1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

1194 Commits

Author SHA1 Message Date
David Shaw
8ca2c7aa85 * samplekeys.asc: Updated.
* DETAILS: Document "tru" trust record.  Document REVKEYSIG status tag.
Removed paragraph on gdbm usage.  Note that pipemode is deprecated.
2003-08-29 02:25:57 +00:00
David Shaw
8f03511a7c * autogen.sh: Touch po/all for --build-w32. From Werner on stable branch. 2003-08-29 00:42:31 +00:00
David Shaw
2fb83fe779 * AUTHORS, THANKS: Updates from stable. 2003-08-29 00:26:16 +00:00
David Shaw
17e67cd29b * passphrase.c (agent_send_all_options): Make use of $GPG_TTY.
* g10.c (main): Disable use-agent if passphrase-fd is given later.
Suggested by Kurt Garloff.

* exec.c, g10.c, gpgv.c, passphrase.c, photoid.c: s/__MINGW32__/_WIN32/ to
help building on native Windows compilers.  Requested by Brian Gladman.
From Werner on stable branch.
2003-08-29 00:14:42 +00:00
David Shaw
6eb9d6297f * idea-stub.c, random.c; s/__MINGW32__/_WIN32/ to help building on native
Windows compilers.  Requested by Brian Gladman.  From Werner on stable
branch.
2003-08-28 23:49:03 +00:00
David Shaw
1814e2dbf3 * util.h: s/__MINGW32__/_WIN32/ to help building on native Windows
compilers.  Requested by Brian Gladman.  From Werner on stable branch.
2003-08-28 23:41:41 +00:00
David Shaw
cd06705184 * dotlock.c, http.c, iobuf.c, simple-gettext.c, srv.c, srv.h, strgutil.c,
ttyio.c, w32reg.c: s/__MINGW32__/_WIN32/ to help building on native
Windows compilers.  Requested by Brian Gladman. From Werner on stable
branch.

* http.c (connect_server): Oops - forgot to freeaddrinfo().
2003-08-28 23:29:32 +00:00
David Shaw
2d682ddc00 * options.h, g10.c (main): Add list-option list-preferred-keyserver.
* keyedit.c (change_passphrase): When responding 'no' to the blank
passphrase question, re-prompt for a new passphrase.  This is bug #202.
2003-08-26 04:07:52 +00:00
David Shaw
68aa60e79c * mainproc.c (check_sig_and_print): Use two different preferred keyserver
displays - one if the key is not present (to tell the user where to get
the key), the other if it is present (to tell the user where the key can
be refreshed).

* packet.h, parse-packet.c (parse_signature): Set flag if a preferred
keyserver is present.

* keylist.c (list_keyblock_print): Show keyserver url in listings with
list-option show-keyserver-url.
2003-08-26 03:56:47 +00:00
David Shaw
002972f63d * NEWS: Note %g and %p, the "tru" --with-colons record, and the REVKEYSIG
--status-fd tag.

* README: Add a note about the SunOS symbol underscore problem and how to
fix it.  Note problem with gcc < 2.96 and non-gnu as.
2003-08-26 03:03:54 +00:00
David Shaw
40eed2bcf9 * gnupg.spec.in: Rework much of the spec to use %-macros throughout. Fix
to work properly with RPM 4.1 (all files in buildroot must be packaged).
Package and install info files. Tweak the English description.  Do not
install gpgv and gpgsplit setuid root. Make sure that install-info is
called in such a way that doesn't bork the RPM install if it cannot
complete (necessary for some upgrade scenarios).
2003-08-26 00:37:09 +00:00
David Shaw
a01a08f9e1 * gpg.sgml: Document --list-options (show-photos, show-policy-url,
show-notation, show-keyring) and --verify-options (show-photos,
show-policy-url, show-notation).  Deprecate --show-photos,
--show-policy-url, --show-notation, and --show-keyring.
2003-08-26 00:32:58 +00:00
David Shaw
5707b80e59 * Makefile.am: Use NETLIBS instead of EGDLIBS. 2003-08-25 03:37:06 +00:00
David Shaw
cce2bf2dfa * configure.ac: Check for getaddrinfo. Don't bother to check for EGD libs
since we need to have the netlibs regardless because of the agent socket.
2003-08-25 03:32:01 +00:00
David Shaw
68c898372b * http.c (connect_server): Try and use getaddrinfo if it is available.
Try for IPv6 via getaddrinfo() or a IPv6-ized gethostbyname().  Suggested
by Jun-ichiro itojun Hagino.
2003-08-25 02:18:45 +00:00
David Shaw
03c12b5a5b * mainproc.c (check_sig_and_print): Get the uid validity before printing
any sig results to avoid munging the output with trustdb warnings.

* g10.c (main): Don't include --show-keyring in --help as it is
deprecated.
2003-08-24 23:01:26 +00:00
David Shaw
5ad7dd7944 * random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM twice.
Use NAME_OF_DEV_URANDOM.
2003-08-21 23:26:57 +00:00
David Shaw
d8273544e1 * gpgv.c: Remove extra semicolon (typo).
* options.skel: Note that keyserver.pgp.com isn't synchronized, and
explain the roundrobin a bit better.

* sig-check.c (check_key_signature2), import.c (import_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids,
merge_blocks): Make much quieter during import of slightly munged, but
recoverable, keys. Use log_error for unrecoverable import failures.

* keyring.c (keyring_rebuild_cache): Comment.

* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.
2003-08-21 23:20:58 +00:00
David Shaw
a2cf3caa98 * packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
Provide a signing-key-is-revoked flag.  Change all callers.

* status.h, status.c (get_status_string): New REVKEYSIG status tag for a
good signature from a revoked key.

* mainproc.c (do_check_sig, check_sig_and_print): Use it here.

* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare actual
signatures on import rather than using keyid or class matching.  This does
not change actual behavior with a key, but does mean that all sigs are
imported whether they will be used or not.

* parse-packet.c (parse_signature): Don't give "signature packet without
xxxx" warnings for experimental pk algorithms.  An experimental algorithm
may not have a notion of (for example) a keyid (i.e. PGP's x.509 stuff).
2003-08-13 03:31:36 +00:00
Werner Koch
7500f070ba About to release the first 1.9 version. V1-9-0 2003-08-05 17:20:18 +00:00
Werner Koch
f2c38b89a7 Cleanups, fixes and PC/SC support 2003-08-05 17:11:04 +00:00
David Shaw
752e3459ab * options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
(print_and_check_one_sig): New "show-sig-expire" list-option to show
signature expiration dates (if any).
2003-08-03 02:37:48 +00:00
Werner Koch
7921516e85 minor changes to make make distcheck happy 2003-07-31 15:45:11 +00:00
Werner Koch
2100b5dfa3 Remove leftover cruft 2003-07-29 14:10:02 +00:00
Werner Koch
2d7d9dc190 *** empty log message *** 2003-07-29 14:07:28 +00:00
Werner Koch
97d3ea897f * gpgsm.c (main): Add secmem features and set the random seed file.
(gpgsm_exit): Update the random seed file and enable debug output.

* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.

* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.
2003-07-29 08:53:19 +00:00
Werner Koch
860f56b089 Adjusted for use with current libgcrypt (1.1.42). 2003-07-28 08:59:18 +00:00
David Shaw
e4a9d14aad * options.h, g10.c (main, add_keyserver_url): Add
--sig-preferred-keyserver to implant a "where to get my key" subpacket
into a signature.

* sign.c (mk_notation_and_policy): Rename to mk_notation_policy_etc and
add preferred keyserver support for signatures.
2003-07-24 19:28:12 +00:00
Werner Koch
ba188097c0 * app-openpgp.c (do_learn_status): Print more status information.
(app_select_openpgp): Store the card version.
(store_fpr): Add argument card_version and fix DOs for old cards.
(app_openpgp_storekey): Likewise.
2003-07-24 09:06:13 +00:00
Werner Koch
b8becef1cf * command.c (cmd_pkauth): New.
(cmd_setdata): Check whether data was given at all to avoid
passing 0 to malloc.

* app.c (app_auth): New.
* app-openpgp.c (do_auth): New.
2003-07-23 07:13:05 +00:00
David Shaw
fbdee01db9 * keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.

* sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.

* trustdb.h, trustdb.c (read_trust_options): New.  Returns items from the
trustdb version record.

* keylist.c (public_key_list): Use it here for the new "tru" record.

* gpgv.c (read_trust_options): Stub.
2003-07-21 23:19:15 +00:00
David Shaw
fa0cc6602b * keyedit.c (show_key_with_all_names): Use list-option show-validity in
--edit-key interface as well.
2003-07-20 17:09:43 +00:00
David Shaw
726b36b647 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
verify-options "show-validity" and "show-long-keyid" to show trustdb
validity and long keyids during (file) signature verification.
2003-07-20 02:09:06 +00:00
David Shaw
06442ab0da * packet.h, main.h, sig-check.c (signature_check2, check_key_signature2,
do_check): If ret_pk is set, fill in the pk used to verify the signature.
Change all callers in getkey.c, mainproc.c, and sig-check.c.

* keylist.c (list_keyblock_colon): Use the ret_pk from above to put the
fingerprint of the signing key in "sig" records during a --with-colons
--check-sigs.  This requires --no-sig-cache as well since we don't cache
fingerprints.
2003-07-20 00:10:13 +00:00
Werner Koch
fa2faef48f * Makefile.am: Add sc-copykeys program.
* sc-copykeys.c: New.
* app-openpgp.c (app_openpgp_storekey): New.
(app_openpgp_cardinfo): New.
(count_bits): New.
(store_fpr): And use it here to get the actual length in bit.
2003-07-16 13:47:14 +00:00
Werner Koch
270ba1bc96 * simple-pwquery.c, simple-pwquery.h: New; moved from ../agent.
* Makefile.am (libsimple_pwquery_a_LIBADD): New.
2003-07-16 13:44:43 +00:00
Werner Koch
59e5fb16f6 * simple-pwquery.c, simple-pwquery.h: Moved to ../common.
* Makefile.am (gpg_protect_tool_LDADD): Add simple-pwquery.o.
Removed it from xx_SOURCES.
2003-07-16 13:44:03 +00:00
David Shaw
f0fddbd613 * Makefile.am: Add --no-permission-warning to avoid spurious warning when
importing demo keys.
2003-07-10 15:10:02 +00:00
David Shaw
a88cb47d55 * configure.ac: configure.ac: Check for sigset_t and struct sigaction.
This is for Forte c89 on Solaris which seems to define only the function
call half of the two pairs by default.
2003-07-10 15:03:55 +00:00
David Shaw
f4617d97b8 * parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.

* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).

* Makefile.am: Include W32LIBS where appropriate.

* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.

* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.

* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.

* options.skel: Use subkeys.pgp.net as the default keyserver.

* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.

* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction.  This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.

* signal.c, tdbio.c: Comment out the transaction code.  It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).

* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading.  This
is a temporary kludge, and will be handled properly in 1.9/2.0.

* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.

* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids).  Do not allow signing a user ID without a
self-signature.  --expert overrides.  Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181

* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl.  Noted by Christian Biere.

* getkey.c (classify_user_id2): Replaced isspace by spacep

* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.

* keyedit.c (keyedit_menu): Ditto.

* tdbdump.c (import_ownertrust): Ditto.  s/isxdigit/hexdigitp/.

* revoke.c (ask_revocation_reason):

* keyserver.c (keyserver_spawn): Dito.
2003-07-10 14:30:07 +00:00
David Shaw
3bc9e79103 * DETAILS: Document the --attribute-fd data.
* gpg.sgml: Document --set-notation.  Explain why it is not possible to
disable permission warnings in the gpg.conf file about the homedir.  Add
pointer in --ignore-time-conflict to see --ignore-valid from, and vice
versa.  Warning not to try and parse --list-keys in scripts. Document the
signature flags (1-3/L/R/P/N/X), Document expandos %g and %p.  Note the
default --personal-digest-preferences are "H2".
2003-07-10 12:42:49 +00:00
David Shaw
df79db51f1 * Makefile.am: Use W32LIBS where appropriate. 2003-07-10 12:32:57 +00:00
David Shaw
654276143b * iobuf.c (check_special_filename): Replaced is isdigit by digitp
to avoid passing negative values and potential locale problems.
Problem noted by Christian Biere.
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
pass a negative value.
* miscutil.c (scan_isodatestr): Ditto.
2003-07-10 12:26:42 +00:00
David Shaw
d8a6bd3b84 * types.h: Prefer using uint64_t when creating a 64-bit unsigned type.
This avoids a warning on compilers that support but complain about
unsigned long long.

* util.h (ascii_isspace): New variation on isspace() that is immune from
locale changes.

* util.h: Make sure that only ascii is passed to isfoo functions. (From
Werner on stable branch).
2003-07-10 12:13:53 +00:00
David Shaw
adab7b0a63 * THANKS: Updates from stable.
* configure.ac: Include wsock32 in W32LIBS.  This is different from
NETLIBS so we don't need to force other platforms to pull in the netlibs
when they aren't actually needed.

* NEWS: Note portability changes.
2003-07-10 12:06:08 +00:00
Werner Koch
274e121399 Minor changes to make make dist work correctly. 2003-07-04 09:40:19 +00:00
Werner Koch
8b9f0bda3d * app-openpgp.c (do_setattr): Add setting of the URL.
(app_select_openpgp): Dump card data only in very verbose mode.
(do_decipher): New.
2003-07-03 18:10:13 +00:00
Werner Koch
d1165b2132 * app-openpgp.c (store_fpr): Fixed fingerprint calculation.
* keygen.c (gen_card_key): Obviously we should use the creation
date received from SCDAEMON, so that the fingerprints will match.
* sign.c (do_sign): Pass the serialno to the sign code.
* keyid.c (serialno_and_fpr_from_sk): New.
2003-07-01 08:34:45 +00:00
Werner Koch
f5db59fc21 Key generation and signing using the OpenPGP card does rudimentary work. 2003-06-27 20:53:09 +00:00
Werner Koch
ed0d33f1d0 Finished the bulk of changes for gnupg 1.9. This included switching
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types.  Note, that not all changes are listed below becuause they are
too similar and done at far too many places.  As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
2003-06-18 19:56:13 +00:00