David Shaw
4e27a9f5da
* trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in
...
the sigs that are cleaned. Suggested by Dirk Traulsen and many others.
2005-11-02 16:47:02 +00:00
David Shaw
19de04694e
* import.c (import_one): Do collapse_uids() before we do any cleaning
...
so keyserver mangled keys with doubled user IDs can be properly
cleaned - possibly sigs on the different user IDs cancel each other
out.
* import.c (parse_import_options), export.c (parse_export_options):
List "xxx-clean" before the longer options so we don't end up with a
partial match on the longer options.
* trustdb.c (clean_uids_from_key): Return proper number of cleaned
user IDs. Don't count user IDs as cleaned unless we actually delete
something.
2005-11-02 05:22:01 +00:00
David Shaw
b3ea683ac9
* keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
...
adding a cert-only designated revoker. Code was looking for a key with
sign ability, and not cert ability. Noted by Timo Schulz.
2005-10-27 16:23:59 +00:00
Werner Koch
2b50f31435
cygwin fixes
2005-10-27 09:14:27 +00:00
David Shaw
b9f1815947
* keygen.c (proc_parameter_file): Default key and subkey usage flags to
...
algo capabilities if parameter file doesn't specify them. Noted by Timo
Schulz.
2005-10-26 16:09:23 +00:00
Werner Koch
c8571979ef
Fixed minor card related bugs and enhanced status messages
2005-10-18 17:41:20 +00:00
Werner Koch
9b7f1f6976
exported subkeys are now merged into one output keyblock
2005-10-17 17:21:15 +00:00
David Shaw
6c4e740a59
* keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
...
add 0x19 backsigs to old keys that don't have them.
* misc.c (parse_options): Fix build warning.
* main.h, keygen.c (make_backsig): Make public.
2005-10-14 04:07:13 +00:00
David Shaw
094a7ab401
* options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
...
(signature_check2): Add --require-backsigs and --no-require-backsigs.
Currently defaults to --no-require-backsigs.
2005-10-12 20:44:24 +00:00
David Shaw
47433adaa5
* getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
...
keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks. All is well, so I'm turning generation of backsigs on for new
keys. Checking for backsigs on verification is still off.
2005-10-11 22:13:49 +00:00
Werner Koch
02aefe3866
Yet another fix for the gpg.c rename
2005-10-06 10:38:23 +00:00
Werner Koch
3470697e72
Fixes for the g10.c -> gpg.c renamed
2005-10-05 18:22:36 +00:00
Werner Koch
bd1df0119c
Renamed g10.c to gpg.c
...
Filelength fixes for W32.
2005-10-05 16:58:50 +00:00
Werner Koch
d0b9ff171d
* mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
...
prompt.
2005-09-20 08:19:50 +00:00
David Shaw
8e17d6437d
* keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute
...
IDs as well as regular text IDs.
* plaintext.c (ask_for_detached_datafile): Use make_filename() on
filename so tilde expansion works.
2005-09-20 03:34:32 +00:00
David Shaw
4afa18bcaa
* main.h, misc.c (parse_options): Add the ability to have help
...
strings in xxx-options commands.
* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
2005-09-14 22:31:21 +00:00
David Shaw
65566b5633
* keyedit.c (show_names): Moved name display code out from
...
show_key_with_all_names. (keyedit_menu): Call it here for pref and
showpref so they can show only the selected user ID. Suggested by
Timo Schulz.
2005-09-10 16:50:41 +00:00
Werner Koch
b4b9f891e2
Updated card stuff to support T=0 cards.
2005-09-07 17:05:42 +00:00
Werner Koch
9a2a2904cc
Add "help" sub option to --*-options.
2005-09-07 15:53:03 +00:00
David Shaw
039c27f153
* parse-packet.c (enum_sig_subpkt, parse_signature,
...
parse_attribute_subpkts): Make a number of warnings verbose items.
These fire on many slightly mangled keys in the field, so the
warning is becoming burdensome.
2005-09-02 19:23:33 +00:00
David Shaw
be8543812d
* photoid.h, photoid.c (generate_photo_id): Allow passing in a
...
suggested filename.
* keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto
filename" works.
2005-09-01 20:51:13 +00:00
David Shaw
187eaf0665
* photoid.c (generate_photo_id): Enable readline completion and tilde
...
expansion for the JPEG prompt.
2005-08-31 18:40:39 +00:00
David Shaw
f74282bee0
* misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing
...
algorithms.
* keyedit.c (sign_uids): Don't request a signing key to make a
certification.
* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?) (print_key_flags): Show certify flag. (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
2005-08-27 03:09:40 +00:00
David Shaw
752d64bffc
* keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.
...
Suggested by Michael Schierl.
2005-08-27 02:56:51 +00:00
David Shaw
24adfe678d
* Makefile.am: No need to link with curl any longer.
...
* main.h, misc.c (path_access): New. Same as access() but does a PATH
search like execlp.
* keyserver.c (curl_can_handle): Removed. Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort. This is necessary because PGP LDAP and curl LDAP are apples
and oranges. (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.
2005-08-21 20:58:46 +00:00
David Shaw
2e8c02b54b
* exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read):
...
Minor cleanup to use bitfield flags instead of a bunch of integers.
2005-08-21 14:20:27 +00:00
David Shaw
5cb51422f9
* g10.c (main): Add aliases sign-with->local-user and user->recipient
...
to make switching from PGP command line to GPG easier.
2005-08-20 19:38:45 +00:00
David Shaw
bd146d5fcc
* options.skel: Remove the surfnet LDAP keyserver from the list of
...
samples since it is being shut down.
* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.
2005-08-19 13:37:47 +00:00
David Shaw
9536012034
Missed keydb.h entry for set_passphrase_from_string
2005-08-06 21:17:11 +00:00
David Shaw
82bee9c68a
* g10.c (main), passphrase.c (set_passphrase_from_string): New
...
--passphrase command line option. Only useful in very special
circumstances.
2005-08-05 19:54:06 +00:00
Werner Koch
2ce542ad52
auto retrieve keys from PKA. Thsi allows to specify an email address
...
so that gpg can get the key from DNS. This helps with opportunistic
encryption. No integration with the trust modell yet.
2005-08-05 14:46:59 +00:00
David Shaw
533bc3e813
* keygen.c (proc_parameter_file): Sanity check items in keygen batch
...
file. Noted by Michael Schierl.
2005-08-05 03:30:13 +00:00
David Shaw
c765d1ee0c
* pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0.
...
Noted by Michael Schierl.
2005-08-05 02:03:12 +00:00
David Shaw
a4563ecd19
* keygen.c (write_keyblock): Don't try and build deleted kbnodes since
...
we start our tree with one.
2005-08-04 21:41:11 +00:00
David Shaw
5ce7563171
Revert bad patch.
2005-08-04 21:39:43 +00:00
David Shaw
bf4728992f
* keygen.c (start_tree): Need to use an actual packet type (which we
...
can then delete) to start the tree.
2005-08-04 20:48:13 +00:00
Werner Koch
cd4c621017
Fixes pertaining to revocation creation with subkey-only exported card keys
2005-08-04 09:53:21 +00:00
Werner Koch
986a137c58
Implemented PKA trust model
2005-07-28 18:59:36 +00:00
Werner Koch
a1cdf3c75f
Converted all m_free to xfree etc.
2005-07-27 18:10:56 +00:00
David Shaw
efea9c3ce1
* keyserver.c (keyserver_typemap): Special-case LDAP since curl will
...
report that it can handle it, and we don't want it to.
2005-07-27 01:24:57 +00:00
Werner Koch
a7ea40e4f8
* passphrase.c (agent_get_passphrase): Make sure to release the
...
saved codeset.
(agent_open): Add arg ORIG_CODESET and switch back to it in case
of error. Changed all callers.
* zh_TW.po, fr.po, cs.po: Updated.
2005-07-26 19:08:11 +00:00
Werner Koch
862652ebe1
Preparing a release
2005-07-26 15:41:04 +00:00
David Shaw
99c80f8c39
* keyedit.c (sign_uids): Don't prompt for setting signature expiry to
...
match key expiry unless --ask-cert-expire is set. Suggested by Peter
Palfrader.
2005-07-22 16:42:48 +00:00
Werner Koch
a486501c0b
* gpg.sgml (http):
...
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
2005-07-22 16:28:40 +00:00
David Shaw
04b9cec18f
* options.h, g10.c (main), keyedit.c (keyedit_menu): Use --interactive
...
to enable the uid walking when signing a key with no uids specified to
sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
2005-07-22 12:52:34 +00:00
David Shaw
a918d63fd5
* keyserver.c (curl_can_handle): New. Do a runtime check against libcurl
...
to see if it can handle a particular protocol. (keyserver_typemap): Call
it here.
* Makefile.am: Pull in libcurl for curl_version_info() if used.
2005-07-20 21:15:04 +00:00
Werner Koch
a0b4f40301
* g10.c, options.h: New option --limit-card-insert-tries.
...
* cardglue.c (open_card): Use it.
2005-07-19 12:14:39 +00:00
Werner Koch
730247b19e
* configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
...
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.
* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
2005-07-19 08:50:28 +00:00
Werner Koch
6dc5a11997
* tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols.
...
* ttyio.c (do_get): Move printing of the prompt after disabling
echo. Suggested by Scott Worley.
2005-07-18 17:58:25 +00:00
David Shaw
8238e7698b
* trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around
...
when compacting a uid. There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.
* keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed.
* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed). This allows
importing compacted uids.
2005-07-09 02:34:04 +00:00