1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

181 Commits

Author SHA1 Message Date
David Shaw
07250279e7 * keyedit.c (keyedit_menu): Invisible alias "passwd" as "password".
* passphrase.c: Don't check for __CYGWIN__, so it is treated as a
unix-like system.

* options.h, g10.c (main), textfilter.c (standard): Use new option
--rfc2440-text to determine whether to filter "<space>\t\r\n" or just
"\r\n" before canonicalizing text line endings.  Default to
"<space>\t\r\n".
2004-12-20 05:19:09 +00:00
David Shaw
bf5d013bc8 * options.h, g10.c (main), textfilter.c (standard): Use --rfc2440 or
--openpgp directly to determine the end of line hashing rule.

* trustdb.c (uid_trust_string_fixed): Show uids as expired if the key is
expired.
2004-12-11 04:47:33 +00:00
David Shaw
1c334577f3 * options.h, g10.c (main), textfilter.c (len_without_trailing_ws): Removed
(not used). (standard): 2440 says that textmode hashes should canonicalize
line endings to CRLF and remove spaces and tabs.  2440bis-12 says to just
canonicalize to CRLF.  So, we default to the 2440bis-12 behavior, but
revert to the strict 2440 behavior if the user specifies --rfc2440.  In
practical terms this makes no difference to any signatures in the real
world except for a textmode detached signature.
2004-12-10 05:35:54 +00:00
David Shaw
6dedf7a068 * options.h, export.c (parse_export_options, do_export_stream), import.c
(parse_import_options, import_keys_internal): Make the import-options and
export-options distinct since they can be mixed together as part of
keyserver-options.
2004-11-26 15:51:37 +00:00
David Shaw
9a70afe2b3 * options.h, export.c (parse_export_options, do_export_stream): Add
"export-minimal" option to disregard any sigs except selfsigs.
2004-11-25 03:58:42 +00:00
David Shaw
65077adf83 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Rename
verify-option show-validity to show-uid-validity to match the similar
list-option.

* app-openpgp.c (verify_chv3): Fix typo.
2004-10-21 19:18:47 +00:00
David Shaw
9a4dc13d5e * pkclist.c (do_edit_ownertrust): Different prompt when we're using direct
trust since the meaning is different.

* keyedit.c (trustsig_prompt): Change the strings to match the ones in
pkclist.c:do_edit_ownertrust to make translation easier.

* trustdb.c (trust_model_string, get_validity): Add direct trust model
which applies to the key as a whole and not per-uid.

* options.h, g10.c (parse_trust_model): New. (main): Call it from here to
do string-to-trust-model.
2004-10-13 15:34:52 +00:00
David Shaw
2ff6607f0d * main.h, g10.c (main), card-util.c (change_pin): If "admin" has not been
issued, skip right to the CHV1/CHV2 PIN change.  No need to show the
unblock or admin PIN change option. (card_edit): Add "admin" command to
add admin commands to the menu.  Do not allow admin commands until "admin"
is given.

* app-openpgp.c (verify_chv3): Show a countdown of how many wrong admin
PINs can be entered before the card is locked.

* options.h, g10.c (main), app-openpgp.c (verify_chv3): Remove
--allow-admin.
2004-09-25 13:04:55 +00:00
David Shaw
e7c94128b2 * options.h, keylist.c (print_one_subpacket, print_subpackets_colon):
Print a spk record for each request subpacket. (list_keyblock_colon): Call
them here.

* g10.c (parse_subpacket_list, parse_list_options): New.  Make the list of
subpackets we are going to print. (main): Call them here.
2004-09-12 15:27:38 +00:00
David Shaw
0aad41079e * keylist.c (list_keyblock_print): Always use the new listing format where
uids are always on a line for themselves.  Mark expired secret keys as
expired.

* options.h, g10.c (main): Rename list show-validity to show-uid-validity
as it only shows for uids.

* armor.c (armor_filter): Do not use padding to get us to 8 bytes of
header.  Rather, use 2+4 as two different chunks.  This avoids a fake
filename of "is".
2004-07-16 14:30:55 +00:00
Werner Koch
3624da002f some late minor fixes. 2004-05-22 11:33:47 +00:00
David Shaw
cc383b6432 * options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE.
* mainproc.c (check_sig_and_print): track whether we are retrieving a key.

* status.c (status_currently_allowed): New. (write_status_text,
write_status_text_and_buffer): Use it here.

* g10.c: New command --gpgconf-list. (gpgconf_list): New.  From Werner on
stable branch.
2004-05-20 18:04:33 +00:00
David Shaw
0aba5ff41b * options.h, keyserver-internal.h, keyserver.c (parse_keyserver_uri):
Improved URI parser that keeps track of the path information and doesn't
modify the input string. (keyserver_spawn): Tell keyserver plugins about
the path.
2004-05-11 19:36:44 +00:00
David Shaw
69df506b84 * options.h, mainproc.c (symkey_decrypt_seskey), keyserver.c (struct
keyrec, parse_keyrec, keyserver_search_prompt), keyedit.c (keyedit_menu),
g10.c (add_keyserver_url, add_policy_url): Fix some compiler warnings.
2004-05-10 21:46:00 +00:00
David Shaw
f106448a7d * keylist.c (show_notation): Use bits to select which sort of notation to
show.  Don't allow a not-shown notation to prevent us from issuing the
proper --status-fd message.

* options.h, g10.c (main): Add show-std/standard-notations and
show-user-notations.  show-notations is both.  Default is to show standard
notations only during verify.  Change all callers.
2004-05-05 02:40:27 +00:00
Werner Koch
577d9c2342 A bunch of changes for the openpgp card. 2004-04-27 08:23:45 +00:00
David Shaw
3ec6fecade * options.h, g10.c (main): Add keyserver-option honor-keyserver-url.
parse_keyserver_options now returns a success code.

* keyserver.c (parse_keyserver_options): Return error on failure to parse.
Currently there is no way to fail as any unrecognized options get saved to
be sent to the keyserver plugins later. Check length of keyserver option
tokens since with =arguments we must only match the prefix.
(free_keyserver_spec): Moved code from parse_keyserver_url.
(keyserver_work, keyserver_spawn): Pass in a struct keyserver_spec rather
than using the global keyserver option. (calculate_keyid_fpr): New.
Fills in a KEYDB_SEARCH_DESC for a key. (keyidlist): New implementation
using get_pubkey_bynames rather than searching the keydb directly.  If
honor-keyserver-url is set, make up a keyserver_spec and try and fetch
that key directly.  Do not include it in the returned keyidlist in that
case.
2004-04-19 16:02:11 +00:00
David Shaw
d20a79dd07 * options.h, keyserver.c (parse_keyserver_options): Remove duplicate code
from parse_keyserver_options by calling the generic parse_options.

* keyserver.c (keyserver_spawn, keyserver_refresh), g10.c (main), gpgv.c
(main), mainproc.c (check_sig_and_print), import.c (revocation_present):
Change all callers.
2004-04-15 18:16:17 +00:00
David Shaw
a9b00b06d1 * options.h, import.c, keyserver-internal.h, g10.c, mainproc.c,
keyserver.c (parse_keyserver_uri): Parse keyserver URI into a structure.
Cleanup for new "guess my keyserver" functionality, as well as refreshing
via a preferred keyserver subpacket.
2004-04-14 21:33:45 +00:00
David Shaw
2286674b9e * options.h: Encapsulate keyserver details. Change all callers. 2004-04-14 17:56:23 +00:00
David Shaw
80c8b0c3a4 * options.h, g10.c (main), compress-bz2.c (init_uncompress): Rename
--bzip2-compress-lowmem to --bzip2-decompress-lowmem since it applies to
decompression, not compression.
2004-03-25 22:43:51 +00:00
David Shaw
1e01514529 * revoke.c (export_minimal_pk), export.c (do_export_stream), passphrase.c
(passphrase_to_dek), keyserver.c (print_keyrec): A few more places to use
--keyid-format.

* options.h, g10.c (main), export.c (parse_export_options,
do_export_stream): Remove --export-all and the "include-non-rfc"
export-option as they are no longer meaningful with the removal of v3
Elgamal keys.
2004-03-05 00:01:25 +00:00
David Shaw
c562c9e837 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Remove
verify-option show-long-keyids and replace with the more general
keyid-format.
2004-03-03 20:54:03 +00:00
David Shaw
2d7fe1d3a1 * options.h, g10.c (main): Add a more flexible --keyid-format option to
replace the list-option (and eventually verify-option) show-long-keyids.
The format can be short, long, 0xshort, and 0xlong.

* keydb.h, keyid.c (keystr, keystrlen): New functions to generate a
printable keyid.

* keyedit.c (print_and_check_one_sig, show_key_with_all_names), keylist.c
(list_keyblock_print): Use new keystr() function here to print keyids.
2004-03-03 05:47:51 +00:00
David Shaw
a84fe549da * plaintext.c: Copyright.
* encode.c (encode_simple): Show cipher with --verbose.

* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level.  If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.

* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
2004-02-24 23:37:18 +00:00
David Shaw
643665c963 * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add
--min-cert-check-level option to specify minimum cert check level.
Defaults to 2 (so 0x11 sigs are ignored).  0x10 sigs cannot be ignored.
2004-02-23 04:00:51 +00:00
David Shaw
6c13b96a1d * options.h, g10.c (main), plaintext.c (handle_plaintext): Add
--max-output option to help people deal with decompression bombs.
2004-02-18 23:09:27 +00:00
David Shaw
aa5f1940ff * options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-unusable-subkeys" list-option to show revoked and/or expired
subkeys.
2004-02-11 13:46:23 +00:00
David Shaw
385a19bd7b * mainproc.c (list_node): Show sigs with --verbose.
* options.h, g10.c (set_screen_dimensions): New function to look at
COLUMNS and LINES.

* keyserver.c (parse_keyrec, keyserver_search_prompt), keyedit.c
(print_and_check_one_sig): Use new screen dimension variables.
2004-01-24 00:47:45 +00:00
David Shaw
2a785147be * options.h, g10.c (main), import.c (parse_import_options, import_one,
import_secret_one), keyserver.c (keyserver_refresh): Change --merge-only
to --import-option merge-only.  Deprecate --merge-only.
2003-12-31 04:58:52 +00:00
David Shaw
48238805b9 * options.h, g10.c (main), keyserver.c (keyserver_opts,
parse_keyserver_uri): honor-http-proxy is no longer an option since we can
do the same thing with http-proxy with no arguments. Also remove
broken-http-proxy since it can be better handled in the HTTP helper.
2003-12-28 16:08:04 +00:00
David Shaw
7847eae02c * build-packet.c (write_fake_data, do_secret_key), seckey-cert.c
(do_check): Use an unsigned length for mpi_get_opaque.

* options.h: It's impolite to assign -1 to an unsigned
opt.force_ownertrust.
2003-12-17 23:04:53 +00:00
David Shaw
3c40fd65d6 * options.h, g10.c (main), main.h, seskey.c (do_encode_md,
encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove
--emulate-md-encode-bug as it only applied to Elgamal signatures, which
are going away.
2003-12-04 04:34:08 +00:00
David Shaw
dcf747d620 * options.h, g10.c (main), compress-bz2.c (init_uncompress): Add
--bz2-compress-lowmem to set bzlib "small" flag for low memory (but slow)
decompression.
2003-11-18 02:52:35 +00:00
David Shaw
995d712589 * options.h, g10.c (main), compress.c (init_compress), compress-bz2.c
(init_compress): Add --compress-level and --bzip2-compress-level.  -z sets
them both.  Change various callers.
2003-11-15 22:31:58 +00:00
David Shaw
c47ec46526 * options.h, trustdb.c (trust_model_string, init_trustdb): Add support for
"external" trust model, where the user can provide a pregenerated trustdb.

* keyedit.c (keyedit_menu): Do not allow editing ownertrust with an
external trust model trustdb.
2003-11-15 00:19:49 +00:00
David Shaw
80caf9957f * options.h, g10.c, keyedit.c, keylist.c, mainproc.c: Clarify the
plurarility (or not) of various list and verify options.
2003-11-14 05:06:19 +00:00
David Shaw
cb772decc4 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
--verify-option show-unusable-uids.
2003-09-30 21:16:36 +00:00
Werner Koch
e369270a65 * g10.c (main): New commands --card-edit, --card-status and
--change-pin.  New options --ctapi-driver, --pcsc-driver and
--disable-ccid
* options.h (DBG_CARD_IO): New.
* cardglue.c, cardclue.h: Enhanced.
* card-util.c: New. Taken from current the gnupg 1.9 branch.
* app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c
* apdu.h, ccid-driver.c, ccid-driver.h: New.  Takem from the current
gnupg 1.9 branch withy minor changes to include directives.
* Makefile.am: Added these files.
2003-09-28 13:41:58 +00:00
David Shaw
e70e41612f * options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-unusable-uids" list-option to show revoked and/or expired user IDs.
2003-09-25 04:03:11 +00:00
David Shaw
b224756fbe * g10.c (main): Deprecate --default-comment in favor of --no-comments.
* options.h, g10.c (main), armor.c (armor_filter): Allow using --comment
multiple times to get multiple Comment: header lines. --no-comments resets
list.
2003-09-23 03:52:55 +00:00
David Shaw
2d682ddc00 * options.h, g10.c (main): Add list-option list-preferred-keyserver.
* keyedit.c (change_passphrase): When responding 'no' to the blank
passphrase question, re-prompt for a new passphrase.  This is bug #202.
2003-08-26 04:07:52 +00:00
David Shaw
752e3459ab * options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
(print_and_check_one_sig): New "show-sig-expire" list-option to show
signature expiration dates (if any).
2003-08-03 02:37:48 +00:00
David Shaw
e4a9d14aad * options.h, g10.c (main, add_keyserver_url): Add
--sig-preferred-keyserver to implant a "where to get my key" subpacket
into a signature.

* sign.c (mk_notation_and_policy): Rename to mk_notation_policy_etc and
add preferred keyserver support for signatures.
2003-07-24 19:28:12 +00:00
David Shaw
726b36b647 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
verify-options "show-validity" and "show-long-keyid" to show trustdb
validity and long keyids during (file) signature verification.
2003-07-20 02:09:06 +00:00
David Shaw
4d3fecee56 * options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since
they at least handle subkeys correctly.

* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
parse_one_sig_subpkt, can_handle_critical): Add read-only support for
preferred keyserver subpackets.  They're basically policy URLs with a
different name.  Add a verify-option "show-preferred-keyserver" to turn
them on and off (on by default, as per stable branch).

* g10.c (main): Add "--set-notation" as alias to "--notation-data" this is
to make things consistent with --set-policy-url meaning both sigs and
certs.
2003-06-05 02:06:12 +00:00
David Shaw
7c9855aaa2 * options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-validity" and "show-long-keyid" list-options.

* gpgv.c (get_validity, trust_value_to_string): Stubs.

* g10.c (main): Use SAFE_VERSION instead of VERSION in the
version-specific gpg.conf file so it can be overridden on RISCOS.
2003-06-03 17:47:58 +00:00
David Shaw
27ec3d9201 * g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
(check_sig_and_print): Emulate the old policy and notation behavior
(display by default).  Send to status-fd whether it is displayed on the
screen or not.

* g10.c (main): Since we now have some options in devel that won't work in
a stable branch gpg.conf file, try for a version-specific gpg.conf-VERSION
file before falling back to gpg.conf.

* main.h, options.h: Move various option flags to options.h.
2003-06-01 15:36:13 +00:00
David Shaw
b17358948d * mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
show_notation): Collapse the old print_notation_data into show_policy()
and show_notation() so there is only one function to print notations and
policy URLs.

* options.h, main.h, g10.c (main), keyedit.c (print_and_check_one_sig),
keylist.c (list_one, list_keyblock_print), pkclist.c (do_edit_ownertrust),
sign.c (mk_notation_and_policy): New "list-options" and "verify-options"
commands.  These replace the existing --show-photos/--no-show-photos,
--show-notation/--no-show-notation,
--show-policy-url/--no-show-policy-url, and --show-keyring options.  The
new method is more flexible since a user can specify (for example) showing
photos during sig verification, but not in key listings.  The old options
are emulated.
2003-05-31 23:23:19 +00:00
David Shaw
3a23c4230b * armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c,
signal.c, textfilter.c: Edit all preprocessor instructions to remove
whitespace before the '#'. This is not required by C89, but there are some
compilers out there that don't like it.
2003-05-24 21:50:33 +00:00
David Shaw
3afe991bb8 * packet.h, build-packet.c (build_sig_subpkt), export.c
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket.  This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.

* options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex.  This is step one in simplifying them. No
functional change yet, just use a macro to check for compliance level.

* sign.c (sign_file): Fix bug that causes spurious compression preference
warning.

* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.

* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file,
clearsign_file), encode.c (encode_crypt, write_pubkey_enc_from_list): New
functions to put the "this message may not be usable...." warning in one
place.

* options.h, g10.c (main): Part two of the simplification.  Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)

* g10.c (main): Show errors for failure in export, send-keys, recv-keys,
and refresh-keys.

* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.

* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.

* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.
2003-05-03 04:07:45 +00:00
David Shaw
f861b6488e * tdbio.c (create_version_record): Only create new trustdbs with
TM_CLASSIC or TM_PGP.

* trustdb.h, trustdb.c (trust_string, get_ownertrust_string,
get_validity_string, ask_ownertrust, validate_keys), pkclist.c
(do_edit_ownertrust): Rename trust_string to trust_value_to_string for
naming consistency.

* trustdb.h, trustdb.c (string_to_trust_value): New function to translate
a string to a trust value.

* g10.c (main): Use string_to_trust_value here for --force-ownertrust.

* options.h, g10.c (main), trustdb.c (trust_model_string, init_trustdb,
check_trustdb, update_trustdb, get_validity, validate_one_keyblock): An
"OpenPGP" trust model is misleading since there is no official OpenPGP
trust model.  Use "PGP" instead.
2003-05-01 21:37:08 +00:00
David Shaw
a01bda6abd * sign.c (do_sign): Show the hash used when making a signature in verbose
mode.

* tdbio.h, tdbio.c (tdbio_read_model): New function to return the trust
model used in a given trustdb.

* options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb,
update_trustdb): Use tdbio_read_model to implement an "auto" trust model
which is set via the trustdb.
2003-04-26 20:38:16 +00:00
Werner Koch
b394776a80 * Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
* g10.c, options.h: New option --enable-progress-filter.
* progress.c (handle_progress): Make use of it.
2003-04-15 15:46:13 +00:00
David Shaw
2c717d9038 * options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv"
keyserver option.  Defaults to on.

* passphrase.c (agent_get_passphrase): Fix memory leak with symmetric
messages.  Fix segfault with symmetric messages.  Fix incorrect prompt
with symmetric messages.
2003-03-11 22:12:20 +00:00
Stefan Bellon
ea86ca6565 fixed typo 2002-12-06 00:38:43 +00:00
Werner Koch
036fbb22a7 * g10.c: New options --[no-]mangle-dos-filenames.
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.
2002-12-05 15:25:16 +00:00
David Shaw
3b7ca1faa5 * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store trust
model in the trustdb version record. (tdbio_update_version_record): New
function to update version record values during a trustdb check or update.
(tdbio_dump_record): Show trust model in dump.

* trustdb.c (validate_keys): Call tdbio_update_version_record on success
so that the correct options are stored in the trustdb.

* options.h: rearrange trust models so that CLASSIC is 0 and OPENPGP is 1.
2002-12-04 00:05:11 +00:00
David Shaw
e357092285 * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.

* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 23:31:48 +00:00
David Shaw
bf4a893586 * options.h, g10.c (main), trustdb.c (ask_ownertrust): Add
--force-ownertrust option for debugging purposes.  This allows setting a
whole keyring to a given trust during an --update-trustdb.  Not for normal
use - it's just easier than hitting "4" all the time to test a large
trustdb.
2002-11-07 04:37:27 +00:00
David Shaw
91a8e4a6fb * options.h, g10.c (main): Add --trust-model option. Current models are
"openpgp" which is classic+trustsigs, "classic" which is classic only, and
"always" which is the same as the current option --always-trust (which
still works).  Default is "openpgp".

* trustdb.c (validate_one_keyblock): Use "openpgp" trust model to enable
trust sigs.

* gpgv.c (main), mainproc.c (check_sig_and_print), pkclist.c (do_we_trust,
do_we_trust_pre, check_signatures_trust): Use new --trust-model option in
place of --always-trust.
2002-11-03 20:18:56 +00:00
David Shaw
8c48fbd0e2 * options.h, g10.c (main): Add --strict and --no-strict to switch the
log_warning severity level from info to error.
2002-10-03 22:13:04 +00:00
Werner Koch
c5445cc323 * g10.c, options.h: Removed option --emulate-checksum-bug.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
2002-09-11 07:27:54 +00:00
Werner Koch
b324a5d2d1 Cleanups and minor fixes. 2002-09-10 08:40:12 +00:00
David Shaw
63a71c1ff9 * options.h, g10.c (main), mainproc.c (proc_encrypted): --ignore-mdc-error
option to turn a MDC check error into a warning.
2002-08-06 17:57:53 +00:00
David Shaw
928dba9e70 * options.h, g10.c (main), mainproc.c (proc_encrypted): Return a
decryption failed error if a MDC does not verify.  Warn if a MDC is not
present (can disable via --no-mdc-warning).

* exec.c (exec_write), g10.c (main), keyserver.c (keyserver_spawn): Use
new DISABLE_KEYSERVER_PATH rather than FIXED_EXEC_PATH.
2002-07-30 16:48:21 +00:00
David Shaw
d0c643a6c5 * options.h, exec.h, exec.c (set_exec_path, exec_write), g10.c (main),
keyserver.c (keyserver_spawn): If the user does not use "exec-path",
completely replace $PATH with GNUPG_LIBEXECDIR before calling the
keyserver helper.  If the user does use "exec-path", append
GNUPG_LIBEXECDIR after the specified path.
2002-07-24 19:24:08 +00:00
David Shaw
125613737c * options.h, main.h, g10.c (main), import.c (parse_import_options,
delete_inv_parts), keyserver.c (parse_keyserver_options): add new
--import-options option.  The only current flag is "allow-local-sigs".

* g10.c (main): Don't disable MDC in pgp7 mode.

* options.h, g10.c (main), keyserver.c (parse_keyserver_options): Remove
old keyserver-option include-attributes now that there is an export-option
for the same thing.
2002-07-22 22:26:14 +00:00
David Shaw
002f085c23 * options.h, main.h, export.c (parse_export_options, do_export_stream),
g10.c (main): add new --export-options option. Current flags are
"include-non-rfc", "include-local-sigs", "include-attributes", and
"include-sensitive-revkeys".

* options.h, hkp.c (hkp_export), keyserver.c (parse_keyserver_options,
keyserver_spawn): try passing unknown keyserver options to export options,
and if successful, use them when doing a keyserver --send-key.

* build-packet.c (build_sig_subpkt): We do not generate
SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
2002-07-22 19:07:21 +00:00
David Shaw
75ad30031f * keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in a
designated revoker means "sensitive", not "local".  It's exportable under
the right circumstances.

* main.h, options.h, export.c (do_export_stream), g10.c (main), hkp.c
(hkp_export), keyserver.c (keyserver_spawn: Add a flag to skip attribute
packets and their signatures while exporting.  This is to accomodate
keyservers (pksd again) that choke on attributes. Use keyserver-option
"include-attributes" to control it.  This defaults to ON (i.e. don't
skip).
2002-07-17 19:48:19 +00:00
David Shaw
9ffea0d67b * options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn,
keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search): Use a
much more strict reading of RFC-2396 for the keyserver URIs. Specifically,
don't try and be smart about checking the value of ":port" so long as it
is all digits, and properly handle opaque data (those scheme specific
parts that do not start with "//").
2002-07-09 19:40:18 +00:00
David Shaw
c6feade425 * options.h, g10.c (main), keyserver.c (keyserver_refresh): Maintain and
use the original keyserver URI for cosmetics rather than trying to
recreate it when needed.

* mainproc.c (check_sig_and_print): Properly disregard expired uids.
Make sure that the first uid listed is a real uid and not an attribute
(attributes should only be listed in the "aka" section).  When there are
no valid textual userids, try for an invalid textual userid before using
any attribute uid.
2002-07-02 22:13:00 +00:00
David Shaw
3f51f7db3d Update head to match stable 1.0 2002-06-29 13:46:34 +00:00
Werner Koch
986d928ce2 See ChangeLog: Mon Sep 18 16:35:45 CEST 2000 Werner Koch 2000-09-18 14:35:34 +00:00
Werner Koch
9fc2d24fdb See ChangeLog: Mon Aug 21 17:59:17 CEST 2000 Werner Koch 2000-08-21 15:54:37 +00:00
Werner Koch
92cd255508 See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner Koch 2000-07-14 17:34:53 +00:00
Werner Koch
baa30ad117 See ChangeLog: Thu Jan 27 18:00:44 CET 2000 Werner Koch 2000-01-27 16:50:45 +00:00
Werner Koch
0070faa0ff See ChangeLog: Mon Jan 24 13:04:28 CET 2000 Werner Koch 2000-01-24 11:55:49 +00:00
Werner Koch
ed0b0e09d3 See ChangeLog: Fri Dec 31 12:48:31 CET 1999 Werner Koch 1999-12-31 11:44:29 +00:00
Werner Koch
4555c0be94 See ChangeLog: Wed Dec 8 21:58:32 CET 1999 Werner Koch 1999-12-08 21:03:03 +00:00
Werner Koch
4dbfb24dbb See ChangeLog: Mon Jul 26 09:34:46 CEST 1999 Werner Koch 1999-07-26 07:44:46 +00:00
Werner Koch
541bb017d2 See ChangeLog: Thu Jul 22 20:03:03 CEST 1999 Werner Koch 1999-07-22 18:11:55 +00:00
Werner Koch
68512418bd See ChangeLog: Tue Jul 13 17:39:25 CEST 1999 Werner Koch 1999-07-13 15:41:14 +00:00
Werner Koch
40238d4b63 See ChangeLog: Tue Jun 8 13:36:25 CEST 1999 Werner Koch 1999-06-08 11:41:46 +00:00
Werner Koch
3dddf602dd See ChangeLog: Tue Jun 1 16:01:46 CEST 1999 Werner Koch 1999-06-01 14:08:57 +00:00
Werner Koch
d5fd04e0ce See ChangeLog: Wed May 26 14:36:29 CEST 1999 Werner Koch 1999-05-26 12:41:46 +00:00
Werner Koch
9a2ce9b391 See ChangeLog: Tue May 25 19:50:32 CEST 1999 Werner Koch 1999-05-25 17:56:15 +00:00
Werner Koch
bfb32130e5 See ChangeLog: Wed May 19 16:04:30 CEST 1999 Werner Koch 1999-05-19 14:12:26 +00:00
Werner Koch
bbf86c6e59 See ChangeLog: Mon Apr 26 17:48:15 CEST 1999 Werner Koch 1999-04-26 15:53:01 +00:00
Werner Koch
946916a53d See ChangeLog: Thu Feb 25 18:47:39 CET 1999 Werner Koch 1999-02-25 17:51:55 +00:00
Werner Koch
a4ff45f634 See ChangeLog: Fri Feb 19 15:49:15 CET 1999 Werner Koch 1999-02-19 14:54:00 +00:00
Werner Koch
9a4f506a18 See ChangeLog: Wed Feb 10 17:15:39 CET 1999 Werner Koch 1999-02-10 16:22:40 +00:00
Werner Koch
29c08419db See ChangeLog: Sat Jan 16 09:27:30 CET 1999 Werner Koch 1999-01-16 08:29:29 +00:00
Werner Koch
750d74333c See ChangeLog: Wed Dec 23 13:34:22 CET 1998 Werner Koch 1998-12-23 12:41:40 +00:00
Werner Koch
b1e5c79926 See ChangeLog: Thu Dec 17 18:31:15 CET 1998 Werner Koch 1998-12-17 17:36:05 +00:00
Werner Koch
df1326eb05 See ChangeLog: Fri Nov 27 21:37:41 CET 1998 Werner Koch 1998-11-27 20:40:56 +00:00
Werner Koch
47c61bafe3 Expiration time works (I hope so) 1998-11-20 17:42:18 +00:00
Werner Koch
17ea875ab0 See ChangeLog ;-). Key validation should now be faster 1998-11-13 19:41:41 +00:00
Werner Koch
5ccb92591e some random changes 1998-10-25 19:00:01 +00:00
Werner Koch
6e16296864 Snapshot release 0.4.2 1998-10-18 15:21:22 +00:00