[Pgp-tools-commit] r41 - trunk/caff
Christoph Berg
myon-guest at costa.debian.org
Sat May 21 21:10:48 UTC 2005
Author: myon-guest
Date: 2005-05-21 21:10:48 +0000 (Sat, 21 May 2005)
New Revision: 41
Modified:
trunk/caff/README
trunk/caff/TODO
trunk/caff/caff
trunk/caff/caffrc.sample
trunk/caff/pgp-clean
Log:
* Import own public keys automatically in caff
* "Fixed" quotes in the caff manpage
* Use generic names in the sample caffrc
* Wrote pgp-clean manpage
* pgp-clean strips 0x prefix from key ids
Modified: trunk/caff/README
===================================================================
--- trunk/caff/README 2005-05-21 20:59:32 UTC (rev 40)
+++ trunk/caff/README 2005-05-21 21:10:48 UTC (rev 41)
@@ -40,19 +40,6 @@
After creating a ~/.caffrc from the template, caff almost works out of the box.
-It has a problem, though: your personal public key is not imported in the caff
-working keyring. Do fix it, do this:
-
-Considering you have this:
-
- $CONFIG{'caffhome'} = $ENV{'HOME'}.'.caff';
-
-Do:
-
- gpg --export <your-key-id> | gpg --import --homedir ~/.caff/gnupghome
-
-This is a workaround for a bug which is already noted in the TODO list.
-
--
Peter
$Id$
Modified: trunk/caff/TODO
===================================================================
--- trunk/caff/TODO 2005-05-21 20:59:32 UTC (rev 40)
+++ trunk/caff/TODO 2005-05-21 21:10:48 UTC (rev 41)
@@ -6,5 +6,5 @@
D Deferred
X Abandoned
-- need to import own keys (including public) into our gnupghome
+o need to import own keys (including public) into our gnupghome
(else it complains about not finding the public key for the used secret key)
Modified: trunk/caff/caff
===================================================================
--- trunk/caff/caff 2005-05-21 20:59:32 UTC (rev 40)
+++ trunk/caff/caff 2005-05-21 21:10:48 UTC (rev 41)
@@ -75,8 +75,9 @@
Example:
- $CONFIG{'owner'} = 'Peter Palfrader';
- $CONFIG{'email'} = 'peter at palfrader.org';
+ $CONFIG{owner} = q{Peter Palfrader};
+ $CONFIG{email} = q{peter at palfrader.org};
+ $CONFIG{keyid} = [ qw{DE7AAF6E94C09C7F 62AF4031C82E0039} ];
=head2 Valid keys
@@ -147,6 +148,10 @@
Peter Palfrader <peter at palfrader.org>
+=head1 WEBSITE
+
+http://pgp-tools.alioth.debian.org/
+
=cut
use strict;
@@ -166,7 +171,7 @@
sub load_config() {
my $config = $ENV{'HOME'} . '/.caffrc';
- -f $config or die "No file $config present. See caffrc(5).\n";
+ -f $config or die "No file $config present. See caff(1).\n";
unless (scalar eval `cat $config`) {
die "Couldn't parse $config: $EVAL_ERROR\n" if $EVAL_ERROR;
};
@@ -502,6 +507,32 @@
+#################
+# import own keys
+#################
+ my $gpg = GnuPG::Interface->new();
+ $gpg->call( $CONFIG{'gpg'} );
+ $gpg->options->hash_init(
+ 'homedir' => $GNUPGHOME,
+ 'extra_args' => '--keyserver='.$CONFIG{'keyserver'} );
+ $gpg->options->meta_interactive( 0 );
+ my ($inputfd, $stdoutfd, $stderrfd, $statusfd, $handles) = make_gpg_fds();
+ $gpg->options->hash_init( 'extra_args' => [ '--with-colons', '--fixed-list-mode' ] );
+ my $pid = $gpg->list_public_keys(handles => $handles, command_args => $CONFIG{'keyid'});
+ my ($stdout, $stderr, $status) = readwrite_gpg('', $inputfd, $stdoutfd, $stderrfd, $statusfd);
+ waitpid $pid, 0;
+ if ($stdout eq '') {
+ warn ("No data from gpg for list-key\n");
+ next;
+ };
+ print $stdout;
+ foreach my $keyid (@{$CONFIG{'keyid'}}) {
+ unless ($stdout =~ /^pub:(?:[^:]*:){3,3}$keyid:/m) {
+ info("Importing $keyid");
+ system "gpg --export $keyid | gpg --import --homedir $GNUPGHOME";
+ }
+ }
+
#############################
# receive keys from keyserver
#############################
Modified: trunk/caff/caffrc.sample
===================================================================
--- trunk/caff/caffrc.sample 2005-05-21 20:59:32 UTC (rev 40)
+++ trunk/caff/caffrc.sample 2005-05-21 21:10:48 UTC (rev 41)
@@ -2,8 +2,8 @@
# $Id$
-$CONFIG{'owner'} = 'Peter Palfrader';
-$CONFIG{'email'} = 'peter at palfrader.org';
+$CONFIG{'owner'} = 'John Doe';
+$CONFIG{'email'} = 'user at example.com';
# you can get your long keyid from
# gpg --with-colons --list-key <yourkeyid|name|emailaddress..>
Modified: trunk/caff/pgp-clean
===================================================================
--- trunk/caff/pgp-clean 2005-05-21 20:59:32 UTC (rev 40)
+++ trunk/caff/pgp-clean 2005-05-21 21:10:48 UTC (rev 41)
@@ -33,31 +33,30 @@
=head1 NAME
-caff -- CA - Fire and Forget
+pgp-clean -- remove all non-self signatures from key
=head1 SYNOPSIS
=over
-=item B<caff> [-u I<yourkeyid>] I<keyid> [I<keyid> ..]
+=item B<pgp-clean> I<keyid> [I<keyid> ...]
=back
=head1 DESCRIPTION
-CA Fire and Forget is a script that helps you in keysigning. It takes a list
-of keyids on the command line, fetches them from a keyserver and calls GnuPG so
-that you can sign it. It then mails each key to all its email addresses - only
-including the one UID that we send to in each mail, pruned from all but self
-sigs and sigs done by you.
+B<pgp-clean> takes a list of keyids on the command line and outputs an
+ascii-armored keyring on stdout for each key with all signatures except
+self-signatures stripped. Its use is to reduce the size of keys sent out after
+signing (e.g. with B<caff>).
=head1 OPTIONS
=over
-=item B<-u> I<yourkeyid>
+=item I<keyid>
-Select the key that is used for signing, in case you have more than one key.
+Use this key.
=back
@@ -65,88 +64,20 @@
=over
-=item $HOME/.caffrc - configuration file
+=item $HOME/.gnupg/pubring.gpg - default GnuPG keyring
=back
-=head1 CONFIGURATION FILE OPTIONS
+=head1 SEE ALSO
-The configuration file is a perl script that sets values in the hash B<%CONFIG>.
+caff(1), gpg(1).
-Example:
-
- $CONFIG{'owner'} = 'Peter Palfrader';
- $CONFIG{'email'} = 'peter at palfrader.org';
-
-=head2 Valid keys
-
-=over
-
-=item B<caffhome> [string]
-
-Base directory for the files caff stores. Default: B<$HOME/.caff/>.
-
-=item B<owner> [string]
-
-Your name. B<REQUIRED>.
-
-=item B<email> [string]
-
-Your email address, used in From: lines. B<REQUIRED>.
-
-=item B<keyid> [list of keyids]
-
-A list of your keys. This is used to determine which signatures to keep
-in the pruning step. If you select a key using B<-u> it has to be in
-this list. B<REQUIRED>.
-
-=item B<export-sig-age> [seconds]
-
-Don't export UIDs by default, on which your latest signature is older
-than this age. Default: B<24*60*60> (i.e. one day).
-
-=item B<keyserver> [string]
-
-Keyserver to download keys from. Default: B<subkeys.pgp.net>.
-
-=item B<gpg> [string]
-
-Path to the GnuPG binary. Default: B<gpg>.
-
-=item B<gpg-sign> [string]
-
-Path to the GnuPG binary which is used to sign keys. Default: what
-B<gpg> is set to.
-
-=item B<gpg-delsig> [string]
-
-Path to the GnuPG binary which is used to split off signatures. This is
-needed while the upstream GnuPG is not fixed (there are 2 bugs in the
-Debian Bug Tracking System). Default: what B<gpg> is set to.
-
-=item B<secret-keyring> [string]
-
-Path to your secret keyring. Default: B<$HOME/.gnupg/secring.gpg>.
-
-=item B<also-encrypt-to> [keyid]
-
-An additional keyid to encrypt messages to. Default: none.
-
-=item B<no-download> [boolean]
-
-If true, then skip the step of fetching keys from the keyserver.
-Default: B<0>.
-
-=item B<no-sign> [boolean]
-
-If true, then skip the signing step. Default: B<0>.
-
-=back
-
=head1 AUTHOR
Peter Palfrader <peter at palfrader.org>
+This manpage was written in POD by Christoph Berg <cb at df7cb.de>.
+
=cut
use strict;
@@ -172,7 +103,7 @@
};
sub debug($) {
my ($line) = @_;
- print STDERR "[DEBUG] $line\n";
+ #print STDERR "[DEBUG] $line\n";
};
sub trace($) {
my ($line) = @_;
@@ -324,6 +255,7 @@
usage() unless scalar @ARGV >= 1;
my @KEYIDS;
for my $keyid (@ARGV) {
+ $keyid =~ s/^0x//i;
unless ($keyid =~ /^[A-Za-z0-9]{8}([A-Za-z0-9]{8})?$/) {
print STDERR "$keyid is not a keyid.\n";
usage();
More information about the Pgp-tools-commit
mailing list