1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-13 22:08:52 +01:00
Commit Graph

458 Commits

Author SHA1 Message Date
David Shaw
44aa6f9d4d * sign.c (update_keysig_packet): Policies and notations should be stripped
out when remaking a self-signature.  Noted by Atom Smasher.
2004-05-19 02:22:05 +00:00
Werner Koch
9953adb5e7 (do_generate_keypair, read_parameter_file): Really
close the files.
(do_generate_keypair): Create the secret key file using safe
permissions.  Noted by Atom Smasher.
2004-05-11 07:42:03 +00:00
Werner Koch
88dcf26646 (write_plaintext_packet): Fixed the detection of too
large files in the same way as in encode.c.
2004-05-07 09:32:53 +00:00
David Shaw
4a07655935 * keygen.c (make_backsig): If DO_BACKSIGS is not defined, do not create
backsigs.

* getkey.c (merge_selfsigs_subkey): Find 0x19 backsigs on subkey selfsigs
and verify they are valid.  If DO_BACKSIGS is not defined, fake this as
always valid.

* packet.h, parse-packet.c (parse_signature): Make parse_signature
non-static so we can parse 0x19s in self-sigs.

* main.h, sig-check.c (check_backsig): Check a 0x19 signature.
(signature_check2): Give a backsig warning if there is no or a bad 0x19
with signatures from a subkey.
2004-04-23 03:01:53 +00:00
David Shaw
8030362eae * parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
can_handle_critical): Parse and display 0x19 signatures.
2004-04-22 00:45:28 +00:00
David Shaw
e161b21b53 * keyserver.c (parse_keyserver_uri): Do not accept "http" as an alias for
"hkp".  They are not the same thing.
2004-04-20 19:37:58 +00:00
David Shaw
ce7d313333 * keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys.  Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.

* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).

* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-13 01:17:32 +00:00
David Shaw
7ac574aeea * g10.c (main): --no-use-embedded-filename.
* plaintext.c (handle_plaintext): Accept 'u' as a plaintext mode that
requires end of line conversion.  This is being considered for a UTF8 text
packet.  If this doesn't take place, no major harm done.  If it does take
place, we'll get a jump on starting the changeover.
2004-04-01 04:02:27 +00:00
Werner Koch
42ac422ba0 *** empty log message *** 2004-03-29 13:56:57 +00:00
David Shaw
4c8b18363f * keyedit.c (keyedit_menu): Request a trustdb update when adding a new
user ID so the new ID gets validity set.  Reported by Owen Taylor.
2004-03-27 21:57:04 +00:00
David Shaw
5b9ec9dc31 * build-packet.c (calc_plaintext, do_plaintext): Do not create illegal
(packet header indicates a size larger than the actual packet) encrypted
data packets when not compressing and using a filename longer than 255
characters.
2004-03-26 19:49:01 +00:00
David Shaw
00bdac950e * options.h, g10.c (main), compress-bz2.c (init_uncompress): Backport
--bzip2-decompress-lowmem since we do handle receiving a bzip2 message on
the stable branch.
2004-03-25 22:53:54 +00:00
David Shaw
fd2e1cd717 * keyedit.c (no_primary_warning): Cleanup. (menu_expire): Don't give
primary warning for subkey expiration changes.  These cannot reorder
primaries.
2004-03-23 15:18:10 +00:00
David Shaw
2980b7129f * packet.h, getkey.c (fixup_uidnode, merge_selfsigs_subkey): Keep track of
which self-sig we actually chose.

* keyedit.c (menu_expire, menu_set_primary_uid, menu_set_preferences): Use
it here to avoid updating non-used self-sigs and possibly promoting an old
self-sig into consideration again.
2004-03-22 20:56:30 +00:00
David Shaw
8e5f3ce846 * keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
2004-03-18 19:43:07 +00:00
David Shaw
8615da464e * keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey.  Do not overload the ret_sk.  This is some early cleanup
to do backsigs for signing subkeys.
2004-03-18 17:42:09 +00:00
David Shaw
be441babaa * import.c (import_one): Try and collapse user IDs when importing a key
for the first time.

* build-packet.c (do_comment, do_user_id): Try for a headerlen of 2 since
that's the smallest and most likely encoding for these packets

* keyedit.c (menu_addrevoker): Allow appointing a subkey as a designated
revoker if the user forces it via keyid!, so long as the subkey can
certify.  Also use the proper date string when prompting for confirmation.
2004-03-09 20:49:31 +00:00
Werner Koch
5be5a9bbfd * options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE.
* mainproc.c (check_sig_and_print): track whether we are
retrieving a key.
* status.c (status_currently_allowed): New.
(write_status_text, write_status_text_and_buffer): Use it here.
2004-03-01 20:00:39 +00:00
David Shaw
009af80106 * keyedit.c (menu_addrevoker): Do not allow appointing a subkey as a
designated revoker.
2004-02-27 19:56:15 +00:00
David Shaw
693e4440b2 * delkey.c (do_delete_key): Allow deleting a public key with a secret
present if --expert is set.

* plaintext.c (handle_plaintext): Make bytecount static so it works with
multiple literal packets inside a message.
2004-02-25 23:32:34 +00:00
David Shaw
ecb568502d * encode.c (encode_simple): Show cipher with --verbose.
* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level.  If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.

* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
2004-02-24 22:00:03 +00:00
David Shaw
2f0a98ad35 * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add
--min-cert-check-level option to specify minimum cert check level.
Defaults to 1 (so no sigs are ignored).  0x10 sigs cannot be ignored.

* options.h, g10.c (main), plaintext.c (handle_plaintext): Add
--max-output option to help people deal with decompression bombs.
2004-02-23 18:35:05 +00:00
David Shaw
95b6aacacc * build-packet.c (do_user_id): Do not force a header for attribute packets
as they require a new CTB, and we don't support forced headers for new
CTBs yet.
2004-02-15 15:49:05 +00:00
David Shaw
a860dd0a51 * build-packet.c (write_header2): If a suggested header length is provided
along with a zero length, interpret this as an actual zero length packet
and not as an indeterminate length packet. (do_comment, do_user_id): Use
it here as these packets might be naturally zero length.

* parse-packet.c (parse): Show packet type when failing due to an
indeterminate length packet.
2004-02-14 17:30:45 +00:00
David Shaw
f7d47d03d6 * import.c (import_one): Do the revocation check even in the case when a
key, a revocation key set in a direct key signature, and a revocation from
that revocation key, all arrive piecemeal. Needless to say, this is pretty
obscure.
2004-02-12 04:12:56 +00:00
David Shaw
97b52b35a0 * g10.c (rm_group): Properly ungroup from a list of groups. 2004-02-10 22:13:57 +00:00
David Shaw
8890842012 * misc.c (compress_algo_to_string): Return NULL on failure like all of the
other xxxx_algo_to_string() functions.

* mainproc.c (list_node): Minor spacing tweak to match --list-keys output.

* keylist.c (list_keyblock_print), mainproc.c (list_node): Mark revoked
subkeys as revoked.  Requested by Matthew Wilcox.  Make revoked and
expired tags translatable (they are already translated elsewhere).
Revoked overrides expiration when both apply.

* keyedit.c (show_prefs): Use compress algo constants.
(show_basic_key_info): Make revoked and expired tags translatable
(show_key_with_all_names): Revoked overrides expired when both apply.
2004-02-10 03:38:15 +00:00
David Shaw
b813a663d9 * getkey.c (merge_selfsigs_main): Properly handle expired user IDs when
the expired self-sig is not the only self-sig.
2004-02-07 15:09:26 +00:00
David Shaw
08c3d41cb3 * decrypt.c: Fix copyright date.
* packet.h, keyedit.c (show_key_with_all_names_colon), keylist.c
(list_keyblock_colon), mainproc.c (list_node, proc_tree): Minor cleanup to
remove local_id, which is no longer used.
2004-01-29 21:35:14 +00:00
David Shaw
bd31906a21 * g10.c (main, rm_group): Add --ungroup command to remove a particular
group. (add_group): When adding a group with the same name as an already
existing group, merge the two groups. (list_config): Show an error message
when listing a config item that doesn't exist.
2004-01-28 19:30:08 +00:00
David Shaw
8e2a476fb7 * getkey.c: Set MAX_PK_CACHE_ENTRIES and MAX_UID_CACHE_ENTRIES to
PK_UID_CACHE_SIZE (set in ./configure).

* getkey.c (get_pubkey): When reading key data into the cache, properly
handle keys that are partially (pk, no UIDs) cached already.  This is
Debian bug #176425 and #229549.
2004-01-27 17:36:26 +00:00
David Shaw
fc60e6779d * compress.c (init_compress): Remove "-z10" trick to get uncompressed data
inside a compressed data packet.  This is possibly dangerous without an
MDC. (push_compress_filter2): Do the right thing (i.e. nothing) with
compress algo 0.

* main.h, decrypt.c (decrypt_messages): Accept filenames to decrypt on
stdin.  This is bug #253.
2004-01-26 20:50:01 +00:00
David Shaw
7690350b7a * getkey.c (merge_selfsigs): If a subkey is already revoked by the owner,
don't allow a designated revokation of the whole key to override this.
We're still revoked either way, of course.
2004-01-21 23:41:42 +00:00
David Shaw
335d393062 * g10.c (list_config): Add "version" tag for --list-config. 2004-01-21 04:21:29 +00:00
David Shaw
3373615cfd * g10.c (collapse_args): New function to turn argc/argv into a single
string. (main): Use it here to pass list_config() more than one argument
as a single string. (print_algo_numbers): Helper to print algorithm
numbers. (list_config): Use it here for "pubkey", "cipher",
"hash"/"digest", and "compress" config options.
2004-01-16 00:52:08 +00:00
David Shaw
b644894902 * g10.c (list_config, main): New function to dump config options to
stdout.  Currently requires --with-colons.

* getkey.c, keylist.c, packet.h, pkclist.c: Fix copyright dates.
2004-01-13 22:24:23 +00:00
Werner Koch
39c7b95e93 * hkp.c (hkp_export): Send a content-type line. 2004-01-13 11:18:18 +00:00
David Shaw
aeb16fcca1 * packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), pkclist.c
(check_signatures_trust): Indicate who has revoked a key (the owner or a
designated revoker).  If a key was revoked by both, prefer the owner.
2004-01-09 20:32:36 +00:00
David Shaw
9e8788618f * sig-check.c: Copyright typo.
* keylist.c (set_attrib_fd): Open attribute fd in binary mode. This isn't
meaningful on POSIX systems, but the Mingw builds aren't exactly POSIX.
2004-01-06 04:33:09 +00:00
David Shaw
727171a6c1 * sig-check.c (check_revocation_keys): Comments.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.

* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs.  It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.

* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.

* compress-bz2.c: Include stdio.h.  Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
2003-12-29 03:40:21 +00:00
Werner Koch
5bec60f5ae * tdbio.c: Fixed format string bugs related to the sue of
DB_NAME.  Reported by Florian Weimer.
2003-12-23 19:20:15 +00:00
David Shaw
c6f07b53b2 * getkey.c (get_pubkey_fast): This one is sort of obscure. get_pubkey_fast
returns the primary key when requesting a subkey, so if a user has a key
signed by a subkey (we don't do this, but used to), AND that key is not
self-signed, AND the algorithm of the subkey in question is not present in
GnuPG, AND the algorithm of the primary key that owns the subkey in
question is present in GnuPG, then we will try and verify the subkey
signature using the primary key algorithm and hit a BUG().  The fix is to
not return a hit if the keyid is not the primary.  All other users of
get_pubkey_fast already expect a primary only.
2003-12-10 14:57:38 +00:00
David Shaw
f9fffa826c * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys for
anything except revocations.

* sign.c (do_sign): Add Elgamal encrypt-only keys to the signature
catchall.

* trustdb.c (mark_usable_uid_certs): Disallow signatures to and from
Elgamal encrypt-only keys in the trustdb.  Granted, this sounds strange,
but there are historical keys that fit this description.
2003-12-05 04:13:47 +00:00
Werner Koch
6970faab8f * mainproc.c (check_sig_and_print): Removed the "0x" again.
Reverts change from 2003-10-03.

* THANKS: Added Phong Nguyen, who found the Elgamal signing key
problem.

* configure.ac (ALL_LINGUAS): Added a Russian translation; thanks
to Maxim Britov.  Added Belarusion; thanks to Ales Nyakhaychyk.
2003-12-03 15:11:23 +00:00
David Shaw
39e551985d * g10.c (strusage, main): Show development version warning in --version
output.

* trustdb.c (mark_usable_uid_certs): Disallow signatures to and from an
Elgamal signing key in the trustdb.
2003-12-02 05:22:42 +00:00
David Shaw
b713d8464f * keygen.c (ask_algo): Remove ability to generate Elgamal sign+encrypt
keys.
2003-11-29 22:59:10 +00:00
David Shaw
74e3c5ac7d * revoke.c (gen_desig_revoke): Specify in the comment when a designated
revocation is generated.

* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys for
anything except revocations.

* sign.c (do_sign): Catchall for any Elgamal signatures except
revocations.
2003-11-29 22:44:05 +00:00
David Shaw
60cdcf61f5 * trustdb.c (validate_keys): Reset the trustdb before checking if we have
any ultimately trusted keys.  This ensures that if we lose all our
ultimately trusted keys, we don't leave behind the old validity
calculations.
2003-11-29 15:03:31 +00:00
David Shaw
f909811a73 * seskey.c (do_encode_md): Comment about earlier (pre-PGP 2.3) encodings.
* misc.c (compress_algo_to_string): Translate "Uncompressed". Requested by
Tommi Vainikainen.
2003-11-21 00:55:41 +00:00
David Shaw
4e4a23de9e * compress-bz2.c (init_compress): Compression level 0 is not meaningful
for bzip2.
2003-11-15 23:49:44 +00:00