1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-26 10:59:58 +01:00

835 Commits

Author SHA1 Message Date
Stefan Bellon
70618e5175 RISC OS specific changes 2002-04-22 15:49:31 +00:00
David Shaw
c530d811c6 * samplekeys.asc: Added 0x5B0358A2 2002-04-20 14:18:20 +00:00
David Shaw
3b97ac9ef8 * keygen.c (generate_subkeypair): 2440bis04 adds that creating subkeys on
v3 keys is a MUST NOT.

* getkey.c (finish_lookup): The --pgp6 "use the primary key" behavior
should only apply while data signing and not encryption. Noted by Roger
Sondermann.
2002-04-20 11:57:35 +00:00
David Shaw
f06ee291db * keyedit.c (menu_deluid): Only cause a trust update if we delete a
non-revoked user id.

* hkp.c (hkp_ask_import), keyserver.c (parse_keyserver_options,
keyserver_spawn), options.h: Remove fast-import keyserver option (no
longer meaningful).

* g10.c (main), keyedit.c (sign_uids), options.h: Change
--default-check-level to --default-cert-check-level as it makes clear what
it operates on.

* g10.c (main): --pgp6 also implies --no-ask-sig-expire.

* delkey.c (do_delete_key): Comment.
2002-04-19 22:38:20 +00:00
David Shaw
5aab7388df Added samplekeys.asc to EXTRA_DIST in Makefile.am 2002-04-19 22:21:40 +00:00
David Shaw
6452c6474b * gnupg.spec.in: Removed pubring.asc and OPTIONS. Added samplekeys.asc. 2002-04-19 21:48:59 +00:00
David Shaw
95469633d9 * gpg.sgml: Add "%t" flag for photo IDs, a note about primary having
different meanings for photo and regular IDs, rename --default-check-level
to --default-cert-check-level, add --auto-check-trustdb, and --pgp6.

* DETAILS: Add EXPSIG, EXPKEYSIG, and KEYEXPIRED.  Add notes to SIGEXPIRED
(deprecated), and VALIDSIG (added expiration date). Add "Preferences"
command to unattended key generation instructions.  Also fixed a few
typos.

* samplekeys.asc: new
2002-04-19 21:29:11 +00:00
Werner Koch
7fa416a7fd Helper script to ask for translation updates 2002-04-19 13:27:25 +00:00
David Shaw
cc7fb43ac3 * keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,
menu_expire, menu_revsig, menu_revkey): Only force a trustdb check if we
did something that changes it.

* g10.c: add "--auto-check-trustdb" to override a
"--no-auto-check-trustdb"
2002-04-19 11:31:53 +00:00
Werner Koch
a2c677c829 preparing 1.0.7 SNAP-1-0-6e 2002-04-19 10:32:01 +00:00
Werner Koch
4847eadcd8 * tdbio.c (tdbio_write_nextcheck): Return a status whether the
stamp was actually changed.
* trustdb.c (revalidation_mark): Sync the changes.  Removed the
sync operation done by its callers.
(get_validity): Add logic for maintaining a pending_check flag.
(clear_ownertrust): New.

* keyedit.c (sign_uids): Don't call revalidation_mark depending on
primary_pk.
(keyedit_menu): Call revalidation_mark after "trust".
(show_key_with_all_names): Print a warning on the wrong listed key
validity.

* delkey.c (do_delete_key): Clear the owenertrust information when
deleting a public key.
2002-04-19 09:18:57 +00:00
Werner Koch
aedeefcc5f * seskey.c (encode_md_value): Print an error message if a wrong
digest algorithm is used with DSA.  Changed all callers to cope
with a NULL return.  Problem noted by Imad R. Faiad.
2002-04-18 19:38:34 +00:00
Werner Koch
30c8d23aff * rndlinux.c, rndegd.c, rndunix.c (func_table): Made func a
function pointer.  Note that we still need to change the module
interface to cope with data vs function pointer problems.  Hmmm,
even dlsym has a problem with this.
2002-04-18 18:41:27 +00:00
Werner Koch
adc8de23d1 * eo.po: Updated. 2002-04-18 18:41:04 +00:00
Werner Koch
72125f8fe7 * i386/syntax.h (ALIGN): Removed parens from definition
* i386/mpih-add1.S, i386/mpih-sub1.S, i386/mpih-rshift.S,
i386/mpih-lshift.S: Minor syntax changes suggested by Mark Pettit
after comparing the files with those for GMP 4.
2002-04-18 18:40:33 +00:00
Werner Koch
40bbe7f621 * trustdb.c (validate_keys): Never schedule a nextcheck into the
past.
(validate_key_list): New arg curtime use it to set next_expire.
(validate_one_keyblock): Take the current time from the caller.
(clear_validity, reset_unconnected_keys): New.
(validate_keys): Reset all unconnected keys.
2002-04-18 18:40:11 +00:00
David Shaw
c07113d265 * trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable
signatures that can expire.  In short, the only thing that can override an
unexpired nonrevocable signature is another unexpired nonrevocable
signature.

* getkey.c (finish_lookup): Always use primary signing key for signatures
when --pgp6 is on since pgp6 and 7 do not understand signatures made by
signing subkeys.
2002-04-18 18:23:22 +00:00
Werner Koch
37c268ed6a * trustdb.c (validate_keys): Never schedule a nextcheck into the
past.
2002-04-18 11:01:56 +00:00
Werner Koch
bf7cef8ebf * getkey.c (lookup): Advance the searchmode after a search FIRST. 2002-04-18 10:50:05 +00:00
Werner Koch
ad2bfad4cc * getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
for use with secret keys.

* seckey-cert.c (do_check): Always calculate the old checksum for
use after unprotection.

* g10.c, options.skel: New option --no-escape-from.  Made
--escape-from and --force-v3-sigs the default and removed them
from the options skeleton.
2002-04-18 08:09:56 +00:00
Werner Koch
60e0b2ad92 * parse-packet.c (parse_key): Support a SHA1 checksum as per
draft-rfc2440-bis04.
* packet.h (PKT_secret_key): Add field sha1chk.
* seckey-cert.c (do_check): Check the SHA1 checksum
(protect_secret_key): And create it.
* build-packet.c (do_secret_key): Mark it as sha-1 protected.
* g10.c, options.h: New option --simple-sk-checksum.
2002-04-17 16:00:03 +00:00
Werner Koch
e906ef5f5b doc fixes 2002-04-17 15:59:30 +00:00
David Shaw
9ef1a80f8d * parse-packet.c (parse_signature): Minor fix - signatures should expire
at their expiration time and not one second later.

* keygen.c (proc_parameter_file): Allow specifying preferences string
(i.e. "s5 s2 z1 z2", etc) in a batchmode key generation file.

* keyedit.c (keyedit_menu): Print standard error message when signing a
revoked key (no new translation).

* getkey.c (merge_selfsigs): Get the default set of key prefs from the
real (not attribute) primary uid.
2002-04-14 01:27:11 +00:00
David Shaw
9d7b26c784 * pkclist.c (build_pk_list): Fix bug that allowed a key to be selected
twice in batch mode if one instance was the default recipient and the
other was an encrypt-to.  Noted by Stefan Bellon.

* parse-packet.c (dump_sig_subpkt): Show data in trust and regexp sig
subpackets.

* keyedit.c (keyedit_menu): Use new function real_uids_left to prevent
deleting the last real (i.e. non-attribute) uid.  Again, according to the
attribute draft. (menu_showphoto): Make another string translatable.
2002-04-13 04:32:03 +00:00
David Shaw
5005434c7e * build-packet.c (build_sig_subpkt): Delete subpackets from both hashed
and unhashed area on update.  (find_subpkt): No longer needed.

* keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key with a v4
signature.  As usual, --expert overrides.  Try to tweak some strings to a
closer match so they can all be translated in one place.  Use different
helptext keys to allow different help text for different questions.

* keygen.c (keygen_upd_std_prefs): Remove preferences from both hashed and
unhashed areas if they are not going to be used.
2002-04-12 04:07:26 +00:00
David Shaw
018f352294 * misc.c (pct_expando), options.skel: Use %t to indicate type of a photo
ID (in this version, it's always "jpeg").  Also tweak string expansion
loop to minimize reallocs.

* mainproc.c (do_check_sig): Variable type fix.

* keyedit.c (menu_set_primary_uid): Differentiate between true user IDs
and attribute user IDs when making one of them primary. That is, if we are
making a user ID primary, we alter user IDs. If we are making an attribute
packet primary, we alter attribute packets.  This matches the language in
the latest attribute packet draft.

* keyedit.c (sign_uids): No need for the empty string hack.

* getkey.c (fixup_uidnode): Only accept preferences from the hashed
segment of the self-sig.
2002-04-11 04:04:41 +00:00
David Shaw
f29240cc2e cipher.c (setup_cipher_table, cipher_open, cipher_encrypt, cipher_decrypt,
dummy_setkey, dummy_encrypt_block, dummy_decrypt_block): the dummy cipher
should only be built on development versions.
2002-04-10 17:25:22 +00:00
Werner Koch
170604883a * pl.po: Updated. 2002-04-10 09:54:34 +00:00
Werner Koch
f99f585427 * tdbio.c (migrate_from_v2): Fixed the offset to read the old
ownertrust value and only add entries to the table if we really
have a value.
2002-04-10 09:53:55 +00:00
David Shaw
d367d40e47 Add KEYEXPIRED, EXPSIG, and EXPKEYSIG. Add
"deprecated-use-keyexpired-instead" to SIGEXPIRED.

Start transition from SIGEXPIRED to KEYEXPIRED, since the actual event is
signature verification by an expired key and not an expired signature.
Rename do_signature_check as signature_check2, make public, and change all
callers.

Use status EXPSIG for an expired, but good, signature.  Add the expiration
time (or 0) to the VALIDSIG status line.  Use status KEYEXPSIG for a good
signature from an expired key.

Remove checks for no arguments now that argparse does it.
2002-04-10 04:21:26 +00:00
Werner Koch
2ad36cb4f2 * es.po: Fixed a c-format problem; for unknown reasons msgfmt -c
can't cope with swapped arguments.
2002-04-09 18:11:18 +00:00
Werner Koch
b65a7ec114 * de.po: Fuzzy fixes and a few new translations.
* id.po: Fixed a format string mismatch.

* eo.po, it.po, ja.po, sv.po: Updated with a somewhat newer
version from the TP.

* es_ES.po: Removed
* es.po: and replaced with this updated version from the TP.

* cs.po: New.  Fixed for format string mismatches.

* el.po, gl.po: New from TP.
2002-04-09 17:49:48 +00:00
Werner Koch
d930e5d7b7 * configure.ac (ALL_LINGUAS): Added Czech, Galician and Greek
translations.  s/es_ES/es/.
2002-04-09 17:47:17 +00:00
Werner Koch
9eaf67cb15 * configure.ac (ALL_LINGUAS): Added Czech translation. 2002-04-09 13:01:28 +00:00
Werner Koch
0aba8ef50a * cs.po: New. 2002-04-09 13:00:46 +00:00
Werner Koch
eef0fc2892 * DETAILS: Fix a spelling error, correct IMPORTED_RES to IMPORT_RES,
correct INV_RECP (the second occurence) to NO_RECP.
2002-04-09 11:38:20 +00:00
Werner Koch
b725d8ec27 Merged in my changes, after disk crash. Fortunately the CVS was not
affected - but everything else and it seems that there is no backup of
the BTS data is available :-(
2002-04-08 15:10:51 +00:00
David Shaw
6be3bee320 Fix auto-key-retrieve to actually work as a keyserver-option (noted by
Roger Sondermann).

Do not reorder the primary attribute packet - the first user ID must be a
genuine one.
2002-04-04 03:45:50 +00:00
David Shaw
7e2e0b9950 Documentation fixes.
auto-key-retrieve is a keyserver-option (noted by Roger Sondermann).

  --pgp2 also means --disable-mdc, --no-ask-sig-expire, and
  --no-ask-cert-expire.  It does not mean --no-force-v3-sigs (noted by
  Timo).
2002-04-03 14:57:44 +00:00
David Shaw
0f682ed3f7 Fix ownertrust display with --with-colons.
Properly initialize the user ID refcount for user and photo IDs.

Tweak a few prompts to change "y/n" to "y/N", which is how most other
prompts are written.

Warn the user if they are about to revoke an expired sig (not a problem,
but they should know).

Control-d escapes the keyserver search prompt.

If a subkey is considered revoked solely because the parent key is
revoked, print the revocation reason from the parent key.

Allow revocation/expiration to apply to a uid/key with no entry in the
trustdb.
2002-03-31 23:51:33 +00:00
David Shaw
1ca0a0ac0b Some gnupg.spec.in changes for RPM builds: Added the gpgkeys_xxx keyserver
helpers.  Added a * to catch variations on the basic gpg man page (gpg,
gpgv).  Mark options.skel as a config file.  Do not include the
FAQ/faq.html twice (in /doc/ and /share/).
2002-03-31 21:42:38 +00:00
David Shaw
9fb6cae5e4 Quote and unquote backslashes from keyserver search responses. 2002-03-29 16:58:07 +00:00
David Shaw
47c8a325f5 If a delimiter is used, then quote the backslash character as well.
Problem noted by Rainer Perske.
2002-03-29 16:52:07 +00:00
David Shaw
d56fb26c55 Quote backslashes in keyserver search responses 2002-03-29 16:26:33 +00:00
Werner Koch
5fe15dfeb5 Added some notes about the colon list mode in gpgsm 2002-03-28 16:37:39 +00:00
David Shaw
84dc3fee79 Add a few notes about --pgp2 meaning MIT PGP 2.6.2, and keyserver details
about HKP and NAI HKP to the manual.
2002-03-27 06:24:26 +00:00
David Shaw
ff8460f20d Minor tweak to importing to allow more non-signed uids (now that
--allow-non-selfsigned-uid allows for completey unsigned uids).

Do not choose an attribute packet (i.e. photo) as primary uid.  This
prevents oddities like "Good signature from [image of size 2671]".  This
is still not perfect (one can still select an attribute packet as primary
in --edit), but is closer to the way the draft is going.

The algorithms list should include #110.

--pgp2 implies --no-ask-sig-expire and --no-ask-cert-expire as those would
cause a v4 sig/cert.

Be more lenient in what constitutes a valid armor header (i.e. -----BEGIN
blah blah-----) as some Windows programs seem to add spaces at the end.
--openpgp makes it strict again
2002-03-24 04:54:58 +00:00
David Shaw
d5a39044ef Add some comments 2002-03-19 13:53:26 +00:00
David Shaw
162dbff533 Change meaning of --allow-non-selfsigned-uid to match change in code, and
add --no-allow-non-selfsigned-uid.
2002-03-19 04:37:41 +00:00
David Shaw
46ce06d9d9 Properly handle a "no keys found" case from the internal HKP code
(external HKP is ok). Also, make a COUNT -1 (i.e. streamed) keyserver
response a little more efficient.

Add --no-allow-non-selfsigned-uid
2002-03-19 04:35:45 +00:00