David Shaw
e4206de3f5
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
...
curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for easier
debugging.
2006-02-21 16:16:09 +00:00
David Shaw
0eb4e93bd4
* gpgv.c: Stub keyserver_import_ldap.
...
* keyserver-internal.h, keyserver.c (keyserver_import_ldap): Import using
the PGP Universal trick of asking ldap://keys.(maildomain) for the key.
2006-02-21 16:09:09 +00:00
David Shaw
8a1bd087fc
* keyserver.c (parse_keyserver_uri): Include the scheme in the uri
...
even when we've assumed "hkp" when there was no scheme.
2006-02-21 05:20:08 +00:00
David Shaw
ca6c57bc8a
* http.c (send_request): A zero length proxy is the same as no proxy.
2006-02-19 21:03:01 +00:00
David Shaw
5b209e3e4a
* configure.ac: Try linking the UINT64_C test program (rather than
...
just compiling it) as UINT64_C looks like a (missing) function,
causing a false positive. Noted by Claus Assmann.
2006-02-19 02:08:43 +00:00
Werner Koch
b121d029b5
about to release 1.4.3rc1
2006-02-14 16:28:34 +00:00
Werner Koch
966cd80d88
Fixed a wrong return code with gpg --verify
2006-02-14 10:17:57 +00:00
Werner Koch
2410941461
Lock random seed file
2006-02-09 12:54:41 +00:00
Werner Koch
af67c98ee9
Fixed a couple of problems
2006-02-08 17:55:20 +00:00
Werner Koch
4f34366389
Add support fro CardMan 4040
2006-02-06 16:34:20 +00:00
David Shaw
23cfe019e9
* cert.c (get_cert): Disable IPGP types for now until the format questions
...
in the draft are settled.
* srv.c (getsrv): Error on oversize SRV responses.
2006-01-26 16:51:04 +00:00
David Shaw
214a3a646e
* keyserver.c (parse_keyserver_uri): If there is a path present, set the
...
direct_uri flag so the right keyserver helper is run.
2006-01-24 21:03:06 +00:00
David Shaw
4ff7d09040
* keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
...
keyserver helpers on systems that use extensions.
* misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing with
drive letter systems.
2006-01-22 21:40:20 +00:00
David Shaw
d232175d8d
* configure.ac: Add define for EXEEXT so we can find keyserver helpers
...
on systems that use extensions.
2006-01-22 21:38:02 +00:00
David Shaw
dbe415ea61
* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
...
passphrase as if it was used (move from next_pw to last_pw).
* pubkey-enc.c (get_session_key): Use it here to handle the case where a
passphrase happens to be correct for a secret key, but yet that key isn't
the anonymous recipient (i.e. the secret key could be decrypted, but not
the session key). This also handles the case where a secret key is
located on a card and a secret key with no passphrase. Note this does not
fix bug 594 (anonymous recipients on smartcard do not work) - it just
prevents the anonymous search from stopping when the card is encountered.
2006-01-17 20:55:53 +00:00
David Shaw
10d917a885
* libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.
2006-01-17 16:03:51 +00:00
David Shaw
fa4b60403b
* libcurl.m4: Remove GOPHER, as that is not supported in libcurl any
...
longer.
2006-01-16 20:22:58 +00:00
David Shaw
2c4b5d5de9
* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
...
uploading a key.
2006-01-16 17:59:46 +00:00
David Shaw
7b978efef8
* keyserver.c (keyserver_refresh): Fix problem when more than one key
...
in a refresh batch has a preferred keyserver set. Noted by Nicolas
Rachinsky.
2006-01-07 21:04:13 +00:00
David Shaw
1315171b07
* mainproc.c (check_sig_and_print), keyserver.c
...
(keyserver_import_pka), card-util.c (fetch_url): Always require a
scheme:// for keyserver URLs except when used as part of the
--keyserver command for backwards compatibility.
2006-01-01 18:12:57 +00:00
David Shaw
5bce704dd3
* sign.c (write_signature_packets): Lost a digest_algo line.
2006-01-01 17:59:57 +00:00
David Shaw
cbc5c947d5
* sign.c (hash_for): Add code to detect if the sk lives on a smart
...
card. If it does, only allow 160-bit hashes, a la DSA. This involves
passing the *sk in, so change all callers. This is correct for today,
given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160
support in the openpgp card. It will almost certainly need changing
down the road.
* app-openpgp.c (do_sign): Give user error if hash algorithm is not
supported by the card.
2006-01-01 17:48:54 +00:00
David Shaw
74117cf4d3
* cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.
2005-12-24 15:35:39 +00:00
David Shaw
846eefaa71
* keyserver.c (keyserver_import_pka): New. Moved from
...
getkey.c:get_pubkey_byname which was getting crowded.
* keyserver.c (keyserver_import_cert): Import a key found in DNS via CERT
records. Can handle both the PGP (actual key) and IPGP (URL) CERT types.
* getkey.c (get_pubkey_byname): Call them both here.
* options.h, keyserver.c (parse_keyserver_options): Add
"auto-cert-retrieve" option with optional max size argument.
2005-12-23 22:17:11 +00:00
David Shaw
8b9c16ed0a
* gpgv.c: Stub.
...
* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keygerver_getname): New keyserver_getname function to fetch keys by name.
* getkey.c (get_pubkey_byname): Call it here to enable locating keys by
full mailbox from a keyserver a la PKA. Try PKA first, though, as it is
likely to be faster.
2005-12-23 21:33:32 +00:00
David Shaw
da9a10d2b0
* ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
...
* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): Use it
here to do direct name (rather than key ID) fetches.
2005-12-23 20:51:48 +00:00
David Shaw
7f13d486b0
New code to do DNS CERT queries.
2005-12-23 18:15:24 +00:00
David Shaw
5e08b08da8
* srv.c, Makefile.am: Only build srv.c if we need to.
2005-12-23 05:00:55 +00:00
David Shaw
f3c99c604c
* configure.ac: Split PKA checking off from DNS SRV checking.
...
Currently PKA is only enabled if HTTP or HKP is enabled which is not
necessary.
2005-12-23 04:58:25 +00:00
Werner Koch
f1482aab4e
Finished PKA feature
2005-12-20 20:19:16 +00:00
David Shaw
64fa7ea37e
* getkey.c (merge_selfsigs_main): All primary keys can certify.
2005-12-19 22:10:20 +00:00
David Shaw
5432755319
* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
...
curl_writer_finalize): New functionality to handle binary format keys by
armoring them for input to GPG.
* gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here.
2005-12-19 19:39:32 +00:00
David Shaw
aebd3a04f3
* gpg.c (main): Restore convert-sk-to-pk as programs rely on it.
...
* keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT flag.
It's no longer needed.
2005-12-19 01:51:31 +00:00
David Shaw
26eeebf512
* gpg.c (main): Don't default to import-options convert-sk-to-pk. It
...
causes confusing warning messages when importing a PGP-exported key
that contains a secret key without selfsigs followed by the public
key.
2005-12-14 14:52:04 +00:00
David Shaw
b12d50dccd
* ttyio.c (tty_enable_completion, tty_disable_completion): Add checks
...
for no_terminal so we don't try to open("/dev/tty") when invoked with
--no-tty.
2005-12-12 03:56:01 +00:00
David Shaw
81f64252c0
* NEWS: Note --fetch-keys.
2005-12-08 23:35:47 +00:00
David Shaw
f8c4263b1a
* gpg.sgml: Document --fetch-keys.
2005-12-08 19:39:59 +00:00
David Shaw
735257ee1c
* keyserver.c (keyserver_fetch): Switch on fast-import before we
...
--fetch-keys so we don't rebuild the trustdb after each fetch.
2005-12-08 15:37:26 +00:00
Werner Koch
0edfbba804
Made strings translatable. Minor fixes.
2005-12-08 07:42:41 +00:00
David Shaw
1d051e8ed5
* options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
...
keyserver_fetch): Set a flag to indicate that we're doing a direct URI
fetch so we can differentiate between a keyserver operation and a URI
fetch for protocols like LDAP that can do either.
2005-12-08 05:52:41 +00:00
David Shaw
4ba9fd4683
* gpg.sgml: Document -d. Add [file] to a few options.
2005-12-08 05:29:35 +00:00
David Shaw
a4fae95d04
* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language
...
for the key-not-found error.
2005-12-07 23:00:30 +00:00
David Shaw
05193a2705
* keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
...
when fetching a URI.
* keyserver-internal.h, keyserver.c (keyserver_fetch): New. Fetch an
arbitrary URI using the keyserver helpers.
* gpg.c (main): Call it from here for --fetch-keys.
2005-12-07 22:34:11 +00:00
David Shaw
c826ccdec1
* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.
...
* gpgkeys_curl.c (get_key): Give key-not-found error if no data is found
(or file itself is not found) during a fetch.
2005-12-07 22:25:58 +00:00
David Shaw
990097b067
Missed file.
2005-12-06 21:10:34 +00:00
David Shaw
bc1c4af8c3
Some cleanup so we don't build files that are completely ifdeffed out.
...
This causes a warning on Sun's cc. Do the internal regex code as well for
consistency.
2005-12-06 20:54:05 +00:00
David Shaw
8a0cf1d2a3
* idea-stub.c (load_module): Not legal to return a void * as a function
...
pointer.
2005-12-06 20:27:43 +00:00
David Shaw
d6e918e40f
* curl-shim.c (curl_easy_perform): Fix build warning (code before
...
declaration).
2005-12-06 18:49:34 +00:00
David Shaw
a635daa6b6
* mkdtemp.c (mkdtemp): Fix warning.
...
* secmem.c, assuan-buffer.c, dotlock.c: Fix a few warnings from printf-ing
%p where the arg wasn't void *.
2005-12-06 18:24:57 +00:00
David Shaw
c0d7fa368e
* Makefile.am: Some cleanup so we don't build files that are completely
...
ifdeffed out. This causes a warning on Sun's cc. Do sha512.c as well for
consistency.
2005-12-06 17:13:44 +00:00