security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-28 02:12:46 +02:00
Code Activity
2,031 Commits 100 Branches 301 Tags 70 MiB
19de04694e
Commit Graph

893 Commits

Author SHA1 Message Date
David Shaw
19de04694e * import.c (import_one): Do collapse_uids() before we do any cleaning 
so keyserver mangled keys with doubled user IDs can be properly
cleaned - possibly sigs on the different user IDs cancel each other
out.

* import.c (parse_import_options), export.c (parse_export_options):
List "xxx-clean" before the longer options so we don't end up with a
partial match on the longer options.

* trustdb.c (clean_uids_from_key): Return proper number of cleaned
user IDs.  Don't count user IDs as cleaned unless we actually delete
something.
 2005-11-02 05:22:01 +00:00
David Shaw
b3ea683ac9 * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with 
adding a cert-only designated revoker.  Code was looking for a key with
sign ability, and not cert ability.  Noted by Timo Schulz.
 2005-10-27 16:23:59 +00:00
Werner Koch
2b50f31435 cygwin fixes 2005-10-27 09:14:27 +00:00
David Shaw
b9f1815947 * keygen.c (proc_parameter_file): Default key and subkey usage flags to 
algo capabilities if parameter file doesn't specify them. Noted by Timo
Schulz.
 2005-10-26 16:09:23 +00:00
Werner Koch
c8571979ef Fixed minor card related bugs and enhanced status messages 2005-10-18 17:41:20 +00:00
Werner Koch
9b7f1f6976 exported subkeys are now merged into one output keyblock 2005-10-17 17:21:15 +00:00
David Shaw
6c4e740a59 * keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to 
add 0x19 backsigs to old keys that don't have them.

* misc.c (parse_options): Fix build warning.

* main.h, keygen.c (make_backsig): Make public.
 2005-10-14 04:07:13 +00:00
David Shaw
094a7ab401 * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c 
(signature_check2): Add --require-backsigs and --no-require-backsigs.  
Currently defaults to --no-require-backsigs.
 2005-10-12 20:44:24 +00:00
David Shaw
47433adaa5 * getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2), 
keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks.  All is well, so I'm turning generation of backsigs on for new
keys.  Checking for backsigs on verification is still off.
 2005-10-11 22:13:49 +00:00
Werner Koch
02aefe3866 Yet another fix for the gpg.c rename 2005-10-06 10:38:23 +00:00
Werner Koch
3470697e72 Fixes for the g10.c -> gpg.c renamed 2005-10-05 18:22:36 +00:00
Werner Koch
bd1df0119c Renamed g10.c to gpg.c 
Filelength fixes for W32.
 2005-10-05 16:58:50 +00:00
Werner Koch
d0b9ff171d * mainproc.c (proc_symkey_enc): Take care of a canceled passphrase 
prompt.
 2005-09-20 08:19:50 +00:00
David Shaw
8e17d6437d * keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute 
IDs as well as regular text IDs.

* plaintext.c (ask_for_detached_datafile): Use make_filename() on
filename so tilde expansion works.
 2005-09-20 03:34:32 +00:00
David Shaw
4afa18bcaa * main.h, misc.c (parse_options): Add the ability to have help 
strings in xxx-options commands.

* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
 2005-09-14 22:31:21 +00:00
David Shaw
65566b5633 * keyedit.c (show_names): Moved name display code out from 
show_key_with_all_names.  (keyedit_menu): Call it here for pref and
showpref so they can show only the selected user ID.  Suggested by
Timo Schulz.
 2005-09-10 16:50:41 +00:00
Werner Koch
b4b9f891e2 Updated card stuff to support T=0 cards. 2005-09-07 17:05:42 +00:00
Werner Koch
9a2a2904cc Add "help" sub option to --*-options. 2005-09-07 15:53:03 +00:00
David Shaw
039c27f153 * parse-packet.c (enum_sig_subpkt, parse_signature, 
parse_attribute_subpkts): Make a number of warnings verbose items.
These fire on many slightly mangled keys in the field, so the
warning is becoming burdensome.
 2005-09-02 19:23:33 +00:00
David Shaw
be8543812d * photoid.h, photoid.c (generate_photo_id): Allow passing in a 
suggested filename.

* keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto
filename" works.
 2005-09-01 20:51:13 +00:00
David Shaw
187eaf0665 * photoid.c (generate_photo_id): Enable readline completion and tilde 
expansion for the JPEG prompt.
 2005-08-31 18:40:39 +00:00
David Shaw
f74282bee0 * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing 
algorithms.

* keyedit.c (sign_uids): Don't request a signing key to make a
certification.

* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?)  (print_key_flags): Show certify flag.  (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
	
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
 2005-08-27 03:09:40 +00:00
David Shaw
752d64bffc * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode. 
Suggested by Michael Schierl.
 2005-08-27 02:56:51 +00:00
David Shaw
24adfe678d * Makefile.am: No need to link with curl any longer. 
* main.h, misc.c (path_access): New.  Same as access() but does a PATH
search like execlp.

* keyserver.c (curl_can_handle): Removed.  Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort.  This is necessary because PGP LDAP and curl LDAP are apples
and oranges.  (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.
 2005-08-21 20:58:46 +00:00
David Shaw
2e8c02b54b * exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read): 
Minor cleanup to use bitfield flags instead of a bunch of integers.
 2005-08-21 14:20:27 +00:00
David Shaw
5cb51422f9 * g10.c (main): Add aliases sign-with->local-user and user->recipient 
to make switching from PGP command line to GPG easier.
 2005-08-20 19:38:45 +00:00
David Shaw
bd146d5fcc * options.skel: Remove the surfnet LDAP keyserver from the list of 
samples since it is being shut down.

* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.
 2005-08-19 13:37:47 +00:00
David Shaw
9536012034 Missed keydb.h entry for set_passphrase_from_string 2005-08-06 21:17:11 +00:00
David Shaw
82bee9c68a * g10.c (main), passphrase.c (set_passphrase_from_string): New 
--passphrase command line option.  Only useful in very special
circumstances.
 2005-08-05 19:54:06 +00:00
Werner Koch
2ce542ad52 auto retrieve keys from PKA. Thsi allows to specify an email address 
so that gpg can get the key from DNS.  This helps with opportunistic
encryption.  No integration with the trust modell yet.
 2005-08-05 14:46:59 +00:00
David Shaw
533bc3e813 * keygen.c (proc_parameter_file): Sanity check items in keygen batch 
file.  Noted by Michael Schierl.
 2005-08-05 03:30:13 +00:00
David Shaw
c765d1ee0c * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0. 
Noted by Michael Schierl.
 2005-08-05 02:03:12 +00:00
David Shaw
a4563ecd19 * keygen.c (write_keyblock): Don't try and build deleted kbnodes since 
we start our tree with one.
 2005-08-04 21:41:11 +00:00
David Shaw
5ce7563171 Revert bad patch. 2005-08-04 21:39:43 +00:00
David Shaw
bf4728992f * keygen.c (start_tree): Need to use an actual packet type (which we 
can then delete) to start the tree.
 2005-08-04 20:48:13 +00:00
Werner Koch
cd4c621017 Fixes pertaining to revocation creation with subkey-only exported card keys 2005-08-04 09:53:21 +00:00
Werner Koch
986a137c58 Implemented PKA trust model 2005-07-28 18:59:36 +00:00
Werner Koch
a1cdf3c75f Converted all m_free to xfree etc. 2005-07-27 18:10:56 +00:00
David Shaw
efea9c3ce1 * keyserver.c (keyserver_typemap): Special-case LDAP since curl will 
report that it can handle it, and we don't want it to.
 2005-07-27 01:24:57 +00:00
Werner Koch
a7ea40e4f8 * passphrase.c (agent_get_passphrase): Make sure to release the 
saved codeset.
(agent_open): Add arg ORIG_CODESET and switch back to it in case
of error.  Changed all callers.

* zh_TW.po, fr.po, cs.po: Updated.
 2005-07-26 19:08:11 +00:00
Werner Koch
862652ebe1 Preparing a release 2005-07-26 15:41:04 +00:00
David Shaw
99c80f8c39 * keyedit.c (sign_uids): Don't prompt for setting signature expiry to 
match key expiry unless --ask-cert-expire is set.  Suggested by Peter
Palfrader.
 2005-07-22 16:42:48 +00:00
Werner Koch
a486501c0b * gpg.sgml (http): 
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
 2005-07-22 16:28:40 +00:00
David Shaw
04b9cec18f * options.h, g10.c (main), keyedit.c (keyedit_menu): Use --interactive 
to enable the uid walking when signing a key with no uids specified to
sign.

* keylist.c (list_keyblock_print): Fix silly typo.  Noted by Greg
Sabino Mullane.
 2005-07-22 12:52:34 +00:00
David Shaw
a918d63fd5 * keyserver.c (curl_can_handle): New. Do a runtime check against libcurl 
to see if it can handle a particular protocol. (keyserver_typemap): Call
it here.

* Makefile.am: Pull in libcurl for curl_version_info() if used.
 2005-07-20 21:15:04 +00:00
Werner Koch
a0b4f40301 * g10.c, options.h: New option --limit-card-insert-tries. 
* cardglue.c (open_card): Use it.
 2005-07-19 12:14:39 +00:00
Werner Koch
730247b19e * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH. 
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.

* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
 2005-07-19 08:50:28 +00:00
Werner Koch
6dc5a11997 * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols. 
* ttyio.c (do_get): Move printing of the prompt after disabling
echo.  Suggested by Scott Worley.
 2005-07-18 17:58:25 +00:00
David Shaw
8238e7698b * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around 
when compacting a uid.  There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.

* keydb.h, kbnode.c (undelete_kbnode): Removed.  No longer needed.

* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed).  This allows
importing compacted uids.
 2005-07-09 02:34:04 +00:00
David Shaw
c66eeec3c6 * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 warning. 2005-06-20 17:32:09 +00:00