security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-05-28 21:50:02 +02:00
Code Activity

gpg: Add new option --only-sign-text-ids.

Browse Source 
* g10/options.h (opt): Add field only_sign_text_ids.
* g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs.
(opts): Handle oOnlySignTextIDs.
(main): Likewise.
* g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't
select non-text based IDs automatically.
(keyedit_menu): Adapt the prompt asking to sign all user ids according
to OPT.ONLY_SIGN_TEXT_IDS.
* doc/gpg.texi: Document the new option --only-sign-text-ids.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 1241
Debian-bug-id: 569702
This commit is contained in:
Neal H. Walfield 2015-11-06 13:14:57 +01:00
parent f99830b728
commit a74aeb5dae
4 changed files with 45 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/gpg.texi
View File

@ -650,6 +650,10 @@ and "t" (for trust) may be freely mixed and prefixed to "sign" to
create a signature of any type desired. create a signature of any type desired.
@c man:.RE @c man:.RE
If the option @option{--only-sign-text-ids} is specified, then any
non-text based user ids (e.g., photo IDs) will not be selected for
signing.
@table @asis @table @asis
@item delsig @item delsig

5
g10/gpg.c
View File

@ -392,6 +392,7 @@ enum cmd_and_opt_values
oTOFUDBFormat, oTOFUDBFormat,
oWeakDigest, oWeakDigest,
oUnwrap, oUnwrap,
oOnlySignTextIDs,
oNoop oNoop
}; };
@ -755,6 +756,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"), ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
/* Aliases. I constantly mistype these, and assume other people do /* Aliases. I constantly mistype these, and assume other people do
as well. */ as well. */
@ -3308,6 +3310,9 @@ main (int argc, char **argv)
case oUnwrap: case oUnwrap:
opt.unwrap_encryption = 1; opt.unwrap_encryption = 1;
break; break;
case oOnlySignTextIDs:
opt.only_sign_text_ids = 1;
break;
case oDisplay: case oDisplay:
set_opt_session_env ("DISPLAY", pargs.r.ret_str); set_opt_session_env ("DISPLAY", pargs.r.ret_str);

50
g10/keyedit.c
View File

@ -1,6 +1,7 @@
/* keyedit.c - Edit properties of a key /* keyedit.c - Edit properties of a key
* Copyright (C) 1998-2010 Free Software Foundation, Inc. * Copyright (C) 1998-2010 Free Software Foundation, Inc.
* Copyright (C) 1998-2015 Werner Koch * Copyright (C) 1998-2015 Werner Koch
* Copyright (C) 2015 g10 Code GmbH
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -614,7 +615,16 @@ sign_uids (ctrl_t ctrl, estream_t fp,
user = utf8_to_native (uidnode->pkt->pkt.user_id->name, user = utf8_to_native (uidnode->pkt->pkt.user_id->name,
uidnode->pkt->pkt.user_id->len, 0); uidnode->pkt->pkt.user_id->len, 0);
if (uidnode->pkt->pkt.user_id->is_revoked) if (opt.only_sign_text_ids
&& uidnode->pkt->pkt.user_id->attribs)
{
tty_fprintf (fp, _("Skipping User ID \"%s\","
" which is not a text ID.\n"),
user);
uidnode->flag &= ~NODFLG_MARK_A;
uidnode = NULL;
}
else if (uidnode->pkt->pkt.user_id->is_revoked)
{ {
tty_fprintf (fp, _("User ID \"%s\" is revoked."), user); tty_fprintf (fp, _("User ID \"%s\" is revoked."), user);
@ -1742,21 +1752,31 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
} }
} }
if (count_uids (keyblock) > 1 && !count_selected_uids (keyblock) if (count_uids (keyblock) > 1 && !count_selected_uids (keyblock))
&& !cpr_get_answer_is_yes ("keyedit.sign_all.okay", {
_("Really sign all user IDs?" int result;
" (y/N) "))) if (opt.only_sign_text_ids)
{ result = cpr_get_answer_is_yes
if (opt.interactive) ("keyedit.sign_all.okay",
interactive = 1; _("Really sign all user IDs? (y/N) "));
else else
{ result = cpr_get_answer_is_yes
tty_printf (_("Hint: Select the user IDs to sign\n")); ("keyedit.sign_all.okay",
have_commands = 0; _("Really sign all text user IDs? (y/N) "));
break;
}
} if (! result)
{
if (opt.interactive)
interactive = 1;
else
{
tty_printf (_("Hint: Select the user IDs to sign\n"));
have_commands = 0;
break;
}
}
}
/* What sort of signing are we doing? */ /* What sort of signing are we doing? */
if (!parse_sign_type if (!parse_sign_type
(answer, &localsig, &nonrevokesig, &trustsig)) (answer, &localsig, &nonrevokesig, &trustsig))

1
g10/options.h
View File

@ -264,6 +264,7 @@ struct
int pinentry_mode; int pinentry_mode;
int unwrap_encryption; int unwrap_encryption;
int only_sign_text_ids;
} opt; } opt;
/* CTRL is used to keep some global variables we currently can't /* CTRL is used to keep some global variables we currently can't