1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

872 Commits

Author SHA1 Message Date
David Shaw
f74282bee0 * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing
algorithms.

* keyedit.c (sign_uids): Don't request a signing key to make a
certification.

* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?)  (print_key_flags): Show certify flag.  (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
	
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
2005-08-27 03:09:40 +00:00
David Shaw
752d64bffc * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.
Suggested by Michael Schierl.
2005-08-27 02:56:51 +00:00
David Shaw
24adfe678d * Makefile.am: No need to link with curl any longer.
* main.h, misc.c (path_access): New.  Same as access() but does a PATH
search like execlp.

* keyserver.c (curl_can_handle): Removed.  Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort.  This is necessary because PGP LDAP and curl LDAP are apples
and oranges.  (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.
2005-08-21 20:58:46 +00:00
David Shaw
2e8c02b54b * exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read):
Minor cleanup to use bitfield flags instead of a bunch of integers.
2005-08-21 14:20:27 +00:00
David Shaw
5cb51422f9 * g10.c (main): Add aliases sign-with->local-user and user->recipient
to make switching from PGP command line to GPG easier.
2005-08-20 19:38:45 +00:00
David Shaw
bd146d5fcc * options.skel: Remove the surfnet LDAP keyserver from the list of
samples since it is being shut down.

* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.
2005-08-19 13:37:47 +00:00
David Shaw
9536012034 Missed keydb.h entry for set_passphrase_from_string 2005-08-06 21:17:11 +00:00
David Shaw
82bee9c68a * g10.c (main), passphrase.c (set_passphrase_from_string): New
--passphrase command line option.  Only useful in very special
circumstances.
2005-08-05 19:54:06 +00:00
Werner Koch
2ce542ad52 auto retrieve keys from PKA. Thsi allows to specify an email address
so that gpg can get the key from DNS.  This helps with opportunistic
encryption.  No integration with the trust modell yet.
2005-08-05 14:46:59 +00:00
David Shaw
533bc3e813 * keygen.c (proc_parameter_file): Sanity check items in keygen batch
file.  Noted by Michael Schierl.
2005-08-05 03:30:13 +00:00
David Shaw
c765d1ee0c * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0.
Noted by Michael Schierl.
2005-08-05 02:03:12 +00:00
David Shaw
a4563ecd19 * keygen.c (write_keyblock): Don't try and build deleted kbnodes since
we start our tree with one.
2005-08-04 21:41:11 +00:00
David Shaw
5ce7563171 Revert bad patch. 2005-08-04 21:39:43 +00:00
David Shaw
bf4728992f * keygen.c (start_tree): Need to use an actual packet type (which we
can then delete) to start the tree.
2005-08-04 20:48:13 +00:00
Werner Koch
cd4c621017 Fixes pertaining to revocation creation with subkey-only exported card keys 2005-08-04 09:53:21 +00:00
Werner Koch
986a137c58 Implemented PKA trust model 2005-07-28 18:59:36 +00:00
Werner Koch
a1cdf3c75f Converted all m_free to xfree etc. 2005-07-27 18:10:56 +00:00
David Shaw
efea9c3ce1 * keyserver.c (keyserver_typemap): Special-case LDAP since curl will
report that it can handle it, and we don't want it to.
2005-07-27 01:24:57 +00:00
Werner Koch
a7ea40e4f8 * passphrase.c (agent_get_passphrase): Make sure to release the
saved codeset.
(agent_open): Add arg ORIG_CODESET and switch back to it in case
of error.  Changed all callers.

* zh_TW.po, fr.po, cs.po: Updated.
2005-07-26 19:08:11 +00:00
Werner Koch
862652ebe1 Preparing a release 2005-07-26 15:41:04 +00:00
David Shaw
99c80f8c39 * keyedit.c (sign_uids): Don't prompt for setting signature expiry to
match key expiry unless --ask-cert-expire is set.  Suggested by Peter
Palfrader.
2005-07-22 16:42:48 +00:00
Werner Koch
a486501c0b * gpg.sgml (http):
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
2005-07-22 16:28:40 +00:00
David Shaw
04b9cec18f * options.h, g10.c (main), keyedit.c (keyedit_menu): Use --interactive
to enable the uid walking when signing a key with no uids specified to
sign.

* keylist.c (list_keyblock_print): Fix silly typo.  Noted by Greg
Sabino Mullane.
2005-07-22 12:52:34 +00:00
David Shaw
a918d63fd5 * keyserver.c (curl_can_handle): New. Do a runtime check against libcurl
to see if it can handle a particular protocol. (keyserver_typemap): Call
it here.

* Makefile.am: Pull in libcurl for curl_version_info() if used.
2005-07-20 21:15:04 +00:00
Werner Koch
a0b4f40301 * g10.c, options.h: New option --limit-card-insert-tries.
* cardglue.c (open_card): Use it.
2005-07-19 12:14:39 +00:00
Werner Koch
730247b19e * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.

* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
2005-07-19 08:50:28 +00:00
Werner Koch
6dc5a11997 * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols.
* ttyio.c (do_get): Move printing of the prompt after disabling
echo.  Suggested by Scott Worley.
2005-07-18 17:58:25 +00:00
David Shaw
8238e7698b * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around
when compacting a uid.  There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.

* keydb.h, kbnode.c (undelete_kbnode): Removed.  No longer needed.

* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed).  This allows
importing compacted uids.
2005-07-09 02:34:04 +00:00
David Shaw
c66eeec3c6 * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 warning. 2005-06-20 17:32:09 +00:00
Werner Koch
2d2e2e74b8 * gpg.sgml: Document smartcard related options.
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
2005-06-20 17:03:27 +00:00
Werner Koch
059d159657 (parse_signature): Use log_info for messages
about missing timestamp or keyid.  In case we don't use that key
there won't be no further error and thus gpg does not need to
return with an error.
2005-06-18 11:49:50 +00:00
David Shaw
07e9d532b1 * keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing.  Like import-clean-sigs, this may nodify the local keyring.

* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
2005-06-14 03:55:19 +00:00
David Shaw
f3c4b07d05 * options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Add import-clean-sigs option to automatically clean a key
when importing.  Note that when importing a key that is already on the
local keyring, the clean applies to the merged key - i.e. existing
superceded or invalid signatures are removed.
2005-06-12 21:17:46 +00:00
David Shaw
6e9b751b79 * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
that even after keys may be merged together, we only have one chosen
selfsig.
2005-06-12 20:42:04 +00:00
David Shaw
1594883f2f * options.h, import.c (parse_import_options, delete_inv_parts):
import-unusable-sigs is now a noop.
2005-06-10 03:15:25 +00:00
David Shaw
045433e35c * options.h, export.c (do_export_stream), keyedit.c (keyedit_menu,
menu_clean_subkeys_from_key), trustdb.h, trustdb.c
(clean_subkeys_from_key): Remove subkey cleaning function.  It is of
very limited usefulness since it cannot be used on any subkey that can
sign, and can only affect multiple selfsigs on encryption-only
subkeys.
2005-06-10 03:00:57 +00:00
David Shaw
31522bac1d * keydb.h, kbnode.c (undelete_kbnode): New function to undelete a
kbnode.

* trustdb.c (clean_uids_from_key): Further tweak the algorithm so that
the last good selfsig is kept when the chosen selfsig is a revocation.
2005-06-10 02:52:41 +00:00
David Shaw
475107dff3 * trustdb.c (clean_uids_from_key), keyedit.c
(menu_clean_uids_from_key): Tweak algorithm to preserve the last
selfsig which helps prevent uid resurrections.
2005-06-09 02:53:18 +00:00
David Shaw
1b07e3723e * getkey.c (fixup_uidnode, merge_selfsigs_main): Handle both expired
and revoked uids in fixup_uidnode().  No need to special case in
merge_selfsigs_main().  This also means that an expired uid will have
its selfsig tagged with chosen_selfsig.
2005-06-08 13:12:57 +00:00
David Shaw
2c9948c00a * options.h, g10.c (main), export.c (parse_export_options,
do_export_stream): Add export-options export-clean-sigs,
export-clean-uids, export-clean-subkeys, and export-clean which is all
of the above.  Export-minimal is the same except it also removes all
non-selfsigs.  export-unusable-sigs is now a noop.
2005-06-08 03:31:48 +00:00
David Shaw
7bf9354bf6 * signal.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on mingw32.
Noted by Joe Vender.

* passphrase.c [_WIN32]: Remove unused variables.
2005-06-01 19:13:05 +00:00
David Shaw
db8adc2880 * keyedit.c (menu_clean_uids_from_key, menu_clean_subkeys_from_key),
trustdb.c (clean_uids_from_key, clean_subkeys_from_key): Fix mingw32 build
warnings.  Noted by Joe Vender.
2005-05-31 19:12:10 +00:00
Werner Koch
a6a93ac540 * keydb.h [!ENABLE_AGENT_SUPPORT]: Define dummy types.
* cardglue.c (assuan_strerror, assuan_transact): Dummy functions
        if not build with agent support.

	* zh_TW.po, zh_CN.po, es.po, ro.po: Updated.

        * tr.po: Updated from TP.  Note: this is an exception in general
        translations from the Robot are not anymore accepted.

        * regcomp.c (MB_CUR_MAX) [_WIN32]: Define it only if not defined.
2005-05-31 10:11:01 +00:00
Werner Koch
7d4043ca57 Updated FSF street address and preparations for a release candidate. 2005-05-31 08:39:18 +00:00
David Shaw
0a9827ca07 * trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk through
the subkeys on a key, and mark any that aren't usable for deletion.
Note that a signing subkey is never marked for deletion since these
keys are still useful after expiration or revocation.

* keyedit.c (menu_clean_subkeys_from_key): New function to call
clean_subkeys_from_key() on a key.  Note that the strings here are not
marked for translation yet.  The UI is still in flux, and there is no
point in annoying the translators twice.  (keyedit_menu): Call it here
as part of the "clean" command.
2005-05-31 03:59:24 +00:00
David Shaw
acac94aa90 * trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through the
user IDs on a key, and mark any that aren't valid for deletion.

* keyedit.c (menu_clean_uids_from_key): New function to call
clean_uids_from_key() on a key.  (keyedit_menu): Call it from here as
part of the "clean" command.
2005-05-30 03:43:30 +00:00
David Shaw
0bad13cdf4 * g10.c (main): Default {export|import}-unusable-sigs to off until the
"clean" UI can be finished.
2005-05-27 03:00:26 +00:00
Werner Koch
d0f5655d19 * passphrase.c (ask_passphrase): Unescape the description string.
* cardglue.c (unescape_status_string): Removed.  Changed all
caller to use ...
* misc.c (unescape_percent_string): New.
2005-05-24 12:39:42 +00:00
Werner Koch
2ab2a874a0 (add_notation_data): Check number of at-signs. 2005-05-24 09:15:01 +00:00
Werner Koch
d8bd3a3826 (add_notation_data): Check number of at-signs. 2005-05-24 09:14:31 +00:00