1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00

doc: Update from master.

This commit is contained in:
Werner Koch 2014-06-23 16:09:34 +02:00
parent 0d0961c483
commit bfc7893bda
2 changed files with 330 additions and 103 deletions

View File

@ -906,6 +906,24 @@ Signs a public key with your secret key but marks it as
non-exportable. This is a shortcut version of the subcommand "lsign"
from @option{--edit-key}.
@ifset gpgtwoone
@item --quick-sign-key @code{fpr} [@code{names}]
@itemx --quick-lsign-key @code{name}
@opindex quick-sign-key
@opindex quick-lsign-key
Directly sign a key from the passphrase without any further user
interaction. The @code{fpr} must be the verified primary fingerprint
of a key in the local keyring. If no @code{names} are given, all
useful user ids are signed; with given [@code{names}] only useful user
ids matching one of theses names are signed. The command
@option{--quick-lsign-key} marks the signatures as non-exportable.
This command uses reasonable defaults and thus does not provide the
full flexibility of the "sign" subcommand from @option{--edit-key}.
Its intended use to help unattended signing using a list of verified
fingerprints.
@end ifset
@ifclear gpgone
@item --passwd @var{user_id}
@opindex passwd
@ -1177,7 +1195,7 @@ for the key fingerprint, "%t" for the extension of the image type
(e.g. "jpg"), "%T" for the MIME type of the image (e.g. "image/jpeg"),
"%v" for the single-character calculated validity of the image being
viewed (e.g. "f"), "%V" for the calculated validity as a string (e.g.
"full"),
"full"), "%U" for a base32 encoded hash of the user ID,
and "%%" for an actual percent sign. If neither %i or %I are present,
then the photo will be supplied to the viewer on standard input.
@ -1431,7 +1449,9 @@ Set what trust model GnuPG should follow. The models are:
trusted. You generally won't use this unless you are using some
external validation scheme. This option also suppresses the
"[uncertain]" tag printed with signature checks when there is no
evidence that the user ID is bound to the key.
evidence that the user ID is bound to the key. Note that this
trust model still does not allow the use of expired, revoked, or
disabled keys.
@item auto
@opindex trust-mode:auto
@ -1482,6 +1502,10 @@ mechanisms, in the order they are to be tried:
position of this mechanism in the list does not matter. It is not
required if @code{local} is also used.
@item clear
Clear all defined mechanisms. This is useful to override
mechanisms given in a config file.
@end table
@item --keyid-format @code{short|0xshort|long|0xlong}
@ -1606,16 +1630,29 @@ are available for all keyserver types, some common options are:
program uses internally (libcurl, openldap, etc).
@item check-cert
@ifset gpgtwoone
This option has no more function since GnuPG 2.1. Use the
@code{dirmngr} configuration options instead.
@end ifset
@ifclear gpgtwoone
Enable certificate checking if the keyserver presents one (for hkps or
ldaps). Defaults to on.
@end ifclear
@item ca-cert-file
@ifset gpgtwoone
This option has no more function since GnuPG 2.1. Use the
@code{dirmngr} configuration options instead.
@end ifset
@ifclear gpgtwoone
Provide a certificate store to override the system default. Only
necessary if check-cert is enabled, and the keyserver is using a
certificate that is not present in a system default certificate list.
Note that depending on the SSL library that the keyserver helper is
built with, this may actually be a directory or a file.
@end ifclear
@end table
@item --completes-needed @code{n}
@ -1696,6 +1733,25 @@ been given. Given that this option is not anymore used by
@command{gpg2}, it should be avoided if possible.
@end ifset
@ifclear gpgone
@item --agent-program @var{file}
@opindex agent-program
Specify an agent program to be used for secret key operations. The
default value is the @file{/usr/bin/gpg-agent}. This is only used
as a fallback when the environment variable @code{GPG_AGENT_INFO} is not
set or a running agent cannot be connected.
@end ifclear
@ifset gpgtwoone
@item --dirmngr-program @var{file}
@opindex dirmngr-program
Specify a dirmngr program to be used for keyserver access. The
default value is @file{/usr/sbin/dirmngr}. This is only used as a
fallback when the environment variable @code{DIRMNGR_INFO} is not set or
a running dirmngr cannot be connected.
@end ifset
@item --lock-once
@opindex lock-once
Lock the databases the first time a lock is requested
@ -2053,6 +2109,15 @@ Since GnuPG 2.0.10, this mode is always used and thus this option is
obsolete; it does not harm to use it though.
@end ifclear
@ifset gpgtwoone
@item --legacy-list-mode
@opindex legacy-list-mode
Revert to the pre-2.1 public key list mode. This only affects the
human readable output and not the machine interface
(i.e. @code{--with-colons}). Note that the legacy format does not
allow to convey suitable information for elliptic curves.
@end ifset
@item --with-fingerprint
@opindex with-fingerprint
Same as the command @option{--fingerprint} but changes only the format
@ -2062,6 +2127,12 @@ of the output and may be used together with another command.
@item --with-keygrip
@opindex with-keygrip
Include the keygrip in the key listings.
@item --with-secret
@opindex with-secret
Include info about the presence of a secret key in public key listings
done with @code{--with-colons}.
@end ifset
@end table
@ -2244,9 +2315,13 @@ a message that PGP 2.x will not be able to handle. Note that `PGP
available, but the MIT release is a good common baseline.
This option implies @option{--rfc1991 --disable-mdc
--no-force-v4-certs --escape-from-lines --force-v3-sigs --cipher-algo
IDEA --digest-algo MD5 --compress-algo ZIP}. It also disables
@option{--textmode} when encrypting.
--no-force-v4-certs --escape-from-lines --force-v3-sigs
@ifclear gpgone
--allow-weak-digest-algos
@end ifclear
--cipher-algo IDEA --digest-algo
MD5--compress-algo ZIP}. It also disables @option{--textmode} when
encrypting.
@item --pgp6
@opindex pgp6
@ -2702,6 +2777,14 @@ necessary to get as much data as possible out of the corrupt message.
However, be aware that a MDC protection failure may also mean that the
message was tampered with intentionally by an attacker.
@ifclear gpgone
@item --allow-weak-digest-algos
@opindex allow-weak-digest-algos
Signatures made with the broken MD5 algorithm are normally rejected
with an ``invalid digest algorithm'' message. This option allows the
verification of signatures made with such weak algorithms.
@end ifclear
@item --no-default-keyring
@opindex no-default-keyring
Do not add the default keyrings to the list of keyrings. Note that
@ -2963,18 +3046,33 @@ files; They all live in in the current home directory (@pxref{option
@table @file
@item ~/.gnupg/secring.gpg
The secret keyring. You should backup this file.
@item ~/.gnupg/secring.gpg.lock
The lock file for the secret keyring.
@item ~/.gnupg/pubring.gpg
The public keyring. You should backup this file.
@item ~/.gnupg/pubring.gpg.lock
The lock file for the public keyring.
@ifset gpgtwoone
@item ~/.gnupg/pubring.kbx
The public keyring using a different format. This file is sharred
with @command{gpgsm}. You should backup this file.
@item ~/.gnupg/pubring.kbx.lock
The lock file for @file{pubring.kbx}.
@end ifset
@item ~/.gnupg/secring.gpg
@ifclear gpgtwoone
The secret keyring. You should backup this file.
@end ifclear
@ifset gpgtwoone
A secret keyring as used by GnuPG versions before 2.1. It is not
used by GnuPG 2.1 and later.
@item ~/.gnupg/.gpg-v21-migrated
File indicating that a migration to GnuPG 2.1 has taken place.
@end ifset
@item ~/.gnupg/trustdb.gpg
The trust database. There is no need to backup this file; it is better
to backup the ownertrust values (@pxref{option --export-ownertrust}).
@ -2985,6 +3083,9 @@ files; They all live in in the current home directory (@pxref{option
@item ~/.gnupg/random_seed
A file used to preserve the state of the internal random pool.
@item ~/.gnupg/secring.gpg.lock
The lock file for the secret keyring.
@item /usr[/local]/share/gnupg/options.skel
The skeleton options file.

View File

@ -1,5 +1,5 @@
/* yat2m.c - Yet Another Texi 2 Man converter
* Copyright (C) 2005 g10 Code GmbH
* Copyright (C) 2005, 2013 g10 Code GmbH
* Copyright (C) 2006, 2008, 2011 Free Software Foundation, Inc.
*
* This program is free software; you can redistribute it and/or modify
@ -17,7 +17,7 @@
*/
/*
This is a simple textinfo to man page converter. It needs some
This is a simple texinfo to man page converter. It needs some
special markup in th e texinfo and tries best to get a create man
page. It has been designed for the GnuPG man pages and thus only
a few texinfo commands are supported.
@ -107,6 +107,9 @@
character. */
#define LINESIZE 1024
/* Number of allowed condition nestings. */
#define MAX_CONDITION_NESTING 10
/* Option flags. */
static int verbose;
static int quiet;
@ -117,10 +120,6 @@ static const char *opt_select;
static const char *opt_include;
static int opt_store;
/* The only define we understand is -D gpgone. Thus we need a simple
boolean tro track it. */
static int gpgone_defined;
/* Flag to keep track whether any error occurred. */
static int any_error;
@ -137,6 +136,24 @@ typedef struct macro_s *macro_t;
/* List of all defined macros. */
static macro_t macrolist;
/* List of global macro names. The value part is not used. */
static macro_t predefinedmacrolist;
/* Object to keep track of @isset and @ifclear. */
struct condition_s
{
int manverb; /* "manverb" needs special treatment. */
int isset; /* This is an @isset condition. */
char name[1]; /* Name of the condition macro. */
};
typedef struct condition_s *condition_t;
/* The stack used to evaluate conditions. And the current states. */
static condition_t condition_stack[MAX_CONDITION_NESTING];
static int condition_stack_idx;
static int cond_is_active; /* State of ifset/ifclear */
static int cond_in_verbatim; /* State of "manverb". */
/* Object to store one line of content. */
struct line_buffer_s
@ -313,7 +330,158 @@ isodatestring (void)
}
/* Add NAME to the list of predefined macros which are global for all
files. */
static void
add_predefined_macro (const char *name)
{
macro_t m;
for (m=predefinedmacrolist; m; m = m->next)
if (!strcmp (m->name, name))
break;
if (!m)
{
m = xcalloc (1, sizeof *m + strlen (name));
strcpy (m->name, name);
m->next = predefinedmacrolist;
predefinedmacrolist = m;
}
}
/* Create or update a macro with name MACRONAME and set its values TO
MACROVALUE. Note that ownership of the macro value is transferred
to this function. */
static void
set_macro (const char *macroname, char *macrovalue)
{
macro_t m;
for (m=macrolist; m; m = m->next)
if (!strcmp (m->name, macroname))
break;
if (m)
free (m->value);
else
{
m = xcalloc (1, sizeof *m + strlen (macroname));
strcpy (m->name, macroname);
m->next = macrolist;
macrolist = m;
}
m->value = macrovalue;
macrovalue = NULL;
}
/* Return true if the macro NAME is set, i.e. not the empty string and
not evaluating to 0. */
static int
macro_set_p (const char *name)
{
macro_t m;
for (m = macrolist; m ; m = m->next)
if (!strcmp (m->name, name))
break;
if (!m || !m->value || !*m->value)
return 0;
if ((*m->value & 0x80) || !isdigit (*m->value))
return 1; /* Not a digit but some other string. */
return !!atoi (m->value);
}
/* Evaluate the current conditions. */
static void
evaluate_conditions (const char *fname, int lnr)
{
int i;
/* for (i=0; i < condition_stack_idx; i++) */
/* inf ("%s:%d: stack[%d] %s %s %c", */
/* fname, lnr, i, condition_stack[i]->isset? "set":"clr", */
/* condition_stack[i]->name, */
/* (macro_set_p (condition_stack[i]->name) */
/* ^ !condition_stack[i]->isset)? 't':'f'); */
cond_is_active = 1;
cond_in_verbatim = 0;
if (condition_stack_idx)
{
for (i=0; i < condition_stack_idx; i++)
{
if (condition_stack[i]->manverb)
cond_in_verbatim = (macro_set_p (condition_stack[i]->name)
^ !condition_stack[i]->isset);
else if (!(macro_set_p (condition_stack[i]->name)
^ !condition_stack[i]->isset))
{
cond_is_active = 0;
break;
}
}
}
/* inf ("%s:%d: active=%d verbatim=%d", */
/* fname, lnr, cond_is_active, cond_in_verbatim); */
}
/* Push a condition with condition macro NAME onto the stack. If
ISSET is true, a @isset condition is pushed. */
static void
push_condition (const char *name, int isset, const char *fname, int lnr)
{
condition_t cond;
int manverb = 0;
if (condition_stack_idx >= MAX_CONDITION_NESTING)
{
err ("%s:%d: condition nested too deep", fname, lnr);
return;
}
if (!strcmp (name, "manverb"))
{
if (!isset)
{
err ("%s:%d: using \"@ifclear manverb\" is not allowed", fname, lnr);
return;
}
manverb = 1;
}
cond = xcalloc (1, sizeof *cond + strlen (name));
cond->manverb = manverb;
cond->isset = isset;
strcpy (cond->name, name);
condition_stack[condition_stack_idx++] = cond;
evaluate_conditions (fname, lnr);
}
/* Remove the last condition from the stack. ISSET is used for error
reporting. */
static void
pop_condition (int isset, const char *fname, int lnr)
{
if (!condition_stack_idx)
{
err ("%s:%d: unbalanced \"@end %s\"",
fname, lnr, isset?"isset":"isclear");
return;
}
condition_stack_idx--;
free (condition_stack[condition_stack_idx]);
condition_stack[condition_stack_idx] = NULL;
evaluate_conditions (fname, lnr);
}
/* Return a section buffer for the section NAME. Allocate a new buffer
if this is a new section. Keep track of the sections in THEPAGE.
This function may reallocate the section array in THEPAGE. */
@ -862,14 +1030,8 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause)
int lnr = 0;
/* Fixme: The following state variables don't carry over to include
files. */
int in_verbatim = 0;
int skip_to_end = 0; /* Used to skip over menu entries. */
int skip_sect_line = 0; /* Skip after @mansect. */
int ifset_nesting = 0; /* How often a ifset has been seen. */
int ifclear_nesting = 0; /* How often a ifclear has been seen. */
int in_gpgone = 0; /* Keep track of "@ifset gpgone" parts. */
int not_in_gpgone = 0; /* Keep track of "@ifclear gpgone" parts. */
int not_in_man = 0; /* Keep track of "@ifclear isman" parts. */
int item_indent = 0; /* How far is the current @item indented. */
/* Helper to define a macro. */
@ -883,7 +1045,7 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause)
{
size_t n = strlen (line);
int got_line = 0;
char *p;
char *p, *pend;
lnr++;
if (!n || line[n-1] != '\n')
@ -930,26 +1092,12 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause)
&& !strncmp (p, "macro", 5)
&& (p[5]==' '||p[5]=='\t'||!p[5]))
{
macro_t m;
if (macrovalueused)
macrovalue[--macrovalueused] = 0; /* Kill the last LF. */
macrovalue[macrovalueused] = 0; /* Terminate macro. */
macrovalue = xrealloc (macrovalue, macrovalueused+1);
for (m= macrolist; m; m = m->next)
if (!strcmp (m->name, macroname))
break;
if (m)
free (m->value);
else
{
m = xcalloc (1, sizeof *m + strlen (macroname));
strcpy (m->name, macroname);
m->next = macrolist;
macrolist = m;
}
m->value = macrovalue;
set_macro (macroname, macrovalue);
macrovalue = NULL;
free (macroname);
macroname = NULL;
@ -997,23 +1145,33 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause)
if (n == 6 && !memcmp (line, "@ifset", 6)
&& (line[6]==' '||line[6]=='\t'))
{
ifset_nesting++;
if (!strncmp (p, "manverb", 7) && (p[7]==' '||p[7]=='\t'||!p[7]))
for (p=line+7; *p == ' ' || *p == '\t'; p++)
;
if (!*p)
{
if (in_verbatim)
err ("%s:%d: nested \"@ifset manverb\"", fname, lnr);
else
in_verbatim = ifset_nesting;
err ("%s:%d: name missing after \"@ifset\"", fname, lnr);
continue;
}
else if (!strncmp (p, "gpgone", 6)
&& (p[6]==' '||p[6]=='\t'||!p[6]))
for (pend=p; *pend && *pend != ' ' && *pend != '\t'; pend++)
;
*pend = 0; /* Ignore rest of the line. */
push_condition (p, 1, fname, lnr);
continue;
}
else if (n == 8 && !memcmp (line, "@ifclear", 8)
&& (line[8]==' '||line[8]=='\t'))
{
if (in_gpgone)
err ("%s:%d: nested \"@ifset gpgone\"", fname, lnr);
else
in_gpgone = ifset_nesting;
for (p=line+9; *p == ' ' || *p == '\t'; p++)
;
if (!*p)
{
err ("%s:%d: name missing after \"@ifsclear\"", fname, lnr);
continue;
}
for (pend=p; *pend && *pend != ' ' && *pend != '\t'; pend++)
;
*pend = 0; /* Ignore rest of the line. */
push_condition (p, 0, fname, lnr);
continue;
}
else if (n == 4 && !memcmp (line, "@end", 4)
@ -1021,40 +1179,7 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause)
&& !strncmp (p, "ifset", 5)
&& (p[5]==' '||p[5]=='\t'||!p[5]))
{
if (in_verbatim && ifset_nesting == in_verbatim)
in_verbatim = 0;
if (in_gpgone && ifset_nesting == in_gpgone)
in_gpgone = 0;
if (ifset_nesting)
ifset_nesting--;
else
err ("%s:%d: unbalanced \"@end ifset\"", fname, lnr);
continue;
}
else if (n == 8 && !memcmp (line, "@ifclear", 8)
&& (line[8]==' '||line[8]=='\t'))
{
ifclear_nesting++;
if (!strncmp (p, "gpgone", 6)
&& (p[6]==' '||p[6]=='\t'||!p[6]))
{
if (not_in_gpgone)
err ("%s:%d: nested \"@ifclear gpgone\"", fname, lnr);
else
not_in_gpgone = ifclear_nesting;
}
else if (!strncmp (p, "isman", 5)
&& (p[5]==' '||p[5]=='\t'||!p[5]))
{
if (not_in_man)
err ("%s:%d: nested \"@ifclear isman\"", fname, lnr);
else
not_in_man = ifclear_nesting;
}
pop_condition (1, fname, lnr);
continue;
}
else if (n == 4 && !memcmp (line, "@end", 4)
@ -1062,23 +1187,13 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause)
&& !strncmp (p, "ifclear", 7)
&& (p[7]==' '||p[7]=='\t'||!p[7]))
{
if (not_in_gpgone && ifclear_nesting == not_in_gpgone)
not_in_gpgone = 0;
if (not_in_man && ifclear_nesting == not_in_man)
not_in_man = 0;
if (ifclear_nesting)
ifclear_nesting--;
else
err ("%s:%d: unbalanced \"@end ifclear\"", fname, lnr);
pop_condition (0, fname, lnr);
continue;
}
}
/* Take action on ifset/ifclear. */
if ( (in_gpgone && !gpgone_defined)
|| (not_in_gpgone && gpgone_defined)
|| not_in_man)
if (!cond_is_active)
continue;
/* Process commands. */
@ -1090,7 +1205,7 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause)
{
skip_to_end = 0;
}
else if (in_verbatim)
else if (cond_in_verbatim)
{
got_line = 1;
}
@ -1182,7 +1297,7 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause)
else if (!skip_to_end)
got_line = 1;
if (got_line && in_verbatim)
if (got_line && cond_in_verbatim)
add_content (*section_name, line, 1);
else if (got_line && thepage.name && *section_name && !in_pause)
add_content (*section_name, line, 0);
@ -1201,6 +1316,8 @@ top_parse_file (const char *fname, FILE *fp)
{
char *section_name = NULL; /* Name of the current section or NULL
if not in a section. */
macro_t m;
while (macrolist)
{
macro_t next = macrolist->next;
@ -1208,6 +1325,10 @@ top_parse_file (const char *fname, FILE *fp)
free (macrolist);
macrolist = next;
}
for (m=predefinedmacrolist; m; m = m->next)
set_macro (m->name, xstrdup ("1"));
cond_is_active = 1;
cond_in_verbatim = 0;
parse_file (fname, fp, &section_name, 0);
free (section_name);
@ -1223,6 +1344,12 @@ main (int argc, char **argv)
opt_source = "GNU";
opt_release = "";
/* Define default macros. The trick is that these macros are not
defined when using the actual texinfo renderer. */
add_predefined_macro ("isman");
add_predefined_macro ("manverb");
/* Option parsing. */
if (argc)
{
argc--; argv++;
@ -1327,8 +1454,7 @@ main (int argc, char **argv)
argc--; argv++;
if (argc)
{
if (!strcmp (*argv, "gpgone"))
gpgone_defined = 1;
add_predefined_macro (*argv);
argc--; argv++;
}
}