14 years ago* keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an
David Shaw [Thu, 10 Mar 2005 19:34:40 +0000 (19:34 +0000)]
* keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an
alias for http-proxy.

14 years ago* delkey.c (do_delete_key, delete_keys): Fix problem with --expert
David Shaw [Thu, 10 Mar 2005 18:43:36 +0000 (18:43 +0000)]
* delkey.c (do_delete_key, delete_keys): Fix problem with --expert
preventing --delete-secret-and-public-keys from deleting secret keys.

14 years ago(keyedit_menu) [W32]: Run the trustdb stale check
Werner Koch [Thu, 10 Mar 2005 18:40:57 +0000 (18:40 +0000)]
(keyedit_menu) [W32]: Run the trustdb stale check

14 years ago(secmem_realloc): Take control information into account
Werner Koch [Thu, 10 Mar 2005 09:52:05 +0000 (09:52 +0000)]
(secmem_realloc): Take control information into account
when checking whether a resize is needed.

14 years ago* primegen.c (is_prime): Free A2. Noted by
Werner Koch [Mon, 7 Mar 2005 13:59:59 +0000 (13:59 +0000)]
* primegen.c (is_prime): Free A2.  Noted by
Fixes #423.

* DETAILS: Document new status codes.

* cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign)
(agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin)
(agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a
SC_OP_FAILURE after card operations which might change data.
* card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has
been changed.
(change_name): Removed a debug output.
* status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE

* de.po: Updated. Translation is still in the works, though.

14 years ago* libcurl.m4: Use $LIBS instead of $LDFLAGS. This should help build
David Shaw [Tue, 1 Mar 2005 00:05:16 +0000 (00:05 +0000)]
* libcurl.m4: Use $LIBS instead of $LDFLAGS.  This should help build
problems on Mingw32.

14 years ago* keyedit.c (keyedit_menu): Only print the key signing hint when signing
David Shaw [Thu, 24 Feb 2005 21:21:14 +0000 (21:21 +0000)]
* keyedit.c (keyedit_menu): Only print the key signing hint when signing
from a place where it is useful (i.e. --edit-key and not --sign-key).

14 years ago* Fix problem with storing the gpgkeys helpers in
David Shaw [Thu, 17 Feb 2005 03:49:16 +0000 (03:49 +0000)]
* Fix problem with storing the gpgkeys helpers in
libexec, but calling them in libexec/gnupg.

14 years agoabout to release 1.4.1rc2 RC-1-4-1rc2
Werner Koch [Wed, 16 Feb 2005 20:29:20 +0000 (20:29 +0000)]
about to release 1.4.1rc2

14 years ago* card-util.c (fetch_url): Fetch the key from the default
Werner Koch [Wed, 16 Feb 2005 20:08:14 +0000 (20:08 +0000)]
* card-util.c (fetch_url): Fetch the key from the default
keyserver if no URL is available.

* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.

14 years ago* w32installer.nsi: Added page to select the language.
Werner Koch [Wed, 16 Feb 2005 13:27:57 +0000 (13:27 +0000)]
* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.

14 years ago* gpg.sgml: Add bkuptocard command for --edit-key.
Werner Koch [Tue, 15 Feb 2005 11:02:32 +0000 (11:02 +0000)]
* gpg.sgml: Add bkuptocard command for --edit-key.

* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.

14 years ago* curl-shim.c (curl_easy_perform): Fix compile warning.
David Shaw [Sat, 12 Feb 2005 03:15:02 +0000 (03:15 +0000)]
* curl-shim.c (curl_easy_perform): Fix compile warning.

* curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add
ca-cert-file option, to pass in the SSL cert.

14 years ago* curl-shim.h, curl-shim.c: New. This is code to fake the curl API in
David Shaw [Fri, 11 Feb 2005 18:05:13 +0000 (18:05 +0000)]
* curl-shim.h, curl-shim.c: New.  This is code to fake the curl API in
terms of the current HTTP iobuf API.

* gpgkeys_curl.c [FAKE_CURL], If FAKE_CURL is set, link with
the iobuf code rather than libcurl.

14 years ago* Add --enable-fake-curl option to help test no-curl HTTP.
David Shaw [Fri, 11 Feb 2005 17:46:15 +0000 (17:46 +0000)]
* Add --enable-fake-curl option to help test no-curl HTTP.

* NEWS: Note Mister/Zuccherato CFB countermeasures.

14 years agoDisable the "quick check" bytes for PK decryptions. This is in
David Shaw [Thu, 10 Feb 2005 04:06:30 +0000 (04:06 +0000)]
Disable the "quick check" bytes for PK decryptions.  This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.

14 years ago* trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
David Shaw [Sun, 6 Feb 2005 17:38:43 +0000 (17:38 +0000)]
* trustdb.h, trustdb.c (trustdb_check_or_update): New.  If the trustdb
is dirty and --interactive is set, do an --update-trustdb.  If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is

* import.c (import_keys_internal): Moved from here.

* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end.  This is Debian bug
#293816, noted by Kurt Roeckx.

14 years ago* gpg.sgml: Note that level 0 signatures are always accepted
David Shaw [Sat, 5 Feb 2005 19:52:02 +0000 (19:52 +0000)]
* gpg.sgml: Note that level 0 signatures are always accepted
regardless of --min-cert-level.

14 years ago* gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
David Shaw [Sat, 5 Feb 2005 15:04:59 +0000 (15:04 +0000)]
* gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.

* gpgkeys_curl.c (main): Make sure the curl handle is cleaned up on

14 years ago* getkey.c (merge_selfsigs_subkey): Merged away definition from the
David Shaw [Sat, 5 Feb 2005 00:00:35 +0000 (00:00 +0000)]
* getkey.c (merge_selfsigs_subkey): Merged away definition from the
backsigs code.

14 years ago(GNUPG_CHECK_GNUMAKE): Removed. Not needed for
Werner Koch [Fri, 4 Feb 2005 10:18:46 +0000 (10:18 +0000)]
(GNUPG_CHECK_GNUMAKE):  Removed. Not needed for
decent automakes.

14 years ago* libcurl.m4: More comments.
David Shaw [Fri, 4 Feb 2005 04:01:35 +0000 (04:01 +0000)]
* libcurl.m4: More comments.

14 years ago* NEWS: Fix typo.
David Shaw [Thu, 3 Feb 2005 21:42:10 +0000 (21:42 +0000)]
* NEWS: Fix typo.

14 years agoLast changes for W32 RC-1-4-1rc1
Werner Koch [Thu, 3 Feb 2005 11:16:27 +0000 (11:16 +0000)]
Last changes for W32

14 years agoAbout to do a release candidate
Werner Koch [Thu, 3 Feb 2005 10:21:26 +0000 (10:21 +0000)]
About to do a release candidate

14 years agoUpdated to match the switch to the NSIS installer.
Werner Koch [Thu, 3 Feb 2005 09:32:53 +0000 (09:32 +0000)]
Updated to match the switch to the NSIS installer.

14 years ago* gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
David Shaw [Tue, 1 Feb 2005 20:57:08 +0000 (20:57 +0000)]
* gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
http_close() calls.  Noted by Phil Pennock.

14 years ago* http.c (connect_server): Fix fd leak when connecting to a round-robin
David Shaw [Tue, 1 Feb 2005 20:55:35 +0000 (20:55 +0000)]
* http.c (connect_server): Fix fd leak when connecting to a round-robin
server set that has some down servers.  Noted by Phil Pennock.

14 years ago* ksutil.h: Up the default timeout to two minutes.
David Shaw [Tue, 1 Feb 2005 17:08:18 +0000 (17:08 +0000)]
* ksutil.h: Up the default timeout to two minutes.

14 years ago* keygen.c (do_generate_keypair): Write the auth key to the card
David Shaw [Tue, 1 Feb 2005 05:26:25 +0000 (05:26 +0000)]
* keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.

14 years ago* keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
David Shaw [Fri, 28 Jan 2005 00:50:10 +0000 (00:50 +0000)]
* keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
instead of 0x0000000000000000 for the invalid key ID since all-zeroes
is reserved for the anonymous recipient.

* keyedit.c (change_passphrase), keygen.c (generate_subkeypair): Fix a
string ;)

14 years ago* keygen.c (generate_subkeypair): Detect primary key on-card and
Werner Koch [Thu, 27 Jan 2005 11:48:33 +0000 (11:48 +0000)]
* keygen.c (generate_subkeypair): Detect primary key on-card and
ask for the passphrase.  Return an error if the primary key is a
plain stub.

* keyedit.c (change_passphrase): Don't ever change any stub key.
Print a note if a key consists of only stub keys.  Reported by
Dany Nativel.  These are bugs #401 and #402.

14 years agoUpdated to the version from 1.2.7.
Werner Koch [Thu, 27 Jan 2005 10:30:28 +0000 (10:30 +0000)]
Updated to the version from 1.2.7.

14 years ago* keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal
David Shaw [Wed, 26 Jan 2005 21:20:30 +0000 (21:20 +0000)]
* keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal
address] syntax in keyserver URLs.  (keyserver_typemap): Map ftps if
we are supporting it.

14 years ago* w32installer.nsi: Create a start menu entry and enhanced the
Werner Koch [Wed, 26 Jan 2005 17:44:48 +0000 (17:44 +0000)]
* w32installer.nsi: Create a start menu entry and enhanced the
build environment.
* mk-w32-dist: Add more support for above.

14 years ago(do_generate_keypair): Don't continue after an error;
Werner Koch [Tue, 25 Jan 2005 14:34:51 +0000 (14:34 +0000)]
(do_generate_keypair): Don't continue after an error;
fixed at two places. Why at all didn't I used a goto to cleanup,

14 years ago(get_cached_data): New arg GET_IMMEDIATE to bypass
Werner Koch [Tue, 25 Jan 2005 14:18:56 +0000 (14:18 +0000)]
(get_cached_data): New arg GET_IMMEDIATE to bypass
the cache.  Changed all callers.
(get_one_do): Bypass the cache if the value would have been read
directly for v1.1 cards.It makes things a bit slower but obnly for
1.0 cards and there are not that many cards out in the wild.  This
is required to fix a caching bug when generating new keys; as a
side effect of the retrieval of the the C4 DO from the 6E DO the
chaced fingerprint will get updated to the old value and later
when signing the generated key the checking of the fingerprint
fails becuase it won't match the new one.  Thanks to Moritz for
analyzing this problem.
(verify_chv3): Removed the CHV status reread logic because we
won't cache the C4 DO anymore.

14 years ago* libcurl.m4: All versions of curl-config support --feature.
David Shaw [Tue, 25 Jan 2005 02:47:57 +0000 (02:47 +0000)]
* libcurl.m4: All versions of curl-config support --feature.

14 years ago* gpgkeys_ldap.c (print_nocr): New. (get_key): Call it here to
David Shaw [Mon, 24 Jan 2005 18:23:56 +0000 (18:23 +0000)]
* gpgkeys_ldap.c (print_nocr): New.  (get_key): Call it here to
canonicalize line endings.

* gpgkeys_curl.c (writer): Discard everything outside the BEGIN and
END lines when retrieving keys.  Canonicalize line endings.  (main):
Accept FTPS.

14 years ago* Define FTPS flag if we're using curl, and FTPS is
David Shaw [Sun, 23 Jan 2005 01:19:32 +0000 (01:19 +0000)]
* Define FTPS flag if we're using curl, and FTPS is

* README: Fix some typos (noted by Norihiko Murase), update to 1.4.1,
and tweak some descriptions.

* NEWS: Note FTPS.

14 years ago* libcurl.m4: Note that FTPS existed, but wasn't fully
David Shaw [Sat, 22 Jan 2005 23:10:23 +0000 (23:10 +0000)]
* libcurl.m4: Note that FTPS existed, but wasn't fully
standards-compliant until version 7.11.0.

14 years ago* keyserver.c (free_keyserver_spec): Fix small leak.
David Shaw [Sat, 22 Jan 2005 03:33:12 +0000 (03:33 +0000)]
* keyserver.c (free_keyserver_spec): Fix small leak.
(keyserver_typemap): Map https if we are supporting it.

14 years ago* gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL
David Shaw [Sat, 22 Jan 2005 03:27:19 +0000 (03:27 +0000)]
* gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL
certificate checking (which is on by default).

* gpgkeys_curl.c (main): Add "debug" option to match the LDAP helper.
Add "check-cert" option to disable SSL certificate checking (which is
on by default).

14 years ago(open_card): Issue new CARDCTRL(4) status.
Werner Koch [Thu, 20 Jan 2005 18:25:25 +0000 (18:25 +0000)]
(open_card): Issue new CARDCTRL(4) status.

14 years ago* gpgv.c (tty_fprintf): New stub.
Werner Koch [Thu, 20 Jan 2005 17:21:40 +0000 (17:21 +0000)]
* gpgv.c (tty_fprintf): New stub.

* card-util.c (card_status): Create asecret key stub on the fly
and print more information about a card key.
* import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New.
* getkey.c (get_seckeyblock_byfprint): New.
* keylist.c (print_card_key_info): New.

14 years agoMinor changes
Werner Koch [Thu, 20 Jan 2005 11:42:48 +0000 (11:42 +0000)]
Minor changes

14 years ago* g10.c (i18n_init) [W32]: Pass registry key to gettext
Werner Koch [Thu, 20 Jan 2005 11:42:03 +0000 (11:42 +0000)]
* g10.c (i18n_init) [W32]: Pass registry key to gettext
* gpgv.c (i18n_init) [W32]: Ditto.

* simple-gettext.c (set_gettext_file): Use MO files depending on
the installation directory.  Add new arg REGKEY.

14 years ago* NEWS: Note --rfc2440-text import/export-unusable-sigs and
David Shaw [Wed, 19 Jan 2005 03:56:25 +0000 (03:56 +0000)]
* NEWS: Note --rfc2440-text import/export-unusable-sigs and

* gpgkeys_mailto is disabled by default.  Define HTTPS
flag if we're using curl, and HTTPS is available.

14 years ago* gpgkeys_curl.c: Fix typo.
David Shaw [Tue, 18 Jan 2005 14:43:14 +0000 (14:43 +0000)]
* gpgkeys_curl.c: Fix typo.

14 years ago* gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with
Werner Koch [Tue, 18 Jan 2005 11:16:10 +0000 (11:16 +0000)]
* gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with
the W32 defined macro.  Removed unneeded initialization of static
* gpgkeys_http.c: Ditto.
* ksutil.h: s/MAX_PATH/URLMAX_PATH/.

14 years ago(public_key_list): Do a trustdb staleness check before
Werner Koch [Tue, 18 Jan 2005 09:51:58 +0000 (09:51 +0000)]
(public_key_list): Do a trustdb staleness check before
opening the keyring.
(secret_key_list): Ditto.

14 years ago* gpgkeys_curl.c (main): Only allow specified protocols to use the
David Shaw [Tue, 18 Jan 2005 04:24:52 +0000 (04:24 +0000)]
* gpgkeys_curl.c (main): Only allow specified protocols to use the
curl handler.


14 years ago* libcurl.m4: Use LIBCURL_CPPFLAGS and not LIBCURL_INCLUDES to match
David Shaw [Tue, 18 Jan 2005 03:54:46 +0000 (03:54 +0000)]
* libcurl.m4: Use LIBCURL_CPPFLAGS and not LIBCURL_INCLUDES to match
automake syntax.

14 years agoSame for
Werner Koch [Mon, 17 Jan 2005 10:19:57 +0000 (10:19 +0000)]
Same for

14 years agoMake --without-included-zlib work as
Werner Koch [Mon, 17 Jan 2005 10:13:59 +0000 (10:13 +0000)]
Make --without-included-zlib work as
expected. Reported by Norihiko Murase.

14 years agoMake --without-included-zlib work as
Werner Koch [Mon, 17 Jan 2005 10:13:59 +0000 (10:13 +0000)]
Make --without-included-zlib work as
expected. Reported by Norihiko Murase.

14 years ago* ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c,
David Shaw [Thu, 13 Jan 2005 23:37:26 +0000 (23:37 +0000)]
* ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c,
gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup.  Move all the
various defines to ksutil.h.

14 years ago* gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Part 1
David Shaw [Thu, 13 Jan 2005 23:22:10 +0000 (23:22 +0000)]
* gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Part 1
of a minor cleanup to use #defines instead of hard-coded sizes.

14 years ago* http.c (connect_server): Use INADDR_NONE instead of SOCKET_ERROR.
David Shaw [Thu, 13 Jan 2005 22:09:33 +0000 (22:09 +0000)]
* http.c (connect_server): Use INADDR_NONE instead of SOCKET_ERROR.
Noted by Timo.

14 years ago* gpgkeys_finger.c (connect_server): Use INADDR_NONE instead of
David Shaw [Thu, 13 Jan 2005 22:08:18 +0000 (22:08 +0000)]
* gpgkeys_finger.c (connect_server): Use INADDR_NONE instead of
SOCKET_ERROR.  Noted by Timo.

14 years ago* w32installer.nsi: New.
Werner Koch [Tue, 11 Jan 2005 12:03:22 +0000 (12:03 +0000)]
* w32installer.nsi: New.
* mk-w32-dist: Append ".txt" to some files.  Call makensis if

14 years ago* keyedit.c (keyedit_menu): Move command strings outside the function to
David Shaw [Tue, 11 Jan 2005 04:15:55 +0000 (04:15 +0000)]
* keyedit.c (keyedit_menu): Move command strings outside the function to
get ready for the readline completion code.

14 years ago* passphrase.c (readline, agent_send_option, agent_open,
David Shaw [Mon, 10 Jan 2005 22:56:46 +0000 (22:56 +0000)]
* passphrase.c (readline, agent_send_option, agent_open,
agent_get_passphrase, passphrase_clear_cache): Rename readline() to
readaline() to keep readline library namespace clear.

14 years ago* gpgkeys_curl.c (get_key): Newer versions of libcurl don't define TRUE.
David Shaw [Mon, 10 Jan 2005 03:46:12 +0000 (03:46 +0000)]
* gpgkeys_curl.c (get_key): Newer versions of libcurl don't define TRUE.

14 years ago* filter.h, armor.c (armor_filter): Use the eol string from the armor
David Shaw [Thu, 6 Jan 2005 16:23:47 +0000 (16:23 +0000)]
* filter.h, armor.c (armor_filter): Use the eol string from the armor
filter context instead of hardcoding '\n' or '\r\n'.  If no eol string is
provided, default to '\n' or '\r\n' as appropriate. (is_armor_header):
Trim tabs in armor header lines as well.

* keyserver.c (keyserver_spawn): Use it here to force '\n' line endings
since the keyserver output file gets a LF->CRLF expansion on win32.

14 years ago(set_native_charset): Assume that ASCII,
Werner Koch [Thu, 6 Jan 2005 11:51:49 +0000 (11:51 +0000)]
(set_native_charset): Assume that ASCII,
ANSI_X3.4-1968 and 646 are actually meant as Latin-1.  If
nl_langinfo is not available get the charset from environment
variables. For W32 use GetACP as error fallback.  Removed Latin-15
to Latin-1 aliasing.

14 years ago* g10.c (main): Typo.
David Shaw [Thu, 6 Jan 2005 04:44:38 +0000 (04:44 +0000)]
* g10.c (main): Typo.

* armor.c (is_armor_header): Allow CR and LF (not just actual spaces) in
an armor header line (-----BEGIN etc).  This is needed due to CRLF issues
on win32.  As before, --openpgp makes it strict.

14 years ago* Use new GNUPG_CHECK_LIBUSB macro.
David Shaw [Mon, 3 Jan 2005 15:18:24 +0000 (15:18 +0000)]
* Use new GNUPG_CHECK_LIBUSB macro.

14 years ago*, libusb.m4: New libusb check macro.
David Shaw [Mon, 3 Jan 2005 15:16:57 +0000 (15:16 +0000)]
*, libusb.m4: New libusb check macro.

14 years ago* Use @LIBUSB@ instead of @LIBUSB_LIBS@
David Shaw [Mon, 3 Jan 2005 15:15:34 +0000 (15:15 +0000)]
* Use @LIBUSB@ instead of @LIBUSB_LIBS@

* import.c (delete_inv_parts): Comments on import-unusable-sigs.

14 years ago* options.h, import.c (parse_import_options, delete_inv_parts): Add
David Shaw [Sat, 1 Jan 2005 21:21:11 +0000 (21:21 +0000)]
* options.h, import.c (parse_import_options, delete_inv_parts): Add
import-unusable-sigs flag to enable importing unusable (currently:
expired) sigs.

* options.h, export.c (parse_export_options, do_export_stream): Add
export-unusable-sigs flag to enable exporting unusable (currently:
expired) sigs.

14 years ago* Better implementation for the SRV check. We don't need to
David Shaw [Thu, 30 Dec 2004 03:31:19 +0000 (03:31 +0000)]
* Better implementation for the SRV check.  We don't need to
actually check all the header files individually since the SRV test
compile uses them together.

14 years ago* packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info), keyid.c
David Shaw [Thu, 30 Dec 2004 03:26:57 +0000 (03:26 +0000)]
* packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info), keyid.c
(revokestr_from_pk), keyedit.c (show_key_with_all_names): Show who revoked
a key (either the same key or a designated revoker) and when.

14 years agoBetter implementation for the SRV check. We don't need to actually check
David Shaw [Wed, 29 Dec 2004 00:58:05 +0000 (00:58 +0000)]
Better implementation for the SRV check.  We don't need to actually check
all the header files individually since the SRV test compile uses them

14 years ago(find_endpoint): New.
Werner Koch [Tue, 28 Dec 2004 07:30:57 +0000 (07:30 +0000)]
(find_endpoint): New.
(scan_or_find_devices): Add new args to return endpoint info and
interface number.
(ccid_open_reader, ccid_shutdown_reader): Take care of these new
(bulk_in, bulk_out): Use the correct endpoints.
(ccid_transceive_apdu_level): New.
(ccid_transceive): Divert to above.
(parse_ccid_descriptor): Allow APDU level exchange mode.
(do_close_reader): Pass the interface number to usb_release_interface.

14 years ago* keyserver.c (keyserver_typemap): Only map HTTP and FTP if libcurl has
David Shaw [Fri, 24 Dec 2004 19:51:02 +0000 (19:51 +0000)]
* keyserver.c (keyserver_typemap): Only map HTTP and FTP if libcurl has
specifically been selected to handle them.

14 years ago* gpgkeys_curl.c (main): Use new defines for opting out of certain
David Shaw [Fri, 24 Dec 2004 19:48:36 +0000 (19:48 +0000)]
* gpgkeys_curl.c (main): Use new defines for opting out of certain
transfer protocols.  Allow setting HTTP proxy via "http-proxy=foo" option
(there is natural support in libcurl for the http_proxy environment

* Remove the conditional since this is all handled in
autoconf now.

14 years ago* Use new LIBCURL_CHECK_CONFIG macro for all libcurl stuff.
David Shaw [Fri, 24 Dec 2004 19:43:16 +0000 (19:43 +0000)]
* Use new LIBCURL_CHECK_CONFIG macro for all libcurl stuff.
This simplifies, and we don't need the automake conditional stuff any

14 years ago* libcurl.m4: Rewrite this to use the new --protocols flag I gave to the
David Shaw [Fri, 24 Dec 2004 19:41:06 +0000 (19:41 +0000)]
* libcurl.m4: Rewrite this to use the new --protocols flag I gave to the
libcurl people.

* Add readline.m4 and libcurl.m4.

14 years ago* libcurl.m4: OSX has a problem with their curl-config script.
David Shaw [Thu, 23 Dec 2004 16:34:08 +0000 (16:34 +0000)]
* libcurl.m4: OSX has a problem with their curl-config script.

14 years ago* readline.m4: Make sure that readline is modern enough to understand
David Shaw [Thu, 23 Dec 2004 16:12:13 +0000 (16:12 +0000)]
* readline.m4: Make sure that readline is modern enough to understand

* libcurl.m4: Don't require curl-config to be present since it seems some
binary packages don't include it.  Allow users to specify LIBCURL and

14 years ago* gpgkeys_curl.c (main): New "follow-redirects" option. Takes an optional
David Shaw [Wed, 22 Dec 2004 19:19:10 +0000 (19:19 +0000)]
* gpgkeys_curl.c (main): New "follow-redirects" option.  Takes an optional
numeric value for the maximum number of redirects to allow.  Defaults to

* gpgkeys_curl.c (main), gpgkeys_finger.c (main), gpgkeys_hkp.c (main),
gpgkeys_http.c (main), gpgkeys_ldap.c (main): Make sure that a "timeout"
option passed with no arguments is properly handled.

14 years ago* options.h, keyserver.c (parse_keyserver_uri): Properly parse auth data
David Shaw [Wed, 22 Dec 2004 18:09:41 +0000 (18:09 +0000)]
* options.h, keyserver.c (parse_keyserver_uri): Properly parse auth data
from URLs and pass to keyserver helpers.

14 years ago* gpgkeys_curl.c (get_key, writer): New function to wrap around fwrite to
David Shaw [Wed, 22 Dec 2004 18:07:21 +0000 (18:07 +0000)]
* gpgkeys_curl.c (get_key, writer): New function to wrap around fwrite to
avoid DLL access problem on win32.

* gpgkeys_http.c (main, get_key): Properly pass authentication info
through to the http library.

14 years ago* keyserver.c (keyserver_typemap): New. Map certain keyserver types to a
David Shaw [Wed, 22 Dec 2004 17:49:44 +0000 (17:49 +0000)]
* keyserver.c (keyserver_typemap): New.  Map certain keyserver types to a
common type (e.g. ldaps -> ldap).  If we are building with curl, map both
http and ftp to curl.

* build-packet.c (build_sig_subpkt): Only allow one preferred keyserver
subpacket at a time.

14 years ago* Build gpgkeys_http or gpgkeys_curl as needed.
David Shaw [Wed, 22 Dec 2004 17:12:23 +0000 (17:12 +0000)]
* Build gpgkeys_http or gpgkeys_curl as needed.

* gpgkeys_curl.c (main, get_key): Minor tweaks to work with either FTP or

* gpgkeys_ftp.c: renamed to gpgkeys_curl.c.

14 years ago* --enable-ftp is on by default, --with-libcurl is off by
David Shaw [Wed, 22 Dec 2004 17:07:39 +0000 (17:07 +0000)]
* --enable-ftp is on by default, --with-libcurl is off by
default.  If we have neither of --enable-ftp or --enable-http, don't even
check for curl.

14 years ago* libcurl.m4: Be much more strict with libcurl by trying to compile and
David Shaw [Wed, 22 Dec 2004 17:03:27 +0000 (17:03 +0000)]
* libcurl.m4: Be much more strict with libcurl by trying to compile and
link a test program that uses the features that we need.

14 years ago* gpgkeys_ftp.c (main, get_key): Use auth data as passed by gpg. Use
David Shaw [Wed, 22 Dec 2004 05:23:22 +0000 (05:23 +0000)]
* gpgkeys_ftp.c (main, get_key): Use auth data as passed by gpg. Use
CURLOPT_FILE instead of CURLOPT_WRITEDATA (same option, but backwards

14 years ago* automake needs --add-missing for conditional CPPFLAGS build
David Shaw [Tue, 21 Dec 2004 23:44:06 +0000 (23:44 +0000)]
* automake needs --add-missing for conditional CPPFLAGS build
in keyserver/

14 years agoAs always, CVS leaves out the local directory?
David Shaw [Tue, 21 Dec 2004 23:40:51 +0000 (23:40 +0000)]
As always, CVS leaves out the local directory?

14 years agoFTP keyserver support via gpgkeys_ftp. This is currently off by default.
David Shaw [Tue, 21 Dec 2004 23:39:57 +0000 (23:39 +0000)]
FTP keyserver support via gpgkeys_ftp.  This is currently off by default.

14 years ago* keyedit.c (menu_set_keyserver_url): Make sure we only operate on the
David Shaw [Tue, 21 Dec 2004 15:49:56 +0000 (15:49 +0000)]
* keyedit.c (menu_set_keyserver_url): Make sure we only operate on the
chosen selfsig so we don't accidentally promote an older selfsig to
chosen.  Discovered by Simon Josefsson and 'Todd'.

* keygen.c (ask_expire_interval): Fix typo.

14 years ago* keylist.c (list_keyblock_print): Secret key listings should always show
David Shaw [Tue, 21 Dec 2004 04:19:03 +0000 (04:19 +0000)]
* keylist.c (list_keyblock_print): Secret key listings should always show
everything (expired UIDs, revoked subkeys, etc, etc).

* keyedit.c (keyedit_menu): Add additional help for the "sign" flags.

14 years ago(ask_expire_interval): For better translations chnage 2
Werner Koch [Mon, 20 Dec 2004 18:14:57 +0000 (18:14 +0000)]
(ask_expire_interval): For better translations chnage 2

14 years ago* seckey-cert.c (do_check): Handle case when checksum was okay but
Werner Koch [Mon, 20 Dec 2004 10:05:20 +0000 (10:05 +0000)]
* seckey-cert.c (do_check): Handle case when checksum was okay but
passphrase still wrong.  Roman Pavlik found such a case.

* mpicoder.c (mpi_read_from_buffer): Don't abort in case of an
invalid MPI but print a message and return NULL.  Use log_info and
not log_error.

14 years ago(handle_iconv_error): Turn diagnostics into warnings
Werner Koch [Mon, 20 Dec 2004 08:55:03 +0000 (08:55 +0000)]
(handle_iconv_error): Turn diagnostics into warnings
so that gpg does not return with failure.
(native_to_utf8, utf8_to_native): Ditto.

14 years ago* keyedit.c (keyedit_menu): Invisible alias "passwd" as "password".
David Shaw [Mon, 20 Dec 2004 05:19:09 +0000 (05:19 +0000)]
* keyedit.c (keyedit_menu): Invisible alias "passwd" as "password".

* passphrase.c: Don't check for __CYGWIN__, so it is treated as a
unix-like system.

* options.h, g10.c (main), textfilter.c (standard): Use new option
--rfc2440-text to determine whether to filter "<space>\t\r\n" or just
"\r\n" before canonicalizing text line endings.  Default to

14 years ago* keygen.c (keygen_get_std_prefs): Set reference count when creating the
David Shaw [Sun, 19 Dec 2004 05:20:07 +0000 (05:20 +0000)]
* keygen.c (keygen_get_std_prefs): Set reference count when creating the
temporary user ID.

* keyedit.c (keyedit_menu): Merge updpref and setpref.  Keep updpref as an
invisible alias.  Add invisible alias for revphoto. Fix small memory leak
when using "setpref" (not all of the uid was freed). (menu_revkey):
Trigger a trust rebuild after revoking a key. Don't allow revoking an
already-revoked whole key. (menu_revsubkey): Don't allow revoking an
already-revoked subkey.

14 years ago* keyedit.c (menu_revkey): Rename to menu_revsubkey. (menu_revkey): New.
David Shaw [Sun, 19 Dec 2004 04:30:16 +0000 (04:30 +0000)]
* keyedit.c (menu_revkey): Rename to menu_revsubkey. (menu_revkey): New.
Revoke a whole key. (keyedit_menu): Call it here for when 'revkey' is used
without any subkeys selected.  This is to be consistent with the other
functions which are "selected part if selected, whole key if not".