1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

575 Commits

Author SHA1 Message Date
Werner Koch
56bd419029 Doc fixes.
Add more files to POTFILES.
Protect against malloc bombs.
2007-12-12 16:47:52 +00:00
Werner Koch
bae4b256c7 Support DSA2.
Support Camellia for testing.
More audit stuff.
2007-12-12 10:28:30 +00:00
Werner Koch
c8b76e5621 Allow decryption using type 20 Elgamal keys. 2007-12-11 13:19:38 +00:00
Werner Koch
bc482052f8 Fix for bug 851.
Fixed auto generation of the stub key for the card.
Allow to encrypt toElgamal encryption keys of type 20.
2007-12-10 15:19:34 +00:00
Werner Koch
63ec0b271c Created help files form the current po entries. 2007-12-04 15:00:14 +00:00
Werner Koch
8c20500a5d Allow configuraton of pinentry tooltip.
Other minor buf fixes.
2007-12-04 11:23:31 +00:00
Werner Koch
033a2c0bc9 Try to make sure that the standard descriptors are connected when calling
gpgsm.
2007-12-03 13:05:15 +00:00
Werner Koch
55ba204bfa Started to implement the audit log feature.
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
2007-11-19 16:03:50 +00:00
Werner Koch
cd2d9288aa Ported changes from 1.4.
Add copyright notices.
2007-10-25 09:06:21 +00:00
Werner Koch
c12ce55b25 Factored utf8 switching code out to i18n.c. 2007-10-19 15:58:38 +00:00
Werner Koch
19009f9959 Print used library version with --version.
Typo fixes
2007-09-14 13:38:36 +00:00
Werner Koch
15d0cb42a1 Implemented more gpg-agen options to support certain passphrase policies.
New tool gpg-check-pattern.
2007-08-27 18:10:27 +00:00
Werner Koch
503f91e0ae tryu harder to ignore duplicate specified keyrings and -boxes.
Documentation updates.
2007-08-24 09:34:39 +00:00
Werner Koch
f81f521a72 Updated estream.
More changes for Windows.
2007-08-22 10:55:07 +00:00
Werner Koch
ebd36b6344 Factored common gpgconf constants out
Fixed W32 compare_filenames
2007-08-02 18:12:43 +00:00
Werner Koch
11573b09c4 Typo fixes.
Made --default-key work for gpgsm
Add --default-key and --encrypt-to to gpgconf.
2007-07-17 18:11:24 +00:00
Werner Koch
5f97dd2c44 Translate all file descriptors received from assuan. 2007-07-12 15:28:30 +00:00
Werner Koch
4631bc8ddf Fixed card key generation of gpg2.
Reveal less information about timings while generating a key.
2007-07-05 16:58:19 +00:00
Werner Koch
a7fe86bc02 More W32 related changes 2007-06-26 13:48:44 +00:00
Werner Koch
831cd76256 Fixed a problem in estream-printf.c.
Changes for Windows (gpgsm -k does now work).
Minor cleanups.
2007-06-25 11:54:43 +00:00
Werner Koch
0b66f30d66 Implemented the --gen-key command as we can't use the gpgsm-gencert.sh under Windows. 2007-06-21 18:44:48 +00:00
Werner Koch
09cc0ee7be [w32] gpg-agent is now started automagically by gpgsm. 2007-06-20 11:16:42 +00:00
Marcus Brinkmann
e47321829d jnlib/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* stringhelp.h (percent_escape): New prototype.
	* stringhelp.c (percent_escape): New function.

agent/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-agent.c (main): Percent escape pathname in --gpgconf-list
	output.

g10/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpg.c (gpgconf_list): Percent escape output of --gpgconf-list.

scdaemon/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* scdaemon.c (main): Percent escape output of --gpgconf-list.

sm/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpgsm.c (main): Percent escape output of --gpgconf-list.
2007-06-18 20:15:01 +00:00
Werner Koch
0cfbfd6186 A whole bunch of changes to allow building for Windows.
See the ChangeLogs for details.
2007-06-14 17:05:07 +00:00
Werner Koch
f6a6e1f866 Syntax fix - should build now - however not tested. 2007-06-08 17:38:13 +00:00
Werner Koch
2c9791db55 First steps towards supporting W32.
This is mainly source code reorganization.
Update gnulib.
g10/ does currently not build.
2007-06-06 18:12:30 +00:00
Marcus Brinkmann
bc078f97a9 2007-05-19 Marcus Brinkmann <marcus@g10code.de>
* passphrase.c (passphrase_get): Use PACKAGE_GT, not PACKAGE.
2007-05-18 23:32:51 +00:00
Marcus Brinkmann
b9042f1cec agent/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* protect-tool.c (get_passphrase): Free ORIG_CODESET on error.

g10/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* passphrase.c (passphrase_get): Free ORIG_CODESET on error.

sm/
2007-05-18  Marcus Brinkmann  <marcus@g10code.de>

	* qualified.c (gpgsm_qualified_consent,
	gpgsm_not_qualified_warning): Free ORIG_CODESET on error.
	* certdump.c (gpgsm_format_keydesc): Likewise.

tools/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* symcryptrun.c (confucius_get_pass): Free ORIG_CODESET on error.
2007-05-18 22:58:59 +00:00
Werner Koch
dae4b2a83a Fix for bug 797. 2007-05-16 11:10:07 +00:00
Werner Koch
edb3dc99e9 Preparing 2.0.4 2007-05-09 11:01:33 +00:00
Werner Koch
d5052fd228 Upgraded gettext.
Fixed accidental dependency on libgcrypt 1.3.0.
2007-05-07 19:49:12 +00:00
David Shaw
3bcccb1666 * packet.h, mainproc.c (reset_literals_seen): New function to reset
the literals count.

* verify.c (verify_one_file), decrypt.c (decrypt_messages): Call it
here so we allow multiple literals in --multifile mode (in different
files - not concatenated together).
2007-05-03 04:44:12 +00:00
Marcus Brinkmann
1843485de9 2007-04-26 Marcus Brinkmann <marcus@g10code.de>
* passphrase.c (passphrase_to_dek): Write missing passphrase
	status message in case of cancellation.
2007-04-28 16:04:44 +00:00
Werner Koch
685b56a0d3 * build-packet.c (mpi_write): Made buffer a bit larger. Reported
by Alexander Feigl.
2007-04-16 18:57:23 +00:00
Werner Koch
6ae6e18d5f g10/ and sm/
* call-agent.c (start_agent): Don't use log_error when using the
	fallback hack to start the agent.  This is bug 782.
scripts/
	* mail-to-translators: Copied from 1.4. and adjusted.
tools/
	* gpgconf-comp.c: Allow changing of --allow-mark-trusted.

	* gpg-connect-agent.c (main): New option --decode and commands
	decode and undecode.
	(read_and_print_response): Implement option.
2007-04-13 11:45:05 +00:00
David Shaw
82a8277b6c * parse-packet.c (parse_marker): New. Enforce that the marker
contains 'P', 'G', 'P', and nothing but.  (parse): Call it here.
(skip_packet): No longer need to handle marker packets here.
2007-04-06 03:46:03 +00:00
David Shaw
674530c3fa From STABLE-BRANCH-1-4
* keyserver.c: Windows Vista doesn't grok X_OK and so fails access()
tests.  Previous versions interpreted X_OK as F_OK anyway, so we'll
just use F_OK directly.
2007-03-14 13:26:18 +00:00
David Shaw
dd38a04f16 From STABLE-BRANCH-1-4
* parse-packet.c (parse_signature): It's hex.

* getkey.c (merge_selfsigs_subkey): Avoid listing the contents of a
backsig when list mode is on.  Noted by Timo Schulz.
2007-03-10 02:05:54 +00:00
Werner Koch
f7c1efc880 Add extra flushs 2007-03-08 12:11:58 +00:00
Werner Koch
c54ef0383c Fix from 1.4:
* keyedit.c (keyedit_menu): If we modify the keyblock (via
	fix_keyblock() or collapse_uids()) make sure we reprocess the
	keyblock so the flags are correct.  Noted by Robin H. Johnson.

	* getkey.c (fixup_uidnode): Properly clear flags that don't apply
	to us (revoked, expired) so that we can reprocess a uid.
2007-03-08 07:39:57 +00:00
Werner Koch
9491ab44c5 Ported multiple-messages protection. 2007-03-05 14:56:31 +00:00
Werner Koch
f6243073a8 Add new SVN only file README.maint
doc/
	* gpg.texi (GPG Configuration): Document envvar LANGUAGE.
	(GPG Configuration Options): Document show-primary-uid-only.
g10/
	* gpg.c (main): Add verify option show-primary-uid-only.
	* options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New.
	* mainproc.c (check_sig_and_print): Implement it.

	* encr-data.c (decrypt_data): Correctly test for unknown algorithm.
	* import.c (check_prefs): Ditto.
	* keyedit.c (show_prefs): Ditto.
	* mainproc.c (proc_symkey_enc): Ditto.
2007-02-26 20:24:29 +00:00
Werner Koch
b46c93fb10 * export.c (do_export_stream): Allow reset-subkey-passwd along
with sexp-format.
2007-02-14 16:26:05 +00:00
Werner Koch
1c2a81fcee Fix for Debian bug 402592 2007-02-04 17:23:00 +00:00
Werner Koch
7759f3017e Fix NULL pointer dereference 2007-01-31 15:22:21 +00:00
Werner Koch
b861561e47 Included LIBICONV in all Makefiles.
g10/
	* passphrase.c (passphrase_get): Set the cancel flag on all error
	from the agent.  Fixes a bug reported by Tom Duerbusch.
sm/
	* gpgsm.c (main): Let --gen-key print a more informative error
	message.
2007-01-31 14:24:41 +00:00
Werner Koch
7eec2efa66 Added LIBINTL to more Makefile targets.
doc/
	* com-certs.pem: Added the current root certifcates of D-Trust and
	S-Trust.

g10/
	* status.c (write_status_begin_signing): New.
	* sign.c (sign_file, sign_symencrypt_file): Call it.
	* textfilter.c (copy_clearsig_text): Call it.

	* call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if
	required.

	* gpg.c (main): Let --no-use-agent and --gpg-agent-info print a
	warning.  
	* misc.c (obsolete_option): New.
2007-01-30 20:16:28 +00:00
Werner Koch
006c5af165 * parse-packet.c (read_protected_v3_mpi): Make sure to stop
reading even for corrupted packets.
	* keygen.c (generate_user_id): Need to allocate one byte more.
	Reported by Felix von Leitner.
2007-01-15 19:31:24 +00:00
Werner Koch
12ca74c836 Started to code a --server mode.
It is far from being ready!
2006-12-21 19:40:00 +00:00
Werner Koch
71b6a940a3 Doc fix.
Don't let gpg2 fail if the option skeleton file is missing
2006-12-08 11:30:13 +00:00
David Shaw
7b9eee1e5e Makefile.am: Link to iconv for jnlib dependency. (OSX) 2006-12-07 23:20:20 +00:00
Werner Koch
0173cd5a98 Fixes for CVE-2006-6235 2006-12-06 10:16:50 +00:00
David Shaw
114b20e8be * keyedit.c (menu_clean): Show "already minimized" rather than
"already clean" when a minimized key is minimized again.  From Dirk
Traulsen.
2006-12-03 06:27:49 +00:00
David Shaw
884d1af0ae * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add
--passphrase-repeat option to control how many times gpg will
re-prompt for a passphrase to ensure the user has typed it correctly.
Defaults to 1.
2006-12-03 04:41:59 +00:00
Werner Koch
fecadab9c3 * openfile.c (ask_outfile_name): Fixed buffer overflow occurring
if make_printable_string returns a longer string.  Fixes bug 728.
2006-11-27 16:41:32 +00:00
Werner Koch
13e646d938 Final fix which should now pass all tests. 2006-11-21 19:33:04 +00:00
Werner Koch
82423b1e94 Changed order of libs 2006-11-21 15:29:52 +00:00
Werner Koch
e50c5f39cc No more warnings for AMD64 (at least when cross-compiling). Thus tehre is a
good chance that gpg2 will now work. 
Other cleanups.
Updated gettext.
2006-11-21 11:00:14 +00:00
Werner Koch
cd3e8c9b89 Fixed that nasty 64 bit but. 2006-11-10 11:32:00 +00:00
Werner Koch
10d563da08 Collected fixes. 2006-11-05 15:08:58 +00:00
Marcus Brinkmann
7aeb3a45fa 2006-10-24 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (AM_CFLAGS): Add $(LIBASSUAN_CFLAGS).
2006-10-24 14:51:39 +00:00
Werner Koch
7b8ea82ab6 . 2006-10-23 14:02:13 +00:00
Werner Koch
58785c880d Allow to select X.509 certificates using the keygrip. 2006-10-20 11:38:48 +00:00
Werner Koch
df52700f5c Fixes 2006-10-19 14:22:06 +00:00
Werner Koch
971f824f72 Fixed v3 keyids. 2006-10-18 15:34:54 +00:00
Werner Koch
2a514d34df Fixed a bug with very long keys. 2006-10-18 14:28:52 +00:00
Werner Koch
be410be660 Pth tweaks and improved estream.c 2006-10-17 14:34:42 +00:00
David Shaw
c6465b0654 * parse-packet.c (parse_symkeyenc): Show the unpacked as well as the
packed s2k iteration count.

* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.
2006-10-13 04:06:24 +00:00
Werner Koch
2e8481c03b Various changes 2006-10-10 11:11:04 +00:00
David Shaw
ae390ea0a2 * keyserver.c (keyserver_spawn): Write the 16-digit keyid rather
than whatever key selector the user used on the command line.
2006-10-06 05:57:52 +00:00
Werner Koch
158a69aff7 bug fixes 2006-10-05 11:06:42 +00:00
Werner Koch
3b1f186c87 Re-enabled --passphrase-fd 2006-10-04 17:22:24 +00:00
Werner Koch
8684a78518 Fixed agent access for gpg. 2006-10-04 16:45:04 +00:00
Werner Koch
ecf7ad43f6 Preparing a new release 2006-10-04 10:22:56 +00:00
Werner Koch
4b48bcacc9 Fix for bug 537 2006-10-02 11:54:35 +00:00
Werner Koch
43ab905823 Various updates 2006-09-21 13:30:45 +00:00
Werner Koch
c69dc436ce Cleanups. 2006-09-20 11:01:49 +00:00
Werner Koch
03d3322e5f Take advantage of newer gpg-error features. 2006-09-14 16:50:33 +00:00
Werner Koch
9577dd45ab Various fixes and new features.
Enhanced gpg-connect-agent.
2006-09-13 15:57:30 +00:00
Marcus Brinkmann
f89c0be405 2006-09-06 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (gpg2_LDADD, gpgv2_LDADD): Replace -lassuan and
	-lgpg-error with $(LIBASSUAN_LIBS) and $(GPG_ERROR_LIBS).
	(AM_CFLAGS): Add $(LIBASSUAN_CFLAGS) and $(GPG_ERROR_CFLAGS).
2006-09-06 21:41:14 +00:00
Werner Koch
eef036df23 The big Assuan error code removal. 2006-09-06 16:35:52 +00:00
Werner Koch
7b9fa9da99 Minor changes and typo fixes. 2006-09-06 11:53:24 +00:00
Werner Koch
d8602648b8 See ChangeLogs 2006-08-29 16:18:30 +00:00
Werner Koch
0ebd23fa76 Migrated more stuff to doc/
Migrated the gpg regression tests.
Some changes tp the gpg code to fix bugs and
for the use in testing. 
make distcheck works now with gpg enabled.
2006-08-21 20:20:23 +00:00
Werner Koch
b744f963d7 With --enable-gpg the keyservers are now build and a first test using gpg2
shows no prblems.   Needs more testing of course.
2006-08-16 10:47:53 +00:00
Werner Koch
de5070caf0 Preparing a new release 2006-07-27 14:18:55 +00:00
Werner Koch
6c208fea32 A couple of fixes. gpg2's key generation does now work. 2006-06-30 09:42:08 +00:00
Werner Koch
f081ad529d Ported patches from 1.4.x 2006-06-27 14:30:59 +00:00
Werner Koch
b61df862a7 Still making gpg2 work.
At least the keyids are now correctly computed again.
2006-05-24 11:12:28 +00:00
Werner Koch
fbe4ac37f6 g10/ does build again. 2006-05-23 16:19:43 +00:00
Werner Koch
00ffc478de Merged recent changes from 1.4 2006-04-28 14:31:29 +00:00
Werner Koch
29b23dea97 Merged with gpg 1.4.3 code.
The gpg part does not yet build.
2006-04-19 11:26:11 +00:00
Werner Koch
deeba405a9 gcc-4 defaults forced me to edit many many files to get rid of the
char * vs. unsigned char * warnings.  The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.
2005-06-16 08:12:03 +00:00
Werner Koch
cad9562436 * configure.ac (gl_INIT): Add gnulib stuff.
(fseeko, ftello, ttyname, isascii): Replaced the AC_REPLACE_FUNCS
by a simple check.
(putc_unlocked): Removed check.  Not used.
(strsep, mkdtemp, asprintf): Replaced checks by gnulib checks.
(xsize): Added will probably come handy soon.
(CFLAGS): Use -Wformat-security instead of
-Wformat-nonliteral. Add --Wno-format-y2k.
* gl/, gl/m4/: New.

* gpg-agent.c: Include setenv.h.

* Makefile.am (AM_CPPFLAGS): Added.

* util.h: Add some includes for gnulib.
(ttyname, isascii): Define them inline.
* fseeko.c, ftello.c: Removed.
* strsep.c, mkdtemp.c: Removed.
* ttyname.c, isascii.c: Removed.

* mkdtemp.c: Removed.
* exec.c: Include mkdtemp.h

* keybox-file.c (ftello) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/ftello.c.
* keybox-update.c (fseeko) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/iobuf.c.

* scdaemon.c: Include mkdtemp.h.

* misc.c: Include setenv.h.

* symcryptrun.c: Include mkdtemp.h.
2005-06-01 15:46:01 +00:00
Werner Koch
878cf20766 * gpg-agent.c (main): Use default_homedir().
* protect-tool.c (main): Ditto.

* signal.c (got_fatal_signal, got_usr_signal)
(got_fatal_signal) [DOSISH]: Don't build.
* simple-gettext.c: Include sysutils.h

* homedir.c: New.
* Makefile.am (libcommon_a_SOURCES): Add it.
(EXTRA_DIST): Removed mkerror and mkerrtok.

* gpgv.c, g10.c (main): Use default_hoemdir ().

* scdaemon.c (main): Use default_homedir().

* gpgsm.c (main): Use default_homedir().
2004-12-21 10:03:00 +00:00
Werner Koch
3666a2859b Avoid the " map_to_assuan_status called with no error source" diagnostic. 2004-12-18 10:22:10 +00:00
Werner Koch
17c2c40601 Compile fixes. 2004-10-22 16:03:04 +00:00
Werner Koch
048635bede * gpgv.c (i18n_init): Always use LC_ALL.
* kbxutil.c (i18n_init): Always use LC_ALL.

* gpgsm.c (i18n_init): Always use LC_ALL.

* certdump.c (gpgsm_format_name): Factored code out to ..
(gpgsm_format_name2): .. new.
(gpgsm_print_name): Factored code out to ..
(gpgsm_print_name2): .. new.
(print_dn_part): New arg TRANSLATE.  Changed all callers.
(print_dn_parts): Ditto.
(gpgsm_format_keydesc): Do not translate the SUBJECT; we require
it to stay UTF-8 but we still want to filter out bad control
characters.

* gpgconf.c (i18n_init): Always use LC_ALL.
2004-09-30 21:37:11 +00:00
Werner Koch
335b5e4ac4 Preparing a new release. Updated gettext 2004-09-30 14:34:34 +00:00
Werner Koch
f100401478 (show_key_with_all_names): Print the card S/N.
* app-openpgp.c (app_select_openpgp): Its app_munge_serialno and
not app_number_serialno.
2004-09-20 18:47:11 +00:00
Moritz Schulte
305f910ed2 2004-09-11 Moritz Schulte <moritz@g10code.com>
* openfile.c (copy_options_file): Fixed last commit (added a `+').
2004-09-11 13:34:41 +00:00
Werner Koch
45accef52a Better take the length of SKELEXT into account 2004-08-31 09:00:58 +00:00
Werner Koch
452e415784 * openfile.c (copy_options_file): Use gpg-conf.skel
* Makefile.am: Install options.skel as gpg-conf.skel.
2004-08-31 07:57:33 +00:00
Marcus Brinkmann
9d864ebef7 2004-08-18 Marcus Brinkmann <marcus@g10code.de>
* passphrase.c (agent_get_passphrase):
2004-08-18 00:03:07 +00:00
Werner Koch
8f81ba17dc * card-util.c (change_login): Kludge to allow reading data from a
file.
(card_edit): Pass ARG_STRING to change_login.
(card_status): Print CA fingerprints.
(change_cafpr): New.
(card_edit): New command CAFPR.

* call-agent.h: Add members for CA fingerprints.
* call-agent.c (agent_release_card_info): Invalid them.
(learn_status_cb): Store them.
2004-07-01 17:42:09 +00:00
Werner Koch
339f0840e1 (main) <gpgconf>: Use gpg.conf and not /dev/null as
default filename.
2004-04-30 16:36:36 +00:00
Werner Koch
b6018a1b0e * card-util.c (card_edit): Remove PIN verification.
(generate_card_keys): New arg SERIALNO.  Do PIN verification here
after resetting forced_chv1.
2004-04-29 17:25:38 +00:00
Werner Koch
6efe46d4ff (change_name): Check that the NAME is not too long.
(change_url): Likewise.
(change_login): Likewise.
2004-04-26 18:26:54 +00:00
Werner Koch
a40cbf1c33 * configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT>
* g10.c: New options --gpgconf-list, --debug-level and --log-file
(set_debug): Add arg DEBUG_LEVEL.
(main): Look at less and less version specific config files.  From
gnupg 1.3.
2004-03-23 13:03:09 +00:00
Werner Koch
16f3d8396e * call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO.
* passphrase.c (agent_open): Ditto.
2004-02-18 16:59:03 +00:00
Werner Koch
e99475d59e * gpgv.c: Removed g10defs.h.
* Makefile.am: Include cmacros.am for common flags.
2004-02-12 09:28:52 +00:00
Moritz Schulte
af41684669 2004-01-19 Moritz Schulte <mo@g10code.com>
* keygen.c (do_generate_keypair): Don't try to execute certain pieces of code
	in case an error occured.
	(gen_card_key): Don't print out a message, which is already
	printed by do_generate_keypair().
2004-01-19 01:48:17 +00:00
Moritz Schulte
7739d95804 2004-01-19 Moritz Schulte <mo@g10code.com>
* keygen.c (do_generate_keypair): Print member fname, instead of
	newfname, again.
2004-01-19 01:07:46 +00:00
Moritz Schulte
36cbfed6fc 2004-01-18 Moritz Schulte <mo@g10code.com>
* keygen.c (do_generate_keypair): Print member fname, instead of
	newfname.
2004-01-18 22:48:49 +00:00
Werner Koch
23fa5c9792 * card-util.c (print_name): Fixed bad format string usage.
(print_isoname): Ditto.

* trustdb.c (check_regexp): s/exp/expr/.

* keyedit.c (trustsig_prompt): Removed a "> 255" term; it is
always false due to the data type.

* passphrase.c (agent_get_passphrase): Use xasprintf and avoid
non-literal format strings.

* tdbio.c (upd_hashtable, drop_from_hashtable, lookup_hashtable):
Fixed log_error format string bugs.  Kudos to the now working
gcc-3.3 -Wformat-nonliteral and Florian Weimer's investigations in
gnupg 1.2.3.
2003-12-17 12:26:56 +00:00
Werner Koch
f18d0e557c * seckey-cert.c (protect_secret_key): Use gry_create_nonce for the
IV; there is not need for real strong random here and it even
better protect the random bits used for the key.
2003-12-16 11:30:57 +00:00
Moritz Schulte
19d65e2b4b 2003-11-16 Moritz Schulte <mo@g10code.com>
* signal.c: Removed unused file.
2003-11-16 15:29:07 +00:00
Moritz Schulte
f794da4ad4 2003-11-10 Moritz Schulte <mo@g10code.com>
* Makefile.am (INCLUDES): Added: @LIBGCRYPT_CFLAGS@.
2003-11-10 10:42:43 +00:00
Werner Koch
f936866734 (learn_status_cb, scd_genkey_cb): Fixed faulty use
of !spacep().
2003-10-25 14:22:08 +00:00
Werner Koch
99277d21c1 * card-util.c (card_edit): New command "passwd". Add logic to
check the PIN in advance.
(card_status): Add new args to return the serial number.  Changed
all callers.
* call-agent.c (agent_scd_checkpin): New.
2003-10-21 17:12:21 +00:00
Werner Koch
30342b06ef * call-agent.c (agent_scd_getattr): Don't clear the passed info
structure, so that it can indeed be updated.

* card-util.c (fpr_is_zero): New.
(generate_card_keys): New.
(card_edit): New command "generate".
* keygen.c (generate_keypair): New arg CARD_SERIALNO, removed call
to check_smartcard.
(check_smartcard,show_smartcard): Removed.
(show_sha1_fpr,fpr_is_zero): Removed.

* app-openpgp.c (do_getattr): Support SERIALNO and AID.
2003-10-08 10:46:58 +00:00
Werner Koch
f194ebc782 Fixes to make inclusion of card raleted source files into 1.3 easier. 2003-10-02 10:27:34 +00:00
Werner Koch
316dc2fd60 * keylist.c (print_card_serialno): New.
(list_keyblock_print): Use it here.

* card-util.c (toggle_forcesig): New.
(card_edit): New command "forcesig".

* card-util.c (print_name, print_isoname): Use 0 and not LF fro
the max_n arg of tty_print_utf8_string2.

* call-agent.c (agent_scd_getattr): New.
(learn_status_cb): Release values before assignment so that it can
be used by getattr to update the structure.

* card-util.c (change_pin): Simplified.  We now have only a PIN
and an Admin PIN.
2003-09-30 17:34:38 +00:00
Werner Koch
3af881581f Minor fixes 2003-09-30 13:22:33 +00:00
Timo Schulz
acd7f7c70d 2003-09-26 Timo Schulz <twoaday@freakmail.de>
* card_status (card_status): Do not use fputs since the fp
        parameter can be NULL. This fixes a segv.
2003-09-26 11:03:08 +00:00
Werner Koch
791e69e3e9 (print_isoname,card_status): Handle opt.with_colons.
(print_sha1_fpr_colon): New.
2003-09-24 08:31:16 +00:00
Werner Koch
4c66e94ff9 Merged most of David Shaw's changes in 1.3 since 2003-06-03. 2003-09-23 17:48:33 +00:00
Timo Schulz
47959a306e 2003-09-22 Timo Schulz <twoaday@freakmail.de>
* card-util.c (card_status): Free pk in case of an error
        and return if the card is no OpenPGP card.
2003-09-22 20:43:25 +00:00
Werner Koch
918eee7195 * g10.c: New command --card-edit.
* card-util.c (card_status): Use tty_fprintf for all output.
(print_sha1_fpr, print_isoname): Ditto.
(get_one_name,change_name, change_url, change_login,change_lang)
(change_sex): New; taken from keygen.c.
* keygen.c (smartcard_get_one_name, smartcard_change_name)
(smartcard_change_url, smartcard_change_login_data)
(smartcard_change_lang, smartcard_change_sex): Removed.
(check_smartcard): Removed most menu items.
2003-09-18 15:51:18 +00:00
Werner Koch
be034cf34c * configure.ac: Required newer versions of some libraries.
* misc.c (openpgp_pk_algo_usage): Allow AUTH where SIGN is allowed.

* keygen.c (ask_passphrase): No need to allocated S2K in secure
memory.

* scdaemon.c (main): --pcsc-driver again defaults to pcsclite.
David Corcoran was so kind to remove the GPL incompatible
advertisng clause from pcsclite.
* apdu.c (apdu_open_reader): Actually make pcsc-driver option work.
2003-09-06 13:23:48 +00:00
Werner Koch
3598504854 * keygen.c (do_add_key_flags, parse_parameter_usage)
(do_generate_keypair): Add support the proposed AUTH key flag.
* getkey.c (fixup_uidnode, merge_selfsigs_main)
(merge_selfsigs_subkey, premerge_public_with_secret): Ditto.
* keylist.c (print_capabilities): Ditto.
2003-09-05 07:40:18 +00:00
Werner Koch
936250aac9 * configure.ac (HAVE_LIBUSB): Added a simple test for libusb.
* scdaemon.c, scdaemon.h: New option --pcsc-ccid.
* ccid-driver.c, ccid-driver.h: New but far from being useful.
* Makefile.am: Add above.
* apdu.c: Add support for that ccid driver.
2003-09-02 19:06:34 +00:00
Timo Schulz
93ddaf9acc 2003-08-25 Timo Schulz <twoaday@freakmail.de>
* pkglue.c (mpi_from_sexp): New. Used to factor out
        some common code.
2003-08-25 21:12:43 +00:00
Timo Schulz
f9867edfb8 * mdc.c (use_mdc): Simplified. 2003-08-18 21:32:19 +00:00
Timo Schulz
73b5da4c7d 2003-08-18 Timo Schulz <twoaday@freakmail.de>
* encode.c (encode_sesskey): Checked the code and removed
        the warning since all compatibility checks with PGP succeeded.
        * mainproc.c (symkey_decrypt_sesskey): Better check for the
        algorithm and check the return values of some functions.
2003-08-18 21:25:03 +00:00
Werner Koch
dbb7f4c89c (pk_sign): Fix last change.
(pk_verify): Check for valid DATA array so that we don't segv in
Libgcrypt.
(pk_verify): Ditto.
2003-08-07 07:05:38 +00:00
Werner Koch
1bcf8ef9de Cleanups, fixes and PC/SC support 2003-08-05 17:11:04 +00:00
Werner Koch
6f7ed05900 * gpgsm.c (main): Add secmem features and set the random seed file.
(gpgsm_exit): Update the random seed file and enable debug output.

* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.

* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.
2003-07-29 08:53:19 +00:00
Werner Koch
979ed0ca26 Adjusted for use with current libgcrypt (1.1.42). 2003-07-28 08:59:18 +00:00
Werner Koch
0fe6a1287f * g10.c: New command --card-status.
* card-util.c (card_status): New.
* call-agent.c (learn_status_cb): Parse more information.

* keylist.c (print_pubkey_info): Add FP arg for optinal printing
to a stream.  Changed all callers.
2003-07-24 09:06:43 +00:00
Werner Koch
44f4303bcf * keygen.c (generate_keypair): Create an AUTHKEYTYPE entry for cards.
(do_generate_keypair): Abd generate the authkey.
(check_smartcard): Changed menu accordingly.
2003-07-23 07:11:06 +00:00
Werner Koch
4622a2180d * export.c (parse_export_options): New option sexp-format.
(export_seckeys,export_secsubkeys): Check sexp-format option.
(do_export): Ignore armor for sexp format.
(do_export_stream): Handle sexp-format.
(write_sexp_line,write_sexp_keyparm, build_sexp_seckey): New.
(build_sexp): New.
2003-07-16 13:45:15 +00:00
Werner Koch
1753a2f3b0 * options.h (DBG_CIPHER): Reintroduced it.
* seskey.c (encode_session_key): Debug output of the session key.

* pubkey-enc.c (get_it): Handle card case.
* call-agent.c (agent_scd_pkdecrypt): New.
* pkglue.c (pk_encrypt): Add RSA support.

* g10.c (main): Default to --use-agent.

* keygen.c (show_smartcard): Print info about the public key.
(check_smartcard): Check for existing key here.
(gen_card_key): And not anymore here.
(fpr_is_zero): New.
(generate_keypair): Generate both keys for a card.
(smartcard_change_url): Nw.
2003-07-03 18:08:16 +00:00
Werner Koch
39046ea7ec * app-openpgp.c (store_fpr): Fixed fingerprint calculation.
* keygen.c (gen_card_key): Obviously we should use the creation
date received from SCDAEMON, so that the fingerprints will match.
* sign.c (do_sign): Pass the serialno to the sign code.
* keyid.c (serialno_and_fpr_from_sk): New.
2003-07-01 08:34:45 +00:00
Werner Koch
5c46f134e2 Key generation and signing using the OpenPGP card does rudimentary work. 2003-06-27 20:53:09 +00:00
Werner Koch
b7bd5e8088 Fixes to the libgcrypt switch. Basically works now. 2003-06-23 15:16:12 +00:00
Werner Koch
c0c2c58054 Finished the bulk of changes for gnupg 1.9. This included switching
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types.  Note, that not all changes are listed below becuause they are
too similar and done at far too many places.  As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
2003-06-18 19:56:13 +00:00
Werner Koch
b7b07d36e8 A small step for GnuPG but a huge leap for error codes.
(Sorry, it does not build currently - I need to check it in to avoid
duplicate work.)
2003-06-05 07:14:21 +00:00
Repo Admin
7250331472 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2003-06-05 07:14:21 +00:00
Repo Admin
82a17c9fb3 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2002-10-19 07:55:27 +00:00
Werner Koch
be9b626c1d * pkclist.c (do_edit_ownertrust): Show all user IDs. This should
be enhanced to also show the current trust level.  Suggested by
Florian Weimer.
2002-10-17 13:48:43 +00:00
David Shaw
e613304ae7 * g10.c (main): Handle --strict and --no-strict from the command line
before the options file is loaded.
2002-10-17 11:50:46 +00:00
David Shaw
73ccfeb606 * g10.c (main): Disable --textmode when encrypting (symmetric or pk) in
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
2002-10-15 17:01:04 +00:00
David Shaw
da1c9e820c * keyserver-internal.h, keyserver.c (print_keyrec, parse_keyrec,
show_prompt, keyserver_search_prompt, keyserver_spawn): Go to version 1 of
the keyserver protocol.  This is a better design, similar to
--with-colons, that allows for keys with multiple user IDs rather than
using multiple keys.  It also matches the machine readable pksd format.
Also use a prettier --search-keys listing format that can fill different
size windows (currently set at 24 lines).
2002-10-14 18:50:28 +00:00
Werner Koch
e5f14f15da * keygen.c (print_status_key_created): New.
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
2002-10-12 11:47:40 +00:00
David Shaw
9fafaa7ef7 * keyedit.c (menu_addrevoker): Properly back out if the signature fails.
Also, do not allow appointing the same revoker twice, and report
ALREADY_SIGNED if the user tries it.
2002-10-11 21:07:03 +00:00
David Shaw
9e86063293 And changelog :) 2002-10-07 22:19:27 +00:00
David Shaw
1fed5c87f0 * getkey.c (get_pubkey_direct): Don't cache keys retrieved via this
function as they may not have all their fields filled in.

* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
2002-10-04 22:12:09 +00:00
Werner Koch
d68fe4f73d * import.c (import_keys_internal): s/inp/inp2/ to avoid shadowing
warning.

* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping.  Noted by Ingo Kl�cker.
2002-10-04 05:43:54 +00:00
David Shaw
8c48fbd0e2 * options.h, g10.c (main): Add --strict and --no-strict to switch the
log_warning severity level from info to error.
2002-10-03 22:13:04 +00:00
David Shaw
fcefffcb00 * keylist.c (print_capabilities): Secret-parts-missing keys should show
that fact in the capabilities, and only primary signing keys can certify
other keys.

* packet.h, parse_packet.c (parse_key): Add is_primary flag for public
keys (it already exists for secret keys).
2002-10-03 19:20:37 +00:00
David Shaw
58972f24c4 * import.c (import_secret_one): Check for an illegal (>110) protection
cipher when importing a secret key.

* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.

* parse_packet.c (parse_key): Some comments.

* revoke.c (gen_revoke): Remove some debugging code.

* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.

* seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher
in question is in fact IDEA.
2002-10-02 22:01:29 +00:00
David Shaw
05691b1dce * import.c (import_one): Make sure that a newly imported key starts with a
clean ownertrust.
2002-10-01 17:32:06 +00:00
Werner Koch
e85fd72317 * getkey.c (get_pubkey_direct): New.
(merge_selfsigs_main): Use it here to look for an ultimately
trusted key.  Using the full get_pubkey might lead to an
infinitive recursion.
2002-10-01 08:38:24 +00:00
David Shaw
383ff96bea * keyserver.c (parse_keyserver_uri): Force the keyserver URI scheme to
lowercase to be case-insensitive.
2002-09-30 03:28:41 +00:00
David Shaw
9380f80b14 2002-09-28 David Shaw <dshaw@jabberwocky.com>
* export.c (do_export_stream): Comment.

	* sig-check.c (check_key_signature2): Properly handle a
	non-designated revocation import.

2002-09-26  Werner Koch  <wk@gnupg.org>

	* g10.c (set_homedir): New. Changed all direct assignments to use
	this.
	* gpgv.c (set_homedir): Ditto.
2002-09-28 17:49:38 +00:00
David Shaw
48d55024e2 * Makefile.am: Link gpg with EGDLIBS (i.e. NETLIBS) as EGD uses sockets.
Remove the old NETLIBS variable since the keyserver stuff is no longer
internal.
2002-09-25 11:30:51 +00:00
David Shaw
7ad7f453c0 * import.c (import_keys_stream): Fix compiler type warning.
* keyring.c (keyring_rebuild_cache), sig-check.c (check_key_signature2),
import.c (import, chk_self_sigs): Minor language cleanups.
2002-09-24 21:20:48 +00:00
Stefan Bellon
bbf5ea78c2 added fast-import to import-options 2002-09-23 13:03:52 +00:00
Stefan Bellon
77ffe357a9 avoid function clone 2002-09-22 09:20:08 +00:00
Stefan Bellon
78c754cd70 added trustdb update/check for stream import as well 2002-09-21 23:59:59 +00:00
Stefan Bellon
b9c091bd86 trustdb checks/updates after import 2002-09-21 21:57:22 +00:00
David Shaw
c4c0b1dc5b From stable branch
* keyserver.c (keyserver_spawn): Properly handle line truncation. Don't
leak memory (~10-20 bytes) on searches.
(keyserver_search_prompt): Cleanup.

* keylist.c (list_keyblock_colon): Show 1F direct key signatures in
--with-colons listing.
2002-09-19 17:13:03 +00:00
David Shaw
299e2bf336 From stable branch
* keyedit.c (menu_addrevoker): The direct key signature for revocation
keys must be at least v4 to carry the revocation key subpacket.  Add a PGP
2.x warning for revocation keys.

* g10.c (check_permissions): Rearrange strings to make translating easier
(don't incorporate string parts).

* keyedit.c (sign_uids): Make strings translatable.

* sig-check.c (check_key_signature2): Make string translatable.
2002-09-17 03:21:13 +00:00
David Shaw
baffecaca2 Import from stable branch.
2002-09-13  David Shaw  <dshaw@jabberwocky.com>

	* getkey.c (check_revocation_keys): Move....
	* main.h, sig-check.c (check_revocation_keys): to here.  Also
	return the signature_check error code rather than 0/1 and cache
	the sig result.

	* sig-check.c (check_key_signature2): Divert to
	check_revocation_keys if a revocation sig is made by someone other
	than the pk owner.

	* getkey.c (merge_selfsigs_main): Tidy.

2002-09-13  Werner Koch  <wk@gnupg.org>

	* g10.c (main) [__MINGW32__]: Activate oLoadExtension.
2002-09-13 12:59:31 +00:00
David Shaw
b45a2d03a6 * Makefile.am, hkp.c, hkp.h, keyserver.c (keyserver_work): Remove internal
HKP support.
2002-09-12 12:45:58 +00:00
David Shaw
72cd3ef859 * keyserver.c (keyserver_spawn): Remove whitespace after keyserver
commands.
2002-09-12 12:10:04 +00:00
Werner Koch
c5445cc323 * g10.c, options.h: Removed option --emulate-checksum-bug.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
2002-09-11 07:27:54 +00:00
David Shaw
c30d7e8dc7 * exec.c (expand_args): Remove loop left over from earlier implementation.
(exec_write): Missed one tick.
2002-09-10 18:03:40 +00:00
Werner Koch
b324a5d2d1 Cleanups and minor fixes. 2002-09-10 08:40:12 +00:00
David Shaw
d8eda8dbd1 * g10.c (add_group): Use '=' to separate group name from group members.
Use a better error message for when no = is found.

* hkp.c (hkp_export): Use CRLF in headers.
2002-09-09 19:21:58 +00:00
David Shaw
8dccf882f7 * mainproc.c (print_pkenc_list): Don't increment the error counter when
printing the list of keys a message was encrypted to.  This would make gpg
give a non-zero exit code even for completely valid messages if the
message was encrypted to more than one key that the user owned.
2002-09-04 02:48:47 +00:00
Werner Koch
5819b1ee45 * g10.c (main): Try to set a default character set. Print the
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.

* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
2002-09-02 10:59:04 +00:00
David Shaw
46a58a0527 * pkclist.c (build_pk_list): Add new status code to indicate an untrusted
user.  This (or a disabled key) fail with "unavailable pubkey"
(G10ERR_UNU_PUBKEY).
2002-08-30 19:21:55 +00:00
David Shaw
c721e11bf5 * pkclist.c (build_pk_list): Fail if any recipient keys are unusable.
* options.skel: The PGP LDAP keyserver is back.  Use MIT keyserver as a
sample rather than cryptnet as cryptnet does not support searching yet.

* keyedit.c (show_key_with_all_names): Fix error message (preferences are
userid/selfsig and not key specific).
2002-08-30 18:01:32 +00:00
Werner Koch
5dfd5a6dac * pkclist.c (do_we_trust_pre): Changed the wording of a warning.
* encode.c (encode_simple,encode_crypt): Use new style CTB for
compressssed packets when using MDC.  We need to do this so that
concatenated messages are properly decrypted.  Old style
compression assumes that it is the last packet; given that we
can't determine the length in advance, the uncompressor does not
know where to start.  Actually we should use the new CTB always
but this would break PGP 2 compatibility.
* parse-packet.c (parse): Special treatment for new style CTB
compressed packets.

* build-packet.c (do_mdc): Removed. Was not used.
(do_encrypted_mdc): Count the version number and the MDC packet.
2002-08-30 16:34:13 +00:00
David Shaw
a119391e26 * sig-check.c (do_check_messages, do_check): Show keyid in error messages.
* keyserver.c (print_keyinfo): More readable key listings for
--search-keys responses.
2002-08-28 19:34:58 +00:00
David Shaw
da488f03a7 * hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into new
"dehtmlize" function.  Remove HTML before trying to parse each line from
the keyserver.  If the keyserver provides key type information in the
listing, use it.
2002-08-26 19:07:59 +00:00
David Shaw
7e3e9bf357 * sig-check.c (do_check, do_check_messages): Emit the usual sig warnings
even for cached sigs.  This also serves to protect against missing a sig
expiring while cached.

* getkey.c (merge_selfsigs_main): Don't check UID self-sigs twice.
2002-08-23 20:59:48 +00:00
David Shaw
8609693d79 * import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys into
chk_self_sigs.  This improves efficiency as the same signatures are not
checked multiple times.  Clarify when a subkey is revoked (any revocation
signature, even if it is dated before the binding signature).

* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.

* keylist.c (list_one): Stats are only for public key listings.

* g10.c (main), options.skel: Default should be include-revoked for
keyserver operations.
2002-08-22 17:47:42 +00:00
Werner Koch
c7dfa3a8d2 * import.c (import_print_stats): Print new non_imported counter
which is currently not used becuase we terminate on errors.
2002-08-21 14:59:05 +00:00
David Shaw
1cc0480be4 * options.skel: Document no-include-attributes for keyserver-options. 2002-08-20 17:16:33 +00:00
David Shaw
fa88fe9aaf * keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and comments.
* export.c (do_export_stream): Fix noop bug in exporting sensitive
revocation keys.

* pkclist.c (do_edit_ownertrust): Comment out the option for showing trust
paths until it can be implemented.
2002-08-20 12:45:57 +00:00
Werner Koch
89f8e7ef36 * getkey.c (get_user_id_native): Renamed to ..
(get_user_id_printable): this.  Filter out all dangerous
characters.  Checked all usages.
(get_user_id_string_native): Renamed to..
(get_user_id_string_printable): this.  Filter out all dangerous
characters.  Checked all usages.
* keyedit.c (show_basic_key_info): New.
* keylist.c (print_fingerprint): New mode 3.
* import.c (import_one): Use new function to display the user ID.
2002-08-19 08:28:00 +00:00
Timo Schulz
5201d1ec9d 2002-08-16 Timo Schulz <ts@winpt.org>
* g10.c (main): enable opt.interactive.

        * import.c (import_one): Ask the user if the key shall be
        imported when the interactive mode is used. Useful to extract
        selected keys from a file.
2002-08-18 17:24:21 +00:00
Werner Koch
e78e69f37a Removed a leftover conflict indicator. 2002-08-16 07:14:29 +00:00
Werner Koch
0996f7d4df * seckey-cert.c: Workaround to allow decryption of v3 keys created
with a bug in the mpi_get_secure_buffer.
2002-08-16 07:13:13 +00:00
David Shaw
9ad0a6550b * hkp.c (parse_hkp_index): Properly handle really large keys (5 digit key
length) in HKP searches.
2002-08-14 22:48:28 +00:00
David Shaw
1111da19a8 * encode.c (encode_simple): Fix problem with using compression algo 2 and
symmetric compressed files.

* encode.c (encode_simple, encode_crypt): If we are not using a MDC,
compress even if a file is already compressed.  This is to help against
the chosen ciphertext attack.

* pkclist.c (select_algo_from_prefs): Fix requested algorithm bug so the
request succeeds even if the requested algorithm is not the first found.

* cipher.c (write_header), encode.c (use_mdc, encode_simple, encode_crypt,
encrypt_filter), g10.c (main): Be more eager to use a MDC.  We use a MDC
if the keys directly support it, if the keys list AES (any) or TWOFISH
anywhere in the prefs, or if the cipher chosen does not have a 64 bit
blocksize.
2002-08-13 19:00:23 +00:00
David Shaw
74a84ca93b * options.skel: Some language tweaks, and remove the load-extension
section for random gatherers.

* keyring.c (create_tmp_file, rename_tmp_file): Create tmp files with
user-only permissions, but restore the original permissions if the user
has something special set.

* openfile.c (copy_options_file): Create new options file (gpg.conf) with
user-only permissions.

* keydb.c (keydb_add_resource): Create new keyrings with user-only
permissions.
2002-08-09 02:23:42 +00:00