1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Commit Graph

1815 Commits

Author SHA1 Message Date
Werner Koch
b7491aa8c7 about to release 1.4.1rc2 2005-02-16 20:29:20 +00:00
Werner Koch
00ef56868d * card-util.c (fetch_url): Fetch the key from the default
keyserver if no URL is available.

* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.
2005-02-16 20:08:14 +00:00
Werner Koch
ca24b4ea3f * w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.
2005-02-16 13:27:57 +00:00
Werner Koch
bb71180d07 * gpg.sgml: Add bkuptocard command for --edit-key.
* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.
2005-02-15 11:02:32 +00:00
David Shaw
2833a0eadc * curl-shim.c (curl_easy_perform): Fix compile warning.
* curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add
ca-cert-file option, to pass in the SSL cert.
2005-02-12 03:15:02 +00:00
David Shaw
25001837e9 * curl-shim.h, curl-shim.c: New. This is code to fake the curl API in
terms of the current HTTP iobuf API.

* gpgkeys_curl.c [FAKE_CURL], Makefile.am: If FAKE_CURL is set, link with
the iobuf code rather than libcurl.
2005-02-11 18:05:13 +00:00
David Shaw
8ba44ec180 * configure.ac: Add --enable-fake-curl option to help test no-curl HTTP.
* NEWS: Note Mister/Zuccherato CFB countermeasures.
2005-02-11 17:46:15 +00:00
David Shaw
a3ea962679 Disable the "quick check" bytes for PK decryptions. This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
2005-02-10 04:06:30 +00:00
David Shaw
2dbfc709ad * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
is dirty and --interactive is set, do an --update-trustdb.  If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is
set.

* import.c (import_keys_internal): Moved from here.

* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end.  This is Debian bug
#293816, noted by Kurt Roeckx.
2005-02-06 17:38:43 +00:00
David Shaw
e040113f3c * gpg.sgml: Note that level 0 signatures are always accepted
regardless of --min-cert-level.
2005-02-05 19:52:02 +00:00
David Shaw
203e4835f6 * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
* gpgkeys_curl.c (main): Make sure the curl handle is cleaned up on
failure.
2005-02-05 15:04:59 +00:00
David Shaw
01f0036d23 * getkey.c (merge_selfsigs_subkey): Merged away definition from the
backsigs code.
2005-02-05 00:00:35 +00:00
Werner Koch
e011ee08e2 (GNUPG_CHECK_GNUMAKE): Removed. Not needed for
decent automakes.
2005-02-04 10:18:46 +00:00
David Shaw
7954a24b95 * libcurl.m4: More comments. 2005-02-04 04:01:35 +00:00
David Shaw
dd649067e2 * NEWS: Fix typo. 2005-02-03 21:42:10 +00:00
Werner Koch
57ec15c0bb Last changes for W32 2005-02-03 11:16:27 +00:00
Werner Koch
907353ed60 About to do a release candidate 2005-02-03 10:21:26 +00:00
Werner Koch
334e3e96d2 Updated to match the switch to the NSIS installer. 2005-02-03 09:32:53 +00:00
David Shaw
b663f3f8d3 * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
http_close() calls.  Noted by Phil Pennock.
2005-02-01 20:57:08 +00:00
David Shaw
f7a0254e63 * http.c (connect_server): Fix fd leak when connecting to a round-robin
server set that has some down servers.  Noted by Phil Pennock.
2005-02-01 20:55:35 +00:00
David Shaw
9af66d4634 * ksutil.h: Up the default timeout to two minutes. 2005-02-01 17:08:18 +00:00
David Shaw
c49620a720 * keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.
2005-02-01 05:26:25 +00:00
David Shaw
df42d339d9 * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
instead of 0x0000000000000000 for the invalid key ID since all-zeroes
is reserved for the anonymous recipient.

* keyedit.c (change_passphrase), keygen.c (generate_subkeypair): Fix a
string ;)
2005-01-28 00:50:10 +00:00
Werner Koch
d96f816f89 * keygen.c (generate_subkeypair): Detect primary key on-card and
ask for the passphrase.  Return an error if the primary key is a
plain stub.

* keyedit.c (change_passphrase): Don't ever change any stub key.
Print a note if a key consists of only stub keys.  Reported by
Dany Nativel.  These are bugs #401 and #402.
2005-01-27 11:48:33 +00:00
Werner Koch
963748d1b5 Updated to the version from 1.2.7. 2005-01-27 10:30:28 +00:00
David Shaw
e6cbb88f61 * keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal
address] syntax in keyserver URLs.  (keyserver_typemap): Map ftps if
we are supporting it.
2005-01-26 21:20:30 +00:00
Werner Koch
eb0ee0ba44 * w32installer.nsi: Create a start menu entry and enhanced the
build environment.
* mk-w32-dist: Add more support for above.
2005-01-26 17:44:48 +00:00
Werner Koch
aa62bf505d (do_generate_keypair): Don't continue after an error;
fixed at two places. Why at all didn't I used a goto to cleanup,
tsss?
2005-01-25 14:34:51 +00:00
Werner Koch
aa87314e6f (get_cached_data): New arg GET_IMMEDIATE to bypass
the cache.  Changed all callers.
(get_one_do): Bypass the cache if the value would have been read
directly for v1.1 cards.It makes things a bit slower but obnly for
1.0 cards and there are not that many cards out in the wild.  This
is required to fix a caching bug when generating new keys; as a
side effect of the retrieval of the the C4 DO from the 6E DO the
chaced fingerprint will get updated to the old value and later
when signing the generated key the checking of the fingerprint
fails becuase it won't match the new one.  Thanks to Moritz for
analyzing this problem.
(verify_chv3): Removed the CHV status reread logic because we
won't cache the C4 DO anymore.
2005-01-25 14:18:56 +00:00
David Shaw
9198b9de5c * libcurl.m4: All versions of curl-config support --feature. 2005-01-25 02:47:57 +00:00
David Shaw
5d257ee60e * gpgkeys_ldap.c (print_nocr): New. (get_key): Call it here to
canonicalize line endings.

* gpgkeys_curl.c (writer): Discard everything outside the BEGIN and
END lines when retrieving keys.  Canonicalize line endings.  (main):
Accept FTPS.
2005-01-24 18:23:56 +00:00
David Shaw
1f057ff498 * configure.ac: Define FTPS flag if we're using curl, and FTPS is
available.

* README: Fix some typos (noted by Norihiko Murase), update to 1.4.1,
and tweak some descriptions.

* NEWS: Note FTPS.
2005-01-23 01:19:32 +00:00
David Shaw
db89c15bff * libcurl.m4: Note that FTPS existed, but wasn't fully
standards-compliant until version 7.11.0.
2005-01-22 23:10:23 +00:00
David Shaw
625806b6ae * keyserver.c (free_keyserver_spec): Fix small leak.
(keyserver_typemap): Map https if we are supporting it.
2005-01-22 03:33:12 +00:00
David Shaw
2b10681641 * gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL
certificate checking (which is on by default).

* gpgkeys_curl.c (main): Add "debug" option to match the LDAP helper.
Add "check-cert" option to disable SSL certificate checking (which is
on by default).
2005-01-22 03:27:19 +00:00
Werner Koch
6a0fda89c0 (open_card): Issue new CARDCTRL(4) status. 2005-01-20 18:25:25 +00:00
Werner Koch
b2b2786be1 * gpgv.c (tty_fprintf): New stub.
* card-util.c (card_status): Create asecret key stub on the fly
and print more information about a card key.
* import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New.
* getkey.c (get_seckeyblock_byfprint): New.
* keylist.c (print_card_key_info): New.
2005-01-20 17:21:40 +00:00
Werner Koch
fa284bae3f Minor changes 2005-01-20 11:42:48 +00:00
Werner Koch
5bda87bd6e * g10.c (i18n_init) [W32]: Pass registry key to gettext
initialization.
* gpgv.c (i18n_init) [W32]: Ditto.

* simple-gettext.c (set_gettext_file): Use MO files depending on
the installation directory.  Add new arg REGKEY.
2005-01-20 11:42:03 +00:00
David Shaw
b2d67e8039 * NEWS: Note --rfc2440-text import/export-unusable-sigs and
gpgkeys_curl.

* configure.ac: gpgkeys_mailto is disabled by default.  Define HTTPS
flag if we're using curl, and HTTPS is available.
2005-01-19 03:56:25 +00:00
David Shaw
115ebcfcf8 * gpgkeys_curl.c: Fix typo. 2005-01-18 14:43:14 +00:00
Werner Koch
02a85a958c * gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with
the W32 defined macro.  Removed unneeded initialization of static
variables.
* gpgkeys_http.c: Ditto.
* ksutil.h: s/MAX_PATH/URLMAX_PATH/.
2005-01-18 11:16:10 +00:00
Werner Koch
79161ef7b9 (public_key_list): Do a trustdb staleness check before
opening the keyring.
(secret_key_list): Ditto.
2005-01-18 09:51:58 +00:00
David Shaw
8220c9e799 * gpgkeys_curl.c (main): Only allow specified protocols to use the
curl handler.

* Makefile.am: Use LIBCURL_CPPFLAGS instead of LIBCURL_INCLUDES.
2005-01-18 04:24:52 +00:00
David Shaw
586be6711e * libcurl.m4: Use LIBCURL_CPPFLAGS and not LIBCURL_INCLUDES to match
automake syntax.
2005-01-18 03:54:46 +00:00
Werner Koch
cc19a07082 Same for
--without-included-regex.
2005-01-17 10:19:57 +00:00
Werner Koch
4440af47f7 Make --without-included-zlib work as
expected. Reported by Norihiko Murase.
2005-01-17 10:13:59 +00:00
Werner Koch
3a71b7f87f Make --without-included-zlib work as
expected. Reported by Norihiko Murase.
2005-01-17 10:13:59 +00:00
David Shaw
996c82ffd6 * ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c,
gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup.  Move all the
various defines to ksutil.h.
2005-01-13 23:37:26 +00:00
David Shaw
0a42f97e43 * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Part 1
of a minor cleanup to use #defines instead of hard-coded sizes.
2005-01-13 23:22:10 +00:00