diff --git a/doc/HACKING b/doc/HACKING index e7174793e..fc0c3f459 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -1,432 +1,432 @@ # HACKING -*- org -*- #+TITLE: A Hacker's Guide to GnuPG #+TEXT: Some notes on GnuPG internals #+STARTUP: showall #+OPTIONS: ^:{} * How to contribute The following stuff explains some basic procedures you need to follow if you want to contribute code or documentation. ** No more ChangeLog files Do not modify any of the ChangeLog files in GnuPG. Starting on December 1st, 2011 we put change information only in the GIT commit log, and generate a top-level ChangeLog file from logs at "make dist" time. As such, there are strict requirements on the form of the commit log messages. The old ChangeLog files have all be renamed to ChangeLog-2011 ** Commit log requirements Your commit log should always start with a one-line summary, the second line should be blank, and the remaining lines are usually ChangeLog-style entries for all affected files. However, it's fine --- even recommended --- to write a few lines of prose describing the change, when the summary and ChangeLog entries don't give enough of the big picture. Omit the leading TABs that you are seeing in a "real" ChangeLog file, but keep the maximum line length at 72 or smaller, so that the generated ChangeLog lines, each with its leading TAB, will not exceed 80 columns. If you want to add text which shall not be copied to the ChangeLog, separate it by a line consisting of two dashes at the begin of a line. The one-line summary usually starts with a keyword to identify the mainly affected subsystem. If more than one keyword is required the are delimited by a comma (e.g. =scd,w32:=). Commonly found keywords are - agent :: The gpg-agent component - build :: Changes to the build system - ccid :: The CCID driver in scdaemon - common :: Code in common - dirmngr :: The dirmngr component - doc :: Documentation changes - gpg :: The gpg or gpgv components - sm :: The gpgsm component (also "gpgsm") - gpgscm :: The regression test driver - indent :: Indentation and similar changes - iobuf :: The IOBUF system in common - po :: Translations - scd :: The scdaemon component - speedo :: Speedo build system specific changes - ssh :: The ssh-agent part of the agent - tests :: The regressions tests - tools :: Other code in tools - w32 :: Windows related code - wks :: The web key service tools - yat2m :: The yat2m tool. Typo fixes and documentation updates don't need a ChangeLog entry; thus you would use a commit message like #+begin_example doc: Fix typo in a comment -- #+end_example The marker line here is important; without it the first line would appear in the ChangeLog. If you exceptionally need to have longer lines in a commit log you may do this after this scissor line: #+begin_example # ------------------------ >8 ------------------------ #+end_example (hash, blank, 24 dashes, blank, scissor, blank, 24 dashes). Note that such a comment will be removed if the git commit option =--cleanup=scissor= is used. ** License policy GnuPG is licensed under the GPLv3+ with some files under a mixed LGPLv3+/GPLv2+ license. It is thus important, that all contributed code allows for an update of the license; for example we can't accept code under the GPLv2(only). GnuPG used to have a strict policy of requiring copyright assignments to the FSF. To avoid this major organizational overhead and to allow inclusion of code, not copyrighted by the FSF, this policy has been relaxed on 2013-03-29. It is now also possible to contribute code by asserting that the contribution is in accordance to the "Libgcrypt Developer's Certificate of Origin" as found in the file "DCO". (Except for a slight wording change, this DCO is identical to the one used by the Linux kernel.) If you want to contribute code or documentation to GnuPG and you didn't sign a copyright assignment with the FSF in the past, you need to take these simple steps: - Decide which mail address you want to use. Please have your real name in the address and not a pseudonym. Anonymous contributions can only be done if you find a proxy who certifies for you. - If your employer or school might claim ownership of code written by you; you need to talk to them to make sure that you have the right to contribute under the DCO. - Send an OpenPGP signed mail to the gnupg-devel@gnupg.org mailing list from your mail address. Include a copy of the DCO as found in the official master branch. Insert your name and email address into the DCO in the same way you want to use it later. Example: Signed-off-by: Joe R. Hacker (If you really need it, you may perform simple transformations of the mail address: Replacing "@" by " at " or "." by " dot ".) - That's it. From now on you only need to add a "Signed-off-by:" line with your name and mail address to the commit message. It is recommended to send the patches using a PGP/MIME signed mail. ** Coding standards Please follow the GNU coding standards. If you are in doubt consult the existing code as an example. Do no re-indent code without a need. If you really need to do it, use a separate commit for such a change. - Only certain C99 features may be used (see below); in general stick to C90. - Please do not use C++ =//= style comments. - Do not use comments like: #+begin_src if (foo) /* Now that we know that foo is true we can call bar. */ bar (); #+end_src instead write the comment on the if line or before it. You may also use a block and put the comment inside. - Please use asterisks on the left of longer comments. This makes it easier to read without syntax highlighting, on printouts, and for blind people. - Try to fit lines into 80 columns. - Ignore signed/unsigned pointer mismatches - No arithmetic on void pointers; cast to char* first. - Do not use #+begin_src if ( 42 == foo ) #+end_src this is harder to read and modern compilers are pretty good in detecing accidential assignments. It is also suggested not to compare to 0 or NULL but to test the value direct or with a '!'; this makes it easier to see that a boolean test is done. - We use our own printf style functions like =es_printf=, and =gpgrt_asprintf= (or the =es_asprintf= macro) which implement most C99 features with the exception of =wchar_t= (which should anyway not be used). Please use them always and do not resort to those provided by libc. The rationale for using them is that we know that the format specifiers work on all platforms and that we do not need to chase platform dependent bugs. Note also that in gnupg asprintf is a macro already evaluating to gpgrt_asprintf. - It is common to have a label named "leave" for a function's cleanup and return code. This helps with freeing memory and is a convenient location to set a breakpoint for debugging. - Always use xfree() instead of free(). If it is not easy to see that the freed variable is not anymore used, explicitly set the variable to NULL. - New code shall in general use xtrymalloc or xtrycalloc and check - for an error (use gpg_error_from_errno()). + for an error (use gpg_error_from_syserror()). - Init function local variables only if needed so that the compiler can do a better job in detecting uninitialized variables which may indicate a problem with the code. - Never init static or file local variables to 0 to make sure they end up in BSS. - - But extra parenthesis around terms with binary operators to make + - Put extra parenthesis around terms with binary operators to make it clear that the binary operator was indeed intended. - Use --enable-maintainer-mode with configure so that all suitable warnings are enabled. ** Variable names Follow the GNU standards. Here are some conventions you may want to stick to (do not rename existing "wrong" uses without a goog reason). - err :: This conveys an error code of type =gpg_error_t= which is compatible to an =int=. To compare such a variable to a GPG_ERR_ constant, it is necessary to map the value like this: =gpg_err_code(err)=. - ec :: This is used for a gpg-error code which has no source part (=gpg_err_code_t=) and will eventually be used as input to =gpg_err_make=. - rc :: Used for all kind of other errors; for example system calls. The value is not compatible with gpg-error. *** C99 language features In GnuPG 2.x, but *not in 1.4* and not in most libraries, a limited set of C99 features may be used: - Variadic macros: : #define foo(a,...) bar(a, __VA_ARGS__) - The predefined macro =__func__=: : log_debug ("%s: Problem with foo\n", __func__); - Variable declaration inside a for(): : for (int i = 0; i < 5; ++) : bar (i); Although we usually make use of the =u16=, =u32=, and =u64= types, it is also possible to include == and use =int16_t=, =int32_t=, =int64_t=, =uint16_t=, =uint32_t=, and =uint64_t=. But do not use =int8_t= or =uint8_t=. ** Commit log keywords - GnuPG-bug-id :: Values are comma or space delimited bug numbers from bug.gnupg.org pertaining to this commit. - Debian-bug-id :: Same as above but from the Debian bug tracker. - CVE-id :: CVE id number pertaining to this commit. - Regression-due-to :: Commit id of the regression fixed by this commit. - Fixes-commit :: Commit id this commit fixes. - Reported-by :: Value is a name or mail address of a bug reporte. - Suggested-by :: Value is a name or mail address of someone how suggested this change. - Co-authored-by :: Name or mail address of a co-author - Some-comments-by :: Name or mail address of the author of additional comments (commit log or code). - Proofread-by :: Sometimes used by translation commits. - Signed-off-by :: Name or mail address of the developer * Windows ** How to build an installer for Windows Your best bet is to use a decent Debian System for development. You need to install a long list of tools for building. This list still needs to be compiled. However, the build process will stop if a tool is missing. GNU make is required (on non GNU systems often installed as "gmake"). The installer requires a couple of extra software to be available either as tarballs or as local git repositories. In case this file here is part of a gnupg-w32-2.*.xz complete tarball as distributed from the same place as a binary installer, all such tarballs are already included. Cd to the GnuPG source directory and use one of one of these command: - If sources are included (gnupg-w32-*.tar.xz) make -f build-aux/speedo.mk WHAT=this installer - To build from tarballs make -f build-aux/speedo.mk WHAT=release TARBALLS=TARDIR installer - To build from local GIT repos make -f build-aux/speedo.mk WHAT=git TARBALLS=TARDIR installer Note that also you need to supply tarballs with supporting libraries even if you build from git. The makefile expects only the core GnuPG software to be available as local GIT repositories. speedo.mk has the versions of the tarballs and the branch names of the git repositories. In case of problems, don't hesitate to ask on the gnupg-devel mailing for help. * Debug hints See the manual for some hints. * Standards ** RFCs 1423 Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers. 1489 Registration of a Cyrillic Character Set. 1750 Randomness Recommendations for Security. 1991 PGP Message Exchange Formats (obsolete) 2144 The CAST-128 Encryption Algorithm. 2279 UTF-8, a transformation format of ISO 10646. 2440 OpenPGP (obsolete). 3156 MIME Security with Pretty Good Privacy (PGP). 4880 Current OpenPGP specification. 6337 Elliptic Curve Cryptography (ECC) in OpenPGP * Various information ** Directory Layout - ./ :: Readme, configure - ./agent :: Gpg-agent and related tools - ./doc :: Documentation - ./g10 :: Gpg program here called gpg2 - ./sm :: Gpgsm program - ./jnlib :: Not used (formerly used utility functions) - ./common :: Utility functions - ./kbx :: Keybox library - ./scd :: Smartcard daemon - ./scripts :: Scripts needed by configure and others - ./dirmngr :: The directory manager ** Detailed Roadmap This list of files is not up to date! - g10/gpg.c :: Main module with option parsing and all the stuff you have to do on startup. Also has the exit handler and some helper functions. - g10/parse-packet.c :: - g10/build-packet.c :: - g10/free-packet.c :: Parsing and creating of OpenPGP message packets. - g10/getkey.c :: Key selection code - g10/pkclist.c :: Build a list of public keys - g10/skclist.c :: Build a list of secret keys - g10/keyring.c :: Keyring access functions - g10/keydb.h :: - g10/keyid.c :: Helper functions to get the keyid, fingerprint etc. - g10/trustdb.c :: Web-of-Trust computations - g10/trustdb.h :: - g10/tdbdump.c :: Export/import/list the trustdb.gpg - g10/tdbio.c :: I/O handling for the trustdb.gpg - g10/tdbio.h :: - g10/compress.c :: Filter to handle compression - g10/filter.h :: Declarations for all filter functions - g10/delkey.c :: Delete a key - g10/kbnode.c :: Helper for the kbnode_t linked list - g10/main.h :: Prototypes and some constants - g10/mainproc.c :: Message processing - g10/armor.c :: Ascii armor filter - g10/mdfilter.c :: Filter to calculate hashs - g10/textfilter.c :: Filter to handle CR/LF and trailing white space - g10/cipher.c :: En-/Decryption filter - g10/misc.c :: Utlity functions - g10/options.h :: Structure with all the command line options and related constants - g10/openfile.c :: Create/Open Files - g10/keyserver.h :: Keyserver access dispatcher. - g10/packet.h :: Definition of OpenPGP structures. - g10/passphrase.c :: Passphrase handling code - g10/pubkey-enc.c :: Process a public key encoded packet. - g10/seckey-cert.c :: Not anymore used - g10/seskey.c :: Make sesssion keys etc. - g10/import.c :: Import keys into our key storage. - g10/export.c :: Export keys to the OpenPGP format. - g10/sign.c :: Create signature and optionally encrypt. - g10/plaintext.c :: Process plaintext packets. - g10/decrypt-data.c :: Decrypt an encrypted data packet - g10/encrypt.c :: Main encryption driver - g10/revoke.c :: Create recovation certificates. - g10/keylist.c :: Print information about OpenPGP keys - g10/sig-check.c :: Check a signature - g10/helptext.c :: Show online help texts - g10/verify.c :: Verify signed data. - g10/decrypt.c :: Decrypt and verify data. - g10/keyedit.c :: Edit properties of a key. - g10/dearmor.c :: Armor utility. - g10/keygen.c :: Generate a key pair ** Memory allocation Use only the functions: - xmalloc - xmalloc_secure - xtrymalloc - xtrymalloc_secure - xcalloc - xcalloc_secure - xtrycalloc - xtrycalloc_secure - xrealloc - xtryrealloc - xstrdup - xtrystrdup - xfree The *secure versions allocate memory in the secure memory. That is, swapping out of this memory is avoided and is gets overwritten on free. Use this for passphrases, session keys and other sensitive material. This memory set aside for secure memory is linited to a few k. In general the function don't print a memeory message and terminate the process if there is not enough memory available. The "try" versions of the functions return NULL instead. ** Logging TODO ** Option parsing GnuPG does not use getopt or GNU getopt but functions of it's own. See util/argparse.c for details. The advantage of these functions is that it is more easy to display and maintain the help texts for the options. The same option table is also used to parse resource files. ** What is an IOBUF This is the data structure used for most I/O of gnupg. It is similar to System V Streams but much simpler. Because OpenPGP messages are nested in different ways; the use of such a system has big advantages. Here is an example, how it works: If the parser sees a packet header with a partial length, it pushes the block_filter onto the IOBUF to handle these partial length packets: from now on you don't have to worry about this. When it sees a compressed packet it pushes the uncompress filter and the next read byte is one which has already been uncompressed by this filter. Same goes for enciphered packet, plaintext packets and so on. The file g10/encode.c might be a good starting point to see how it is used - actually this is the other way: constructing messages using pushed filters but it may be easier to understand. diff --git a/g10/OPTIONS b/g10/OPTIONS deleted file mode 100644 index b1a49e254..000000000 --- a/g10/OPTIONS +++ /dev/null @@ -1,24 +0,0 @@ -# Some notes used by the maintainers - - -store -# simply packs the input data into a rfc1991 packet format - -check-trustdb - - -compress-keys -# compress exported key, compress level is still set with "-z" and -# algorithm with --compress-algo" - Default is to not compress keys, as -# this is better for interoperability. - -compress-sigs -# Normally, compressing of signatures does not make sense; so this -# is disabled for detached signatures unless this option is used. - -run-as-shm-coprocess [request-locked-shm-size] -# very special :-) -# You will have to use "--status-fd" too -# Note: This option does only work if given on the command line. - - diff --git a/g10/options.h b/g10/options.h index def638591..c634f0ffd 100644 --- a/g10/options.h +++ b/g10/options.h @@ -1,398 +1,397 @@ /* options.h * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, * 2007, 2010, 2011 Free Software Foundation, Inc. * Copyright (C) 2015 g10 Code GmbH * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . */ #ifndef G10_OPTIONS_H #define G10_OPTIONS_H #include #include "../common/types.h" #include #include "main.h" #include "packet.h" #include "tofu.h" #include "../common/session-env.h" #ifndef EXTERN_UNLESS_MAIN_MODULE /* Norcraft can't cope with common symbols */ #if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE) #define EXTERN_UNLESS_MAIN_MODULE extern #else #define EXTERN_UNLESS_MAIN_MODULE #endif #endif /* Declaration of a keyserver spec type. The definition is found in ../common/keyserver.h. */ struct keyserver_spec; typedef struct keyserver_spec *keyserver_spec_t; /* Global options for GPG. */ EXTERN_UNLESS_MAIN_MODULE struct { int verbose; int quiet; unsigned debug; int armor; char *outfile; estream_t outfp; /* Hack, sometimes used in place of outfile. */ off_t max_output; /* If > 0 a hint with the expected number of input data bytes. This * is not necessary an exact number but intended to be used for * progress info and to decide on how to allocate buffers. */ uint64_t input_size_hint; int dry_run; int autostart; int list_only; int mimemode; int textmode; int expert; const char *def_sig_expire; int ask_sig_expire; const char *def_cert_expire; int ask_cert_expire; int batch; /* run in batch mode */ int answer_yes; /* answer yes on most questions */ int answer_no; /* answer no on most questions */ int check_sigs; /* check key signatures */ int with_colons; int with_key_data; int with_icao_spelling; /* Print ICAO spelling with fingerprints. */ int with_fingerprint; /* Option --with-fingerprint active. */ int with_subkey_fingerprint; /* Option --with-subkey-fingerprint active. */ int with_keygrip; /* Option --with-keygrip active. */ int with_tofu_info; /* Option --with-tofu_info active. */ int with_secret; /* Option --with-secret active. */ int with_wkd_hash; /* Option --with-wkd-hash. */ int fingerprint; /* list fingerprints */ int list_sigs; /* list signatures */ int no_armor; int list_packets; /* Option --list-packets active. */ int def_cipher_algo; int force_mdc; int disable_mdc; int def_digest_algo; int cert_digest_algo; int compress_algo; int compress_level; int bz2_compress_level; int bz2_decompress_lowmem; strlist_t def_secret_key; char *def_recipient; int def_recipient_self; strlist_t secret_keys_to_try; /* A list of mail addresses (addr-spec) provided by the user with * the option --sender. */ strlist_t sender_list; int def_cert_level; int min_cert_level; int ask_cert_level; int emit_version; /* 0 = none, 1 = major only, 2 = major and minor, 3 = full version, 4 = full version plus OS string. */ int marginals_needed; int completes_needed; int max_cert_depth; const char *agent_program; const char *dirmngr_program; const char *def_new_key_algo; /* Options to be passed to the gpg-agent */ session_env_t session_env; char *lc_ctype; char *lc_messages; int skip_verify; int skip_hidden_recipients; /* TM_CLASSIC must be zero to accommodate trustdbsg generated before we started storing the trust model inside the trustdb. */ enum { TM_CLASSIC=0, TM_PGP=1, TM_EXTERNAL=2, TM_ALWAYS, TM_DIRECT, TM_AUTO, TM_TOFU, TM_TOFU_PGP } trust_model; enum tofu_policy tofu_default_policy; int force_ownertrust; enum { CO_GNUPG, CO_RFC4880, CO_RFC2440, CO_PGP6, CO_PGP7, CO_PGP8, CO_DE_VS } compliance; enum { KF_DEFAULT, KF_NONE, KF_SHORT, KF_LONG, KF_0xSHORT, KF_0xLONG } keyid_format; - int shm_coprocess; const char *set_filename; strlist_t comments; int throw_keyids; const char *photo_viewer; int s2k_mode; int s2k_digest_algo; int s2k_cipher_algo; unsigned char s2k_count; /* This is the encoded form, not the raw count */ int not_dash_escaped; int escape_from; int lock_once; keyserver_spec_t keyserver; /* The list of configured keyservers. */ struct { unsigned int options; unsigned int import_options; unsigned int export_options; char *http_proxy; } keyserver_options; int exec_disable; int exec_path_set; unsigned int import_options; unsigned int export_options; unsigned int list_options; unsigned int verify_options; const char *def_preference_list; const char *def_keyserver_url; prefitem_t *personal_cipher_prefs; prefitem_t *personal_digest_prefs; prefitem_t *personal_compress_prefs; struct weakhash *weak_digests; int no_perm_warn; int no_mdc_warn; char *temp_dir; int no_encrypt_to; int encrypt_to_default_key; int interactive; struct notation *sig_notations; struct notation *cert_notations; strlist_t sig_policy_url; strlist_t cert_policy_url; strlist_t sig_keyserver_url; strlist_t cert_subpackets; strlist_t sig_subpackets; int allow_non_selfsigned_uid; int allow_freeform_uid; int no_literal; ulong set_filesize; int fast_list_mode; int legacy_list_mode; int ignore_time_conflict; int ignore_valid_from; int ignore_crc_error; int ignore_mdc_error; int command_fd; const char *override_session_key; int show_session_key; const char *gpg_agent_info; int try_all_secrets; int no_expensive_trust_checks; int no_sig_cache; int no_auto_check_trustdb; int preserve_permissions; int no_homedir_creation; struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; unsigned int screen_columns; unsigned int screen_lines; byte *show_subpackets; int rfc2440_text; /* If true, let write failures on the status-fd exit the process. */ int exit_on_status_write_error; /* If > 0, limit the number of card insertion prompts to this value. */ int limit_card_insert_tries; struct { /* If set, require an 0x19 backsig to be present on signatures made by signing subkeys. If not set, a missing backsig is not an error (but an invalid backsig still is). */ unsigned int require_cross_cert:1; unsigned int use_embedded_filename:1; unsigned int utf8_filename:1; unsigned int dsa2:1; unsigned int allow_multiple_messages:1; unsigned int allow_weak_digest_algos:1; unsigned int large_rsa:1; unsigned int disable_signer_uid:1; /* Flag to enbale experimental features from RFC4880bis. */ unsigned int rfc4880bis:1; } flags; /* Linked list of ways to find a key if the key isn't on the local keyring. */ struct akl { enum { AKL_NODEFAULT, AKL_LOCAL, AKL_CERT, AKL_PKA, AKL_DANE, AKL_WKD, AKL_LDAP, AKL_KEYSERVER, AKL_SPEC } type; keyserver_spec_t spec; struct akl *next; } *auto_key_locate; int passphrase_repeat; int pinentry_mode; int unwrap_encryption; int only_sign_text_ids; } opt; /* CTRL is used to keep some global variables we currently can't avoid. Future concurrent versions of gpg will put it into a per request structure CTRL. */ EXTERN_UNLESS_MAIN_MODULE struct { int in_auto_key_retrieve; /* True if we are doing an auto_key_retrieve. */ /* Hack to store the last error. We currently need it because the proc_packet machinery is not able to reliabale return error codes. Thus for the --server purposes we store some of the error codes here. FIXME! */ gpg_error_t lasterr; } glo_ctrl; #define DBG_PACKET_VALUE 1 /* debug packet reading/writing */ #define DBG_MPI_VALUE 2 /* debug mpi details */ #define DBG_CRYPTO_VALUE 4 /* debug crypto handling */ /* (may reveal sensitive data) */ #define DBG_FILTER_VALUE 8 /* debug internal filter handling */ #define DBG_IOBUF_VALUE 16 /* debug iobuf stuff */ #define DBG_MEMORY_VALUE 32 /* debug memory allocation stuff */ #define DBG_CACHE_VALUE 64 /* debug the caching */ #define DBG_MEMSTAT_VALUE 128 /* show memory statistics */ #define DBG_TRUST_VALUE 256 /* debug the trustdb */ #define DBG_HASHING_VALUE 512 /* debug hashing operations */ #define DBG_IPC_VALUE 1024 /* debug assuan communication */ #define DBG_CLOCK_VALUE 4096 #define DBG_LOOKUP_VALUE 8192 /* debug the key lookup */ #define DBG_EXTPROG_VALUE 16384 /* debug external program calls */ /* Tests for the debugging flags. */ #define DBG_PACKET (opt.debug & DBG_PACKET_VALUE) #define DBG_MPI (opt.debug & DBG_MPI_VALUE) #define DBG_CRYPTO (opt.debug & DBG_CRYPTO_VALUE) #define DBG_FILTER (opt.debug & DBG_FILTER_VALUE) #define DBG_CACHE (opt.debug & DBG_CACHE_VALUE) #define DBG_TRUST (opt.debug & DBG_TRUST_VALUE) #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE) #define DBG_IPC (opt.debug & DBG_IPC_VALUE) #define DBG_IPC (opt.debug & DBG_IPC_VALUE) #define DBG_CLOCK (opt.debug & DBG_CLOCK_VALUE) #define DBG_LOOKUP (opt.debug & DBG_LOOKUP_VALUE) #define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE) /* FIXME: We need to check why we did not put this into opt. */ #define DBG_MEMORY memory_debug_mode #define DBG_MEMSTAT memory_stat_debug_mode EXTERN_UNLESS_MAIN_MODULE int memory_debug_mode; EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode; /* Compatibility flags. */ #define GNUPG (opt.compliance==CO_GNUPG || opt.compliance==CO_DE_VS) #define RFC2440 (opt.compliance==CO_RFC2440) #define RFC4880 (opt.compliance==CO_RFC4880) #define PGP6 (opt.compliance==CO_PGP6) #define PGP7 (opt.compliance==CO_PGP7) #define PGP8 (opt.compliance==CO_PGP8) #define PGPX (PGP6 || PGP7 || PGP8) /* Various option flags. Note that there should be no common string names between the IMPORT_ and EXPORT_ flags as they can be mixed in the keyserver-options option. */ #define IMPORT_LOCAL_SIGS (1<<0) #define IMPORT_REPAIR_PKS_SUBKEY_BUG (1<<1) #define IMPORT_FAST (1<<2) #define IMPORT_SHOW (1<<3) #define IMPORT_MERGE_ONLY (1<<4) #define IMPORT_MINIMAL (1<<5) #define IMPORT_CLEAN (1<<6) #define IMPORT_NO_SECKEY (1<<7) #define IMPORT_KEEP_OWNERTTRUST (1<<8) #define IMPORT_EXPORT (1<<9) #define IMPORT_RESTORE (1<<10) #define EXPORT_LOCAL_SIGS (1<<0) #define EXPORT_ATTRIBUTES (1<<1) #define EXPORT_SENSITIVE_REVKEYS (1<<2) #define EXPORT_RESET_SUBKEY_PASSWD (1<<3) #define EXPORT_MINIMAL (1<<4) #define EXPORT_CLEAN (1<<5) #define EXPORT_PKA_FORMAT (1<<6) #define EXPORT_DANE_FORMAT (1<<7) #define EXPORT_BACKUP (1<<10) #define LIST_SHOW_PHOTOS (1<<0) #define LIST_SHOW_POLICY_URLS (1<<1) #define LIST_SHOW_STD_NOTATIONS (1<<2) #define LIST_SHOW_USER_NOTATIONS (1<<3) #define LIST_SHOW_NOTATIONS (LIST_SHOW_STD_NOTATIONS|LIST_SHOW_USER_NOTATIONS) #define LIST_SHOW_KEYSERVER_URLS (1<<4) #define LIST_SHOW_UID_VALIDITY (1<<5) #define LIST_SHOW_UNUSABLE_UIDS (1<<6) #define LIST_SHOW_UNUSABLE_SUBKEYS (1<<7) #define LIST_SHOW_KEYRING (1<<8) #define LIST_SHOW_SIG_EXPIRE (1<<9) #define LIST_SHOW_SIG_SUBPACKETS (1<<10) #define LIST_SHOW_USAGE (1<<11) #define VERIFY_SHOW_PHOTOS (1<<0) #define VERIFY_SHOW_POLICY_URLS (1<<1) #define VERIFY_SHOW_STD_NOTATIONS (1<<2) #define VERIFY_SHOW_USER_NOTATIONS (1<<3) #define VERIFY_SHOW_NOTATIONS (VERIFY_SHOW_STD_NOTATIONS|VERIFY_SHOW_USER_NOTATIONS) #define VERIFY_SHOW_KEYSERVER_URLS (1<<4) #define VERIFY_SHOW_UID_VALIDITY (1<<5) #define VERIFY_SHOW_UNUSABLE_UIDS (1<<6) #define VERIFY_PKA_LOOKUPS (1<<7) #define VERIFY_PKA_TRUST_INCREASE (1<<8) #define VERIFY_SHOW_PRIMARY_UID_ONLY (1<<9) #define KEYSERVER_HTTP_PROXY (1<<0) #define KEYSERVER_TIMEOUT (1<<1) #define KEYSERVER_ADD_FAKE_V3 (1<<2) #define KEYSERVER_AUTO_KEY_RETRIEVE (1<<3) #define KEYSERVER_HONOR_KEYSERVER_URL (1<<4) #define KEYSERVER_HONOR_PKA_RECORD (1<<5) #endif /*G10_OPTIONS_H*/