1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-01 20:18:44 +01:00
Commit Graph

9149 Commits

Author SHA1 Message Date
David Shaw
ca766728f4 * configure.ac: Improved --disable-endian-check that doesn't involve
changing #ifdefs in the rest of the code.
2006-03-20 16:13:52 +00:00
David Shaw
7fcba082c9 * configure.ac: Add --disable-endian-check for building fat binaries
on OSX.

* README: Add note on how to build a fat binary on OSX.
2006-03-20 00:57:33 +00:00
David Shaw
0f4f660d5f * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if'
rather than '#ifdef' BIG_ENDIAN_HOST.  Harmless as we explicitly
define BIG_ENDIAN_HOST to 1 when we need it, but needed for OSX fat
builds when we define BIG_ENDIAN_HOST to another macro.
2006-03-20 00:39:44 +00:00
David Shaw
f4547924cb * configure.ac: Allow the DNS stuff to work on OSX by trying the
Apple-specific BIND_8_COMPAT.
2006-03-18 05:36:32 +00:00
David Shaw
3cfc77097d * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
both the fingerprint alone, and fingerprint+URL cases.

* getkey.c (get_pubkey_byname): Minor cleanup.
2006-03-17 05:20:13 +00:00
David Shaw
e0ad2bda52 * cert.c (get_cert): Handle the fixed IPGP type with fingerprint. 2006-03-16 22:40:04 +00:00
David Shaw
9f524c4a04 * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
same API as the other auto-key-locate fetchers.

* getkey.c (get_pubkey_byname): Use the fingerprint of the key that we
actually fetched.  This helps prevent problems where the key that we
fetched doesn't have the same name that we used to fetch it.  In the
case of CERT and PKA, this is an actual security requirement as the
URL might point to a key put in by an attacker.  By forcing the use of
the fingerprint, we won't use the attacker's key here.
2006-03-14 03:16:21 +00:00
David Shaw
b478ce7a79 * keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keyserver_import_cert, keyserver_import_name, keyserver_import_ldap):
Pass fingerprint info through.
2006-03-14 02:42:02 +00:00
David Shaw
671ec45001 * main.h, import.c (import_one): Optionally return the fingerprint of
the key being imported.  (import_keys_internal, import_keys_stream,
import): Change all callers.
2006-03-14 02:23:00 +00:00
David Shaw
7e3ba27aef * sig-check.c (signature_check2): Print the backsig warning when there
is no backsig present.  Give a URL for more information.

* keyedit.c (menu_backsign): Small tweak to work properly with keys
originally generated with older GnuPGs that included comments in the
secret keys.
2006-03-12 15:33:57 +00:00
David Shaw
48773e4c15 * samplekeys.asc: Update 99242560 to have a signing subkey backsig. 2006-03-11 15:29:57 +00:00
David Shaw
5784a43e65 * gpg.sgml: Clarify new notation delete feature. 2006-03-09 19:47:35 +00:00
David Shaw
e914311608 * build-packet.c (string_to_notation): Add ability to indicate a notation
to be deleted with a '-' prefix.

* keyedit.c (menu_set_notation): Use it here to allow deleting a notation
marked with '-'.  This works with either "-notation" or "-notation=value".
2006-03-09 19:43:29 +00:00
Werner Koch
a917165bef keep on walking towards rc3 2006-03-09 19:24:59 +00:00
Werner Koch
3ea8fc3337 Updated 2006-03-09 12:58:26 +00:00
Werner Koch
cf10c31a3f Preparing for an RC23 2006-03-09 12:45:02 +00:00
David Shaw
0317ae66f3 * gpg.sgml: Document "notation". 2006-03-09 04:00:18 +00:00
David Shaw
d810409068 * keyedit.c (menu_set_notation): New function to set notations on
self-signatures.  (keyedit_menu): Call it here.
(tty_print_notations): Helper.  (show_prefs): Show notations in
"showpref".
2006-03-09 03:49:39 +00:00
David Shaw
5460153264 * mainproc.c (get_pka_address), keylist.c (show_notation): Remove
duplicate code by using notation functions.
2006-03-09 03:35:26 +00:00
David Shaw
cc9a71c6ce * argparse.c (default_strusage): Update copyright year to 2006. 2006-03-09 03:31:28 +00:00
David Shaw
0f7b4371b2 * packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Provide printable text for non-human-readable
notation values.
2006-03-09 01:15:18 +00:00
David Shaw
889c4afd78 * packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Tweak to handle non-human-readable notation
values.
2006-03-08 23:42:45 +00:00
David Shaw
4fea8fdbbb * options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data):
Use it here for the various notation commands.

* packet.h, main.h, keygen.c (keygen_add_notations), build-packet.c
(string_to_notation, sig_to_notation) (free_notation): New "one stop
shopping" functions to handle notations and start removing some code
duplication.
2006-03-08 23:30:12 +00:00
David Shaw
90d8377276 * options.h, mainproc.c (check_sig_and_print), gpg.c (main):
pka-lookups, not pka-lookup.

* options.h, gpg.c (main), keyedit.c [cmds], sig-check.c
(signature_check2): Rename "backsign" to "cross-certify" as a more
accurate name.
2006-03-08 02:40:42 +00:00
David Shaw
07c48cf29e * NEWS: Note CERT retrieval. Tweak PKA and backsig language to match
current code.
2006-03-08 02:36:37 +00:00
David Shaw
b62ca46f62 * gpg.sgml: Rename backsigs to cross-certification (backsigs is just
shorthand).  Document max-cert-size.
2006-03-07 22:44:23 +00:00
David Shaw
ee3379a77d * gpg.sgml: Document new way of enabling the PKA functions. Some minor
other cleanups.
2006-03-07 21:47:36 +00:00
David Shaw
4f9efb7a79 * options.h, gpg.c (main, parse_trust_model), pkclist.c
(check_signatures_trust), mainproc.c (check_sig_and_print,
pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so that it
is a verify-option now.
2006-03-07 20:14:20 +00:00
David Shaw
81e2591421 * NEWS: Note --auto-key-locate and that keyservers can handle binary data
now.
2006-03-07 16:20:03 +00:00
Werner Koch
4aeb4d4b10 More tests added; make distcheck works 2006-03-07 11:05:41 +00:00
David Shaw
199f4bd626 * gpg.sgml: Document --auto-key-locate. 2006-03-07 05:06:31 +00:00
David Shaw
764b3f9395 * sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
is not a PGP 2.x algorithm.
2006-03-07 01:16:31 +00:00
David Shaw
5d2060e211 * mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
algorithm.
2006-03-06 23:14:13 +00:00
Werner Koch
3e08d87168 Stricter test of allowed signature packet compositions.
There is still one problem to solve.
2006-03-06 21:28:25 +00:00
Werner Koch
a200f76dcf Fixed problem with PGP2 style signatures and mutilple plaintext data 2006-03-06 12:28:46 +00:00
Werner Koch
09203be1c6 Replaced an assert and fixed batch mode issue in cardglue. 2006-03-05 15:13:18 +00:00
David Shaw
9523139ee7 * gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP
libraries that have TLS.
2006-03-03 21:55:38 +00:00
David Shaw
78904c691c * getkey.c (parse_auto_key_locate): Error if the user selects "cert" or
"pka" when those features are disabled.

* misc.c (has_invalid_email_chars): Fix some C syntax that broke the
compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha.  Noted by Nelson H.
F. Beebe.
2006-03-01 18:16:55 +00:00
David Shaw
2385935afa * configure.ac: Fix accidental enabling of SHA-384/512. Noted by Nelson
H. F. Beebe.
2006-03-01 17:05:38 +00:00
Werner Koch
89824e5d59 Fixed card removal problems 2006-03-01 11:05:47 +00:00
David Shaw
4b67ecabcf * options.skel: Document auto-key-locate and give a pointer to Simon
Josefsson's page for CERT.
2006-02-27 19:31:13 +00:00
David Shaw
837a6f094d * gpg.sgml: Document new --keyserver syntax. 2006-02-25 00:21:20 +00:00
David Shaw
f4f5ea43e7 * keydb.h, getkey.c (release_akl), gpg.c (main): Add
--no-auto-key-locate.

* options.h, gpg.c (main): Keep track of each keyserver registered so
we can match on them later.

* keyserver-internal.h, keyserver.c (cmp_keyserver_spec,
keyserver_match), gpgv.c: New.  Find a keyserver that matches ours and
return its spec.

* getkey.c (get_pubkey_byname): Use it here to get the per-keyserver
options from an earlier keyserver.
2006-02-24 14:27:22 +00:00
David Shaw
4139587267 * keyserver.c (parse_keyserver_options): Only change max_cert if it is
used.
2006-02-24 03:57:11 +00:00
David Shaw
624f3582ba * options.c, gpg.c (main), keyserver.c (keyserver_spawn): No special
treatment of include-revoked, include-subkeys, and try-dns-srv.  These are
keyserver features, and GPG shouldn't get involved here.
2006-02-23 22:39:40 +00:00
David Shaw
0302c7e0ac * ksutil.c (init_ks_options): Default include-revoked and include-subkeys
to on, as gpg isn't doing this any longer.
2006-02-23 21:06:32 +00:00
David Shaw
09e3b78ea2 * keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
options to the list, as ordering may be significant to the user.
2006-02-23 20:54:30 +00:00
David Shaw
1736866b5b * gpg.c (add_notation_data): Fix reversed logic for isascii check when
adding notations.  Noted by Christian Biere.
2006-02-23 19:52:20 +00:00
David Shaw
c37453211c * options.h, keyserver.c (add_canonical_option): New.
(parse_keyserver_options): Moved from here. (parse_keyserver_uri): Use it
here so each keyserver can have some private options in addition to the
main keyserver-options (e.g. per-keyserver auth).
2006-02-23 17:00:02 +00:00
David Shaw
1ae024ef81 * options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
getkey.c (free_akl, parse_auto_key_locate, get_pubkey_byname): The obvious
next step: allow arbitrary keyservers in the auto-key-locate list.
2006-02-22 23:37:23 +00:00