* g10/keydb.c (struct kid_list_s): Rename from this...
(struct kid_not_found_cache_bucket): ... to this. Update users.
Remove field state.
(kid_list_t): Remove type.
(KID_NOT_FOUND_CACHE_BUCKETS): Define. Use this instead of a literal.
(kid_found_table): Rename from this...
(kid_not_found_cache_bucket): ... to this. Update users.
(kid_found_table_count): Rename from this...
(kid_not_found_cache_count): ... to this. Update users.
(kid_not_found_p): Only return whether a key with the specified key id
is definitely not in the database.
(kid_not_found_insert): Remove parameter found. Update callers.
(keydb_search): Only insert a key id in the not found cache if it is
not found. Rename local variable once_found to already_in_cache.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
Commit e0873a33 started tracking whether key ids where definitely in
the database. This information is, however, never used and thus just
unnecessarily inflates the cache. This patch effectively reverts that
change (however, e0873a33 contains two separate changes and this only
reverts that change).
* g10/keyedit.c (sign_uids): Write an ERROR status for a signing
failure.
(menu_adduid, menu_addrevoker, menu_revsig): Ditto.
(menu_revuid, menu_revkey, menu_revsubkey): Ditto.
--
This change helps GPA to show better error messages.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/status.h (STATUS_FAILURE): New.
* g10/cpr.c (write_status_failure): New.
* g10/gpg.c (main): Call write_status_failure for all commands which
print an error message here.
* g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't
set the pinentry mode.
--
This status line can be used similar to the error code returned by
commands send over the Assuan interface in gpgsm. We don't emit them
in gpgsm because there we already have that Assuan interface to return
proper error code. This change helps GPGME to return better error
codes.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/parse-packet.c (parse): Use an int to compare to -1. Use
buf32_to_ulong.
--
Regression-due-to: 0add91ae1c
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/packet.h (PKT_signature): Change revkey's type from a struct
revocation_key ** to a struct revocation_key *. Update users.
--
revkey was a pointer into the raw data. But, C doesn't guarantee that
there is no padding. Thus, we copy the data.
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* g10/parse-packet.c (parse): We don't handle copying packets with a
partial body length to an output stream. If this occurs, log an error
and abort.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* g10/parse-packet.c (dbg_copy_all_packets): Check that OUT is not
NULL.
(copy_all_packets): Likewise.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* g10/parse-packet.c (parse_signature): Make sure PKTLEN doesn't
underflow. Be more careful that a read doesn't read more data than
PKTLEN says is available.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* g10/packet.h: Add documentation for functions defined in
parse-packet.c.
* g10/parse-packet.c: Improve comments for many functions.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* g10/packet.h (enum_sig_subpkt): Remove argument RET_N. Update
callers.
* g10/parse-packet.c (enum_sig_subpkt): Remove argument RET_N.
--
Remove the RET_N argument, because it is unused and because it is
meaningless: it's not clear whether it is an offset into SIG->HASHED
or SIG->UNHASHED.
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* g10/parse-packet.c (mpi_read): Improve documentation. Correctly
handle an EOF. On overflow, correctly return the number of bytes read
from the pipeline.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* common/iobuf.h (iobuf_open_fd_or_name): Remove prototype. Replace
use with either iobuf_open or iobuf_fdopen_nc, as appropriate.
* common/iobuf.c (iobuf_open): Remove function.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* kbx/keybox.h (KEYBOX_WITH_X509): Do not define.
* sm/Makefile.am (AM_CPPFLAGS): Define it here.
(common_libs): Change to libkeybox509.a
* g10/Makefile.am (AM_CFLAGS): remove KSBA_CFLAGS.
(gpg2_LDADD, gpgv2_LDADD): Remove KSBA_LIBS
* kbx/Makefile.am (noinst_LIBRARIES): Add libkeybox509.a.
(libkeybox509_a_SOURCES): New.
(libkeybox_a_CFLAGS): New.
(libkeybox509_a_CFLAGS): New.
(kbxutil_CFLAGS): New.
* kbx/keybox-search.c (has_keygrip) [!KEYBOX_WITH_X509]: Declare args
as unused.
--
There is no real need to link to Libksba in gpg.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/status.h (INQUIRE_MAXLEN): New.
* g10/call-agent.c (default_inquire_cb): Send STATUS_INQUIRE_MAXLEN.
client when inquiring a passphrase over pinentry-loopback.
--
This is to inform a user about the maximum length of a passphrase. The
limit is the same that gpg-agent uses.
* g10/gpg.c (main): test for --command-fd during --gen-key parse.
When --command-fd is set then imply --batch to let gpg inquire a
passphrase rather than requiring a pinentry.
* g10/keydb.h (KEYDB_RESOURCE_FLAG_GPGVDEF): New.
* g10/keydb.c (keydb_add_resource): Take care of new flag.
* g10/gpgv.c (main): Use new flag.
--
GnuPG-bug-id: 2025
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keylist.c (list_keyblock_print): Do not print extra curve name.
--
This was cruft from the time before we changed to the new algo/size
string.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keylist.c (list_keyblock_print): Change UID line indentation
* g10/mainproc.c (list_node): Ditto.
--
Due to the new keyalgo/size format the UID was not anymore printed
properly aligned to the creation date. Although we can't do that in
any case, this change does it for common algos like "rsa2048",
"dsa2048", and "ed25519".
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/cvt-openpgp.c (get_keygrip): Handle Curve25519.
(convert_secret_key, convert_transfer_key): Ditto.
* common/openpgp-oid.c (oidtable): Add Curve25519.
(oid_crv25519, openpgp_oid_is_crv25519): New.
* common/util.h (openpgp_oid_is_crv25519): New.
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Handle the case
with Montgomery curve which uses x-only coordinate.
* g10/keygen.c (gen_ecc): Handle Curve25519.
(ask_curve): Change the API and second arg is to return subkey algo.
(generate_keypair, generate_subkeypair): Follow chage of ask_curve.
* g10/keyid.c (keygrip_from_pk): Handle Curve25519.
* g10/pkglue.c (pk_encrypt): Handle Curve25519.
* g10/pubkey-enc.c (get_it): Handle the case with Montgomery curve.
* scd/app-openpgp.c (ECC_FLAG_DJB_TWEAK): New.
(send_key_attr): Work with general ECC, Ed25519, and Curve25519.
(get_public_key): Likewise.
(ecc_writekey): Handle flag_djb_tweak.
--
When libgcrypt has Curve25519, GnuPG now supports Curve25519.
* common/openpgp-oid.c (openpgp_oid_to_curve): Add CANON argument.
* common/util.h: Update.
* g10/import.c (transfer_secret_keys): Follow the change.
* g10/keyid.c (pubkey_string): Likewise.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Likewise.
* parse-packet.c (parse_key): Likewise.
* scd/app-openpgp.c (send_key_attr, get_public_key): Likewise.
--
Change the function so that caller can select canonical name of curve
or name for printing. Suggested by wk.
* g10/keydb.c (keydb_search_fpr): Skip legacy keys.
--
A test case for this problem can be found at
GnuPG-bug-id: 2031
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (lookup): Map GPG_ERR_LEGACY_KEY.
--
If an expired key is directly followed by a legacy key in the keyring,
the lookup function incorrectly returned "legacy key" instead of
"unusable key". We fix it by handling not found identical to a legacy
key if the last finish lookup failed.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keyedit.c (sign_uids): Add arg "ctrl".
(show_key_with_all_names_colon): Ditto.
(show_key_with_all_names): Ditto.
* g10/keyedit.c (show_key_with_all_names): Print key record
indicators by checking with gpg-agent.
(show_key_with_all_names): Ditto. May now also print sec/sbb.
--
This also fixes a problem in the --with-colons mode. Before this
patch the --with-colons output of --edit-key always showed pub/sub
regardless of the old toogle state. Now it also prints sec/sbb.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keyedit.c (cmds): Remove helptext from "toggle".
(keyedit_menu): Remove "toggle" var and remove the sub/pub check
against toggle.
--
Because it is now easily possible to have only secret keys for some of
the main/subkeys the current check on whether any secret is available
is not really useful. A finer grained check should eventually be
implemented.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/util.h: Provide replacement for GPGRT_ATTR_ macros when using
libgpg-error < 1.20.
* common/mischelp.h: Ditto.
* common/types.h: Ditto.
--
Given that libgpg-error is a dependency of all GnuPG related libraries
it is better to define such macros at only one place instead of having
similar macros at a lot of places. For now we need repalcement
macros, though.
* g10/call-agent.h (struct agent_card_info_s): Add curve field.
* g10/call-agent.c (learn_status_cb): Use curve name.
* g10/card-util.c (card_status): Show pubkey name.
* scd/app-openpgp.c (struct app_local_s): Record OID and flags.
(store_fpr): Use ALGO instead of key type.
(send_key_attr): Use curve name instead of OID.
(get_public_key): Clean up by OID to curve name.
(ecc_writekey): Support any curves in libgcrypt.
(do_genkey, do_auth, ): Follow the change.
(ecc_oid): New.
(parse_algorithm_attribute): Show OID here.
* g10/card-util.c (do_change_keysize): Put "rsa".
* scd/app-openpgp.c (change_keyattr, change_keyattr_from_string):
Change the command format.
(rsa_writekey): Check key type.
(do_writekey): Remove "ecdh" and "ecdsa" support which was available
in experimental libgcrypt before 1.6.0.
* g10/getkey.c (free_akl): If AKL is NULL, just return.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
Reported-by: Sami Farin.
GnuPG-bug-id: 2045
* agent/gpg-agent.c (create_server_socket): Add arg "cygwin". Call
assuan_sock_set_flag if Assuan version is recent enough.
(main): Create ssh server socket with Cygwin flag set.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/parse-packet.c (parse): Make the description more accurate when
listing packets: old format packets don't support partial lengths,
only indeterminate lengths (RFC 4880, Section 4.2).
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* g10/gpg.c (opts): Change arg for oDebug to a string.
(debug_flags): New; factored out from set_debug.
(set_debug): Remove "--debug-level help". Use parse_debug_flag to
print the used flags.
(main): Use parse_debug_flag for oDebug.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb.c (kid_list_s): Keep a state in the table.
(kid_not_found_table): Rename to kid_found_table.
(n_kid_not_found_table): Rename to kid_found_table_count.
(kid_not_found_p): Return found state.
(kid_not_found_insert): Add arg found.
(keydb_search): Store found state in the table.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keylist.c (keylist_context): Add field good_sigs.
(list_keyblock_print): Updated good_sigs.
(print_signature_stats): Print number of good signatures and use
log_info instead of tty_printf.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb.c (kid_list_t): New.
(kid_not_found_table, n_kid_not_found_table): New.
(kid_not_found_p, kid_not_found_insert, kid_not_found_flush): New.
(keydb_insert_keyblock): Flush the new cache.
(keydb_delete_keyblock): Ditto.
(keydb_update_keyblock): Ditto.
(keydb_search): Use the new cache.
(keydb_dump_stats): New.
* g10/gpg.c (g10_exit): Dump keydb stats.
--
What we do here is to keep track of key searches by long keyids (as
stored in all signatures) so that we do not need to scan the keybox
again after we already found that this keyid will result in
not-found. As soon as we change gpg to run as a co-process we should
store this table per session because other instances of gpg may have
updated the keybox without us knowing.
On a test ring with
gpg: 94721 good signatures
gpg: 6831 bad signatures
gpg: 150703 signatures not checked due to missing keys
gpg: 5 signatures not checked due to errors
gpg: keydb: kid_not_found_table: total: 14132
this new cache speeds a --check-sigs listing up from 28 minutes to
less than 3 minutes.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/tdbio.c (tdbio_read_record): Fix returning of the error.
--
Actually the returned error will anyway be GPG_ERR_TRUSTDB but the old
code was not correct.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/tdbdump.c (list_trustdb): Add arg FP and change callers to pass
es_stdout.
* g10/tdbio.c (upd_hashtable): On a corrupted trustdb call
list_trustdb only in verbose > 1 mode and let it dump to stderr.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/signal.c: Remove.
* g10/main.h: Remove old function API.
* g10/tdbio.c: Use new API, even in the dead code.
--
We use common/signal.c now. The file g10/signal.c has been useless
since 2003-06-27. Now, the removal.
* Makefile.am: Always build kbx/
* g10/Makefile.am (AM_CFLAGS): Include KSBA_CFLAGS.
--
Note that "make check" still prints a warning.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/trustdb.c (validate_keys): Call dump_key_array only in debug
mode.
--
I guess that is a left-over from an early attempt to output
information on the trustdb for use by other tools. Maybe related to
the former --list-trust-path command. Sending it to stdout is
probably useful so we do this now only in debug mode.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/parse-packet.c (parse_gpg_control): Replace puts by es_fputs to
LISTFP.
--
Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This was an oversight from the conversion to estream or a separate
listing stream.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb.c (keydb_handle): Add field saved_found.
(keydb_new): Init new field.
(keydb_push_found_state, keydb_pop_found_state): New.
* g10/keyring.c (kyring_handle): Add field saved_found.
(keyring_push_found_state, keyring_pop_found_state): New.
--
We have the same feature in gpgsm. It is very useful to check for an
unambiguous user id with a follow up update of the keyblock.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keyedit.c (fix_keyblock): Rename to fix_key_signature_order.
(fix_keyblock): New. Call fix_key_signature_order and other fix
functions.
(keyedit_menu): Factor code out to new fix_keyblock.
(keyedit_quick_sign): Ditto. Check for primary fpr before calling
fix_keyblock.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keylist.c (print_pubkey_info): Print either "pub" or "sub".
* g10/getkey.c (get_pubkey_byfprint): Add optional arg R_KEYBLOCK.
* g10/keyid.c (keyid_from_fingerprint): Adjust for change.
* g10/revoke.c (gen_desig_revoke): Adjust for change.
* g10/card-util.c (card_status): Simplify by using new arg. Align
card-no string.
* g10/card-util.c (card_status): Remove not used GnuPG-1 code.
--
This now prints "sub" if the first used card key is actually a subkey.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/call-agent.c (keyinfo_status_cb): Detect KEYINFO.
--
This regression is due to
commit 585d5c62ee
from February 2013!
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/free-packet.c (cmp_public_keys): Compare opaque
data at the first entry of the array when it's unknown algo.
--
(forwardported from 2.0 commit 43429c7869)
GnuPG-bug-id: 1962
* common/logging.h: Rename JNLIB_LOG_* to GPGRT_LOG_*.
* common/mischelp.h: Rename JNLIB_GCC_* to GPGRT_GCC_*.
--
JNLIB has no more meaning. Thus we switch to a GPGRT_ prefix in
anticipation that some code may eventually be moved to libgpg-error.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/dns-cert.h: Move to ../dirmngr/.
* common/dns-cert.c: Move to ../dirmngr/. Change args to return the
key as a buffer.
* common/t-dns-cert.c: Move to ../dirmngr/.
* common/pka.c, common/pka.h, common/t-pka.c: Remove.
* dirmngr/server.c (data_line_cookie_write): Factor code out to
data_line_write and make it a wrapper for that.
(data_line_write): New.
(cmd_dns_cert): New.
(register_commands): Register new command.
* g10/Makefile.am (LDADD): Remove DNSLIBS.
* g10/call-dirmngr.c (dns_cert_parm_s): New.
(dns_cert_data_cb, dns_cert_status_cb): New.
(gpg_dirmngr_dns_cert): New.
(gpg_dirmngr_get_pka): New.
* g10/gpgv.c (gpg_dirmngr_get_pka): New dummy function.
* g10/keyserver.c (keyserver_import_cert): Replace get_dns_cert by
gpg_dirmngr_dns_cert.
(keyserver_import_pka): Replace get_pka_info by gpg_dirmngr_get_pka.
* g10/mainproc.c: Include call-dirmngr.h.
(pka_uri_from_sig): Add CTX arg. Replace get_pka_info by
gpg_dirmngr_get_pka.
--
With this patch gpg does not do any network access itself but uses
dirmngr for that. Note that we need to keep linking to NETLIBS due to
the logging code and because we need TCP for our socket emulation
under Windows. Probably also required for Solaris etc.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/call-dirmngr.c (dirmngr_local_s): Add field set_keyservers_done.
(create_context): Move keyserver setting to ...
(open_context): here.
(clear_context_flags): New.
(gpg_dirmngr_ks_get): Add arg override_keyserver.
* g10/keyserver.c (keyserver_refresh): Improve diagnostics.
(keyserver_get_chunk): Ditto. Pass OVERRIDE_KEYSERVER to ks_get.
--
It used to ignore the given server but showed a diagnostics that it
will be used.
* g10/options.h (KEYSERVER_HTTP_PROXY): New.
(KEYSERVER_USE_TEMP_FILES, KEYSERVER_KEEP_TEMP_FILES): Remove.
(KEYSERVER_TIMEOUT): New.
* common/keyserver.h (KEYSERVER_TIMEOUT): Remove.
* g10/keyserver.c (keyserver_opts): Remove obsolete "use-temp-files"
and "keep-temp-files". Add "http-proxy" and "timeout".
(parse_keyserver_options): Remove 1.2 compatibility option
"honor-http_proxy". Remove "use-temp-files" and "keep-temp-files"
code.
--
Note that many of these options where implicitly used by passing any
unknown option down to the former keyserver helpers. The don't exist
anymore thus we need to make them explicit. Another patch will convey
them to dirmngr. Temp files are not anymore used thus they can be
removed and will be ignored when used.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/free-packet.c (my_mpi_copy): New.
(copy_public_key, copy_signature): Use instead of mpi_copy.
--
Reported-by: Hanno Böck
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keylist.c (struct sig_stats): Rename to keylist_context and add
field check_sigs.
(keylist_context_release): New.
(list_all): Set listctx.check_sigs and call release func.
(list_one): Ditto.
(locate_one): Ditto.
(list_keyblock_print): Use .check_sigs field. Repalce arg opaque by
listctx.
(list_keyblock): Ditto. Make static.
(list_keyblock_direct): New.
* g10/keygen.c (do_generate_keypair): Replace list_keyblock by
list_keyblock_direct.
--
This is in preparation for the server mode and for a patch to speed up
--list-sigs.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (oDebugIOLBF): new.
(opts): Add --debug-iolbf.
(main): Set option.
--
This option is convenient for debugging to make sure that debug output
to stderr is synced with output to stdout.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dirmngr.h (DBG_LOOKUP_VALUE): Change to 8192.
* g10/options.h (DBG_LOOKUP_VALUE, DBG_LOOKUP): New.
* g10/getkey.c: Use DBG_LOOKUP instead of DBG_CACHE at most places.
* g10/parse-packet.c (parse_key): Check PKTLEN before calling mpi_read
et al.
--
Due to the missing length checks PKTLEN may turn negative. Because
PKTLEN is an unsigned int the malloc in read_rest would try to malloc
a too large number and terminate the process with "error reading rest
of packet: Cannot allocate memory".
Reported-by: Hanno Böck.
Signed-off-by: Werner Koch <wk@gnupg.org>
g10/call-agent.h (agent_scd_learn): Add FORCE option.
g10/call-agent.c (agent_scd_learn): Implement FORCE option.
g10/keygen.c (gen_card_key): Follow the change of option.
g10/card-util.c (change_pin, card_status, factory_reset): Likewise.
g10/keyedit.c (keyedit_menu): Update private key storage by
agent_scd_learn.
--
This is not a perfect solution since there is a possibility user
unplug card before quitting 'gpg --keyedit' session. Usually,
it works well.
GnuPG-bug-id: 1846
* g10/call-dirmngr.c (record_output): New function.
(ks_put_inq_cb): Use it here to generate a --with-colons like output
instead of a custom format.
* dirmngr/ks-action.c: Include "ldap-parse-uri.h".
(ks_action_help): If the provided URI is an LDAP URI, then use
ldap_parse_uri to parse. Call ks_ldap_help.
(ks_action_search): If passed an LDAP URI, then call ks_ldap_search.
(ks_action_get): Likewise.
(ks_action_put): Likewise. Also, change data from a 'const void *' to
a 'void *' and add info and infolen parameters. Add note that
function may modify DATA.
* dirmngr/ks-action.h (ks_action_put): Update declaration accordingly.
* dirmngr/server.c: Include "ldap-parse-uri.h".
(cmd_keyserver): If ITEM->URI is an LDAP URI, parse it using
ldap_parse_uri.
(hlp_ks_put): Improve documentation.
(cmd_ks_put): Also pass info and infolen to ks_action_put. Improve
documentation.
* dirmngr/ks-engine.h (ks_ldap_help): New declaration.
(ks_ldap_search): Likewise.
(ks_ldap_get): Likewise.
(ks_ldap_put): Likewise.
* dirmngr/ks-engine-ldap.c: New file.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add ks-engine-ldap.c,
ldap-parse-uri.c and ldap-parse-uri.h.
(dirmngr_LDADD) [USE_LDAP]: Add $(ldaplibs).
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
* g10/mainproc.c (check_sig_and_print): Emit STATUS_NEWSIG.
--
gpgsm does this for a long time but somehow it never made it into gpg.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/build-packet.c (gpg_mpi_write): Strip leading zeroes.
--
This used not to work with opaque MPI as returned by Libgcrypt from
ECC operations. This patch fixes this.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/parse-packet.c (set_packet_list_mode): Set mpi_print_mode.
* g10/misc.c (mpi_print): Do not print an extra leading zero.
--
This was in older versions possible using "--debug 4" but that was
disabled in 2.1 due to a conflict using this values also for
Libgcrypt. Now the values are dumped either with --debug 4 or using
--list-packets along with --verbose.
Because OpenPGP only uses unsigned integers an extra leading zero will
not be printed anymore.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not
use it as a command.
* g10/keylist.c (list_keyblock): List PKA rceords also for secret
keys.
--
An option allows to use it more flexible. For example to select only
secret keys.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/trustdb.c (tdb_check_trustdb_stale): avoid log_info() when
opt.quiet
--
gpg(1) says:
-q, --quiet
Try to be as quiet as possible.
While the mentions about the stale trustdb information are edifying,
they aren't necessary, and shouldn't be emitted when the user requests
--quiet.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
