1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-26 10:59:58 +01:00

561 Commits

Author SHA1 Message Date
Werner Koch
aedeefcc5f * seskey.c (encode_md_value): Print an error message if a wrong
digest algorithm is used with DSA.  Changed all callers to cope
with a NULL return.  Problem noted by Imad R. Faiad.
2002-04-18 19:38:34 +00:00
Werner Koch
40bbe7f621 * trustdb.c (validate_keys): Never schedule a nextcheck into the
past.
(validate_key_list): New arg curtime use it to set next_expire.
(validate_one_keyblock): Take the current time from the caller.
(clear_validity, reset_unconnected_keys): New.
(validate_keys): Reset all unconnected keys.
2002-04-18 18:40:11 +00:00
David Shaw
c07113d265 * trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable
signatures that can expire.  In short, the only thing that can override an
unexpired nonrevocable signature is another unexpired nonrevocable
signature.

* getkey.c (finish_lookup): Always use primary signing key for signatures
when --pgp6 is on since pgp6 and 7 do not understand signatures made by
signing subkeys.
2002-04-18 18:23:22 +00:00
Werner Koch
37c268ed6a * trustdb.c (validate_keys): Never schedule a nextcheck into the
past.
2002-04-18 11:01:56 +00:00
Werner Koch
bf7cef8ebf * getkey.c (lookup): Advance the searchmode after a search FIRST. 2002-04-18 10:50:05 +00:00
Werner Koch
ad2bfad4cc * getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
for use with secret keys.

* seckey-cert.c (do_check): Always calculate the old checksum for
use after unprotection.

* g10.c, options.skel: New option --no-escape-from.  Made
--escape-from and --force-v3-sigs the default and removed them
from the options skeleton.
2002-04-18 08:09:56 +00:00
Werner Koch
60e0b2ad92 * parse-packet.c (parse_key): Support a SHA1 checksum as per
draft-rfc2440-bis04.
* packet.h (PKT_secret_key): Add field sha1chk.
* seckey-cert.c (do_check): Check the SHA1 checksum
(protect_secret_key): And create it.
* build-packet.c (do_secret_key): Mark it as sha-1 protected.
* g10.c, options.h: New option --simple-sk-checksum.
2002-04-17 16:00:03 +00:00
David Shaw
9ef1a80f8d * parse-packet.c (parse_signature): Minor fix - signatures should expire
at their expiration time and not one second later.

* keygen.c (proc_parameter_file): Allow specifying preferences string
(i.e. "s5 s2 z1 z2", etc) in a batchmode key generation file.

* keyedit.c (keyedit_menu): Print standard error message when signing a
revoked key (no new translation).

* getkey.c (merge_selfsigs): Get the default set of key prefs from the
real (not attribute) primary uid.
2002-04-14 01:27:11 +00:00
David Shaw
9d7b26c784 * pkclist.c (build_pk_list): Fix bug that allowed a key to be selected
twice in batch mode if one instance was the default recipient and the
other was an encrypt-to.  Noted by Stefan Bellon.

* parse-packet.c (dump_sig_subpkt): Show data in trust and regexp sig
subpackets.

* keyedit.c (keyedit_menu): Use new function real_uids_left to prevent
deleting the last real (i.e. non-attribute) uid.  Again, according to the
attribute draft. (menu_showphoto): Make another string translatable.
2002-04-13 04:32:03 +00:00
David Shaw
5005434c7e * build-packet.c (build_sig_subpkt): Delete subpackets from both hashed
and unhashed area on update.  (find_subpkt): No longer needed.

* keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key with a v4
signature.  As usual, --expert overrides.  Try to tweak some strings to a
closer match so they can all be translated in one place.  Use different
helptext keys to allow different help text for different questions.

* keygen.c (keygen_upd_std_prefs): Remove preferences from both hashed and
unhashed areas if they are not going to be used.
2002-04-12 04:07:26 +00:00
David Shaw
018f352294 * misc.c (pct_expando), options.skel: Use %t to indicate type of a photo
ID (in this version, it's always "jpeg").  Also tweak string expansion
loop to minimize reallocs.

* mainproc.c (do_check_sig): Variable type fix.

* keyedit.c (menu_set_primary_uid): Differentiate between true user IDs
and attribute user IDs when making one of them primary. That is, if we are
making a user ID primary, we alter user IDs. If we are making an attribute
packet primary, we alter attribute packets.  This matches the language in
the latest attribute packet draft.

* keyedit.c (sign_uids): No need for the empty string hack.

* getkey.c (fixup_uidnode): Only accept preferences from the hashed
segment of the self-sig.
2002-04-11 04:04:41 +00:00
Werner Koch
f99f585427 * tdbio.c (migrate_from_v2): Fixed the offset to read the old
ownertrust value and only add entries to the table if we really
have a value.
2002-04-10 09:53:55 +00:00
David Shaw
d367d40e47 Add KEYEXPIRED, EXPSIG, and EXPKEYSIG. Add
"deprecated-use-keyexpired-instead" to SIGEXPIRED.

Start transition from SIGEXPIRED to KEYEXPIRED, since the actual event is
signature verification by an expired key and not an expired signature.
Rename do_signature_check as signature_check2, make public, and change all
callers.

Use status EXPSIG for an expired, but good, signature.  Add the expiration
time (or 0) to the VALIDSIG status line.  Use status KEYEXPSIG for a good
signature from an expired key.

Remove checks for no arguments now that argparse does it.
2002-04-10 04:21:26 +00:00
Werner Koch
b725d8ec27 Merged in my changes, after disk crash. Fortunately the CVS was not
affected - but everything else and it seems that there is no backup of
the BTS data is available :-(
2002-04-08 15:10:51 +00:00
David Shaw
6be3bee320 Fix auto-key-retrieve to actually work as a keyserver-option (noted by
Roger Sondermann).

Do not reorder the primary attribute packet - the first user ID must be a
genuine one.
2002-04-04 03:45:50 +00:00
David Shaw
0f682ed3f7 Fix ownertrust display with --with-colons.
Properly initialize the user ID refcount for user and photo IDs.

Tweak a few prompts to change "y/n" to "y/N", which is how most other
prompts are written.

Warn the user if they are about to revoke an expired sig (not a problem,
but they should know).

Control-d escapes the keyserver search prompt.

If a subkey is considered revoked solely because the parent key is
revoked, print the revocation reason from the parent key.

Allow revocation/expiration to apply to a uid/key with no entry in the
trustdb.
2002-03-31 23:51:33 +00:00
David Shaw
9fb6cae5e4 Quote and unquote backslashes from keyserver search responses. 2002-03-29 16:58:07 +00:00
David Shaw
ff8460f20d Minor tweak to importing to allow more non-signed uids (now that
--allow-non-selfsigned-uid allows for completey unsigned uids).

Do not choose an attribute packet (i.e. photo) as primary uid.  This
prevents oddities like "Good signature from [image of size 2671]".  This
is still not perfect (one can still select an attribute packet as primary
in --edit), but is closer to the way the draft is going.

The algorithms list should include #110.

--pgp2 implies --no-ask-sig-expire and --no-ask-cert-expire as those would
cause a v4 sig/cert.

Be more lenient in what constitutes a valid armor header (i.e. -----BEGIN
blah blah-----) as some Windows programs seem to add spaces at the end.
--openpgp makes it strict again
2002-03-24 04:54:58 +00:00
David Shaw
46ce06d9d9 Properly handle a "no keys found" case from the internal HKP code
(external HKP is ok). Also, make a COUNT -1 (i.e. streamed) keyserver
response a little more efficient.

Add --no-allow-non-selfsigned-uid
2002-03-19 04:35:45 +00:00
David Shaw
b8858a3ef1 --openpgp implies --allow-non-selfsigned-uid
If none of the uids are primary (because none are valid) then pick the
first to be primary (but still invalid).  This is for cosmetics in case
some display needs to print a user ID from a non-selfsigned key.  Also use
--allow-non-selfsigned-uid to make such a key valid and not
--always-trust.  The key is *not* automatically trusted via
--allow-non-selfsigned-uid.

Make sure non-selfsigned uids print [uncertain] on verification even
though one is primary now.

If the main key is not valid, then neither are the subkeys.

Allow --allow-non-selfsigned-uid to work on completely unsigned keys.
Print the uids in UTF8.  Remove mark_non_selfsigned_uids_valid()

Show revocation key as UTF8.

Allow --not-dash-escaped to work with v3 keys.
2002-03-17 23:47:32 +00:00
David Shaw
8cb9dd7a39 Show which user ID a bad self-sig (invald sig or unsupported public key
algorithm) resides on.
2002-03-13 20:20:14 +00:00
David Shaw
22bc1b3a5e any valid self-sig should mark a user ID or subkey as valid - otherwise,
an attacker could DoS the user by inventing a bogus invalid
self-signature.
2002-03-13 13:28:18 +00:00
David Shaw
f8f52d8ffe Some minor fixes for revocation keys: print a warning if a key is imported
that has been revoked by designated revoker, but the designated revoker is
not present to verify the revocation (whew!).  This applies to all ways to
get a key into the system: --import --recv-keys, and --search-keys.  If
auto-key-retrieve is set, try and retrieve the revocation key.

Also, auto-key-retrieve is now a keyserver-option.
2002-03-07 19:44:57 +00:00
David Shaw
9267666d78 Some minor bug fixes.
do not prompt for revocation reason for v3 revocations (unless
force-v4-certs is on) since they wouldn't be used anyway.

show the status of the sigs (exportable? revocable?) to the user before
prompting for which sig to revoke.  Also, make sure that local signatures
get local revocations.

Add "exec-path" variable to override PATH for execing programs.

properly check return code from classify_user_id to catch unclassifiable
keys.
2002-03-05 04:57:10 +00:00
David Shaw
975e934a4c variable type tweak for RISC OS (from Stefan) 2002-03-04 03:18:07 +00:00
Werner Koch
6587b15a59 Solved conflict 2002-03-03 14:08:39 +00:00
David Shaw
fbc66185f8 This is the first half of revocation key / designated revoker
support.  That is, it handles all the data to mark a key as revoked if it
has been revoked by a designated revoker.  The second half (coming
later) will contain the code to make someones key your designated revoker
and to issue revocations for someone else.

Note that this is written so that a revoked revoker can still issue
revocations: i.e. If A revokes B, but A is revoked, B is still revoked.
I'm not completely convinced this is the proper behavior, but it matches
how PGP does it.  It does at least have the advantage of much simpler code
- my first version of this had lots of loop maintaining code so you could
chain revokers many levels deep and if D was revoked, C was not, which
meant that B was, and so on. It was sort of scary, actually.

This also changes importing to allow bringing in more revocation keys, and
exporting to not export revocation keys marked "sensitive".

The --edit menu information will show if a revocation key is present.
2002-02-28 21:01:25 +00:00
David Shaw
20dda47d6c Do not include v3 keys in a --export-secret-subkeys export. 2002-02-28 04:34:01 +00:00
David Shaw
8ed6d59a6c If a key isn't valid (say, because of no self-signature), allow
--always-trust to force it valid so it can be trusted.
2002-02-27 14:27:18 +00:00
David Shaw
6deb95687d Treat key lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it).  Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.

Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
2002-02-26 01:00:12 +00:00
David Shaw
393ba4f8a7 Detect a "no keys found" case even if the keyserver helper program does
not explicitly say how many keys were found.

Bug fix - don't report non-revoked keys as revoked in HKP key searches.
2002-02-22 03:11:15 +00:00
David Shaw
8ac8b1525e Catch corruption in HKP index lines (can be caused by broken or malicious
keyservers).

Add KEYSERVER_NOT_SUPPORTED for unsupported actions (say, a keyserver that
has no way to search, or a readonly keyserver that has no way to add).
Also add a USE_EXTERNAL_HKP define to disable the internal HKP keyserver
code.
2002-02-19 23:10:32 +00:00
Werner Koch
69688eab52 * pkclist.c (check_signatures_trust): Always print the warning for
unknown and undefined trust.  Removed the did_add cruft.  Reported
by Janusz A. Urbanowicz.
* g10.c: New option --no-use-agent.
Hmmm, is this a a good name?  --do-not-use-agent seems a bit to long.
2002-02-14 11:51:00 +00:00
David Shaw
dca36f6252 Bug fix - properly handle user IDs with colons (":") in them while HKP
searching.
2002-02-12 04:38:58 +00:00
David Shaw
22f32c9472 For --sig-policy-url and --cert-policy-url, clarify what is a sig and what
is a cert.  A sig has sigclass 0x00, 0x01, 0x02, or 0x40, and everything
else is a cert.

Add a "nrlsign" for nonrevocable and local key signatures.

Add a --no-force-mdc to undo --force-mdc.

Add a knob to force --disable-mdc/--no-disable-mdc.  Off by default, of
course, but is used in --pgp2 and --pgp6 modes.

Allow specifying multiple users in the "Enter the user ID" loop.  Enter a
blank line to stop.  Show each key+id as it is added.

It is not illegal (though possibly silly) to have multiple policy URLs in
a given signature, so print all that are present.

More efficient implementation of URL-ifying code for --search on an HKP
keyserver.
2002-02-10 00:18:54 +00:00
David Shaw
9057172a92 Allow policy URLs with %-expandos in them. This allows policy URLs like
"http://notary.jabberwocky.com/keysign/%K" to create a per-signature
policy URL.  Use the new generic %-handler for the photo ID stuff as well.

Display policy URLs and notations during signature generation if
--show-policy-url/--show-notation is set.
2002-02-05 00:04:24 +00:00
David Shaw
02fe4b0185 Workaround for the pksd and OKS keyserver bug that calculates v4 RSA
keyids as if they were v3.  The workaround/hack is to fetch both the v4
(e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids.  This only happens for key
refresh while using the HKP scheme and the refresh-add-fake-v3-keyids
keyserver option must be set.  This should stay off by default.
2002-02-04 21:49:08 +00:00
David Shaw
346b795eb9 Bug fix - do not append keys to each other when --sending more than one. 2002-02-04 05:19:24 +00:00
David Shaw
0c3e409fa3 Split "--set-policy-url" into "--cert-policy-url" and "--sig-policy-url"
so the user can set different policies for key and data signing.  For
backwards compatibility, "--set-policy-url" sets both, as before.
2002-02-03 14:42:56 +00:00
Werner Koch
e245123907 * g10.c (main): --gen-random --armor does now output a base64
encoded string.
2002-01-30 16:29:56 +00:00
David Shaw
04d8d2263c --pgp6 flag. This is not nearly as involved as --pgp2. In short, it
turns off force_mdc, turns on no_comment, escape_from, and force_v3_sigs,
and sets compression to 1.  It also restricts the user to IDEA (if
present), 3DES, CAST5, MD5, SHA1, and RIPEMD160. See the comments above
algo_available() for lots of discussion on why you would want to do this.
2002-01-29 01:12:00 +00:00
David Shaw
3e6d5d7c77 More comments about when to use IDEA in keygen.c
When key signing with multiple keys at the same time, make sure each key
gets the sigclass prompt
Close the iobuf and FILE before trying to reap the child process to
encourage the child to exit
Disable cache-on-close of the fd iobuf (shouldn't all fd iobufs not be
cached?)
2002-01-27 05:56:35 +00:00
Werner Koch
806a4fa16e * g10.c, options.h: New option --gpg-agent-info
* passphrase.c (agent_open): Let it override the environment info.
* seckey-cert.c (check_secret_key): Always try 3 times when the
agent is enabled.
* options.skel: Describe --use-agent.
2002-01-26 16:34:00 +00:00
David Shaw
a6f19f40d9 Only check preferences against keys with v4 self sigs as v3 sigs have no
prefs
Only put in the fake IDEA preference with --pgp2 mode
Print "Expired" for expired but good signatures.
2002-01-24 23:54:36 +00:00
David Shaw
1cad77d9b4 Cosmetic: don't present a RSA signing key as a "keypair" which can be 768
bits long (as RSA minimum is 1024)
Allow IDEA as a fake preference for v3 keys with v3 selfsigs when
verifying that a cipher is in preferences while decrypting
2002-01-23 22:17:45 +00:00
David Shaw
1dbd67b96a Some compatibility polish for PGP2. Add a fake IDEA preference for v3
keys (this is in the RFC), so that they can be (sometimes) used along
OpenPGP keys.  Do not force using IDEA on an OpenPGP key, as this may
violate its prefs.
Also, revise the help text for the sig class explanation.
2002-01-22 20:39:10 +00:00
Werner Koch
5a92c6052f * passphrase.c (passphrase_to_dek): Add tryagain_text arg to be
used with the agent.  Changed all callers.
(agent_get_passphrase): Likewise and send it to the agent
* seckey-cert.c (do_check): New arg tryagain_text.
(check_secret_key): Pass the string to do_check.
* keygen.c (ask_passphrase): Set the error text is required.
* keyedit.c (change_passphrase): Ditto.
* passphrase.c (agent_open): Disable opt.use_agent in case of a
problem with the agent.
(agent_get_passphrase): Ditto.
(passphrase_clear_cache): Ditto.
2002-01-20 18:33:04 +00:00
Werner Koch
1e7350da8e Removed debugging output 2002-01-19 20:27:10 +00:00
Werner Koch
646b214d48 * passphrase.c (agent_open): Add support for the new Assuan based
gpg-agent.  New arg to return the used protocol version.
(agent_get_passphrase): Implemented new protocol here.
(passphrase_clear_cache): Ditto.
2002-01-19 18:30:27 +00:00
Timo Schulz
e17cd91abe New command --decrypt-files.
Some fixes.
2002-01-15 16:52:36 +00:00
Timo Schulz
b3a5994235 Fixed some typos. 2002-01-12 22:31:41 +00:00
David Shaw
bd5517b9e2 Move idea_cipher_warn to misc.c so gpgv.c doesn't need a stub
Remove get_temp_dir (it's in exec.c now)
Allow --delete-key (now --delete-keys, though --delete-key still works) to
delete multiple keys in one go.  This applies to
--delete-secret-key(s) and --delete-secret-and-public-key(s) as well
2002-01-09 19:59:26 +00:00
Timo Schulz
0bd41cc2e5 New code for encode_crypt_files. 2002-01-09 18:52:19 +00:00
Timo Schulz
d346578fb1 Added missing include file. 2002-01-09 14:58:59 +00:00
Timo Schulz
05a91bd54f Better description for --encrypt-files. 2002-01-08 22:19:38 +00:00
Werner Koch
c930e300a8 * g10.c (main): Must register the secring for encryption because
it is needed to figure out the default recipient.  Reported by
Roger Sondermann.
2002-01-08 19:40:01 +00:00
David Shaw
7997bba7a9 fix off-by-one in building attribute subpackets
change default compression to 1
add ask-sig-expire and ask-cert-expire (--expert was getting absurdly
overloaded)
permit v3 subkeys
use --expert to protect adding multiple photo ids and adding photos to a
v3 key
2002-01-06 03:52:14 +00:00
Werner Koch
7cacea85a1 * g10.c (main): Do not register the secret keyrings for certain
commands.
* keydb.c (keydb_add_resource): Use access to test for keyring
existence.  This avoids cached opened files which are bad under
RISC OS.
2002-01-05 18:57:54 +00:00
David Shaw
43930f255e Use one-pass packets even if it's a v3 key making the signature
Warn with pgp2 and non-detached signatures
Use the actual filesize rather than partial length packets in
symmetric messages (see ChangeLog or NEWS for discussion).
2002-01-04 23:26:30 +00:00
David Shaw
90d15a9d6a Minor tweaks: remove --no-default-check-level, don't cache child tempfiles
and simpler code in keyserver
2002-01-03 20:03:14 +00:00
Timo Schulz
c02977a2de New command (encrypt-files). 2002-01-03 19:47:20 +00:00
Stefan Bellon
172fbebbcb used different char types for RISC OS 2002-01-02 17:52:02 +00:00
Stefan Bellon
e6b2f37d1f moved util.h include downwards 2002-01-02 17:51:34 +00:00
Stefan Bellon
e9fad52a8d invalidate close cache 2002-01-02 17:50:37 +00:00
Stefan Bellon
47f2e3c245 lock only writable key rings and free unused iobuf 2002-01-02 17:49:29 +00:00
David Shaw
4dde9482c2 Bugfix in photoid.c and keyserver.c
Properly handle permission/ownership checks on files that are shared (for
example /usr/local/lib/gnupg/idea)
2001-12-29 04:43:11 +00:00
David Shaw
aa2e2392da Add an outofband indicator to the keyserver protocol.
Use signature flags for exportability check rather than re-parsing the
subpacket.
2001-12-28 16:34:01 +00:00
David Shaw
1a2d0ebc11 Some exec cleanups and tweaks for photo ID and keyserver execution 2001-12-27 20:48:05 +00:00
David Shaw
604484a4d2 Some tweaks - copyleft info for mkdtemp.c, and header pruning in photoid.c
and keyserver.c
2001-12-25 18:04:09 +00:00
Timo Schulz
8c35c19e43 Fixed a typo and W32 support for the latest CVS changes. 2001-12-23 12:40:04 +00:00
David Shaw
97d3149e92 Avoid const compiler warning 2001-12-22 15:54:12 +00:00
David Shaw
2a53bb0e24 Some last minute tweaks - type fixes from Stefan and win32 temp files
from Timo.
2001-12-22 15:22:59 +00:00
Werner Koch
ccb1f8c175 Minor cleanups 2001-12-22 13:12:24 +00:00
Werner Koch
ab430c4b24 * keyserver.c (keyserver_spawn): Removed some variables
declaration due to shadowing warnings.
* build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid
compiler warnig due to index(3).
* getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value.
* keylist.c (list_one): Made resname const.
* keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is
not used.
* options.skel: Changed one example photo viewer to qiv.
2001-12-22 13:04:24 +00:00
Timo Schulz
0d3b9f0245 Added is_file_compressed 2001-12-22 12:46:47 +00:00
David Shaw
48468e8b25 Add new photo ID files and modify gpgsplit to name attribute packets
properly
2001-12-21 23:09:41 +00:00
David Shaw
d560bdac18 Photo ID support (actually generic "attribute packet" support, but there
is only one attribute packet defined thus far, and it's a picture)
2001-12-21 23:06:02 +00:00
David Shaw
ca058399b0 Nonrevocable key signature support via "nrsign". These sigs can expire,
but cannot be revoked.  Any revocation certificates for them are ignored.
2001-12-21 21:02:05 +00:00
Werner Koch
ca1bc23ef2 * g10.c. options.h : New option --show-keyring
* getkey.c (get_ctx_handle): New.
* keylist.c (list_one): Implement option here.  By David Champion.
2001-12-21 20:08:51 +00:00
Werner Koch
f30e284e61 * options.in: Remove load-extension tiger
* Makefile.am (./options): append it if there is such a module.
2001-12-21 14:36:17 +00:00
David Shaw
c53d735b12 Only gpg (not gpgv) needs mkdtemp 2001-12-20 16:23:55 +00:00
David Shaw
63597774d0 Use mkdtemp() to make temp directories. If there is no mkdtemp(), provide
one.
2001-12-20 16:20:58 +00:00
David Shaw
d5a695f198 New function to check the permissions of GNUPGHOME and the various files
that live there for safe permission/ownership (--no-permission-warning to
disable)
The newer glibcs print scary warnings about using mktemp().  The use here
was actually safe, but the warning was bound to confuse people, so here is
an arguably better tempname creator that pulls random bits from the pool.
2001-12-20 05:02:30 +00:00
Werner Koch
3a60b758ad * g10.c, passphrase.c [CYGWIN32]: Allow this as an alias for MINGW32. 2001-12-19 18:04:31 +00:00
David Shaw
e8936126af Much stricter checking of the keyserver URI
IDEA warning for pk messages encrypted with IDEA (symmetric is already done)
Print IDEA warning for each occurance except for secret key protection and
unknown cipher from an encrypted message.
2001-12-18 23:10:46 +00:00
Werner Koch
9f79634b31 Commited change from 2001-12-13 again:
* pubkey-enc.c (get_session_key): Check that the public key
algorithm is indeed usable for en/decryption.  This avoid a
strange error message from pubkey_decrypt if for some reasons
a bad algorithm indentifier is passed.
2001-12-18 12:16:07 +00:00
David Shaw
a47537fe6f Remove warning - no need to check for control/illegal characters, as
utf8_to_native does this for us
2001-12-17 23:10:07 +00:00
David Shaw
0335a5f458 Fix capitalization issues 2001-12-17 22:48:52 +00:00
David Shaw
30481e5a17 Add a generic IDEA warning for when the IDEA plugin is not present. This
pops up when the user uses "--cipher-algo idea", when setpref is used to
set a "S1" preference, and when a secret key protected with IDEA is used.

Tweak the --pgp2 mode to use this generic warning.
2001-12-17 21:45:40 +00:00
Werner Koch
3851f7df8c * keyserver.c (keyserver_spawn): Assert that we have dropped privs.
* pubkey-enc.c (get_session_key): Check that the public key
algorithm is indeed usable for en/decryption.  This avoid a
strange error message from pubkey_decrypt if for some reasons a
bad algorithm indentifier is passed.
* hkp.c (hkp_export): Do not print possible control characters
from a keyserver response.
(parse_hkp_index): Made uid an unsigned char* because it is passed to
isspace().
(hkp_search): Ditto for the char* vars.
* g10.c (main): Print the IDEA warning also for -c and -se.
* g10.c (get_temp_dir): Assert that we have dropped privs
* encode.c (encode_crypt): Include the first key into the --pgp2
check.
2001-12-15 18:27:13 +00:00
David Shaw
ed32beee67 Fixed some types for portability. Noted by Stefan Bellon. 2001-12-12 19:31:13 +00:00
David Shaw
27949781ec PGP2 patch. --pgp2 sets things up for pgp2 compatibility, and prints a
warning if the user does something that would make the message not
compatible (i.e. encrypt with a non-RSA key, etc.)
2001-12-07 15:24:32 +00:00
David Shaw
1ccd578910 Sig expiration code
Offer to expire a key signature when the key the user is signing expires
Expired sigs cause an error return
If --expert is set, prompt for sig duration
2001-12-07 01:14:15 +00:00
David Shaw
98facb5800 Allow a regular key signature to promote a local signature to full
exportable status
2001-12-07 01:04:02 +00:00
David Shaw
2e941ab7a3 New option --expert
Do not allow signing a revoked UID unless --expert is set, and ask even then.
Do not allow signing a revoked key unless --expert is set, and ask even then.
2001-12-07 01:00:21 +00:00
David Shaw
ebd148e553 Bug fix in "showpref"
Allow setting a no-compression preference
2001-12-07 00:57:50 +00:00
David Shaw
88fbd0dfcf "eyesonly" patch. Implements the for-your-eyes-only feature. 2001-12-07 00:54:18 +00:00
David Shaw
46efe28815 "sigclass" patch - adds key signature class levels, notation and policy-url
displays in key listings, and shows flags for signature features.
2001-12-06 22:04:08 +00:00
David Shaw
934ac0bd7d The new keyserver code itself 2001-12-06 21:54:04 +00:00
David Shaw
293935be4c (sigh). Missed one file. 2001-12-06 21:50:24 +00:00