1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

904 Commits

Author SHA1 Message Date
David Shaw
045433e35c * options.h, export.c (do_export_stream), keyedit.c (keyedit_menu,
menu_clean_subkeys_from_key), trustdb.h, trustdb.c
(clean_subkeys_from_key): Remove subkey cleaning function.  It is of
very limited usefulness since it cannot be used on any subkey that can
sign, and can only affect multiple selfsigs on encryption-only
subkeys.
2005-06-10 03:00:57 +00:00
David Shaw
31522bac1d * keydb.h, kbnode.c (undelete_kbnode): New function to undelete a
kbnode.

* trustdb.c (clean_uids_from_key): Further tweak the algorithm so that
the last good selfsig is kept when the chosen selfsig is a revocation.
2005-06-10 02:52:41 +00:00
David Shaw
475107dff3 * trustdb.c (clean_uids_from_key), keyedit.c
(menu_clean_uids_from_key): Tweak algorithm to preserve the last
selfsig which helps prevent uid resurrections.
2005-06-09 02:53:18 +00:00
David Shaw
1b07e3723e * getkey.c (fixup_uidnode, merge_selfsigs_main): Handle both expired
and revoked uids in fixup_uidnode().  No need to special case in
merge_selfsigs_main().  This also means that an expired uid will have
its selfsig tagged with chosen_selfsig.
2005-06-08 13:12:57 +00:00
David Shaw
2c9948c00a * options.h, g10.c (main), export.c (parse_export_options,
do_export_stream): Add export-options export-clean-sigs,
export-clean-uids, export-clean-subkeys, and export-clean which is all
of the above.  Export-minimal is the same except it also removes all
non-selfsigs.  export-unusable-sigs is now a noop.
2005-06-08 03:31:48 +00:00
David Shaw
7bf9354bf6 * signal.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on mingw32.
Noted by Joe Vender.

* passphrase.c [_WIN32]: Remove unused variables.
2005-06-01 19:13:05 +00:00
David Shaw
db8adc2880 * keyedit.c (menu_clean_uids_from_key, menu_clean_subkeys_from_key),
trustdb.c (clean_uids_from_key, clean_subkeys_from_key): Fix mingw32 build
warnings.  Noted by Joe Vender.
2005-05-31 19:12:10 +00:00
Werner Koch
a6a93ac540 * keydb.h [!ENABLE_AGENT_SUPPORT]: Define dummy types.
* cardglue.c (assuan_strerror, assuan_transact): Dummy functions
        if not build with agent support.

	* zh_TW.po, zh_CN.po, es.po, ro.po: Updated.

        * tr.po: Updated from TP.  Note: this is an exception in general
        translations from the Robot are not anymore accepted.

        * regcomp.c (MB_CUR_MAX) [_WIN32]: Define it only if not defined.
2005-05-31 10:11:01 +00:00
Werner Koch
7d4043ca57 Updated FSF street address and preparations for a release candidate. 2005-05-31 08:39:18 +00:00
David Shaw
0a9827ca07 * trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk through
the subkeys on a key, and mark any that aren't usable for deletion.
Note that a signing subkey is never marked for deletion since these
keys are still useful after expiration or revocation.

* keyedit.c (menu_clean_subkeys_from_key): New function to call
clean_subkeys_from_key() on a key.  Note that the strings here are not
marked for translation yet.  The UI is still in flux, and there is no
point in annoying the translators twice.  (keyedit_menu): Call it here
as part of the "clean" command.
2005-05-31 03:59:24 +00:00
David Shaw
acac94aa90 * trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through the
user IDs on a key, and mark any that aren't valid for deletion.

* keyedit.c (menu_clean_uids_from_key): New function to call
clean_uids_from_key() on a key.  (keyedit_menu): Call it from here as
part of the "clean" command.
2005-05-30 03:43:30 +00:00
David Shaw
0bad13cdf4 * g10.c (main): Default {export|import}-unusable-sigs to off until the
"clean" UI can be finished.
2005-05-27 03:00:26 +00:00
Werner Koch
d0f5655d19 * passphrase.c (ask_passphrase): Unescape the description string.
* cardglue.c (unescape_status_string): Removed.  Changed all
caller to use ...
* misc.c (unescape_percent_string): New.
2005-05-24 12:39:42 +00:00
Werner Koch
d8bd3a3826 (add_notation_data): Check number of at-signs. 2005-05-24 09:14:31 +00:00
Werner Koch
2f63b5299c * app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS.
* cardglue.c (open_card): Check USE_AGENT.
(agent_scd_checkpin): Implemented Assuan part.
(agent_scd_change_pin): Ditto.
2005-05-23 20:16:21 +00:00
Werner Koch
75675331f1 * cardglue.c (open_card): Check USE_AGENT.
* g10.c (main): Option --debug-ccid-driver may now be given
several times increase the debug level.

* ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version
5.14 as good.
(do_close_reader): Never do a reset. The caller should instead
make sure that the reader has been closed properly.  The new retry
code in ccid_slot_status will make sure that the readersatrts up
fine even if the last process didn't closed the USB connection
properly.
(ccid_get_atr): For certain readers try switching to ISO mode.
Thanks to Ludovic Rousseau for this hint and the magic numbers.
(print_command_failed): New.
(bulk_in): Use it here. Add new arg NO_DEBUG.
(ccid_slot_status): Disabled debugging.
2005-05-23 14:38:05 +00:00
Werner Koch
be2aa37dbf * cardglue.c (send_status_info): Make CTRL optional.
(agent_scd_writekey, inq_writekey_parms): New.
(agent_openpgp_storekey): Removed.
* cardglue.h: Add a few more error code mappings.
* keygen.c (copy_mpi): Removed.
(save_unprotected_key_to_card): Changed to use agent_scd_writekey.
* app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer
version in gnupg 1.9 CVS.
2005-05-21 14:04:32 +00:00
Werner Koch
bd644c8d45 (ccid_transceive): Arghhh. The seqno is another
bit in the R-block than in the I block, this was wrong at one
place. Fixes bug #419 and hopefully several others.
2005-05-20 20:37:08 +00:00
David Shaw
c5fa20dba3 * build-packet.c (do_comment): Removed. (build_packet): Ignore
comment packets.

* export.c (do_export_stream): Don't export comment packets any
longer.

* options.h, g10.c (main): Remove --sk-comments and --no-sk-comments
options, and replace with no-op.
2005-05-14 02:38:31 +00:00
David Shaw
e81d88b265 * keygen.c (write_selfsigs): Rename from write_selfsig. Write the same
selfsig into both the pk and sk, so that someone importing their sk (which
will get an autoconvert to the pk) won't end up with two selfsigs.
(do_generate_keypair): Call it from here.

* parse-packet.c (can_handle_critical_notation): New.  Check for
particular notation tags that we will accept when critical. Currently,
that's only preferred-email-encoding@pgp.com, since we know how to handle
it (pass it through to a mail program). (can_handle_critical): Call it
from here. (parse_one_sig_subpkt): Sanity check that notations are
well-formed in that the internal lengths add up to the size of the
subpacket.
2005-05-11 19:31:53 +00:00
Werner Koch
0ab01480ed (do_close_reader): Don't do a reset before close.
Some folks reported that it makes the SCR335 hang less often.
Look at the source on how to re-enable it.
2005-05-07 15:22:01 +00:00
David Shaw
89c844bd3a * main.h, keygen.c (parse_expire_string, ask_expire_interval), sign.c
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c
(sign_uids): Use seconds rather than days internally to calculate
expiration.  We no longer need the day-based code as we don't generate v3
keys.
2005-05-06 19:25:19 +00:00
David Shaw
10f51e0714 * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use the
default sig expire value when signing in batchmode.
2005-05-06 13:03:22 +00:00
David Shaw
89055cca85 * Makefile.am, packet.h, main.h, comment.c: Remove comment.c. We don't
use any of these functions any longer.
2005-05-05 22:32:52 +00:00
David Shaw
da0c60a987 * keygen.c (start_tree): New function to "prime" a KBNODE list.
(do_generate_keypair): Use it here rather than creating and deleting a
comment packet.

* keygen.c (gen_elg, gen_dsa): Do not put public factors in secret key as
a comment.

* options.h, encode.c (encode_simple, encode_crypt), keygen.c (do_create):
Remove disabled comment packet code.
2005-05-05 22:08:37 +00:00
David Shaw
08bd93f7dc * keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default
preferences.
2005-05-05 21:18:47 +00:00
David Shaw
c71639cfff * options.h, g10.c (main): Add new --default-sig-expire and
--default-cert-expire options.  Suggested by Florian Weimer.

* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.

* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
2005-05-05 19:21:40 +00:00
Werner Koch
6639bbf699 * passphrase.c (agent_get_passphrase): Add new arg CACHEID.
Changed all callers.
(ask_passphrase): Add new arg CACHEID and use it in agent mode.
Changed all callers.
(passphrase_clear_cache): New arg CACHEID.  Changed all callers.
* cardglue.c (format_cacheid): New.
(pin_cb): Compute a cache ID.
(agent_scd_pksign, agent_scd_pkdecrypt): Use it.
(agent_clear_pin_cache): New.
* card-util.c (change_pin): Clear the PIN cache.
(check_pin_for_key_operation): Ditto.
2005-05-03 22:27:07 +00:00
David Shaw
f02fe1dafb * trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the
no-pubkey and chosen revocation cases.  (clean_uid): New function to
clean a user ID of unusable (as defined by mark_usable_uid_certs)
certs.

* keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new
"clean" command that removes unusable sigs from a key.
2005-04-24 18:35:30 +00:00
David Shaw
6d72a1c649 * trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): Allow
specifying user ID via the namehash from --with-colons
--fixed-list-mode --list-keys.  Suggested by Peter Palfrader.
2005-04-24 16:05:41 +00:00
David Shaw
5bfd1199b8 * keyedit.c (sign_uids, keyedit_menu): When the user requests to sign
a key without specifying which user IDs to sign, and declines to sign
all user IDs, walk through the set of user IDs and prompt for which to
sign.
2005-04-22 03:36:20 +00:00
David Shaw
edc0862448 * mainproc.c (symkey_decrypt_seskey): There is no need to have an
extra check for a bad passphrase and/or unknown cipher algorithm here.
We'll fail quite happily later, and usually with a better error
message to boot.
2005-04-22 03:21:14 +00:00
David Shaw
b7c3018d32 * keyserver.c (keyserver_spawn): Free some memory.
* sign.c (hash_for): Comments.
2005-04-17 04:10:03 +00:00
Werner Koch
73fb1c592f * g10.c (main, add_notation_data, add_policy_url)
(add_keyserver_url): Use isascii() to protect the isfoo macros and
to replace direct tests.  Possible problems noted by Christian
Biere.
* keyserver.c (parse_keyserver_uri): Ditto.

* g10.c (main): Declare --pipemode deprecated.
* misc.c (deprecated_command): New.
2005-04-11 18:24:09 +00:00
Werner Koch
f8a3345229 * ccid-driver.c (ccid_slot_status): Fixed debug messages.
* card-util.c (card_edit): Add command "verify".  Enhanced admin
command to allow optional arguments "on", "off" and "verify".
(card_status): Print private DOs in colon mode.
* app-openpgp.c (do_check_pin): Add hack to allow verification of
CHV3.
2005-04-07 08:31:23 +00:00
Werner Koch
80f4424658 Changes to make use of code taken from libassuan. This replaces the
old ad-hoc connection code to gpg-agent.  We do need this for the
forthcoming diversion of card code to an already running gpg-agent
with card-support.
2005-04-05 17:09:13 +00:00
David Shaw
727cda9758 * mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP)
signatures that use hashes other than SHA-1, RIPEMD160, or MD5.
2005-04-01 16:22:34 +00:00
David Shaw
c336e34571 * exec.h, exec.c (set_exec_path): Remove some dead code and change all
callers.  We no longer need to append to $PATH.
2005-03-31 17:11:53 +00:00
Werner Koch
fe01cbceb0 * keydb.c (keydb_add_resource): Clarify meaning of flags. Add new
flag 4.  Use log_info for errors registering the default secret key.
* g10.c (main): Flag the default keyrings.
2005-03-31 07:05:35 +00:00
David Shaw
14fdbdc97a * keyserver.c (keyserver_spawn): Don't mess about with the $PATH.
Rather, call keyserver helpers with the full path.  This fixes some
PATH-inspired DLL problems on W32.  Noted by Carlo Luciano Bianco.
2005-03-31 03:58:53 +00:00
Werner Koch
1985805cdf (pin_cb): Print a warning if the info string hack is
not there.  This may happen due to typos in the translation.
2005-03-30 10:39:13 +00:00
David Shaw
57b9ba5e16 * gpgv.c: Stubs for tty_enable_completion() & tty_disable_completion().
* openfile.c (ask_outfile_name): Enable readline completion when prompting
for an output filename.

* plaintext.c (ask_for_detached_datafile): Enable readline completion when
prompting for a detached sig datafile.
2005-03-21 20:47:28 +00:00
Werner Koch
31135aff14 * keyedit.c (command_generator, keyedit_completion): Changed
indentation.
* card-util.c (command_generator, card_edit_completion): Ditto.
2005-03-21 15:24:48 +00:00
David Shaw
f30b25e565 * card-util.c (command_generator, card_edit_completion)
[GNUPG_MAJOR_VERSION==1 && HAVE_LIBREADLINE]: New functions to enable
command completion in the --card-edit menu.  (card_edit): Call them
here.
2005-03-20 03:59:07 +00:00
David Shaw
c249809a6b * keyedit.c (command_generator, keyedit_completion) [HAVE_LIBREADLINE]:
New functions to enable command completion in the --edit-key menu.
(keyedit_menu): Call them here.
2005-03-18 22:07:12 +00:00
David Shaw
5f7720e693 * getkey.c (get_seckey_byname2): If no explicit default key is set, don't
pick a disabled default.  Noted by David Crick.
2005-03-17 23:52:38 +00:00
David Shaw
e19aa2e3ea * Makefile.am: Calculate GNUPG_LIBEXECDIR directly. Do not redefine
$libexecdir.
2005-03-17 23:14:47 +00:00
David Shaw
ff93f3528a * options.h, keyserver.c (parse_keyserver_options, keyserver_spawn): Don't
treat 'verbose' and 'include-disabled' as special.  Just pass them through
silently to the keyserver helper.
2005-03-17 22:55:17 +00:00
Werner Koch
8ba895c763 (parse_ccid_descriptor): Make SCM workaround
reader type specific.
(scan_or_find_devices): Do not check the interface subclass in the
SPR532 kludge, as this depends on the firmware version.
(ccid_get_atr): Get the Slot status first.  This solves the
problem with readers hanging on recent Linux 2.6.x.
(bulk_in): Add argument TIMEOUT and changed all callers to pass an
appropriate one.  Change the standard timeout from 10 to 5 seconds.
(ccid_slot_status): Add a retry code with an initial short timeout.
(do_close_reader): Do an usb_reset before closing the reader.
2005-03-16 19:10:54 +00:00
Werner Koch
a177090f37 * card-util.c (card_status): Use isotimestamp and not the
localized asctimestamp to match the timezone used in the key
information.

* miscutil.c (isotimestamp): New.
2005-03-14 20:41:20 +00:00
Werner Koch
a043c14d22 * cardglue.c (pin_cb): Disable debug output.
* mk-w32-dist: Check for patch files.
* w32installer.nsi: Translated a few more strings.  Print a
warning if permssions are not suitable for the installation.
Add Uninstaller entries.
2005-03-14 19:19:21 +00:00
David Shaw
9bf9389179 * keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an
alias for http-proxy.
2005-03-10 19:34:40 +00:00
David Shaw
04f02174e1 * delkey.c (do_delete_key, delete_keys): Fix problem with --expert
preventing --delete-secret-and-public-keys from deleting secret keys.
2005-03-10 18:43:36 +00:00
Werner Koch
e27aa939bf (keyedit_menu) [W32]: Run the trustdb stale check
earlier.
2005-03-10 18:40:57 +00:00
Werner Koch
c91e30fda4 * primegen.c (is_prime): Free A2. Noted by pmike2001@mail.ru.
Fixes #423.

* DETAILS: Document new status codes.

* cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign)
(agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin)
(agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a
SC_OP_FAILURE after card operations which might change data.
* card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has
been changed.
(change_name): Removed a debug output.
* status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE
and SC_OP_SUCCESS.

* de.po: Updated. Translation is still in the works, though.
2005-03-07 13:59:59 +00:00
David Shaw
522ca12084 * keyedit.c (keyedit_menu): Only print the key signing hint when signing
from a place where it is useful (i.e. --edit-key and not --sign-key).
2005-02-24 21:21:14 +00:00
Werner Koch
00ef56868d * card-util.c (fetch_url): Fetch the key from the default
keyserver if no URL is available.

* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.
2005-02-16 20:08:14 +00:00
Werner Koch
bb71180d07 * gpg.sgml: Add bkuptocard command for --edit-key.
* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.
2005-02-15 11:02:32 +00:00
David Shaw
a3ea962679 Disable the "quick check" bytes for PK decryptions. This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
2005-02-10 04:06:30 +00:00
David Shaw
2dbfc709ad * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
is dirty and --interactive is set, do an --update-trustdb.  If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is
set.

* import.c (import_keys_internal): Moved from here.

* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end.  This is Debian bug
#293816, noted by Kurt Roeckx.
2005-02-06 17:38:43 +00:00
David Shaw
01f0036d23 * getkey.c (merge_selfsigs_subkey): Merged away definition from the
backsigs code.
2005-02-05 00:00:35 +00:00
Werner Koch
334e3e96d2 Updated to match the switch to the NSIS installer. 2005-02-03 09:32:53 +00:00
David Shaw
c49620a720 * keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.
2005-02-01 05:26:25 +00:00
David Shaw
df42d339d9 * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
instead of 0x0000000000000000 for the invalid key ID since all-zeroes
is reserved for the anonymous recipient.

* keyedit.c (change_passphrase), keygen.c (generate_subkeypair): Fix a
string ;)
2005-01-28 00:50:10 +00:00
Werner Koch
d96f816f89 * keygen.c (generate_subkeypair): Detect primary key on-card and
ask for the passphrase.  Return an error if the primary key is a
plain stub.

* keyedit.c (change_passphrase): Don't ever change any stub key.
Print a note if a key consists of only stub keys.  Reported by
Dany Nativel.  These are bugs #401 and #402.
2005-01-27 11:48:33 +00:00
Werner Koch
963748d1b5 Updated to the version from 1.2.7. 2005-01-27 10:30:28 +00:00
David Shaw
e6cbb88f61 * keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal
address] syntax in keyserver URLs.  (keyserver_typemap): Map ftps if
we are supporting it.
2005-01-26 21:20:30 +00:00
Werner Koch
aa62bf505d (do_generate_keypair): Don't continue after an error;
fixed at two places. Why at all didn't I used a goto to cleanup,
tsss?
2005-01-25 14:34:51 +00:00
Werner Koch
aa87314e6f (get_cached_data): New arg GET_IMMEDIATE to bypass
the cache.  Changed all callers.
(get_one_do): Bypass the cache if the value would have been read
directly for v1.1 cards.It makes things a bit slower but obnly for
1.0 cards and there are not that many cards out in the wild.  This
is required to fix a caching bug when generating new keys; as a
side effect of the retrieval of the the C4 DO from the 6E DO the
chaced fingerprint will get updated to the old value and later
when signing the generated key the checking of the fingerprint
fails becuase it won't match the new one.  Thanks to Moritz for
analyzing this problem.
(verify_chv3): Removed the CHV status reread logic because we
won't cache the C4 DO anymore.
2005-01-25 14:18:56 +00:00
David Shaw
625806b6ae * keyserver.c (free_keyserver_spec): Fix small leak.
(keyserver_typemap): Map https if we are supporting it.
2005-01-22 03:33:12 +00:00
Werner Koch
6a0fda89c0 (open_card): Issue new CARDCTRL(4) status. 2005-01-20 18:25:25 +00:00
Werner Koch
b2b2786be1 * gpgv.c (tty_fprintf): New stub.
* card-util.c (card_status): Create asecret key stub on the fly
and print more information about a card key.
* import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New.
* getkey.c (get_seckeyblock_byfprint): New.
* keylist.c (print_card_key_info): New.
2005-01-20 17:21:40 +00:00
Werner Koch
5bda87bd6e * g10.c (i18n_init) [W32]: Pass registry key to gettext
initialization.
* gpgv.c (i18n_init) [W32]: Ditto.

* simple-gettext.c (set_gettext_file): Use MO files depending on
the installation directory.  Add new arg REGKEY.
2005-01-20 11:42:03 +00:00
Werner Koch
79161ef7b9 (public_key_list): Do a trustdb staleness check before
opening the keyring.
(secret_key_list): Ditto.
2005-01-18 09:51:58 +00:00
David Shaw
96a3982b9b * keyedit.c (keyedit_menu): Move command strings outside the function to
get ready for the readline completion code.
2005-01-11 04:15:55 +00:00
David Shaw
74ca58ee94 * passphrase.c (readline, agent_send_option, agent_open,
agent_get_passphrase, passphrase_clear_cache): Rename readline() to
readaline() to keep readline library namespace clear.
2005-01-10 22:56:46 +00:00
David Shaw
f464dcef59 * filter.h, armor.c (armor_filter): Use the eol string from the armor
filter context instead of hardcoding '\n' or '\r\n'.  If no eol string is
provided, default to '\n' or '\r\n' as appropriate. (is_armor_header):
Trim tabs in armor header lines as well.

* keyserver.c (keyserver_spawn): Use it here to force '\n' line endings
since the keyserver output file gets a LF->CRLF expansion on win32.
2005-01-06 16:23:47 +00:00
David Shaw
299a250c94 * g10.c (main): Typo.
* armor.c (is_armor_header): Allow CR and LF (not just actual spaces) in
an armor header line (-----BEGIN etc).  This is needed due to CRLF issues
on win32.  As before, --openpgp makes it strict.
2005-01-06 04:44:38 +00:00
David Shaw
14ce45565d * Makefile.am: Use @LIBUSB@ instead of @LIBUSB_LIBS@
* import.c (delete_inv_parts): Comments on import-unusable-sigs.
2005-01-03 15:15:34 +00:00
David Shaw
fbee22ac0c * options.h, import.c (parse_import_options, delete_inv_parts): Add
import-unusable-sigs flag to enable importing unusable (currently:
expired) sigs.

* options.h, export.c (parse_export_options, do_export_stream): Add
export-unusable-sigs flag to enable exporting unusable (currently:
expired) sigs.
2005-01-01 21:21:11 +00:00
David Shaw
b37facc593 * packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info), keyid.c
(revokestr_from_pk), keyedit.c (show_key_with_all_names): Show who revoked
a key (either the same key or a designated revoker) and when.
2004-12-30 03:26:57 +00:00
Werner Koch
afe8ca4fbf (find_endpoint): New.
(scan_or_find_devices): Add new args to return endpoint info and
interface number.
(ccid_open_reader, ccid_shutdown_reader): Take care of these new
args.
(bulk_in, bulk_out): Use the correct endpoints.
(ccid_transceive_apdu_level): New.
(ccid_transceive): Divert to above.
(parse_ccid_descriptor): Allow APDU level exchange mode.
(do_close_reader): Pass the interface number to usb_release_interface.
2004-12-28 07:30:57 +00:00
David Shaw
783ec6dbb2 * keyserver.c (keyserver_typemap): Only map HTTP and FTP if libcurl has
specifically been selected to handle them.
2004-12-24 19:51:02 +00:00
David Shaw
f3c33b8768 * options.h, keyserver.c (parse_keyserver_uri): Properly parse auth data
from URLs and pass to keyserver helpers.
2004-12-22 18:09:41 +00:00
David Shaw
b96038387b * keyserver.c (keyserver_typemap): New. Map certain keyserver types to a
common type (e.g. ldaps -> ldap).  If we are building with curl, map both
http and ftp to curl.

* build-packet.c (build_sig_subpkt): Only allow one preferred keyserver
subpacket at a time.
2004-12-22 17:49:44 +00:00
David Shaw
b883e9642b * keyedit.c (menu_set_keyserver_url): Make sure we only operate on the
chosen selfsig so we don't accidentally promote an older selfsig to
chosen.  Discovered by Simon Josefsson and 'Todd'.

* keygen.c (ask_expire_interval): Fix typo.
2004-12-21 15:49:56 +00:00
David Shaw
8dcbbf98bb * keylist.c (list_keyblock_print): Secret key listings should always show
everything (expired UIDs, revoked subkeys, etc, etc).

* keyedit.c (keyedit_menu): Add additional help for the "sign" flags.
2004-12-21 04:19:03 +00:00
Werner Koch
29dd149778 (ask_expire_interval): For better translations chnage 2
strings.
2004-12-20 18:14:57 +00:00
Werner Koch
9e3526f236 * seckey-cert.c (do_check): Handle case when checksum was okay but
passphrase still wrong.  Roman Pavlik found such a case.

* mpicoder.c (mpi_read_from_buffer): Don't abort in case of an
invalid MPI but print a message and return NULL.  Use log_info and
not log_error.
2004-12-20 10:05:20 +00:00
David Shaw
07250279e7 * keyedit.c (keyedit_menu): Invisible alias "passwd" as "password".
* passphrase.c: Don't check for __CYGWIN__, so it is treated as a
unix-like system.

* options.h, g10.c (main), textfilter.c (standard): Use new option
--rfc2440-text to determine whether to filter "<space>\t\r\n" or just
"\r\n" before canonicalizing text line endings.  Default to
"<space>\t\r\n".
2004-12-20 05:19:09 +00:00
David Shaw
1e487ab1d6 * keygen.c (keygen_get_std_prefs): Set reference count when creating the
temporary user ID.

* keyedit.c (keyedit_menu): Merge updpref and setpref.  Keep updpref as an
invisible alias.  Add invisible alias for revphoto. Fix small memory leak
when using "setpref" (not all of the uid was freed). (menu_revkey):
Trigger a trust rebuild after revoking a key. Don't allow revoking an
already-revoked whole key. (menu_revsubkey): Don't allow revoking an
already-revoked subkey.
2004-12-19 05:20:07 +00:00
David Shaw
06c27b8a38 * keyedit.c (menu_revkey): Rename to menu_revsubkey. (menu_revkey): New.
Revoke a whole key. (keyedit_menu): Call it here for when 'revkey' is used
without any subkeys selected.  This is to be consistent with the other
functions which are "selected part if selected, whole key if not".
2004-12-19 04:30:16 +00:00
David Shaw
005b1d7960 Readline fix to be robust against platforms where readline has its own
dependencies.  We play guess-the-depedency for a while, and try termcap,
curses, and ncurses.
2004-12-18 22:23:49 +00:00
Werner Koch
74330a49ec * passphrase.c (agent_get_passphrase): Define NREAD locally as
size_t or int.

* keylist.c (list_keyblock_print): Make field width an int.
* keyedit.c (show_key_with_all_names): Ditto.
2004-12-17 18:51:32 +00:00
David Shaw
e79f2db8e4 * g10.c (main): Add --require-secmem/--no-require-secmem to cause gpg to
exit if it cannot lock memory.  Also remove --nrsign-key and --nrlsign-key
since this can better be done via --edit-key.

* secmem.c (secmem_init): Return a flag to indicate whether we got the
lock.

* memory.h: Return a flag to indicate whether we got the lock.
2004-12-16 05:16:09 +00:00
David Shaw
7a388529a3 * apdu.c (apdu_send_le, apdu_send_direct), keylist.c
(status_one_subpacket, print_one_subpacket): Fix some compiler warnings.

* g10.c (main): Fix --compression-algo to take a string argument like
--compress-algo.

* trustdb.c (uid_trust_string_fixed): For safety, check for a pk.
2004-12-15 05:16:53 +00:00
David Shaw
b120400413 * keyedit.c (keyedit_menu): Re-remove the N_() markers. 2004-12-14 14:50:15 +00:00
David Shaw
7dd3fe2a79 * trustdb.c (uid_trust_string_fixed): Show uids as revoked if the key is
revoked.

* keyedit.c (show_key_with_all_names): Don't show validity for secret key
UIDs.

* keyedit.c (parse_sign_type): New.  Figure out the flags (local,
nonrevoke, trust) for a signature. (keyedit_menu): Call it here so we can
mix and match flags, and don't need "nrltsign", "ltsign", "tnrsign", etc,
etc, etc.
2004-12-14 14:42:41 +00:00
Werner Koch
160eaf1874 automake updates, removed one debug output 2004-12-14 08:03:56 +00:00
Werner Koch
d0b9eff4b6 Prepared for last 1.4 release candidate 2004-12-14 07:49:27 +00:00
Werner Koch
1037420b76 (read_passphrase_from_fd): Fixed memory leak.
Noted by Andrei Darashenka.
2004-12-13 08:04:52 +00:00
David Shaw
4c2bacac99 * keyserver.c (parse_preferred_keyserver): Force preferred keyserver
subpackets to have a URI scheme specified.
2004-12-12 05:10:22 +00:00
David Shaw
bf5d013bc8 * options.h, g10.c (main), textfilter.c (standard): Use --rfc2440 or
--openpgp directly to determine the end of line hashing rule.

* trustdb.c (uid_trust_string_fixed): Show uids as expired if the key is
expired.
2004-12-11 04:47:33 +00:00
Werner Koch
5a37f0deab * app-openpgp.c (send_fprtime_if_not_null): New.
(do_getattr): Add KEY_TIME.
(do_learn_status): Print KEY_TIME.
* cardglue.c (learn_status_cb): Parse KEY-TIME.
* card-util.c (card_status): Print creation time if available.
2004-12-10 10:49:14 +00:00
David Shaw
1c334577f3 * options.h, g10.c (main), textfilter.c (len_without_trailing_ws): Removed
(not used). (standard): 2440 says that textmode hashes should canonicalize
line endings to CRLF and remove spaces and tabs.  2440bis-12 says to just
canonicalize to CRLF.  So, we default to the 2440bis-12 behavior, but
revert to the strict 2440 behavior if the user specifies --rfc2440.  In
practical terms this makes no difference to any signatures in the real
world except for a textmode detached signature.
2004-12-10 05:35:54 +00:00
Werner Koch
9e52cf2758 * passphrase.c (agent_get_passphrase): New args CUSTOM_PROMPT and
CUSTOM_DESCRIPTION. 	Changed all callers.

* app-openpgp.c (do_getattr, do_learn_status, do_setattr): Support
the new private DOs.
(do_change_pin): Add a "N" prefix to the strings so that the
callback can act accordingly for a new PIN.  Unfortunately this
breaks existing translations but I see no wother way to overvome
this.

* cardglue.c (learn_status_cb): Ditto.
(agent_release_card_info): Ditto.
(struct pin_cb_info_s): Removed and changed all users.
(pin_cb): Reworked.

* card-util.c (card_status): Print them
(card_edit): New command PRIVATEDO.
(change_private_do): New.
2004-12-09 16:57:30 +00:00
David Shaw
53ae360457 * keygen.c (ask_algo): Add a choose-your-own-capabilities option for DSA. 2004-12-09 15:49:47 +00:00
David Shaw
ea4d80b0a3 * keygen.c (ask_keysize): Change strings to always use %u instead of
hardcoding key sizes.  Bump default to 2048.  Bump minimum down to 512,
where possible, but require --expert to get there.  DSA is always 1024
unless --expert is given.
2004-12-07 17:58:35 +00:00
David Shaw
5dcc3dc353 * getkey.c (parse_key_usage): New function to parse out key usage flags.
Set PUBKEY_USAGE_UNKNOWN to handle flags that we don't understand.
(fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey): Call it from
here to remove duplicate code.
2004-11-29 21:21:52 +00:00
David Shaw
3ea642d8ae * export.c (do_export_stream): Allow export-minimal to work with secret
keys, even though a non-selfsig secret key signature is rare.
2004-11-26 16:48:05 +00:00
David Shaw
6dedf7a068 * options.h, export.c (parse_export_options, do_export_stream), import.c
(parse_import_options, import_keys_internal): Make the import-options and
export-options distinct since they can be mixed together as part of
keyserver-options.
2004-11-26 15:51:37 +00:00
David Shaw
9a70afe2b3 * options.h, export.c (parse_export_options, do_export_stream): Add
"export-minimal" option to disregard any sigs except selfsigs.
2004-11-25 03:58:42 +00:00
David Shaw
3d165c4ecf * trustdb.c (uid_trust_string_fixed): Use a string that can be atoi-ed,
but also has a comment for the translator.
2004-11-25 03:48:34 +00:00
David Shaw
04b715e4da * trustdb.h, trustdb.c (uid_trust_string_fixed): New. Return a fixed-size
translatable string similar to trust_value_to_string. This allows for
easier lining up of displays.

* keyedit.c (show_key_with_all_names), keylist.c (list_keyblock_print):
Use it here to print validity strings.

* gpgv.c: Stub.
2004-11-24 05:25:03 +00:00
Werner Koch
44289a4e68 (S_IRGRP) [HAVE_DOSISH_SYSTEM]: Define to 0. 2004-11-18 16:01:08 +00:00
Werner Koch
3220faf7f7 (open_info_file): New.
(main): Unconditionally implement --status-file, --logger-file,
--attribute-file, --passphrase-file, --command-file.  This is not
generally useful but easy to support and might make scripting
under Windows easier.
2004-11-17 16:04:21 +00:00
David Shaw
69ef25f8d6 * plaintext.c (handle_plaintext): Don't try and create a zero-length
filename when using --use-embedded-filename with input that has no
filename (clearsigned or message generated from a pipe).

* encode.c (encode_simple, encode_crypt), progress.c (handle_progress),
sign.c (write_plaintext_packet): Fix a few inconsistent calls (NULL
filename means a pipe here, so don't bother to check it twice).
2004-11-04 22:28:39 +00:00
David Shaw
c09b34fede * misc.c (print_digest_algo_note): The latest 2440bis drafts deprecates
MD5, so give a warning. (print_pubkey_algo_note, print_cipher_algo_note,
print_digest_algo_note): Give the algorithm name in the experimental algo
warning.
2004-11-03 20:35:28 +00:00
Timo Schulz
37ecd725e5 2004-11-03 Timo Schulz <twoaday@g10code.com>
* strgutil.c (w32_strerror): New.
        * ttyio.c (init_ttyfp, tty_printf, do_get): Use it here.
        * iobuf.c (fd_cache_open, file_filter): Likewise.
        (iobuf_seek, translate_file_handle): Likewise.
2004-11-03 20:03:46 +00:00
David Shaw
6ab8378c00 * skclist.c (build_sk_list): Don't need to warn about PGP-generated
Elgamal signing keys since we no longer support any Elgamal signing keys.

* sign.c (sign_file, clearsign_file): Use "writing to" instead of "writing
to file" to match other strings.

* pkclist.c (check_signatures_trust): Fix typo.  Noted by Moray Allan.
This is Debian bug #278708.

* passphrase.c (ask_passphrase, passphrase_to_dek): "password" ->
"passphrase".

* keyedit.c (show_key_with_all_names): Show designated revoker as part of
translatable string.
2004-10-28 22:09:09 +00:00
Werner Koch
41f46fb062 Inlcude LIBICONV 2004-10-28 18:57:50 +00:00
Werner Koch
66e627bdae About to release 1.3.92 2004-10-28 09:06:50 +00:00
David Shaw
f15e944b98 * card-util.c, delkey.c, keygen.c, plaintext.c, keyedit.c, passphrase.c,
revoke.c: Collapse the two different "can't do that in batch mode" strings
into one.
2004-10-28 03:57:30 +00:00
David Shaw
f5b7a72a48 * keylist.c (status_one_subpacket): New. Send the subpacket data to the
--status interface.

* card-util.c (card_edit): Show when admin is enabled or not.

* status.h, status.c: New STATUS_SIG_SUBPACKET type.

* build-packet.c (build_sig_subpkt): Multiple keyserver URLs are allowed.
2004-10-28 03:14:55 +00:00
David Shaw
d89c701acb * keyring.c: Make some strings translatable.
* exec.c, sign.c: Change "can't open file" to "can't open" and "can't
create file" to "can't create" to be consistent with other strings so we
don't have to translate both.
2004-10-28 02:14:06 +00:00
David Shaw
1976afce93 * delkey.c, export.c, keyedit.c, pkclist.c, revoke.c, skclist.c: Fix a few
missed possible \"username\" quotes.
2004-10-28 01:58:01 +00:00
Werner Koch
3060984dd1 (agent_send_all_options): Try to deduce the ttyname
from stdin.
2004-10-26 07:50:47 +00:00
David Shaw
65077adf83 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Rename
verify-option show-validity to show-uid-validity to match the similar
list-option.

* app-openpgp.c (verify_chv3): Fix typo.
2004-10-21 19:18:47 +00:00
Werner Koch
0ebf79c824 * configure.ac: Remove the check for asprintf
* app-common.h (app_openpgp_storekey: Add prototype.

* app-openpgp.c (do_sign): Replace asprintf by direct allocation.
This avoids problems with missing vasprintf implementations.

* card-util.c (generate_card_keys): Add a #warning for gnupg 1.9
and use the same string there.

* util.h [!HAVE_VASPRINTF]: Removed prototype.

* vasprintf.c: Removed. It was used only at one place and I don't
want to get into build problems in 1.4.
2004-10-21 16:56:22 +00:00
David Shaw
107e515aa9 * g10.c (parse_list_options): Fix non-constant initializer so we can build
with C89.
2004-10-21 01:10:49 +00:00
Werner Koch
27d06166d3 * apdu.c (apdu_open_reader): Load pcsc_get_status_change fucntion.
(pcsc_get_status): Implemented.
(reset_pcsc_reader): Implemented.
(open_pcsc_reader): Succeed even with no card inserted.
(open_ccid_reader): Set LAST_STATUS.

* iso7816.c (iso7816_select_application): Always use 0 for P1.
2004-10-20 09:39:56 +00:00
Werner Koch
ad3382bdc7 (agent_get_passphrase): Cast UIDLEN to int. Noted
by Christian Cornelssen.
2004-10-17 13:28:37 +00:00
David Shaw
b03a7a6f3b * parse-packet.c (parse_one_sig_subpkt, enum_sig_subpkt): Don't BUG() on
unknown subpackets.  Rather, just return them silently.
2004-10-16 22:48:20 +00:00
Werner Koch
c3a51cd17d * README: Mentioned --enable-selinux-support.
* status.h (STATUS_NEED_PASSPHRASE_PIN): New.
* status.c (get_status_string): Added.
* passphrase.c (ask_passphrase): Moved status printing to ..
* cardglue.c (pin_cb): .. here and issue new status message.

* keyedit.c (sign_uids): Don't include the leading LF in the
translatable string but print them separately.

* apdu.c (apdu_open_remote_reader) [_WIN32]: We don't have ENOSYS.
2004-10-15 13:16:58 +00:00
Werner Koch
5db236f4e7 * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): New.
(AUTOMAKE_OPTIONS): New.

* configure.ac: Check whether vasprintf needs a replacement.

* app-openpgp.c (parse_login_data): New.
(app_select_openpgp): Call it.
(do_setattr): Reparse it after change.

* Makefile.am: Add ksutil.h.
2004-10-15 09:55:39 +00:00
Werner Koch
450f0d770b * pkclist.c (do_edit_ownertrust): Add a note to translators.
* keygen.c (ask_user_id): Ditto.

* helptext.c: Typo fix.
2004-10-15 09:39:25 +00:00
Werner Koch
8b7cb60229 another s/unsigned char*/byte*/ 2004-10-14 20:47:56 +00:00
David Shaw
f13bba108a * keylist.c (list_keyblock_print): Show the fingerprint after the key, not
after the first user ID.

* keyedit.c (show_key_with_all_names): Don't show validity if we're just
printing user IDs for signing.

* armor.c (fake_packet): Properly handle the case where the line is
dash-space (i.e. a blank line that was quoted).  Give a warning for bad
dash escaping.
2004-10-14 20:13:16 +00:00
Werner Koch
f294ce2d8b * export.c (do_export_stream) [ENABLE_SELINUX_HACKS]: Don't allow
secret key export.
* import.c (import_secret_one) [ENABLE_SELINUX_HACKS]: Likewise
2004-10-14 10:48:15 +00:00
Werner Koch
35774ec568 * misc.c (is_secured_filename): New.
* keydb.c (maybe_create_keyring)
* tdbio.c (tdbio_set_dbname)
* plaintext.c (handle_plaintext)
* openfile.c (copy_options_file, open_outfile)
* exec.c (exec_write)
* keygen.c (do_generate_keypair, gen_card_key_with_backup)
* sign.c (sign_file, clearsign_file)
* keyring.c (create_tmp_file, do_copy): Check for secured files
before creating them.

* keygen.c (print_status_key_created): s/unsigned char/byte/ due
to a strange typedef for RISC OS.  Noted by Stefan.
2004-10-14 07:11:57 +00:00
David Shaw
0d6defc0da * armor.c (fake_packet): Allow arbitrary dash-escaped lines as per
2440bis-10.  This is bug #158.
2004-10-13 20:39:54 +00:00
David Shaw
5887f2fb26 * keyserver.c (keyserver_work): Handle keyserver timeouts. 2004-10-13 18:40:13 +00:00
Werner Koch
151ca81f1a Added SELInux hacks and did some cleanups. 2004-10-13 18:10:06 +00:00
David Shaw
9a4dc13d5e * pkclist.c (do_edit_ownertrust): Different prompt when we're using direct
trust since the meaning is different.

* keyedit.c (trustsig_prompt): Change the strings to match the ones in
pkclist.c:do_edit_ownertrust to make translation easier.

* trustdb.c (trust_model_string, get_validity): Add direct trust model
which applies to the key as a whole and not per-uid.

* options.h, g10.c (parse_trust_model): New. (main): Call it from here to
do string-to-trust-model.
2004-10-13 15:34:52 +00:00
Werner Koch
620ac79ebf * configure.ac: Actually name the option --disable-finger and not
http.

* openfile.c (overwrite_filep, make_outfile_name, open_outfile)
(open_sigfile): Use iobuf_is_pipe_filename to check for pipes so
that special filesnames are taken into account. This is bug 327.
* tdbdump.c (import_ownertrust): Ditto.
* sign.c (write_plaintext_packet): Ditto.
* progress.c (handle_progress): Ditto.
* plaintext.c (handle_plaintext): Ditto.
* encode.c (encode_simple, encode_crypt): Ditto.

* iobuf.c (iobuf_is_pipe_filename): New.
* fileutil.c (is_file_compressed): Use it here.
2004-10-13 09:59:46 +00:00
Werner Koch
690aa956f1 * keygen.c (read_parameter_file): New keyword "Handle". This is
bug 287.
	(print_status_key_not_created): New.
	(print_status_key_created): Add new arg HANDLE.
	(do_generate_keypair): Print not created status.
	* status.c, tatus.h (STATUS_KEY_NOT_CREATED): New.
2004-10-13 07:10:51 +00:00
Werner Koch
ca6dcb7258 (read_parameter_file): Changed to use iobuf based file
reading to allow the special file name feature to work.
2004-10-12 16:41:17 +00:00
David Shaw
bf079613b7 * pkclist.c (do_edit_ownertrust): Use the same translated string for
showing the user ID as mainproc.c:print_pkenc_list.

* mainproc.c (print_pkenc_list): Allow translating the quotes around the
user ID.

* card-util.c, g10.c, photoid.c, trustdb.c: The last of the \"%s\" -> `%s'
quoting for things that aren't user IDs.

* keyserver.c (keyserver_spawn): If there is no keyserver host, print the
whole URI since it is self-contained.
2004-10-11 21:08:37 +00:00
Werner Koch
5bdb171026 * configure.ac: New option --disable-finger.
* keyserver.c (keyserver_spawn): Print an empty string in log_info
if the host is not set (e.g. finger).

* gpgkeys_finger.c: New.
2004-10-11 08:44:35 +00:00
David Shaw
f3687f6b6c * card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, keygen.c,
photoid.c, revoke.c: Some yes-or-no prompts end in "(y/n)".  Some don't.
Consistently use y/n everywhere.
2004-10-10 15:27:14 +00:00
David Shaw
d41e6455a3 * keygen.c (ask_key_flags): New. (ask_algo): Call it here in --expert mode
so we don't need to specify each possible variation of RSA capabilities.
2004-10-10 14:33:37 +00:00
David Shaw
aa50dcff2f * keygen.c (do_add_key_flags): The spec says that all primary keys MUST be
able to certify.  Force the certify flag on for primaries (and off for
subkeys).
2004-10-10 14:19:39 +00:00
David Shaw
65ec9772a7 * keygen.c (generate_keypair): Fix generating keys with the auth flag. 2004-10-10 13:13:47 +00:00
David Shaw
fa012921b2 * encr-data.c (decrypt_data): Give a warning with a weak key, but still
allow to decrypt the message.
2004-10-08 21:54:26 +00:00
David Shaw
4737923d56 * pkclist.c (build_pk_list): Keystrify.
* mainproc.c (check_sig_and_print), pkclist.c (do_edit_ownertrust):
Improve translatability of user ID prompts.
2004-10-07 21:14:31 +00:00
David Shaw
b1e2c5398f * helptext.c, pkclist.c (do_we_trust): It is not possible to get here with
a revoked or expired key, so BUG() that case.  Remove question about
overriding revoked/expired.  Also --keyid-format-ify. (do_we_trust_pre):
Use print_pubkey_info() instead of printing the info ourselves.

* passphrase.c (passphrase_to_dek): Improve translatability of user ID
prompts.

* keylist.c (print_pubkey_info): Use the user ID the pk was selected by,
if any.
2004-10-06 21:50:23 +00:00
David Shaw
27b2c9356a * keyedit.c (sign_uids, ask_revoke_sig): Improve translatability of user
ID prompts. (ask_revoke_sig, menu_revsig): Try and use common strings for
these two functions so they don't need to be translated twice.
2004-10-06 20:40:07 +00:00
David Shaw
8da1dfeed0 * keyedit.c, keylist.c, keyserver.c, mainproc.c: The
revoked/expired/expires string change of 2004-09-29 was too simple.  Use
two styles for each tag.
2004-10-06 19:51:45 +00:00
David Shaw
8c72ff9543 * passphrase.c (agent_get_passphrase): Use keystrs for agent strings, and
fix sprintf warnings.

* keyserver.c (keyserver_spawn): Fix BUG() with certain sets of mixed
regular and preferred keyserver refreshes.  Noted by Sebastian Wiesinger.

* keyedit.c (show_key_with_all_names): Show uid validity in menu.
2004-10-05 14:33:02 +00:00
Timo Schulz
eb02f5b46a 2004-10-03 Timo Schulz <twoaday@g10code.de>
* apdu.c (apdu_open_remote_reader) [_WIN32]: Do not set ENOSYS.
2004-10-04 17:25:29 +00:00
David Shaw
56fbde0f5e * keyedit.c (print_and_check_one_sig_colon): Fix bad keyids in colon
delsig output.  Noted by Peter Palfrader. (show_prefs): Do not reference
missing selfsig.  Noted by Alex Moroz.
2004-10-04 01:17:27 +00:00
Werner Koch
7caab37cd1 * gpgv.c (i18n_init): Always use LC_ALL.
* bftest.c (i18n_init): Always use LC_ALL.
* shmtest.c (i18n_init): Ditto.
* mpicalc.c (i18n_init): Ditto.
2004-10-01 10:18:31 +00:00
Werner Koch
1d315be6fa * mk-w32-dist: Updated from stable branch.
* mk-gpg-texi: Changed to use the newer docbook2x-texi utility.

* config.guess, config.sub, mkinstalldirs, missing
* depcomp, install-sh: Upgraded.
2004-10-01 10:11:42 +00:00
David Shaw
85f9755968 * gpgv.c, keydb.c (keydb_add_resource): Factored keyring creation out to
.. (maybe_create_keyring): .. new.  Make sure that we do the checks in a
locked state.  Problem reported by Stefan Haller.  Try to create the home
directory before acquiring a lock for the keyring. From Werner on stable
branch.

* g10.c (main): Blow up if we didn't lose setuid.  From Werner on stable
branch.
2004-09-30 15:00:58 +00:00
David Shaw
742682bf95 * keyedit.c, keylist.c, keyserver.c, mainproc.c: Reduce the many
variations of "revoked" ("revoked", "[revoked]", " [revoked]", "[revoked]
") "and" expired down to two to simplify translation.
2004-09-29 17:41:58 +00:00
David Shaw
c48d5ebbb7 * keyedit.c (print_and_check_one_sig): Account for the extra space that
show-sig-expire takes up so we do not wrap lines.
(show_key_with_all_names): No need to show subkey revocations as a
seperate line since we now show revocation date in the main subkey line.
2004-09-29 03:21:05 +00:00
David Shaw
793f8d8d55 * signal.c (got_fatal_signal): HAVE_DECL_SYS_SIGLIST is defined, but zero
if not found.  Noted by John Clizbe.

* keyserver.c (parse_keyrec): Fix problem with non-expiring keys appearing
expired in --search-keys results.
2004-09-28 14:50:05 +00:00
Werner Koch
a2599936c9 * card-util.c (card_edit): Take admin only status from the table.
* app-openpgp.c: Made all strings translatable.
(verify_chv3) [GNUPG_MAJOR_VERSION]: Make opt.allow_admin
available for use in gnupg 2.
(verify_chv3): Reimplemented countdown showing to use only
functions from this module.  Flush the CVH status cache on a
successful read.
(get_one_do): Hack to bypass the cache for cards versions > 1.0.
(store_fpr): Store the creation date for card version > 1.0.
2004-09-27 12:56:05 +00:00
Werner Koch
cb3c6f8a05 We need to take care that several files are also used in gnupg 1.9 and
there by the scdaemon which is a bit different to the direct
integration in gpg 1.3.  In general they should all be maintained in
1.9 but while preparing 1.4 its okay to do it in 1.3.  We just need to
take some care not to break 1.9 to heavily.

app-openpgp.c: Made all strings translatable.
(verify_chv3) [GNUPG_MAJOR_VERSION]: Make opt.allow_admin
available for use in gnupg 2.
(verify_chv3): Reimplemented countdown showing to use only
functions from this module.
2004-09-27 09:42:26 +00:00
David Shaw
2ff6607f0d * main.h, g10.c (main), card-util.c (change_pin): If "admin" has not been
issued, skip right to the CHV1/CHV2 PIN change.  No need to show the
unblock or admin PIN change option. (card_edit): Add "admin" command to
add admin commands to the menu.  Do not allow admin commands until "admin"
is given.

* app-openpgp.c (verify_chv3): Show a countdown of how many wrong admin
PINs can be entered before the card is locked.

* options.h, g10.c (main), app-openpgp.c (verify_chv3): Remove
--allow-admin.
2004-09-25 13:04:55 +00:00
David Shaw
4d26ab92cc * main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
opt.s2k_digest_algo.  This helps fix a problem with PGP 2.x encrypted
symmetric messages.  Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).

* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings.  Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
2004-09-24 20:34:38 +00:00
David Shaw
680be9be10 * keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), keygen.c
(copy_mpi, generate_raw_key): Fix a compile problem and a few warnings
when building without card support.
2004-09-24 14:34:45 +00:00
Werner Koch
f36154535e Note: I have not fully tested the new key creation due to a pc/sc
error.  However the backupfile has been created successfully.

* rsa.c (rsa_generate): Return the dummy list of factors only if
the caller asked for it.

* card_util.c (generate_card_keys): ask whether backup should be
created.
(card_store_subkey): Factored some code out to ..
* keygen.c (save_unprotected_key_to_card): .. new function.
(gen_card_key_with_backup): New.
(generate_raw_key): New.
(generate_keypair): New arg BACKUP_ENCRYPTION_DIR.  Changed all
callers.
(do_generate_keypair): Divert to gen_card_key_with_backup when
desired.
2004-09-23 19:34:45 +00:00
Werner Koch
42c18de83a * gpg.sgml: Document "addcardkey" and "keytocard".
* apdu.c (open_pcsc_reader): Do not print empty reader string.

* keygen.c (ask_algo): Allow creation of AUTH keys.

* keyid.c (usagestr_from_pk): New.

* app-openpgp.c (app_openpgp_storekey): Call flush_cache.

* keyedit.c (keyedit_menu): New command "keytocard"
(keyedit_menu): Bad hack for the not_with_sk element.
(show_key_with_all_names): Print the usage.
(find_pk_from_sknode): New.

* card-util.c (card_store_subkey): New.
(copy_mpi): New.
* cardglue.c (agent_openpgp_storekey): New.
2004-09-23 13:32:31 +00:00
David Shaw
d937ace2f8 * mainproc.c (check_sig_and_print), keyedit.c (show_prefs,
menu_set_keyserver_url): Make sure that keyserver URLs with control
characters inside are printed properly.  In fact, handle them as UTF8.
2004-09-22 03:16:41 +00:00
David Shaw
f0279fc10d * keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if we do
not have card support.

* keydb.h, keyserver.c (print_keyrec, keyserver_spawn): fpr is an array of
unsigned bytes.
2004-09-21 22:24:47 +00:00
Werner Koch
9d17a635c9 * gpg.sgml: Document -K.
* g10.c: Make -K an alias for --list-secret-keys.

* keylist.c (print_card_serialno): New. Taken from gnupg 1.9.11.
(list_keyblock_print): Make use of it.
* keyedit.c (show_key_with_all_names): Print the card S/N.

* keyedit.c (keyedit_menu): New command ADDCARDKEY.
* card-util.c (card_generate_subkey): New.
* keygen.c (generate_card_subkeypair): New.
(gen_card_key): New arg IS_PRIMARY; changed all callers.

* cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.
2004-09-20 18:38:39 +00:00
Werner Koch
5576f6ef6c * cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.

* ccid-driver.c (do_close_reader): Factored some code out from ...
(ccid_close_reader): ..here.
(ccid_shutdown_reader): New.

* apdu.c (apdu_shutdown_reader): New.
(shutdown_ccid_reader): New.
2004-09-20 13:15:37 +00:00
Werner Koch
ca26884b3a (apdu_open_reader): No fallback if a full CCID reader id has been
Removed test code from ccid-driver.c
2004-09-17 14:26:50 +00:00
Werner Koch
f08c4222b7 * configure.ac: Don't check for usb_create_match or
use_get_string_simple anymore.

* g10.c (list_config): New config option ccid-reader-id.
(gpgconf_list): Add "reader-port".

* apdu.c (open_ccid_reader): New arg PORTSTR.  Pass it to
ccid_open_reader.
(apdu_open_reader): Pass portstr to open_ccid_reader.

* ccid-driver.c (ccid_get_reader_list): New.
(ccid_open_reader): Changed API to take a string for the reader.
Removed al the cruft for the libusb development vesion which seems
not to be maintained anymore and there are no packages anyway.
The stable library works just fine.
(struct ccid_reader_id_s): Deleted and replaced everywhere by a
simple string.
(usb_get_string_simple): Removed.
(bulk_in): Do valgrind hack here and not just everywhere.
2004-09-17 13:57:29 +00:00
David Shaw
4accf027d2 * keyedit.c (show_key_with_all_names, show_prefs): Show preferred
keyserver(s) in "showpref" output.
2004-09-16 20:55:09 +00:00
David Shaw
0862ee6979 * keygen.c (keygen_add_keyserver_url), keyedit.c (menu_set_keyserver_url):
Allow setting a keyserver URL of "none" to remove an existing keyserver
URL.
2004-09-16 20:07:42 +00:00
David Shaw
617a5a91bf * keyedit.c (menu_set_keyserver_url): Confirm replacement of a keyserver
URL before overwriting the old one.
2004-09-16 19:53:06 +00:00
David Shaw
a46e83b8e3 * gpgv.c (agent_scd_getattr): Stub.
* misc.c (get_signature_count): New.  Get the signature count from a
smartcard. (pct_expando): Call it here so the %c expando becomes the
number of signatures issued.  This allows for notations or the like with
an automatic signature count.

* ccid-driver.c (usb_get_string_simple): Replacement function to work with
older libusb.
2004-09-15 18:41:36 +00:00
Werner Koch
58cf95534e * g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver.
* ccid-driver.c (read_device_info): Removed.
(make_reader_id, scan_or_find_devices): New.
(ccid_open_reader): Simplified by make use of the new functions.
(ccid_set_debug_level): New.  Changed the macros to make use of
it.  It has turned out that it is often useful to enable debugging
at runtime so I added this option.
2004-09-15 15:26:38 +00:00
David Shaw
1d8e25695f * getkey.c (premerge_public_with_secret): Fix subkey<->binding sig
mismatch when some secret subkeys are missing.  Discovered by Michael
Roth.
2004-09-14 02:00:39 +00:00
David Shaw
b7be7d59b1 * main.h, keylist.c (print_subpackets_colon): Make a public function.
* keyedit.c (print_and_check_one_sig_colon): New.  Print a with-colons
version of the sig record. (menu_delsig): Call it here for a with-colons
delsig.
2004-09-13 12:31:25 +00:00
David Shaw
e7c94128b2 * options.h, keylist.c (print_one_subpacket, print_subpackets_colon):
Print a spk record for each request subpacket. (list_keyblock_colon): Call
them here.

* g10.c (parse_subpacket_list, parse_list_options): New.  Make the list of
subpackets we are going to print. (main): Call them here.
2004-09-12 15:27:38 +00:00
David Shaw
45f99c58bb * card-util.c (fetch_url, card_edit): Use the pubkey URL stored on the
card to fetch an updated copy.  Works with either straight URLs or HKP or
LDAP keyservers.

* keyserver-internal.h, keyserver.c (keyserver_import_fprint), import.c
(revocation_present): Use a keyserver_spec so the caller can pass in
whatever keyserver they like.
2004-09-11 15:42:19 +00:00
David Shaw
dccd0d991b * app-openpgp.c (get_cached_data): Avoid mallocing zero since it breaks us
when using --enable-m-guard.
2004-09-11 03:30:48 +00:00
David Shaw
0f48ec7bba * ccid-driver.c (read_device_info): Fix segfault when usb device is not
accessible. (ccid_open_reader): Allow working with an even older version
of libusb (usb_busses global instead of usb_get_busses()).
2004-09-11 02:29:36 +00:00
Werner Koch
06853bbc4d * README: Doc --disable-card-support and --without-readline.
* configure.ac: Check for readline.  Make enable-card-support the
default.  New option --without-readline.  Allow the use of either
the development or the stable libusb.

* cardglue.h: Add members for CA fingerprints.
* cardglue.c (agent_release_card_info): Invalid them.
(learn_status_cb): Store them.

* app-common.h, app-openpgp.c, iso7816.c, iso7816.h
* apdu.c, apdu.h, ccid-driver.c, ccid-driver.h
* card-util.c: Updated from current gnupg-1.9.

* ccid-driver.h (CCID_DRIVER_ERR_ABORTED): New.
* ccid-driver.c (ccid_open_reader): Support the stable 0.1 version
of libusb.
(ccid_get_atr): Handle short messages.
* apdu.c (my_rapdu_get_status): Implemented.
* apdu.c: Include <signal.h>.
* apdu.c (reader_table_s):  Add function pointers for the backends.
(apdu_close_reader, apdu_get_status, apdu_activate)
(send_apdu): Make use of them.
(new_reader_slot): Intialize them to NULL.
(dump_ccid_reader_status, ct_dump_reader_status): New.
(dump_pcsc_reader_status): New.
(open_ct_reader, open_pcsc_reader, open_ccid_reader)
(open_osc_reader, open_rapdu_reader): Intialize function pointers.
(ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu)
(error_string): Removed.  Replaced by apdu_strerror.
(get_ccid_error_string): Removed.
(ct_activate_card): Remove the unused loop.
(reset_ct_reader): Implemented.
(ct_send_apdu): Activate the card if not yet done.
(pcsc_send_apdu): Ditto.
* ccid-driver.h: Add error codes.
* ccid-driver.c: Implement more or less proper error codes all
over the place.
* apdu.c (apdu_send_direct): New.
(get_ccid_error_string): Add some error code mappings.
(send_apdu): Pass error codes along for drivers already supporting
them.
(host_sw_string): New.
(get_ccid_error_string): Use above.
(send_apdu_ccid): Reset the reader if it has not yet been done.
(open_ccid_reader): Don't care if the ATR can't be read.
(apdu_activate_card): New.
(apdu_strerror): New.
(dump_reader_status): Only enable it with opt.VERBOSE.
* iso7816.c (map_sw): Add mappings for the new error codes.
* apdu.c (open_ct_reader, open_pcsc_reader, open_ccid_reader)
(reset_ccid_reader, open_osc_reader): Call dump_reader_status only
in verbose mode.
* app-openpgp.c (do_getattr): Fix for sending CA-FPR.
* app-openpgp.c (app_openpgp_readkey): Fixed check for valid
exponent.
* app-openpgp.c (do_setattr): Sync FORCE_CHV1.
* card-util.c (change_login): Kludge to allow reading data from a
file.
(card_edit): Pass ARG_STRING to change_login.
(card_status): Print CA fingerprints.
(change_cafpr): New.
(card_edit): New command CAFPR.

* errors.h (G10ERR_NO_CARD, G10ERR_CANCELED): New error codes.

* errors.c (g10_errstr): New error codes G10ERR_NO_CARD,
G10ERR_CANCELED.
2004-09-09 18:18:36 +00:00
Werner Koch
bfc45cc8bc * configure.ac: Check for readline.
* signal.c (got_fatal_signal): Do readline cleanup.  Print signal
number if we can't print the name. Use new autoconf macro
HAVE_DECL_SYS_SIGLIST.
(get_signal_name): Removed.

* ttyio.c (tty_get): Add readline support.
2004-09-09 17:04:44 +00:00
Werner Koch
87e3264f77 * photoid.c: Include ttyio.h.
* parse-packet.c (skip_rest): Removed.  Changed all callers to use
the new iobuf_skip_reset.  Orginal patch by Florian Weimer.

* iobuf.c (iobuf_skip_rest): New.  Orginal patch by Florian
Weimer.  Added new argument PARTIAL.
2004-09-09 12:42:10 +00:00
Werner Koch
eda1b80760 (generate_photo_id): Use tty_printf and not just
printf.  Put _() around one string.
2004-09-07 16:49:10 +00:00
David Shaw
d4ca1e8cbc * keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon as we
know the key is definitely expired.  Some translatable string cleanup.
2004-09-03 22:06:36 +00:00
David Shaw
ea279f1bae * encode.c, exec.c, g10.c, sign.c: Some translatable string cleanup.
Change some "this" to `this'.
2004-08-27 17:32:31 +00:00
David Shaw
10eb272a73 * keyserver.c (keyserver_spawn): Show log line for what keyserver action
we are taking.

* keyid.c (keystr): If printing a keyid that lacks the high 4 bytes, print
the low 4 alone. (keystr_from_desc): Handle short keyids and warn on v3
fingerprints.
2004-08-23 19:20:17 +00:00
David Shaw
9d4327ba4d * keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
and remove the printable stuff since we're print-ifying valid utf8
characters.  Change all callers in import.c, sign.c, keylist.c, and
encode.c.
2004-08-23 17:55:49 +00:00
David Shaw
ba0ba64b85 * keyserver.c (keyserver_search_prompt): Make sure the search string is
converted from UTF-8 before display.
2004-08-23 14:39:48 +00:00