D388: 899_ffi.c.diff

That's fine... or just make the wording in the man page more clear. Under
--verify, it talks about using --output with cleartext signed data. That seemed
to imply (to me) that --output is used _with_ --verify. I think it should be
clearer that --output is to be used _without_ --verify or that --output has no
effect when using --verify.

So this could be treated as just a documentation bug rather than create yet
another new option.

For what it's worth, I don't think backward compatibility is an important
concern here. If someone was using --output with --verify before, they likely
were under the impression that the combination worked when in reality the two
options together just weren't a valid combination. It seems unlikely that
anyone would depend on --output being ignored when used with --verify, and so
making the combination work now should not cause legitimate compatibility problems.

If the combination of --output with --verify is not made to work, there should
probably be a warning emitted (in addition to fixing the documentation).

In summary, it seems to me that viable options are at least the following:

• make --output work with --verify (possibly bad for compatibility reasons in

the rare use case of someone depending on current behavior of the currently
invalid combination)

• fix man page in the --verify section - specifically, clarify the text

discussing using --output

• add some new option
• warn if an invalid combination of options exists (e.g., --verify with

--current in the current implementation <= 2.1.1)

These are not necessarily exclusive choices.

I guess I would prefer to allow the combination to work or warn and fix the
docs. Not as keen to add yet another new option - there's already a lot.

I can work up a patch if we can settle on a direction.

D280: 540_gpg211-dirmngr.patch