to enable the uid walking when signing a key with no uids specified to
sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
protocols we handle. Directly pass them to curl or fake-curl and see if
an error comes back.
* curl-shim.h, curl-shim.c (handle_error), ksutil.c (curl_err_to_gpg_err):
Add support for CURLE_UNSUPPORTED_PROTOCOL in fake curl.
* Makefile.am: Don't need -DFAKE_CURL any longer since it's in config.h.
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.
* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
when compacting a uid. There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.
* keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed.
* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed). This allows
importing compacted uids.
stays up to date.
* gpgkeys_http.c: Don't need to define HTTP_PROXY_ENV here since it's
in ksutil.h.
* gpgkeys_curl.c (get_key, main), gpgkeys_hkp.c (main): Pass AUTH
values to curl or curl-shim.
* curl-shim.c (curl_easy_perform), gpgkeys_curl.c (main),
gpgkeys_hkp.c (main): Use curl-style proxy semantics.
(send_request, http_open, http_open_document): Clean up auth code.
Can now support different auth for a proxy and the file being
requested via that proxy. Unescape auth strings.
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing. Like import-clean-sigs, this may nodify the local keyring.
* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
import_one): Add import-clean-sigs option to automatically clean a key
when importing. Note that when importing a key that is already on the
local keyring, the clean applies to the merged key - i.e. existing
superceded or invalid signatures are removed.
menu_clean_subkeys_from_key), trustdb.h, trustdb.c
(clean_subkeys_from_key): Remove subkey cleaning function. It is of
very limited usefulness since it cannot be used on any subkey that can
sign, and can only affect multiple selfsigs on encryption-only
subkeys.
and revoked uids in fixup_uidnode(). No need to special case in
merge_selfsigs_main(). This also means that an expired uid will have
its selfsig tagged with chosen_selfsig.