other xxxx_algo_to_string() functions.
* mainproc.c (list_node): Minor spacing tweak to match --list-keys output.
* keylist.c (list_keyblock_print), mainproc.c (list_node): Mark revoked
subkeys as revoked. Requested by Matthew Wilcox. Make revoked and
expired tags translatable (they are already translated elsewhere).
Revoked overrides expiration when both apply.
* keyedit.c (show_prefs): Use compress algo constants.
(show_basic_key_info): Make revoked and expired tags translatable
(show_key_with_all_names): Revoked overrides expired when both apply.
* packet.h, keyedit.c (show_key_with_all_names_colon), keylist.c
(list_keyblock_colon), mainproc.c (list_node, proc_tree): Minor cleanup to
remove local_id, which is no longer used.
group. (add_group): When adding a group with the same name as an already
existing group, merge the two groups. (list_config): Show an error message
when listing a config item that doesn't exist.
PK_UID_CACHE_SIZE (set in ./configure).
* getkey.c (get_pubkey): When reading key data into the cache, properly
handle keys that are partially (pk, no UIDs) cached already. This is
Debian bug #176425 and #229549.
inside a compressed data packet. This is possibly dangerous without an
MDC. (push_compress_filter2): Do the right thing (i.e. nothing) with
compress algo 0.
* main.h, decrypt.c (decrypt_messages): Accept filenames to decrypt on
stdin. This is bug #253.
string. (main): Use it here to pass list_config() more than one argument
as a single string. (print_algo_numbers): Helper to print algorithm
numbers. (list_config): Use it here for "pubkey", "cipher",
"hash"/"digest", and "compress" config options.
optional "sensitive" argument. Remind that $GNUPGHOME can be used instead
of --homedir. Clarify --no-default-keyring, and note why it may not take
effect if there are no other keyrings present. Remove --pgp2 from the
list of --pgpXes that are just for bad preference lists. Explain more why
locking memory pages is good.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.
* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs. It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.
* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.
* compress-bz2.c: Include stdio.h. Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
returns the primary key when requesting a subkey, so if a user has a key
signed by a subkey (we don't do this, but used to), AND that key is not
self-signed, AND the algorithm of the subkey in question is not present in
GnuPG, AND the algorithm of the primary key that owns the subkey in
question is present in GnuPG, then we will try and verify the subkey
signature using the primary key algorithm and hit a BUG(). The fix is to
not return a hit if the keyid is not the primary. All other users of
get_pubkey_fast already expect a primary only.
Christian Biere. Some minor grammar fixes. Remove the "host -l pgp.net |
grep wwwkeys" advice since the nameserver no longer all allow zone
transfers. Replace it with a mention of hkp://subkeys.pgp.net.
* gpgkeys_hkp.c (parse_hkp_index, dehtmlize): Fix memory corruption bug on
some platforms. From devel. (search_key): Catch a mangled input file
(useful if something other than GnuPG is calling the program). (main):
Avoid possible pre-string write. Noted by Christian Biere.
get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys for
anything except revocations.
* sign.c (do_sign): Add Elgamal encrypt-only keys to the signature
catchall.
* trustdb.c (mark_usable_uid_certs): Disallow signatures to and from
Elgamal encrypt-only keys in the trustdb. Granted, this sounds strange,
but there are historical keys that fit this description.