1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-01 20:18:44 +01:00
Commit Graph

9094 Commits

Author SHA1 Message Date
David Shaw
4615a538bf * gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along with a
full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to find the
pgpServerInfo object.  Some LDAP setups don't like the search. (main):
Stop binding to the server since it seems no server really requires it,
and some require it not be there.
2004-08-23 03:13:27 +00:00
Werner Koch
ebaba6bdab * gpg-agent.c: New option --max-cache-ttl. Suggested by Alexander
Belopolsky.
* cache.c (housekeeping): Use it here instead of the hardwired
default of 1 hour.
2004-08-20 13:43:14 +00:00
Werner Koch
0ded031237 (start_pinentry): Use a timeout for the pinentry lock. 2004-08-20 13:03:32 +00:00
David Shaw
b9167cb0d8 * http.c (insert_escapes): Fix encoding problem for non-URI-safe
characters.  Noted by Vladimir Novak.
2004-08-19 21:19:37 +00:00
Werner Koch
bf256b9696 (encode_session_key): Changed the zero random byte
substituting code to actually do clever things.  Thanks to
Matthias Urlichs for noting the implementation problem.
2004-08-19 10:12:54 +00:00
Werner Koch
6c3677c296 (get_passphrase): Make sure that the default
prompts passed to gpg-agent are utf-8 encoded. Add new prompt values.
(import_p12_file, import_p12_file, export_p12_file): Changed calls
to get_passphrase so that better prompts are displayed.
(get_new_passphrase): New.
2004-08-18 16:21:13 +00:00
Werner Koch
fc07b029ea * certlist.c (gpgsm_cert_use_ocsp_p): New.
(cert_usage_p): Support it here.
* call-dirmngr.c (gpgsm_dirmngr_isvalid): Use it here.
2004-08-18 14:38:47 +00:00
Werner Koch
33310977ac (simple_pwquery): Handle gpg-error style return
code for canceled.
2004-08-18 14:37:22 +00:00
Werner Koch
9c6da35ea2 (print_sanitized_utf8_string): Actually implement
it.
2004-08-18 13:21:56 +00:00
Werner Koch
aac85ca314 (get_passphrase): Make sure that the default
prompts passed to gpg-agent are utf-8 encoded.
2004-08-18 12:47:33 +00:00
Marcus Brinkmann
75ac082a76 2004-08-18 Marcus Brinkmann <marcus@g10code.de>
* passphrase.c (agent_get_passphrase):
2004-08-18 00:06:08 +00:00
Marcus Brinkmann
9d864ebef7 2004-08-18 Marcus Brinkmann <marcus@g10code.de>
* passphrase.c (agent_get_passphrase):
2004-08-18 00:03:07 +00:00
Marcus Brinkmann
e5a6d2b456 2004-08-17 Marcus Brinkmann <marcus@g10code.de>
* import.c: Fix typo in last change.
2004-08-17 20:06:24 +00:00
Werner Koch
53f7e372b9 tests/pkits: New directory 2004-08-17 15:32:56 +00:00
Werner Koch
066352a6a5 * import.c (check_and_store): Do a full validation if
--with-validation is set.

* certchain.c (gpgsm_basic_cert_check): Print more detailed error
messages.

* certcheck.c (do_encode_md): Partly support DSA.  Add new arg
PKALGO. Changed all callers to pass it.
(pk_algo_from_sexp): New.

tests/pkits: New directory
2004-08-17 15:26:22 +00:00
Werner Koch
f5799d0170 (cmd_encrypt): Use DEFAULT_RECPLIST and not recplist
for encrypt-to keys.
2004-08-16 11:15:55 +00:00
Moritz Schulte
93b7fb4a17 2004-08-09 Moritz Schulte <moritz@g10code.com>
* gpgsm-gencert.sh: New file.
2004-08-09 11:58:26 +00:00
David Shaw
5d98f7afe5 * plaintext.c (handle_plaintext): Bigger buffer for extra safety.
* g10.c (main): New alias --throw-keyid for --throw-keyids, so that it
continues to work in old configuration files.  Noted by Jens Adam.

* pkclist.c (algo_available): --pgp8 now allows blowfish, zlib, and bzip2.

* status.c (do_get_from_fd): Flush stdout if status isn't flushing it for
us.  This guarantees that any menus that were displayed before the prompt
don't get stuck in a buffer.  Noted by Peter Palfrader.  This is Debian
bug #254072.

* sign.c (update_keysig_packet): Revert change of 2004-05-18.  It is not
appropriate to strip policy and notations when remaking a sig.  That
should only happen when specifically requested by the user.
2004-08-08 13:28:04 +00:00
David Shaw
84bd068355 * gpg.sgml: Remove show-long-keyids since it is replaced by
--keyid-format.  Rename show-validity as show-uid-validity.
--ask-cert-level defaults to no.
2004-08-07 14:36:47 +00:00
Werner Koch
f96ad015d8 * gpgsm.c: New option --with-ephemeral-keys.
* keylist.c (list_internal_keys): Set it here.
(list_cert_raw): And indicate those keys.  Changed all our callers
to pass the new arg HD through.
2004-08-06 16:14:10 +00:00
David Shaw
52a83025e9 * armor.c (radix64_read): No armor CRC is legal according to the spec (the
CRC is a MAY).
2004-08-05 20:18:44 +00:00
Werner Koch
818e9bad58 * configure.ac: Changed tests for libusb to also suuport the
stable version 0.1.x.

* scdaemon.texi (Card applications): New section.

* scdaemon.c (main): New option --disable-application.
* app.c (is_app_allowed): New.
(select_application): Use it to check for disabled applications.

* ccid-driver.h (CCID_DRIVER_ERR_ABORTED): New.
* ccid-driver.c (ccid_open_reader): Support the stable 0.1 version
of libusb.
(ccid_get_atr): Handle short messages.

* apdu.c (my_rapdu_get_status): Implemented.
2004-08-05 09:24:36 +00:00
David Shaw
f7a793ae28 * gpgkeys_ldap.c (main): Add "debug" option. This is only really useful
with OpenLDAP, but it's practically vital to debug SSL and TLS setups.
Add "basedn" option.  This allows users to override the autodetection for
base DN.  SSL overrides TLS, so TLS will not be started on SSL connections
(starting an already started car).
2004-07-29 14:01:04 +00:00
David Shaw
a2914a1592 * gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID"
attributes so we can do subkey searches.

* gpgkeys_ldap.c (main): Under certain error conditions, we might try and
unbind twice.  Don't.
2004-07-28 19:55:21 +00:00
David Shaw
4552115bbb * gpgkeys_ldap.c (join_two_modlists): New. (send_key): Use new function so
we can try a modify operation first, and fail over to an add if that
fails.  Add cannot cope with the NULLs at the head of the modify request,
so we jump into the list in the middle.
2004-07-28 19:45:23 +00:00
David Shaw
0d7aca863d * misc.c (argsplit): Properly split quoted args from the keyword and trim
whitespace afterwards.
2004-07-28 15:36:23 +00:00
David Shaw
a2e332cded * misc.c (optsep): Add the ability to understand keyword="quoted arg with
spaces" type options.
2004-07-28 04:12:50 +00:00
David Shaw
a32297863b * gpgkeys_ldap.c (main): Don't try and error out before making a ldaps
connection to the NAI keyserver since we cannot tell if it is a NAI
keyserver until we connect.  Fail if we cannot find a base keyspace DN.
Fix a false success message for TLS being enabled.
2004-07-28 02:36:45 +00:00
Werner Koch
25ac11084b Updated po files from 1.2.5 2004-07-27 15:15:58 +00:00
Werner Koch
5d4fb57347 * configure.ac (AM_GNU_GETTEXT_VERSION): New.
(min_automake_version): New.

* LINGUAS: Added all languages we supported in 1.2.5.
Copied all po files from 1.2.5.

* autogen.sh: Updated to the modern version, grepping the required
tool versions from configure.ac.
2004-07-27 15:12:00 +00:00
Moritz Schulte
587222f48d 2004-07-27 Moritz Schulte <moritz@g10code.com>
* apdu.c: Include <signal.h>.
2004-07-27 11:35:52 +00:00
Moritz Schulte
9d36000e6f 2004-07-27 Moritz Schulte <moritz@g10code.com>
* Makefile.am: Use @DL_LIBS@ instead of -ldl.
2004-07-27 11:28:47 +00:00
Moritz Schulte
97e9cb4e60 2004-07-27 Moritz Schulte <moritz@g10code.com>
* configure.ac: Check for dlopen in libc and libdl, substitute
	DL_LIBS accordingly.
2004-07-27 11:28:10 +00:00
Werner Koch
8e237f5b09 post-release version number bump 2004-07-22 11:40:17 +00:00
Werner Koch
44bf2d0ae4 * configure.ac: Define AM conditional HAVE_OPENSC.
* Makefile.am: Make OpenSC lib link after libgcrypt. Do not link
to pth.
* apdu.c: Don't use Pth if we use OpenSC.
* sc-investigate.c, scdaemon.c: Disable use of pth if OpenSC is used.

* scdaemon.c (main): Bumbed thread stack size up to 512k.
2004-07-22 10:52:56 +00:00
Werner Koch
d9147773b4 * trustlist.c (read_list): Allow colons in the fingerprint.
(headerblurb): Rephrased.

* gpg-agent.c (handle_connections): Increase the stack size ot 256k.

* de.po: Updated.

* scdaemon.c (main): Bumbed thread stack size up to 512k.

* keylist.c (list_cert_raw): Print the keygrip.
2004-07-22 09:37:36 +00:00
Werner Koch
2e10dbd6c8 * Makefile.am (sm): Build kbx only if gpgsm is to be build.
* maperror.c: Removed header ksba.h.  Not required anymore.
2004-07-20 18:41:49 +00:00
Werner Koch
3d471c15b8 New option --enable-agent-only. 2004-07-20 11:22:10 +00:00
Werner Koch
224da03784 * rfc822parse.c (rfc822parse_get_field): Add arg VALUEOFF. 2004-07-20 11:21:53 +00:00
Werner Koch
08b98804e4 (gpgsm_validate_chain): The trust check didn't
worked anymore, probably due to the changes at 2003-03-04.  Fixed.
2004-07-20 07:06:36 +00:00
Werner Koch
8add759d64 (reader_table_s): Add function pointers for the backends.
(apdu_close_reader, apdu_get_status, apdu_activate)
(send_apdu): Make use of them.
(new_reader_slot): Intialize them to NULL.
(dump_ccid_reader_status, ct_dump_reader_status): New.
(dump_pcsc_reader_status): New.
(open_ct_reader, open_pcsc_reader, open_ccid_reader)
(open_osc_reader, open_rapdu_reader): Intialize function pointers.
(ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu)
(error_string): Removed.  Replaced by apdu_strerror.
(get_ccid_error_string): Removed.
(ct_activate_card): Remove the unused loop.
(reset_ct_reader): Implemented.
(ct_send_apdu): Activate the card if not yet done.
(pcsc_send_apdu): Ditto.
2004-07-16 15:45:25 +00:00
David Shaw
0aad41079e * keylist.c (list_keyblock_print): Always use the new listing format where
uids are always on a line for themselves.  Mark expired secret keys as
expired.

* options.h, g10.c (main): Rename list show-validity to show-uid-validity
as it only shows for uids.

* armor.c (armor_filter): Do not use padding to get us to 8 bytes of
header.  Rather, use 2+4 as two different chunks.  This avoids a fake
filename of "is".
2004-07-16 14:30:55 +00:00
David Shaw
673894ef48 * keyedit.c (sign_uids): Properly handle remaking a self-sig on revoked or
expired user IDs.  Also, once we've established that a given uid cannot or
will not be signed, don't continue to ask about each sig.

* mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check the S2K
hash algorithm before we try to generate a passphrase using it.  This
prevents hitting BUG() when generating a passphrase using a hash that we
don't have.

* sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign
--symmetric messages.
2004-07-15 21:16:54 +00:00
David Shaw
2cba999f22 * g10.c (main): Alias --charset as --display-charset to help avoid the
continuing confusion and make room for possible changes in devel.

* parse-packet.c (parse_plaintext): Show the hex value for the literal
packet mode since it may not be printable.

* keygen.c (make_backsig): Make sure that the backsig was built
successfully before we try and use it.

* status.h, status.c (get_status_string), plaintext.c (handle_plaintext):
New status tags PLAINTEXT and PLAINTEXT_LENGTH.
2004-07-15 21:00:35 +00:00
David Shaw
d60d73a53b * ring-a-party: ElGamal -> Elgamal 2004-07-04 21:17:29 +00:00
Werner Koch
c4e52b1531 Initialize Pth which is now required.
(interactive_shell): New command "readpk".
2004-07-01 18:09:25 +00:00
Werner Koch
8f81ba17dc * card-util.c (change_login): Kludge to allow reading data from a
file.
(card_edit): Pass ARG_STRING to change_login.
(card_status): Print CA fingerprints.
(change_cafpr): New.
(card_edit): New command CAFPR.

* call-agent.h: Add members for CA fingerprints.
* call-agent.c (agent_release_card_info): Invalid them.
(learn_status_cb): Store them.
2004-07-01 17:42:09 +00:00
Werner Koch
bcaa520ad6 (do_getattr): Fix for sending CA-FPR. 2004-07-01 17:41:33 +00:00
Werner Koch
7158c4db92 Added glossary 2004-06-29 07:16:40 +00:00
David Shaw
0989ce2ea5 * DETAILS: Document PLAINTEXT and PLAINTEXT_LENGTH.
* gpg.sgml: Clarify that --min-cert-level disregards level 1 certs by
default.  Clarify include-revoked a bit to note that keyservers might not
be accurate.  Note that --charset is --display-charset. Some language
tweaks for --simple-sk-checksum (Debian 251795). Note the PGP silliness
with preferred keyserver subpackets causing PGP/MIME.
2004-06-29 01:48:01 +00:00