1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

446 Commits

Author SHA1 Message Date
Werner Koch
d174920691 * filter.h: Remove const from WHAT.
* progress.c (handle_progress): Store a copy of NAME.
(progress_filter): Release WHAT, make sure not to print a NULL WHAT.
* openfile.c (open_sigfile): Adjust free for new progress semantics.
* plaintext.c (ask_for_detached_datafile): Don't dealloc pfx->WHAT.
2003-04-29 07:15:25 +00:00
David Shaw
e30006a769 * build-packet.c (build_sig_subpkt): Comments.
* exec.c (exec_write): Cast NULL to void* to properly terminate varargs
list.

* keyedit.c (show_key_with_all_names): Just for safety, catch an invalid
pk algorithm.

* sign.c (make_keysig_packet): Crucial that the call to mksubpkt comes
LAST before the calls to finalize the sig as that makes it possible for
the mksubpkt function to get a reliable pointer to the subpacket area.
2003-04-28 22:00:31 +00:00
David Shaw
f5e9289b82 * sign.c (mk_notation_and_policy): Make some strings translatable. 2003-04-27 19:57:05 +00:00
David Shaw
5cf9c2f1f2 * mainproc.c (check_sig_and_print): Show sig class when verifying a sig
with --verbose on, and add version, pk and hash algorithms and sig class
to VALIDSIG.

* g10.c (main): Add --no-textmode.

* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), trustdb.c (get_validity, reset_trust_records,
validate_keys): Make some strings translatable.
2003-04-27 04:10:04 +00:00
David Shaw
2e6d0dd2e0 * mainproc.c (check_sig_and_print): Show digest algorithm when verifying a
sig with --verbose on.

* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since the devel version can make signatures that trigger
it each time.
2003-04-26 21:35:22 +00:00
David Shaw
9b6afa4fab * hkp.c (hkp_ask_import, hkp_export, hkp_search): Make sure to allocate
space for the ":port" text in HKP URLs.
2003-04-25 03:53:17 +00:00
Werner Koch
a524209170 Reverted recent changes in the copyright notices. We can't use a
range of years but must list each year we have prepared a release
and applied a textual change to a file.  It is common that some
files are not changed in a couple of years and a range would not
allow to express this.
2003-04-23 10:17:41 +00:00
David Shaw
0727326e4e * plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler
warnings.
2003-04-22 04:23:31 +00:00
David Shaw
338be86caf * keyedit.c (sign_uids): Allow replacing expired signatures. Allow
duplicate signatures with --expert.

* pkclist.c (check_signatures_trust): Don't display a null fingerprint
when checking a signature with --always-trust enabled.

* filter.h (progress_filter_context_t), progress.c (handle_progress): Fix
compiler warnings.  Make "what" constant.

* build-packet.c (do_plaintext): Do not create invalid literal packets
with >255-byte names.
2003-04-22 04:10:22 +00:00
Werner Koch
d739d1c9b1 * g10.c, options.h: New option --enable-progress-filter.
* progress.c (handle_progress): Make use of it.
2003-04-15 15:49:41 +00:00
Werner Koch
7b63a8ed5c Reverted recent changes to --output. This is the stable branch and it
might break applications.
2003-04-14 07:52:18 +00:00
Timo Schulz
b79275a66f Forgot to sync the CVS. Check in the code again. 2003-04-13 10:09:57 +00:00
Werner Koch
ed16a85de8 * passphrase.c (read_passphrase_from_fd): Do a dummy read if the
agent is to be used.  Noted by Ingo Kl�cker.
(agent_get_passphrase): Inhibit caching when we have no
fingerprint.  This is required for key generation as well as for
symmetric only encryption.
2003-04-10 07:23:44 +00:00
Werner Koch
3ff3ac5ba4 * passphrase .c (agent_get_passphrase): New arg CANCELED.
(passphrase_to_dek): Ditto.  Passed to above.  Changed all
callers to pass NULL.
* seckey-cert.c (do_check): New arg CANCELED.
(check_secret_key): Terminate loop when canceled.

* keyedit.c (change_passphrase): Pass ERRTEXT untranslated to
passphrase_to_dek and translate where appropriate.

* seckey-cert.c (check_secret_key): Ditto.
* keygen.c (ask_passphrase): Ditto.
* passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT.
Switch the codeset to utf-8.
2003-04-09 15:17:20 +00:00
Werner Koch
5a9e7663c1 * decrypt.c (decrypt_messages): Fixed error handling; the fucntion
used to re-loop with same file after an error.  Reported by Joseph
Walton.
2003-04-09 08:03:17 +00:00
David Shaw
78da3fdfaa * hkp.c (dehtmlize): Fix bug #121 (memory corruption on some platforms).
Special thanks to Michael C. Toren for his help in lining up a sparc to
test this fix on.

* keyserver.c (keyserver_work): Call out error for keyserver helper with a
different version than us.

* main.h, g10.c (main), import.c (parse_import_options,
fix_pks_corruption): It's really PKS corruption, not HKP corruption.
Keep the old repair-hkp-subkey-bug command as an alias.

* g10.c (main): Rename --no-version to --no-emit-version for consistency.
Keep --no-version as an alias.
2003-04-09 01:01:22 +00:00
Werner Koch
3330c63a05 * Makefile.am (EXTRA_DIST): Add autogen.sh wrapper which is
useful for some cross-compiling targets.
2003-04-08 08:37:18 +00:00
David Shaw
f4a70a3dd4 * pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove unused
code.
2003-04-04 22:45:22 +00:00
David Shaw
30a3c7b2b6 * keydb.h: Err on the side of making an unknown signature a SIG rather
than a CERT.

* import.c (delete_inv_parts): Discard any key signatures that aren't key
types (i.e. 0x00, 0x01, etc.)
2003-03-24 17:26:09 +00:00
Werner Koch
a6d00a753c * configure.ac: Test for ranlib and ar.
* Makefile.am: Make use of AM_CFLAGS and AM_LDFLAGS.
2003-03-24 08:45:24 +00:00
David Shaw
27174e551e * status.c (do_get_from_fd): Accept 'y' as well as 'Y' for --command-fd
boolean input.

* g10.c (main): Add deprecated option warning for --list-ownertrust.  Add
--compression-algo alias for --compress-algo.  Change --version output
strings to match "showpref" strings, and make translatable.
2003-03-21 22:55:48 +00:00
Werner Koch
a73a76b34e * compress.c (init_uncompress): Use a 15 bit window size so that
the output of implementations which don't run for PGP 2
compatibility won't get garbled.
2003-03-10 09:59:54 +00:00
David Shaw
1dc153dfd2 * passphrase.c (agent_get_passphrase): Fix memory leak with symmetric
messages.  Fix segfault with symmetric messages.  Fix incorrect prompt
with symmetric messages.
2003-03-05 15:34:42 +00:00
David Shaw
034bbc759f * options.skel: Add explantion and commented-out
"no-mangle-dos-filenames".

* mainproc.c (proc_encrypted): Make string translatable.

* keygen.c (keygen_set_std_prefs): Include AES192, and AES256 in default
prefs.
2003-03-04 14:24:41 +00:00
David Shaw
208509950c * keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the
signature caches to prevent another gpg from tampering with the temporary
copy.

* keydb.c: Double the maximum number of keyrings to 40.

* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations.  Fix cosmetic off-by-one length counter.
2003-03-03 20:27:02 +00:00
Timo Schulz
16c925f68a 2003-03-02 Timo Schulz <twoaday@freakmail.de>
* seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when
        the cipher algo is IDEA to make it easier to track down the problem.
2003-03-02 11:58:24 +00:00
David Shaw
8655a545af * trustdb.c (validate_keys): Mask the ownertrust when building the list of
fully valid keys so that disabled keys are still counted in the web of
trust.

* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.

* g10.c (main): Use 3DES for the s2k cipher in --openpgp mode. Double the
amount of secure memory to 32k (keys are getting bigger these days).
2003-02-26 20:40:34 +00:00
David Shaw
9a80333f49 * g10.c (main): --openpgp disables --pgpX.
* keyedit.c (show_prefs): Make strings translatable.
2003-02-23 00:07:00 +00:00
David Shaw
fde4e0badb * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-02-19 18:26:40 +00:00
David Shaw
651b713d12 * sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF
(segfault).  Noted by Marcus Brinkmann.  Push and reinitialize textmode
filter for each file in a multiple file list.
2003-02-13 02:26:45 +00:00
David Shaw
4eafcfb13b * g10.c (print_mds): Check that SHA384 and 512 are available before using
them as they are no longer always available.

* exec.c (set_exec_path): Add debugging line.

* Makefile.am: Use the more correct @PACKAGE@ rather than "gnupg".
2003-02-11 15:05:33 +00:00
David Shaw
e2963095c0 * Makefile.am: Pass GNUPG_LIBEXECDIR as part of CFLAGS so it can be easily
overridden at make time.
2003-02-06 21:23:02 +00:00
David Shaw
d52392f9e1 * g10.c (print_hex, print_mds): Print long hash strings a lot neater.
This assumes at least an 80-character display, as there are a few other
similar assumptions here and there.  Users who need unformatted hashes can
still use with-colons.
2003-02-05 16:22:30 +00:00
David Shaw
443e083f4a * armor.c (parse_hash_header, armor_filter): Accept the new SHAs in the
armor Hash: header.

* g10.c (print_hex): Print long hash strings a little neater. (print_mds):
Add the new SHAs to the hash list.
2003-02-04 18:59:22 +00:00
David Shaw
3a8ad7e8dc * keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on a v4 key
(treat as a v4 revocation).

* keyedit.c (keyedit_menu, menu_revuid): Backport "revuid" from devel.

* import.c (print_import_check): Do not re-utf8 convert user IDs.

* status.h, status.c (get_status_string), import.c (import_one,
print_import_check): Backport Timo's IMPORT_CHECK status message from
devel.
2003-02-02 15:28:47 +00:00
David Shaw
ae4ef70783 * g10.c (add_group): Trim whitespace after a group name so it does not
matter where the user puts the = sign.
2003-01-16 19:09:04 +00:00
David Shaw
be85ae8f1f * options.skel: Comment out the first three lines in case someone manually
copies the skel file to their homedir.
2003-01-16 16:00:08 +00:00
David Shaw
9f65d8673e * sign.c (clearsign_file): Only use pgp2mode with v3 keys and MD5. This
matches what we do when decoding such messages and prevents creating a
message (v3+RIPEMD/160) that we can't verify.
2003-01-15 20:07:23 +00:00
David Shaw
3c90faa761 * sig-check.c (signature_check2): Use G10ERR_GENERAL as the error for
signature digest conflict.  BAD_SIGN implies that a signature was checked
and we may try and print out a user ID for a key that doesn't exist.
2003-01-15 02:52:57 +00:00
Werner Koch
631eed9c64 * g10.c (add_group): Fixed group parsing to allow more than one
delimiter in a row and also allow tab as delimiter.
2003-01-14 09:32:46 +00:00
David Shaw
d65d805aad * tdbio.c (tdbio_set_dbname): Fix assertion failure with
non-fully-qualified trustdb names.
2003-01-12 15:08:16 +00:00
David Shaw
97e93b7e18 * trustdb.h, trustdb.c (trust_letter): Make static. (get_ownertrust_info,
get_validity_info): Don't mask the trust level twice.

* armor.c (armor_filter): Comment about PGP's end of line tab problem.
2003-01-10 16:46:18 +00:00
David Shaw
e81bae94cb * packet.h, pkclist.c (build_pk_list), free-packet.c
(release_public_key_parts): Remove unused namehash element for public
keys.

* trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info): Pass a
user ID in rather than a namehash, so we only have to do the hashing in
one place.
2003-01-09 04:04:55 +00:00
Werner Koch
8602e35feb Preparing a release candidate. 2003-01-07 10:05:38 +00:00
David Shaw
eb6c0aa2be * packet.h, tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record),
trustdb.c (update_validity): Store temporary full & marginal counts in the
trustdb. (clear_validity, get_validity_counts): Return and clear temp
counts. (store_validation_status): Keep track of which keyids have been
stored. (validate_one_keyblock, validate_key_list): Use per-uid copies of
the full & marginal counts so they can be recalled for multiple levels.
(validate_keys): Only use unused keys for each new round.
(reset_unconnected_keys): Rename to reset_trust_records, and only skip
specifically excluded records.
2003-01-06 22:32:20 +00:00
David Shaw
fad1d22621 * keylist.c (print_capabilities): Show 'D' for disabled keys in
capabilities section.

* trustdb.c (is_disabled): Remove incorrect comment.
2003-01-06 21:06:47 +00:00
David Shaw
2d5091e4e3 * getkey.c (merge_selfsigs_main): Remove some unused code and make sure
that the pk selfsigversion member accounts for 1F direct sigs.

* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches.  Noted by Stefan Bellon.
2003-01-03 00:40:20 +00:00
Werner Koch
e538b99549 * keydb.c (keydb_add_resource): Don't assume that try_make_homedir
terminates but check again for the existence of the directory and
continue then.
* openfile.c (copy_options_file): Print a warning if the skeleton
file has active options.
2003-01-02 17:47:35 +00:00
David Shaw
63246fe693 * getkey.c (merge_selfsigs_main), main.h, sig-check.c
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
2002-12-28 04:08:53 +00:00
David Shaw
1fb55cd173 * keyserver.c (keyserver_refresh): Don't print the "refreshing..." line if
there are no keys to refresh or if there is no keyserver set.

* getkey.c (merge_selfsigs_main): Any valid user ID should make a key
valid, not just the last one.  This also fixes Debian bug #174276.
2002-12-27 23:31:04 +00:00
David Shaw
b8068e84e7 * keygen.c (keygen_add_key_expire): Properly handle updating a key
expiration to a no-expiration value.

* keyedit.c (enable_disable_key): Comment.

* import.c (import_one): When in interactive mode and --verbose, don't
repeat some key information twice.
2002-12-26 22:00:44 +00:00
Timo Schulz
a1b94b92c8 2002-12-23 Timo Schulz <ts@winpt.org>
* import.c (import_one): Use merge_keys_and_selfsig in the
        interactive mode to avoid wrong key information.
2002-12-23 19:31:05 +00:00
David Shaw
fd75f7daac * keydb.h, getkey.c (key_byname): Flag to enable or disable including
disabled keys.  Keys specified via keyid (i.e. 0x...) are always included.

* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.

* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt.  Do include disabled keys for the default key and
--encrypt-to.

* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.

* gpgv.c (is_disabled): Stub.
2002-12-19 04:47:12 +00:00
David Shaw
7cbc893caf * options.skel: Include the required '=' sign in the sample 'group'
option.

* import.c (chk_self_sigs): Don't try and check a subkey as if it was a
signature.
2002-12-12 22:02:53 +00:00
David Shaw
23b36f4e47 * mainproc.c (proc_tree): Handle multiple detached sigs concatenated
together by warning the user and processing only the first.

* g10.c (main): Comment out --list-trust-path until it can be implemented.
2002-12-11 15:17:10 +00:00
David Shaw
b7b7e6c25a * keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.

* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.
2002-12-06 04:05:47 +00:00
Werner Koch
9a34b607ab * g10.c: New options --[no-]mangle-dos-filenames.
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.

NOT YET TESTED!
2002-12-05 15:21:17 +00:00
David Shaw
2d6a766433 * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
Minimal isn't always best.

* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time.  Make sure that this doesn't
cause a time warp.

* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).

* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.

* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).
2002-12-04 18:32:00 +00:00
David Shaw
6d30580362 * packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
2002-12-04 16:17:21 +00:00
David Shaw
dc70beb88f * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.
2002-12-03 23:09:20 +00:00
David Shaw
33783a41a4 * main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* tdbio.c (tdbio_read_record, tdbio_write_record): Comments to reserve a
byte for trust model in the devel version.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 18:10:10 +00:00
David Shaw
03aaecf3f8 * keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
2002-12-01 20:49:13 +00:00
David Shaw
f41be729cc * g10.c (add_notation_data): Disallow notation names that do not contain a
'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.

* g10.c (main): Add --strict and --no-strict as no-ops to smooth
transition when the devel GnuPG becomes the stable one.
2002-11-24 01:44:37 +00:00
Stefan Bellon
5059ac6f0b fixed type incompatibility 2002-11-13 21:50:33 +00:00
David Shaw
5ecf0cbd79 * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.
2002-11-13 13:14:40 +00:00
David Shaw
7178a8056c * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 05:20:43 +00:00
Werner Koch
e95dbae3f6 * passphrase.c (agent_send_all_options): Use tty_get_ttyname to
get the default ttyname.
2002-11-09 17:38:29 +00:00
David Shaw
666dcb370b * keyedit.c (show_key_with_all_names_colon): Don't stick nulls into the
--with-colons listing.
2002-11-05 22:30:59 +00:00
David Shaw
62ff9a5e89 * g10.c (main): Add a mostly noop --trust-model option to smooth
transition to 1.4.
2002-11-05 02:17:48 +00:00
David Shaw
456f89ea7a * build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized
away.
2002-10-31 15:28:19 +00:00
Stefan Bellon
4884931476 reverted filetype patch 2002-10-28 15:26:43 +00:00
Stefan Bellon
191795d14b filetype support for RISC OS 2002-10-28 13:27:18 +00:00
Werner Koch
d964ea1f84 * pubkey-enc.c (get_it): Fix segv, test for revoked only when PK
has been assigned.
2002-10-23 07:06:56 +00:00
Werner Koch
16e53ae196 * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32;
we don't need it here as it behaves more like a Posix system.
* passphrase.c (agent_get_passphrase): Ditto.
* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.

* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from
the registry.
2002-10-21 16:31:38 +00:00
Werner Koch
1f8d80a1b3 * pkclist.c (do_edit_ownertrust): Show all user IDs. This should
be enhanced to also show the current trust level.  Suggested by
Florian Weimer.
2002-10-17 13:49:30 +00:00
Werner Koch
da36b610ef * keygen.c (print_status_key_created): New.
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
2002-10-12 11:42:08 +00:00
David Shaw
51a8a76e23 * keyedit.c (menu_addrevoker): Properly back out if the signature fails. 2002-10-11 20:44:27 +00:00
David Shaw
67356cdd63 * mainproc.c (symkey_decrypt_sesskey): Fix compiler warning. 2002-10-07 22:09:20 +00:00
David Shaw
3832320327 * keylist.c (print_capabilities): Properly indicate per-key capabilities
of sign&encrypt primary keys that have secret-parts-missing (i.e. no
capabilities at all).
2002-10-07 18:20:28 +00:00
David Shaw
d1738ac243 * getkey.c (get_pubkey_direct): Don't cache keys retrieved via this
function as they may not have all their fields filled in.

* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
2002-10-04 22:09:18 +00:00
Werner Koch
2e21d851e9 * passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping.  Noted by Ingo Kl�cker.
2002-10-04 06:02:14 +00:00
David Shaw
09fe2195bc * keylist.c (print_capabilities): Secret-parts-missing keys should show
that fact in the capabilities.
2002-10-03 19:17:02 +00:00
David Shaw
3f2d94179f * packet.h, parse_packet (parse_key): Add is_primary flag for public keys
(it already exists for secret keys).

* keylist.c (print_capabilities): Only primary signing keys can certify
other keys.
2002-10-03 17:40:10 +00:00
David Shaw
27d526298b * import.c (import_secret_one): Check for an illegal (>110) protection
cipher when importing a secret key.

* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.

* parse_packet.c (parse_key): Some comments.

* revoke.c (gen_revoke): Remove some debugging code.

* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
2002-10-02 21:56:03 +00:00
David Shaw
bf31d26b1d * seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher
in question is in fact IDEA.
2002-10-01 20:24:21 +00:00
David Shaw
1e728329d7 * import.c (import_one): Make sure that a newly imported key starts with a
clean ownertrust. (import_revoke_cert): Remove ultimate trust when
revoking an ultimately trusted key.
2002-10-01 17:25:56 +00:00
Werner Koch
901ac5ed9b * getkey.c (get_pubkey_direct): New.
(merge_selfsigs_main): Use it here to look for an ultimately
trusted key.  Using the full get_pubkey might lead to a infinitive
recursion.
2002-10-01 08:29:47 +00:00
David Shaw
4d640a3384 * g10.c (main): Disable --textmode when encrypting (symmetric or pk) in
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
2002-09-30 16:25:17 +00:00
David Shaw
745d270c07 * keyserver.c (parse_keyserver_uri): Force the keyserver URI scheme to
lowercase to be case-insensitive.
2002-09-30 03:19:42 +00:00
David Shaw
1324f0c83a * sig-check.c (check_key_signature2): Properly handle a non-designated
revocation import.
2002-09-28 17:34:43 +00:00
Werner Koch
1f71f4c626 * g10.c (set_homedir): New. Changed all direct assignments to use
this.
* gpgv.c (set_homedir): Ditto.
2002-09-26 12:28:27 +00:00
David Shaw
d477cf2bfb * keylist.c (list_keyblock_colon): Show 1F direct key signatures in
--with-colons listing.

* keyserver.c (keyserver_spawn): Properly handle line truncation. Don't
leak memory (~10-20 bytes) on searches.
(keyserver_search_prompt): Cleanup.

* hkp.c (hkp_search): Properly handle line truncation.
2002-09-19 16:32:44 +00:00
David Shaw
1f19f73326 * keyedit.c (menu_addrevoker): The direct key signature for revocation
keys must be at least v4 to carry the revocation key subpacket.  Add a PGP
2.x warning for revocation keys.
2002-09-17 03:09:33 +00:00
David Shaw
9da9e88433 * g10.c (check permissions): Back out previous change - some translations
already done for 1.2.
2002-09-15 11:16:04 +00:00
David Shaw
d29d483e5f * g10.c (check_permissions): Rearrange strings to make translating easier
(don't incorporate string parts).

* keyedit.c (sign_uids): Make strings translatable.

* sig-check.c (check_key_signature2): Make string translatable.
2002-09-15 03:15:56 +00:00
David Shaw
0e7778cb51 * getkey.c (check_revocation_keys): Move....
* main.h, sig-check.c (check_revocation_keys): to here.  Also return the
signature_check error code rather than 0/1 and cache the sig result.

* sig-check.c (check_key_signature2): Divert to check_revocation_keys if a
revocation sig is made by someone other than the pk owner.

* getkey.c (merge_selfsigs_main): Tidy.
2002-09-13 12:52:30 +00:00
Werner Koch
86d681d8f0 * g10.c (main) [__MINGW32__]: Activate oLoadExtension. 2002-09-13 07:52:45 +00:00
David Shaw
72cd3ef859 * keyserver.c (keyserver_spawn): Remove whitespace after keyserver
commands.
2002-09-12 12:10:04 +00:00
Werner Koch
c5445cc323 * g10.c, options.h: Removed option --emulate-checksum-bug.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
2002-09-11 07:27:54 +00:00
David Shaw
c30d7e8dc7 * exec.c (expand_args): Remove loop left over from earlier implementation.
(exec_write): Missed one tick.
2002-09-10 18:03:40 +00:00
Werner Koch
b324a5d2d1 Cleanups and minor fixes. 2002-09-10 08:40:12 +00:00
David Shaw
d8eda8dbd1 * g10.c (add_group): Use '=' to separate group name from group members.
Use a better error message for when no = is found.

* hkp.c (hkp_export): Use CRLF in headers.
2002-09-09 19:21:58 +00:00
David Shaw
8dccf882f7 * mainproc.c (print_pkenc_list): Don't increment the error counter when
printing the list of keys a message was encrypted to.  This would make gpg
give a non-zero exit code even for completely valid messages if the
message was encrypted to more than one key that the user owned.
2002-09-04 02:48:47 +00:00
Werner Koch
5819b1ee45 * g10.c (main): Try to set a default character set. Print the
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.

* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
2002-09-02 10:59:04 +00:00
David Shaw
46a58a0527 * pkclist.c (build_pk_list): Add new status code to indicate an untrusted
user.  This (or a disabled key) fail with "unavailable pubkey"
(G10ERR_UNU_PUBKEY).
2002-08-30 19:21:55 +00:00
David Shaw
c721e11bf5 * pkclist.c (build_pk_list): Fail if any recipient keys are unusable.
* options.skel: The PGP LDAP keyserver is back.  Use MIT keyserver as a
sample rather than cryptnet as cryptnet does not support searching yet.

* keyedit.c (show_key_with_all_names): Fix error message (preferences are
userid/selfsig and not key specific).
2002-08-30 18:01:32 +00:00
Werner Koch
5dfd5a6dac * pkclist.c (do_we_trust_pre): Changed the wording of a warning.
* encode.c (encode_simple,encode_crypt): Use new style CTB for
compressssed packets when using MDC.  We need to do this so that
concatenated messages are properly decrypted.  Old style
compression assumes that it is the last packet; given that we
can't determine the length in advance, the uncompressor does not
know where to start.  Actually we should use the new CTB always
but this would break PGP 2 compatibility.
* parse-packet.c (parse): Special treatment for new style CTB
compressed packets.

* build-packet.c (do_mdc): Removed. Was not used.
(do_encrypted_mdc): Count the version number and the MDC packet.
2002-08-30 16:34:13 +00:00
David Shaw
a119391e26 * sig-check.c (do_check_messages, do_check): Show keyid in error messages.
* keyserver.c (print_keyinfo): More readable key listings for
--search-keys responses.
2002-08-28 19:34:58 +00:00
David Shaw
da488f03a7 * hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into new
"dehtmlize" function.  Remove HTML before trying to parse each line from
the keyserver.  If the keyserver provides key type information in the
listing, use it.
2002-08-26 19:07:59 +00:00
David Shaw
7e3e9bf357 * sig-check.c (do_check, do_check_messages): Emit the usual sig warnings
even for cached sigs.  This also serves to protect against missing a sig
expiring while cached.

* getkey.c (merge_selfsigs_main): Don't check UID self-sigs twice.
2002-08-23 20:59:48 +00:00
David Shaw
8609693d79 * import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys into
chk_self_sigs.  This improves efficiency as the same signatures are not
checked multiple times.  Clarify when a subkey is revoked (any revocation
signature, even if it is dated before the binding signature).

* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.

* keylist.c (list_one): Stats are only for public key listings.

* g10.c (main), options.skel: Default should be include-revoked for
keyserver operations.
2002-08-22 17:47:42 +00:00
Werner Koch
c7dfa3a8d2 * import.c (import_print_stats): Print new non_imported counter
which is currently not used becuase we terminate on errors.
2002-08-21 14:59:05 +00:00
David Shaw
1cc0480be4 * options.skel: Document no-include-attributes for keyserver-options. 2002-08-20 17:16:33 +00:00
David Shaw
fa88fe9aaf * keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and comments.
* export.c (do_export_stream): Fix noop bug in exporting sensitive
revocation keys.

* pkclist.c (do_edit_ownertrust): Comment out the option for showing trust
paths until it can be implemented.
2002-08-20 12:45:57 +00:00
Werner Koch
89f8e7ef36 * getkey.c (get_user_id_native): Renamed to ..
(get_user_id_printable): this.  Filter out all dangerous
characters.  Checked all usages.
(get_user_id_string_native): Renamed to..
(get_user_id_string_printable): this.  Filter out all dangerous
characters.  Checked all usages.
* keyedit.c (show_basic_key_info): New.
* keylist.c (print_fingerprint): New mode 3.
* import.c (import_one): Use new function to display the user ID.
2002-08-19 08:28:00 +00:00
Timo Schulz
5201d1ec9d 2002-08-16 Timo Schulz <ts@winpt.org>
* g10.c (main): enable opt.interactive.

        * import.c (import_one): Ask the user if the key shall be
        imported when the interactive mode is used. Useful to extract
        selected keys from a file.
2002-08-18 17:24:21 +00:00
Werner Koch
e78e69f37a Removed a leftover conflict indicator. 2002-08-16 07:14:29 +00:00
Werner Koch
0996f7d4df * seckey-cert.c: Workaround to allow decryption of v3 keys created
with a bug in the mpi_get_secure_buffer.
2002-08-16 07:13:13 +00:00
David Shaw
9ad0a6550b * hkp.c (parse_hkp_index): Properly handle really large keys (5 digit key
length) in HKP searches.
2002-08-14 22:48:28 +00:00
David Shaw
1111da19a8 * encode.c (encode_simple): Fix problem with using compression algo 2 and
symmetric compressed files.

* encode.c (encode_simple, encode_crypt): If we are not using a MDC,
compress even if a file is already compressed.  This is to help against
the chosen ciphertext attack.

* pkclist.c (select_algo_from_prefs): Fix requested algorithm bug so the
request succeeds even if the requested algorithm is not the first found.

* cipher.c (write_header), encode.c (use_mdc, encode_simple, encode_crypt,
encrypt_filter), g10.c (main): Be more eager to use a MDC.  We use a MDC
if the keys directly support it, if the keys list AES (any) or TWOFISH
anywhere in the prefs, or if the cipher chosen does not have a 64 bit
blocksize.
2002-08-13 19:00:23 +00:00
David Shaw
74a84ca93b * options.skel: Some language tweaks, and remove the load-extension
section for random gatherers.

* keyring.c (create_tmp_file, rename_tmp_file): Create tmp files with
user-only permissions, but restore the original permissions if the user
has something special set.

* openfile.c (copy_options_file): Create new options file (gpg.conf) with
user-only permissions.

* keydb.c (keydb_add_resource): Create new keyrings with user-only
permissions.
2002-08-09 02:23:42 +00:00
David Shaw
c3f1100411 * tdbio.c (tdbio_set_dbname): Create new trustdbs with user-only
permissions.
2002-08-08 19:09:34 +00:00
David Shaw
e703540328 * sig-check.c (signature_check2): Sanity check that the md has a context
for the hash that the sig is expecting.  This can happen if a onepass sig
header does not match the actual sig, and also if the clearsign "Hash:"
header is missing or does not match the actual sig.
2002-08-07 19:53:27 +00:00
David Shaw
fee7e35bae * keyedit.c (menu_revsig): Properly show a uid is revoked without
restarting gpg.  This is Debian bug 124219, though their supplied patch
will not do the right thing.

* main.h, tdbio.c (tdbio_set_dbname), misc.c (removed check_permissions),
keydb.c (keydb_add_resource), g10.c (main, check_permissions): Significant
reworking of the permission check mechanism.  The new behavior is to check
everything in the homedir by checking the homedir itself.  If the user
wants to put (possibly shared) keyrings outside the homedir, they are not
checked.  The options file and any extension files are checked wherever
they are, as well as their enclosing directories.  This is Debian bug
147760.
2002-08-07 15:53:15 +00:00
Stefan Bellon
7dec3219c9 use of EXTSEP_S 2002-08-06 18:32:58 +00:00
David Shaw
63a71c1ff9 * options.h, g10.c (main), mainproc.c (proc_encrypted): --ignore-mdc-error
option to turn a MDC check error into a warning.
2002-08-06 17:57:53 +00:00
David Shaw
58b0a36d6b * encode.c (encode_crypt), g10.c (main), sign.c (sign_file,
clearsign_file): Use the same --pgpX warning string everywhere to ease
translations.

* encode.c (write_pubkey_enc_from_list): Warn when using --throw-keyid
with --pgpX.  Noted by Vedaal Nistar.
2002-08-06 17:38:04 +00:00
David Shaw
111f78b1ff * revoke.c (export_minimal_pk, gen_desig_revoke, gen_revoke): Export a
minimal pk along with the revocation cert when in --pgpX mode so that PGP
can import it.
2002-08-06 16:58:58 +00:00
Werner Koch
e028b7760b * options.skel: Changed comments.
* gpg.sgml: Fixed doc regarding the name change of the option
file.
2002-08-06 13:37:09 +00:00
Werner Koch
a1259acdcb * g10.c (main): Try to use "gpg.conf" as default option file.
* openfile.c (copy_options_file): Changed name of created file.
2002-08-06 13:29:27 +00:00
Werner Koch
85aa3e18c2 The big extension module removal. 2002-08-03 10:50:53 +00:00
Werner Koch
4493a9603b * delkey.c (do_delete_key): Always allow to delete a key in batch mode
when specified by fingerprint.  Suggested by Enzo Michelangeli.
2002-08-02 10:15:39 +00:00
David Shaw
928dba9e70 * options.h, g10.c (main), mainproc.c (proc_encrypted): Return a
decryption failed error if a MDC does not verify.  Warn if a MDC is not
present (can disable via --no-mdc-warning).

* exec.c (exec_write), g10.c (main), keyserver.c (keyserver_spawn): Use
new DISABLE_KEYSERVER_PATH rather than FIXED_EXEC_PATH.
2002-07-30 16:48:21 +00:00
David Shaw
33ef3cf981 * sig-check.c (do_check): Properly validate v4 sigs with no hashed section
at all.
2002-07-29 03:07:11 +00:00
David Shaw
bb99f6c828 * keyedit.c (menu_revsig): Change "revsig" to honor selected uids so the
user can revoke sigs from particular uids only.

* keylist.c (list_keyblock_print): Don't display expired uids in
--list-keys unless -v and not --list-sigs (just like revoked uids).
2002-07-25 22:59:25 +00:00
David Shaw
9ac6821b46 * exec.c, export.c, import.c, keyedit.c, keyserver.c, misc.c: "Warning" ->
"WARNING"
2002-07-25 18:08:09 +00:00
David Shaw
553ac3f08c * main.h, import.c (parse_import_options, fix_hkp_corruption, import_one,
delete_inv_parts), g10.c (main): New import-option
"repair-hkp-subkey-bug", which repairs as much as possible the HKP
mangling multiple subkeys bug.  It is on by default for keyserver
receives, and off by default for regular --import.

* main.h, import.c (import, import_one, delete_inv_parts), hkp.c
(hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver import
options when doing keyserver receives.
2002-07-24 21:17:19 +00:00
David Shaw
d0c643a6c5 * options.h, exec.h, exec.c (set_exec_path, exec_write), g10.c (main),
keyserver.c (keyserver_spawn): If the user does not use "exec-path",
completely replace $PATH with GNUPG_LIBEXECDIR before calling the
keyserver helper.  If the user does use "exec-path", append
GNUPG_LIBEXECDIR after the specified path.
2002-07-24 19:24:08 +00:00
Werner Koch
35bf53d4bb Forgot to commit this:
* photoid.c (get_default_photo_command): Also use __MINGW32__
instead of HAVE_DOSISH_SYSTEM.
2002-07-24 07:40:53 +00:00
David Shaw
72a3fd4868 * import.c (parse_import_options), export.c (parse_export_options): Fix
offset problem with reversed ("no-") meanings.
2002-07-24 03:37:55 +00:00
David Shaw
eb5c0265e1 * import.c (delete_inv_parts): Discard subkey signatures (0x18 and 0x28)
if found in the userid section of the key.
2002-07-24 03:29:02 +00:00
David Shaw
4623605645 * sig-check.c (signature_check2): Signatures made by invalid subkeys
(bad/missing binding sig) are also invalid.

* keylist.c (print_fingerprint): Show the primary as well as the secondary
key fingerprint in modes 1 & 2.
2002-07-23 18:42:18 +00:00
David Shaw
125613737c * options.h, main.h, g10.c (main), import.c (parse_import_options,
delete_inv_parts), keyserver.c (parse_keyserver_options): add new
--import-options option.  The only current flag is "allow-local-sigs".

* g10.c (main): Don't disable MDC in pgp7 mode.

* options.h, g10.c (main), keyserver.c (parse_keyserver_options): Remove
old keyserver-option include-attributes now that there is an export-option
for the same thing.
2002-07-22 22:26:14 +00:00
David Shaw
002f085c23 * options.h, main.h, export.c (parse_export_options, do_export_stream),
g10.c (main): add new --export-options option. Current flags are
"include-non-rfc", "include-local-sigs", "include-attributes", and
"include-sensitive-revkeys".

* options.h, hkp.c (hkp_export), keyserver.c (parse_keyserver_options,
keyserver_spawn): try passing unknown keyserver options to export options,
and if successful, use them when doing a keyserver --send-key.

* build-packet.c (build_sig_subpkt): We do not generate
SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
2002-07-22 19:07:21 +00:00
David Shaw
b65aced7b2 * revoke.c (gen_desig_revoke): Lots more comments about including
sensitive revkeys along with the revocation sig itself.

* keyserver.c (parse_keyserver_options): Simpler implementation that can
skip one pass over the options.
2002-07-22 17:52:02 +00:00
David Shaw
fc8d9e4741 * keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying "sensitive"
as an argument to an addrevoker command.  This sets the 0x40 sensitive
revoker flag.

* revoke.c (gen_desig_revoke): When generating a designated revocation,
include the direct key sig that contains the designated revoker subpacket.
This allows sensitive designated revocation subpackets to be exported.
Also indicate which revokers are sensitive in the first place.
2002-07-19 05:08:54 +00:00
David Shaw
75ad30031f * keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in a
designated revoker means "sensitive", not "local".  It's exportable under
the right circumstances.

* main.h, options.h, export.c (do_export_stream), g10.c (main), hkp.c
(hkp_export), keyserver.c (keyserver_spawn: Add a flag to skip attribute
packets and their signatures while exporting.  This is to accomodate
keyservers (pksd again) that choke on attributes. Use keyserver-option
"include-attributes" to control it.  This defaults to ON (i.e. don't
skip).
2002-07-17 19:48:19 +00:00
David Shaw
9ffea0d67b * options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn,
keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search): Use a
much more strict reading of RFC-2396 for the keyserver URIs. Specifically,
don't try and be smart about checking the value of ":port" so long as it
is all digits, and properly handle opaque data (those scheme specific
parts that do not start with "//").
2002-07-09 19:40:18 +00:00
David Shaw
32b11e4501 * photoid.c (get_default_photo_command, show_photos): Honor
FIXED_PHOTO_VIEWER and DISABLE_PHOTO_VIEWER.

* mainproc.c (check_sig_and_print): Use --show-photos to show photos when
verifying a sig made by a key with a photo.

* keyserver.c (parse_keyserver_uri): Properly parse a URI with no :port
section and an empty file path, but with a terminating '/'.
(keyserver_work): Honor DISABLE_KEYSERVER_HELPERS.

* hkp.c (hkp_ask_import): Display keyserver URI as a URI, but only if
verbose.

* exec.c, g10.c: USE_EXEC_PATH -> FIXED_EXEC_PATH
2002-07-04 16:06:38 +00:00
David Shaw
bccb780228 * exec.h, exec.c (set_exec_path, exec_write), g10.c (main): If
USE_EXEC_PATH is defined at compile time, use it to lock the exec-path and
not allow the user to change it.
2002-07-03 04:01:21 +00:00