1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-25 10:49:57 +01:00

3178 Commits

Author SHA1 Message Date
Werner Koch
a0cb56fe7f (gpgsm_validate_chain): Changed the message printed
for an untrusted root certificate.
2004-01-28 16:20:17 +00:00
Werner Koch
fa5d1513a2 (agent_marktrusted): Check whether the trustlist is
writable.
2004-01-28 16:19:46 +00:00
David Shaw
654ba16db5 * getkey.c: Set MAX_PK_CACHE_ENTRIES and MAX_UID_CACHE_ENTRIES to
PK_UID_CACHE_SIZE (set in ./configure).

* getkey.c (get_pubkey): When reading key data into the cache, properly
handle keys that are partially (pk, no UIDs) cached already.  This is
Debian bug #176425 and #229549.

* compress.c (init_compress, push_compress_filter2): Do the right thing
(i.e. nothing) with compress algo 0.

* main.h, decrypt.c (decrypt_messages): Accept filenames to decrypt on
stdin.  This is bug #253.
2004-01-28 01:04:30 +00:00
David Shaw
45bbdcc57c * NEWS: Note --enable-key-cache, the OpenBSD/i386 and HPPA fixes, and
Elgamal removal.

* README, configure.ac: Add --enable-key-cache=SIZE configure option.
This sets the key/uid cache size.  Default is 4096.
2004-01-28 01:00:53 +00:00
Werner Koch
4453659c9a (parse_dn_part): Pretty print the nameDistinguisher OID.
(print_dn_part): Do not delimit multiple RDNs by " + ".  Handle
multi-valued RDNs in a special way, i.e. in the order specified by
the certificate.
(print_dn_parts): Simplified.
2004-01-27 19:10:38 +00:00
Werner Koch
eb24d8b751 Some minor bug fixes, new test utilities and started support for other
smartcard applications.
2004-01-27 16:40:42 +00:00
Werner Koch
203e1cc272 * call-scd.c (atfork_cb): New.
(start_scd): Make sure secmem gets cleared.
* query.c  (atfork_cb): New.
(start_pinentry): Make sure secmem gets cleared.
2004-01-24 20:50:49 +00:00
David Shaw
385a19bd7b * mainproc.c (list_node): Show sigs with --verbose.
* options.h, g10.c (set_screen_dimensions): New function to look at
COLUMNS and LINES.

* keyserver.c (parse_keyrec, keyserver_search_prompt), keyedit.c
(print_and_check_one_sig): Use new screen dimension variables.
2004-01-24 00:47:45 +00:00
David Shaw
f7447eabea * g10.c (list_config): New function to dump config options to stdout.
Currently requires --with-colons. (collapse_args): New function to turn
argc/argv into a single string. (main): Use it here to pass list_config()
more than one argument as a single string. (print_algo_numbers): Helper to
print algorithm number for --list-config "pubkey", "cipher",
"hash"/"digest", and "compress" config options.
2004-01-22 03:47:05 +00:00
David Shaw
cceda5c9d2 * packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), pkclist.c
(check_signatures_trust): Indicate who has revoked a key (the owner or a
designated revoker).  If a key was revoked by both, prefer the owner.
2004-01-22 01:08:58 +00:00
David Shaw
01d0c54f05 * keyedit.c (print_and_check_one_sig, keyedit_menu): Use the COLUMNS
environment variable (if any) to hint how wide the terminal is.  Disabled
on _WIN32.  Suggested by Janusz A. Urbanowicz.
2004-01-21 21:25:43 +00:00
David Shaw
97efb85f51 * keylist.c (set_attrib_fd): Open attribute fd in binary mode. This isn't
meaningful on POSIX systems, but the Mingw builds aren't exactly POSIX.
2004-01-21 04:35:32 +00:00
David Shaw
a18110a053 hppa1.1/udiv-qrnnd.S: Alignment fix from Lamont Jones for Debian. 2004-01-21 04:26:35 +00:00
David Shaw
c8ab1bd127 * trustdb.c (reset_trust_records): New, faster, implementation that
doesn't involve a keyring scan. (clear_validity): Removed.
2004-01-21 03:19:13 +00:00
David Shaw
0fb284ac24 * g10.c (main), keydb.h, keydb.c (keydb_rebuild_caches), keyring.h,
keyring.c (keyring_rebuild_cache): Add "noisy" flag so cache rebuilds can
remain noisy when called for itself, and quiet when called as part of the
trustdb rebuild.

* trustdb.c (validate_keys): Rebuild the sig caches before building the
trustdb.  Note that this is going to require some architectual
re-thinking, as it is agonizingly slow.
2004-01-20 16:09:38 +00:00
David Shaw
9915f6ed78 * sig-check.c (check_key_signature2): Comments.
* keyring.c (keyring_rebuild_cache): Clear sig cache for any signatures
that we can no longer process (say, if the user removed support for a
necessary pubkey or digest algorithm).
2004-01-19 22:46:55 +00:00
Moritz Schulte
af41684669 2004-01-19 Moritz Schulte <mo@g10code.com>
* keygen.c (do_generate_keypair): Don't try to execute certain pieces of code
	in case an error occured.
	(gen_card_key): Don't print out a message, which is already
	printed by do_generate_keypair().
2004-01-19 01:48:17 +00:00
Moritz Schulte
7739d95804 2004-01-19 Moritz Schulte <mo@g10code.com>
* keygen.c (do_generate_keypair): Print member fname, instead of
	newfname, again.
2004-01-19 01:07:46 +00:00
Moritz Schulte
36cbfed6fc 2004-01-18 Moritz Schulte <mo@g10code.com>
* keygen.c (do_generate_keypair): Print member fname, instead of
	newfname.
2004-01-18 22:48:49 +00:00
David Shaw
1d12c12142 * misc.c (print_cipher_algo_note): May as well call Rijndael AES
at this point.

* keygen.c (do_create), misc.c (openpgp_pk_algo_usage): Remove the
last bits of Elgamal type 20 support.
2004-01-17 03:14:14 +00:00
David Shaw
57c585bc0f * cipher.h: Remove the old CIPHER_ALGO_RINJDAEL values. is_ELGAMAL() now
only matches type 16 and not type 20.
2004-01-17 03:10:09 +00:00
David Shaw
99f6f81769 * cipher.c (setup_cipher_table): May as well call Rijndael AES at this
point.
2004-01-17 03:06:50 +00:00
David Shaw
65f759ae68 * pubkey.c (setup_pubkey_table), elgamal.c (sign, verify, test_keys,
elg_sign, elg_verify, elg_get_info): Remove the last bits of Elgamal type
20 support.
2004-01-17 01:49:16 +00:00
Werner Koch
e5b228fc67 (main): Need to use FD_ISSET for the client
descriptors too; aiiih.  Set the listening socket to non-blocking.
2004-01-16 22:38:58 +00:00
Werner Koch
4dc78204ae * sign.c (gpgsm_sign): Print an error message on all failures.
* decrypt.c (gpgsm_decrypt): Ditto.
2004-01-16 17:42:36 +00:00
Werner Koch
30948e5ecd comment typo fixes. 2004-01-16 17:42:08 +00:00
Werner Koch
52f5553759 * argparse.c (strusage): Changed default copyright year to 2004. 2004-01-16 17:40:50 +00:00
Werner Koch
671f696e55 * findkey.c (agent_key_from_file): Now return an error code so
that we have more detailed error messages in the upper layers.
This fixes the handling pinentry's cancel button.
* pksign.c (agent_pksign): Changed accordingly.
* pkdecrypt.c (agent_pkdecrypt): Ditto.
* command.c (cmd_passwd): Ditto.
2004-01-16 17:39:58 +00:00
David Shaw
2f3c2f4870 * argparse.c (default_strusage): Update copyright date. (initialize):
Avoid a number of -Wformat-nonliteral warnings. These aren't actual
problems, but the warnings bothered me.

* miscutil.c (print_string2): New variation on print_string that allows
two delimiters. (print_string): Call print_string2 to do work.
2004-01-16 05:16:42 +00:00
David Shaw
7bd05d176b * util.h: Add prototype for print_string2(). 2004-01-16 05:14:50 +00:00
Werner Koch
ef3f2d81a1 (send_key): Add a content type. 2004-01-13 11:07:25 +00:00
Werner Koch
2d14620b2e * configure.ac: Use -Wformat-nonliteral in maintainer-mode. 2004-01-13 10:57:46 +00:00
David Shaw
580faa8675 * gpgkeys_hkp.c (search_key): Catch a mangled input file (useful if
something other than GnuPG is calling the program). (main): Avoid possible
pre-string write.  Noted by Christian Biere.

* gpgkeys_ldap.c (main): Avoid possible pre-string write.
2004-01-12 04:09:37 +00:00
David Shaw
f7bcce823f * configure.ac: Include stdio.h when checking for bzlib.h. Solaris 9 has a
very old bzip2 library and we can at least guarantee that it won't fail
because of the lack of stdio.h.

* THANKS: Added Phong Nguyen, who found the Elgamal signing key problem.
2004-01-12 03:59:29 +00:00
David Shaw
967a61cdb8 * convert-from-106, lspgpot: Check for gpg binary before proceeding.
Don't hardcode the path to gpg.

* gpgsplit.c (handle_bzip2): Remove two cut and paste typecast errors.
Noted by Stefan Bellon.
2004-01-12 02:48:42 +00:00
David Shaw
666c582e36 * config.links: OpenBSD 3.4 is now ELF, so use the proper assembler code
for that.  Use the portable C MPI code for OpenBSD before 3.4, and remove
the special i386-openbsd assembly directory.

* Makefile.am: Add the portable C links to DISTCLEANFILES.  Noted by
Nelson H. F. Beebe.

* mpi-mpow.c (build_index): s/index/idx/ to avoid gcc warning. From Werner
on stable branch.

* longlong.h: Added PowerPC 64 bit code from GPM-4.1.2 but didn't enable
it yet.  From Werner on stable branch.
2004-01-12 00:51:39 +00:00
David Shaw
5a57e36003 Use the portable C MPI code for OpenBSD before 3.4, and remove the special
i386-openbsd assembly directory.
2004-01-12 00:48:28 +00:00
Werner Koch
1e53ff3608 Use GPG_ERROR_CFLAGS 2004-01-10 11:50:48 +00:00
David Shaw
d38c4b20a5 * gpg.sgml: Fix a few minor typos. Clarify what --textmode is useful for.
* gpg.sgml: List proper documentation URL.  Note that addrevoker takes an
optional "sensitive" argument.  Remind that $GNUPGHOME can be used instead
of --homedir.  Clarify --no-default-keyring, and note why it may not take
effect if there are no other keyrings present.  Remove --pgp2 from the
list of --pgpXes that are just for bad preference lists.  Explain more why
locking memory pages is good.

* gpg.sgml: Add an example of what an exclamation mark is, as people seem
to miss it often.
2004-01-08 05:49:39 +00:00
Werner Koch
f332166e51 * Manifest: New.
* gpgconf.c, gpgconf.h, gpgconf-list.c: New. A skeleton for now.
* no-libgcrypt.c: New.
* Makefile.am: Add above.
2004-01-05 09:28:27 +00:00
Stefan Bellon
ed3f4dad7a Only use ZLib module on RISC OS when configured 2004-01-03 17:13:59 +00:00
David Shaw
e7abe7e909 * clearsig.test, conventional-mdc.test, conventional.test, defs.inc,
encrypt-dsa.test, encrypt.test, genkey1024.test, plain-1.asc,
plain-1-pgp.asc, plain-2.asc, plain-3.asc, pubring.asc, secring.asc,
sigs.test: Rework tests to work properly with a gpg binary that doesn't
have all ciphers and all pk algos. Basically, we test for the ciphers we
have, only test signing with non-160-bit hashes with RSA (we test all
hashes as hashes).  Test all key lengths of AES.
2003-12-31 19:00:35 +00:00
David Shaw
2a785147be * options.h, g10.c (main), import.c (parse_import_options, import_one,
import_secret_one), keyserver.c (keyserver_refresh): Change --merge-only
to --import-option merge-only.  Deprecate --merge-only.
2003-12-31 04:58:52 +00:00
David Shaw
1228a48ab9 * g10m.c: Dead code. Remove.
* Makefile.am: Don't compile g10m.c.
2003-12-30 04:29:07 +00:00
David Shaw
8f7b94789c * idea-stub.c (load_module, idea_get_info): Return the proper type for
idea_get_info from inside load_module.  From Stefan Bellon.
2003-12-30 01:37:52 +00:00
David Shaw
d7a28c72a8 * rijndael.c, rndunix.c, twofish.c: Remove dead IS_MODULE code.
* g10c.c: Dead code.  Remove.

* Makefile.am: Don't compile g10c.c.
2003-12-30 00:57:05 +00:00
David Shaw
330f042fa4 * g10u.c: Dead code. Remove.
* Makefile.am: Don't compile g10u.c.

* iobuf.c (block_filter): Properly handle a partial body stream that ends
with a 5-byte length.
2003-12-30 00:50:32 +00:00
David Shaw
d537d547ce * misc.c (pull_in_libs): Dead code. Removed.
* sig-check.c (check_revocation_keys): Comments.

* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.

* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs.  It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.

* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.

* compress-bz2.c: Include stdio.h.  Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.

* tdbio.c: Fixed format string bugs related to the use of DB_NAME.
Reported by Florian Weimer.
2003-12-30 00:46:42 +00:00
David Shaw
f13f772a29 * gpgkeys_hkp.c (send_key, get_key, main): Work with new HTTP code that
passes the proxy in from the outside.  If the command file sends a proxy,
use it.  If it sends "http-proxy" with no arguments, use $http_proxy from
the environment.
2003-12-28 16:21:46 +00:00
David Shaw
48238805b9 * options.h, g10.c (main), keyserver.c (keyserver_opts,
parse_keyserver_uri): honor-http-proxy is no longer an option since we can
do the same thing with http-proxy with no arguments. Also remove
broken-http-proxy since it can be better handled in the HTTP helper.
2003-12-28 16:08:04 +00:00