1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

1240 Commits

Author SHA1 Message Date
David Shaw
28c7223d13 * parse-packet.c (parse_marker): New. Enforce that the marker
contains 'P', 'G', 'P', and nothing but.  (parse): Call it here.
(skip_packet): No longer need to handle marker packets here.
2007-04-04 04:00:20 +00:00
David Shaw
994ab24b4b * keyserver.c: Windows Vista doesn't grok X_OK and so fails access()
tests.  Previous versions interpreted X_OK as F_OK anyway, so we'll
just use F_OK directly.
2007-03-14 13:15:50 +00:00
Werner Koch
7b3e35a24c Add extra fflush (stdout) 2007-03-08 12:13:15 +00:00
David Shaw
57591eb76f * keyedit.c (keyedit_menu): If we modify the keyblock (via
fix_keyblock() or collapse_uids()) make sure we reprocess the keyblock
so the flags are correct.  Noted by Robin H. Johnson.

* getkey.c (fixup_uidnode): Properly clear flags that don't apply to
us (revoked, expired) so that we can reprocess a uid.
2007-03-06 06:39:38 +00:00
Werner Koch
7cb81bb3ef Preparing 1.4.7 2007-03-05 10:22:56 +00:00
David Shaw
6b086c1fe3 * parse-packet.c (parse_signature): It's hex.
* getkey.c (merge_selfsigs_subkey): Avoid listing the contents of a
backsig when list mode is on.  Noted by Timo Schulz.
2007-02-14 03:41:24 +00:00
Werner Koch
b4f553c1ca Fix for Debian bug 402592 2007-02-04 17:20:24 +00:00
David Shaw
e0dbc52cfc Missed one caller. 2007-02-01 20:51:15 +00:00
David Shaw
ef8f2e2f6f * main.h, keygen.c (ask_expire_interval, parse_expire_string): Pass in
the time to use to calculate the expiration offset, rather than
querying it internally.  Change all callers.
2007-02-01 19:32:16 +00:00
David Shaw
ef9e1b5fbc * keygen.c (do_generate_keypair, proc_parameter_file,
generate_keypair, generate_subkeypair): Pass a timestamp through to
all the gen_xxx functions.
2007-01-31 21:39:26 +00:00
David Shaw
9f3af9e24d * keyedit.c (sign_uids): Another multiple to single timestamp
operation.
2007-01-31 20:44:48 +00:00
David Shaw
5b34e0264e * sign.c (write_plaintext_packet): Take timestamp from outside.
Change all callers.  (sign_file, clearsign_file,
sign_symencrypt_file): Calculate one timestamp for the whole
transaction.  Different timestamps for each step can leak performance
information.
2007-01-31 20:23:45 +00:00
David Shaw
efef00aed3 * main.h, keygen.c (ask_expiredate), keyedit.c (menu_expire): Remove
the need for ask_expiredate().
2007-01-31 19:42:48 +00:00
David Shaw
e2fdff56fc * keygen.c (make_backsig, write_direct_sig, write_selfsigs)
(write_keybinding): Have the various selfsigs created during key
generation use the timestamp of their parent key.  This helps avoid
leaking information about the performance of the machine where the
keys were generated.  Noted by Christian Danner.
2007-01-30 21:19:45 +00:00
Werner Koch
9e4a5071a6 * parse-packet.c (read_protected_v3_mpi): Make sure to stop
reading even for corrupted packets.
	* keygen.c (generate_user_id): Need to allocate one byte more.
	Reported by Felix von Leitner.
2007-01-15 19:30:33 +00:00
David Shaw
68ea16cbfc * options.skel: Tweak some examples to match reality and update the
RFC for CERT now that it is out of draft.
2006-12-15 04:37:47 +00:00
David Shaw
ea5397943a * Makefile.am: Install options.skel via dist_pkgdata_DATA so that
"make uninstall" works properly.
2006-12-13 21:41:37 +00:00
Werner Koch
e810efc76f Removed references to removed g10defs.h file. 2006-12-13 12:09:44 +00:00
Werner Koch
9f433cccca Removed the use of g10defs.h.
This required some code cleanups and the introduction of
a few accessor ducntions in mpi.
2006-12-11 19:54:53 +00:00
Werner Koch
abfdbea116 /
* configure.ac: Remove GNUPG_DATADIR for non-W32 systems.
g10/
	* Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR.
	* openfile.c (copy_options_file): Use log_info and not log_error
	to avoid error returns in case of a missing skeleton file.
2006-12-07 11:33:24 +00:00
Werner Koch
d8ff6704c8 Preparing a release 2006-12-06 09:52:40 +00:00
David Shaw
cfa0b50dc0 * keyedit.c (menu_clean): Show "already minimized" rather than
"already clean" when a minimized key is minimized again.  From Dirk
Traulsen.
2006-12-03 06:26:12 +00:00
David Shaw
e0cd2d31a1 * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add
--passphrase-repeat option to control how many times gpg will
re-prompt for a passphrase to ensure the user has typed it correctly.
Defaults to 1.
2006-12-03 04:38:53 +00:00
Werner Koch
e1829a3d52 * openfile.c (ask_outfile_name): Fixed buffer overflow occurring
if make_printable_string returns a longer string.  Fixes bug 728.
2006-11-27 16:40:14 +00:00
David Shaw
55df654ea8 Missing changelog entry 2006-11-06 04:07:33 +00:00
Werner Koch
31cf39791e New command --gpgconf-test. 2006-10-23 14:21:41 +00:00
David Shaw
4e07a84cb9 * parse-packet.c (parse_symkeyenc): Show the unpacked as well as the
packed s2k iteration count.
	
* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.
2006-10-13 03:44:34 +00:00
David Shaw
6174275c39 * keyserver.c (keyserver_spawn): Write the 16-digit keyid rather than
whatever key selector the user used on the command line.
2006-10-06 05:46:07 +00:00
Werner Koch
7925e747d0 fix for bug 537 and documentation fixes. 2006-10-02 13:22:27 +00:00
Werner Koch
29f68725d0 Allow to build w/o curl. 2006-09-26 14:15:17 +00:00
Werner Koch
ab1d0ca711 Preparing 1.4.5 2006-08-01 11:20:18 +00:00
Werner Koch
fede32ebd7 Fix bug 655 2006-07-31 11:40:14 +00:00
Werner Koch
064a4a6240 Fixed bug 479. Not a real good fix but a reliable one which limits possible
breakage of other partys of the code.
2006-07-31 10:16:33 +00:00
Werner Koch
f19e8892a2 Preparing a release candidate 2006-07-28 09:52:11 +00:00
Werner Koch
ccd5fc4758 Fixed memory allocation bug and typos. 2006-07-26 11:25:36 +00:00
David Shaw
975da08004 * configure.ac: Fix resolver autoconf code so it works (fails)
properly with uClibc.
2006-07-08 23:29:25 +00:00
Werner Koch
d91c7a06ff i18n fix 2006-06-28 19:33:14 +00:00
David Shaw
cb117d7457 * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): Pass a
union for preference hints rather than doing void * games.

* sign.c (sign_file): Use it here.
2006-06-28 17:54:35 +00:00
David Shaw
2a31983ef8 * sign.c (sign_file): When signing with multiple DSA keys, one being DSA1
and one being DSA2 and encrypting at the same time, if the recipient
preferences give a hash that can work with the DSA2 key, then allow the
DSA1 key to be promoted rather than giving up and using hash_for().
2006-06-28 17:12:55 +00:00
David Shaw
7c457fac67 * pkclist.c (algo_available): Automatically enable DSA2 mode when handling
a key that clearly isn't DSA1 (i.e. q!=160).
2006-06-28 15:26:05 +00:00
Werner Koch
23380119ee Fixed uploading of keays. 2006-06-28 09:37:42 +00:00
Werner Koch
e0af7eb379 do no use reopen_std under W32. 2006-06-27 08:40:23 +00:00
Werner Koch
a3883eb71d About to do a new release 2006-06-25 12:03:38 +00:00
David Shaw
00db922029 * options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs,
keygen_add_std_prefs, proc_parameter_file): Add --default-keyserver-url to
specify a keyserver URL at key generation time, and "Keyserver:" keyword
for doing the same through a batch file.
2006-06-22 22:56:54 +00:00
David Shaw
059c67ca6d * sign.c (do_sign): Accept a truncated hash even for DSA1 keys (be liberal
in what you accept, etc).
2006-06-22 19:17:21 +00:00
David Shaw
4f7b459a96 * import.c (import_one): Add a flag (from_sk) so we don't check prefs
on an autoconverted public key.  The check should only happen on the
sk size.  Noted by Dirk Traulsen.
2006-06-12 12:05:34 +00:00
David Shaw
7211ee589a * keygen.c (gen_card_key): Add optional argument to return a pointer
(not a copy) of the stub secret key for the secret key we just
generated on the card.  (generate_card_subkeypair): Use it here so
that the signing key on the card can use the card to generate the 0x19
backsig on the primary key.  Noted by Janko Heilgeist and Jonas Oberg.
2006-06-10 04:11:05 +00:00
David Shaw
91dbfce3b7 * parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
This prevents a memory allocation attack with a very large user ID.  A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number.  Noted by Evgeny Legerov on full-disclosure.
2006-06-09 19:45:19 +00:00
David Shaw
49c31957f0 Revert last. It is still wrong. 2006-05-27 02:07:05 +00:00
David Shaw
b9c2f44336 * exec.c (make_tempdir) [_WIN32]: Modified to properly handle
arbitrarily long temporary directory paths.
2006-05-27 01:38:54 +00:00
David Shaw
05a2a2f39a * keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
1024 when --enable-dsa2 is set).  The size of q is set automatically based
on the key size. (ask_keysize, generate_keypair): Ask for DSA size when
--enable-dsa2 is set.
2006-05-25 19:39:03 +00:00
David Shaw
5cef0cac5a * exec.c (make_tempdir): Fix bug with a temporary directory on Win32
that is over 256 bytes long.  Noted by Israel G. Lugo.
2006-05-25 03:02:51 +00:00
David Shaw
782a70e522 * gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
called with them closed.  This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds.  Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.
2006-05-23 22:04:09 +00:00
David Shaw
197c7a3e47 * parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
(build_sig_subpkt_from_sig), getkey.c (fixup_uidnode,
merge_selfsigs_main, merge_selfsigs_subkey), keygen.c
(keygen_add_key_expire): Fix meaning of key expiration and sig
expiration subpackets - zero means "never expire" according to 2440,
not "expire instantly".
2006-05-23 03:58:53 +00:00
David Shaw
3bee120e15 * import.c (import_one): Fix bug when importing a new key from a file. 2006-05-22 21:38:13 +00:00
David Shaw
7596ae1f6a * getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
problem when auto-key-locate returns a list of keys, not all of which are
usable (revoked, expired, etc).  Noted by Simon Josefsson.
2006-05-22 16:53:09 +00:00
David Shaw
bc81ce601f (keyserver_import_cert): Show warning if there is a CERT fingerprint,
but no --keyserver set.
2006-04-27 03:38:56 +00:00
David Shaw
034937c6d1 * keyserver.c (path_makes_direct): New. (keyserver_spawn): Used here
to add "_uri" to certain gpgkeys_xxx helpers when the meaning is
different if a path is provided (i.e. ldap).
2006-04-27 03:14:17 +00:00
David Shaw
19c353232e * keyserver.c: Fix build problem with platforms that stick libcurl in
a place not in the regular include search path.
2006-04-22 14:15:50 +00:00
David Shaw
0f1c0a9f28 * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
to disable.

* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.

* sign.c (match_dsa_hash): New.  Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set.  q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.
2006-04-20 21:32:42 +00:00
David Shaw
99b1f3e1da * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
SHA-224.

* sign.c (write_plaintext_packet), encode.c (encode_simple): Factor
common literal packet setup code from here, to...

* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the
literal packet filename field is UTF-8 encoded.

* options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded
and note when filenames are already UTF-8.
2006-04-20 02:36:05 +00:00
David Shaw
36ce455f15 * keyedit.c (menu_backsign): Give some more verbose errors when we
have no need to backsign.
2006-04-19 04:29:31 +00:00
David Shaw
27bb89d687 * options.skel, photoid.c (get_default_photo_command): Find an image
viewer at runtime.  Seems FC5 doesn't have xloadimage.
2006-04-11 19:20:08 +00:00
David Shaw
51e88a5fdb * getkey.c (parse_auto_key_locate): Fix dupe-removal code.
* keyedit.c (menu_backsign): Allow backsigning even if the secret
subkey doesn't have a binding signature.

* armor.c (radix64_read): Don't report EOF when reading only a pad (=)
character.  The EOF actually starts after the pad.

* gpg.c (main): Make --export, --send-keys, --recv-keys,
--refresh-keys, and --fetch-keys follow their arguments from left to
right.  Suggested by Peter Palfrader.
2006-04-09 03:34:09 +00:00
Werner Koch
4fdc6387c3 Fixed segv 2006-04-08 01:23:23 +00:00
Werner Koch
e5a03c84f7 See ChangeLog 2006-04-08 00:36:51 +00:00
Werner Koch
256f67675f About to release 1.4.3 2006-04-03 10:13:23 +00:00
David Shaw
4afa4eb10e * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.
Fix strings to not start with a capital letter as per convention.
2006-04-01 02:47:53 +00:00
David Shaw
66965ccc29 Update copyright 2006-03-30 23:55:45 +00:00
David Shaw
92e1528bf2 * main.h, seskey.c (encode_md_value): Modify to allow a q size greater
than 160 bits as per DSA2.  This will allow us to verify and issue DSA2
signatures for some backwards compatibility once we start generating DSA2
keys.
* sign.c (do_sign), sig-check.c (do_check): Change all callers.

* sign.c (do_sign): Enforce the 160-bit check for new signatures here
since encode_md_value can handle non-160-bit digests now. This will need
to come out once the standard for DSA2 is firmed up.
2006-03-30 19:20:59 +00:00
David Shaw
97b0606a95 * getkey.c (parse_auto_key_locate): Silently strip out duplicates rather
than causing an error.
2006-03-22 23:05:32 +00:00
Werner Koch
ac46433052 Changed URLs 2006-03-22 16:43:59 +00:00
David Shaw
5531da1cfc * mainproc.c (get_pka_address): Fix bug introduced as part of
sig_to_notation conversion.  Noted by Peter Palfradrer.
2006-03-22 14:37:53 +00:00
Werner Koch
7f99c71839 Allow for rmd160 signatures when using gpg-agent. 2006-03-21 13:01:45 +00:00
David Shaw
3cfc77097d * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
both the fingerprint alone, and fingerprint+URL cases.

* getkey.c (get_pubkey_byname): Minor cleanup.
2006-03-17 05:20:13 +00:00
David Shaw
e0ad2bda52 * cert.c (get_cert): Handle the fixed IPGP type with fingerprint. 2006-03-16 22:40:04 +00:00
David Shaw
9f524c4a04 * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
same API as the other auto-key-locate fetchers.

* getkey.c (get_pubkey_byname): Use the fingerprint of the key that we
actually fetched.  This helps prevent problems where the key that we
fetched doesn't have the same name that we used to fetch it.  In the
case of CERT and PKA, this is an actual security requirement as the
URL might point to a key put in by an attacker.  By forcing the use of
the fingerprint, we won't use the attacker's key here.
2006-03-14 03:16:21 +00:00
David Shaw
b478ce7a79 * keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keyserver_import_cert, keyserver_import_name, keyserver_import_ldap):
Pass fingerprint info through.
2006-03-14 02:42:02 +00:00
David Shaw
671ec45001 * main.h, import.c (import_one): Optionally return the fingerprint of
the key being imported.  (import_keys_internal, import_keys_stream,
import): Change all callers.
2006-03-14 02:23:00 +00:00
David Shaw
7e3ba27aef * sig-check.c (signature_check2): Print the backsig warning when there
is no backsig present.  Give a URL for more information.

* keyedit.c (menu_backsign): Small tweak to work properly with keys
originally generated with older GnuPGs that included comments in the
secret keys.
2006-03-12 15:33:57 +00:00
David Shaw
e914311608 * build-packet.c (string_to_notation): Add ability to indicate a notation
to be deleted with a '-' prefix.

* keyedit.c (menu_set_notation): Use it here to allow deleting a notation
marked with '-'.  This works with either "-notation" or "-notation=value".
2006-03-09 19:43:29 +00:00
Werner Koch
cf10c31a3f Preparing for an RC23 2006-03-09 12:45:02 +00:00
David Shaw
d810409068 * keyedit.c (menu_set_notation): New function to set notations on
self-signatures.  (keyedit_menu): Call it here.
(tty_print_notations): Helper.  (show_prefs): Show notations in
"showpref".
2006-03-09 03:49:39 +00:00
David Shaw
5460153264 * mainproc.c (get_pka_address), keylist.c (show_notation): Remove
duplicate code by using notation functions.
2006-03-09 03:35:26 +00:00
David Shaw
0f7b4371b2 * packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Provide printable text for non-human-readable
notation values.
2006-03-09 01:15:18 +00:00
David Shaw
889c4afd78 * packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Tweak to handle non-human-readable notation
values.
2006-03-08 23:42:45 +00:00
David Shaw
4fea8fdbbb * options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data):
Use it here for the various notation commands.

* packet.h, main.h, keygen.c (keygen_add_notations), build-packet.c
(string_to_notation, sig_to_notation) (free_notation): New "one stop
shopping" functions to handle notations and start removing some code
duplication.
2006-03-08 23:30:12 +00:00
David Shaw
90d8377276 * options.h, mainproc.c (check_sig_and_print), gpg.c (main):
pka-lookups, not pka-lookup.

* options.h, gpg.c (main), keyedit.c [cmds], sig-check.c
(signature_check2): Rename "backsign" to "cross-certify" as a more
accurate name.
2006-03-08 02:40:42 +00:00
David Shaw
4f9efb7a79 * options.h, gpg.c (main, parse_trust_model), pkclist.c
(check_signatures_trust), mainproc.c (check_sig_and_print,
pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so that it
is a verify-option now.
2006-03-07 20:14:20 +00:00
Werner Koch
4aeb4d4b10 More tests added; make distcheck works 2006-03-07 11:05:41 +00:00
David Shaw
764b3f9395 * sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
is not a PGP 2.x algorithm.
2006-03-07 01:16:31 +00:00
David Shaw
5d2060e211 * mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
algorithm.
2006-03-06 23:14:13 +00:00
Werner Koch
3e08d87168 Stricter test of allowed signature packet compositions.
There is still one problem to solve.
2006-03-06 21:28:25 +00:00
Werner Koch
a200f76dcf Fixed problem with PGP2 style signatures and mutilple plaintext data 2006-03-06 12:28:46 +00:00
Werner Koch
09203be1c6 Replaced an assert and fixed batch mode issue in cardglue. 2006-03-05 15:13:18 +00:00
David Shaw
78904c691c * getkey.c (parse_auto_key_locate): Error if the user selects "cert" or
"pka" when those features are disabled.

* misc.c (has_invalid_email_chars): Fix some C syntax that broke the
compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha.  Noted by Nelson H.
F. Beebe.
2006-03-01 18:16:55 +00:00
David Shaw
4b67ecabcf * options.skel: Document auto-key-locate and give a pointer to Simon
Josefsson's page for CERT.
2006-02-27 19:31:13 +00:00
David Shaw
f4f5ea43e7 * keydb.h, getkey.c (release_akl), gpg.c (main): Add
--no-auto-key-locate.

* options.h, gpg.c (main): Keep track of each keyserver registered so
we can match on them later.

* keyserver-internal.h, keyserver.c (cmp_keyserver_spec,
keyserver_match), gpgv.c: New.  Find a keyserver that matches ours and
return its spec.

* getkey.c (get_pubkey_byname): Use it here to get the per-keyserver
options from an earlier keyserver.
2006-02-24 14:27:22 +00:00
David Shaw
4139587267 * keyserver.c (parse_keyserver_options): Only change max_cert if it is
used.
2006-02-24 03:57:11 +00:00
David Shaw
624f3582ba * options.c, gpg.c (main), keyserver.c (keyserver_spawn): No special
treatment of include-revoked, include-subkeys, and try-dns-srv.  These are
keyserver features, and GPG shouldn't get involved here.
2006-02-23 22:39:40 +00:00
David Shaw
09e3b78ea2 * keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
options to the list, as ordering may be significant to the user.
2006-02-23 20:54:30 +00:00
David Shaw
1736866b5b * gpg.c (add_notation_data): Fix reversed logic for isascii check when
adding notations.  Noted by Christian Biere.
2006-02-23 19:52:20 +00:00
David Shaw
c37453211c * options.h, keyserver.c (add_canonical_option): New.
(parse_keyserver_options): Moved from here. (parse_keyserver_uri): Use it
here so each keyserver can have some private options in addition to the
main keyserver-options (e.g. per-keyserver auth).
2006-02-23 17:00:02 +00:00
David Shaw
1ae024ef81 * options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
getkey.c (free_akl, parse_auto_key_locate, get_pubkey_byname): The obvious
next step: allow arbitrary keyservers in the auto-key-locate list.
2006-02-22 23:37:23 +00:00
David Shaw
305288b5f5 * options.h, keyserver.c (parse_keyserver_options): Remove
auto-cert-retrieve as it is no longer meaningful.  Add max-cert-size to
allow users to pick a max key size retrieved via CERT.
2006-02-22 20:34:48 +00:00
David Shaw
477defdb1b * options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
(keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be
consistent with honor-keyserver-url.
2006-02-22 20:20:58 +00:00
David Shaw
7eab1846ca * options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):
Parse a list of key access methods. (get_pubkey_byname): Walk the list
here to try and retrieve keys we don't have locally.
2006-02-22 19:06:23 +00:00
David Shaw
d038b36c8f * getkey.c (get_pubkey_byname): Fix minor security problem with PKA when
importing at -r time.  The URL in the PKA record may point to a key put in
by an attacker.  Fix is to use the fingerprint from the PKA record as the
recipient.  This ensures that the PKA record is followed.

* keyserver-internal.h, keyserver.c (keyserver_import_pka): Return the
fingerprint we requested.
2006-02-21 22:23:35 +00:00
David Shaw
0eb4e93bd4 * gpgv.c: Stub keyserver_import_ldap.
* keyserver-internal.h, keyserver.c (keyserver_import_ldap): Import using
the PGP Universal trick of asking ldap://keys.(maildomain) for the key.
2006-02-21 16:09:09 +00:00
David Shaw
8a1bd087fc * keyserver.c (parse_keyserver_uri): Include the scheme in the uri
even when we've assumed "hkp" when there was no scheme.
2006-02-21 05:20:08 +00:00
Werner Koch
b121d029b5 about to release 1.4.3rc1 2006-02-14 16:28:34 +00:00
Werner Koch
966cd80d88 Fixed a wrong return code with gpg --verify 2006-02-14 10:17:57 +00:00
Werner Koch
2410941461 Lock random seed file 2006-02-09 12:54:41 +00:00
Werner Koch
af67c98ee9 Fixed a couple of problems 2006-02-08 17:55:20 +00:00
Werner Koch
4f34366389 Add support fro CardMan 4040 2006-02-06 16:34:20 +00:00
David Shaw
214a3a646e * keyserver.c (parse_keyserver_uri): If there is a path present, set the
direct_uri flag so the right keyserver helper is run.
2006-01-24 21:03:06 +00:00
David Shaw
4ff7d09040 * keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
keyserver helpers on systems that use extensions.

* misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing with
drive letter systems.
2006-01-22 21:40:20 +00:00
David Shaw
dbe415ea61 * keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
passphrase as if it was used (move from next_pw to last_pw).

* pubkey-enc.c (get_session_key): Use it here to handle the case where a
passphrase happens to be correct for a secret key, but yet that key isn't
the anonymous recipient (i.e. the secret key could be decrypted, but not
the session key).  This also handles the case where a secret key is
located on a card and a secret key with no passphrase.  Note this does not
fix bug 594 (anonymous recipients on smartcard do not work) - it just
prevents the anonymous search from stopping when the card is encountered.
2006-01-17 20:55:53 +00:00
David Shaw
7b978efef8 * keyserver.c (keyserver_refresh): Fix problem when more than one key
in a refresh batch has a preferred keyserver set.  Noted by Nicolas
Rachinsky.
2006-01-07 21:04:13 +00:00
David Shaw
1315171b07 * mainproc.c (check_sig_and_print), keyserver.c
(keyserver_import_pka), card-util.c (fetch_url): Always require a
scheme:// for keyserver URLs except when used as part of the
--keyserver command for backwards compatibility.
2006-01-01 18:12:57 +00:00
David Shaw
5bce704dd3 * sign.c (write_signature_packets): Lost a digest_algo line. 2006-01-01 17:59:57 +00:00
David Shaw
cbc5c947d5 * sign.c (hash_for): Add code to detect if the sk lives on a smart
card.  If it does, only allow 160-bit hashes, a la DSA.  This involves
passing the *sk in, so change all callers.  This is correct for today,
given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160
support in the openpgp card.  It will almost certainly need changing
down the road.

* app-openpgp.c (do_sign): Give user error if hash algorithm is not
supported by the card.
2006-01-01 17:48:54 +00:00
David Shaw
846eefaa71 * keyserver.c (keyserver_import_pka): New. Moved from
getkey.c:get_pubkey_byname which was getting crowded.

* keyserver.c (keyserver_import_cert): Import a key found in DNS via CERT
records.  Can handle both the PGP (actual key) and IPGP (URL) CERT types.

* getkey.c (get_pubkey_byname): Call them both here.

* options.h, keyserver.c (parse_keyserver_options): Add
"auto-cert-retrieve" option with optional max size argument.
2005-12-23 22:17:11 +00:00
David Shaw
8b9c16ed0a * gpgv.c: Stub.
* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keygerver_getname): New keyserver_getname function to fetch keys by name.

* getkey.c (get_pubkey_byname): Call it here to enable locating keys by
full mailbox from a keyserver a la PKA.  Try PKA first, though, as it is
likely to be faster.
2005-12-23 21:33:32 +00:00
Werner Koch
f1482aab4e Finished PKA feature 2005-12-20 20:19:16 +00:00
David Shaw
64fa7ea37e * getkey.c (merge_selfsigs_main): All primary keys can certify. 2005-12-19 22:10:20 +00:00
David Shaw
aebd3a04f3 * gpg.c (main): Restore convert-sk-to-pk as programs rely on it.
* keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT flag.
It's no longer needed.
2005-12-19 01:51:31 +00:00
David Shaw
26eeebf512 * gpg.c (main): Don't default to import-options convert-sk-to-pk. It
causes confusing warning messages when importing a PGP-exported key
that contains a secret key without selfsigs followed by the public
key.
2005-12-14 14:52:04 +00:00
David Shaw
735257ee1c * keyserver.c (keyserver_fetch): Switch on fast-import before we
--fetch-keys so we don't rebuild the trustdb after each fetch.
2005-12-08 15:37:26 +00:00
Werner Koch
0edfbba804 Made strings translatable. Minor fixes. 2005-12-08 07:42:41 +00:00
David Shaw
1d051e8ed5 * options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
keyserver_fetch): Set a flag to indicate that we're doing a direct URI
fetch so we can differentiate between a keyserver operation and a URI
fetch for protocols like LDAP that can do either.
2005-12-08 05:52:41 +00:00
David Shaw
05193a2705 * keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
when fetching a URI.

* keyserver-internal.h, keyserver.c (keyserver_fetch): New.  Fetch an
arbitrary URI using the keyserver helpers.

* gpg.c (main): Call it from here for --fetch-keys.
2005-12-07 22:34:11 +00:00
David Shaw
bc1c4af8c3 Some cleanup so we don't build files that are completely ifdeffed out.
This causes a warning on Sun's cc.  Do the internal regex code as well for
consistency.
2005-12-06 20:54:05 +00:00
David Shaw
28c12508c5 * main.h, keylist.c (print_revokers): New. Print the "rvk" designated
revoker record.  Moved from keyedit.c:show_key_with_all_names_colon.

* keylist.c (list_keyblock_colon): Use it here ...

* keyedit.c (show_key_with_all_names_colon): ... and here.
2005-11-20 15:02:03 +00:00
David Shaw
f7c138d9e7 * free-packet.c (copy_secret_key): Copy secret key into secure memory
since we may unprotect it.

* main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local user
support so users can use -u with --desig-revoke.  This bypasses the
interactive walk over the revocation keys.
2005-11-19 05:55:45 +00:00
David Shaw
eac8dbc9b7 * keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just
"clean", and add "minimize".

* import.c (parse_import_options): Make help text match the export
versions of the options.

* options.h, export.c (parse_export_options, do_export_stream): Reduce
clean options to two: clean and minimize.

* trustdb.h, trustdb.c (clean_one_uid): New function that joins uid
and sig cleaning into one for a simple API outside trustdb.
2005-11-18 04:25:07 +00:00
David Shaw
9d49768999 * armor.c (parse_header_line): A fussy bit of 2440: header lines are
delimited with a colon-space pair.  Therefore a line such as "Comment:
" is actually legal, albeit not particularly useful.
2005-11-13 21:48:52 +00:00
David Shaw
40b9d5648d * trustdb.h, trustdb.c (clean_key): New function to handle key
cleaning from one convenient place.

* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Reduce clean options to two: clean and minimize.

* parse-packet.c (setup_user_id): Remove.  (parse_user_id,
parse_attribute): Just use xmalloc_clear instead.
2005-11-12 04:53:03 +00:00
David Shaw
fe30a112fb * trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly
simpler implementation.
2005-11-12 03:48:02 +00:00
David Shaw
a81633ca7d * keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize"
command.
2005-11-10 23:25:20 +00:00
David Shaw
843d5719e7 * packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c
(clean_uids_from_key): Fix display bug where sigs cleaned for other
reasons caused a uid to appear as if it had been compacted.
2005-11-10 23:16:34 +00:00
David Shaw
ce1ce8910e * packet.h: Move some flags to a bitfield. Change all callers. 2005-11-10 22:50:46 +00:00
David Shaw
477ded81a4 * options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Add import-minimal option. Similar to export-minimal, except
it works on the way in.
2005-11-10 21:30:27 +00:00
David Shaw
debc169f88 * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
non-selfsigs from key during cleaning.  Change all callers.

* export.c (do_export_stream): Use it here so we don't need additional
minimize code in the export path.
2005-11-10 21:18:49 +00:00
David Shaw
11c7699c45 * options.skel: Add a section for --encrypt-to. This is Debian bug
336211 by Javier Fernández-Sanguino Peña.
2005-11-06 15:45:00 +00:00
David Shaw
f48ef0f1f0 * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. Strictly
speaking this should be only in gpg_CPPFLAGS, but then we have to
compile everything twice for gpg and gpgv.

* apdu.c (open_pcsc_reader): Fix double free.

* gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X
location.  Suggested by Patty A. Hardy.
2005-11-06 04:32:54 +00:00
David Shaw
4e27a9f5da * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in
the sigs that are cleaned.  Suggested by Dirk Traulsen and many others.
2005-11-02 16:47:02 +00:00
David Shaw
19de04694e * import.c (import_one): Do collapse_uids() before we do any cleaning
so keyserver mangled keys with doubled user IDs can be properly
cleaned - possibly sigs on the different user IDs cancel each other
out.

* import.c (parse_import_options), export.c (parse_export_options):
List "xxx-clean" before the longer options so we don't end up with a
partial match on the longer options.

* trustdb.c (clean_uids_from_key): Return proper number of cleaned
user IDs.  Don't count user IDs as cleaned unless we actually delete
something.
2005-11-02 05:22:01 +00:00
David Shaw
b3ea683ac9 * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
adding a cert-only designated revoker.  Code was looking for a key with
sign ability, and not cert ability.  Noted by Timo Schulz.
2005-10-27 16:23:59 +00:00
Werner Koch
2b50f31435 cygwin fixes 2005-10-27 09:14:27 +00:00
David Shaw
b9f1815947 * keygen.c (proc_parameter_file): Default key and subkey usage flags to
algo capabilities if parameter file doesn't specify them. Noted by Timo
Schulz.
2005-10-26 16:09:23 +00:00
Werner Koch
c8571979ef Fixed minor card related bugs and enhanced status messages 2005-10-18 17:41:20 +00:00
Werner Koch
9b7f1f6976 exported subkeys are now merged into one output keyblock 2005-10-17 17:21:15 +00:00
David Shaw
6c4e740a59 * keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
add 0x19 backsigs to old keys that don't have them.

* misc.c (parse_options): Fix build warning.

* main.h, keygen.c (make_backsig): Make public.
2005-10-14 04:07:13 +00:00
David Shaw
094a7ab401 * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
(signature_check2): Add --require-backsigs and --no-require-backsigs.  
Currently defaults to --no-require-backsigs.
2005-10-12 20:44:24 +00:00
David Shaw
47433adaa5 * getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks.  All is well, so I'm turning generation of backsigs on for new
keys.  Checking for backsigs on verification is still off.
2005-10-11 22:13:49 +00:00
Werner Koch
02aefe3866 Yet another fix for the gpg.c rename 2005-10-06 10:38:23 +00:00
Werner Koch
3470697e72 Fixes for the g10.c -> gpg.c renamed 2005-10-05 18:22:36 +00:00
Werner Koch
bd1df0119c Renamed g10.c to gpg.c
Filelength fixes for W32.
2005-10-05 16:58:50 +00:00
Werner Koch
d0b9ff171d * mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
prompt.
2005-09-20 08:19:50 +00:00
David Shaw
8e17d6437d * keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute
IDs as well as regular text IDs.

* plaintext.c (ask_for_detached_datafile): Use make_filename() on
filename so tilde expansion works.
2005-09-20 03:34:32 +00:00
David Shaw
4afa18bcaa * main.h, misc.c (parse_options): Add the ability to have help
strings in xxx-options commands.

* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
2005-09-14 22:31:21 +00:00
David Shaw
65566b5633 * keyedit.c (show_names): Moved name display code out from
show_key_with_all_names.  (keyedit_menu): Call it here for pref and
showpref so they can show only the selected user ID.  Suggested by
Timo Schulz.
2005-09-10 16:50:41 +00:00
Werner Koch
b4b9f891e2 Updated card stuff to support T=0 cards. 2005-09-07 17:05:42 +00:00
Werner Koch
9a2a2904cc Add "help" sub option to --*-options. 2005-09-07 15:53:03 +00:00
David Shaw
039c27f153 * parse-packet.c (enum_sig_subpkt, parse_signature,
parse_attribute_subpkts): Make a number of warnings verbose items.
These fire on many slightly mangled keys in the field, so the
warning is becoming burdensome.
2005-09-02 19:23:33 +00:00
David Shaw
be8543812d * photoid.h, photoid.c (generate_photo_id): Allow passing in a
suggested filename.

* keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto
filename" works.
2005-09-01 20:51:13 +00:00
David Shaw
187eaf0665 * photoid.c (generate_photo_id): Enable readline completion and tilde
expansion for the JPEG prompt.
2005-08-31 18:40:39 +00:00
David Shaw
f74282bee0 * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing
algorithms.

* keyedit.c (sign_uids): Don't request a signing key to make a
certification.

* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?)  (print_key_flags): Show certify flag.  (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
	
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
2005-08-27 03:09:40 +00:00
David Shaw
752d64bffc * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.
Suggested by Michael Schierl.
2005-08-27 02:56:51 +00:00
David Shaw
24adfe678d * Makefile.am: No need to link with curl any longer.
* main.h, misc.c (path_access): New.  Same as access() but does a PATH
search like execlp.

* keyserver.c (curl_can_handle): Removed.  Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort.  This is necessary because PGP LDAP and curl LDAP are apples
and oranges.  (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.
2005-08-21 20:58:46 +00:00
David Shaw
2e8c02b54b * exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read):
Minor cleanup to use bitfield flags instead of a bunch of integers.
2005-08-21 14:20:27 +00:00
David Shaw
5cb51422f9 * g10.c (main): Add aliases sign-with->local-user and user->recipient
to make switching from PGP command line to GPG easier.
2005-08-20 19:38:45 +00:00
David Shaw
bd146d5fcc * options.skel: Remove the surfnet LDAP keyserver from the list of
samples since it is being shut down.

* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.
2005-08-19 13:37:47 +00:00
David Shaw
9536012034 Missed keydb.h entry for set_passphrase_from_string 2005-08-06 21:17:11 +00:00
David Shaw
82bee9c68a * g10.c (main), passphrase.c (set_passphrase_from_string): New
--passphrase command line option.  Only useful in very special
circumstances.
2005-08-05 19:54:06 +00:00
Werner Koch
2ce542ad52 auto retrieve keys from PKA. Thsi allows to specify an email address
so that gpg can get the key from DNS.  This helps with opportunistic
encryption.  No integration with the trust modell yet.
2005-08-05 14:46:59 +00:00
David Shaw
533bc3e813 * keygen.c (proc_parameter_file): Sanity check items in keygen batch
file.  Noted by Michael Schierl.
2005-08-05 03:30:13 +00:00
David Shaw
c765d1ee0c * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0.
Noted by Michael Schierl.
2005-08-05 02:03:12 +00:00
David Shaw
a4563ecd19 * keygen.c (write_keyblock): Don't try and build deleted kbnodes since
we start our tree with one.
2005-08-04 21:41:11 +00:00
David Shaw
5ce7563171 Revert bad patch. 2005-08-04 21:39:43 +00:00
David Shaw
bf4728992f * keygen.c (start_tree): Need to use an actual packet type (which we
can then delete) to start the tree.
2005-08-04 20:48:13 +00:00
Werner Koch
cd4c621017 Fixes pertaining to revocation creation with subkey-only exported card keys 2005-08-04 09:53:21 +00:00
Werner Koch
986a137c58 Implemented PKA trust model 2005-07-28 18:59:36 +00:00
Werner Koch
a1cdf3c75f Converted all m_free to xfree etc. 2005-07-27 18:10:56 +00:00
David Shaw
efea9c3ce1 * keyserver.c (keyserver_typemap): Special-case LDAP since curl will
report that it can handle it, and we don't want it to.
2005-07-27 01:24:57 +00:00
Werner Koch
a7ea40e4f8 * passphrase.c (agent_get_passphrase): Make sure to release the
saved codeset.
(agent_open): Add arg ORIG_CODESET and switch back to it in case
of error.  Changed all callers.

* zh_TW.po, fr.po, cs.po: Updated.
2005-07-26 19:08:11 +00:00
Werner Koch
862652ebe1 Preparing a release 2005-07-26 15:41:04 +00:00
David Shaw
99c80f8c39 * keyedit.c (sign_uids): Don't prompt for setting signature expiry to
match key expiry unless --ask-cert-expire is set.  Suggested by Peter
Palfrader.
2005-07-22 16:42:48 +00:00
Werner Koch
a486501c0b * gpg.sgml (http):
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
2005-07-22 16:28:40 +00:00
David Shaw
04b9cec18f * options.h, g10.c (main), keyedit.c (keyedit_menu): Use --interactive
to enable the uid walking when signing a key with no uids specified to
sign.

* keylist.c (list_keyblock_print): Fix silly typo.  Noted by Greg
Sabino Mullane.
2005-07-22 12:52:34 +00:00
David Shaw
a918d63fd5 * keyserver.c (curl_can_handle): New. Do a runtime check against libcurl
to see if it can handle a particular protocol. (keyserver_typemap): Call
it here.

* Makefile.am: Pull in libcurl for curl_version_info() if used.
2005-07-20 21:15:04 +00:00
Werner Koch
a0b4f40301 * g10.c, options.h: New option --limit-card-insert-tries.
* cardglue.c (open_card): Use it.
2005-07-19 12:14:39 +00:00
Werner Koch
730247b19e * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.

* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
2005-07-19 08:50:28 +00:00
Werner Koch
6dc5a11997 * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols.
* ttyio.c (do_get): Move printing of the prompt after disabling
echo.  Suggested by Scott Worley.
2005-07-18 17:58:25 +00:00
David Shaw
8238e7698b * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around
when compacting a uid.  There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.

* keydb.h, kbnode.c (undelete_kbnode): Removed.  No longer needed.

* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed).  This allows
importing compacted uids.
2005-07-09 02:34:04 +00:00
David Shaw
c66eeec3c6 * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 warning. 2005-06-20 17:32:09 +00:00
Werner Koch
2d2e2e74b8 * gpg.sgml: Document smartcard related options.
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
2005-06-20 17:03:27 +00:00
Werner Koch
059d159657 (parse_signature): Use log_info for messages
about missing timestamp or keyid.  In case we don't use that key
there won't be no further error and thus gpg does not need to
return with an error.
2005-06-18 11:49:50 +00:00
David Shaw
07e9d532b1 * keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing.  Like import-clean-sigs, this may nodify the local keyring.

* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
2005-06-14 03:55:19 +00:00
David Shaw
f3c4b07d05 * options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Add import-clean-sigs option to automatically clean a key
when importing.  Note that when importing a key that is already on the
local keyring, the clean applies to the merged key - i.e. existing
superceded or invalid signatures are removed.
2005-06-12 21:17:46 +00:00
David Shaw
6e9b751b79 * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
that even after keys may be merged together, we only have one chosen
selfsig.
2005-06-12 20:42:04 +00:00
David Shaw
1594883f2f * options.h, import.c (parse_import_options, delete_inv_parts):
import-unusable-sigs is now a noop.
2005-06-10 03:15:25 +00:00
David Shaw
045433e35c * options.h, export.c (do_export_stream), keyedit.c (keyedit_menu,
menu_clean_subkeys_from_key), trustdb.h, trustdb.c
(clean_subkeys_from_key): Remove subkey cleaning function.  It is of
very limited usefulness since it cannot be used on any subkey that can
sign, and can only affect multiple selfsigs on encryption-only
subkeys.
2005-06-10 03:00:57 +00:00
David Shaw
31522bac1d * keydb.h, kbnode.c (undelete_kbnode): New function to undelete a
kbnode.

* trustdb.c (clean_uids_from_key): Further tweak the algorithm so that
the last good selfsig is kept when the chosen selfsig is a revocation.
2005-06-10 02:52:41 +00:00
David Shaw
475107dff3 * trustdb.c (clean_uids_from_key), keyedit.c
(menu_clean_uids_from_key): Tweak algorithm to preserve the last
selfsig which helps prevent uid resurrections.
2005-06-09 02:53:18 +00:00
David Shaw
1b07e3723e * getkey.c (fixup_uidnode, merge_selfsigs_main): Handle both expired
and revoked uids in fixup_uidnode().  No need to special case in
merge_selfsigs_main().  This also means that an expired uid will have
its selfsig tagged with chosen_selfsig.
2005-06-08 13:12:57 +00:00
David Shaw
2c9948c00a * options.h, g10.c (main), export.c (parse_export_options,
do_export_stream): Add export-options export-clean-sigs,
export-clean-uids, export-clean-subkeys, and export-clean which is all
of the above.  Export-minimal is the same except it also removes all
non-selfsigs.  export-unusable-sigs is now a noop.
2005-06-08 03:31:48 +00:00
David Shaw
7bf9354bf6 * signal.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on mingw32.
Noted by Joe Vender.

* passphrase.c [_WIN32]: Remove unused variables.
2005-06-01 19:13:05 +00:00
David Shaw
db8adc2880 * keyedit.c (menu_clean_uids_from_key, menu_clean_subkeys_from_key),
trustdb.c (clean_uids_from_key, clean_subkeys_from_key): Fix mingw32 build
warnings.  Noted by Joe Vender.
2005-05-31 19:12:10 +00:00
Werner Koch
a6a93ac540 * keydb.h [!ENABLE_AGENT_SUPPORT]: Define dummy types.
* cardglue.c (assuan_strerror, assuan_transact): Dummy functions
        if not build with agent support.

	* zh_TW.po, zh_CN.po, es.po, ro.po: Updated.

        * tr.po: Updated from TP.  Note: this is an exception in general
        translations from the Robot are not anymore accepted.

        * regcomp.c (MB_CUR_MAX) [_WIN32]: Define it only if not defined.
2005-05-31 10:11:01 +00:00
Werner Koch
7d4043ca57 Updated FSF street address and preparations for a release candidate. 2005-05-31 08:39:18 +00:00
David Shaw
0a9827ca07 * trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk through
the subkeys on a key, and mark any that aren't usable for deletion.
Note that a signing subkey is never marked for deletion since these
keys are still useful after expiration or revocation.

* keyedit.c (menu_clean_subkeys_from_key): New function to call
clean_subkeys_from_key() on a key.  Note that the strings here are not
marked for translation yet.  The UI is still in flux, and there is no
point in annoying the translators twice.  (keyedit_menu): Call it here
as part of the "clean" command.
2005-05-31 03:59:24 +00:00
David Shaw
acac94aa90 * trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through the
user IDs on a key, and mark any that aren't valid for deletion.

* keyedit.c (menu_clean_uids_from_key): New function to call
clean_uids_from_key() on a key.  (keyedit_menu): Call it from here as
part of the "clean" command.
2005-05-30 03:43:30 +00:00
David Shaw
0bad13cdf4 * g10.c (main): Default {export|import}-unusable-sigs to off until the
"clean" UI can be finished.
2005-05-27 03:00:26 +00:00
Werner Koch
d0f5655d19 * passphrase.c (ask_passphrase): Unescape the description string.
* cardglue.c (unescape_status_string): Removed.  Changed all
caller to use ...
* misc.c (unescape_percent_string): New.
2005-05-24 12:39:42 +00:00
Werner Koch
2ab2a874a0 (add_notation_data): Check number of at-signs. 2005-05-24 09:15:01 +00:00
Werner Koch
d8bd3a3826 (add_notation_data): Check number of at-signs. 2005-05-24 09:14:31 +00:00
Werner Koch
2f63b5299c * app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS.
* cardglue.c (open_card): Check USE_AGENT.
(agent_scd_checkpin): Implemented Assuan part.
(agent_scd_change_pin): Ditto.
2005-05-23 20:16:21 +00:00
Werner Koch
75675331f1 * cardglue.c (open_card): Check USE_AGENT.
* g10.c (main): Option --debug-ccid-driver may now be given
several times increase the debug level.

* ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version
5.14 as good.
(do_close_reader): Never do a reset. The caller should instead
make sure that the reader has been closed properly.  The new retry
code in ccid_slot_status will make sure that the readersatrts up
fine even if the last process didn't closed the USB connection
properly.
(ccid_get_atr): For certain readers try switching to ISO mode.
Thanks to Ludovic Rousseau for this hint and the magic numbers.
(print_command_failed): New.
(bulk_in): Use it here. Add new arg NO_DEBUG.
(ccid_slot_status): Disabled debugging.
2005-05-23 14:38:05 +00:00
Werner Koch
be2aa37dbf * cardglue.c (send_status_info): Make CTRL optional.
(agent_scd_writekey, inq_writekey_parms): New.
(agent_openpgp_storekey): Removed.
* cardglue.h: Add a few more error code mappings.
* keygen.c (copy_mpi): Removed.
(save_unprotected_key_to_card): Changed to use agent_scd_writekey.
* app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer
version in gnupg 1.9 CVS.
2005-05-21 14:04:32 +00:00
Werner Koch
bd644c8d45 (ccid_transceive): Arghhh. The seqno is another
bit in the R-block than in the I block, this was wrong at one
place. Fixes bug #419 and hopefully several others.
2005-05-20 20:37:08 +00:00
David Shaw
c5fa20dba3 * build-packet.c (do_comment): Removed. (build_packet): Ignore
comment packets.

* export.c (do_export_stream): Don't export comment packets any
longer.

* options.h, g10.c (main): Remove --sk-comments and --no-sk-comments
options, and replace with no-op.
2005-05-14 02:38:31 +00:00
David Shaw
e81d88b265 * keygen.c (write_selfsigs): Rename from write_selfsig. Write the same
selfsig into both the pk and sk, so that someone importing their sk (which
will get an autoconvert to the pk) won't end up with two selfsigs.
(do_generate_keypair): Call it from here.

* parse-packet.c (can_handle_critical_notation): New.  Check for
particular notation tags that we will accept when critical. Currently,
that's only preferred-email-encoding@pgp.com, since we know how to handle
it (pass it through to a mail program). (can_handle_critical): Call it
from here. (parse_one_sig_subpkt): Sanity check that notations are
well-formed in that the internal lengths add up to the size of the
subpacket.
2005-05-11 19:31:53 +00:00
Werner Koch
0ab01480ed (do_close_reader): Don't do a reset before close.
Some folks reported that it makes the SCR335 hang less often.
Look at the source on how to re-enable it.
2005-05-07 15:22:01 +00:00
David Shaw
89c844bd3a * main.h, keygen.c (parse_expire_string, ask_expire_interval), sign.c
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c
(sign_uids): Use seconds rather than days internally to calculate
expiration.  We no longer need the day-based code as we don't generate v3
keys.
2005-05-06 19:25:19 +00:00
David Shaw
10f51e0714 * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use the
default sig expire value when signing in batchmode.
2005-05-06 13:03:22 +00:00
David Shaw
89055cca85 * Makefile.am, packet.h, main.h, comment.c: Remove comment.c. We don't
use any of these functions any longer.
2005-05-05 22:32:52 +00:00
David Shaw
da0c60a987 * keygen.c (start_tree): New function to "prime" a KBNODE list.
(do_generate_keypair): Use it here rather than creating and deleting a
comment packet.

* keygen.c (gen_elg, gen_dsa): Do not put public factors in secret key as
a comment.

* options.h, encode.c (encode_simple, encode_crypt), keygen.c (do_create):
Remove disabled comment packet code.
2005-05-05 22:08:37 +00:00
David Shaw
08bd93f7dc * keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default
preferences.
2005-05-05 21:18:47 +00:00
David Shaw
c71639cfff * options.h, g10.c (main): Add new --default-sig-expire and
--default-cert-expire options.  Suggested by Florian Weimer.

* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.

* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
2005-05-05 19:21:40 +00:00
Werner Koch
6639bbf699 * passphrase.c (agent_get_passphrase): Add new arg CACHEID.
Changed all callers.
(ask_passphrase): Add new arg CACHEID and use it in agent mode.
Changed all callers.
(passphrase_clear_cache): New arg CACHEID.  Changed all callers.
* cardglue.c (format_cacheid): New.
(pin_cb): Compute a cache ID.
(agent_scd_pksign, agent_scd_pkdecrypt): Use it.
(agent_clear_pin_cache): New.
* card-util.c (change_pin): Clear the PIN cache.
(check_pin_for_key_operation): Ditto.
2005-05-03 22:27:07 +00:00
David Shaw
f02fe1dafb * trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the
no-pubkey and chosen revocation cases.  (clean_uid): New function to
clean a user ID of unusable (as defined by mark_usable_uid_certs)
certs.

* keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new
"clean" command that removes unusable sigs from a key.
2005-04-24 18:35:30 +00:00
David Shaw
6d72a1c649 * trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): Allow
specifying user ID via the namehash from --with-colons
--fixed-list-mode --list-keys.  Suggested by Peter Palfrader.
2005-04-24 16:05:41 +00:00
David Shaw
5bfd1199b8 * keyedit.c (sign_uids, keyedit_menu): When the user requests to sign
a key without specifying which user IDs to sign, and declines to sign
all user IDs, walk through the set of user IDs and prompt for which to
sign.
2005-04-22 03:36:20 +00:00
David Shaw
edc0862448 * mainproc.c (symkey_decrypt_seskey): There is no need to have an
extra check for a bad passphrase and/or unknown cipher algorithm here.
We'll fail quite happily later, and usually with a better error
message to boot.
2005-04-22 03:21:14 +00:00
David Shaw
b7c3018d32 * keyserver.c (keyserver_spawn): Free some memory.
* sign.c (hash_for): Comments.
2005-04-17 04:10:03 +00:00
Werner Koch
73fb1c592f * g10.c (main, add_notation_data, add_policy_url)
(add_keyserver_url): Use isascii() to protect the isfoo macros and
to replace direct tests.  Possible problems noted by Christian
Biere.
* keyserver.c (parse_keyserver_uri): Ditto.

* g10.c (main): Declare --pipemode deprecated.
* misc.c (deprecated_command): New.
2005-04-11 18:24:09 +00:00
Werner Koch
f8a3345229 * ccid-driver.c (ccid_slot_status): Fixed debug messages.
* card-util.c (card_edit): Add command "verify".  Enhanced admin
command to allow optional arguments "on", "off" and "verify".
(card_status): Print private DOs in colon mode.
* app-openpgp.c (do_check_pin): Add hack to allow verification of
CHV3.
2005-04-07 08:31:23 +00:00
Werner Koch
80f4424658 Changes to make use of code taken from libassuan. This replaces the
old ad-hoc connection code to gpg-agent.  We do need this for the
forthcoming diversion of card code to an already running gpg-agent
with card-support.
2005-04-05 17:09:13 +00:00
David Shaw
727cda9758 * mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP)
signatures that use hashes other than SHA-1, RIPEMD160, or MD5.
2005-04-01 16:22:34 +00:00
Werner Koch
c43423f0bd (keygen_set_std_prefs): Explain the chosen order of
AES key sizes.
2005-04-01 09:03:15 +00:00
David Shaw
c336e34571 * exec.h, exec.c (set_exec_path): Remove some dead code and change all
callers.  We no longer need to append to $PATH.
2005-03-31 17:11:53 +00:00
Werner Koch
fe01cbceb0 * keydb.c (keydb_add_resource): Clarify meaning of flags. Add new
flag 4.  Use log_info for errors registering the default secret key.
* g10.c (main): Flag the default keyrings.
2005-03-31 07:05:35 +00:00
David Shaw
14fdbdc97a * keyserver.c (keyserver_spawn): Don't mess about with the $PATH.
Rather, call keyserver helpers with the full path.  This fixes some
PATH-inspired DLL problems on W32.  Noted by Carlo Luciano Bianco.
2005-03-31 03:58:53 +00:00
Werner Koch
1985805cdf (pin_cb): Print a warning if the info string hack is
not there.  This may happen due to typos in the translation.
2005-03-30 10:39:13 +00:00
David Shaw
57b9ba5e16 * gpgv.c: Stubs for tty_enable_completion() & tty_disable_completion().
* openfile.c (ask_outfile_name): Enable readline completion when prompting
for an output filename.

* plaintext.c (ask_for_detached_datafile): Enable readline completion when
prompting for a detached sig datafile.
2005-03-21 20:47:28 +00:00
Werner Koch
31135aff14 * keyedit.c (command_generator, keyedit_completion): Changed
indentation.
* card-util.c (command_generator, card_edit_completion): Ditto.
2005-03-21 15:24:48 +00:00
David Shaw
f30b25e565 * card-util.c (command_generator, card_edit_completion)
[GNUPG_MAJOR_VERSION==1 && HAVE_LIBREADLINE]: New functions to enable
command completion in the --card-edit menu.  (card_edit): Call them
here.
2005-03-20 03:59:07 +00:00
David Shaw
c249809a6b * keyedit.c (command_generator, keyedit_completion) [HAVE_LIBREADLINE]:
New functions to enable command completion in the --edit-key menu.
(keyedit_menu): Call them here.
2005-03-18 22:07:12 +00:00