1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-28 11:11:32 +01:00

3615 Commits

Author SHA1 Message Date
David Shaw
10f51e0714 * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use the
default sig expire value when signing in batchmode.
2005-05-06 13:03:22 +00:00
David Shaw
89055cca85 * Makefile.am, packet.h, main.h, comment.c: Remove comment.c. We don't
use any of these functions any longer.
2005-05-05 22:32:52 +00:00
David Shaw
ef92ff6e08 Remove add_days_to_timestamp (unused) 2005-05-05 22:21:34 +00:00
David Shaw
da0c60a987 * keygen.c (start_tree): New function to "prime" a KBNODE list.
(do_generate_keypair): Use it here rather than creating and deleting a
comment packet.

* keygen.c (gen_elg, gen_dsa): Do not put public factors in secret key as
a comment.

* options.h, encode.c (encode_simple, encode_crypt), keygen.c (do_create):
Remove disabled comment packet code.
2005-05-05 22:08:37 +00:00
David Shaw
08bd93f7dc * keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default
preferences.
2005-05-05 21:18:47 +00:00
David Shaw
c71639cfff * options.h, g10.c (main): Add new --default-sig-expire and
--default-cert-expire options.  Suggested by Florian Weimer.

* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.

* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
2005-05-05 19:21:40 +00:00
Moritz Schulte
2fb1abb849 2005-05-05 Moritz Schulte <moritz@g10code.com>
* command-ssh.c: Use ssh_key_grip(), where
        gcry_pk_get_keygrip() has been used before.
	(ssh_handler_sign_request): Removed unusued variable P.
2005-05-05 14:57:59 +00:00
Moritz Schulte
e22f6db544 2005-05-05 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_key_to_buffer): Rename to ...
	(ssh_key_to_protected_buffer): ... this; change callers.
	Improved documentation.
2005-05-05 14:49:54 +00:00
David Shaw
cf7c0feca4 * gpg.sgml: Clarify --min-cert-level a bit. 2005-05-05 12:39:36 +00:00
David Shaw
d9d902dffb * ksutil.h, ksutil.c: #ifdef so we can build without libcurl or
fake-curl.
2005-05-04 13:34:25 +00:00
David Shaw
049195f9e0 * gpgkeys_http.c: Need GET defined. 2005-05-04 02:46:02 +00:00
Werner Koch
6639bbf699 * passphrase.c (agent_get_passphrase): Add new arg CACHEID.
Changed all callers.
(ask_passphrase): Add new arg CACHEID and use it in agent mode.
Changed all callers.
(passphrase_clear_cache): New arg CACHEID.  Changed all callers.
* cardglue.c (format_cacheid): New.
(pin_cb): Compute a cache ID.
(agent_scd_pksign, agent_scd_pkdecrypt): Use it.
(agent_clear_pin_cache): New.
* card-util.c (change_pin): Clear the PIN cache.
(check_pin_for_key_operation): Ditto.
2005-05-03 22:27:07 +00:00
David Shaw
5e6d360596 * gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup and
comments as to the size of MAX_LINE and MAX_URL.
2005-05-02 00:46:39 +00:00
Werner Koch
eb3f014b5d * app-p15.c (micardo_mse): New.
(do_sign): Call it.
* iso7816.c (iso7816_manage_security_env): Allow passing DATA as
NULL to indicate an empty Lc.
* tlv.c (find_tlv): Check that a found object fits into the
buffer.
(find_tlv_unchecked): New as replacement for the old non-checking
variant.
* app.c (select_application): Keep on using the non-checking
variant.
* app-openpgp.c (get_one_do, dump_all_do): Ditto.
2005-04-27 19:47:53 +00:00
Werner Koch
f2fe118bfb (symcryptrun): Added. 2005-04-27 13:39:16 +00:00
Werner Koch
a22750dc1e * configure.ac: Removed OpenSC detection and options.
* acinclude.m4: Ditto.

* scdaemon.texi: Removed OpenSC specific options.

* app-p15.c: New.  Basic support for pkcs15 cards without OpenSC.
There are quite a couple of things missing but at least I can use
my old TCOS cards from the Aegypten-1 development for signing.
* app.c (select_application): Detect pkcs15 applications.
* Makefile.am (scdaemon_SOURCES): Removed card.c, card-common.h
and card-p15.c because they are now obsolete. Added app-p15.c.
Removed all OpenSC stuff.
* command.c (do_reset, open_card, cmd_serialno, cmd_learn)
(cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkdecrypt): Removed
all special cases for the old card.c based mechanisms.
* scdaemon.c, apdu.c: Removed all special cases for OpenSC.
2005-04-27 12:09:21 +00:00
David Shaw
f02fe1dafb * trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the
no-pubkey and chosen revocation cases.  (clean_uid): New function to
clean a user ID of unusable (as defined by mark_usable_uid_certs)
certs.

* keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new
"clean" command that removes unusable sigs from a key.
2005-04-24 18:35:30 +00:00
David Shaw
be90f3cacb * libcurl.m4: Add a check for curl_free() since older versions of
libcurl don't have it.  Substitute free() as an alternative.
2005-04-24 16:52:15 +00:00
David Shaw
6d72a1c649 * trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): Allow
specifying user ID via the namehash from --with-colons
--fixed-list-mode --list-keys.  Suggested by Peter Palfrader.
2005-04-24 16:05:41 +00:00
David Shaw
7e9b6d2f66 * gnupg.spec.in: No longer any need to override libexecdir. The
makefiles now calculate this correctly internally.
2005-04-23 01:15:29 +00:00
David Shaw
b4b228b4f9 * distfiles: Add assuan.h. 2005-04-22 23:52:58 +00:00
David Shaw
5bfd1199b8 * keyedit.c (sign_uids, keyedit_menu): When the user requests to sign
a key without specifying which user IDs to sign, and declines to sign
all user IDs, walk through the set of user IDs and prompt for which to
sign.
2005-04-22 03:36:20 +00:00
David Shaw
edc0862448 * mainproc.c (symkey_decrypt_seskey): There is no need to have an
extra check for a bad passphrase and/or unknown cipher algorithm here.
We'll fail quite happily later, and usually with a better error
message to boot.
2005-04-22 03:21:14 +00:00
Werner Koch
a832ff3de0 post release version number update 2005-04-21 14:59:18 +00:00
Werner Koch
ec51140af0 Preparing a release V1-9-16 2005-04-21 14:39:00 +00:00
Werner Koch
07aa7b210a (main): Optionally allow the input file as command
line argument.
2005-04-21 10:07:41 +00:00
Werner Koch
3ff9a743bf * configure.ac: Do not build gpg by default.
* gpgsm.c: New options --{enable,disable}-trusted-cert-crl-check.
* certchain.c (gpgsm_validate_chain): Make use of it.

* certchain.c (gpgsm_validate_chain): Check revocations even for
expired certificates.  This is required because on signature
verification an expired key is fine whereas a revoked one is not.

* gpgconf-comp.c: Add gpgsm option disable-trusted-cert-crl-check.
2005-04-21 09:33:07 +00:00
Werner Koch
314c234e7d (gpgsm_validate_chain): Check revocations even for
expired certificates.  This is required because on signature
verification an expired key is fine whereas a revoked one is not.
2005-04-21 07:16:41 +00:00
Werner Koch
526ed521a7 . 2005-04-20 19:19:24 +00:00
Werner Koch
cb1840720a (Agent Configuration): New section. 2005-04-20 18:46:51 +00:00
Moritz Schulte
a78c5e9673 2005-04-20 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities): Removed
	debugging code (sleep call), which was commited unintenionally.
2005-04-20 14:47:19 +00:00
Marcus Brinkmann
92ee8d4886 2005-04-19 Marcus Brinkmann <marcus@g10code.de>
* symcryptrun.c: Add --input option.
2005-04-19 12:00:29 +00:00
Werner Koch
eff62d82bf * configure.ac: Require libksba 0.9.11.
sm/
* call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI.
* certlist.c (gpgsm_find_cert): Add new arg KEYID and implement
this filter.  Changed all callers.

* certchain.c (find_up_search_by_keyid): New helper.
(find_up): Also try using the AKI.keyIdentifier.
(find_up_external): Ditto.
2005-04-18 10:44:46 +00:00
David Shaw
b7c3018d32 * keyserver.c (keyserver_spawn): Free some memory.
* sign.c (hash_for): Comments.
2005-04-17 04:10:03 +00:00
David Shaw
0884653a13 * gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.
* Makefile.am: Build new gpgkeys_hkp.

* curl-shim.c (curl_easy_perform): Cleanup.
2005-04-17 02:18:32 +00:00
David Shaw
5609f5eafd * ksutil.h, ksutil.c (curl_writer), gpgkeys_curl.c (get_key): Pass a
context to curl_writer so we can support multiple fetches in a single
session.
2005-04-17 01:52:04 +00:00
David Shaw
f50e99ed7b * curl-shim.h, curl-shim.c (handle_error, curl_easy_setopt,
curl_easy_perform): Add POST functionality to the curl shim.
2005-04-17 01:39:24 +00:00
David Shaw
352db25580 * configure.ac: Remove --disable-old-hkp - use new HKP handler for
--with-libcurl or --enable-fake-curl.
2005-04-17 00:06:04 +00:00
David Shaw
d8e1f7656b * curl-shim.h, curl-shim.c (curl_escape, curl_free): Emulate
curl_escape and curl_free.
2005-04-16 22:21:28 +00:00
David Shaw
5748f595b0 * gpgkeys_curl.c (main): If the http-proxy option is given without any
arguments, try to get the proxy from the environment.

* ksutil.h, ksutil.c (curl_err_to_gpg_err, curl_writer): Copy from
gpgkeys_curl.c.

* gpgkeys_oldhkp.c: Copy from gpgkeys_hkp.c.
2005-04-16 18:50:46 +00:00
David Shaw
799f97ceee * configure.ac: Add --disable-old-hkp option that can be used along
with --with-libcurl to build the curl version of HKP.
2005-04-16 18:20:01 +00:00
Marcus Brinkmann
00853b8a1a 2005-04-15 Marcus Brinkmann <marcus@g10code.de>
* symcryptrun.c (TEMP_FAILURE_RETRY): Define if not defined.
2005-04-15 09:04:43 +00:00
Marcus Brinkmann
e0d6d1c476 2005-04-15 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Check for /usr/bin/shred and define SHRED.

tools/
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

	* symcryptrun.c (remove_file): New function.
	(confucius_copy_file): Accept new argument PLAIN and shred the
	file if it is set on error.
2005-04-15 02:24:44 +00:00
Marcus Brinkmann
f527f721d4 2005-04-15 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Add --enable-symcryptrun, disabled by default.
	Define automake variable BUILD_SYMCRYPTRUN.
	Check for openpty -lutil, define LIBUTIL_LIBS.

tools/
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am: Define symcryptrun make variable depending on
	BUILD_SYMCRYPTUN.
	(bin_PROGRAMS): Add ${symcryptrun} instead symcryptrun.
	(symcryptrun_LDADD): Use $(LIBUTIL_LIBS) instead of -lutil.
2005-04-15 01:33:46 +00:00
Werner Koch
9f9a18c011 (retrieve_key_material): Rewritten. Return a
proper error code.
(retrieve_next_token): Removed.
(retrieve_fpr_from_card): Rewritten to make use of DO caching and
to take the KEYNO as arg.
(get_public_key): Renamed variable for clarity.
2005-04-14 17:25:43 +00:00
Werner Koch
f084afaeda Added missing file 2005-04-13 09:39:38 +00:00
David Shaw
40a9c998b3 Check for memrchr() 2005-04-12 16:11:03 +00:00
David Shaw
4f996cc5b8 Fix minor build problem on OSX (need a replacement for memrchr) 2005-04-12 16:08:51 +00:00
Werner Koch
73fb1c592f * g10.c (main, add_notation_data, add_policy_url)
(add_keyserver_url): Use isascii() to protect the isfoo macros and
to replace direct tests.  Possible problems noted by Christian
Biere.
* keyserver.c (parse_keyserver_uri): Ditto.

* g10.c (main): Declare --pipemode deprecated.
* misc.c (deprecated_command): New.
2005-04-11 18:24:09 +00:00
Werner Koch
14f6a82ca9 (confucius_mktmpdir): Changed to use mkdtmp(3). 2005-04-11 17:22:23 +00:00