* trustdb.h, trustdb.c (is_disabled), keylist.c (print_capabilities),
gpgv.c (is_disabled): is_disabled now takes a pk and not just the keyid.
This is for speed since there is no need to re-fetch a key when we already
have that key handy.
* getkey.c (skip_disabled): New function to get a pk and call is_disabled
on it. (key_byname): Use it here.
and refresh-keys.
* keyserver.c (keyserver_work): Range check the TCP port for HKP.
* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.
* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.
* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.
warning.
* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.
* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), sign.c (sign_file, clearsign_file), encode.c
(encode_crypt, write_pubkey_enc_from_list): New functions to put the "this
message may not be usable...." warning in one place.
* options.h, g10.c (main): Part two of the simplification. Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex. This is step one in simplifying them.
No functional change yet, just use a macro to check for compliance level.
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket. This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.
particular user ID, use that ID as the one to ask about when prompting
whether to use the key anyway. (build_pk_list): Similar change here when
adding keys to the recipient list.
* trustdb.c (update_validity): Fix bug that prevented more than one
validity record per trust record. (get_validity): When retrieving validity
for a (user) supplied user ID, return the validity for that user ID only,
and do not fall back to the general key validity. (validate_one_keyblock):
Some commentary on whether non-self-signed user IDs belong in the web of
trust (arguably, they do).
binding packet" a verbose item instead of a !quiet one. There are
too many garbled keys out in the wild.
* getkey.c (premerge_public_with_secret): Made "no secret subkey
for" warning a verbose item and translatable.
* progress.c (handle_progress): Store a copy of NAME.
(progress_filter): Release WHAT, make sure not to print a NULL WHAT.
* openfile.c (open_sigfile): Adjust free for new progress semantics.
* plaintext.c (ask_for_detached_datafile): Don't dealloc pfx->WHAT.
* exec.c (exec_write): Cast NULL to void* to properly terminate varargs
list.
* keyedit.c (show_key_with_all_names): Just for safety, catch an invalid
pk algorithm.
* sign.c (make_keysig_packet): Crucial that the call to mksubpkt comes
LAST before the calls to finalize the sig as that makes it possible for
the mksubpkt function to get a reliable pointer to the subpacket area.
with --verbose on, and add version, pk and hash algorithms and sig class
to VALIDSIG.
* g10.c (main): Add --no-textmode.
* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), trustdb.c (get_validity, reset_trust_records,
validate_keys): Make some strings translatable.
sig with --verbose on.
* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since the devel version can make signatures that trigger
it each time.
range of years but must list each year we have prepared a release
and applied a textual change to a file. It is common that some
files are not changed in a couple of years and a range would not
allow to express this.
duplicate signatures with --expert.
* pkclist.c (check_signatures_trust): Don't display a null fingerprint
when checking a signature with --always-trust enabled.
* filter.h (progress_filter_context_t), progress.c (handle_progress): Fix
compiler warnings. Make "what" constant.
* build-packet.c (do_plaintext): Do not create invalid literal packets
with >255-byte names.
agent is to be used. Noted by Ingo Kl�cker.
(agent_get_passphrase): Inhibit caching when we have no
fingerprint. This is required for key generation as well as for
symmetric only encryption.
(passphrase_to_dek): Ditto. Passed to above. Changed all
callers to pass NULL.
* seckey-cert.c (do_check): New arg CANCELED.
(check_secret_key): Terminate loop when canceled.
* keyedit.c (change_passphrase): Pass ERRTEXT untranslated to
passphrase_to_dek and translate where appropriate.
* seckey-cert.c (check_secret_key): Ditto.
* keygen.c (ask_passphrase): Ditto.
* passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT.
Switch the codeset to utf-8.
Special thanks to Michael C. Toren for his help in lining up a sparc to
test this fix on.
* keyserver.c (keyserver_work): Call out error for keyserver helper with a
different version than us.
* main.h, g10.c (main), import.c (parse_import_options,
fix_pks_corruption): It's really PKS corruption, not HKP corruption.
Keep the old repair-hkp-subkey-bug command as an alias.
* g10.c (main): Rename --no-version to --no-emit-version for consistency.
Keep --no-version as an alias.
boolean input.
* g10.c (main): Add deprecated option warning for --list-ownertrust. Add
--compression-algo alias for --compress-algo. Change --version output
strings to match "showpref" strings, and make translatable.
"no-mangle-dos-filenames".
* mainproc.c (proc_encrypted): Make string translatable.
* keygen.c (keygen_set_std_prefs): Include AES192, and AES256 in default
prefs.
signature caches to prevent another gpg from tampering with the temporary
copy.
* keydb.c: Double the maximum number of keyrings to 40.
* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations. Fix cosmetic off-by-one length counter.
fully valid keys so that disabled keys are still counted in the web of
trust.
* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.
* g10.c (main): Use 3DES for the s2k cipher in --openpgp mode. Double the
amount of secure memory to 32k (keys are getting bigger these days).
them as they are no longer always available.
* exec.c (set_exec_path): Add debugging line.
* Makefile.am: Use the more correct @PACKAGE@ rather than "gnupg".
This assumes at least an 80-character display, as there are a few other
similar assumptions here and there. Users who need unformatted hashes can
still use with-colons.
(treat as a v4 revocation).
* keyedit.c (keyedit_menu, menu_revuid): Backport "revuid" from devel.
* import.c (print_import_check): Do not re-utf8 convert user IDs.
* status.h, status.c (get_status_string), import.c (import_one,
print_import_check): Backport Timo's IMPORT_CHECK status message from
devel.
(release_public_key_parts): Remove unused namehash element for public
keys.
* trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info): Pass a
user ID in rather than a namehash, so we only have to do the hashing in
one place.
trustdb.c (update_validity): Store temporary full & marginal counts in the
trustdb. (clear_validity, get_validity_counts): Return and clear temp
counts. (store_validation_status): Keep track of which keyids have been
stored. (validate_one_keyblock, validate_key_list): Use per-uid copies of
the full & marginal counts so they can be recalled for multiple levels.
(validate_keys): Only use unused keys for each new round.
(reset_unconnected_keys): Rename to reset_trust_records, and only skip
specifically excluded records.
that the pk selfsigversion member accounts for 1F direct sigs.
* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches. Noted by Stefan Bellon.
terminates but check again for the existence of the directory and
continue then.
* openfile.c (copy_options_file): Print a warning if the skeleton
file has active options.
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
there are no keys to refresh or if there is no keyserver set.
* getkey.c (merge_selfsigs_main): Any valid user ID should make a key
valid, not just the last one. This also fixes Debian bug #174276.
expiration to a no-expiration value.
* keyedit.c (enable_disable_key): Comment.
* import.c (import_one): When in interactive mode and --verbose, don't
repeat some key information twice.
disabled keys. Keys specified via keyid (i.e. 0x...) are always included.
* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.
* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt. Do include disabled keys for the default key and
--encrypt-to.
* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.
* gpgv.c (is_disabled): Stub.
remove the RSA sign+encrypt warning.
* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.
NOT YET TESTED!
Minimal isn't always best.
* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time. Make sure that this doesn't
cause a time warp.
* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).
* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.
* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode. This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.
* getkey.c (finish_lookup): Comment.
user ID display in the --edit-key menu to match that of the --list-keys
display.
* tdbio.c (tdbio_read_record, tdbio_write_record): Comments to reserve a
byte for trust model in the devel version.
* g10.c (add_notation_data): Fix initialization.
expiration date of a subkey. This is not the most optimal solution, but
it is minimal change on the stable branch.
* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.
* import.c (fix_hkp_corruption): Comment.
'@', unless --expert is set. This is to help prevent people from
polluting the (as yet unused) IETF namespace.
* main.h: Comments about default algorithms.
* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.
* g10.c (main): Add --strict and --no-strict as no-ops to smooth
transition when the devel GnuPG becomes the stable one.
display match the validity and trust of --with-colons --list-keys.
* passphrase.c (agent_send_all_options): Fix compile warning.
* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid. This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
(get_pubkey_fast): this and made extern.
(get_pubkey_byfprint_fast): New.
* import.c (import_one): Use get_pubkey_fast instead of
get_pubkey. We don't need a merged key and actually this might
lead to recursions. --> There is still a problem, though.
(revocation_present): Likewise for search by fingerprint.
* g10.c (main): Try to create the trustdb even for non-colon-mode
list-key operations. This is required because getkey needs to
know whether a a key is ultimately trusted.
we don't need it here as it behaves more like a Posix system.
* passphrase.c (agent_get_passphrase): Ditto.
* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.
* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from
the registry.
function as they may not have all their fields filled in.
* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
cipher when importing a secret key.
* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.
* parse_packet.c (parse_key): Some comments.
* revoke.c (gen_revoke): Remove some debugging code.
* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
