security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-28 22:49:59 +01:00
Code Activity

gpg: Un-deprecate option --auto-key-retrieve.

Browse Source 
* g10/gpg.c (main): Remove deprecation warning.
--

Most options for the keyserver have been moved to dirmngr and thus it
does not make sense to favor "--keyserver-options auto-key-retrieve"
over the direct options --auto-key-retrieve and --no-auto-key-retrieve.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2016-06-13 11:32:38 +02:00
parent 61e7fd68c0
commit 9e126af215
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 27 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
doc/gpg.texi
View File

@ -1292,8 +1292,8 @@ the opposite meaning. The options are:
Enable PKA lookups to verify sender addresses. Note that PKA is based Enable PKA lookups to verify sender addresses. Note that PKA is based
on DNS, and so enabling this option may disclose information on when on DNS, and so enabling this option may disclose information on when
and what signatures are verified or to whom data is encrypted. This and what signatures are verified or to whom data is encrypted. This
is similar to the "web bug" described for the auto-key-retrieve is similar to the "web bug" described for the @option{--auto-key-retrieve}
feature. option.
@item pka-trust-increase @item pka-trust-increase
@opindex verify-options:pka-trust-increase @opindex verify-options:pka-trust-increase
@ -1680,6 +1680,26 @@ mechanisms, in the order they are to be tried:
@end table @end table
@item --auto-key-retrieve
@itemx --no-auto-key-retrieve
@opindex auto-key-retrieve
@opindex no-auto-key-retrieve
This option enables the automatic retrieving of keys from a keyserver
when verifying signatures made by keys that are not on the local
keyring.
If the method "wkd" is included in the list of methods given to
@option{auto-key-locate}, the Signer's User ID is part of the
signature, and the option @option{--disable-signer-uid} is not used,
the "wkd" method may also be used to retrieve a key.
Note that this option makes a "web bug" like behavior possible.
Keyserver or Web Key Directory operators can see which keys you
request, so by sending you a message signed by a brand new key (which
you naturally will not have on your local keyring), the operator can
tell both your IP address and the time when you verified the
signature.
@item --keyid-format @code{none|short|0xshort|long|0xlong} @item --keyid-format @code{none|short|0xshort|long|0xlong}
@opindex keyid-format @opindex keyid-format
Select how to display key IDs. "none" does not show the key ID at all Select how to display key IDs. "none" does not show the key ID at all
@ -1738,19 +1758,7 @@ are available for all keyserver types, some common options are:
used with HKP keyservers. used with HKP keyservers.
@item auto-key-retrieve @item auto-key-retrieve
This option enables the automatic retrieving of keys from a keyserver This is the same as the option @option{auto-key-retrieve}.
when verifying signatures made by keys that are not on the local
keyring. If the method "wkd" is included in the list of methods
given to @option{auto-key-locate}, the Signer's User ID is part of
the signature, and the option @option{--disable-signer-uid} is not used,
the "wkd" method may also be used to retrieve a key.
Note that this option makes a "web bug" like behavior possible.
Keyserver or Web Key Directory operators can see which keys you
request, so by sending you a message signed by a brand new key (which
you naturally will not have on your local keyring), the operator can
tell both your IP address and the time when you verified the
signature.
@item honor-keyserver-url @item honor-keyserver-url
When using @option{--refresh-keys}, if the key in question has a preferred When using @option{--refresh-keys}, if the key in question has a preferred
@ -1762,9 +1770,9 @@ are available for all keyserver types, some common options are:
refreshed. Thus this option is not enabled by default. refreshed. Thus this option is not enabled by default.
@item honor-pka-record @item honor-pka-record
If auto-key-retrieve is set, and the signature being verified has a If @option{--auto-key-retrieve} is used, and the signature being
PKA record, then use the PKA information to fetch the key. Defaults verified has a PKA record, then use the PKA information to fetch
to "yes". the key. Defaults to "yes".
@item include-subkeys @item include-subkeys
When receiving a key, include subkeys as potential targets. Note that When receiving a key, include subkeys as potential targets. Note that
@ -2354,7 +2362,7 @@ By default the user ID of the signing key is embedded in the data
signature. As of now this is only done if the signing key has been signature. As of now this is only done if the signing key has been
specified with @option{local-user} using a mail address. This specified with @option{local-user} using a mail address. This
information can be helpful for verifier to locate the key; see information can be helpful for verifier to locate the key; see
@option{--auto-key-retrieve}. option @option{--auto-key-retrieve}.
@item --personal-cipher-preferences @code{string} @item --personal-cipher-preferences @code{string}
@opindex personal-cipher-preferences @opindex personal-cipher-preferences

6
g10/gpg.c
View File

@ -3150,12 +3150,6 @@ main (int argc, char **argv)
opt.keyserver_options.options|=KEYSERVER_AUTO_KEY_RETRIEVE; opt.keyserver_options.options|=KEYSERVER_AUTO_KEY_RETRIEVE;
else else
opt.keyserver_options.options&=~KEYSERVER_AUTO_KEY_RETRIEVE; opt.keyserver_options.options&=~KEYSERVER_AUTO_KEY_RETRIEVE;
deprecated_warning(configname,configlineno,
pargs.r_opt==oAutoKeyRetrieve?"--auto-key-retrieve":
"--no-auto-key-retrieve","--keyserver-options ",
pargs.r_opt==oAutoKeyRetrieve?"auto-key-retrieve":
"no-auto-key-retrieve");
break; break;
case oShowSessionKey: opt.show_session_key = 1; break; case oShowSessionKey: opt.show_session_key = 1; break;
case oOverrideSessionKey: case oOverrideSessionKey: