* status.h (STATUS_NEED_PASSPHRASE_PIN): New.
* status.c (get_status_string): Added.
* passphrase.c (ask_passphrase): Moved status printing to ..
* cardglue.c (pin_cb): .. here and issue new status message.
* keyedit.c (sign_uids): Don't include the leading LF in the
translatable string but print them separately.
* apdu.c (apdu_open_remote_reader) [_WIN32]: We don't have ENOSYS.
after the first user ID.
* keyedit.c (show_key_with_all_names): Don't show validity if we're just
printing user IDs for signing.
* armor.c (fake_packet): Properly handle the case where the line is
dash-space (i.e. a blank line that was quoted). Give a warning for bad
dash escaping.
trust since the meaning is different.
* keyedit.c (trustsig_prompt): Change the strings to match the ones in
pkclist.c:do_edit_ownertrust to make translation easier.
* trustdb.c (trust_model_string, get_validity): Add direct trust model
which applies to the key as a whole and not per-uid.
* options.h, g10.c (parse_trust_model): New. (main): Call it from here to
do string-to-trust-model.
fix sprintf warnings.
* keyserver.c (keyserver_spawn): Fix BUG() with certain sets of mixed
regular and preferred keyserver refreshes. Noted by Sebastian Wiesinger.
* keyedit.c (show_key_with_all_names): Show uid validity in menu.
show-sig-expire takes up so we do not wrap lines.
(show_key_with_all_names): No need to show subkey revocations as a
seperate line since we now show revocation date in the main subkey line.
opt.s2k_digest_algo. This helps fix a problem with PGP 2.x encrypted
symmetric messages. Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).
* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings. Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
* g10.c: Make -K an alias for --list-secret-keys.
* keylist.c (print_card_serialno): New. Taken from gnupg 1.9.11.
(list_keyblock_print): Make use of it.
* keyedit.c (show_key_with_all_names): Print the card S/N.
* keyedit.c (keyedit_menu): New command ADDCARDKEY.
* card-util.c (card_generate_subkey): New.
* keygen.c (generate_card_subkeypair): New.
(gen_card_key): New arg IS_PRIMARY; changed all callers.
* cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.
uids are always on a line for themselves. Mark expired secret keys as
expired.
* options.h, g10.c (main): Rename list show-validity to show-uid-validity
as it only shows for uids.
* armor.c (armor_filter): Do not use padding to get us to 8 bytes of
header. Rather, use 2+4 as two different chunks. This avoids a fake
filename of "is".
expired user IDs. Also, once we've established that a given uid cannot or
will not be signed, don't continue to ask about each sig.
* mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check the S2K
hash algorithm before we try to generate a passphrase using it. This
prevents hitting BUG() when generating a passphrase using a hash that we
don't have.
* sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign
--symmetric messages.
preferred keyserver on "keyserver" command line. Sanity check keyserver
URL before accepting it.
* keyserver-internal.h, g10.c (main), keyserver.c (parse_keyserver_uri):
Add an option to require the scheme:// and change all callers.
(free_keyserver_spec): Make public.
show. Don't allow a not-shown notation to prevent us from issuing the
proper --status-fd message.
* options.h, g10.c (main): Add show-std/standard-notations and
show-user-notations. show-notations is both. Default is to show standard
notations only during verify. Change all callers.
requires end of line conversion. This is being considered for a UTF8 text
packet. If this doesn't take place, no major harm done. If it does take
place, we'll get a jump on starting the changeover.
* g10.c (main): --no-use-embedded-filename.
* build-packet.c (calc_plaintext, do_plaintext): Do not create illegal
(packet header indicates a size larger than the actual packet) encrypted
data packets when not compressing and using a filename longer than 255
characters.
* keyedit.c (no_primary_warning): Cleanup. (menu_expire): Don't give
primary warning for subkey expiration changes. These cannot reorder
primaries.
which self-sig we actually chose.
* keyedit.c (menu_expire, menu_set_primary_uid, menu_set_preferences): Use
it here to avoid updating non-used self-sigs and possibly promoting an old
self-sig into consideration again.
functions in log_debug.
* import.c (import_one): Try and collapse user IDs when importing a key
for the first time.
* keyedit.c (menu_addrevoker): Allow appointing a subkey as a designated
revoker if the user forces it via keyid!, so long as the subkey can
certify. Also use the proper date string when prompting for confirmation.
* g10.c (main): Maintain ordering of multiple Comment lines. Requested by
Peter Hyman.
replace the list-option (and eventually verify-option) show-long-keyids.
The format can be short, long, 0xshort, and 0xlong.
* keydb.h, keyid.c (keystr, keystrlen): New functions to generate a
printable keyid.
* keyedit.c (print_and_check_one_sig, show_key_with_all_names), keylist.c
(list_keyblock_print): Use new keystr() function here to print keyids.
* encode.c (encode_simple): Show cipher with --verbose.
* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level. If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
general command list functionality to replace it.
* g10.c (main): Use the general command functionality to implement
--sign-key, --lsign-key, --nrsign-key, and --nrlsign-key.
public subkeys.
* keylist.c (list_keyblock_print), keyedit.c (show_key_with_all_names):
Show the revocation date of a key/subkey, and general formatting work.
* packet.h, getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
merge_selfsigs): Keep track of the revocation date of a key.
* keydb.h, keyid.c (revokestr_from_pk): New function to print the
revocation date of a key.
runtime as it properly handles algorithms disabled at build or run time.
* getkey.c (merge_selfsigs_main): Properly handle expired user IDs when
the expired self-sig is not the only self-sig.
* misc.c (compress_algo_to_string): Return NULL on failure like all of the
other xxxx_algo_to_string() functions.
* mainproc.c (list_node): Minor spacing tweak to match --list-keys output.
* keylist.c (list_keyblock_print), mainproc.c (list_node): Mark revoked
subkeys as revoked. Requested by Matthew Wilcox. Revoked overrides
expiration when both apply.
* keyedit.c (show_prefs): Use compress algo constants.
(show_basic_key_info): Make revoked and expired tags translatable.
* g10.c (rm_group): Properly ungroup from a list of groups.
group. (add_group): When adding a group with the same name as an already
existing group, merge the two groups. (list_config): Show an error message
when listing a config item that doesn't exist. (main): Replace -z0 trick
for no compression.
* packet.h, keyedit.c (show_key_with_all_names_colon), keylist.c
(list_keyblock_colon), mainproc.c (list_node, proc_tree): Minor cleanup to
remove local_id, which is no longer used.
* options.h, g10.c (set_screen_dimensions): New function to look at
COLUMNS and LINES.
* keyserver.c (parse_keyrec, keyserver_search_prompt), keyedit.c
(print_and_check_one_sig): Use new screen dimension variables.
"external" trust model, where the user can provide a pregenerated trustdb.
* keyedit.c (keyedit_menu): Do not allow editing ownertrust with an
external trust model trustdb.
(mk_notation_policy_etc): Clarify a few strings. It's a "preferred
keyserver URL".
* g10.c (main): Use "keyserver-url" instead of "preferred-keyserver" for
the sake of short and simple commands.
adding a keyserver URL.
* keyedit.c (keyedit_menu, menu_set_keyserver_url): New command to set
preferred keyserver to specified (or all) user IDs.
* build-packet.c (build_sig_subpkt): Set preferred keyserver flag while
building a preferred keyserver subpacket.
* keylist.c (show_policy_url): Policy URLs might be UTF8.
* keyedit.c (menu_addrevoker): Fix leaking a few bytes.
