1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

More man pages.

This commit is contained in:
Werner Koch 2006-08-17 18:01:25 +00:00
parent 2b587cbf91
commit 6e3e2513d8
13 changed files with 1769 additions and 328 deletions

View File

@ -3,8 +3,6 @@ Maintainer: Werner Koch <wk@gnupg.org>
Bug reports: <bug-gnupg@gnu.org>
Security related bug reports: <security@gnupg.org>
Please note that this file is for the 1.9 branch of GnuPG.
Authors
=======

View File

@ -1,3 +1,11 @@
2006-08-17 Werner Koch <wk@g10code.com>
* THANKS: Merged with the 1.4 one.
2006-08-16 Werner Koch <wk@g10code.com>
* configure.ac: Removed test for capabilities and mlock.
2006-08-15 Werner Koch <wk@g10code.com>
* Makefile.am (keyserver): Enable building of keyserver helpers.

263
THANKS
View File

@ -1,9 +1,272 @@
GnuPG was originally written by Werner Koch. Other people contributed
by reporting problems, suggesting various improvements or submitting
actual code. Here is a list of those people. Help us keep it
complete and free of errors.
Adam Mitchell adam at cafe21.org
Albert Chin china at thewrittenword.com
Alec Habig habig at budoe2.bu.edu
Alexander Belopolsky belopolsky at mac.com
Allan Clark allanc at sco.com
Anand Kumria wildfire at progsoc.uts.edu.au
Andreas Haumer andreas at xss.co.at
Andrew J. Schorr aschorr at telemetry-investments.com
Anthony Carrico acarrico at memebeam.org
Anthony Mulcahy anthony at kcn.ne.jp
Ariel T Glenn ariel at columbia.edu
Bernhard Herzog bh at intevation.de
Bernhard Reiter bernhard de intevation.de
Bob Mathews bobmathews at mindspring.com
Bodo Moeller Bodo_Moeller at public.uni-hamburg.de
Brendan O'Dea bod at debian.org
Brenno de Winter brenno at dewinter.com
Brian M. Carlson karlsson at hal-pc.org
Brian Moore bem at cmc.net
Brian Warner warner at lothar.com
Bryan Fullerton bryanf at samurai.com
Bryce Nichols bryce at bnichols.org
Carl Meijer carlm at prism.co.za
Caskey L. Dickson caskey at technocage.com
Cees van de Griend cees-list at griend.xs4all.nl
Charles Levert charles at comm.polymtl.ca
Charly Avital shavital at mac.com
Chip Salzenberg chip at valinux.com
Chris Adams cmadams at hiwaay.net
Christian Biere christianbiere at gmx.de
Christian Kurz shorty at debian.org
Christian von Roques roques at pond.sub.org
Christopher Oliver oliver at fritz.traverse.net
Christian Recktenwald chris at citecs.de
Daiki Ueno ueno at unixuser.org
Dan Winship danw at helixcode.com
Daniel Eisenbud eisenbud at cs.swarthmore.edu
Daniel Koening dan at chaosdorf.de
Daniel Resare daniel at resare.com
Dany Nativel dany at natzo.com
Dave Dykstra dwd at bell-labs.com
David C Niemi niemi at tuxers.net
David Champion dgc at uchicago.edu
David D. Scribner dscribner at bigfoot.com
David Ellement ellement at sdd.hp.com
David Hallinan hallinan at rtd.com
David Hollenberg dhollen at ISI.EDU
David Mathog MATHOG at seqaxp.bio.caltech.edu
David R. Bergstein dbergstein at home.com
David Shaw dshaw at jabberwocky.com
Detlef Lannert lannert at lannert.rz.uni-duesseldorf.de
Dimitri dmitri at advantrix.com
Dirk Lattermann dlatt at t-online.de
Dirk Meyer dirk.meyer at dinoex.sub.org
Disastry Disastry at saiknes.lv
Douglas Calvert dfc at anize.org
Ed Boraas ecxjo at esperanto.org
Edmund GRIMLEY EVANS edmundo at rano.org
Edwin Woudt edwin at woudt.nl
Enzo Michelangeli em at MailAndNews.com
Ernst Molitor ernst.molitor at uni-bonn.de
Evgeny Legerov
Fabio Coatti cova at ferrara.linux.it
Felix von Leitner leitner at amdiv.de
fish stiqz fish at analog.org
Florian Weimer Florian.Weimer at rus.uni-stuttgart.de
Francesco Potorti pot at gnu.org
Frank Donahoe fdonahoe at wilkes1.wilkes.edu
Frank Heckenbach heckenb at mi.uni-erlangen.de
Frank Stajano frank.stajano at cl.cam.ac.uk
Frank Tobin ftobin at uiuc.edu
Gabriel Rosenkoetter gr at eclipsed.net
Gaël Quéri gael at lautre.net
Gene Carter gcarter at lanier.com
Geoff Keating geoffk at ozemail.com.au
Georg Schwarz georg.schwarz at iname.com
Giampaolo Tomassoni g.tomassoni at libero.it
Gilbert Fernandes gilbert_fernandes at hotmail.com
Greg Louis glouis at dynamicro.on.ca
Greg Troxel gdt at ir.bbn.com
Gregory Steuck steuck at iname.com
Harald Denker harry at hal.westfalen.de
Holger Baust Holger.Baust at freenet-ag.de
Hendrik Buschkamp buschkamp at rheumanet.org
Holger Schurig holger at d.om.org
Holger Smolinski smolinsk at de.ibm.com
Holger Trapp Holger.Trapp at informatik.tu-chemnitz.de
Hugh Daniel hugh at toad.com
Huy Le huyle at ugcs.caltech.edu
Ian McKellar imckellar at harvestroad.com.au
Ingo Klöcker kloecker at kde.org
Ivo Timmermans itimmermans at bigfoot.com
Jan Krueger max at physics.otago.ac.nz
Jan Niehusmann jan at gondor.com
Jan-0liver Wagner jan @ intevation.de
Janusz A. Urbanowicz alex at bofh.torun.pl
James Troup james at nocrew.org
Jean-loup Gailly gzip at prep.ai.mit.edu
Jeff Long long at kestrel.cc.ukans.edu
Jeffery Von Ronne jronne at ics.uci.edu
Jens Bachem bachem at rrz.uni-koeln.de
Jeroen C. van Gelderen jeroen at vangelderen.org
J Horacio MG homega at ciberia.es
J. Michael Ashley jashley at acm.org
Jim Bauer jfbauer at home.com
Jim Small cavenewt at my-deja.com
Joachim Backes backes at rhrk.uni-kl.de
Joe Rhett jrhett at isite.net
Joerg Honegger Joerg.Honegger at hp.com
John A. Martin jam at jamux.com
John Clizbe JPClizbe at comcast.net
John R. Shannon john at johnrshannon.com
Johnny Teveßen j.tevessen at gmx.de
Jörg Schilling schilling at fokus.gmd.de
Jos Backus Jos.Backus at nl.origin-it.com
Joseph Walton joe at kafsemo.org
Juan F. Codagnone juam at arnet.com.ar
Jun Kuriyama kuriyama at sky.rim.or.jp
Kahil D. Jallad kdj4 at cs.columbia.edu
Karl Fogel kfogel at guanabana.onshore.com
Karsten Thygesen karthy at kom.auc.dk
Katsuhiro Kondou kondou at nec.co.jp
Kazu Yamamoto kazu at iij.ad.jp
Kazuyoshi Kakihara
Keith Clayton keith at claytons.org
Kevin Ryde user42 at zip.com.au
Klaus Singvogel ks at caldera.de
Kurt Garloff garloff at suse.de
Lars Kellogg-Stedman lars at bu.edu
L. Sassaman rabbi at quickie.net
M Taylor mctaylor at privacy.nb.ca
Marcel Waldvogel mwa at arl.wustl.edu
Marco d'Itri md at linux.it
Marco Parrone marc0 at autistici.org
Marcus Brinkmann Marcus.Brinkmann at ruhr-uni-bochum.de
Mark Adler madler at alumni.caltech.edu
Mark Elbrecht snowball3 at bigfoot.com
Mark Pettit pettit at yahoo-inc.com
Markus Friedl Markus.Friedl at informatik.uni-erlangen.de
Martin Kahlert martin.kahlert at provi.de
Martin Hamilton
Martin Schulte schulte at thp.uni-koeln.de
Matt Kraai kraai at alumni.carnegiemellon.edu
Matthew Skala mskala at ansuz.sooke.bc.ca
Matthew Wilcox matthew at wil.cx
Matthias Urlichs smurf at noris.de
Max Valianskiy maxcom at maxcom.ml.org
Michael Engels michael.engels at uni-duesseldorf.de
Michael Fischer v. Mollard mfvm at gmx.de
Michael Nottebrock michaelnottebrock at gmx.net
Michael Roth mroth at nessie.de
Michael Sobolev mss at despair.transas.com
Michael Tokarev mjt at tls.msk.ru
Mike Dowling ML.Dowling at tu-bs.de
Mike McEwan mike at lotusland.demon.co.uk
Moritz Schulte moritz at chaosdorf.de
Neal H Walfield neal at cs.uml.edu
Nelson H. F. Beebe beebe at math.utah.edu
Nicolas Graner Nicolas.Graner at cri.u-psud.fr
NIIBE Yutaka gniibe at chroot.org
Niklas Hernaeus
Nimrod Zimerman zimerman at forfree.at
Norihiko Murase skeleten at shillest.net
N J Doye nic at niss.ac.uk
Oliver Haakert haakert at hsp.de
Oskari Jääskeläinen f33003a at cc.hut.fi
Pascal Scheffers Pascal at scheffers.net
Paul D. Smith psmith at baynetworks.com
Per Cederqvist ceder at lysator.liu.se
Phil Blundell pb at debian.org
Philippe Laliberte arsphl at oeil.qc.ca
Peter Fales psfales at lucent.com
Peter Gutmann pgut001 at cs.auckland.ac.nz
Peter Marschall Peter.Marschall at gedos.de
Peter Valchev pvalchev at openbsd.org
Phong Nguyen Phong.Nguyen at ens.fr
Piotr Krukowiecki piotr at pingu.ii.uj.edu.pl
QingLong qinglong at bolizm.ihep.su
Ralph Gillen gillen at theochem.uni-duesseldorf.de
Rat ratinox at peorth.gweep.net
Ray Link rlink at pitt.edu
Reinhard Wobst R.Wobst at ifw-dresden.de
Rémi Guyomarch rguyom at mail.dotcom.fr
Reuben Sumner rasumner at wisdom.weizmann.ac.il
Richard Lefebvre rick at cerca.umontreal.ca
Richard Outerbridge outer at interlog.com
Richard Patterson vectro at yahoo.com
Robert Joop rj at rainbow.in-berlin.de
Roddy Strachan roddy at satlink.com.au
Roger Sondermann r.so at bigfoot.com
Roland Rosenfeld roland at spinnaker.rhein.de
Roman Pavlik rp at tns.cz
Ross Golder rossigee at bigfoot.com
Russell Coker russell at coker.com.au
Ryan Malayter rmalayter at bai.org
Sam Roberts sam at cogent.ca
Sami Tolvanen sami at tolvanen.com
Sascha Kiefer sk at intertivity.com
Scott Worley sworley at chkno.net
Sean MacLennan seanm at netwinder.org
Sebastian Klemke packet at convergence.de
Serge Munhoven munhoven at mema.ucl.ac.be
SL Baur steve at xemacs.org
Stefan Bellon sbellon at sbellon.de
Dr.Stefan.Dalibor Dr.Stefan.Dalibor at bfa.de
Stefan Karrmann S.Karrmann at gmx.net
Stefan Keller dres at cs.tu-berlin.de
Steffen Ullrich ccrlphr at xensei.com
Steffen Zahn zahn at berlin.snafu.de
Steven Bakker steven at icoe.att.com
Steven Murdoch sjmurdoch at bigfoot.com
Susanne Schultz schultz at hsp.de
Tavis Ormandy taviso at gentoo.org
Ted Cabeen secabeen at pobox.com
Thiago Jung Bauermann jungmann at cwb.matrix.com.br
Thijmen Klok thijmen at xs4all.nl
Thomas Roessler roessler at guug.de
Tim Mooney mooney at dogbert.cc.ndsu.nodak.edu
Timo Schulz twoaday at freakmail.de
Tobias Winkler tobias.winkler at s1998.tu-chemnitz.de
Todd Vierling tv at pobox.com
TOGAWA Satoshi Satoshi.Togawa at jp.yokogawa.com
Tom Spindler dogcow at home.merit.edu
Tom Zerucha tzeruch at ceddec.com
Tomas Fasth tomas.fasth at twinspot.net
Tommi Komulainen Tommi.Komulainen at iki.fi
Thomas Klausner wiz at danbala.ifoer.tuwien.ac.at
Tomasz Kozlowski tomek at rentec.com
Thomas Mikkelsen tbm at image.dk
Ulf Möller 3umoelle at informatik.uni-hamburg.de
Urko Lusa ulusa at euskalnet.net
Vincent P. Broman broman at spawar.navy.mil
Volker Quetschke quetschke at scytek.de
W Lewis wiml at hhhh.org
Walter Hofmann Walter.Hofmann at physik.stud.uni-erlangen.de
Walter Koch koch at hsp.de
Wayne Chapeskie waynec at spinnaker.com
Werner Koch wk at gnupg.org
Wim Vandeputte bunbun at reptile.rug.ac.be
Winona Brown win at huh.org
Yosiaki IIDA iida at ring.gr.jp
Yoshihiro Kajiki kajiki at ylug.org
nbecker at hns.com
Thanks to the German Unix User Group for sponsoring this project,
Martin Hamilton for hosting the first mailing list and OpenIT for
hosting the server.
The development of this software has partly (i.e. the Windows port)
been funded by the German Ministry for Economics and Technology under
grant VIB3-68553.168-001/1999.
Many thanks to my wife Gerlinde for having so much patience with
me while hacking late in the evening.
Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004
2006 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

10
TODO
View File

@ -98,11 +98,14 @@ might want to have an agent context for each service request
* sm/
** check that we issue NO_SECKEY xxx if a -u key was not found
We don't. The messages retruned are also wrong (recipient vs. signer).
* jnlib/
** provide jnlib_malloc and try to remove all jnlib_xmalloc.
** Extend utf8conv.c to make use of iconv.
Need to merge with the code in 1.4/util/strgutil.c.
* gpg/
* g10/
** issue a NO_SECKEY xxxx if a -u key was not found.
** Replace DIGEST_ALGO_SHA224
We can't do that right now because it is only defined by newer
@ -121,7 +124,6 @@ might want to have an agent context for each service request
Update to gpg 1.4.3 version
what about gnupg_use_iconv?
Extend selinux support to other modules
Does the check for Linux capabilities still makes sense?
* Extend selinux support to other modules

View File

@ -988,41 +988,11 @@ AC_CHECK_FUNCS([getrusage setrlimit stat setlocale])
AC_CHECK_FUNCS([flockfile funlockfile fopencookie funopen])
GNUPG_CHECK_MLOCK
#
# W32 specific test
#
GNUPG_FUNC_MKDIR_TAKES_ONE_ARG
#
# Check whether we can use Linux capabilities as requested
#
# fixme: Still required?
#
if test "$use_capabilities" = "yes" ; then
use_capabilities=no
AC_CHECK_HEADERS(sys/capability.h)
if test "$ac_cv_header_sys_capability_h" = "yes" ; then
AC_CHECK_LIB(cap, cap_init, ac_need_libcap=1)
if test "$ac_cv_lib_cap_cap_init" = "yes"; then
AC_DEFINE(USE_CAPABILITIES,1,
[define if capabilities should be used])
AC_SUBST(CAPLIBS,"-lcap")
use_capabilities=yes
fi
fi
if test "$use_capabilities" = "no" ; then
AC_MSG_WARN([[
***
*** The use of capabilities on this system is not possible.
*** You need a recent Linux kernel and some patches:
*** fcaps-2.2.9-990610.patch (kernel patch for 2.2.9)
*** fcap-module-990613.tar.gz (kernel module)
*** libcap-1.92.tar.gz (user mode library and utilities)
*** And you have to configure the kernel with CONFIG_VFS_CAP_PLUGIN
*** set (filesystems menu). Be warned: This code is *really* ALPHA.
***]])
fi
fi
#
# Sanity check regex. Tests adapted from mutt.

View File

@ -1,3 +1,9 @@
2006-08-17 Werner Koch <wk@g10code.com>
* Makefile.am: Added rules to build man pages.
* yat2m.c: New.
2006-02-14 Werner Koch <wk@gnupg.org>
* gpgsm.texi (GPGSM Configuration): New section.

View File

@ -27,6 +27,8 @@ EXTRA_DIST = gnupg-badge-openpgp.eps gnupg-badge-openpgp.jpg \
BUILT_SOURCES = gnupg-card-architecture.eps gnupg-card-architecture.png \
gnupg-card-architecture.pdf
noinst_PROGRAMS = yat2m
info_TEXINFOS = gnupg.texi
dist_pkgdata_DATA = qualified.txt
@ -36,8 +38,22 @@ gnupg_TEXINFOS = \
tools.texi debugging.texi glossary.texi contrib.texi gpl.texi \
sysnotes.texi gnupg-card-architecture.fig
DISTCLEANFILES = gnupg.tmp gnupg.ops
YAT2M_OPTIONS = \
--release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard"
myman_sources = gpg.texi gpgsm.texi gpg-agent.texi scdaemon.texi tools.texi
myman_pages = gpg2.1 gpgsm.1 gpg-agent.1 scdaemon.1 \
watchgnupg.1 gpgconf.1 addgnupghome.8
man_MANS = $(myman_pages)
watchgnupg_SOURCE = gnupg.texi
DISTCLEANFILES = gnupg.tmp gnupg.ops yat2m-stamp.tmp yat2m-stamp \
$(myman_pages)
yat2m_SOURCES = yat2m.c
.fig.png:
@ -53,3 +69,26 @@ DISTCLEANFILES = gnupg.tmp gnupg.ops
fig2dev -L pdf `test -f '$<' || echo '$(srcdir)/'`$< $@
yat2m-stamp: $(myman_sources)
@rm -f yat2m-stamp.tmp
@touch yat2m-stamp.tmp
for file in $(myman_sources) ; do \
./yat2m $(YAT2M_OPTIONS) --store \
`test -f '$$file' || echo '$(srcdir)/'`$$file ; done
@mv -f yat2m-stamp.tmp $@
yat2m-stamp: yat2m
$(myman_pages) : yat2m-stamp
@if test -f $@; then :; else \
trap 'rm -rf yat2m-stamp yat2m-lock' 1 2 13 15; \
if mkdir yat2m-lock 2>/dev/null; then \
rm -f yat2m-stamp; \
$(MAKE) $(AM_MAKEFLAGS) yat2m-stamp; \
rmdir yat2m-lock; \
else \
while test -d yat2m-lock; do sleep 1; done; \
test -f yat2m-stamp; exit $$?; \
fi; \
fi

View File

@ -34,7 +34,7 @@ Published by the Free Software Foundation@*
Boston, MA 02111-1307 USA
@end iftex
Copyright @copyright{} 2002, 2004, 2005 Free Software Foundation, Inc.
Copyright @copyright{} 2002, 2004, 2005, 2006 Free Software Foundation, Inc.
@quotation
Permission is granted to copy, distribute and/or modify this document

View File

@ -8,8 +8,40 @@
@cindex command options
@cindex options, GPG-AGENT command
@c man begin DESCRIPTION
@manpage gpg-agent.1
@ifset manverb
.B gpg-agent
.R \- Secret key management for GnuPG
@end ifset
@mansect synopsis
@ifset manverb
.B gpg-agent
.RB [ \-\-homedir
.IR dir ]
.RB [ \-\-options
.IR file ]
.RI [ options ]
.br
.B gpg-agent
.RB [ \-\-homedir
.IR dir ]
.RB [ \-\-options
.IR file ]
.RI [ options ]
.B \-\-server
.br
.B gpg-agent
.RB [ \-\-homedir
.IR dir ]
.RB [ \-\-options
.IR file ]
.RI [ options ]
.B \-\-daemon
.RI [ command_line ]
@end ifset
@mansect description
@command{gpg-agent} is a daemon to manage secret (private) keys
independently from any protocol. It is used as a backend for
@command{gpg} and @command{gpgsm} as well as for a couple of other
@ -67,10 +99,10 @@ It is often useful to install a symbolic link from the actual used
pinentry (e.g. @file{/usr/bin/pinentry-gtk}) to the expected
one (e.g. @file{/usr/bin/pinentry}).
@c man end
@manpause
@noindent
@xref{Option Index},for an index to @command{GPG-AGENT}'s commands and options.
@mancont
@menu
* Agent Commands:: List of all commands.
@ -81,8 +113,7 @@ one (e.g. @file{/usr/bin/pinentry}).
* Agent Protocol:: The protocol the agent uses.
@end menu
@c man begin COMMANDS
@mansect commands
@node Agent Commands
@section Commands
@ -95,9 +126,10 @@ only one one command is allowed.
Print the program version and licensing information. Not that you can
abbreviate this command.
@item --help, -h
@item --help
@itemx -h
@opindex help
Print a usage message summarizing the most usefule command-line options.
Print a usage message summarizing the most useful command-line options.
Not that you can abbreviate this command.
@item --dump-options
@ -110,7 +142,7 @@ abbreviate this command.
Run in server mode and wait for commands on the @code{stdin}. The
default mode is to create a socket and listen for commands there.
@item --daemon
@item --daemon [@var{command line}]
@opindex daemon
Run the program in the background. This option is required to prevent
it from being accidently running in the background. A common way to do
@ -121,8 +153,7 @@ $ eval `gpg-agent --daemon`
@end table
@c man begin OPTIONS
@mansect options
@node Agent Options
@section Option Summary
@ -152,7 +183,7 @@ directory stated through the environment variable @env{GNUPGHOME} or
@opindex verbose
Outputs additional information while running.
You can increase the verbosity by giving several
verbose commands to @sc{gpgsm}, such as @samp{-vv}.
verbose commands to @command{gpgsm}, such as @samp{-vv}.
@item -q
@item --quiet
@ -359,9 +390,9 @@ information.
@itemx --keep-display
@opindex keep-tty
@opindex keep-display
Ignore requests to change change the current @sc{tty} respective the X
Ignore requests to change change the current @code{tty} respective the X
window system's @code{DISPLAY} variable. This is useful to lock the
pinentry to pop up at the @sc{tty} or display you started the agent.
pinentry to pop up at the @code{tty} or display you started the agent.
@anchor{option --enable-ssh-support}
@item --enable-ssh-support
@ -405,8 +436,7 @@ All the long options may also be given in the configuration file after
stripping off the two leading dashes.
@c man begin FILES
@mansect files
@node Agent Configuration
@section Configuration
@ -488,6 +518,7 @@ a small helper script is provied to create these files (@pxref{addgnupghome}).
@c
@c Agent Signals
@c
@mansect signals
@node Agent Signals
@section Use of some signals.
A running @command{gpg-agent} may be controlled by signals, i.e. using
@ -533,19 +564,16 @@ This signal is used for internal purposes.
@c
@c Examples
@c
@mansect examples
@node Agent Examples
@section Examples
@c man begin EXAMPLES
The usual way to invoke @command{gpg-agent} is
@example
$ eval `gpg-agent --daemon`
@end example
@c man end
An alternative way is by replacing @command{ssh-agent} with
@command{gpg-agent}. If for example @command{ssh-agent} is started as
part of the Xsession intialization you may simply replace
@ -580,6 +608,7 @@ to your shell initialization file (e.g. @file{~/.bashrc}).
@c
@c Assuan Protocol
@c
@mansect assuan
@node Agent Protocol
@section Agent's Assuan Protocol

View File

@ -9,14 +9,33 @@
@cindex command options
@cindex options, GPG command
@c man begin DESCRIPTION
@command{gpg2} is the OpenPGP part of GnuPG. It is a tool to provide
digitla encryption and signing services using the OpenPGP
standard. @command{gpg2} features complete key management and all bells
and whistles you can expect from a decent OpenPGP implementation.
@manpage gpg2.1
@ifset manverb
.B gpg2
.R \- OpenPGP encryption and signing tool
@end ifset
In contrast to the standalone version @command{gpg,} which is more
@mansect synopsis
@ifset manverb
.B gpg2
.RB [ \-\-homedir
.IR dir ]
.RB [ \-\-options
.IR file ]
.RI [ options ]
.I command
.RI [ args ]
@end ifset
@mansect description
@command{gpg2} is the OpenPGP part of the GNU Privacy Guard (GnuPG). It
is a tool to provide digitla encryption and signing services using the
OpenPGP standard. @command{gpg2} features complete key management and
all bells and whistles you can expect from a decent OpenPGP
implementation.
In contrast to the standalone version @command{gpg}, which is more
suited for server and embedded platforms, this version is installed
under the name @command{gpg2} and more targeted to the desktop as it
requires several other modules to be installed. The standalone version
@ -25,12 +44,12 @@ the same system. If you need to use different configuration files, you
should make use of something like @file{gpg.conf-2} instead of just
@file{gpg.conf}.
@manpause
Documentation for the old standard @command{gpg} is available as man page
man page and at @inforef{Top,GnuPG 1,gpg}.
@c man end
@xref{Option Index}, for an index to @command{GPG}'s commands and options.
@mancont
@menu
* GPG Commands:: List of all commands.
@ -44,13 +63,13 @@ Developer information:
@end menu
@c *******************************************
@c *************** ****************
@c *************** COMMANDS ****************
@c *************** ****************
@c *******************************************
@c man begin COMMANDS
@mansect commands
@node GPG Commands
@section Commands
@ -86,7 +105,8 @@ using the special option "--".
Print the program version and licensing information. Note that you
cannot abbreviate this command.
@item --help, -h
@item --help
@itemx -h
@opindex help
Print a usage message summarizing the most useful command line options.
Not that you cannot abbreviate this command.
@ -486,9 +506,11 @@ of certification (like a regular signature), and trust (like the
or groups.
@end table
@c man:.RS
Note that "l" (for local / non-exportable), "nr" (for non-revocable,
and "t" (for trust) may be freely mixed and prefixed to "sign" to
create a signature of any type desired.
@c man:.RE
@table @asis
@ -698,11 +720,13 @@ key rings.
@end table
@c man:.RS
The listing shows you the key with its secondary keys and all user
ids. Selected keys or user ids are indicated by an asterisk. The trust
value is displayed with the primary key: the first is the assigned owner
trust and the second is the calculated trust value. Letters are used for
the values:
@c man:.RE
@table @asis
@ -736,7 +760,7 @@ Signs a public key with your secret key. This is a shortcut version of
the subcommand "sign" from --edit.
@item --lsign-key @code{name}
@opindex lsign-ket
@opindex lsign-key
Signs a public key with your secret key but marks it as
non-exportable. This is a shortcut version of the subcommand "lsign"
from --edit.
@ -750,6 +774,7 @@ from --edit.
@c *************** OPTIONS ****************
@c *************** ****************
@c *******************************************
@mansect options
@node GPG Options
@section Option Summary
@ -764,8 +789,6 @@ behaviour and to change the default configuration.
* GPG Esoteric Options:: Doing things one usually don't want to do.
@end menu
@c man begin OPTIONS
Long options can be put in an options file (default
"~/.gnupg/gpg.conf"). Short option names will not work - for example,
"armor" is a valid option for the options file, while "a" is not. Do not
@ -2309,7 +2332,7 @@ only usable with --with-colons set.
@c *************** FILES ****************
@c *************** ****************
@c *******************************************
@c man begin FILES
@mansect files
@node GPG Configuration
@section Configuration files
@ -2329,6 +2352,7 @@ name may be changed on the command line (@pxref{option
@end table
@c man:.RE
Note that on larger installations, it is useful to put predefined files
into the directory @file{/etc/skel/.gnupg/} so that newly created users
start up with a working configuration. For existing users the a small
@ -2338,14 +2362,60 @@ For internal purposes @command{gpg2} creates and maintaines a few other
files; They all live in in the current home directory (@pxref{option
--homedir}). Only the @command{gpg2} may modify these files.
@table @file
@item pubring.gpg
@cindex pubring.gpg
xxx
@item random_seed
@cindex random_seed
xxxx
@table @file
@item ~/.gnupg/secring.gpg
The secret keyring.
@item ~/.gnupg/secring.gpg.lock
and the lock file
@item ~/.gnupg/pubring.gpg
The public keyring
@item ~/.gnupg/pubring.gpg.lock
and the lock file
@item ~/.gnupg/trustdb.gpg
The trust database
@item ~/.gnupg/trustdb.gpg.lock
and the lock file
@item ~/.gnupg/random_seed
used to preserve the internal random pool
@item /usr[/local]/share/gnupg/options.skel
Skeleton options file
@item /usr[/local]/lib/gnupg/
Default location for extensions
@end table
@c man:.RE
Operation is further controlled by a few environment variables:
@table @asis
@item HOME
Used to locate the default home directory.
@item GNUPGHOME
If set directory used instead of "~/.gnupg".
@item GPG_AGENT_INFO
Used to locate the gpg-agent; only honored when
--use-agent is set. The value consists of 3 colon delimited fields:
The first is the path to the Unix Domain Socket, the second the PID of
the gpg-agent and the protocol version which should be set to 1. When
starting the gpg-agent as described in its documentation, this
variable is set to the correct value. The option --gpg-agent-info can
be used to override it.
@item COLUMNS
@itemx LINES
Used to size some displays to the full size of the screen.
@end table
@ -2355,26 +2425,41 @@ xxxx
@c *************** EXAMPLES ****************
@c *************** ****************
@c *******************************************
@mansect examples
@node GPG Examples
@section Examples
@c man begin EXAMPLES
@table @asis
@example
fooo
@end example
@item gpg -se -r @code{Bob} @code{file}
sign and encrypt for user Bob
@c man end
@item gpg --clearsign @code{file}
make a clear text signature
@item gpg -sb @code{file}
make a detached signature
@item gpg --list-keys @code{user_ID}
show keys
@item gpg --fingerprint @code{user_ID}
show fingerprint
@item gpg --verify @code{pgpfile}
@itemx gpg --verify @code{sigfile}
Verify the signature of the file but do not output the data. The
second form is used for detached signatures, where @code{sigfile}
is the detached signature (either ASCII armored or binary) and
are the signed data; if this is not given, the name of
the file holding the signed data is constructed by cutting off the
extension (".asc" or ".sig") of @code{sigfile} or by asking the
user for the filename.
@end table
ENDEND
@c @chapheading How to specify a user ID
@mansect how to specify a user id
@chapheading How to specify a user ID
There are different ways to specify a user ID to GnuPG; here are some
examples:
@ -2426,103 +2511,15 @@ Note that you can append an exclamation mark (!) to key IDs or
fingerprints. This flag tells GnuPG to use the specified primary or
secondary key and not to try and calculate which primary or secondary
key to use.
@mansect return vaue
@chapheading RETURN VALUE
The program returns 0 if everything was fine, 1 if at least
a signature was bad, and other error codes for fatal errors.
@chapheading EXAMPLES
@table @asis
@item gpg -se -r @code{Bob} @code{file}
sign and encrypt for user Bob
@item gpg --clearsign @code{file}
make a clear text signature
@item gpg -sb @code{file}
make a detached signature
@item gpg --list-keys @code{user_ID}
show keys
@item gpg --fingerprint @code{user_ID}
show fingerprint
@item gpg --verify @code{pgpfile}
@itemx gpg --verify @code{sigfile}
Verify the signature of the file but do not output the data. The
second form is used for detached signatures, where @code{sigfile}
is the detached signature (either ASCII armored or binary) and
are the signed data; if this is not given, the name of
the file holding the signed data is constructed by cutting off the
extension (".asc" or ".sig") of @code{sigfile} or by asking the
user for the filename.
@end table
@c @chapheading ENVIRONMENT
@table @asis
@item HOME
Used to locate the default home directory.
@item GNUPGHOME
If set directory used instead of "~/.gnupg".
@item GPG_AGENT_INFO
Used to locate the gpg-agent; only honored when
--use-agent is set. The value consists of 3 colon delimited fields:
The first is the path to the Unix Domain Socket, the second the PID of
the gpg-agent and the protocol version which should be set to 1. When
starting the gpg-agent as described in its documentation, this
variable is set to the correct value. The option --gpg-agent-info can
be used to override it.
@item COLUMNS
@itemx LINES
Used to size some displays to the full size of the screen.
@end table
@chapheading FILES
@table @asis
@item ~/.gnupg/secring.gpg
The secret keyring
@item ~/.gnupg/secring.gpg.lock
and the lock file
@item ~/.gnupg/pubring.gpg
The public keyring
@item ~/.gnupg/pubring.gpg.lock
and the lock file
@item ~/.gnupg/trustdb.gpg
The trust database
@item ~/.gnupg/trustdb.gpg.lock
and the lock file
@item ~/.gnupg/random_seed
used to preserve the internal random pool
@item ~/.gnupg/gpg.conf
Default configuration file
@item ~/.gnupg/options
Old style configuration file; only used when gpg.conf
is not found
@item /usr[/local]/share/gnupg/options.skel
Skeleton options file
@item /usr[/local]/lib/gnupg/
Default location for extensions
@end table
@c @chapheading WARNINGS
@mansect warnings
@chapheading WARNINGS
Use a *good* password for your user account and a *good* passphrase
to protect your secret key. This passphrase is the weakest part of the
@ -2536,6 +2533,8 @@ is *very* easy to spy out your passphrase!
If you are going to verify detached signatures, make sure that the
program knows about it; either give both filenames on the command line
or use @samp{-} to specify stdin.
@mansect interoperability
@chapheading INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS
GnuPG tries to be a very flexible implementation of the OpenPGP
@ -2564,6 +2563,8 @@ better off using the --pgp6, --pgp7, or --pgp8 options. These options
are safe as they do not force any particular algorithms in violation
of OpenPGP, but rather reduce the available algorithms to a "PGP-safe"
list.
@mansect bugs
@chapheading BUGS
On many systems this program should be installed as setuid(root). This
@ -2574,5 +2575,3 @@ warning message about insecure memory your operating system supports
locking without being root. The program drops root privileges as soon
as locked memory is allocated.

View File

@ -8,17 +8,35 @@
@cindex command options
@cindex options, GPGSM command
@c man begin DESCRIPTION
@manpage gpgsm.1
@ifset manverb
.B gpgsm
.R \- CMS encryption and signing tool
@end ifset
@mansect synopsis
@ifset manverb
.B gpgsm
.RB [ \-\-homedir
.IR dir ]
.RB [ \-\-options
.IR file ]
.RI [ options ]
.I command
.RI [ args ]
@end ifset
@mansect description
@command{gpgsm} is a tool similar to @command{gpg} to provide digital
encryption and signing servicesd on X.509 certificates and the CMS
protocol. It is mainly used as a backend for S/MIME mail processing.
@command{gpgsm} includes a full features certificate management and
complies with all rules defined for the German Sphinx project.
@c man end
@manpause
@xref{Option Index}, for an index to @command{GPGSM}'s commands and options.
@mancont
@menu
* GPGSM Commands:: List of all commands.
@ -31,8 +49,12 @@ Developer information:
* GPGSM Protocol:: The protocol the server mode uses.
@end menu
@c man begin COMMANDS
@c *******************************************
@c *************** ****************
@c *************** COMMANDS ****************
@c *************** ****************
@c *******************************************
@mansect commands
@node GPGSM Commands
@section Commands
@ -45,6 +67,10 @@ only one command is allowed.
* Certificate Management:: How to manage certificates.
@end menu
@c *******************************************
@c ********** GENERAL COMMANDS *************
@c *******************************************
@node General GPGSM Commands
@subsection Commands not specific to the function
@ -59,6 +85,10 @@ abbreviate this command.
Print a usage message summarizing the most usefule command-line options.
Not that you can abbreviate this command.
@item --warranty
@opindex warranty
Print warranty information.
@item --dump-options
@opindex dump-options
Print a list of all available options and commands. Not that you can
@ -66,7 +96,9 @@ abbreviate this command.
@end table
@c *******************************************
@c ******** OPERATIONAL COMMANDS ***********
@c *******************************************
@node Operational GPGSM Commands
@subsection Commands to select the type of operation
@ -122,8 +154,11 @@ use @samp{--help} to get a list of supported operations.
@end table
@c *******************************************
@c ******* CERTIFICATE MANAGEMENT **********
@c *******************************************
@node Certificate Management
@subsection How to manage the certificate and keys
@subsection How to manage the certificates and keys
@table @gnupgtabopt
@item --gen-key
@ -200,8 +235,8 @@ secret key from a PKCS#12 file.
@item --learn-card
@opindex learn-card
Read information about the private keys from the smartcard and import
the certificates from there. This command utilizes the @sc{gpg-agent}
and in turn the @sc{scdaemon}.
the certificates from there. This command utilizes the @command{gpg-agent}
and in turn the @command{scdaemon}.
@item --passwd @var{user_id}
@opindex passwd
@ -212,6 +247,12 @@ smartcard is not yet supported.
@end table
@c *******************************************
@c *************** ****************
@c *************** OPTIONS ****************
@c *************** ****************
@c *******************************************
@mansect options
@node GPGSM Options
@section Option Summary
@ -226,8 +267,10 @@ and to change the default configuration.
* Esoteric Options:: Doing things one usually don't want to do.
@end menu
@c man begin OPTIONS
@c *******************************************
@c ******** CONFIGURATION OPTIONS **********
@c *******************************************
@node Configuration Options
@subsection How to change the configuration
@ -296,6 +339,9 @@ When running in server mode, append all logging output to @var{file}.
@end table
@c *******************************************
@c ******** CERTIFICATE OPTIONS ************
@c *******************************************
@node Certificate Options
@subsection Certificate related options
@ -335,7 +381,7 @@ performance, the dirmngr will actually optimize this by suppressing
the loading for short time intervalls (e.g. 30 minutes). This option
is useful to make sure that a fresh CRL is available for certificates
hold in the keybox. The suggested way of doing this is by using it
along with the option @option{--with-validation} for a ke listing
along with the option @option{--with-validation} for a key listing
command. This option should not be used in a configuration file.
@item --enable-ocsp
@ -352,6 +398,9 @@ so you will get the error code @samp{Not supported}.
@end table
@c *******************************************
@c *********** INPUT AND OUTPUT ************
@c *******************************************
@node Input and Output
@subsection Input and Output
@ -411,6 +460,9 @@ certificate.
@end table
@c *******************************************
@c ************* CMS OPTIONS ***************
@c *******************************************
@node CMS Options
@subsection How to change how the CMS is created.
@ -425,6 +477,9 @@ values include up to @var{n} certificates starting with the signer cert.
@c *******************************************
@c ******** ESOTERIC OPTIONS ***************
@c *******************************************
@node Esoteric Options
@subsection Doing things one usually don't want to do.
@ -527,8 +582,12 @@ All the long options may also be given in the configuration file after
stripping off the two leading dashes.
@c man begin FILES
@c *******************************************
@c *************** ****************
@c *************** FILES ****************
@c *************** ****************
@c *******************************************
@mansect files
@node GPGSM Configuration
@section Configuration files
@ -558,10 +617,12 @@ in this file will fail the signature verification.
For example, to allow only the policy 2.289.9.9, the file should look
like this:
@c man:.RS
@example
# Allowed policies
2.289.9.9
@end example
@c man:.RE
@item qualified.txt
@cindex qualified.txt
@ -601,16 +662,17 @@ certificates, appropriate notices will be shown to indicate this fact.
@end table
@c man:.RE
Note that on larger installations, it is useful to put predefined files
into the directory @file{/etc/skel/.gnupg/} so that newly created users
start up with a working configuration. For existing users the a small
helper script is provided to create these files (@pxref{addgnupghome}).
For internal purposes gpgsm creates and maintaines a few other files;
They all live in in the current home directory (@pxref{option
--homedir}). Only @command{gpgsm} may modify these files.
@table @file
@item pubring.kbx
@cindex pubring.kbx
@ -627,25 +689,28 @@ other programs of this software too.
@end table
@c
@c Examples
@c
@c *******************************************
@c *************** ****************
@c *************** EXAMPLES ****************
@c *************** ****************
@c *******************************************
@mansect examples
@node GPGSM Examples
@section Examples
@c man begin EXAMPLES
@example
$ gpgsm -er goo@@bar.net <plaintext >ciphertext
@end example
@c man end
@c ---------------------------------
@c The machine interface
@c --------------------------------
@c *******************************************
@c *************** **************
@c *************** UNATTENDED **************
@c *************** **************
@c *******************************************
@node Unattended Usage
@section Unattended Usage
@ -704,9 +769,12 @@ this is a missing certificate.
@end table
@c
@c Assuan Protocol
@c
@c *******************************************
@c *************** *****************
@c *************** ASSSUAN *****************
@c *************** *****************
@c *******************************************
@mansect assuan
@node GPGSM Protocol
@section The Protocol the Server Mode Uses.

View File

@ -8,14 +8,41 @@
@cindex command options
@cindex options, SCDAEMON command
@c man begin DESCRIPTION
@manpage scdaemon.1
@ifset manverb
.B scdaemon
.R \- Smartcard daemon for the GnuPG system
@end ifset
@mansect synopsis
@ifset manverb
.B scdaemon
.RB [ \-\-homedir
.IR dir ]
.RB [ \-\-options
.IR file ]
.RI [ options ]
.B \-\-server
.br
.B scdaemon
.RB [ \-\-homedir
.IR dir ]
.RB [ \-\-options
.IR file ]
.RI [ options ]
.B \-\-daemon
.RI [ command_line ]
@end ifset
@mansect description
The @command{scdaemon} is a daemon to manage smartcards. It is usually
invoked by gpg-agent and in general not used directly.
invoked by @command{gpg-agent} and in general not used directly.
@c man end
@xref{Option Index}, for an index to GPG-AGENTS's commands and options.
@manpause
@xref{Option Index}, for an index to @command{scdaemon}'s commands and
options.
@mancont
@menu
* Scdaemon Commands:: List of all commands.
@ -25,7 +52,7 @@ invoked by gpg-agent and in general not used directly.
* Scdaemon Protocol:: The protocol the daemon uses.
@end menu
@c man begin COMMANDS
@mansect commands
@node Scdaemon Commands
@section Commands
@ -73,7 +100,7 @@ This is mainly a debugging command, used to print the ATR
@end table
@c man begin OPTIONS
@mansect options
@node Scdaemon Options
@section Option Summary
@ -256,8 +283,7 @@ All the long options may also be given in the configuration file after
stripping off the two leading dashes.
@c man begin CARD APPLICATIONS
@mansect card applications
@node Card applications
@section Description of card applications
@ -304,6 +330,7 @@ This is common fraqmework for smart card applications. It is used by
@c
@c Examples
@c
@mansect examples
@node Scdaemon Examples
@section Examples
@ -318,6 +345,7 @@ $ scdaemon --server -v
@c
@c Assuan Protocol
@c
@mansect assuan
@node Scdaemon Protocol
@section Scdaemon's Assuan Protocol

1031
doc/yat2m.c Normal file

File diff suppressed because it is too large Load Diff