1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Commit Graph

931 Commits

Author SHA1 Message Date
David Shaw
db8adc2880 * keyedit.c (menu_clean_uids_from_key, menu_clean_subkeys_from_key),
trustdb.c (clean_uids_from_key, clean_subkeys_from_key): Fix mingw32 build
warnings.  Noted by Joe Vender.
2005-05-31 19:12:10 +00:00
Werner Koch
a6a93ac540 * keydb.h [!ENABLE_AGENT_SUPPORT]: Define dummy types.
* cardglue.c (assuan_strerror, assuan_transact): Dummy functions
        if not build with agent support.

	* zh_TW.po, zh_CN.po, es.po, ro.po: Updated.

        * tr.po: Updated from TP.  Note: this is an exception in general
        translations from the Robot are not anymore accepted.

        * regcomp.c (MB_CUR_MAX) [_WIN32]: Define it only if not defined.
2005-05-31 10:11:01 +00:00
Werner Koch
7d4043ca57 Updated FSF street address and preparations for a release candidate. 2005-05-31 08:39:18 +00:00
David Shaw
0a9827ca07 * trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk through
the subkeys on a key, and mark any that aren't usable for deletion.
Note that a signing subkey is never marked for deletion since these
keys are still useful after expiration or revocation.

* keyedit.c (menu_clean_subkeys_from_key): New function to call
clean_subkeys_from_key() on a key.  Note that the strings here are not
marked for translation yet.  The UI is still in flux, and there is no
point in annoying the translators twice.  (keyedit_menu): Call it here
as part of the "clean" command.
2005-05-31 03:59:24 +00:00
David Shaw
acac94aa90 * trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through the
user IDs on a key, and mark any that aren't valid for deletion.

* keyedit.c (menu_clean_uids_from_key): New function to call
clean_uids_from_key() on a key.  (keyedit_menu): Call it from here as
part of the "clean" command.
2005-05-30 03:43:30 +00:00
David Shaw
0bad13cdf4 * g10.c (main): Default {export|import}-unusable-sigs to off until the
"clean" UI can be finished.
2005-05-27 03:00:26 +00:00
Werner Koch
d0f5655d19 * passphrase.c (ask_passphrase): Unescape the description string.
* cardglue.c (unescape_status_string): Removed.  Changed all
caller to use ...
* misc.c (unescape_percent_string): New.
2005-05-24 12:39:42 +00:00
Werner Koch
2ab2a874a0 (add_notation_data): Check number of at-signs. 2005-05-24 09:15:01 +00:00
Werner Koch
d8bd3a3826 (add_notation_data): Check number of at-signs. 2005-05-24 09:14:31 +00:00
Werner Koch
2f63b5299c * app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS.
* cardglue.c (open_card): Check USE_AGENT.
(agent_scd_checkpin): Implemented Assuan part.
(agent_scd_change_pin): Ditto.
2005-05-23 20:16:21 +00:00
Werner Koch
75675331f1 * cardglue.c (open_card): Check USE_AGENT.
* g10.c (main): Option --debug-ccid-driver may now be given
several times increase the debug level.

* ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version
5.14 as good.
(do_close_reader): Never do a reset. The caller should instead
make sure that the reader has been closed properly.  The new retry
code in ccid_slot_status will make sure that the readersatrts up
fine even if the last process didn't closed the USB connection
properly.
(ccid_get_atr): For certain readers try switching to ISO mode.
Thanks to Ludovic Rousseau for this hint and the magic numbers.
(print_command_failed): New.
(bulk_in): Use it here. Add new arg NO_DEBUG.
(ccid_slot_status): Disabled debugging.
2005-05-23 14:38:05 +00:00
Werner Koch
be2aa37dbf * cardglue.c (send_status_info): Make CTRL optional.
(agent_scd_writekey, inq_writekey_parms): New.
(agent_openpgp_storekey): Removed.
* cardglue.h: Add a few more error code mappings.
* keygen.c (copy_mpi): Removed.
(save_unprotected_key_to_card): Changed to use agent_scd_writekey.
* app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer
version in gnupg 1.9 CVS.
2005-05-21 14:04:32 +00:00
Werner Koch
bd644c8d45 (ccid_transceive): Arghhh. The seqno is another
bit in the R-block than in the I block, this was wrong at one
place. Fixes bug #419 and hopefully several others.
2005-05-20 20:37:08 +00:00
David Shaw
c5fa20dba3 * build-packet.c (do_comment): Removed. (build_packet): Ignore
comment packets.

* export.c (do_export_stream): Don't export comment packets any
longer.

* options.h, g10.c (main): Remove --sk-comments and --no-sk-comments
options, and replace with no-op.
2005-05-14 02:38:31 +00:00
David Shaw
e81d88b265 * keygen.c (write_selfsigs): Rename from write_selfsig. Write the same
selfsig into both the pk and sk, so that someone importing their sk (which
will get an autoconvert to the pk) won't end up with two selfsigs.
(do_generate_keypair): Call it from here.

* parse-packet.c (can_handle_critical_notation): New.  Check for
particular notation tags that we will accept when critical. Currently,
that's only preferred-email-encoding@pgp.com, since we know how to handle
it (pass it through to a mail program). (can_handle_critical): Call it
from here. (parse_one_sig_subpkt): Sanity check that notations are
well-formed in that the internal lengths add up to the size of the
subpacket.
2005-05-11 19:31:53 +00:00
Werner Koch
0ab01480ed (do_close_reader): Don't do a reset before close.
Some folks reported that it makes the SCR335 hang less often.
Look at the source on how to re-enable it.
2005-05-07 15:22:01 +00:00
David Shaw
89c844bd3a * main.h, keygen.c (parse_expire_string, ask_expire_interval), sign.c
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c
(sign_uids): Use seconds rather than days internally to calculate
expiration.  We no longer need the day-based code as we don't generate v3
keys.
2005-05-06 19:25:19 +00:00
David Shaw
10f51e0714 * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use the
default sig expire value when signing in batchmode.
2005-05-06 13:03:22 +00:00
David Shaw
89055cca85 * Makefile.am, packet.h, main.h, comment.c: Remove comment.c. We don't
use any of these functions any longer.
2005-05-05 22:32:52 +00:00
David Shaw
da0c60a987 * keygen.c (start_tree): New function to "prime" a KBNODE list.
(do_generate_keypair): Use it here rather than creating and deleting a
comment packet.

* keygen.c (gen_elg, gen_dsa): Do not put public factors in secret key as
a comment.

* options.h, encode.c (encode_simple, encode_crypt), keygen.c (do_create):
Remove disabled comment packet code.
2005-05-05 22:08:37 +00:00
David Shaw
08bd93f7dc * keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default
preferences.
2005-05-05 21:18:47 +00:00
David Shaw
c71639cfff * options.h, g10.c (main): Add new --default-sig-expire and
--default-cert-expire options.  Suggested by Florian Weimer.

* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.

* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
2005-05-05 19:21:40 +00:00
Werner Koch
6639bbf699 * passphrase.c (agent_get_passphrase): Add new arg CACHEID.
Changed all callers.
(ask_passphrase): Add new arg CACHEID and use it in agent mode.
Changed all callers.
(passphrase_clear_cache): New arg CACHEID.  Changed all callers.
* cardglue.c (format_cacheid): New.
(pin_cb): Compute a cache ID.
(agent_scd_pksign, agent_scd_pkdecrypt): Use it.
(agent_clear_pin_cache): New.
* card-util.c (change_pin): Clear the PIN cache.
(check_pin_for_key_operation): Ditto.
2005-05-03 22:27:07 +00:00
David Shaw
f02fe1dafb * trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the
no-pubkey and chosen revocation cases.  (clean_uid): New function to
clean a user ID of unusable (as defined by mark_usable_uid_certs)
certs.

* keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new
"clean" command that removes unusable sigs from a key.
2005-04-24 18:35:30 +00:00
David Shaw
6d72a1c649 * trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): Allow
specifying user ID via the namehash from --with-colons
--fixed-list-mode --list-keys.  Suggested by Peter Palfrader.
2005-04-24 16:05:41 +00:00
David Shaw
5bfd1199b8 * keyedit.c (sign_uids, keyedit_menu): When the user requests to sign
a key without specifying which user IDs to sign, and declines to sign
all user IDs, walk through the set of user IDs and prompt for which to
sign.
2005-04-22 03:36:20 +00:00
David Shaw
edc0862448 * mainproc.c (symkey_decrypt_seskey): There is no need to have an
extra check for a bad passphrase and/or unknown cipher algorithm here.
We'll fail quite happily later, and usually with a better error
message to boot.
2005-04-22 03:21:14 +00:00
David Shaw
b7c3018d32 * keyserver.c (keyserver_spawn): Free some memory.
* sign.c (hash_for): Comments.
2005-04-17 04:10:03 +00:00
Werner Koch
73fb1c592f * g10.c (main, add_notation_data, add_policy_url)
(add_keyserver_url): Use isascii() to protect the isfoo macros and
to replace direct tests.  Possible problems noted by Christian
Biere.
* keyserver.c (parse_keyserver_uri): Ditto.

* g10.c (main): Declare --pipemode deprecated.
* misc.c (deprecated_command): New.
2005-04-11 18:24:09 +00:00
Werner Koch
f8a3345229 * ccid-driver.c (ccid_slot_status): Fixed debug messages.
* card-util.c (card_edit): Add command "verify".  Enhanced admin
command to allow optional arguments "on", "off" and "verify".
(card_status): Print private DOs in colon mode.
* app-openpgp.c (do_check_pin): Add hack to allow verification of
CHV3.
2005-04-07 08:31:23 +00:00
Werner Koch
80f4424658 Changes to make use of code taken from libassuan. This replaces the
old ad-hoc connection code to gpg-agent.  We do need this for the
forthcoming diversion of card code to an already running gpg-agent
with card-support.
2005-04-05 17:09:13 +00:00
David Shaw
727cda9758 * mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP)
signatures that use hashes other than SHA-1, RIPEMD160, or MD5.
2005-04-01 16:22:34 +00:00
Werner Koch
c43423f0bd (keygen_set_std_prefs): Explain the chosen order of
AES key sizes.
2005-04-01 09:03:15 +00:00
David Shaw
c336e34571 * exec.h, exec.c (set_exec_path): Remove some dead code and change all
callers.  We no longer need to append to $PATH.
2005-03-31 17:11:53 +00:00
Werner Koch
fe01cbceb0 * keydb.c (keydb_add_resource): Clarify meaning of flags. Add new
flag 4.  Use log_info for errors registering the default secret key.
* g10.c (main): Flag the default keyrings.
2005-03-31 07:05:35 +00:00
David Shaw
14fdbdc97a * keyserver.c (keyserver_spawn): Don't mess about with the $PATH.
Rather, call keyserver helpers with the full path.  This fixes some
PATH-inspired DLL problems on W32.  Noted by Carlo Luciano Bianco.
2005-03-31 03:58:53 +00:00
Werner Koch
1985805cdf (pin_cb): Print a warning if the info string hack is
not there.  This may happen due to typos in the translation.
2005-03-30 10:39:13 +00:00
David Shaw
57b9ba5e16 * gpgv.c: Stubs for tty_enable_completion() & tty_disable_completion().
* openfile.c (ask_outfile_name): Enable readline completion when prompting
for an output filename.

* plaintext.c (ask_for_detached_datafile): Enable readline completion when
prompting for a detached sig datafile.
2005-03-21 20:47:28 +00:00
Werner Koch
31135aff14 * keyedit.c (command_generator, keyedit_completion): Changed
indentation.
* card-util.c (command_generator, card_edit_completion): Ditto.
2005-03-21 15:24:48 +00:00
David Shaw
f30b25e565 * card-util.c (command_generator, card_edit_completion)
[GNUPG_MAJOR_VERSION==1 && HAVE_LIBREADLINE]: New functions to enable
command completion in the --card-edit menu.  (card_edit): Call them
here.
2005-03-20 03:59:07 +00:00
David Shaw
c249809a6b * keyedit.c (command_generator, keyedit_completion) [HAVE_LIBREADLINE]:
New functions to enable command completion in the --edit-key menu.
(keyedit_menu): Call them here.
2005-03-18 22:07:12 +00:00
David Shaw
5f7720e693 * getkey.c (get_seckey_byname2): If no explicit default key is set, don't
pick a disabled default.  Noted by David Crick.
2005-03-17 23:52:38 +00:00
David Shaw
e19aa2e3ea * Makefile.am: Calculate GNUPG_LIBEXECDIR directly. Do not redefine
$libexecdir.
2005-03-17 23:14:47 +00:00
David Shaw
ff93f3528a * options.h, keyserver.c (parse_keyserver_options, keyserver_spawn): Don't
treat 'verbose' and 'include-disabled' as special.  Just pass them through
silently to the keyserver helper.
2005-03-17 22:55:17 +00:00
Werner Koch
8ba895c763 (parse_ccid_descriptor): Make SCM workaround
reader type specific.
(scan_or_find_devices): Do not check the interface subclass in the
SPR532 kludge, as this depends on the firmware version.
(ccid_get_atr): Get the Slot status first.  This solves the
problem with readers hanging on recent Linux 2.6.x.
(bulk_in): Add argument TIMEOUT and changed all callers to pass an
appropriate one.  Change the standard timeout from 10 to 5 seconds.
(ccid_slot_status): Add a retry code with an initial short timeout.
(do_close_reader): Do an usb_reset before closing the reader.
2005-03-16 19:10:54 +00:00
Werner Koch
a177090f37 * card-util.c (card_status): Use isotimestamp and not the
localized asctimestamp to match the timezone used in the key
information.

* miscutil.c (isotimestamp): New.
2005-03-14 20:41:20 +00:00
Werner Koch
a043c14d22 * cardglue.c (pin_cb): Disable debug output.
* mk-w32-dist: Check for patch files.
* w32installer.nsi: Translated a few more strings.  Print a
warning if permssions are not suitable for the installation.
Add Uninstaller entries.
2005-03-14 19:19:21 +00:00
David Shaw
9bf9389179 * keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an
alias for http-proxy.
2005-03-10 19:34:40 +00:00
David Shaw
04f02174e1 * delkey.c (do_delete_key, delete_keys): Fix problem with --expert
preventing --delete-secret-and-public-keys from deleting secret keys.
2005-03-10 18:43:36 +00:00
Werner Koch
e27aa939bf (keyedit_menu) [W32]: Run the trustdb stale check
earlier.
2005-03-10 18:40:57 +00:00
Werner Koch
c91e30fda4 * primegen.c (is_prime): Free A2. Noted by pmike2001@mail.ru.
Fixes #423.

* DETAILS: Document new status codes.

* cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign)
(agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin)
(agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a
SC_OP_FAILURE after card operations which might change data.
* card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has
been changed.
(change_name): Removed a debug output.
* status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE
and SC_OP_SUCCESS.

* de.po: Updated. Translation is still in the works, though.
2005-03-07 13:59:59 +00:00
David Shaw
522ca12084 * keyedit.c (keyedit_menu): Only print the key signing hint when signing
from a place where it is useful (i.e. --edit-key and not --sign-key).
2005-02-24 21:21:14 +00:00
Werner Koch
00ef56868d * card-util.c (fetch_url): Fetch the key from the default
keyserver if no URL is available.

* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.
2005-02-16 20:08:14 +00:00
Werner Koch
bb71180d07 * gpg.sgml: Add bkuptocard command for --edit-key.
* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.
2005-02-15 11:02:32 +00:00
David Shaw
a3ea962679 Disable the "quick check" bytes for PK decryptions. This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
2005-02-10 04:06:30 +00:00
David Shaw
2dbfc709ad * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
is dirty and --interactive is set, do an --update-trustdb.  If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is
set.

* import.c (import_keys_internal): Moved from here.

* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end.  This is Debian bug
#293816, noted by Kurt Roeckx.
2005-02-06 17:38:43 +00:00
David Shaw
01f0036d23 * getkey.c (merge_selfsigs_subkey): Merged away definition from the
backsigs code.
2005-02-05 00:00:35 +00:00
Werner Koch
334e3e96d2 Updated to match the switch to the NSIS installer. 2005-02-03 09:32:53 +00:00
David Shaw
c49620a720 * keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.
2005-02-01 05:26:25 +00:00
David Shaw
df42d339d9 * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
instead of 0x0000000000000000 for the invalid key ID since all-zeroes
is reserved for the anonymous recipient.

* keyedit.c (change_passphrase), keygen.c (generate_subkeypair): Fix a
string ;)
2005-01-28 00:50:10 +00:00
Werner Koch
d96f816f89 * keygen.c (generate_subkeypair): Detect primary key on-card and
ask for the passphrase.  Return an error if the primary key is a
plain stub.

* keyedit.c (change_passphrase): Don't ever change any stub key.
Print a note if a key consists of only stub keys.  Reported by
Dany Nativel.  These are bugs #401 and #402.
2005-01-27 11:48:33 +00:00
Werner Koch
963748d1b5 Updated to the version from 1.2.7. 2005-01-27 10:30:28 +00:00
David Shaw
e6cbb88f61 * keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal
address] syntax in keyserver URLs.  (keyserver_typemap): Map ftps if
we are supporting it.
2005-01-26 21:20:30 +00:00
Werner Koch
aa62bf505d (do_generate_keypair): Don't continue after an error;
fixed at two places. Why at all didn't I used a goto to cleanup,
tsss?
2005-01-25 14:34:51 +00:00
Werner Koch
aa87314e6f (get_cached_data): New arg GET_IMMEDIATE to bypass
the cache.  Changed all callers.
(get_one_do): Bypass the cache if the value would have been read
directly for v1.1 cards.It makes things a bit slower but obnly for
1.0 cards and there are not that many cards out in the wild.  This
is required to fix a caching bug when generating new keys; as a
side effect of the retrieval of the the C4 DO from the 6E DO the
chaced fingerprint will get updated to the old value and later
when signing the generated key the checking of the fingerprint
fails becuase it won't match the new one.  Thanks to Moritz for
analyzing this problem.
(verify_chv3): Removed the CHV status reread logic because we
won't cache the C4 DO anymore.
2005-01-25 14:18:56 +00:00
David Shaw
625806b6ae * keyserver.c (free_keyserver_spec): Fix small leak.
(keyserver_typemap): Map https if we are supporting it.
2005-01-22 03:33:12 +00:00
Werner Koch
6a0fda89c0 (open_card): Issue new CARDCTRL(4) status. 2005-01-20 18:25:25 +00:00
Werner Koch
b2b2786be1 * gpgv.c (tty_fprintf): New stub.
* card-util.c (card_status): Create asecret key stub on the fly
and print more information about a card key.
* import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New.
* getkey.c (get_seckeyblock_byfprint): New.
* keylist.c (print_card_key_info): New.
2005-01-20 17:21:40 +00:00
Werner Koch
5bda87bd6e * g10.c (i18n_init) [W32]: Pass registry key to gettext
initialization.
* gpgv.c (i18n_init) [W32]: Ditto.

* simple-gettext.c (set_gettext_file): Use MO files depending on
the installation directory.  Add new arg REGKEY.
2005-01-20 11:42:03 +00:00
Werner Koch
79161ef7b9 (public_key_list): Do a trustdb staleness check before
opening the keyring.
(secret_key_list): Ditto.
2005-01-18 09:51:58 +00:00
David Shaw
96a3982b9b * keyedit.c (keyedit_menu): Move command strings outside the function to
get ready for the readline completion code.
2005-01-11 04:15:55 +00:00
David Shaw
74ca58ee94 * passphrase.c (readline, agent_send_option, agent_open,
agent_get_passphrase, passphrase_clear_cache): Rename readline() to
readaline() to keep readline library namespace clear.
2005-01-10 22:56:46 +00:00
David Shaw
f464dcef59 * filter.h, armor.c (armor_filter): Use the eol string from the armor
filter context instead of hardcoding '\n' or '\r\n'.  If no eol string is
provided, default to '\n' or '\r\n' as appropriate. (is_armor_header):
Trim tabs in armor header lines as well.

* keyserver.c (keyserver_spawn): Use it here to force '\n' line endings
since the keyserver output file gets a LF->CRLF expansion on win32.
2005-01-06 16:23:47 +00:00
David Shaw
299a250c94 * g10.c (main): Typo.
* armor.c (is_armor_header): Allow CR and LF (not just actual spaces) in
an armor header line (-----BEGIN etc).  This is needed due to CRLF issues
on win32.  As before, --openpgp makes it strict.
2005-01-06 04:44:38 +00:00
David Shaw
14ce45565d * Makefile.am: Use @LIBUSB@ instead of @LIBUSB_LIBS@
* import.c (delete_inv_parts): Comments on import-unusable-sigs.
2005-01-03 15:15:34 +00:00
David Shaw
fbee22ac0c * options.h, import.c (parse_import_options, delete_inv_parts): Add
import-unusable-sigs flag to enable importing unusable (currently:
expired) sigs.

* options.h, export.c (parse_export_options, do_export_stream): Add
export-unusable-sigs flag to enable exporting unusable (currently:
expired) sigs.
2005-01-01 21:21:11 +00:00
David Shaw
b37facc593 * packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info), keyid.c
(revokestr_from_pk), keyedit.c (show_key_with_all_names): Show who revoked
a key (either the same key or a designated revoker) and when.
2004-12-30 03:26:57 +00:00
Werner Koch
afe8ca4fbf (find_endpoint): New.
(scan_or_find_devices): Add new args to return endpoint info and
interface number.
(ccid_open_reader, ccid_shutdown_reader): Take care of these new
args.
(bulk_in, bulk_out): Use the correct endpoints.
(ccid_transceive_apdu_level): New.
(ccid_transceive): Divert to above.
(parse_ccid_descriptor): Allow APDU level exchange mode.
(do_close_reader): Pass the interface number to usb_release_interface.
2004-12-28 07:30:57 +00:00
David Shaw
783ec6dbb2 * keyserver.c (keyserver_typemap): Only map HTTP and FTP if libcurl has
specifically been selected to handle them.
2004-12-24 19:51:02 +00:00
David Shaw
f3c33b8768 * options.h, keyserver.c (parse_keyserver_uri): Properly parse auth data
from URLs and pass to keyserver helpers.
2004-12-22 18:09:41 +00:00
David Shaw
b96038387b * keyserver.c (keyserver_typemap): New. Map certain keyserver types to a
common type (e.g. ldaps -> ldap).  If we are building with curl, map both
http and ftp to curl.

* build-packet.c (build_sig_subpkt): Only allow one preferred keyserver
subpacket at a time.
2004-12-22 17:49:44 +00:00
David Shaw
b883e9642b * keyedit.c (menu_set_keyserver_url): Make sure we only operate on the
chosen selfsig so we don't accidentally promote an older selfsig to
chosen.  Discovered by Simon Josefsson and 'Todd'.

* keygen.c (ask_expire_interval): Fix typo.
2004-12-21 15:49:56 +00:00
David Shaw
8dcbbf98bb * keylist.c (list_keyblock_print): Secret key listings should always show
everything (expired UIDs, revoked subkeys, etc, etc).

* keyedit.c (keyedit_menu): Add additional help for the "sign" flags.
2004-12-21 04:19:03 +00:00
Werner Koch
29dd149778 (ask_expire_interval): For better translations chnage 2
strings.
2004-12-20 18:14:57 +00:00
Werner Koch
9e3526f236 * seckey-cert.c (do_check): Handle case when checksum was okay but
passphrase still wrong.  Roman Pavlik found such a case.

* mpicoder.c (mpi_read_from_buffer): Don't abort in case of an
invalid MPI but print a message and return NULL.  Use log_info and
not log_error.
2004-12-20 10:05:20 +00:00
David Shaw
07250279e7 * keyedit.c (keyedit_menu): Invisible alias "passwd" as "password".
* passphrase.c: Don't check for __CYGWIN__, so it is treated as a
unix-like system.

* options.h, g10.c (main), textfilter.c (standard): Use new option
--rfc2440-text to determine whether to filter "<space>\t\r\n" or just
"\r\n" before canonicalizing text line endings.  Default to
"<space>\t\r\n".
2004-12-20 05:19:09 +00:00
David Shaw
1e487ab1d6 * keygen.c (keygen_get_std_prefs): Set reference count when creating the
temporary user ID.

* keyedit.c (keyedit_menu): Merge updpref and setpref.  Keep updpref as an
invisible alias.  Add invisible alias for revphoto. Fix small memory leak
when using "setpref" (not all of the uid was freed). (menu_revkey):
Trigger a trust rebuild after revoking a key. Don't allow revoking an
already-revoked whole key. (menu_revsubkey): Don't allow revoking an
already-revoked subkey.
2004-12-19 05:20:07 +00:00
David Shaw
06c27b8a38 * keyedit.c (menu_revkey): Rename to menu_revsubkey. (menu_revkey): New.
Revoke a whole key. (keyedit_menu): Call it here for when 'revkey' is used
without any subkeys selected.  This is to be consistent with the other
functions which are "selected part if selected, whole key if not".
2004-12-19 04:30:16 +00:00
David Shaw
005b1d7960 Readline fix to be robust against platforms where readline has its own
dependencies.  We play guess-the-depedency for a while, and try termcap,
curses, and ncurses.
2004-12-18 22:23:49 +00:00
Werner Koch
74330a49ec * passphrase.c (agent_get_passphrase): Define NREAD locally as
size_t or int.

* keylist.c (list_keyblock_print): Make field width an int.
* keyedit.c (show_key_with_all_names): Ditto.
2004-12-17 18:51:32 +00:00
David Shaw
e79f2db8e4 * g10.c (main): Add --require-secmem/--no-require-secmem to cause gpg to
exit if it cannot lock memory.  Also remove --nrsign-key and --nrlsign-key
since this can better be done via --edit-key.

* secmem.c (secmem_init): Return a flag to indicate whether we got the
lock.

* memory.h: Return a flag to indicate whether we got the lock.
2004-12-16 05:16:09 +00:00
David Shaw
7a388529a3 * apdu.c (apdu_send_le, apdu_send_direct), keylist.c
(status_one_subpacket, print_one_subpacket): Fix some compiler warnings.

* g10.c (main): Fix --compression-algo to take a string argument like
--compress-algo.

* trustdb.c (uid_trust_string_fixed): For safety, check for a pk.
2004-12-15 05:16:53 +00:00
David Shaw
b120400413 * keyedit.c (keyedit_menu): Re-remove the N_() markers. 2004-12-14 14:50:15 +00:00
David Shaw
7dd3fe2a79 * trustdb.c (uid_trust_string_fixed): Show uids as revoked if the key is
revoked.

* keyedit.c (show_key_with_all_names): Don't show validity for secret key
UIDs.

* keyedit.c (parse_sign_type): New.  Figure out the flags (local,
nonrevoke, trust) for a signature. (keyedit_menu): Call it here so we can
mix and match flags, and don't need "nrltsign", "ltsign", "tnrsign", etc,
etc, etc.
2004-12-14 14:42:41 +00:00
Werner Koch
160eaf1874 automake updates, removed one debug output 2004-12-14 08:03:56 +00:00
Werner Koch
d0b9eff4b6 Prepared for last 1.4 release candidate 2004-12-14 07:49:27 +00:00
Werner Koch
1037420b76 (read_passphrase_from_fd): Fixed memory leak.
Noted by Andrei Darashenka.
2004-12-13 08:04:52 +00:00
David Shaw
4c2bacac99 * keyserver.c (parse_preferred_keyserver): Force preferred keyserver
subpackets to have a URI scheme specified.
2004-12-12 05:10:22 +00:00
David Shaw
bf5d013bc8 * options.h, g10.c (main), textfilter.c (standard): Use --rfc2440 or
--openpgp directly to determine the end of line hashing rule.

* trustdb.c (uid_trust_string_fixed): Show uids as expired if the key is
expired.
2004-12-11 04:47:33 +00:00
Werner Koch
5a37f0deab * app-openpgp.c (send_fprtime_if_not_null): New.
(do_getattr): Add KEY_TIME.
(do_learn_status): Print KEY_TIME.
* cardglue.c (learn_status_cb): Parse KEY-TIME.
* card-util.c (card_status): Print creation time if available.
2004-12-10 10:49:14 +00:00
David Shaw
1c334577f3 * options.h, g10.c (main), textfilter.c (len_without_trailing_ws): Removed
(not used). (standard): 2440 says that textmode hashes should canonicalize
line endings to CRLF and remove spaces and tabs.  2440bis-12 says to just
canonicalize to CRLF.  So, we default to the 2440bis-12 behavior, but
revert to the strict 2440 behavior if the user specifies --rfc2440.  In
practical terms this makes no difference to any signatures in the real
world except for a textmode detached signature.
2004-12-10 05:35:54 +00:00
Werner Koch
9e52cf2758 * passphrase.c (agent_get_passphrase): New args CUSTOM_PROMPT and
CUSTOM_DESCRIPTION. 	Changed all callers.

* app-openpgp.c (do_getattr, do_learn_status, do_setattr): Support
the new private DOs.
(do_change_pin): Add a "N" prefix to the strings so that the
callback can act accordingly for a new PIN.  Unfortunately this
breaks existing translations but I see no wother way to overvome
this.

* cardglue.c (learn_status_cb): Ditto.
(agent_release_card_info): Ditto.
(struct pin_cb_info_s): Removed and changed all users.
(pin_cb): Reworked.

* card-util.c (card_status): Print them
(card_edit): New command PRIVATEDO.
(change_private_do): New.
2004-12-09 16:57:30 +00:00
David Shaw
53ae360457 * keygen.c (ask_algo): Add a choose-your-own-capabilities option for DSA. 2004-12-09 15:49:47 +00:00
David Shaw
ea4d80b0a3 * keygen.c (ask_keysize): Change strings to always use %u instead of
hardcoding key sizes.  Bump default to 2048.  Bump minimum down to 512,
where possible, but require --expert to get there.  DSA is always 1024
unless --expert is given.
2004-12-07 17:58:35 +00:00
David Shaw
5dcc3dc353 * getkey.c (parse_key_usage): New function to parse out key usage flags.
Set PUBKEY_USAGE_UNKNOWN to handle flags that we don't understand.
(fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey): Call it from
here to remove duplicate code.
2004-11-29 21:21:52 +00:00
David Shaw
3ea642d8ae * export.c (do_export_stream): Allow export-minimal to work with secret
keys, even though a non-selfsig secret key signature is rare.
2004-11-26 16:48:05 +00:00
David Shaw
6dedf7a068 * options.h, export.c (parse_export_options, do_export_stream), import.c
(parse_import_options, import_keys_internal): Make the import-options and
export-options distinct since they can be mixed together as part of
keyserver-options.
2004-11-26 15:51:37 +00:00
David Shaw
9a70afe2b3 * options.h, export.c (parse_export_options, do_export_stream): Add
"export-minimal" option to disregard any sigs except selfsigs.
2004-11-25 03:58:42 +00:00
David Shaw
3d165c4ecf * trustdb.c (uid_trust_string_fixed): Use a string that can be atoi-ed,
but also has a comment for the translator.
2004-11-25 03:48:34 +00:00
David Shaw
04b715e4da * trustdb.h, trustdb.c (uid_trust_string_fixed): New. Return a fixed-size
translatable string similar to trust_value_to_string. This allows for
easier lining up of displays.

* keyedit.c (show_key_with_all_names), keylist.c (list_keyblock_print):
Use it here to print validity strings.

* gpgv.c: Stub.
2004-11-24 05:25:03 +00:00
Werner Koch
44289a4e68 (S_IRGRP) [HAVE_DOSISH_SYSTEM]: Define to 0. 2004-11-18 16:01:08 +00:00
Werner Koch
3220faf7f7 (open_info_file): New.
(main): Unconditionally implement --status-file, --logger-file,
--attribute-file, --passphrase-file, --command-file.  This is not
generally useful but easy to support and might make scripting
under Windows easier.
2004-11-17 16:04:21 +00:00
David Shaw
69ef25f8d6 * plaintext.c (handle_plaintext): Don't try and create a zero-length
filename when using --use-embedded-filename with input that has no
filename (clearsigned or message generated from a pipe).

* encode.c (encode_simple, encode_crypt), progress.c (handle_progress),
sign.c (write_plaintext_packet): Fix a few inconsistent calls (NULL
filename means a pipe here, so don't bother to check it twice).
2004-11-04 22:28:39 +00:00
David Shaw
c09b34fede * misc.c (print_digest_algo_note): The latest 2440bis drafts deprecates
MD5, so give a warning. (print_pubkey_algo_note, print_cipher_algo_note,
print_digest_algo_note): Give the algorithm name in the experimental algo
warning.
2004-11-03 20:35:28 +00:00
Timo Schulz
37ecd725e5 2004-11-03 Timo Schulz <twoaday@g10code.com>
* strgutil.c (w32_strerror): New.
        * ttyio.c (init_ttyfp, tty_printf, do_get): Use it here.
        * iobuf.c (fd_cache_open, file_filter): Likewise.
        (iobuf_seek, translate_file_handle): Likewise.
2004-11-03 20:03:46 +00:00
David Shaw
6ab8378c00 * skclist.c (build_sk_list): Don't need to warn about PGP-generated
Elgamal signing keys since we no longer support any Elgamal signing keys.

* sign.c (sign_file, clearsign_file): Use "writing to" instead of "writing
to file" to match other strings.

* pkclist.c (check_signatures_trust): Fix typo.  Noted by Moray Allan.
This is Debian bug #278708.

* passphrase.c (ask_passphrase, passphrase_to_dek): "password" ->
"passphrase".

* keyedit.c (show_key_with_all_names): Show designated revoker as part of
translatable string.
2004-10-28 22:09:09 +00:00
Werner Koch
41f46fb062 Inlcude LIBICONV 2004-10-28 18:57:50 +00:00
Werner Koch
66e627bdae About to release 1.3.92 2004-10-28 09:06:50 +00:00
David Shaw
f15e944b98 * card-util.c, delkey.c, keygen.c, plaintext.c, keyedit.c, passphrase.c,
revoke.c: Collapse the two different "can't do that in batch mode" strings
into one.
2004-10-28 03:57:30 +00:00
David Shaw
f5b7a72a48 * keylist.c (status_one_subpacket): New. Send the subpacket data to the
--status interface.

* card-util.c (card_edit): Show when admin is enabled or not.

* status.h, status.c: New STATUS_SIG_SUBPACKET type.

* build-packet.c (build_sig_subpkt): Multiple keyserver URLs are allowed.
2004-10-28 03:14:55 +00:00
David Shaw
d89c701acb * keyring.c: Make some strings translatable.
* exec.c, sign.c: Change "can't open file" to "can't open" and "can't
create file" to "can't create" to be consistent with other strings so we
don't have to translate both.
2004-10-28 02:14:06 +00:00
David Shaw
1976afce93 * delkey.c, export.c, keyedit.c, pkclist.c, revoke.c, skclist.c: Fix a few
missed possible \"username\" quotes.
2004-10-28 01:58:01 +00:00
Werner Koch
e939eb248d (verify_chv3): The minimum length for CHV3 is
8. Changed string to match the other ones.
2004-10-26 07:51:15 +00:00
Werner Koch
3060984dd1 (agent_send_all_options): Try to deduce the ttyname
from stdin.
2004-10-26 07:50:47 +00:00
David Shaw
65077adf83 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Rename
verify-option show-validity to show-uid-validity to match the similar
list-option.

* app-openpgp.c (verify_chv3): Fix typo.
2004-10-21 19:18:47 +00:00
Werner Koch
0ebf79c824 * configure.ac: Remove the check for asprintf
* app-common.h (app_openpgp_storekey: Add prototype.

* app-openpgp.c (do_sign): Replace asprintf by direct allocation.
This avoids problems with missing vasprintf implementations.

* card-util.c (generate_card_keys): Add a #warning for gnupg 1.9
and use the same string there.

* util.h [!HAVE_VASPRINTF]: Removed prototype.

* vasprintf.c: Removed. It was used only at one place and I don't
want to get into build problems in 1.4.
2004-10-21 16:56:22 +00:00
David Shaw
107e515aa9 * g10.c (parse_list_options): Fix non-constant initializer so we can build
with C89.
2004-10-21 01:10:49 +00:00
Werner Koch
27d06166d3 * apdu.c (apdu_open_reader): Load pcsc_get_status_change fucntion.
(pcsc_get_status): Implemented.
(reset_pcsc_reader): Implemented.
(open_pcsc_reader): Succeed even with no card inserted.
(open_ccid_reader): Set LAST_STATUS.

* iso7816.c (iso7816_select_application): Always use 0 for P1.
2004-10-20 09:39:56 +00:00
Werner Koch
ad3382bdc7 (agent_get_passphrase): Cast UIDLEN to int. Noted
by Christian Cornelssen.
2004-10-17 13:28:37 +00:00
David Shaw
b03a7a6f3b * parse-packet.c (parse_one_sig_subpkt, enum_sig_subpkt): Don't BUG() on
unknown subpackets.  Rather, just return them silently.
2004-10-16 22:48:20 +00:00
Werner Koch
c3a51cd17d * README: Mentioned --enable-selinux-support.
* status.h (STATUS_NEED_PASSPHRASE_PIN): New.
* status.c (get_status_string): Added.
* passphrase.c (ask_passphrase): Moved status printing to ..
* cardglue.c (pin_cb): .. here and issue new status message.

* keyedit.c (sign_uids): Don't include the leading LF in the
translatable string but print them separately.

* apdu.c (apdu_open_remote_reader) [_WIN32]: We don't have ENOSYS.
2004-10-15 13:16:58 +00:00
Werner Koch
5db236f4e7 * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): New.
(AUTOMAKE_OPTIONS): New.

* configure.ac: Check whether vasprintf needs a replacement.

* app-openpgp.c (parse_login_data): New.
(app_select_openpgp): Call it.
(do_setattr): Reparse it after change.

* Makefile.am: Add ksutil.h.
2004-10-15 09:55:39 +00:00
Werner Koch
450f0d770b * pkclist.c (do_edit_ownertrust): Add a note to translators.
* keygen.c (ask_user_id): Ditto.

* helptext.c: Typo fix.
2004-10-15 09:39:25 +00:00
Werner Koch
8b7cb60229 another s/unsigned char*/byte*/ 2004-10-14 20:47:56 +00:00
David Shaw
f13bba108a * keylist.c (list_keyblock_print): Show the fingerprint after the key, not
after the first user ID.

* keyedit.c (show_key_with_all_names): Don't show validity if we're just
printing user IDs for signing.

* armor.c (fake_packet): Properly handle the case where the line is
dash-space (i.e. a blank line that was quoted).  Give a warning for bad
dash escaping.
2004-10-14 20:13:16 +00:00
Werner Koch
f294ce2d8b * export.c (do_export_stream) [ENABLE_SELINUX_HACKS]: Don't allow
secret key export.
* import.c (import_secret_one) [ENABLE_SELINUX_HACKS]: Likewise
2004-10-14 10:48:15 +00:00
Werner Koch
35774ec568 * misc.c (is_secured_filename): New.
* keydb.c (maybe_create_keyring)
* tdbio.c (tdbio_set_dbname)
* plaintext.c (handle_plaintext)
* openfile.c (copy_options_file, open_outfile)
* exec.c (exec_write)
* keygen.c (do_generate_keypair, gen_card_key_with_backup)
* sign.c (sign_file, clearsign_file)
* keyring.c (create_tmp_file, do_copy): Check for secured files
before creating them.

* keygen.c (print_status_key_created): s/unsigned char/byte/ due
to a strange typedef for RISC OS.  Noted by Stefan.
2004-10-14 07:11:57 +00:00
David Shaw
0d6defc0da * armor.c (fake_packet): Allow arbitrary dash-escaped lines as per
2440bis-10.  This is bug #158.
2004-10-13 20:39:54 +00:00
David Shaw
5887f2fb26 * keyserver.c (keyserver_work): Handle keyserver timeouts. 2004-10-13 18:40:13 +00:00
Werner Koch
151ca81f1a Added SELInux hacks and did some cleanups. 2004-10-13 18:10:06 +00:00
David Shaw
9a4dc13d5e * pkclist.c (do_edit_ownertrust): Different prompt when we're using direct
trust since the meaning is different.

* keyedit.c (trustsig_prompt): Change the strings to match the ones in
pkclist.c:do_edit_ownertrust to make translation easier.

* trustdb.c (trust_model_string, get_validity): Add direct trust model
which applies to the key as a whole and not per-uid.

* options.h, g10.c (parse_trust_model): New. (main): Call it from here to
do string-to-trust-model.
2004-10-13 15:34:52 +00:00
Werner Koch
620ac79ebf * configure.ac: Actually name the option --disable-finger and not
http.

* openfile.c (overwrite_filep, make_outfile_name, open_outfile)
(open_sigfile): Use iobuf_is_pipe_filename to check for pipes so
that special filesnames are taken into account. This is bug 327.
* tdbdump.c (import_ownertrust): Ditto.
* sign.c (write_plaintext_packet): Ditto.
* progress.c (handle_progress): Ditto.
* plaintext.c (handle_plaintext): Ditto.
* encode.c (encode_simple, encode_crypt): Ditto.

* iobuf.c (iobuf_is_pipe_filename): New.
* fileutil.c (is_file_compressed): Use it here.
2004-10-13 09:59:46 +00:00
Werner Koch
690aa956f1 * keygen.c (read_parameter_file): New keyword "Handle". This is
bug 287.
	(print_status_key_not_created): New.
	(print_status_key_created): Add new arg HANDLE.
	(do_generate_keypair): Print not created status.
	* status.c, tatus.h (STATUS_KEY_NOT_CREATED): New.
2004-10-13 07:10:51 +00:00
Werner Koch
ca6dcb7258 (read_parameter_file): Changed to use iobuf based file
reading to allow the special file name feature to work.
2004-10-12 16:41:17 +00:00
David Shaw
bf079613b7 * pkclist.c (do_edit_ownertrust): Use the same translated string for
showing the user ID as mainproc.c:print_pkenc_list.

* mainproc.c (print_pkenc_list): Allow translating the quotes around the
user ID.

* card-util.c, g10.c, photoid.c, trustdb.c: The last of the \"%s\" -> `%s'
quoting for things that aren't user IDs.

* keyserver.c (keyserver_spawn): If there is no keyserver host, print the
whole URI since it is self-contained.
2004-10-11 21:08:37 +00:00
Werner Koch
5bdb171026 * configure.ac: New option --disable-finger.
* keyserver.c (keyserver_spawn): Print an empty string in log_info
if the host is not set (e.g. finger).

* gpgkeys_finger.c: New.
2004-10-11 08:44:35 +00:00
David Shaw
f3687f6b6c * card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, keygen.c,
photoid.c, revoke.c: Some yes-or-no prompts end in "(y/n)".  Some don't.
Consistently use y/n everywhere.
2004-10-10 15:27:14 +00:00
David Shaw
d41e6455a3 * keygen.c (ask_key_flags): New. (ask_algo): Call it here in --expert mode
so we don't need to specify each possible variation of RSA capabilities.
2004-10-10 14:33:37 +00:00
David Shaw
aa50dcff2f * keygen.c (do_add_key_flags): The spec says that all primary keys MUST be
able to certify.  Force the certify flag on for primaries (and off for
subkeys).
2004-10-10 14:19:39 +00:00
David Shaw
65ec9772a7 * keygen.c (generate_keypair): Fix generating keys with the auth flag. 2004-10-10 13:13:47 +00:00