gnupg/g10 (ChangeLog g10.c keyedit.c keygen.c main.h options.h
sign.c)
cvs user dshaw
cvs at cvs.gnupg.org
Thu May 5 21:03:17 CEST 2005
Date: Thursday, May 5, 2005 @ 21:21:41
Author: dshaw
Path: /cvs/gnupg/gnupg/g10
Modified: ChangeLog g10.c keyedit.c keygen.c main.h options.h sign.c
* options.h, g10.c (main): Add new --default-sig-expire and
--default-cert-expire options. Suggested by Florian Weimer.
* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.
* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
-----------+
ChangeLog | 12 ++++++++++
g10.c | 42 ++++++++++++++++++++++++++++-------
keyedit.c | 9 +++++--
keygen.c | 72 ++++++++++++++++++++++++++++++++++++++----------------------
main.h | 7 +++--
options.h | 2 +
sign.c | 31 +++++++++++++++++++------
7 files changed, 128 insertions(+), 47 deletions(-)
Index: gnupg/g10/ChangeLog
diff -u gnupg/g10/ChangeLog:1.727 gnupg/g10/ChangeLog:1.728
--- gnupg/g10/ChangeLog:1.727 Wed May 4 00:27:07 2005
+++ gnupg/g10/ChangeLog Thu May 5 21:21:40 2005
@@ -1,3 +1,15 @@
+2005-05-05 David Shaw <dshaw at jabberwocky.com>
+
+ * options.h, g10.c (main): Add new --default-sig-expire and
+ --default-cert-expire options. Suggested by Florian Weimer.
+
+ * main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
+ defaults passed in, or "0" to control what default expiration is.
+
+ * keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
+ sign_symencrypt_file): Call them here, so that default expiration
+ is used when --ask-xxxxx-expire is off.
+
2005-05-03 Werner Koch <wk at g10code.com>
* passphrase.c (agent_get_passphrase): Add new arg CACHEID.
Index: gnupg/g10/g10.c
diff -u gnupg/g10/g10.c:1.301 gnupg/g10/g10.c:1.302
--- gnupg/g10/g10.c:1.301 Mon Apr 11 20:24:09 2005
+++ gnupg/g10/g10.c Thu May 5 21:21:40 2005
@@ -1,6 +1,6 @@
/* g10.c - The GnuPG utility (main for gpg)
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- * 2004, 2005 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
+ * 2005 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -157,18 +157,20 @@
oNoTextmode,
oExpert,
oNoExpert,
+ oDefSigExpire,
oAskSigExpire,
oNoAskSigExpire,
+ oDefCertExpire,
oAskCertExpire,
oNoAskCertExpire,
+ oDefCertLevel,
+ oMinCertLevel,
oAskCertLevel,
oNoAskCertLevel,
oFingerprint,
oWithFingerprint,
oAnswerYes,
oAnswerNo,
- oDefCertLevel,
- oMinCertLevel,
oKeyring,
oPrimaryKeyring,
oSecretKeyring,
@@ -443,10 +445,14 @@
{ oNoTextmode, "no-textmode", 0, "@"},
{ oExpert, "expert", 0, "@"},
{ oNoExpert, "no-expert", 0, "@"},
+ { oDefSigExpire, "default-sig-expire", 2, "@"},
{ oAskSigExpire, "ask-sig-expire", 0, "@"},
{ oNoAskSigExpire, "no-ask-sig-expire", 0, "@"},
+ { oDefCertExpire, "default-cert-expire", 2, "@"},
{ oAskCertExpire, "ask-cert-expire", 0, "@"},
{ oNoAskCertExpire, "no-ask-cert-expire", 0, "@"},
+ { oDefCertLevel, "default-cert-level", 1, "@"},
+ { oMinCertLevel, "min-cert-level", 1, "@"},
{ oAskCertLevel, "ask-cert-level", 0, "@"},
{ oNoAskCertLevel, "no-ask-cert-level", 0, "@"},
{ oOutput, "output", 2, N_("use as output file")},
@@ -579,8 +585,6 @@
{ oCompressKeys, "compress-keys",0, "@"},
{ oCompressSigs, "compress-sigs",0, "@"},
{ oDefCertLevel, "default-cert-check-level", 1, "@"}, /* Old option */
- { oDefCertLevel, "default-cert-level", 1, "@"},
- { oMinCertLevel, "min-cert-level", 1, "@"},
{ oAlwaysTrust, "always-trust", 0, "@"},
{ oTrustModel, "trust-model", 2, "@"},
{ oForceOwnertrust, "force-ownertrust", 2, "@"},
@@ -1673,6 +1677,8 @@
set_screen_dimensions();
opt.keyid_format=KF_SHORT;
opt.rfc2440_text=1;
+ opt.def_sig_expire="0";
+ opt.def_cert_expire="0";
set_homedir ( default_homedir () );
#ifdef ENABLE_CARD_SUPPORT
@@ -2020,8 +2026,6 @@
break;
case oNoArmor: opt.no_armor=1; opt.armor=0; break;
case oNoDefKeyring: default_keyring = 0; break;
- case oDefCertLevel: opt.def_cert_level=pargs.r.ret_int; break;
- case oMinCertLevel: opt.min_cert_level=pargs.r.ret_int; break;
case oNoGreeting: nogreeting = 1; break;
case oNoVerbose: g10_opt_verbose = 0;
opt.verbose = 0; opt.list_sigs=0; break;
@@ -2227,10 +2231,32 @@
case oNoTextmode: opt.textmode=0; break;
case oExpert: opt.expert = 1; break;
case oNoExpert: opt.expert = 0; break;
+ case oDefSigExpire:
+ if(*pargs.r.ret_str!='\0')
+ {
+ if(parse_expire_string(pargs.r.ret_str)==-1)
+ log_error(_("`%s' is not a valid signature expiration\n"),
+ pargs.r.ret_str);
+ else
+ opt.def_sig_expire=pargs.r.ret_str;
+ }
+ break;
case oAskSigExpire: opt.ask_sig_expire = 1; break;
case oNoAskSigExpire: opt.ask_sig_expire = 0; break;
+ case oDefCertExpire:
+ if(*pargs.r.ret_str!='\0')
+ {
+ if(parse_expire_string(pargs.r.ret_str)==-1)
+ log_error(_("`%s' is not a valid signature expiration\n"),
+ pargs.r.ret_str);
+ else
+ opt.def_cert_expire=pargs.r.ret_str;
+ }
+ break;
case oAskCertExpire: opt.ask_cert_expire = 1; break;
case oNoAskCertExpire: opt.ask_cert_expire = 0; break;
+ case oDefCertLevel: opt.def_cert_level=pargs.r.ret_int; break;
+ case oMinCertLevel: opt.min_cert_level=pargs.r.ret_int; break;
case oAskCertLevel: opt.ask_cert_level = 1; break;
case oNoAskCertLevel: opt.ask_cert_level = 0; break;
case oUser: /* store the local users */
Index: gnupg/g10/keyedit.c
diff -u gnupg/g10/keyedit.c:1.178 gnupg/g10/keyedit.c:1.179
--- gnupg/g10/keyedit.c:1.178 Sun Apr 24 20:35:30 2005
+++ gnupg/g10/keyedit.c Thu May 5 21:21:40 2005
@@ -860,8 +860,13 @@
/* Only ask for duration if we haven't already set it to match
the expiration of the pk */
- if(opt.ask_cert_expire && !duration && !selfsig)
- duration=ask_expire_interval(1);
+ if(!duration && !selfsig)
+ {
+ if(opt.ask_cert_expire)
+ duration=ask_expire_interval(1,opt.def_cert_expire);
+ else
+ duration=parse_expire_string(opt.def_cert_expire)*86400L;
+ }
if(duration)
force_v4=1;
Index: gnupg/g10/keygen.c
diff -u gnupg/g10/keygen.c:1.148 gnupg/g10/keygen.c:1.149
--- gnupg/g10/keygen.c:1.148 Fri Apr 1 11:03:15 2005
+++ gnupg/g10/keygen.c Thu May 5 21:21:40 2005
@@ -1,6 +1,6 @@
/* keygen.c - generate a key pair
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
- * 2004, 2005 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
+ * 2005 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -1498,7 +1498,7 @@
* Parse an expire string and return it's value in days.
* Returns -1 on error.
*/
-static int
+int
parse_expire_string( const char *string )
{
int mult;
@@ -1530,7 +1530,7 @@
/* object == 0 for a key, and 1 for a sig */
u32
-ask_expire_interval(int object)
+ask_expire_interval(int object,const char *def_expire)
{
char *answer;
int valid_days=0;
@@ -1539,6 +1539,8 @@
switch(object)
{
case 0:
+ if(def_expire)
+ BUG();
tty_printf(_("Please specify how long the key should be valid.\n"
" 0 = key does not expire\n"
" <n> = key expires in n days\n"
@@ -1548,6 +1550,8 @@
break;
case 1:
+ if(!def_expire)
+ BUG();
tty_printf(_("Please specify how long the signature should be valid.\n"
" 0 = signature does not expire\n"
" <n> = signature expires in n days\n"
@@ -1565,20 +1569,36 @@
* date */
answer = NULL;
- for(;;) {
+ for(;;)
+ {
u32 curtime=make_timestamp();
m_free(answer);
if(object==0)
answer = cpr_get("keygen.valid",_("Key is valid for? (0) "));
else
- answer = cpr_get("siggen.valid",_("Signature is valid for? (0) "));
+ {
+ char *prompt;
+
+#define PROMPTSTRING _("Signature is valid for? (%s) ")
+ /* This will actually end up larger than necessary because
+ of the 2 bytes for '%s' */
+ prompt=m_alloc(strlen(PROMPTSTRING)+strlen(def_expire)+1);
+ sprintf(prompt,PROMPTSTRING,def_expire);
+#undef PROMPTSTRING
+
+ answer = cpr_get("siggen.valid",prompt);
+ m_free(prompt);
+
+ if(*answer=='\0')
+ answer=m_strdup(def_expire);
+ }
cpr_kill_prompt();
trim_spaces(answer);
valid_days = parse_expire_string( answer );
if( valid_days < 0 ) {
- tty_printf(_("invalid value\n"));
- continue;
+ tty_printf(_("invalid value\n"));
+ continue;
}
if( !valid_days )
@@ -1589,24 +1609,24 @@
interval = 0;
}
else {
- interval = valid_days * 86400L;
+ interval = valid_days * 86400L;
- tty_printf(object==0
- ? _("Key expires at %s\n")
- : _("Signature expires at %s\n"),
- asctimestamp((ulong)(curtime + interval) ) );
- /* FIXME: This check yields warning on alhas: Write a
- configure check and to this check here only for 32 bit
- machines */
- if( (time_t)((ulong)(curtime+interval)) < 0 )
- tty_printf(_("Your system can't display dates beyond 2038.\n"
- "However, it will be correctly handled up to 2106.\n"));
+ tty_printf(object==0
+ ? _("Key expires at %s\n")
+ : _("Signature expires at %s\n"),
+ asctimestamp((ulong)(curtime + interval) ) );
+ /* FIXME: This check yields warning on alhas: Write a
+ configure check and to this check here only for 32 bit
+ machines */
+ if( (time_t)((ulong)(curtime+interval)) < 0 )
+ tty_printf(_("Your system can't display dates beyond 2038.\n"
+ "However, it will be correctly handled up to 2106.\n"));
}
if( cpr_enabled() || cpr_get_answer_is_yes("keygen.valid.okay",
- _("Is this correct? (y/N) ")) )
- break;
- }
+ _("Is this correct? (y/N) ")) )
+ break;
+ }
m_free(answer);
return interval;
}
@@ -1614,7 +1634,7 @@
u32
ask_expiredate()
{
- u32 x = ask_expire_interval(0);
+ u32 x = ask_expire_interval(0,NULL);
return x? make_timestamp() + x : 0;
}
@@ -2572,7 +2592,7 @@
para = r;
}
- expire = ask_expire_interval(0);
+ expire = ask_expire_interval(0,NULL);
r = m_alloc_clear( sizeof *r + 20 );
r->key = pKEYEXPIRE;
r->u.expire = expire;
@@ -3085,7 +3105,7 @@
algo = ask_algo( 1, &use );
assert(algo);
nbits = ask_keysize( algo );
- expire = ask_expire_interval(0);
+ expire = ask_expire_interval(0,NULL);
if( !cpr_enabled() && !cpr_get_answer_is_yes("keygen.sub.okay",
_("Really create? (y/N) ")))
goto leave;
@@ -3203,7 +3223,7 @@
goto leave;
algo = PUBKEY_ALGO_RSA;
- expire = ask_expire_interval (0);
+ expire = ask_expire_interval (0,NULL);
if (keyno == 1)
use = PUBKEY_USAGE_SIG;
else if (keyno == 2)
Index: gnupg/g10/main.h
diff -u gnupg/g10/main.h:1.126 gnupg/g10/main.h:1.127
--- gnupg/g10/main.h:1.126 Mon Apr 11 20:24:09 2005
+++ gnupg/g10/main.h Thu May 5 21:21:40 2005
@@ -1,6 +1,6 @@
/* main.h
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
- * 2004 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
+ * 2005 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -165,7 +165,8 @@
void show_basic_key_info (KBNODE keyblock);
/*-- keygen.c --*/
-u32 ask_expire_interval(int object);
+int parse_expire_string(const char *string);
+u32 ask_expire_interval(int object,const char *def_expire);
u32 ask_expiredate(void);
void generate_keypair( const char *fname, const char *card_serialno,
const char *backup_encryption_dir );
Index: gnupg/g10/options.h
diff -u gnupg/g10/options.h:1.135 gnupg/g10/options.h:1.136
--- gnupg/g10/options.h:1.135 Wed Mar 30 12:39:13 2005
+++ gnupg/g10/options.h Thu May 5 21:21:40 2005
@@ -50,7 +50,9 @@
int list_only;
int textmode;
int expert;
+ const char *def_sig_expire;
int ask_sig_expire;
+ const char *def_cert_expire;
int ask_cert_expire;
int batch; /* run in batch mode */
int answer_yes; /* answer yes on most questions */
Index: gnupg/g10/sign.c
diff -u gnupg/g10/sign.c:1.137 gnupg/g10/sign.c:1.138
--- gnupg/g10/sign.c:1.137 Wed May 4 00:27:07 2005
+++ gnupg/g10/sign.c Thu May 5 21:21:40 2005
@@ -1,6 +1,6 @@
/* sign.c - sign data
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
- * 2004 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
+ * 2005 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -744,8 +744,13 @@
&& (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
goto leave;
- if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !RFC1991)
- duration=ask_expire_interval(1);
+ if(!opt.force_v3_sigs && !opt.batch && !RFC1991)
+ {
+ if(opt.ask_sig_expire)
+ duration=ask_expire_interval(1,opt.def_sig_expire);
+ else
+ duration=parse_expire_string(opt.def_sig_expire)*86400L;
+ }
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
goto leave;
@@ -1009,8 +1014,13 @@
memset( &afx, 0, sizeof afx);
init_packet( &pkt );
- if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !RFC1991)
- duration=ask_expire_interval(1);
+ if(!opt.force_v3_sigs && !opt.batch && !RFC1991)
+ {
+ if(opt.ask_sig_expire)
+ duration=ask_expire_interval(1,opt.def_sig_expire);
+ else
+ duration=parse_expire_string(opt.def_sig_expire)*86400L;
+ }
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
goto leave;
@@ -1163,8 +1173,13 @@
memset( &cfx, 0, sizeof cfx);
init_packet( &pkt );
- if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !RFC1991)
- duration=ask_expire_interval(1);
+ if(!opt.force_v3_sigs && !opt.batch && !RFC1991)
+ {
+ if(opt.ask_sig_expire)
+ duration=ask_expire_interval(1,opt.def_sig_expire);
+ else
+ duration=parse_expire_string(opt.def_sig_expire)*86400L;
+ }
rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG);
if (rc)
More information about the Gnupg-commits
mailing list