1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

3178 Commits

Author SHA1 Message Date
David Shaw
cf6fcc0b4b * DETAILS: Don't specify which hash is used to make up the namehash since
it may change in the future.

* samplekeys.asc: Updated.

* gpg.sgml: Document "revuid".  Clarify that --openpgp resets --pgpX.
Some cleanup of --no-xxx options, make sure that all SGML tags are closed,
clarify --pgp8 allows SHA-256, and document --no-emit-version.

* Makefile.am: Allow CVS version to build without faqprog.pl.
2003-04-07 22:23:42 +00:00
David Shaw
fe5e3e594a * dcigettext.c (plural_lookup): Name conflict on some platforms with
"index".  Local fix for GnuPG.
2003-04-07 22:04:25 +00:00
David Shaw
c88bc35372 * configure.ac: Use much more accurate method to determine whether
DNS SRV is usable.

* README: Document the various --disable-xxx switches, and add a note
about existing keys that may use one of the missing ciphers as a
preference.  Update copyright date.

* NEWS: Add note about SHA-256/384/512.

* acinclude.m4: Fix URL to faqprog.pl.
2003-04-07 21:52:38 +00:00
David Shaw
5eba95854c * pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove unused
code.
2003-04-04 22:48:24 +00:00
David Shaw
d2548b3f60 * keydb.h: Err on the side of making an unknown signature a SIG rather
than a CERT.

* import.c (delete_inv_parts): Discard any key signatures that aren't key
types (i.e. 0x00, 0x01, etc.)

* g10.c (main): Add deprecated option warning for --list-ownertrust.  Add
--compression-algo alias for --compress-algo.  Change --version output
strings to match "showpref" strings, and make translatable.

* status.c (do_get_from_fd): Accept 'y' as well as 'Y' for --command-fd
boolean input.

* trustdb.c: Fix typo (DISABLE_REGEXP -> DISABLE_REGEX)

* keyedit.c (show_key_with_all_names_colon): Show no-ks-modify flag.
2003-03-24 20:05:53 +00:00
Werner Koch
62df762d9e * acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume
little only for Intel CPUs.

* configure.ac: Check for ranlib and ar.  This is required for
cross compiling.
2003-03-24 16:18:30 +00:00
David Shaw
930290698a * argparse.c (default_strusage): Change copyright date. 2003-03-23 16:24:49 +00:00
David Shaw
1995efc728 * srv.h, srv.c (getsrv): Use unsigned char rather than char. Noted by
Stefan Bellon.
2003-03-15 02:28:02 +00:00
David Shaw
2c717d9038 * options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv"
keyserver option.  Defaults to on.

* passphrase.c (agent_get_passphrase): Fix memory leak with symmetric
messages.  Fix segfault with symmetric messages.  Fix incorrect prompt
with symmetric messages.
2003-03-11 22:12:20 +00:00
David Shaw
81844d2b65 * http.c (connect_server): Use DNS SRV to get a server list. Fail over to
A records if necessary.

* Makefile.am, srv.h, srv.c: New DNS SRV handling code.
2003-03-11 22:04:53 +00:00
David Shaw
48b55931dc * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-03-11 19:23:23 +00:00
David Shaw
bbd986f3d8 * gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in the
armored key. (main): Accept "try-dns-srv" option.

* Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.  Use @SRVLIBS@ to link in the resolver if we are using DNS
SRV.
2003-03-11 17:42:07 +00:00
David Shaw
a07c1bc4ac * http.h: Add HTTP_FLAG_TRY_SRV. 2003-03-11 17:32:59 +00:00
David Shaw
d804867c17 * configure.ac: Look for res_query so we can use DNS SRV, and add
--disable-dns-srv to disable it.
2003-03-11 17:29:49 +00:00
Werner Koch
230d871336 * compress.c (init_uncompress): Use a 15 bit window size so that
the output of implementations which don't run for PGP 2
compatibility won't get garbled.
2003-03-10 09:59:33 +00:00
David Shaw
e84c4ca606 * configure.ac: Define @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-03-04 16:12:53 +00:00
David Shaw
909f6a0637 * trustdb.c (validate_keys): Mask the ownertrust when building the list of
fully valid keys so that disabled keys are still counted in the web of
trust. (get_ownertrust_with_min): Do the same for the minimum ownertrust
calculation.

* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations.  Fix cosmetic off-by-one length counter.

* options.skel: Add explantion and commented-out
"no-mangle-dos-filenames".

* mainproc.c (proc_encrypted): Make string translatable.

* keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit characters
in the uid strings sent to the keyserver helper.

* keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the
signature caches to prevent another gpg from tampering with the temporary
copy.

* keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in default
prefs.

* keyedit.c (show_prefs): Make strings translatable.

* keydb.c: Double the maximum number of keyrings to 40.

* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.

* g10.c (main): --openpgp disables --pgpX.  Double the amount of secure
memory to 32k (keys are getting bigger these days).

* Makefile.am: Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-03-04 15:24:12 +00:00
David Shaw
cb2167a306 * keyserver.c (keyserver_spawn): Include various pieces of information
about the key in the data sent to the keyserver helper.  This allows the
helper to use it in instructing a remote server which may not have any
actual OpenPGP smarts in parsing keys.

* main.h, export.c (export_pubkeys_stream, do_export_stream): Add ability
to return only the first match in an exported keyblock for keyserver
usage.  This should be replaced at some point with a more flexible
solution where each key can be armored seperately.
2003-02-26 17:11:24 +00:00
David Shaw
2bed531ff4 * distfiles, gnupg.spec.in: convert-from-106 is in the tools directory
now.
2003-02-23 05:14:57 +00:00
David Shaw
bef6e1a4a5 * Makefile.am: Distribute convert-from-106. 2003-02-23 05:12:28 +00:00
David Shaw
c848b89257 * convert-from-106: Script to automate the 1.0.6->later conversion. It
marks all secret keys as ultimately trusted, adds the signature caches,
and checks the trustdb.  Moved from the scripts directory.
2003-02-23 05:09:52 +00:00
David Shaw
c65d9f4883 * convert-from-106: Move to the tools directory. 2003-02-23 05:08:26 +00:00
David Shaw
30d0fc519d * sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF
(segfault).  Noted by Marcus Brinkmann.  Push and reinitialize textmode
filter for each file in a multiple file list.

* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Set and show
the keyserver no-modify flag.

* keygen.c (add_keyserver_modify): New. (keygen_upd_std_prefs): Call it
here. (keygen_set_std_prefs): Accept "ks-modify" and "no-ks-modify" as
prefs to set and unset keyserver modify flag.
2003-02-22 23:58:39 +00:00
David Shaw
2c1e7afe06 * ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 to
indicate a string with no maximum size.  This prevents early truncation of
strings that contain control chars which are expanded into \xXX form.
2003-02-22 23:45:28 +00:00
David Shaw
d3b1813fae * configure.ac: Add --disable-idea for IDEA. Note that disabling IDEA
disables both the real IDEA and the possibility of using the IDEA loadable
module.  Remove the --disable-dynload option since it is no longer
meaningful (it is only used if idea-stub is used).
2003-02-22 13:29:20 +00:00
David Shaw
6f41d06841 * g10.c (main): Accept "s1" in addition to "idea" to match the other
ciphers.

* main.h, misc.c (idea_cipher_warn): We don't need this if IDEA has been
disabled.
2003-02-22 13:00:18 +00:00
David Shaw
874fc78920 * configure.ac: Add --disable-xxx options for CAST5, BLOWFISH, AES (all),
TWOFISH, TIGER192, SHA256, and SHA384/512.  Add a --enable-minimal that
disables all of them as well as --disable-exec.
2003-02-21 22:22:57 +00:00
David Shaw
4ee2d23892 * keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in default prefs
if they are disabled.
2003-02-21 22:16:43 +00:00
David Shaw
5e9d144a53 * cipher.c (setup_cipher_table): #ifdef all optional ciphers.
* md.c (load_digest_module): #ifdef all optional digests.
2003-02-21 20:49:58 +00:00
David Shaw
5511e3870d * g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5 support.
Use 3DES for the s2k cipher in --openpgp mode. (print_mds): #ifdef all of
the optional digest algorithms.
2003-02-21 20:43:17 +00:00
David Shaw
d691cf8d10 * keydb.h, getkey.c (classify_user_id, classify_user_id2): Make 'exact' a
per-desc item.  Merge into one function since 'force_exact' is no longer
needed. (key_byname): Use new classify_user_id function, and new exact
flag in KEYDB_SEARCH_DESC.

* keyring.h, keyring.c (keyring_search): Return an optional index to show
which KEYDB_SEARCH_DESC was the matching one.

* keydb.h, keydb.c (keydb_search): Rename to keydb_search2, and pass the
optional index to keyring_search.  Add a macro version of keydb_search
that calls this new function.

* export.c (do_export_stream): If the keyid! syntax is used, export only
that specified key.  If the key in question is a subkey, export the
primary plus that subkey only.
2003-02-12 18:43:44 +00:00
David Shaw
48ac1127ae * exec.c (set_exec_path): Add debugging line.
* g10.c (print_hex, print_mds): Print long hash strings a lot neater.
This assumes at least an 80-character display, as there are a few other
similar assumptions here and there.  Users who need unformatted hashes can
still use with-colons.  Check that SHA384 and 512 are available before
using them as they are no longer always available.
2003-02-12 05:18:26 +00:00
David Shaw
257956b490 * Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ as
GNUPG_LIBEXECDIR so it can be easily overridden at make time.
2003-02-12 05:10:30 +00:00
David Shaw
a8e139ce62 * configure.ac: Do not set GNUPG_LIBEXECDIR in ./configure, so that
makefiles can override it.  Verify that we have a 64-bit type before
building tiger.c or sha512.c.  Add uint64_t as a possible 64-bit type.
2003-02-12 04:59:07 +00:00
David Shaw
fa9600d2c8 * Makefile.am, md.c (load_digest_module): Only build in SHA384/512 and
TIGER if specifically enabled by the 64-bit type check in configure.
2003-02-12 04:51:22 +00:00
David Shaw
911cc7e6ab * types.h: Try and use uint64_t for a 64-bit type. 2003-02-12 04:45:51 +00:00
David Shaw
a338c1db91 * Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ so it
can be easily overridden at make time.
2003-02-12 04:00:38 +00:00
David Shaw
f523e53d4e * armor.c (parse_hash_header, armor_filter): Accept the new SHAs in the
armor Hash: header.

* g10.c (print_hex): Print long hash strings a little neater. (print_mds):
Add the new SHAs to the hash list.
2003-02-04 19:33:09 +00:00
David Shaw
cef8bbd91f * sha256.c, sha512.c: New.
* Makefile.am, algorithms.h, md.c (load_digest_module,
string_to_digest_algo): Add read-only support for the new SHAs.
2003-02-04 19:28:40 +00:00
David Shaw
a93eb3abb5 * cipher.h: Add constants for new SHAs. 2003-02-04 19:04:24 +00:00
David Shaw
47f3a5c402 * NEWS: Add notes about disabled keys, trustdb tweaks, and "revuid". 2003-02-02 18:10:53 +00:00
David Shaw
6291f18371 * keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on a v4 key
(treat as a v4 revocation).

* import.c (print_import_check): Do not re-utf8 convert user IDs.
2003-02-02 15:47:43 +00:00
David Shaw
169f4365da * gpgkeys_mailto.in: Fix regexp to work properly if the "keyid" is not a
keyid, but rather a text string from the user ID.
2003-01-29 23:14:29 +00:00
David Shaw
e20701b7e5 * DETAILS: Document trust depth, value, and regexp. 2003-01-27 22:07:38 +00:00
David Shaw
2659e53b6e * mainproc.c (list_node): Show signature expiration date in with-colons
sig records.

* keylist.c (list_keyblock_colon), mainproc.c (list_node): Show trust sig
information in with-colons sig records.
2003-01-27 21:49:37 +00:00
David Shaw
8220f3fd4d * g10.c (add_group): Trim whitespace after a group name so it does not
matter where the user puts the = sign.

* options.skel: Comment out the first three lines in case someone manually
copies the skel file to their homedir.

* sign.c (clearsign_file): Only use pgp2mode with v3 keys and MD5. This
matches what we do when decoding such messages and prevents creating a
message (v3+RIPEMD/160) that we can't verify.

* sig-check.c (signature_check2): Use G10ERR_GENERAL as the error for
signature digest conflict.  BAD_SIGN implies that a signature was checked
and we may try and print out a user ID for a key that doesn't exist.
2003-01-16 19:20:10 +00:00
David Shaw
b7ea66ef37 * trustdb.c (init_trustdb, get_validity): Don't use a changed trust model
to indicate a dirty trustdb, and never auto-rebuild a dirty trustdb with
the "always" trust model.

* g10.c (add_group): Last commit missed the \t ;)
2003-01-15 17:07:54 +00:00
David Shaw
06ef613289 * gpg.sgml: Minor language tweaks, spell check, copyright date,
etc.

* DETAILS: Note that user IDs/UATs fill in creation and expiration date.
Document namehash.
2003-01-15 03:30:31 +00:00
David Shaw
773513c70b * packet.h, parse-packet.c (setup_user_id), free-packet.c (free_user_id),
keydb.h, keyid.c (namehash_from_uid): New function to rmd160-hash the
contents of a user ID packet and cache it in the uid object.

* keylist.c (list_keyblock_colon): Use namehash in field 8 of uids.  Show
dates for creation (selfsig date), and expiration in fields 6 and 7.

* trustdb.c (get_validity, get_validity_counts, update_validity): Use new
namehash function rather than hashing it locally.
2003-01-14 18:13:22 +00:00
Werner Koch
2a9bd94734 * g10.c (add_group): Fixed group parsing to allow more than one
delimiter in a row and also allow tab as delimiter.
2003-01-14 09:35:31 +00:00