1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

119 Commits

Author SHA1 Message Date
Werner Koch
cd59cb1d64 Added a copyright year for files changed this year. 2002-04-29 14:42:34 +00:00
David Shaw
3b97ac9ef8 * keygen.c (generate_subkeypair): 2440bis04 adds that creating subkeys on
v3 keys is a MUST NOT.

* getkey.c (finish_lookup): The --pgp6 "use the primary key" behavior
should only apply while data signing and not encryption. Noted by Roger
Sondermann.
2002-04-20 11:57:35 +00:00
David Shaw
c07113d265 * trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable
signatures that can expire.  In short, the only thing that can override an
unexpired nonrevocable signature is another unexpired nonrevocable
signature.

* getkey.c (finish_lookup): Always use primary signing key for signatures
when --pgp6 is on since pgp6 and 7 do not understand signatures made by
signing subkeys.
2002-04-18 18:23:22 +00:00
Werner Koch
bf7cef8ebf * getkey.c (lookup): Advance the searchmode after a search FIRST. 2002-04-18 10:50:05 +00:00
Werner Koch
ad2bfad4cc * getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
for use with secret keys.

* seckey-cert.c (do_check): Always calculate the old checksum for
use after unprotection.

* g10.c, options.skel: New option --no-escape-from.  Made
--escape-from and --force-v3-sigs the default and removed them
from the options skeleton.
2002-04-18 08:09:56 +00:00
David Shaw
9ef1a80f8d * parse-packet.c (parse_signature): Minor fix - signatures should expire
at their expiration time and not one second later.

* keygen.c (proc_parameter_file): Allow specifying preferences string
(i.e. "s5 s2 z1 z2", etc) in a batchmode key generation file.

* keyedit.c (keyedit_menu): Print standard error message when signing a
revoked key (no new translation).

* getkey.c (merge_selfsigs): Get the default set of key prefs from the
real (not attribute) primary uid.
2002-04-14 01:27:11 +00:00
David Shaw
018f352294 * misc.c (pct_expando), options.skel: Use %t to indicate type of a photo
ID (in this version, it's always "jpeg").  Also tweak string expansion
loop to minimize reallocs.

* mainproc.c (do_check_sig): Variable type fix.

* keyedit.c (menu_set_primary_uid): Differentiate between true user IDs
and attribute user IDs when making one of them primary. That is, if we are
making a user ID primary, we alter user IDs. If we are making an attribute
packet primary, we alter attribute packets.  This matches the language in
the latest attribute packet draft.

* keyedit.c (sign_uids): No need for the empty string hack.

* getkey.c (fixup_uidnode): Only accept preferences from the hashed
segment of the self-sig.
2002-04-11 04:04:41 +00:00
David Shaw
ff8460f20d Minor tweak to importing to allow more non-signed uids (now that
--allow-non-selfsigned-uid allows for completey unsigned uids).

Do not choose an attribute packet (i.e. photo) as primary uid.  This
prevents oddities like "Good signature from [image of size 2671]".  This
is still not perfect (one can still select an attribute packet as primary
in --edit), but is closer to the way the draft is going.

The algorithms list should include #110.

--pgp2 implies --no-ask-sig-expire and --no-ask-cert-expire as those would
cause a v4 sig/cert.

Be more lenient in what constitutes a valid armor header (i.e. -----BEGIN
blah blah-----) as some Windows programs seem to add spaces at the end.
--openpgp makes it strict again
2002-03-24 04:54:58 +00:00
David Shaw
b8858a3ef1 --openpgp implies --allow-non-selfsigned-uid
If none of the uids are primary (because none are valid) then pick the
first to be primary (but still invalid).  This is for cosmetics in case
some display needs to print a user ID from a non-selfsigned key.  Also use
--allow-non-selfsigned-uid to make such a key valid and not
--always-trust.  The key is *not* automatically trusted via
--allow-non-selfsigned-uid.

Make sure non-selfsigned uids print [uncertain] on verification even
though one is primary now.

If the main key is not valid, then neither are the subkeys.

Allow --allow-non-selfsigned-uid to work on completely unsigned keys.
Print the uids in UTF8.  Remove mark_non_selfsigned_uids_valid()

Show revocation key as UTF8.

Allow --not-dash-escaped to work with v3 keys.
2002-03-17 23:47:32 +00:00
David Shaw
fbc66185f8 This is the first half of revocation key / designated revoker
support.  That is, it handles all the data to mark a key as revoked if it
has been revoked by a designated revoker.  The second half (coming
later) will contain the code to make someones key your designated revoker
and to issue revocations for someone else.

Note that this is written so that a revoked revoker can still issue
revocations: i.e. If A revokes B, but A is revoked, B is still revoked.
I'm not completely convinced this is the proper behavior, but it matches
how PGP does it.  It does at least have the advantage of much simpler code
- my first version of this had lots of loop maintaining code so you could
chain revokers many levels deep and if D was revoked, C was not, which
meant that B was, and so on. It was sort of scary, actually.

This also changes importing to allow bringing in more revocation keys, and
exporting to not export revocation keys marked "sensitive".

The --edit menu information will show if a revocation key is present.
2002-02-28 21:01:25 +00:00
David Shaw
8ed6d59a6c If a key isn't valid (say, because of no self-signature), allow
--always-trust to force it valid so it can be trusted.
2002-02-27 14:27:18 +00:00
David Shaw
6deb95687d Treat key lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it).  Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.

Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
2002-02-26 01:00:12 +00:00
David Shaw
1dbd67b96a Some compatibility polish for PGP2. Add a fake IDEA preference for v3
keys (this is in the RFC), so that they can be (sometimes) used along
OpenPGP keys.  Do not force using IDEA on an OpenPGP key, as this may
violate its prefs.
Also, revise the help text for the sig class explanation.
2002-01-22 20:39:10 +00:00
David Shaw
7997bba7a9 fix off-by-one in building attribute subpackets
change default compression to 1
add ask-sig-expire and ask-cert-expire (--expert was getting absurdly
overloaded)
permit v3 subkeys
use --expert to protect adding multiple photo ids and adding photos to a
v3 key
2002-01-06 03:52:14 +00:00
Werner Koch
ab430c4b24 * keyserver.c (keyserver_spawn): Removed some variables
declaration due to shadowing warnings.
* build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid
compiler warnig due to index(3).
* getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value.
* keylist.c (list_one): Made resname const.
* keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is
not used.
* options.skel: Changed one example photo viewer to qiv.
2001-12-22 13:04:24 +00:00
Werner Koch
ca1bc23ef2 * g10.c. options.h : New option --show-keyring
* getkey.c (get_ctx_handle): New.
* keylist.c (list_one): Implement option here.  By David Champion.
2001-12-21 20:08:51 +00:00
David Shaw
ebd148e553 Bug fix in "showpref"
Allow setting a no-compression preference
2001-12-07 00:57:50 +00:00
Werner Koch
ebf6b8a515 calculate time of next trustdb check 2001-09-28 17:00:00 +00:00
Werner Koch
52be6a8aef completed the new key validation code 2001-09-26 12:49:10 +00:00
Werner Koch
9a5c0fd75a made keylisting faster 2001-09-25 18:47:49 +00:00
Werner Koch
a3af543617 Revamped the trustDB 2001-09-24 16:03:14 +00:00
Werner Koch
cf477d0908 Bug fixes and Timo's patches 2001-09-19 14:25:05 +00:00
Werner Koch
d4cd7a3d4b more bug fixesand some warning cleanups 2001-09-09 16:09:19 +00:00
Werner Koch
2874670be9 Last changes before 1.0.6a snapshot release 2001-09-07 11:40:19 +00:00
Werner Koch
59334400a1 fixed a stupid C error 2001-09-07 07:57:51 +00:00
Werner Koch
ed17c7afd0 Revamped the keyring code 2001-09-06 17:10:00 +00:00
Werner Koch
bab40b52cd MDC feature support and other stuff 2001-08-30 16:39:23 +00:00
Werner Koch
dc718d704f Revamped preference handling 2001-08-10 14:04:32 +00:00
Werner Koch
aa9da2b07e reworked the way hased data is stored and added a "primary" command
DCVS: ----------------------------------------------------------------------
2001-08-09 09:34:25 +00:00
Werner Koch
dce4566802 Changed lsign behaviour, allow future subkeys, don't list revoked keys 2001-08-01 10:30:24 +00:00
Werner Koch
6732700743 migration to autoconf 2.52 and bugfixes 2001-07-26 09:37:47 +00:00
Werner Koch
ae78aed6b6 one debian bug fixed 2001-06-16 11:09:29 +00:00
Werner Koch
01fe1dd2a9 Fix for toupper('I') != 'i' 2001-06-12 18:42:40 +00:00
Werner Koch
e354b518d3 just released another snapshot 2001-05-28 12:46:28 +00:00
Werner Koch
7bf54c22e9 last hour fixes. 2001-04-28 10:43:25 +00:00
Werner Koch
feb2b1914d Fixed translation issue 2001-04-24 14:22:48 +00:00
Werner Koch
64ddc393e1 Estonian translation, .texi man pages. 2001-04-17 16:20:32 +00:00
Werner Koch
c9e908e734 Improved pipemode and tweaked handling of multiple signatures. 2001-04-05 12:21:43 +00:00
Werner Koch
355c76352a Made genkey work again. 2001-03-27 11:14:22 +00:00
Werner Koch
e2c88461fc Fixed a bugs; e.g. in --list-secret-keys 2001-03-27 09:23:14 +00:00
Werner Koch
19ea3e3d99 Key listing cleanup 2001-03-13 17:32:28 +00:00
Werner Koch
5e79cb47e0 worked on solving some bugs 2001-03-12 20:21:50 +00:00
Werner Koch
be06120679 Changed and added copyright notices 2001-03-08 14:33:24 +00:00
Werner Koch
88761d49bc Changed the implementation of iobuf to avoid stdio calls. 2001-03-07 20:03:45 +00:00
Werner Koch
fbbcb797c5 Fixed the new key selection code 2001-03-03 16:17:55 +00:00
Werner Koch
4c316cb9b5 Fixed some bugs in the selection code 2001-02-08 20:59:58 +00:00
Werner Koch
2af87f8829 Backported getkey.c from 1.1 2001-02-08 16:28:28 +00:00
Werner Koch
0f10fea8da See ChangeLog: Thu Sep 14 17:45:11 CEST 2000 Werner Koch 2000-09-14 15:45:03 +00:00
Werner Koch
64009cd745 See ChangeLog: Fri May 12 14:01:20 CEST 2000 Werner Koch 2000-05-12 11:59:49 +00:00
Werner Koch
9409147179 See ChangeLog: Mon May 1 15:38:04 CEST 2000 Werner Koch 2000-05-01 13:31:38 +00:00