1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

1083 Commits

Author SHA1 Message Date
David Shaw
e0dbc52cfc Missed one caller. 2007-02-01 20:51:15 +00:00
David Shaw
ef8f2e2f6f * main.h, keygen.c (ask_expire_interval, parse_expire_string): Pass in
the time to use to calculate the expiration offset, rather than
querying it internally.  Change all callers.
2007-02-01 19:32:16 +00:00
David Shaw
ef9e1b5fbc * keygen.c (do_generate_keypair, proc_parameter_file,
generate_keypair, generate_subkeypair): Pass a timestamp through to
all the gen_xxx functions.
2007-01-31 21:39:26 +00:00
David Shaw
9f3af9e24d * keyedit.c (sign_uids): Another multiple to single timestamp
operation.
2007-01-31 20:44:48 +00:00
David Shaw
5b34e0264e * sign.c (write_plaintext_packet): Take timestamp from outside.
Change all callers.  (sign_file, clearsign_file,
sign_symencrypt_file): Calculate one timestamp for the whole
transaction.  Different timestamps for each step can leak performance
information.
2007-01-31 20:23:45 +00:00
David Shaw
efef00aed3 * main.h, keygen.c (ask_expiredate), keyedit.c (menu_expire): Remove
the need for ask_expiredate().
2007-01-31 19:42:48 +00:00
David Shaw
e2fdff56fc * keygen.c (make_backsig, write_direct_sig, write_selfsigs)
(write_keybinding): Have the various selfsigs created during key
generation use the timestamp of their parent key.  This helps avoid
leaking information about the performance of the machine where the
keys were generated.  Noted by Christian Danner.
2007-01-30 21:19:45 +00:00
Werner Koch
9e4a5071a6 * parse-packet.c (read_protected_v3_mpi): Make sure to stop
reading even for corrupted packets.
	* keygen.c (generate_user_id): Need to allocate one byte more.
	Reported by Felix von Leitner.
2007-01-15 19:30:33 +00:00
David Shaw
68ea16cbfc * options.skel: Tweak some examples to match reality and update the
RFC for CERT now that it is out of draft.
2006-12-15 04:37:47 +00:00
David Shaw
ea5397943a * Makefile.am: Install options.skel via dist_pkgdata_DATA so that
"make uninstall" works properly.
2006-12-13 21:41:37 +00:00
Werner Koch
e810efc76f Removed references to removed g10defs.h file. 2006-12-13 12:09:44 +00:00
Werner Koch
9f433cccca Removed the use of g10defs.h.
This required some code cleanups and the introduction of
a few accessor ducntions in mpi.
2006-12-11 19:54:53 +00:00
Werner Koch
abfdbea116 /
* configure.ac: Remove GNUPG_DATADIR for non-W32 systems.
g10/
	* Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR.
	* openfile.c (copy_options_file): Use log_info and not log_error
	to avoid error returns in case of a missing skeleton file.
2006-12-07 11:33:24 +00:00
Werner Koch
d8ff6704c8 Preparing a release 2006-12-06 09:52:40 +00:00
David Shaw
cfa0b50dc0 * keyedit.c (menu_clean): Show "already minimized" rather than
"already clean" when a minimized key is minimized again.  From Dirk
Traulsen.
2006-12-03 06:26:12 +00:00
David Shaw
e0cd2d31a1 * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add
--passphrase-repeat option to control how many times gpg will
re-prompt for a passphrase to ensure the user has typed it correctly.
Defaults to 1.
2006-12-03 04:38:53 +00:00
Werner Koch
e1829a3d52 * openfile.c (ask_outfile_name): Fixed buffer overflow occurring
if make_printable_string returns a longer string.  Fixes bug 728.
2006-11-27 16:40:14 +00:00
David Shaw
55df654ea8 Missing changelog entry 2006-11-06 04:07:33 +00:00
Werner Koch
31cf39791e New command --gpgconf-test. 2006-10-23 14:21:41 +00:00
David Shaw
4e07a84cb9 * parse-packet.c (parse_symkeyenc): Show the unpacked as well as the
packed s2k iteration count.
	
* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.
2006-10-13 03:44:34 +00:00
David Shaw
6174275c39 * keyserver.c (keyserver_spawn): Write the 16-digit keyid rather than
whatever key selector the user used on the command line.
2006-10-06 05:46:07 +00:00
Werner Koch
7925e747d0 fix for bug 537 and documentation fixes. 2006-10-02 13:22:27 +00:00
Werner Koch
29f68725d0 Allow to build w/o curl. 2006-09-26 14:15:17 +00:00
Werner Koch
ab1d0ca711 Preparing 1.4.5 2006-08-01 11:20:18 +00:00
Werner Koch
fede32ebd7 Fix bug 655 2006-07-31 11:40:14 +00:00
Werner Koch
064a4a6240 Fixed bug 479. Not a real good fix but a reliable one which limits possible
breakage of other partys of the code.
2006-07-31 10:16:33 +00:00
Werner Koch
f19e8892a2 Preparing a release candidate 2006-07-28 09:52:11 +00:00
Werner Koch
ccd5fc4758 Fixed memory allocation bug and typos. 2006-07-26 11:25:36 +00:00
David Shaw
975da08004 * configure.ac: Fix resolver autoconf code so it works (fails)
properly with uClibc.
2006-07-08 23:29:25 +00:00
Werner Koch
d91c7a06ff i18n fix 2006-06-28 19:33:14 +00:00
David Shaw
cb117d7457 * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): Pass a
union for preference hints rather than doing void * games.

* sign.c (sign_file): Use it here.
2006-06-28 17:54:35 +00:00
David Shaw
2a31983ef8 * sign.c (sign_file): When signing with multiple DSA keys, one being DSA1
and one being DSA2 and encrypting at the same time, if the recipient
preferences give a hash that can work with the DSA2 key, then allow the
DSA1 key to be promoted rather than giving up and using hash_for().
2006-06-28 17:12:55 +00:00
David Shaw
7c457fac67 * pkclist.c (algo_available): Automatically enable DSA2 mode when handling
a key that clearly isn't DSA1 (i.e. q!=160).
2006-06-28 15:26:05 +00:00
Werner Koch
23380119ee Fixed uploading of keays. 2006-06-28 09:37:42 +00:00
Werner Koch
e0af7eb379 do no use reopen_std under W32. 2006-06-27 08:40:23 +00:00
Werner Koch
a3883eb71d About to do a new release 2006-06-25 12:03:38 +00:00
David Shaw
00db922029 * options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs,
keygen_add_std_prefs, proc_parameter_file): Add --default-keyserver-url to
specify a keyserver URL at key generation time, and "Keyserver:" keyword
for doing the same through a batch file.
2006-06-22 22:56:54 +00:00
David Shaw
059c67ca6d * sign.c (do_sign): Accept a truncated hash even for DSA1 keys (be liberal
in what you accept, etc).
2006-06-22 19:17:21 +00:00
David Shaw
4f7b459a96 * import.c (import_one): Add a flag (from_sk) so we don't check prefs
on an autoconverted public key.  The check should only happen on the
sk size.  Noted by Dirk Traulsen.
2006-06-12 12:05:34 +00:00
David Shaw
7211ee589a * keygen.c (gen_card_key): Add optional argument to return a pointer
(not a copy) of the stub secret key for the secret key we just
generated on the card.  (generate_card_subkeypair): Use it here so
that the signing key on the card can use the card to generate the 0x19
backsig on the primary key.  Noted by Janko Heilgeist and Jonas Oberg.
2006-06-10 04:11:05 +00:00
David Shaw
91dbfce3b7 * parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
This prevents a memory allocation attack with a very large user ID.  A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number.  Noted by Evgeny Legerov on full-disclosure.
2006-06-09 19:45:19 +00:00
David Shaw
49c31957f0 Revert last. It is still wrong. 2006-05-27 02:07:05 +00:00
David Shaw
b9c2f44336 * exec.c (make_tempdir) [_WIN32]: Modified to properly handle
arbitrarily long temporary directory paths.
2006-05-27 01:38:54 +00:00
David Shaw
05a2a2f39a * keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
1024 when --enable-dsa2 is set).  The size of q is set automatically based
on the key size. (ask_keysize, generate_keypair): Ask for DSA size when
--enable-dsa2 is set.
2006-05-25 19:39:03 +00:00
David Shaw
5cef0cac5a * exec.c (make_tempdir): Fix bug with a temporary directory on Win32
that is over 256 bytes long.  Noted by Israel G. Lugo.
2006-05-25 03:02:51 +00:00
David Shaw
782a70e522 * gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
called with them closed.  This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds.  Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.
2006-05-23 22:04:09 +00:00
David Shaw
197c7a3e47 * parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
(build_sig_subpkt_from_sig), getkey.c (fixup_uidnode,
merge_selfsigs_main, merge_selfsigs_subkey), keygen.c
(keygen_add_key_expire): Fix meaning of key expiration and sig
expiration subpackets - zero means "never expire" according to 2440,
not "expire instantly".
2006-05-23 03:58:53 +00:00
David Shaw
3bee120e15 * import.c (import_one): Fix bug when importing a new key from a file. 2006-05-22 21:38:13 +00:00
David Shaw
7596ae1f6a * getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
problem when auto-key-locate returns a list of keys, not all of which are
usable (revoked, expired, etc).  Noted by Simon Josefsson.
2006-05-22 16:53:09 +00:00
David Shaw
bc81ce601f (keyserver_import_cert): Show warning if there is a CERT fingerprint,
but no --keyserver set.
2006-04-27 03:38:56 +00:00
David Shaw
034937c6d1 * keyserver.c (path_makes_direct): New. (keyserver_spawn): Used here
to add "_uri" to certain gpgkeys_xxx helpers when the meaning is
different if a path is provided (i.e. ldap).
2006-04-27 03:14:17 +00:00
David Shaw
19c353232e * keyserver.c: Fix build problem with platforms that stick libcurl in
a place not in the regular include search path.
2006-04-22 14:15:50 +00:00
David Shaw
0f1c0a9f28 * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
to disable.

* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.

* sign.c (match_dsa_hash): New.  Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set.  q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.
2006-04-20 21:32:42 +00:00
David Shaw
99b1f3e1da * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
SHA-224.

* sign.c (write_plaintext_packet), encode.c (encode_simple): Factor
common literal packet setup code from here, to...

* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the
literal packet filename field is UTF-8 encoded.

* options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded
and note when filenames are already UTF-8.
2006-04-20 02:36:05 +00:00
David Shaw
36ce455f15 * keyedit.c (menu_backsign): Give some more verbose errors when we
have no need to backsign.
2006-04-19 04:29:31 +00:00
David Shaw
27bb89d687 * options.skel, photoid.c (get_default_photo_command): Find an image
viewer at runtime.  Seems FC5 doesn't have xloadimage.
2006-04-11 19:20:08 +00:00
David Shaw
51e88a5fdb * getkey.c (parse_auto_key_locate): Fix dupe-removal code.
* keyedit.c (menu_backsign): Allow backsigning even if the secret
subkey doesn't have a binding signature.

* armor.c (radix64_read): Don't report EOF when reading only a pad (=)
character.  The EOF actually starts after the pad.

* gpg.c (main): Make --export, --send-keys, --recv-keys,
--refresh-keys, and --fetch-keys follow their arguments from left to
right.  Suggested by Peter Palfrader.
2006-04-09 03:34:09 +00:00
Werner Koch
4fdc6387c3 Fixed segv 2006-04-08 01:23:23 +00:00
Werner Koch
e5a03c84f7 See ChangeLog 2006-04-08 00:36:51 +00:00
Werner Koch
256f67675f About to release 1.4.3 2006-04-03 10:13:23 +00:00
David Shaw
4afa4eb10e * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.
Fix strings to not start with a capital letter as per convention.
2006-04-01 02:47:53 +00:00
David Shaw
66965ccc29 Update copyright 2006-03-30 23:55:45 +00:00
David Shaw
92e1528bf2 * main.h, seskey.c (encode_md_value): Modify to allow a q size greater
than 160 bits as per DSA2.  This will allow us to verify and issue DSA2
signatures for some backwards compatibility once we start generating DSA2
keys.
* sign.c (do_sign), sig-check.c (do_check): Change all callers.

* sign.c (do_sign): Enforce the 160-bit check for new signatures here
since encode_md_value can handle non-160-bit digests now. This will need
to come out once the standard for DSA2 is firmed up.
2006-03-30 19:20:59 +00:00
David Shaw
97b0606a95 * getkey.c (parse_auto_key_locate): Silently strip out duplicates rather
than causing an error.
2006-03-22 23:05:32 +00:00
Werner Koch
ac46433052 Changed URLs 2006-03-22 16:43:59 +00:00
David Shaw
5531da1cfc * mainproc.c (get_pka_address): Fix bug introduced as part of
sig_to_notation conversion.  Noted by Peter Palfradrer.
2006-03-22 14:37:53 +00:00
Werner Koch
7f99c71839 Allow for rmd160 signatures when using gpg-agent. 2006-03-21 13:01:45 +00:00
David Shaw
3cfc77097d * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
both the fingerprint alone, and fingerprint+URL cases.

* getkey.c (get_pubkey_byname): Minor cleanup.
2006-03-17 05:20:13 +00:00
David Shaw
e0ad2bda52 * cert.c (get_cert): Handle the fixed IPGP type with fingerprint. 2006-03-16 22:40:04 +00:00
David Shaw
9f524c4a04 * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
same API as the other auto-key-locate fetchers.

* getkey.c (get_pubkey_byname): Use the fingerprint of the key that we
actually fetched.  This helps prevent problems where the key that we
fetched doesn't have the same name that we used to fetch it.  In the
case of CERT and PKA, this is an actual security requirement as the
URL might point to a key put in by an attacker.  By forcing the use of
the fingerprint, we won't use the attacker's key here.
2006-03-14 03:16:21 +00:00
David Shaw
b478ce7a79 * keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keyserver_import_cert, keyserver_import_name, keyserver_import_ldap):
Pass fingerprint info through.
2006-03-14 02:42:02 +00:00
David Shaw
671ec45001 * main.h, import.c (import_one): Optionally return the fingerprint of
the key being imported.  (import_keys_internal, import_keys_stream,
import): Change all callers.
2006-03-14 02:23:00 +00:00
David Shaw
7e3ba27aef * sig-check.c (signature_check2): Print the backsig warning when there
is no backsig present.  Give a URL for more information.

* keyedit.c (menu_backsign): Small tweak to work properly with keys
originally generated with older GnuPGs that included comments in the
secret keys.
2006-03-12 15:33:57 +00:00
David Shaw
e914311608 * build-packet.c (string_to_notation): Add ability to indicate a notation
to be deleted with a '-' prefix.

* keyedit.c (menu_set_notation): Use it here to allow deleting a notation
marked with '-'.  This works with either "-notation" or "-notation=value".
2006-03-09 19:43:29 +00:00
Werner Koch
cf10c31a3f Preparing for an RC23 2006-03-09 12:45:02 +00:00
David Shaw
d810409068 * keyedit.c (menu_set_notation): New function to set notations on
self-signatures.  (keyedit_menu): Call it here.
(tty_print_notations): Helper.  (show_prefs): Show notations in
"showpref".
2006-03-09 03:49:39 +00:00
David Shaw
5460153264 * mainproc.c (get_pka_address), keylist.c (show_notation): Remove
duplicate code by using notation functions.
2006-03-09 03:35:26 +00:00
David Shaw
0f7b4371b2 * packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Provide printable text for non-human-readable
notation values.
2006-03-09 01:15:18 +00:00
David Shaw
889c4afd78 * packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Tweak to handle non-human-readable notation
values.
2006-03-08 23:42:45 +00:00
David Shaw
4fea8fdbbb * options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data):
Use it here for the various notation commands.

* packet.h, main.h, keygen.c (keygen_add_notations), build-packet.c
(string_to_notation, sig_to_notation) (free_notation): New "one stop
shopping" functions to handle notations and start removing some code
duplication.
2006-03-08 23:30:12 +00:00
David Shaw
90d8377276 * options.h, mainproc.c (check_sig_and_print), gpg.c (main):
pka-lookups, not pka-lookup.

* options.h, gpg.c (main), keyedit.c [cmds], sig-check.c
(signature_check2): Rename "backsign" to "cross-certify" as a more
accurate name.
2006-03-08 02:40:42 +00:00
David Shaw
4f9efb7a79 * options.h, gpg.c (main, parse_trust_model), pkclist.c
(check_signatures_trust), mainproc.c (check_sig_and_print,
pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so that it
is a verify-option now.
2006-03-07 20:14:20 +00:00
Werner Koch
4aeb4d4b10 More tests added; make distcheck works 2006-03-07 11:05:41 +00:00
David Shaw
764b3f9395 * sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
is not a PGP 2.x algorithm.
2006-03-07 01:16:31 +00:00
David Shaw
5d2060e211 * mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
algorithm.
2006-03-06 23:14:13 +00:00
Werner Koch
3e08d87168 Stricter test of allowed signature packet compositions.
There is still one problem to solve.
2006-03-06 21:28:25 +00:00
Werner Koch
a200f76dcf Fixed problem with PGP2 style signatures and mutilple plaintext data 2006-03-06 12:28:46 +00:00
Werner Koch
09203be1c6 Replaced an assert and fixed batch mode issue in cardglue. 2006-03-05 15:13:18 +00:00
David Shaw
78904c691c * getkey.c (parse_auto_key_locate): Error if the user selects "cert" or
"pka" when those features are disabled.

* misc.c (has_invalid_email_chars): Fix some C syntax that broke the
compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha.  Noted by Nelson H.
F. Beebe.
2006-03-01 18:16:55 +00:00
David Shaw
4b67ecabcf * options.skel: Document auto-key-locate and give a pointer to Simon
Josefsson's page for CERT.
2006-02-27 19:31:13 +00:00
David Shaw
f4f5ea43e7 * keydb.h, getkey.c (release_akl), gpg.c (main): Add
--no-auto-key-locate.

* options.h, gpg.c (main): Keep track of each keyserver registered so
we can match on them later.

* keyserver-internal.h, keyserver.c (cmp_keyserver_spec,
keyserver_match), gpgv.c: New.  Find a keyserver that matches ours and
return its spec.

* getkey.c (get_pubkey_byname): Use it here to get the per-keyserver
options from an earlier keyserver.
2006-02-24 14:27:22 +00:00
David Shaw
4139587267 * keyserver.c (parse_keyserver_options): Only change max_cert if it is
used.
2006-02-24 03:57:11 +00:00
David Shaw
624f3582ba * options.c, gpg.c (main), keyserver.c (keyserver_spawn): No special
treatment of include-revoked, include-subkeys, and try-dns-srv.  These are
keyserver features, and GPG shouldn't get involved here.
2006-02-23 22:39:40 +00:00
David Shaw
09e3b78ea2 * keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
options to the list, as ordering may be significant to the user.
2006-02-23 20:54:30 +00:00
David Shaw
1736866b5b * gpg.c (add_notation_data): Fix reversed logic for isascii check when
adding notations.  Noted by Christian Biere.
2006-02-23 19:52:20 +00:00
David Shaw
c37453211c * options.h, keyserver.c (add_canonical_option): New.
(parse_keyserver_options): Moved from here. (parse_keyserver_uri): Use it
here so each keyserver can have some private options in addition to the
main keyserver-options (e.g. per-keyserver auth).
2006-02-23 17:00:02 +00:00
David Shaw
1ae024ef81 * options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
getkey.c (free_akl, parse_auto_key_locate, get_pubkey_byname): The obvious
next step: allow arbitrary keyservers in the auto-key-locate list.
2006-02-22 23:37:23 +00:00
David Shaw
305288b5f5 * options.h, keyserver.c (parse_keyserver_options): Remove
auto-cert-retrieve as it is no longer meaningful.  Add max-cert-size to
allow users to pick a max key size retrieved via CERT.
2006-02-22 20:34:48 +00:00
David Shaw
477defdb1b * options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
(keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be
consistent with honor-keyserver-url.
2006-02-22 20:20:58 +00:00
David Shaw
7eab1846ca * options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):
Parse a list of key access methods. (get_pubkey_byname): Walk the list
here to try and retrieve keys we don't have locally.
2006-02-22 19:06:23 +00:00