* options.skel: Note that keyserver.pgp.com isn't synchronized, and
explain the roundrobin a bit better.
* sig-check.c (check_key_signature2), import.c (import_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids,
merge_blocks): Make much quieter during import of slightly munged, but
recoverable, keys. Use log_error for unrecoverable import failures.
* keyring.c (keyring_rebuild_cache): Comment.
* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.
Provide a signing-key-is-revoked flag. Change all callers.
* status.h, status.c (get_status_string): New REVKEYSIG status tag for a
good signature from a revoked key.
* mainproc.c (do_check_sig, check_sig_and_print): Use it here.
* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare actual
signatures on import rather than using keyid or class matching. This does
not change actual behavior with a key, but does mean that all sigs are
imported whether they will be used or not.
* parse-packet.c (parse_signature): Don't give "signature packet without
xxxx" warnings for experimental pk algorithms. An experimental algorithm
may not have a notion of (for example) a keyid (i.e. PGP's x.509 stuff).
(gpgsm_exit): Update the random seed file and enable debug output.
* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.
* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.
--sig-preferred-keyserver to implant a "where to get my key" subpacket
into a signature.
* sign.c (mk_notation_and_policy): Rename to mk_notation_policy_etc and
add preferred keyserver support for signatures.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.
* sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.
* trustdb.h, trustdb.c (read_trust_options): New. Returns items from the
trustdb version record.
* keylist.c (public_key_list): Use it here for the new "tru" record.
* gpgv.c (read_trust_options): Stub.
do_check): If ret_pk is set, fill in the pk used to verify the signature.
Change all callers in getkey.c, mainproc.c, and sig-check.c.
* keylist.c (list_keyblock_colon): Use the ret_pk from above to put the
fingerprint of the signing key in "sig" records during a --with-colons
--check-sigs. This requires --no-sig-cache as well since we don't cache
fingerprints.
* sc-copykeys.c: New.
* app-openpgp.c (app_openpgp_storekey): New.
(app_openpgp_cardinfo): New.
(count_bits): New.
(store_fpr): And use it here to get the actual length in bit.
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
* gpg.sgml: Document --set-notation. Explain why it is not possible to
disable permission warnings in the gpg.conf file about the homedir. Add
pointer in --ignore-time-conflict to see --ignore-valid from, and vice
versa. Warning not to try and parse --list-keys in scripts. Document the
signature flags (1-3/L/R/P/N/X), Document expandos %g and %p. Note the
default --personal-digest-preferences are "H2".
to avoid passing negative values and potential locale problems.
Problem noted by Christian Biere.
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
pass a negative value.
* miscutil.c (scan_isodatestr): Ditto.
This avoids a warning on compilers that support but complain about
unsigned long long.
* util.h (ascii_isspace): New variation on isspace() that is immune from
locale changes.
* util.h: Make sure that only ascii is passed to isfoo functions. (From
Werner on stable branch).
* configure.ac: Include wsock32 in W32LIBS. This is different from
NETLIBS so we don't need to force other platforms to pull in the netlibs
when they aren't actually needed.
* NEWS: Note portability changes.
* keygen.c (gen_card_key): Obviously we should use the creation
date received from SCDAEMON, so that the fingerprints will match.
* sign.c (do_sign): Pass the serialno to the sign code.
* keyid.c (serialno_and_fpr_from_sk): New.
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types. Note, that not all changes are listed below becuause they are
too similar and done at far too many places. As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
they at least handle subkeys correctly.
* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
parse_one_sig_subpkt, can_handle_critical): Add read-only support for
preferred keyserver subpackets. They're basically policy URLs with a
different name. Add a verify-option "show-preferred-keyserver" to turn
them on and off (on by default, as per stable branch).
* g10.c (main): Add "--set-notation" as alias to "--notation-data" this is
to make things consistent with --set-policy-url meaning both sigs and
certs.
"show-validity" and "show-long-keyid" list-options.
* gpgv.c (get_validity, trust_value_to_string): Stubs.
* g10.c (main): Use SAFE_VERSION instead of VERSION in the
version-specific gpg.conf file so it can be overridden on RISCOS.
David Shaw