David Shaw
b9f1815947
* keygen.c (proc_parameter_file): Default key and subkey usage flags to
...
algo capabilities if parameter file doesn't specify them. Noted by Timo
Schulz.
2005-10-26 16:09:23 +00:00
Werner Koch
c8571979ef
Fixed minor card related bugs and enhanced status messages
2005-10-18 17:41:20 +00:00
Werner Koch
9b7f1f6976
exported subkeys are now merged into one output keyblock
2005-10-17 17:21:15 +00:00
David Shaw
6c4e740a59
* keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
...
add 0x19 backsigs to old keys that don't have them.
* misc.c (parse_options): Fix build warning.
* main.h, keygen.c (make_backsig): Make public.
2005-10-14 04:07:13 +00:00
David Shaw
094a7ab401
* options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
...
(signature_check2): Add --require-backsigs and --no-require-backsigs.
Currently defaults to --no-require-backsigs.
2005-10-12 20:44:24 +00:00
David Shaw
47433adaa5
* getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
...
keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks. All is well, so I'm turning generation of backsigs on for new
keys. Checking for backsigs on verification is still off.
2005-10-11 22:13:49 +00:00
Werner Koch
02aefe3866
Yet another fix for the gpg.c rename
2005-10-06 10:38:23 +00:00
Werner Koch
3470697e72
Fixes for the g10.c -> gpg.c renamed
2005-10-05 18:22:36 +00:00
Werner Koch
bd1df0119c
Renamed g10.c to gpg.c
...
Filelength fixes for W32.
2005-10-05 16:58:50 +00:00
Werner Koch
d0b9ff171d
* mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
...
prompt.
2005-09-20 08:19:50 +00:00
David Shaw
8e17d6437d
* keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute
...
IDs as well as regular text IDs.
* plaintext.c (ask_for_detached_datafile): Use make_filename() on
filename so tilde expansion works.
2005-09-20 03:34:32 +00:00
David Shaw
4afa18bcaa
* main.h, misc.c (parse_options): Add the ability to have help
...
strings in xxx-options commands.
* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
2005-09-14 22:31:21 +00:00
David Shaw
65566b5633
* keyedit.c (show_names): Moved name display code out from
...
show_key_with_all_names. (keyedit_menu): Call it here for pref and
showpref so they can show only the selected user ID. Suggested by
Timo Schulz.
2005-09-10 16:50:41 +00:00
Werner Koch
b4b9f891e2
Updated card stuff to support T=0 cards.
2005-09-07 17:05:42 +00:00
Werner Koch
9a2a2904cc
Add "help" sub option to --*-options.
2005-09-07 15:53:03 +00:00
David Shaw
039c27f153
* parse-packet.c (enum_sig_subpkt, parse_signature,
...
parse_attribute_subpkts): Make a number of warnings verbose items.
These fire on many slightly mangled keys in the field, so the
warning is becoming burdensome.
2005-09-02 19:23:33 +00:00
David Shaw
be8543812d
* photoid.h, photoid.c (generate_photo_id): Allow passing in a
...
suggested filename.
* keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto
filename" works.
2005-09-01 20:51:13 +00:00
David Shaw
187eaf0665
* photoid.c (generate_photo_id): Enable readline completion and tilde
...
expansion for the JPEG prompt.
2005-08-31 18:40:39 +00:00
David Shaw
f74282bee0
* misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing
...
algorithms.
* keyedit.c (sign_uids): Don't request a signing key to make a
certification.
* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?) (print_key_flags): Show certify flag. (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
2005-08-27 03:09:40 +00:00
David Shaw
752d64bffc
* keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.
...
Suggested by Michael Schierl.
2005-08-27 02:56:51 +00:00
David Shaw
24adfe678d
* Makefile.am: No need to link with curl any longer.
...
* main.h, misc.c (path_access): New. Same as access() but does a PATH
search like execlp.
* keyserver.c (curl_can_handle): Removed. Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort. This is necessary because PGP LDAP and curl LDAP are apples
and oranges. (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.
2005-08-21 20:58:46 +00:00
David Shaw
2e8c02b54b
* exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read):
...
Minor cleanup to use bitfield flags instead of a bunch of integers.
2005-08-21 14:20:27 +00:00
David Shaw
5cb51422f9
* g10.c (main): Add aliases sign-with->local-user and user->recipient
...
to make switching from PGP command line to GPG easier.
2005-08-20 19:38:45 +00:00
David Shaw
bd146d5fcc
* options.skel: Remove the surfnet LDAP keyserver from the list of
...
samples since it is being shut down.
* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.
2005-08-19 13:37:47 +00:00
David Shaw
9536012034
Missed keydb.h entry for set_passphrase_from_string
2005-08-06 21:17:11 +00:00
David Shaw
82bee9c68a
* g10.c (main), passphrase.c (set_passphrase_from_string): New
...
--passphrase command line option. Only useful in very special
circumstances.
2005-08-05 19:54:06 +00:00
Werner Koch
2ce542ad52
auto retrieve keys from PKA. Thsi allows to specify an email address
...
so that gpg can get the key from DNS. This helps with opportunistic
encryption. No integration with the trust modell yet.
2005-08-05 14:46:59 +00:00
David Shaw
533bc3e813
* keygen.c (proc_parameter_file): Sanity check items in keygen batch
...
file. Noted by Michael Schierl.
2005-08-05 03:30:13 +00:00
David Shaw
c765d1ee0c
* pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0.
...
Noted by Michael Schierl.
2005-08-05 02:03:12 +00:00
David Shaw
a4563ecd19
* keygen.c (write_keyblock): Don't try and build deleted kbnodes since
...
we start our tree with one.
2005-08-04 21:41:11 +00:00
David Shaw
5ce7563171
Revert bad patch.
2005-08-04 21:39:43 +00:00
David Shaw
bf4728992f
* keygen.c (start_tree): Need to use an actual packet type (which we
...
can then delete) to start the tree.
2005-08-04 20:48:13 +00:00
Werner Koch
cd4c621017
Fixes pertaining to revocation creation with subkey-only exported card keys
2005-08-04 09:53:21 +00:00
Werner Koch
986a137c58
Implemented PKA trust model
2005-07-28 18:59:36 +00:00
Werner Koch
a1cdf3c75f
Converted all m_free to xfree etc.
2005-07-27 18:10:56 +00:00
David Shaw
efea9c3ce1
* keyserver.c (keyserver_typemap): Special-case LDAP since curl will
...
report that it can handle it, and we don't want it to.
2005-07-27 01:24:57 +00:00
Werner Koch
a7ea40e4f8
* passphrase.c (agent_get_passphrase): Make sure to release the
...
saved codeset.
(agent_open): Add arg ORIG_CODESET and switch back to it in case
of error. Changed all callers.
* zh_TW.po, fr.po, cs.po: Updated.
2005-07-26 19:08:11 +00:00
Werner Koch
862652ebe1
Preparing a release
2005-07-26 15:41:04 +00:00
David Shaw
99c80f8c39
* keyedit.c (sign_uids): Don't prompt for setting signature expiry to
...
match key expiry unless --ask-cert-expire is set. Suggested by Peter
Palfrader.
2005-07-22 16:42:48 +00:00
Werner Koch
a486501c0b
* gpg.sgml (http):
...
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
2005-07-22 16:28:40 +00:00
David Shaw
04b9cec18f
* options.h, g10.c (main), keyedit.c (keyedit_menu): Use --interactive
...
to enable the uid walking when signing a key with no uids specified to
sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
2005-07-22 12:52:34 +00:00
David Shaw
a918d63fd5
* keyserver.c (curl_can_handle): New. Do a runtime check against libcurl
...
to see if it can handle a particular protocol. (keyserver_typemap): Call
it here.
* Makefile.am: Pull in libcurl for curl_version_info() if used.
2005-07-20 21:15:04 +00:00
Werner Koch
a0b4f40301
* g10.c, options.h: New option --limit-card-insert-tries.
...
* cardglue.c (open_card): Use it.
2005-07-19 12:14:39 +00:00
Werner Koch
730247b19e
* configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
...
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.
* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
2005-07-19 08:50:28 +00:00
Werner Koch
6dc5a11997
* tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols.
...
* ttyio.c (do_get): Move printing of the prompt after disabling
echo. Suggested by Scott Worley.
2005-07-18 17:58:25 +00:00
David Shaw
8238e7698b
* trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around
...
when compacting a uid. There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.
* keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed.
* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed). This allows
importing compacted uids.
2005-07-09 02:34:04 +00:00
David Shaw
c66eeec3c6
* keygen.c (save_unprotected_key_to_card): Better fix for gcc4 warning.
2005-06-20 17:32:09 +00:00
Werner Koch
2d2e2e74b8
* gpg.sgml: Document smartcard related options.
...
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
2005-06-20 17:03:27 +00:00
Werner Koch
059d159657
(parse_signature): Use log_info for messages
...
about missing timestamp or keyid. In case we don't use that key
there won't be no further error and thus gpg does not need to
return with an error.
2005-06-18 11:49:50 +00:00
David Shaw
07e9d532b1
* keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.
...
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing. Like import-clean-sigs, this may nodify the local keyring.
* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
2005-06-14 03:55:19 +00:00