1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-26 10:59:58 +01:00

572 Commits

Author SHA1 Message Date
Werner Koch
e245123907 * g10.c (main): --gen-random --armor does now output a base64
encoded string.
2002-01-30 16:29:56 +00:00
David Shaw
04d8d2263c --pgp6 flag. This is not nearly as involved as --pgp2. In short, it
turns off force_mdc, turns on no_comment, escape_from, and force_v3_sigs,
and sets compression to 1.  It also restricts the user to IDEA (if
present), 3DES, CAST5, MD5, SHA1, and RIPEMD160. See the comments above
algo_available() for lots of discussion on why you would want to do this.
2002-01-29 01:12:00 +00:00
David Shaw
3e6d5d7c77 More comments about when to use IDEA in keygen.c
When key signing with multiple keys at the same time, make sure each key
gets the sigclass prompt
Close the iobuf and FILE before trying to reap the child process to
encourage the child to exit
Disable cache-on-close of the fd iobuf (shouldn't all fd iobufs not be
cached?)
2002-01-27 05:56:35 +00:00
Werner Koch
806a4fa16e * g10.c, options.h: New option --gpg-agent-info
* passphrase.c (agent_open): Let it override the environment info.
* seckey-cert.c (check_secret_key): Always try 3 times when the
agent is enabled.
* options.skel: Describe --use-agent.
2002-01-26 16:34:00 +00:00
David Shaw
a6f19f40d9 Only check preferences against keys with v4 self sigs as v3 sigs have no
prefs
Only put in the fake IDEA preference with --pgp2 mode
Print "Expired" for expired but good signatures.
2002-01-24 23:54:36 +00:00
David Shaw
1cad77d9b4 Cosmetic: don't present a RSA signing key as a "keypair" which can be 768
bits long (as RSA minimum is 1024)
Allow IDEA as a fake preference for v3 keys with v3 selfsigs when
verifying that a cipher is in preferences while decrypting
2002-01-23 22:17:45 +00:00
David Shaw
1dbd67b96a Some compatibility polish for PGP2. Add a fake IDEA preference for v3
keys (this is in the RFC), so that they can be (sometimes) used along
OpenPGP keys.  Do not force using IDEA on an OpenPGP key, as this may
violate its prefs.
Also, revise the help text for the sig class explanation.
2002-01-22 20:39:10 +00:00
Werner Koch
5a92c6052f * passphrase.c (passphrase_to_dek): Add tryagain_text arg to be
used with the agent.  Changed all callers.
(agent_get_passphrase): Likewise and send it to the agent
* seckey-cert.c (do_check): New arg tryagain_text.
(check_secret_key): Pass the string to do_check.
* keygen.c (ask_passphrase): Set the error text is required.
* keyedit.c (change_passphrase): Ditto.
* passphrase.c (agent_open): Disable opt.use_agent in case of a
problem with the agent.
(agent_get_passphrase): Ditto.
(passphrase_clear_cache): Ditto.
2002-01-20 18:33:04 +00:00
Werner Koch
1e7350da8e Removed debugging output 2002-01-19 20:27:10 +00:00
Werner Koch
646b214d48 * passphrase.c (agent_open): Add support for the new Assuan based
gpg-agent.  New arg to return the used protocol version.
(agent_get_passphrase): Implemented new protocol here.
(passphrase_clear_cache): Ditto.
2002-01-19 18:30:27 +00:00
Timo Schulz
e17cd91abe New command --decrypt-files.
Some fixes.
2002-01-15 16:52:36 +00:00
Timo Schulz
b3a5994235 Fixed some typos. 2002-01-12 22:31:41 +00:00
David Shaw
bd5517b9e2 Move idea_cipher_warn to misc.c so gpgv.c doesn't need a stub
Remove get_temp_dir (it's in exec.c now)
Allow --delete-key (now --delete-keys, though --delete-key still works) to
delete multiple keys in one go.  This applies to
--delete-secret-key(s) and --delete-secret-and-public-key(s) as well
2002-01-09 19:59:26 +00:00
Timo Schulz
0bd41cc2e5 New code for encode_crypt_files. 2002-01-09 18:52:19 +00:00
Timo Schulz
d346578fb1 Added missing include file. 2002-01-09 14:58:59 +00:00
Timo Schulz
05a91bd54f Better description for --encrypt-files. 2002-01-08 22:19:38 +00:00
Werner Koch
c930e300a8 * g10.c (main): Must register the secring for encryption because
it is needed to figure out the default recipient.  Reported by
Roger Sondermann.
2002-01-08 19:40:01 +00:00
David Shaw
7997bba7a9 fix off-by-one in building attribute subpackets
change default compression to 1
add ask-sig-expire and ask-cert-expire (--expert was getting absurdly
overloaded)
permit v3 subkeys
use --expert to protect adding multiple photo ids and adding photos to a
v3 key
2002-01-06 03:52:14 +00:00
Werner Koch
7cacea85a1 * g10.c (main): Do not register the secret keyrings for certain
commands.
* keydb.c (keydb_add_resource): Use access to test for keyring
existence.  This avoids cached opened files which are bad under
RISC OS.
2002-01-05 18:57:54 +00:00
David Shaw
43930f255e Use one-pass packets even if it's a v3 key making the signature
Warn with pgp2 and non-detached signatures
Use the actual filesize rather than partial length packets in
symmetric messages (see ChangeLog or NEWS for discussion).
2002-01-04 23:26:30 +00:00
David Shaw
90d15a9d6a Minor tweaks: remove --no-default-check-level, don't cache child tempfiles
and simpler code in keyserver
2002-01-03 20:03:14 +00:00
Timo Schulz
c02977a2de New command (encrypt-files). 2002-01-03 19:47:20 +00:00
Stefan Bellon
172fbebbcb used different char types for RISC OS 2002-01-02 17:52:02 +00:00
Stefan Bellon
e6b2f37d1f moved util.h include downwards 2002-01-02 17:51:34 +00:00
Stefan Bellon
e9fad52a8d invalidate close cache 2002-01-02 17:50:37 +00:00
Stefan Bellon
47f2e3c245 lock only writable key rings and free unused iobuf 2002-01-02 17:49:29 +00:00
David Shaw
4dde9482c2 Bugfix in photoid.c and keyserver.c
Properly handle permission/ownership checks on files that are shared (for
example /usr/local/lib/gnupg/idea)
2001-12-29 04:43:11 +00:00
David Shaw
aa2e2392da Add an outofband indicator to the keyserver protocol.
Use signature flags for exportability check rather than re-parsing the
subpacket.
2001-12-28 16:34:01 +00:00
David Shaw
1a2d0ebc11 Some exec cleanups and tweaks for photo ID and keyserver execution 2001-12-27 20:48:05 +00:00
David Shaw
604484a4d2 Some tweaks - copyleft info for mkdtemp.c, and header pruning in photoid.c
and keyserver.c
2001-12-25 18:04:09 +00:00
Timo Schulz
8c35c19e43 Fixed a typo and W32 support for the latest CVS changes. 2001-12-23 12:40:04 +00:00
David Shaw
97d3149e92 Avoid const compiler warning 2001-12-22 15:54:12 +00:00
David Shaw
2a53bb0e24 Some last minute tweaks - type fixes from Stefan and win32 temp files
from Timo.
2001-12-22 15:22:59 +00:00
Werner Koch
ccb1f8c175 Minor cleanups 2001-12-22 13:12:24 +00:00
Werner Koch
ab430c4b24 * keyserver.c (keyserver_spawn): Removed some variables
declaration due to shadowing warnings.
* build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid
compiler warnig due to index(3).
* getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value.
* keylist.c (list_one): Made resname const.
* keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is
not used.
* options.skel: Changed one example photo viewer to qiv.
2001-12-22 13:04:24 +00:00
Timo Schulz
0d3b9f0245 Added is_file_compressed 2001-12-22 12:46:47 +00:00
David Shaw
48468e8b25 Add new photo ID files and modify gpgsplit to name attribute packets
properly
2001-12-21 23:09:41 +00:00
David Shaw
d560bdac18 Photo ID support (actually generic "attribute packet" support, but there
is only one attribute packet defined thus far, and it's a picture)
2001-12-21 23:06:02 +00:00
David Shaw
ca058399b0 Nonrevocable key signature support via "nrsign". These sigs can expire,
but cannot be revoked.  Any revocation certificates for them are ignored.
2001-12-21 21:02:05 +00:00
Werner Koch
ca1bc23ef2 * g10.c. options.h : New option --show-keyring
* getkey.c (get_ctx_handle): New.
* keylist.c (list_one): Implement option here.  By David Champion.
2001-12-21 20:08:51 +00:00
Werner Koch
f30e284e61 * options.in: Remove load-extension tiger
* Makefile.am (./options): append it if there is such a module.
2001-12-21 14:36:17 +00:00
David Shaw
c53d735b12 Only gpg (not gpgv) needs mkdtemp 2001-12-20 16:23:55 +00:00
David Shaw
63597774d0 Use mkdtemp() to make temp directories. If there is no mkdtemp(), provide
one.
2001-12-20 16:20:58 +00:00
David Shaw
d5a695f198 New function to check the permissions of GNUPGHOME and the various files
that live there for safe permission/ownership (--no-permission-warning to
disable)
The newer glibcs print scary warnings about using mktemp().  The use here
was actually safe, but the warning was bound to confuse people, so here is
an arguably better tempname creator that pulls random bits from the pool.
2001-12-20 05:02:30 +00:00
Werner Koch
3a60b758ad * g10.c, passphrase.c [CYGWIN32]: Allow this as an alias for MINGW32. 2001-12-19 18:04:31 +00:00
David Shaw
e8936126af Much stricter checking of the keyserver URI
IDEA warning for pk messages encrypted with IDEA (symmetric is already done)
Print IDEA warning for each occurance except for secret key protection and
unknown cipher from an encrypted message.
2001-12-18 23:10:46 +00:00
Werner Koch
9f79634b31 Commited change from 2001-12-13 again:
* pubkey-enc.c (get_session_key): Check that the public key
algorithm is indeed usable for en/decryption.  This avoid a
strange error message from pubkey_decrypt if for some reasons
a bad algorithm indentifier is passed.
2001-12-18 12:16:07 +00:00
David Shaw
a47537fe6f Remove warning - no need to check for control/illegal characters, as
utf8_to_native does this for us
2001-12-17 23:10:07 +00:00
David Shaw
0335a5f458 Fix capitalization issues 2001-12-17 22:48:52 +00:00
David Shaw
30481e5a17 Add a generic IDEA warning for when the IDEA plugin is not present. This
pops up when the user uses "--cipher-algo idea", when setpref is used to
set a "S1" preference, and when a secret key protected with IDEA is used.

Tweak the --pgp2 mode to use this generic warning.
2001-12-17 21:45:40 +00:00
Werner Koch
3851f7df8c * keyserver.c (keyserver_spawn): Assert that we have dropped privs.
* pubkey-enc.c (get_session_key): Check that the public key
algorithm is indeed usable for en/decryption.  This avoid a
strange error message from pubkey_decrypt if for some reasons a
bad algorithm indentifier is passed.
* hkp.c (hkp_export): Do not print possible control characters
from a keyserver response.
(parse_hkp_index): Made uid an unsigned char* because it is passed to
isspace().
(hkp_search): Ditto for the char* vars.
* g10.c (main): Print the IDEA warning also for -c and -se.
* g10.c (get_temp_dir): Assert that we have dropped privs
* encode.c (encode_crypt): Include the first key into the --pgp2
check.
2001-12-15 18:27:13 +00:00
David Shaw
ed32beee67 Fixed some types for portability. Noted by Stefan Bellon. 2001-12-12 19:31:13 +00:00
David Shaw
27949781ec PGP2 patch. --pgp2 sets things up for pgp2 compatibility, and prints a
warning if the user does something that would make the message not
compatible (i.e. encrypt with a non-RSA key, etc.)
2001-12-07 15:24:32 +00:00
David Shaw
1ccd578910 Sig expiration code
Offer to expire a key signature when the key the user is signing expires
Expired sigs cause an error return
If --expert is set, prompt for sig duration
2001-12-07 01:14:15 +00:00
David Shaw
98facb5800 Allow a regular key signature to promote a local signature to full
exportable status
2001-12-07 01:04:02 +00:00
David Shaw
2e941ab7a3 New option --expert
Do not allow signing a revoked UID unless --expert is set, and ask even then.
Do not allow signing a revoked key unless --expert is set, and ask even then.
2001-12-07 01:00:21 +00:00
David Shaw
ebd148e553 Bug fix in "showpref"
Allow setting a no-compression preference
2001-12-07 00:57:50 +00:00
David Shaw
88fbd0dfcf "eyesonly" patch. Implements the for-your-eyes-only feature. 2001-12-07 00:54:18 +00:00
David Shaw
46efe28815 "sigclass" patch - adds key signature class levels, notation and policy-url
displays in key listings, and shows flags for signature features.
2001-12-06 22:04:08 +00:00
David Shaw
934ac0bd7d The new keyserver code itself 2001-12-06 21:54:04 +00:00
David Shaw
293935be4c (sigh). Missed one file. 2001-12-06 21:50:24 +00:00
David Shaw
b7a4656965 Generic keyserver API code 2001-12-06 21:43:04 +00:00
Werner Koch
eb485f83ef * trustdb.c (mark_usable_uid_certs): Fix segfault from bad
initialization and fix reversed key signature expiration check.
2001-11-27 10:28:39 +00:00
Werner Koch
2687db38df * export.c (do_export_stream): Put all given names into a search
description and change the loop so that all matching names are
returned.
2001-11-09 09:36:22 +00:00
Werner Koch
0a036b6b03 Tweaked v3 -c decryption, let --force-v4-certs use SHA-1 for all RSA keys. 2001-11-08 16:24:04 +00:00
Werner Koch
c67b9886c6 fixes for the 1.0.6b bugs David recently posted to gnupg-devel. 2001-11-08 13:26:00 +00:00
Werner Koch
b920ef23ca more fixes due to automake 1.5 2001-10-23 08:04:00 +00:00
Werner Koch
28605dc2b1 Minor fixes 2001-10-22 10:24:55 +00:00
Werner Koch
cfd10815b3 Fixed the Read-Only keyring bug and changed the way the keydb interface
works.
2001-10-18 11:56:03 +00:00
Stefan Bellon
ced9e24bfb Option --no-force-v3-sigs added and disabled agent stuff for RISC OS 2001-10-06 07:33:43 +00:00
Stefan Bellon
9dcd95d866 Disabled agent stuff for RISC OS 2001-10-06 07:32:40 +00:00
Stefan Bellon
8a58fbc17d Option --no-force-v3-sigs added 2001-10-06 07:31:28 +00:00
Werner Koch
ebf6b8a515 calculate time of next trustdb check 2001-09-28 17:00:00 +00:00
Werner Koch
aa971d5c89 make check does work again 2001-09-28 10:43:03 +00:00
Werner Koch
531f3953d8 Encryption should work again 2001-09-27 16:22:23 +00:00
Werner Koch
52be6a8aef completed the new key validation code 2001-09-26 12:49:10 +00:00
Werner Koch
9a5c0fd75a made keylisting faster 2001-09-25 18:47:49 +00:00
Werner Koch
1f4bdf4d26 Changed signature status cache 2001-09-25 15:20:59 +00:00
Werner Koch
a3af543617 Revamped the trustDB 2001-09-24 16:03:14 +00:00
Werner Koch
abdd248af9 Code cleanups 2001-09-20 07:12:52 +00:00
Werner Koch
cf477d0908 Bug fixes and Timo's patches 2001-09-19 14:25:05 +00:00
Werner Koch
e46ad749f9 Check for garbled packets 2001-09-18 09:40:31 +00:00
Werner Koch
d4cd7a3d4b more bug fixesand some warning cleanups 2001-09-09 16:09:19 +00:00
Werner Koch
2874670be9 Last changes before 1.0.6a snapshot release 2001-09-07 11:40:19 +00:00
Werner Koch
59334400a1 fixed a stupid C error 2001-09-07 07:57:51 +00:00
Werner Koch
ed17c7afd0 Revamped the keyring code 2001-09-06 17:10:00 +00:00
Werner Koch
3f465d5d7a bug fixes 2001-08-31 12:51:41 +00:00
Werner Koch
bab40b52cd MDC feature support and other stuff 2001-08-30 16:39:23 +00:00
Werner Koch
93654f5289 Removed duplicated code 2001-08-24 13:59:19 +00:00
Stefan Bellon
62893478bf Fixed use-agent and lock-multiple for RISC OS 2001-08-21 18:09:56 +00:00
Stefan Bellon
f3f5665cf6 changed trustlevel to singed int 2001-08-21 18:08:52 +00:00
Werner Koch
98a8843e28 Implemented -cs and some fixes to the rfc1991 symmetric only mode 2001-08-20 19:10:34 +00:00
Werner Koch
23589ae0a2 Applied Stefan's patches to support RISCOS. 2001-08-20 11:53:05 +00:00
Werner Koch
aa1514852a Added RSA key generation 2001-08-14 11:33:49 +00:00
Werner Koch
dc718d704f Revamped preference handling 2001-08-10 14:04:32 +00:00
Werner Koch
57c1dbc21d fixed silly allocation bug 2001-08-09 15:49:28 +00:00
Werner Koch
a255ea76ae Added a way to update preferences 2001-08-09 13:11:51 +00:00
Werner Koch
aa9da2b07e reworked the way hased data is stored and added a "primary" command
DCVS: ----------------------------------------------------------------------
2001-08-09 09:34:25 +00:00
Werner Koch
0fa9ffe75c Fixes here and there. 2001-08-08 12:34:00 +00:00
Werner Koch
bffeb8738b More Windows and autoconf fixes 2001-08-07 15:35:13 +00:00
Werner Koch
dce4566802 Changed lsign behaviour, allow future subkeys, don't list revoked keys 2001-08-01 10:30:24 +00:00
Werner Koch
a5ed3e6925 Fixed lsign using v3 problem 2001-07-27 09:33:00 +00:00
Werner Koch
6732700743 migration to autoconf 2.52 and bugfixes 2001-07-26 09:37:47 +00:00
Werner Koch
ae78aed6b6 one debian bug fixed 2001-06-16 11:09:29 +00:00
Werner Koch
01fe1dd2a9 Fix for toupper('I') != 'i' 2001-06-12 18:42:40 +00:00
Werner Koch
e3b897b52d About to release 1.0.6 2001-05-29 06:58:58 +00:00
Werner Koch
e354b518d3 just released another snapshot 2001-05-28 12:46:28 +00:00
Werner Koch
ca284c1000 fixed severe format string bug 2001-05-25 07:22:34 +00:00
Werner Koch
24d8a7555f Fixes submitted by James 2001-05-06 10:53:36 +00:00
Werner Koch
432c230348 --send-key fix and other minor things 2001-05-05 16:33:05 +00:00
Werner Koch
e061b9972f Fixed copyright year lists according to CVS and ChangeLogs 2001-04-29 14:08:29 +00:00
Werner Koch
cc08ba73d4 Updated copyright notices and other doc fixes. 2001-04-28 18:53:00 +00:00
Werner Koch
7bf54c22e9 last hour fixes. 2001-04-28 10:43:25 +00:00
Werner Koch
94e6596bec New "showpref" subcommand for --edit-key 2001-04-25 10:05:33 +00:00
Werner Koch
feb2b1914d Fixed translation issue 2001-04-24 14:22:48 +00:00
Werner Koch
113cf10dbe Fixed bug with v3 secret keys and expiration time 2001-04-24 09:57:31 +00:00
Werner Koch
fda386855b Add kludge for broken HTTP proxies. 2001-04-23 11:44:46 +00:00
Werner Koch
7c67adea66 Add UTF-8 charset 2001-04-20 12:21:23 +00:00
Werner Koch
397a73b685 Fixes for W32 2001-04-19 11:40:45 +00:00
Werner Koch
64ddc393e1 Estonian translation, .texi man pages. 2001-04-17 16:20:32 +00:00
Werner Koch
c9e908e734 Improved pipemode and tweaked handling of multiple signatures. 2001-04-05 12:21:43 +00:00
Werner Koch
424f5d6d93 Allow to enter an alternate filename 2001-03-29 09:18:11 +00:00
Werner Koch
ec742b7f58 Fixed nasty Hash bug 2001-03-28 21:20:39 +00:00
Werner Koch
f0b82cd352 a second snapshot thsi day (1.0.4f) 2001-03-27 18:13:44 +00:00
Werner Koch
355c76352a Made genkey work again. 2001-03-27 11:14:22 +00:00
Werner Koch
e2c88461fc Fixed a bugs; e.g. in --list-secret-keys 2001-03-27 09:23:14 +00:00
Werner Koch
3b866e74a8 Verify created signatures. 2001-03-24 16:29:31 +00:00
Werner Koch
f3b2ef0b93 The "Samba" bug fixes :-) 2001-03-22 18:04:47 +00:00
Werner Koch
4e7a8b19dc list key-capabilities 2001-03-15 13:08:15 +00:00
Werner Koch
fb7e532861 add option --fixed-list-mode 2001-03-14 06:56:11 +00:00
Werner Koch
19ea3e3d99 Key listing cleanup 2001-03-13 17:32:28 +00:00
Werner Koch
aaabc72ec0 Keyserver access is now supported under W32 2001-03-13 13:00:10 +00:00
Werner Koch
5e79cb47e0 worked on solving some bugs 2001-03-12 20:21:50 +00:00
Werner Koch
be06120679 Changed and added copyright notices 2001-03-08 14:33:24 +00:00
Werner Koch
88761d49bc Changed the implementation of iobuf to avoid stdio calls. 2001-03-07 20:03:45 +00:00
Werner Koch
0bd4fc7359 Add self-signature verification caching 2001-03-05 13:59:16 +00:00
Werner Koch
fbbcb797c5 Fixed the new key selection code 2001-03-03 16:17:55 +00:00
Werner Koch
5fec6982f9 Removed that very stupid assert in delkey 2001-02-09 12:43:13 +00:00
Werner Koch
4c316cb9b5 Fixed some bugs in the selection code 2001-02-08 20:59:58 +00:00
Werner Koch
2af87f8829 Backported getkey.c from 1.1 2001-02-08 16:28:28 +00:00
Werner Koch
a910f4f50c Fixed delkey 2001-01-29 17:46:16 +00:00
Werner Koch
4ae64383cd Enhanced delkey command and other stuff for gpgme 2001-01-23 13:56:30 +00:00
Werner Koch
227d0f17de Changes for MingW32/CPD 0.3 and some bug fixes 2001-01-18 09:02:35 +00:00
Werner Koch
90ddf482d0 Release snapshot 1.0.4d 2001-01-11 13:20:02 +00:00
Werner Koch
bb8276a4ee Small W32 fixes 2001-01-04 14:11:55 +00:00
Werner Koch
a66fa9c25e Add KEY_CREATED status 2001-01-03 13:36:03 +00:00
Werner Koch
9b12847f25 Add missing stub, fixed comment typos 2000-12-28 19:32:55 +00:00
Werner Koch
94c45b7ff3 Remove lockfiles and other changes 2000-12-28 15:49:42 +00:00
Werner Koch
04beb81571 1.0.4c snapshot 2000-12-19 12:38:53 +00:00
Werner Koch
335dcec55b Pipemode now works for detached binary signatures. 2000-12-11 19:54:59 +00:00