* keyedit.c (sign_uids): Do not allow signing a user ID without a
self-signature. --expert overrides.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, hkp.c, mainproc.c,
parse-packet.c, signal.c, textfilter.c: Edit all preprocessor instructions
to remove whitespace before the '#'. This is not required by C89, but
there are some compilers out there that don't like it.
Special thanks to Michael C. Toren for his help in lining up a sparc to
test this fix on.
* keyserver.c (keyserver_work): Call out error for keyserver helper with a
different version than us.
* main.h, g10.c (main), import.c (parse_import_options,
fix_pks_corruption): It's really PKS corruption, not HKP corruption.
Keep the old repair-hkp-subkey-bug command as an alias.
* g10.c (main): Rename --no-version to --no-emit-version for consistency.
Keep --no-version as an alias.
"dehtmlize" function. Remove HTML before trying to parse each line from
the keyserver. If the keyserver provides key type information in the
listing, use it.
delete_inv_parts), g10.c (main): New import-option
"repair-hkp-subkey-bug", which repairs as much as possible the HKP
mangling multiple subkeys bug. It is on by default for keyserver
receives, and off by default for regular --import.
* main.h, import.c (import, import_one, delete_inv_parts), hkp.c
(hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver import
options when doing keyserver receives.
g10.c (main): add new --export-options option. Current flags are
"include-non-rfc", "include-local-sigs", "include-attributes", and
"include-sensitive-revkeys".
* options.h, hkp.c (hkp_export), keyserver.c (parse_keyserver_options,
keyserver_spawn): try passing unknown keyserver options to export options,
and if successful, use them when doing a keyserver --send-key.
* build-packet.c (build_sig_subpkt): We do not generate
SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
designated revoker means "sensitive", not "local". It's exportable under
the right circumstances.
* main.h, options.h, export.c (do_export_stream), g10.c (main), hkp.c
(hkp_export), keyserver.c (keyserver_spawn: Add a flag to skip attribute
packets and their signatures while exporting. This is to accomodate
keyservers (pksd again) that choke on attributes. Use keyserver-option
"include-attributes" to control it. This defaults to ON (i.e. don't
skip).
keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search): Use a
much more strict reading of RFC-2396 for the keyserver URIs. Specifically,
don't try and be smart about checking the value of ":port" so long as it
is all digits, and properly handle opaque data (those scheme specific
parts that do not start with "//").
FIXED_PHOTO_VIEWER and DISABLE_PHOTO_VIEWER.
* mainproc.c (check_sig_and_print): Use --show-photos to show photos when
verifying a sig made by a key with a photo.
* keyserver.c (parse_keyserver_uri): Properly parse a URI with no :port
section and an empty file path, but with a terminating '/'.
(keyserver_work): Honor DISABLE_KEYSERVER_HELPERS.
* hkp.c (hkp_ask_import): Display keyserver URI as a URI, but only if
verbose.
* exec.c, g10.c: USE_EXEC_PATH -> FIXED_EXEC_PATH
