mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
gpg: New option --force-sign-key
* g10/gpg.c (oForceSignKey,opts): New option "--force-sign-key". (main): Set it. * g10/options.h (opt): New flag flags.force_sign_key. * g10/keyedit.c (sign_uids): Use new flag. -- GnuPG-bug-id: 4584
This commit is contained in:
parent
f3e68e39da
commit
87d7b7e075
29
doc/gpg.texi
29
doc/gpg.texi
@ -1114,7 +1114,9 @@ If a name is prefixed with a '=' a case sensitive exact match is done.
|
|||||||
|
|
||||||
The command @option{--quick-lsign-key} marks the signatures as
|
The command @option{--quick-lsign-key} marks the signatures as
|
||||||
non-exportable. If such a non-exportable signature already exists the
|
non-exportable. If such a non-exportable signature already exists the
|
||||||
@option{--quick-sign-key} turns it into a exportable signature.
|
@option{--quick-sign-key} turns it into a exportable signature. If
|
||||||
|
you need to update an existing signature, for example to add or change
|
||||||
|
notation data, you need to use the option @option{--force-sign-key}.
|
||||||
|
|
||||||
This command uses reasonable defaults and thus does not provide the
|
This command uses reasonable defaults and thus does not provide the
|
||||||
full flexibility of the "sign" subcommand from @option{--edit-key}.
|
full flexibility of the "sign" subcommand from @option{--edit-key}.
|
||||||
@ -1212,8 +1214,8 @@ encountered, you can explicitly stop parsing by using the special option
|
|||||||
@node GPG Configuration Options
|
@node GPG Configuration Options
|
||||||
@subsection How to change the configuration
|
@subsection How to change the configuration
|
||||||
|
|
||||||
These options are used to change the configuration and are usually found
|
These options are used to change the configuration and most of them
|
||||||
in the option file.
|
are usually found in the option file.
|
||||||
|
|
||||||
@table @gnupgtabopt
|
@table @gnupgtabopt
|
||||||
|
|
||||||
@ -1242,6 +1244,7 @@ one from the secret keyring or the one set with @option{--default-key}.
|
|||||||
@item --no-default-recipient
|
@item --no-default-recipient
|
||||||
@opindex no-default-recipient
|
@opindex no-default-recipient
|
||||||
Reset @option{--default-recipient} and @option{--default-recipient-self}.
|
Reset @option{--default-recipient} and @option{--default-recipient-self}.
|
||||||
|
Should not be used in an option file.
|
||||||
|
|
||||||
@item -v, --verbose
|
@item -v, --verbose
|
||||||
@opindex verbose
|
@opindex verbose
|
||||||
@ -1250,11 +1253,11 @@ twice, the input data is listed in detail.
|
|||||||
|
|
||||||
@item --no-verbose
|
@item --no-verbose
|
||||||
@opindex no-verbose
|
@opindex no-verbose
|
||||||
Reset verbose level to 0.
|
Reset verbose level to 0. Should not be used in an option file.
|
||||||
|
|
||||||
@item -q, --quiet
|
@item -q, --quiet
|
||||||
@opindex quiet
|
@opindex quiet
|
||||||
Try to be as quiet as possible.
|
Try to be as quiet as possible. Should not be used in an option file.
|
||||||
|
|
||||||
@item --batch
|
@item --batch
|
||||||
@itemx --no-batch
|
@itemx --no-batch
|
||||||
@ -1266,11 +1269,11 @@ filename given on the command line, gpg might still need to read from
|
|||||||
STDIN (in particular if gpg figures that the input is a
|
STDIN (in particular if gpg figures that the input is a
|
||||||
detached signature and no data file has been specified). Thus if you
|
detached signature and no data file has been specified). Thus if you
|
||||||
do not want to feed data via STDIN, you should connect STDIN to
|
do not want to feed data via STDIN, you should connect STDIN to
|
||||||
g@file{/dev/null}.
|
@file{/dev/null}.
|
||||||
|
|
||||||
It is highly recommended to use this option along with the options
|
It is highly recommended to use this option along with the options
|
||||||
@option{--status-fd} and @option{--with-colons} for any unattended use of
|
@option{--status-fd} and @option{--with-colons} for any unattended use of
|
||||||
@command{gpg}.
|
@command{gpg}. Should not be used in an option file.
|
||||||
|
|
||||||
@item --no-tty
|
@item --no-tty
|
||||||
@opindex no-tty
|
@opindex no-tty
|
||||||
@ -1280,11 +1283,11 @@ warnings to the TTY even if @option{--batch} is used.
|
|||||||
|
|
||||||
@item --yes
|
@item --yes
|
||||||
@opindex yes
|
@opindex yes
|
||||||
Assume "yes" on most questions.
|
Assume "yes" on most questions. Should not be used in an option file.
|
||||||
|
|
||||||
@item --no
|
@item --no
|
||||||
@opindex no
|
@opindex no
|
||||||
Assume "no" on most questions.
|
Assume "no" on most questions. Should not be used in an option file.
|
||||||
|
|
||||||
|
|
||||||
@item --list-options @var{parameters}
|
@item --list-options @var{parameters}
|
||||||
@ -1565,6 +1568,7 @@ default (@option{--no-utf8-strings}) is to assume that arguments are
|
|||||||
encoded in the character set as specified by
|
encoded in the character set as specified by
|
||||||
@option{--display-charset}. These options affect all following
|
@option{--display-charset}. These options affect all following
|
||||||
arguments. Both options may be used multiple times.
|
arguments. Both options may be used multiple times.
|
||||||
|
This option should not be used in an option file.
|
||||||
|
|
||||||
@anchor{gpg-option --options}
|
@anchor{gpg-option --options}
|
||||||
@item --options @var{file}
|
@item --options @var{file}
|
||||||
@ -3469,6 +3473,13 @@ You need to consult the source code to learn the details. Note that
|
|||||||
the advanced key generation commands can always be used to specify a
|
the advanced key generation commands can always be used to specify a
|
||||||
key algorithm directly.
|
key algorithm directly.
|
||||||
|
|
||||||
|
@item --force-sign-key
|
||||||
|
@opindex force-sign-key
|
||||||
|
This option modifies the behaviour of the commands
|
||||||
|
@option{--quick-sign-key}, @option{--quick-lsign-key}, and the "sign"
|
||||||
|
sub-commands of @option{--edit-key} by forcing the creation of a key
|
||||||
|
signature, even if one already exists.
|
||||||
|
|
||||||
@item --allow-secret-key-import
|
@item --allow-secret-key-import
|
||||||
@opindex allow-secret-key-import
|
@opindex allow-secret-key-import
|
||||||
This is an obsolete option and is not used anywhere.
|
This is an obsolete option and is not used anywhere.
|
||||||
|
@ -430,6 +430,7 @@ enum cmd_and_opt_values
|
|||||||
oUseOnlyOpenPGPCard,
|
oUseOnlyOpenPGPCard,
|
||||||
oIncludeKeyBlock,
|
oIncludeKeyBlock,
|
||||||
oNoIncludeKeyBlock,
|
oNoIncludeKeyBlock,
|
||||||
|
oForceSignKey,
|
||||||
|
|
||||||
oNoop
|
oNoop
|
||||||
};
|
};
|
||||||
@ -838,6 +839,7 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
|
ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
|
||||||
ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
|
ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
|
||||||
ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
|
ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
|
||||||
|
ARGPARSE_s_n (oForceSignKey, "force-sign-key", "@"),
|
||||||
|
|
||||||
/* Aliases. I constantly mistype these, and assume other people do
|
/* Aliases. I constantly mistype these, and assume other people do
|
||||||
as well. */
|
as well. */
|
||||||
@ -2674,6 +2676,9 @@ main (int argc, char **argv)
|
|||||||
|
|
||||||
case oAnswerYes: opt.answer_yes = 1; break;
|
case oAnswerYes: opt.answer_yes = 1; break;
|
||||||
case oAnswerNo: opt.answer_no = 1; break;
|
case oAnswerNo: opt.answer_no = 1; break;
|
||||||
|
|
||||||
|
case oForceSignKey: opt.flags.force_sign_key = 1; break;
|
||||||
|
|
||||||
case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break;
|
case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break;
|
||||||
case oPrimaryKeyring:
|
case oPrimaryKeyring:
|
||||||
sl = append_to_strlist (&nrings, pargs.r.ret_str);
|
sl = append_to_strlist (&nrings, pargs.r.ret_str);
|
||||||
|
@ -751,10 +751,11 @@ sign_uids (ctrl_t ctrl, estream_t fp,
|
|||||||
_("\"%s\" was already signed by key %s\n"),
|
_("\"%s\" was already signed by key %s\n"),
|
||||||
user, keystr_from_pk (pk));
|
user, keystr_from_pk (pk));
|
||||||
|
|
||||||
if (opt.expert && !quick
|
if (opt.flags.force_sign_key
|
||||||
&& cpr_get_answer_is_yes ("sign_uid.dupe_okay",
|
|| (opt.expert && !quick
|
||||||
_("Do you want to sign it "
|
&& cpr_get_answer_is_yes ("sign_uid.dupe_okay",
|
||||||
"again anyway? (y/N) ")))
|
_("Do you want to sign it "
|
||||||
|
"again anyway? (y/N) "))))
|
||||||
{
|
{
|
||||||
/* Don't delete the old sig here since this is
|
/* Don't delete the old sig here since this is
|
||||||
an --expert thing. */
|
an --expert thing. */
|
||||||
|
@ -241,6 +241,8 @@ struct
|
|||||||
/* Force the use of the OpenPGP card and do not allow the use of
|
/* Force the use of the OpenPGP card and do not allow the use of
|
||||||
* another card. */
|
* another card. */
|
||||||
unsigned int use_only_openpgp_card:1;
|
unsigned int use_only_openpgp_card:1;
|
||||||
|
/* Force signing keys even if a key signature already exists. */
|
||||||
|
unsigned int force_sign_key:1;
|
||||||
} flags;
|
} flags;
|
||||||
|
|
||||||
/* Linked list of ways to find a key if the key isn't on the local
|
/* Linked list of ways to find a key if the key isn't on the local
|
||||||
|
Loading…
x
Reference in New Issue
Block a user