1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-31 20:08:43 +01:00
Commit Graph

9141 Commits

Author SHA1 Message Date
David Shaw
1c5b33a126 * gpg.sgml: Document keyserver-option http-proxy, import-option
merge-only, remove old honor-http-proxy, --merge-only, and
--emulate-md-encode-bug.  Document COLUMNS and LINES.
2004-02-26 05:04:16 +00:00
David Shaw
4c4f29d256 * README: Update copyright.
* NEWS: Note --max-output, --list-config, --min-cert-level, AIX fix, new
http-proxy keyserver-option, new LDAP server code, TLS, LDAPS, and
--show-session-key with --symmetric.
2004-02-26 04:40:57 +00:00
David Shaw
f2148f03c5 * delkey.c (do_delete_key): Allow deleting a public key with a secret
present if --expert is set.

* plaintext.c (handle_plaintext): Make bytecount static so it works with
multiple literal packets inside a message.

* encode.c, helptext.c (keygen.algo, keygen.algo.elg_se), keygen.c
(ask_algo), sig-check.c (do_check_messages), skclist.c (build_sk_list):
Rename "ElGamal" to "Elgamal" as that is the proper spelling nowadays.
Suggested by Jon Callas.
2004-02-26 02:03:27 +00:00
David Shaw
0d7cae4663 * gpgkeys_ldap.c (send_key): List pgpCertID as one of the deleted
attributes.  This guarantees that if something goes wrong, we won't be
able to complete the transaction, thus leaving any key already existing on
the server intact.
2004-02-26 01:29:26 +00:00
Marcus Brinkmann
8817c66900 2004-02-25 Marcus Brinkmann <marcus@g10code.de>
* gpgconf-comp.c (struct gc_option): Add new member new_flags.
	(option_check_validity): Check OPTION->new_flags beside
	OPTION->new_value.  Add new argument FLAGS.
	(gc_component_change_options): Support default flag correctly.
	(change_options_program): Likewise.
2004-02-25 20:24:53 +00:00
Marcus Brinkmann
8f8c5c47dd 2004-02-25 Marcus Brinkmann <marcus@g10code.de>
* gpgconf-comp.c (gc_component_list_options): Correct output for
	lists of arg type none.
2004-02-25 19:35:36 +00:00
Werner Koch
9d988d6068 New option --disable-threads to inhibit
unintentional builds without Pth.
2004-02-25 08:58:46 +00:00
David Shaw
a84fe549da * plaintext.c: Copyright.
* encode.c (encode_simple): Show cipher with --verbose.

* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level.  If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.

* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
2004-02-24 23:37:18 +00:00
Werner Koch
be94975af6 (lock_pool) [_AIX]: Also set errno. 2004-02-24 16:06:55 +00:00
Marcus Brinkmann
54d5446797 2004-02-24 Marcus Brinkmann <marcus@g10code.de>
* README.gpgconf: Revert last change.  Add new flags "default",
	"default desc" and "no arg desc".  Add new field ARGDEF.  Add new
	field FLAG to backend interface.
	* gpgconf-comp.c (struct gc_option): Make flags of type unsigned
	long.
	(gc_component_list_options): Adjust type for flags.
	Add default argument field.
	(retrieve_options_from_program): Use "1" as value for non-option
	arguments, not "Y".
	(gc_component_change_options): Read in flags from input.
2004-02-24 14:31:59 +00:00
Werner Koch
18a212f2c8 (list_cert_colon): Print the fingerprint as the
cert-id for root certificates.
2004-02-24 14:15:43 +00:00
David Shaw
17ce0c5267 * gpgkeys_ldap.c (delete_one_attr): Removed. (make_one_attr): Delete
functionality added.  Optional deduping functionality added (currently
only used for pgpSignerID). (build_attrs): Translate sig entries into
pgpSignerID.  Properly build the timestamp for pgpKeyCreateTime and
pgpKeyExpireTime.
2004-02-24 03:57:21 +00:00
Marcus Brinkmann
cd3ccbf34d 2004-02-23 Marcus Brinkmann <marcus@g10code.de>
* README.gpgconf: Change meaning of type 0 options value if it is
	the empty string or "0".
2004-02-23 20:59:18 +00:00
Marcus Brinkmann
5620ac56bf 2004-02-23 Marcus Brinkmann <marcus@g10code.de>
* gpgconf.h (struct): Add member runtime.
	* gpgconf.c: Add new option oRuntime.
	(main): Same here.
2004-02-23 20:31:35 +00:00
Marcus Brinkmann
c38f609206 2004-02-23 Marcus Brinkmann <marcus@g10code.de>
* gpgconf-comp.c (hextobyte): New function.
	(percent_deescape): New function.
	(get_config_pathname): Percent deescape pathname if taken from
	option (default) value.  Use default value only if it exists and
	is not empty.  Use empty string otherwise.  Don't include leading
	quote in pathname.
	(change_options_program): Percent deescape string before writing
	it out.
2004-02-23 19:37:04 +00:00
David Shaw
643665c963 * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add
--min-cert-check-level option to specify minimum cert check level.
Defaults to 2 (so 0x11 sigs are ignored).  0x10 sigs cannot be ignored.
2004-02-23 04:00:51 +00:00
David Shaw
07a10b451e * gpgkeys_ldap.c (delete_one_attr): New function to replace attributes
with NULL (a "delete" that works even for nonexistant attributes).
(send_key): Use it here to remove attributes so a modify operation starts
with a clean playing field.  Bias sends to modify before add, since (I
suspect) people update their existing keys more often than they make and
send new keys to the server.
2004-02-23 03:43:45 +00:00
David Shaw
d8590475fe * plaintext.c (handle_plaintext): Properly handle a --max-output of zero
(do not limit output at all).
2004-02-22 04:16:31 +00:00
David Shaw
3ddd4410ae * keyserver.c (keyserver_spawn): Use the full 64-bit keyid in the INFO
header lines, and include "sig:" records for the benefit of people who
store their keys in LDAP servers.  It makes it easy to do queries for
things like "all keys signed by Isabella".
2004-02-22 00:36:34 +00:00
David Shaw
3b9d7a6430 * gpgkeys_ldap.c (epoch2ldaptime): New. Converse of ldap2epochtime.
(make_one_attr): New. Build a modification list in memory to send to the
LDAP server. (build_attrs): New. Parse INFO lines sent over by gpg.
(free_mod_values): New.  Unwinds a modification list.
(send_key_keyserver): Renamed from old send_key(). (send_key): New
function to send a key to a LDAP server. (main): Use send_key() for real
LDAP servers, send_key_keyserver() otherwise.
2004-02-22 00:08:53 +00:00
David Shaw
9afea90825 * util.h: Prototype for hextobyte(). 2004-02-21 22:13:39 +00:00
David Shaw
fcc02ac22a * miscutil.c (hextobyte): Moved here from g10/misc.c so I can use it in
the keyserver helpers.
2004-02-21 22:12:29 +00:00
David Shaw
93b5a811ef * main.h, misc.c (hextobyte): Removed. It's in libutil.a now. 2004-02-21 22:11:23 +00:00
Werner Koch
48b0cdef7c post release version bumb 2004-02-21 13:35:42 +00:00
Werner Koch
b67d7c4073 About to release 1.9.5 2004-02-21 13:13:35 +00:00
Werner Koch
0c224cadf3 * keylist.c (list_internal_keys): Return error codes.
(list_external_keys, gpgsm_list_keys): Ditto.
* server.c (do_listkeys): Ditto.

* gpgsm.c (main): Display a key description for --passwd.
* call-agent.c (gpgsm_agent_passwd): New arg DESC.
2004-02-21 13:05:52 +00:00
Werner Koch
a425334f48 * command.c (cmd_passwd): Take acount of a key description.
* genkey.c (reenter_compare_cb): Do not set the error text.
(agent_protect_and_store, agent_genkey): Force a re-enter after a
non-matching passphrase.
* query.c (agent_askpin): Add new arg INITIAL_ERRTEXT; changed
all callers.
2004-02-21 13:05:22 +00:00
David Shaw
34ccced8dc * keyserver.c (keyserver_export): Disallow user strings that aren't key
IDs. (keyserver_import): Clarify error message. (keyserver_spawn):
Properly handle 8 bit characters in user IDs in the info lines during
SEND.
2004-02-20 20:18:49 +00:00
David Shaw
9fe66c89d8 * configure.ac: Check for timegm(). Replacement functions for setenv()
and unsetenv().
2004-02-20 15:11:57 +00:00
David Shaw
a3ba17e09e * mkdtemp.c: New (moved from g10/), setenv.c: New, unsetenv.c: New.
* Makefile.am: Include @LIBOBJS@ for replacement functions.
2004-02-20 15:10:36 +00:00
David Shaw
e867829de7 * mkdtemp.c: Removed.
* Makefile.am: We get mkdtemp.c from libutil.a now, so don't link with
@LIBOBJS@.

* keyserver.c (keyserver_spawn): Pass the scheme to the keyserver helper.
2004-02-20 15:04:56 +00:00
David Shaw
925b982a0b * gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv.
(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user whatever
the server did give us. (find_basekeyspacedn): There is no guarantee that
namingContexts will be readable.

* Makefile.am: Link gpgkeys_ldap with libutil.a to get the replacement
functions (and eventually translations, etc).
2004-02-20 14:59:02 +00:00
Werner Koch
ffd5cd0368 Fixed URLs in the notice messages. 2004-02-20 14:23:30 +00:00
Werner Koch
c4663004d9 * Makefile.am: Reset GPG_AGENT_INFO here
* runtest: and not anymore here.
2004-02-20 13:46:35 +00:00
Werner Koch
aa0e38982a * gpgsm.c (main): New option --debug-ignore-expiration.
* certchain.c (gpgsm_validate_chain): Use it here.

* certlist.c (cert_usage_p): Apply extKeyUsage.
2004-02-20 13:46:21 +00:00
David Shaw
7f148010ab * gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do not
correct for timezones. (main): Find the basekeyspacedn before we try to
start TLS, so we can give a better error message when a user tries to use
TLS with a LDAP keyserver.
2004-02-19 21:32:15 +00:00
David Shaw
06d21d80f6 * configure.ac: Check for ln -s and add GPGKEYS_LDAP conditional, both for
making gpgkeys_ldaps symlink to gpgkeys_ldap.
2004-02-19 20:10:38 +00:00
David Shaw
21301028c4 * Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps to
gpgkeys_ldap when needed.

* gpgkeys_ldap.c (main): Add support for LDAPS and TLS connections.
These are only useful and usable when talking to real LDAP keyservers.
Add new "tls" option to tune TLS use from off, to try quietly, to try
loudly, or to require TLS.
2004-02-19 20:09:12 +00:00
David Shaw
ce1e817dce * configure.ac: Simplify the LDAP checking code since OpenLDAP is far more
mature these days and dependencies are cleaner.  Add checks for
ldap_set_option and ldap_start_tls_s.
2004-02-19 16:34:32 +00:00
Werner Koch
a1b487a17a * protect-tool.c: New options --have-cert and --prompt.
(export_p12_file): Read a certificate from STDIN and pass it to
p12_build.  Detect a keygrip and construct the filename in that
case.  Unprotcet a key if needed.  Print error messages for key
formats we can't handle.
(release_passphrase): New.
(get_passphrase): New arg PROMPTNO. Return the allocated
string. Changed all callers.

* minip12.c: Revamped the build part.
(p12_build): New args CERT and CERTLEN.

* simple-pwquery.c (agent_open): Don't mangle INFOSTR.

* export.c (export_p12, popen_protect_tool)
(gpgsm_p12_export): New.
* gpgsm.c (main): New command --export-secret-key-p12.
2004-02-19 16:26:32 +00:00
David Shaw
7e7364973d * gpgkeys_ldap.c (find_basekeyspacedn): New function to figure out what
kind of LDAP server we're talking to (either real LDAP or the LDAP
keyserver), and return the baseKeySpaceDN to find keys under. (main): Call
it from here, and remove the old code that only handled the LDAP
keyserver.
2004-02-19 15:09:14 +00:00
David Shaw
6c13b96a1d * options.h, g10.c (main), plaintext.c (handle_plaintext): Add
--max-output option to help people deal with decompression bombs.
2004-02-18 23:09:27 +00:00
David Shaw
f3de3a5eb9 * gpgkeys_ldap.c (ldap_to_gpg_err): Make sure that LDAP_OPT_ERROR_NUMBER
is defined before we use it.

* gpgkeys_mailto.in: Fix VERSION number.
2004-02-18 23:05:47 +00:00
Werner Koch
50ad027c9a * acinclude.m4: Removed macros to detect gpg-error, libgcrypt,
libassuan and ksba as they are now distributed in m4/.

* gpg-error.m4, libgcrypt.m4, libassuan.m4, ksba.m4: New.
* Makefile.am: Distribute them
2004-02-18 18:38:50 +00:00
Werner Koch
e588e13d7c Added empty components for gpgsm and scdaemon. 2004-02-18 17:00:56 +00:00
Werner Koch
1a709b341c * gpgsm.c (set_debug): Set the new --debug-level flags.
(main): New option --gpgconf-list.
(main): Do not setup -u and -r keys when not required.
(main): Setup the used character set.

* keydb.c (keydb_add_resource): Print a hint to start the
gpg-agent.
2004-02-18 17:00:21 +00:00
Werner Koch
de43297298 * sc-investigate.c (main): Setup the used character set.
* scdaemon.c (main): Ditto.

* scdaemon.c (set_debug): New.  Add option --debug-level.
(main): Add option --gpgconf-list.
2004-02-18 17:00:11 +00:00
Werner Koch
ef7e99c427 Adjusted for moved file. 2004-02-18 16:59:53 +00:00
Werner Koch
9702e85d5d (print_sanitized_buffer): Don't care about
non-ASCII characaters.
(sanitize_buffer): Ditto.
2004-02-18 16:59:19 +00:00
Werner Koch
16f3d8396e * call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO.
* passphrase.c (agent_open): Ditto.
2004-02-18 16:59:03 +00:00