1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

809 Commits

Author SHA1 Message Date
David Shaw
debc169f88 * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
non-selfsigs from key during cleaning.  Change all callers.

* export.c (do_export_stream): Use it here so we don't need additional
minimize code in the export path.
2005-11-10 21:18:49 +00:00
David Shaw
11c7699c45 * options.skel: Add a section for --encrypt-to. This is Debian bug
336211 by Javier Fernández-Sanguino Peña.
2005-11-06 15:45:00 +00:00
David Shaw
f48ef0f1f0 * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. Strictly
speaking this should be only in gpg_CPPFLAGS, but then we have to
compile everything twice for gpg and gpgv.

* apdu.c (open_pcsc_reader): Fix double free.

* gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X
location.  Suggested by Patty A. Hardy.
2005-11-06 04:32:54 +00:00
David Shaw
4e27a9f5da * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in
the sigs that are cleaned.  Suggested by Dirk Traulsen and many others.
2005-11-02 16:47:02 +00:00
David Shaw
19de04694e * import.c (import_one): Do collapse_uids() before we do any cleaning
so keyserver mangled keys with doubled user IDs can be properly
cleaned - possibly sigs on the different user IDs cancel each other
out.

* import.c (parse_import_options), export.c (parse_export_options):
List "xxx-clean" before the longer options so we don't end up with a
partial match on the longer options.

* trustdb.c (clean_uids_from_key): Return proper number of cleaned
user IDs.  Don't count user IDs as cleaned unless we actually delete
something.
2005-11-02 05:22:01 +00:00
David Shaw
b3ea683ac9 * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
adding a cert-only designated revoker.  Code was looking for a key with
sign ability, and not cert ability.  Noted by Timo Schulz.
2005-10-27 16:23:59 +00:00
Werner Koch
2b50f31435 cygwin fixes 2005-10-27 09:14:27 +00:00
David Shaw
b9f1815947 * keygen.c (proc_parameter_file): Default key and subkey usage flags to
algo capabilities if parameter file doesn't specify them. Noted by Timo
Schulz.
2005-10-26 16:09:23 +00:00
Werner Koch
c8571979ef Fixed minor card related bugs and enhanced status messages 2005-10-18 17:41:20 +00:00
Werner Koch
9b7f1f6976 exported subkeys are now merged into one output keyblock 2005-10-17 17:21:15 +00:00
David Shaw
6c4e740a59 * keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
add 0x19 backsigs to old keys that don't have them.

* misc.c (parse_options): Fix build warning.

* main.h, keygen.c (make_backsig): Make public.
2005-10-14 04:07:13 +00:00
David Shaw
094a7ab401 * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
(signature_check2): Add --require-backsigs and --no-require-backsigs.  
Currently defaults to --no-require-backsigs.
2005-10-12 20:44:24 +00:00
David Shaw
47433adaa5 * getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks.  All is well, so I'm turning generation of backsigs on for new
keys.  Checking for backsigs on verification is still off.
2005-10-11 22:13:49 +00:00
Werner Koch
bd1df0119c Renamed g10.c to gpg.c
Filelength fixes for W32.
2005-10-05 16:58:50 +00:00
Werner Koch
d0b9ff171d * mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
prompt.
2005-09-20 08:19:50 +00:00
David Shaw
8e17d6437d * keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute
IDs as well as regular text IDs.

* plaintext.c (ask_for_detached_datafile): Use make_filename() on
filename so tilde expansion works.
2005-09-20 03:34:32 +00:00
David Shaw
4afa18bcaa * main.h, misc.c (parse_options): Add the ability to have help
strings in xxx-options commands.

* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
2005-09-14 22:31:21 +00:00
David Shaw
65566b5633 * keyedit.c (show_names): Moved name display code out from
show_key_with_all_names.  (keyedit_menu): Call it here for pref and
showpref so they can show only the selected user ID.  Suggested by
Timo Schulz.
2005-09-10 16:50:41 +00:00
Werner Koch
b4b9f891e2 Updated card stuff to support T=0 cards. 2005-09-07 17:05:42 +00:00
Werner Koch
9a2a2904cc Add "help" sub option to --*-options. 2005-09-07 15:53:03 +00:00
David Shaw
039c27f153 * parse-packet.c (enum_sig_subpkt, parse_signature,
parse_attribute_subpkts): Make a number of warnings verbose items.
These fire on many slightly mangled keys in the field, so the
warning is becoming burdensome.
2005-09-02 19:23:33 +00:00
David Shaw
be8543812d * photoid.h, photoid.c (generate_photo_id): Allow passing in a
suggested filename.

* keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto
filename" works.
2005-09-01 20:51:13 +00:00
David Shaw
187eaf0665 * photoid.c (generate_photo_id): Enable readline completion and tilde
expansion for the JPEG prompt.
2005-08-31 18:40:39 +00:00
David Shaw
f74282bee0 * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing
algorithms.

* keyedit.c (sign_uids): Don't request a signing key to make a
certification.

* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?)  (print_key_flags): Show certify flag.  (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
	
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
2005-08-27 03:09:40 +00:00
David Shaw
752d64bffc * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.
Suggested by Michael Schierl.
2005-08-27 02:56:51 +00:00
David Shaw
24adfe678d * Makefile.am: No need to link with curl any longer.
* main.h, misc.c (path_access): New.  Same as access() but does a PATH
search like execlp.

* keyserver.c (curl_can_handle): Removed.  Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort.  This is necessary because PGP LDAP and curl LDAP are apples
and oranges.  (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.
2005-08-21 20:58:46 +00:00
David Shaw
2e8c02b54b * exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read):
Minor cleanup to use bitfield flags instead of a bunch of integers.
2005-08-21 14:20:27 +00:00
David Shaw
5cb51422f9 * g10.c (main): Add aliases sign-with->local-user and user->recipient
to make switching from PGP command line to GPG easier.
2005-08-20 19:38:45 +00:00
David Shaw
bd146d5fcc * options.skel: Remove the surfnet LDAP keyserver from the list of
samples since it is being shut down.

* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.
2005-08-19 13:37:47 +00:00
David Shaw
82bee9c68a * g10.c (main), passphrase.c (set_passphrase_from_string): New
--passphrase command line option.  Only useful in very special
circumstances.
2005-08-05 19:54:06 +00:00
Werner Koch
2ce542ad52 auto retrieve keys from PKA. Thsi allows to specify an email address
so that gpg can get the key from DNS.  This helps with opportunistic
encryption.  No integration with the trust modell yet.
2005-08-05 14:46:59 +00:00
David Shaw
533bc3e813 * keygen.c (proc_parameter_file): Sanity check items in keygen batch
file.  Noted by Michael Schierl.
2005-08-05 03:30:13 +00:00
David Shaw
c765d1ee0c * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0.
Noted by Michael Schierl.
2005-08-05 02:03:12 +00:00
David Shaw
a4563ecd19 * keygen.c (write_keyblock): Don't try and build deleted kbnodes since
we start our tree with one.
2005-08-04 21:41:11 +00:00
David Shaw
bf4728992f * keygen.c (start_tree): Need to use an actual packet type (which we
can then delete) to start the tree.
2005-08-04 20:48:13 +00:00
Werner Koch
cd4c621017 Fixes pertaining to revocation creation with subkey-only exported card keys 2005-08-04 09:53:21 +00:00
Werner Koch
986a137c58 Implemented PKA trust model 2005-07-28 18:59:36 +00:00
Werner Koch
a1cdf3c75f Converted all m_free to xfree etc. 2005-07-27 18:10:56 +00:00
David Shaw
efea9c3ce1 * keyserver.c (keyserver_typemap): Special-case LDAP since curl will
report that it can handle it, and we don't want it to.
2005-07-27 01:24:57 +00:00
Werner Koch
a7ea40e4f8 * passphrase.c (agent_get_passphrase): Make sure to release the
saved codeset.
(agent_open): Add arg ORIG_CODESET and switch back to it in case
of error.  Changed all callers.

* zh_TW.po, fr.po, cs.po: Updated.
2005-07-26 19:08:11 +00:00
David Shaw
99c80f8c39 * keyedit.c (sign_uids): Don't prompt for setting signature expiry to
match key expiry unless --ask-cert-expire is set.  Suggested by Peter
Palfrader.
2005-07-22 16:42:48 +00:00
Werner Koch
a486501c0b * gpg.sgml (http):
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
2005-07-22 16:28:40 +00:00
David Shaw
04b9cec18f * options.h, g10.c (main), keyedit.c (keyedit_menu): Use --interactive
to enable the uid walking when signing a key with no uids specified to
sign.

* keylist.c (list_keyblock_print): Fix silly typo.  Noted by Greg
Sabino Mullane.
2005-07-22 12:52:34 +00:00
David Shaw
a918d63fd5 * keyserver.c (curl_can_handle): New. Do a runtime check against libcurl
to see if it can handle a particular protocol. (keyserver_typemap): Call
it here.

* Makefile.am: Pull in libcurl for curl_version_info() if used.
2005-07-20 21:15:04 +00:00
Werner Koch
a0b4f40301 * g10.c, options.h: New option --limit-card-insert-tries.
* cardglue.c (open_card): Use it.
2005-07-19 12:14:39 +00:00
Werner Koch
730247b19e * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.

* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
2005-07-19 08:50:28 +00:00
Werner Koch
6dc5a11997 * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols.
* ttyio.c (do_get): Move printing of the prompt after disabling
echo.  Suggested by Scott Worley.
2005-07-18 17:58:25 +00:00
David Shaw
8238e7698b * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around
when compacting a uid.  There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.

* keydb.h, kbnode.c (undelete_kbnode): Removed.  No longer needed.

* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed).  This allows
importing compacted uids.
2005-07-09 02:34:04 +00:00
David Shaw
c66eeec3c6 * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 warning. 2005-06-20 17:32:09 +00:00
Werner Koch
2d2e2e74b8 * gpg.sgml: Document smartcard related options.
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
2005-06-20 17:03:27 +00:00