From: myon Date: Mon, 1 May 2006 22:53:58 +0000 (+0000) Subject: + Make local-user accept a list of keyids (Closes: #333832). X-Git-Url: https://git.sthu.org/?a=commitdiff_plain;h=a35a7302a1bcb2d71ef0e7b0d3655684769bc82c;p=pgp-tools.git + Make local-user accept a list of keyids (Closes: #333832). * Bump Standards-Version, no change. git-svn-id: svn://svn.debian.org/pgp-tools/trunk@278 b513b33f-fedd-0310-b452-c3deb5f4c849 --- diff --git a/caff/README b/caff/README index d11628a..dc4e018 100644 --- a/caff/README +++ b/caff/README @@ -42,19 +42,6 @@ INSTALLATION After creating a ~/.caffrc from the template, caff almost works out of the box. - -MULTIPLE SIGNING KEYS ---------------------- - -Q: I possess multiple keys. How can I use caff to sign each keyid - with both my keys? -A: Try this: - $ caff --no-export-old --no-mail -u - $ caff --no-download --no-export-old -u - - - - -- Peter $Id$ diff --git a/caff/THANKS b/caff/THANKS index 054e5dc..d3c8c91 100644 --- a/caff/THANKS +++ b/caff/THANKS @@ -1,5 +1,5 @@ Caff is not the work of a sole author. It wouldn't be what it is without the -help of several people. I'ld like to say thank you to everybody who helped to +help of several people. I'd like to say thank you to everybody who helped to make caff better. - Nick Mathewson @@ -7,4 +7,4 @@ make caff better. - And of course everyone who sent comments, suggestions or bug-reports. -$Id$ + -- Peter Palfrader Thu, 15 Jul 2004 03:08:14 +0200 diff --git a/caff/caff b/caff/caff index cfb7d09..8415af9 100755 --- a/caff/caff +++ b/caff/caff @@ -85,6 +85,7 @@ Do not sign the keys. =item B<-u> I, B<--local-user> I Select the key that is used for signing, in case you have more than one key. +To sign with multiple keys at once, separate multiple keyids by comma. =item B<--key-file> I @@ -164,7 +165,7 @@ is set to. Path to your secret keyring. Default: B<$HOME/.gnupg/secring.gpg>. -=item B [list of keyids] +=item B [keyid, or list of keyids] Additional keyids to encrypt messages to. Default: none. @@ -203,9 +204,10 @@ This is useful for offline signing. Default: B<0>. Don't export UIDs by default, on which your latest signature is older than this age. Default: B<24*60*60> (i.e. one day). -=item B [string] +=item B [keyid, or list of keyids] Select the key that is used for signing, in case you have more than one key. +With multiple keyids, sign with each key in turn. =head2 Mail settings @@ -400,7 +402,10 @@ $Cemail\$CONFIG{'email'} = '$email'; # \$CONFIG{'keyid'} = [ qw{0123456789ABCDEF 89ABCDEF76543210} ]; $Ckeys\$CONFIG{'keyid'} = [ qw{@keys} ]; -# Additionally encrypt messages sent to these keyids +# Select this/these keys to sign with +#\$CONFIG{'local-user'} = [ qw{@keys} ]; + +# Additionally encrypt messages for these keyids #\$CONFIG{'also-encrypt-to'} = [ qw{@keys} ]; # Mail template to use for the encrypted part @@ -761,7 +766,7 @@ sub send_mail($$$@) { if (ref($CONFIG{'also-encrypt-to'})) { $gpg->options->push_recipients($_) foreach @{$CONFIG{'also-encrypt-to'}}; - } else { # old syntax + } else { $gpg->options->push_recipients($CONFIG{'also-encrypt-to'}); } } @@ -855,8 +860,9 @@ sub delete_signatures($$$$$$) { }; - -my $USER; +################### +# argument handling +################### my @KEYIDS; my $params; @@ -900,16 +906,6 @@ $CONFIG{'mail'} = $params->{'mail'} if defined $params->{'mail'}; $CONFIG{'no-sign'} = $params->{'no-sign'} if defined $params->{'no-sign'}; push @{$CONFIG{'key-files'}}, @{$params->{'key-files'}} if defined $params->{'key-files'}; -if ($CONFIG{'local-user'}) { - $USER = $CONFIG{'local-user'}; - $USER =~ s/^0x//i; - unless ($USER =~ /^([A-F0-9]{8}|[A-F0-9]{16}|[A-F0-9]{40})$/i) { - print STDERR "Local-user $USER is not a keyid.\n"; - usage(\*STDERR, 1); - }; - $USER = uc($USER); -}; - for my $keyid (@ARGV) { $keyid =~ s/^0x//i; unless ($keyid =~ /^([A-F0-9]{8}|[A-F0-9]{16}||[A-F0-9]{40})$/i) { @@ -1051,20 +1047,41 @@ if ($CONFIG{'ask-sign'} && ! $CONFIG{'no-sign'}) { } unless ($CONFIG{'no-sign'}) { + my @local_user; + if ($CONFIG{'local-user'}) { + if (ref($CONFIG{'local-user'})) { + @local_user = @{$CONFIG{'local-user'}}; + } else { + @local_user = split /\s*,\s*/, $CONFIG{'local-user'}; + }; + foreach (@local_user) { + s/^0x//i; + unless (/^([A-F0-9]{8}|[A-F0-9]{16}|[A-F0-9]{40})$/i) { + print STDERR "Local-user $_ is not a keyid.\n"; + usage(\*STDERR, 1); + }; + $_ = uc($_); + }; + } else { + @local_user = (undef); + }; + info("Sign the following keys according to your policy, then exit gpg with 'save' after signing each key"); for my $keyid (@keyids_ok) { - my @command; - push @command, $CONFIG{'gpg-sign'}; - push @command, '--local-user', $USER if (defined $USER); - push @command, "--homedir=$GNUPGHOME"; - push @command, '--secret-keyring', $CONFIG{'secret-keyring'}; - push @command, '--no-auto-check-trustdb'; - push @command, '--trust-model=always'; - push @command, '--edit', $keyid; - push @command, 'sign'; - push @command, split ' ', $CONFIG{'gpg-sign-args'} || ""; - print join(' ', @command),"\n"; - system (@command); + foreach my $local_user (@local_user) { + my @command; + push @command, $CONFIG{'gpg-sign'}; + push @command, '--local-user', $local_user if (defined $local_user); + push @command, "--homedir=$GNUPGHOME"; + push @command, '--secret-keyring', $CONFIG{'secret-keyring'}; + push @command, '--no-auto-check-trustdb'; + push @command, '--trust-model=always'; + push @command, '--edit', $keyid; + push @command, 'sign'; + push @command, split ' ', $CONFIG{'gpg-sign-args'} || ""; + print join(' ', @command),"\n"; + system (@command); + }; }; }; diff --git a/debian/changelog b/debian/changelog index 7651285..082e4f4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,7 @@ signing-party (0.4.6-1) unreleased; urgency=low (Closes: #356830). + Make local-user a config option, thanks to Michael C. Toren for the patch (Closes: #361316). + + Make local-user accept a list of keyids (Closes: #333832). + Make also-encrypt-to a list, add a commented stanza to the default config file (Closes: #325163). + Include mail-template in default config file, some minor syntax fixes. @@ -12,8 +13,9 @@ signing-party (0.4.6-1) unreleased; urgency=low * pgp-clean: + Import caff's getopt handling. + Add option to allow exporting subkeys (Closes: #359698). + * Bump Standards-Version, no change. - -- Christoph Berg Mon, 1 May 2006 13:06:14 +0200 + -- Christoph Berg Tue, 2 May 2006 00:50:00 +0200 signing-party (0.4.5-1) unstable; urgency=low diff --git a/debian/control b/debian/control index 4690486..05a2cb2 100644 --- a/debian/control +++ b/debian/control @@ -4,7 +4,7 @@ Priority: extra Maintainer: Thijs Kinkhorst Uploaders: Simon Richter , Peter Palfrader , Christoph Berg Build-Depends: debhelper (>= 5) -Standards-Version: 3.6.2 +Standards-Version: 3.7.0 Package: signing-party Architecture: all