1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-12 21:58:50 +01:00
Commit Graph

1245 Commits

Author SHA1 Message Date
Werner Koch
01bd0558dd Remove useless diagnostic in MDC verification.
* g10/encr-data.c (decrypt_data): Do not distinguish between a bad MDC
packet header and a bad MDC.
--

The separate diagnostic was introduced for debugging a problems.  For
explaining an MDC error a single error message is easier to understand.
2014-06-23 13:24:43 +02:00
Werner Koch
60bd6488c0 PC/SC cleanup.
* g10/apdu.c (pcsc_dword_t): New.  It was named as DWORD (double-word)
when a word was 16-bit.
(struct reader_table_s): Fixes for types.
(struct pcsc_readerstate_s) [__APPLE__]: Enable #pragma pack(1).
Throughout: Fixes for types.
--

GnuPG-bug-id: 1358

This is a backport of commit ae22d629b6.
2014-06-23 09:58:34 +02:00
Werner Koch
4239780d5a gpg: Use more specific reason codes for INV_RECP.
* g10/pkclist.c (build_pk_list): Use more specific reasons codes for
INV_RECP.
--

GnuPG-bug-id: 1650

Note that this patch is a bit more limited than the one in 2.1.
2014-06-23 09:25:45 +02:00
Werner Koch
11fdfcf82b gpg: Avoid infinite loop in uncompressing garbled packets.
* g10/compress.c (do_uncompress): Limit the number of extra FF bytes.
--

A packet like (a3 01 5b ff) leads to an infinite loop.  Using
--max-output won't help if it is a partial packet.  This patch
actually fixes a regression introduced on 1999-05-31 (c34c6769).
Actually it would be sufficient to stuff just one extra 0xff byte.
Given that this problem popped up only after 15 years, I feel safer to
allow for a very few FF bytes.

Thanks to Olivier Levillain and Florian Maury for their detailed
report.
2014-06-20 20:23:19 +02:00
Werner Koch
23191d7851 gpg: Need to init the trustdb for import.
* g10/trustdb.c (clear_ownertrusts): Init trustdb.
--

This is actually a hack to fix a bug introduced with commit 2528178.
Debian uses it and thus we should do too.

GnuPG-bug-id: 1622
2014-03-06 16:11:34 +01:00
Werner Koch
fa3f555d75 Change --show-session-key to print the session key earlier.
* g10/mainproc.c (proc_encrypted): Move show_session_key code to ...
* g10/decrypt-data.c (decrypt_data): here.
--

This feature can be used to return the session key for just a part of
a file.  For example to downloading just the first 32k of a huge file,
decrypting that incomplete part and while ignoring all the errors
break out the session key.  The session key may then be used on the
server to decrypt the entire file without the need to have the private
key on the server.

This is the same feature as
commit 101a54add3 for 2.1 and
commit 3ae90ff28c for 2.0.

GnuPG-bug-id: 1389
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-12-11 10:50:55 +01:00
Werner Koch
4466fdba7b Update config.{guess,sub} and some copyright notices.
* scripts/config.guess, scripts/config.sub: Update to version
2013-11-29.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-12-10 20:33:48 +01:00
Werner Koch
93a96e3c0c Use blinding for the RSA secret operation.
* cipher/random.c (randomize_mpi): New.
* g10/gpgv.c (randomize_mpi): New stub.
* cipher/rsa.c (USE_BLINDING): Define macro.
(secret): Implement blinding.
--

GPG 1.x has never used any protection against timing attacks on the
RSA secret operation.  The rationale for this has been that there was
no way to mount a remote timing attack on GnuPG.  With the turning up
of Acoustic Cryptanalysis (http://cs.tau.ac.il/~tromer/acoustic) this
assumption no longer holds true and thus we need to do do something
about it.  Blinding seems to be a suitable mitigation to the threat of
key extraction.  It does not help against distinguishing used keys,
though.

Note that GPG 2.x uses Libgcrypt which does blinding by default.

The performance penalty is negligible: Modifying the core pubkey_sign
or pubkey_decrypt function to run 100 times in a loop, the entire
execution times for signing or decrypting a small message using a 4K
RSA key on a Thinkpad X220 are

  Without blinding:  5.2s  (8.9s)
  With blinding:     5.6s  (9.3s)

The numbers in parentheses give the values without the recently
implemented k-ary exponentiation code.  Thus for the next release the
user will actually experience faster signing and decryption.  A
drawback of blinding is that we need random numbers even for
decryption (albeit at low quality).

Signed-off-by: Werner Koch <wk@gnupg.org>

CVE-id: CVE-2013-4576
2013-12-03 09:25:57 +01:00
Werner Koch
b135372176 gpg: Change armor Version header to emit only the major version.
* g10/options.h (opt): Rename field no_version to emit_version.
* g10/gpg.c (main): Init opt.emit_vesion to 1.  Change --emit-version
to bump up opt.emit_version.
* g10/armor.c (armor_filter): Implement different --emit-version
values.
--

GnuPG-bug-id: 1572
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e951782e93)

Resolved conflicts:
	NEWS
	g10/armor.c
	g10/gpg.c
2013-11-27 11:00:55 +01:00
Werner Koch
0bdf121d1d Print the keyid for key packets with --list-packets.
* g10/parse-packet.c (parse_key): Add keyid printing.
--

This is backport from GnuPG-2.  Note that the --list-packets command
is for debugging only and not part iof the stable API.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-18 10:24:32 +02:00
Werner Koch
2528178e7e gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
* g10/trustdb.c (trustdb_args): Add field no_trustdb.
(init_trustdb): Set that field.
(revalidation_mark):  Take care of a nonexistent trustdb file.
(read_trust_options): Ditto.
(get_ownertrust): Ditto.
(get_min_ownertrust): Ditto.
(update_ownertrust): Ditto.
(update_min_ownertrust): Ditto.
(clear_ownertrusts): Ditto.
(cache_disabled_value): Ditto.
(check_trustdb_stale): Ditto.
(get_validity): Ditto.
* g10/gpg.c (main): Do not create a trustdb with most commands for
trust-model always.
--

This slightly changes the semantics of most commands in that they
won't create a trustdb if --trust-model=always is used.  It just does
not make sense to create a trustdb if there is no need for it.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 1a0eeaacd1)

Resolved conflicts:
	g10/gpg.c
	g10/tdbio.h
	g10/trustdb.c
 (indentation fixes)
2013-10-11 09:35:01 +02:00
Werner Koch
4a06d9a600 gpg: Print a "not found" message for an unknown key in --key-edit.
* g10/keyedit.c (keyedit_menu): Print message.
--

GnuPG-bug-id: 1420
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 0bf54e60d3)
2013-10-04 20:59:45 +02:00
Werner Koch
d74dd36c11 gpg: Protect against rogue keyservers sending secret keys.
* g10/options.h (IMPORT_NO_SECKEY): New.
* g10/keyserver.c (keyserver_spawn, keyserver_import_cert): Set new
flag.
* g10/import.c (import_secret_one): Deny import if flag is set.
--

By modifying a keyserver or a DNS record to send a secret key, an
attacker could trick a user into signing using a different key and
user id.  The trust model should protect against such rogue keys but
we better make sure that secret keys are never received from remote
sources.

Suggested-by: Stefan Tomanek
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e7abed3448)

Resolved conflicts:
	g10/options.h
2013-10-04 20:58:51 +02:00
Daniel Kahn Gillmor
fe0fb5e6b0 gpg: Allow setting of all zero key flags
* g10/keygen.c (do_add_key_flags): Do not check for empty key flags.
(cherry picked from commit b693ec02c4)
(cherry picked from commit dd868acb0d)
2013-10-04 20:54:10 +02:00
Werner Koch
27d0f32f77 gpg: Distinguish between missing and cleared key flags.
* include/cipher.h (PUBKEY_USAGE_NONE): New.
* g10/getkey.c (parse_key_usage): Set new flag.
--

We do not want to use the default capabilities (derived from the
algorithm) if any key flags are given in a signature.  Thus if key
flags are used in any way, the default key capabilities are never
used.

This allows to create a key with key flags set to all zero so it can't
be used.  This better reflects common sense.
(cherry picked from commit 4bde12206c)
(cherry picked from commit 0a805ed160)

Resolved conflicts:
	include/cipher.h
2013-10-04 20:53:51 +02:00
Werner Koch
d90a1d2340 gpg: Fix bug with deeply nested compressed packets.
* g10/mainproc.c (MAX_NESTING_DEPTH): New.
(proc_compressed): Return an error code.
(check_nesting): New.
(do_proc_packets): Check packet nesting depth.  Handle errors from
check_compressed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-02 09:29:47 +02:00
Werner Koch
6ed7056197 gpg: Use 2048 as the default keysize in batch mode.
* g10/keygen.c (gen_elg, gen_dsa, gen_rsa): Set default keysize to
2048.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-30 10:19:14 +02:00
Werner Koch
a1a59e6a53 gpg: No need to create a trustdb when encrypting with --always-trust.
* g10/gpg.c (main): Special case setup_trustdb for --encrypt.
--

(back ported from commit 498b9a95dc)

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-02 09:17:52 +02:00
Werner Koch
801803ab6e Prepare for a forthcoming new algorithm id.
* include/cipher.h (PUBKEY_ALGO_ECC): New.
* g10/keyid.c (pubkey_letter): Add letter 'C'.
--

ID 22 will be used for generic ECC, i.e. one which can be used for
ECDSA and ECDH.  The only support in 1.4 will pretty printing the
algorithm id.
2013-07-25 10:37:41 +02:00
NIIBE Yutaka
f61d8fa5a7 gpg: fix previous change
* g10/gpgv.c: Fix void dotlock_remove_lockfiles.
2013-07-16 09:21:54 +09:00
NIIBE Yutaka
212a325d42 gpg: signal handling fix
* include/dotlock.h (dotlock_remove_lockfiles_reclaim): New.
  (dotlock_destroy, dotlock_remove_lockfiles): Add a flag to reclaim
  memory or not.
* util/dotlock.c (dotlock_create): Use
  dotlock_remove_lockfiles_reclaim for atexit.
  (dotlock_destroy_unix, dotlock_destroy)
  (dotlock_remove_lockfiles): Add a reclaim flag.
  (dotlock_remove_lockfiles_reclaim): New.
* g10/signal.c (got_fatal_signal): Disable flag of reclaim memory to
  avoid non-async-face call.
* g10/keydb.c (maybe_create_keyring): Follow the API change.
* g10/gpgv.c: Follow the API change.

--

signal handler got_fatal_signal should not call non-async-signal-safe
functions.  When malloc is interrupted by a signal, it screws up.

This issue is reported:
https://bugs.g10code.com/gnupg/issue1515
http://bugs.debian.org/399904
2013-07-12 17:26:55 +09:00
Christian Aistleitner
ff5cfadc2c Fix honoring --cert-digest-algo when recreating a cert
* g10/sign.c (update_keysig_packet): Override original signature's
digest algo in hashed data.
2013-01-11 13:33:44 +01:00
Werner Koch
3a4b96e665 gpg: Suppress "public key already present" in quiet mode.
* g10/pkclist.c (build_pk_list): Print two diagnostics only in
non-quiet mode.
--

(back-ported from commit 8325d61659)
2012-12-20 09:44:09 +01:00
Werner Koch
f795a0d59e Import only packets which are allowed in a keyblock.
* g10/import.c (valid_keyblock_packet): New.
(read_block): Store only valid packets.
--

A corrupted key, which for example included a mangled public key
encrypted packet, used to corrupt the keyring.  This change skips all
packets which are not allowed in a keyblock.

GnuPG-bug-id: 1455
2012-12-20 09:43:41 +01:00
Werner Koch
3d56d486e1 Remove trailing white space from some files
--
2012-12-19 14:05:56 +01:00
Werner Koch
e33e74e3a4 Fix potential heap corruption in "gpg -v --version"
* g10/gpg.c (build_list): Rewrite to cope with buffer overflow in
certain locales.
* util/membuf.c (put_membuf_str): New.
(get_membuf): Make LEN optional.
--

This fixes an obvious bug in locales where the translated string is
longer than the original.  The bug could be exhibited by using
LANG=ru_RU.utf8 gpg -v --version.

En passant we also removed the trailing white space on continued
lines.

Reported-by: Dmitry V. Levin" <ldv at altlinux.org>
2012-12-15 11:28:00 +01:00
NIIBE Yutaka
09dd073096 Card: Fix the process of writing key or generating key.
* g10/app-openpgp.c (store_fpr): Flush KEY-FPR and KEY-TIME.
--

(cherry picked from commit e7dca3e83e)
2012-12-13 17:25:57 +01:00
David Shaw
d42dcbfa92 The keyserver search menu should honor --keyid-format
* keyserver.c (print_keyrec): Honor --keyid-format when getting back
  full fingerprints from the keyserver (the comment in the code was
  correct, the code was not).
2012-11-29 12:00:46 -05:00
Werner Koch
64e7c237db Create off-line card encryption key with the right size.
* g10/keygen.c (gen_card_key_with_backup): Get the size of the key
from the card.
--

Formerly the off-line encryption key was created with a fixed length
of 1024 bit.  With this change the key is created as expected.

GnuPG-bug-id: 1230
2012-11-08 15:59:47 +01:00
Werner Koch
b1eac93431 Support the not anymore patented IDEA cipher algorithm.
* cipher/idea.c: New.  Take from Libgcrypt master and adjust for
direct use in GnuPG.
* cipher/idea-stub.c: Remove.
* cipher/Makefile.am: Add idea.c and remove idea-stub.c rules.
* configure.ac: Remove idea-stub code.
* g10/gpg.c (check_permissions): Remove code path for ITEM==2.
(main): Make --load-extension a dummy option.
* g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2
compatibility mode.
* g10/misc.c (idea_cipher_warn): Remove.  Also remove all callers.
* g10/seckey-cert.c (do_check): Remove emitting of STATUS_RSA_OR_IDEA.
* g10/status.c (get_status_string): Remove STATUS_RSA_OR_IDEA.
* g10/status.h (STATUS_RSA_OR_IDEA): Remove.

--

To keep the number of actually used algorithms low, we support IDEA
only in a basically read-only way (unless --pgp2 is used during key
generation).  It does not make sense to suggest the use of this old 64
bit blocksize algorithm.  However, there is old data available where
it might be helpful to have IDEA available.
2012-11-08 13:25:02 +01:00
Werner Koch
a76efe1b05 Fix typos spotted during translations
* g10/gpg.c: uppercase after Syntax
* util/secmem.c (print_warn): Update URL.
2012-08-24 16:37:44 +02:00
David Prévot
e393ae3e29 Actually show translators comments in PO files
--

Note that strings marked for gettext need to immediately follow a
TRANSLATOR comment block.
2012-08-24 16:32:40 +02:00
Werner Koch
7a852fba6c With --quiet do not print reading passphrase from fd message.
Fix for bug#1403.
* g10/passphrase.c (read_passphrase_from_fd): Act on --quiet.
2012-04-29 11:54:28 +02:00
David Shaw
509fe4ce5d Honor --cert-digest-algo when recreating a cert.
* g10/sign.c (update_keysig_packet): Honor --cert-digest-algo when
  recreating a cert.

This is used by various things in --edit-key like setpref, primary,
etc.  Suggested by Christian Aistleitner.
2012-01-31 21:30:05 -05:00
David Shaw
561d89803b Merge branch 'STABLE-BRANCH-1-4' of git+ssh://playfair.gnupg.org/git/gnupg into STABLE-BRANCH-1-4 2012-01-19 22:34:45 -05:00
David Shaw
f310735975 Changes to --min-cert-level should cause a trustdb rebuild (issue 1366)
* g10/gpgv.c, g10/trustdb.c (read_trust_options): Add min_cert_level

* g10/trustdb.c (check_trustdb_stale): Request a rebuild if
  pending_check_trustdb is true (set when we detect a trustdb
  parameter has changed).

* g10/keylist.c (public_key_list): Use 'l' in the "tru" with-colons
  listing for min_cert_level not matching.

* g10/tdbio.c (tdbio_update_version_record, create_version_record,
  tdbio_db_matches_options, tdbio_dump_record, tdbio_read_record,
  tdbio_write_record): Add a byte for min_cert_level in the tdbio
  version record.
2012-01-19 22:33:51 -05:00
Werner Koch
cfb193a1de Add a DECRYPTION_INFO status.
* g10/status.h (STATUS_DECRYPTION_INFO): New.
* g10/status.c (get_status_string): Add new status string.
* g10/encr-data.c: Include status.h.
(decrypt_data): Print STATUS_DECRYPTION_INFO.
--
This is  backport of commit  5667e33.

DECRYPTION_INFO <mdc_method> <sym_algo>
   Print information about the symmetric encryption algorithm and
   the MDC method.  This will be emitted even if the decryption
   fails.
2012-01-13 16:20:53 +01:00
Werner Koch
02f282368e gpg: Remove unused fields from a trust data structure.
The functions tdbio_read_record and tdbio_write_record control the
actual on-disk format.  Thus there is no need to keep reserved fields
in the internal data structure.

* g10/tdbio.h (struct trust_record): Remove reserved fields.
2012-01-12 12:19:54 +01:00
Werner Koch
9b2a98ea14 Allow use of a standard space separated fingerprint.
We allow a single or a double space in the middle of the fingerprint
to help with c+p fingerprints from an HTML pages which are not being
enclosed in a "pre" tag.
* g10/getkey.c (classify_user_id): Check for space separated GPG
fingerprint.
--
This is a backport of commit 957fe72 and 372fb4f.
2012-01-10 15:34:02 +01:00
Werner Koch
b9333cd890 Replace file locking by the new portable dotlock code.
* include/dotlock.h: New.  From current gnupg master.
* util/dotlock.c: Ditto.  Include util.h.  The major changes done in
master are: Factor Unix and W32 specific code out into specific
functions.  Define HAVE_POSIX_SYSTEM.  Rearrange some functions.
(disable_dotlock): Rename to dotlock_disable.
(create_dotlock): Rename to dotlock_create and add a dummy arg.
(destroy_dotlock): Rename to dotlock_destroy.
(make_dotlock): Rename to dotlock_take.
(release_dotlock): Rename to dotlock_release.
(remove_lockfiles): Rename to dotlock_remove_lockfiles.
2012-01-10 15:16:44 +01:00
Werner Koch
dccdcef319 Update copyright years.
* util/argparse.c (default_strusage): Update printed copyright year.
2012-01-10 11:51:19 +01:00
Werner Koch
76b73caf91 Rename all ChangeLog files to ChangeLog-2011.
* ChangeLog: New file.
2011-12-02 19:42:56 +01:00
Werner Koch
43c7d1c7cc On VMS use --batch by default if in batch mode.
This problem was identified and solved by Steven M. Schweda.
Note that the vms specific code is not part of this repository.
See http://antinode.info/dec/sw/gnupg.html for the VMS port.
2011-09-12 15:28:28 +02:00
Werner Koch
a95143e225 Removed some set but unused vars. 2011-08-09 10:54:22 +02:00
Werner Koch
c156a636c6 Fix bug#1307
This is a backport of the fixes for 2.0.  There is only one real bug,
the other changes are for clarity and for more picky compilers.
2011-08-09 10:12:36 +02:00
Werner Koch
4fb59b1313 Print the decoded iteration count witn --list-packets.
Fixes bug#1355.
2011-07-22 14:00:08 +02:00
Werner Koch
04b0b050ff Add pubkey letters e and E for ECC.
This does not mean we have any kind of ECC support now.  It is merely
to avoid printing a question mark for the algorithm.

Trailing white space changes as usual.
2011-07-01 10:21:08 +02:00
David Shaw
fc1680abdf * photoid.c (generate_photo_id): Check for the JPEG magic numbers
instead of JFIF since some programs generate an EXIF header first.
This is issue 1331.
2011-04-05 23:47:58 -04:00
Werner Koch
d0a9b8a9fb Don't link gpgv with libreadline
Also add a useful .gitignore file.
2011-02-23 15:13:40 +01:00
David Shaw
933adc0850 * gpg.c (main): Do not provide a default for
--personal-digest-preferences.  This allows the usual digest selection
algorithm to pick a digest based on recipient keys.
2010-10-29 19:16:27 +00:00
David Shaw
79019ee776 * pkclist.c (select_algo_from_prefs): Slightly improve the handling of
MD5 in preference lists.  Instead of replacing MD5 with SHA-1, just
remove MD5 from the list altogether, and let the next-highest ranked
algorithm be chosen.
2010-10-29 19:14:28 +00:00
David Shaw
d89e59bdb3 * pkclist.c (select_algo_from_prefs): Make sure the scores can't
overflow when picking an algorithm (not a security issue since we
can't pick something not present in all preference lists, but we might
pick something that isn't scored first choice).
2010-10-29 17:39:30 +00:00
Werner Koch
a6b47500ac Detect unsigned time_t and adjust y2038 detection. 2010-10-27 10:59:11 +00:00
Werner Koch
397f9cd6a1 Remove warnings on VMS 2010-10-20 06:51:11 +00:00
Werner Koch
27193bbd2c Prepare for 1.4.11 2010-10-18 09:24:48 +00:00
Werner Koch
41f5b0a402 VMS fixes 2010-10-10 09:53:02 +00:00
David Shaw
7f07a1bc90 * options.skel: Make the example for force-v3-sigs match reality (it
has defaulted to off since 2007-10-22).
2010-09-28 16:13:24 +00:00
Werner Koch
6764837956 The rest of the VMS changes. 2010-09-28 15:55:24 +00:00
Werner Koch
aa29ba1689 Minor changes to help the VMS port 2010-09-28 10:07:30 +00:00
Werner Koch
a1fc3a5d9e Preparing a release candidate 2010-09-23 08:15:45 +00:00
Werner Koch
690dc98c6f Minor fixes 2010-08-31 08:42:38 +00:00
Werner Koch
b8d2740923 support more hash algorithms to support the v2 card 2010-07-24 09:18:42 +00:00
Werner Koch
5474061365 Backport bug fix. Fixes bug#1240. 2010-06-18 08:08:21 +00:00
Werner Koch
9017b84423 Ignore some GnuPG-2 only options. 2010-06-01 12:13:31 +00:00
Werner Koch
198c5c5587 Fix bug 1179 2010-05-12 16:06:38 +00:00
Werner Koch
57528d38c0 Fix for bug 1223 2010-05-07 12:32:06 +00:00
Werner Koch
b0a357ad8a Force SHA1 only for v1 cards 2010-03-26 18:11:30 +00:00
David Shaw
5bcd4f613b * plaintext.c (handle_plaintext): Make sure that the stdout flush
succeeded, so we can't lose data when using gpg in a pipeline.  Fixes
bug #1207.
2010-03-26 16:57:09 +00:00
Werner Koch
9529d72b2c Fix bug 1186 2010-02-17 10:28:27 +00:00
Werner Koch
0f91985b21 Change menu prompts. 2010-02-02 14:08:50 +00:00
Werner Koch
4ac7cb0725 Fix some spelling errors. Fixes bug#1127. 2009-12-21 15:58:06 +00:00
Werner Koch
18392e8d61 Fix bug#1059 (missing status line signature verification done with a
subkey while on the main key has expired).
2009-12-17 17:56:17 +00:00
Werner Koch
a929b77b1c minor changes for VMS 2009-12-15 11:07:43 +00:00
Werner Koch
03c414b650 fix bug#1162. 2009-12-15 10:20:10 +00:00
Werner Koch
378b313f58 Fix bug#1138. 2009-09-28 17:11:32 +00:00
Werner Koch
5f9caad6f1 Last minute fixes 2009-09-02 17:30:53 +00:00
Werner Koch
d890215d18 Preparing 1.4.10. 2009-09-02 15:02:01 +00:00
Werner Koch
4fcae6586d Fix debian bug#543530 2009-08-26 06:48:45 +00:00
Werner Koch
1e1b57a294 Preparing for a release candidate 2009-08-13 08:45:23 +00:00
David Shaw
00310b1aa8 Try and detect mis-coded Latin1 and convert it to UTF8. Whether the
heuristics succeed or not, the resulting string must be valid UTF8 as
LDAP requires that.  This is bug 1055.
2009-08-12 05:01:08 +00:00
Werner Koch
b8805ca724 2009-08-03 17:47:18 +00:00
David Shaw
3f95e31e5d * gpg.c (main): --pgp6 includes --disable-mdc. 2009-07-31 14:34:55 +00:00
Werner Koch
930e910ad7 Update key generation menu to match gnupg 2.0.
Changes default preferences and key algorithms.
2009-07-29 10:06:56 +00:00
David Shaw
91df5cb2e3 * keyserver.c (keyserver_import_ldap): Try a DNS-SD lookup to find a
domain-specific LDAP server before resorting to keys.{domain}.
2009-07-23 19:50:25 +00:00
Werner Koch
6d755a83b4 Parse EXTCAP lines from the card.
Change messages for a corrupt trustdb.
2009-07-23 08:00:39 +00:00
Werner Koch
3459c6b015 First set of changes to backport the new card code from 2.0.
For compatibility reasons a few new files had to be added.
Also added estream-printf as this is now used in app-openpgp.c and provides
a better and generic asprintf implementation than the hack we used for the
W32 code in ttyio.c.  Card code is not yet finished.
2009-07-21 14:30:13 +00:00
Werner Koch
b478389753 Repalce an assert by a proper error message. 2009-07-17 11:24:51 +00:00
Werner Koch
81d7fbc7cb Fix bug#1087. 2009-07-16 07:40:16 +00:00
Werner Koch
64f24da283 Fix a couple of minor bugs. 2009-06-24 14:01:20 +00:00
Werner Koch
275ad3fa26 Fix bug#1040. 2009-06-17 10:36:12 +00:00
David Shaw
4843e6c8f2 Remove Camellia restriction. 2009-06-05 16:54:47 +00:00
Werner Koch
58a0c9ee49 Add stub function. Noted by Daniel Leidert. 2009-06-02 15:26:06 +00:00
Werner Koch
0bbe6eda34 Fixed bug1058. 2009-05-22 15:38:49 +00:00
Werner Koch
d72349bde0 Fix bug#1044. 2009-05-20 10:25:58 +00:00
Werner Koch
4694c1a8eb Fix bug 1045 2009-05-11 10:01:11 +00:00
Werner Koch
bc0202a8c2 Fix bug 1045. 2009-05-11 09:37:25 +00:00
Werner Koch
750990401c Print 'empty file' warning only with --verbose. 2009-05-11 09:20:39 +00:00
Werner Koch
23ad4bd73b Fix for bug#1034. 2009-05-06 09:31:15 +00:00
Werner Koch
418e61a824 Improve dotlocking.
Implement locking for W32.
2009-05-05 15:32:16 +00:00
Werner Koch
631a0de335 Backport of Creation-Date parameter for unattended key generation. 2009-05-05 11:44:56 +00:00