Werner Koch
b4f553c1ca
Fix for Debian bug 402592
2007-02-04 17:20:24 +00:00
David Shaw
e0dbc52cfc
Missed one caller.
2007-02-01 20:51:15 +00:00
David Shaw
ef8f2e2f6f
* main.h, keygen.c (ask_expire_interval, parse_expire_string): Pass in
...
the time to use to calculate the expiration offset, rather than
querying it internally. Change all callers.
2007-02-01 19:32:16 +00:00
David Shaw
ef9e1b5fbc
* keygen.c (do_generate_keypair, proc_parameter_file,
...
generate_keypair, generate_subkeypair): Pass a timestamp through to
all the gen_xxx functions.
2007-01-31 21:39:26 +00:00
David Shaw
9f3af9e24d
* keyedit.c (sign_uids): Another multiple to single timestamp
...
operation.
2007-01-31 20:44:48 +00:00
David Shaw
5b34e0264e
* sign.c (write_plaintext_packet): Take timestamp from outside.
...
Change all callers. (sign_file, clearsign_file,
sign_symencrypt_file): Calculate one timestamp for the whole
transaction. Different timestamps for each step can leak performance
information.
2007-01-31 20:23:45 +00:00
David Shaw
efef00aed3
* main.h, keygen.c (ask_expiredate), keyedit.c (menu_expire): Remove
...
the need for ask_expiredate().
2007-01-31 19:42:48 +00:00
David Shaw
e2fdff56fc
* keygen.c (make_backsig, write_direct_sig, write_selfsigs)
...
(write_keybinding): Have the various selfsigs created during key
generation use the timestamp of their parent key. This helps avoid
leaking information about the performance of the machine where the
keys were generated. Noted by Christian Danner.
2007-01-30 21:19:45 +00:00
Werner Koch
9e4a5071a6
* parse-packet.c (read_protected_v3_mpi): Make sure to stop
...
reading even for corrupted packets.
* keygen.c (generate_user_id): Need to allocate one byte more.
Reported by Felix von Leitner.
2007-01-15 19:30:33 +00:00
David Shaw
68ea16cbfc
* options.skel: Tweak some examples to match reality and update the
...
RFC for CERT now that it is out of draft.
2006-12-15 04:37:47 +00:00
David Shaw
ea5397943a
* Makefile.am: Install options.skel via dist_pkgdata_DATA so that
...
"make uninstall" works properly.
2006-12-13 21:41:37 +00:00
Werner Koch
e810efc76f
Removed references to removed g10defs.h file.
2006-12-13 12:09:44 +00:00
Werner Koch
9f433cccca
Removed the use of g10defs.h.
...
This required some code cleanups and the introduction of
a few accessor ducntions in mpi.
2006-12-11 19:54:53 +00:00
Werner Koch
abfdbea116
/
...
* configure.ac: Remove GNUPG_DATADIR for non-W32 systems.
g10/
* Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR.
* openfile.c (copy_options_file): Use log_info and not log_error
to avoid error returns in case of a missing skeleton file.
2006-12-07 11:33:24 +00:00
Werner Koch
d8ff6704c8
Preparing a release
2006-12-06 09:52:40 +00:00
David Shaw
cfa0b50dc0
* keyedit.c (menu_clean): Show "already minimized" rather than
...
"already clean" when a minimized key is minimized again. From Dirk
Traulsen.
2006-12-03 06:26:12 +00:00
David Shaw
e0cd2d31a1
* options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add
...
--passphrase-repeat option to control how many times gpg will
re-prompt for a passphrase to ensure the user has typed it correctly.
Defaults to 1.
2006-12-03 04:38:53 +00:00
Werner Koch
e1829a3d52
* openfile.c (ask_outfile_name): Fixed buffer overflow occurring
...
if make_printable_string returns a longer string. Fixes bug 728.
2006-11-27 16:40:14 +00:00
David Shaw
55df654ea8
Missing changelog entry
2006-11-06 04:07:33 +00:00
Werner Koch
31cf39791e
New command --gpgconf-test.
2006-10-23 14:21:41 +00:00
David Shaw
4e07a84cb9
* parse-packet.c (parse_symkeyenc): Show the unpacked as well as the
...
packed s2k iteration count.
* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.
2006-10-13 03:44:34 +00:00
David Shaw
6174275c39
* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather than
...
whatever key selector the user used on the command line.
2006-10-06 05:46:07 +00:00
Werner Koch
7925e747d0
fix for bug 537 and documentation fixes.
2006-10-02 13:22:27 +00:00
Werner Koch
29f68725d0
Allow to build w/o curl.
2006-09-26 14:15:17 +00:00
Werner Koch
ab1d0ca711
Preparing 1.4.5
2006-08-01 11:20:18 +00:00
Werner Koch
fede32ebd7
Fix bug 655
2006-07-31 11:40:14 +00:00
Werner Koch
064a4a6240
Fixed bug 479. Not a real good fix but a reliable one which limits possible
...
breakage of other partys of the code.
2006-07-31 10:16:33 +00:00
Werner Koch
f19e8892a2
Preparing a release candidate
2006-07-28 09:52:11 +00:00
Werner Koch
ccd5fc4758
Fixed memory allocation bug and typos.
2006-07-26 11:25:36 +00:00
David Shaw
975da08004
* configure.ac: Fix resolver autoconf code so it works (fails)
...
properly with uClibc.
2006-07-08 23:29:25 +00:00
Werner Koch
d91c7a06ff
i18n fix
2006-06-28 19:33:14 +00:00
David Shaw
cb117d7457
* keydb.h, pkclist.c (select_algo_from_prefs, algo_available): Pass a
...
union for preference hints rather than doing void * games.
* sign.c (sign_file): Use it here.
2006-06-28 17:54:35 +00:00
David Shaw
2a31983ef8
* sign.c (sign_file): When signing with multiple DSA keys, one being DSA1
...
and one being DSA2 and encrypting at the same time, if the recipient
preferences give a hash that can work with the DSA2 key, then allow the
DSA1 key to be promoted rather than giving up and using hash_for().
2006-06-28 17:12:55 +00:00
David Shaw
7c457fac67
* pkclist.c (algo_available): Automatically enable DSA2 mode when handling
...
a key that clearly isn't DSA1 (i.e. q!=160).
2006-06-28 15:26:05 +00:00
Werner Koch
23380119ee
Fixed uploading of keays.
2006-06-28 09:37:42 +00:00
Werner Koch
e0af7eb379
do no use reopen_std under W32.
2006-06-27 08:40:23 +00:00
Werner Koch
a3883eb71d
About to do a new release
2006-06-25 12:03:38 +00:00
David Shaw
00db922029
* options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs,
...
keygen_add_std_prefs, proc_parameter_file): Add --default-keyserver-url to
specify a keyserver URL at key generation time, and "Keyserver:" keyword
for doing the same through a batch file.
2006-06-22 22:56:54 +00:00
David Shaw
059c67ca6d
* sign.c (do_sign): Accept a truncated hash even for DSA1 keys (be liberal
...
in what you accept, etc).
2006-06-22 19:17:21 +00:00
David Shaw
4f7b459a96
* import.c (import_one): Add a flag (from_sk) so we don't check prefs
...
on an autoconverted public key. The check should only happen on the
sk size. Noted by Dirk Traulsen.
2006-06-12 12:05:34 +00:00
David Shaw
7211ee589a
* keygen.c (gen_card_key): Add optional argument to return a pointer
...
(not a copy) of the stub secret key for the secret key we just
generated on the card. (generate_card_subkeypair): Use it here so
that the signing key on the card can use the card to generate the 0x19
backsig on the primary key. Noted by Janko Heilgeist and Jonas Oberg.
2006-06-10 04:11:05 +00:00
David Shaw
91dbfce3b7
* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
...
This prevents a memory allocation attack with a very large user ID. A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number. Noted by Evgeny Legerov on full-disclosure.
2006-06-09 19:45:19 +00:00
David Shaw
49c31957f0
Revert last. It is still wrong.
2006-05-27 02:07:05 +00:00
David Shaw
b9c2f44336
* exec.c (make_tempdir) [_WIN32]: Modified to properly handle
...
arbitrarily long temporary directory paths.
2006-05-27 01:38:54 +00:00
David Shaw
05a2a2f39a
* keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
...
1024 when --enable-dsa2 is set). The size of q is set automatically based
on the key size. (ask_keysize, generate_keypair): Ask for DSA size when
--enable-dsa2 is set.
2006-05-25 19:39:03 +00:00
David Shaw
5cef0cac5a
* exec.c (make_tempdir): Fix bug with a temporary directory on Win32
...
that is over 256 bytes long. Noted by Israel G. Lugo.
2006-05-25 03:02:51 +00:00
David Shaw
782a70e522
* gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
...
called with them closed. This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds. Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.
2006-05-23 22:04:09 +00:00
David Shaw
197c7a3e47
* parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
...
(build_sig_subpkt_from_sig), getkey.c (fixup_uidnode,
merge_selfsigs_main, merge_selfsigs_subkey), keygen.c
(keygen_add_key_expire): Fix meaning of key expiration and sig
expiration subpackets - zero means "never expire" according to 2440,
not "expire instantly".
2006-05-23 03:58:53 +00:00
David Shaw
3bee120e15
* import.c (import_one): Fix bug when importing a new key from a file.
2006-05-22 21:38:13 +00:00
David Shaw
7596ae1f6a
* getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
...
problem when auto-key-locate returns a list of keys, not all of which are
usable (revoked, expired, etc). Noted by Simon Josefsson.
2006-05-22 16:53:09 +00:00