1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

190 Commits

Author SHA1 Message Date
Werner Koch
010e4281c3
gpg: Make show-sig-subpackets work again.
* g10/gpg.c (parse_list_options): Fix offset for subpackets.
--

Regression-due-to: 7d0492075ea638607309b3ea6a792b0e95ea7d98
GnuPG-bug-id: 2008
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-30 11:01:16 +02:00
Werner Koch
b607657931
agent: Prepare for Libassuan with Cygwin support.
* agent/gpg-agent.c (create_server_socket): Add arg "cygwin".  Call
assuan_sock_set_flag if Assuan version is recent enough.
(main): Create ssh server socket with Cygwin flag set.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-29 21:28:59 +02:00
Werner Koch
4698e5b203
gpg: Allow debug flag names for --debug.
* g10/gpg.c (opts): Change arg for oDebug to a string.
(debug_flags): New; factored out from set_debug.
(set_debug): Remove "--debug-level help".  Use parse_debug_flag to
print the used flags.
(main): Use parse_debug_flag for oDebug.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 21:01:10 +02:00
Werner Koch
6500f338a3
gpg: Improve speed of --check-sigs and --lish-sigs.
* g10/keydb.c (kid_list_t): New.
(kid_not_found_table, n_kid_not_found_table): New.
(kid_not_found_p, kid_not_found_insert, kid_not_found_flush): New.
(keydb_insert_keyblock): Flush the new cache.
(keydb_delete_keyblock): Ditto.
(keydb_update_keyblock): Ditto.
(keydb_search): Use the new cache.
(keydb_dump_stats): New.
* g10/gpg.c (g10_exit): Dump keydb stats.
--

What we do here is to keep track of key searches by long keyids (as
stored in all signatures) so that we do not need to scan the keybox
again after we already found that this keyid will result in
not-found.  As soon as we change gpg to run as a co-process we should
store this table per session because other instances of gpg may have
updated the keybox without us knowing.

On a test ring with

  gpg: 94721 good signatures
  gpg: 6831 bad signatures
  gpg: 150703 signatures not checked due to missing keys
  gpg: 5 signatures not checked due to errors
  gpg: keydb: kid_not_found_table: total: 14132

this new cache speeds a --check-sigs listing up from 28 minutes to
less than 3 minutes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-20 15:03:32 +02:00
Werner Koch
663a31f1ea
gpg: Print available debug flags using "--debug-level help".
* g10/gpg.c (set_debug): Add "help" option and use a table for the
flags.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-19 14:56:46 +02:00
Neal H. Walfield
eac081ba12 Don't prompt for the password multiple times in pinentry loopback mode.
* g10/gpg.c (main): If OPT.PINENTRY_MODE is PINENTRY_MODE_LOOPBACK,
clear OPT.PASSPHRASE_REPEAT.
2015-06-16 16:00:39 +02:00
Werner Koch
bf06d04f53
gpg: Fix output in case of a corrupted trustdb.
* g10/tdbdump.c (list_trustdb): Add arg FP and change callers to pass
es_stdout.
* g10/tdbio.c (upd_hashtable): On a corrupted trustdb call
list_trustdb only in verbose > 1 mode and let it dump to stderr.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-04 17:34:55 +02:00
Werner Koch
64e809b791
gpg: New command --quick-adduid.
* g10/keygen.c (ask_user_id): Factor some code out to ...
(uid_already_in_keyblock): new.
(generate_user_id): Add arg UIDSTR.  Fix leaked P.
* g10/keyedit.c (menu_adduid): Add new arg uidstring.  Adjust caller.
(keyedit_quick_adduid): New.
* g10/gpg.c (aQuickAddUid): New.
(opts):  Add command --quick-adduid.
(main): Implement that.
--

GnuPG-bug-id: 1956
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-08 16:08:57 +02:00
Werner Koch
727fe4f8d7
gpg: Do not use honor-keyserver-url sub-option by default. 2015-04-21 15:46:13 +02:00
Werner Koch
c581ed717a
gpg: Add new option --debug-iolbf.
* g10/gpg.c (oDebugIOLBF): new.
(opts): Add --debug-iolbf.
(main): Set option.
--

This option is convenient for debugging to make sure that debug output
to stderr is synced with output to stdout.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-06 14:07:50 +02:00
Werner Koch
24a75201da
Rename DBG_ASSUAN to DBG_IPC and add separate DBG_EXTPROG.
* g10/options.h (DBG_EXTPROG_VALUE): Separate from DBG_IPC_VALUE.
2015-04-06 13:42:17 +02:00
Werner Koch
2f099eb62a
Fix use of DBG_CACHE and DBG_LOOKUP
* dirmngr/dirmngr.h (DBG_LOOKUP_VALUE): Change to 8192.
* g10/options.h (DBG_LOOKUP_VALUE, DBG_LOOKUP): New.
* g10/getkey.c: Use DBG_LOOKUP instead of DBG_CACHE at most places.
2015-04-06 13:27:26 +02:00
Werner Koch
4de8a58e44
gpg: Rename a debug macro.
* g10/options.h (DBG_CIPHER_VALUE): Rename to DBG_CRYPTO_VALUE.
(DBG_CIPHER): Rename to DBG_CRYPTO.
2015-04-06 13:07:09 +02:00
Neal H. Walfield
f26ba14028 gpg: Only use the last specified keyserver.
* g10/gpg.c (main): Only use the last specified keyserver.

--

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-03-28 16:55:37 +01:00
Werner Koch
7b5b52f326
gpg: Change --print-pka-records into an option.
* g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not
use it as a command.
* g10/keylist.c (list_keyblock): List PKA rceords also for secret
keys.
--

An option allows to use it more flexible.  For example to select only
secret keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:37:16 +01:00
Werner Koch
14af2be022
gpg: Add --list-gcrypt-config and "curve" item for --list-config.
* common/openpgp-oid.c (curve_supported_p): New.
(openpgp_enum_curves): New.
* common/t-openpgp-oid.c (test_openpgp_enum_curves): New.
(main): Add option --verbose.
* g10/gpg.c (opts): Add --list-gcrypt-config.
(list_config): Add items "curve" and "curveoid".  Remove unused code.
--

GnuPG-bug-id: 1917
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:35:30 +01:00
Werner Koch
e2d9340280
gpg: Add command --print-pka-records.
* g10/gpg.c (main): Add command --print-pka-records.
* g10/options.h (struct opt): Add field "print_pka_records".
* g10/keylist.c (list_keyblock_pka): New.
(list_keyblock): Call it if new option is set.
(print_fingerprint): Add mode 10.
--

This is a fist step towards a slightly updated PKA implementation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-24 19:31:59 +01:00
Werner Koch
ae09515b9d
gpg: Add option to print fingerprints in ICAO spelling.
* g10/gpg.c: Add option --with-icao-spelling.
* g10/options.h (struct opt): Add with_icao_spelling.
* g10/keylist.c (print_icao_hexdigit): New.
(print_fingerprint): Print ICAO spelling.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-23 17:54:05 +01:00
Werner Koch
d2a70fd834
gpg: Replace remaining uses of stdio by estream.
* g10/sign.c (sign_file):  Use log_printf instead of stderr.
* g10/tdbdump.c (export_ownertrust): Use estream fucntions.
(import_ownertrust): Ditto.
* g10/tdbio.c (tdbio_dump_record): Ditto.  Change arg to estream_t.
--

Reported-by: Guilhem Moulin <guilhem@fripost.org>

  Needed for unattended key edits with --status-fd, because since 2.1
  status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd)
  not fflush(3), so the standard output may not be flushed before each
  prompt. (Which breaks scripts using select(2) to multiplex between
  the standard and status outputs.)

His patch only affected print_and_check_one_sig_colon() but there are
many more places where stdio and estream are mixed.  This patch now
replaces most of them in g10/.  At some places stdio is still used,
but that is local to a function and should not have side effects.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
Werner Koch
d8eea25b8b gpg: Fix buffering problem in --list-config.
* g10/gpg.c (list_config): Replace print_sanitized_string2 by
es_write_sanitized.

* common/stringhelp.c (print_sanitized_buffer2): Remove.
(print_sanitized_buffer, print_sanitized_utf8_buffer): Remove.
(print_sanitized_utf8_buffer, print_sanitized_utf8_string): Remove.
(print_sanitized_string): Remove.

* sm/certdump.c (print_dn_part, print_dn_parts): Remove arg FP.
(pretty_print_sexp, gpgsm_print_name2, gpgsm_print_name): Remove.
--

Mixing stdio and estream is never a good idea.  This fix also allows
us to remove a lot of garbage.

Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
GnuPG-bug-id: 1822
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-28 20:12:21 +01:00
Werner Koch
0c2bfd9d5a Add a hook to be called right after main.
* common/init.c (early_system_init): New stub function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-28 19:57:22 +01:00
Werner Koch
11142e0ad7 gpg: Replace remaining old error code macros by GPG_ERR_.
* g10/gpg.h (g10_errstr): Remove macro and change all occurrences by
gpg_strerror.
(G10ERR_): Remove all macros and change all occurrences by their
GPG_ERR_ counterparts.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 12:06:11 +01:00
Werner Koch
616e511f27 gpg: Remove unused args from a function.
* g10/keyserver.c (parse_keyserver_uri): Remove args configname and
configlineno.  Change all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-05 15:15:36 +01:00
Werner Koch
5bf93f4ea7 gpg: Obsolete some keyserver helper options.
* g10/options.h (opt): Remove keyserver_options.other.
* g10/gpg.c (main): Obsolete option --honor-http-proxt.
* g10/keyserver.c (add_canonical_option): Replace by ...
(warn_kshelper_option): New.
(parse_keyserver_uri): Obsolete "x-broken-http".
--

Some of these options are deprecated for 10 years and they do not make
any sense without the keyserver helpers.  For one we print a hint on
how to replace it:

  gpg: keyserver option 'ca-cert-file' is obsolete; \
  please use 'hkp-cacert' in dirmngr.conf

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-08 15:14:35 +01:00
Werner Koch
17b4662984 gpg: Remove option aliases --[no-]throw-keyid and --notation-data.
* g10/gpg.c (opts): Remove them.
* g10/options.h (opt): s/throw_keyid/throw_keyids/ and change users.
--

See mails starting
 http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029128.html
2014-12-03 11:28:10 +01:00
Werner Koch
7aee3579be Add option --no-autostart.
* g10/gpg.c: Add option --no-autostart.
* sm/gpgsm.c: Ditto.
* g10/options.h (opt): Add field autostart.
* sm/gpgsm.h (opt): Ditto.
* g10/call-agent.c (start_agent): Print note if agent was not
autostarted.
* sm/call-agent.c (start_agent): Ditto.
* g10/call-dirmngr.c (create_context): Likewise.
* sm/call-dirmngr.c (start_dirmngr_ext): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-28 09:44:19 +01:00
Werner Koch
e30cb8f617 gpg: Remove PGP-2 related cruft.
* g10/armor.c (parse_hash_header,carmor_filter): Ignore MD5 in hash
header.
(fake_packet): Remove pgp-2 workaround for white space stripping.
* g10/filter.h (armor_filter_context_t): Remove field pgp2mode.
* g10/options.h (opt): Remove field pgp2_workarounds.
* g10/gpg.c (main): Do not set this field.
* g10/gpgv.c (main): Ditto.
* g10/mainproc.c (proc_encrypted): Use SHA-1 as fallback s2k hash
  algo.  Using MD5 here is useless.
(proc_plaintext): Remove PGP-2 related woraround
(proc_tree): Remove another workaround but keep the one for PGP-5.
--

The removed code was either not anymore used or its use would have
caused an error message later anyway.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-13 12:01:42 +01:00
Werner Koch
cf41763cdf Change a couple of files to use abbreviated copyright notes.
--

Also fixed some of my own copyright notices due to the termination of
my assignment.  The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.
2014-11-04 16:28:03 +01:00
Werner Koch
f4df71aa2d gpg: Remove superfluous check for Libgcrypt >= 1.4.0.
* g10/gpg.c (main): Remove check.
--

We require 1.6.0 anyway.
2014-10-31 14:47:02 +01:00
Werner Koch
8fd150b05b gpg: Remove all support for v3 keys and always create v4-signatures.
* g10/build-packet.c (do_key): Remove support for building v3 keys.
* g10/parse-packet.c (read_protected_v3_mpi): Remove.
(parse_key): Remove support for v3-keys.  Add dedicated warnings for
v3-key packets.
* g10/keyid.c (hash_public_key): Remove v3-key support.
(keyid_from_pk): Ditto.
(fingerprint_from_pk): Ditto.

* g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs.
* g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs,
oForceV4Certs, oNoForceV4Certs.
(opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs,
--no-force-v4-certs int dummy options.
(main): Remove setting of the force_v3_sigs force_v4_certs flags.
* g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs.
* g10/sign.c (hash_uid): Remove support for v3-signatures
(hash_sigversion_to_magic): Ditto.
(only_old_style): Remove this v3-key function.
(write_signature_packets): Remove support for creating v3-signatures.
(sign_file): Ditto.
(sign_symencrypt_file): Ditto.
(clearsign_file): Ditto.  Remove code to emit no Hash armor line if
only v3-keys are used.
(make_keysig_packet): Remove arg SIGVERSION and force using
v4-signatures.  Change all callers to not pass a value for this arg.
Remove all v3-key related code.
(update_keysig_packet): Remove v3-signature support.
* g10/keyedit.c (sign_uids): Always create v4-signatures.

* g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and
change caller.
--

v3 keys are deprecated for about 15 years and due the severe
weaknesses of MD5 it does not make any sense to keep code around to
use these old and broken keys.  Users who need to decrypt old messages
should use gpg 1.4 and best re-encrypt them to modern standards.
verification of old (i.e. PGP2) created signatures is thus also not
anymore possible but such signatures have no values anyway - MD5 is
just too broken.

We have also kept support for v3 signatures until now.  With the
removal of support for v3 keys it is questionable whether it makes any
sense to keep support for v3-signatures.  What we do now is to keep
support for verification of v3-signatures but we force the use of
v4-signatures.  The latter makes the --pgp6 and --pgp7 switch a bit
obsolete because those PGP versions require v3-signatures for
messages.  These versions of PGP are also really old and not anymore
maintained so they have not received any bug fixes and should not be
used anyway.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-17 13:32:16 +02:00
Werner Koch
54ffe2045a Use a unique capitalization for "Note:".
--
2014-10-10 15:29:42 +02:00
Daniel Kahn Gillmor
6cabb7a2a1 gpg: Add build and runtime support for larger RSA keys
* configure.ac: Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.

--

This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from
STABLE-BRANCH-1-4 against master

Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.

Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.

Debian-bug-id: 739424

Minor edits by wk.

GnuPG-bug-id: 1732
2014-10-10 13:40:38 +02:00
Werner Koch
f3625bb018 gpg: Simplify command --gen-key and add --full-gen-key.
* g10/gpg.c (aFullKeygen): New.
(opts): Add command --full-key-gen.
(main): Implement it.
* g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although
the value is identical.
(DEFAULT_STD_CURVE): New.
(DEFAULT_STD_SUBALGO): New.
(DEFAULT_STD_SUBKEYSIZE): New.
(DEFAULT_STD_SUBCURVE): New.
(quick_generate_keypair): Use new macros here.
(generate_keypair): Add arg "full" and fix call callers. Do not ask
for keysize in non-full node.
(ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-27 15:14:13 +02:00
Werner Koch
20c6da50d4 gpg: Do not always print dashes in obsolete_option.
* g10/gpg.c (main): Pass option names to obsolete_option without
double dash.
* g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double
dash only for command line options.
2014-09-25 22:14:30 +02:00
Daniel Kahn Gillmor
371c2b14b0 gpg: Warn about (but don't fail) on scdaemon options in gpg.conf.
* g10/gpg.c: Add config options that should belong in scdaemon.conf
* g10/main.h, g10/misc.c (obsolete_scdaemon_option): New.

--

In gpg2, the following options are only relevant for scdaemon:

 reader-port
 ctapi-driver
 pcsc-driver
 disable-ccid

but in gpg1, they are options for gpg itself.

Some users of gpg1 might have these options in their
~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that
config file.

gpg2 should not fail hard, though giving a warning (and suggesting a
move to scdaemon.conf) seems OK.

This patch does *not* reintroduce any documentation for these options
in gpg.texi, even to indicate that they are "dummy" options, since
scdaemon.texi contains the appropriate documentation.

Debian-bug-id: 762844

- Program names factored out from obsolete_scdaemon_option to make
  reuse without new translations easier. -wk
2014-09-25 22:05:29 +02:00
Werner Koch
327134934d gpg: Replace a hash algo test function.
* g10/gpg.c (print_mds): Replace openpgp_md_test_algo.
--

This is actually not required because as of now the used OpenPGP and
Gcrypt hash algorithm numbers are identical.  But that might change in
the future.

This changes the behavior of GnuPG in case it has been build with
some algorithms disabled: If those algorithms are available in
Libgcrypt, their results will be used printed anyway.
2014-09-18 14:56:39 +02:00
Werner Koch
0af533abd3 gpg: Re-indent a function.
--
2014-09-18 14:50:02 +02:00
Werner Koch
40ad42dbe3 gpg: Do not show "MD5" and triplicated "RSA" in --version.
* g10/gpg.c (build_list_pk_test_algo): Ignore RSA aliases
(build_list_md_test_algo): Ignore MD5.
2014-08-28 16:01:22 +02:00
Werner Koch
57df1121c1 gpg: Change default cipher for --symmetric from CAST5 to AES-128.
* g10/main.h (DEFAULT_CIPHER_ALGO): Chhange to AES or CAST5 or 3DES
depending on configure option.
* g10/gpg.c (main): Set opt.s2k_cipher_algo to DEFAULT_CIPHER_ALGO.
2014-08-18 11:45:00 +02:00
Werner Koch
2b8d8369d5 gpg: Remove options --pgp2 and --rfc1991.
* g10/gpg.c (oRFC1991, oPGP2): Remove
(opts): Remove --pgp2 and --rfc1991.
* g10/options.h (CO_PGP2, CO_RFC1991): Remove.  Remove all users.
(RFC2440, PGP2): Remove.  Remove all code only enabled by these
conditions.
* tests/openpgp/clearsig.test: Remove --rfc1991 test.
--

The use of PGP 2.c is considered insecure for quite some time
now (e.g. due to the use of MD5).  Thus we remove all support for
_creating_ PGP 2 compatible messages.
2014-08-14 11:03:55 +02:00
Werner Koch
71b55e91f0 gpg: Remove --compress-keys and --compress-sigs feature.
* g10/gpg.c (oCompressKeys, oCompressSigs): Remove.
(opts): Turn --compress-keys and --compress-signs in NOPs.
* g10/options.h (opt): Remove fields compress_keys and compress_sigs.
* g10/export.c (do_export): Remove compress_keys feature.
* g10/sign.c (sign_file): Remove compress_sigs feature.
--

These features are disabled in GnuPG since the very early days and
they fulfill no real purpose.  For now we keep the command line
options as dummys.
2014-08-14 09:55:09 +02:00
Werner Koch
7d0492075e gpg: Add list-option "show-usage".
* g10/gpg.c (parse_list_options): Add "show-usage".
* g10/options.h (LIST_SHOW_USAGE): New.
* g10/keyid.c (usagestr_from_pk): Add arg FILL.  Change caller.
* g10/keylist.c (list_keyblock_print): Print usage info.
2014-08-13 10:11:36 +02:00
Werner Koch
ea186540db gpg: Add command --quick-gen-key
* g10/gpg.c (aQuickKeygen): New.
* g10/misc.c (is_valid_user_id): New stub.
* g10/keygen.c (quickgen_set_para): New.
(quick_generate_keypair): New.
--

Note that the validation of the specified user id has not yet been
implemented.
2014-07-23 15:12:43 +02:00
Werner Koch
5214d8f02b gpg: Make show-uid-validity the default. 2014-07-03 11:04:23 +02:00
Werner Koch
572502bd2c gpg,gpgsm: Simplify wrong_args function. 2014-06-26 17:07:47 +02:00
Werner Koch
4f0625889b gpg: Auto-migrate existing secring.gpg.
* g10/migrate.c: New.
* g10/import.c (import_old_secring): New.
(import_one): Add arg silent.
(transfer_secret_keys): Add arg batch.
(import_secret_one): Add args batch and for_migration.
* g10/gpg.c (main): Call migration function.
2014-06-05 11:19:59 +02:00
Werner Koch
be07ed65e1 Add new option --with-secret.
* g10/gpg.c: Add option --with-secret.
* g10/options.h (struct opt): Add field with_secret.
* g10/keylist.c (public_key_list): Pass opt.with_secret to list_all
and list_one.
(list_all, list_one): Add arg mark_secret.
(list_keyblock_colon): Add arg has_secret.
* sm/gpgsm.c: Add option --with-secret.
* sm/server.c (option_handler): Add option "with-secret".
* sm/gpgsm.h (server_control_s): Add field with_secret.
* sm/keylist.c (list_cert_colon): Take care of with_secret.  Also move
the token string from the wrong field 14 to 15.
--

This option is useful for key managers which need to know whether a
key has a secret key.  This change allows to collect this information
in one pass.
2014-06-03 21:35:59 +02:00
Werner Koch
cb2aeb4e11 Make more use of *_NAME macros.
* configure.ac (GPG_DISP_NAME, GPGSM_DISP_NAME): New.
(GPG_AGENT_DISP_NAME, SCDAEMON_DISP_NAME): New.
(DIRMNGR_DISP_NAME, G13_DISP_NAME): New.
(GPGCONF_DISP_NAME): New.
(SCDAEMON_SOCK_NAME): New.
* common/argparse.c (show_help): Map description string.
2014-05-08 10:28:23 +02:00
Werner Koch
b6786cc3ec gpg: Add commands --quick-sign-key and --quick-lsign-key.
* g10/gpg.c (main): Add commands --quick-sign-key and
--quick-lsign-key.
* g10/keyedit.c (sign_uids): Add args FP and QUICK.
(keyedit_quick_sign): New.
(show_key_with_all_names): Add arg NOWARN.
2014-03-27 16:33:40 +01:00
Werner Koch
f90cfe6b66 gpg: Reject signatures made with MD5.
* g10/gpg.c: Add option --allow-weak-digest-algos.
(main): Set option also in PGP2 mode.
* g10/options.h (struct opt): Add flags.allow_weak_digest_algos.
* g10/sig-check.c (do_check): Reject MD5 signatures.
* tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.
2014-03-17 18:14:23 +01:00