1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-25 10:49:57 +01:00

751 Commits

Author SHA1 Message Date
Werner Koch
0aba8ef50a * cs.po: New. 2002-04-09 13:00:46 +00:00
Werner Koch
eef0fc2892 * DETAILS: Fix a spelling error, correct IMPORTED_RES to IMPORT_RES,
correct INV_RECP (the second occurence) to NO_RECP.
2002-04-09 11:38:20 +00:00
Werner Koch
b725d8ec27 Merged in my changes, after disk crash. Fortunately the CVS was not
affected - but everything else and it seems that there is no backup of
the BTS data is available :-(
2002-04-08 15:10:51 +00:00
David Shaw
6be3bee320 Fix auto-key-retrieve to actually work as a keyserver-option (noted by
Roger Sondermann).

Do not reorder the primary attribute packet - the first user ID must be a
genuine one.
2002-04-04 03:45:50 +00:00
David Shaw
7e2e0b9950 Documentation fixes.
auto-key-retrieve is a keyserver-option (noted by Roger Sondermann).

  --pgp2 also means --disable-mdc, --no-ask-sig-expire, and
  --no-ask-cert-expire.  It does not mean --no-force-v3-sigs (noted by
  Timo).
2002-04-03 14:57:44 +00:00
David Shaw
0f682ed3f7 Fix ownertrust display with --with-colons.
Properly initialize the user ID refcount for user and photo IDs.

Tweak a few prompts to change "y/n" to "y/N", which is how most other
prompts are written.

Warn the user if they are about to revoke an expired sig (not a problem,
but they should know).

Control-d escapes the keyserver search prompt.

If a subkey is considered revoked solely because the parent key is
revoked, print the revocation reason from the parent key.

Allow revocation/expiration to apply to a uid/key with no entry in the
trustdb.
2002-03-31 23:51:33 +00:00
David Shaw
1ca0a0ac0b Some gnupg.spec.in changes for RPM builds: Added the gpgkeys_xxx keyserver
helpers.  Added a * to catch variations on the basic gpg man page (gpg,
gpgv).  Mark options.skel as a config file.  Do not include the
FAQ/faq.html twice (in /doc/ and /share/).
2002-03-31 21:42:38 +00:00
David Shaw
9fb6cae5e4 Quote and unquote backslashes from keyserver search responses. 2002-03-29 16:58:07 +00:00
David Shaw
47c8a325f5 If a delimiter is used, then quote the backslash character as well.
Problem noted by Rainer Perske.
2002-03-29 16:52:07 +00:00
David Shaw
d56fb26c55 Quote backslashes in keyserver search responses 2002-03-29 16:26:33 +00:00
Werner Koch
5fe15dfeb5 Added some notes about the colon list mode in gpgsm 2002-03-28 16:37:39 +00:00
David Shaw
84dc3fee79 Add a few notes about --pgp2 meaning MIT PGP 2.6.2, and keyserver details
about HKP and NAI HKP to the manual.
2002-03-27 06:24:26 +00:00
David Shaw
ff8460f20d Minor tweak to importing to allow more non-signed uids (now that
--allow-non-selfsigned-uid allows for completey unsigned uids).

Do not choose an attribute packet (i.e. photo) as primary uid.  This
prevents oddities like "Good signature from [image of size 2671]".  This
is still not perfect (one can still select an attribute packet as primary
in --edit), but is closer to the way the draft is going.

The algorithms list should include #110.

--pgp2 implies --no-ask-sig-expire and --no-ask-cert-expire as those would
cause a v4 sig/cert.

Be more lenient in what constitutes a valid armor header (i.e. -----BEGIN
blah blah-----) as some Windows programs seem to add spaces at the end.
--openpgp makes it strict again
2002-03-24 04:54:58 +00:00
David Shaw
d5a39044ef Add some comments 2002-03-19 13:53:26 +00:00
David Shaw
162dbff533 Change meaning of --allow-non-selfsigned-uid to match change in code, and
add --no-allow-non-selfsigned-uid.
2002-03-19 04:37:41 +00:00
David Shaw
46ce06d9d9 Properly handle a "no keys found" case from the internal HKP code
(external HKP is ok). Also, make a COUNT -1 (i.e. streamed) keyserver
response a little more efficient.

Add --no-allow-non-selfsigned-uid
2002-03-19 04:35:45 +00:00
David Shaw
b8858a3ef1 --openpgp implies --allow-non-selfsigned-uid
If none of the uids are primary (because none are valid) then pick the
first to be primary (but still invalid).  This is for cosmetics in case
some display needs to print a user ID from a non-selfsigned key.  Also use
--allow-non-selfsigned-uid to make such a key valid and not
--always-trust.  The key is *not* automatically trusted via
--allow-non-selfsigned-uid.

Make sure non-selfsigned uids print [uncertain] on verification even
though one is primary now.

If the main key is not valid, then neither are the subkeys.

Allow --allow-non-selfsigned-uid to work on completely unsigned keys.
Print the uids in UTF8.  Remove mark_non_selfsigned_uids_valid()

Show revocation key as UTF8.

Allow --not-dash-escaped to work with v3 keys.
2002-03-17 23:47:32 +00:00
David Shaw
8cb9dd7a39 Show which user ID a bad self-sig (invald sig or unsupported public key
algorithm) resides on.
2002-03-13 20:20:14 +00:00
David Shaw
22bc1b3a5e any valid self-sig should mark a user ID or subkey as valid - otherwise,
an attacker could DoS the user by inventing a bogus invalid
self-signature.
2002-03-13 13:28:18 +00:00
Werner Koch
bcf95b1d25 * faq.raw: Due to a lack of time Nils can't serve anymore as a
maintainer.  Removed his address and setup a generic address.
2002-03-13 07:31:43 +00:00
Werner Koch
6c1f79a654 Merged changes from zlib 1.1.4. 2002-03-12 09:34:29 +00:00
David Shaw
f8f52d8ffe Some minor fixes for revocation keys: print a warning if a key is imported
that has been revoked by designated revoker, but the designated revoker is
not present to verify the revocation (whew!).  This applies to all ways to
get a key into the system: --import --recv-keys, and --search-keys.  If
auto-key-retrieve is set, try and retrieve the revocation key.

Also, auto-key-retrieve is now a keyserver-option.
2002-03-07 19:44:57 +00:00
Werner Koch
c027e8610b * gpg.sgml: Add an entry for --export-ownertrust. Suggested by
Bernhard Reiter.
* configure.ac (ALL_LINGUAS): s/pt_PT/pt/
2002-03-06 11:10:13 +00:00
Werner Koch
8332b7d1b1 * pt_PT.po: Removed.
* pt.po: and replaced by this updated one.  My machine voted 30 to
2 for just pt.  So we go with the crowd.  Thanks for Pedro Morais
for suggesting this.
2002-03-06 11:09:41 +00:00
David Shaw
9267666d78 Some minor bug fixes.
do not prompt for revocation reason for v3 revocations (unless
force-v4-certs is on) since they wouldn't be used anyway.

show the status of the sigs (exportable? revocable?) to the user before
prompting for which sig to revoke.  Also, make sure that local signatures
get local revocations.

Add "exec-path" variable to override PATH for execing programs.

properly check return code from classify_user_id to catch unclassifiable
keys.
2002-03-05 04:57:10 +00:00
David Shaw
bbf4faae1a Alwayus define _GNU_SOURCE. Since this is always defined in config.h, the
various autoconf tests should be tested with it enabled.  This also works
around a compiler warning caused by a minor header bug in glibc 2.1 that
causes fseeko to be defined when building gpg, but not when tested for in
configure
2002-03-05 04:48:29 +00:00
David Shaw
975e934a4c variable type tweak for RISC OS (from Stefan) 2002-03-04 03:18:07 +00:00
Werner Koch
c4ce7ce3e8 bumped version number 2002-03-03 15:04:50 +00:00
Werner Koch
1bc0c20edd *** empty log message *** SNAP-1-0-6d 2002-03-03 15:01:05 +00:00
Werner Koch
6669a3f09a released 1.0.6d 2002-03-03 14:59:43 +00:00
Werner Koch
6587b15a59 Solved conflict 2002-03-03 14:08:39 +00:00
David Shaw
fbc66185f8 This is the first half of revocation key / designated revoker
support.  That is, it handles all the data to mark a key as revoked if it
has been revoked by a designated revoker.  The second half (coming
later) will contain the code to make someones key your designated revoker
and to issue revocations for someone else.

Note that this is written so that a revoked revoker can still issue
revocations: i.e. If A revokes B, but A is revoked, B is still revoked.
I'm not completely convinced this is the proper behavior, but it matches
how PGP does it.  It does at least have the advantage of much simpler code
- my first version of this had lots of loop maintaining code so you could
chain revokers many levels deep and if D was revoked, C was not, which
meant that B was, and so on. It was sort of scary, actually.

This also changes importing to allow bringing in more revocation keys, and
exporting to not export revocation keys marked "sensitive".

The --edit menu information will show if a revocation key is present.
2002-02-28 21:01:25 +00:00
Timo Schulz
6be293e24b * http.c (write_server): Convert integer to a HANDLE for W32.
Usually there should be no problem, but maybe this is not true
for all W32 versions (2K, NT, XP, ME).
2002-02-28 19:28:27 +00:00
David Shaw
20dda47d6c Do not include v3 keys in a --export-secret-subkeys export. 2002-02-28 04:34:01 +00:00
David Shaw
8ed6d59a6c If a key isn't valid (say, because of no self-signature), allow
--always-trust to force it valid so it can be trusted.
2002-02-27 14:27:18 +00:00
David Shaw
6deb95687d Treat key lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it).  Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.

Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
2002-02-26 01:00:12 +00:00
David Shaw
3720c5b008 LDAP keyservers do not support v3 fingerprints, so error out if someone
tries.  Actually, they don't support any fingerprints, but at least we can
calculate a keyid from a v4 fingerprint.
2002-02-26 00:55:19 +00:00
David Shaw
070f1cba5d Clarify the notion of a partial failure. This is possible if more than
one key is being handled in a batch, and one fails while the other
succeeds.  Note that a search that comes up with no results is not a
failure - that is a valid response of "no answer".

Allow GnuPG to send us full v4 fingerprints, long key ids, or short key
ids while fetching. Since the LDAP server doesn't actually handle
fingerprints, chop them down to long key ids for actual use.

When searching for a keyid, search for subkeys as well as primary keys.
This is mostly significant when automatically fetching the key based on
the id in a header (i.e. "signature made by....").  "no-include-subkeys"
disables.
2002-02-23 15:42:15 +00:00
David Shaw
393ba4f8a7 Detect a "no keys found" case even if the keyserver helper program does
not explicitly say how many keys were found.

Bug fix - don't report non-revoked keys as revoked in HKP key searches.
2002-02-22 03:11:15 +00:00
David Shaw
8ac8b1525e Catch corruption in HKP index lines (can be caused by broken or malicious
keyservers).

Add KEYSERVER_NOT_SUPPORTED for unsupported actions (say, a keyserver that
has no way to search, or a readonly keyserver that has no way to add).
Also add a USE_EXTERNAL_HKP define to disable the internal HKP keyserver
code.
2002-02-19 23:10:32 +00:00
David Shaw
3d8e692e2a Fix compiler warning. 2002-02-14 22:52:30 +00:00
David Shaw
c5f838a968 Be much more robust with mangled input files. 2002-02-14 19:33:47 +00:00
Werner Koch
3034b6752e doc fixes 2002-02-14 11:51:34 +00:00
Werner Koch
69688eab52 * pkclist.c (check_signatures_trust): Always print the warning for
unknown and undefined trust.  Removed the did_add cruft.  Reported
by Janusz A. Urbanowicz.
* g10.c: New option --no-use-agent.
Hmmm, is this a a good name?  --do-not-use-agent seems a bit to long.
2002-02-14 11:51:00 +00:00
Werner Koch
05705bcb1c * random.c (mix_pool): Removed the failsafe stuff again. It makes
the code more complicate and may give the path to more bugs.
2002-02-14 11:47:32 +00:00
David Shaw
dca36f6252 Bug fix - properly handle user IDs with colons (":") in them while HKP
searching.
2002-02-12 04:38:58 +00:00
Werner Koch
35aec9eee2 * random.c (add_randomness): Xor new data into the pool and not
just copy it.  This avoids any choosen input attacks which are not
serious in our setting because an outsider won't be able to mix
data in and even then we keep going with a PRNG.  Thanks to Stefan
Keller for pointing this out.
* random.c (mix_pool): Carry an extra failsafe_digest buffer
around to make the function more robust.
2002-02-10 21:34:27 +00:00
David Shaw
22f32c9472 For --sig-policy-url and --cert-policy-url, clarify what is a sig and what
is a cert.  A sig has sigclass 0x00, 0x01, 0x02, or 0x40, and everything
else is a cert.

Add a "nrlsign" for nonrevocable and local key signatures.

Add a --no-force-mdc to undo --force-mdc.

Add a knob to force --disable-mdc/--no-disable-mdc.  Off by default, of
course, but is used in --pgp2 and --pgp6 modes.

Allow specifying multiple users in the "Enter the user ID" loop.  Enter a
blank line to stop.  Show each key+id as it is added.

It is not illegal (though possibly silly) to have multiple policy URLs in
a given signature, so print all that are present.

More efficient implementation of URL-ifying code for --search on an HKP
keyserver.
2002-02-10 00:18:54 +00:00
David Shaw
9057172a92 Allow policy URLs with %-expandos in them. This allows policy URLs like
"http://notary.jabberwocky.com/keysign/%K" to create a per-signature
policy URL.  Use the new generic %-handler for the photo ID stuff as well.

Display policy URLs and notations during signature generation if
--show-policy-url/--show-notation is set.
2002-02-05 00:04:24 +00:00
David Shaw
02fe4b0185 Workaround for the pksd and OKS keyserver bug that calculates v4 RSA
keyids as if they were v3.  The workaround/hack is to fetch both the v4
(e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids.  This only happens for key
refresh while using the HKP scheme and the refresh-add-fake-v3-keyids
keyserver option must be set.  This should stay off by default.
2002-02-04 21:49:08 +00:00