1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

1096 Commits

Author SHA1 Message Date
David Shaw
2d6a766433 * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
Minimal isn't always best.

* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time.  Make sure that this doesn't
cause a time warp.

* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).

* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.

* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).
2002-12-04 18:32:00 +00:00
David Shaw
6d30580362 * packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
2002-12-04 16:17:21 +00:00
David Shaw
dc70beb88f * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.
2002-12-03 23:09:20 +00:00
David Shaw
33783a41a4 * main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* tdbio.c (tdbio_read_record, tdbio_write_record): Comments to reserve a
byte for trust model in the devel version.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 18:10:10 +00:00
David Shaw
03aaecf3f8 * keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
2002-12-01 20:49:13 +00:00
David Shaw
7917a43b81 * gpg.sgml: Point out that if the user absolutely must, it's better to use
--pgpX than forcing an algorithm manually.  Better still not to use
anything, of course.
2002-12-01 01:51:34 +00:00
David Shaw
31e09a853d * distfiles, gnupg.spec.in: Include convert-from-106. 2002-11-30 23:30:48 +00:00
David Shaw
1c4090fe65 * convert-from-106: Script to automate the 1.0.6->later conversion. It
marks all secret keys as ultimately trusted, adds the signature caches,
and checks the trustdb.
2002-11-30 16:09:33 +00:00
David Shaw
721353f8c4 * NEWS: Add notes about notation names and '@', the "--trust-model always"
option, and non-optimized memory wiping.
2002-11-25 14:38:10 +00:00
David Shaw
efa986b098 * gpg.sgml: Document --sig-policy-url, --cert-policy-url, --sig-notation,
--cert-notation.  Clarify --show-notation and --show-policy-url that
policy URLs and notations can be used in data signatures as well.  Add
note about '@' being a required character in notation names.
2002-11-25 14:32:40 +00:00
David Shaw
f41be729cc * g10.c (add_notation_data): Disallow notation names that do not contain a
'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.

* g10.c (main): Add --strict and --no-strict as no-ops to smooth
transition when the devel GnuPG becomes the stable one.
2002-11-24 01:44:37 +00:00
David Shaw
d907271871 * gpg.sgml: Add an interoperability section. 2002-11-22 03:52:48 +00:00
David Shaw
e76d3eab83 * gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode. Noted
by Haakon Riiser.
2002-11-17 15:15:36 +00:00
David Shaw
848ae72ed5 * config.links: Use OpenBSD/NetBSD powerpc assembler code for Darwin.
Successfully tested by Gordon Worley.
2002-11-16 16:51:06 +00:00
David Shaw
c028cac7ab * gpg.sgml: Correct --compress-algo documentation to match behavior.
Noted by Jason S. Mantor.
2002-11-14 22:06:58 +00:00
David Shaw
01819803ae * gpg.sgml: Document --trust-model. 2002-11-14 02:54:56 +00:00
Stefan Bellon
5059ac6f0b fixed type incompatibility 2002-11-13 21:50:33 +00:00
David Shaw
5ecf0cbd79 * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.
2002-11-13 13:14:40 +00:00
David Shaw
7178a8056c * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 05:20:43 +00:00
Werner Koch
dbe54c8bd5 * config.sub, config.guess: Updated from ftp.gnu.org/gnu/config
to version 2002-11-08.
2002-11-12 19:38:16 +00:00
Werner Koch
7f0938142b * configure.ac: Check for ctermid(). 2002-11-09 17:38:55 +00:00
Werner Koch
e95dbae3f6 * passphrase.c (agent_send_all_options): Use tty_get_ttyname to
get the default ttyname.
2002-11-09 17:38:29 +00:00
Werner Koch
d0180ee195 * ttyio.c (TERMDEVICE): Removed.
(tty_get_ttyname): New.
(init_ttyfp): Use it here instead of the TERMDEVICE macro.
2002-11-09 17:38:11 +00:00
Stefan Bellon
eb6f7ce0ad added prototype that was missing in CVS since long ago 2002-11-06 16:17:14 +00:00
David Shaw
23ac2c1e0a * secmem.c (secmem_free, secmem_term): Use wipememory2() instead of
memset() to overwrite secure memory.
2002-11-06 15:43:38 +00:00
David Shaw
49db742b75 * util.h: Add wipememory2() macro (same as wipememory, but can specify the
byte to wipe with).
2002-11-06 15:40:45 +00:00
David Shaw
90279250e8 * blowfish.c (burn_stack), cast5.c (burn_stack), des.c (burn_stack), md5.c
(burn_stack), random.c (burn_stack, read_pool, fast_random_poll),
rijndael.c (burn_stack), rmd160.c (burn_stack), rndegd.c
(rndegd_gather_random), rndlinux.c (rndlinux_gather_random), rndriscos.c
(rndriscos_gather_random), sha1.c (burn_stack), tiger.c (burn_stack),
twofish.c (burn_stack): Replace various calls to memset() with the more
secure wipememory().
2002-11-06 15:28:12 +00:00
David Shaw
666dcb370b * keyedit.c (show_key_with_all_names_colon): Don't stick nulls into the
--with-colons listing.
2002-11-05 22:30:59 +00:00
David Shaw
62ff9a5e89 * g10.c (main): Add a mostly noop --trust-model option to smooth
transition to 1.4.
2002-11-05 02:17:48 +00:00
David Shaw
8078c08969 * DETAILS: Clarify meaning of 'u'. Noted by Timo. 2002-11-04 18:00:16 +00:00
David Shaw
66c458f954 * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly handle an
input file that does not include any key data at all.
2002-11-04 13:49:31 +00:00
David Shaw
23d943d015 * Makefile.am: Put gnupg.spec in the root directory so rpm -ta works. 2002-10-31 17:55:38 +00:00
David Shaw
f77b885e65 * gnupg.spec.in: Update source ftp path. 2002-10-31 17:54:00 +00:00
David Shaw
456f89ea7a * build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized
away.
2002-10-31 15:28:19 +00:00
David Shaw
92fb1251d0 * configure.ac: Add a check for volatile. 2002-10-31 15:23:10 +00:00
David Shaw
8be3f3e80c * util.h: Add wipememory() macro. 2002-10-31 15:22:21 +00:00
Werner Koch
321b88d0f6 * getkey.c (get_pubkey_direct): Renamed to...
(get_pubkey_fast): this and made extern.
(get_pubkey_byfprint_fast): New.
* import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might
lead to recursions. --> There is still a problem, though.
(revocation_present): Likewise for search by fingerprint.

* g10.c (main): Try to create the trustdb even for non-colon-mode
list-key operations.  This is required because getkey needs to
know whether a a key is ultimately trusted.
2002-10-30 10:02:38 +00:00
Werner Koch
4be5257f2c * w32reg.c (read_w32_registry_string): Fixed expanding of the
environment buffer; didn't worked at all.  Reported by Thijmen
Klok.
2002-10-28 17:32:55 +00:00
Stefan Bellon
4884931476 reverted filetype patch 2002-10-28 15:26:43 +00:00
Stefan Bellon
191795d14b filetype support for RISC OS 2002-10-28 13:27:18 +00:00
David Shaw
875363153e * gnupg.spec.in: Use new path for keyserver helpers, /usr/lib is no longer
used for cipher/hash plugins, and include gpgv, gpgsplit, and the new
gnupg.7 man page.
2002-10-26 19:38:42 +00:00
Werner Koch
8befd90dfb version number change after release. 2002-10-25 12:22:43 +00:00
Werner Koch
47e7e7bbbd * README.W32: Add blurb on how to create a ZIP file, changed
requirement for mingw32 to 0.3.2.
2002-10-25 09:55:16 +00:00
Werner Koch
35a7fe81a6 Released 1.2.1. 2002-10-25 09:55:03 +00:00
Werner Koch
5eae37213c * et.po, ca.po, es.po: Updated from TP archive. 2002-10-25 09:09:47 +00:00
David Shaw
31f28dabba * gpgkeys_hkp.c (main), gpgkeys_ldap.c (main): Add -V flag to output
protocol and program version.
2002-10-24 18:29:11 +00:00
Werner Koch
26c1f2620b * mk-w32-dist: Include gpgkeys_ldap. 2002-10-24 15:16:06 +00:00
Werner Koch
1a36831ed9 * configure.ac (GPGKEYS_LDAP,GPGKEYS_HKP): Add $EXEEXT. 2002-10-24 15:15:38 +00:00
David Shaw
38d3a8a302 * gpg.sgml: Document --refresh-keys. 2002-10-24 05:40:56 +00:00
Werner Koch
17edfbb907 * gpgsplit.c: New options --secret-to-public and --no-split.
GNUified the indentation style.
2002-10-23 08:58:36 +00:00