1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00

924 Commits

Author SHA1 Message Date
David Shaw
1848ef6950 * gpg.sgml: Add "edit/addrevoker". Document --desig-revoke. Note that -z
and --compress are the same option.  Note that --digest-algo can no longer
violate OpenPGP with a non-160 bit hash with DSA.  Document
--cert-digest-algo with suitable warnings not to use it.  Note the default
s2k-cipher-algo is now CAST5. Note that --force-v3-sigs overrides
--ask-sig-expire.  Revise --expert documentation, as it is now definitely
legal to have more than one photo ID on a key.  --preference-list is now
--default-preference-list with the new meaning.  Document
--personal-preference-list.

* DETAILS: Document "Revoker" for batch key generation.
2002-05-31 22:34:16 +00:00
Timo Schulz
5f3acaffa9 2002-05-31 Timo Schulz <ts@winpt.org>
* pkclist.c (do_show_revocation_reason): Don't use capital
        letters for non-interactive output.
        (show_revocation_reason): Now it is global.
        * pubkey-enc.c (get_it): Show if the key has been revoked.
2002-05-31 09:23:24 +00:00
David Shaw
5f5c43ab26 * sign.c (write_signature_packets, sign_file, clearsign_file,
sign_symencrypt_file): Make a v4 signature if a policy URL or notation is
set, unless v3 sigs are forced via rfc1991 or force-v3-sigs.  Also remove
some doubled code and clarify an error message (we don't sign in PGP2
mode - just detach-sign).

* parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any size"
section.
2002-05-30 22:58:19 +00:00
David Shaw
da3f17990c * keygen.c (keygen_set_std_prefs, add_feature_mdc): Use "mdc" and "no-mdc"
in the prefs string to allow switching on and off the MDC feature.  This
is needed to properly export a key from GnuPG for use on PGP which does
not support MDC - without this, MDC-capable implementations will still try
and generate MDCs which will break PGP.

* keygen.c (keygen_get_std_prefs): Show "[mdc]" in prefs string if it is
enabled.

* options.h, g10.c (main), cipher.c (write_header), keygen.c
(keygen_set_std_prefs): For consistency, allow the user to specify
mdc/no-mdc in the --personal-preference-list.  If disabled, it acts just
like --disable-mdc.
2002-05-29 20:52:51 +00:00
David Shaw
e77b643b4a * options.h, exec.c: Add some debugging info, using the 1024 debug flag.
* exec.c (win_system): New system()-like function for win32 that does not
return until the child process terminates.  Of course, this doesn't help
if the process itself exits before it is finished.
2002-05-29 18:46:49 +00:00
Werner Koch
9a9ae615ea * encode.c (encode_simple): Intialize PKT when --no-literal is used. 2002-05-29 13:44:19 +00:00
Werner Koch
cc6de431ff * keyedit.c (show_key_with_all_names_colon): Renamed the record
for revocation keys to "rvk".
2002-05-29 11:27:08 +00:00
Werner Koch
0a1b46b5db Described --with-colons enhancements. 2002-05-28 08:28:49 +00:00
Werner Koch
9fe2c355e5 * keyedit.c (show_key_with_all_names_colon): New.
(show_key_with_all_names): Divert to new function when required.
Sanitize printing of revoker name.
2002-05-28 08:27:45 +00:00
David Shaw
e4b2f8da41 * build-packet.c (build_sig_subpkt): Handle setting sig flags for certain
subpacket types (notation, policy url, exportable, revocable).  keyedit.c
(sign_mk_attrib): Flags no longer need to be set here.

* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check buffer
lengths before building a sig subpacket.
2002-05-28 03:10:00 +00:00
David Shaw
8d5dad0ac3 * sign.c (mk_notation_and_policy): Include secret key to enable %s
expandos, and pass notations through pct_expando as well.

* main.h, misc.c (pct_expando): Add %s and %S expandos for signer's keyid.
2002-05-27 01:00:11 +00:00
David Shaw
de2f0905b5 * g10.c (strusage, build_list): Add compress algorithms to --version list.
Show algorithm numbers when --verbose --version is done.
2002-05-26 03:42:39 +00:00
David Shaw
2656589782 * options.h, main.h, keygen.c (keygen_set_set_prefs, keygen_get_std_prefs,
keygen_upd_std_prefs), keyedit.c (keyedit_menu), g10.c (main), pkclist.c
(select_algo_from_prefs): Add --personal-preference-list which allows the
user to factor in their own preferred algorithms when the preference lists
are consulted.  Obviously, this does not let the user violate a
recepient's preferences (and the RFC) - this only influences the ranking
of the agreed-on (and available) algorithms from the recepients.
Suggested by David Hollenberg.

* options.h, keygen.c (keygen_set_std_prefs), g10.c (main): Rename
--preference-list to --default-preference-list (as that is what it really
is), and make it a true default in that if the user selects "default" they
get this list and not the compiled-in list.
2002-05-22 14:07:12 +00:00
Werner Koch
eb2c0d6864 * gpg.sgml: sgml syntax fix. 2002-05-22 09:10:41 +00:00
Werner Koch
f7742dd22f * util.h: Add strncasecmp. Removed stricmp and memicmp. 2002-05-22 09:10:26 +00:00
Werner Koch
ee18678cb6 * g10.c (main): Add missing LF in a info printout and made it
translatable.  Noted by Michael Tokarev.
2002-05-22 09:10:08 +00:00
Werner Koch
018a5fd8bd * configure.ac: Check for strcasecmp and strncasecmp. Removed
stricmp and memicmp checks.
2002-05-22 09:09:36 +00:00
Werner Koch
eb1057be7c * fileutil.c (compare_filenames): Replaced stricmp by strcasecmp.
* miscutil.c (answer_is_yes_no_quit,answer_is_yes_no_default): Ditto.

* strgutil.c (strncasecmp): New.
(memicmp): Removed.
2002-05-22 09:09:24 +00:00
Werner Koch
09e732361a * g10.c (main): Removed the undef of USE_SHM_COPROCESSING which
was erroneously introduced on 2002-01-09.
2002-05-21 16:46:48 +00:00
Werner Koch
529e037c43 * signal.c (got_fatal_signal): Don't write the Nul to stderr.
Reported by David Hollenberg.
2002-05-21 05:33:17 +00:00
David Shaw
91f05595cc * main.h, g10.c (main), revoke.c (gen_desig_revoke): Generate a designated
revocation via --desig-revoke

* keyedit.c (keyedit_menu, menu_addrevoker): New "addrevoker" command to
add a designated revoker to a key.
2002-05-19 15:04:04 +00:00
David Shaw
28ae0d878f * gpgv.c: Add stub for get_ownertrust().
* g10.c (main): --allow-freeform-uid should be implied by OpenPGP.  Add
--no-allow-freeform-uid.

* keyedit.c (sign_uids): Issue a warning when signing a non-selfsigned
uid.

* getkey.c (merge_selfsigs_main): If a key has no selfsigs, and
allow-non-selfsigned-uid is not set, still try and make the key valid by
checking all uids for a signature from an ultimately trusted key.
2002-05-17 18:49:30 +00:00
Werner Koch
5c759fee31 * gpg.sgml: Fixed URL in the description section.
* faq.raw: Minor typo fixes noted by kromJx@myrealbox.com.
2002-05-16 07:19:27 +00:00
David Shaw
4dcdaa3b1b * main.h, keygen.c (keygen_add_revkey): Add revocation key subpackets to a
signature (callable by make_keysig_packet). (write_direct_sig): Write a 1F
direct key signature. (parse_revocation_key): Parse a string in
algo:fpr:sensitive format into a revocation key. (get_parameter_revkey,
do_generate_keypair): Call above functions when prompted from a batch key
generation file.

* build-packet.c (build_sig_subpkt): Allow multiple revocation key
subpackets in a single sig.

* keydb.h, getkey.c (get_seckey_byfprint): Same as get_pubkey_byfprint,
except for secret keys.  We only know the fingerprint of a revocation key,
so this is needed to retrieve the secret key needed to issue a revokation.

* packet.h, parse-packet.c (parse_signature, parse_revkeys): Split revkey
parsing off into a new function that can be used to reparse after
manipulating the revkey list.

* sign.c (make_keysig_packet): Ability to make 1F direct key signatures.
2002-05-16 03:35:55 +00:00
David Shaw
fcfc223dbb * options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl as a
sample LDAP server instead.

* getkey.c (merge_selfsigs_main): Properly handle multiple revocation keys
in a single packet.  Properly handle revocation keys that are in
out-of-order packets.  Remove duplicates in revocation key list.
2002-05-15 13:15:27 +00:00
Timo Schulz
ab53833530 2002-05-14 Timo Schulz <ts@winpt.org>
* exec.c (make_tempdir) [MINGW32]: Added missing '\'.
2002-05-14 09:57:32 +00:00
Stefan Bellon
7ea7c0bc16 EXTSEP_S instead of hardcoded dot 2002-05-13 23:07:22 +00:00
David Shaw
435ecaa5b0 * photoid.c (show_photos): Use the long keyid as the filename for the
photo.  Use the short keyid as the filename on 8.3 systems.

* exec.h, exec.c (make_tempdir, exec_write, exec_finish): Allow caller to
specify filename.  This should make things easier on windows and macs
where the file extension is required, but a whole filename is even better.

* keyedit.c (show_key_with_all_names, show_prefs): Show proper prefs for a
v4 key uid with no selfsig at all.

* misc.c (check_permissions): Don't check permissions on non-normal files
(pipes, character devices, etc.)
2002-05-13 20:44:30 +00:00
Werner Koch
0a66b9aaae * mainproc.c (proc_symkey_enc): Avoid segv in case the parser
encountered an invalid packet.
2002-05-11 16:54:43 +00:00
Werner Koch
6237f835d3 * keyserver.c (keyserver_export): Get confirmation before sending
all keys.
2002-05-11 12:33:13 +00:00
Werner Koch
0c17aeba5d doc updates 2002-05-11 12:32:46 +00:00
Stefan Bellon
1935d90e1f fixes for M_DEBUG, strcasecmp and RISC OS 2002-05-10 17:28:32 +00:00
David Shaw
fecfcb6454 * packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Show assumed
prefs for hash and compression as well as the cipher pref. Show assumed
prefs if there are no prefs at all on a v4 self-signed key.

* options.h, g10.c (main), sign.c (make_keysig_packet): New
--cert-digest-algo function to override the default key signing hash
algorithm.
2002-05-10 15:27:20 +00:00
Werner Koch
4346b6f501 * Makefile.am: Add gpg_dearmor to all targets where it is used.
Noted by Andreas Haumer.
2002-05-10 08:53:30 +00:00
David Shaw
0c3ac11549 * getkey.c (merge_selfsigs_main): Make sure the revocation key list starts
clean as this function may be called more than once (e.g. from functions
in --edit).

* g10.c, encode.c (encode_crypt), sign.c (sign_file,
sign_symencrypt_file): Make --compress-algo work like the documentation
says.  It should be like --cipher-algo and --digest-algo in that it can
override the preferences calculation and impose the setting the user
wants.  No --compress-algo setting allows the usual preferences
calculation to take place.

* main.h, compress.c (compress_filter): use new DEFAULT_COMPRESS_ALGO
define, and add a sanity check for compress algo value.
2002-05-09 19:57:08 +00:00
David Shaw
4cb36096ec * pkclist.c (select_algo_from_prefs): There is an assumed compression
preference for uncompressed data.
2002-05-09 03:44:31 +00:00
David Shaw
40bd97eee3 * gpgkeys_ldap.c: Include <lber.h> if we absolutely must. This helps when
compiling against a very old OpenLDAP.
2002-05-08 23:17:51 +00:00
David Shaw
5a797b494b configure.ac: If LDAP comes up unusable, try #including <lber.h> before
giving up.  Old versions of OpenLDAP require that.
2002-05-08 23:17:25 +00:00
David Shaw
a2dcc14710 * gpg.sgml: Add entries for --sk-comments, --no-sk-comments, --pgp7, and
--no-pgp7.  Fix --pgp2 and --pgp6: the proper name is --escape-from-lines
and not --escape-from.
2002-05-08 03:38:35 +00:00
David Shaw
7ee8e46500 * options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c
(algo_available): --pgp7, identical to --pgp6 except that it permits a few
algorithms that PGP 7 added: AES128, AES192, AES256, and TWOFISH.  Any
more of these --pgpX flags, and it'll be time to start looking at a
generic --emulate-pgp X option.
2002-05-07 22:04:27 +00:00
David Shaw
d5d974536e * export.c (do_export_stream): Warn the user when exporting a secret key
if it or any of its secret subkeys are protected with SHA1 while
simple_sk_checksum is set.

* parse-packet.c (parse_key): Show when the SHA1 protection is used in
--list-packets.

* options.h, build-packet.c (do_comment), g10.c (main): Rename
--no-comment as --sk-comments/--no-sk-comments (--no-comment still works)
and make the default be --no-sk-comments.
2002-05-07 15:21:57 +00:00
Stefan Bellon
7d217ecd7a use EXTSEP_S instead of "." 2002-05-07 14:43:00 +00:00
Werner Koch
0295445a4c * keygen.c (get_parameter_algo): Never allow generation of the
deprecated RSA-E or RSA-S flavors of PGP RSA.
(ask_algo): Allow generation of RSA sign and encrypt in expert
mode.  Don't allow ElGamal S+E unless in expert mode.
* helptext.c: Added entry keygen.algo.rsa_se.
2002-05-07 07:24:29 +00:00
David Shaw
2e56b988c8 * keyedit.c (sign_uids): If --expert it set, allow re-signing a uid to
promote a v3 self-sig to a v4 one.  This essentially deletes the old v3
self-sig and replaces it with a v4 one.
2002-05-07 04:27:40 +00:00
David Shaw
50c9a5bd25 * packet.h, parse-packet.c (parse_key), getkey.c (merge_keys_and_selfsig,
merge_selfsigs_main): a v3 key with a v4 self-sig must never let the v4
self-sig express a key expiration time that extends beyond the original v3
expiration time.
2002-05-07 04:05:03 +00:00
David Shaw
4a214fbfbb * keyedit.c (sign_uids): When making a self-signature via "sign" don't ask
about sig level or expiration, and include the usual preferences and such
for v4 self-sigs.  (menu_set_preferences): Convert uids from UTF8 to
native before printing.
2002-05-06 22:38:53 +00:00
David Shaw
2dfec7107c * keyedit.c (sign_uids): Convert uids from UTF8 to native before printing.
(menu_set_primary_uid): Show error if the user tries to make a uid with a
v3 self-sig primary.
2002-05-06 16:40:33 +00:00
David Shaw
ffc98f20ea * import.c (import_one): When merging with a key we already have, don't
let a key conflict (same keyid but different key) stop the import: just
skip the bad key and continue.

* exec.c (make_tempdir): Under Win32, don't try environment variables for
temp directories - GetTempDir tries environment variables internally, and
it's better not to second-guess it in case MS adds some sort of temp dir
handling to Windows at some point.
2002-05-05 19:44:22 +00:00
Timo Schulz
f6ccde9f14 2002-05-04 Timo Schulz <ts@winpt.org>
* mainproc.c (proc_symkey_enc): Don't ask for a passphrase
        in the list only mode.
2002-05-05 15:50:44 +00:00
David Shaw
ab59f621d6 * keyserver.c (keyserver_refresh): --refresh-keys implies --merge-only so
as not to import keys with keyids that match the ones being refreshed.
Noted by Florian Weimer.
2002-05-05 12:45:54 +00:00