gnupg.git
13 years ago* keygen.c (gen_card_key): Add optional argument to return a pointer
David Shaw [Sat, 10 Jun 2006 04:11:05 +0000 (04:11 +0000)]
* keygen.c (gen_card_key): Add optional argument to return a pointer
(not a copy) of the stub secret key for the secret key we just
generated on the card.  (generate_card_subkeypair): Use it here so
that the signing key on the card can use the card to generate the 0x19
backsig on the primary key.  Noted by Janko Heilgeist and Jonas Oberg.

13 years ago* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
David Shaw [Fri, 9 Jun 2006 19:45:19 +0000 (19:45 +0000)]
* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
This prevents a memory allocation attack with a very large user ID.  A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number.  Noted by Evgeny Legerov on full-disclosure.

13 years agoRevert last. It is still wrong.
David Shaw [Sat, 27 May 2006 02:07:05 +0000 (02:07 +0000)]
Revert last.  It is still wrong.

13 years ago* exec.c (make_tempdir) [_WIN32]: Modified to properly handle
David Shaw [Sat, 27 May 2006 01:38:54 +0000 (01:38 +0000)]
* exec.c (make_tempdir) [_WIN32]: Modified to properly handle
arbitrarily long temporary directory paths.

13 years ago* keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
David Shaw [Thu, 25 May 2006 19:39:03 +0000 (19:39 +0000)]
* keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
1024 when --enable-dsa2 is set).  The size of q is set automatically based
on the key size. (ask_keysize, generate_keypair): Ask for DSA size when
--enable-dsa2 is set.

13 years agoAdded backsig to my key
Werner Koch [Thu, 25 May 2006 13:55:34 +0000 (13:55 +0000)]
Added backsig to my key

13 years ago* exec.c (make_tempdir): Fix bug with a temporary directory on Win32
David Shaw [Thu, 25 May 2006 03:02:51 +0000 (03:02 +0000)]
* exec.c (make_tempdir): Fix bug with a temporary directory on Win32
that is over 256 bytes long.  Noted by Israel G. Lugo.

13 years ago* mksamplekeys: Incorporate new package signature key and minimize keys
David Shaw [Tue, 23 May 2006 22:48:21 +0000 (22:48 +0000)]
* mksamplekeys: Incorporate new package signature key and minimize keys
when generating samplekeys.asc.

13 years ago* gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
David Shaw [Tue, 23 May 2006 22:04:09 +0000 (22:04 +0000)]
* gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
called with them closed.  This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds.  Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.

13 years ago* configure.ac: Add --disable-optimization. This is handy for debugging
David Shaw [Tue, 23 May 2006 15:32:57 +0000 (15:32 +0000)]
* configure.ac: Add --disable-optimization.  This is handy for debugging
so the compiler doesn't rearrange things and eliminate variables.

13 years ago* parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
David Shaw [Tue, 23 May 2006 03:58:53 +0000 (03:58 +0000)]
* parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
(build_sig_subpkt_from_sig), getkey.c (fixup_uidnode,
merge_selfsigs_main, merge_selfsigs_subkey), keygen.c
(keygen_add_key_expire): Fix meaning of key expiration and sig
expiration subpackets - zero means "never expire" according to 2440,
not "expire instantly".

13 years ago* import.c (import_one): Fix bug when importing a new key from a file.
David Shaw [Mon, 22 May 2006 21:38:13 +0000 (21:38 +0000)]
* import.c (import_one): Fix bug when importing a new key from a file.

13 years ago2006-05-22 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Mon, 22 May 2006 17:19:22 +0000 (17:19 +0000)]
2006-05-22  Marcus Brinkmann  <marcus@g10code.de>

* configure.ac: Remove check for noexecstack and invoke
CL_AS_NOEXECSTACK instead.

m4/
2006-05-22  Marcus Brinkmann  <marcus@g10code.de>

* noexecstack.m4: New file.

13 years ago* getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
David Shaw [Mon, 22 May 2006 16:53:09 +0000 (16:53 +0000)]
* getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
problem when auto-key-locate returns a list of keys, not all of which are
usable (revoked, expired, etc).  Noted by Simon Josefsson.

13 years agoUpdated keys
Werner Koch [Wed, 17 May 2006 08:42:12 +0000 (08:42 +0000)]
Updated keys

13 years agoForgot to save the actual fix
Werner Koch [Tue, 16 May 2006 11:08:47 +0000 (11:08 +0000)]
Forgot to save the actual fix

13 years agoFixed OSF5 warning suppression.
Werner Koch [Tue, 16 May 2006 11:06:28 +0000 (11:06 +0000)]
Fixed OSF5 warning suppression.

13 years ago* libcurl.m4: Fix mistaken AC_SUBST when curl is not found.
David Shaw [Wed, 10 May 2006 02:09:27 +0000 (02:09 +0000)]
* libcurl.m4: Fix mistaken AC_SUBST when curl is not found.

13 years ago* NEWS: Note SHA-224 and DSA2.
David Shaw [Thu, 27 Apr 2006 16:20:13 +0000 (16:20 +0000)]
* NEWS: Note SHA-224 and DSA2.

* configure.ac: Remove --enable-old-keyserver-helpers.  Comment out
--enable-m-guard for now.

13 years ago(keyserver_import_cert): Show warning if there is a CERT fingerprint,
David Shaw [Thu, 27 Apr 2006 03:38:56 +0000 (03:38 +0000)]
(keyserver_import_cert): Show warning if there is a CERT fingerprint,
but no --keyserver set.

13 years ago* keyserver.c (path_makes_direct): New. (keyserver_spawn): Used here
David Shaw [Thu, 27 Apr 2006 03:14:17 +0000 (03:14 +0000)]
* keyserver.c (path_makes_direct): New.  (keyserver_spawn): Used here
to add "_uri" to certain gpgkeys_xxx helpers when the meaning is
different if a path is provided (i.e. ldap).

13 years ago* gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.
David Shaw [Wed, 26 Apr 2006 21:49:43 +0000 (21:49 +0000)]
* gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.

13 years ago* Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as
David Shaw [Wed, 26 Apr 2006 21:48:29 +0000 (21:48 +0000)]
* Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as
this is done via curl or fake-curl.

* ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor #include tweaks
as FAKE_CURL is no longer meaningful.

13 years ago* keyserver.c: Fix build problem with platforms that stick libcurl in
David Shaw [Sat, 22 Apr 2006 14:15:50 +0000 (14:15 +0000)]
* keyserver.c: Fix build problem with platforms that stick libcurl in
a place not in the regular include search path.

13 years ago* make-dns-cert.c (main): Small exit code tweak from Peter Palfrader.
David Shaw [Thu, 20 Apr 2006 22:05:42 +0000 (22:05 +0000)]
* make-dns-cert.c (main): Small exit code tweak from Peter Palfrader.

13 years ago* options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
David Shaw [Thu, 20 Apr 2006 21:32:42 +0000 (21:32 +0000)]
* options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
to disable.

* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.

* sign.c (match_dsa_hash): New.  Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set.  q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.

13 years ago(generate): Tweak to allow keys larger than 1024 bits. Enforce that the q
David Shaw [Thu, 20 Apr 2006 21:11:56 +0000 (21:11 +0000)]
(generate): Tweak to allow keys larger than 1024 bits.  Enforce that the q
size doesn't end between byte boundaries.

13 years agoThe plumbing necessary to create DSA keys with variable sized q.
David Shaw [Thu, 20 Apr 2006 18:40:37 +0000 (18:40 +0000)]
The plumbing necessary to create DSA keys with variable sized q.
Not yet used (q==160).

13 years ago* gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
David Shaw [Thu, 20 Apr 2006 02:36:05 +0000 (02:36 +0000)]
* gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
SHA-224.

* sign.c (write_plaintext_packet), encode.c (encode_simple): Factor
common literal packet setup code from here, to...

* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the
literal packet filename field is UTF-8 encoded.

* options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded
and note when filenames are already UTF-8.

13 years ago* sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512.
David Shaw [Thu, 20 Apr 2006 02:12:34 +0000 (02:12 +0000)]
* sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512.

13 years agoAdd SHA-224 support
David Shaw [Thu, 20 Apr 2006 02:05:32 +0000 (02:05 +0000)]
Add SHA-224 support

13 years ago* keyedit.c (menu_backsign): Give some more verbose errors when we
David Shaw [Wed, 19 Apr 2006 04:29:31 +0000 (04:29 +0000)]
* keyedit.c (menu_backsign): Give some more verbose errors when we
have no need to backsign.

13 years ago* gpg.sgml: Reminders that --cipher-algo, --digest-algo, and
David Shaw [Wed, 19 Apr 2006 03:56:23 +0000 (03:56 +0000)]
* gpg.sgml: Reminders that --cipher-algo, --digest-algo, and
--compress-algo should be avoided.

13 years ago* miscutil.c (make_printable_string): Fix bug where some control
David Shaw [Mon, 17 Apr 2006 20:54:15 +0000 (20:54 +0000)]
* miscutil.c (make_printable_string): Fix bug where some control
characters lose part of their ASCII representation.

13 years agouse minimal posix sed
Werner Koch [Wed, 12 Apr 2006 10:36:23 +0000 (10:36 +0000)]
use minimal posix sed

13 years ago* memory.c (realloc): Revert m_guard fix and stick an #error in there to
David Shaw [Tue, 11 Apr 2006 19:45:44 +0000 (19:45 +0000)]
* memory.c (realloc): Revert m_guard fix and stick an #error in there to
inform people not to use it.

13 years ago* options.skel, photoid.c (get_default_photo_command): Find an image
David Shaw [Tue, 11 Apr 2006 19:20:08 +0000 (19:20 +0000)]
* options.skel, photoid.c (get_default_photo_command): Find an image
viewer at runtime.  Seems FC5 doesn't have xloadimage.

13 years ago.
Werner Koch [Tue, 11 Apr 2006 07:50:34 +0000 (07:50 +0000)]
.

13 years agoAdd new regression test
Werner Koch [Tue, 11 Apr 2006 07:49:25 +0000 (07:49 +0000)]
Add new regression test

13 years ago* gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote
David Shaw [Tue, 11 Apr 2006 03:25:25 +0000 (03:25 +0000)]
* gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote
directly into place rather than mallocing temporary buffers.

13 years ago* gpgkeys_ldap.c (get_name): Build strings with strcat rather than
David Shaw [Tue, 11 Apr 2006 03:13:46 +0000 (03:13 +0000)]
* gpgkeys_ldap.c (get_name): Build strings with strcat rather than
using sprintf which is harder to read and modify.

13 years ago* ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT
David Shaw [Tue, 11 Apr 2006 03:00:50 +0000 (03:00 +0000)]
* ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT
and KS_SEARCH_KEYID_LONG to search for a key ID.

* gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID
searches to pgpKeyID or pgpCertID.

13 years ago* gpg.sgml: Some typo fixes. This is Debian 361324.
David Shaw [Sun, 9 Apr 2006 23:22:24 +0000 (23:22 +0000)]
* gpg.sgml: Some typo fixes.  This is Debian 361324.

13 years ago* getkey.c (parse_auto_key_locate): Fix dupe-removal code.
David Shaw [Sun, 9 Apr 2006 03:34:09 +0000 (03:34 +0000)]
* getkey.c (parse_auto_key_locate): Fix dupe-removal code.

* keyedit.c (menu_backsign): Allow backsigning even if the secret
subkey doesn't have a binding signature.

* armor.c (radix64_read): Don't report EOF when reading only a pad (=)
character.  The EOF actually starts after the pad.

* gpg.c (main): Make --export, --send-keys, --recv-keys,
--refresh-keys, and --fetch-keys follow their arguments from left to
right.  Suggested by Peter Palfrader.

13 years agoFixed segv
Werner Koch [Sat, 8 Apr 2006 01:23:23 +0000 (01:23 +0000)]
Fixed segv

13 years agoSee ChangeLog
Werner Koch [Sat, 8 Apr 2006 00:36:51 +0000 (00:36 +0000)]
See ChangeLog

13 years ago* memory.c (realloc): Fix compile problem with --enable-m-guard.
David Shaw [Thu, 6 Apr 2006 17:58:13 +0000 (17:58 +0000)]
* memory.c (realloc): Fix compile problem with --enable-m-guard.

13 years ago* make-dns-cert.c: Some changes from Peter Palfrader to send errors to
David Shaw [Wed, 5 Apr 2006 14:25:40 +0000 (14:25 +0000)]
* make-dns-cert.c: Some changes from Peter Palfrader to send errors to
stderr and allow spaces in a fingerprint.  Also warn when a key is
over 16k (as that is the default max-cert-size) and fail when a key is
over 64k as that is the DNS limit in many places.

13 years ago* make-dns-cert.c: New program to generate properly formatted CERT records
David Shaw [Tue, 4 Apr 2006 22:19:13 +0000 (22:19 +0000)]
* make-dns-cert.c: New program to generate properly formatted CERT records
so people don't have to do it manually.

13 years agopost release updates
Werner Koch [Mon, 3 Apr 2006 11:16:19 +0000 (11:16 +0000)]
post release updates

13 years agoAbout to release 1.4.3 gnupg-1.4.3
Werner Koch [Mon, 3 Apr 2006 10:13:23 +0000 (10:13 +0000)]
About to release 1.4.3

13 years ago* getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.
David Shaw [Sat, 1 Apr 2006 02:47:53 +0000 (02:47 +0000)]
* getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.
Fix strings to not start with a capital letter as per convention.

13 years agoUpdate copyright
David Shaw [Thu, 30 Mar 2006 23:55:45 +0000 (23:55 +0000)]
Update copyright

13 years ago* main.h, seskey.c (encode_md_value): Modify to allow a q size greater
David Shaw [Thu, 30 Mar 2006 19:20:59 +0000 (19:20 +0000)]
* main.h, seskey.c (encode_md_value): Modify to allow a q size greater
than 160 bits as per DSA2.  This will allow us to verify and issue DSA2
signatures for some backwards compatibility once we start generating DSA2
keys.
* sign.c (do_sign), sig-check.c (do_check): Change all callers.

* sign.c (do_sign): Enforce the 160-bit check for new signatures here
since encode_md_value can handle non-160-bit digests now. This will need
to come out once the standard for DSA2 is firmed up.

13 years ago* README: Some more notes about building fat binaries.
David Shaw [Thu, 30 Mar 2006 14:19:08 +0000 (14:19 +0000)]
* README: Some more notes about building fat binaries.

13 years ago* cert.c (main): Fix test program build warning on OSX.
David Shaw [Thu, 30 Mar 2006 14:13:35 +0000 (14:13 +0000)]
* cert.c (main): Fix test program build warning on OSX.

13 years ago* gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they use
David Shaw [Mon, 27 Mar 2006 19:06:46 +0000 (19:06 +0000)]
* gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they use
the regular old API that is compatible with other LDAP libraries.

13 years ago* README: Missing some instructions on building a fat binary.
David Shaw [Sat, 25 Mar 2006 03:05:30 +0000 (03:05 +0000)]
* README: Missing some instructions on building a fat binary.

13 years ago* getkey.c (parse_auto_key_locate): Silently strip out duplicates rather
David Shaw [Wed, 22 Mar 2006 23:05:32 +0000 (23:05 +0000)]
* getkey.c (parse_auto_key_locate): Silently strip out duplicates rather
than causing an error.

13 years agoChanged URLs
Werner Koch [Wed, 22 Mar 2006 16:43:59 +0000 (16:43 +0000)]
Changed URLs

13 years ago* mainproc.c (get_pka_address): Fix bug introduced as part of
David Shaw [Wed, 22 Mar 2006 14:37:53 +0000 (14:37 +0000)]
* mainproc.c (get_pka_address): Fix bug introduced as part of
sig_to_notation conversion.  Noted by Peter Palfradrer.

13 years agoAllow for rmd160 signatures when using gpg-agent.
Werner Koch [Tue, 21 Mar 2006 13:01:45 +0000 (13:01 +0000)]
Allow for rmd160 signatures when using gpg-agent.

13 years ago* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previous
David Shaw [Mon, 20 Mar 2006 16:40:28 +0000 (16:40 +0000)]
* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previous
change.  It's now all done in configure.

13 years ago* configure.ac: Improved --disable-endian-check that doesn't involve
David Shaw [Mon, 20 Mar 2006 16:13:52 +0000 (16:13 +0000)]
* configure.ac: Improved --disable-endian-check that doesn't involve
changing #ifdefs in the rest of the code.

13 years ago* configure.ac: Add --disable-endian-check for building fat binaries
David Shaw [Mon, 20 Mar 2006 00:57:33 +0000 (00:57 +0000)]
* configure.ac: Add --disable-endian-check for building fat binaries
on OSX.

* README: Add note on how to build a fat binary on OSX.

13 years ago* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if'
David Shaw [Mon, 20 Mar 2006 00:39:44 +0000 (00:39 +0000)]
* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if'
rather than '#ifdef' BIG_ENDIAN_HOST.  Harmless as we explicitly
define BIG_ENDIAN_HOST to 1 when we need it, but needed for OSX fat
builds when we define BIG_ENDIAN_HOST to another macro.

13 years ago* configure.ac: Allow the DNS stuff to work on OSX by trying the
David Shaw [Sat, 18 Mar 2006 05:36:32 +0000 (05:36 +0000)]
* configure.ac: Allow the DNS stuff to work on OSX by trying the
Apple-specific BIND_8_COMPAT.

13 years ago* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
David Shaw [Fri, 17 Mar 2006 05:20:13 +0000 (05:20 +0000)]
* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
both the fingerprint alone, and fingerprint+URL cases.

* getkey.c (get_pubkey_byname): Minor cleanup.

13 years ago* cert.c (get_cert): Handle the fixed IPGP type with fingerprint.
David Shaw [Thu, 16 Mar 2006 22:40:04 +0000 (22:40 +0000)]
* cert.c (get_cert): Handle the fixed IPGP type with fingerprint.

13 years ago* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
David Shaw [Tue, 14 Mar 2006 03:16:21 +0000 (03:16 +0000)]
* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
same API as the other auto-key-locate fetchers.

* getkey.c (get_pubkey_byname): Use the fingerprint of the key that we
actually fetched.  This helps prevent problems where the key that we
fetched doesn't have the same name that we used to fetch it.  In the
case of CERT and PKA, this is an actual security requirement as the
URL might point to a key put in by an attacker.  By forcing the use of
the fingerprint, we won't use the attacker's key here.

13 years ago* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
David Shaw [Tue, 14 Mar 2006 02:42:02 +0000 (02:42 +0000)]
* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keyserver_import_cert, keyserver_import_name, keyserver_import_ldap):
Pass fingerprint info through.

13 years ago* main.h, import.c (import_one): Optionally return the fingerprint of
David Shaw [Tue, 14 Mar 2006 02:23:00 +0000 (02:23 +0000)]
* main.h, import.c (import_one): Optionally return the fingerprint of
the key being imported.  (import_keys_internal, import_keys_stream,
import): Change all callers.

13 years ago* sig-check.c (signature_check2): Print the backsig warning when there
David Shaw [Sun, 12 Mar 2006 15:33:57 +0000 (15:33 +0000)]
* sig-check.c (signature_check2): Print the backsig warning when there
is no backsig present.  Give a URL for more information.

* keyedit.c (menu_backsign): Small tweak to work properly with keys
originally generated with older GnuPGs that included comments in the
secret keys.

13 years ago* samplekeys.asc: Update 99242560 to have a signing subkey backsig.
David Shaw [Sat, 11 Mar 2006 15:29:57 +0000 (15:29 +0000)]
* samplekeys.asc: Update 99242560 to have a signing subkey backsig.

13 years ago* gpg.sgml: Clarify new notation delete feature.
David Shaw [Thu, 9 Mar 2006 19:47:35 +0000 (19:47 +0000)]
* gpg.sgml: Clarify new notation delete feature.

13 years ago* build-packet.c (string_to_notation): Add ability to indicate a notation
David Shaw [Thu, 9 Mar 2006 19:43:29 +0000 (19:43 +0000)]
* build-packet.c (string_to_notation): Add ability to indicate a notation
to be deleted with a '-' prefix.

* keyedit.c (menu_set_notation): Use it here to allow deleting a notation
marked with '-'.  This works with either "-notation" or "-notation=value".

13 years agokeep on walking towards rc3
Werner Koch [Thu, 9 Mar 2006 19:24:59 +0000 (19:24 +0000)]
keep on walking towards rc3

13 years agoUpdated gnupg-1.4.3rc2
Werner Koch [Thu, 9 Mar 2006 12:58:26 +0000 (12:58 +0000)]
Updated

13 years agoPreparing for an RC23
Werner Koch [Thu, 9 Mar 2006 12:45:02 +0000 (12:45 +0000)]
Preparing for an RC23

13 years ago* gpg.sgml: Document "notation".
David Shaw [Thu, 9 Mar 2006 04:00:18 +0000 (04:00 +0000)]
* gpg.sgml: Document "notation".

13 years ago* keyedit.c (menu_set_notation): New function to set notations on
David Shaw [Thu, 9 Mar 2006 03:49:39 +0000 (03:49 +0000)]
* keyedit.c (menu_set_notation): New function to set notations on
self-signatures.  (keyedit_menu): Call it here.
(tty_print_notations): Helper.  (show_prefs): Show notations in
"showpref".

13 years ago* mainproc.c (get_pka_address), keylist.c (show_notation): Remove
David Shaw [Thu, 9 Mar 2006 03:35:26 +0000 (03:35 +0000)]
* mainproc.c (get_pka_address), keylist.c (show_notation): Remove
duplicate code by using notation functions.

13 years ago* argparse.c (default_strusage): Update copyright year to 2006.
David Shaw [Thu, 9 Mar 2006 03:31:28 +0000 (03:31 +0000)]
* argparse.c (default_strusage): Update copyright year to 2006.

13 years ago* packet.h, build-packet.c (sig_to_notation), keygen.c
David Shaw [Thu, 9 Mar 2006 01:15:18 +0000 (01:15 +0000)]
* packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Provide printable text for non-human-readable
notation values.

13 years ago* packet.h, build-packet.c (sig_to_notation), keygen.c
David Shaw [Wed, 8 Mar 2006 23:42:45 +0000 (23:42 +0000)]
* packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Tweak to handle non-human-readable notation
values.

13 years ago* options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data):
David Shaw [Wed, 8 Mar 2006 23:30:12 +0000 (23:30 +0000)]
* options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data):
Use it here for the various notation commands.

* packet.h, main.h, keygen.c (keygen_add_notations), build-packet.c
(string_to_notation, sig_to_notation) (free_notation): New "one stop
shopping" functions to handle notations and start removing some code
duplication.

13 years ago* options.h, mainproc.c (check_sig_and_print), gpg.c (main):
David Shaw [Wed, 8 Mar 2006 02:40:42 +0000 (02:40 +0000)]
* options.h, mainproc.c (check_sig_and_print), gpg.c (main):
pka-lookups, not pka-lookup.

* options.h, gpg.c (main), keyedit.c [cmds], sig-check.c
(signature_check2): Rename "backsign" to "cross-certify" as a more
accurate name.

13 years ago* NEWS: Note CERT retrieval. Tweak PKA and backsig language to match
David Shaw [Wed, 8 Mar 2006 02:36:37 +0000 (02:36 +0000)]
* NEWS: Note CERT retrieval.  Tweak PKA and backsig language to match
current code.

13 years ago* gpg.sgml: Rename backsigs to cross-certification (backsigs is just
David Shaw [Tue, 7 Mar 2006 22:44:23 +0000 (22:44 +0000)]
* gpg.sgml: Rename backsigs to cross-certification (backsigs is just
shorthand).  Document max-cert-size.

13 years ago* gpg.sgml: Document new way of enabling the PKA functions. Some minor
David Shaw [Tue, 7 Mar 2006 21:47:36 +0000 (21:47 +0000)]
* gpg.sgml: Document new way of enabling the PKA functions.  Some minor
other cleanups.

13 years ago* options.h, gpg.c (main, parse_trust_model), pkclist.c
David Shaw [Tue, 7 Mar 2006 20:14:20 +0000 (20:14 +0000)]
* options.h, gpg.c (main, parse_trust_model), pkclist.c
(check_signatures_trust), mainproc.c (check_sig_and_print,
pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so that it
is a verify-option now.

13 years ago* NEWS: Note --auto-key-locate and that keyservers can handle binary data
David Shaw [Tue, 7 Mar 2006 16:20:03 +0000 (16:20 +0000)]
* NEWS: Note --auto-key-locate and that keyservers can handle binary data
now.

13 years agoMore tests added; make distcheck works
Werner Koch [Tue, 7 Mar 2006 11:05:41 +0000 (11:05 +0000)]
More tests added; make distcheck works

13 years ago* gpg.sgml: Document --auto-key-locate.
David Shaw [Tue, 7 Mar 2006 05:06:31 +0000 (05:06 +0000)]
* gpg.sgml: Document --auto-key-locate.

13 years ago* sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
David Shaw [Tue, 7 Mar 2006 01:16:31 +0000 (01:16 +0000)]
* sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
is not a PGP 2.x algorithm.

13 years ago* mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
David Shaw [Mon, 6 Mar 2006 23:14:13 +0000 (23:14 +0000)]
* mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
algorithm.

13 years agoStricter test of allowed signature packet compositions.
Werner Koch [Mon, 6 Mar 2006 21:28:25 +0000 (21:28 +0000)]
Stricter test of allowed signature packet compositions.
There is still one problem to solve.

13 years agoFixed problem with PGP2 style signatures and mutilple plaintext data
Werner Koch [Mon, 6 Mar 2006 12:28:46 +0000 (12:28 +0000)]
Fixed problem with PGP2 style signatures and mutilple plaintext data

13 years agoReplaced an assert and fixed batch mode issue in cardglue.
Werner Koch [Sun, 5 Mar 2006 15:13:18 +0000 (15:13 +0000)]
Replaced an assert and fixed batch mode issue in cardglue.

13 years ago* gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP
David Shaw [Fri, 3 Mar 2006 21:55:38 +0000 (21:55 +0000)]
* gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP
libraries that have TLS.