* samplekeys.asc: Update 99242560.
* gpg.sgml: Clarify -u/--local-user and --default-key. Note what happens
if you run 'gpg' without any commands. Document --multifile. Document
list-option show-unusable-subkeys.
key to ensure that it does not advertise any that we cannot fulfill. Use
the keyedit command list function to optionally rewrite the prefs.
(import_one, import_secret_one): Use it here when importing a public key
that we have the secret half of, or when importing a secret key that we
have the public half of.
general command list functionality to replace it.
* g10.c (main): Use the general command functionality to implement
--sign-key, --lsign-key, --nrsign-key, and --nrlsign-key.
key, a revocation key set in a direct key signature, and a revocation from
that revocation key, all arrive piecemeal. Needless to say, this is pretty
obscure.
public subkeys.
* keylist.c (list_keyblock_print), keyedit.c (show_key_with_all_names):
Show the revocation date of a key/subkey, and general formatting work.
* packet.h, getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
merge_selfsigs): Keep track of the revocation date of a key.
* keydb.h, keyid.c (revokestr_from_pk): New function to print the
revocation date of a key.
runtime as it properly handles algorithms disabled at build or run time.
* getkey.c (merge_selfsigs_main): Properly handle expired user IDs when
the expired self-sig is not the only self-sig.
* misc.c (compress_algo_to_string): Return NULL on failure like all of the
other xxxx_algo_to_string() functions.
* mainproc.c (list_node): Minor spacing tweak to match --list-keys output.
* keylist.c (list_keyblock_print), mainproc.c (list_node): Mark revoked
subkeys as revoked. Requested by Matthew Wilcox. Revoked overrides
expiration when both apply.
* keyedit.c (show_prefs): Use compress algo constants.
(show_basic_key_info): Make revoked and expired tags translatable.
* g10.c (rm_group): Properly ungroup from a list of groups.
group. (add_group): When adding a group with the same name as an already
existing group, merge the two groups. (list_config): Show an error message
when listing a config item that doesn't exist. (main): Replace -z0 trick
for no compression.
* packet.h, keyedit.c (show_key_with_all_names_colon), keylist.c
(list_keyblock_colon), mainproc.c (list_node, proc_tree): Minor cleanup to
remove local_id, which is no longer used.
PK_UID_CACHE_SIZE (set in ./configure).
* getkey.c (get_pubkey): When reading key data into the cache, properly
handle keys that are partially (pk, no UIDs) cached already. This is
Debian bug #176425 and #229549.
* compress.c (init_compress, push_compress_filter2): Do the right thing
(i.e. nothing) with compress algo 0.
* main.h, decrypt.c (decrypt_messages): Accept filenames to decrypt on
stdin. This is bug #253.
* options.h, g10.c (set_screen_dimensions): New function to look at
COLUMNS and LINES.
* keyserver.c (parse_keyrec, keyserver_search_prompt), keyedit.c
(print_and_check_one_sig): Use new screen dimension variables.
Currently requires --with-colons. (collapse_args): New function to turn
argc/argv into a single string. (main): Use it here to pass list_config()
more than one argument as a single string. (print_algo_numbers): Helper to
print algorithm number for --list-config "pubkey", "cipher",
"hash"/"digest", and "compress" config options.
keyring.c (keyring_rebuild_cache): Add "noisy" flag so cache rebuilds can
remain noisy when called for itself, and quiet when called as part of the
trustdb rebuild.
* trustdb.c (validate_keys): Rebuild the sig caches before building the
trustdb. Note that this is going to require some architectual
re-thinking, as it is agonizingly slow.
* keyring.c (keyring_rebuild_cache): Clear sig cache for any signatures
that we can no longer process (say, if the user removed support for a
necessary pubkey or digest algorithm).
Avoid a number of -Wformat-nonliteral warnings. These aren't actual
problems, but the warnings bothered me.
* miscutil.c (print_string2): New variation on print_string that allows
two delimiters. (print_string): Call print_string2 to do work.
something other than GnuPG is calling the program). (main): Avoid possible
pre-string write. Noted by Christian Biere.
* gpgkeys_ldap.c (main): Avoid possible pre-string write.
very old bzip2 library and we can at least guarantee that it won't fail
because of the lack of stdio.h.
* THANKS: Added Phong Nguyen, who found the Elgamal signing key problem.
for that. Use the portable C MPI code for OpenBSD before 3.4, and remove
the special i386-openbsd assembly directory.
* Makefile.am: Add the portable C links to DISTCLEANFILES. Noted by
Nelson H. F. Beebe.
* mpi-mpow.c (build_index): s/index/idx/ to avoid gcc warning. From Werner
on stable branch.
* longlong.h: Added PowerPC 64 bit code from GPM-4.1.2 but didn't enable
it yet. From Werner on stable branch.
* gpg.sgml: List proper documentation URL. Note that addrevoker takes an
optional "sensitive" argument. Remind that $GNUPGHOME can be used instead
of --homedir. Clarify --no-default-keyring, and note why it may not take
effect if there are no other keyrings present. Remove --pgp2 from the
list of --pgpXes that are just for bad preference lists. Explain more why
locking memory pages is good.
* gpg.sgml: Add an example of what an exclamation mark is, as people seem
to miss it often.
encrypt-dsa.test, encrypt.test, genkey1024.test, plain-1.asc,
plain-1-pgp.asc, plain-2.asc, plain-3.asc, pubring.asc, secring.asc,
sigs.test: Rework tests to work properly with a gpg binary that doesn't
have all ciphers and all pk algos. Basically, we test for the ciphers we
have, only test signing with non-160-bit hashes with RSA (we test all
hashes as hashes). Test all key lengths of AES.
* sig-check.c (check_revocation_keys): Comments.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.
* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs. It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.
* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.
* compress-bz2.c: Include stdio.h. Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
* tdbio.c: Fixed format string bugs related to the use of DB_NAME.
Reported by Florian Weimer.
passes the proxy in from the outside. If the command file sends a proxy,
use it. If it sends "http-proxy" with no arguments, use $http_proxy from
the environment.
parse_keyserver_uri): honor-http-proxy is no longer an option since we can
do the same thing with http-proxy with no arguments. Also remove
broken-http-proxy since it can be better handled in the HTTP helper.