1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-24 10:39:57 +01:00

404 Commits

Author SHA1 Message Date
David Shaw
f4a70a3dd4 * pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove unused
code.
2003-04-04 22:45:22 +00:00
David Shaw
30a3c7b2b6 * keydb.h: Err on the side of making an unknown signature a SIG rather
than a CERT.

* import.c (delete_inv_parts): Discard any key signatures that aren't key
types (i.e. 0x00, 0x01, etc.)
2003-03-24 17:26:09 +00:00
Werner Koch
a6d00a753c * configure.ac: Test for ranlib and ar.
* Makefile.am: Make use of AM_CFLAGS and AM_LDFLAGS.
2003-03-24 08:45:24 +00:00
David Shaw
27174e551e * status.c (do_get_from_fd): Accept 'y' as well as 'Y' for --command-fd
boolean input.

* g10.c (main): Add deprecated option warning for --list-ownertrust.  Add
--compression-algo alias for --compress-algo.  Change --version output
strings to match "showpref" strings, and make translatable.
2003-03-21 22:55:48 +00:00
Werner Koch
a73a76b34e * compress.c (init_uncompress): Use a 15 bit window size so that
the output of implementations which don't run for PGP 2
compatibility won't get garbled.
2003-03-10 09:59:54 +00:00
David Shaw
1dc153dfd2 * passphrase.c (agent_get_passphrase): Fix memory leak with symmetric
messages.  Fix segfault with symmetric messages.  Fix incorrect prompt
with symmetric messages.
2003-03-05 15:34:42 +00:00
David Shaw
034bbc759f * options.skel: Add explantion and commented-out
"no-mangle-dos-filenames".

* mainproc.c (proc_encrypted): Make string translatable.

* keygen.c (keygen_set_std_prefs): Include AES192, and AES256 in default
prefs.
2003-03-04 14:24:41 +00:00
David Shaw
208509950c * keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the
signature caches to prevent another gpg from tampering with the temporary
copy.

* keydb.c: Double the maximum number of keyrings to 40.

* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations.  Fix cosmetic off-by-one length counter.
2003-03-03 20:27:02 +00:00
Timo Schulz
16c925f68a 2003-03-02 Timo Schulz <twoaday@freakmail.de>
* seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when
        the cipher algo is IDEA to make it easier to track down the problem.
2003-03-02 11:58:24 +00:00
David Shaw
8655a545af * trustdb.c (validate_keys): Mask the ownertrust when building the list of
fully valid keys so that disabled keys are still counted in the web of
trust.

* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.

* g10.c (main): Use 3DES for the s2k cipher in --openpgp mode. Double the
amount of secure memory to 32k (keys are getting bigger these days).
2003-02-26 20:40:34 +00:00
David Shaw
9a80333f49 * g10.c (main): --openpgp disables --pgpX.
* keyedit.c (show_prefs): Make strings translatable.
2003-02-23 00:07:00 +00:00
David Shaw
fde4e0badb * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-02-19 18:26:40 +00:00
David Shaw
651b713d12 * sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF
(segfault).  Noted by Marcus Brinkmann.  Push and reinitialize textmode
filter for each file in a multiple file list.
2003-02-13 02:26:45 +00:00
David Shaw
4eafcfb13b * g10.c (print_mds): Check that SHA384 and 512 are available before using
them as they are no longer always available.

* exec.c (set_exec_path): Add debugging line.

* Makefile.am: Use the more correct @PACKAGE@ rather than "gnupg".
2003-02-11 15:05:33 +00:00
David Shaw
e2963095c0 * Makefile.am: Pass GNUPG_LIBEXECDIR as part of CFLAGS so it can be easily
overridden at make time.
2003-02-06 21:23:02 +00:00
David Shaw
d52392f9e1 * g10.c (print_hex, print_mds): Print long hash strings a lot neater.
This assumes at least an 80-character display, as there are a few other
similar assumptions here and there.  Users who need unformatted hashes can
still use with-colons.
2003-02-05 16:22:30 +00:00
David Shaw
443e083f4a * armor.c (parse_hash_header, armor_filter): Accept the new SHAs in the
armor Hash: header.

* g10.c (print_hex): Print long hash strings a little neater. (print_mds):
Add the new SHAs to the hash list.
2003-02-04 18:59:22 +00:00
David Shaw
3a8ad7e8dc * keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on a v4 key
(treat as a v4 revocation).

* keyedit.c (keyedit_menu, menu_revuid): Backport "revuid" from devel.

* import.c (print_import_check): Do not re-utf8 convert user IDs.

* status.h, status.c (get_status_string), import.c (import_one,
print_import_check): Backport Timo's IMPORT_CHECK status message from
devel.
2003-02-02 15:28:47 +00:00
David Shaw
ae4ef70783 * g10.c (add_group): Trim whitespace after a group name so it does not
matter where the user puts the = sign.
2003-01-16 19:09:04 +00:00
David Shaw
be85ae8f1f * options.skel: Comment out the first three lines in case someone manually
copies the skel file to their homedir.
2003-01-16 16:00:08 +00:00
David Shaw
9f65d8673e * sign.c (clearsign_file): Only use pgp2mode with v3 keys and MD5. This
matches what we do when decoding such messages and prevents creating a
message (v3+RIPEMD/160) that we can't verify.
2003-01-15 20:07:23 +00:00
David Shaw
3c90faa761 * sig-check.c (signature_check2): Use G10ERR_GENERAL as the error for
signature digest conflict.  BAD_SIGN implies that a signature was checked
and we may try and print out a user ID for a key that doesn't exist.
2003-01-15 02:52:57 +00:00
Werner Koch
631eed9c64 * g10.c (add_group): Fixed group parsing to allow more than one
delimiter in a row and also allow tab as delimiter.
2003-01-14 09:32:46 +00:00
David Shaw
d65d805aad * tdbio.c (tdbio_set_dbname): Fix assertion failure with
non-fully-qualified trustdb names.
2003-01-12 15:08:16 +00:00
David Shaw
97e93b7e18 * trustdb.h, trustdb.c (trust_letter): Make static. (get_ownertrust_info,
get_validity_info): Don't mask the trust level twice.

* armor.c (armor_filter): Comment about PGP's end of line tab problem.
2003-01-10 16:46:18 +00:00
David Shaw
e81bae94cb * packet.h, pkclist.c (build_pk_list), free-packet.c
(release_public_key_parts): Remove unused namehash element for public
keys.

* trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info): Pass a
user ID in rather than a namehash, so we only have to do the hashing in
one place.
2003-01-09 04:04:55 +00:00
Werner Koch
8602e35feb Preparing a release candidate. 2003-01-07 10:05:38 +00:00
David Shaw
eb6c0aa2be * packet.h, tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record),
trustdb.c (update_validity): Store temporary full & marginal counts in the
trustdb. (clear_validity, get_validity_counts): Return and clear temp
counts. (store_validation_status): Keep track of which keyids have been
stored. (validate_one_keyblock, validate_key_list): Use per-uid copies of
the full & marginal counts so they can be recalled for multiple levels.
(validate_keys): Only use unused keys for each new round.
(reset_unconnected_keys): Rename to reset_trust_records, and only skip
specifically excluded records.
2003-01-06 22:32:20 +00:00
David Shaw
fad1d22621 * keylist.c (print_capabilities): Show 'D' for disabled keys in
capabilities section.

* trustdb.c (is_disabled): Remove incorrect comment.
2003-01-06 21:06:47 +00:00
David Shaw
2d5091e4e3 * getkey.c (merge_selfsigs_main): Remove some unused code and make sure
that the pk selfsigversion member accounts for 1F direct sigs.

* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches.  Noted by Stefan Bellon.
2003-01-03 00:40:20 +00:00
Werner Koch
e538b99549 * keydb.c (keydb_add_resource): Don't assume that try_make_homedir
terminates but check again for the existence of the directory and
continue then.
* openfile.c (copy_options_file): Print a warning if the skeleton
file has active options.
2003-01-02 17:47:35 +00:00
David Shaw
041d99295a (oops) The rest of the fix from previous checkin. 2002-12-28 04:25:29 +00:00
David Shaw
63246fe693 * getkey.c (merge_selfsigs_main), main.h, sig-check.c
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
2002-12-28 04:08:53 +00:00
David Shaw
1fb55cd173 * keyserver.c (keyserver_refresh): Don't print the "refreshing..." line if
there are no keys to refresh or if there is no keyserver set.

* getkey.c (merge_selfsigs_main): Any valid user ID should make a key
valid, not just the last one.  This also fixes Debian bug #174276.
2002-12-27 23:31:04 +00:00
David Shaw
b8068e84e7 * keygen.c (keygen_add_key_expire): Properly handle updating a key
expiration to a no-expiration value.

* keyedit.c (enable_disable_key): Comment.

* import.c (import_one): When in interactive mode and --verbose, don't
repeat some key information twice.
2002-12-26 22:00:44 +00:00
Timo Schulz
a1b94b92c8 2002-12-23 Timo Schulz <ts@winpt.org>
* import.c (import_one): Use merge_keys_and_selfsig in the
        interactive mode to avoid wrong key information.
2002-12-23 19:31:05 +00:00
David Shaw
fd75f7daac * keydb.h, getkey.c (key_byname): Flag to enable or disable including
disabled keys.  Keys specified via keyid (i.e. 0x...) are always included.

* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.

* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt.  Do include disabled keys for the default key and
--encrypt-to.

* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.

* gpgv.c (is_disabled): Stub.
2002-12-19 04:47:12 +00:00
David Shaw
7cbc893caf * options.skel: Include the required '=' sign in the sample 'group'
option.

* import.c (chk_self_sigs): Don't try and check a subkey as if it was a
signature.
2002-12-12 22:02:53 +00:00
David Shaw
23b36f4e47 * mainproc.c (proc_tree): Handle multiple detached sigs concatenated
together by warning the user and processing only the first.

* g10.c (main): Comment out --list-trust-path until it can be implemented.
2002-12-11 15:17:10 +00:00
David Shaw
b7b7e6c25a * keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.

* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.
2002-12-06 04:05:47 +00:00
Werner Koch
9a34b607ab * g10.c: New options --[no-]mangle-dos-filenames.
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.

NOT YET TESTED!
2002-12-05 15:21:17 +00:00
David Shaw
2d6a766433 * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
Minimal isn't always best.

* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time.  Make sure that this doesn't
cause a time warp.

* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).

* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.

* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).
2002-12-04 18:32:00 +00:00
David Shaw
6d30580362 * packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
2002-12-04 16:17:21 +00:00
David Shaw
dc70beb88f * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.
2002-12-03 23:09:20 +00:00
David Shaw
33783a41a4 * main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* tdbio.c (tdbio_read_record, tdbio_write_record): Comments to reserve a
byte for trust model in the devel version.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 18:10:10 +00:00
David Shaw
03aaecf3f8 * keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
2002-12-01 20:49:13 +00:00
David Shaw
f41be729cc * g10.c (add_notation_data): Disallow notation names that do not contain a
'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.

* g10.c (main): Add --strict and --no-strict as no-ops to smooth
transition when the devel GnuPG becomes the stable one.
2002-11-24 01:44:37 +00:00
Stefan Bellon
5059ac6f0b fixed type incompatibility 2002-11-13 21:50:33 +00:00
David Shaw
5ecf0cbd79 * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.
2002-11-13 13:14:40 +00:00
David Shaw
7178a8056c * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 05:20:43 +00:00