1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

362 Commits

Author SHA1 Message Date
David Shaw
6d30580362 * packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
2002-12-04 16:17:21 +00:00
David Shaw
dc70beb88f * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.
2002-12-03 23:09:20 +00:00
David Shaw
33783a41a4 * main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* tdbio.c (tdbio_read_record, tdbio_write_record): Comments to reserve a
byte for trust model in the devel version.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 18:10:10 +00:00
David Shaw
03aaecf3f8 * keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
2002-12-01 20:49:13 +00:00
David Shaw
f41be729cc * g10.c (add_notation_data): Disallow notation names that do not contain a
'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.

* g10.c (main): Add --strict and --no-strict as no-ops to smooth
transition when the devel GnuPG becomes the stable one.
2002-11-24 01:44:37 +00:00
Stefan Bellon
5059ac6f0b fixed type incompatibility 2002-11-13 21:50:33 +00:00
David Shaw
5ecf0cbd79 * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.
2002-11-13 13:14:40 +00:00
David Shaw
7178a8056c * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 05:20:43 +00:00
Werner Koch
e95dbae3f6 * passphrase.c (agent_send_all_options): Use tty_get_ttyname to
get the default ttyname.
2002-11-09 17:38:29 +00:00
David Shaw
666dcb370b * keyedit.c (show_key_with_all_names_colon): Don't stick nulls into the
--with-colons listing.
2002-11-05 22:30:59 +00:00
David Shaw
62ff9a5e89 * g10.c (main): Add a mostly noop --trust-model option to smooth
transition to 1.4.
2002-11-05 02:17:48 +00:00
David Shaw
456f89ea7a * build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized
away.
2002-10-31 15:28:19 +00:00
Werner Koch
321b88d0f6 * getkey.c (get_pubkey_direct): Renamed to...
(get_pubkey_fast): this and made extern.
(get_pubkey_byfprint_fast): New.
* import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might
lead to recursions. --> There is still a problem, though.
(revocation_present): Likewise for search by fingerprint.

* g10.c (main): Try to create the trustdb even for non-colon-mode
list-key operations.  This is required because getkey needs to
know whether a a key is ultimately trusted.
2002-10-30 10:02:38 +00:00
Stefan Bellon
4884931476 reverted filetype patch 2002-10-28 15:26:43 +00:00
Stefan Bellon
191795d14b filetype support for RISC OS 2002-10-28 13:27:18 +00:00
Werner Koch
d964ea1f84 * pubkey-enc.c (get_it): Fix segv, test for revoked only when PK
has been assigned.
2002-10-23 07:06:56 +00:00
Werner Koch
16e53ae196 * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32;
we don't need it here as it behaves more like a Posix system.
* passphrase.c (agent_get_passphrase): Ditto.
* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.

* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from
the registry.
2002-10-21 16:31:38 +00:00
Werner Koch
1f8d80a1b3 * pkclist.c (do_edit_ownertrust): Show all user IDs. This should
be enhanced to also show the current trust level.  Suggested by
Florian Weimer.
2002-10-17 13:49:30 +00:00
Werner Koch
da36b610ef * keygen.c (print_status_key_created): New.
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
2002-10-12 11:42:08 +00:00
David Shaw
51a8a76e23 * keyedit.c (menu_addrevoker): Properly back out if the signature fails. 2002-10-11 20:44:27 +00:00
David Shaw
67356cdd63 * mainproc.c (symkey_decrypt_sesskey): Fix compiler warning. 2002-10-07 22:09:20 +00:00
David Shaw
3832320327 * keylist.c (print_capabilities): Properly indicate per-key capabilities
of sign&encrypt primary keys that have secret-parts-missing (i.e. no
capabilities at all).
2002-10-07 18:20:28 +00:00
David Shaw
d1738ac243 * getkey.c (get_pubkey_direct): Don't cache keys retrieved via this
function as they may not have all their fields filled in.

* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
2002-10-04 22:09:18 +00:00
Werner Koch
2e21d851e9 * passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping.  Noted by Ingo Kl�cker.
2002-10-04 06:02:14 +00:00
David Shaw
09fe2195bc * keylist.c (print_capabilities): Secret-parts-missing keys should show
that fact in the capabilities.
2002-10-03 19:17:02 +00:00
David Shaw
3f2d94179f * packet.h, parse_packet (parse_key): Add is_primary flag for public keys
(it already exists for secret keys).

* keylist.c (print_capabilities): Only primary signing keys can certify
other keys.
2002-10-03 17:40:10 +00:00
David Shaw
27d526298b * import.c (import_secret_one): Check for an illegal (>110) protection
cipher when importing a secret key.

* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.

* parse_packet.c (parse_key): Some comments.

* revoke.c (gen_revoke): Remove some debugging code.

* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
2002-10-02 21:56:03 +00:00
David Shaw
bf31d26b1d * seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher
in question is in fact IDEA.
2002-10-01 20:24:21 +00:00
David Shaw
1e728329d7 * import.c (import_one): Make sure that a newly imported key starts with a
clean ownertrust. (import_revoke_cert): Remove ultimate trust when
revoking an ultimately trusted key.
2002-10-01 17:25:56 +00:00
Werner Koch
901ac5ed9b * getkey.c (get_pubkey_direct): New.
(merge_selfsigs_main): Use it here to look for an ultimately
trusted key.  Using the full get_pubkey might lead to a infinitive
recursion.
2002-10-01 08:29:47 +00:00
David Shaw
4d640a3384 * g10.c (main): Disable --textmode when encrypting (symmetric or pk) in
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
2002-09-30 16:25:17 +00:00
David Shaw
745d270c07 * keyserver.c (parse_keyserver_uri): Force the keyserver URI scheme to
lowercase to be case-insensitive.
2002-09-30 03:19:42 +00:00
David Shaw
1324f0c83a * sig-check.c (check_key_signature2): Properly handle a non-designated
revocation import.
2002-09-28 17:34:43 +00:00
Werner Koch
1f71f4c626 * g10.c (set_homedir): New. Changed all direct assignments to use
this.
* gpgv.c (set_homedir): Ditto.
2002-09-26 12:28:27 +00:00
David Shaw
d477cf2bfb * keylist.c (list_keyblock_colon): Show 1F direct key signatures in
--with-colons listing.

* keyserver.c (keyserver_spawn): Properly handle line truncation. Don't
leak memory (~10-20 bytes) on searches.
(keyserver_search_prompt): Cleanup.

* hkp.c (hkp_search): Properly handle line truncation.
2002-09-19 16:32:44 +00:00
David Shaw
1f19f73326 * keyedit.c (menu_addrevoker): The direct key signature for revocation
keys must be at least v4 to carry the revocation key subpacket.  Add a PGP
2.x warning for revocation keys.
2002-09-17 03:09:33 +00:00
David Shaw
9da9e88433 * g10.c (check permissions): Back out previous change - some translations
already done for 1.2.
2002-09-15 11:16:04 +00:00
David Shaw
d29d483e5f * g10.c (check_permissions): Rearrange strings to make translating easier
(don't incorporate string parts).

* keyedit.c (sign_uids): Make strings translatable.

* sig-check.c (check_key_signature2): Make string translatable.
2002-09-15 03:15:56 +00:00
David Shaw
0e7778cb51 * getkey.c (check_revocation_keys): Move....
* main.h, sig-check.c (check_revocation_keys): to here.  Also return the
signature_check error code rather than 0/1 and cache the sig result.

* sig-check.c (check_key_signature2): Divert to check_revocation_keys if a
revocation sig is made by someone other than the pk owner.

* getkey.c (merge_selfsigs_main): Tidy.
2002-09-13 12:52:30 +00:00
Werner Koch
86d681d8f0 * g10.c (main) [__MINGW32__]: Activate oLoadExtension. 2002-09-13 07:52:45 +00:00
David Shaw
72cd3ef859 * keyserver.c (keyserver_spawn): Remove whitespace after keyserver
commands.
2002-09-12 12:10:04 +00:00
Werner Koch
c5445cc323 * g10.c, options.h: Removed option --emulate-checksum-bug.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
2002-09-11 07:27:54 +00:00
David Shaw
c30d7e8dc7 * exec.c (expand_args): Remove loop left over from earlier implementation.
(exec_write): Missed one tick.
2002-09-10 18:03:40 +00:00
Werner Koch
b324a5d2d1 Cleanups and minor fixes. 2002-09-10 08:40:12 +00:00
David Shaw
d8eda8dbd1 * g10.c (add_group): Use '=' to separate group name from group members.
Use a better error message for when no = is found.

* hkp.c (hkp_export): Use CRLF in headers.
2002-09-09 19:21:58 +00:00
David Shaw
8dccf882f7 * mainproc.c (print_pkenc_list): Don't increment the error counter when
printing the list of keys a message was encrypted to.  This would make gpg
give a non-zero exit code even for completely valid messages if the
message was encrypted to more than one key that the user owned.
2002-09-04 02:48:47 +00:00
Werner Koch
5819b1ee45 * g10.c (main): Try to set a default character set. Print the
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.

* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
2002-09-02 10:59:04 +00:00
David Shaw
46a58a0527 * pkclist.c (build_pk_list): Add new status code to indicate an untrusted
user.  This (or a disabled key) fail with "unavailable pubkey"
(G10ERR_UNU_PUBKEY).
2002-08-30 19:21:55 +00:00
David Shaw
c721e11bf5 * pkclist.c (build_pk_list): Fail if any recipient keys are unusable.
* options.skel: The PGP LDAP keyserver is back.  Use MIT keyserver as a
sample rather than cryptnet as cryptnet does not support searching yet.

* keyedit.c (show_key_with_all_names): Fix error message (preferences are
userid/selfsig and not key specific).
2002-08-30 18:01:32 +00:00
Werner Koch
5dfd5a6dac * pkclist.c (do_we_trust_pre): Changed the wording of a warning.
* encode.c (encode_simple,encode_crypt): Use new style CTB for
compressssed packets when using MDC.  We need to do this so that
concatenated messages are properly decrypted.  Old style
compression assumes that it is the last packet; given that we
can't determine the length in advance, the uncompressor does not
know where to start.  Actually we should use the new CTB always
but this would break PGP 2 compatibility.
* parse-packet.c (parse): Special treatment for new style CTB
compressed packets.

* build-packet.c (do_mdc): Removed. Was not used.
(do_encrypted_mdc): Count the version number and the MDC packet.
2002-08-30 16:34:13 +00:00