security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-12 23:01:14 +01:00
Code Activity

Commit Graph

  • 1943ed5d2c * protect-tool.c (show_file): New. Used as default action. Werner Koch 2002-04-09 18:34:38 +00:00
  • 2ad36cb4f2 * es.po: Fixed a c-format problem; for unknown reasons msgfmt -c can't cope with swapped arguments. Werner Koch 2002-04-09 18:11:18 +00:00
  • b65a7ec114 * de.po: Fuzzy fixes and a few new translations. Werner Koch 2002-04-09 17:49:48 +00:00
  • d930e5d7b7 * configure.ac (ALL_LINGUAS): Added Czech, Galician and Greek translations. s/es_ES/es/. Werner Koch 2002-04-09 17:47:17 +00:00
  • 9eaf67cb15 * configure.ac (ALL_LINGUAS): Added Czech translation. Werner Koch 2002-04-09 13:01:28 +00:00
  • 0aba8ef50a * cs.po: New. Werner Koch 2002-04-09 13:00:46 +00:00
  • eef0fc2892 * DETAILS: Fix a spelling error, correct IMPORTED_RES to IMPORT_RES, correct INV_RECP (the second occurence) to NO_RECP. Werner Koch 2002-04-09 11:38:20 +00:00
  • b725d8ec27 Merged in my changes, after disk crash. Fortunately the CVS was not affected - but everything else and it seems that there is no backup of the BTS data is available :-( Werner Koch 2002-04-08 15:10:51 +00:00
  • 6be3bee320 Fix auto-key-retrieve to actually work as a keyserver-option (noted by Roger Sondermann). David Shaw 2002-04-04 03:45:50 +00:00
  • 7e2e0b9950 Documentation fixes. David Shaw 2002-04-03 14:57:44 +00:00
  • 0f682ed3f7 Fix ownertrust display with --with-colons. David Shaw 2002-03-31 23:51:33 +00:00
  • 1ca0a0ac0b Some gnupg.spec.in changes for RPM builds: Added the gpgkeys_xxx keyserver helpers. Added a * to catch variations on the basic gpg man page (gpg, gpgv). Mark options.skel as a config file. Do not include the FAQ/faq.html twice (in /doc/ and /share/). David Shaw 2002-03-31 21:42:38 +00:00
  • 9fb6cae5e4 Quote and unquote backslashes from keyserver search responses. David Shaw 2002-03-29 16:58:07 +00:00
  • 47c8a325f5 If a delimiter is used, then quote the backslash character as well. Problem noted by Rainer Perske. David Shaw 2002-03-29 16:52:07 +00:00
  • d56fb26c55 Quote backslashes in keyserver search responses David Shaw 2002-03-29 16:26:33 +00:00
  • 81a4a2527c yet another test certificate NEWPG-0-3-4 Werner Koch 2002-03-28 17:25:28 +00:00
  • d5a95ff130 * certpath.c (gpgsm_walk_cert_chain): Be a bit more silent on common errors. Werner Koch 2002-03-28 17:21:54 +00:00
  • 5fe15dfeb5 Added some notes about the colon list mode in gpgsm Werner Koch 2002-03-28 16:37:39 +00:00
  • f63676f9ac * keylist.c (list_cert_colon): Fixed listing of crt record; the issuer is not at the right place. Print a chainingID. Werner Koch 2002-03-28 16:36:25 +00:00
  • 0e44b06cc8 * card.c (card_open, card_close): Adjusted for changes in OpenSC. Werner Koch 2002-03-28 11:43:24 +00:00
  • 90bc40a9f7 * divert-scd.c (encode_md_for_card): Don't do the pkcs-1 padding, the scdaemon should take care of it. (ask_for_card): Hack to not display the trailing zero. Werner Koch 2002-03-28 11:42:40 +00:00
  • 84dc3fee79 Add a few notes about --pgp2 meaning MIT PGP 2.6.2, and keyserver details about HKP and NAI HKP to the manual. David Shaw 2002-03-27 06:24:26 +00:00
  • ff8460f20d Minor tweak to importing to allow more non-signed uids (now that --allow-non-selfsigned-uid allows for completey unsigned uids). David Shaw 2002-03-24 04:54:58 +00:00
  • 208b08af79 * export.c: New. * gpgsm.c: Add command --export. * server.c (cmd_export): New. Werner Koch 2002-03-21 14:42:14 +00:00
  • d5a39044ef Add some comments David Shaw 2002-03-19 13:53:26 +00:00
  • 162dbff533 Change meaning of --allow-non-selfsigned-uid to match change in code, and add --no-allow-non-selfsigned-uid. David Shaw 2002-03-19 04:37:41 +00:00
  • 46ce06d9d9 Properly handle a "no keys found" case from the internal HKP code (external HKP is ok). Also, make a COUNT -1 (i.e. streamed) keyserver response a little more efficient. David Shaw 2002-03-19 04:35:45 +00:00
  • a59fcae1e7 Added missing file NEWPG-0-3-3 Werner Koch 2002-03-18 13:22:35 +00:00
  • 2e553c1777 More stuff for SCs - don't expect them to work. Werner Koch 2002-03-18 09:42:03 +00:00
  • c39b866d2a Doc fixes, moved some fizmes to TODO, fixed minor bugs. Werner Koch 2002-03-18 09:30:35 +00:00
  • b8858a3ef1 --openpgp implies --allow-non-selfsigned-uid David Shaw 2002-03-17 23:47:32 +00:00
  • 8cb9dd7a39 Show which user ID a bad self-sig (invald sig or unsupported public key algorithm) resides on. David Shaw 2002-03-13 20:20:14 +00:00
  • 22bc1b3a5e any valid self-sig should mark a user ID or subkey as valid - otherwise, an attacker could DoS the user by inventing a bogus invalid self-signature. David Shaw 2002-03-13 13:28:18 +00:00
  • c6736b6435 * decrypt.c (gpgsm_decrypt): Allow multiple recipients. Werner Koch 2002-03-13 10:19:50 +00:00
  • bcf95b1d25 * faq.raw: Due to a lack of time Nils can't serve anymore as a maintainer. Removed his address and setup a generic address. Werner Koch 2002-03-13 07:31:43 +00:00
  • 1f6d901db6 More error codes Werner Koch 2002-03-12 13:36:55 +00:00
  • 8337455483 * verify.c (gpgsm_verify): Detect certs-only message. Werner Koch 2002-03-12 13:36:29 +00:00
  • 6c1f79a654 Merged changes from zlib 1.1.4. Werner Koch 2002-03-12 09:34:29 +00:00
  • f8f52d8ffe Some minor fixes for revocation keys: print a warning if a key is imported that has been revoked by designated revoker, but the designated revoker is not present to verify the revocation (whew!). This applies to all ways to get a key into the system: --import --recv-keys, and --search-keys. If auto-key-retrieve is set, try and retrieve the revocation key. David Shaw 2002-03-07 19:44:57 +00:00
  • c1791a8d15 * server.c (cmd_listkeys, cmd_listsecretkeys): Divert to (do_listkeys): new. Add pattern parsing. * keylist.c (gpgsm_list_keys): Handle selection pattern. NEWPG-0-3-2 Werner Koch 2002-03-06 16:13:47 +00:00
  • 4e637f2285 sm/ * gpgsm.c: New command --learn-card * call-agent.c (learn_cb,gpgsm_agent_learn): New. * gpgsm.c (main): Print error messages for non-implemented commands. agent/ * learncard.c: New. * divert-scd.c (ask_for_card): The serial number is binary so convert it to hex here. * findkey.c (agent_write_private_key): New. * genkey.c (store_key): And use it here. scd/ * pkdecrypt.c (agent_pkdecrypt): Changed the way the diversion is done. * divert-scd.c (divert_pkdecrypt): Changed interface and implemented it. Werner Koch 2002-03-06 14:16:37 +00:00
  • 7a5d7787a0 * assuan-client.c (_assuan_read_from_server): Detect END. (assuan_transact): Pass it to the data callback. Werner Koch 2002-03-06 14:15:14 +00:00
  • c027e8610b * gpg.sgml: Add an entry for --export-ownertrust. Suggested by Bernhard Reiter. * configure.ac (ALL_LINGUAS): s/pt_PT/pt/ Werner Koch 2002-03-06 11:10:13 +00:00
  • 8332b7d1b1 * pt_PT.po: Removed. * pt.po: and replaced by this updated one. My machine voted 30 to 2 for just pt. So we go with the crowd. Thanks for Pedro Morais for suggesting this. Werner Koch 2002-03-06 11:09:41 +00:00
  • 303b4bd636 Decryption using a Cryptoflex card does now work. Werner Koch 2002-03-06 09:01:12 +00:00
  • 914e77c133 We got more error codes than actual code ;-) Werner Koch 2002-03-05 17:17:41 +00:00
  • 2b5dca457c Well and some stuff to access the SC will be helpful. Note, that the code requires the latest OpenSC CVS code. Werner Koch 2002-03-05 17:17:08 +00:00
  • d8538d80dd This file was missing. Werner Koch 2002-03-05 17:16:04 +00:00
  • 2fa73e781f Signing using a PKCS15 smartcard does work. How to create such a card is of course a different thing. Note, that you need to create the shadowed-private-key file manually. Werner Koch 2002-03-05 17:14:45 +00:00
  • c8454f792d * gpgsm.c, gpgsm.h: Add local_user. * sign.c (gpgsm_get_default_cert): New. (get_default_signer): Use the new function if local_user is not set otherwise used that value. * encrypt.c (get_default_recipient): Removed. (gpgsm_encrypt): Use gpgsm_get_default_cert. * verify.c (gpgsm_verify): Better error text for a bad signature found by comparing the hashs. Werner Koch 2002-03-05 15:56:46 +00:00
  • 9267666d78 Some minor bug fixes. David Shaw 2002-03-05 04:57:10 +00:00
  • bbf4faae1a Alwayus define _GNU_SOURCE. Since this is always defined in config.h, the various autoconf tests should be tested with it enabled. This also works around a compiler warning caused by a minor header bug in glibc 2.1 that causes fseeko to be defined when building gpg, but not when tested for in configure David Shaw 2002-03-05 04:48:29 +00:00
  • dfda938ee9 Minor fixes; about to release 0.3.1 NEWPG-0-3-1 Werner Koch 2002-03-04 10:35:34 +00:00
  • 9301f1cf69 * pksign.c (agent_pksign): Detect whether a Smartcard is to be used and divert the operation in this case. * pkdecrypt.c (agent_pkdecrypt): Likewise * findkey.c (agent_key_from_file): Add optional arg shadow_info and have it return information about a shadowed key. * protect.c (agent_get_shadow_info): New. * protect.c (snext,sskip,smatch): Moved to * sexp-parse.h: new file. * divert-scd.c: New. Werner Koch 2002-03-04 10:34:51 +00:00
  • f8efc7c4ef Added more code fragments. Werner Koch 2002-03-04 10:34:09 +00:00
  • 975e934a4c variable type tweak for RISC OS (from Stefan) David Shaw 2002-03-04 03:18:07 +00:00
  • c4ce7ce3e8 bumped version number Werner Koch 2002-03-03 15:04:50 +00:00
  • 1bc0c20edd *** empty log message *** SNAP-1-0-6d Werner Koch 2002-03-03 15:01:05 +00:00
  • 6669a3f09a released 1.0.6d Werner Koch 2002-03-03 14:59:43 +00:00
  • 6587b15a59 Solved conflict Werner Koch 2002-03-03 14:08:39 +00:00
  • fbc66185f8 This is the first half of revocation key / designated revoker support. That is, it handles all the data to mark a key as revoked if it has been revoked by a designated revoker. The second half (coming later) will contain the code to make someones key your designated revoker and to issue revocations for someone else. David Shaw 2002-02-28 21:01:25 +00:00
  • 6be293e24b * http.c (write_server): Convert integer to a HANDLE for W32. Timo Schulz 2002-02-28 19:28:27 +00:00
  • 56341c289c Changes needed to support smartcards. Well, only _support_. There is no real code yet. Werner Koch 2002-02-28 11:07:59 +00:00
  • f8c8ca26d4 * assuan-client.c (assuan_transact): Add 2 more arguments to support status lines. Passing NULL yields the old behaviour. * assuan-handler.c (process_request): Flush data lines send without using the data fp. Werner Koch 2002-02-28 11:05:57 +00:00
  • 20dda47d6c Do not include v3 keys in a --export-secret-subkeys export. David Shaw 2002-02-28 04:34:01 +00:00
  • 8ed6d59a6c If a key isn't valid (say, because of no self-signature), allow --always-trust to force it valid so it can be trusted. David Shaw 2002-02-27 14:27:18 +00:00
  • 6deb95687d Treat key lists internally as fingerprints when possible. All this is via KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the helper program to search the keyserver by fingerprint if desired (and the keyserver supports it). Note that automatic fingerprint promotion during refresh only applies to v4 keys as a v4 fingerprint can be easily changed into a long or short key id, and a v3 cannot. David Shaw 2002-02-26 01:00:12 +00:00
  • 3720c5b008 LDAP keyservers do not support v3 fingerprints, so error out if someone tries. Actually, they don't support any fingerprints, but at least we can calculate a keyid from a v4 fingerprint. David Shaw 2002-02-26 00:55:19 +00:00
  • 04f49d973b * server.c (option_handler): Allow to use -2 for "send all certs except the root cert". * sign.c (add_certificate_list): Implement it here. * certpath.c (gpgsm_is_root_cert): New. Werner Koch 2002-02-25 18:18:40 +00:00
  • 2a2d713359 * keybox-search.c (blob_cmp_mail): Use case-insensitive compare because mail addresses are in general case insensitive (well RFC2822 allows for case sensitive mailbox parts, but this is in general considired a Bad Thing). Add additional substr parameter to allow for substring matches within the mail address. Change all callers to pass this along. (blob_cmp_name): Likewise but do the case-insensitive search only in sub string mode. (keybox_search): Implement MAILSUB and SUBSTR mode. Werner Koch 2002-02-25 18:18:18 +00:00
  • 070f1cba5d Clarify the notion of a partial failure. This is possible if more than one key is being handled in a batch, and one fails while the other succeeds. Note that a search that comes up with no results is not a failure - that is a valid response of "no answer". David Shaw 2002-02-23 15:42:15 +00:00
  • 393ba4f8a7 Detect a "no keys found" case even if the keyserver helper program does not explicitly say how many keys were found. David Shaw 2002-02-22 03:11:15 +00:00
  • 8ac8b1525e Catch corruption in HKP index lines (can be caused by broken or malicious keyservers). David Shaw 2002-02-19 23:10:32 +00:00
  • 488243f56e * certpath.c (check_cert_policy): New. (gpgsm_validate_path): And call it from here. * gpgsm.c (main): New options --policy-file, --disable-policy-checks and --enable-policy-checks. * gpgsm.h (opt): Added policy_file, no_policy_checks. Werner Koch 2002-02-19 17:39:05 +00:00
  • 2585114325 * findkey.c (unprotect): Show an error message for a bad passphrase. Werner Koch 2002-02-18 22:39:26 +00:00
  • 5dac4711f9 * certpath.c (gpgsm_validate_path): Ask the agent to add the certificate into the trusted list. * call-agent.c (gpgsm_agent_marktrusted): New. Werner Koch 2002-02-18 20:47:29 +00:00
  • 49b3340e0f Some experimental code - don't use it. Werner Koch 2002-02-18 20:47:17 +00:00
  • 1df38417a3 More error codes Werner Koch 2002-02-18 20:46:09 +00:00
  • a46e786221 A bunch of new features. Allow empty responses on an inquiry. Werner Koch 2002-02-18 20:45:52 +00:00
  • 822e682c50 * command.c (cmd_marktrusted): Implemented. * trustlist.c (agent_marktrusted): New. (open_list): Add APPEND arg. Werner Koch 2002-02-18 20:44:48 +00:00
  • 3d8e692e2a Fix compiler warning. David Shaw 2002-02-14 22:52:30 +00:00
  • c5f838a968 Be much more robust with mangled input files. David Shaw 2002-02-14 19:33:47 +00:00
  • 3034b6752e doc fixes Werner Koch 2002-02-14 11:51:34 +00:00
  • 69688eab52 * pkclist.c (check_signatures_trust): Always print the warning for unknown and undefined trust. Removed the did_add cruft. Reported by Janusz A. Urbanowicz. * g10.c: New option --no-use-agent. Hmmm, is this a a good name? --do-not-use-agent seems a bit to long. Werner Koch 2002-02-14 11:51:00 +00:00
  • 05705bcb1c * random.c (mix_pool): Removed the failsafe stuff again. It makes the code more complicate and may give the path to more bugs. Werner Koch 2002-02-14 11:47:32 +00:00
  • 85d9e2e212 * fopencookie.c: Dummy function. Werner Koch 2002-02-12 20:42:25 +00:00
  • ebb00fa843 * assuan-buffer.c (writen,readline) [USE_GNU_PT]: Use pth_read/write. * assuan-socket-server.c (accept_connection) [USE_GNU_PTH]: Ditto. Werner Koch 2002-02-12 20:41:34 +00:00
  • dca36f6252 Bug fix - properly handle user IDs with colons (":") in them while HKP searching. David Shaw 2002-02-12 04:38:58 +00:00
  • 35aec9eee2 * random.c (add_randomness): Xor new data into the pool and not just copy it. This avoids any choosen input attacks which are not serious in our setting because an outsider won't be able to mix data in and even then we keep going with a PRNG. Thanks to Stefan Keller for pointing this out. * random.c (mix_pool): Carry an extra failsafe_digest buffer around to make the function more robust. Werner Koch 2002-02-10 21:34:27 +00:00
  • 22f32c9472 For --sig-policy-url and --cert-policy-url, clarify what is a sig and what is a cert. A sig has sigclass 0x00, 0x01, 0x02, or 0x40, and everything else is a cert. David Shaw 2002-02-10 00:18:54 +00:00
  • eeb5cdb962 Set version numbers add a comment NEWPG-0-3-0 Werner Koch 2002-02-07 20:41:00 +00:00
  • 2a28f5d0ae * certlist.c (gpgsm_add_to_certlist): Check that the specified name identifies a certificate unambiguously. (gpgsm_find_cert): Ditto. * server.c (cmd_listkeys): Check that the data stream is available. (cmd_listsecretkeys): Ditto. (has_option): New. (cmd_sign): Fix ambiguousity in option recognition. * gpgsm.c (main): Enable --logger-fd. * encrypt.c (gpgsm_encrypt): Increased buffer size for better performance. * call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from the agent. * keylist.c (list_cert_colon): Filter out control characters. Werner Koch 2002-02-07 18:43:22 +00:00
  • 6aa7267865 * decrypt.c (gpgsm_decrypt): Bail out after an decryption error. Werner Koch 2002-02-06 14:52:03 +00:00
  • 0c4c0f2ecc * cache.c (housekeeping): Fixed linking in the remove case. Werner Koch 2002-02-06 14:51:35 +00:00
  • 9057172a92 Allow policy URLs with %-expandos in them. This allows policy URLs like "http://notary.jabberwocky.com/keysign/%K" to create a per-signature policy URL. Use the new generic %-handler for the photo ID stuff as well. David Shaw 2002-02-05 00:04:24 +00:00
  • 02fe4b0185 Workaround for the pksd and OKS keyserver bug that calculates v4 RSA keyids as if they were v3. The workaround/hack is to fetch both the v4 (e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids. This only happens for key refresh while using the HKP scheme and the refresh-add-fake-v3-keyids keyserver option must be set. This should stay off by default. David Shaw 2002-02-04 21:49:08 +00:00
  • 346b795eb9 Bug fix - do not append keys to each other when --sending more than one. David Shaw 2002-02-04 05:19:24 +00:00
  • 0c3e409fa3 Split "--set-policy-url" into "--cert-policy-url" and "--sig-policy-url" so the user can set different policies for key and data signing. For backwards compatibility, "--set-policy-url" sets both, as before. David Shaw 2002-02-03 14:42:56 +00:00
  • a3839b57b6 2002-02-01 Marcus Brinkmann <marcus@g10code.de> Marcus Brinkmann 2002-02-01 19:50:01 +00:00
  • a34a03def9 2002-02-01 Marcus Brinkmann <marcus@g10code.de> Marcus Brinkmann 2002-02-01 18:08:32 +00:00