full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to find the
pgpServerInfo object. Some LDAP setups don't like the search. (main):
Stop binding to the server since it seems no server really requires it,
and some require it not be there.
* g10.c (main): New alias --throw-keyid for --throw-keyids, so that it
continues to work in old configuration files. Noted by Jens Adam.
* pkclist.c (algo_available): --pgp8 now allows blowfish, zlib, and bzip2.
* status.c (do_get_from_fd): Flush stdout if status isn't flushing it for
us. This guarantees that any menus that were displayed before the prompt
don't get stuck in a buffer. Noted by Peter Palfrader. This is Debian
bug #254072.
* sign.c (update_keysig_packet): Revert change of 2004-05-18. It is not
appropriate to strip policy and notations when remaking a sig. That
should only happen when specifically requested by the user.
with OpenLDAP, but it's practically vital to debug SSL and TLS setups.
Add "basedn" option. This allows users to override the autodetection for
base DN. SSL overrides TLS, so TLS will not be started on SSL connections
(starting an already started car).
we can try a modify operation first, and fail over to an add if that
fails. Add cannot cope with the NULLs at the head of the modify request,
so we jump into the list in the middle.
connection to the NAI keyserver since we cannot tell if it is a NAI
keyserver until we connect. Fail if we cannot find a base keyspace DN.
Fix a false success message for TLS being enabled.
(min_automake_version): New.
* LINGUAS: Added all languages we supported in 1.2.5.
Copied all po files from 1.2.5.
* autogen.sh: Updated to the modern version, grepping the required
tool versions from configure.ac.
uids are always on a line for themselves. Mark expired secret keys as
expired.
* options.h, g10.c (main): Rename list show-validity to show-uid-validity
as it only shows for uids.
* armor.c (armor_filter): Do not use padding to get us to 8 bytes of
header. Rather, use 2+4 as two different chunks. This avoids a fake
filename of "is".
expired user IDs. Also, once we've established that a given uid cannot or
will not be signed, don't continue to ask about each sig.
* mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check the S2K
hash algorithm before we try to generate a passphrase using it. This
prevents hitting BUG() when generating a passphrase using a hash that we
don't have.
* sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign
--symmetric messages.
continuing confusion and make room for possible changes in devel.
* parse-packet.c (parse_plaintext): Show the hex value for the literal
packet mode since it may not be printable.
* keygen.c (make_backsig): Make sure that the backsig was built
successfully before we try and use it.
* status.h, status.c (get_status_string), plaintext.c (handle_plaintext):
New status tags PLAINTEXT and PLAINTEXT_LENGTH.
* gpg.sgml: Clarify that --min-cert-level disregards level 1 certs by
default. Clarify include-revoked a bit to note that keyservers might not
be accurate. Note that --charset is --display-charset. Some language
tweaks for --simple-sk-checksum (Debian 251795). Note the PGP silliness
with preferred keyserver subpackets causing PGP/MIME.
which we hashed them when issuing the signature. Noted by Nicholas Cole.
* pkclist.c (do_edit_ownertrust): Fix a kbnode leak and do another
keyid-format conversion.
keyservers, and auto-key-retrieve is set, try and get a missing key from
the preferred keyserver subpacket when we verify the sig.
* gpgv.c (parse_preferred_keyserver, free_keyserver_spec): Stubs.
* keyserver.c (keyidlist): Use new parse_preferred_keyserver function.
(keyserver_work): Use the passed-in keyserver spec rather than the options
global one.
* keyserver-internal.h, keyserver.c (parse_preferred_keyserver): New
function to take a sig and return a split out keyserver_spec.
(keyserver_import_keyid): Now takes a keyserver_spec.
merge selfsigs if we have to for honor-keyserver-url. (keyserver_refresh):
Keyserver URL handler moved here. (calculate_keyid_fpr): Removed.
* keydb.h, keyid.c (keystr_from_desc): Calculate a key string from a
KEYDB_SEARCH_DESC.
keyserver to happen even if there is no global keyserver set.
* sig-check.c (do_check_messages): No need to check for Elgamal signatures
any longer. (do_check_messages, do_check, check_key_signature2):
--keyid-format conversion.
* pkclist.c (show_paths, edit_ownertrust): Remove some unused code.
* mainproc.c (check_sig_and_print): track whether we are retrieving a key.
* status.c (status_currently_allowed): New. (write_status_text,
write_status_text_and_buffer): Use it here.
* g10.c: New command --gpgconf-list. (gpgconf_list): New. From Werner on
stable branch.
--ask-cert-level, --keyid-format, and the removal of show-long-keyids, the
quasi-1991 partial length encoding, --export-all, and include-non-rfc.
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Remove a leftover slash in a sed
expression.
