16 years agoInadvertently left out of the 2003-06-01 checkin
David Shaw [Wed, 4 Jun 2003 21:21:23 +0000 (21:21 +0000)]
Inadvertently left out of the 2003-06-01 checkin

16 years agoFix small typo in comment.
Marcus Brinkmann [Tue, 3 Jun 2003 22:51:14 +0000 (22:51 +0000)]
Fix small typo in comment.

16 years ago* scdaemon.h: Include gpg-error.h and errno.h
Werner Koch [Tue, 3 Jun 2003 20:08:03 +0000 (20:08 +0000)]
* scdaemon.h: Include gpg-error.h and errno.h
* card.c (map_sc_err): Use unknown for the error source.
* Link with libgpg-error

16 years agoMake use of libgpg-error
Werner Koch [Tue, 3 Jun 2003 19:55:50 +0000 (19:55 +0000)]
Make use of libgpg-error

16 years ago* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
David Shaw [Tue, 3 Jun 2003 17:47:58 +0000 (17:47 +0000)]
* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-validity" and "show-long-keyid" list-options.

* gpgv.c (get_validity, trust_value_to_string): Stubs.

* g10.c (main): Use SAFE_VERSION instead of VERSION in the
version-specific gpg.conf file so it can be overridden on RISCOS.

16 years ago* Define SAFE_VERSION so that RISCOS can override it and
David Shaw [Tue, 3 Jun 2003 17:42:22 +0000 (17:42 +0000)]
* Define SAFE_VERSION so that RISCOS can override it and
remove invalid chars.

16 years ago* g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
David Shaw [Sun, 1 Jun 2003 15:36:13 +0000 (15:36 +0000)]
* g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
(check_sig_and_print): Emulate the old policy and notation behavior
(display by default).  Send to status-fd whether it is displayed on the
screen or not.

* g10.c (main): Since we now have some options in devel that won't work in
a stable branch gpg.conf file, try for a version-specific gpg.conf-VERSION
file before falling back to gpg.conf.

* main.h, options.h: Move various option flags to options.h.

16 years ago* mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
David Shaw [Sat, 31 May 2003 23:23:19 +0000 (23:23 +0000)]
* mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
show_notation): Collapse the old print_notation_data into show_policy()
and show_notation() so there is only one function to print notations and
policy URLs.

* options.h, main.h, g10.c (main), keyedit.c (print_and_check_one_sig),
keylist.c (list_one, list_keyblock_print), pkclist.c (do_edit_ownertrust),
sign.c (mk_notation_and_policy): New "list-options" and "verify-options"
commands.  These replace the existing --show-photos/--no-show-photos,
--show-policy-url/--no-show-policy-url, and --show-keyring options.  The
new method is more flexible since a user can specify (for example) showing
photos during sig verification, but not in key listings.  The old options
are emulated.

16 years ago* main.h, misc.c (parse_options): New general option line parser. Fix the
David Shaw [Sat, 31 May 2003 21:52:16 +0000 (21:52 +0000)]
* main.h, misc.c (parse_options): New general option line parser. Fix the
bug in the old version that did not handle report syntax errors after a
valid entry.

* import.c (parse_import_options), export.c (parse_export_options): Call
it here instead of duplicating the code.

16 years ago* keylist.c (list_one): Don't show the keyring filename when in
David Shaw [Sat, 31 May 2003 04:06:06 +0000 (04:06 +0000)]
* keylist.c (list_one): Don't show the keyring filename when in
--with-colons mode.  Actually translate "Keyring" string.

* mainproc.c (proc_tree): We can't currently handle multiple signatures of
different classes or digests (we'd pretty much have to run a different
hash context for each), but if they are all the same, make an exception.
This is Debian bug #194292.

* sig-check.c (check_key_signature2): Make string translatable.

* packet.h, getkey.c (fixup_uidnode): Mark real primary uids differently
than assumed primaries.

* keyedit.c (no_primary_warning): Use the differently marked primaries
here in a new function to warn when an --edit-key command might rearrange
the self-sig dates enough to change which uid is primary. (menu_expire,
menu_set_preferences): Use no_primary_warning() here.

* Use @DLLIBS@ for -ldl.

16 years ago* gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available.
David Shaw [Sat, 31 May 2003 03:52:02 +0000 (03:52 +0000)]
* gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available.
Also include extern references for optarg and optind since there is no
guarantee that any header file will include them.  Standards?  We don't
need no stinkin' standards

* Use @GETOPT@ to pull in libiberty on those platforms that
need it.

16 years ago* Some cleanup, and use DLLIBS for -ldl.
David Shaw [Sat, 31 May 2003 03:41:42 +0000 (03:41 +0000)]
* Some cleanup, and use DLLIBS for -ldl.

16 years ago* srv.h, srv.c: Include windows.h with MINGW32.
David Shaw [Sat, 31 May 2003 03:15:50 +0000 (03:15 +0000)]
* srv.h, srv.c: Include windows.h with MINGW32.

16 years ago* Put wsock32 in NETLIBS. Put zlib in ZLIBS. Put dl in
David Shaw [Sat, 31 May 2003 02:14:31 +0000 (02:14 +0000)]
* Put wsock32 in NETLIBS.  Put zlib in ZLIBS.  Put dl in
DLLIBS.  Check for getopt.h if available.  Look for getopt() in libiberty
if libc doesn't have it.  Enable GPGKEYS_HKP after AC_PROG_CC so that any
needed extension (i.e. ".exe") is defined.

16 years agoBumbed version number after release
Werner Koch [Tue, 27 May 2003 09:32:51 +0000 (09:32 +0000)]
Bumbed version number after release

16 years agoAbout to release 1.3.2 V1-3-2
Werner Koch [Tue, 27 May 2003 08:38:58 +0000 (08:38 +0000)]
About to release 1.3.2

16 years ago* NEWS: Document --gnupg and the deprecation of --no-openpgp and
David Shaw [Mon, 26 May 2003 19:56:32 +0000 (19:56 +0000)]
* NEWS: Document --gnupg and the deprecation of --no-openpgp and

16 years ago* (pgmname): Make sure there is a valid options file. (From wk on
David Shaw [Mon, 26 May 2003 14:14:03 +0000 (14:14 +0000)]
* (pgmname): Make sure there is a valid options file. (From wk on
stable branch)

* mds.test: Note that missing algorithms are not errors.

16 years ago* mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable branch)
David Shaw [Mon, 26 May 2003 13:39:38 +0000 (13:39 +0000)]
* mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable branch)

16 years ago* gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable branch)
David Shaw [Mon, 26 May 2003 13:34:42 +0000 (13:34 +0000)]
* gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable branch)

* gnupg-w32.reg: Use HLM for the program and make sure the entries are
created.  Suggested by (From wk on
stable branch)CVS: ----------------------------------------------------------------------

16 years ago* getkey.c (premerge_public_with_secret): Made "no secret subkey for"
David Shaw [Mon, 26 May 2003 13:21:12 +0000 (13:21 +0000)]
* getkey.c (premerge_public_with_secret): Made "no secret subkey for"
warning a verbose item and translatable. (From wk on stable branch)

* sig-check.c (check_key_signature2): Made "no subkey for subkey binding
packet" a verbose item instead of a !quiet one.  There are too many
garbled keys out in the wild. (From wk on stable branch)

* filter.h: Remove const from WHAT. (From wk on stable branch)

* progress.c (handle_progress): Store a copy of NAME. (progress_filter):
Release WHAT, make sure not to print a NULL WHAT. (From wk on stable

* openfile.c (open_sigfile): Adjust free for new progress semantics. (From
wk on stable branch)

* plaintext.c (ask_for_detached_datafile): Don't dealloc pfx->WHAT. (From
wk on stable branch)

* seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when the cipher
algo is IDEA to make it easier to track down the problem. (From twoaday on
stable branch)

16 years ago* Make use of AM_CFLAGS. (From wk on stable branch)
David Shaw [Mon, 26 May 2003 13:15:24 +0000 (13:15 +0000)]
* Make use of AM_CFLAGS. (From wk on stable branch)

16 years ago* Added a couple of missing source files. Noted by Pascal
David Shaw [Mon, 26 May 2003 13:13:11 +0000 (13:13 +0000)]
* Added a couple of missing source files.  Noted by Pascal
Hartig and Walter Koch. (From wk on stable branch)

16 years ago* armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
David Shaw [Sat, 24 May 2003 21:50:33 +0000 (21:50 +0000)]
* armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c,
signal.c, textfilter.c: Edit all preprocessor instructions to remove
whitespace before the '#'. This is not required by C89, but there are some
compilers out there that don't like it.

16 years ago* bftest.c, crlf.c, mk-tdata.c, mpicalc.c, shmtest.c: Edit all
David Shaw [Sat, 24 May 2003 18:38:35 +0000 (18:38 +0000)]
* bftest.c, crlf.c, mk-tdata.c, mpicalc.c, shmtest.c: Edit all
preprocessor instructions to remove whitespace before the '#'. This is not
required by C89, but there are some compilers out there that don't like

16 years ago* bithelp.h, des.c, random.c, rndlinux.c, sha1.c, blowfish.c, elgamal.c,
David Shaw [Sat, 24 May 2003 18:31:33 +0000 (18:31 +0000)]
* bithelp.h, des.c, random.c, rndlinux.c, sha1.c, blowfish.c, elgamal.c,
rijndael.c, rndunix.c, sha256.c, cast5.c, idea-stub.c, rmd160.c, rndw32.c,
sha512.c, md5.c, rmd160test.c, rsa.c, tiger.c: Edit all preprocessor
instructions to remove whitespace before the '#'.  This is not required by
C89, but there are some compilers out there that don't like it.

16 years ago* mpicoder.c, mpi-inline.h, mpi-inv.c, mpiutil.c, mpih-div.c,
David Shaw [Sat, 24 May 2003 17:54:56 +0000 (17:54 +0000)]
* mpicoder.c, mpi-inline.h, mpi-inv.c, mpiutil.c, mpih-div.c,
mpi-internal.h, mpi-scan.c: Edit all preprocessor instructions to remove
whitespace before the '#'.  This is not required by C89, but there are
some compilers out there that don't like it.

16 years ago* argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c,
David Shaw [Sat, 24 May 2003 16:53:14 +0000 (16:53 +0000)]
* argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c,
simple-gettext.c, errors.c, http.c, memory.c, secmem.c, ttyio.c: Edit all
preprocessor instructions to remove whitespace before the '#'.  This is
not required by C89, but there are some compilers out there that don't
like it.

16 years ago* cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: Edit all
David Shaw [Sat, 24 May 2003 16:40:46 +0000 (16:40 +0000)]
* cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: Edit all
preprocessor instructions to remove whitespace before the '#'.  This is
not required by C89, but there are some compilers out there that don't
like it.

16 years ago* Edit preprocessor instructions in g10defs.h to remove
David Shaw [Sat, 24 May 2003 14:50:02 +0000 (14:50 +0000)]
* Edit preprocessor instructions in g10defs.h to remove
whitespace before the '#'.  This is not required by C89, but there are
some compilers out there that don't like it.

16 years ago* gpg.sgml: Document --trustdb-name. Document --gnupg in a new compliance
David Shaw [Sat, 24 May 2003 14:38:58 +0000 (14:38 +0000)]
* gpg.sgml: Document --trustdb-name.  Document --gnupg in a new compliance
section, and remove the various --no-PGPX options. Deprecate --no-comment
in favor of --no-sk-comments.

16 years ago* trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename
David Shaw [Wed, 21 May 2003 16:42:22 +0000 (16:42 +0000)]
* trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename
is_disabled to cache_disabled_value, which now takes a pk and not just the
keyid. This is for speed since there is no need to re-fetch a key when we
already have that key handy.  Cache the result of the check so we don't
need to hit the trustdb more than once.

* getkey.c (skip_disabled): New function to get a pk and call is_disabled
on it. (key_byname): Use it here.

* packet.h, getkey.c (skip_disabled), keylist.c (print_capabilities): New
"pk_is_disabled" macro to retrieve the cached disabled value if available,
and fill it in via cache_disabled_value if not available.

* trustdb.c (get_validity): Cache the disabled value since we have it
handy and it might be useful later.

* parse-packet.c (parse_key): Clear disabled flag when parsing a new key.
Just in case someone forgets to clear the whole key.

* getkey.c (merge_selfsigs_main): Add an "if all else fails" path for
setting a single user ID primary when there are multiple set primaries all
at the same second, or no primaries set and the most recent user IDs are
at the same second, or no signed user IDs at all. This is arbitrary, but

* exec.h, photoid.h: Add copyright message.

* keylist.c (list_keyblock_print): Don't dump attribs for
revoked/expired/etc uids for non-colon key listings.  This is for
consistency with --show-photos.

* main.h, keylist.c (dump_attribs), mainproc.c (check_sig_and_print): Dump
attribs if --attrib-fd is set when verifying signatures.

* g10.c (main): New --gnupg option to disable the various --openpgp,
--pgpX, etc. options.  This is the same as --no-XXXX for those options.

* revoke.c (ask_revocation_reason): Clear old reason if user elects to
repeat question.  This is bug 153.

* keyedit.c (sign_uids): Show keyid of the key making the signature.

16 years ago* fileutil.c (is_file_compressed): Fixed checking for "-" filename.
Werner Koch [Wed, 21 May 2003 08:49:03 +0000 (08:49 +0000)]
* fileutil.c (is_file_compressed): Fixed checking for "-" filename.

16 years ago* progress.c (handle_progress)
Werner Koch [Wed, 21 May 2003 08:48:26 +0000 (08:48 +0000)]
* progress.c (handle_progress)
* sign.c (write_plaintext_packet)
* encode.c (encode_simple,encode_crypt): Make sure that a filename
of "-" is considered to be stdin so that iobuf_get_filelength
won't get called.  This fixes bug 156 reported by Gregery Barton.

16 years ago* cipher.c (setup_cipher_table): #ifdef IDEA.
David Shaw [Thu, 15 May 2003 05:29:05 +0000 (05:29 +0000)]
* cipher.c (setup_cipher_table): #ifdef IDEA.

* random.c (fast_random_poll): Only use times() if we HAVE_TIMES.

* sha512.c, tiger.c: Use the U64_C() macro to specify 64-bit constants.
U64_C is defined in include/types.h and uses the correct suffix depending
on the underlying type of u64.

* idea-stub.c (load_module): Catch an error if the idea module file is
unloadable for some reason (unreadable, bad permissions, etc.)

* md.c (string_to_digest_algo): Give a warning about TIGER192 not being
part of OpenPGP.

16 years ago* types.h: Add initializer macros for 64-bit unsigned type.
David Shaw [Wed, 14 May 2003 04:32:32 +0000 (04:32 +0000)]
* types.h: Add initializer macros for 64-bit unsigned type.

16 years ago* Remove some stuff no longer needed with newer autoconf.
David Shaw [Sun, 11 May 2003 22:00:31 +0000 (22:00 +0000)]
* Remove some stuff no longer needed with newer autoconf.
Use AC_GNU_SOURCE instead of defining _GNU_SOURCE manually.  Add check for
strchr() for gettext.  Add "ngettext" check for gettext, since that check
supposedly implies a check for bind_textdomain_codeset.  Add check for
times() for random.c.  Fix URL for EGD.  Make --enable-old-tiger match the
stable branch as a separate item.

* NEWS: "OpenPGP" trust model is now "PGP".  Add note about TIGER being
dropped from OpenPGP.  Note trust bug fix.

* README: Fix all URLs to point to the right place in the reorganized web pages.  Some minor language fixes.

16 years ago* gpg.sgml: Some general language tweaks. Note default algo for
David Shaw [Sun, 4 May 2003 17:05:04 +0000 (17:05 +0000)]
* gpg.sgml: Some general language tweaks.  Note default algo for
--symmetric.  --export-ownertrust takes no args.  Document
--no-escape-from-lines.  Fix escaped "<From" to be ">From".  Make
"openpgp" trust model into "pgp".

16 years ago* packet.h, build-packet.c (build_sig_subpkt), export.c
David Shaw [Sat, 3 May 2003 04:07:45 +0000 (04:07 +0000)]
* packet.h, build-packet.c (build_sig_subpkt), export.c
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket.  This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.

* options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex.  This is step one in simplifying them. No
functional change yet, just use a macro to check for compliance level.

* sign.c (sign_file): Fix bug that causes spurious compression preference

* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.

* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file,
clearsign_file), encode.c (encode_crypt, write_pubkey_enc_from_list): New
functions to put the "this message may not be usable...." warning in one

* options.h, g10.c (main): Part two of the simplification.  Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)

* g10.c (main): Show errors for failure in export, send-keys, recv-keys,
and refresh-keys.

* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.

* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp

* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of

16 years ago* cipher.h: Add constants for compression algorithms.
David Shaw [Sat, 3 May 2003 03:21:29 +0000 (03:21 +0000)]
* cipher.h: Add constants for compression algorithms.

16 years ago* tdbio.c (create_version_record): Only create new trustdbs with
David Shaw [Thu, 1 May 2003 21:37:08 +0000 (21:37 +0000)]
* tdbio.c (create_version_record): Only create new trustdbs with

* trustdb.h, trustdb.c (trust_string, get_ownertrust_string,
get_validity_string, ask_ownertrust, validate_keys), pkclist.c
(do_edit_ownertrust): Rename trust_string to trust_value_to_string for
naming consistency.

* trustdb.h, trustdb.c (string_to_trust_value): New function to translate
a string to a trust value.

* g10.c (main): Use string_to_trust_value here for --force-ownertrust.

* options.h, g10.c (main), trustdb.c (trust_model_string, init_trustdb,
check_trustdb, update_trustdb, get_validity, validate_one_keyblock): An
"OpenPGP" trust model is misleading since there is no official OpenPGP
trust model.  Use "PGP" instead.

16 years ago* build-packet.c (build_sig_subpkt): Comments.
David Shaw [Wed, 30 Apr 2003 05:33:52 +0000 (05:33 +0000)]
* build-packet.c (build_sig_subpkt): Comments.

* exec.c (exec_write): Cast NULL to void* to properly terminate varargs

* keyedit.c (show_key_with_all_names): Just for safety, catch an invalid
pk algorithm.

* sign.c (make_keysig_packet): Crucial that the call to mksubpkt comes
LAST before the calls to finalize the sig as that makes it possible for
the mksubpkt function to get a reliable pointer to the subpacket area.

* pkclist.c (do_we_trust_pre): If an untrusted key was chosen by a
particular user ID, use that ID as the one to ask about when prompting
whether to use the key anyway. (build_pk_list): Similar change here when
adding keys to the recipient list.

* trustdb.c (update_validity): Fix bug that prevented more than one
validity record per trust record. (get_validity): When retrieving validity
for a (user) supplied user ID, return the validity for that user ID only,
and do not fall back to the general key validity. (validate_one_keyblock):
Some commentary on whether non-self-signed user IDs belong in the web of
trust (arguably, they do).

16 years ago* gettextP.h: Add comment for HP/UX users. Local fix for GnuPG.
David Shaw [Wed, 30 Apr 2003 03:49:23 +0000 (03:49 +0000)]
* gettextP.h: Add comment for HP/UX users.  Local fix for GnuPG.

16 years ago* scdaemon.c: New options --print-atr and --reader-port
Werner Koch [Tue, 29 Apr 2003 19:08:35 +0000 (19:08 +0000)]
* scdaemon.c: New options --print-atr and --reader-port
* apdu.c, apdu.h: New

* card.c, card-p15.c, card-dinsig.c: Allow build without OpenSC.

16 years ago* Use libassuan. Don't override LDFLAGS anymore.
Werner Koch [Tue, 29 Apr 2003 10:42:42 +0000 (10:42 +0000)]
* Use libassuan.  Don't override LDFLAGS anymore.
* server.c (register_commands): Adjust for new Assuan semantics.

16 years ago* (LDFLAGS): Removed.
Werner Koch [Tue, 29 Apr 2003 10:42:05 +0000 (10:42 +0000)]
* (LDFLAGS): Removed.

* command.c (register_commands): Adjusted for new Assuan semantics.

16 years ago* util.h (fopencokokie): Removed prototype and struct.
Werner Koch [Tue, 29 Apr 2003 10:39:22 +0000 (10:39 +0000)]
* util.h (fopencokokie): Removed prototype and struct.

* maperror.c: Use system assuan.h

16 years ago* command.c (register_commands): Adjusted for new Assuan semantics.
Werner Koch [Tue, 29 Apr 2003 10:38:49 +0000 (10:38 +0000)]
* command.c (register_commands): Adjusted for new Assuan semantics.

* Don't override LDFLAGS.

16 years agoRemoved assuan because we now use libassuan
Werner Koch [Tue, 29 Apr 2003 09:11:49 +0000 (09:11 +0000)]
Removed assuan because we now use libassuan

16 years ago* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig class, and a
David Shaw [Sun, 27 Apr 2003 20:37:26 +0000 (20:37 +0000)]
* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig class, and a
reserved field for flags in a future version.

* gpg.sgml: Document --no-textmode and --no-use-agent.  Clarify the
interoperability section.  Clarify that "hkp corruption"
(repair-hkp-subkey-bug) is really "pks corruption"

16 years ago* BUGS: Fix bug reporting URL.
David Shaw [Sun, 27 Apr 2003 20:30:38 +0000 (20:30 +0000)]
* BUGS: Fix bug reporting URL.

* NEWS: Add sig version, pk algo, hash algo, and sig class to VALIDSIG.
Add notes about SRV, the "subkeyid!" syntax, configure options to disable
various algorithms, and the ability to change the keyserver no-modify

16 years ago* g10.c (main): Add --no-textmode.
David Shaw [Sun, 27 Apr 2003 20:22:09 +0000 (20:22 +0000)]
* g10.c (main): Add --no-textmode.

* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), sign.c (mk_notation_and_policy), trustdb.c (get_validity,
reset_trust_records, validate_keys): Make some strings translatable.

* mainproc.c (check_sig_and_print): Show digest algorithm and sig class
when verifying a sig with --verbose on, and add version, pk and hash
algorithms and sig class to VALIDSIG.

* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since we don't need to warn every time we see an unknown
critical (we only need to invalidate the signature).

* trustdb.c (init_trustdb): Check the trustdb options even with TM_AUTO
since the auto may become TM_CLASSIC or TM_OPENPGP.

16 years ago* sign.c (do_sign): Show the hash used when making a signature in verbose
David Shaw [Sat, 26 Apr 2003 20:38:16 +0000 (20:38 +0000)]
* sign.c (do_sign): Show the hash used when making a signature in verbose

* tdbio.h, tdbio.c (tdbio_read_model): New function to return the trust
model used in a given trustdb.

* options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb,
update_trustdb): Use tdbio_read_model to implement an "auto" trust model
which is set via the trustdb.

16 years ago* config.links: Re-disable assembler on Darwin. Darwin 6.5 broke it
David Shaw [Fri, 25 Apr 2003 04:12:57 +0000 (04:12 +0000)]
* config.links: Re-disable assembler on Darwin.  Darwin 6.5 broke it

16 years ago* Big warning that TIGER/192 is being removed from the
David Shaw [Wed, 23 Apr 2003 22:57:49 +0000 (22:57 +0000)]
* Big warning that TIGER/192 is being removed from the
standard, and make it disabled by default.

* README: Put back proper copyright line.  Remove mention of TIGER/192.

16 years ago* import.c (import_revoke_cert): Remove ultimate trust when revoking an
David Shaw [Wed, 23 Apr 2003 21:18:39 +0000 (21:18 +0000)]
* import.c (import_revoke_cert): Remove ultimate trust when revoking an
ultimately trusted key.

* keyedit.c (sign_uids): Allow replacing expired signatures. Allow
duplicate signatures with --expert.

* pkclist.c (check_signatures_trust): Don't display a null fingerprint
when checking a signature with --always-trust enabled.

* filter.h (progress_filter_context_t), progress.c (handle_progress),
plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler
warnings.  Make "what" constant.

* build-packet.c (do_plaintext): Do not create invalid literal packets
with >255-byte names.

16 years ago*, Rename to options since it no longer
David Shaw [Wed, 23 Apr 2003 20:08:38 +0000 (20:08 +0000)]
*, Rename to options since it no longer
needs to be a generated file.

* sigs.test: TODO note to add the new SHAs when we start generating them.

* mds.test: Test the new SHAs.

16 years ago* (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
Werner Koch [Tue, 15 Apr 2003 15:46:13 +0000 (15:46 +0000)]
* (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.

* g10.c, options.h: New option --enable-progress-filter.
* progress.c (handle_progress): Make use of it.

16 years ago* gpg.sgml: Document --enable-progress-filter.
Werner Koch [Tue, 15 Apr 2003 15:44:30 +0000 (15:44 +0000)]
* gpg.sgml: Document --enable-progress-filter.

16 years ago* (HAVE_DOSISH_SYSTEM): New automake conditional.
Werner Koch [Tue, 15 Apr 2003 15:27:39 +0000 (15:27 +0000)]
* (HAVE_DOSISH_SYSTEM): New automake conditional.

16 years ago* longlong.h (umul_ppmm): Support SH3 and SH4. Thanks to
Werner Koch [Tue, 15 Apr 2003 12:44:27 +0000 (12:44 +0000)]
* longlong.h (umul_ppmm): Support SH3 and SH4.  Thanks to

16 years ago* md.c (md_start_debug): Need to open the file in binary mode.
Werner Koch [Tue, 15 Apr 2003 12:20:31 +0000 (12:20 +0000)]
* md.c (md_start_debug): Need to open the file in binary mode.

16 years ago* acinclude.m4 (GNUPG_CHECK_ENDIAN): Fix quoting of r.e. using
Werner Koch [Tue, 15 Apr 2003 12:19:58 +0000 (12:19 +0000)]
* acinclude.m4 (GNUPG_CHECK_ENDIAN): Fix quoting of r.e. using

16 years ago* srv.c (main): Test against
David Shaw [Sun, 13 Apr 2003 20:06:09 +0000 (20:06 +0000)]
* srv.c (main): Test against

* srv.h: Grr. The RH7.3 Linux man page defines the fourth arg of dn_expand
as unsigned char*, but it is really char* according to resolv.h.

16 years ago* passphrase.c (read_passphrase_from_fd): Do a dummy read if the
Werner Koch [Thu, 10 Apr 2003 09:56:47 +0000 (09:56 +0000)]
* passphrase.c (read_passphrase_from_fd): Do a dummy read if the
agent is to be used.  Noted by Ingo Kl�cker.
(agent_get_passphrase): Inhibit caching when we have no
fingerprint.  This is required for key generation as well as for
symmetric only encryption.

* passphrase .c (agent_get_passphrase): New arg CANCELED.
(passphrase_to_dek): Ditto.  Passed to above.  Changed all
callers to pass NULL.
* seckey-cert.c (do_check): New arg CANCELED.
(check_secret_key): Terminate loop when canceled.

* keyedit.c (change_passphrase): Pass ERRTEXT untranslated to
passphrase_to_dek and translate where appropriate.
* seckey-cert.c (check_secret_key): Ditto.
* keygen.c (ask_passphrase): Ditto.
* passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT.
Switch the codeset to utf-8.

16 years ago* main.h, g10.c (main), import.c (parse_import_options,
David Shaw [Wed, 9 Apr 2003 01:57:46 +0000 (01:57 +0000)]
* main.h, g10.c (main), import.c (parse_import_options,
fix_pks_corruption): It's really PKS corruption, not HKP corruption.
Keep the old repair-hkp-subkey-bug command as an alias.

* g10.c (main): Rename --no-version to --no-emit-version for consistency.
Keep --no-version as an alias.

16 years ago* gpgkeys_hkp.c (dehtmlize, parse_hkp_index): Fix memory corruption bug on
David Shaw [Wed, 9 Apr 2003 01:36:16 +0000 (01:36 +0000)]
* gpgkeys_hkp.c (dehtmlize, parse_hkp_index): Fix memory corruption bug on
some platforms.

16 years ago* Add options to build for coldfire and uClinux.
Werner Koch [Tue, 8 Apr 2003 09:20:09 +0000 (09:20 +0000)]
* Add options to build for coldfire and uClinux.

16 years ago* (EXTRA_DIST): Add wrapper.
Werner Koch [Tue, 8 Apr 2003 09:19:41 +0000 (09:19 +0000)]
* (EXTRA_DIST): Add wrapper.

16 years agoAdd primary key fingerprint to VALIDSIG status.
Werner Koch [Tue, 8 Apr 2003 08:42:47 +0000 (08:42 +0000)]
Add primary key fingerprint to VALIDSIG status.

16 years ago* DETAILS: Don't specify which hash is used to make up the namehash since
David Shaw [Mon, 7 Apr 2003 22:23:42 +0000 (22:23 +0000)]
* DETAILS: Don't specify which hash is used to make up the namehash since
it may change in the future.

* samplekeys.asc: Updated.

* gpg.sgml: Document "revuid".  Clarify that --openpgp resets --pgpX.
Some cleanup of --no-xxx options, make sure that all SGML tags are closed,
clarify --pgp8 allows SHA-256, and document --no-emit-version.

* Allow CVS version to build without

16 years ago* dcigettext.c (plural_lookup): Name conflict on some platforms with
David Shaw [Mon, 7 Apr 2003 22:04:25 +0000 (22:04 +0000)]
* dcigettext.c (plural_lookup): Name conflict on some platforms with
"index".  Local fix for GnuPG.

16 years ago* Use much more accurate method to determine whether
David Shaw [Mon, 7 Apr 2003 21:52:38 +0000 (21:52 +0000)]
* Use much more accurate method to determine whether
DNS SRV is usable.

* README: Document the various --disable-xxx switches, and add a note
about existing keys that may use one of the missing ciphers as a
preference.  Update copyright date.

* NEWS: Add note about SHA-256/384/512.

* acinclude.m4: Fix URL to

16 years ago* pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.
David Shaw [Fri, 4 Apr 2003 22:48:24 +0000 (22:48 +0000)]
* pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.

* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove unused

16 years ago* keydb.h: Err on the side of making an unknown signature a SIG rather
David Shaw [Mon, 24 Mar 2003 20:05:53 +0000 (20:05 +0000)]
* keydb.h: Err on the side of making an unknown signature a SIG rather
than a CERT.

* import.c (delete_inv_parts): Discard any key signatures that aren't key
types (i.e. 0x00, 0x01, etc.)

* g10.c (main): Add deprecated option warning for --list-ownertrust.  Add
--compression-algo alias for --compress-algo.  Change --version output
strings to match "showpref" strings, and make translatable.

* status.c (do_get_from_fd): Accept 'y' as well as 'Y' for --command-fd
boolean input.

* trustdb.c: Fix typo (DISABLE_REGEXP -> DISABLE_REGEX)

* keyedit.c (show_key_with_all_names_colon): Show no-ks-modify flag.

16 years ago* acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume
Werner Koch [Mon, 24 Mar 2003 16:18:30 +0000 (16:18 +0000)]
* acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume
little only for Intel CPUs.

* Check for ranlib and ar.  This is required for
cross compiling.

16 years ago* argparse.c (default_strusage): Change copyright date.
David Shaw [Sun, 23 Mar 2003 16:24:49 +0000 (16:24 +0000)]
* argparse.c (default_strusage): Change copyright date.

16 years ago* srv.h, srv.c (getsrv): Use unsigned char rather than char. Noted by
David Shaw [Sat, 15 Mar 2003 02:28:02 +0000 (02:28 +0000)]
* srv.h, srv.c (getsrv): Use unsigned char rather than char. Noted by
Stefan Bellon.

16 years ago* options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv"
David Shaw [Tue, 11 Mar 2003 22:12:20 +0000 (22:12 +0000)]
* options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv"
keyserver option.  Defaults to on.

* passphrase.c (agent_get_passphrase): Fix memory leak with symmetric
messages.  Fix segfault with symmetric messages.  Fix incorrect prompt
with symmetric messages.

16 years ago* http.c (connect_server): Use DNS SRV to get a server list. Fail over to
David Shaw [Tue, 11 Mar 2003 22:04:53 +0000 (22:04 +0000)]
* http.c (connect_server): Use DNS SRV to get a server list.  Fail over to
A records if necessary.

*, srv.h, srv.c: New DNS SRV handling code.

16 years ago* Use @CAPLIBS@ to link in -lcap if we are using
David Shaw [Tue, 11 Mar 2003 19:23:23 +0000 (19:23 +0000)]
* Use @CAPLIBS@ to link in -lcap if we are using

16 years ago* gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in the
David Shaw [Tue, 11 Mar 2003 17:42:07 +0000 (17:42 +0000)]
* gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in the
armored key. (main): Accept "try-dns-srv" option.

* Use @CAPLIBS@ to link in -lcap if we are using
capabilities.  Use @SRVLIBS@ to link in the resolver if we are using DNS

16 years ago* http.h: Add HTTP_FLAG_TRY_SRV.
David Shaw [Tue, 11 Mar 2003 17:32:59 +0000 (17:32 +0000)]
* http.h: Add HTTP_FLAG_TRY_SRV.

16 years ago* Look for res_query so we can use DNS SRV, and add
David Shaw [Tue, 11 Mar 2003 17:29:49 +0000 (17:29 +0000)]
* Look for res_query so we can use DNS SRV, and add
--disable-dns-srv to disable it.

16 years ago* compress.c (init_uncompress): Use a 15 bit window size so that
Werner Koch [Mon, 10 Mar 2003 09:59:33 +0000 (09:59 +0000)]
* compress.c (init_uncompress): Use a 15 bit window size so that
the output of implementations which don't run for PGP 2
compatibility won't get garbled.

16 years ago* Define @CAPLIBS@ to link in -lcap if we are using
David Shaw [Tue, 4 Mar 2003 16:12:53 +0000 (16:12 +0000)]
* Define @CAPLIBS@ to link in -lcap if we are using

16 years ago* trustdb.c (validate_keys): Mask the ownertrust when building the list of
David Shaw [Tue, 4 Mar 2003 15:24:12 +0000 (15:24 +0000)]
* trustdb.c (validate_keys): Mask the ownertrust when building the list of
fully valid keys so that disabled keys are still counted in the web of
trust. (get_ownertrust_with_min): Do the same for the minimum ownertrust

* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations.  Fix cosmetic off-by-one length counter.

* options.skel: Add explantion and commented-out

* mainproc.c (proc_encrypted): Make string translatable.

* keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit characters
in the uid strings sent to the keyserver helper.

* keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the
signature caches to prevent another gpg from tampering with the temporary

* keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in default

* keyedit.c (show_prefs): Make strings translatable.

* keydb.c: Double the maximum number of keyrings to 40.

* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.

* g10.c (main): --openpgp disables --pgpX.  Double the amount of secure
memory to 32k (keys are getting bigger these days).

* Use @CAPLIBS@ to link in -lcap if we are using

16 years ago* keyserver.c (keyserver_spawn): Include various pieces of information
David Shaw [Wed, 26 Feb 2003 17:11:24 +0000 (17:11 +0000)]
* keyserver.c (keyserver_spawn): Include various pieces of information
about the key in the data sent to the keyserver helper.  This allows the
helper to use it in instructing a remote server which may not have any
actual OpenPGP smarts in parsing keys.

* main.h, export.c (export_pubkeys_stream, do_export_stream): Add ability
to return only the first match in an exported keyblock for keyserver
usage.  This should be replaced at some point with a more flexible
solution where each key can be armored seperately.

16 years ago* distfiles, convert-from-106 is in the tools directory
David Shaw [Sun, 23 Feb 2003 05:14:57 +0000 (05:14 +0000)]
* distfiles, convert-from-106 is in the tools directory

16 years ago* Distribute convert-from-106.
David Shaw [Sun, 23 Feb 2003 05:12:28 +0000 (05:12 +0000)]
* Distribute convert-from-106.

16 years ago* convert-from-106: Script to automate the 1.0.6->later conversion. It
David Shaw [Sun, 23 Feb 2003 05:09:52 +0000 (05:09 +0000)]
* convert-from-106: Script to automate the 1.0.6->later conversion.  It
marks all secret keys as ultimately trusted, adds the signature caches,
and checks the trustdb.  Moved from the scripts directory.

16 years ago* convert-from-106: Move to the tools directory.
David Shaw [Sun, 23 Feb 2003 05:08:26 +0000 (05:08 +0000)]
* convert-from-106: Move to the tools directory.

16 years ago* sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF
David Shaw [Sat, 22 Feb 2003 23:58:39 +0000 (23:58 +0000)]
* sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF
(segfault).  Noted by Marcus Brinkmann.  Push and reinitialize textmode
filter for each file in a multiple file list.

* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Set and show
the keyserver no-modify flag.

* keygen.c (add_keyserver_modify): New. (keygen_upd_std_prefs): Call it
here. (keygen_set_std_prefs): Accept "ks-modify" and "no-ks-modify" as
prefs to set and unset keyserver modify flag.

16 years ago* ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 to
David Shaw [Sat, 22 Feb 2003 23:45:28 +0000 (23:45 +0000)]
* ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 to
indicate a string with no maximum size.  This prevents early truncation of
strings that contain control chars which are expanded into \xXX form.

16 years ago* Add --disable-idea for IDEA. Note that disabling IDEA
David Shaw [Sat, 22 Feb 2003 13:29:20 +0000 (13:29 +0000)]
* Add --disable-idea for IDEA.  Note that disabling IDEA
disables both the real IDEA and the possibility of using the IDEA loadable
module.  Remove the --disable-dynload option since it is no longer
meaningful (it is only used if idea-stub is used).

16 years ago* g10.c (main): Accept "s1" in addition to "idea" to match the other
David Shaw [Sat, 22 Feb 2003 13:00:18 +0000 (13:00 +0000)]
* g10.c (main): Accept "s1" in addition to "idea" to match the other

* main.h, misc.c (idea_cipher_warn): We don't need this if IDEA has been

16 years ago* Add --disable-xxx options for CAST5, BLOWFISH, AES (all),
David Shaw [Fri, 21 Feb 2003 22:22:57 +0000 (22:22 +0000)]
* Add --disable-xxx options for CAST5, BLOWFISH, AES (all),
TWOFISH, TIGER192, SHA256, and SHA384/512.  Add a --enable-minimal that
disables all of them as well as --disable-exec.

16 years ago* keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in default prefs
David Shaw [Fri, 21 Feb 2003 22:16:43 +0000 (22:16 +0000)]
* keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in default prefs
if they are disabled.

16 years ago* cipher.c (setup_cipher_table): #ifdef all optional ciphers.
David Shaw [Fri, 21 Feb 2003 20:49:58 +0000 (20:49 +0000)]
* cipher.c (setup_cipher_table): #ifdef all optional ciphers.

* md.c (load_digest_module): #ifdef all optional digests.

16 years ago* g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5 support.
David Shaw [Fri, 21 Feb 2003 20:43:17 +0000 (20:43 +0000)]
* g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5 support.
Use 3DES for the s2k cipher in --openpgp mode. (print_mds): #ifdef all of
the optional digest algorithms.