* getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax

for use with secret keys.

* seckey-cert.c (do_check): Always calculate the old checksum for
use after unprotection.

* g10.c, options.skel: New option --no-escape-from.  Made
--escape-from and --force-v3-sigs the default and removed them
from the options skeleton.

g10/ChangeLog

@@ -1,5 +1,14 @@
-2002-04-17  Werner Koch  <wk@gnupg.org>
+2002-04-18  Werner Koch  <wk@gnupg.org>
 
+	* getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
+	for use with secret keys.
+
+	* seckey-cert.c (do_check): Always calculate the old checksum for
+	use after unprotection.
+
+	* g10.c, options.skel: New option --no-escape-from.  Made
+	--escape-from and --force-v3-sigs the default and removed them
+	from the options skeleton.
 
 2002-04-16  Werner Koch  <wk@gnupg.org>
 

g10/g10.c

@@ -222,6 +222,7 @@ enum cmd_and_opt_values { aNull = 0,
     oCharset,
     oNotDashEscaped,
     oEscapeFrom,
+    oNoEscapeFrom,
     oLockOnce,
     oLockMultiple,
     oLockNever,
@@ -489,6 +490,7 @@ static ARGPARSE_OPTS opts[] = {
     { oEmitVersion, "emit-version", 0, "@"},
     { oNotDashEscaped, "not-dash-escaped", 0, "@" },
     { oEscapeFrom, "escape-from-lines", 0, "@" },
+    { oNoEscapeFrom, "no-escape-from-lines", 0, "@" },
     { oLockOnce, "lock-once", 0, "@" },
     { oLockMultiple, "lock-multiple", 0, "@" },
     { oLockNever, "lock-never", 0, "@" },
@@ -791,6 +793,8 @@ main( int argc, char **argv )
     opt.marginals_needed = 3;
     opt.max_cert_depth = 5;
     opt.pgp2_workarounds = 1;
+    opt.force_v3_sigs = 1;
+    opt.escape_from = 1;
 #if defined (__MINGW32__) || defined (__CYGWIN32__)
     opt.homedir = read_w32_registry_string( NULL, "Software\\GNU\\GnuPG", "HomeDir" );
 #else
@@ -1183,6 +1187,7 @@ main( int argc, char **argv )
 	    break;
 	  case oNotDashEscaped: opt.not_dash_escaped = 1; break;
 	  case oEscapeFrom: opt.escape_from = 1; break;
+	  case oNoEscapeFrom: opt.escape_from = 0; break;
 	  case oLockOnce: opt.lock_once = 1; break;
 	  case oLockNever: disable_dotlock(); break;
 	  case oLockMultiple:

g10/getkey.c

@@ -1721,7 +1721,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
 }
 
 /* This function checks that for every public subkey a corresponding
- * secret subkey is avalable and deletes the public subkey otherwise.
+ * secret subkey is available and deletes the public subkey otherwise.
  * We need this function because we can't delete it later when we
  * actually merge the secret parts into the pubring.
  * The function also plays some games with the node flags.
@@ -1779,6 +1779,10 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
             }
         }
     }
+    /* We need to copy the found bits (0 and 1) from the secret key to
+       the public key.  This has already been done for the subkeys but
+       got lost on the primary key - fix it here *. */
+    pubblock->flag |= (secblock->flag & 3);
 }
 
 

g10/options.skel

@@ -51,23 +51,23 @@ $Id$
 #default-recipient some-user-id
 #default-recipient-self
 
-
+# By default GnuPG creates version 3 signatures for data files.  This
-# The next option is enabled because this one is needed for interoperation
+# is not OpenPGP compliant but PGP 6 requires them.  To disable it,
-# with PGP 5 users.  To enable full OpenPGP compliance you have to remove
+# you may use this option or --openpgp.
-# this option.
+#no-force-v3-sigs
-
-force-v3-sigs
 
 # Because some mailers change lines starting with "From " to ">From "
 # it is good to handle such lines in a special way when creating
 # cleartext signatures; all other PGP versions do it this way too.
-# To enable full OpenPGP compliance you have to remove this option.
+# To enable full OpenPGP compliance you may want to use this option.
+#no-escape-from-lines
 
-escape-from-lines
+# If you do not use the Latin-1 (ISO-8859-1) charset, you should tell
-
+# GnuPG which is the native character set.  Please check the man page
-# If you do not use the Latin-1 (ISO-8859-1) charset, you should
+# for supported character sets.  This character set is only used for
-# tell GnuPG which is the native character set.  Please check
+# Meta data and not for the actual message which does not undergo any
-# the man page for supported character sets. 
+# translation.  Note that future version of GnuPG will change to UTF-8
+# as default character set.
 #charset utf-8
 
 

g10/seckey-cert.c

@@ -105,8 +105,14 @@ do_check( PKT_secret_key *sk, const char *tryagain_text )
                     md_write (h, data, ndata - 20);
                     md_final (h);
                     if (!memcmp (md_read (h, DIGEST_ALGO_SHA1),
-                                 data + ndata - 20, 20) )
+                                 data + ndata - 20, 20) ) {
-                        csum = 0; /* digest does match */
+                        /* digest does match.  We have to keep the old
+                           style checksum in sk->csum, so that the
+                           test used for unprotected keys does work.
+                           This test gets used when we are adding new
+                           keys. */
+                        sk->csum = csum = checksum (data, ndata-20);
+                    }
                     md_close (h);
                 }
             }