1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-19 14:27:02 +01:00

105 Commits

Author SHA1 Message Date
David Shaw
8ce53a679a * keyserver.c (keyserver_spawn): Handle CRLF endings from keyserver
helpers.  Also don't leak the last line worth of memory from the keyserver
response.

* main.h, misc.c (deprecated_warning): New function to warn about
deprecated options and commands.

* g10.c (main), keyserver-internal.h, keyserver.c (parse_keyserver_uri):
Use new deprecated function to warn about honor-http-proxy,
auto-key-retrieve, and x-broken-hkp.
2002-06-12 18:56:36 +00:00
David Shaw
92cefb688e * options.skel, options.h, main.h, keydb.h, pkclist.c (build_pk_list,
expand_groups), g10.c (main, add_group): Add new "group" command to allow
one name to expand into multiple keys. For simplicity, and to avoid
potential loops, we only expand once - you can't make an alias that points
to an alias.

* main.h, g10.c (main), keygen.c (build_personal_digest_list): Simplify
the default digest list - there is really no need for the other hashes
since they will never be used after SHA-1 in the list.

* options.skel, options.h, g10.c (main), hkp.c (hkp_ask_import,
hkp_export, hkp_search), keyserver.c (parse_keyserver_options,
parse_keyserver_uri, keyserver_work, keyserver_refresh): Make the
"x-broken-hkp" keyserver scheme into keyserver-option "broken-http-proxy".
Move honor_http_proxy into keyserver_options.  Canonicalize the three
variations of "hkp", "x-hkp", and "x-broken-hkp" into "hkp".
2002-06-07 19:38:27 +00:00
David Shaw
005d2cc4a8 * main.h, g10.c (main), keygen.c (build_personal_digest_list): Put in a
default digest preference list consisting of SHA-1, followed by every
other installed digest except MD5.  Note this is the same as having no
digest preference at all except for SHA-1 being favored.

* options.h, g10.c (main), keygen.c (keygen_set_std_prefs), pkclist.c
(select_algo_from_prefs): Split --personal-preference-list into three:
--personal-{cipher|digest|compress}-preferences.  This allows a user to
set one without affecting another (i.e. setting only a digest pref doesn't
imply an empty cipher pref).

* exec.c (exec_read): This is a safer way of guessing the return value of
system().  Noted by Stefan Bellon.
2002-06-06 20:59:20 +00:00
David Shaw
f0bf8b4afc * main.h, g10.c (main), keylist.c (dump_attribs, set_attrib_fd,
list_keyblock_print, list_keyblock_colon), status.h, status.c
(get_status_string): New --attribute-fd feature to dump the contents of
attribute subpackets for frontends.  If --status-fd is also used, then a
new status tag ATTRIBUTE is provided for each subpacket.

* packet.h, getkey.c (fixup_uidnode, merge_selfsigs_main,
merge_selfsigs_subkey), parse-packet.c (setup_user_id): Keep track of the
expiration time of a user ID, and while we're at it, use the expired flag
from the selfsig rather than reparsing the SIG_EXPIRE subpacket.

* photoid.c (generate_photo_id): When adding a new photo ID, showing the
photo for confirmation is not safe when noninteractive since the "user"
may not be able to dismiss a viewer window. Noted by Timo Schulz.
2002-06-03 20:48:36 +00:00
David Shaw
8d5dad0ac3 * sign.c (mk_notation_and_policy): Include secret key to enable %s
expandos, and pass notations through pct_expando as well.

* main.h, misc.c (pct_expando): Add %s and %S expandos for signer's keyid.
2002-05-27 01:00:11 +00:00
David Shaw
2656589782 * options.h, main.h, keygen.c (keygen_set_set_prefs, keygen_get_std_prefs,
keygen_upd_std_prefs), keyedit.c (keyedit_menu), g10.c (main), pkclist.c
(select_algo_from_prefs): Add --personal-preference-list which allows the
user to factor in their own preferred algorithms when the preference lists
are consulted.  Obviously, this does not let the user violate a
recepient's preferences (and the RFC) - this only influences the ranking
of the agreed-on (and available) algorithms from the recepients.
Suggested by David Hollenberg.

* options.h, keygen.c (keygen_set_std_prefs), g10.c (main): Rename
--preference-list to --default-preference-list (as that is what it really
is), and make it a true default in that if the user selects "default" they
get this list and not the compiled-in list.
2002-05-22 14:07:12 +00:00
David Shaw
91f05595cc * main.h, g10.c (main), revoke.c (gen_desig_revoke): Generate a designated
revocation via --desig-revoke

* keyedit.c (keyedit_menu, menu_addrevoker): New "addrevoker" command to
add a designated revoker to a key.
2002-05-19 15:04:04 +00:00
David Shaw
4dcdaa3b1b * main.h, keygen.c (keygen_add_revkey): Add revocation key subpackets to a
signature (callable by make_keysig_packet). (write_direct_sig): Write a 1F
direct key signature. (parse_revocation_key): Parse a string in
algo:fpr:sensitive format into a revocation key. (get_parameter_revkey,
do_generate_keypair): Call above functions when prompted from a batch key
generation file.

* build-packet.c (build_sig_subpkt): Allow multiple revocation key
subpackets in a single sig.

* keydb.h, getkey.c (get_seckey_byfprint): Same as get_pubkey_byfprint,
except for secret keys.  We only know the fingerprint of a revocation key,
so this is needed to retrieve the secret key needed to issue a revokation.

* packet.h, parse-packet.c (parse_signature, parse_revkeys): Split revkey
parsing off into a new function that can be used to reparse after
manipulating the revkey list.

* sign.c (make_keysig_packet): Ability to make 1F direct key signatures.
2002-05-16 03:35:55 +00:00
David Shaw
0c3ac11549 * getkey.c (merge_selfsigs_main): Make sure the revocation key list starts
clean as this function may be called more than once (e.g. from functions
in --edit).

* g10.c, encode.c (encode_crypt), sign.c (sign_file,
sign_symencrypt_file): Make --compress-algo work like the documentation
says.  It should be like --cipher-algo and --digest-algo in that it can
override the preferences calculation and impose the setting the user
wants.  No --compress-algo setting allows the usual preferences
calculation to take place.

* main.h, compress.c (compress_filter): use new DEFAULT_COMPRESS_ALGO
define, and add a sanity check for compress algo value.
2002-05-09 19:57:08 +00:00
David Shaw
6dc53d136a * photoid.h, photoid.c (parse_image_header, image_type_to_string): Useful
functions to return data about an image.

* packet.h, parse-packet.c (make_attribute_uidname,
parse_attribute_subpkts, parse_attribute), photoid.h, photoid.c
(show_photos): Handle multiple images in a single attribute packet.

* main.h, misc.c (pct_expando), sign.c (mk_notation_and_policy), photoid.c
(show_photos): Simpler expando code that does not require using
compile-time string sizes.  Call image_type_to_string to get image strings
(i.e. "jpg", "image/jpeg").  Change all callers.

* keyedit.c (menu_showphoto), keylist.c (list_keyblock_print): Allow
viewing multiple images within a single attribute packet.

* gpgv.c: Various stubs for link happiness.
2002-05-02 20:47:23 +00:00
Werner Koch
cd59cb1d64 Added a copyright year for files changed this year. 2002-04-29 14:42:34 +00:00
David Shaw
cd7b3f9590 After generating a new key, show the key information (name, keyid,
fingerprint, etc.)

Do not print uncheckable signatures (missing key..) in --check-sigs.

Print statistics (N missing keys, etc.) after --check-sigs.

When signing a key with an expiration date on it, the "Do you want your
signature to expire at the same time?" question should default to YES
2002-04-23 17:54:38 +00:00
Werner Koch
b725d8ec27 Merged in my changes, after disk crash. Fortunately the CVS was not
affected - but everything else and it seems that there is no backup of
the BTS data is available :-(
2002-04-08 15:10:51 +00:00
David Shaw
6deb95687d Treat key lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it).  Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.

Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
2002-02-26 01:00:12 +00:00
David Shaw
9057172a92 Allow policy URLs with %-expandos in them. This allows policy URLs like
"http://notary.jabberwocky.com/keysign/%K" to create a per-signature
policy URL.  Use the new generic %-handler for the photo ID stuff as well.

Display policy URLs and notations during signature generation if
--show-policy-url/--show-notation is set.
2002-02-05 00:04:24 +00:00
Timo Schulz
e17cd91abe New command --decrypt-files.
Some fixes.
2002-01-15 16:52:36 +00:00
David Shaw
bd5517b9e2 Move idea_cipher_warn to misc.c so gpgv.c doesn't need a stub
Remove get_temp_dir (it's in exec.c now)
Allow --delete-key (now --delete-keys, though --delete-key still works) to
delete multiple keys in one go.  This applies to
--delete-secret-key(s) and --delete-secret-and-public-key(s) as well
2002-01-09 19:59:26 +00:00
Timo Schulz
0bd41cc2e5 New code for encode_crypt_files. 2002-01-09 18:52:19 +00:00
Timo Schulz
c02977a2de New command (encrypt-files). 2002-01-03 19:47:20 +00:00
David Shaw
4dde9482c2 Bugfix in photoid.c and keyserver.c
Properly handle permission/ownership checks on files that are shared (for
example /usr/local/lib/gnupg/idea)
2001-12-29 04:43:11 +00:00
David Shaw
d5a695f198 New function to check the permissions of GNUPGHOME and the various files
that live there for safe permission/ownership (--no-permission-warning to
disable)
The newer glibcs print scary warnings about using mktemp().  The use here
was actually safe, but the warning was bound to confuse people, so here is
an arguably better tempname creator that pulls random bits from the pool.
2001-12-20 05:02:30 +00:00
David Shaw
e8936126af Much stricter checking of the keyserver URI
IDEA warning for pk messages encrypted with IDEA (symmetric is already done)
Print IDEA warning for each occurance except for secret key protection and
unknown cipher from an encrypted message.
2001-12-18 23:10:46 +00:00
David Shaw
30481e5a17 Add a generic IDEA warning for when the IDEA plugin is not present. This
pops up when the user uses "--cipher-algo idea", when setpref is used to
set a "S1" preference, and when a secret key protected with IDEA is used.

Tweak the --pgp2 mode to use this generic warning.
2001-12-17 21:45:40 +00:00
David Shaw
1ccd578910 Sig expiration code
Offer to expire a key signature when the key the user is signing expires
Expired sigs cause an error return
If --expert is set, prompt for sig duration
2001-12-07 01:14:15 +00:00
David Shaw
46efe28815 "sigclass" patch - adds key signature class levels, notation and policy-url
displays in key listings, and shows flags for signature features.
2001-12-06 22:04:08 +00:00
David Shaw
b7a4656965 Generic keyserver API code 2001-12-06 21:43:04 +00:00
Werner Koch
abdd248af9 Code cleanups 2001-09-20 07:12:52 +00:00
Werner Koch
cf477d0908 Bug fixes and Timo's patches 2001-09-19 14:25:05 +00:00
Werner Koch
98a8843e28 Implemented -cs and some fixes to the rfc1991 symmetric only mode 2001-08-20 19:10:34 +00:00
Werner Koch
a255ea76ae Added a way to update preferences 2001-08-09 13:11:51 +00:00
Werner Koch
be06120679 Changed and added copyright notices 2001-03-08 14:33:24 +00:00
Werner Koch
2af87f8829 Backported getkey.c from 1.1 2001-02-08 16:28:28 +00:00
Werner Koch
4ae64383cd Enhanced delkey command and other stuff for gpgme 2001-01-23 13:56:30 +00:00
Werner Koch
99e70f7ac7 Paul's LFS pacthes and started with pipemode 2000-11-11 17:17:52 +00:00
Werner Koch
2092d0f6ed Fixed serious bug related to multiple cleartext signatures. 2000-10-13 15:03:48 +00:00
Werner Koch
0b9d3e2f81 See ChangeLog: Thu Sep 14 14:20:38 CEST 2000 Werner Koch 2000-09-14 12:20:30 +00:00
Werner Koch
2f64c3538a See ChangeLog: Mon Jun 5 23:41:54 CEST 2000 Werner Koch 2000-06-05 21:28:41 +00:00
Werner Koch
64009cd745 See ChangeLog: Fri May 12 14:01:20 CEST 2000 Werner Koch 2000-05-12 11:59:49 +00:00
Werner Koch
0154d59f4d See ChangeLog: Wed Mar 8 18:44:59 CET 2000 Werner Koch 2000-03-08 17:42:19 +00:00
Werner Koch
c03e6ee0aa See ChangeLog: Thu Feb 17 13:39:32 CET 2000 Werner Koch 2000-02-17 12:41:58 +00:00
Werner Koch
17eb1405a2 See ChangeLog: Mon Feb 14 14:30:20 CET 2000 Werner Koch 2000-02-14 13:33:19 +00:00
Werner Koch
932049cbe4 See ChangeLog: Fri Jan 14 18:32:01 CET 2000 Werner Koch 2000-01-14 17:26:00 +00:00
Werner Koch
8eec0983f6 See ChangeLog: Sat Dec 4 12:30:28 CET 1999 Werner Koch 1999-12-04 11:33:45 +00:00
Werner Koch
cc49ea6d28 See ChangeLog: Fri Nov 12 20:33:19 CET 1999 Werner Koch 1999-11-12 19:32:00 +00:00
Werner Koch
296f9de0bc See ChangeLog: Mon Oct 4 21:23:04 CEST 1999 Werner Koch 1999-10-04 19:27:02 +00:00
Werner Koch
db78307c03 See ChangeLog: Mon Sep 20 12:24:41 CEST 1999 Werner Koch 1999-09-20 10:25:21 +00:00
Werner Koch
8caf2f7437 See ChangeLog: Mon Jul 12 18:45:57 CEST 1999 Werner Koch 1999-07-12 16:49:22 +00:00
Werner Koch
86abac78a2 See ChangeLog: Fri Jul 2 11:45:54 CEST 1999 Werner Koch 1999-07-02 09:50:57 +00:00
Werner Koch
28eb86c006 See ChangeLog: Thu Jul 1 12:47:31 CEST 1999 Werner Koch 1999-07-01 10:53:35 +00:00
Werner Koch
3dddf602dd See ChangeLog: Tue Jun 1 16:01:46 CEST 1999 Werner Koch 1999-06-01 14:08:57 +00:00