1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-27 11:10:13 +01:00

2293 Commits

Author SHA1 Message Date
David Shaw
eb9607707e * tdbio.c (tdbio_read_record, tdbio_write_record): Compact the
RECTYPE_TRUST records a bit.

* g10.c (main): Comment out --list-trust-path until it can be implemented.

* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.

* keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.
2002-12-11 17:50:38 +00:00
David Shaw
488b8dadba * gpg.sgml: Clarify include-revoked and include-disabled so they match
what the program actually does.  Noted by Dick Gevers.

* gpg.sgml: Document %-expandos for policy URLs and notations.

* gpg.sgml: Document --pgp8.  Clarify that --pgp6 and --pgp7 disable
--throw-keyid.
2002-12-11 03:47:03 +00:00
Stefan Bellon
ea86ca6565 fixed typo 2002-12-06 00:38:43 +00:00
Werner Koch
fce148aa0e * gpg.sgml: Document --no-mangle-dos-filenames. 2002-12-05 15:25:46 +00:00
Werner Koch
036fbb22a7 * g10.c: New options --[no-]mangle-dos-filenames.
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.
2002-12-05 15:25:16 +00:00
David Shaw
1aec20776c * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
Minimal isn't always best.

* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time.  Make sure that this doesn't
cause a time warp.

* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).

* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.

* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).

* packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
2002-12-04 18:50:10 +00:00
David Shaw
60fce379da * trustdb.c (validate_keys): Show trust parameters when building trustdb,
and make sure that the version record update was successful.
(init_trustdb): If the current parameters aren't what was used for
building the trustdb, the trustdb is invalid.

* tbio.c (tdbio_db_matches_options): Update to work with new trustdbs.
2002-12-04 06:06:56 +00:00
David Shaw
3b7ca1faa5 * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store trust
model in the trustdb version record. (tdbio_update_version_record): New
function to update version record values during a trustdb check or update.
(tdbio_dump_record): Show trust model in dump.

* trustdb.c (validate_keys): Call tdbio_update_version_record on success
so that the correct options are stored in the trustdb.

* options.h: rearrange trust models so that CLASSIC is 0 and OPENPGP is 1.
2002-12-04 00:05:11 +00:00
David Shaw
e357092285 * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.

* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 23:31:48 +00:00
Werner Koch
768ded7c03 Marked unused slots in the trustdb. 2002-12-03 08:12:53 +00:00
David Shaw
d37aad469c * gpg.sgml: Point out that if the user absolutely must, it's better to use
--pgpX than forcing an algorithm manually.  Better still not to use
anything, of course. CVS:
----------------------------------------------------------------------
gpg.sgml CVS:
----------------------------------------------------------------------
2002-12-01 21:06:13 +00:00
David Shaw
8dfe1d4348 * distfiles, gnupg.spec.in: Include convert-from-106.
* convert-from-106: Script to automate the 1.0.6->later conversion.  It
marks all secret keys as ultimately trusted, adds the signature caches,
and checks the trustdb.
2002-12-01 21:04:07 +00:00
David Shaw
db9195c10b * keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
2002-12-01 20:59:04 +00:00
David Shaw
98708e1770 * NEWS: Add notes about notation names and '@', the --trust-model option,
default algorithms from --personal-xxxx, --primary-keyring, changes with
--s2k-digest-algo, the new anonymous recipient improvements, and
non-optimized memory wiping.
2002-11-26 04:02:58 +00:00
David Shaw
29c83f1c60 * gpg.sgml: Document --primary-keyring. Clarify --s2k-cipher-algo,
--s2k-digest-algo, --personal-cipher-preferences,
--personal-digest-preferences, and --personal-compress-preferences.
2002-11-26 04:00:28 +00:00
David Shaw
6122c65b61 * gpg.sgml: Document --sig-policy-url, --cert-policy-url, --sig-notation,
--cert-notation.  Clarify --show-notation and --show-policy-url that
policy URLs and notations can be used in data signatures as well.  Add
note about '@' being a required character in notation names.
2002-11-25 14:34:08 +00:00
Stefan Bellon
1289ab78e1 no RISC OS filetype needed for nooutput 2002-11-25 13:30:34 +00:00
David Shaw
0819797911 * main.h, misc.c (default_cipher_algo, default_compress_algo): New.
Return the default algorithm by trying --cipher-algo/--compress-algo, then
the first item in the pref list, then s2k-cipher-algo or ZIP.

* sign.c (sign_file, sign_symencrypt_file), encode.c (encode_simple,
encode_crypt): Call default_cipher_algo and default_compress_algo to get
algorithms.

* g10.c (main): Allow pref selection for compress algo with --openpgp.
2002-11-25 04:24:41 +00:00
David Shaw
bd23076c5e * mainproc.c (proc_encrypted): Use --s2k-digest-algo for passphrase
mangling rather than --digest-algo.
2002-11-25 04:11:02 +00:00
David Shaw
8b9e9d33c1 * sign.c (hash_for): If --digest-algo is not set, but
--personal-digest-preferences is, then use the first hash algorithm in the
personal list.  If the signing algorithm is DSA, then use the first
160-bit hash algorithm in the personal list. If --pgp2 is set and it's a
v3 RSA key, use MD5.
2002-11-25 04:06:04 +00:00
David Shaw
ce4ddd144c * g10.c (main), keydb.c (keydb_add_resource, keydb_locate_writable):
Rename --default-keyring as --primary-keyring.  Stefan wins the naming
contest.
2002-11-25 03:18:48 +00:00
David Shaw
a5b9770a8b * g10.c (add_notation_data): Disallow notation names that do not contain a
'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.
2002-11-24 01:49:32 +00:00
David Shaw
0cd879cd9c * encode.c (encode_simple), passphrase.c (passphrase_to_dek), sign.c
(sign_symencrypt_file): Use --s2k-digest-algo for passphrase mangling
rather than --digest-algo.
2002-11-24 00:50:14 +00:00
David Shaw
2bb29764af * gpg.sgml: Add an interoperability section. 2002-11-22 03:53:53 +00:00
David Shaw
1c6bcef3ce * keygen.c (keygen_set_std_prefs): Properly handle an empty preference
string.

* misc.c (string_to_compress_algo): "none" is a bad choice since it
conflicts with the "none" in setpref.
2002-11-21 16:25:05 +00:00
David Shaw
2e4e257f42 * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver protocol
version.
2002-11-18 00:43:33 +00:00
David Shaw
1c2bf6217f * gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode. Noted
by Haakon Riiser.
2002-11-17 15:22:48 +00:00
David Shaw
6b48375467 * config.links: Use OpenBSD/NetBSD powerpc assembler code for Darwin.
Successfully tested by Gordon Worley.
2002-11-16 16:53:58 +00:00
David Shaw
205839555e * gpg.sgml: --compress-algo now allows algorithm names.
* gpg.sgml: Document --trust-model.

* README.W32: Add blurb on how to create a ZIP file, changed requirement
for mingw32 to 0.3.2.
2002-11-15 04:15:39 +00:00
David Shaw
cf163db505 * g10.c (main): Allow compression algorithm names as the argument to
--compress-algo.  The old algorithm names still work for backwards
compatibility.

* misc.c (string_to_compress_algo): Allow "none" as an alias for
"uncompressed".
2002-11-15 04:07:24 +00:00
David Shaw
d06a95a535 * gpgkeys_ldap.c (get_key): The deduping code requires "pgpcertid", but
that was not available when running without verbose on.  Noted by Stefan.
2002-11-14 14:30:53 +00:00
Stefan Bellon
0907db4855 fixed type incompatibility 2002-11-13 21:49:57 +00:00
David Shaw
fbffa8209b * encode.c (encode_simple): Make sure that files larger than about 4G use
partial length encoding.  This is required because OpenPGP allows only for
32 bit length fields.  From Werner on stable branch.

* getkey.c (get_pubkey_direct): Renamed to... (get_pubkey_fast): this and
made extern. (get_pubkey_byfprint_fast): New.  From Werner on stable
branch.

* keydb.h, import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might lead to
recursions. (revocation_present): Likewise for search by fingerprint.
From Werner on stable branch.

* g10.c (main): Try to create the trustdb even for non-colon-mode list-key
operations.  This is required because getkey needs to know whether a a key
is ultimately trusted.  From Werner on stable branch.
2002-11-13 17:43:27 +00:00
David Shaw
7c3eee80ba * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; we don't need
it here as it behaves more like a Posix system. From Werner on stable
branch.

* passphrase.c (agent_get_passphrase): Ditto.  From Werner on stable
branch.

* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.  From Werner on
stable branch.

* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from the
registry.  From Werner on stable branch.
2002-11-13 17:19:22 +00:00
David Shaw
c0eab15814 * mk-w32-dist: Don't use iconv for pl.po. From Werner on stable branch.
* mk-w32-dist: Include gpgkeys_ldap and gpgkeys_hkp.
2002-11-13 16:50:44 +00:00
David Shaw
12a1bde101 * util.h [__CYGWIN32__]: Don't need the registry prototypes. From Werner
on stable branch.
2002-11-13 16:38:07 +00:00
David Shaw
453c471f50 * THANKS: Changes from stable branch.
* configure.ac: Check for ctermid().  From Werner on stable
branch.

* configure.ac (GPGKEYS_LDAP,GPGKEYS_HKP): Add $EXEEXT.  From
Werner on stable branch.

* configure.ac (try_gettext): Remove special case for cygwin.
This removes all the DOS specific macros and let Cygwin work like
a real OS.  Needs a couple of changes elsewhere but after all,
GnuPG presents itself much more like a Posix program and can be
used in a full Cygwin environment; e.g. used along with mutt.
Changes suggested by Volker Quetschke.  From Werner on stable
branch.

* acinclude.m4 (GNUPG_SYS_NM_PARSE): Allow for underscore in test
symbols.  Useful for Cygwin builds.
(GNUPG_SYS_SYMBOL_UNDERSCORE): Don't hardwire to yes for Cygwin.
From Werner on stable branch.

* README: Add an installation note for Darwin 6.1.  From Werner on
stable branch.
2002-11-13 16:11:32 +00:00
David Shaw
116bef5e04 * secmem.c (lock_pool) [__CYGWIN__]: Don't print secmem warning. From
Werner on stable branch.
2002-11-13 15:39:10 +00:00
David Shaw
365011c8f1 * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.

* getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 13:23:03 +00:00
Werner Koch
3817bf604e * config.sub, config.guess: Updated from ftp.gnu.org/gnu/config
to version 2002-11-08.
2002-11-12 19:37:44 +00:00
Werner Koch
a33b72dc9e Post release version number bump. 2002-11-12 16:45:22 +00:00
Werner Koch
d12195807c Preparing 1.3.1 release. V1-3-1 2002-11-12 16:15:57 +00:00
David Shaw
659e1e9931 * gpgkeys_ldap.c (get_key): Fix typo in deduping code. 2002-11-10 21:32:11 +00:00
Werner Koch
41fb1aceb7 * ttyio.c (TERMDEVICE): Removed.
(tty_get_ttyname): New.
(init_ttyfp): Use it here instead of the TERMDEVICE macro.
2002-11-09 17:49:01 +00:00
Werner Koch
d219b061ac * passphrase.c (agent_send_all_options): Use tty_get_ttyname to
get the default ttyname.
2002-11-09 17:48:41 +00:00
Werner Koch
fa9b94a6e4 Fixed copyright year 2002-11-09 17:42:24 +00:00
David Shaw
7911a5ed86 * keyring.h, keyring.c (keyring_register_filename): Return the pointer if
a given keyring is registered twice.

* keydb.h, keydb.c (keydb_add_resource): Use flags to indicate a default
keyring. (keydb_locate_writable): Prefer the default keyring if possible.

* g10.c (main): Add --default-keyring option.
2002-11-08 03:31:21 +00:00
David Shaw
bf4a893586 * options.h, g10.c (main), trustdb.c (ask_ownertrust): Add
--force-ownertrust option for debugging purposes.  This allows setting a
whole keyring to a given trust during an --update-trustdb.  Not for normal
use - it's just easier than hitting "4" all the time to test a large
trustdb.
2002-11-07 04:37:27 +00:00
David Shaw
d771dd272d * w32reg.c (read_w32_registry_string): Fixed expanding of the environment
buffer; didn't worked at all.  Reported by Thijmen Klok.  From Werner on
stable branch.

* secmem.c (secmem_free, secmem_term): Use wipememory2() instead of
memset() to overwrite secure memory

* iobuf.c (direct_open): Handle mode 'b' if O_BINARY is available. From
Werner on stable branch.

* fileutil.c: Comment from stable branch.
2002-11-06 22:51:44 +00:00
David Shaw
d941240b45 * util.h: Add wipememory2() macro (same as wipememory, but can specify the
byte to wipe with).
2002-11-06 17:38:09 +00:00