[svn] GnuPG - r5199 - in trunk: doc g10 sm tools

svn author wk cvs at cvs.gnupg.org
Mon Nov 23 20:18:05 CET 2009 

Author: wk
Date: 2009-11-23 20:18:04 +0100 (Mon, 23 Nov 2009)
New Revision: 5199

Modified:
   trunk/doc/ChangeLog
   trunk/doc/gpg.texi
   trunk/g10/ChangeLog
   trunk/g10/gpg.c
   trunk/g10/keygen.c
   trunk/g10/options.h
   trunk/g10/pubkey-enc.c
   trunk/sm/ChangeLog
   trunk/sm/certreqgen.c
   trunk/sm/gpgsm.c
   trunk/tools/ChangeLog
   trunk/tools/gpgconf-comp.c
Log:
Add gpgconf related dummy options default_pubkey_algo.
Add option --skip-hidden-recipients
Comment updates.


Modified: trunk/doc/ChangeLog
===================================================================
--- trunk/doc/ChangeLog	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/doc/ChangeLog	2009-11-23 19:18:04 UTC (rev 5199)
@@ -1,3 +1,8 @@
+2009-11-18  Werner Koch  <wk at g10code.com>
+
+	* gpg.texi (GPG Key related Options): Describe
+	--skip-hidden-recipients.
+
 2009-10-19  David Shaw  <dshaw at jabberwocky.com>
 
 	* gpg.texi (GPG Configuration Options): Clarify that ca-cert-file

Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/g10/ChangeLog	2009-11-23 19:18:04 UTC (rev 5199)
@@ -1,3 +1,13 @@
+2009-11-23  Werner Koch  <wk at g10code.com>
+
+	* gpg.c (gpgconf_list): Add key "default_pubkey_algo".
+
+2009-11-18  Werner Koch  <wk at g10code.com>
+
+	* gpg.c: Add option --skip-hidden-recipients and no- variant.
+	* options.h (struct opt): Add field SKIP_HIDDEN_RECIPIENTS.
+	* pubkey-enc.c (get_session_key): Implement that option.
+
 2009-11-04  Werner Koch  <wk at g10code.com>
 
 	* server.c (register_commands): Add NULL arg to

Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/sm/ChangeLog	2009-11-23 19:18:04 UTC (rev 5199)
@@ -1,3 +1,7 @@
+2009-11-23  Werner Koch  <wk at g10code.com>
+
+	* gpgsm.c (main) <aGpgConfList>: Add key "default_pubkey_algo".
+
 2009-11-10  Marcus Brinkmann  <marcus at g10code.de>
 
 	* server.c (cmd_getauditlog): Don't dup FD for es_fdopen_nc as

Modified: trunk/tools/ChangeLog
===================================================================
--- trunk/tools/ChangeLog	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/tools/ChangeLog	2009-11-23 19:18:04 UTC (rev 5199)
@@ -1,3 +1,7 @@
+2009-11-23  Werner Koch  <wk at g10code.com>
+
+	* gpgconf-comp.c (gc_options_gpg): Add default_pubkey_algo.
+
 2009-11-05  Marcus Brinkmann  <marcus at g10code.de>
 
 	* gpg-connect-agent.c (start_agent): Update use of

Modified: trunk/doc/gpg.texi
===================================================================
--- trunk/doc/gpg.texi	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/doc/gpg.texi	2009-11-23 19:18:04 UTC (rev 5199)
@@ -1761,16 +1761,26 @@
 @option{--default-key}.
 
 @item --try-all-secrets
+ at opindex try-all-secrets
 Don't look at the key ID as stored in the message but try all secret
 keys in turn to find the right decryption key. This option forces the
 behaviour as used by anonymous recipients (created by using
 @option{--throw-keyids}) and might come handy in case where an encrypted
 message contains a bogus key ID.
 
+ at item --skip-hidden-recipients
+ at itemx --no-skip-hidden-recipients
+ at opindex skip-hidden-recipients
+ at opindex no-skip-hidden-recipients
+During decryption skip all anonymous recipients.  This option helps in
+the case that people use the hidden recipients feature to hide there
+own encrypt-to key from others.  If oneself has many secret keys this
+may lead to a major annoyance because all keys are tried in turn to
+decrypt soemthing which was not really intended for it.  The drawback
+of this option is that it is currently not possible to decrypt a
+message which includes real anonymous recipients.
 
 
-
-
 @end table
 
 @c *******************************************

Modified: trunk/g10/gpg.c
===================================================================
--- trunk/g10/gpg.c	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/g10/gpg.c	2009-11-23 19:18:04 UTC (rev 5199)
@@ -233,6 +233,8 @@
     oWithSigList,
     oWithSigCheck,
     oSkipVerify,
+    oSkipHiddenRecipients,
+    oNoSkipHiddenRecipients,
     oCompressKeys,
     oCompressSigs,
     oAlwaysTrust,
@@ -626,6 +628,8 @@
   ARGPARSE_s_n (aListSigs, "list-sig", "@"),   /* alias */
   ARGPARSE_s_n (aCheckKeys, "check-sig", "@"), /* alias */
   ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
+  ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"),
+  ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"),
   ARGPARSE_s_n (oCompressKeys, "compress-keys", "@"),
   ARGPARSE_s_n (oCompressSigs, "compress-sigs", "@"),
   ARGPARSE_s_i (oDefCertLevel, "default-cert-check-level", "@"), /* old */
@@ -1586,6 +1590,11 @@
   printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
   printf ("group:%lu:\n", GC_OPT_FLAG_NONE);
 
+  /* The next one is an info only item and should match what
+     keygen:ask_keysize actually implements.  */
+  printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT,
+          "RSA-2048");
+
   xfree (configfile_esc);
 }
 
@@ -2315,6 +2324,10 @@
           case oWithSigList: opt.list_sigs = 1; break;  
 
 	  case oSkipVerify: opt.skip_verify=1; break;
+
+	  case oSkipHiddenRecipients: opt.skip_hidden_recipients = 1; break;
+	  case oNoSkipHiddenRecipients: opt.skip_hidden_recipients = 0; break;
+
 	  case oCompressKeys: opt.compress_keys = 1; break;
 	  case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
 	    /* There are many programs (like mutt) that call gpg with

Modified: trunk/g10/keygen.c
===================================================================
--- trunk/g10/keygen.c	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/g10/keygen.c	2009-11-23 19:18:04 UTC (rev 5199)
@@ -1765,6 +1765,8 @@
 static unsigned
 ask_keysize (int algo, unsigned int primary_keysize)
 {
+  /* NOTE: If you change the default key size/algo, remember to change
+     it also in gpgconf.c:gpgconf_list.  */
   unsigned int nbits, min, def=2048, max=4096;
   int for_subkey = !!primary_keysize;
   int autocomp = 0;

Modified: trunk/g10/options.h
===================================================================
--- trunk/g10/options.h	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/g10/options.h	2009-11-23 19:18:04 UTC (rev 5199)
@@ -94,6 +94,7 @@
   char *lc_messages;
 
   int skip_verify;
+  int skip_hidden_recipients;
   int compress_keys;
   int compress_sigs;
   /* TM_CLASSIC must be zero to accomodate trustdbs generated before

Modified: trunk/g10/pubkey-enc.c
===================================================================
--- trunk/g10/pubkey-enc.c	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/g10/pubkey-enc.c	2009-11-23 19:18:04 UTC (rev 5199)
@@ -85,6 +85,8 @@
 	if( !(rc = get_seckey( sk, k->keyid )) )
 	    rc = get_it( k, dek, sk, k->keyid );
     }
+    else if (opt.skip_hidden_recipients)
+      rc = gpg_error (GPG_ERR_NO_SECKEY);
     else { /* anonymous receiver: Try all available secret keys */
 	void *enum_context = NULL;
 	u32 keyid[2];

Modified: trunk/sm/certreqgen.c
===================================================================
--- trunk/sm/certreqgen.c	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/sm/certreqgen.c	2009-11-23 19:18:04 UTC (rev 5199)
@@ -475,7 +475,8 @@
       return gpg_error (GPG_ERR_INV_PARAMETER);
     }
   
-  /* Check the keylength. */
+  /* Check the keylength.  NOTE: If you change this make sure that it
+     macthes the gpgconflist item in gpgsm.c  */
   if (!get_parameter (para, pKEYLENGTH, 0))
     nbits = 2048;
   else

Modified: trunk/sm/gpgsm.c
===================================================================
--- trunk/sm/gpgsm.c	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/sm/gpgsm.c	2009-11-23 19:18:04 UTC (rev 5199)
@@ -1634,6 +1634,11 @@
         printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_DEFAULT);
 	printf ("keyserver:%lu:\n", GC_OPT_FLAG_NONE);
 
+        /* The next one is an info only item and should match what
+           proc_parameters actually implements.  */
+        printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT,
+                "RSA-2048");
+
       }
       break;
     case aGPGConfTest:

Modified: trunk/tools/gpgconf-comp.c
===================================================================
--- trunk/tools/gpgconf-comp.c	2009-11-10 16:35:59 UTC (rev 5198)
+++ trunk/tools/gpgconf-comp.c	2009-11-23 19:18:04 UTC (rev 5199)
@@ -667,6 +667,11 @@
    { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
      "gnupg", "|FILE|read options from FILE",
      GC_ARG_TYPE_FILENAME, GC_BACKEND_GPG },
+   { "default_pubkey_algo",
+     (GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_NO_CHANGE), GC_LEVEL_INVISIBLE,
+     NULL, NULL,
+     GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
+   
 
    { "Debug",
      GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
@@ -695,6 +700,8 @@
      GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
 
 
+
+
    GC_OPTION_NULL
  };
 
@@ -744,6 +751,10 @@
    { "keyserver", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
      "gnupg", N_("|SPEC|use this keyserver to lookup keys"),
      GC_ARG_TYPE_LDAP_SERVER, GC_BACKEND_GPGSM },
+   { "default_pubkey_algo",
+     (GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_NO_CHANGE), GC_LEVEL_INVISIBLE,
+     NULL, NULL,
+     GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
 
    { "Debug",
      GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,

More information about the Gnupg-commits mailing list