1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-25 10:49:57 +01:00

2475 Commits

Author SHA1 Message Date
Werner Koch
a043c14d22 * cardglue.c (pin_cb): Disable debug output.
* mk-w32-dist: Check for patch files.
* w32installer.nsi: Translated a few more strings.  Print a
warning if permssions are not suitable for the installation.
Add Uninstaller entries.
2005-03-14 19:19:21 +00:00
Werner Koch
f0e9a1ff4f * configure.ac: New option --enable-noexecstack.
* Makefile.am (ASFLAGS): Renamed to AM_CCASFLAGS and added the
variable for non exectubale stack options.  Adapted users.
2005-03-11 11:02:12 +00:00
David Shaw
9bf9389179 * keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an
alias for http-proxy.
2005-03-10 19:34:40 +00:00
David Shaw
04f02174e1 * delkey.c (do_delete_key, delete_keys): Fix problem with --expert
preventing --delete-secret-and-public-keys from deleting secret keys.
2005-03-10 18:43:36 +00:00
Werner Koch
e27aa939bf (keyedit_menu) [W32]: Run the trustdb stale check
earlier.
2005-03-10 18:40:57 +00:00
Werner Koch
1ccebd117d (secmem_realloc): Take control information into account
when checking whether a resize is needed.
2005-03-10 09:52:05 +00:00
Werner Koch
c91e30fda4 * primegen.c (is_prime): Free A2. Noted by pmike2001@mail.ru.
Fixes #423.

* DETAILS: Document new status codes.

* cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign)
(agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin)
(agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a
SC_OP_FAILURE after card operations which might change data.
* card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has
been changed.
(change_name): Removed a debug output.
* status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE
and SC_OP_SUCCESS.

* de.po: Updated. Translation is still in the works, though.
2005-03-07 13:59:59 +00:00
David Shaw
db82cdd26a * libcurl.m4: Use $LIBS instead of $LDFLAGS. This should help build
problems on Mingw32.
2005-03-01 00:05:16 +00:00
David Shaw
522ca12084 * keyedit.c (keyedit_menu): Only print the key signing hint when signing
from a place where it is useful (i.e. --edit-key and not --sign-key).
2005-02-24 21:21:14 +00:00
David Shaw
05ae122659 * gnupg.spec.in: Fix problem with storing the gpgkeys helpers in
libexec, but calling them in libexec/gnupg.
2005-02-17 03:49:16 +00:00
Werner Koch
b7491aa8c7 about to release 1.4.1rc2 RC-1-4-1rc2 2005-02-16 20:29:20 +00:00
Werner Koch
00ef56868d * card-util.c (fetch_url): Fetch the key from the default
keyserver if no URL is available.

* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.
2005-02-16 20:08:14 +00:00
Werner Koch
ca24b4ea3f * w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.
2005-02-16 13:27:57 +00:00
Werner Koch
bb71180d07 * gpg.sgml: Add bkuptocard command for --edit-key.
* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.
2005-02-15 11:02:32 +00:00
David Shaw
2833a0eadc * curl-shim.c (curl_easy_perform): Fix compile warning.
* curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add
ca-cert-file option, to pass in the SSL cert.
2005-02-12 03:15:02 +00:00
David Shaw
25001837e9 * curl-shim.h, curl-shim.c: New. This is code to fake the curl API in
terms of the current HTTP iobuf API.

* gpgkeys_curl.c [FAKE_CURL], Makefile.am: If FAKE_CURL is set, link with
the iobuf code rather than libcurl.
2005-02-11 18:05:13 +00:00
David Shaw
8ba44ec180 * configure.ac: Add --enable-fake-curl option to help test no-curl HTTP.
* NEWS: Note Mister/Zuccherato CFB countermeasures.
2005-02-11 17:46:15 +00:00
David Shaw
a3ea962679 Disable the "quick check" bytes for PK decryptions. This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
2005-02-10 04:06:30 +00:00
David Shaw
2dbfc709ad * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
is dirty and --interactive is set, do an --update-trustdb.  If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is
set.

* import.c (import_keys_internal): Moved from here.

* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end.  This is Debian bug
#293816, noted by Kurt Roeckx.
2005-02-06 17:38:43 +00:00
David Shaw
e040113f3c * gpg.sgml: Note that level 0 signatures are always accepted
regardless of --min-cert-level.
2005-02-05 19:52:02 +00:00
David Shaw
203e4835f6 * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
* gpgkeys_curl.c (main): Make sure the curl handle is cleaned up on
failure.
2005-02-05 15:04:59 +00:00
David Shaw
01f0036d23 * getkey.c (merge_selfsigs_subkey): Merged away definition from the
backsigs code.
2005-02-05 00:00:35 +00:00
Werner Koch
e011ee08e2 (GNUPG_CHECK_GNUMAKE): Removed. Not needed for
decent automakes.
2005-02-04 10:18:46 +00:00
David Shaw
7954a24b95 * libcurl.m4: More comments. 2005-02-04 04:01:35 +00:00
David Shaw
dd649067e2 * NEWS: Fix typo. 2005-02-03 21:42:10 +00:00
Werner Koch
57ec15c0bb Last changes for W32 RC-1-4-1rc1 2005-02-03 11:16:27 +00:00
Werner Koch
907353ed60 About to do a release candidate 2005-02-03 10:21:26 +00:00
Werner Koch
334e3e96d2 Updated to match the switch to the NSIS installer. 2005-02-03 09:32:53 +00:00
David Shaw
b663f3f8d3 * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
http_close() calls.  Noted by Phil Pennock.
2005-02-01 20:57:08 +00:00
David Shaw
f7a0254e63 * http.c (connect_server): Fix fd leak when connecting to a round-robin
server set that has some down servers.  Noted by Phil Pennock.
2005-02-01 20:55:35 +00:00
David Shaw
9af66d4634 * ksutil.h: Up the default timeout to two minutes. 2005-02-01 17:08:18 +00:00
David Shaw
c49620a720 * keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.
2005-02-01 05:26:25 +00:00
David Shaw
df42d339d9 * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
instead of 0x0000000000000000 for the invalid key ID since all-zeroes
is reserved for the anonymous recipient.

* keyedit.c (change_passphrase), keygen.c (generate_subkeypair): Fix a
string ;)
2005-01-28 00:50:10 +00:00
Werner Koch
d96f816f89 * keygen.c (generate_subkeypair): Detect primary key on-card and
ask for the passphrase.  Return an error if the primary key is a
plain stub.

* keyedit.c (change_passphrase): Don't ever change any stub key.
Print a note if a key consists of only stub keys.  Reported by
Dany Nativel.  These are bugs #401 and #402.
2005-01-27 11:48:33 +00:00
Werner Koch
963748d1b5 Updated to the version from 1.2.7. 2005-01-27 10:30:28 +00:00
David Shaw
e6cbb88f61 * keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal
address] syntax in keyserver URLs.  (keyserver_typemap): Map ftps if
we are supporting it.
2005-01-26 21:20:30 +00:00
Werner Koch
eb0ee0ba44 * w32installer.nsi: Create a start menu entry and enhanced the
build environment.
* mk-w32-dist: Add more support for above.
2005-01-26 17:44:48 +00:00
Werner Koch
aa62bf505d (do_generate_keypair): Don't continue after an error;
fixed at two places. Why at all didn't I used a goto to cleanup,
tsss?
2005-01-25 14:34:51 +00:00
Werner Koch
aa87314e6f (get_cached_data): New arg GET_IMMEDIATE to bypass
the cache.  Changed all callers.
(get_one_do): Bypass the cache if the value would have been read
directly for v1.1 cards.It makes things a bit slower but obnly for
1.0 cards and there are not that many cards out in the wild.  This
is required to fix a caching bug when generating new keys; as a
side effect of the retrieval of the the C4 DO from the 6E DO the
chaced fingerprint will get updated to the old value and later
when signing the generated key the checking of the fingerprint
fails becuase it won't match the new one.  Thanks to Moritz for
analyzing this problem.
(verify_chv3): Removed the CHV status reread logic because we
won't cache the C4 DO anymore.
2005-01-25 14:18:56 +00:00
David Shaw
9198b9de5c * libcurl.m4: All versions of curl-config support --feature. 2005-01-25 02:47:57 +00:00
David Shaw
5d257ee60e * gpgkeys_ldap.c (print_nocr): New. (get_key): Call it here to
canonicalize line endings.

* gpgkeys_curl.c (writer): Discard everything outside the BEGIN and
END lines when retrieving keys.  Canonicalize line endings.  (main):
Accept FTPS.
2005-01-24 18:23:56 +00:00
David Shaw
1f057ff498 * configure.ac: Define FTPS flag if we're using curl, and FTPS is
available.

* README: Fix some typos (noted by Norihiko Murase), update to 1.4.1,
and tweak some descriptions.

* NEWS: Note FTPS.
2005-01-23 01:19:32 +00:00
David Shaw
db89c15bff * libcurl.m4: Note that FTPS existed, but wasn't fully
standards-compliant until version 7.11.0.
2005-01-22 23:10:23 +00:00
David Shaw
625806b6ae * keyserver.c (free_keyserver_spec): Fix small leak.
(keyserver_typemap): Map https if we are supporting it.
2005-01-22 03:33:12 +00:00
David Shaw
2b10681641 * gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL
certificate checking (which is on by default).

* gpgkeys_curl.c (main): Add "debug" option to match the LDAP helper.
Add "check-cert" option to disable SSL certificate checking (which is
on by default).
2005-01-22 03:27:19 +00:00
Werner Koch
6a0fda89c0 (open_card): Issue new CARDCTRL(4) status. 2005-01-20 18:25:25 +00:00
Werner Koch
b2b2786be1 * gpgv.c (tty_fprintf): New stub.
* card-util.c (card_status): Create asecret key stub on the fly
and print more information about a card key.
* import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New.
* getkey.c (get_seckeyblock_byfprint): New.
* keylist.c (print_card_key_info): New.
2005-01-20 17:21:40 +00:00
Werner Koch
fa284bae3f Minor changes 2005-01-20 11:42:48 +00:00
Werner Koch
5bda87bd6e * g10.c (i18n_init) [W32]: Pass registry key to gettext
initialization.
* gpgv.c (i18n_init) [W32]: Ditto.

* simple-gettext.c (set_gettext_file): Use MO files depending on
the installation directory.  Add new arg REGKEY.
2005-01-20 11:42:03 +00:00
David Shaw
b2d67e8039 * NEWS: Note --rfc2440-text import/export-unusable-sigs and
gpgkeys_curl.

* configure.ac: gpgkeys_mailto is disabled by default.  Define HTTPS
flag if we're using curl, and HTTPS is available.
2005-01-19 03:56:25 +00:00