diff options
| author | David Shaw <[email protected]> | 2002-02-03 14:42:56 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2002-02-03 14:42:56 +0000 |
| commit | 0c3e409fa31790ba997366677a4aa2839956bff4 (patch) | |
| tree | 078df484ed397d5c6ce0047de18a32d6320cbad2 | |
| parent | * g10.c (main): --gen-random --armor does now output a base64 (diff) | |
| download | gnupg-0c3e409fa31790ba997366677a4aa2839956bff4.tar.gz gnupg-0c3e409fa31790ba997366677a4aa2839956bff4.zip | |
Split "--set-policy-url" into "--cert-policy-url" and "--sig-policy-url"
so the user can set different policies for key and data signing. For
backwards compatibility, "--set-policy-url" sets both, as before.
| -rw-r--r-- | g10/ChangeLog | 8 | ||||
| -rw-r--r-- | g10/g10.c | 18 | ||||
| -rw-r--r-- | g10/keyedit.c | 2 | ||||
| -rw-r--r-- | g10/options.h | 3 | ||||
| -rw-r--r-- | g10/sign.c | 19 |
5 files changed, 42 insertions, 8 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index fed295093..13df44ee3 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,11 @@ +2002-02-02 David Shaw <[email protected]> + + * options.h, g10.c (main), keyedit.c (sign_uids), sign.c + (mk_notation_and_policy): Split "--set-policy-url" into + "--cert-policy-url" and "--sig-policy-url" so the user can set + different policies for key and data signing. For backwards + compatibility, "--set-policy-url" sets both, as before. + 2002-01-30 Werner Koch <[email protected]> * g10.c (main): --gen-random --armor does now output a base64 @@ -195,6 +195,8 @@ enum cmd_and_opt_values { aNull = 0, oForYourEyesOnly, oNoForYourEyesOnly, oSetPolicyURL, + oSigPolicyURL, + oCertPolicyURL, oShowPolicyURL, oNoShowPolicyURL, oUseEmbeddedFilename, @@ -460,6 +462,8 @@ static ARGPARSE_OPTS opts[] = { { oForYourEyesOnly, "for-your-eyes-only", 0, "@" }, { oNoForYourEyesOnly, "no-for-your-eyes-only", 0, "@" }, { oSetPolicyURL, "set-policy-url", 2, "@" }, + { oSigPolicyURL, "sig-policy-url", 2, "@" }, + { oCertPolicyURL, "cert-policy-url", 2, "@" }, { oShowPolicyURL, "show-policy-url", 0, "@" }, { oNoShowPolicyURL, "no-show-policy-url", 0, "@" }, { oShowNotation, "show-notation", 0, "@" }, @@ -1088,7 +1092,9 @@ main( int argc, char **argv ) case oSetFilename: opt.set_filename = pargs.r.ret_str; break; case oForYourEyesOnly: eyes_only = 1; break; case oNoForYourEyesOnly: eyes_only = 0; break; - case oSetPolicyURL: opt.set_policy_url = pargs.r.ret_str; break; + case oSetPolicyURL: opt.sig_policy_url = opt.cert_policy_url = pargs.r.ret_str; break; + case oSigPolicyURL: opt.sig_policy_url = pargs.r.ret_str; break; + case oCertPolicyURL: opt.cert_policy_url = pargs.r.ret_str; break; case oShowPolicyURL: opt.show_policy_url=1; break; case oNoShowPolicyURL: opt.show_policy_url=0; break; case oUseEmbeddedFilename: opt.use_embedded_filename = 1; break; @@ -1408,9 +1414,13 @@ main( int argc, char **argv ) if( check_digest_algo(opt.s2k_digest_algo) ) log_error(_("selected digest algorithm is invalid\n")); } - if( opt.set_policy_url ) { - if( check_policy_url( opt.set_policy_url ) ) - log_error(_("the given policy URL is invalid\n")); + if( opt.sig_policy_url ) { + if( check_policy_url( opt.sig_policy_url ) ) + log_error(_("the given signature policy URL is invalid\n")); + } + if( opt.cert_policy_url ) { + if( check_policy_url( opt.cert_policy_url ) ) + log_error(_("the given certification policy URL is invalid\n")); } if( opt.def_compress_algo < 0 || opt.def_compress_algo > 2 ) log_error(_("compress algorithm must be in range %d..%d\n"), 0, 2); diff --git a/g10/keyedit.c b/g10/keyedit.c index 4018bce30..cc2494c4f 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -275,7 +275,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int select_all = !count_selected_uids(keyblock); int upd_trust = 0, force_v4=0; - if(local || opt.set_policy_url || opt.notation_data) + if(local || opt.cert_policy_url || opt.notation_data) force_v4=1; /* build a list of all signators. diff --git a/g10/options.h b/g10/options.h index 0680d4207..dd14d5345 100644 --- a/g10/options.h +++ b/g10/options.h @@ -116,7 +116,8 @@ struct { int interactive; STRLIST notation_data; int show_notation; - const char *set_policy_url; + const char *sig_policy_url; + const char *cert_policy_url; int show_policy_url; int use_embedded_filename; int allow_non_selfsigned_uid; diff --git a/g10/sign.c b/g10/sign.c index 7f79e8d90..01e6c9858 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -58,7 +58,7 @@ static void mk_notation_and_policy( PKT_signature *sig ) { - const char *string, *s; + const char *string, *s=NULL; byte *buf; unsigned n1, n2; @@ -92,7 +92,22 @@ mk_notation_and_policy( PKT_signature *sig ) } /* set policy URL */ - if( (s=opt.set_policy_url) ) { + if( (sig->sig_class==0 || sig->sig_class==1) && opt.sig_policy_url ) + { + if(sig->version<4) + log_info("can't put a policy URL into v3 signatures\n"); + else + s=opt.sig_policy_url; + } + else if( !(sig->sig_class==0 || sig->sig_class==1) && opt.cert_policy_url ) + { + if(sig->version<4) + log_info("can't put a policy URL into v3 key signatures\n"); + else + s=opt.cert_policy_url; + } + + if( s ) { if( *s == '!' ) build_sig_subpkt( sig, SIGSUBPKT_POLICY | SIGSUBPKT_FLAG_CRITICAL, s+1, strlen(s+1) ); |