1 /* options.h
2  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
3  *               2007, 2010, 2011 Free Software Foundation, Inc.
4  * Copyright (C) 2015 g10 Code GmbH
5  *
6  * This file is part of GnuPG.
7  *
8  * GnuPG is free software; you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 3 of the License, or
11  * (at your option) any later version.
12  *
13  * GnuPG is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program; if not, see <https://www.gnu.org/licenses/>.
20  */
21 #ifndef G10_OPTIONS_H
22 #define G10_OPTIONS_H
23 
24 #include <sys/types.h>
25 #include "../common/types.h"
26 #include <stdint.h>
27 #include "main.h"
28 #include "packet.h"
29 #include "tofu.h"
30 #include "../common/session-env.h"
31 #include "../common/compliance.h"
32 
33 
34 /* Object to hold information pertaining to a keyserver; it also
35    allows building a list of keyservers.  For historic reasons this is
36    not a strlist_t.  */
37 struct keyserver_spec
38 {
39   struct keyserver_spec *next;
40   char *uri;
41 };
42 typedef struct keyserver_spec *keyserver_spec_t;
43 
44 
45 /* Global options for GPG.  */
46 EXTERN_UNLESS_MAIN_MODULE
47 struct
48 {
49   int verbose;
50   int quiet;
51   unsigned debug;
52   int armor;
53   char *outfile;
54   estream_t outfp;  /* Hack, sometimes used in place of outfile.  */
55   off_t max_output;
56 
57   /* If > 0 a hint with the expected number of input data bytes.  This
58    * is not necessary an exact number but intended to be used for
59    * progress info and to decide on how to allocate buffers.  */
60   uint64_t input_size_hint;
61 
62   /* The AEAD chunk size expressed as a power of 2.  */
63   int chunk_size;
64 
65   int dry_run;
66   int autostart;
67   int list_only;
68   int mimemode;
69   int textmode;
70   int expert;
71   const char *def_sig_expire;
72   int ask_sig_expire;
73   const char *def_cert_expire;
74   int ask_cert_expire;
75   int batch;	    /* run in batch mode */
76   int answer_yes; /* answer yes on most questions */
77   int answer_no;  /* answer no on most questions */
78   int check_sigs; /* check key signatures */
79   int with_colons;
80   int with_key_data;
81   int with_icao_spelling; /* Print ICAO spelling with fingerprints.  */
82   int with_fingerprint; /* Option --with-fingerprint active.  */
83   int with_subkey_fingerprint; /* Option --with-subkey-fingerprint active.  */
84   int with_keygrip;     /* Option --with-keygrip active.  */
85   int with_key_screening;/* Option --with-key-screening active.  */
86   int with_tofu_info;   /* Option --with-tofu_info active.  */
87   int with_secret;      /* Option --with-secret active.  */
88   int with_wkd_hash;    /* Option --with-wkd-hash.  */
89   int with_key_origin;  /* Option --with-key-origin.  */
90   int fingerprint; /* list fingerprints */
91   int list_sigs;   /* list signatures */
92   int no_armor;
93   int list_packets; /* Option --list-packets active.  */
94   int def_cipher_algo;
95   int def_aead_algo;
96   int force_mdc;
97   int disable_mdc;
98   int force_aead;
99   int def_digest_algo;
100   int cert_digest_algo;
101   int compress_algo;
102   int compress_level;
103   int bz2_compress_level;
104   int bz2_decompress_lowmem;
105   strlist_t def_secret_key;
106   char *def_recipient;
107   int def_recipient_self;
108   strlist_t secret_keys_to_try;
109 
110   /* A list of mail addresses (addr-spec) provided by the user with
111    * the option --sender.  */
112   strlist_t sender_list;
113 
114   int def_cert_level;
115   int min_cert_level;
116   int ask_cert_level;
117   int emit_version;       /* 0 = none,
118                              1 = major only,
119                              2 = major and minor,
120                              3 = full version,
121                              4 = full version plus OS string. */
122   int marginals_needed;
123   int completes_needed;
124   int max_cert_depth;
125   const char *agent_program;
126   const char *keyboxd_program;
127   const char *dirmngr_program;
128   int disable_dirmngr;
129 
130   const char *def_new_key_algo;
131 
132   /* Options to be passed to the gpg-agent */
133   session_env_t session_env;
134   char *lc_ctype;
135   char *lc_messages;
136 
137   int skip_verify;
138   int skip_hidden_recipients;
139 
140   /* TM_CLASSIC must be zero to accommodate trustdbsg generated before
141      we started storing the trust model inside the trustdb. */
142   enum
143     {
144       TM_CLASSIC=0, TM_PGP=1, TM_EXTERNAL=2,
145       TM_ALWAYS, TM_DIRECT, TM_AUTO, TM_TOFU, TM_TOFU_PGP
146     } trust_model;
147   enum tofu_policy tofu_default_policy;
148   int force_ownertrust;
149   enum gnupg_compliance_mode compliance;
150   enum
151     {
152       KF_DEFAULT, KF_NONE, KF_SHORT, KF_LONG, KF_0xSHORT, KF_0xLONG
153     } keyid_format;
154   const char *set_filename;
155   strlist_t comments;
156   int throw_keyids;
157   const char *photo_viewer;
158   int s2k_mode;
159   int s2k_digest_algo;
160   int s2k_cipher_algo;
161   unsigned char s2k_count; /* This is the encoded form, not the raw
162 			      count */
163   int not_dash_escaped;
164   int escape_from;
165   int lock_once;
166   keyserver_spec_t keyserver;  /* The list of configured keyservers.  */
167   struct
168   {
169     unsigned int options;
170     unsigned int import_options;
171     unsigned int export_options;
172     char *http_proxy;
173   } keyserver_options;
174   int exec_disable;
175   int exec_path_set;
176   unsigned int import_options;
177   unsigned int export_options;
178   unsigned int list_options;
179   unsigned int verify_options;
180   const char *def_preference_list;
181   const char *def_keyserver_url;
182   prefitem_t *personal_cipher_prefs;
183   prefitem_t *personal_aead_prefs;
184   prefitem_t *personal_digest_prefs;
185   prefitem_t *personal_compress_prefs;
186   struct weakhash *weak_digests;
187   int no_perm_warn;
188   char *temp_dir;
189   int no_encrypt_to;
190   int encrypt_to_default_key;
191   int interactive;
192   struct notation *sig_notations;
193   struct notation *cert_notations;
194   strlist_t sig_policy_url;
195   strlist_t cert_policy_url;
196   strlist_t sig_keyserver_url;
197   strlist_t cert_subpackets;
198   strlist_t sig_subpackets;
199   int allow_non_selfsigned_uid;
200   int allow_freeform_uid;
201   int no_literal;
202   ulong set_filesize;
203   int fast_list_mode;
204   int legacy_list_mode;
205   int ignore_time_conflict;
206   int ignore_valid_from;
207   int ignore_crc_error;
208   int ignore_mdc_error;
209   int command_fd;
210   const char *override_session_key;
211   int show_session_key;
212 
213   const char *gpg_agent_info;
214   int try_all_secrets;
215   int no_expensive_trust_checks;
216   int no_sig_cache;
217   int no_auto_check_trustdb;
218   int preserve_permissions;
219   int no_homedir_creation;
220   struct groupitem *grouplist;
221   int mangle_dos_filenames;
222   int enable_progress_filter;
223   unsigned int screen_columns;
224   unsigned int screen_lines;
225   byte *show_subpackets;
226   int rfc2440_text;
227 
228   /* If true, let write failures on the status-fd exit the process. */
229   int exit_on_status_write_error;
230 
231   /* If > 0, limit the number of card insertion prompts to this
232      value. */
233   int limit_card_insert_tries;
234 
235   struct
236   {
237     /* If set, require an 0x19 backsig to be present on signatures
238        made by signing subkeys.  If not set, a missing backsig is not
239        an error (but an invalid backsig still is). */
240     unsigned int require_cross_cert:1;
241 
242     unsigned int use_embedded_filename:1;
243     unsigned int utf8_filename:1;
244     unsigned int dsa2:1;
245     unsigned int allow_old_cipher_algos:1;
246     unsigned int allow_weak_digest_algos:1;
247     unsigned int allow_weak_key_signatures:1;
248     unsigned int large_rsa:1;
249     unsigned int disable_signer_uid:1;
250     unsigned int include_key_block:1;
251     unsigned int auto_key_import:1;
252     /* Flag to enable experimental features from RFC4880bis.  */
253     unsigned int rfc4880bis:1;
254     /* Hack: --output is not given but OUTFILE was temporary set to "-".  */
255     unsigned int dummy_outfile:1;
256     /* Force the use of the OpenPGP card and do not allow the use of
257      * another card.  */
258     unsigned int use_only_openpgp_card:1;
259     unsigned int full_timestrings:1;
260     /* Force signing keys even if a key signature already exists.  */
261     unsigned int force_sign_key:1;
262     /* On key generation do not set the ownertrust.  */
263     unsigned int no_auto_trust_new_key:1;
264     /* The next flag is set internally iff IMPORT_SELF_SIGS_ONLY has
265      * been set by the user and is not the default value.  */
266     unsigned int expl_import_self_sigs_only:1;
267     /* The next flag is set internally iff IMPORT_CLEAN has
268      * been set by the user and is not the default value.  */
269     unsigned int expl_import_clean:1;
270   } flags;
271 
272   /* Linked list of ways to find a key if the key isn't on the local
273      keyring. */
274   struct akl
275   {
276     enum {
277       AKL_NODEFAULT,
278       AKL_LOCAL,
279       AKL_CERT,
280       AKL_PKA,
281       AKL_DANE,
282       AKL_WKD,
283       AKL_LDAP,
284       AKL_NTDS,
285       AKL_KEYSERVER,
286       AKL_SPEC
287     } type;
288     keyserver_spec_t spec;
289     struct akl *next;
290   } *auto_key_locate;
291 
292   /* The value of --key-origin.  See parse_key_origin().  */
293   int key_origin;
294   char *key_origin_url;
295 
296   int passphrase_repeat;
297   int pinentry_mode;
298   int request_origin;
299 
300   int unwrap_encryption;
301   int only_sign_text_ids;
302 
303   int no_symkey_cache;   /* Disable the cache used for --symmetric.  */
304 
305   int use_keyboxd;       /* Use the external keyboxd as storage backend.  */
306 } opt;
307 
308 /* CTRL is used to keep some global variables we currently can't
309    avoid.  Future concurrent versions of gpg will put it into a per
310    request structure CTRL. */
311 EXTERN_UNLESS_MAIN_MODULE
312 struct {
313   int in_auto_key_retrieve; /* True if we are doing an
314                                auto_key_retrieve. */
315   /* Hack to store the last error.  We currently need it because the
316      proc_packet machinery is not able to reliabale return error
317      codes.  Thus for the --server purposes we store some of the error
318      codes here.  FIXME! */
319   gpg_error_t lasterr;
320 
321   /* Kludge to silence some warnings using --secret-key-list. */
322   int silence_parse_warnings;
323 } glo_ctrl;
324 
325 #define DBG_PACKET_VALUE  1	/* debug packet reading/writing */
326 #define DBG_MPI_VALUE	  2	/* debug mpi details */
327 #define DBG_CRYPTO_VALUE  4	/* debug crypto handling */
328 				/* (may reveal sensitive data) */
329 #define DBG_FILTER_VALUE  8	/* debug internal filter handling */
330 #define DBG_IOBUF_VALUE   16	/* debug iobuf stuff */
331 #define DBG_MEMORY_VALUE  32	/* debug memory allocation stuff */
332 #define DBG_CACHE_VALUE   64	/* debug the caching */
333 #define DBG_MEMSTAT_VALUE 128	/* show memory statistics */
334 #define DBG_TRUST_VALUE   256	/* debug the trustdb */
335 #define DBG_HASHING_VALUE 512	/* debug hashing operations */
336 #define DBG_IPC_VALUE     1024  /* debug assuan communication */
337 #define DBG_CLOCK_VALUE   4096
338 #define DBG_LOOKUP_VALUE  8192	/* debug the key lookup */
339 #define DBG_EXTPROG_VALUE 16384 /* debug external program calls */
340 
341 /* Tests for the debugging flags.  */
342 #define DBG_PACKET (opt.debug & DBG_PACKET_VALUE)
343 #define DBG_MPI    (opt.debug & DBG_MPI_VALUE)
344 #define DBG_CRYPTO (opt.debug & DBG_CRYPTO_VALUE)
345 #define DBG_FILTER (opt.debug & DBG_FILTER_VALUE)
346 #define DBG_CACHE  (opt.debug & DBG_CACHE_VALUE)
347 #define DBG_TRUST  (opt.debug & DBG_TRUST_VALUE)
348 #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE)
349 #define DBG_IPC     (opt.debug & DBG_IPC_VALUE)
350 #define DBG_CLOCK   (opt.debug & DBG_CLOCK_VALUE)
351 #define DBG_LOOKUP  (opt.debug & DBG_LOOKUP_VALUE)
352 #define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE)
353 
354 /* FIXME: We need to check why we did not put this into opt. */
355 #define DBG_MEMORY    memory_debug_mode
356 #define DBG_MEMSTAT   memory_stat_debug_mode
357 
358 EXTERN_UNLESS_MAIN_MODULE int memory_debug_mode;
359 EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
360 
361 
362 /* Compatibility flags.  */
363 #define GNUPG   (opt.compliance==CO_GNUPG || opt.compliance==CO_DE_VS)
364 #define RFC2440 (opt.compliance==CO_RFC2440)
365 #define RFC4880 (opt.compliance==CO_RFC4880)
366 #define PGP7    (opt.compliance==CO_PGP7)
367 #define PGP8    (opt.compliance==CO_PGP8)
368 #define PGPX    (PGP7 || PGP8)
369 
370 /* Various option flags.  Note that there should be no common string
371    names between the IMPORT_ and EXPORT_ flags as they can be mixed in
372    the keyserver-options option. */
373 
374 #define IMPORT_LOCAL_SIGS                (1<<0)
375 #define IMPORT_REPAIR_PKS_SUBKEY_BUG     (1<<1)
376 #define IMPORT_FAST                      (1<<2)
377 #define IMPORT_SHOW                      (1<<3)
378 #define IMPORT_MERGE_ONLY                (1<<4)
379 #define IMPORT_MINIMAL                   (1<<5)
380 #define IMPORT_CLEAN                     (1<<6)
381 #define IMPORT_NO_SECKEY                 (1<<7)
382 #define IMPORT_KEEP_OWNERTTRUST          (1<<8)
383 #define IMPORT_EXPORT                    (1<<9)
384 #define IMPORT_RESTORE                   (1<<10)
385 #define IMPORT_REPAIR_KEYS               (1<<11)
386 #define IMPORT_DRY_RUN                   (1<<12)
387 #define IMPORT_SELF_SIGS_ONLY            (1<<14)
388 #define IMPORT_COLLAPSE_UIDS             (1<<15)
389 #define IMPORT_COLLAPSE_SUBKEYS          (1<<16)
390 #define IMPORT_BULK                      (1<<17)
391 
392 #define EXPORT_LOCAL_SIGS                (1<<0)
393 #define EXPORT_ATTRIBUTES                (1<<1)
394 #define EXPORT_SENSITIVE_REVKEYS         (1<<2)
395 #define EXPORT_RESET_SUBKEY_PASSWD       (1<<3)
396 #define EXPORT_MINIMAL                   (1<<4)
397 #define EXPORT_CLEAN                     (1<<5)
398 #define EXPORT_DANE_FORMAT               (1<<7)
399 #define EXPORT_BACKUP                    (1<<10)
400 
401 #define LIST_SHOW_PHOTOS                 (1<<0)
402 #define LIST_SHOW_POLICY_URLS            (1<<1)
403 #define LIST_SHOW_STD_NOTATIONS          (1<<2)
404 #define LIST_SHOW_USER_NOTATIONS         (1<<3)
405 #define LIST_SHOW_NOTATIONS (LIST_SHOW_STD_NOTATIONS|LIST_SHOW_USER_NOTATIONS)
406 #define LIST_SHOW_KEYSERVER_URLS         (1<<4)
407 #define LIST_SHOW_UID_VALIDITY           (1<<5)
408 #define LIST_SHOW_UNUSABLE_UIDS          (1<<6)
409 #define LIST_SHOW_UNUSABLE_SUBKEYS       (1<<7)
410 #define LIST_SHOW_KEYRING                (1<<8)
411 #define LIST_SHOW_SIG_EXPIRE             (1<<9)
412 #define LIST_SHOW_SIG_SUBPACKETS         (1<<10)
413 #define LIST_SHOW_USAGE                  (1<<11)
414 #define LIST_SHOW_ONLY_FPR_MBOX          (1<<12)
415 #define LIST_SORT_SIGS                   (1<<13)
416 
417 #define VERIFY_SHOW_PHOTOS               (1<<0)
418 #define VERIFY_SHOW_POLICY_URLS          (1<<1)
419 #define VERIFY_SHOW_STD_NOTATIONS        (1<<2)
420 #define VERIFY_SHOW_USER_NOTATIONS       (1<<3)
421 #define VERIFY_SHOW_NOTATIONS (VERIFY_SHOW_STD_NOTATIONS|VERIFY_SHOW_USER_NOTATIONS)
422 #define VERIFY_SHOW_KEYSERVER_URLS       (1<<4)
423 #define VERIFY_SHOW_UID_VALIDITY         (1<<5)
424 #define VERIFY_SHOW_UNUSABLE_UIDS        (1<<6)
425 #define VERIFY_SHOW_PRIMARY_UID_ONLY     (1<<9)
426 
427 #define KEYSERVER_HTTP_PROXY             (1<<0)
428 #define KEYSERVER_TIMEOUT                (1<<1)
429 #define KEYSERVER_ADD_FAKE_V3            (1<<2)
430 #define KEYSERVER_AUTO_KEY_RETRIEVE      (1<<3)
431 #define KEYSERVER_HONOR_KEYSERVER_URL    (1<<4)
432 
433 
434 #endif /*G10_OPTIONS_H*/
435