1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-13 22:08:52 +01:00
Commit Graph

112 Commits

Author SHA1 Message Date
David Shaw
ee1827b8c1 * getkey.c (parse_key_usage): New function to parse out key usage flags.
Set PUBKEY_USAGE_UNKNOWN to handle flags (i.e. authentication) that we
don't understand in this branch. (fixup_uidnode, merge_selfsigs_main,
merge_selfsigs_subkey): Call it from here to remove duplicate code.  This
is bug 378.
2004-11-29 21:07:08 +00:00
David Shaw
b96dc04cde * getkey.c (premerge_public_with_secret): Fix subkey<->binding sig
mismatch when some secret subkeys are missing.  Discovered by Michael
Roth.
2004-09-14 01:55:58 +00:00
David Shaw
297459b28b * hkp.c (dehtmlize): Understand the quote character (i.e. "&quot;") in
HTML responses.

* keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
and remove the printable stuff since we're print-ifying valid utf8
characters.  Change all callers in import.c, sign.c, and encode.c.
2004-08-20 17:24:08 +00:00
David Shaw
4a07655935 * keygen.c (make_backsig): If DO_BACKSIGS is not defined, do not create
backsigs.

* getkey.c (merge_selfsigs_subkey): Find 0x19 backsigs on subkey selfsigs
and verify they are valid.  If DO_BACKSIGS is not defined, fake this as
always valid.

* packet.h, parse-packet.c (parse_signature): Make parse_signature
non-static so we can parse 0x19s in self-sigs.

* main.h, sig-check.c (check_backsig): Check a 0x19 signature.
(signature_check2): Give a backsig warning if there is no or a bad 0x19
with signatures from a subkey.
2004-04-23 03:01:53 +00:00
David Shaw
2980b7129f * packet.h, getkey.c (fixup_uidnode, merge_selfsigs_subkey): Keep track of
which self-sig we actually chose.

* keyedit.c (menu_expire, menu_set_primary_uid, menu_set_preferences): Use
it here to avoid updating non-used self-sigs and possibly promoting an old
self-sig into consideration again.
2004-03-22 20:56:30 +00:00
David Shaw
b813a663d9 * getkey.c (merge_selfsigs_main): Properly handle expired user IDs when
the expired self-sig is not the only self-sig.
2004-02-07 15:09:26 +00:00
David Shaw
8e2a476fb7 * getkey.c: Set MAX_PK_CACHE_ENTRIES and MAX_UID_CACHE_ENTRIES to
PK_UID_CACHE_SIZE (set in ./configure).

* getkey.c (get_pubkey): When reading key data into the cache, properly
handle keys that are partially (pk, no UIDs) cached already.  This is
Debian bug #176425 and #229549.
2004-01-27 17:36:26 +00:00
David Shaw
7690350b7a * getkey.c (merge_selfsigs): If a subkey is already revoked by the owner,
don't allow a designated revokation of the whole key to override this.
We're still revoked either way, of course.
2004-01-21 23:41:42 +00:00
David Shaw
b644894902 * g10.c (list_config, main): New function to dump config options to
stdout.  Currently requires --with-colons.

* getkey.c, keylist.c, packet.h, pkclist.c: Fix copyright dates.
2004-01-13 22:24:23 +00:00
David Shaw
aeb16fcca1 * packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), pkclist.c
(check_signatures_trust): Indicate who has revoked a key (the owner or a
designated revoker).  If a key was revoked by both, prefer the owner.
2004-01-09 20:32:36 +00:00
David Shaw
727171a6c1 * sig-check.c (check_revocation_keys): Comments.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.

* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs.  It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.

* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.

* compress-bz2.c: Include stdio.h.  Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
2003-12-29 03:40:21 +00:00
David Shaw
c6f07b53b2 * getkey.c (get_pubkey_fast): This one is sort of obscure. get_pubkey_fast
returns the primary key when requesting a subkey, so if a user has a key
signed by a subkey (we don't do this, but used to), AND that key is not
self-signed, AND the algorithm of the subkey in question is not present in
GnuPG, AND the algorithm of the primary key that owns the subkey in
question is present in GnuPG, then we will try and verify the subkey
signature using the primary key algorithm and hit a BUG().  The fix is to
not return a hit if the keyid is not the primary.  All other users of
get_pubkey_fast already expect a primary only.
2003-12-10 14:57:38 +00:00
David Shaw
f9fffa826c * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys for
anything except revocations.

* sign.c (do_sign): Add Elgamal encrypt-only keys to the signature
catchall.

* trustdb.c (mark_usable_uid_certs): Disallow signatures to and from
Elgamal encrypt-only keys in the trustdb.  Granted, this sounds strange,
but there are historical keys that fit this description.
2003-12-05 04:13:47 +00:00
David Shaw
74e3c5ac7d * revoke.c (gen_desig_revoke): Specify in the comment when a designated
revocation is generated.

* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys for
anything except revocations.

* sign.c (do_sign): Catchall for any Elgamal signatures except
revocations.
2003-11-29 22:44:05 +00:00
David Shaw
9f839ac937 * sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.
2003-07-21 14:55:00 +00:00
Werner Koch
6a00a17bd1 Make sure that only ascii is passed to isfoo functions. 2003-06-07 20:06:32 +00:00
David Shaw
d6e7a14fa7 * keylist.c (list_one): Don't show the keyring filename when in
--with-colons mode.  Actually translate "Keyring" string.

* mainproc.c (proc_tree): We can't currently handle multiple signatures of
different classes or digests (we'd pretty much have to run a different
hash context for each), but if they are all the same, make an exception.
This is Debian bug #194292.

* sig-check.c (check_key_signature2): Make string translatable.

* packet.h, getkey.c (fixup_uidnode): Mark real primary uids differently
than assumed primaries.

* keyedit.c (no_primary_warning): Use the differently marked primaries
here in a new function to warn when an --edit-key command might rearrange
the self-sig dates enough to change which uid is primary. (menu_expire,
menu_set_preferences): Use no_primary_warning() here.

* Makefile.am: Use @DLLIBS@ for -ldl.
2003-05-30 22:18:31 +00:00
David Shaw
898aa0ed02 * armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, hkp.c, mainproc.c,
parse-packet.c, signal.c, textfilter.c: Edit all preprocessor instructions
to remove whitespace before the '#'.  This is not required by C89, but
there are some compilers out there that don't like it.
2003-05-22 03:00:23 +00:00
David Shaw
020ace9330 * parse-packet.c (parse_key): Clear disabled flag when parsing a new key.
Just in case someone forgets to clear the whole key.

* getkey.c (merge_selfsigs_main): Add an "if all else fails" path for
setting a single user ID primary when there are multiple set primaries all
at the same second, or no primaries set and the most recent user IDs are
at the same second, or no signed user IDs at all. This is arbitrary, but
deterministic.

* exec.h, photoid.h: Add copyright message.
2003-05-11 21:10:46 +00:00
David Shaw
6957239566 * g10.c (main): New --gnupg option to disable the various --openpgp,
--pgpX, etc. options.  This is the same as --no-XXXX for those options.

* packet.h, getkey.c (skip_disabled), keylist.c (print_capabilities): New
"pk_is_disabled" macro to retrieve the cached disabled value if available,
and fill it in via cache_disabled_value if not available.

* trustdb.h, gpgv.c (is_disabled), trustdb.c (is_disabled): Rename to
cache_disabled_value.  Cache the result of the check so we don't need to
hit the trustdb more than once.

* trustdb.c (get_validity): Cache the disabled value since we have it
handy and it might be useful later.
2003-05-09 16:05:24 +00:00
David Shaw
53f2944998 * keyedit.c (sign_uids): Show keyid of the key making the signature.
* trustdb.h, trustdb.c (is_disabled), keylist.c (print_capabilities),
gpgv.c (is_disabled): is_disabled now takes a pk and not just the keyid.
This is for speed since there is no need to re-fetch a key when we already
have that key handy.

* getkey.c (skip_disabled): New function to get a pk and call is_disabled
on it. (key_byname): Use it here.
2003-05-07 14:04:27 +00:00
David Shaw
37ec8572e8 * options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex.  This is step one in simplifying them.
No functional change yet, just use a macro to check for compliance level.
2003-05-02 19:22:00 +00:00
Werner Koch
e934896789 * sig-check.c (check_key_signature2): Made "no subkey for subkey
binding packet" a verbose item instead of a !quiet one.  There are
too many garbled keys out in the wild.
* getkey.c (premerge_public_with_secret): Made "no secret subkey
for" warning a verbose item and translatable.
2003-04-29 07:21:08 +00:00
David Shaw
2d5091e4e3 * getkey.c (merge_selfsigs_main): Remove some unused code and make sure
that the pk selfsigversion member accounts for 1F direct sigs.

* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches.  Noted by Stefan Bellon.
2003-01-03 00:40:20 +00:00
David Shaw
63246fe693 * getkey.c (merge_selfsigs_main), main.h, sig-check.c
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
2002-12-28 04:08:53 +00:00
David Shaw
1fb55cd173 * keyserver.c (keyserver_refresh): Don't print the "refreshing..." line if
there are no keys to refresh or if there is no keyserver set.

* getkey.c (merge_selfsigs_main): Any valid user ID should make a key
valid, not just the last one.  This also fixes Debian bug #174276.
2002-12-27 23:31:04 +00:00
David Shaw
fd75f7daac * keydb.h, getkey.c (key_byname): Flag to enable or disable including
disabled keys.  Keys specified via keyid (i.e. 0x...) are always included.

* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.

* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt.  Do include disabled keys for the default key and
--encrypt-to.

* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.

* gpgv.c (is_disabled): Stub.
2002-12-19 04:47:12 +00:00
David Shaw
dc70beb88f * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.
2002-12-03 23:09:20 +00:00
Stefan Bellon
5059ac6f0b fixed type incompatibility 2002-11-13 21:50:33 +00:00
David Shaw
7178a8056c * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 05:20:43 +00:00
Werner Koch
321b88d0f6 * getkey.c (get_pubkey_direct): Renamed to...
(get_pubkey_fast): this and made extern.
(get_pubkey_byfprint_fast): New.
* import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might
lead to recursions. --> There is still a problem, though.
(revocation_present): Likewise for search by fingerprint.

* g10.c (main): Try to create the trustdb even for non-colon-mode
list-key operations.  This is required because getkey needs to
know whether a a key is ultimately trusted.
2002-10-30 10:02:38 +00:00
David Shaw
d1738ac243 * getkey.c (get_pubkey_direct): Don't cache keys retrieved via this
function as they may not have all their fields filled in.

* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
2002-10-04 22:09:18 +00:00
Werner Koch
901ac5ed9b * getkey.c (get_pubkey_direct): New.
(merge_selfsigs_main): Use it here to look for an ultimately
trusted key.  Using the full get_pubkey might lead to a infinitive
recursion.
2002-10-01 08:29:47 +00:00
David Shaw
0e7778cb51 * getkey.c (check_revocation_keys): Move....
* main.h, sig-check.c (check_revocation_keys): to here.  Also return the
signature_check error code rather than 0/1 and cache the sig result.

* sig-check.c (check_key_signature2): Divert to check_revocation_keys if a
revocation sig is made by someone other than the pk owner.

* getkey.c (merge_selfsigs_main): Tidy.
2002-09-13 12:52:30 +00:00
David Shaw
7e3e9bf357 * sig-check.c (do_check, do_check_messages): Emit the usual sig warnings
even for cached sigs.  This also serves to protect against missing a sig
expiring while cached.

* getkey.c (merge_selfsigs_main): Don't check UID self-sigs twice.
2002-08-23 20:59:48 +00:00
David Shaw
8609693d79 * import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys into
chk_self_sigs.  This improves efficiency as the same signatures are not
checked multiple times.  Clarify when a subkey is revoked (any revocation
signature, even if it is dated before the binding signature).

* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.

* keylist.c (list_one): Stats are only for public key listings.

* g10.c (main), options.skel: Default should be include-revoked for
keyserver operations.
2002-08-22 17:47:42 +00:00
Werner Koch
89f8e7ef36 * getkey.c (get_user_id_native): Renamed to ..
(get_user_id_printable): this.  Filter out all dangerous
characters.  Checked all usages.
(get_user_id_string_native): Renamed to..
(get_user_id_string_printable): this.  Filter out all dangerous
characters.  Checked all usages.
* keyedit.c (show_basic_key_info): New.
* keylist.c (print_fingerprint): New mode 3.
* import.c (import_one): Use new function to display the user ID.
2002-08-19 08:28:00 +00:00
David Shaw
3f51f7db3d Update head to match stable 1.0 2002-06-29 13:46:34 +00:00
Werner Koch
5a9ea8ff5c Changed keyring handling - saving still does not work.
Added new cipher mode and updated cipher test program.
2000-10-10 12:58:43 +00:00
Werner Koch
14974bc5d7 See ChangeLog: Fri Oct 6 14:29:16 CEST 2000 Werner Koch 2000-10-06 12:28:44 +00:00
Werner Koch
9c20f65cbe See ChangeLog: Wed Oct 4 13:16:18 CEST 2000 Werner Koch 2000-10-04 11:16:19 +00:00
Werner Koch
986d928ce2 See ChangeLog: Mon Sep 18 16:35:45 CEST 2000 Werner Koch 2000-09-18 14:35:34 +00:00
Werner Koch
92cd255508 See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner Koch 2000-07-14 17:34:53 +00:00
Werner Koch
baa30ad117 See ChangeLog: Thu Jan 27 18:00:44 CET 2000 Werner Koch 2000-01-27 16:50:45 +00:00
Werner Koch
0070faa0ff See ChangeLog: Mon Jan 24 13:04:28 CET 2000 Werner Koch 2000-01-24 11:55:49 +00:00
Werner Koch
881e513237 See ChangeLog: Sat Nov 13 17:44:23 CET 1999 Werner Koch 1999-11-13 16:43:23 +00:00
Werner Koch
0428ca6da6 See ChangeLog: Wed Sep 1 15:30:44 CEST 1999 Werner Koch 1999-09-01 13:40:07 +00:00
Werner Koch
4dbfb24dbb See ChangeLog: Mon Jul 26 09:34:46 CEST 1999 Werner Koch 1999-07-26 07:44:46 +00:00
Werner Koch
541bb017d2 See ChangeLog: Thu Jul 22 20:03:03 CEST 1999 Werner Koch 1999-07-22 18:11:55 +00:00
Werner Koch
7cb8838061 See ChangeLog: Thu May 6 14:18:17 CEST 1999 Werner Koch 1999-05-06 12:26:10 +00:00