1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-18 14:17:03 +01:00

36 Commits

Author SHA1 Message Date
David Shaw
a4d654c548 * hkp.c (parse_hkp_index): Don't leak memory when failing out of a bad HKP
keyserver.

* g10.c (add_notation_data): Relax slightly the rules as to what can go
into a notation name - 2440 allows "@", for example.
2002-06-19 21:46:56 +00:00
David Shaw
f383c7c810 * import.c (clean_subkeys, import_one): Only allow at most 1 binding sig
and at most 1 revocation sig on a subkey, as per 2440:11.1.

* hkp.c (parse_hkp_index, hkp_search): Error if the keyserver returns an
unparseable HKP response.
2002-06-18 03:26:19 +00:00
David Shaw
92cefb688e * options.skel, options.h, main.h, keydb.h, pkclist.c (build_pk_list,
expand_groups), g10.c (main, add_group): Add new "group" command to allow
one name to expand into multiple keys. For simplicity, and to avoid
potential loops, we only expand once - you can't make an alias that points
to an alias.

* main.h, g10.c (main), keygen.c (build_personal_digest_list): Simplify
the default digest list - there is really no need for the other hashes
since they will never be used after SHA-1 in the list.

* options.skel, options.h, g10.c (main), hkp.c (hkp_ask_import,
hkp_export, hkp_search), keyserver.c (parse_keyserver_options,
parse_keyserver_uri, keyserver_work, keyserver_refresh): Make the
"x-broken-hkp" keyserver scheme into keyserver-option "broken-http-proxy".
Move honor_http_proxy into keyserver_options.  Canonicalize the three
variations of "hkp", "x-hkp", and "x-broken-hkp" into "hkp".
2002-06-07 19:38:27 +00:00
David Shaw
e1f88c5d3f * hkp.c (parse_hkp_index): Be more robust with keyservers returning very
unparseable responses.

* exec.c (exec_read): Catch and display an error when the remote process
exits unnaturally (i.e. segfault) so the user knows what happened.  Also
fix exec_write stub which has a different number of arguments now.
2002-06-06 04:04:35 +00:00
David Shaw
ee39ad5750 * sign.c (mk_notation_and_policy): Free unneeded buffer.
* hkp.c (parse_hkp_index): Properly handle the '&' character (i.e.
"&") in HKP responses.

* getkey.c (merge_selfsigs_main): Fix reversed expiration time check with
self-sigs.

* keyedit.c (sign_uids): When making a new self-sig on a v3 key, make a v3
self-sig unless it is currently a v3 self-sig being promoted to v4.
2002-06-01 04:10:16 +00:00
Stefan Bellon
1935d90e1f fixes for M_DEBUG, strcasecmp and RISC OS 2002-05-10 17:28:32 +00:00
Werner Koch
cd59cb1d64 Added a copyright year for files changed this year. 2002-04-29 14:42:34 +00:00
David Shaw
f06ee291db * keyedit.c (menu_deluid): Only cause a trust update if we delete a
non-revoked user id.

* hkp.c (hkp_ask_import), keyserver.c (parse_keyserver_options,
keyserver_spawn), options.h: Remove fast-import keyserver option (no
longer meaningful).

* g10.c (main), keyedit.c (sign_uids), options.h: Change
--default-check-level to --default-cert-check-level as it makes clear what
it operates on.

* g10.c (main): --pgp6 also implies --no-ask-sig-expire.

* delkey.c (do_delete_key): Comment.
2002-04-19 22:38:20 +00:00
David Shaw
9fb6cae5e4 Quote and unquote backslashes from keyserver search responses. 2002-03-29 16:58:07 +00:00
David Shaw
6deb95687d Treat key lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it).  Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.

Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
2002-02-26 01:00:12 +00:00
David Shaw
393ba4f8a7 Detect a "no keys found" case even if the keyserver helper program does
not explicitly say how many keys were found.

Bug fix - don't report non-revoked keys as revoked in HKP key searches.
2002-02-22 03:11:15 +00:00
David Shaw
8ac8b1525e Catch corruption in HKP index lines (can be caused by broken or malicious
keyservers).

Add KEYSERVER_NOT_SUPPORTED for unsupported actions (say, a keyserver that
has no way to search, or a readonly keyserver that has no way to add).
Also add a USE_EXTERNAL_HKP define to disable the internal HKP keyserver
code.
2002-02-19 23:10:32 +00:00
David Shaw
dca36f6252 Bug fix - properly handle user IDs with colons (":") in them while HKP
searching.
2002-02-12 04:38:58 +00:00
David Shaw
22f32c9472 For --sig-policy-url and --cert-policy-url, clarify what is a sig and what
is a cert.  A sig has sigclass 0x00, 0x01, 0x02, or 0x40, and everything
else is a cert.

Add a "nrlsign" for nonrevocable and local key signatures.

Add a --no-force-mdc to undo --force-mdc.

Add a knob to force --disable-mdc/--no-disable-mdc.  Off by default, of
course, but is used in --pgp2 and --pgp6 modes.

Allow specifying multiple users in the "Enter the user ID" loop.  Enter a
blank line to stop.  Show each key+id as it is added.

It is not illegal (though possibly silly) to have multiple policy URLs in
a given signature, so print all that are present.

More efficient implementation of URL-ifying code for --search on an HKP
keyserver.
2002-02-10 00:18:54 +00:00
Stefan Bellon
172fbebbcb used different char types for RISC OS 2002-01-02 17:52:02 +00:00
David Shaw
0335a5f458 Fix capitalization issues 2001-12-17 22:48:52 +00:00
Werner Koch
3851f7df8c * keyserver.c (keyserver_spawn): Assert that we have dropped privs.
* pubkey-enc.c (get_session_key): Check that the public key
algorithm is indeed usable for en/decryption.  This avoid a
strange error message from pubkey_decrypt if for some reasons a
bad algorithm indentifier is passed.
* hkp.c (hkp_export): Do not print possible control characters
from a keyserver response.
(parse_hkp_index): Made uid an unsigned char* because it is passed to
isspace().
(hkp_search): Ditto for the char* vars.
* g10.c (main): Print the IDEA warning also for -c and -se.
* g10.c (get_temp_dir): Assert that we have dropped privs
* encode.c (encode_crypt): Include the first key into the --pgp2
check.
2001-12-15 18:27:13 +00:00
David Shaw
b7a4656965 Generic keyserver API code 2001-12-06 21:43:04 +00:00
Werner Koch
cfd10815b3 Fixed the Read-Only keyring bug and changed the way the keydb interface
works.
2001-10-18 11:56:03 +00:00
Werner Koch
cf477d0908 Bug fixes and Timo's patches 2001-09-19 14:25:05 +00:00
Werner Koch
59334400a1 fixed a stupid C error 2001-09-07 07:57:51 +00:00
Werner Koch
fda386855b Add kludge for broken HTTP proxies. 2001-04-23 11:44:46 +00:00
Werner Koch
aaabc72ec0 Keyserver access is now supported under W32 2001-03-13 13:00:10 +00:00
Werner Koch
be06120679 Changed and added copyright notices 2001-03-08 14:33:24 +00:00
Werner Koch
0ad18f3cc4 Debian updates, minor fixes. 2000-10-17 12:41:51 +00:00
Werner Koch
fe88f35c40 See ChangeLog: Mon Sep 18 12:13:52 CEST 2000 Werner Koch 2000-09-18 10:11:44 +00:00
Werner Koch
12d7d0bbe9 See ChangeLog: Tue May 23 09:19:00 CEST 2000 Werner Koch 2000-05-23 07:08:26 +00:00
Werner Koch
dae44387d6 See ChangeLog: Fri Dec 31 14:08:15 CET 1999 Werner Koch 1999-12-31 13:06:59 +00:00
Werner Koch
a8d59e6d53 See ChangeLog: Thu Dec 9 10:31:05 CET 1999 Werner Koch 1999-12-09 09:32:23 +00:00
Werner Koch
5e66583143 See ChangeLog: Fri Oct 8 20:32:01 CEST 1999 Werner Koch 1999-10-08 18:34:56 +00:00
Werner Koch
c7447e78e2 See ChangeLog: Sun May 23 14:20:22 CEST 1999 Werner Koch 1999-05-23 12:29:05 +00:00
Werner Koch
fb8dbdbd95 See ChangeLog: Sat Mar 20 11:53:40 CET 1999 Werner Koch 1999-03-20 10:53:39 +00:00
Werner Koch
9ef0f26270 See ChangeLog: Thu Jan 21 06:22:10 CET 1999 Werner Koch 1999-01-21 05:25:29 +00:00
Werner Koch
ce650acf1f See ChangeLog: Tue Jan 19 19:34:58 CET 1999 Werner Koch 1999-01-19 18:37:41 +00:00
Werner Koch
05af4687a5 See ChangeLog: Sat Jan 16 12:03:27 CET 1999 Werner Koch 1999-01-16 11:04:29 +00:00
Werner Koch
29c08419db See ChangeLog: Sat Jan 16 09:27:30 CET 1999 Werner Koch 1999-01-16 08:29:29 +00:00