(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
Minimal isn't always best.
* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time. Make sure that this doesn't
cause a time warp.
* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).
* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.
* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).
* packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode. This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.
* getkey.c (finish_lookup): Comment.
* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.
* g10.c (add_notation_data): Fix initialization.
expiration date of a subkey. This is not the most optimal solution, but
it is minimal change on the stable branch.
* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.
* import.c (fix_hkp_corruption): Comment.
Return the default algorithm by trying --cipher-algo/--compress-algo, then
the first item in the pref list, then s2k-cipher-algo or ZIP.
* sign.c (sign_file, sign_symencrypt_file), encode.c (encode_simple,
encode_crypt): Call default_cipher_algo and default_compress_algo to get
algorithms.
* g10.c (main): Allow pref selection for compress algo with --openpgp.
'@', unless --expert is set. This is to help prevent people from
polluting the (as yet unused) IETF namespace.
* main.h: Comments about default algorithms.
* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.
algorithm name (CAST5, SHA1) rather than the short form (S3, H2).
* main.h, keygen.c (keygen_get_std_prefs), keyedit.c (keyedit_menu):
Return and use a fake uid packet rather than a string since we already
have a nice parser/printer in keyedit.c:show_prefs.
* main.h, misc.c (string_to_compress_algo): New.
parse_import_options), g10.c (main): New import-option "convert-sk-to-pk"
to convert a secret key into a public key during import. It is on by
default.
* keylist.c: (print_pubkey_info): New.
(print_seckey_info): New.
* main.h: Prototypes for the new functions.
* delkey.c (do_delete_key): Use it here.
* revoke.c (gen_desig_revoke): Ditto.
2002-09-13 David Shaw <dshaw@jabberwocky.com>
* getkey.c (check_revocation_keys): Move....
* main.h, sig-check.c (check_revocation_keys): to here. Also
return the signature_check error code rather than 0/1 and cache
the sig result.
* sig-check.c (check_key_signature2): Divert to
check_revocation_keys if a revocation sig is made by someone other
than the pk owner.
* getkey.c (merge_selfsigs_main): Tidy.
2002-09-13 Werner Koch <wk@gnupg.org>
* g10.c (main) [__MINGW32__]: Activate oLoadExtension.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
(get_user_id_printable): this. Filter out all dangerous
characters. Checked all usages.
(get_user_id_string_native): Renamed to..
(get_user_id_string_printable): this. Filter out all dangerous
characters. Checked all usages.
* keyedit.c (show_basic_key_info): New.
* keylist.c (print_fingerprint): New mode 3.
* import.c (import_one): Use new function to display the user ID.
restarting gpg. This is Debian bug 124219, though their supplied patch
will not do the right thing.
* main.h, tdbio.c (tdbio_set_dbname), misc.c (removed check_permissions),
keydb.c (keydb_add_resource), g10.c (main, check_permissions): Significant
reworking of the permission check mechanism. The new behavior is to check
everything in the homedir by checking the homedir itself. If the user
wants to put (possibly shared) keyrings outside the homedir, they are not
checked. The options file and any extension files are checked wherever
they are, as well as their enclosing directories. This is Debian bug
147760.
delete_inv_parts), g10.c (main): New import-option
"repair-hkp-subkey-bug", which repairs as much as possible the HKP
mangling multiple subkeys bug. It is on by default for keyserver
receives, and off by default for regular --import.
* main.h, import.c (import, import_one, delete_inv_parts), hkp.c
(hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver import
options when doing keyserver receives.
delete_inv_parts), keyserver.c (parse_keyserver_options): add new
--import-options option. The only current flag is "allow-local-sigs".
* g10.c (main): Don't disable MDC in pgp7 mode.
* options.h, g10.c (main), keyserver.c (parse_keyserver_options): Remove
old keyserver-option include-attributes now that there is an export-option
for the same thing.
g10.c (main): add new --export-options option. Current flags are
"include-non-rfc", "include-local-sigs", "include-attributes", and
"include-sensitive-revkeys".
* options.h, hkp.c (hkp_export), keyserver.c (parse_keyserver_options,
keyserver_spawn): try passing unknown keyserver options to export options,
and if successful, use them when doing a keyserver --send-key.
* build-packet.c (build_sig_subpkt): We do not generate
SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
designated revoker means "sensitive", not "local". It's exportable under
the right circumstances.
* main.h, options.h, export.c (do_export_stream), g10.c (main), hkp.c
(hkp_export), keyserver.c (keyserver_spawn: Add a flag to skip attribute
packets and their signatures while exporting. This is to accomodate
keyservers (pksd again) that choke on attributes. Use keyserver-option
"include-attributes" to control it. This defaults to ON (i.e. don't
skip).
