gnupg.git
13 years ago* ksutil.c (init_ks_options): Default include-revoked and include-subkeys
David Shaw [Thu, 23 Feb 2006 21:06:32 +0000 (21:06 +0000)]
* ksutil.c (init_ks_options): Default include-revoked and include-subkeys
to on, as gpg isn't doing this any longer.

13 years ago* keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
David Shaw [Thu, 23 Feb 2006 20:54:30 +0000 (20:54 +0000)]
* keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
options to the list, as ordering may be significant to the user.

13 years ago* gpg.c (add_notation_data): Fix reversed logic for isascii check when
David Shaw [Thu, 23 Feb 2006 19:52:20 +0000 (19:52 +0000)]
* gpg.c (add_notation_data): Fix reversed logic for isascii check when
adding notations.  Noted by Christian Biere.

13 years ago* options.h, keyserver.c (add_canonical_option): New.
David Shaw [Thu, 23 Feb 2006 17:00:02 +0000 (17:00 +0000)]
* options.h, keyserver.c (add_canonical_option): New.
(parse_keyserver_options): Moved from here. (parse_keyserver_uri): Use it
here so each keyserver can have some private options in addition to the
main keyserver-options (e.g. per-keyserver auth).

13 years ago* options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
David Shaw [Wed, 22 Feb 2006 23:37:23 +0000 (23:37 +0000)]
* options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
getkey.c (free_akl, parse_auto_key_locate, get_pubkey_byname): The obvious
next step: allow arbitrary keyservers in the auto-key-locate list.

13 years ago* gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on
David Shaw [Wed, 22 Feb 2006 23:19:36 +0000 (23:19 +0000)]
* gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on
odd matches.

13 years ago* options.h, keyserver.c (parse_keyserver_options): Remove
David Shaw [Wed, 22 Feb 2006 20:34:48 +0000 (20:34 +0000)]
* options.h, keyserver.c (parse_keyserver_options): Remove
auto-cert-retrieve as it is no longer meaningful.  Add max-cert-size to
allow users to pick a max key size retrieved via CERT.

13 years ago* options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
David Shaw [Wed, 22 Feb 2006 20:20:58 +0000 (20:20 +0000)]
* options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
(keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be
consistent with honor-keyserver-url.

13 years ago* options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):
David Shaw [Wed, 22 Feb 2006 19:06:23 +0000 (19:06 +0000)]
* options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):
Parse a list of key access methods. (get_pubkey_byname): Walk the list
here to try and retrieve keys we don't have locally.

13 years ago* gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allow
David Shaw [Wed, 22 Feb 2006 04:19:21 +0000 (04:19 +0000)]
* gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allow
duplicate attributes as OpenLDAP is now enforcing this.

13 years ago* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
David Shaw [Wed, 22 Feb 2006 03:49:49 +0000 (03:49 +0000)]
* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
credentials to a remote LDAP server.

13 years ago* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
David Shaw [Wed, 22 Feb 2006 02:11:35 +0000 (02:11 +0000)]
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
curl_easy_perform): Mingw has 'stderr' as a macro?

13 years ago* getkey.c (get_pubkey_byname): Fix minor security problem with PKA when
David Shaw [Tue, 21 Feb 2006 22:23:35 +0000 (22:23 +0000)]
* getkey.c (get_pubkey_byname): Fix minor security problem with PKA when
importing at -r time.  The URL in the PKA record may point to a key put in
by an attacker.  Fix is to use the fingerprint from the PKA record as the
recipient.  This ensures that the PKA record is followed.

* keyserver-internal.h, keyserver.c (keyserver_import_pka): Return the
fingerprint we requested.

13 years ago* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
David Shaw [Tue, 21 Feb 2006 16:16:09 +0000 (16:16 +0000)]
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for easier
debugging.

13 years ago* gpgv.c: Stub keyserver_import_ldap.
David Shaw [Tue, 21 Feb 2006 16:09:09 +0000 (16:09 +0000)]
* gpgv.c: Stub keyserver_import_ldap.

* keyserver-internal.h, keyserver.c (keyserver_import_ldap): Import using
the PGP Universal trick of asking ldap://keys.(maildomain) for the key.

13 years ago* keyserver.c (parse_keyserver_uri): Include the scheme in the uri
David Shaw [Tue, 21 Feb 2006 05:20:08 +0000 (05:20 +0000)]
* keyserver.c (parse_keyserver_uri): Include the scheme in the uri
even when we've assumed "hkp" when there was no scheme.

13 years ago* http.c (send_request): A zero length proxy is the same as no proxy.
David Shaw [Sun, 19 Feb 2006 21:03:01 +0000 (21:03 +0000)]
* http.c (send_request): A zero length proxy is the same as no proxy.

13 years ago* configure.ac: Try linking the UINT64_C test program (rather than
David Shaw [Sun, 19 Feb 2006 02:08:43 +0000 (02:08 +0000)]
* configure.ac: Try linking the UINT64_C test program (rather than
just compiling it) as UINT64_C looks like a (missing) function,
causing a false positive.  Noted by Claus Assmann.

13 years agoabout to release 1.4.3rc1 gnupg-1.4.3rc1
Werner Koch [Tue, 14 Feb 2006 16:28:34 +0000 (16:28 +0000)]
about to release 1.4.3rc1

13 years agoFixed a wrong return code with gpg --verify
Werner Koch [Tue, 14 Feb 2006 10:17:57 +0000 (10:17 +0000)]
Fixed a wrong return code with gpg --verify

13 years agoLock random seed file
Werner Koch [Thu, 9 Feb 2006 12:54:41 +0000 (12:54 +0000)]
Lock random seed file

13 years agoFixed a couple of problems
Werner Koch [Wed, 8 Feb 2006 17:55:20 +0000 (17:55 +0000)]
Fixed a couple of problems

13 years agoAdd support fro CardMan 4040
Werner Koch [Mon, 6 Feb 2006 16:34:20 +0000 (16:34 +0000)]
Add support fro CardMan 4040

13 years ago* cert.c (get_cert): Disable IPGP types for now until the format questions
David Shaw [Thu, 26 Jan 2006 16:51:04 +0000 (16:51 +0000)]
* cert.c (get_cert): Disable IPGP types for now until the format questions
in the draft are settled.

* srv.c (getsrv): Error on oversize SRV responses.

13 years ago* keyserver.c (parse_keyserver_uri): If there is a path present, set the
David Shaw [Tue, 24 Jan 2006 21:03:06 +0000 (21:03 +0000)]
* keyserver.c (parse_keyserver_uri): If there is a path present, set the
direct_uri flag so the right keyserver helper is run.

13 years ago* keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
David Shaw [Sun, 22 Jan 2006 21:40:20 +0000 (21:40 +0000)]
* keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
keyserver helpers on systems that use extensions.

* misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing with
drive letter systems.

13 years ago* configure.ac: Add define for EXEEXT so we can find keyserver helpers
David Shaw [Sun, 22 Jan 2006 21:38:02 +0000 (21:38 +0000)]
* configure.ac: Add define for EXEEXT so we can find keyserver helpers
on systems that use extensions.

13 years ago* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
David Shaw [Tue, 17 Jan 2006 20:55:53 +0000 (20:55 +0000)]
* keydb.h, passphrase.c (next_to_last_passphrase): New.  "Touch" a
passphrase as if it was used (move from next_pw to last_pw).

* pubkey-enc.c (get_session_key): Use it here to handle the case where a
passphrase happens to be correct for a secret key, but yet that key isn't
the anonymous recipient (i.e. the secret key could be decrypted, but not
the session key).  This also handles the case where a secret key is
located on a card and a secret key with no passphrase.  Note this does not
fix bug 594 (anonymous recipients on smartcard do not work) - it just
prevents the anonymous search from stopping when the card is encountered.

13 years ago* libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.
David Shaw [Tue, 17 Jan 2006 16:03:51 +0000 (16:03 +0000)]
* libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.

13 years ago* libcurl.m4: Remove GOPHER, as that is not supported in libcurl any
David Shaw [Mon, 16 Jan 2006 20:22:58 +0000 (20:22 +0000)]
* libcurl.m4: Remove GOPHER, as that is not supported in libcurl any
longer.

13 years ago* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
David Shaw [Mon, 16 Jan 2006 17:59:46 +0000 (17:59 +0000)]
* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
uploading a key.

13 years ago* keyserver.c (keyserver_refresh): Fix problem when more than one key
David Shaw [Sat, 7 Jan 2006 21:04:13 +0000 (21:04 +0000)]
* keyserver.c (keyserver_refresh): Fix problem when more than one key
in a refresh batch has a preferred keyserver set.  Noted by Nicolas
Rachinsky.

13 years ago* mainproc.c (check_sig_and_print), keyserver.c
David Shaw [Sun, 1 Jan 2006 18:12:57 +0000 (18:12 +0000)]
* mainproc.c (check_sig_and_print), keyserver.c
(keyserver_import_pka), card-util.c (fetch_url): Always require a
scheme:// for keyserver URLs except when used as part of the
--keyserver command for backwards compatibility.

13 years ago* sign.c (write_signature_packets): Lost a digest_algo line.
David Shaw [Sun, 1 Jan 2006 17:59:57 +0000 (17:59 +0000)]
* sign.c (write_signature_packets): Lost a digest_algo line.

13 years ago* sign.c (hash_for): Add code to detect if the sk lives on a smart
David Shaw [Sun, 1 Jan 2006 17:48:54 +0000 (17:48 +0000)]
* sign.c (hash_for): Add code to detect if the sk lives on a smart
card.  If it does, only allow 160-bit hashes, a la DSA.  This involves
passing the *sk in, so change all callers.  This is correct for today,
given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160
support in the openpgp card.  It will almost certainly need changing
down the road.

* app-openpgp.c (do_sign): Give user error if hash algorithm is not
supported by the card.

13 years ago* cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.
David Shaw [Sat, 24 Dec 2005 15:35:39 +0000 (15:35 +0000)]
* cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.

13 years ago* keyserver.c (keyserver_import_pka): New. Moved from
David Shaw [Fri, 23 Dec 2005 22:17:11 +0000 (22:17 +0000)]
* keyserver.c (keyserver_import_pka): New.  Moved from
getkey.c:get_pubkey_byname which was getting crowded.

* keyserver.c (keyserver_import_cert): Import a key found in DNS via CERT
records.  Can handle both the PGP (actual key) and IPGP (URL) CERT types.

* getkey.c (get_pubkey_byname): Call them both here.

* options.h, keyserver.c (parse_keyserver_options): Add
"auto-cert-retrieve" option with optional max size argument.

13 years ago* gpgv.c: Stub.
David Shaw [Fri, 23 Dec 2005 21:33:32 +0000 (21:33 +0000)]
* gpgv.c: Stub.

* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keygerver_getname): New keyserver_getname function to fetch keys by name.

* getkey.c (get_pubkey_byname): Call it here to enable locating keys by
full mailbox from a keyserver a la PKA.  Try PKA first, though, as it is
likely to be faster.

13 years ago* ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
David Shaw [Fri, 23 Dec 2005 20:51:48 +0000 (20:51 +0000)]
* ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".

* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): Use it
here to do direct name (rather than key ID) fetches.

13 years agoNew code to do DNS CERT queries.
David Shaw [Fri, 23 Dec 2005 18:15:24 +0000 (18:15 +0000)]
New code to do DNS CERT queries.

13 years ago* srv.c, Makefile.am: Only build srv.c if we need to.
David Shaw [Fri, 23 Dec 2005 05:00:55 +0000 (05:00 +0000)]
* srv.c, Makefile.am: Only build srv.c if we need to.

13 years ago* configure.ac: Split PKA checking off from DNS SRV checking.
David Shaw [Fri, 23 Dec 2005 04:58:25 +0000 (04:58 +0000)]
* configure.ac: Split PKA checking off from DNS SRV checking.
Currently PKA is only enabled if HTTP or HKP is enabled which is not
necessary.

13 years agoFinished PKA feature
Werner Koch [Tue, 20 Dec 2005 20:19:16 +0000 (20:19 +0000)]
Finished PKA feature

13 years ago* getkey.c (merge_selfsigs_main): All primary keys can certify.
David Shaw [Mon, 19 Dec 2005 22:10:20 +0000 (22:10 +0000)]
* getkey.c (merge_selfsigs_main): All primary keys can certify.

13 years ago* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
David Shaw [Mon, 19 Dec 2005 19:39:32 +0000 (19:39 +0000)]
* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
curl_writer_finalize): New functionality to handle binary format keys by
armoring them for input to GPG.

* gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here.

13 years ago* gpg.c (main): Restore convert-sk-to-pk as programs rely on it.
David Shaw [Mon, 19 Dec 2005 01:51:31 +0000 (01:51 +0000)]
* gpg.c (main): Restore convert-sk-to-pk as programs rely on it.

* keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT flag.
It's no longer needed.

13 years ago* gpg.c (main): Don't default to import-options convert-sk-to-pk. It
David Shaw [Wed, 14 Dec 2005 14:52:04 +0000 (14:52 +0000)]
* gpg.c (main): Don't default to import-options convert-sk-to-pk.  It
causes confusing warning messages when importing a PGP-exported key
that contains a secret key without selfsigs followed by the public
key.

13 years ago* ttyio.c (tty_enable_completion, tty_disable_completion): Add checks
David Shaw [Mon, 12 Dec 2005 03:56:01 +0000 (03:56 +0000)]
* ttyio.c (tty_enable_completion, tty_disable_completion): Add checks
for no_terminal so we don't try to open("/dev/tty") when invoked with
--no-tty.

13 years ago* NEWS: Note --fetch-keys.
David Shaw [Thu, 8 Dec 2005 23:35:47 +0000 (23:35 +0000)]
* NEWS: Note --fetch-keys.

13 years ago* gpg.sgml: Document --fetch-keys.
David Shaw [Thu, 8 Dec 2005 19:39:59 +0000 (19:39 +0000)]
* gpg.sgml: Document --fetch-keys.

13 years ago* keyserver.c (keyserver_fetch): Switch on fast-import before we
David Shaw [Thu, 8 Dec 2005 15:37:26 +0000 (15:37 +0000)]
* keyserver.c (keyserver_fetch): Switch on fast-import before we
--fetch-keys so we don't rebuild the trustdb after each fetch.

13 years agoMade strings translatable. Minor fixes.
Werner Koch [Thu, 8 Dec 2005 07:42:41 +0000 (07:42 +0000)]
Made strings translatable. Minor fixes.

13 years ago* options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
David Shaw [Thu, 8 Dec 2005 05:52:41 +0000 (05:52 +0000)]
* options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
keyserver_fetch): Set a flag to indicate that we're doing a direct URI
fetch so we can differentiate between a keyserver operation and a URI
fetch for protocols like LDAP that can do either.

13 years ago* gpg.sgml: Document -d. Add [file] to a few options.
David Shaw [Thu, 8 Dec 2005 05:29:35 +0000 (05:29 +0000)]
* gpg.sgml: Document -d.  Add [file] to a few options.

13 years ago* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language
David Shaw [Wed, 7 Dec 2005 23:00:30 +0000 (23:00 +0000)]
* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language
for the key-not-found error.

13 years ago* keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
David Shaw [Wed, 7 Dec 2005 22:34:11 +0000 (22:34 +0000)]
* keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
when fetching a URI.

* keyserver-internal.h, keyserver.c (keyserver_fetch): New.  Fetch an
arbitrary URI using the keyserver helpers.

* gpg.c (main): Call it from here for --fetch-keys.

13 years ago* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.
David Shaw [Wed, 7 Dec 2005 22:25:58 +0000 (22:25 +0000)]
* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.

* gpgkeys_curl.c (get_key): Give key-not-found error if no data is found
(or file itself is not found) during a fetch.

13 years agoMissed file.
David Shaw [Tue, 6 Dec 2005 21:10:34 +0000 (21:10 +0000)]
Missed file.

13 years agoSome cleanup so we don't build files that are completely ifdeffed out.
David Shaw [Tue, 6 Dec 2005 20:54:05 +0000 (20:54 +0000)]
Some cleanup so we don't build files that are completely ifdeffed out.
This causes a warning on Sun's cc.  Do the internal regex code as well for
consistency.

13 years ago* idea-stub.c (load_module): Not legal to return a void * as a function
David Shaw [Tue, 6 Dec 2005 20:27:43 +0000 (20:27 +0000)]
* idea-stub.c (load_module): Not legal to return a void * as a function
pointer.

13 years ago* curl-shim.c (curl_easy_perform): Fix build warning (code before
David Shaw [Tue, 6 Dec 2005 18:49:34 +0000 (18:49 +0000)]
* curl-shim.c (curl_easy_perform): Fix build warning (code before
declaration).

13 years ago* mkdtemp.c (mkdtemp): Fix warning.
David Shaw [Tue, 6 Dec 2005 18:24:57 +0000 (18:24 +0000)]
* mkdtemp.c (mkdtemp): Fix warning.

* secmem.c, assuan-buffer.c, dotlock.c: Fix a few warnings from printf-ing
%p where the arg wasn't void *.

13 years ago* Makefile.am: Some cleanup so we don't build files that are completely
David Shaw [Tue, 6 Dec 2005 17:13:44 +0000 (17:13 +0000)]
* Makefile.am: Some cleanup so we don't build files that are completely
ifdeffed out.  This causes a warning on Sun's cc.  Do sha512.c as well for
consistency.

13 years ago* main.h, keylist.c (print_revokers): New. Print the "rvk" designated
David Shaw [Sun, 20 Nov 2005 15:02:03 +0000 (15:02 +0000)]
* main.h, keylist.c (print_revokers): New.  Print the "rvk" designated
revoker record.  Moved from keyedit.c:show_key_with_all_names_colon.

* keylist.c (list_keyblock_colon): Use it here ...

* keyedit.c (show_key_with_all_names_colon): ... and here.

13 years ago* free-packet.c (copy_secret_key): Copy secret key into secure memory
David Shaw [Sat, 19 Nov 2005 05:55:45 +0000 (05:55 +0000)]
* free-packet.c (copy_secret_key): Copy secret key into secure memory
since we may unprotect it.

* main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local user
support so users can use -u with --desig-revoke.  This bypasses the
interactive walk over the revocation keys.

13 years ago* gpg.sgml: Clarify "xxxxx-clean" and "clean". Document
David Shaw [Fri, 18 Nov 2005 04:50:15 +0000 (04:50 +0000)]
* gpg.sgml: Clarify "xxxxx-clean" and "clean".  Document
"xxxxx-minimal", and "minimize".

13 years ago* NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal
David Shaw [Fri, 18 Nov 2005 04:37:30 +0000 (04:37 +0000)]
* NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal
options.

13 years ago* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just
David Shaw [Fri, 18 Nov 2005 04:25:07 +0000 (04:25 +0000)]
* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just
"clean", and add "minimize".

* import.c (parse_import_options): Make help text match the export
versions of the options.

* options.h, export.c (parse_export_options, do_export_stream): Reduce
clean options to two: clean and minimize.

* trustdb.h, trustdb.c (clean_one_uid): New function that joins uid
and sig cleaning into one for a simple API outside trustdb.

13 years ago* armor.c (parse_header_line): A fussy bit of 2440: header lines are
David Shaw [Sun, 13 Nov 2005 21:48:52 +0000 (21:48 +0000)]
* armor.c (parse_header_line): A fussy bit of 2440: header lines are
delimited with a colon-space pair.  Therefore a line such as "Comment:
" is actually legal, albeit not particularly useful.

13 years ago* trustdb.h, trustdb.c (clean_key): New function to handle key
David Shaw [Sat, 12 Nov 2005 04:53:03 +0000 (04:53 +0000)]
* trustdb.h, trustdb.c (clean_key): New function to handle key
cleaning from one convenient place.

* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Reduce clean options to two: clean and minimize.

* parse-packet.c (setup_user_id): Remove.  (parse_user_id,
parse_attribute): Just use xmalloc_clear instead.

13 years ago* trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly
David Shaw [Sat, 12 Nov 2005 03:48:02 +0000 (03:48 +0000)]
* trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly
simpler implementation.

13 years ago* keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize"
David Shaw [Thu, 10 Nov 2005 23:25:20 +0000 (23:25 +0000)]
* keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize"
command.

13 years ago* packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c
David Shaw [Thu, 10 Nov 2005 23:16:34 +0000 (23:16 +0000)]
* packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c
(clean_uids_from_key): Fix display bug where sigs cleaned for other
reasons caused a uid to appear as if it had been compacted.

13 years ago* packet.h: Move some flags to a bitfield. Change all callers.
David Shaw [Thu, 10 Nov 2005 22:50:46 +0000 (22:50 +0000)]
* packet.h: Move some flags to a bitfield.  Change all callers.

13 years ago* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
David Shaw [Thu, 10 Nov 2005 21:30:27 +0000 (21:30 +0000)]
* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Add import-minimal option. Similar to export-minimal, except
it works on the way in.

13 years ago* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
David Shaw [Thu, 10 Nov 2005 21:18:49 +0000 (21:18 +0000)]
* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
non-selfsigs from key during cleaning.  Change all callers.

* export.c (do_export_stream): Use it here so we don't need additional
minimize code in the export path.

13 years ago* options.skel: Add a section for --encrypt-to. This is Debian bug
David Shaw [Sun, 6 Nov 2005 15:45:00 +0000 (15:45 +0000)]
* options.skel: Add a section for --encrypt-to.  This is Debian bug
336211 by Javier Fernández-Sanguino Peña.

13 years ago* Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. Strictly
David Shaw [Sun, 6 Nov 2005 04:32:54 +0000 (04:32 +0000)]
* Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS.  Strictly
speaking this should be only in gpg_CPPFLAGS, but then we have to
compile everything twice for gpg and gpgv.

* apdu.c (open_pcsc_reader): Fix double free.

* gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X
location.  Suggested by Patty A. Hardy.

13 years ago* libusb.m4: Check for libusb-config and if we find it, use --libs and
David Shaw [Sun, 6 Nov 2005 04:25:52 +0000 (04:25 +0000)]
* libusb.m4: Check for libusb-config and if we find it, use --libs and
--cflags.  This is needed for OS X since libusb brings in dependencies
to various Apple libraries.

13 years agoFix various build warnings reported by Joe Vender on MinGW.
David Shaw [Thu, 3 Nov 2005 04:46:20 +0000 (04:46 +0000)]
Fix various build warnings reported by Joe Vender on MinGW.

13 years ago* gpg.sgml: Clarify what is and isn't included in a "clean sigs".
David Shaw [Wed, 2 Nov 2005 16:53:40 +0000 (16:53 +0000)]
* gpg.sgml: Clarify what is and isn't included in a "clean sigs".

13 years ago* trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in
David Shaw [Wed, 2 Nov 2005 16:47:02 +0000 (16:47 +0000)]
* trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in
the sigs that are cleaned.  Suggested by Dirk Traulsen and many others.

13 years ago* import.c (import_one): Do collapse_uids() before we do any cleaning
David Shaw [Wed, 2 Nov 2005 05:22:01 +0000 (05:22 +0000)]
* import.c (import_one): Do collapse_uids() before we do any cleaning
so keyserver mangled keys with doubled user IDs can be properly
cleaned - possibly sigs on the different user IDs cancel each other
out.

* import.c (parse_import_options), export.c (parse_export_options):
List "xxx-clean" before the longer options so we don't end up with a
partial match on the longer options.

* trustdb.c (clean_uids_from_key): Return proper number of cleaned
user IDs.  Don't count user IDs as cleaned unless we actually delete
something.

13 years ago* gpg.sgml: Document backsign, --require-backsigs, and
David Shaw [Thu, 27 Oct 2005 19:18:05 +0000 (19:18 +0000)]
* gpg.sgml: Document backsign, --require-backsigs, and
--no-require-backsigs.

* DETAILS: Clarify Key-Usage.

13 years ago* keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
David Shaw [Thu, 27 Oct 2005 16:23:59 +0000 (16:23 +0000)]
* keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
adding a cert-only designated revoker.  Code was looking for a key with
sign ability, and not cert ability.  Noted by Timo Schulz.

13 years agocygwin fixes
Werner Koch [Thu, 27 Oct 2005 09:14:27 +0000 (09:14 +0000)]
cygwin fixes

13 years ago* keygen.c (proc_parameter_file): Default key and subkey usage flags to
David Shaw [Wed, 26 Oct 2005 16:09:23 +0000 (16:09 +0000)]
* keygen.c (proc_parameter_file): Default key and subkey usage flags to
algo capabilities if parameter file doesn't specify them. Noted by Timo
Schulz.

13 years ago* readline.m4: Check for rl_completion_func_t and rl_completion_matches.
David Shaw [Fri, 21 Oct 2005 15:03:18 +0000 (15:03 +0000)]
* readline.m4: Check for rl_completion_func_t and rl_completion_matches.

13 years agoFixed minor card related bugs and enhanced status messages
Werner Koch [Tue, 18 Oct 2005 17:41:20 +0000 (17:41 +0000)]
Fixed minor card related bugs and enhanced status messages

13 years agoexported subkeys are now merged into one output keyblock
Werner Koch [Mon, 17 Oct 2005 17:21:15 +0000 (17:21 +0000)]
exported subkeys are now merged into one output keyblock

13 years ago* NEWS: Clarify the cURL keyserver changes, and add a note about gpg-zip.
David Shaw [Fri, 14 Oct 2005 15:38:05 +0000 (15:38 +0000)]
* NEWS: Clarify the cURL keyserver changes, and add a note about gpg-zip.

* configure.ac: Remove the backsig configure options since this is all
done at runtime now.

13 years ago* keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
David Shaw [Fri, 14 Oct 2005 04:07:13 +0000 (04:07 +0000)]
* keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
add 0x19 backsigs to old keys that don't have them.

* misc.c (parse_options): Fix build warning.

* main.h, keygen.c (make_backsig): Make public.

13 years ago* options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
David Shaw [Wed, 12 Oct 2005 20:44:24 +0000 (20:44 +0000)]
* options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
(signature_check2): Add --require-backsigs and --no-require-backsigs.
Currently defaults to --no-require-backsigs.

13 years ago* getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
David Shaw [Tue, 11 Oct 2005 22:13:49 +0000 (22:13 +0000)]
* getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks.  All is well, so I'm turning generation of backsigs on for new
keys.  Checking for backsigs on verification is still off.

13 years agoYet another fix for the gpg.c rename
Werner Koch [Thu, 6 Oct 2005 10:38:23 +0000 (10:38 +0000)]
Yet another fix for the gpg.c rename

13 years agoFixes for the g10.c -> gpg.c renamed
Werner Koch [Wed, 5 Oct 2005 18:22:36 +0000 (18:22 +0000)]
Fixes for the g10.c -> gpg.c renamed

13 years agoRenamed g10.c to gpg.c
Werner Koch [Wed, 5 Oct 2005 16:58:50 +0000 (16:58 +0000)]
Renamed g10.c to gpg.c
Filelength fixes for W32.

13 years ago2005-10-02 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Mon, 3 Oct 2005 12:47:43 +0000 (12:47 +0000)]
2005-10-02  Marcus Brinkmann  <marcus@g10code.de>

* configure.ac [!$try_gettext]: Invoke AM_PO_SUBDIRS.

scripts/
2005-10-02  Marcus Brinkmann  <marcus@g10code.de>

* autogen.sh (DIE): Remove ugly hack for po dir suppression.

13 years ago* gpg.sgml: Note that --display-charset is just for display and
David Shaw [Thu, 22 Sep 2005 03:09:38 +0000 (03:09 +0000)]
* gpg.sgml: Note that --display-charset is just for display and
doesn't recode data.  Note that --search-keys can use the standard
search syntax now (<, =, *, @).  Document the @-address mode.

13 years ago* mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
Werner Koch [Tue, 20 Sep 2005 08:19:50 +0000 (08:19 +0000)]
* mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
prompt.