[PATCH] --set-expire
Florian Weimer
fw at deneb.enyo.de
Thu May 5 14:35:00 CEST 2005
The following patch adds a --set-expire to GnuPG 1.4.1. It would be
really nice if it were possible to include it in a future release of
the 1.4 branch.
Yes, I know, I should use GPGME for non-interactive use, but after
browsing the GPGME documentation, I came to the conclusion that it
doesn't support changing data signature expiration, either.
Thu May 5 14:19:44 CEST 2005 Florian Weimer <fw at deneb.enyo.de>
* Document the --set-expire option
M ./doc/gpg.sgml -1 +16
M ./doc/gpg.texi -2 +13
Thu May 5 14:16:13 CEST 2005 Florian Weimer <fw at deneb.enyo.de>
* Honor --set-expire when creating data signatures
M ./g10/sign.c -6 +21
Thu May 5 14:15:28 CEST 2005 Florian Weimer <fw at deneb.enyo.de>
* Add --set-expire option
M ./g10/g10.c +17
M ./g10/options.h +1
Thu May 5 12:56:42 CEST 2005 Florian Weimer <fw at deneb.enyo.de>
* Export parse_expire_string from keygen.c
M ./g10/keygen.c -1 +1
M ./g10/main.h +1
Thu May 5 12:47:45 CEST 2005 Florian Weimer <fw at deneb.enyo.de>
* Fix comment typo
M ./g10/keygen.c -1 +1
diff -rN -u old-stable+set-expire/doc/gpg.sgml new-stable+set-expire/doc/gpg.sgml
--- old-stable+set-expire/doc/gpg.sgml 2005-05-05 14:31:34.000000000 +0200
+++ new-stable+set-expire/doc/gpg.sgml 2005-05-05 14:19:43.000000000 +0200
@@ -2522,11 +2522,26 @@
<term>--no-ask-sig-expire</term>
<listitem><para>
When making a data signature, prompt for an expiration time. If this
-option is not specified, the expiration time is "never".
+option is not specified and an expiration time is not set by other
+means, the expiration time is "never".
--no-ask-sig-expire disables this option.
</para></listitem></varlistentry>
<varlistentry>
+<term>--set-expire &ParmString; </term>
+<listitem><para>
+When making a data signature, include an expiration time.
+&ParmString; must be one of the following: "0"
+(meaning no expiration), a positive integer (counting the
+expiration time in days from the creation time of the signature),
+a positive integer followed by "w", "m" or "y" (counting
+in weeks, months or years, respectively), or an ISO 8601
+date string of the form "YYYY-MM-DD".
+If this option is not specified and an expiration time is not
+set by other means, the expiration time is "0" (no expiration).
+</para></listitem></varlistentry>
+
+<varlistentry>
<term>--ask-cert-expire</term>
<term>--no-ask-cert-expire</term>
<listitem><para>
diff -rN -u old-stable+set-expire/doc/gpg.texi new-stable+set-expire/doc/gpg.texi
--- old-stable+set-expire/doc/gpg.texi 2005-05-05 14:31:34.000000000 +0200
+++ new-stable+set-expire/doc/gpg.texi 2005-05-05 14:19:27.000000000 +0200
@@ -1671,10 +1671,21 @@
@item --ask-sig-expire
@itemx --no-ask-sig-expire
-When making a data signature, prompt for an expiration time. If this
-option is not specified, the expiration time is "never".
+When making a data signature, prompt for an expiration time. If this
+option is not specified and an expiration time is not set by other
+means, the expiration time is "never".
--no-ask-sig-expire disables this option.
+ at item --set-expire @code{string}
+When making a data signature, include an expiration time. @code{string}
+must be one of the following: "0" (meaning no expiration), a positive
+integer (counting the expiration time in days from the creation time of
+the signature), a positive integer followed by "w", "m" or "y" (counting
+in weeks, months or years, respectively), or an ISO 8601 date string of
+the form "YYYY-MM-DD". If this option is not specified and an
+expiration time is not set by other means, the expiration time is "0"
+(no expiration).
+
@item --ask-cert-expire
@itemx --no-ask-cert-expire
When making a key signature, prompt for an expiration time. If this
diff -rN -u old-stable+set-expire/g10/g10.c new-stable+set-expire/g10/g10.c
--- old-stable+set-expire/g10/g10.c 2005-05-05 14:31:34.000000000 +0200
+++ new-stable+set-expire/g10/g10.c 2005-05-05 13:04:38.000000000 +0200
@@ -157,6 +157,7 @@
oNoTextmode,
oExpert,
oNoExpert,
+ oSetExpire,
oAskSigExpire,
oNoAskSigExpire,
oAskCertExpire,
@@ -443,6 +444,7 @@
{ oNoTextmode, "no-textmode", 0, "@"},
{ oExpert, "expert", 0, "@"},
{ oNoExpert, "no-expert", 0, "@"},
+ { oSetExpire, "set-expire", 2, "@"},
{ oAskSigExpire, "ask-sig-expire", 0, "@"},
{ oNoAskSigExpire, "no-ask-sig-expire", 0, "@"},
{ oAskCertExpire, "ask-cert-expire", 0, "@"},
@@ -2223,6 +2225,21 @@
case oNoTextmode: opt.textmode=0; break;
case oExpert: opt.expert = 1; break;
case oNoExpert: opt.expert = 0; break;
+ case oSetExpire:
+ {
+ int days = parse_expire_string( pargs.r.ret_str );
+
+ if( days < 0 )
+ log_error(_("`%s' is not a valid duration\n"),
+ pargs.r.ret_str);
+ else
+ {
+ /* v3 signatures cannot expire. */
+ opt.force_v3_sigs = 0;
+ opt.duration = days * 86400L;
+ }
+ }
+ break;
case oAskSigExpire: opt.ask_sig_expire = 1; break;
case oNoAskSigExpire: opt.ask_sig_expire = 0; break;
case oAskCertExpire: opt.ask_cert_expire = 1; break;
diff -rN -u old-stable+set-expire/g10/keygen.c new-stable+set-expire/g10/keygen.c
--- old-stable+set-expire/g10/keygen.c 2005-05-05 14:31:34.000000000 +0200
+++ new-stable+set-expire/g10/keygen.c 2005-05-05 12:47:27.000000000 +0200
@@ -1483,10 +1483,10 @@
/****************
- * Parse an expire string and return it's value in days.
+ * Parse an expire string and return its value in days.
* Returns -1 on error.
*/
-static int
+int
parse_expire_string( const char *string )
{
int mult;
diff -rN -u old-stable+set-expire/g10/main.h new-stable+set-expire/g10/main.h
--- old-stable+set-expire/g10/main.h 2005-05-05 14:31:34.000000000 +0200
+++ new-stable+set-expire/g10/main.h 2005-05-05 12:47:20.000000000 +0200
@@ -163,6 +163,7 @@
void show_basic_key_info (KBNODE keyblock);
/*-- keygen.c --*/
+int parse_expire_string( const char *string );
u32 ask_expire_interval(int object);
u32 ask_expiredate(void);
void generate_keypair( const char *fname, const char *card_serialno,
diff -rN -u old-stable+set-expire/g10/options.h new-stable+set-expire/g10/options.h
--- old-stable+set-expire/g10/options.h 2005-05-05 14:31:34.000000000 +0200
+++ new-stable+set-expire/g10/options.h 2005-05-05 12:51:23.000000000 +0200
@@ -50,6 +50,7 @@
int list_only;
int textmode;
int expert;
+ u32 duration;
int ask_sig_expire;
int ask_cert_expire;
int batch; /* run in batch mode */
diff -rN -u old-stable+set-expire/g10/sign.c new-stable+set-expire/g10/sign.c
--- old-stable+set-expire/g10/sign.c 2005-05-05 14:31:34.000000000 +0200
+++ new-stable+set-expire/g10/sign.c 2005-05-05 13:04:59.000000000 +0200
@@ -730,8 +730,13 @@
&& (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
goto leave;
- if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !RFC1991)
- duration=ask_expire_interval(1);
+ if(!(opt.force_v3_sigs || RFC1991))
+ {
+ if(opt.duration)
+ duration=opt.duration;
+ if(opt.ask_sig_expire)
+ duration=ask_expire_interval(1);
+ }
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
goto leave;
@@ -993,8 +998,13 @@
memset( &afx, 0, sizeof afx);
init_packet( &pkt );
- if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !RFC1991)
- duration=ask_expire_interval(1);
+ if(!(opt.force_v3_sigs || RFC1991))
+ {
+ if(opt.duration)
+ duration=opt.duration;
+ if(opt.ask_sig_expire)
+ duration=ask_expire_interval(1);
+ }
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
goto leave;
@@ -1147,8 +1157,13 @@
memset( &cfx, 0, sizeof cfx);
init_packet( &pkt );
- if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !RFC1991)
- duration=ask_expire_interval(1);
+ if(!(opt.force_v3_sigs || RFC1991))
+ {
+ if(opt.duration)
+ duration=opt.duration;
+ if(opt.ask_sig_expire)
+ duration=ask_expire_interval(1);
+ }
rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG);
if (rc)
More information about the Gnupg-devel
mailing list