mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Add gpgconf related dummy options default_pubkey_algo.
Add option --skip-hidden-recipients Comment updates.
This commit is contained in:
Werner Koch
parent
5741eace29
commit
cf2ec5673f
@ -1,3 +1,8 @@
|
||||
2009-11-18 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpg.texi (GPG Key related Options): Describe
|
||||
--skip-hidden-recipients.
|
||||
|
||||
2009-10-19 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* gpg.texi (GPG Configuration Options): Clarify that ca-cert-file
|
||||
|
||||
14
doc/gpg.texi
14
doc/gpg.texi
@ -1761,14 +1761,24 @@ Use @var{name} as the key to sign with. Note that this option overrides
|
||||
@option{--default-key}.
|
||||
|
||||
@item --try-all-secrets
|
||||
@opindex try-all-secrets
|
||||
Don't look at the key ID as stored in the message but try all secret
|
||||
keys in turn to find the right decryption key. This option forces the
|
||||
behaviour as used by anonymous recipients (created by using
|
||||
@option{--throw-keyids}) and might come handy in case where an encrypted
|
||||
message contains a bogus key ID.
|
||||
|
||||
|
||||
|
||||
@item --skip-hidden-recipients
|
||||
@itemx --no-skip-hidden-recipients
|
||||
@opindex skip-hidden-recipients
|
||||
@opindex no-skip-hidden-recipients
|
||||
During decryption skip all anonymous recipients. This option helps in
|
||||
the case that people use the hidden recipients feature to hide there
|
||||
own encrypt-to key from others. If oneself has many secret keys this
|
||||
may lead to a major annoyance because all keys are tried in turn to
|
||||
decrypt soemthing which was not really intended for it. The drawback
|
||||
of this option is that it is currently not possible to decrypt a
|
||||
message which includes real anonymous recipients.
|
||||
|
||||
|
||||
@end table
|
||||
|
||||
@ -1,3 +1,13 @@
|
||||
2009-11-23 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpg.c (gpgconf_list): Add key "default_pubkey_algo".
|
||||
|
||||
2009-11-18 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpg.c: Add option --skip-hidden-recipients and no- variant.
|
||||
* options.h (struct opt): Add field SKIP_HIDDEN_RECIPIENTS.
|
||||
* pubkey-enc.c (get_session_key): Implement that option.
|
||||
|
||||
2009-11-04 Werner Koch <wk@g10code.com>
|
||||
|
||||
* server.c (register_commands): Add NULL arg to
|
||||
|
||||
13
g10/gpg.c
13
g10/gpg.c
@ -233,6 +233,8 @@ enum cmd_and_opt_values
|
||||
oWithSigList,
|
||||
oWithSigCheck,
|
||||
oSkipVerify,
|
||||
oSkipHiddenRecipients,
|
||||
oNoSkipHiddenRecipients,
|
||||
oCompressKeys,
|
||||
oCompressSigs,
|
||||
oAlwaysTrust,
|
||||
@ -626,6 +628,8 @@ static ARGPARSE_OPTS opts[] = {
|
||||
ARGPARSE_s_n (aListSigs, "list-sig", "@"), /* alias */
|
||||
ARGPARSE_s_n (aCheckKeys, "check-sig", "@"), /* alias */
|
||||
ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
|
||||
ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"),
|
||||
ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"),
|
||||
ARGPARSE_s_n (oCompressKeys, "compress-keys", "@"),
|
||||
ARGPARSE_s_n (oCompressSigs, "compress-sigs", "@"),
|
||||
ARGPARSE_s_i (oDefCertLevel, "default-cert-check-level", "@"), /* old */
|
||||
@ -1586,6 +1590,11 @@ gpgconf_list (const char *configfile)
|
||||
printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
|
||||
printf ("group:%lu:\n", GC_OPT_FLAG_NONE);
|
||||
|
||||
/* The next one is an info only item and should match what
|
||||
keygen:ask_keysize actually implements. */
|
||||
printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT,
|
||||
"RSA-2048");
|
||||
|
||||
xfree (configfile_esc);
|
||||
}
|
||||
|
||||
@ -2315,6 +2324,10 @@ main (int argc, char **argv)
|
||||
case oWithSigList: opt.list_sigs = 1; break;
|
||||
|
||||
case oSkipVerify: opt.skip_verify=1; break;
|
||||
|
||||
case oSkipHiddenRecipients: opt.skip_hidden_recipients = 1; break;
|
||||
case oNoSkipHiddenRecipients: opt.skip_hidden_recipients = 0; break;
|
||||
|
||||
case oCompressKeys: opt.compress_keys = 1; break;
|
||||
case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
|
||||
/* There are many programs (like mutt) that call gpg with
|
||||
|
||||
@ -1765,6 +1765,8 @@ ask_algo (int addmode, int *r_subkey_algo, unsigned int *r_usage)
|
||||
static unsigned
|
||||
ask_keysize (int algo, unsigned int primary_keysize)
|
||||
{
|
||||
/* NOTE: If you change the default key size/algo, remember to change
|
||||
it also in gpgconf.c:gpgconf_list. */
|
||||
unsigned int nbits, min, def=2048, max=4096;
|
||||
int for_subkey = !!primary_keysize;
|
||||
int autocomp = 0;
|
||||
|
||||
@ -94,6 +94,7 @@ struct
|
||||
char *lc_messages;
|
||||
|
||||
int skip_verify;
|
||||
int skip_hidden_recipients;
|
||||
int compress_keys;
|
||||
int compress_sigs;
|
||||
/* TM_CLASSIC must be zero to accomodate trustdbs generated before
|
||||
|
||||
@ -85,6 +85,8 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
|
||||
if( !(rc = get_seckey( sk, k->keyid )) )
|
||||
rc = get_it( k, dek, sk, k->keyid );
|
||||
}
|
||||
else if (opt.skip_hidden_recipients)
|
||||
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
else { /* anonymous receiver: Try all available secret keys */
|
||||
void *enum_context = NULL;
|
||||
u32 keyid[2];
|
||||
|
||||
@ -1,3 +1,7 @@
|
||||
2009-11-23 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpgsm.c (main) <aGpgConfList>: Add key "default_pubkey_algo".
|
||||
|
||||
2009-11-10 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* server.c (cmd_getauditlog): Don't dup FD for es_fdopen_nc as
|
||||
|
||||
@ -475,7 +475,8 @@ proc_parameters (ctrl_t ctrl,
|
||||
return gpg_error (GPG_ERR_INV_PARAMETER);
|
||||
}
|
||||
|
||||
/* Check the keylength. */
|
||||
/* Check the keylength. NOTE: If you change this make sure that it
|
||||
macthes the gpgconflist item in gpgsm.c */
|
||||
if (!get_parameter (para, pKEYLENGTH, 0))
|
||||
nbits = 2048;
|
||||
else
|
||||
|
||||
@ -1634,6 +1634,11 @@ main ( int argc, char **argv)
|
||||
printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_DEFAULT);
|
||||
printf ("keyserver:%lu:\n", GC_OPT_FLAG_NONE);
|
||||
|
||||
/* The next one is an info only item and should match what
|
||||
proc_parameters actually implements. */
|
||||
printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT,
|
||||
"RSA-2048");
|
||||
|
||||
}
|
||||
break;
|
||||
case aGPGConfTest:
|
||||
|
||||
@ -1,3 +1,7 @@
|
||||
2009-11-23 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpgconf-comp.c (gc_options_gpg): Add default_pubkey_algo.
|
||||
|
||||
2009-11-05 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* gpg-connect-agent.c (start_agent): Update use of
|
||||
|
||||
@ -667,6 +667,11 @@ static gc_option_t gc_options_gpg[] =
|
||||
{ "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
|
||||
"gnupg", "|FILE|read options from FILE",
|
||||
GC_ARG_TYPE_FILENAME, GC_BACKEND_GPG },
|
||||
{ "default_pubkey_algo",
|
||||
(GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_NO_CHANGE), GC_LEVEL_INVISIBLE,
|
||||
NULL, NULL,
|
||||
GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
|
||||
|
||||
|
||||
{ "Debug",
|
||||
GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
|
||||
@ -695,6 +700,8 @@ static gc_option_t gc_options_gpg[] =
|
||||
GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
|
||||
|
||||
|
||||
|
||||
|
||||
GC_OPTION_NULL
|
||||
};
|
||||
|
||||
@ -744,6 +751,10 @@ static gc_option_t gc_options_gpgsm[] =
|
||||
{ "keyserver", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
|
||||
"gnupg", N_("|SPEC|use this keyserver to lookup keys"),
|
||||
GC_ARG_TYPE_LDAP_SERVER, GC_BACKEND_GPGSM },
|
||||
{ "default_pubkey_algo",
|
||||
(GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_NO_CHANGE), GC_LEVEL_INVISIBLE,
|
||||
NULL, NULL,
|
||||
GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
|
||||
|
||||
{ "Debug",
|
||||
GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user