1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-26 10:59:58 +01:00

466 Commits

Author SHA1 Message Date
David Shaw
91f05595cc * main.h, g10.c (main), revoke.c (gen_desig_revoke): Generate a designated
revocation via --desig-revoke

* keyedit.c (keyedit_menu, menu_addrevoker): New "addrevoker" command to
add a designated revoker to a key.
2002-05-19 15:04:04 +00:00
David Shaw
28ae0d878f * gpgv.c: Add stub for get_ownertrust().
* g10.c (main): --allow-freeform-uid should be implied by OpenPGP.  Add
--no-allow-freeform-uid.

* keyedit.c (sign_uids): Issue a warning when signing a non-selfsigned
uid.

* getkey.c (merge_selfsigs_main): If a key has no selfsigs, and
allow-non-selfsigned-uid is not set, still try and make the key valid by
checking all uids for a signature from an ultimately trusted key.
2002-05-17 18:49:30 +00:00
David Shaw
4dcdaa3b1b * main.h, keygen.c (keygen_add_revkey): Add revocation key subpackets to a
signature (callable by make_keysig_packet). (write_direct_sig): Write a 1F
direct key signature. (parse_revocation_key): Parse a string in
algo:fpr:sensitive format into a revocation key. (get_parameter_revkey,
do_generate_keypair): Call above functions when prompted from a batch key
generation file.

* build-packet.c (build_sig_subpkt): Allow multiple revocation key
subpackets in a single sig.

* keydb.h, getkey.c (get_seckey_byfprint): Same as get_pubkey_byfprint,
except for secret keys.  We only know the fingerprint of a revocation key,
so this is needed to retrieve the secret key needed to issue a revokation.

* packet.h, parse-packet.c (parse_signature, parse_revkeys): Split revkey
parsing off into a new function that can be used to reparse after
manipulating the revkey list.

* sign.c (make_keysig_packet): Ability to make 1F direct key signatures.
2002-05-16 03:35:55 +00:00
David Shaw
fcfc223dbb * options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl as a
sample LDAP server instead.

* getkey.c (merge_selfsigs_main): Properly handle multiple revocation keys
in a single packet.  Properly handle revocation keys that are in
out-of-order packets.  Remove duplicates in revocation key list.
2002-05-15 13:15:27 +00:00
Timo Schulz
ab53833530 2002-05-14 Timo Schulz <ts@winpt.org>
* exec.c (make_tempdir) [MINGW32]: Added missing '\'.
2002-05-14 09:57:32 +00:00
Stefan Bellon
7ea7c0bc16 EXTSEP_S instead of hardcoded dot 2002-05-13 23:07:22 +00:00
David Shaw
435ecaa5b0 * photoid.c (show_photos): Use the long keyid as the filename for the
photo.  Use the short keyid as the filename on 8.3 systems.

* exec.h, exec.c (make_tempdir, exec_write, exec_finish): Allow caller to
specify filename.  This should make things easier on windows and macs
where the file extension is required, but a whole filename is even better.

* keyedit.c (show_key_with_all_names, show_prefs): Show proper prefs for a
v4 key uid with no selfsig at all.

* misc.c (check_permissions): Don't check permissions on non-normal files
(pipes, character devices, etc.)
2002-05-13 20:44:30 +00:00
Werner Koch
0a66b9aaae * mainproc.c (proc_symkey_enc): Avoid segv in case the parser
encountered an invalid packet.
2002-05-11 16:54:43 +00:00
Werner Koch
6237f835d3 * keyserver.c (keyserver_export): Get confirmation before sending
all keys.
2002-05-11 12:33:13 +00:00
Stefan Bellon
1935d90e1f fixes for M_DEBUG, strcasecmp and RISC OS 2002-05-10 17:28:32 +00:00
David Shaw
fecfcb6454 * packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Show assumed
prefs for hash and compression as well as the cipher pref. Show assumed
prefs if there are no prefs at all on a v4 self-signed key.

* options.h, g10.c (main), sign.c (make_keysig_packet): New
--cert-digest-algo function to override the default key signing hash
algorithm.
2002-05-10 15:27:20 +00:00
David Shaw
0c3ac11549 * getkey.c (merge_selfsigs_main): Make sure the revocation key list starts
clean as this function may be called more than once (e.g. from functions
in --edit).

* g10.c, encode.c (encode_crypt), sign.c (sign_file,
sign_symencrypt_file): Make --compress-algo work like the documentation
says.  It should be like --cipher-algo and --digest-algo in that it can
override the preferences calculation and impose the setting the user
wants.  No --compress-algo setting allows the usual preferences
calculation to take place.

* main.h, compress.c (compress_filter): use new DEFAULT_COMPRESS_ALGO
define, and add a sanity check for compress algo value.
2002-05-09 19:57:08 +00:00
David Shaw
4cb36096ec * pkclist.c (select_algo_from_prefs): There is an assumed compression
preference for uncompressed data.
2002-05-09 03:44:31 +00:00
David Shaw
7ee8e46500 * options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c
(algo_available): --pgp7, identical to --pgp6 except that it permits a few
algorithms that PGP 7 added: AES128, AES192, AES256, and TWOFISH.  Any
more of these --pgpX flags, and it'll be time to start looking at a
generic --emulate-pgp X option.
2002-05-07 22:04:27 +00:00
David Shaw
d5d974536e * export.c (do_export_stream): Warn the user when exporting a secret key
if it or any of its secret subkeys are protected with SHA1 while
simple_sk_checksum is set.

* parse-packet.c (parse_key): Show when the SHA1 protection is used in
--list-packets.

* options.h, build-packet.c (do_comment), g10.c (main): Rename
--no-comment as --sk-comments/--no-sk-comments (--no-comment still works)
and make the default be --no-sk-comments.
2002-05-07 15:21:57 +00:00
Werner Koch
0295445a4c * keygen.c (get_parameter_algo): Never allow generation of the
deprecated RSA-E or RSA-S flavors of PGP RSA.
(ask_algo): Allow generation of RSA sign and encrypt in expert
mode.  Don't allow ElGamal S+E unless in expert mode.
* helptext.c: Added entry keygen.algo.rsa_se.
2002-05-07 07:24:29 +00:00
David Shaw
2e56b988c8 * keyedit.c (sign_uids): If --expert it set, allow re-signing a uid to
promote a v3 self-sig to a v4 one.  This essentially deletes the old v3
self-sig and replaces it with a v4 one.
2002-05-07 04:27:40 +00:00
David Shaw
50c9a5bd25 * packet.h, parse-packet.c (parse_key), getkey.c (merge_keys_and_selfsig,
merge_selfsigs_main): a v3 key with a v4 self-sig must never let the v4
self-sig express a key expiration time that extends beyond the original v3
expiration time.
2002-05-07 04:05:03 +00:00
David Shaw
4a214fbfbb * keyedit.c (sign_uids): When making a self-signature via "sign" don't ask
about sig level or expiration, and include the usual preferences and such
for v4 self-sigs.  (menu_set_preferences): Convert uids from UTF8 to
native before printing.
2002-05-06 22:38:53 +00:00
David Shaw
2dfec7107c * keyedit.c (sign_uids): Convert uids from UTF8 to native before printing.
(menu_set_primary_uid): Show error if the user tries to make a uid with a
v3 self-sig primary.
2002-05-06 16:40:33 +00:00
David Shaw
ffc98f20ea * import.c (import_one): When merging with a key we already have, don't
let a key conflict (same keyid but different key) stop the import: just
skip the bad key and continue.

* exec.c (make_tempdir): Under Win32, don't try environment variables for
temp directories - GetTempDir tries environment variables internally, and
it's better not to second-guess it in case MS adds some sort of temp dir
handling to Windows at some point.
2002-05-05 19:44:22 +00:00
Timo Schulz
f6ccde9f14 2002-05-04 Timo Schulz <ts@winpt.org>
* mainproc.c (proc_symkey_enc): Don't ask for a passphrase
        in the list only mode.
2002-05-05 15:50:44 +00:00
David Shaw
ab59f621d6 * keyserver.c (keyserver_refresh): --refresh-keys implies --merge-only so
as not to import keys with keyids that match the ones being refreshed.
Noted by Florian Weimer.
2002-05-05 12:45:54 +00:00
Stefan Bellon
158091ef9f fixed m_alloc(0) bug and added checks to revkey and numrevkeys 2002-05-04 14:45:34 +00:00
David Shaw
4991e018bf * photoid.c: Provide default image viewer for Win32.
* misc.c (pct_expando): %t means extension, not name ("jpg", not "jpeg").

* keyserver.c (keyserver_spawn), photoid.c (show_photos), exec.h, exec.c:
Allow the caller to determine the temp file extension when starting an
exec_write and change all callers.
2002-05-04 00:39:15 +00:00
David Shaw
201ad25df9 * keyedit.c (sign_uids): Nonrevocable key signatures cause an automatic
promotion to v4.
2002-05-03 22:31:30 +00:00
David Shaw
cc0074dc5a * configure.ac: Add --disable-exec flag to disable all remote program
execution.  --disable-exec implies --disable-ldap and --disable-mailto.
Also look in /usr/lib for sendmail.  If sendmail is not found, do not
default - just fail.

* exec.c: Provide stubs for exec_ functions when NO_EXEC is defined.
2002-05-03 12:35:51 +00:00
David Shaw
6dc53d136a * photoid.h, photoid.c (parse_image_header, image_type_to_string): Useful
functions to return data about an image.

* packet.h, parse-packet.c (make_attribute_uidname,
parse_attribute_subpkts, parse_attribute), photoid.h, photoid.c
(show_photos): Handle multiple images in a single attribute packet.

* main.h, misc.c (pct_expando), sign.c (mk_notation_and_policy), photoid.c
(show_photos): Simpler expando code that does not require using
compile-time string sizes.  Call image_type_to_string to get image strings
(i.e. "jpg", "image/jpeg").  Change all callers.

* keyedit.c (menu_showphoto), keylist.c (list_keyblock_print): Allow
viewing multiple images within a single attribute packet.

* gpgv.c: Various stubs for link happiness.
2002-05-02 20:47:23 +00:00
David Shaw
0d63a076b0 Allow multiple policy URLs on a given signature.
Split "--notation-data" into "--cert-notation" and "--sig-notation" so the
user can set different policies for key and data signing.  For backwards
compatibility, "--notation-data" sets both, as before.
2002-05-02 13:25:59 +00:00
Werner Koch
1b65d681ff util/
* memory.c (alloc): Malloc at least 1 byte.  Noted by Winona Brown.
g10/
* options.skel: Removed the comment on trusted-keys because this
option is now deprecated.
2002-05-02 07:48:39 +00:00
David Shaw
66c8a663a5 * keyedit.c (menu_adduid): 2440bis04 says that multiple attribute packets
on a given key are legal.

* keyserver.c (keyserver_refresh): the fake v3 keyid hack applies to
"mailto" URLs as well since they are also served by pksd.
2002-05-01 22:33:18 +00:00
Werner Koch
cd59cb1d64 Added a copyright year for files changed this year. 2002-04-29 14:42:34 +00:00
Werner Koch
ecbf6f4d46 g10/
* g10.c, options.h: New options --display, --ttyname, --ttytype,
--lc-ctype, --lc-messages to be used with future versions of the
gpg-agent.
* passphrase.c (agent_send_option,agent_send_all_options): New.
(agent_open): Send options to the agent.

* trustdb.c (update_ownertrust, clear_ownertrust): Do an explicit
do_sync because revalidation_mark does it only if when the
timestamp actually changes.
/
* configure.ac: Check for locale.h and setlocale
2002-04-25 08:30:35 +00:00
David Shaw
cd7b3f9590 After generating a new key, show the key information (name, keyid,
fingerprint, etc.)

Do not print uncheckable signatures (missing key..) in --check-sigs.

Print statistics (N missing keys, etc.) after --check-sigs.

When signing a key with an expiration date on it, the "Do you want your
signature to expire at the same time?" question should default to YES
2002-04-23 17:54:38 +00:00
David Shaw
3b9a04844c * parse-packet.c (parse_plaintext), packet.h, plaintext.c
(handle_plaintext): Fix bug in handling literal packets with zero-length
data (no data was being confused with partial body length).

* misc.c (pct_expando), options.skel: %t means extension ("jpg"). %T means
MIME type ("image/jpeg").

* import.c (import_one): Only trigger trust update if the keyring is
actually changed.

* export.c (do_export_stream): Missing a m_free.
2002-04-23 02:48:44 +00:00
Werner Koch
0f2fedd806 po/
* et.po, tr.po, cs.po, it.po, id.po: Updated.
2002-04-22 19:33:39 +00:00
Stefan Bellon
70618e5175 RISC OS specific changes 2002-04-22 15:49:31 +00:00
David Shaw
3b97ac9ef8 * keygen.c (generate_subkeypair): 2440bis04 adds that creating subkeys on
v3 keys is a MUST NOT.

* getkey.c (finish_lookup): The --pgp6 "use the primary key" behavior
should only apply while data signing and not encryption. Noted by Roger
Sondermann.
2002-04-20 11:57:35 +00:00
David Shaw
f06ee291db * keyedit.c (menu_deluid): Only cause a trust update if we delete a
non-revoked user id.

* hkp.c (hkp_ask_import), keyserver.c (parse_keyserver_options,
keyserver_spawn), options.h: Remove fast-import keyserver option (no
longer meaningful).

* g10.c (main), keyedit.c (sign_uids), options.h: Change
--default-check-level to --default-cert-check-level as it makes clear what
it operates on.

* g10.c (main): --pgp6 also implies --no-ask-sig-expire.

* delkey.c (do_delete_key): Comment.
2002-04-19 22:38:20 +00:00
David Shaw
cc7fb43ac3 * keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,
menu_expire, menu_revsig, menu_revkey): Only force a trustdb check if we
did something that changes it.

* g10.c: add "--auto-check-trustdb" to override a
"--no-auto-check-trustdb"
2002-04-19 11:31:53 +00:00
Werner Koch
4847eadcd8 * tdbio.c (tdbio_write_nextcheck): Return a status whether the
stamp was actually changed.
* trustdb.c (revalidation_mark): Sync the changes.  Removed the
sync operation done by its callers.
(get_validity): Add logic for maintaining a pending_check flag.
(clear_ownertrust): New.

* keyedit.c (sign_uids): Don't call revalidation_mark depending on
primary_pk.
(keyedit_menu): Call revalidation_mark after "trust".
(show_key_with_all_names): Print a warning on the wrong listed key
validity.

* delkey.c (do_delete_key): Clear the owenertrust information when
deleting a public key.
2002-04-19 09:18:57 +00:00
Werner Koch
aedeefcc5f * seskey.c (encode_md_value): Print an error message if a wrong
digest algorithm is used with DSA.  Changed all callers to cope
with a NULL return.  Problem noted by Imad R. Faiad.
2002-04-18 19:38:34 +00:00
Werner Koch
40bbe7f621 * trustdb.c (validate_keys): Never schedule a nextcheck into the
past.
(validate_key_list): New arg curtime use it to set next_expire.
(validate_one_keyblock): Take the current time from the caller.
(clear_validity, reset_unconnected_keys): New.
(validate_keys): Reset all unconnected keys.
2002-04-18 18:40:11 +00:00
David Shaw
c07113d265 * trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable
signatures that can expire.  In short, the only thing that can override an
unexpired nonrevocable signature is another unexpired nonrevocable
signature.

* getkey.c (finish_lookup): Always use primary signing key for signatures
when --pgp6 is on since pgp6 and 7 do not understand signatures made by
signing subkeys.
2002-04-18 18:23:22 +00:00
Werner Koch
37c268ed6a * trustdb.c (validate_keys): Never schedule a nextcheck into the
past.
2002-04-18 11:01:56 +00:00
Werner Koch
bf7cef8ebf * getkey.c (lookup): Advance the searchmode after a search FIRST. 2002-04-18 10:50:05 +00:00
Werner Koch
ad2bfad4cc * getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
for use with secret keys.

* seckey-cert.c (do_check): Always calculate the old checksum for
use after unprotection.

* g10.c, options.skel: New option --no-escape-from.  Made
--escape-from and --force-v3-sigs the default and removed them
from the options skeleton.
2002-04-18 08:09:56 +00:00
Werner Koch
60e0b2ad92 * parse-packet.c (parse_key): Support a SHA1 checksum as per
draft-rfc2440-bis04.
* packet.h (PKT_secret_key): Add field sha1chk.
* seckey-cert.c (do_check): Check the SHA1 checksum
(protect_secret_key): And create it.
* build-packet.c (do_secret_key): Mark it as sha-1 protected.
* g10.c, options.h: New option --simple-sk-checksum.
2002-04-17 16:00:03 +00:00
David Shaw
9ef1a80f8d * parse-packet.c (parse_signature): Minor fix - signatures should expire
at their expiration time and not one second later.

* keygen.c (proc_parameter_file): Allow specifying preferences string
(i.e. "s5 s2 z1 z2", etc) in a batchmode key generation file.

* keyedit.c (keyedit_menu): Print standard error message when signing a
revoked key (no new translation).

* getkey.c (merge_selfsigs): Get the default set of key prefs from the
real (not attribute) primary uid.
2002-04-14 01:27:11 +00:00
David Shaw
9d7b26c784 * pkclist.c (build_pk_list): Fix bug that allowed a key to be selected
twice in batch mode if one instance was the default recipient and the
other was an encrypt-to.  Noted by Stefan Bellon.

* parse-packet.c (dump_sig_subpkt): Show data in trust and regexp sig
subpackets.

* keyedit.c (keyedit_menu): Use new function real_uids_left to prevent
deleting the last real (i.e. non-attribute) uid.  Again, according to the
attribute draft. (menu_showphoto): Make another string translatable.
2002-04-13 04:32:03 +00:00