pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode. This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.
* getkey.c (finish_lookup): Comment.
user ID display in the --edit-key menu to match that of the --list-keys
display.
* tdbio.c (tdbio_read_record, tdbio_write_record): Comments to reserve a
byte for trust model in the devel version.
* g10.c (add_notation_data): Fix initialization.
expiration date of a subkey. This is not the most optimal solution, but
it is minimal change on the stable branch.
* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.
* import.c (fix_hkp_corruption): Comment.
'@', unless --expert is set. This is to help prevent people from
polluting the (as yet unused) IETF namespace.
* main.h: Comments about default algorithms.
* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.
* g10.c (main): Add --strict and --no-strict as no-ops to smooth
transition when the devel GnuPG becomes the stable one.
display match the validity and trust of --with-colons --list-keys.
* passphrase.c (agent_send_all_options): Fix compile warning.
* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid. This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
we don't need it here as it behaves more like a Posix system.
* passphrase.c (agent_get_passphrase): Ditto.
* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.
* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from
the registry.
function as they may not have all their fields filled in.
* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
cipher when importing a secret key.
* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.
* parse_packet.c (parse_key): Some comments.
* revoke.c (gen_revoke): Remove some debugging code.
* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
* main.h, sig-check.c (check_revocation_keys): to here. Also return the
signature_check error code rather than 0/1 and cache the sig result.
* sig-check.c (check_key_signature2): Divert to check_revocation_keys if a
revocation sig is made by someone other than the pk owner.
* getkey.c (merge_selfsigs_main): Tidy.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
printing the list of keys a message was encrypted to. This would make gpg
give a non-zero exit code even for completely valid messages if the
message was encrypted to more than one key that the user owned.
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.
* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
* options.skel: The PGP LDAP keyserver is back. Use MIT keyserver as a
sample rather than cryptnet as cryptnet does not support searching yet.
* keyedit.c (show_key_with_all_names): Fix error message (preferences are
userid/selfsig and not key specific).
* encode.c (encode_simple,encode_crypt): Use new style CTB for
compressssed packets when using MDC. We need to do this so that
concatenated messages are properly decrypted. Old style
compression assumes that it is the last packet; given that we
can't determine the length in advance, the uncompressor does not
know where to start. Actually we should use the new CTB always
but this would break PGP 2 compatibility.
* parse-packet.c (parse): Special treatment for new style CTB
compressed packets.
* build-packet.c (do_mdc): Removed. Was not used.
(do_encrypted_mdc): Count the version number and the MDC packet.
