) +low level crypto operations +@item 5 (32) +memory allocation +@item 6 (64) +caching +@item 7 (128) +show memory statistics. +@item 9 (512) +write hashed data to files named @code{dbgmd-000*} +@item 10 (1024) +trace Assuan protocol +@item 11 (2048) +trace APDU I/O to the card. This may reveal sensitive data. +@end table @item --debug-all @opindex debug-all @@ -256,8 +283,7 @@ All the long options may also be given in the configuration file after stripping off the two leading dashes. -@c man begin CARD APPLICATIONS - +@mansect card applications @node Card applications @section Description of card applications @@ -304,6 +330,7 @@ This is common fraqmework for smart card applications. It is used by @c @c Examples @c +@mansect examples @node Scdaemon Examples @section Examples @@ -318,6 +345,7 @@ $ scdaemon --server -v @c @c Assuan Protocol @c +@mansect assuan @node Scdaemon Protocol @section Scdaemon's Assuan Protocol diff --git a/doc/yat2m.c b/doc/yat2m.c new file mode 100644 index 000000000..703ac658c --- /dev/null +++ b/doc/yat2m.c @@ -0,0 +1,1031 @@ +/* yat2m.c - Yet Another Texi 2 Man converter + * Copyright (C) 2005 g10 Code GmbH + * Copyright (C) 2006 2006 Free Software Foundation, Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +/* + This is a simple textinfo to man page converter. It needs some + special markup in th e texinfo and tries best to get a create man + page. It has been designed for the GnuPG man pages and thus only + a few texinfo commands are supported. + + To use this you need to add the following macros into your texinfo + source: + + @macro manpage {a} + @end macro + @macro mansect {a} + @end macro + @macro manpause + @end macro + @macro mancont + @end macro + + They are used by yat2m to select parts of the Texinfo which should + go into the man page. These macros need to be used without leading + left space. Processing starts after a "manpage" macro has been + seen. "mansect" identifies the section and yat2m make sure to + emit the sections in the proper order. To insert verbatim troff + markup, the follwing texinfo code may be used: + + @ifset manverb + .B whateever you want + @end ifset + + alternativly a special comment may be used: + + @c man:.B whatever you want + + This is useful in case you need just one line. @section is + ignored, however @subsection gets rendered as ".SS". @menu is + completely skipped. Several man pages may be extracted from one + file, either using the --store or the --select option. + Makefile snippet from GnuPG: + + +*/ + +#include <stdio.h> +#include <stdlib.h> +#include <stddef.h> +#include <string.h> +#include <errno.h> +#include <stdarg.h> +#include <assert.h> +#include <ctype.h> +#include <time.h> + + +#define PGM "yat2m" +#define VERSION "0.5" + +/* The maximum length of a line including the linefeed and one extra + character. */ +#define LINESIZE 1024 + +/* Option flags. */ +static int verbose; +static int quiet; +static int debug; +static const char *opt_source; +static const char *opt_release; +static const char *opt_select; +static int opt_store; + + +/* Flag to keep track whether any error occurred. */ +static int any_error; + + +/* Object to store one line of content. */ +struct line_buffer_s +{ + struct line_buffer_s *next; + int verbatim; /* True if LINE contains verbatim data. The default + is Texinfo source. */ + char *line; +}; +typedef struct line_buffer_s *line_buffer_t; + + +/* Object to collect the data of a section. */ +struct section_buffer_s +{ + char *name; /* Malloced name of the section. This may be + NULL to indicate this slot is not used. */ + line_buffer_t lines; /* Linked list with the lines of the section. */ + line_buffer_t *lines_tail; /* Helper for faster appending to the + linked list. */ + line_buffer_t last_line; /* Points to the last line appended. */ +}; +typedef struct section_buffer_s *section_buffer_t; + +/* Variable to keep info about the current page together. */ +static struct +{ + /* Filename of the current page or NULL if no page is active. Malloced. */ + char *name; + + /* Number of allocated elements in SECTIONS below. */ + size_t n_sections; + /* Array with the data of the sections. */ + section_buffer_t sections; + +} thepage; + + +/* The list of standard section names. */ +static const char * const standard_sections[] = + { "NAME", "SYNOPSIS", "DESCRIPTION", + "RETURN VALUE", "EXIT STATUS", "ERROR HANDLING", "ERRORS", + "OPTIONS", "USAGE", "EXAMPLES", "FILES", + "ENVIRONMENT", "DIAGNOSTICS", "SECURITY", "CONFORMING TO", + "NOTES", "BUGS", "AUTHOR", "SEE ALSO", NULL }; + + +/*-- Local prototypes. --*/ +static void proc_texi_buffer (FILE *fp, const char *line, size_t len, + int *table_level, int *eol_action); + + + +/* Print diagnostic message and exit with failure. */ +static void +die (const char *format, ...) +{ + va_list arg_ptr; + + fflush (stdout); + fprintf (stderr, "%s: ", PGM); + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + putc ('\n', stderr); + + exit (1); +} + + +/* Print diagnostic message. */ +static void +err (const char *format, ...) +{ + va_list arg_ptr; + + fflush (stdout); + if (strncmp (format, "%s:%d:", 6)) + fprintf (stderr, "%s: ", PGM); + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + putc ('\n', stderr); + any_error = 1; +} + +/* Print diagnostic message. */ +static void +inf (const char *format, ...) +{ + va_list arg_ptr; + + fflush (stdout); + fprintf (stderr, "%s: ", PGM); + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + putc ('\n', stderr); +} + + +static void * +xmalloc (size_t n) +{ + void *p = malloc (n); + if (!p) + die ("out of core: %s", strerror (errno)); + return p; +} + +static void * +xcalloc (size_t n, size_t m) +{ + void *p = calloc (n, m); + if (!p) + die ("out of core: %s", strerror (errno)); + return p; +} + +static void * +xrealloc (void *old, size_t n) +{ + void *p = realloc (old, n); + if (!p) + die ("out of core: %s", strerror (errno)); + return p; +} + +static char * +xstrdup (const char *string) +{ + void *p = malloc (strlen (string)+1); + if (!p) + die ("out of core: %s", strerror (errno)); + strcpy (p, string); + return p; +} + + +/* Uppercase the ascii characters in STRING. */ +static char * +ascii_strupr (char *string) +{ + char *p; + + for (p = string; *p; p++) + if (!(*p & 0x80)) + *p = toupper (*p); + return string; +} + + +/* Return the current date as an ISO string. */ +const char * +isodatestring (void) +{ + static char buffer[11+5]; + struct tm *tp; + time_t atime = time (NULL); + + if (atime < 0) + strcpy (buffer, "????" "-??" "-??"); + else + { + tp = gmtime (&atime); + sprintf (buffer,"%04d-%02d-%02d", + 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday ); + } + return buffer; +} + + + +/* Return a section buffer for the section NAME. Allocate a new buffer + if this is a new section. Keep track of the sections in THEPAGE. + This function may reallocate the section array in THEPAGE. */ +static section_buffer_t +get_section_buffer (const char *name) +{ + int i; + section_buffer_t sect; + + /* If there is no section we put everything into the required NAME + section. Given that this is the first one listed it is likely + that error are easily visible. */ + if (!name) + name = "NAME"; + + for (i=0; i < thepage.n_sections; i++) + { + sect = thepage.sections + i; + if (sect->name && !strcmp (name, sect->name)) + return sect; + } + for (i=0; i < thepage.n_sections; i++) + if (!thepage.sections[i].name) + break; + if (i < thepage.n_sections) + sect = thepage.sections + i; + else + { + /* We need to allocate or reallocate the section array. */ + size_t old_n = thepage.n_sections; + size_t new_n = 20; + + if (!old_n) + thepage.sections = xcalloc (new_n, sizeof *thepage.sections); + else + { + thepage.sections = xrealloc (thepage.sections, + ((old_n + new_n) + * sizeof *thepage.sections)); + memset (thepage.sections + old_n, 0, + new_n * sizeof *thepage.sections); + } + thepage.n_sections += new_n; + + /* Setup the tail pointers. */ + for (i=old_n; i < thepage.n_sections; i++) + { + sect = thepage.sections + i; + sect->lines_tail = &sect->lines; + } + sect = thepage.sections + old_n; + } + + /* Store the name. */ + assert (!sect->name); + sect->name = xstrdup (name); + return sect; +} + + + +/* Add the content of LINE to the section named SECTNAME. */ +static void +add_content (const char *sectname, char *line, int verbatim) +{ + section_buffer_t sect; + line_buffer_t lb; + + + sect = get_section_buffer (sectname); + if (sect->last_line && !sect->last_line->verbatim == !verbatim) + { + /* Lets append that line to the last one. We do this to keep + all lines of the same kind (i.e.verbatim or not) together in + one large buffer. */ + size_t n1, n; + + lb = sect->last_line; + n1 = strlen (lb->line); + n = n1 + 1 + strlen (line) + 1; + lb->line = xrealloc (lb->line, n); + strcpy (lb->line+n1, "\n"); + strcpy (lb->line+n1+1, line); + } + else + { + lb = xcalloc (1, sizeof *lb); + lb->verbatim = verbatim; + lb->line = xstrdup (line); + sect->last_line = lb; + *sect->lines_tail = lb; + sect->lines_tail = &lb->next; + } +} + + +/* Prepare for a new man page using the filename NAME. */ +static void +start_page (char *name) +{ + if (verbose) + inf ("starting page `%s'", name); + assert (!thepage.name); + thepage.name = xstrdup (name); + thepage.n_sections = 0; +} + + +/* Write the .TH entry of the current page. Return -1 if there is a + problem with the page. */ +static int +write_th (FILE *fp) +{ + char *name, *p; + + name = ascii_strupr (xstrdup (thepage.name)); + p = strrchr (name, '.'); + if (!p || !p[1]) + { + err ("no section name in man page `%s'", thepage.name); + free (name); + return -1; + } + *p++ = 0; + fprintf (fp, ".TH %s %s %s \"%s\" \"%s\"\n", + name, p, isodatestring (), opt_release, opt_source); + return 0; +} + + +/* Process the texinfo command COMMAND (without the leading @) and + write output if needed to FP. REST is the remainer of the line + which should either point to an opening brace or to a white space. + The function returns the number of characters already processed + from REST. LEN is the usable length of REST. TABLE_LEVEL is used to + control the indentation of tables. */ +static size_t +proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, + int *table_level, int *eol_action) +{ + static struct { + const char *name; /* Name of the command. */ + int what; /* What to do with this command. */ + const char *lead_in; /* String to print with a opening brace. */ + const char *lead_out;/* String to print with the closing brace. */ + } cmdtbl[] = { + { "command", 0, "\\fB", "\\fR" }, + { "code", 0, "\\fB", "\\fR" }, + { "var", 0, "\\fI", "\\fR" }, + { "samp", 0, "\n'", "'\n" }, + { "file", 0, "`\\fI","\\fR'" }, + { "env", 0, "`\\fI","\\fR'" }, + { "acronym", 0 }, + { "option", 0, "\\fB", "\\fR" }, + { "example", 1, ".RS 2\n.nf\n" }, + { "smallexample", 1, ".RS 2\n.nf\n" }, + { "asis", 7 }, + { "anchor", 7 }, + { "cartouche", 1 }, + { "xref", 0, "see: [", "]" }, + { "pxref", 0, "see: [", "]" }, + { "uref", 0, "(\\fB", "\\fR)" }, + { "footnote",0, " ([", "])" }, + { "emph", 0, "\\fI", "\\fR" }, + { "w", 1 }, + { "c", 5 }, + { "opindex", 1 }, + { "cpindex", 1 }, + { "cindex", 1 }, + { "node", 1 }, + { "noindent", 0 }, + { "section", 1 }, + { "subsection", 6, "\n.SS " }, + { "chapheading", 0}, + { "item", 2, ".TP\n.B " }, + { "itemx", 2, ".TP\n.B " }, + { "table", 3 }, + { "end", 4 }, + { "quotation",1, ".RS\n\\fB" }, + { NULL } + }; + size_t n; + int i; + const char *s; + const char *lead_out = NULL; + int ignore_args = 0; + + for (i=0; cmdtbl[i].name && strcmp (cmdtbl[i].name, command); i++) + ; + if (cmdtbl[i].name) + { + s = cmdtbl[i].lead_in; + if (s) + fputs (s, fp); + lead_out = cmdtbl[i].lead_out; + switch (cmdtbl[i].what) + { + case 1: /* Throw away the entire line. */ + s = memchr (rest, '\n', len); + return s? (s-rest)+1 : len; + case 2: /* Handle @item. */ + break; + case 3: /* Handle table. */ + if (++(*table_level) > 1) + fputs (".RS\n", fp); + /* Now throw away the entire line. */ + s = memchr (rest, '\n', len); + return s? (s-rest)+1 : len; + break; + case 4: /* Handle end. */ + for (s=rest, n=len; n && (*s == ' ' || *s == '\t'); s++, n--) + ; + if (n >= 5 && !memcmp (s, "table", 5) + && (!n || s[5] == ' ' || s[5] == '\t' || s[5] == '\n')) + { + if ((*table_level)-- > 1) + fputs (".RE\n", fp); + } + else if (n >= 7 && !memcmp (s, "example", 7) + && (!n || s[7] == ' ' || s[7] == '\t' || s[7] == '\n')) + { + fputs (".fi\n.RE\n", fp); + } + else if (n >= 12 && !memcmp (s, "smallexample", 12) + && (!n || s[12] == ' ' || s[12] == '\t' || s[12] == '\n')) + { + fputs (".fi\n.RE\n", fp); + } + else if (n >= 9 && !memcmp (s, "quotation", 9) + && (!n || s[9] == ' ' || s[9] == '\t' || s[9] == '\n')) + { + fputs ("\\fR\n.RE\n", fp); + } + /* Now throw away the entire line. */ + s = memchr (rest, '\n', len); + return s? (s-rest)+1 : len; + case 5: /* Handle special comments. */ + for (s=rest, n=len; n && (*s == ' ' || *s == '\t'); s++, n--) + ; + if (n >= 4 && !memcmp (s, "man:", 4)) + { + for (s+=4, n-=4; n && *s != '\n'; n--, s++) + putc (*s, fp); + putc ('\n', fp); + } + /* Now throw away the entire line. */ + s = memchr (rest, '\n', len); + return s? (s-rest)+1 : len; + case 6: + *eol_action = 1; + break; + case 7: + ignore_args = 1; + break; + default: + break; + } + } + else + { + inf ("texinfo command `%s' not supported (%.*s)", command, + ((s = memchr (rest, '\n', len)), (s? (s-rest) : len)), rest); + } + + if (*rest == '{') + { + /* Find matching closing brace. */ + for (s=rest+1, n=1, i=1; i && *s && n < len; s++, n++) + if (*s == '{') + i++; + else if (*s == '}') + i--; + if (i) + { + err ("closing brace for command `%s' not found", command); + return len; + } + if (n > 2 && !ignore_args) + proc_texi_buffer (fp, rest+1, n-2, table_level, eol_action); + } + else + n = 0; + + if (lead_out) + fputs (lead_out, fp); + + return n; +} + + + +/* Process the string LINE with LEN bytes of Texinfo content. */ +static void +proc_texi_buffer (FILE *fp, const char *line, size_t len, + int *table_level, int *eol_action) +{ + const char *s; + char cmdbuf[256]; + int cmdidx = 0; + int in_cmd = 0; + size_t n; + + for (s=line; *s && len; s++, len--) + { + if (in_cmd) + { + if (in_cmd == 1) + { + switch (*s) + { + case '@': case '{': case '}': + putc (*s, fp); in_cmd = 0; + break; + case ':': /* Not ending a sentence flag. */ + in_cmd = 0; + break; + case '.': case '!': case '?': /* Ending a sentence. */ + putc (*s, fp); in_cmd = 0; + break; + case ' ': case '\t': case '\n': /* Non collapsing spaces. */ + putc (*s, fp); in_cmd = 0; + break; + default: + cmdidx = 0; + cmdbuf[cmdidx++] = *s; + in_cmd++; + break; + } + } + else if (*s == '{' || *s == ' ' || *s == '\t' || *s == '\n') + { + cmdbuf[cmdidx] = 0; + n = proc_texi_cmd (fp, cmdbuf, s, len, table_level, eol_action); + assert (n <= len); + s += n; len -= n; + s--; len++; + in_cmd = 0; + } + else if (cmdidx < sizeof cmdbuf -1) + cmdbuf[cmdidx++] = *s; + else + { + err ("texinfo command too long - ignored"); + in_cmd = 0; + } + } + else if (*s == '@') + in_cmd = 1; + else if (*s == '\n') + { + switch (*eol_action) + { + case 1: /* Create a dummy paragraph. */ + fputs ("\n\\ \n", fp); + break; + default: + putc (*s, fp); + } + *eol_action = 0; + } + else + putc (*s, fp); + } +} + + +/* Do something with the Texinfo line LINE. */ +static void +parse_texi_line (FILE *fp, const char *line, int *table_level) +{ + int eol_action = 0; + + /* A quick test whether there are any texinfo commands. */ + if (!strchr (line, '@')) + { + fputs (line, fp); + putc ('\n', fp); + return; + } + proc_texi_buffer (fp, line, strlen (line), table_level, &eol_action); + putc ('\n', fp); +} + + +/* Write all the lines LINES to FP. */ +static void +write_content (FILE *fp, line_buffer_t lines) +{ + line_buffer_t line; + int table_level = 0; + + for (line = lines; line; line = line->next) + { + if (line->verbatim) + { + fputs (line->line, fp); + putc ('\n', fp); + } + else + { +/* fputs ("TEXI---", fp); */ +/* fputs (line->line, fp); */ +/* fputs ("---\n", fp); */ + parse_texi_line (fp, line->line, &table_level); + } + } +} + + + +static int +is_standard_section (const char *name) +{ + int i; + const char *s; + + for (i=0; (s=standard_sections[i]); i++) + if (!strcmp (s, name)) + return 1; + return 0; +} + + +/* Finish a page; that is sort the data and write it out to the file. */ +static void +finish_page (void) +{ + FILE *fp; + section_buffer_t sect; + int idx; + const char *s; + int i; + + if (!thepage.name) + return; /* No page active. */ + + if (verbose) + inf ("finishing page `%s'", thepage.name); + + if (opt_select) + { + if (!strcmp (opt_select, thepage.name)) + { + inf ("selected `%s'", thepage.name ); + fp = stdout; + } + else + { + fp = fopen ( "/dev/null", "w" ); + if (!fp) + die ("failed to open /dev/null: %s\n", strerror (errno)); + } + } + else if (opt_store) + { + inf ("writing `%s'", thepage.name ); + fp = fopen ( thepage.name, "w" ); + if (!fp) + die ("failed to create `%s': %s\n", thepage.name, strerror (errno)); + } + else + fp = stdout; + + if (write_th (fp)) + goto leave; + + for (idx=0; (s=standard_sections[idx]); idx++) + { + for (i=0; i < thepage.n_sections; i++) + { + sect = thepage.sections + i; + if (sect->name && !strcmp (s, sect->name)) + break; + } + if (i == thepage.n_sections) + sect = NULL; + + if (sect) + { + fprintf (fp, ".SH %s\n", sect->name); + write_content (fp, sect->lines); + /* Now continue with all non standard sections directly + following this one. */ + for (i++; i < thepage.n_sections; i++) + { + sect = thepage.sections + i; + if (sect->name && is_standard_section (sect->name)) + break; + if (sect->name) + { + fprintf (fp, ".SH %s\n", sect->name); + write_content (fp, sect->lines); + } + } + + } + } + + + leave: + if (fp != stdout) + fclose (fp); + free (thepage.name); + thepage.name = NULL; + /* FIXME: Cleanup the content. */ +} + + + + +/* Parse one Texinfo file and create manpages according to the + embedded instructions. */ +static void +parse_file (const char *fname, FILE *fp) +{ + char *line; + int lnr = 0; + int in_verbatim = 0; + int in_pause = 0; + char *section_name = NULL; /* Name of the current section or NULL + if not in a section. */ + int skip_to_end = 0; /* Used to skip over menu entries. */ + + line = xmalloc (LINESIZE); + while (fgets (line, LINESIZE, fp)) + { + size_t n = strlen (line); + int got_line = 0; + char *p; + + lnr++; + if (!n || line[n-1] != '\n') + { + err ("%s:$d: trailing linefeed missing, line too long or " + "embedded Nul character", fname, lnr); + break; + } + line[--n] = 0; + /* We only parse lines we need and ignore the rest. There are a + few macros used to control this as well as one @ifset + command. Parts we know about are saved away into containers + separate for each section. */ + if (*line == '@') + { + for (p=line+1, n=1; *p && *p != ' ' && *p != '\t'; p++) + n++; + while (*p == ' ' || *p == '\t') + p++; + + if (skip_to_end + &&n == 4 && !memcmp (line, "@end", 4) + && (line[4]==' '||line[4]=='\t'||!line[4])) + { + skip_to_end = 0; + } + else if (n == 6 && !memcmp (line, "@ifset", 6) + && !strncmp (p, "manverb", 7) && (p[7]==' '||p[7]=='\t'||!p[7])) + { + if (in_verbatim) + err ("%s:%d: nested \"@ifset manverb\"", fname, lnr); + else + in_verbatim = 1; + } + else if (in_verbatim && n == 4 && !memcmp (line, "@end", 4) + && !strncmp (p, "ifset", 5) + && (p[5]==' '||p[5]=='\t'||!p[5])) + { + in_verbatim = 0; + } + else if (in_verbatim) + { + got_line = 1; + } + else if (n == 8 && !memcmp (line, "@manpage", 8)) + { + free (section_name); + section_name = NULL; + finish_page (); + start_page (p); + in_pause = 0; + } + else if (n == 8 && !memcmp (line, "@mansect", 8)) + { + if (!thepage.name) + err ("%s:%d: section outside of a man page", fname, lnr); + else + { + free (section_name); + section_name = ascii_strupr (xstrdup (p)); + in_pause = 0; + } + } + else if (n == 9 && !memcmp (line, "@manpause", 9)) + { + if (!section_name) + err ("%s:%d: pausing outside of a man section", fname, lnr); + else if (in_pause) + err ("%s:%d: already pausing", fname, lnr); + else + in_pause = 1; + } + else if (n == 8 && !memcmp (line, "@mancont", 8)) + { + if (!section_name) + err ("%s:%d: continue outside of a man section", fname, lnr); + else if (!in_pause) + err ("%s:%d: continue while not pausing", fname, lnr); + else + in_pause = 0; + } + else if (n == 5 && !memcmp (line, "@menu", 5) + && (line[5]==' '||line[5]=='\t'||!line[5])) + { + skip_to_end = 1; + } + else + got_line = 1; + } + else if (!skip_to_end) + got_line = 1; + + if (got_line && in_verbatim) + add_content (section_name, line, 1); + else if (got_line && thepage.name && section_name && !in_pause) + add_content (section_name, line, 0); + + } + if (ferror (fp)) + err ("%s:%d: read error: %s", fname, lnr, strerror (errno)); + finish_page (); + free (section_name); + free (line); +} + + + + + + + +int +main (int argc, char **argv) +{ + int last_argc = -1; + + opt_source = "GNU"; + opt_release = ""; + + if (argc) + { + argc--; argv++; + } + while (argc && last_argc != argc ) + { + last_argc = argc; + if (!strcmp (*argv, "--")) + { + argc--; argv++; + break; + } + else if (!strcmp (*argv, "--help")) + { + puts ( + "Usage: " PGM " [OPTION] [FILE]\n" + "Extract man pages from a Texinfo source.\n\n" + " --source NAME use NAME as source field\n" + " --release STRING use STRING as the release field\n" + " --store write output using @manpage name\n" + " --select NAME only output pages with @manpage NAME\n" + " --verbose enable extra informational output\n" + " --debug enable additional debug output\n" + " --help display this help and exit\n\n" + "With no FILE, or when FILE is -, read standard input.\n\n" + "Report bugs to <bugs@g10code.com>."); + exit (0); + } + else if (!strcmp (*argv, "--version")) + { + puts (PGM " " VERSION "\n" + "Copyright (C) 2005 g10 Code GmbH\n" + "This program comes with ABSOLUTELY NO WARRANTY.\n" + "This is free software, and you are welcome to redistribute it\n" + "under certain conditions. See the file COPYING for details."); + exit (0); + } + else if (!strcmp (*argv, "--verbose")) + { + verbose = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--quiet")) + { + quiet = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--debug")) + { + verbose = debug = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--source")) + { + argc--; argv++; + if (argc) + { + opt_source = *argv; + argc--; argv++; + } + } + else if (!strcmp (*argv, "--release")) + { + argc--; argv++; + if (argc) + { + opt_release = *argv; + argc--; argv++; + } + } + else if (!strcmp (*argv, "--store")) + { + opt_store = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--select")) + { + argc--; argv++; + if (argc) + { + opt_select = strrchr (*argv, '/'); + if (opt_select) + opt_select++; + else + opt_select = *argv; + argc--; argv++; + } + } + } + + if (argc > 1) + die ("usage: " PGM " [OPTION] [FILE] (try --help for more information)\n"); + + /* Start processing. */ + if (argc && strcmp (*argv, "-")) + { + FILE *fp = fopen (*argv, "rb"); + if (!fp) + die ("%s:0: can't open file: %s", *argv, strerror (errno)); + parse_file (*argv, fp); + fclose (fp); + } + else + parse_file ("-", stdin); + + return !!any_error; +} + + +/* +Local Variables: +compile-command: "gcc -Wall -g -Wall -o yat2m yat2m.c" +End: +*/