security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-07-02 02:48:57 +02:00
Code Activity
1,165 Commits 100 Branches 301 Tags 70 MiB
c7fdd03e1a
Commit Graph

1165 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Shaw
034bbc759f * options.skel: Add explantion and commented-out 
"no-mangle-dos-filenames".

* mainproc.c (proc_encrypted): Make string translatable.

* keygen.c (keygen_set_std_prefs): Include AES192, and AES256 in default
prefs.
 2003-03-04 14:24:41 +00:00
David Shaw
208509950c * keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the 
signature caches to prevent another gpg from tampering with the temporary
copy.

* keydb.c: Double the maximum number of keyrings to 40.

* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations.  Fix cosmetic off-by-one length counter.
 2003-03-03 20:27:02 +00:00
Timo Schulz
16c925f68a 2003-03-02 Timo Schulz <twoaday@freakmail.de> 
* seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when
        the cipher algo is IDEA to make it easier to track down the problem.
 2003-03-02 11:58:24 +00:00
David Shaw
8655a545af * trustdb.c (validate_keys): Mask the ownertrust when building the list of 
fully valid keys so that disabled keys are still counted in the web of
trust.

* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.

* g10.c (main): Use 3DES for the s2k cipher in --openpgp mode. Double the
amount of secure memory to 32k (keys are getting bigger these days).
 2003-02-26 20:40:34 +00:00
David Shaw
838fe750bb * gpg.sgml: Document "revuid". Clarify that --openpgp resets --pgpX. 
* samplekeys.asc: Updated.
 2003-02-25 01:29:51 +00:00
David Shaw
27d868c50b * Makefile.am: Distribute convert-from-106. 2003-02-23 05:18:37 +00:00
David Shaw
f344404b12 * distfiles, gnupg.spec.in: convert-from-106 is in the tools directory 
now.
 2003-02-23 05:16:58 +00:00
David Shaw
9a80333f49 * g10.c (main): --openpgp disables --pgpX. 
* keyedit.c (show_prefs): Make strings translatable.
 2003-02-23 00:07:00 +00:00
David Shaw
2bffa31fcc * ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 to 
indicate a string with no maximum size.  This prevents early truncation of
strings that contain control chars which are expanded into \xXX form.
 2003-02-19 19:23:55 +00:00
David Shaw
047a84911a * configure.ac: Define @CAPLIBS@ to link in -lcap if we are using 
capabilities.
 2003-02-19 18:28:02 +00:00
David Shaw
fde4e0badb * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using 
capabilities.
 2003-02-19 18:26:40 +00:00
David Shaw
651b713d12 * sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF 
(segfault).  Noted by Marcus Brinkmann.  Push and reinitialize textmode
filter for each file in a multiple file list.
 2003-02-13 02:26:45 +00:00
David Shaw
eee851ad83 * Makefile.am: Make sure sha512.c is included in the tarball. 2003-02-12 04:49:16 +00:00
David Shaw
591dac51f9 * Makefile.am: Use the more correct @PACKAGE@ rather than "gnupg". 2003-02-12 03:48:48 +00:00
David Shaw
1bf92102fd * convert-from-106: Script to automate the 1.0.6->later conversion. It 
marks all secret keys as ultimately trusted, adds the signature caches,
and checks the trustdb.  Moved from the scripts directory.
 2003-02-11 15:51:47 +00:00
David Shaw
d1456b8721 * convert-from-106: Move to the tools directory. 2003-02-11 15:49:10 +00:00
David Shaw
40d6d881b4 * configure.ac: Add --enable-sha512 switch to add SHA384/512 support. 2003-02-11 15:11:11 +00:00
David Shaw
4eafcfb13b * g10.c (print_mds): Check that SHA384 and 512 are available before using 
them as they are no longer always available.

* exec.c (set_exec_path): Add debugging line.

* Makefile.am: Use the more correct @PACKAGE@ rather than "gnupg".
 2003-02-11 15:05:33 +00:00
David Shaw
ff8406b3d8 * Makefile.am, md.c (load_digest_module): Only build in SHA384/512 if 
specifically enabled.
 2003-02-11 14:49:16 +00:00
David Shaw
b39a328583 * Makefile.am: Use a local copy of libexecdir so it can be easily 
overridden at make time.
 2003-02-06 21:25:10 +00:00
David Shaw
e2963095c0 * Makefile.am: Pass GNUPG_LIBEXECDIR as part of CFLAGS so it can be easily 
overridden at make time.
 2003-02-06 21:23:02 +00:00
David Shaw
b7e3a74231 * configure.ac: Do not set GNUPG_LIBEXECDIR in ./configure, so that 
makefiles can override it.
 2003-02-06 21:21:05 +00:00
David Shaw
d52392f9e1 * g10.c (print_hex, print_mds): Print long hash strings a lot neater. 
This assumes at least an 80-character display, as there are a few other
similar assumptions here and there.  Users who need unformatted hashes can
still use with-colons.
 2003-02-05 16:22:30 +00:00
David Shaw
443e083f4a * armor.c (parse_hash_header, armor_filter): Accept the new SHAs in the 
armor Hash: header.

* g10.c (print_hex): Print long hash strings a little neater. (print_mds):
Add the new SHAs to the hash list.
 2003-02-04 18:59:22 +00:00
David Shaw
39db2a7190 * sha256.c, sha512.c: New. 
* Makefile.am, algorithms.h, md.c (load_digest_module,
string_to_digest_algo): Add read-only support for the new SHAs.
 2003-02-04 18:50:44 +00:00
David Shaw
defeb83a8d * cipher.h: Add constants for new SHAs. 2003-02-04 18:28:57 +00:00
David Shaw
441c927b19 * configure.ac (ALL_LINGUAS): Needs to be on one line to avoid problems 
during ./configure.
 2003-02-02 19:13:03 +00:00
David Shaw
6de7d80875 * NEWS: Note new --with-colons disabled key flag and new "revuid" command. 2003-02-02 18:08:42 +00:00
David Shaw
3a8ad7e8dc * keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on a v4 key 
(treat as a v4 revocation).

* keyedit.c (keyedit_menu, menu_revuid): Backport "revuid" from devel.

* import.c (print_import_check): Do not re-utf8 convert user IDs.

* status.h, status.c (get_status_string), import.c (import_one,
print_import_check): Backport Timo's IMPORT_CHECK status message from
devel.
 2003-02-02 15:28:47 +00:00
David Shaw
ac6468d891 * gpgkeys_mailto.in: Fix regexp to work properly if the "keyid" is not a 
keyid, but rather a text string from the user ID.
 2003-01-23 02:50:47 +00:00
David Shaw
ae4ef70783 * g10.c (add_group): Trim whitespace after a group name so it does not 
matter where the user puts the = sign.
 2003-01-16 19:09:04 +00:00
David Shaw
be85ae8f1f * options.skel: Comment out the first three lines in case someone manually 
copies the skel file to their homedir.
 2003-01-16 16:00:08 +00:00
David Shaw
9f65d8673e * sign.c (clearsign_file): Only use pgp2mode with v3 keys and MD5. This 
matches what we do when decoding such messages and prevents creating a
message (v3+RIPEMD/160) that we can't verify.
 2003-01-15 20:07:23 +00:00
David Shaw
3c90faa761 * sig-check.c (signature_check2): Use G10ERR_GENERAL as the error for 
signature digest conflict.  BAD_SIGN implies that a signature was checked
and we may try and print out a user ID for a key that doesn't exist.
 2003-01-15 02:52:57 +00:00
Werner Koch
631eed9c64 * g10.c (add_group): Fixed group parsing to allow more than one 
delimiter in a row and also allow tab as delimiter.
 2003-01-14 09:32:46 +00:00
David Shaw
d65d805aad * tdbio.c (tdbio_set_dbname): Fix assertion failure with 
non-fully-qualified trustdb names.
 2003-01-12 15:08:16 +00:00
David Shaw
97e93b7e18 * trustdb.h, trustdb.c (trust_letter): Make static. (get_ownertrust_info, 
get_validity_info): Don't mask the trust level twice.

* armor.c (armor_filter): Comment about PGP's end of line tab problem.
 2003-01-10 16:46:18 +00:00
David Shaw
4b7ff5da2b * gpg.sgml: Minor language tweaks, spell check, copyright date, etc. 2003-01-09 15:51:32 +00:00
David Shaw
e81bae94cb * packet.h, pkclist.c (build_pk_list), free-packet.c 
(release_public_key_parts): Remove unused namehash element for public
keys.

* trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info): Pass a
user ID in rather than a namehash, so we only have to do the hashing in
one place.
 2003-01-09 04:04:55 +00:00
Werner Koch
8602e35feb Preparing a release candidate. 2003-01-07 10:05:38 +00:00
Werner Koch
f6e2cb4032 * Broken links resulting from revised web site filesystem structure 
corrected:
    Intro - available *here* link corrected.
          Was <http://www.gnupg.org/faq.html>, corrected to be:
          <http://www.gnupg.org/documentation/faqs.html>
    1.1 - RFC 2440 link corrected. Was
          <http://www.gnupg.org/rfc2440.html>,
          now linked to: <http://www.rfc-editor.org/>
    2.1 - <http://www.gnupg.org/docs.html> corrected to be:
          <http://www.gnupg.org/documentation/>
	  <http://lists.gnupg.org> corrected to be:
	  <http://www.gnupg.org/documentation/mailing-lists.html>
    2.2 - <http://www.gnupg.org/mirrors.html> corrected to be:
          <http://www.gnupg.org/download/mirrors.html>
    3.1 - <http://gnupg.org/backend.html#supsys> corrected to be:
          <http://gnupg.org/download/supported_systems.html>
    3.2 - <http://www.gnupg.org/download.html> corrected to be:
          <http://www.gnupg.org/download/>
* Corrected typo in question 4.12 - Changed "How can a get list of key
  IDs..." to "How can I get list of key IDs..."
* Modified URL listed in question 6.19 to become an actual hyperlink.
* Removed line continuation character ("\") at the end of command-
  strings that were split into two lines (to lessen confusion for those
  using Windows or OSes that don't support line continuation).
* Removed paragraph on line continuation, replacing it with a paragraph
  to remind the reader that although some command lines may be split
  into two lines to allow for proper web page display of the FAQ file
  in some  browsers, the entire command-string is to be entered all on
  one line.
* Corrected command-line entries that lacked a "$" character at the
  beginning of the command-string to signafy a shell prompt in order to
  apply consitancy throughout the FAQ.
* Replaced <pre> tags with <samp> for code entries to improve display
  for those browser with limited window widths (does not apply to
  tables).
* Trimmed whitespace in tables to narrow width to improve display for
  those browsers with limited window widths.
 2003-01-07 10:03:50 +00:00
Werner Koch
78d250a82c * de.po: Updated the translation myself. 
* fi.po, zh_TW.po: New from TP Robot.

* es.po, gl.po, id.po, tr.po: Updated from TP Robot.
 2003-01-07 08:48:27 +00:00
David Shaw
705578de9c * NEWS: Add notes about disabled keys and trustdb tweaks. 2003-01-07 04:43:35 +00:00
David Shaw
eb6c0aa2be * packet.h, tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record), 
trustdb.c (update_validity): Store temporary full & marginal counts in the
trustdb. (clear_validity, get_validity_counts): Return and clear temp
counts. (store_validation_status): Keep track of which keyids have been
stored. (validate_one_keyblock, validate_key_list): Use per-uid copies of
the full & marginal counts so they can be recalled for multiple levels.
(validate_keys): Only use unused keys for each new round.
(reset_unconnected_keys): Rename to reset_trust_records, and only skip
specifically excluded records.
 2003-01-06 22:32:20 +00:00
David Shaw
462b2f93ca * DETAILS: Document disabled flag in capabilities field. 2003-01-06 21:10:41 +00:00
David Shaw
fad1d22621 * keylist.c (print_capabilities): Show 'D' for disabled keys in 
capabilities section.

* trustdb.c (is_disabled): Remove incorrect comment.
 2003-01-06 21:06:47 +00:00
David Shaw
2d5091e4e3 * getkey.c (merge_selfsigs_main): Remove some unused code and make sure 
that the pk selfsigversion member accounts for 1F direct sigs.

* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches.  Noted by Stefan Bellon.
 2003-01-03 00:40:20 +00:00
Werner Koch
e538b99549 * keydb.c (keydb_add_resource): Don't assume that try_make_homedir 
terminates but check again for the existence of the directory and
continue then.
* openfile.c (copy_options_file): Print a warning if the skeleton
file has active options.
 2003-01-02 17:47:35 +00:00
David Shaw
041d99295a (oops) The rest of the fix from previous checkin. 2002-12-28 04:25:29 +00:00
David Shaw
63246fe693 * getkey.c (merge_selfsigs_main), main.h, sig-check.c 
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
 2002-12-28 04:08:53 +00:00