1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

90 Commits

Author SHA1 Message Date
David Shaw
04b715e4da * trustdb.h, trustdb.c (uid_trust_string_fixed): New. Return a fixed-size
translatable string similar to trust_value_to_string. This allows for
easier lining up of displays.

* keyedit.c (show_key_with_all_names), keylist.c (list_keyblock_print):
Use it here to print validity strings.

* gpgv.c: Stub.
2004-11-24 05:25:03 +00:00
David Shaw
f5b7a72a48 * keylist.c (status_one_subpacket): New. Send the subpacket data to the
--status interface.

* card-util.c (card_edit): Show when admin is enabled or not.

* status.h, status.c: New STATUS_SIG_SUBPACKET type.

* build-packet.c (build_sig_subpkt): Multiple keyserver URLs are allowed.
2004-10-28 03:14:55 +00:00
David Shaw
f13bba108a * keylist.c (list_keyblock_print): Show the fingerprint after the key, not
after the first user ID.

* keyedit.c (show_key_with_all_names): Don't show validity if we're just
printing user IDs for signing.

* armor.c (fake_packet): Properly handle the case where the line is
dash-space (i.e. a blank line that was quoted).  Give a warning for bad
dash escaping.
2004-10-14 20:13:16 +00:00
David Shaw
b1e2c5398f * helptext.c, pkclist.c (do_we_trust): It is not possible to get here with
a revoked or expired key, so BUG() that case.  Remove question about
overriding revoked/expired.  Also --keyid-format-ify. (do_we_trust_pre):
Use print_pubkey_info() instead of printing the info ourselves.

* passphrase.c (passphrase_to_dek): Improve translatability of user ID
prompts.

* keylist.c (print_pubkey_info): Use the user ID the pk was selected by,
if any.
2004-10-06 21:50:23 +00:00
David Shaw
8da1dfeed0 * keyedit.c, keylist.c, keyserver.c, mainproc.c: The
revoked/expired/expires string change of 2004-09-29 was too simple.  Use
two styles for each tag.
2004-10-06 19:51:45 +00:00
David Shaw
742682bf95 * keyedit.c, keylist.c, keyserver.c, mainproc.c: Reduce the many
variations of "revoked" ("revoked", "[revoked]", " [revoked]", "[revoked]
") "and" expired down to two to simplify translation.
2004-09-29 17:41:58 +00:00
Werner Koch
9d17a635c9 * gpg.sgml: Document -K.
* g10.c: Make -K an alias for --list-secret-keys.

* keylist.c (print_card_serialno): New. Taken from gnupg 1.9.11.
(list_keyblock_print): Make use of it.
* keyedit.c (show_key_with_all_names): Print the card S/N.

* keyedit.c (keyedit_menu): New command ADDCARDKEY.
* card-util.c (card_generate_subkey): New.
* keygen.c (generate_card_subkeypair): New.
(gen_card_key): New arg IS_PRIMARY; changed all callers.

* cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.
2004-09-20 18:38:39 +00:00
David Shaw
b7be7d59b1 * main.h, keylist.c (print_subpackets_colon): Make a public function.
* keyedit.c (print_and_check_one_sig_colon): New.  Print a with-colons
version of the sig record. (menu_delsig): Call it here for a with-colons
delsig.
2004-09-13 12:31:25 +00:00
David Shaw
e7c94128b2 * options.h, keylist.c (print_one_subpacket, print_subpackets_colon):
Print a spk record for each request subpacket. (list_keyblock_colon): Call
them here.

* g10.c (parse_subpacket_list, parse_list_options): New.  Make the list of
subpackets we are going to print. (main): Call them here.
2004-09-12 15:27:38 +00:00
David Shaw
9d4327ba4d * keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
and remove the printable stuff since we're print-ifying valid utf8
characters.  Change all callers in import.c, sign.c, keylist.c, and
encode.c.
2004-08-23 17:55:49 +00:00
David Shaw
0aad41079e * keylist.c (list_keyblock_print): Always use the new listing format where
uids are always on a line for themselves.  Mark expired secret keys as
expired.

* options.h, g10.c (main): Rename list show-validity to show-uid-validity
as it only shows for uids.

* armor.c (armor_filter): Do not use padding to get us to 8 bytes of
header.  Rather, use 2+4 as two different chunks.  This avoids a fake
filename of "is".
2004-07-16 14:30:55 +00:00
Werner Koch
536841ecae * keylist.c (show_policy_url, show_keyserver_url, show_notation)
(list_one): Use const char* for i18n string helpers.

* keygen.c (do_generate_keypair, read_parameter_file): Really
close the files.
(do_generate_keypair): Create the secret key file using safe
permissions.  Noted by Atom Smasher.
2004-05-11 07:43:19 +00:00
David Shaw
f106448a7d * keylist.c (show_notation): Use bits to select which sort of notation to
show.  Don't allow a not-shown notation to prevent us from issuing the
proper --status-fd message.

* options.h, g10.c (main): Add show-std/standard-notations and
show-user-notations.  show-notations is both.  Default is to show standard
notations only during verify.  Change all callers.
2004-05-05 02:40:27 +00:00
David Shaw
0842905be3 * main.h, keylist.c (show_notation): Add argument to show only user
notations, only standard notations, or both.  Change all callers.

* keyserver.c (keyserver_spawn): We still need EXEC_TEMPFILE_ONLY.
2004-04-29 03:42:54 +00:00
David Shaw
a5208f2e1d * keylist.c (print_seckey_info, print_pubkey_info): --keyid-format
conversion. (list_keyblock_print): 0xshort should not push us into the new
list format since it is not much longer than regular 8-character short
keyids.
2004-03-06 20:45:44 +00:00
David Shaw
b8cd31217e * keydb.h, keyid.c (keystr_from_pk, keystr_from_sk): New functions to pull
a key string from a key in one step.  This isn't faster than before, but
makes for neater code.

* keylist.c (list_keyblock_print): Use keystr_from_xx here.
(print_key_data): No need to pass a keyid in.
2004-03-06 17:12:44 +00:00
David Shaw
2d7fe1d3a1 * options.h, g10.c (main): Add a more flexible --keyid-format option to
replace the list-option (and eventually verify-option) show-long-keyids.
The format can be short, long, 0xshort, and 0xlong.

* keydb.h, keyid.c (keystr, keystrlen): New functions to generate a
printable keyid.

* keyedit.c (print_and_check_one_sig, show_key_with_all_names), keylist.c
(list_keyblock_print): Use new keystr() function here to print keyids.
2004-03-03 05:47:51 +00:00
David Shaw
aa5f1940ff * options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-unusable-subkeys" list-option to show revoked and/or expired
subkeys.
2004-02-11 13:46:23 +00:00
David Shaw
7198879ca8 * keyedit.c (keyedit_menu): Prompt for subkey removal for both secret and
public subkeys.

* keylist.c (list_keyblock_print), keyedit.c (show_key_with_all_names):
Show the revocation date of a key/subkey, and general formatting work.

* packet.h, getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
merge_selfsigs): Keep track of the revocation date of a key.

* keydb.h, keyid.c (revokestr_from_pk): New function to print the
revocation date of a key.
2004-02-11 04:32:52 +00:00
David Shaw
9842d84da0 * keygen.c (keygen_set_std_prefs): Build the default preferences list at
runtime as it properly handles algorithms disabled at build or run time.

* getkey.c (merge_selfsigs_main): Properly handle expired user IDs when
the expired self-sig is not the only self-sig.

* misc.c (compress_algo_to_string): Return NULL on failure like all of the
other xxxx_algo_to_string() functions.

* mainproc.c (list_node): Minor spacing tweak to match --list-keys output.

* keylist.c (list_keyblock_print), mainproc.c (list_node): Mark revoked
subkeys as revoked.  Requested by Matthew Wilcox.  Revoked overrides
expiration when both apply.

* keyedit.c (show_prefs): Use compress algo constants.
(show_basic_key_info): Make revoked and expired tags translatable.

* g10.c (rm_group): Properly ungroup from a list of groups.
2004-02-10 22:42:34 +00:00
David Shaw
0030198cad * g10.c (main, rm_group): Add --ungroup command to remove a particular
group. (add_group): When adding a group with the same name as an already
existing group, merge the two groups. (list_config): Show an error message
when listing a config item that doesn't exist. (main): Replace -z0 trick
for no compression.

* packet.h, keyedit.c (show_key_with_all_names_colon), keylist.c
(list_keyblock_colon), mainproc.c (list_node, proc_tree): Minor cleanup to
remove local_id, which is no longer used.
2004-01-30 16:49:28 +00:00
David Shaw
97efb85f51 * keylist.c (set_attrib_fd): Open attribute fd in binary mode. This isn't
meaningful on POSIX systems, but the Mingw builds aren't exactly POSIX.
2004-01-21 04:35:32 +00:00
David Shaw
80caf9957f * options.h, g10.c, keyedit.c, keylist.c, mainproc.c: Clarify the
plurarility (or not) of various list and verify options.
2003-11-14 05:06:19 +00:00
Werner Koch
be239a058a * DETAILS: Add the 'a' value for field 12 and the new field 15.
* keylist.c (list_keyblock_print): Denote secrets keys stored on a
card with an '>'. Print the '#' also for subkeys.
(list_keyblock_colon): Introduce new field 15 for sec/ssb to print
the serial number.
2003-10-28 09:25:06 +00:00
Werner Koch
99cabff03f * cardglue.c (learn_status_cb): Release values before assignment
so that it can be used by getattr to update the structure.
(agent_scd_getattr): New.

* keylist.c (print_pubkey_info): Add FP arg for optional printing
to a stream.  Changed all callers.
2003-10-02 10:20:12 +00:00
David Shaw
52100b459a * gpgv.c (check_trustdb_stale): Stub.
* trustdb.c (get_validity): Move the up-to-date check to
check_trustdb_stale (new), so that it can be called before validity is
checked.

* keylist.c (list_keyblock_print): Disable the overall key validity
display until it can be thought about more.  Use check_trustdb_stale here
to avoid putting the check warning in the middle of a listed key.

* trustdb.c (init_trustdb): Only verify_own_keys() for those trust models
that it applies to (i.e. classic and OpenPGP).
2003-09-30 15:30:39 +00:00
Werner Koch
8062cb418a * keygen.c (do_add_key_flags, parse_parameter_usage): Add support
the proposed AUTH key flag.
* getkey.c (fixup_uidnode, merge_selfsigs_main)
(merge_selfsigs_subkey, premerge_public_with_secret): Ditto.
* keylist.c (print_capabilities): Ditto.

* parse-packet.c (parse_key): Allow to parse the divert-to-card
S2K mode.
* build-packet.c (do_secret_key): Handle divert-to-card S2K
* seckey-cert.c (is_secret_key_protected): Ditto.
(check_secret_key): Ditto.

* keygen.c (do_ask_passphrase): Renamed from ask_passphrase.
* passphrase.c (ask_passphrase): New.
2003-09-30 08:00:08 +00:00
David Shaw
e70e41612f * options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-unusable-uids" list-option to show revoked and/or expired user IDs.
2003-09-25 04:03:11 +00:00
David Shaw
653da12d2c * main.h, keygen.c (keygen_add_keyserver_url): Signature callback for
adding a keyserver URL.

* keyedit.c (keyedit_menu, menu_set_keyserver_url): New command to set
preferred keyserver to specified (or all) user IDs.

* build-packet.c (build_sig_subpkt): Set preferred keyserver flag while
building a preferred keyserver subpacket.

* keylist.c (show_policy_url): Policy URLs might be UTF8.

* keyedit.c (menu_addrevoker): Fix leaking a few bytes.
2003-08-31 03:45:41 +00:00
David Shaw
68aa60e79c * mainproc.c (check_sig_and_print): Use two different preferred keyserver
displays - one if the key is not present (to tell the user where to get
the key), the other if it is present (to tell the user where the key can
be refreshed).

* packet.h, parse-packet.c (parse_signature): Set flag if a preferred
keyserver is present.

* keylist.c (list_keyblock_print): Show keyserver url in listings with
list-option show-keyserver-url.
2003-08-26 03:56:47 +00:00
David Shaw
752e3459ab * options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
(print_and_check_one_sig): New "show-sig-expire" list-option to show
signature expiration dates (if any).
2003-08-03 02:37:48 +00:00
David Shaw
fbdee01db9 * keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.

* sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.

* trustdb.h, trustdb.c (read_trust_options): New.  Returns items from the
trustdb version record.

* keylist.c (public_key_list): Use it here for the new "tru" record.

* gpgv.c (read_trust_options): Stub.
2003-07-21 23:19:15 +00:00
David Shaw
06442ab0da * packet.h, main.h, sig-check.c (signature_check2, check_key_signature2,
do_check): If ret_pk is set, fill in the pk used to verify the signature.
Change all callers in getkey.c, mainproc.c, and sig-check.c.

* keylist.c (list_keyblock_colon): Use the ret_pk from above to put the
fingerprint of the signing key in "sig" records during a --with-colons
--check-sigs.  This requires --no-sig-cache as well since we don't cache
fingerprints.
2003-07-20 00:10:13 +00:00
David Shaw
f4617d97b8 * parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.

* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).

* Makefile.am: Include W32LIBS where appropriate.

* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.

* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.

* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.

* options.skel: Use subkeys.pgp.net as the default keyserver.

* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.

* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction.  This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.

* signal.c, tdbio.c: Comment out the transaction code.  It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).

* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading.  This
is a temporary kludge, and will be handled properly in 1.9/2.0.

* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.

* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids).  Do not allow signing a user ID without a
self-signature.  --expert overrides.  Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181

* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl.  Noted by Christian Biere.

* getkey.c (classify_user_id2): Replaced isspace by spacep

* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.

* keyedit.c (keyedit_menu): Ditto.

* tdbdump.c (import_ownertrust): Ditto.  s/isxdigit/hexdigitp/.

* revoke.c (ask_revocation_reason):

* keyserver.c (keyserver_spawn): Dito.
2003-07-10 14:30:07 +00:00
David Shaw
4d3fecee56 * options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since
they at least handle subkeys correctly.

* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
parse_one_sig_subpkt, can_handle_critical): Add read-only support for
preferred keyserver subpackets.  They're basically policy URLs with a
different name.  Add a verify-option "show-preferred-keyserver" to turn
them on and off (on by default, as per stable branch).

* g10.c (main): Add "--set-notation" as alias to "--notation-data" this is
to make things consistent with --set-policy-url meaning both sigs and
certs.
2003-06-05 02:06:12 +00:00
David Shaw
7c9855aaa2 * options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-validity" and "show-long-keyid" list-options.

* gpgv.c (get_validity, trust_value_to_string): Stubs.

* g10.c (main): Use SAFE_VERSION instead of VERSION in the
version-specific gpg.conf file so it can be overridden on RISCOS.
2003-06-03 17:47:58 +00:00
David Shaw
27ec3d9201 * g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
(check_sig_and_print): Emulate the old policy and notation behavior
(display by default).  Send to status-fd whether it is displayed on the
screen or not.

* g10.c (main): Since we now have some options in devel that won't work in
a stable branch gpg.conf file, try for a version-specific gpg.conf-VERSION
file before falling back to gpg.conf.

* main.h, options.h: Move various option flags to options.h.
2003-06-01 15:36:13 +00:00
David Shaw
b17358948d * mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
show_notation): Collapse the old print_notation_data into show_policy()
and show_notation() so there is only one function to print notations and
policy URLs.

* options.h, main.h, g10.c (main), keyedit.c (print_and_check_one_sig),
keylist.c (list_one, list_keyblock_print), pkclist.c (do_edit_ownertrust),
sign.c (mk_notation_and_policy): New "list-options" and "verify-options"
commands.  These replace the existing --show-photos/--no-show-photos,
--show-notation/--no-show-notation,
--show-policy-url/--no-show-policy-url, and --show-keyring options.  The
new method is more flexible since a user can specify (for example) showing
photos during sig verification, but not in key listings.  The old options
are emulated.
2003-05-31 23:23:19 +00:00
David Shaw
9390fe676b * keylist.c (list_one): Don't show the keyring filename when in
--with-colons mode.  Actually translate "Keyring" string.

* mainproc.c (proc_tree): We can't currently handle multiple signatures of
different classes or digests (we'd pretty much have to run a different
hash context for each), but if they are all the same, make an exception.
This is Debian bug #194292.

* sig-check.c (check_key_signature2): Make string translatable.

* packet.h, getkey.c (fixup_uidnode): Mark real primary uids differently
than assumed primaries.

* keyedit.c (no_primary_warning): Use the differently marked primaries
here in a new function to warn when an --edit-key command might rearrange
the self-sig dates enough to change which uid is primary. (menu_expire,
menu_set_preferences): Use no_primary_warning() here.

* Makefile.am: Use @DLLIBS@ for -ldl.
2003-05-31 04:06:06 +00:00
David Shaw
2e821d77f7 * trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename
is_disabled to cache_disabled_value, which now takes a pk and not just the
keyid. This is for speed since there is no need to re-fetch a key when we
already have that key handy.  Cache the result of the check so we don't
need to hit the trustdb more than once.

* getkey.c (skip_disabled): New function to get a pk and call is_disabled
on it. (key_byname): Use it here.

* packet.h, getkey.c (skip_disabled), keylist.c (print_capabilities): New
"pk_is_disabled" macro to retrieve the cached disabled value if available,
and fill it in via cache_disabled_value if not available.

* trustdb.c (get_validity): Cache the disabled value since we have it
handy and it might be useful later.

* parse-packet.c (parse_key): Clear disabled flag when parsing a new key.
Just in case someone forgets to clear the whole key.

* getkey.c (merge_selfsigs_main): Add an "if all else fails" path for
setting a single user ID primary when there are multiple set primaries all
at the same second, or no primaries set and the most recent user IDs are
at the same second, or no signed user IDs at all. This is arbitrary, but
deterministic.

* exec.h, photoid.h: Add copyright message.

* keylist.c (list_keyblock_print): Don't dump attribs for
revoked/expired/etc uids for non-colon key listings.  This is for
consistency with --show-photos.

* main.h, keylist.c (dump_attribs), mainproc.c (check_sig_and_print): Dump
attribs if --attrib-fd is set when verifying signatures.

* g10.c (main): New --gnupg option to disable the various --openpgp,
--pgpX, etc. options.  This is the same as --no-XXXX for those options.

* revoke.c (ask_revocation_reason): Clear old reason if user elects to
repeat question.  This is bug 153.

* keyedit.c (sign_uids): Show keyid of the key making the signature.
2003-05-21 16:42:22 +00:00
David Shaw
2659e53b6e * mainproc.c (list_node): Show signature expiration date in with-colons
sig records.

* keylist.c (list_keyblock_colon), mainproc.c (list_node): Show trust sig
information in with-colons sig records.
2003-01-27 21:49:37 +00:00
David Shaw
773513c70b * packet.h, parse-packet.c (setup_user_id), free-packet.c (free_user_id),
keydb.h, keyid.c (namehash_from_uid): New function to rmd160-hash the
contents of a user ID packet and cache it in the uid object.

* keylist.c (list_keyblock_colon): Use namehash in field 8 of uids.  Show
dates for creation (selfsig date), and expiration in fields 6 and 7.

* trustdb.c (get_validity, get_validity_counts, update_validity): Use new
namehash function rather than hashing it locally.
2003-01-14 18:13:22 +00:00
David Shaw
8b3b70499a * armor.c (armor_filter): Comment about PGP's end of line tab problem.
* trustdb.h, trustdb.c (trust_letter): Make static. (get_ownertrust_info,
get_validity_info): Don't mask the trust level twice.

* trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info),
keylist.c (list_keyblock_colon), keyedit.c (show_key_with_all_names_colon,
menu_revuid): Pass a user ID in rather than a namehash, so we only have to
do the hashing in one place.

* packet.h, pkclist.c (build_pk_list), free-packet.c
(release_public_key_parts): Remove unused namehash element for public
keys.
2003-01-11 03:57:00 +00:00
David Shaw
c974390d37 * keylist.c (print_capabilities): Show 'D' for disabled keys in
capabilities section.

* trustdb.c (is_disabled): Remove incorrect comment.
2003-01-06 21:01:44 +00:00
David Shaw
e357092285 * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.

* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 23:31:48 +00:00
David Shaw
365011c8f1 * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.

* getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 13:23:03 +00:00
David Shaw
09158d1e99 * packet.h, trustdb.h, trustdb.c (trust_string): New. Return a string
like "fully trusted", "marginally trusted", etc. (get_min_ownertrust):
New.  Return minimum ownertrust. (update_min_ownertrust): New.  Set
minimum ownertrust. (check_regexp): New.  Check a regular epression
against a user ID. (ask_ownertrust): Allow specifying a minimum value.
(get_ownertrust_info): Follow the minimum ownertrust when returning a
letter. (clear_validity): Remove minimum ownertrust when a key becomes
invalid. (release_key_items): Release regexp along with the rest of the
info. (validate_one_keyblock, validate_keys): Build a trust sig chain
while validating.  Call check_regexp for regexps.  Use the minimum
ownertrust if the user does not specify a genuine ownertrust.

* pkclist.c (do_edit_ownertrust): Only allow user to select a trust level
greater than the minimum value.

* parse-packet.c (can_handle_critical): Can handle critical trust and
regexp subpackets.

* trustdb.h, trustdb.c (clear_ownertrusts), delkey.c (do_delete_key),
import.c (import_one): Rename clear_ownertrust to clear_ownertrusts and
have it clear the min_ownertrust value as well.

* keylist.c (list_keyblock_print): Indent uid to match pub and sig.
2002-10-30 03:11:57 +00:00
David Shaw
809b8b031a * keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.

* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.

* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).
2002-10-29 18:00:07 +00:00
Timo Schulz
aa853f1eb5 2002-10-18 Timo Schulz <ts@winpt.org>
* keylist.c: (print_pubkey_info): New.
        (print_seckey_info): New.
        * main.h: Prototypes for the new functions.
        * delkey.c (do_delete_key): Use it here.
        * revoke.c (gen_desig_revoke): Ditto.
2002-10-18 15:41:33 +00:00
David Shaw
e4f5b9b4c2 * import.c (import_keys_internal): Missed one s/inp/inp2/.
* keylist.c (print_capabilities): Properly indicate per-key capabilities
of sign&encrypt primary keys that have secret-parts-missing (i.e. no
capabilities at all)

* mainproc.c (symkey_decrypt_sesskey): Fix compiler warning.
2002-10-07 22:19:11 +00:00