1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

1087 Commits

Author SHA1 Message Date
David Shaw
9f6fa94486 * g10.c (main): Add --no-textmode.
* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), sign.c (mk_notation_and_policy), trustdb.c (get_validity,
reset_trust_records, validate_keys): Make some strings translatable.

* mainproc.c (check_sig_and_print): Show digest algorithm and sig class
when verifying a sig with --verbose on, and add version, pk and hash
algorithms and sig class to VALIDSIG.

* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since we don't need to warn every time we see an unknown
critical (we only need to invalidate the signature).

* trustdb.c (init_trustdb): Check the trustdb options even with TM_AUTO
since the auto may become TM_CLASSIC or TM_OPENPGP.
2003-04-27 20:22:09 +00:00
David Shaw
a01bda6abd * sign.c (do_sign): Show the hash used when making a signature in verbose
mode.

* tdbio.h, tdbio.c (tdbio_read_model): New function to return the trust
model used in a given trustdb.

* options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb,
update_trustdb): Use tdbio_read_model to implement an "auto" trust model
which is set via the trustdb.
2003-04-26 20:38:16 +00:00
David Shaw
e0373e85a9 * config.links: Re-disable assembler on Darwin. Darwin 6.5 broke it
again.
2003-04-25 04:12:57 +00:00
David Shaw
8bb4628d05 * configure.ac: Big warning that TIGER/192 is being removed from the
standard, and make it disabled by default.

* README: Put back proper copyright line.  Remove mention of TIGER/192.
2003-04-23 22:57:49 +00:00
David Shaw
874214d0a0 * import.c (import_revoke_cert): Remove ultimate trust when revoking an
ultimately trusted key.

* keyedit.c (sign_uids): Allow replacing expired signatures. Allow
duplicate signatures with --expert.

* pkclist.c (check_signatures_trust): Don't display a null fingerprint
when checking a signature with --always-trust enabled.

* filter.h (progress_filter_context_t), progress.c (handle_progress),
plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler
warnings.  Make "what" constant.

* build-packet.c (do_plaintext): Do not create invalid literal packets
with >255-byte names.
2003-04-23 21:18:39 +00:00
David Shaw
4e472d09a8 * Makefile.am, options.in: Rename options.in to options since it no longer
needs to be a generated file.

* sigs.test: TODO note to add the new SHAs when we start generating them.

* mds.test: Test the new SHAs.
2003-04-23 20:08:38 +00:00
Werner Koch
b394776a80 * Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
* g10.c, options.h: New option --enable-progress-filter.
* progress.c (handle_progress): Make use of it.
2003-04-15 15:46:13 +00:00
Werner Koch
fc3cc2cacf * gpg.sgml: Document --enable-progress-filter. 2003-04-15 15:44:30 +00:00
Werner Koch
e5ffcabadb * configure.ac (HAVE_DOSISH_SYSTEM): New automake conditional. 2003-04-15 15:27:39 +00:00
Werner Koch
6878858fdc * longlong.h (umul_ppmm): Support SH3 and SH4. Thanks to
kazuya.s@jp.yokogawa.com.
2003-04-15 12:44:27 +00:00
Werner Koch
297e879108 * md.c (md_start_debug): Need to open the file in binary mode. 2003-04-15 12:20:31 +00:00
Werner Koch
983034610d * acinclude.m4 (GNUPG_CHECK_ENDIAN): Fix quoting of r.e. using
quadrigraphs.
2003-04-15 12:19:58 +00:00
David Shaw
01d6a55b77 * srv.c (main): Test against wwwkeys.pgp.net.
* srv.h: Grr. The RH7.3 Linux man page defines the fourth arg of dn_expand
as unsigned char*, but it is really char* according to resolv.h.
2003-04-13 20:06:09 +00:00
Werner Koch
6b55878912 * passphrase.c (read_passphrase_from_fd): Do a dummy read if the
agent is to be used.  Noted by Ingo Kl�cker.
(agent_get_passphrase): Inhibit caching when we have no
fingerprint.  This is required for key generation as well as for
symmetric only encryption.

* passphrase .c (agent_get_passphrase): New arg CANCELED.
(passphrase_to_dek): Ditto.  Passed to above.  Changed all
callers to pass NULL.
* seckey-cert.c (do_check): New arg CANCELED.
(check_secret_key): Terminate loop when canceled.

* keyedit.c (change_passphrase): Pass ERRTEXT untranslated to
passphrase_to_dek and translate where appropriate.
* seckey-cert.c (check_secret_key): Ditto.
* keygen.c (ask_passphrase): Ditto.
* passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT.
Switch the codeset to utf-8.
2003-04-10 09:56:47 +00:00
David Shaw
3cf45b304e * main.h, g10.c (main), import.c (parse_import_options,
fix_pks_corruption): It's really PKS corruption, not HKP corruption.
Keep the old repair-hkp-subkey-bug command as an alias.

* g10.c (main): Rename --no-version to --no-emit-version for consistency.
Keep --no-version as an alias.
2003-04-09 01:57:46 +00:00
David Shaw
11fc63ba93 * gpgkeys_hkp.c (dehtmlize, parse_hkp_index): Fix memory corruption bug on
some platforms.
2003-04-09 01:36:16 +00:00
Werner Koch
55fc1bb453 * autogen.sh: Add options to build for coldfire and uClinux. 2003-04-08 09:20:09 +00:00
Werner Koch
0a5ec42a9f * Makefile.am (EXTRA_DIST): Add autogen.sh wrapper. 2003-04-08 09:19:41 +00:00
Werner Koch
26fabc31e3 Add primary key fingerprint to VALIDSIG status. 2003-04-08 08:42:47 +00:00
David Shaw
cf6fcc0b4b * DETAILS: Don't specify which hash is used to make up the namehash since
it may change in the future.

* samplekeys.asc: Updated.

* gpg.sgml: Document "revuid".  Clarify that --openpgp resets --pgpX.
Some cleanup of --no-xxx options, make sure that all SGML tags are closed,
clarify --pgp8 allows SHA-256, and document --no-emit-version.

* Makefile.am: Allow CVS version to build without faqprog.pl.
2003-04-07 22:23:42 +00:00
David Shaw
fe5e3e594a * dcigettext.c (plural_lookup): Name conflict on some platforms with
"index".  Local fix for GnuPG.
2003-04-07 22:04:25 +00:00
David Shaw
c88bc35372 * configure.ac: Use much more accurate method to determine whether
DNS SRV is usable.

* README: Document the various --disable-xxx switches, and add a note
about existing keys that may use one of the missing ciphers as a
preference.  Update copyright date.

* NEWS: Add note about SHA-256/384/512.

* acinclude.m4: Fix URL to faqprog.pl.
2003-04-07 21:52:38 +00:00
David Shaw
5eba95854c * pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove unused
code.
2003-04-04 22:48:24 +00:00
David Shaw
d2548b3f60 * keydb.h: Err on the side of making an unknown signature a SIG rather
than a CERT.

* import.c (delete_inv_parts): Discard any key signatures that aren't key
types (i.e. 0x00, 0x01, etc.)

* g10.c (main): Add deprecated option warning for --list-ownertrust.  Add
--compression-algo alias for --compress-algo.  Change --version output
strings to match "showpref" strings, and make translatable.

* status.c (do_get_from_fd): Accept 'y' as well as 'Y' for --command-fd
boolean input.

* trustdb.c: Fix typo (DISABLE_REGEXP -> DISABLE_REGEX)

* keyedit.c (show_key_with_all_names_colon): Show no-ks-modify flag.
2003-03-24 20:05:53 +00:00
Werner Koch
62df762d9e * acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume
little only for Intel CPUs.

* configure.ac: Check for ranlib and ar.  This is required for
cross compiling.
2003-03-24 16:18:30 +00:00
David Shaw
930290698a * argparse.c (default_strusage): Change copyright date. 2003-03-23 16:24:49 +00:00
David Shaw
1995efc728 * srv.h, srv.c (getsrv): Use unsigned char rather than char. Noted by
Stefan Bellon.
2003-03-15 02:28:02 +00:00
David Shaw
2c717d9038 * options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv"
keyserver option.  Defaults to on.

* passphrase.c (agent_get_passphrase): Fix memory leak with symmetric
messages.  Fix segfault with symmetric messages.  Fix incorrect prompt
with symmetric messages.
2003-03-11 22:12:20 +00:00
David Shaw
81844d2b65 * http.c (connect_server): Use DNS SRV to get a server list. Fail over to
A records if necessary.

* Makefile.am, srv.h, srv.c: New DNS SRV handling code.
2003-03-11 22:04:53 +00:00
David Shaw
48b55931dc * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-03-11 19:23:23 +00:00
David Shaw
bbd986f3d8 * gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in the
armored key. (main): Accept "try-dns-srv" option.

* Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.  Use @SRVLIBS@ to link in the resolver if we are using DNS
SRV.
2003-03-11 17:42:07 +00:00
David Shaw
a07c1bc4ac * http.h: Add HTTP_FLAG_TRY_SRV. 2003-03-11 17:32:59 +00:00
David Shaw
d804867c17 * configure.ac: Look for res_query so we can use DNS SRV, and add
--disable-dns-srv to disable it.
2003-03-11 17:29:49 +00:00
Werner Koch
230d871336 * compress.c (init_uncompress): Use a 15 bit window size so that
the output of implementations which don't run for PGP 2
compatibility won't get garbled.
2003-03-10 09:59:33 +00:00
David Shaw
e84c4ca606 * configure.ac: Define @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-03-04 16:12:53 +00:00
David Shaw
909f6a0637 * trustdb.c (validate_keys): Mask the ownertrust when building the list of
fully valid keys so that disabled keys are still counted in the web of
trust. (get_ownertrust_with_min): Do the same for the minimum ownertrust
calculation.

* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations.  Fix cosmetic off-by-one length counter.

* options.skel: Add explantion and commented-out
"no-mangle-dos-filenames".

* mainproc.c (proc_encrypted): Make string translatable.

* keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit characters
in the uid strings sent to the keyserver helper.

* keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the
signature caches to prevent another gpg from tampering with the temporary
copy.

* keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in default
prefs.

* keyedit.c (show_prefs): Make strings translatable.

* keydb.c: Double the maximum number of keyrings to 40.

* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.

* g10.c (main): --openpgp disables --pgpX.  Double the amount of secure
memory to 32k (keys are getting bigger these days).

* Makefile.am: Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-03-04 15:24:12 +00:00
David Shaw
cb2167a306 * keyserver.c (keyserver_spawn): Include various pieces of information
about the key in the data sent to the keyserver helper.  This allows the
helper to use it in instructing a remote server which may not have any
actual OpenPGP smarts in parsing keys.

* main.h, export.c (export_pubkeys_stream, do_export_stream): Add ability
to return only the first match in an exported keyblock for keyserver
usage.  This should be replaced at some point with a more flexible
solution where each key can be armored seperately.
2003-02-26 17:11:24 +00:00
David Shaw
2bed531ff4 * distfiles, gnupg.spec.in: convert-from-106 is in the tools directory
now.
2003-02-23 05:14:57 +00:00
David Shaw
bef6e1a4a5 * Makefile.am: Distribute convert-from-106. 2003-02-23 05:12:28 +00:00
David Shaw
c848b89257 * convert-from-106: Script to automate the 1.0.6->later conversion. It
marks all secret keys as ultimately trusted, adds the signature caches,
and checks the trustdb.  Moved from the scripts directory.
2003-02-23 05:09:52 +00:00
David Shaw
c65d9f4883 * convert-from-106: Move to the tools directory. 2003-02-23 05:08:26 +00:00
David Shaw
30d0fc519d * sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF
(segfault).  Noted by Marcus Brinkmann.  Push and reinitialize textmode
filter for each file in a multiple file list.

* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Set and show
the keyserver no-modify flag.

* keygen.c (add_keyserver_modify): New. (keygen_upd_std_prefs): Call it
here. (keygen_set_std_prefs): Accept "ks-modify" and "no-ks-modify" as
prefs to set and unset keyserver modify flag.
2003-02-22 23:58:39 +00:00
David Shaw
2c1e7afe06 * ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 to
indicate a string with no maximum size.  This prevents early truncation of
strings that contain control chars which are expanded into \xXX form.
2003-02-22 23:45:28 +00:00
David Shaw
d3b1813fae * configure.ac: Add --disable-idea for IDEA. Note that disabling IDEA
disables both the real IDEA and the possibility of using the IDEA loadable
module.  Remove the --disable-dynload option since it is no longer
meaningful (it is only used if idea-stub is used).
2003-02-22 13:29:20 +00:00
David Shaw
6f41d06841 * g10.c (main): Accept "s1" in addition to "idea" to match the other
ciphers.

* main.h, misc.c (idea_cipher_warn): We don't need this if IDEA has been
disabled.
2003-02-22 13:00:18 +00:00
David Shaw
874fc78920 * configure.ac: Add --disable-xxx options for CAST5, BLOWFISH, AES (all),
TWOFISH, TIGER192, SHA256, and SHA384/512.  Add a --enable-minimal that
disables all of them as well as --disable-exec.
2003-02-21 22:22:57 +00:00
David Shaw
4ee2d23892 * keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in default prefs
if they are disabled.
2003-02-21 22:16:43 +00:00
David Shaw
5e9d144a53 * cipher.c (setup_cipher_table): #ifdef all optional ciphers.
* md.c (load_digest_module): #ifdef all optional digests.
2003-02-21 20:49:58 +00:00
David Shaw
5511e3870d * g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5 support.
Use 3DES for the s2k cipher in --openpgp mode. (print_mds): #ifdef all of
the optional digest algorithms.
2003-02-21 20:43:17 +00:00
David Shaw
d691cf8d10 * keydb.h, getkey.c (classify_user_id, classify_user_id2): Make 'exact' a
per-desc item.  Merge into one function since 'force_exact' is no longer
needed. (key_byname): Use new classify_user_id function, and new exact
flag in KEYDB_SEARCH_DESC.

* keyring.h, keyring.c (keyring_search): Return an optional index to show
which KEYDB_SEARCH_DESC was the matching one.

* keydb.h, keydb.c (keydb_search): Rename to keydb_search2, and pass the
optional index to keyring_search.  Add a macro version of keydb_search
that calls this new function.

* export.c (do_export_stream): If the keyid! syntax is used, export only
that specified key.  If the key in question is a subkey, export the
primary plus that subkey only.
2003-02-12 18:43:44 +00:00