David Shaw
ee3379a77d
* gpg.sgml: Document new way of enabling the PKA functions. Some minor
...
other cleanups.
2006-03-07 21:47:36 +00:00
David Shaw
4f9efb7a79
* options.h, gpg.c (main, parse_trust_model), pkclist.c
...
(check_signatures_trust), mainproc.c (check_sig_and_print,
pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so that it
is a verify-option now.
2006-03-07 20:14:20 +00:00
David Shaw
81e2591421
* NEWS: Note --auto-key-locate and that keyservers can handle binary data
...
now.
2006-03-07 16:20:03 +00:00
Werner Koch
4aeb4d4b10
More tests added; make distcheck works
2006-03-07 11:05:41 +00:00
David Shaw
199f4bd626
* gpg.sgml: Document --auto-key-locate.
2006-03-07 05:06:31 +00:00
David Shaw
764b3f9395
* sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
...
is not a PGP 2.x algorithm.
2006-03-07 01:16:31 +00:00
David Shaw
5d2060e211
* mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
...
algorithm.
2006-03-06 23:14:13 +00:00
Werner Koch
3e08d87168
Stricter test of allowed signature packet compositions.
...
There is still one problem to solve.
2006-03-06 21:28:25 +00:00
Werner Koch
a200f76dcf
Fixed problem with PGP2 style signatures and mutilple plaintext data
2006-03-06 12:28:46 +00:00
Werner Koch
09203be1c6
Replaced an assert and fixed batch mode issue in cardglue.
2006-03-05 15:13:18 +00:00
David Shaw
9523139ee7
* gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP
...
libraries that have TLS.
2006-03-03 21:55:38 +00:00
David Shaw
78904c691c
* getkey.c (parse_auto_key_locate): Error if the user selects "cert" or
...
"pka" when those features are disabled.
* misc.c (has_invalid_email_chars): Fix some C syntax that broke the
compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha. Noted by Nelson H.
F. Beebe.
2006-03-01 18:16:55 +00:00
David Shaw
2385935afa
* configure.ac: Fix accidental enabling of SHA-384/512. Noted by Nelson
...
H. F. Beebe.
2006-03-01 17:05:38 +00:00
Werner Koch
89824e5d59
Fixed card removal problems
2006-03-01 11:05:47 +00:00
David Shaw
4b67ecabcf
* options.skel: Document auto-key-locate and give a pointer to Simon
...
Josefsson's page for CERT.
2006-02-27 19:31:13 +00:00
David Shaw
837a6f094d
* gpg.sgml: Document new --keyserver syntax.
2006-02-25 00:21:20 +00:00
David Shaw
f4f5ea43e7
* keydb.h, getkey.c (release_akl), gpg.c (main): Add
...
--no-auto-key-locate.
* options.h, gpg.c (main): Keep track of each keyserver registered so
we can match on them later.
* keyserver-internal.h, keyserver.c (cmp_keyserver_spec,
keyserver_match), gpgv.c: New. Find a keyserver that matches ours and
return its spec.
* getkey.c (get_pubkey_byname): Use it here to get the per-keyserver
options from an earlier keyserver.
2006-02-24 14:27:22 +00:00
David Shaw
4139587267
* keyserver.c (parse_keyserver_options): Only change max_cert if it is
...
used.
2006-02-24 03:57:11 +00:00
David Shaw
624f3582ba
* options.c, gpg.c (main), keyserver.c (keyserver_spawn): No special
...
treatment of include-revoked, include-subkeys, and try-dns-srv. These are
keyserver features, and GPG shouldn't get involved here.
2006-02-23 22:39:40 +00:00
David Shaw
0302c7e0ac
* ksutil.c (init_ks_options): Default include-revoked and include-subkeys
...
to on, as gpg isn't doing this any longer.
2006-02-23 21:06:32 +00:00
David Shaw
09e3b78ea2
* keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
...
options to the list, as ordering may be significant to the user.
2006-02-23 20:54:30 +00:00
David Shaw
1736866b5b
* gpg.c (add_notation_data): Fix reversed logic for isascii check when
...
adding notations. Noted by Christian Biere.
2006-02-23 19:52:20 +00:00
David Shaw
c37453211c
* options.h, keyserver.c (add_canonical_option): New.
...
(parse_keyserver_options): Moved from here. (parse_keyserver_uri): Use it
here so each keyserver can have some private options in addition to the
main keyserver-options (e.g. per-keyserver auth).
2006-02-23 17:00:02 +00:00
David Shaw
1ae024ef81
* options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
...
getkey.c (free_akl, parse_auto_key_locate, get_pubkey_byname): The obvious
next step: allow arbitrary keyservers in the auto-key-locate list.
2006-02-22 23:37:23 +00:00
David Shaw
482a3a0101
* gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on
...
odd matches.
2006-02-22 23:19:36 +00:00
David Shaw
305288b5f5
* options.h, keyserver.c (parse_keyserver_options): Remove
...
auto-cert-retrieve as it is no longer meaningful. Add max-cert-size to
allow users to pick a max key size retrieved via CERT.
2006-02-22 20:34:48 +00:00
David Shaw
477defdb1b
* options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
...
(keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be
consistent with honor-keyserver-url.
2006-02-22 20:20:58 +00:00
David Shaw
7eab1846ca
* options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):
...
Parse a list of key access methods. (get_pubkey_byname): Walk the list
here to try and retrieve keys we don't have locally.
2006-02-22 19:06:23 +00:00
David Shaw
e396cd2c7c
* gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allow
...
duplicate attributes as OpenLDAP is now enforcing this.
2006-02-22 04:19:21 +00:00
David Shaw
c68649e1b1
* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
...
credentials to a remote LDAP server.
2006-02-22 03:49:49 +00:00
David Shaw
79ec50f77d
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
...
curl_easy_perform): Mingw has 'stderr' as a macro?
2006-02-22 02:11:35 +00:00
David Shaw
d038b36c8f
* getkey.c (get_pubkey_byname): Fix minor security problem with PKA when
...
importing at -r time. The URL in the PKA record may point to a key put in
by an attacker. Fix is to use the fingerprint from the PKA record as the
recipient. This ensures that the PKA record is followed.
* keyserver-internal.h, keyserver.c (keyserver_import_pka): Return the
fingerprint we requested.
2006-02-21 22:23:35 +00:00
David Shaw
e4206de3f5
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
...
curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for easier
debugging.
2006-02-21 16:16:09 +00:00
David Shaw
0eb4e93bd4
* gpgv.c: Stub keyserver_import_ldap.
...
* keyserver-internal.h, keyserver.c (keyserver_import_ldap): Import using
the PGP Universal trick of asking ldap://keys.(maildomain) for the key.
2006-02-21 16:09:09 +00:00
David Shaw
8a1bd087fc
* keyserver.c (parse_keyserver_uri): Include the scheme in the uri
...
even when we've assumed "hkp" when there was no scheme.
2006-02-21 05:20:08 +00:00
Werner Koch
d59f87e94b
Better warning messages
2006-02-19 22:09:10 +00:00
David Shaw
ca6c57bc8a
* http.c (send_request): A zero length proxy is the same as no proxy.
2006-02-19 21:03:01 +00:00
David Shaw
5b209e3e4a
* configure.ac: Try linking the UINT64_C test program (rather than
...
just compiling it) as UINT64_C looks like a (missing) function,
causing a false positive. Noted by Claus Assmann.
2006-02-19 02:08:43 +00:00
Werner Koch
b121d029b5
about to release 1.4.3rc1
2006-02-14 16:28:34 +00:00
Werner Koch
6ec4e8c6a1
Added documentation for qualified signatures
2006-02-14 13:34:23 +00:00
Werner Koch
966cd80d88
Fixed a wrong return code with gpg --verify
2006-02-14 10:17:57 +00:00
Werner Koch
4472efd12c
PIN caching of cards does now work.
2006-02-09 18:29:31 +00:00
Werner Koch
2410941461
Lock random seed file
2006-02-09 12:54:41 +00:00
Werner Koch
3d7b030025
Fixed a couple of problems with omnikey based readers
2006-02-08 17:56:01 +00:00
Werner Koch
af67c98ee9
Fixed a couple of problems
2006-02-08 17:55:20 +00:00
Werner Koch
ee3f99f4e4
.
2006-02-06 18:31:27 +00:00
Werner Koch
4f34366389
Add support fro CardMan 4040
2006-02-06 16:34:20 +00:00
Werner Koch
a5465705fb
Support for CardMan 4040
2006-02-06 16:13:20 +00:00
David Shaw
23cfe019e9
* cert.c (get_cert): Disable IPGP types for now until the format questions
...
in the draft are settled.
* srv.c (getsrv): Error on oversize SRV responses.
2006-01-26 16:51:04 +00:00
David Shaw
214a3a646e
* keyserver.c (parse_keyserver_uri): If there is a path present, set the
...
direct_uri flag so the right keyserver helper is run.
2006-01-24 21:03:06 +00:00