security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-09-25 15:41:41 +02:00
Code Activity

* plaintext.c: Copyright.

Browse Source 
* encode.c (encode_simple): Show cipher with --verbose.

* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level.  If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.

* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
This commit is contained in:
David Shaw 2004-02-24 23:37:18 +00:00
parent be94975af6
commit a84fe549da
7 changed files with 201 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
g10/ChangeLog
View File

@ -1,3 +1,18 @@
2004-02-24 David Shaw <dshaw@jabberwocky.com>
* plaintext.c: Copyright.
* encode.c (encode_simple): Show cipher with --verbose.
* options.h, g10.c (main), keyedit.c (sign_keys): Add
--ask-cert-level option to enable cert level prompts during
sigs. Defaults to on. Simplify --default-cert-check-level to
--default-cert-level. If ask-cert-level is off, or batch is on,
use the default-cert-level as the cert level.
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs):
Simplify --min-cert-check-level to --min-cert-level.
2004-02-22 David Shaw <dshaw@jabberwocky.com> 2004-02-22 David Shaw <dshaw@jabberwocky.com>
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add

8
g10/encode.c
View File

@ -1,6 +1,6 @@
/* encode.c - encode data /* encode.c - encode data
* Copyright (C) 1998, 1999, 2000, 2001, 2002, * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2003 Free Software Foundation, Inc. * 2004 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -217,6 +217,10 @@ encode_simple( const char *filename, int mode, int use_seskey )
m_free( cfx.dek ); cfx.dek = dek; m_free( cfx.dek ); cfx.dek = dek;
} }
if(opt.verbose)
log_info(_("using cipher %s\n"),
cipher_algo_to_string(cfx.dek->algo));
cfx.dek->use_mdc=use_mdc(NULL,cfx.dek->algo); cfx.dek->use_mdc=use_mdc(NULL,cfx.dek->algo);
} }

33
g10/g10.c
View File

@ -148,12 +148,14 @@ enum cmd_and_opt_values
oNoAskSigExpire, oNoAskSigExpire,
oAskCertExpire, oAskCertExpire,
oNoAskCertExpire, oNoAskCertExpire,
oAskCertLevel,
oNoAskCertLevel,
oFingerprint, oFingerprint,
oWithFingerprint, oWithFingerprint,
oAnswerYes, oAnswerYes,
oAnswerNo, oAnswerNo,
oDefCertCheckLevel, oDefCertLevel,
oMinCertCheckLevel, oMinCertLevel,
oKeyring, oKeyring,
oPrimaryKeyring, oPrimaryKeyring,
oSecretKeyring, oSecretKeyring,
@ -437,6 +439,8 @@ static ARGPARSE_OPTS opts[] = {
{ oNoAskSigExpire, "no-ask-sig-expire", 0, "@"}, { oNoAskSigExpire, "no-ask-sig-expire", 0, "@"},
{ oAskCertExpire, "ask-cert-expire", 0, "@"}, { oAskCertExpire, "ask-cert-expire", 0, "@"},
{ oNoAskCertExpire, "no-ask-cert-expire", 0, "@"}, { oNoAskCertExpire, "no-ask-cert-expire", 0, "@"},
{ oAskCertLevel, "ask-cert-level", 0, "@"},
{ oNoAskCertLevel, "no-ask-cert-level", 0, "@"},
{ oOutput, "output", 2, N_("use as output file")}, { oOutput, "output", 2, N_("use as output file")},
{ oMaxOutput, "max-output", 16|4, "@" }, { oMaxOutput, "max-output", 16|4, "@" },
{ oVerbose, "verbose", 0, N_("verbose") }, { oVerbose, "verbose", 0, N_("verbose") },
@ -567,8 +571,9 @@ static ARGPARSE_OPTS opts[] = {
{ oSkipVerify, "skip-verify",0, "@" }, { oSkipVerify, "skip-verify",0, "@" },
{ oCompressKeys, "compress-keys",0, "@"}, { oCompressKeys, "compress-keys",0, "@"},
{ oCompressSigs, "compress-sigs",0, "@"}, { oCompressSigs, "compress-sigs",0, "@"},
{ oDefCertCheckLevel, "default-cert-check-level", 1, "@"}, { oDefCertLevel, "default-cert-check-level", 1, "@"}, /* Old option */
{ oMinCertCheckLevel, "min-cert-check-level", 1, "@"}, { oDefCertLevel, "default-cert-level", 1, "@"},
{ oMinCertLevel, "min-cert-level", 1, "@"},
{ oAlwaysTrust, "always-trust", 0, "@"}, { oAlwaysTrust, "always-trust", 0, "@"},
{ oTrustModel, "trust-model", 2, "@"}, { oTrustModel, "trust-model", 2, "@"},
{ oForceOwnertrust, "force-ownertrust", 2, "@"}, { oForceOwnertrust, "force-ownertrust", 2, "@"},
@ -1440,7 +1445,7 @@ main( int argc, char **argv )
VERIFY_SHOW_POLICY_URLS|VERIFY_SHOW_NOTATIONS|VERIFY_SHOW_KEYSERVER_URLS; VERIFY_SHOW_POLICY_URLS|VERIFY_SHOW_NOTATIONS|VERIFY_SHOW_KEYSERVER_URLS;
opt.trust_model=TM_AUTO; opt.trust_model=TM_AUTO;
opt.mangle_dos_filenames=0; opt.mangle_dos_filenames=0;
opt.min_cert_check_level=2; opt.min_cert_level=2;
set_screen_dimensions(); set_screen_dimensions();
#if defined (_WIN32) #if defined (_WIN32)
set_homedir ( read_w32_registry_string( NULL, set_homedir ( read_w32_registry_string( NULL,
@ -1781,8 +1786,8 @@ main( int argc, char **argv )
break; break;
case oNoArmor: opt.no_armor=1; opt.armor=0; break; case oNoArmor: opt.no_armor=1; opt.armor=0; break;
case oNoDefKeyring: default_keyring = 0; break; case oNoDefKeyring: default_keyring = 0; break;
case oDefCertCheckLevel: opt.def_cert_check_level=pargs.r.ret_int; break; case oDefCertLevel: opt.def_cert_level=pargs.r.ret_int; break;
case oMinCertCheckLevel: opt.min_cert_check_level=pargs.r.ret_int; break; case oMinCertLevel: opt.min_cert_level=pargs.r.ret_int; break;
case oNoGreeting: nogreeting = 1; break; case oNoGreeting: nogreeting = 1; break;
case oNoVerbose: g10_opt_verbose = 0; case oNoVerbose: g10_opt_verbose = 0;
opt.verbose = 0; opt.list_sigs=0; break; opt.verbose = 0; opt.list_sigs=0; break;
@ -1997,6 +2002,8 @@ main( int argc, char **argv )
case oNoAskSigExpire: opt.ask_sig_expire = 0; break; case oNoAskSigExpire: opt.ask_sig_expire = 0; break;
case oAskCertExpire: opt.ask_cert_expire = 1; break; case oAskCertExpire: opt.ask_cert_expire = 1; break;
case oNoAskCertExpire: opt.ask_cert_expire = 0; break; case oNoAskCertExpire: opt.ask_cert_expire = 0; break;
case oAskCertLevel: opt.ask_cert_level = 1; break;
case oNoAskCertLevel: opt.ask_cert_level = 0; break;
case oUser: /* store the local users */ case oUser: /* store the local users */
add_to_strlist2( &locusr, pargs.r.ret_str, utf8_strings ); add_to_strlist2( &locusr, pargs.r.ret_str, utf8_strings );
break; break;
@ -2480,8 +2487,10 @@ main( int argc, char **argv )
log_error(_("marginals-needed must be greater than 1\n")); log_error(_("marginals-needed must be greater than 1\n"));
if( opt.max_cert_depth < 1 || opt.max_cert_depth > 255 ) if( opt.max_cert_depth < 1 || opt.max_cert_depth > 255 )
log_error(_("max-cert-depth must be in the range from 1 to 255\n")); log_error(_("max-cert-depth must be in the range from 1 to 255\n"));
if( opt.min_cert_check_level < 1 || opt.min_cert_check_level > 3 ) if(opt.def_cert_level<0 || opt.def_cert_level>3)
log_error(_("min-cert-check-level must be in the range from 1 to 3\n")); log_error(_("invalid default-cert-level; must be 0, 1, 2, or 3\n"));
if( opt.min_cert_level < 1 || opt.min_cert_level > 3 )
log_error(_("invalid min-cert-level; must be 1, 2, or 3\n"));
switch( opt.s2k_mode ) { switch( opt.s2k_mode ) {
case 0: case 0:
log_info(_("NOTE: simple S2K mode (0) is strongly discouraged\n")); log_info(_("NOTE: simple S2K mode (0) is strongly discouraged\n"));
@ -2491,16 +2500,14 @@ main( int argc, char **argv )
log_error(_("invalid S2K mode; must be 0, 1 or 3\n")); log_error(_("invalid S2K mode; must be 0, 1 or 3\n"));
} }
if(opt.def_cert_check_level<0 || opt.def_cert_check_level>3)
log_error(_("invalid default-check-level; must be 0, 1, 2, or 3\n"));
/* This isn't actually needed, but does serve to error out if the /* This isn't actually needed, but does serve to error out if the
string is invalid. */ string is invalid. */
if(opt.def_preference_list && if(opt.def_preference_list &&
keygen_set_std_prefs(opt.def_preference_list,0)) keygen_set_std_prefs(opt.def_preference_list,0))
log_error(_("invalid default preferences\n")); log_error(_("invalid default preferences\n"));
/* We provide defaults for the personal digest list */ /* We provide defaults for the personal digest list. This is
SHA-1. */
if(!pers_digest_list) if(!pers_digest_list)
pers_digest_list="h2"; pers_digest_list="h2";

14
g10/keyedit.c
View File

@ -761,8 +761,8 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
; ;
else else
{ {
if(opt.batch) if(opt.batch || !opt.ask_cert_level)
class=0x10+opt.def_cert_check_level; class=0x10+opt.def_cert_level;
else else
{ {
char *answer; char *answer;
@ -773,13 +773,13 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
"answer, enter \"0\".\n")); "answer, enter \"0\".\n"));
tty_printf("\n"); tty_printf("\n");
tty_printf(_(" (0) I will not answer.%s\n"), tty_printf(_(" (0) I will not answer.%s\n"),
opt.def_cert_check_level==0?" (default)":""); opt.def_cert_level==0?" (default)":"");
tty_printf(_(" (1) I have not checked at all.%s\n"), tty_printf(_(" (1) I have not checked at all.%s\n"),
opt.def_cert_check_level==1?" (default)":""); opt.def_cert_level==1?" (default)":"");
tty_printf(_(" (2) I have done casual checking.%s\n"), tty_printf(_(" (2) I have done casual checking.%s\n"),
opt.def_cert_check_level==2?" (default)":""); opt.def_cert_level==2?" (default)":"");
tty_printf(_(" (3) I have done very careful checking.%s\n"), tty_printf(_(" (3) I have done very careful checking.%s\n"),
opt.def_cert_check_level==3?" (default)":""); opt.def_cert_level==3?" (default)":"");
tty_printf("\n"); tty_printf("\n");
while(class==0) while(class==0)
@ -787,7 +787,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
answer = cpr_get("sign_uid.class",_("Your selection? " answer = cpr_get("sign_uid.class",_("Your selection? "
"(enter '?' for more information): ")); "(enter '?' for more information): "));
if(answer[0]=='\0') if(answer[0]=='\0')
class=0x10+opt.def_cert_check_level; /* Default */ class=0x10+opt.def_cert_level; /* Default */
else if(ascii_strcasecmp(answer,"0")==0) else if(ascii_strcasecmp(answer,"0")==0)
class=0x10; /* Generic */ class=0x10; /* Generic */
else if(ascii_strcasecmp(answer,"1")==0) else if(ascii_strcasecmp(answer,"1")==0)

8
g10/options.h
View File

@ -38,7 +38,8 @@
#endif #endif
EXTERN_UNLESS_MAIN_MODULE EXTERN_UNLESS_MAIN_MODULE
struct { struct
{
int verbose; int verbose;
int quiet; int quiet;
unsigned debug; unsigned debug;
@ -76,8 +77,9 @@ struct {
const char *def_secret_key; const char *def_secret_key;
char *def_recipient; char *def_recipient;
int def_recipient_self; int def_recipient_self;
int def_cert_check_level; int def_cert_level;
int min_cert_check_level; int min_cert_level;
int ask_cert_level;
int sk_comments; int sk_comments;
int no_version; int no_version;
int marginals_needed; int marginals_needed;

3
g10/plaintext.c
View File

@ -1,5 +1,6 @@
/* plaintext.c - process plaintext packets /* plaintext.c - process plaintext packets
* Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc. * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2004 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *

2
g10/trustdb.c
View File

@ -1382,7 +1382,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
if (!IS_UID_SIG(sig) && !IS_UID_REV(sig)) if (!IS_UID_SIG(sig) && !IS_UID_REV(sig))
continue; /* we only look at these signature classes */ continue; /* we only look at these signature classes */
if(sig->sig_class>=0x11 && sig->sig_class<=0x13 && if(sig->sig_class>=0x11 && sig->sig_class<=0x13 &&
sig->sig_class-0x10<opt.min_cert_check_level) sig->sig_class-0x10<opt.min_cert_level)
continue; continue;
if (!is_in_klist (klist, sig)) if (!is_in_klist (klist, sig))
continue; /* no need to check it then */ continue; /* no need to check it then */