diff --git a/NEWS b/NEWS index c5ca8d74e..1c3e4ff9b 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,9 @@ +Noteworthy changes in version 2.0.3 +------------------------------------------------ + + * New --verify-option show-primary-uid-only. + + Noteworthy changes in version 2.0.2 (2007-01-31) ------------------------------------------------ @@ -14,7 +20,7 @@ Noteworthy changes in version 2.0.2 (2007-01-31) short. New option --min-passphrase-len defaults to 8. * The status code BEGIN_SIGNING now shows the used hash algorithms. - + Noteworthy changes in version 2.0.1 (2006-11-28) ------------------------------------------------ diff --git a/README.maint b/README.maint new file mode 100644 index 000000000..e74da9297 --- /dev/null +++ b/README.maint @@ -0,0 +1,42 @@ + Notes for the GnuPG maintainer (SVN only) + ============================================ + +Here are some notes on how to maintain GnuPG. + + +Release process: +================ + + * Make sure that all new PO files are checked in. + * Decide whether you want to update the automake standard files + (Mainly config.guess and config.sub). + * [1.4 only] Update gpg.texi and gpgv.texi from the trunk. + * Run "make update-po". + * Write NEWS entries and set the release date in NEWS. + * In configure.ac set "my_issvn" to "no". + * Commit all changes to the SVN. + * Update the SVN then (to sync the release number of all files). + * Run "./autogen.sh --force" + (--force is required for the svn magic in configure.ac and a good + idea in any case) + * Run "make distcheck" + * Build and test the new tarball (best on a different machine). + * [1.4 only] Build and test the W32 vesion. + * Sign the tarball + * Get the previous tarball and run "mkdiff gnupg". + You might need to set a different signature key than mine. mkdiff + has an option for this. + * If you are satisied with the result tag the release. Use "svn + info" to get the current URL and use an svn cp command similar to + "svn cp svn+ssh://host/gnupg/trunk svn+ssh://host/gnupg/tags/2.n.m" + (for 1.4 you should see "branches/STABLE-BRANCH-1-4" instead of "trunk", + however tags are all below tags). + * Copy the files to the FTP server + * Update the webpages - at least the file swdb.wml needs an update. + * Add a new headline to NEWS. + * Bump "my_version" up and set "my_issvn" back to "yes" in configure.ac + * Write an announcement. + + + + diff --git a/THANKS b/THANKS index 20e2bdc79..f8477945c 100644 --- a/THANKS +++ b/THANKS @@ -17,6 +17,7 @@ Anthony Carrico acarrico at memebeam.org Anthony Mulcahy anthony at kcn.ne.jp Ariel T Glenn ariel at columbia.edu ARIGA Seiji ariga at os.rim.or.jp +Benjamin Donnachie benjamin at py-soft.co.uk Bernhard Herzog bh at intevation.de Bernhard Reiter bernhard at intevation.de Billy Halsey bshalsey at paxoo.com diff --git a/doc/ChangeLog b/doc/ChangeLog index c7a86d22e..3c04a980b 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2007-02-26 Werner Koch + + * gpg.texi (GPG Configuration): Document envvar LANGUAGE. + (GPG Configuration Options): Document show-primary-uid-only. + 2007-02-18 Werner Koch * gpg.texi (GPG Esoteric Options): No card reader options for gpg2. diff --git a/doc/DETAILS b/doc/DETAILS index 5dda75191..b947b47c0 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -559,14 +559,14 @@ more arguments in future versions. The output was truncated to MAXNO items. This status code is issued for certain external requests - ERROR + ERROR [] This is a generic error status message, it might be followed - by error location specific data. and - should not contain a space. The error code - is a either a string commencing with a letter or such string - prefix with a numerical error code and an underscore; e.g.: - "151011327_EOF" + by error location specific data. and + should not contain spaces. The error code is + a either a string commencing with a letter or such a string + prefixed with a numerical error code and an underscore; e.g.: + "151011327_EOF". ATTRIBUTE diff --git a/doc/gpg.texi b/doc/gpg.texi index 330be40cf..cff4a0f53 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1003,6 +1003,11 @@ the signature. Defaults to no. Show revoked and expired user IDs during signature verification. Defaults to no. +@item show-primary-uid-only +Show only the primary user ID during signature verification. That is +all the AKA lines as well as photo Ids are not shown with the signature +verification status. + @item pka-lookups Enable PKA lookups to verify sender addresses. Note that PKA is based on DNS, and so enabling this option may disclose information on when @@ -2581,6 +2586,16 @@ value. The option @option{--gpg-agent-info} can be used to override it. @itemx LINES Used to size some displays to the full size of the screen. + +@item LANGUAGE +Apart from its use by GNU, it is used in the W32 version to override the +language selection done through the Registry. If used and set to a a +valid and available language name (@var{langid}), the file with the +translation is loaded from +@code{@var{gpgdir}/gnupg.nls/@var{langid}.mo}. Here @var{gpgdir} is the +directory out of which the gpg binary has been laoded. If it can't be +loaded the Registry is tried as a fallback. + @end table diff --git a/g10/ChangeLog b/g10/ChangeLog index 43e6c06df..fe0f7d69c 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,16 @@ +2007-02-26 Werner Koch + + * gpg.c (main): Add verify option show-primary-uid-only. + * options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New. + * mainproc.c (check_sig_and_print): Implement it. + +2007-02-22 Werner Koch + + * encr-data.c (decrypt_data): Correctly test for unknown algorithm. + * import.c (check_prefs): Ditto. + * keyedit.c (show_prefs): Ditto. + * mainproc.c (proc_symkey_enc): Ditto. + 2007-02-06 Werner Koch * export.c (do_export_stream): Allow reset-subkey-passwd along diff --git a/g10/encr-data.c b/g10/encr-data.c index 696f8af9d..851233cde 100644 --- a/g10/encr-data.c +++ b/g10/encr-data.c @@ -90,11 +90,10 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) if ( opt.verbose && !dek->algo_info_printed ) { - const char *s = gcry_cipher_algo_name (dek->algo); - if (s && *s) - log_info(_("%s encrypted data\n"), s ); + if (!gcry_cipher_test_algo (dek->algo)) + log_info (_("%s encrypted data\n"), gcry_cipher_algo_name (dek->algo)); else - log_info(_("encrypted with unknown algorithm %d\n"), dek->algo ); + log_info (_("encrypted with unknown algorithm %d\n"), dek->algo ); dek->algo_info_printed = 1; } rc = openpgp_cipher_test_algo (dek->algo); diff --git a/g10/gpg.c b/g10/gpg.c index e8e83c2c5..dc100dc92 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -2601,6 +2601,8 @@ main (int argc, char **argv ) N_("show user ID validity during signature verification")}, {"show-unusable-uids",VERIFY_SHOW_UNUSABLE_UIDS,NULL, N_("show revoked and expired user IDs in signature verification")}, + {"show-primary-uid-only",VERIFY_SHOW_PRIMARY_UID_ONLY,NULL, + N_("show only the primary user ID in signature verification")}, {"pka-lookups",VERIFY_PKA_LOOKUPS,NULL, N_("validate signatures with PKA data")}, {"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL, diff --git a/g10/import.c b/g10/import.c index b3857fc0a..7978bbba0 100644 --- a/g10/import.c +++ b/g10/import.c @@ -603,11 +603,14 @@ check_prefs(KBNODE keyblock) { if (openpgp_cipher_test_algo (prefs->value)) { - const char *algo = gcry_cipher_algo_name (prefs->value); + const char *algo = + (gcry_cipher_test_algo (prefs->value) + ? num + : gcry_cipher_algo_name (prefs->value)); if(!problem) check_prefs_warning(pk); log_info(_(" \"%s\": preference for cipher" - " algorithm %s\n"),user,algo?algo:num); + " algorithm %s\n"), user, algo); problem=1; } } @@ -615,11 +618,14 @@ check_prefs(KBNODE keyblock) { if(openpgp_md_test_algo(prefs->value)) { - const char *algo = gcry_md_algo_name (prefs->value); + const char *algo = + (gcry_md_test_algo (prefs->value) + ? num + : gcry_md_algo_name (prefs->value)); if(!problem) check_prefs_warning(pk); log_info(_(" \"%s\": preference for digest" - " algorithm %s\n"),user,algo?algo:num); + " algorithm %s\n"), user, algo); problem=1; } } diff --git a/g10/keyedit.c b/g10/keyedit.c index bb8e63af4..89f26c765 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -2319,14 +2319,13 @@ show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose) tty_printf (_("Cipher: ")); for(i=any=0; prefs[i].type; i++ ) { if( prefs[i].type == PREFTYPE_SYM ) { - const char *s = gcry_cipher_algo_name (prefs[i].value); - if (any) tty_printf (", "); any = 1; /* We don't want to display strings for experimental algos */ - if (s && prefs[i].value < 100 ) - tty_printf ("%s", s ); + if (!gcry_cipher_test_algo (prefs[i].value) + && prefs[i].value < 100 ) + tty_printf ("%s", gcry_cipher_algo_name (prefs[i].value)); else tty_printf ("[%d]", prefs[i].value); if (prefs[i].value == CIPHER_ALGO_3DES ) @@ -2342,14 +2341,13 @@ show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose) tty_printf (_("Digest: ")); for(i=any=0; prefs[i].type; i++ ) { if( prefs[i].type == PREFTYPE_HASH ) { - const char *s = gcry_md_algo_name (prefs[i].value); - if (any) tty_printf (", "); any = 1; /* We don't want to display strings for experimental algos */ - if (s && prefs[i].value < 100 ) - tty_printf ("%s", s ); + if (!gcry_md_test_algo (prefs[i].value) + && prefs[i].value < 100 ) + tty_printf ("%s", gcry_md_algo_name (prefs[i].value) ); else tty_printf ("[%d]", prefs[i].value); if (prefs[i].value == DIGEST_ALGO_SHA1 ) diff --git a/g10/mainproc.c b/g10/mainproc.c index 2a5db6e97..faefacb10 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -273,7 +273,7 @@ proc_symkey_enc( CTX c, PACKET *pkt ) int algo = enc->cipher_algo; const char *s = gcry_cipher_algo_name (algo); - if(s) + if (!gcry_cipher_test_algo (algo)) { if(!opt.quiet) { @@ -1768,7 +1768,8 @@ check_sig_and_print( CTX c, KBNODE node ) /* If we have a good signature and already printed * the primary user ID, print all the other user IDs */ - if ( count && !rc ) { + if ( count && !rc + && !(opt.verify_options&VERIFY_SHOW_PRIMARY_UID_ONLY)) { char *p; for( un=keyblock; un; un = un->next ) { if( un->pkt->pkttype != PKT_USER_ID ) diff --git a/g10/options.h b/g10/options.h index 8bc81b943..315912b33 100644 --- a/g10/options.h +++ b/g10/options.h @@ -341,6 +341,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode; #define VERIFY_SHOW_UNUSABLE_UIDS (1<<6) #define VERIFY_PKA_LOOKUPS (1<<7) #define VERIFY_PKA_TRUST_INCREASE (1<<8) +#define VERIFY_SHOW_PRIMARY_UID_ONLY (1<<9) #define KEYSERVER_USE_TEMP_FILES (1<<0) #define KEYSERVER_KEEP_TEMP_FILES (1<<1) diff --git a/sm/encrypt.c b/sm/encrypt.c index 056599a64..907fabc01 100644 --- a/sm/encrypt.c +++ b/sm/encrypt.c @@ -76,8 +76,8 @@ init_dek (DEK dek) return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); } - /* Extra check for algorithms we considere to be to weak for - encryption, qlthough we suppor them fro decryption. Note that + /* Extra check for algorithms we consider to be too weak for + encryption, although we support them for decryption. Note that there is another check below discriminating on the key length. */ switch (dek->algo) {