[PATCH] g10: --quiet should suppress notice about rejected third-party key signatures

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] g10: --quiet should suppress notice about rejected third-party key signatures

GnuPG - Dev mailing list
Let --quiet hide the output about third-party key signatures:
```
gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
```

This does not change actual behavior, it just omits that note instead.

Signed-off-by: Robin H. Johnson <[hidden email]>
---
 g10/misc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git g10/misc.c g10/misc.c
index 22ed47e7c..d46fa90b2 100644
--- g10/misc.c
+++ g10/misc.c
@@ -366,6 +366,8 @@ print_sha1_keysig_rejected_note (void)
 {
   static int shown;
 
+  if (opt.quiet)
+ return;
   if (shown)
     return;
 
--
2.26.2


_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
ilf
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] g10: --quiet should suppress notice about rejected third-party key signatures

ilf
Thank you!

There is an issue for this, but it's closed as "wontfix":
https://dev.gnupg.org/T4893

Robin H. Johnson via Gnupg-devel:
> Let --quiet hide the output about third-party key signatures:
> gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
> This does not change actual behavior, it just omits that note instead.

--
ilf

If you upload your address book to "the cloud", I don't want to be in it.

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
Reply | Threaded
Open this post in threaded view
|

[PATCH v2] g10: be --quiet about weak digests & rejected third-party key signatures

GnuPG - Dev mailing list
In reply to this post by GnuPG - Dev mailing list
Let --quiet hide the output about weak digests and rejected third-party
key signatures.
```
gpg: Note: third-party key signatures using the %s algorithm are rejected
Note: signatures using the %s algorithm are rejected
```

This does not change actual behavior, it just omits the notes instead.
This is primarily intended to be used in automation.

Signed-off-by: Robin H. Johnson <[hidden email]>
---
 g10/misc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git g10/misc.c g10/misc.c
index 22ed47e7c..d46fa90b2 100644
--- g10/misc.c
+++ g10/misc.c
@@ -366,6 +366,8 @@ print_sha1_keysig_rejected_note (void)
 {
   static int shown;
 
+  if (opt.quiet)
+ return;
   if (shown)
     return;
 
--
2.26.2


_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
Reply | Threaded
Open this post in threaded view
|

[PATCH v3] g10: be --quiet about weak digests & rejected third-party key signatures

GnuPG - Dev mailing list
In reply to this post by GnuPG - Dev mailing list
Let --quiet hide the output about weak digests and rejected third-party
key signatures.
```
gpg: Note: third-party key signatures using the %s algorithm are rejected
Note: signatures using the %s algorithm are rejected
```

This does not change actual behavior, it just omits the notes instead.
This is primarily intended to be used in automation.

Signed-off-by: Robin H. Johnson <[hidden email]>
---
 g10/misc.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git g10/misc.c g10/misc.c
index 22ed47e7c..ddf39d723 100644
--- g10/misc.c
+++ g10/misc.c
@@ -341,6 +341,10 @@ print_digest_rejected_note (enum gcry_md_algos algo)
 {
   struct weakhash* weak;
   int show = 1;
+
+  if (opt.quiet)
+    return;
+
   for (weak = opt.weak_digests; weak; weak = weak->next)
     if (weak->algo == algo)
       {
@@ -366,6 +370,8 @@ print_sha1_keysig_rejected_note (void)
 {
   static int shown;
 
+  if (opt.quiet)
+    return;
   if (shown)
     return;
 
--
2.26.2


_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] g10: --quiet should suppress notice about rejected third-party key signatures

GnuPG - Dev mailing list
In reply to this post by ilf
On Wed, May 20, 2020 at 09:44:13AM +0200, ilf wrote:
> Thank you!
>
> There is an issue for this, but it's closed as "wontfix":
> https://dev.gnupg.org/T4893
>
> Robin H. Johnson via Gnupg-devel:
> > Let --quiet hide the output about third-party key signatures:
> > gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
> > This does not change actual behavior, it just omits that note instead.
Can we please reopen this discussion about how to hide that message for
automation cases?

I'm specifically after hiding this message:
"gpg: Note: third-party key signatures using the SHA1 algorithm are rejected"

I have an automation use case where that message spams, and is already
using --quiet.

The alternative would be explicitly deleting some/many signatures before
that point, which strikes me as suboptimal.

I know there are OLD SHA1 signatures on some of the keys, they don't
matter to the workflow.

If you won't accept the patch to make --quiet ignore them, will you at
least consider a patch that suppressed specific messages?
e.g. --suppress-message=sha1-sig-3rd-party,md5-sig


>
> --
> ilf
>
> If you upload your address book to "the cloud", I don't want to be in it.
>
> _______________________________________________
> Gnupg-devel mailing list
> [hidden email]
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
>
--
Robin Hugh Johnson
Gentoo Linux: Dev, Infra Lead, Foundation Treasurer
E-Mail   : [hidden email]
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] g10: --quiet should suppress notice about rejected third-party key signatures

GnuPG - Dev mailing list

> I'm specifically after hiding this message:
> "gpg: Note: third-party key signatures using the SHA1 algorithm are rejected"
>
> I have an automation use case where that message spams, and is already
> using --quiet.

Okay, I just pushed a change to act on --quiet for

   log_info (_("Note: third-party key signatures using"
              " the %s algorithm are rejected\n"),

and

   log_info
        (_("Note: signatures using the %s algorithm are rejected\n"),
         gcry_md_algo_name(algo));

Thanks for insisting on this.

Shalom-Salam,

   Werner

--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (233 bytes) Download Attachment