16 years ago* keyedit.c (show_key_with_all_names): Show names a little neater by
David Shaw [Wed, 24 Sep 2003 12:11:17 +0000 (12:11 +0000)]
* keyedit.c (show_key_with_all_names): Show names a little neater by
putting the [revoked] or [expired] in the space used for the [validity].
There is also no point in showing "[unknown] [revoked]".

16 years ago* sign.c (mk_notation_policy_etc): Capitalize "URL".
David Shaw [Wed, 24 Sep 2003 03:48:55 +0000 (03:48 +0000)]
* sign.c (mk_notation_policy_etc): Capitalize "URL".

* trustdb.c (validate_keys): Give a little more information while
rebuilding trustdb.

* pkclist.c (do_edit_ownertrust): Clarify "don't know".

* g10.c (main): Default to --no-mangle-dos-filenames.

16 years ago* keydb.h, keyring.c (keyring_search), trustdb.c (search_skipfnc): Expand
David Shaw [Tue, 23 Sep 2003 23:14:03 +0000 (23:14 +0000)]
* keydb.h, keyring.c (keyring_search), trustdb.c (search_skipfnc): Expand
the skipfnc to include a pointer to the user ID that matched.

* getkey.c (skip_disabled): Rename to skip_unusable, and add checks for
expired or revoked user IDs.

16 years ago* g10.c (main): Deprecate --default-comment in favor of --no-comments.
David Shaw [Tue, 23 Sep 2003 03:52:55 +0000 (03:52 +0000)]
* g10.c (main): Deprecate --default-comment in favor of --no-comments.

* options.h, g10.c (main), armor.c (armor_filter): Allow using --comment
multiple times to get multiple Comment: header lines. --no-comments resets

16 years ago2003-09-21 Timo Schulz <>
Timo Schulz [Sun, 21 Sep 2003 17:36:51 +0000 (17:36 +0000)]
2003-09-21  Timo Schulz  <>

        * http.c [WIN32]: Define MB_CUR_MAX.
        (connect_server): use unsigned long since W32 does not have in_addr_t.

16 years ago* g10.c (main): Trim --help to commonly used options. Remove -f.
David Shaw [Fri, 12 Sep 2003 03:29:00 +0000 (03:29 +0000)]
* g10.c (main): Trim --help to commonly used options.  Remove -f.

16 years ago* g10.c (main): Error out if --multifile is used with the commands that
David Shaw [Tue, 9 Sep 2003 00:25:53 +0000 (00:25 +0000)]
* g10.c (main): Error out if --multifile is used with the commands that
don't support it yet (--sign, --clearsign, --detach-sign, --symmetric, and

* g10.c (main): Add --multifile as an alias to turn --encrypt into
--encrypt-files (plus --verify-files, --decrypt-files).

* encode.c (use_mdc), g10.c (main): Use RFC1991 and RFC2440 directly to
check for MDC usability.  Do not set the force_mdc or disable_mdc flags
since there is no point any longer.

16 years agoMissed one.
David Shaw [Thu, 4 Sep 2003 12:43:45 +0000 (12:43 +0000)]
Missed one.

16 years ago* cipher.h: Drop TIGER/192 support.
David Shaw [Thu, 4 Sep 2003 12:30:01 +0000 (12:30 +0000)]
* cipher.h: Drop TIGER/192 support.

16 years ago* Drop TIGER/192 support. Check for UINT64_C to go along
David Shaw [Thu, 4 Sep 2003 12:27:33 +0000 (12:27 +0000)]
* Drop TIGER/192 support.  Check for UINT64_C to go along
with uint64_t.

16 years ago* mds.test, sigs.test: Remove TIGER/192 and make SHA-256 optional (since
David Shaw [Thu, 4 Sep 2003 12:12:42 +0000 (12:12 +0000)]
* mds.test, sigs.test: Remove TIGER/192 and make SHA-256 optional (since
it might not be compiled in).

16 years ago* armor.c (parse_hash_header, armor_filter), g10.c (print_hex, print_mds),
David Shaw [Thu, 4 Sep 2003 12:03:04 +0000 (12:03 +0000)]
* armor.c (parse_hash_header, armor_filter), g10.c (print_hex, print_mds),
pkclist.c (algo_available): Drop TIGER/192 support.

16 years ago* md.c (string_to_digest_algo): Enable read-write SHA-256 support.
David Shaw [Thu, 4 Sep 2003 11:53:10 +0000 (11:53 +0000)]
* md.c (string_to_digest_algo): Enable read-write SHA-256 support.

* algorithms.h,, md.c (load_digest_module,
string_to_digest_algo), tiger.c: Drop TIGER/192 support.

16 years ago* keyedit.c (show_key_with_all_names): Fix assertion failure when using
David Shaw [Wed, 3 Sep 2003 23:24:03 +0000 (23:24 +0000)]
* keyedit.c (show_key_with_all_names): Fix assertion failure when using
toggle to see a secret key.  Reported by Maxim Britov.

16 years ago* NEWS: Note --list-options, --verify-options, the deprecation of
David Shaw [Tue, 2 Sep 2003 03:16:34 +0000 (03:16 +0000)]
* NEWS: Note --list-options, --verify-options, the deprecation of
--show-photos, --show-policy-url, --show-notation, and --show-keyring, and
getting the signer's fingerprint in sig records.

16 years ago* DETAILS: Note fingerprint of signing key in sig records.
David Shaw [Tue, 2 Sep 2003 03:12:46 +0000 (03:12 +0000)]
* DETAILS: Note fingerprint of signing key in sig records.

16 years ago* gpg.sgml: Use "keyserver-url" instead of "preferred-keyserver" for the
David Shaw [Sun, 31 Aug 2003 23:51:12 +0000 (23:51 +0000)]
* gpg.sgml: Use "keyserver-url" instead of "preferred-keyserver" for the
sake of short and simple commands.

16 years ago* g10.c (add_keyserver_url), keyedit.c (keyedit_menu), sign.c
David Shaw [Sun, 31 Aug 2003 23:49:07 +0000 (23:49 +0000)]
* g10.c (add_keyserver_url), keyedit.c (keyedit_menu), sign.c
(mk_notation_policy_etc): Clarify a few strings.  It's a "preferred
keyserver URL".

* g10.c (main): Use "keyserver-url" instead of "preferred-keyserver" for
the sake of short and simple commands.

16 years ago* main.h, keygen.c (keygen_add_keyserver_url): Signature callback for
David Shaw [Sun, 31 Aug 2003 03:45:41 +0000 (03:45 +0000)]
* main.h, keygen.c (keygen_add_keyserver_url): Signature callback for
adding a keyserver URL.

* keyedit.c (keyedit_menu, menu_set_keyserver_url): New command to set
preferred keyserver to specified (or all) user IDs.

* build-packet.c (build_sig_subpkt): Set preferred keyserver flag while
building a preferred keyserver subpacket.

* keylist.c (show_policy_url): Policy URLs might be UTF8.

* keyedit.c (menu_addrevoker): Fix leaking a few bytes.

16 years ago* gpg.sgml: Document list-options (show-preferred-keyserver,
David Shaw [Sat, 30 Aug 2003 03:29:33 +0000 (03:29 +0000)]
* gpg.sgml: Document list-options (show-preferred-keyserver,
show-validity, show-long-keyid, and show-sig-expire), and verify-options
(show-preferred-keyserver, show-validity, show-long-keyid).

16 years ago* keyedit.c (show_key_with_all_names): Use list-option show-long-keyid in
David Shaw [Sat, 30 Aug 2003 01:08:08 +0000 (01:08 +0000)]
* keyedit.c (show_key_with_all_names): Use list-option show-long-keyid in
main --edit-key display.

16 years ago* keyedit.c (print_and_check_one_sig): Use list-option show-long-keyid in
David Shaw [Sat, 30 Aug 2003 00:40:56 +0000 (00:40 +0000)]
* keyedit.c (print_and_check_one_sig): Use list-option show-long-keyid in
--edit-key "check" function.

16 years agoCredits from stable
David Shaw [Fri, 29 Aug 2003 02:27:02 +0000 (02:27 +0000)]
Credits from stable

16 years ago* samplekeys.asc: Updated.
David Shaw [Fri, 29 Aug 2003 02:25:57 +0000 (02:25 +0000)]
* samplekeys.asc: Updated.

* DETAILS: Document "tru" trust record.  Document REVKEYSIG status tag.
Removed paragraph on gdbm usage.  Note that pipemode is deprecated.

16 years ago* Touch po/all for --build-w32. From Werner on stable branch.
David Shaw [Fri, 29 Aug 2003 00:42:31 +0000 (00:42 +0000)]
* Touch po/all for --build-w32.  From Werner on stable branch.

16 years ago* AUTHORS, THANKS: Updates from stable.
David Shaw [Fri, 29 Aug 2003 00:26:16 +0000 (00:26 +0000)]
* AUTHORS, THANKS: Updates from stable.

16 years ago* passphrase.c (agent_send_all_options): Make use of $GPG_TTY.
David Shaw [Fri, 29 Aug 2003 00:14:42 +0000 (00:14 +0000)]
* passphrase.c (agent_send_all_options): Make use of $GPG_TTY.

* g10.c (main): Disable use-agent if passphrase-fd is given later.
Suggested by Kurt Garloff.

* exec.c, g10.c, gpgv.c, passphrase.c, photoid.c: s/__MINGW32__/_WIN32/ to
help building on native Windows compilers.  Requested by Brian Gladman.
From Werner on stable branch.

16 years ago* idea-stub.c, random.c; s/__MINGW32__/_WIN32/ to help building on native
David Shaw [Thu, 28 Aug 2003 23:49:03 +0000 (23:49 +0000)]
* idea-stub.c, random.c; s/__MINGW32__/_WIN32/ to help building on native
Windows compilers.  Requested by Brian Gladman.  From Werner on stable

16 years ago* util.h: s/__MINGW32__/_WIN32/ to help building on native Windows
David Shaw [Thu, 28 Aug 2003 23:41:41 +0000 (23:41 +0000)]
* util.h: s/__MINGW32__/_WIN32/ to help building on native Windows
compilers.  Requested by Brian Gladman.  From Werner on stable branch.

16 years ago* dotlock.c, http.c, iobuf.c, simple-gettext.c, srv.c, srv.h, strgutil.c,
David Shaw [Thu, 28 Aug 2003 23:29:32 +0000 (23:29 +0000)]
* dotlock.c, http.c, iobuf.c, simple-gettext.c, srv.c, srv.h, strgutil.c,
ttyio.c, w32reg.c: s/__MINGW32__/_WIN32/ to help building on native
Windows compilers.  Requested by Brian Gladman. From Werner on stable

* http.c (connect_server): Oops - forgot to freeaddrinfo().

16 years ago* options.h, g10.c (main): Add list-option list-preferred-keyserver.
David Shaw [Tue, 26 Aug 2003 04:07:52 +0000 (04:07 +0000)]
* options.h, g10.c (main): Add list-option list-preferred-keyserver.

* keyedit.c (change_passphrase): When responding 'no' to the blank
passphrase question, re-prompt for a new passphrase.  This is bug #202.

16 years ago* mainproc.c (check_sig_and_print): Use two different preferred keyserver
David Shaw [Tue, 26 Aug 2003 03:56:47 +0000 (03:56 +0000)]
* mainproc.c (check_sig_and_print): Use two different preferred keyserver
displays - one if the key is not present (to tell the user where to get
the key), the other if it is present (to tell the user where the key can
be refreshed).

* packet.h, parse-packet.c (parse_signature): Set flag if a preferred
keyserver is present.

* keylist.c (list_keyblock_print): Show keyserver url in listings with
list-option show-keyserver-url.

16 years ago* NEWS: Note %g and %p, the "tru" --with-colons record, and the REVKEYSIG
David Shaw [Tue, 26 Aug 2003 03:03:54 +0000 (03:03 +0000)]
* NEWS: Note %g and %p, the "tru" --with-colons record, and the REVKEYSIG
--status-fd tag.

* README: Add a note about the SunOS symbol underscore problem and how to
fix it.  Note problem with gcc < 2.96 and non-gnu as.

16 years ago* Rework much of the spec to use %-macros throughout. Fix
David Shaw [Tue, 26 Aug 2003 00:37:09 +0000 (00:37 +0000)]
* Rework much of the spec to use %-macros throughout.  Fix
to work properly with RPM 4.1 (all files in buildroot must be packaged).
Package and install info files. Tweak the English description.  Do not
install gpgv and gpgsplit setuid root. Make sure that install-info is
called in such a way that doesn't bork the RPM install if it cannot
complete (necessary for some upgrade scenarios).

16 years ago* gpg.sgml: Document --list-options (show-photos, show-policy-url,
David Shaw [Tue, 26 Aug 2003 00:32:58 +0000 (00:32 +0000)]
* gpg.sgml: Document --list-options (show-photos, show-policy-url,
show-notation, show-keyring) and --verify-options (show-photos,
show-policy-url, show-notation).  Deprecate --show-photos,
--show-policy-url, --show-notation, and --show-keyring.

16 years ago* Use NETLIBS instead of EGDLIBS.
David Shaw [Mon, 25 Aug 2003 03:37:06 +0000 (03:37 +0000)]
* Use NETLIBS instead of EGDLIBS.

16 years ago* Check for getaddrinfo. Don't bother to check for EGD libs
David Shaw [Mon, 25 Aug 2003 03:32:01 +0000 (03:32 +0000)]
* Check for getaddrinfo.  Don't bother to check for EGD libs
since we need to have the netlibs regardless because of the agent socket.

16 years ago* http.c (connect_server): Try and use getaddrinfo if it is available.
David Shaw [Mon, 25 Aug 2003 02:18:45 +0000 (02:18 +0000)]
* http.c (connect_server): Try and use getaddrinfo if it is available.
Try for IPv6 via getaddrinfo() or a IPv6-ized gethostbyname().  Suggested
by Jun-ichiro itojun Hagino.

16 years ago* mainproc.c (check_sig_and_print): Get the uid validity before printing
David Shaw [Sun, 24 Aug 2003 23:01:26 +0000 (23:01 +0000)]
* mainproc.c (check_sig_and_print): Get the uid validity before printing
any sig results to avoid munging the output with trustdb warnings.

* g10.c (main): Don't include --show-keyring in --help as it is

16 years ago* random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM twice.
David Shaw [Thu, 21 Aug 2003 23:26:57 +0000 (23:26 +0000)]
* random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM twice.

16 years ago* gpgv.c: Remove extra semicolon (typo).
David Shaw [Thu, 21 Aug 2003 23:20:58 +0000 (23:20 +0000)]
* gpgv.c: Remove extra semicolon (typo).

* options.skel: Note that isn't synchronized, and
explain the roundrobin a bit better.

* sig-check.c (check_key_signature2), import.c (import_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids,
merge_blocks): Make much quieter during import of slightly munged, but
recoverable, keys. Use log_error for unrecoverable import failures.

* keyring.c (keyring_rebuild_cache): Comment.

* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.

16 years ago* packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
David Shaw [Wed, 13 Aug 2003 03:31:36 +0000 (03:31 +0000)]
* packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
Provide a signing-key-is-revoked flag.  Change all callers.

* status.h, status.c (get_status_string): New REVKEYSIG status tag for a
good signature from a revoked key.

* mainproc.c (do_check_sig, check_sig_and_print): Use it here.

* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare actual
signatures on import rather than using keyid or class matching.  This does
not change actual behavior with a key, but does mean that all sigs are
imported whether they will be used or not.

* parse-packet.c (parse_signature): Don't give "signature packet without
xxxx" warnings for experimental pk algorithms.  An experimental algorithm
may not have a notion of (for example) a keyid (i.e. PGP's x.509 stuff).

16 years agoAbout to release the first 1.9 version. V1-9-0
Werner Koch [Tue, 5 Aug 2003 17:20:18 +0000 (17:20 +0000)]
About to release the first 1.9 version.

16 years agoCleanups, fixes and PC/SC support
Werner Koch [Tue, 5 Aug 2003 17:11:04 +0000 (17:11 +0000)]
Cleanups, fixes and PC/SC support

16 years ago* options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
David Shaw [Sun, 3 Aug 2003 02:37:48 +0000 (02:37 +0000)]
* options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
(print_and_check_one_sig): New "show-sig-expire" list-option to show
signature expiration dates (if any).

16 years agominor changes to make make distcheck happy
Werner Koch [Thu, 31 Jul 2003 15:45:11 +0000 (15:45 +0000)]
minor changes to make make distcheck happy

16 years agoRemove leftover cruft
Werner Koch [Tue, 29 Jul 2003 14:10:02 +0000 (14:10 +0000)]
Remove leftover cruft

16 years ago*** empty log message ***
Werner Koch [Tue, 29 Jul 2003 14:07:28 +0000 (14:07 +0000)]
*** empty log message ***

16 years ago* gpgsm.c (main): Add secmem features and set the random seed file.
Werner Koch [Tue, 29 Jul 2003 08:53:19 +0000 (08:53 +0000)]
* gpgsm.c (main): Add secmem features and set the random seed file.
(gpgsm_exit): Update the random seed file and enable debug output.

* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.

* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.

16 years agoAdjusted for use with current libgcrypt (1.1.42).
Werner Koch [Mon, 28 Jul 2003 08:59:18 +0000 (08:59 +0000)]
Adjusted for use with current libgcrypt (1.1.42).

16 years ago* options.h, g10.c (main, add_keyserver_url): Add
David Shaw [Thu, 24 Jul 2003 19:28:12 +0000 (19:28 +0000)]
* options.h, g10.c (main, add_keyserver_url): Add
--sig-preferred-keyserver to implant a "where to get my key" subpacket
into a signature.

* sign.c (mk_notation_and_policy): Rename to mk_notation_policy_etc and
add preferred keyserver support for signatures.

16 years ago* app-openpgp.c (do_learn_status): Print more status information.
Werner Koch [Thu, 24 Jul 2003 09:06:13 +0000 (09:06 +0000)]
* app-openpgp.c (do_learn_status): Print more status information.
(app_select_openpgp): Store the card version.
(store_fpr): Add argument card_version and fix DOs for old cards.
(app_openpgp_storekey): Likewise.

16 years ago* command.c (cmd_pkauth): New.
Werner Koch [Wed, 23 Jul 2003 07:13:05 +0000 (07:13 +0000)]
* command.c (cmd_pkauth): New.
(cmd_setdata): Check whether data was given at all to avoid
passing 0 to malloc.

* app.c (app_auth): New.
* app-openpgp.c (do_auth): New.

16 years ago* keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
David Shaw [Mon, 21 Jul 2003 23:19:15 +0000 (23:19 +0000)]
* keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.

* sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.

* trustdb.h, trustdb.c (read_trust_options): New.  Returns items from the
trustdb version record.

* keylist.c (public_key_list): Use it here for the new "tru" record.

* gpgv.c (read_trust_options): Stub.

16 years ago* keyedit.c (show_key_with_all_names): Use list-option show-validity in
David Shaw [Sun, 20 Jul 2003 17:09:43 +0000 (17:09 +0000)]
* keyedit.c (show_key_with_all_names): Use list-option show-validity in
--edit-key interface as well.

16 years ago* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
David Shaw [Sun, 20 Jul 2003 02:09:06 +0000 (02:09 +0000)]
* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
verify-options "show-validity" and "show-long-keyid" to show trustdb
validity and long keyids during (file) signature verification.

16 years ago* packet.h, main.h, sig-check.c (signature_check2, check_key_signature2,
David Shaw [Sun, 20 Jul 2003 00:10:13 +0000 (00:10 +0000)]
* packet.h, main.h, sig-check.c (signature_check2, check_key_signature2,
do_check): If ret_pk is set, fill in the pk used to verify the signature.
Change all callers in getkey.c, mainproc.c, and sig-check.c.

* keylist.c (list_keyblock_colon): Use the ret_pk from above to put the
fingerprint of the signing key in "sig" records during a --with-colons
--check-sigs.  This requires --no-sig-cache as well since we don't cache

16 years ago* Add sc-copykeys program.
Werner Koch [Wed, 16 Jul 2003 13:47:14 +0000 (13:47 +0000)]
* Add sc-copykeys program.
* sc-copykeys.c: New.
* app-openpgp.c (app_openpgp_storekey): New.
(app_openpgp_cardinfo): New.
(count_bits): New.
(store_fpr): And use it here to get the actual length in bit.

16 years ago* simple-pwquery.c, simple-pwquery.h: New; moved from ../agent.
Werner Koch [Wed, 16 Jul 2003 13:44:43 +0000 (13:44 +0000)]
* simple-pwquery.c, simple-pwquery.h:  New; moved from ../agent.
* (libsimple_pwquery_a_LIBADD): New.

16 years ago* simple-pwquery.c, simple-pwquery.h: Moved to ../common.
Werner Koch [Wed, 16 Jul 2003 13:44:03 +0000 (13:44 +0000)]
* simple-pwquery.c, simple-pwquery.h:  Moved to ../common.
* (gpg_protect_tool_LDADD): Add simple-pwquery.o.
Removed it from xx_SOURCES.

16 years ago* Add --no-permission-warning to avoid spurious warning when
David Shaw [Thu, 10 Jul 2003 15:10:02 +0000 (15:10 +0000)]
* Add --no-permission-warning to avoid spurious warning when
importing demo keys.

16 years ago* Check for sigset_t and struct sigaction.
David Shaw [Thu, 10 Jul 2003 15:03:55 +0000 (15:03 +0000)]
* Check for sigset_t and struct sigaction.
This is for Forte c89 on Solaris which seems to define only the function
call half of the two pairs by default.

16 years ago* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
David Shaw [Thu, 10 Jul 2003 14:30:07 +0000 (14:30 +0000)]
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.

* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).

* Include W32LIBS where appropriate.

* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.

* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.

* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.

* options.skel: Use as the default keyserver.

* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.

* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction.  This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.

* signal.c, tdbio.c: Comment out the transaction code.  It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).

* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading.  This
is a temporary kludge, and will be handled properly in 1.9/2.0.

* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.

* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids).  Do not allow signing a user ID without a
self-signature.  --expert overrides.  Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181

* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl.  Noted by Christian Biere.

* getkey.c (classify_user_id2): Replaced isspace by spacep

* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.

* keyedit.c (keyedit_menu): Ditto.

* tdbdump.c (import_ownertrust): Ditto.  s/isxdigit/hexdigitp/.

* revoke.c (ask_revocation_reason):

* keyserver.c (keyserver_spawn): Dito.

16 years ago* DETAILS: Document the --attribute-fd data.
David Shaw [Thu, 10 Jul 2003 12:42:49 +0000 (12:42 +0000)]
* DETAILS: Document the --attribute-fd data.

* gpg.sgml: Document --set-notation.  Explain why it is not possible to
disable permission warnings in the gpg.conf file about the homedir.  Add
pointer in --ignore-time-conflict to see --ignore-valid from, and vice
versa.  Warning not to try and parse --list-keys in scripts. Document the
signature flags (1-3/L/R/P/N/X), Document expandos %g and %p.  Note the
default --personal-digest-preferences are "H2".

16 years ago* Use W32LIBS where appropriate.
David Shaw [Thu, 10 Jul 2003 12:32:57 +0000 (12:32 +0000)]
* Use W32LIBS where appropriate.

16 years ago* iobuf.c (check_special_filename): Replaced is isdigit by digitp
David Shaw [Thu, 10 Jul 2003 12:26:42 +0000 (12:26 +0000)]
* iobuf.c (check_special_filename): Replaced is isdigit by digitp
to avoid passing negative values and potential locale problems.
Problem noted by Christian Biere.
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
pass a negative value.
* miscutil.c (scan_isodatestr): Ditto.

16 years ago* types.h: Prefer using uint64_t when creating a 64-bit unsigned type.
David Shaw [Thu, 10 Jul 2003 12:13:53 +0000 (12:13 +0000)]
* types.h: Prefer using uint64_t when creating a 64-bit unsigned type.
This avoids a warning on compilers that support but complain about
unsigned long long.

* util.h (ascii_isspace): New variation on isspace() that is immune from
locale changes.

* util.h: Make sure that only ascii is passed to isfoo functions. (From
Werner on stable branch).

16 years ago* THANKS: Updates from stable.
David Shaw [Thu, 10 Jul 2003 12:06:08 +0000 (12:06 +0000)]
* THANKS: Updates from stable.

* Include wsock32 in W32LIBS.  This is different from
NETLIBS so we don't need to force other platforms to pull in the netlibs
when they aren't actually needed.

* NEWS: Note portability changes.

16 years agoMinor changes to make make dist work correctly.
Werner Koch [Fri, 4 Jul 2003 09:40:19 +0000 (09:40 +0000)]
Minor changes to make make dist work correctly.

16 years ago* app-openpgp.c (do_setattr): Add setting of the URL.
Werner Koch [Thu, 3 Jul 2003 18:10:13 +0000 (18:10 +0000)]
* app-openpgp.c (do_setattr): Add setting of the URL.
(app_select_openpgp): Dump card data only in very verbose mode.
(do_decipher): New.

16 years ago* app-openpgp.c (store_fpr): Fixed fingerprint calculation.
Werner Koch [Tue, 1 Jul 2003 08:34:45 +0000 (08:34 +0000)]
* app-openpgp.c (store_fpr): Fixed fingerprint calculation.

* keygen.c (gen_card_key): Obviously we should use the creation
date received from SCDAEMON, so that the fingerprints will match.
* sign.c (do_sign): Pass the serialno to the sign code.
* keyid.c (serialno_and_fpr_from_sk): New.

16 years agoKey generation and signing using the OpenPGP card does rudimentary work.
Werner Koch [Fri, 27 Jun 2003 20:53:09 +0000 (20:53 +0000)]
Key generation and signing using the OpenPGP card does rudimentary work.

16 years agoFinished the bulk of changes for gnupg 1.9. This included switching
Werner Koch [Wed, 18 Jun 2003 19:56:13 +0000 (19:56 +0000)]
Finished the bulk of changes for gnupg 1.9.  This included switching
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types.  Note, that not all changes are listed below becuause they are
too similar and done at far too many places.  As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.

16 years ago* parse-packet.c (parse): Disallow old style partial length for
Werner Koch [Tue, 10 Jun 2003 09:05:38 +0000 (09:05 +0000)]
* parse-packet.c (parse): Disallow old style partial length for
all key material packets to avoid possible corruption of keyrings.

16 years ago* import.c (import_keys_internal): Invalidate the cache so that
Werner Koch [Sun, 8 Jun 2003 21:35:25 +0000 (21:35 +0000)]
* import.c (import_keys_internal): Invalidate the cache so that
the file descriptor gets closed.  Fixes bug reported by Juan
F. Codagnone.

16 years ago* import.c (import_keys_internal): Invalidate the cache so that
Werner Koch [Sun, 8 Jun 2003 21:23:48 +0000 (21:23 +0000)]
* import.c (import_keys_internal): Invalidate the cache so that
the file descriptor gets closed.  Fixes bug reported by Juan
F. Codagnone.

16 years agoA small step for GnuPG but a huge leap for error codes.
Werner Koch [Thu, 5 Jun 2003 07:14:21 +0000 (07:14 +0000)]
A small step for GnuPG but a huge leap for error codes.
(Sorry, it does not build currently - I need to check it in to avoid
duplicate work.)

16 years ago* options.skel: Use new hkp:// as sample keyserver since
David Shaw [Thu, 5 Jun 2003 02:06:12 +0000 (02:06 +0000)]
* options.skel: Use new hkp:// as sample keyserver since
they at least handle subkeys correctly.

* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
parse_one_sig_subpkt, can_handle_critical): Add read-only support for
preferred keyserver subpackets.  They're basically policy URLs with a
different name.  Add a verify-option "show-preferred-keyserver" to turn
them on and off (on by default, as per stable branch).

* g10.c (main): Add "--set-notation" as alias to "--notation-data" this is
to make things consistent with --set-policy-url meaning both sigs and

16 years agoUpdate error handling to match gpg-error in CVS.
Marcus Brinkmann [Wed, 4 Jun 2003 21:37:56 +0000 (21:37 +0000)]
Update error handling to match gpg-error in CVS.

16 years agoInadvertently left out of the 2003-06-01 checkin
David Shaw [Wed, 4 Jun 2003 21:21:23 +0000 (21:21 +0000)]
Inadvertently left out of the 2003-06-01 checkin

16 years agoFix small typo in comment.
Marcus Brinkmann [Tue, 3 Jun 2003 22:51:14 +0000 (22:51 +0000)]
Fix small typo in comment.

16 years ago* scdaemon.h: Include gpg-error.h and errno.h
Werner Koch [Tue, 3 Jun 2003 20:08:03 +0000 (20:08 +0000)]
* scdaemon.h: Include gpg-error.h and errno.h
* card.c (map_sc_err): Use unknown for the error source.
* Link with libgpg-error

16 years agoMake use of libgpg-error
Werner Koch [Tue, 3 Jun 2003 19:55:50 +0000 (19:55 +0000)]
Make use of libgpg-error

16 years ago* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
David Shaw [Tue, 3 Jun 2003 17:47:58 +0000 (17:47 +0000)]
* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-validity" and "show-long-keyid" list-options.

* gpgv.c (get_validity, trust_value_to_string): Stubs.

* g10.c (main): Use SAFE_VERSION instead of VERSION in the
version-specific gpg.conf file so it can be overridden on RISCOS.

16 years ago* Define SAFE_VERSION so that RISCOS can override it and
David Shaw [Tue, 3 Jun 2003 17:42:22 +0000 (17:42 +0000)]
* Define SAFE_VERSION so that RISCOS can override it and
remove invalid chars.

16 years ago* g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
David Shaw [Sun, 1 Jun 2003 15:36:13 +0000 (15:36 +0000)]
* g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
(check_sig_and_print): Emulate the old policy and notation behavior
(display by default).  Send to status-fd whether it is displayed on the
screen or not.

* g10.c (main): Since we now have some options in devel that won't work in
a stable branch gpg.conf file, try for a version-specific gpg.conf-VERSION
file before falling back to gpg.conf.

* main.h, options.h: Move various option flags to options.h.

16 years ago* mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
David Shaw [Sat, 31 May 2003 23:23:19 +0000 (23:23 +0000)]
* mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
show_notation): Collapse the old print_notation_data into show_policy()
and show_notation() so there is only one function to print notations and
policy URLs.

* options.h, main.h, g10.c (main), keyedit.c (print_and_check_one_sig),
keylist.c (list_one, list_keyblock_print), pkclist.c (do_edit_ownertrust),
sign.c (mk_notation_and_policy): New "list-options" and "verify-options"
commands.  These replace the existing --show-photos/--no-show-photos,
--show-policy-url/--no-show-policy-url, and --show-keyring options.  The
new method is more flexible since a user can specify (for example) showing
photos during sig verification, but not in key listings.  The old options
are emulated.

16 years ago* main.h, misc.c (parse_options): New general option line parser. Fix the
David Shaw [Sat, 31 May 2003 21:52:16 +0000 (21:52 +0000)]
* main.h, misc.c (parse_options): New general option line parser. Fix the
bug in the old version that did not handle report syntax errors after a
valid entry.

* import.c (parse_import_options), export.c (parse_export_options): Call
it here instead of duplicating the code.

16 years ago* keylist.c (list_one): Don't show the keyring filename when in
David Shaw [Sat, 31 May 2003 04:06:06 +0000 (04:06 +0000)]
* keylist.c (list_one): Don't show the keyring filename when in
--with-colons mode.  Actually translate "Keyring" string.

* mainproc.c (proc_tree): We can't currently handle multiple signatures of
different classes or digests (we'd pretty much have to run a different
hash context for each), but if they are all the same, make an exception.
This is Debian bug #194292.

* sig-check.c (check_key_signature2): Make string translatable.

* packet.h, getkey.c (fixup_uidnode): Mark real primary uids differently
than assumed primaries.

* keyedit.c (no_primary_warning): Use the differently marked primaries
here in a new function to warn when an --edit-key command might rearrange
the self-sig dates enough to change which uid is primary. (menu_expire,
menu_set_preferences): Use no_primary_warning() here.

* Use @DLLIBS@ for -ldl.

16 years ago* gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available.
David Shaw [Sat, 31 May 2003 03:52:02 +0000 (03:52 +0000)]
* gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available.
Also include extern references for optarg and optind since there is no
guarantee that any header file will include them.  Standards?  We don't
need no stinkin' standards

* Use @GETOPT@ to pull in libiberty on those platforms that
need it.

16 years ago* Some cleanup, and use DLLIBS for -ldl.
David Shaw [Sat, 31 May 2003 03:41:42 +0000 (03:41 +0000)]
* Some cleanup, and use DLLIBS for -ldl.

16 years ago* srv.h, srv.c: Include windows.h with MINGW32.
David Shaw [Sat, 31 May 2003 03:15:50 +0000 (03:15 +0000)]
* srv.h, srv.c: Include windows.h with MINGW32.

16 years ago* Put wsock32 in NETLIBS. Put zlib in ZLIBS. Put dl in
David Shaw [Sat, 31 May 2003 02:14:31 +0000 (02:14 +0000)]
* Put wsock32 in NETLIBS.  Put zlib in ZLIBS.  Put dl in
DLLIBS.  Check for getopt.h if available.  Look for getopt() in libiberty
if libc doesn't have it.  Enable GPGKEYS_HKP after AC_PROG_CC so that any
needed extension (i.e. ".exe") is defined.

16 years agoBumbed version number after release
Werner Koch [Tue, 27 May 2003 09:32:51 +0000 (09:32 +0000)]
Bumbed version number after release

16 years agoAbout to release 1.3.2 V1-3-2
Werner Koch [Tue, 27 May 2003 08:38:58 +0000 (08:38 +0000)]
About to release 1.3.2

16 years ago* NEWS: Document --gnupg and the deprecation of --no-openpgp and
David Shaw [Mon, 26 May 2003 19:56:32 +0000 (19:56 +0000)]
* NEWS: Document --gnupg and the deprecation of --no-openpgp and

16 years ago* (pgmname): Make sure there is a valid options file. (From wk on
David Shaw [Mon, 26 May 2003 14:14:03 +0000 (14:14 +0000)]
* (pgmname): Make sure there is a valid options file. (From wk on
stable branch)

* mds.test: Note that missing algorithms are not errors.

16 years ago* mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable branch)
David Shaw [Mon, 26 May 2003 13:39:38 +0000 (13:39 +0000)]
* mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable branch)

16 years ago* gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable branch)
David Shaw [Mon, 26 May 2003 13:34:42 +0000 (13:34 +0000)]
* gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable branch)

* gnupg-w32.reg: Use HLM for the program and make sure the entries are
created.  Suggested by (From wk on
stable branch)CVS: ----------------------------------------------------------------------

16 years ago* getkey.c (premerge_public_with_secret): Made "no secret subkey for"
David Shaw [Mon, 26 May 2003 13:21:12 +0000 (13:21 +0000)]
* getkey.c (premerge_public_with_secret): Made "no secret subkey for"
warning a verbose item and translatable. (From wk on stable branch)

* sig-check.c (check_key_signature2): Made "no subkey for subkey binding
packet" a verbose item instead of a !quiet one.  There are too many
garbled keys out in the wild. (From wk on stable branch)

* filter.h: Remove const from WHAT. (From wk on stable branch)

* progress.c (handle_progress): Store a copy of NAME. (progress_filter):
Release WHAT, make sure not to print a NULL WHAT. (From wk on stable

* openfile.c (open_sigfile): Adjust free for new progress semantics. (From
wk on stable branch)

* plaintext.c (ask_for_detached_datafile): Don't dealloc pfx->WHAT. (From
wk on stable branch)

* seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when the cipher
algo is IDEA to make it easier to track down the problem. (From twoaday on
stable branch)