1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

365 Commits

Author SHA1 Message Date
David Shaw
b7b7e6c25a * keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.

* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.
2002-12-06 04:05:47 +00:00
Werner Koch
9a34b607ab * g10.c: New options --[no-]mangle-dos-filenames.
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.

NOT YET TESTED!
2002-12-05 15:21:17 +00:00
David Shaw
2d6a766433 * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
Minimal isn't always best.

* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time.  Make sure that this doesn't
cause a time warp.

* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).

* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.

* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).
2002-12-04 18:32:00 +00:00
David Shaw
6d30580362 * packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
2002-12-04 16:17:21 +00:00
David Shaw
dc70beb88f * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.
2002-12-03 23:09:20 +00:00
David Shaw
33783a41a4 * main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* tdbio.c (tdbio_read_record, tdbio_write_record): Comments to reserve a
byte for trust model in the devel version.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 18:10:10 +00:00
David Shaw
03aaecf3f8 * keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
2002-12-01 20:49:13 +00:00
David Shaw
f41be729cc * g10.c (add_notation_data): Disallow notation names that do not contain a
'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.

* g10.c (main): Add --strict and --no-strict as no-ops to smooth
transition when the devel GnuPG becomes the stable one.
2002-11-24 01:44:37 +00:00
Stefan Bellon
5059ac6f0b fixed type incompatibility 2002-11-13 21:50:33 +00:00
David Shaw
5ecf0cbd79 * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.
2002-11-13 13:14:40 +00:00
David Shaw
7178a8056c * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 05:20:43 +00:00
Werner Koch
e95dbae3f6 * passphrase.c (agent_send_all_options): Use tty_get_ttyname to
get the default ttyname.
2002-11-09 17:38:29 +00:00
David Shaw
666dcb370b * keyedit.c (show_key_with_all_names_colon): Don't stick nulls into the
--with-colons listing.
2002-11-05 22:30:59 +00:00
David Shaw
62ff9a5e89 * g10.c (main): Add a mostly noop --trust-model option to smooth
transition to 1.4.
2002-11-05 02:17:48 +00:00
David Shaw
456f89ea7a * build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized
away.
2002-10-31 15:28:19 +00:00
Werner Koch
321b88d0f6 * getkey.c (get_pubkey_direct): Renamed to...
(get_pubkey_fast): this and made extern.
(get_pubkey_byfprint_fast): New.
* import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might
lead to recursions. --> There is still a problem, though.
(revocation_present): Likewise for search by fingerprint.

* g10.c (main): Try to create the trustdb even for non-colon-mode
list-key operations.  This is required because getkey needs to
know whether a a key is ultimately trusted.
2002-10-30 10:02:38 +00:00
Stefan Bellon
4884931476 reverted filetype patch 2002-10-28 15:26:43 +00:00
Stefan Bellon
191795d14b filetype support for RISC OS 2002-10-28 13:27:18 +00:00
Werner Koch
d964ea1f84 * pubkey-enc.c (get_it): Fix segv, test for revoked only when PK
has been assigned.
2002-10-23 07:06:56 +00:00
Werner Koch
16e53ae196 * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32;
we don't need it here as it behaves more like a Posix system.
* passphrase.c (agent_get_passphrase): Ditto.
* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.

* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from
the registry.
2002-10-21 16:31:38 +00:00
Werner Koch
1f8d80a1b3 * pkclist.c (do_edit_ownertrust): Show all user IDs. This should
be enhanced to also show the current trust level.  Suggested by
Florian Weimer.
2002-10-17 13:49:30 +00:00
Werner Koch
da36b610ef * keygen.c (print_status_key_created): New.
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
2002-10-12 11:42:08 +00:00
David Shaw
51a8a76e23 * keyedit.c (menu_addrevoker): Properly back out if the signature fails. 2002-10-11 20:44:27 +00:00
David Shaw
67356cdd63 * mainproc.c (symkey_decrypt_sesskey): Fix compiler warning. 2002-10-07 22:09:20 +00:00
David Shaw
3832320327 * keylist.c (print_capabilities): Properly indicate per-key capabilities
of sign&encrypt primary keys that have secret-parts-missing (i.e. no
capabilities at all).
2002-10-07 18:20:28 +00:00
David Shaw
d1738ac243 * getkey.c (get_pubkey_direct): Don't cache keys retrieved via this
function as they may not have all their fields filled in.

* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
2002-10-04 22:09:18 +00:00
Werner Koch
2e21d851e9 * passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping.  Noted by Ingo Kl�cker.
2002-10-04 06:02:14 +00:00
David Shaw
09fe2195bc * keylist.c (print_capabilities): Secret-parts-missing keys should show
that fact in the capabilities.
2002-10-03 19:17:02 +00:00
David Shaw
3f2d94179f * packet.h, parse_packet (parse_key): Add is_primary flag for public keys
(it already exists for secret keys).

* keylist.c (print_capabilities): Only primary signing keys can certify
other keys.
2002-10-03 17:40:10 +00:00
David Shaw
27d526298b * import.c (import_secret_one): Check for an illegal (>110) protection
cipher when importing a secret key.

* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.

* parse_packet.c (parse_key): Some comments.

* revoke.c (gen_revoke): Remove some debugging code.

* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
2002-10-02 21:56:03 +00:00
David Shaw
bf31d26b1d * seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher
in question is in fact IDEA.
2002-10-01 20:24:21 +00:00
David Shaw
1e728329d7 * import.c (import_one): Make sure that a newly imported key starts with a
clean ownertrust. (import_revoke_cert): Remove ultimate trust when
revoking an ultimately trusted key.
2002-10-01 17:25:56 +00:00
Werner Koch
901ac5ed9b * getkey.c (get_pubkey_direct): New.
(merge_selfsigs_main): Use it here to look for an ultimately
trusted key.  Using the full get_pubkey might lead to a infinitive
recursion.
2002-10-01 08:29:47 +00:00
David Shaw
4d640a3384 * g10.c (main): Disable --textmode when encrypting (symmetric or pk) in
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
2002-09-30 16:25:17 +00:00
David Shaw
745d270c07 * keyserver.c (parse_keyserver_uri): Force the keyserver URI scheme to
lowercase to be case-insensitive.
2002-09-30 03:19:42 +00:00
David Shaw
1324f0c83a * sig-check.c (check_key_signature2): Properly handle a non-designated
revocation import.
2002-09-28 17:34:43 +00:00
Werner Koch
1f71f4c626 * g10.c (set_homedir): New. Changed all direct assignments to use
this.
* gpgv.c (set_homedir): Ditto.
2002-09-26 12:28:27 +00:00
David Shaw
d477cf2bfb * keylist.c (list_keyblock_colon): Show 1F direct key signatures in
--with-colons listing.

* keyserver.c (keyserver_spawn): Properly handle line truncation. Don't
leak memory (~10-20 bytes) on searches.
(keyserver_search_prompt): Cleanup.

* hkp.c (hkp_search): Properly handle line truncation.
2002-09-19 16:32:44 +00:00
David Shaw
1f19f73326 * keyedit.c (menu_addrevoker): The direct key signature for revocation
keys must be at least v4 to carry the revocation key subpacket.  Add a PGP
2.x warning for revocation keys.
2002-09-17 03:09:33 +00:00
David Shaw
9da9e88433 * g10.c (check permissions): Back out previous change - some translations
already done for 1.2.
2002-09-15 11:16:04 +00:00
David Shaw
d29d483e5f * g10.c (check_permissions): Rearrange strings to make translating easier
(don't incorporate string parts).

* keyedit.c (sign_uids): Make strings translatable.

* sig-check.c (check_key_signature2): Make string translatable.
2002-09-15 03:15:56 +00:00
David Shaw
0e7778cb51 * getkey.c (check_revocation_keys): Move....
* main.h, sig-check.c (check_revocation_keys): to here.  Also return the
signature_check error code rather than 0/1 and cache the sig result.

* sig-check.c (check_key_signature2): Divert to check_revocation_keys if a
revocation sig is made by someone other than the pk owner.

* getkey.c (merge_selfsigs_main): Tidy.
2002-09-13 12:52:30 +00:00
Werner Koch
86d681d8f0 * g10.c (main) [__MINGW32__]: Activate oLoadExtension. 2002-09-13 07:52:45 +00:00
David Shaw
72cd3ef859 * keyserver.c (keyserver_spawn): Remove whitespace after keyserver
commands.
2002-09-12 12:10:04 +00:00
Werner Koch
c5445cc323 * g10.c, options.h: Removed option --emulate-checksum-bug.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
2002-09-11 07:27:54 +00:00
David Shaw
c30d7e8dc7 * exec.c (expand_args): Remove loop left over from earlier implementation.
(exec_write): Missed one tick.
2002-09-10 18:03:40 +00:00
Werner Koch
b324a5d2d1 Cleanups and minor fixes. 2002-09-10 08:40:12 +00:00
David Shaw
d8eda8dbd1 * g10.c (add_group): Use '=' to separate group name from group members.
Use a better error message for when no = is found.

* hkp.c (hkp_export): Use CRLF in headers.
2002-09-09 19:21:58 +00:00
David Shaw
8dccf882f7 * mainproc.c (print_pkenc_list): Don't increment the error counter when
printing the list of keys a message was encrypted to.  This would make gpg
give a non-zero exit code even for completely valid messages if the
message was encrypted to more than one key that the user owned.
2002-09-04 02:48:47 +00:00
Werner Koch
5819b1ee45 * g10.c (main): Try to set a default character set. Print the
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.

* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
2002-09-02 10:59:04 +00:00