* options.h, mainproc.c (check_sig_and_print), gpg.c (main):

pka-lookups, not pka-lookup. * options.h, gpg.c (main), keyedit.c [cmds], sig-check.c (signature_check2): Rename "backsign" to "cross-certify" as a more accurate name.
2025-01-03 12:11:33 +01:00 · 2006-03-08 02:40:42 +00:00 · 2006-03-08 02:40:42 +00:00 · 90d8377276
commit 90d8377276
parent 07c48cf29e
6 changed files with 27 additions and 14 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,5 +1,12 @@
 2006-03-07  David Shaw  <dshaw@jabberwocky.com>

+	* options.h, mainproc.c (check_sig_and_print), gpg.c (main):
+	pka-lookups, not pka-lookup.
+
+	* options.h, gpg.c (main), keyedit.c [cmds], sig-check.c
+	(signature_check2): Rename "backsign" to "cross-certify" as a more
+	accurate name.
+
 	* options.h, gpg.c (main, parse_trust_model), pkclist.c
 	(check_signatures_trust), mainproc.c (check_sig_and_print,
 	pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -357,8 +357,8 @@ enum cmd_and_opt_values
    octapiDriver,
    opcscDriver,
    oDisableCCID,
-    oRequireBacksigs,
-    oNoRequireBacksigs,
+    oRequireCrossCert,
+    oNoRequireCrossCert,
    oAutoKeyLocate,
    oNoAutoKeyLocate,
    oAllowMultisigVerification,
@ -706,8 +706,10 @@ static ARGPARSE_OPTS opts[] = {
       I'm returning the favor. */
    { oLocalUser, "sign-with", 2, "@" },
    { oRecipient, "user", 2, "@" },
-    { oRequireBacksigs, "require-backsigs", 0, "@"},
-    { oNoRequireBacksigs, "no-require-backsigs", 0, "@"},
+    { oRequireCrossCert, "require-backsigs", 0, "@"},
+    { oRequireCrossCert, "require-cross-certification", 0, "@"},
+    { oNoRequireCrossCert, "no-require-backsigs", 0, "@"},
+    { oNoRequireCrossCert, "no-require-cross-certification", 0, "@"},
    { oAutoKeyLocate, "auto-key-locate", 2, "@"},
    { oNoAutoKeyLocate, "no-auto-key-locate", 0, "@"},
    {0,NULL,0,NULL}
@ -2462,7 +2464,7 @@ main (int argc, char **argv )
 		   N_("show user ID validity during signature verification")},
 		  {"show-unusable-uids",VERIFY_SHOW_UNUSABLE_UIDS,NULL,
 		   N_("show revoked and expired user IDs in signature verification")},
-		  {"pka-lookup",VERIFY_PKA_LOOKUP,NULL,
+		  {"pka-lookups",VERIFY_PKA_LOOKUPS,NULL,
 		   N_("validate signatures with PKA data")},
 		  {"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL,
 		   N_("elevate the trust of signatures with valid PKA data")},
@ -2625,8 +2627,8 @@ main (int argc, char **argv )
            opt.limit_card_insert_tries = pargs.r.ret_int; 
            break;

-	  case oRequireBacksigs: opt.require_backsigs=1; break;
-	  case oNoRequireBacksigs: opt.require_backsigs=0; break;
+	  case oRequireCrossCert: opt.flags.require_cross_cert=1; break;
+	  case oNoRequireCrossCert: opt.flags.require_cross_cert=0; break;

 	  case oAutoKeyLocate:
 	    if(!parse_auto_key_locate(pargs.r.ret_str))
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -1363,6 +1363,7 @@ static struct
    { "key"     , cmdSELKEY    , 0, N_("select subkey N") },
    { "check"   , cmdCHECK     , 0, N_("check signatures") },
    { "c"       , cmdCHECK     , 0, NULL },
+    { "cross-certify", cmdBACKSIGN  , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
    { "backsign", cmdBACKSIGN  , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
    { "sign"    , cmdSIGN      , KEYEDIT_NOT_SK|KEYEDIT_TAIL_MATCH,
      N_("sign selected user IDs [* see below for related commands]") },
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -1866,7 +1866,7 @@ check_sig_and_print( CTX c, KBNODE node )

 	if (!rc)
          {
-	    if(opt.verify_options&VERIFY_PKA_LOOKUP)
+	    if(opt.verify_options&VERIFY_PKA_LOOKUPS)
 	      pka_uri_from_sig (sig); /* Make sure PKA info is available. */
 	    rc = check_signatures_trust( sig );
          }
--- a/g10/options.h
+++ b/g10/options.h
@ -215,10 +215,13 @@ struct
  int disable_ccid;    /* Disable the use of the internal CCID driver. */
 #endif /*ENABLE_CARD_SUPPORT*/

-  /* If set, require an 0x19 backsig to be present on signatures made
-     by signing subkeys.  If not set, a missing backsig is not an
-     error (but an invalid backsig still is). */
-  int require_backsigs;
+  struct
+  {
+    /* If set, require an 0x19 backsig to be present on signatures
+       made by signing subkeys.  If not set, a missing backsig is not
+       an error (but an invalid backsig still is). */
+    unsigned int require_cross_cert:1;
+  } flags;

  /* Linked list of ways to find a key if the key isn't on the local
     keyring. */
@ -314,7 +317,7 @@ struct {
 #define VERIFY_SHOW_KEYSERVER_URLS       (1<<4)
 #define VERIFY_SHOW_UID_VALIDITY         (1<<5)
 #define VERIFY_SHOW_UNUSABLE_UIDS        (1<<6)
-#define VERIFY_PKA_LOOKUP                (1<<7)
+#define VERIFY_PKA_LOOKUPS               (1<<7)
 #define VERIFY_PKA_TRUST_INCREASE        (1<<8)

 #define KEYSERVER_USE_TEMP_FILES         (1<<0)
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@ -100,7 +100,7 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest, u32 *r_expiredate,
 	       have backsigs, change this to always give the warning,
 	       and have --require-backsigs enable or disable the
 	       G10ERR_GENERAL. */
-	    if(pk->backsig==0 && opt.require_backsigs)
+	    if(pk->backsig==0 && opt.flags.require_cross_cert)
 	      {
 		log_info(_("WARNING: signing subkey %s is not"
 			   " cross-certified\n"),keystr_from_pk(pk));