1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-06 20:58:50 +01:00
Commit Graph

3965 Commits

Author SHA1 Message Date
Werner Koch
a425334f48 * command.c (cmd_passwd): Take acount of a key description.
* genkey.c (reenter_compare_cb): Do not set the error text.
(agent_protect_and_store, agent_genkey): Force a re-enter after a
non-matching passphrase.
* query.c (agent_askpin): Add new arg INITIAL_ERRTEXT; changed
all callers.
2004-02-21 13:05:22 +00:00
David Shaw
34ccced8dc * keyserver.c (keyserver_export): Disallow user strings that aren't key
IDs. (keyserver_import): Clarify error message. (keyserver_spawn):
Properly handle 8 bit characters in user IDs in the info lines during
SEND.
2004-02-20 20:18:49 +00:00
David Shaw
9fe66c89d8 * configure.ac: Check for timegm(). Replacement functions for setenv()
and unsetenv().
2004-02-20 15:11:57 +00:00
David Shaw
a3ba17e09e * mkdtemp.c: New (moved from g10/), setenv.c: New, unsetenv.c: New.
* Makefile.am: Include @LIBOBJS@ for replacement functions.
2004-02-20 15:10:36 +00:00
David Shaw
e867829de7 * mkdtemp.c: Removed.
* Makefile.am: We get mkdtemp.c from libutil.a now, so don't link with
@LIBOBJS@.

* keyserver.c (keyserver_spawn): Pass the scheme to the keyserver helper.
2004-02-20 15:04:56 +00:00
David Shaw
925b982a0b * gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv.
(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user whatever
the server did give us. (find_basekeyspacedn): There is no guarantee that
namingContexts will be readable.

* Makefile.am: Link gpgkeys_ldap with libutil.a to get the replacement
functions (and eventually translations, etc).
2004-02-20 14:59:02 +00:00
Werner Koch
ffd5cd0368 Fixed URLs in the notice messages. 2004-02-20 14:23:30 +00:00
Werner Koch
c4663004d9 * Makefile.am: Reset GPG_AGENT_INFO here
* runtest: and not anymore here.
2004-02-20 13:46:35 +00:00
Werner Koch
aa0e38982a * gpgsm.c (main): New option --debug-ignore-expiration.
* certchain.c (gpgsm_validate_chain): Use it here.

* certlist.c (cert_usage_p): Apply extKeyUsage.
2004-02-20 13:46:21 +00:00
David Shaw
7f148010ab * gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do not
correct for timezones. (main): Find the basekeyspacedn before we try to
start TLS, so we can give a better error message when a user tries to use
TLS with a LDAP keyserver.
2004-02-19 21:32:15 +00:00
David Shaw
06d21d80f6 * configure.ac: Check for ln -s and add GPGKEYS_LDAP conditional, both for
making gpgkeys_ldaps symlink to gpgkeys_ldap.
2004-02-19 20:10:38 +00:00
David Shaw
21301028c4 * Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps to
gpgkeys_ldap when needed.

* gpgkeys_ldap.c (main): Add support for LDAPS and TLS connections.
These are only useful and usable when talking to real LDAP keyservers.
Add new "tls" option to tune TLS use from off, to try quietly, to try
loudly, or to require TLS.
2004-02-19 20:09:12 +00:00
David Shaw
ce1e817dce * configure.ac: Simplify the LDAP checking code since OpenLDAP is far more
mature these days and dependencies are cleaner.  Add checks for
ldap_set_option and ldap_start_tls_s.
2004-02-19 16:34:32 +00:00
Werner Koch
a1b487a17a * protect-tool.c: New options --have-cert and --prompt.
(export_p12_file): Read a certificate from STDIN and pass it to
p12_build.  Detect a keygrip and construct the filename in that
case.  Unprotcet a key if needed.  Print error messages for key
formats we can't handle.
(release_passphrase): New.
(get_passphrase): New arg PROMPTNO. Return the allocated
string. Changed all callers.

* minip12.c: Revamped the build part.
(p12_build): New args CERT and CERTLEN.

* simple-pwquery.c (agent_open): Don't mangle INFOSTR.

* export.c (export_p12, popen_protect_tool)
(gpgsm_p12_export): New.
* gpgsm.c (main): New command --export-secret-key-p12.
2004-02-19 16:26:32 +00:00
David Shaw
7e7364973d * gpgkeys_ldap.c (find_basekeyspacedn): New function to figure out what
kind of LDAP server we're talking to (either real LDAP or the LDAP
keyserver), and return the baseKeySpaceDN to find keys under. (main): Call
it from here, and remove the old code that only handled the LDAP
keyserver.
2004-02-19 15:09:14 +00:00
David Shaw
6c13b96a1d * options.h, g10.c (main), plaintext.c (handle_plaintext): Add
--max-output option to help people deal with decompression bombs.
2004-02-18 23:09:27 +00:00
David Shaw
f3de3a5eb9 * gpgkeys_ldap.c (ldap_to_gpg_err): Make sure that LDAP_OPT_ERROR_NUMBER
is defined before we use it.

* gpgkeys_mailto.in: Fix VERSION number.
2004-02-18 23:05:47 +00:00
Werner Koch
50ad027c9a * acinclude.m4: Removed macros to detect gpg-error, libgcrypt,
libassuan and ksba as they are now distributed in m4/.

* gpg-error.m4, libgcrypt.m4, libassuan.m4, ksba.m4: New.
* Makefile.am: Distribute them
2004-02-18 18:38:50 +00:00
Werner Koch
e588e13d7c Added empty components for gpgsm and scdaemon. 2004-02-18 17:00:56 +00:00
Werner Koch
1a709b341c * gpgsm.c (set_debug): Set the new --debug-level flags.
(main): New option --gpgconf-list.
(main): Do not setup -u and -r keys when not required.
(main): Setup the used character set.

* keydb.c (keydb_add_resource): Print a hint to start the
gpg-agent.
2004-02-18 17:00:21 +00:00
Werner Koch
de43297298 * sc-investigate.c (main): Setup the used character set.
* scdaemon.c (main): Ditto.

* scdaemon.c (set_debug): New.  Add option --debug-level.
(main): Add option --gpgconf-list.
2004-02-18 17:00:11 +00:00
Werner Koch
ef7e99c427 Adjusted for moved file. 2004-02-18 16:59:53 +00:00
Werner Koch
9702e85d5d (print_sanitized_buffer): Don't care about
non-ASCII characaters.
(sanitize_buffer): Ditto.
2004-02-18 16:59:19 +00:00
Werner Koch
16f3d8396e * call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO.
* passphrase.c (agent_open): Ditto.
2004-02-18 16:59:03 +00:00
Werner Koch
6c9c5accd1 Described new options 2004-02-18 16:58:29 +00:00
Werner Koch
103a442be9 * simple-pwquery.c (agent_open): Ignore an empty GPG_AGENT_INFO. 2004-02-18 16:58:00 +00:00
Werner Koch
bda3467067 * protect-tool.c (main): Setup the used character set.
* gpg-agent.c (main): Ditto.

* gpg-agent.c (set_debug): New.  New option --debug-level.
(main): New option --gpgconf-list.
2004-02-18 16:57:38 +00:00
Werner Koch
81edc1e40e * gpgsm.c: Fixed value parsing for --with-validation.
* call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO.
* call-dirmngr.c (start_dirmngr): Likewise for DIRMNGR_INFO.
2004-02-17 17:21:07 +00:00
Werner Koch
d68674a77a More samples 2004-02-17 15:07:27 +00:00
Werner Koch
45a817bf4a * gpgsm.c: New option --with-md5-fingerprint.
* keylist.c (list_cert_std): Print MD5 fpr.

* gpgsm.c: New options --with-validation.
* server.c (option_handler): New option "with-validation".
* keylist.c (list_cert_std, list_internal_keys): New args CTRL and
WITH_VALIDATION. Changed callers to set it.
(list_external_cb, list_external_keys): Pass CTRL to the callback.
(list_cert_colon): Add arg CTRL.  Check validation if requested.
* certchain.c (unknown_criticals, allowed_ca, check_cert_policy)
(gpgsm_validate_chain): New args LISTMODE and FP.
(do_list): New helper for info output.
(find_up): New arg FIND_NEXT.
(gpgsm_validate_chain): After a bad signature try again with other
CA certificates.

* import.c (print_imported_status): New arg NEW_CERT. Print
additional STATUS_IMPORT_OK becuase that is what gpgme expects.
(check_and_store): Always call above function after import.
* server.c (get_status_string): Added STATUS_IMPORT_OK.
2004-02-17 15:05:04 +00:00
Werner Koch
a5fc1f40c3 Added new options 2004-02-17 15:04:49 +00:00
Werner Koch
ef5546a48b Added STATUS_IMPORT_OK. 2004-02-17 15:04:28 +00:00
David Shaw
2ecb28c51b * build-packet.c (do_user_id): Do not force a header for attribute packets
as they require a new CTB, and we don't support forced headers for new
CTBs yet.
2004-02-15 15:54:02 +00:00
David Shaw
95d05215c3 * build-packet.c (write_header2): If a suggested header length is provided
along with a zero length, interpret this as an actual zero length packet
and not as an indeterminate length packet. (do_comment, do_user_id): Use
it here as these packets might be naturally zero length.

* parse-packet.c (parse): Show packet type when failing due to an
indeterminate length packet.

* misc.c (parse_options): Only provide args for the true (i.e. not
"no-xxx") form of options.
2004-02-15 00:04:32 +00:00
David Shaw
c9aa5000d7 * keyserver.c (argsep): Move to misc.c.
* main.h, misc.c (parse_options), export.c (parse_export_options),
import.c (parse_import_options), g10.c (main): Use it here to allow for
options with optional arguments.  Change all callers.
2004-02-14 05:03:45 +00:00
David Shaw
f407bb6a97 * import.c (check_prefs): Some language fixes. (sec_to_pub_keyblock,
import_secret_one): Without knowing the number of MPIs there are, we
cannot try and sk-to-pk-ize a key.
2004-02-14 01:54:12 +00:00
Werner Koch
01486117e8 * certcheck.c (gpgsm_create_cms_signature): Format a description
for use by the pinentry.
* decrypt.c (gpgsm_decrypt): Ditto. Free HEXKEYGRIP.
* certdump.c (format_name_cookie, format_name_writer)
(gpgsm_format_name): New.
(gpgsm_format_serial): New.
(gpgsm_format_keydesc): New.
* call-agent.c (gpgsm_agent_pksign): New arg DESC.
(gpgsm_agent_pkdecrypt): Ditto.
2004-02-13 17:06:50 +00:00
Werner Koch
cbff0b05e5 * command.c (cmd_setkeydesc): New.
(register_commands): Add command SETKEYDESC.
(cmd_pksign, cmd_pkdecrypt): Use the key description.
(reset_notify): Reset the description.
* findkey.c (unprotect): Add arg DESC_TEXT.
(agent_key_from_file): Ditto.
* pksign.c (agent_pksign): Ditto.
* pkdecrypt.c (agent_pkdecrypt): Ditto. Made CIPHERTEXT an
unsigned char*.
2004-02-13 17:06:34 +00:00
Werner Koch
e98b7a9b21 Require libksba 0.9.4 and libgcrypt 1.1.92. 2004-02-13 12:40:54 +00:00
Werner Koch
1a159fd8e3 * encrypt.c (init_dek): Check for too weak algorithms.
* import.c (parse_p12, popen_protect_tool): New.

* base64.c (gpgsm_create_reader): New arg ALLOW_MULTI_PEM.
Changed all callers.
(base64_reader_cb): Handle it here.
(gpgsm_reader_eof_seen): New.
(base64_reader_cb): Set a flag for EOF.
(simple_reader_cb): Ditto.
2004-02-13 12:40:23 +00:00
Werner Koch
8b49254b97 Removed debugging cruft. 2004-02-13 12:39:49 +00:00
Werner Koch
b01d989925 (main): New options --no-fail-on-exist, --homedir.
(store_private_key): Use them here.
2004-02-13 12:37:54 +00:00
David Shaw
35482c5ee5 * gnupg.7: Clarify that 'gpgv' doesn't encrypt, and that's not a bug.
* samplekeys.asc: Update 99242560.

* gpg.sgml: Clarify -u/--local-user and --default-key.  Note what happens
if you run 'gpg' without any commands.  Document --multifile.  Document
list-option show-unusable-subkeys.
2004-02-12 20:46:18 +00:00
David Shaw
cefe95dc77 * import.c (check_prefs): New function to check preferences on a public
key to ensure that it does not advertise any that we cannot fulfill.  Use
the keyedit command list function to optionally rewrite the prefs.
(import_one, import_secret_one): Use it here when importing a public key
that we have the secret half of, or when importing a secret key that we
have the public half of.
2004-02-12 19:18:27 +00:00
David Shaw
76f579b233 * main.h, keyedit.c (keyedit_menu): Remove sign_mode and enhance the more
general command list functionality to replace it.

* g10.c (main): Use the general command functionality to implement
--sign-key, --lsign-key, --nrsign-key, and --nrlsign-key.
2004-02-12 18:32:09 +00:00
David Shaw
8765757006 * import.c (import_one): Do the revocation check even in the case when a
key, a revocation key set in a direct key signature, and a revocation from
that revocation key, all arrive piecemeal. Needless to say, this is pretty
obscure.
2004-02-12 16:31:07 +00:00
Werner Koch
8197b20e24 Removed cruft from debugging. 2004-02-12 10:05:47 +00:00
Werner Koch
7080c6553f * watchgnupg.c (main): Implement option "--".
(print_version): New.

* Makefile.am: Include cmacros.am for common flags.
2004-02-12 10:02:22 +00:00
Werner Koch
270576cf17 More stuff for testing 2004-02-12 09:30:37 +00:00
Werner Koch
76b1445390 * Makefile.am (AM_CPPFLAGS): Pass directory constants via -D; this
will allow to override directory names at make time.
2004-02-12 09:29:42 +00:00