Imported Upstream version 2.1.11upstream/2.1.11

8 files changed, 124 insertions, 393 deletions

diff --git a/tools/Makefile.am b/tools/Makefile.am
index a793cca..39c0f9c 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -51,13 +51,12 @@ else
   gpgtar =
 endif
 
-# Fixme: We should remove the gpgkey2ssh tool.
 bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun}
 if !HAVE_W32_SYSTEM
 bin_PROGRAMS += watchgnupg gpgparsemail
 endif
 if !HAVE_W32CE_SYSTEM
-bin_PROGRAMS += gpgkey2ssh ${gpgtar}
+bin_PROGRAMS += ${gpgtar}
 endif
 
 if !DISABLE_REGEX
@@ -119,15 +118,6 @@ gpg_connect_agent_LDADD = ../common/libgpgrl.a $(common_libs) \
                           $(LIBREADLINE) $(LIBINTL) $(NETLIBS) $(LIBICONV) \
                           $(resource_objs)
 
-if !HAVE_W32CE_SYSTEM
-gpgkey2ssh_SOURCES = gpgkey2ssh.c
-gpgkey2ssh_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS)
-# common via use of BUG() in an inline function, which
-# some compilers do not eliminate.
-gpgkey2ssh_LDADD = $(common_libs) \
-                   $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(LIBINTL) $(LIBICONV) \
-		   $(NETLIBS)
-endif
 
 if !DISABLE_REGEX
 gpg_check_pattern_SOURCES = gpg-check-pattern.c
@@ -142,9 +132,8 @@ gpgtar_SOURCES = \
 	gpgtar-extract.c \
 	gpgtar-list.c \
 	no-libgcrypt.c
-gpgtar_CFLAGS = $(GPG_ERROR_CFLAGS) $(NPTH_CFLAGS) $(LIBASSUAN_CFLAGS)
-gpgtar_LDADD = $(libcommonpth) $(GPG_ERROR_LIBS) \
-               $(NPTH_LIBS) $(LIBASSUAN_LIBS) \
+gpgtar_CFLAGS = $(GPG_ERROR_CFLAGS)
+gpgtar_LDADD = $(libcommon) $(GPG_ERROR_LIBS) \
                $(LIBINTL) $(NETLIBS) $(LIBICONV) $(W32SOCKLIBS)
 
 
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 5e4bd58..45e5c90 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -582,6 +582,10 @@ static gc_option_t gc_options_gpg_agent[] =
      GC_LEVEL_EXPERT, "gnupg",
      N_("do not allow the reuse of old passphrases"),
      GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
+   { "pinentry-timeout", GC_OPT_FLAG_RUNTIME,
+     GC_LEVEL_ADVANCED, "gnupg",
+     N_("|N|set the Pinentry timeout to N seconds"),
+     GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
 
    GC_OPTION_NULL
  };
diff --git a/tools/gpgkey2ssh.c b/tools/gpgkey2ssh.c
deleted file mode 100644
index f12c5f4..0000000
--- a/tools/gpgkey2ssh.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/* gpgkey2ssh.c - Converter  (Debug helper)
- *	Copyright (C) 2005 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
- * License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, see <http://www.gnu.org/licenses/>.
- */
-
-/* 
-   FIXME:  This tool needs some cleanup:
-
-   - Do not use assert() for error output.
-   - Add proper option parsing and standard options.
-   - retrieve_key_material needs to take the ordinal at field 1 in account.
-   0 Write a man page.
-*/
-
-#include <config.h>
-
-#include <gcrypt.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <assert.h>
-#include <stdio.h>
-#include <errno.h>
-
-#include "util.h"
-#include "sysutils.h"
-
-
-
-typedef struct pkdbuf
-{
-  unsigned char *buffer;
-  size_t buffer_n;
-} pkdbuf_t;
-
-
-
-/* Retrieve the public key material for the RSA key, whose fingerprint
-   is FPR, from gpg output, which can be read through the stream FP.
-   The RSA modulus will be stored at the address of M and MLEN, the
-   public exponent at E and ELEN.  Returns zero on success, an error
-   code on failure.  Caller must release the allocated buffers at M
-   and E if the function returns success.  */
-static gpg_error_t
-retrieve_key_material (FILE *fp, const char *hexkeyid, int *algorithm_id,
-		       pkdbuf_t **pkdbuf, size_t *pkdbuf_n)
-{
-  pkdbuf_t *pkdbuf_new;
-  pkdbuf_t *pkdbuf_tmp;
-  size_t pkdbuf_new_n;
-  gcry_error_t err = 0;
-  char *line = NULL;    /* read_line() buffer. */
-  size_t line_size = 0; /* Helper for for read_line. */
-  int found_key = 0;    /* Helper to find a matching key. */
-  int id;
-  unsigned char *buffer;
-  size_t buffer_n;
-  int i;
-
-  pkdbuf_new = NULL;
-  pkdbuf_new_n = 0;
-  id = 0;
-
-  /* Loop over all records until we have found the subkey
-     corresponding to the fingerprint. In general the first record
-     should be the pub record, but we don't rely on that.  Given that
-     we only need to look at one key, it is sufficient to compare the
-     keyid so that we don't need to look at "fpr" records. */
-  for (;;)
-    {
-      char *p;
-      char *fields[6];
-      int nfields;
-      size_t max_length;
-      gcry_mpi_t mpi;
-
-      max_length = 4096;
-      i = read_line (fp, &line, &line_size, &max_length);
-      if (!i)
-        break; /* EOF. */
-      if (i < 0)
-	{
-	  err = gpg_error_from_syserror ();
-	  goto leave; /* Error. */
-	}
-      if (!max_length)
-        {
-          err = gpg_error (GPG_ERR_TRUNCATED);
-          goto leave;  /* Line truncated - we better stop processing.  */
-        }
-
-      /* Parse the line into fields. */
-      for (nfields=0, p=line; p && nfields < DIM (fields); nfields++)
-        {
-          fields[nfields] = p;
-          p = strchr (p, ':');
-          if (p)
-            *(p++) = 0;
-        }
-      if (!nfields)
-        continue; /* No fields at all - skip line.  */
-
-      if (!found_key)
-        {
-          if ( (!strcmp (fields[0], "sub") || !strcmp (fields[0], "pub") )
-               && nfields > 4 &&
-	       (((strlen (hexkeyid) == 8)
-		 && (strlen (fields[4]) == 16)
-		 && (! strcmp (fields[4] + 8, hexkeyid)))
-		|| ((strlen (hexkeyid) == 16)
-		    && (! strcmp (fields[4], hexkeyid)))))
-	    {
-	      found_key = 1;
-	      /* Save algorithm ID.  */
-	      id = atoi (fields[3]);
-	    }
-          continue;
-      	}
-      
-      if ( !strcmp (fields[0], "sub") || !strcmp (fields[0], "pub") )
-        break; /* Next key - stop.  */
-
-      if ( strcmp (fields[0], "pkd") )
-        continue; /* Not a key data record.  */
-
-      /* FIXME, necessary?  */
-
-      i = atoi (fields[1]);
-      if ((nfields < 4) || (i < 0))
-        {
-          err = gpg_error (GPG_ERR_GENERAL);
-	  goto leave;
-        }
-
-      err = gcry_mpi_scan (&mpi, GCRYMPI_FMT_HEX, fields[3], 0, NULL);
-      if (err)
-        mpi = NULL;
-
-      err = gcry_mpi_aprint (GCRYMPI_FMT_STD, &buffer, &buffer_n, mpi);
-      gcry_mpi_release (mpi);
-      if (err)
-	goto leave;
-
-      pkdbuf_tmp = xrealloc (pkdbuf_new, sizeof (*pkdbuf_new) * (pkdbuf_new_n + 1));
-      if (pkdbuf_new != pkdbuf_tmp)
-	pkdbuf_new = pkdbuf_tmp;
-      pkdbuf_new[pkdbuf_new_n].buffer = buffer;
-      pkdbuf_new[pkdbuf_new_n].buffer_n = buffer_n;
-      pkdbuf_new_n++;
-    }
-
-  *algorithm_id = id;
-  *pkdbuf = pkdbuf_new;
-  *pkdbuf_n = pkdbuf_new_n;
-
- leave:
-
-  if (err)
-    if (pkdbuf_new)
-      {
-	for (i = 0; i < pkdbuf_new_n; i++)
-	  xfree (pkdbuf_new[i].buffer);
-	xfree (pkdbuf_new);
-      }
-  xfree (line);
-
-  return err;
-}
-
-
-
-int
-key_to_blob (unsigned char **blob, size_t *blob_n, const char *identifier, ...)
-{
-  unsigned char *blob_new;
-  size_t blob_new_n;
-  unsigned char uint32_buffer[4];
-  u32 identifier_n;
-  FILE *stream;
-  va_list ap;
-  int ret;
-  pkdbuf_t *pkd;
-
-  stream = gnupg_tmpfile ();
-  assert (stream);
-
-  identifier_n = strlen (identifier);
-  uint32_buffer[0] = identifier_n >> 24;
-  uint32_buffer[1] = identifier_n >> 16;
-  uint32_buffer[2] = identifier_n >>  8;
-  uint32_buffer[3] = identifier_n >>  0;
-  ret = fwrite (uint32_buffer, sizeof (uint32_buffer), 1, stream);
-  assert (ret == 1);
-  ret = fwrite (identifier, identifier_n, 1, stream);
-  assert (ret == 1);
-
-  va_start (ap, identifier);
-  while (1)
-    {
-      pkd = va_arg (ap, pkdbuf_t *);
-      if (! pkd)
-	break;
-
-      uint32_buffer[0] = pkd->buffer_n >> 24;
-      uint32_buffer[1] = pkd->buffer_n >> 16;
-      uint32_buffer[2] = pkd->buffer_n >>  8;
-      uint32_buffer[3] = pkd->buffer_n >>  0;
-      ret = fwrite (uint32_buffer, sizeof (uint32_buffer), 1, stream);
-      assert (ret == 1);
-      ret = fwrite (pkd->buffer, pkd->buffer_n, 1, stream);
-      assert (ret == 1);
-    }
-
-  va_end (ap);
-
-  blob_new_n = ftell (stream);
-  rewind (stream);
-
-  blob_new = xmalloc (blob_new_n);
-  ret = fread (blob_new, blob_new_n, 1, stream);
-  assert (ret == 1);
-
-  *blob = blob_new;
-  *blob_n = blob_new_n;
-
-  fclose (stream);
-
-  return 0;
-}
-
-int
-main (int argc, char **argv)
-{
-  const char *keyid;
-  int algorithm_id;
-  pkdbuf_t *pkdbuf;
-  size_t pkdbuf_n;
-  char *command = NULL;
-  FILE *fp;
-  int ret;
-  gcry_error_t err;
-  unsigned char *blob;
-  size_t blob_n;
-  struct b64state b64_state;
-  const char *identifier;
-
-  pkdbuf = NULL;
-  pkdbuf_n = 0;
-
-  algorithm_id = 0;  /* (avoid cc warning) */
-  identifier = NULL; /* (avoid cc warning) */
-
-  if (argc != 2)
-    {
-      fprintf (stderr, "Usage: %s KEYID\n", argv[0]);
-      exit (1);
-    }
-  if (strcmp (argv[1], "--help") == 0)
-    {
-      fprintf (stderr, "Usage: %s KEYID\n", argv[0]);
-      fprintf (stderr, "\n");
-      fprintf (stderr,
-               "Convert a gpg key to a format appropriate for inclusion in an\n"
-               "ssh authorized_keys file.\n");
-      exit (0);
-    }
-
-  keyid = argv[1];
-
-  asprintf (&command,
-            "gpg2 --list-keys --with-colons --with-key-data '%s'",
-            keyid);
-  if (! command)
-    {
-      fprintf (stderr, "Out of memory.\n");
-      exit (1);
-    }
-
-  fp = popen (command, "r");
-  if (! fp)
-    {
-      fprintf (stderr, "Failed to running: '%s'\n", command);
-      exit (1);
-    }
-
-  err = retrieve_key_material (fp, keyid, &algorithm_id, &pkdbuf, &pkdbuf_n);
-  if (err)
-    {
-      fprintf (stderr, "Error looking up key: %s\n", gpg_strerror (err));
-      exit (1);
-    }
-  if (! ((algorithm_id == 1) || (algorithm_id == 17)))
-    {
-      fprintf (stderr, "Unsupported algorithm: %d\n", algorithm_id);
-      exit (1);
-    }
-
-  if (algorithm_id == 1)
-    {
-      identifier = "ssh-rsa";
-      ret = key_to_blob (&blob, &blob_n, identifier,
-			 &pkdbuf[1], &pkdbuf[0], NULL);
-    }
-  else if (algorithm_id == 17)
-    {
-      identifier = "ssh-dss";
-      ret = key_to_blob (&blob, &blob_n, identifier,
-			 &pkdbuf[0], &pkdbuf[1], &pkdbuf[2], &pkdbuf[3], NULL);
-    }
-  assert (! ret);
-
-  printf ("%s ", identifier);
-
-  err = b64enc_start (&b64_state, stdout, "");
-  assert (! err);
-  err = b64enc_write (&b64_state, blob, blob_n);
-  assert (! err);
-  err = b64enc_finish (&b64_state);
-  assert (! err);
-
-  printf (" COMMENT\n");
-
-  return 0;
-}
diff --git a/tools/gpgtar-create.c b/tools/gpgtar-create.c
index cc82889..968dca6 100644
--- a/tools/gpgtar-create.c
+++ b/tools/gpgtar-create.c
@@ -36,7 +36,7 @@
 #include <assert.h>
 
 #include "i18n.h"
-#include "../common/call-gpg.h"
+#include "../common/exectool.h"
 #include "../common/sysutils.h"
 #include "gpgtar.h"
 
@@ -72,13 +72,13 @@ fillup_entry_w32 (tar_header_t hdr)
   for (p=hdr->name; *p; p++)
     if (*p == '/')
       *p = '\\';
-  wfname = utf8_to_wchar (hdr->name);
+  wfname = native_to_wchar (hdr->name);
   for (p=hdr->name; *p; p++)
     if (*p == '\\')
       *p = '/';
   if (!wfname)
     {
-      log_error ("error utf8-ing '%s': %s\n", hdr->name, w32_strerror (-1));
+      log_error ("error converting '%s': %s\n", hdr->name, w32_strerror (-1));
       return gpg_error_from_syserror ();
     }
   if (!GetFileAttributesExW (wfname, GetFileExInfoStandard, &fad))
@@ -299,7 +299,7 @@ scan_directory (const char *dname, scanctrl_t scanctrl)
     for (p=fname; *p; p++)
       if (*p == '/')
         *p = '\\';
-    wfname = utf8_to_wchar (fname);
+    wfname = native_to_wchar (fname);
     xfree (fname);
     if (!wfname)
       {
@@ -322,11 +322,11 @@ scan_directory (const char *dname, scanctrl_t scanctrl)
 
   do
     {
-      char *fname = wchar_to_utf8 (fi.cFileName);
+      char *fname = wchar_to_native (fi.cFileName);
       if (!fname)
         {
           err = gpg_error_from_syserror ();
-          log_error ("error utf8-ing filename: %s\n", w32_strerror (-1));
+          log_error ("error converting filename: %s\n", w32_strerror (-1));
           break;
         }
       for (p=fname; *p; p++)
@@ -741,7 +741,7 @@ write_eof_mark (estream_t stream)
    INPATTERN is NULL take the pattern as null terminated strings from
    stdin.  */
 gpg_error_t
-gpgtar_create (char **inpattern, int encrypt)
+gpgtar_create (char **inpattern, int encrypt, int sign)
 {
   gpg_error_t err = 0;
   struct scanctrl_s scanctrl_buffer;
@@ -865,7 +865,7 @@ gpgtar_create (char **inpattern, int encrypt)
   if (outstream == es_stdout)
     es_set_binary (es_stdout);
 
-  if (encrypt)
+  if (encrypt || sign)
     {
       cipher_stream = outstream;
       outstream = es_fopenmem (0, "rwb");
@@ -886,18 +886,60 @@ gpgtar_create (char **inpattern, int encrypt)
   if (err)
     goto leave;
 
-  if (encrypt)
+  if (encrypt || sign)
     {
+      int i;
+      strlist_t arg;
+      const char **argv;
+
       err = es_fseek (outstream, 0, SEEK_SET);
       if (err)
         goto leave;
 
-      err = gpg_encrypt_stream (NULL,
-                                opt.gpg_program,
-                                opt.gpg_arguments,
-                                outstream,
-                                opt.recipients,
-                                cipher_stream);
+      /* '--encrypt' may be combined with '--symmetric', but 'encrypt'
+         is set either way.  Clear it if no recipients are specified.
+         XXX: Fix command handling.  */
+       if (opt.symmetric && opt.recipients == NULL)
+         encrypt = 0;
+
+      argv = xtrycalloc (strlist_length (opt.gpg_arguments)
+                         + 2 * strlist_length (opt.recipients)
+                         + 1 + !!encrypt + !!sign + 2 * !!opt.user
+                         + !!opt.symmetric,
+                         sizeof *argv);
+      if (argv == NULL)
+        {
+          err = gpg_error_from_syserror ();
+          goto leave;
+        }
+      i = 0;
+      if (encrypt)
+        argv[i++] = "--encrypt";
+      if (sign)
+        argv[i++] = "--sign";
+      if (opt.user)
+        {
+          argv[i++] = "--local-user";
+          argv[i++] = opt.user;
+        }
+      if (opt.symmetric)
+        argv[i++] = "--symmetric";
+      for (arg = opt.recipients; arg; arg = arg->next)
+        {
+          argv[i++] = "--recipient";
+          argv[i++] = arg->d;
+        }
+      for (arg = opt.gpg_arguments; arg; arg = arg->next)
+        argv[i++] = arg->d;
+      argv[i++] = NULL;
+      assert (i == strlist_length (opt.gpg_arguments)
+              + 2 * strlist_length (opt.recipients)
+              + 1 + !!encrypt + !!sign + 2 * !!opt.user
+              + !!opt.symmetric);
+
+      err = gnupg_exec_tool_stream (opt.gpg_program, argv,
+                                    outstream, cipher_stream);
+      xfree (argv);
       if (err)
         goto leave;
     }
diff --git a/tools/gpgtar-extract.c b/tools/gpgtar-extract.c
index 728737d..95f2b56 100644
--- a/tools/gpgtar-extract.c
+++ b/tools/gpgtar-extract.c
@@ -28,7 +28,7 @@
 #include <assert.h>
 
 #include "i18n.h"
-#include "../common/call-gpg.h"
+#include "../common/exectool.h"
 #include "../common/sysutils.h"
 #include "gpgtar.h"
 
@@ -299,6 +299,10 @@ gpgtar_extract (const char *filename, int decrypt)
 
   if (decrypt)
     {
+      int i;
+      strlist_t arg;
+      const char **argv;
+
       cipher_stream = stream;
       stream = es_fopenmem (0, "rwb");
       if (! stream)
@@ -306,8 +310,24 @@ gpgtar_extract (const char *filename, int decrypt)
           err = gpg_error_from_syserror ();
           goto leave;
         }
-      err = gpg_decrypt_stream (NULL, opt.gpg_program, opt.gpg_arguments,
-                                cipher_stream, stream);
+
+      argv = xtrycalloc (strlist_length (opt.gpg_arguments) + 2,
+                         sizeof *argv);
+      if (argv == NULL)
+        {
+          err = gpg_error_from_syserror ();
+          goto leave;
+        }
+      i = 0;
+      argv[i++] = "--decrypt";
+      for (arg = opt.gpg_arguments; arg; arg = arg->next)
+        argv[i++] = arg->d;
+      argv[i++] = NULL;
+      assert (i == strlist_length (opt.gpg_arguments) + 2);
+
+      err = gnupg_exec_tool_stream (opt.gpg_program, argv,
+                                    cipher_stream, stream);
+      xfree (argv);
       if (err)
         goto leave;
 
diff --git a/tools/gpgtar-list.c b/tools/gpgtar-list.c
index cb2ca5d..25c70d2 100644
--- a/tools/gpgtar-list.c
+++ b/tools/gpgtar-list.c
@@ -26,7 +26,7 @@
 
 #include "i18n.h"
 #include "gpgtar.h"
-#include "../common/call-gpg.h"
+#include "../common/exectool.h"
 
 
 
@@ -64,7 +64,7 @@ parse_xoctal (const void *data, size_t length, const char *filename)
             }
           else
             {
-              log_error ("%s: invalid octal number encountered - assuming 0\n", 
+              log_error ("%s: invalid octal number encountered - assuming 0\n",
                          filename);
               value = 0;
               break;
@@ -83,7 +83,7 @@ parse_header (const void *record, const char *filename)
   tar_header_t header;
   int use_prefix;
 
-  use_prefix = (!memcmp (raw->magic, "ustar", 5) 
+  use_prefix = (!memcmp (raw->magic, "ustar", 5)
                 && (raw->magic[5] == ' ' || !raw->magic[5]));
 
 
@@ -135,7 +135,7 @@ parse_header (const void *record, const char *filename)
     n = 0;
   memcpy (header->name+n, raw->name, namelen);
   header->name[n+namelen] = 0;
-  
+
   header->mode  = parse_xoctal (raw->mode, sizeof raw->mode, filename);
   header->uid   = parse_xoctal (raw->uid, sizeof raw->uid, filename);
   header->gid   = parse_xoctal (raw->gid, sizeof raw->gid, filename);
@@ -161,7 +161,7 @@ parse_header (const void *record, const char *filename)
     header->nrecords = (header->size + RECORDSIZE-1)/RECORDSIZE;
   else
     header->nrecords = 0;
-  
+
 
   return header;
 }
@@ -299,6 +299,10 @@ gpgtar_list (const char *filename, int decrypt)
 
   if (decrypt)
     {
+      int i;
+      strlist_t arg;
+      const char **argv;
+
       cipher_stream = stream;
       stream = es_fopenmem (0, "rwb");
       if (! stream)
@@ -306,8 +310,24 @@ gpgtar_list (const char *filename, int decrypt)
           err = gpg_error_from_syserror ();
           goto leave;
         }
-      err = gpg_decrypt_stream (NULL, opt.gpg_program, opt.gpg_arguments,
-                                cipher_stream, stream);
+
+      argv = xtrycalloc (strlist_length (opt.gpg_arguments) + 2,
+                         sizeof *argv);
+      if (argv == NULL)
+        {
+          err = gpg_error_from_syserror ();
+          goto leave;
+        }
+      i = 0;
+      argv[i++] = "--decrypt";
+      for (arg = opt.gpg_arguments; arg; arg = arg->next)
+        argv[i++] = arg->d;
+      argv[i++] = NULL;
+      assert (i == strlist_length (opt.gpg_arguments) + 2);
+
+      err = gnupg_exec_tool_stream (opt.gpg_program, argv,
+                                    cipher_stream, stream);
+      xfree (argv);
       if (err)
         goto leave;
 
diff --git a/tools/gpgtar.c b/tools/gpgtar.c
index a09d2f0..46d06bd 100644
--- a/tools/gpgtar.c
+++ b/tools/gpgtar.c
@@ -27,7 +27,6 @@
    gpg.  So here we go.  */
 
 #include <config.h>
-#include <assuan.h>
 #include <ctype.h>
 #include <errno.h>
 #include <npth.h>
@@ -39,7 +38,6 @@
 #include "util.h"
 #include "i18n.h"
 #include "sysutils.h"
-#include "../common/asshelp.h"
 #include "../common/openpgpdefs.h"
 #include "../common/init.h"
 #include "../common/strlist.h"
@@ -282,11 +280,6 @@ shell_parse_argv (const char *s, int *r_argc, char ***r_argv)
   return 0;
 }
 
-/* Define Assuan hooks for NPTH.  */
-
-ASSUAN_SYSTEM_NPTH_IMPL;
-
-
 /* Global flags.  */
 enum cmd_and_opt_values cmd = 0;
 int skip_crypto = 0;
@@ -325,12 +318,10 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
           break;
 
         case oUser:
-          log_info ("note: ignoring option --user\n");
           opt.user = pargs->r.ret_str;
           break;
 
         case oSymmetric:
-          log_info ("note: ignoring option --symmetric\n");
           set_cmd (&cmd, aEncrypt);
           opt.symmetric = 1;
           break;
@@ -412,11 +403,6 @@ main (int argc, char **argv)
   /* Make sure that our subsystems are ready.  */
   i18n_init();
   init_common_subsystems (&argc, &argv);
-  npth_init ();
-  assuan_set_assuan_log_prefix (log_get_prefix (NULL));
-  assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
-  assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
-  assuan_sock_init ();
 
   /* Parse the command line. */
   pargs.argc  = &argc;
@@ -442,9 +428,11 @@ main (int argc, char **argv)
           log_info (_("NOTE: '%s' is not considered an option\n"), argv[i]);
     }
 
+  if (! opt.gpg_program)
+    opt.gpg_program = gnupg_module_name (GNUPG_MODULE_NAME_GPG);
+
   if (opt.verbose > 1)
     opt.debug_level = 1024;
-  setup_libassuan_logging (&opt.debug_level);
 
   switch (cmd)
     {
@@ -462,12 +450,17 @@ main (int argc, char **argv)
       break;
 
     case aEncrypt:
+    case aSign:
+    case aSignEncrypt:
       if ((!argc && !null_names)
           || (argc && null_names))
         usage (1);
       if (opt.filename)
         log_info ("note: ignoring option --set-filename\n");
-      err = gpgtar_create (null_names? NULL :argv, !skip_crypto);
+      err = gpgtar_create (null_names? NULL :argv,
+                           !skip_crypto
+                           && (cmd == aEncrypt || cmd == aSignEncrypt),
+                           cmd == aSign || cmd == aSignEncrypt);
       if (err && log_get_errorcount (0) == 0)
         log_error ("creating archive failed: %s\n", gpg_strerror (err));
       break;
diff --git a/tools/gpgtar.h b/tools/gpgtar.h
index eadbcac..3f21ea1 100644
--- a/tools/gpgtar.h
+++ b/tools/gpgtar.h
@@ -119,7 +119,7 @@ gpg_error_t read_record (estream_t stream, void *record);
 gpg_error_t write_record (estream_t stream, const void *record);
 
 /*-- gpgtar-create.c --*/
-gpg_error_t gpgtar_create (char **inpattern, int encrypt);
+gpg_error_t gpgtar_create (char **inpattern, int encrypt, int sign);
 
 /*-- gpgtar-extract.c --*/
 gpg_error_t gpgtar_extract (const char *filename, int decrypt);