1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

924 Commits

Author SHA1 Message Date
Werner Koch
c4ce7ce3e8 bumped version number 2002-03-03 15:04:50 +00:00
Werner Koch
1bc0c20edd *** empty log message *** SNAP-1-0-6d 2002-03-03 15:01:05 +00:00
Werner Koch
6669a3f09a released 1.0.6d 2002-03-03 14:59:43 +00:00
Werner Koch
6587b15a59 Solved conflict 2002-03-03 14:08:39 +00:00
David Shaw
fbc66185f8 This is the first half of revocation key / designated revoker
support.  That is, it handles all the data to mark a key as revoked if it
has been revoked by a designated revoker.  The second half (coming
later) will contain the code to make someones key your designated revoker
and to issue revocations for someone else.

Note that this is written so that a revoked revoker can still issue
revocations: i.e. If A revokes B, but A is revoked, B is still revoked.
I'm not completely convinced this is the proper behavior, but it matches
how PGP does it.  It does at least have the advantage of much simpler code
- my first version of this had lots of loop maintaining code so you could
chain revokers many levels deep and if D was revoked, C was not, which
meant that B was, and so on. It was sort of scary, actually.

This also changes importing to allow bringing in more revocation keys, and
exporting to not export revocation keys marked "sensitive".

The --edit menu information will show if a revocation key is present.
2002-02-28 21:01:25 +00:00
Timo Schulz
6be293e24b * http.c (write_server): Convert integer to a HANDLE for W32.
Usually there should be no problem, but maybe this is not true
for all W32 versions (2K, NT, XP, ME).
2002-02-28 19:28:27 +00:00
David Shaw
20dda47d6c Do not include v3 keys in a --export-secret-subkeys export. 2002-02-28 04:34:01 +00:00
David Shaw
8ed6d59a6c If a key isn't valid (say, because of no self-signature), allow
--always-trust to force it valid so it can be trusted.
2002-02-27 14:27:18 +00:00
David Shaw
6deb95687d Treat key lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it).  Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.

Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
2002-02-26 01:00:12 +00:00
David Shaw
3720c5b008 LDAP keyservers do not support v3 fingerprints, so error out if someone
tries.  Actually, they don't support any fingerprints, but at least we can
calculate a keyid from a v4 fingerprint.
2002-02-26 00:55:19 +00:00
David Shaw
070f1cba5d Clarify the notion of a partial failure. This is possible if more than
one key is being handled in a batch, and one fails while the other
succeeds.  Note that a search that comes up with no results is not a
failure - that is a valid response of "no answer".

Allow GnuPG to send us full v4 fingerprints, long key ids, or short key
ids while fetching. Since the LDAP server doesn't actually handle
fingerprints, chop them down to long key ids for actual use.

When searching for a keyid, search for subkeys as well as primary keys.
This is mostly significant when automatically fetching the key based on
the id in a header (i.e. "signature made by....").  "no-include-subkeys"
disables.
2002-02-23 15:42:15 +00:00
David Shaw
393ba4f8a7 Detect a "no keys found" case even if the keyserver helper program does
not explicitly say how many keys were found.

Bug fix - don't report non-revoked keys as revoked in HKP key searches.
2002-02-22 03:11:15 +00:00
David Shaw
8ac8b1525e Catch corruption in HKP index lines (can be caused by broken or malicious
keyservers).

Add KEYSERVER_NOT_SUPPORTED for unsupported actions (say, a keyserver that
has no way to search, or a readonly keyserver that has no way to add).
Also add a USE_EXTERNAL_HKP define to disable the internal HKP keyserver
code.
2002-02-19 23:10:32 +00:00
David Shaw
3d8e692e2a Fix compiler warning. 2002-02-14 22:52:30 +00:00
David Shaw
c5f838a968 Be much more robust with mangled input files. 2002-02-14 19:33:47 +00:00
Werner Koch
3034b6752e doc fixes 2002-02-14 11:51:34 +00:00
Werner Koch
69688eab52 * pkclist.c (check_signatures_trust): Always print the warning for
unknown and undefined trust.  Removed the did_add cruft.  Reported
by Janusz A. Urbanowicz.
* g10.c: New option --no-use-agent.
Hmmm, is this a a good name?  --do-not-use-agent seems a bit to long.
2002-02-14 11:51:00 +00:00
Werner Koch
05705bcb1c * random.c (mix_pool): Removed the failsafe stuff again. It makes
the code more complicate and may give the path to more bugs.
2002-02-14 11:47:32 +00:00
David Shaw
dca36f6252 Bug fix - properly handle user IDs with colons (":") in them while HKP
searching.
2002-02-12 04:38:58 +00:00
Werner Koch
35aec9eee2 * random.c (add_randomness): Xor new data into the pool and not
just copy it.  This avoids any choosen input attacks which are not
serious in our setting because an outsider won't be able to mix
data in and even then we keep going with a PRNG.  Thanks to Stefan
Keller for pointing this out.
* random.c (mix_pool): Carry an extra failsafe_digest buffer
around to make the function more robust.
2002-02-10 21:34:27 +00:00
David Shaw
22f32c9472 For --sig-policy-url and --cert-policy-url, clarify what is a sig and what
is a cert.  A sig has sigclass 0x00, 0x01, 0x02, or 0x40, and everything
else is a cert.

Add a "nrlsign" for nonrevocable and local key signatures.

Add a --no-force-mdc to undo --force-mdc.

Add a knob to force --disable-mdc/--no-disable-mdc.  Off by default, of
course, but is used in --pgp2 and --pgp6 modes.

Allow specifying multiple users in the "Enter the user ID" loop.  Enter a
blank line to stop.  Show each key+id as it is added.

It is not illegal (though possibly silly) to have multiple policy URLs in
a given signature, so print all that are present.

More efficient implementation of URL-ifying code for --search on an HKP
keyserver.
2002-02-10 00:18:54 +00:00
David Shaw
9057172a92 Allow policy URLs with %-expandos in them. This allows policy URLs like
"http://notary.jabberwocky.com/keysign/%K" to create a per-signature
policy URL.  Use the new generic %-handler for the photo ID stuff as well.

Display policy URLs and notations during signature generation if
--show-policy-url/--show-notation is set.
2002-02-05 00:04:24 +00:00
David Shaw
02fe4b0185 Workaround for the pksd and OKS keyserver bug that calculates v4 RSA
keyids as if they were v3.  The workaround/hack is to fetch both the v4
(e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids.  This only happens for key
refresh while using the HKP scheme and the refresh-add-fake-v3-keyids
keyserver option must be set.  This should stay off by default.
2002-02-04 21:49:08 +00:00
David Shaw
346b795eb9 Bug fix - do not append keys to each other when --sending more than one. 2002-02-04 05:19:24 +00:00
David Shaw
0c3e409fa3 Split "--set-policy-url" into "--cert-policy-url" and "--sig-policy-url"
so the user can set different policies for key and data signing.  For
backwards compatibility, "--set-policy-url" sets both, as before.
2002-02-03 14:42:56 +00:00
Werner Koch
e245123907 * g10.c (main): --gen-random --armor does now output a base64
encoded string.
2002-01-30 16:29:56 +00:00
David Shaw
04d8d2263c --pgp6 flag. This is not nearly as involved as --pgp2. In short, it
turns off force_mdc, turns on no_comment, escape_from, and force_v3_sigs,
and sets compression to 1.  It also restricts the user to IDEA (if
present), 3DES, CAST5, MD5, SHA1, and RIPEMD160. See the comments above
algo_available() for lots of discussion on why you would want to do this.
2002-01-29 01:12:00 +00:00
David Shaw
77afb82dc2 Do not cache fdopened fds on close. 2002-01-27 19:43:33 +00:00
David Shaw
3e6d5d7c77 More comments about when to use IDEA in keygen.c
When key signing with multiple keys at the same time, make sure each key
gets the sigclass prompt
Close the iobuf and FILE before trying to reap the child process to
encourage the child to exit
Disable cache-on-close of the fd iobuf (shouldn't all fd iobufs not be
cached?)
2002-01-27 05:56:35 +00:00
Timo Schulz
fe78130ac7 Added the missing file. 2002-01-26 17:49:41 +00:00
Timo Schulz
21791fc5b7 Registry file for W32. 2002-01-26 17:47:38 +00:00
Werner Koch
086fd3551c * gpg.sgml: A few words about --gpg-agent-info and GPG_AGENT_INFO. 2002-01-26 16:35:20 +00:00
Werner Koch
89881aaf5f Updates 2002-01-26 16:35:03 +00:00
Werner Koch
806a4fa16e * g10.c, options.h: New option --gpg-agent-info
* passphrase.c (agent_open): Let it override the environment info.
* seckey-cert.c (check_secret_key): Always try 3 times when the
agent is enabled.
* options.skel: Describe --use-agent.
2002-01-26 16:34:00 +00:00
Timo Schulz
441eb085c9 * README.W32: Modify the filename because now the .exe extension
is automatically added to the binary.
2002-01-25 18:36:16 +00:00
David Shaw
a6f19f40d9 Only check preferences against keys with v4 self sigs as v3 sigs have no
prefs
Only put in the fake IDEA preference with --pgp2 mode
Print "Expired" for expired but good signatures.
2002-01-24 23:54:36 +00:00
David Shaw
1cad77d9b4 Cosmetic: don't present a RSA signing key as a "keypair" which can be 768
bits long (as RSA minimum is 1024)
Allow IDEA as a fake preference for v3 keys with v3 selfsigs when
verifying that a cipher is in preferences while decrypting
2002-01-23 22:17:45 +00:00
David Shaw
1dbd67b96a Some compatibility polish for PGP2. Add a fake IDEA preference for v3
keys (this is in the RFC), so that they can be (sometimes) used along
OpenPGP keys.  Do not force using IDEA on an OpenPGP key, as this may
violate its prefs.
Also, revise the help text for the sig class explanation.
2002-01-22 20:39:10 +00:00
Werner Koch
5a92c6052f * passphrase.c (passphrase_to_dek): Add tryagain_text arg to be
used with the agent.  Changed all callers.
(agent_get_passphrase): Likewise and send it to the agent
* seckey-cert.c (do_check): New arg tryagain_text.
(check_secret_key): Pass the string to do_check.
* keygen.c (ask_passphrase): Set the error text is required.
* keyedit.c (change_passphrase): Ditto.
* passphrase.c (agent_open): Disable opt.use_agent in case of a
problem with the agent.
(agent_get_passphrase): Ditto.
(passphrase_clear_cache): Ditto.
2002-01-20 18:33:04 +00:00
Werner Koch
1e7350da8e Removed debugging output 2002-01-19 20:27:10 +00:00
Werner Koch
646b214d48 * passphrase.c (agent_open): Add support for the new Assuan based
gpg-agent.  New arg to return the used protocol version.
(agent_get_passphrase): Implemented new protocol here.
(passphrase_clear_cache): Ditto.
2002-01-19 18:30:27 +00:00
Timo Schulz
e17cd91abe New command --decrypt-files.
Some fixes.
2002-01-15 16:52:36 +00:00
Timo Schulz
b3a5994235 Fixed some typos. 2002-01-12 22:31:41 +00:00
David Shaw
03c95c69a0 Add documentation for --{no-}ask-cert-expire and --{no-}ask-sig-expire
Revise --expire (it doesn't switch on the expiration prompt any longer)
Revise --default-check-level to be clearer as to what makes a good key
check before signing
2002-01-11 23:42:49 +00:00
David Shaw
bd5517b9e2 Move idea_cipher_warn to misc.c so gpgv.c doesn't need a stub
Remove get_temp_dir (it's in exec.c now)
Allow --delete-key (now --delete-keys, though --delete-key still works) to
delete multiple keys in one go.  This applies to
--delete-secret-key(s) and --delete-secret-and-public-key(s) as well
2002-01-09 19:59:26 +00:00
Timo Schulz
0bd41cc2e5 New code for encode_crypt_files. 2002-01-09 18:52:19 +00:00
Timo Schulz
d346578fb1 Added missing include file. 2002-01-09 14:58:59 +00:00
Timo Schulz
05a91bd54f Better description for --encrypt-files. 2002-01-08 22:19:38 +00:00
Werner Koch
c930e300a8 * g10.c (main): Must register the secring for encryption because
it is needed to figure out the default recipient.  Reported by
Roger Sondermann.
2002-01-08 19:40:01 +00:00
Werner Koch
dfd091cf52 * secmem.c (print_warn): Print a pointer to the FAQ. 2002-01-08 19:29:35 +00:00