gnupg.git
12 years ago* gpg.sgml: Note that --pgp8 does not include SHA224. Clarify that
David Shaw [Thu, 22 Jun 2006 19:13:18 +0000 (19:13 +0000)]
* gpg.sgml: Note that --pgp8 does not include SHA224.  Clarify that
clearsigned messages are not reversible.

12 years agoPreparing a new release gnupg-1.9.21
Werner Koch [Tue, 20 Jun 2006 18:52:43 +0000 (18:52 +0000)]
Preparing a new release

12 years agoMade make distcheck work again
Werner Koch [Tue, 20 Jun 2006 17:47:10 +0000 (17:47 +0000)]
Made make distcheck work again

12 years agoUpdated FSF's address.
Werner Koch [Tue, 20 Jun 2006 17:21:37 +0000 (17:21 +0000)]
Updated FSF's address.

12 years agoAdd MAC t P12 files.
Werner Koch [Tue, 20 Jun 2006 15:48:09 +0000 (15:48 +0000)]
Add MAC t P12 files.

12 years agoAdded missing files
Werner Koch [Fri, 16 Jun 2006 11:49:27 +0000 (11:49 +0000)]
Added missing files

12 years ago* import.c (import_one): Add a flag (from_sk) so we don't check prefs
David Shaw [Mon, 12 Jun 2006 12:05:34 +0000 (12:05 +0000)]
* import.c (import_one): Add a flag (from_sk) so we don't check prefs
on an autoconverted public key.  The check should only happen on the
sk size.  Noted by Dirk Traulsen.

12 years ago* keygen.c (gen_card_key): Add optional argument to return a pointer
David Shaw [Sat, 10 Jun 2006 04:11:05 +0000 (04:11 +0000)]
* keygen.c (gen_card_key): Add optional argument to return a pointer
(not a copy) of the stub secret key for the secret key we just
generated on the card.  (generate_card_subkeypair): Use it here so
that the signing key on the card can use the card to generate the 0x19
backsig on the primary key.  Noted by Janko Heilgeist and Jonas Oberg.

12 years ago* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
David Shaw [Fri, 9 Jun 2006 19:45:19 +0000 (19:45 +0000)]
* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
This prevents a memory allocation attack with a very large user ID.  A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number.  Noted by Evgeny Legerov on full-disclosure.

12 years ago2006-06-09 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Fri, 9 Jun 2006 11:32:22 +0000 (11:32 +0000)]
2006-06-09  Marcus Brinkmann  <marcus@g10code.de>

* Makefile.am (gpgconf_LDADD): Add $(GPG_ERROR_LIBS).
(gpgkey2ssh_LDADD): Add ../jnlib/libjnlib.a.

12 years ago2006-06-09 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Fri, 9 Jun 2006 10:28:26 +0000 (10:28 +0000)]
2006-06-09  Marcus Brinkmann  <marcus@g10code.de>

* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).
(gpg_protect_tool_LDADD): Likewise.
(gpg_preset_passphrase_LDADD): Likewise.

12 years agoagent/
Marcus Brinkmann [Fri, 9 Jun 2006 10:23:30 +0000 (10:23 +0000)]
agent/
2006-06-09  Marcus Brinkmann  <marcus@g10code.de>

* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).

scd/
2006-06-09  Marcus Brinkmann  <marcus@g10code.de>

* Makefile.am (scdaemon_LDADD): Add $(NETLIBS).

12 years ago2006-06-08 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Thu, 8 Jun 2006 12:17:38 +0000 (12:17 +0000)]
2006-06-08  Marcus Brinkmann  <marcus@g10code.de>

* asschk.c (__func__) [__STDC_VERSION__ < 199901L && __GNUC__ >= 2]:
Define macro to __FUNCTION__.
(die): Use __func__ instead of __FUNCTION__.

12 years ago2006-06-08 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Thu, 8 Jun 2006 11:57:18 +0000 (11:57 +0000)]
2006-06-08  Marcus Brinkmann  <marcus@g10code.de>

* configure.ac (PTH_LIBS): Add --all to pth-config invocation.

12 years agoRevert last. It is still wrong.
David Shaw [Sat, 27 May 2006 02:07:05 +0000 (02:07 +0000)]
Revert last.  It is still wrong.

12 years ago* exec.c (make_tempdir) [_WIN32]: Modified to properly handle
David Shaw [Sat, 27 May 2006 01:38:54 +0000 (01:38 +0000)]
* exec.c (make_tempdir) [_WIN32]: Modified to properly handle
arbitrarily long temporary directory paths.

12 years ago* keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
David Shaw [Thu, 25 May 2006 19:39:03 +0000 (19:39 +0000)]
* keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
1024 when --enable-dsa2 is set).  The size of q is set automatically based
on the key size. (ask_keysize, generate_keypair): Ask for DSA size when
--enable-dsa2 is set.

12 years agoAdded backsig to my key
Werner Koch [Thu, 25 May 2006 13:55:34 +0000 (13:55 +0000)]
Added backsig to my key

12 years ago* exec.c (make_tempdir): Fix bug with a temporary directory on Win32
David Shaw [Thu, 25 May 2006 03:02:51 +0000 (03:02 +0000)]
* exec.c (make_tempdir): Fix bug with a temporary directory on Win32
that is over 256 bytes long.  Noted by Israel G. Lugo.

12 years agoStill making gpg2 work.
Werner Koch [Wed, 24 May 2006 11:12:28 +0000 (11:12 +0000)]
Still making gpg2 work.
At least the keyids are now correctly computed again.

13 years ago* mksamplekeys: Incorporate new package signature key and minimize keys
David Shaw [Tue, 23 May 2006 22:48:21 +0000 (22:48 +0000)]
* mksamplekeys: Incorporate new package signature key and minimize keys
when generating samplekeys.asc.

13 years ago* gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
David Shaw [Tue, 23 May 2006 22:04:09 +0000 (22:04 +0000)]
* gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
called with them closed.  This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds.  Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.

13 years agog10/ does build again.
Werner Koch [Tue, 23 May 2006 16:19:43 +0000 (16:19 +0000)]
g10/ does build again.

13 years ago* configure.ac: Add --disable-optimization. This is handy for debugging
David Shaw [Tue, 23 May 2006 15:32:57 +0000 (15:32 +0000)]
* configure.ac: Add --disable-optimization.  This is handy for debugging
so the compiler doesn't rearrange things and eliminate variables.

13 years ago* parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
David Shaw [Tue, 23 May 2006 03:58:53 +0000 (03:58 +0000)]
* parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
(build_sig_subpkt_from_sig), getkey.c (fixup_uidnode,
merge_selfsigs_main, merge_selfsigs_subkey), keygen.c
(keygen_add_key_expire): Fix meaning of key expiration and sig
expiration subpackets - zero means "never expire" according to 2440,
not "expire instantly".

13 years ago* import.c (import_one): Fix bug when importing a new key from a file.
David Shaw [Mon, 22 May 2006 21:38:13 +0000 (21:38 +0000)]
* import.c (import_one): Fix bug when importing a new key from a file.

13 years ago2006-05-22 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Mon, 22 May 2006 17:19:22 +0000 (17:19 +0000)]
2006-05-22  Marcus Brinkmann  <marcus@g10code.de>

* configure.ac: Remove check for noexecstack and invoke
CL_AS_NOEXECSTACK instead.

m4/
2006-05-22  Marcus Brinkmann  <marcus@g10code.de>

* noexecstack.m4: New file.

13 years ago* getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
David Shaw [Mon, 22 May 2006 16:53:09 +0000 (16:53 +0000)]
* getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
problem when auto-key-locate returns a list of keys, not all of which are
usable (revoked, expired, etc).  Noted by Simon Josefsson.

13 years ago2006-05-19 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Mon, 22 May 2006 14:35:04 +0000 (14:35 +0000)]
2006-05-19  Marcus Brinkmann  <marcus@g10code.de>

* keydb.c (keydb_insert_cert): Do not lock here, but only check if
it is locked.
(keydb_store_cert): Lock here.

* keydb.h (keydb_delete): Accept new argument UNLOCK.
* keydb.c (keydb_delete): Likewise.  Only unlock if this is set.
* delete.c (delete_one): Add new argument to invocation of
keydb_delete.

13 years agoUpdated keys
Werner Koch [Wed, 17 May 2006 08:42:12 +0000 (08:42 +0000)]
Updated keys

13 years agoForgot to save the actual fix
Werner Koch [Tue, 16 May 2006 11:08:47 +0000 (11:08 +0000)]
Forgot to save the actual fix

13 years agoFixed OSF5 warning suppression.
Werner Koch [Tue, 16 May 2006 11:06:28 +0000 (11:06 +0000)]
Fixed OSF5 warning suppression.

13 years agoAdded sample certificates.
Werner Koch [Tue, 16 May 2006 09:54:41 +0000 (09:54 +0000)]
Added sample certificates.

13 years ago* libcurl.m4: Fix mistaken AC_SUBST when curl is not found.
David Shaw [Wed, 10 May 2006 02:09:27 +0000 (02:09 +0000)]
* libcurl.m4: Fix mistaken AC_SUBST when curl is not found.

13 years agoRepackaged PKITS_data.tar.bz2
Werner Koch [Tue, 2 May 2006 08:19:59 +0000 (08:19 +0000)]
Repackaged PKITS_data.tar.bz2

13 years agoFix for sanitize string. Added SHA224
Werner Koch [Fri, 28 Apr 2006 14:32:13 +0000 (14:32 +0000)]
Fix for sanitize string.  Added SHA224

13 years agoMerged recent changes from 1.4
Werner Koch [Fri, 28 Apr 2006 14:31:29 +0000 (14:31 +0000)]
Merged recent changes from 1.4

13 years ago* NEWS: Note SHA-224 and DSA2.
David Shaw [Thu, 27 Apr 2006 16:20:13 +0000 (16:20 +0000)]
* NEWS: Note SHA-224 and DSA2.

* configure.ac: Remove --enable-old-keyserver-helpers.  Comment out
--enable-m-guard for now.

13 years ago(keyserver_import_cert): Show warning if there is a CERT fingerprint,
David Shaw [Thu, 27 Apr 2006 03:38:56 +0000 (03:38 +0000)]
(keyserver_import_cert): Show warning if there is a CERT fingerprint,
but no --keyserver set.

13 years ago* keyserver.c (path_makes_direct): New. (keyserver_spawn): Used here
David Shaw [Thu, 27 Apr 2006 03:14:17 +0000 (03:14 +0000)]
* keyserver.c (path_makes_direct): New.  (keyserver_spawn): Used here
to add "_uri" to certain gpgkeys_xxx helpers when the meaning is
different if a path is provided (i.e. ldap).

13 years ago* gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.
David Shaw [Wed, 26 Apr 2006 21:49:43 +0000 (21:49 +0000)]
* gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.

13 years ago* Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as
David Shaw [Wed, 26 Apr 2006 21:48:29 +0000 (21:48 +0000)]
* Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as
this is done via curl or fake-curl.

* ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor #include tweaks
as FAKE_CURL is no longer meaningful.

13 years ago* keyserver.c: Fix build problem with platforms that stick libcurl in
David Shaw [Sat, 22 Apr 2006 14:15:50 +0000 (14:15 +0000)]
* keyserver.c: Fix build problem with platforms that stick libcurl in
a place not in the regular include search path.

13 years agoStill merging 1.4.3 code back
Werner Koch [Fri, 21 Apr 2006 12:56:40 +0000 (12:56 +0000)]
Still merging 1.4.3 code back

13 years ago* make-dns-cert.c (main): Small exit code tweak from Peter Palfrader.
David Shaw [Thu, 20 Apr 2006 22:05:42 +0000 (22:05 +0000)]
* make-dns-cert.c (main): Small exit code tweak from Peter Palfrader.

13 years ago* options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
David Shaw [Thu, 20 Apr 2006 21:32:42 +0000 (21:32 +0000)]
* options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
to disable.

* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.

* sign.c (match_dsa_hash): New.  Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set.  q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.

13 years ago(generate): Tweak to allow keys larger than 1024 bits. Enforce that the q
David Shaw [Thu, 20 Apr 2006 21:11:56 +0000 (21:11 +0000)]
(generate): Tweak to allow keys larger than 1024 bits.  Enforce that the q
size doesn't end between byte boundaries.

13 years agoThe plumbing necessary to create DSA keys with variable sized q.
David Shaw [Thu, 20 Apr 2006 18:40:37 +0000 (18:40 +0000)]
The plumbing necessary to create DSA keys with variable sized q.
Not yet used (q==160).

13 years ago* gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
David Shaw [Thu, 20 Apr 2006 02:36:05 +0000 (02:36 +0000)]
* gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
SHA-224.

* sign.c (write_plaintext_packet), encode.c (encode_simple): Factor
common literal packet setup code from here, to...

* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the
literal packet filename field is UTF-8 encoded.

* options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded
and note when filenames are already UTF-8.

13 years ago* sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512.
David Shaw [Thu, 20 Apr 2006 02:12:34 +0000 (02:12 +0000)]
* sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512.

13 years agoAdd SHA-224 support
David Shaw [Thu, 20 Apr 2006 02:05:32 +0000 (02:05 +0000)]
Add SHA-224 support

13 years agoContinued with merging.
Werner Koch [Wed, 19 Apr 2006 13:24:36 +0000 (13:24 +0000)]
Continued with merging.
Still does not build.

13 years agoMerged with gpg 1.4.3 code.
Werner Koch [Wed, 19 Apr 2006 11:26:11 +0000 (11:26 +0000)]
Merged with gpg 1.4.3 code.
The gpg part does not yet build.

13 years ago* keyedit.c (menu_backsign): Give some more verbose errors when we
David Shaw [Wed, 19 Apr 2006 04:29:31 +0000 (04:29 +0000)]
* keyedit.c (menu_backsign): Give some more verbose errors when we
have no need to backsign.

13 years ago* gpg.sgml: Reminders that --cipher-algo, --digest-algo, and
David Shaw [Wed, 19 Apr 2006 03:56:23 +0000 (03:56 +0000)]
* gpg.sgml: Reminders that --cipher-algo, --digest-algo, and
--compress-algo should be avoided.

13 years ago* miscutil.c (make_printable_string): Fix bug where some control
David Shaw [Mon, 17 Apr 2006 20:54:15 +0000 (20:54 +0000)]
* miscutil.c (make_printable_string): Fix bug where some control
characters lose part of their ASCII representation.

13 years ago2006-04-14 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Fri, 14 Apr 2006 20:40:00 +0000 (20:40 +0000)]
2006-04-14  Marcus Brinkmann  <marcus@g10code.de>

* app.c (select_application): Cover up a slot mismatch error in
case it happens (it shouldn't happen).
(release_application): Use APP->slot.  Lock the reader.
(application_notify_card_removed): Lock the reader.

13 years agouse minimal posix sed
Werner Koch [Wed, 12 Apr 2006 10:36:23 +0000 (10:36 +0000)]
use minimal posix sed

13 years ago* memory.c (realloc): Revert m_guard fix and stick an #error in there to
David Shaw [Tue, 11 Apr 2006 19:45:44 +0000 (19:45 +0000)]
* memory.c (realloc): Revert m_guard fix and stick an #error in there to
inform people not to use it.

13 years ago* options.skel, photoid.c (get_default_photo_command): Find an image
David Shaw [Tue, 11 Apr 2006 19:20:08 +0000 (19:20 +0000)]
* options.skel, photoid.c (get_default_photo_command): Find an image
viewer at runtime.  Seems FC5 doesn't have xloadimage.

13 years agoAdded command APDU
Werner Koch [Tue, 11 Apr 2006 13:53:21 +0000 (13:53 +0000)]
Added command APDU

13 years ago.
Werner Koch [Tue, 11 Apr 2006 07:50:34 +0000 (07:50 +0000)]
.

13 years agoAdd new regression test
Werner Koch [Tue, 11 Apr 2006 07:49:25 +0000 (07:49 +0000)]
Add new regression test

13 years ago* gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote
David Shaw [Tue, 11 Apr 2006 03:25:25 +0000 (03:25 +0000)]
* gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote
directly into place rather than mallocing temporary buffers.

13 years ago* gpgkeys_ldap.c (get_name): Build strings with strcat rather than
David Shaw [Tue, 11 Apr 2006 03:13:46 +0000 (03:13 +0000)]
* gpgkeys_ldap.c (get_name): Build strings with strcat rather than
using sprintf which is harder to read and modify.

13 years ago* ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT
David Shaw [Tue, 11 Apr 2006 03:00:50 +0000 (03:00 +0000)]
* ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT
and KS_SEARCH_KEYID_LONG to search for a key ID.

* gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID
searches to pgpKeyID or pgpCertID.

13 years ago* gpg.sgml: Some typo fixes. This is Debian 361324.
David Shaw [Sun, 9 Apr 2006 23:22:24 +0000 (23:22 +0000)]
* gpg.sgml: Some typo fixes.  This is Debian 361324.

13 years ago2006-04-09 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Sun, 9 Apr 2006 11:31:37 +0000 (11:31 +0000)]
2006-04-09  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_request_process): Removed FIXME mentioning a
possible DoS attack.

13 years ago* getkey.c (parse_auto_key_locate): Fix dupe-removal code.
David Shaw [Sun, 9 Apr 2006 03:34:09 +0000 (03:34 +0000)]
* getkey.c (parse_auto_key_locate): Fix dupe-removal code.

* keyedit.c (menu_backsign): Allow backsigning even if the secret
subkey doesn't have a binding signature.

* armor.c (radix64_read): Don't report EOF when reading only a pad (=)
character.  The EOF actually starts after the pad.

* gpg.c (main): Make --export, --send-keys, --recv-keys,
--refresh-keys, and --fetch-keys follow their arguments from left to
right.  Suggested by Peter Palfrader.

13 years agoFixed segv
Werner Koch [Sat, 8 Apr 2006 01:23:23 +0000 (01:23 +0000)]
Fixed segv

13 years agoSee ChangeLog
Werner Koch [Sat, 8 Apr 2006 00:36:51 +0000 (00:36 +0000)]
See ChangeLog

13 years ago* memory.c (realloc): Fix compile problem with --enable-m-guard.
David Shaw [Thu, 6 Apr 2006 17:58:13 +0000 (17:58 +0000)]
* memory.c (realloc): Fix compile problem with --enable-m-guard.

13 years agoRenamed
Werner Koch [Wed, 5 Apr 2006 17:00:13 +0000 (17:00 +0000)]
Renamed

13 years ago* make-dns-cert.c: Some changes from Peter Palfrader to send errors to
David Shaw [Wed, 5 Apr 2006 14:25:40 +0000 (14:25 +0000)]
* make-dns-cert.c: Some changes from Peter Palfrader to send errors to
stderr and allow spaces in a fingerprint.  Also warn when a key is
over 16k (as that is the default max-cert-size) and fail when a key is
over 64k as that is the DNS limit in many places.

13 years ago* make-dns-cert.c: New program to generate properly formatted CERT records
David Shaw [Tue, 4 Apr 2006 22:19:13 +0000 (22:19 +0000)]
* make-dns-cert.c: New program to generate properly formatted CERT records
so people don't have to do it manually.

13 years agopost release updates
Werner Koch [Mon, 3 Apr 2006 11:16:19 +0000 (11:16 +0000)]
post release updates

13 years agoAbout to release 1.4.3 gnupg-1.4.3
Werner Koch [Mon, 3 Apr 2006 10:13:23 +0000 (10:13 +0000)]
About to release 1.4.3

13 years ago2006-04-01 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Sat, 1 Apr 2006 11:04:14 +0000 (11:04 +0000)]
2006-04-01  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20
instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL
byte - KEY_GRIP_RAW is a raw binary string anyway.

13 years ago* getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.
David Shaw [Sat, 1 Apr 2006 02:47:53 +0000 (02:47 +0000)]
* getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.
Fix strings to not start with a capital letter as per convention.

13 years agoUpdate copyright
David Shaw [Thu, 30 Mar 2006 23:55:45 +0000 (23:55 +0000)]
Update copyright

13 years ago* main.h, seskey.c (encode_md_value): Modify to allow a q size greater
David Shaw [Thu, 30 Mar 2006 19:20:59 +0000 (19:20 +0000)]
* main.h, seskey.c (encode_md_value): Modify to allow a q size greater
than 160 bits as per DSA2.  This will allow us to verify and issue DSA2
signatures for some backwards compatibility once we start generating DSA2
keys.
* sign.c (do_sign), sig-check.c (do_check): Change all callers.

* sign.c (do_sign): Enforce the 160-bit check for new signatures here
since encode_md_value can handle non-160-bit digests now. This will need
to come out once the standard for DSA2 is firmed up.

13 years ago* README: Some more notes about building fat binaries.
David Shaw [Thu, 30 Mar 2006 14:19:08 +0000 (14:19 +0000)]
* README: Some more notes about building fat binaries.

13 years ago* cert.c (main): Fix test program build warning on OSX.
David Shaw [Thu, 30 Mar 2006 14:13:35 +0000 (14:13 +0000)]
* cert.c (main): Fix test program build warning on OSX.

13 years ago* gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they use
David Shaw [Mon, 27 Mar 2006 19:06:46 +0000 (19:06 +0000)]
* gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they use
the regular old API that is compatible with other LDAP libraries.

13 years ago* README: Missing some instructions on building a fat binary.
David Shaw [Sat, 25 Mar 2006 03:05:30 +0000 (03:05 +0000)]
* README: Missing some instructions on building a fat binary.

13 years ago* getkey.c (parse_auto_key_locate): Silently strip out duplicates rather
David Shaw [Wed, 22 Mar 2006 23:05:32 +0000 (23:05 +0000)]
* getkey.c (parse_auto_key_locate): Silently strip out duplicates rather
than causing an error.

13 years agoChanged URLs
Werner Koch [Wed, 22 Mar 2006 16:43:59 +0000 (16:43 +0000)]
Changed URLs

13 years ago* mainproc.c (get_pka_address): Fix bug introduced as part of
David Shaw [Wed, 22 Mar 2006 14:37:53 +0000 (14:37 +0000)]
* mainproc.c (get_pka_address): Fix bug introduced as part of
sig_to_notation conversion.  Noted by Peter Palfradrer.

13 years agoAllow for rmd160 signatures when using gpg-agent.
Werner Koch [Tue, 21 Mar 2006 13:01:45 +0000 (13:01 +0000)]
Allow for rmd160 signatures when using gpg-agent.

13 years agoAllo RMD160 signatures
Werner Koch [Tue, 21 Mar 2006 12:48:51 +0000 (12:48 +0000)]
Allo RMD160 signatures

13 years agoAdd Kludge for RegTP sillyness.
Werner Koch [Tue, 21 Mar 2006 09:56:47 +0000 (09:56 +0000)]
Add Kludge for RegTP sillyness.

13 years ago* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previous
David Shaw [Mon, 20 Mar 2006 16:40:28 +0000 (16:40 +0000)]
* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previous
change.  It's now all done in configure.

13 years ago* configure.ac: Improved --disable-endian-check that doesn't involve
David Shaw [Mon, 20 Mar 2006 16:13:52 +0000 (16:13 +0000)]
* configure.ac: Improved --disable-endian-check that doesn't involve
changing #ifdefs in the rest of the code.

13 years ago* configure.ac: Add --disable-endian-check for building fat binaries
David Shaw [Mon, 20 Mar 2006 00:57:33 +0000 (00:57 +0000)]
* configure.ac: Add --disable-endian-check for building fat binaries
on OSX.

* README: Add note on how to build a fat binary on OSX.

13 years ago* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if'
David Shaw [Mon, 20 Mar 2006 00:39:44 +0000 (00:39 +0000)]
* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if'
rather than '#ifdef' BIG_ENDIAN_HOST.  Harmless as we explicitly
define BIG_ENDIAN_HOST to 1 when we need it, but needed for OSX fat
builds when we define BIG_ENDIAN_HOST to another macro.

13 years ago* configure.ac: Allow the DNS stuff to work on OSX by trying the
David Shaw [Sat, 18 Mar 2006 05:36:32 +0000 (05:36 +0000)]
* configure.ac: Allow the DNS stuff to work on OSX by trying the
Apple-specific BIND_8_COMPAT.

13 years ago* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
David Shaw [Fri, 17 Mar 2006 05:20:13 +0000 (05:20 +0000)]
* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
both the fingerprint alone, and fingerprint+URL cases.

* getkey.c (get_pubkey_byname): Minor cleanup.

13 years ago* cert.c (get_cert): Handle the fixed IPGP type with fingerprint.
David Shaw [Thu, 16 Mar 2006 22:40:04 +0000 (22:40 +0000)]
* cert.c (get_cert): Handle the fixed IPGP type with fingerprint.

13 years ago* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
David Shaw [Tue, 14 Mar 2006 03:16:21 +0000 (03:16 +0000)]
* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
same API as the other auto-key-locate fetchers.

* getkey.c (get_pubkey_byname): Use the fingerprint of the key that we
actually fetched.  This helps prevent problems where the key that we
fetched doesn't have the same name that we used to fetch it.  In the
case of CERT and PKA, this is an actual security requirement as the
URL might point to a key put in by an attacker.  By forcing the use of
the fingerprint, we won't use the attacker's key here.

13 years ago* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
David Shaw [Tue, 14 Mar 2006 02:42:02 +0000 (02:42 +0000)]
* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keyserver_import_cert, keyserver_import_name, keyserver_import_ldap):
Pass fingerprint info through.