1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-25 10:49:57 +01:00

556 Commits

Author SHA1 Message Date
David Shaw
fc60e6779d * compress.c (init_compress): Remove "-z10" trick to get uncompressed data
inside a compressed data packet.  This is possibly dangerous without an
MDC. (push_compress_filter2): Do the right thing (i.e. nothing) with
compress algo 0.

* main.h, decrypt.c (decrypt_messages): Accept filenames to decrypt on
stdin.  This is bug #253.
2004-01-26 20:50:01 +00:00
David Shaw
7690350b7a * getkey.c (merge_selfsigs): If a subkey is already revoked by the owner,
don't allow a designated revokation of the whole key to override this.
We're still revoked either way, of course.
2004-01-21 23:41:42 +00:00
David Shaw
335d393062 * g10.c (list_config): Add "version" tag for --list-config. 2004-01-21 04:21:29 +00:00
David Shaw
3373615cfd * g10.c (collapse_args): New function to turn argc/argv into a single
string. (main): Use it here to pass list_config() more than one argument
as a single string. (print_algo_numbers): Helper to print algorithm
numbers. (list_config): Use it here for "pubkey", "cipher",
"hash"/"digest", and "compress" config options.
2004-01-16 00:52:08 +00:00
David Shaw
b644894902 * g10.c (list_config, main): New function to dump config options to
stdout.  Currently requires --with-colons.

* getkey.c, keylist.c, packet.h, pkclist.c: Fix copyright dates.
2004-01-13 22:24:23 +00:00
Werner Koch
39c7b95e93 * hkp.c (hkp_export): Send a content-type line. 2004-01-13 11:18:18 +00:00
David Shaw
aeb16fcca1 * packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), pkclist.c
(check_signatures_trust): Indicate who has revoked a key (the owner or a
designated revoker).  If a key was revoked by both, prefer the owner.
2004-01-09 20:32:36 +00:00
David Shaw
9e8788618f * sig-check.c: Copyright typo.
* keylist.c (set_attrib_fd): Open attribute fd in binary mode. This isn't
meaningful on POSIX systems, but the Mingw builds aren't exactly POSIX.
2004-01-06 04:33:09 +00:00
David Shaw
727171a6c1 * sig-check.c (check_revocation_keys): Comments.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.

* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs.  It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.

* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.

* compress-bz2.c: Include stdio.h.  Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
2003-12-29 03:40:21 +00:00
Werner Koch
5bec60f5ae * tdbio.c: Fixed format string bugs related to the sue of
DB_NAME.  Reported by Florian Weimer.
2003-12-23 19:20:15 +00:00
David Shaw
c6f07b53b2 * getkey.c (get_pubkey_fast): This one is sort of obscure. get_pubkey_fast
returns the primary key when requesting a subkey, so if a user has a key
signed by a subkey (we don't do this, but used to), AND that key is not
self-signed, AND the algorithm of the subkey in question is not present in
GnuPG, AND the algorithm of the primary key that owns the subkey in
question is present in GnuPG, then we will try and verify the subkey
signature using the primary key algorithm and hit a BUG().  The fix is to
not return a hit if the keyid is not the primary.  All other users of
get_pubkey_fast already expect a primary only.
2003-12-10 14:57:38 +00:00
David Shaw
f9fffa826c * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys for
anything except revocations.

* sign.c (do_sign): Add Elgamal encrypt-only keys to the signature
catchall.

* trustdb.c (mark_usable_uid_certs): Disallow signatures to and from
Elgamal encrypt-only keys in the trustdb.  Granted, this sounds strange,
but there are historical keys that fit this description.
2003-12-05 04:13:47 +00:00
Werner Koch
6970faab8f * mainproc.c (check_sig_and_print): Removed the "0x" again.
Reverts change from 2003-10-03.

* THANKS: Added Phong Nguyen, who found the Elgamal signing key
problem.

* configure.ac (ALL_LINGUAS): Added a Russian translation; thanks
to Maxim Britov.  Added Belarusion; thanks to Ales Nyakhaychyk.
2003-12-03 15:11:23 +00:00
David Shaw
39e551985d * g10.c (strusage, main): Show development version warning in --version
output.

* trustdb.c (mark_usable_uid_certs): Disallow signatures to and from an
Elgamal signing key in the trustdb.
2003-12-02 05:22:42 +00:00
David Shaw
b713d8464f * keygen.c (ask_algo): Remove ability to generate Elgamal sign+encrypt
keys.
2003-11-29 22:59:10 +00:00
David Shaw
74e3c5ac7d * revoke.c (gen_desig_revoke): Specify in the comment when a designated
revocation is generated.

* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys for
anything except revocations.

* sign.c (do_sign): Catchall for any Elgamal signatures except
revocations.
2003-11-29 22:44:05 +00:00
David Shaw
60cdcf61f5 * trustdb.c (validate_keys): Reset the trustdb before checking if we have
any ultimately trusted keys.  This ensures that if we lose all our
ultimately trusted keys, we don't leave behind the old validity
calculations.
2003-11-29 15:03:31 +00:00
David Shaw
f909811a73 * seskey.c (do_encode_md): Comment about earlier (pre-PGP 2.3) encodings.
* misc.c (compress_algo_to_string): Translate "Uncompressed". Requested by
Tommi Vainikainen.
2003-11-21 00:55:41 +00:00
David Shaw
4e4a23de9e * compress-bz2.c (init_compress): Compression level 0 is not meaningful
for bzip2.
2003-11-15 23:49:44 +00:00
David Shaw
964cb93108 * g10.c: Add --compress-level (same as -z). 2003-11-15 13:40:20 +00:00
David Shaw
96f429ecee * mainproc.c (proc_symkey_enc): Don't show algorithm information when
--quiet is set.  Suggested by Duncan Harris.  Also don't fail with BUG()
when processing a --symmetric message with a cipher we don't have.

* pkclist.c (build_pk_list): Revert last change.  There are too many side
effects for stable.
2003-11-06 05:12:20 +00:00
David Shaw
71e1d13238 * pkclist.c (build_pk_list): Show all recipients rather than showing each
recipient as they are added.
2003-11-01 01:03:10 +00:00
David Shaw
ef3f432bc5 * misc.c (compress_algo_to_string, check_compress_algo): Add bzip2.
* g10.c (main): Add read-only warning.

* compress.c (compress_filter): Make static to help force the use of
push_compress_filter.  Remove default algorithm setting since that is done
in push_compress_filter now.

* main.h: Use named algorithm.

* filter.h, compress.c (push_compress_filter, push_compress_filter2): New.
Figure out which is the appropriate compression filter to use, and push it
into place.

* compress.c (handle_compressed), encode.c (encode_simple, encode_crypt),
sign.c (sign_file, sign_symencrypt_file), import.c (read_block), export.c
(do_export): Use push_compress_filter instead of pushing the compression
filter ourselves.

* compress-bz2.c: New.  Bzlib versions of the compression filter routines.

* Makefile.am: Include compress-bz2.c if bz2lib is available.
2003-10-31 04:57:17 +00:00
David Shaw
ef0ade2d78 * mainproc.c (proc_symkey_enc, proc_encrypted): Keep a count of the number
of passphrases that can decrypt a symmetric or mixed symmetric/pk message
and include it in the list of keys shown to the user.
2003-10-26 23:17:47 +00:00
David Shaw
ea4d713e88 * mainproc.c (symkey_decrypt_sesskey): There is no way to tell the
difference here between a bad passphrase and a cipher algorithm that we
don't have, so use a error message that makes that clear. Use the actual
list of ciphers when checking whether a cipher is invalid.  Return error
if the decrypted cipher algorithm is invalid. (proc_symkey_enc): In a
mixed passphrase/pk message, if a valid dek already exists from decrypting
via pk, do not try to process the passphrase. (proc_symkey_enc): Indicate
when we're decrypting a session key as opposed to decrypting data.  If a
passphrase is invalid, discard the dek so we'll keep trying.
2003-10-26 02:31:48 +00:00
David Shaw
cc1e739560 * g10.c (main): Fix --export-all do actually do something different than
--export.
2003-10-17 03:56:30 +00:00
Werner Koch
342ae2b472 * mainproc.c (check_sig_and_print): Prefix the key ID printed with
0x.  Requested by Nelson H. F. Beebe.
2003-10-03 12:49:48 +00:00
David Shaw
23832b60d8 * g10.c (main): Add --no-groups to zero --group list.
* encode.c (encode_simple): Allow for 32 bytes (256 bits) of symmetrically
encrypted session key.  Use --s2k-cipher-algo to choose cipher, rather
than --cipher-algo.  This code is never actually called in stable, but
better to fix it here in case we branch in the future.

* parse-packet.c (parse_subkeyenc): Call it a "symmetrically encrypted
session key" since "session key decryption key" is just baffling.  Neaten
--list-packets output.

* pubkey-enc.c (get_it): Always show cipher-not-in-prefs warning unless
--quiet is set.
2003-10-01 14:19:30 +00:00
David Shaw
6e3c6e6bcb * parse-packet.c (parse_symkeyenc): Give a warning if a session key
decryption key is seen without salt.  Show in --list-packets if a session
key decryption key is present.
2003-09-30 17:27:02 +00:00
David Shaw
c22c4261f4 * g10.c (main): Deprecate --no-comment in favor of --no-sk-comments. 2003-09-23 03:43:12 +00:00
David Shaw
bb345baf45 * g10.c (main): Deprecate -f in favor of --encrypt-files. 2003-09-12 00:43:12 +00:00
David Shaw
0cf79eed68 * g10.c (main): Error out if --multifile is used with the commands that
don't support it yet (--sign, --clearsign, --detach-sign, --symmetric, and
--store).
2003-09-09 00:20:21 +00:00
David Shaw
54d55d4147 * g10.c (main): Add --multifile as an alias to turn --encrypt into
--encrypt-files (plus --verify-files, --decrypt-files).

* encode.c (use_mdc), g10.c (main): Use RFC1991 and RFC2440 directly to
check for MDC usability.  Do not set the force_mdc or disable_mdc flags
since there is no point any longer.
2003-09-05 23:55:51 +00:00
David Shaw
33f0c46571 * keylist.c (show_policy_url): Policy URLs might be UTF8. 2003-08-31 03:37:17 +00:00
David Shaw
eb5309d0bc * keyedit.c (menu_addrevoker): Fix leaking a few bytes. 2003-08-31 02:57:25 +00:00
David Shaw
2f2fba641b * gpgv.c: s/__MINGW32__/_WIN32/ to help building on native Windows
compilers.  Requested by Brian Gladman.
2003-08-29 00:04:28 +00:00
David Shaw
33c0e98761 * keyedit.c (change_passphrase): When responding 'no' to the blank
passphrase question, re-prompt for a new passphrase.  This is bug #202.
2003-08-26 00:20:53 +00:00
Werner Koch
ebdccb9e47 * keyserver.c (keyserver_search_prompt): Flush stdout before
issuing the prompt.  Requested by Todd Vierling.

* samplekeys.asc: Refreshed the keys.
2003-08-21 17:17:13 +00:00
David Shaw
9fb045f01c * options.skel: Note that keyserver.pgp.com isn't synchronized, and
explain the roundrobin a bit better.

* sig-check.c (check_key_signature2), import.c (import_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids,
merge_blocks): Make much quieter during import of slightly munged, but
recoverable, keys. Use log_error for unrecoverable import failures.
2003-08-19 02:58:25 +00:00
David Shaw
82dc505d6f * keyring.c (keyring_rebuild_cache): Comment.
* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.
2003-08-13 03:02:09 +00:00
David Shaw
1b5d5c7ecb * parse-packet.c (parse_signature): Don't give "signature packet without
xxxx" warnings for experimental pk algorithms.  An experimental algorithm
may not have a notion of (for example) a keyid (i.e. PGP's x.509 stuff).
2003-08-02 20:56:46 +00:00
Stefan Bellon
c7fdd03e1a Removed trailing semicolon to avoid error with Norcroft C 2003-07-31 19:12:32 +00:00
Werner Koch
36a0b950e5 * passphrase.c (agent_send_all_options): Make use of $GPG_TTY. 2003-07-30 16:17:29 +00:00
Werner Koch
da4bf59349 Changed a lot of __MINGW32__ to _WIN32. This should help a bit in
building with native Windows compilers.  On request by Brian Gladman.
2003-07-30 16:04:46 +00:00
Werner Koch
48feaa39a5 * g10.c (main): Disable use-agent if passphrase-fd is given
later. Suggested by Kurt Garloff.
2003-07-30 07:44:27 +00:00
Werner Koch
5f728ff549 Removed an md_start_debug 2003-07-30 07:44:16 +00:00
Werner Koch
bf244e9aeb * parse-packet.c (parse_key): Allow to parse the gnu-divert-to-s2k
mode.
2003-07-28 18:31:28 +00:00
David Shaw
fe2451d0e3 * packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
Provide a signing-key-is-revoked flag.  Change all callers.

* status.h, status.c (get_status_string): New REVKEYSIG status tag for a
good signature from a revoked key.

* mainproc.c (do_check_sig, check_sig_and_print): Use it here.

* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare actual
signatures on import rather than using keyid or class matching.  This does
not change actual behavior with a key, but does mean that all sigs are
imported whether they will be used or not.
2003-07-28 00:49:20 +00:00
David Shaw
f6d753ca16 * gpgv.c (read_trust_options): Stub. 2003-07-21 17:26:02 +00:00
David Shaw
828abe6483 * trustdb.h, trustdb.c (read_trust_options): New. Returns items from the
trustdb version record.

* keylist.c (public_key_list): Use it here for the new "tru" record.
2003-07-21 16:51:59 +00:00
David Shaw
9f839ac937 * sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.
2003-07-21 14:55:00 +00:00
David Shaw
5d65681eb6 * keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.
2003-07-16 03:09:15 +00:00
David Shaw
c7698f6cb3 * misc.c (pct_expando): Minor performance tweak. Don't bother to re-fetch
the primary key if the key making the signature is the primary key.

* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
2003-07-05 04:02:38 +00:00
David Shaw
dcc026f7e0 * misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).

* tdbio.h, tdbio.c (create_version_record, tdbio_write_nextcheck,
tdbio_read_record, tdbio_write_record): Force a 0 into the trust_model
field.  This is to help smooth the 1.2->1.4 switchover, as otherwise a 1.4
trustdb could be rebuilt as classic on 1.2 while still claiming to be a
non-classic trust model.
2003-07-01 23:20:30 +00:00
David Shaw
fbc1b34f71 * keyserver.c (keyserver_spawn): Use ascii_isspace instead of spacep since
ascii_isspace includes \r and \n.
2003-06-26 20:29:50 +00:00
David Shaw
2987a5e0bd * signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
2003-06-24 13:52:42 +00:00
David Shaw
4b83d093a9 * Makefile.am: Include W32LIBS where appropriate. 2003-06-20 03:22:39 +00:00
David Shaw
67fa8b8f3b * keyedit.c (sign_uids): Add additional prompt to the signature level
question. (menu_expire): When changing expiration dates, don't replace
selfsigs on revoked uids since this would effectively unrevoke them.
There is also no point in replacing expired selfsigs.  This is bug #181.

* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
2003-06-19 16:54:51 +00:00
David Shaw
36fce8bd93 * keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way.

* mainproc.c (check_sig_and_print): Grammar fix ;)
2003-06-19 03:39:37 +00:00
David Shaw
7bf7cdb476 * keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
2003-06-18 13:12:52 +00:00
David Shaw
a5381060d2 * hkp.c (hkp_search): Return proper error code on failure.
* keyedit.c (sign_uids): Do not allow signing a user ID without a
self-signature.  --expert overrides.

* options.skel: Use subkeys.pgp.net as the default keyserver.

* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
2003-06-18 03:25:45 +00:00
David Shaw
421823cee3 * keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading.  This
is a temporary kludge, and will be handled properly in 1.9/2.0.

* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction.  This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
2003-06-15 02:54:09 +00:00
Werner Koch
0848d55ff3 * parse-packet.c (parse): Disallow old style partial length for
all key material packets to avoid possible corruption of keyrings.
2003-06-10 08:34:53 +00:00
Werner Koch
16d1456ac3 * import.c (import_keys): Invalidate the cache so that the file
descriptor gets closed.  Fixes bug reported by Juan F. Codagnone.
2003-06-08 21:19:20 +00:00
David Shaw
75b4e369eb * keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids).

* mainproc.c (print_notation_data, check_sig_and_print): Only show the
"key available from" preferred keyserver line if the key is not currently
present.
2003-06-07 22:38:15 +00:00
Werner Koch
6a00a17bd1 Make sure that only ascii is passed to isfoo functions. 2003-06-07 20:06:32 +00:00
David Shaw
a72b1e0a57 * options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since
they at least handle subkeys correctly.

* mainproc.c (print_notation_data), parse-packet.c (dump_sig_subpkt,
parse_one_sig_subpkt, can_handle_critical): Add read-only support for
preferred keyserver subpackets.  They're basically policy URLs with a
different name.

* g10.c (main): Add "--set-notation" as alias to "--notation-data" this is
to make things consistent with --set-policy-url meaning both sigs and
certs.
2003-06-04 22:27:05 +00:00
David Shaw
c8abff498a * main.h, misc.c (parse_options): New general option line parser. Fix the
bug in the old version that did not handle report syntax errors after a
valid entry.

* import.c (parse_import_options), export.c (parse_export_options): Call
it here instead of duplicating the code.
2003-05-31 21:44:31 +00:00
David Shaw
d6e7a14fa7 * keylist.c (list_one): Don't show the keyring filename when in
--with-colons mode.  Actually translate "Keyring" string.

* mainproc.c (proc_tree): We can't currently handle multiple signatures of
different classes or digests (we'd pretty much have to run a different
hash context for each), but if they are all the same, make an exception.
This is Debian bug #194292.

* sig-check.c (check_key_signature2): Make string translatable.

* packet.h, getkey.c (fixup_uidnode): Mark real primary uids differently
than assumed primaries.

* keyedit.c (no_primary_warning): Use the differently marked primaries
here in a new function to warn when an --edit-key command might rearrange
the self-sig dates enough to change which uid is primary. (menu_expire,
menu_set_preferences): Use no_primary_warning() here.

* Makefile.am: Use @DLLIBS@ for -ldl.
2003-05-30 22:18:31 +00:00
David Shaw
898aa0ed02 * armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, hkp.c, mainproc.c,
parse-packet.c, signal.c, textfilter.c: Edit all preprocessor instructions
to remove whitespace before the '#'.  This is not required by C89, but
there are some compilers out there that don't like it.
2003-05-22 03:00:23 +00:00
Werner Koch
847c935307 * sign.c (write_plaintext_packet)
* progress.c (handle_progress)
* encode.c (encode_simple,encode_crypt): Make sure that a filename
of "-" is considered to be stdin so that iobuf_get_filelength
won't get called.  This fixes bug 156 reported by Gregery Barton.
2003-05-21 08:41:26 +00:00
David Shaw
d5afcca57f * keylist.c (list_keyblock_print): Don't dump attribs for
revoked/expired/etc uids for non-colon key listings.  This is for
consistency with --show-photos.

* main.h, keylist.c (dump_attribs), mainproc.c (check_sig_and_print): Dump
attribs if --attrib-fd is set when verifying signatures.
2003-05-20 20:51:35 +00:00
David Shaw
020ace9330 * parse-packet.c (parse_key): Clear disabled flag when parsing a new key.
Just in case someone forgets to clear the whole key.

* getkey.c (merge_selfsigs_main): Add an "if all else fails" path for
setting a single user ID primary when there are multiple set primaries all
at the same second, or no primaries set and the most recent user IDs are
at the same second, or no signed user IDs at all. This is arbitrary, but
deterministic.

* exec.h, photoid.h: Add copyright message.
2003-05-11 21:10:46 +00:00
David Shaw
6957239566 * g10.c (main): New --gnupg option to disable the various --openpgp,
--pgpX, etc. options.  This is the same as --no-XXXX for those options.

* packet.h, getkey.c (skip_disabled), keylist.c (print_capabilities): New
"pk_is_disabled" macro to retrieve the cached disabled value if available,
and fill it in via cache_disabled_value if not available.

* trustdb.h, gpgv.c (is_disabled), trustdb.c (is_disabled): Rename to
cache_disabled_value.  Cache the result of the check so we don't need to
hit the trustdb more than once.

* trustdb.c (get_validity): Cache the disabled value since we have it
handy and it might be useful later.
2003-05-09 16:05:24 +00:00
David Shaw
0e57fe4e94 * revoke.c (ask_revocation_reason): Clear old reason if user elects to
repeat question.  This is bug 153.
2003-05-07 14:18:14 +00:00
David Shaw
53f2944998 * keyedit.c (sign_uids): Show keyid of the key making the signature.
* trustdb.h, trustdb.c (is_disabled), keylist.c (print_capabilities),
gpgv.c (is_disabled): is_disabled now takes a pk and not just the keyid.
This is for speed since there is no need to re-fetch a key when we already
have that key handy.

* getkey.c (skip_disabled): New function to get a pk and call is_disabled
on it. (key_byname): Use it here.
2003-05-07 14:04:27 +00:00
David Shaw
879014e14b * g10.c (main): Show errors for failure in export, send-keys, recv-keys,
and refresh-keys.

* keyserver.c (keyserver_work): Range check the TCP port for HKP.

* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.

* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.

* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.
2003-05-03 03:17:00 +00:00
David Shaw
5d283fdd8b * sign.c (sign_file): Fix bug that causes spurious compression preference
warning.

* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.

* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), sign.c (sign_file, clearsign_file), encode.c
(encode_crypt, write_pubkey_enc_from_list): New functions to put the "this
message may not be usable...." warning in one place.

* options.h, g10.c (main): Part two of the simplification.  Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)
2003-05-02 21:41:43 +00:00
David Shaw
37ec8572e8 * options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex.  This is step one in simplifying them.
No functional change yet, just use a macro to check for compliance level.
2003-05-02 19:22:00 +00:00
David Shaw
620afaecb5 * packet.h, build-packet.c (build_sig_subpkt), export.c
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket.  This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.
2003-05-02 02:57:23 +00:00
David Shaw
4b502c70bf * pkclist.c (do_we_trust_pre): If an untrusted key was chosen by a
particular user ID, use that ID as the one to ask about when prompting
whether to use the key anyway. (build_pk_list): Similar change here when
adding keys to the recipient list.

* trustdb.c (update_validity): Fix bug that prevented more than one
validity record per trust record. (get_validity): When retrieving validity
for a (user) supplied user ID, return the validity for that user ID only,
and do not fall back to the general key validity. (validate_one_keyblock):
Some commentary on whether non-self-signed user IDs belong in the web of
trust (arguably, they do).
2003-04-30 04:45:25 +00:00
Werner Koch
e934896789 * sig-check.c (check_key_signature2): Made "no subkey for subkey
binding packet" a verbose item instead of a !quiet one.  There are
too many garbled keys out in the wild.
* getkey.c (premerge_public_with_secret): Made "no secret subkey
for" warning a verbose item and translatable.
2003-04-29 07:21:08 +00:00
Werner Koch
d174920691 * filter.h: Remove const from WHAT.
* progress.c (handle_progress): Store a copy of NAME.
(progress_filter): Release WHAT, make sure not to print a NULL WHAT.
* openfile.c (open_sigfile): Adjust free for new progress semantics.
* plaintext.c (ask_for_detached_datafile): Don't dealloc pfx->WHAT.
2003-04-29 07:15:25 +00:00
David Shaw
e30006a769 * build-packet.c (build_sig_subpkt): Comments.
* exec.c (exec_write): Cast NULL to void* to properly terminate varargs
list.

* keyedit.c (show_key_with_all_names): Just for safety, catch an invalid
pk algorithm.

* sign.c (make_keysig_packet): Crucial that the call to mksubpkt comes
LAST before the calls to finalize the sig as that makes it possible for
the mksubpkt function to get a reliable pointer to the subpacket area.
2003-04-28 22:00:31 +00:00
David Shaw
625c3ef091 * sign.c (mk_notation_and_policy): Make some strings translatable. 2003-04-27 20:01:10 +00:00
David Shaw
f5e9289b82 * sign.c (mk_notation_and_policy): Make some strings translatable. 2003-04-27 19:57:05 +00:00
David Shaw
5cf9c2f1f2 * mainproc.c (check_sig_and_print): Show sig class when verifying a sig
with --verbose on, and add version, pk and hash algorithms and sig class
to VALIDSIG.

* g10.c (main): Add --no-textmode.

* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), trustdb.c (get_validity, reset_trust_records,
validate_keys): Make some strings translatable.
2003-04-27 04:10:04 +00:00
David Shaw
2e6d0dd2e0 * mainproc.c (check_sig_and_print): Show digest algorithm when verifying a
sig with --verbose on.

* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since the devel version can make signatures that trigger
it each time.
2003-04-26 21:35:22 +00:00
David Shaw
9b6afa4fab * hkp.c (hkp_ask_import, hkp_export, hkp_search): Make sure to allocate
space for the ":port" text in HKP URLs.
2003-04-25 03:53:17 +00:00
Werner Koch
a524209170 Reverted recent changes in the copyright notices. We can't use a
range of years but must list each year we have prepared a release
and applied a textual change to a file.  It is common that some
files are not changed in a couple of years and a range would not
allow to express this.
2003-04-23 10:17:41 +00:00
David Shaw
0727326e4e * plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler
warnings.
2003-04-22 04:23:31 +00:00
David Shaw
338be86caf * keyedit.c (sign_uids): Allow replacing expired signatures. Allow
duplicate signatures with --expert.

* pkclist.c (check_signatures_trust): Don't display a null fingerprint
when checking a signature with --always-trust enabled.

* filter.h (progress_filter_context_t), progress.c (handle_progress): Fix
compiler warnings.  Make "what" constant.

* build-packet.c (do_plaintext): Do not create invalid literal packets
with >255-byte names.
2003-04-22 04:10:22 +00:00
Werner Koch
d739d1c9b1 * g10.c, options.h: New option --enable-progress-filter.
* progress.c (handle_progress): Make use of it.
2003-04-15 15:49:41 +00:00
Repo Admin
56f87ae51d This commit was manufactured by cvs2svn to create branch
'STABLE-BRANCH-1-2'.
2003-04-15 15:49:41 +00:00
Werner Koch
7b63a8ed5c Reverted recent changes to --output. This is the stable branch and it
might break applications.
2003-04-14 07:52:18 +00:00
Timo Schulz
b79275a66f Forgot to sync the CVS. Check in the code again. 2003-04-13 10:09:57 +00:00
Werner Koch
5ee4951f28 Return cancel flag also for the old agent protocol. 2003-04-10 08:51:29 +00:00
Werner Koch
ed16a85de8 * passphrase.c (read_passphrase_from_fd): Do a dummy read if the
agent is to be used.  Noted by Ingo Kl�cker.
(agent_get_passphrase): Inhibit caching when we have no
fingerprint.  This is required for key generation as well as for
symmetric only encryption.
2003-04-10 07:23:44 +00:00
Werner Koch
3ff3ac5ba4 * passphrase .c (agent_get_passphrase): New arg CANCELED.
(passphrase_to_dek): Ditto.  Passed to above.  Changed all
callers to pass NULL.
* seckey-cert.c (do_check): New arg CANCELED.
(check_secret_key): Terminate loop when canceled.

* keyedit.c (change_passphrase): Pass ERRTEXT untranslated to
passphrase_to_dek and translate where appropriate.

* seckey-cert.c (check_secret_key): Ditto.
* keygen.c (ask_passphrase): Ditto.
* passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT.
Switch the codeset to utf-8.
2003-04-09 15:17:20 +00:00
Werner Koch
5a9e7663c1 * decrypt.c (decrypt_messages): Fixed error handling; the fucntion
used to re-loop with same file after an error.  Reported by Joseph
Walton.
2003-04-09 08:03:17 +00:00