[Pkg-gnupg-commit] [gnupg2] 250/292: gpg: New option --compliance.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Nov 21 06:31:48 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit f86b1a15ad4bb7bcc1e9f7d209aabcb23641f7df
Author: Werner Koch <wk at gnupg.org>
Date: Tue Nov 15 13:03:29 2016 +0100
gpg: New option --compliance.
* g10/gpg.c (oCompliance): New.
(opts): Add "--compliance".
(parse_tofu_policy): Use a generic description string for "help".
(parse_compliance_option): New.
(main): Add option oCompliance. Factor out code for compliance
setting to ...
(set_compliance_option): new.
Signed-off-by: Werner Koch <wk at gnupg.org>
---
doc/gpg.texi | 6 +++
g10/gpg.c | 165 ++++++++++++++++++++++++++++++++++++++++++-----------------
2 files changed, 125 insertions(+), 46 deletions(-)
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 6cc35e0..aff3aeb 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2618,6 +2618,12 @@ this does is disable @option{--throw-keyids} and set
@option{--escape-from-lines}. All algorithms are allowed except for the
SHA224, SHA384, and SHA512 digests.
+ at item --compliance @var{string}
+ at opindex compliance
+This option can be used instead of one of the options above. Valid
+values for @var{string} are the above option names (without the double
+dash) and possibly others as shown when using "help" for @var{value}.
+
@end table
diff --git a/g10/gpg.c b/g10/gpg.c
index 4e26672..b5fe490 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -224,6 +224,7 @@ enum cmd_and_opt_values
oMarginalsNeeded,
oMaxCertDepth,
oLoadExtension,
+ oCompliance,
oGnuPG,
oRFC2440,
oRFC4880,
@@ -613,6 +614,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oLoadExtension, "load-extension", "@"), /* Dummy. */
+ ARGPARSE_s_s (oCompliance, "compliance", "@"),
ARGPARSE_s_n (oGnuPG, "gnupg", "@"),
ARGPARSE_s_n (oGnuPG, "no-pgp2", "@"),
ARGPARSE_s_n (oGnuPG, "no-pgp6", "@"),
@@ -2010,7 +2012,7 @@ parse_tofu_policy (const char *policystr)
if (!ascii_strcasecmp (policystr, "help"))
{
- log_info (_("available TOFU policies:\n"));
+ log_info (_("valid values for option '%s':\n"), "--tofu-policy");
for (i=0; i < DIM (list); i++)
log_info (" %s\n", list[i].keyword);
g10_exit (1);
@@ -2027,6 +2029,105 @@ parse_tofu_policy (const char *policystr)
g10_exit (1);
}
+
+/* Parse the value of --compliance. */
+static int
+parse_compliance_option (const char *string)
+{
+ struct { const char *keyword; enum cmd_and_opt_values option; } list[] = {
+ { "gnupg", oGnuPG },
+ { "openpgp", oOpenPGP },
+ { "rfc4880bis", oRFC4880bis },
+ { "rfc4880", oRFC4880 },
+ { "rfc2440", oRFC2440 },
+ { "pgp6", oPGP6 },
+ { "pgp7", oPGP7 },
+ { "pgp8", oPGP8 }
+ };
+ int i;
+
+ if (!ascii_strcasecmp (string, "help"))
+ {
+ log_info (_("valid values for option '%s':\n"), "--compliance");
+ for (i=0; i < DIM (list); i++)
+ log_info (" %s\n", list[i].keyword);
+ g10_exit (1);
+ }
+
+ for (i=0; i < DIM (list); i++)
+ if (!ascii_strcasecmp (string, list[i].keyword))
+ return list[i].option;
+
+ log_error (_("invalid value for option '%s'\n"), "--compliance");
+ if (!opt.quiet)
+ log_info (_("(use \"help\" to list choices)\n"));
+ g10_exit (1);
+}
+
+
+
+/* Helper to set compliance related options. This is a separte
+ * function so that it can also be used by the --compliance option
+ * parser. */
+static void
+set_compliance_option (enum cmd_and_opt_values option)
+{
+ switch (option)
+ {
+ case oRFC4880bis:
+ opt.flags.rfc4880bis = 1;
+ /* fall through. */
+ case oOpenPGP:
+ case oRFC4880:
+ /* This is effectively the same as RFC2440, but with
+ "--enable-dsa2 --no-rfc2440-text --escape-from-lines
+ --require-cross-certification". */
+ opt.compliance = CO_RFC4880;
+ opt.flags.dsa2 = 1;
+ opt.flags.require_cross_cert = 1;
+ opt.rfc2440_text = 0;
+ opt.allow_non_selfsigned_uid = 1;
+ opt.allow_freeform_uid = 1;
+ opt.escape_from = 1;
+ opt.not_dash_escaped = 0;
+ opt.def_cipher_algo = 0;
+ opt.def_digest_algo = 0;
+ opt.cert_digest_algo = 0;
+ opt.compress_algo = -1;
+ opt.s2k_mode = 3; /* iterated+salted */
+ opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
+ opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
+ break;
+ case oRFC2440:
+ opt.compliance = CO_RFC2440;
+ opt.flags.dsa2 = 0;
+ opt.rfc2440_text = 1;
+ opt.allow_non_selfsigned_uid = 1;
+ opt.allow_freeform_uid = 1;
+ opt.escape_from = 0;
+ opt.not_dash_escaped = 0;
+ opt.def_cipher_algo = 0;
+ opt.def_digest_algo = 0;
+ opt.cert_digest_algo = 0;
+ opt.compress_algo = -1;
+ opt.s2k_mode = 3; /* iterated+salted */
+ opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
+ opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
+ break;
+ case oPGP6: opt.compliance = CO_PGP6; break;
+ case oPGP7: opt.compliance = CO_PGP7; break;
+ case oPGP8: opt.compliance = CO_PGP8; break;
+ case oGnuPG: opt.compliance = CO_GNUPG; break;
+ default:
+ BUG ();
+ }
+}
+
+
+
+
+
+
/* This function called to initialized a new control object. It is
assumed that this object has been zeroed out before calling this
function. */
@@ -2702,52 +2803,24 @@ main (int argc, char **argv)
/* Dummy so that gpg 1.4 conf files can work. Should
eventually be removed. */
break;
+
+ case oCompliance:
+ set_compliance_option (parse_compliance_option (pargs.r.ret_str));
+ break;
+ case oOpenPGP:
+ case oRFC2440:
+ case oRFC4880:
case oRFC4880bis:
- opt.flags.rfc4880bis = 1;
- /* fall through. */
- case oOpenPGP:
- case oRFC4880:
- /* This is effectively the same as RFC2440, but with
- "--enable-dsa2 --no-rfc2440-text --escape-from-lines
- --require-cross-certification". */
- opt.compliance = CO_RFC4880;
- opt.flags.dsa2 = 1;
- opt.flags.require_cross_cert = 1;
- opt.rfc2440_text = 0;
- opt.allow_non_selfsigned_uid = 1;
- opt.allow_freeform_uid = 1;
- opt.escape_from = 1;
- opt.not_dash_escaped = 0;
- opt.def_cipher_algo = 0;
- opt.def_digest_algo = 0;
- opt.cert_digest_algo = 0;
- opt.compress_algo = -1;
- opt.s2k_mode = 3; /* iterated+salted */
- opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
- opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
- break;
- case oRFC2440:
- opt.compliance = CO_RFC2440;
- opt.flags.dsa2 = 0;
- opt.rfc2440_text = 1;
- opt.allow_non_selfsigned_uid = 1;
- opt.allow_freeform_uid = 1;
- opt.escape_from = 0;
- opt.not_dash_escaped = 0;
- opt.def_cipher_algo = 0;
- opt.def_digest_algo = 0;
- opt.cert_digest_algo = 0;
- opt.compress_algo = -1;
- opt.s2k_mode = 3; /* iterated+salted */
- opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
- opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
- break;
- case oPGP6: opt.compliance = CO_PGP6; break;
- case oPGP7: opt.compliance = CO_PGP7; break;
- case oPGP8: opt.compliance = CO_PGP8; break;
- case oGnuPG: opt.compliance = CO_GNUPG; break;
- case oRFC2440Text: opt.rfc2440_text=1; break;
- case oNoRFC2440Text: opt.rfc2440_text=0; break;
+ case oPGP6:
+ case oPGP7:
+ case oPGP8:
+ case oGnuPG:
+ set_compliance_option (pargs.r_opt);
+ break;
+
+ case oRFC2440Text: opt.rfc2440_text=1; break;
+ case oNoRFC2440Text: opt.rfc2440_text=0; break;
+
case oSetFilename:
if(utf8_strings)
opt.set_filename = pargs.r.ret_str;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list