gnupg.git
16 years ago* gpg.sgml: Document --list-options (show-photos, show-policy-url,
David Shaw [Tue, 26 Aug 2003 00:32:58 +0000 (00:32 +0000)]
* gpg.sgml: Document --list-options (show-photos, show-policy-url,
show-notation, show-keyring) and --verify-options (show-photos,
show-policy-url, show-notation).  Deprecate --show-photos,
--show-policy-url, --show-notation, and --show-keyring.

16 years ago* Makefile.am: Use NETLIBS instead of EGDLIBS.
David Shaw [Mon, 25 Aug 2003 03:37:06 +0000 (03:37 +0000)]
* Makefile.am: Use NETLIBS instead of EGDLIBS.

16 years ago* configure.ac: Check for getaddrinfo. Don't bother to check for EGD libs
David Shaw [Mon, 25 Aug 2003 03:32:01 +0000 (03:32 +0000)]
* configure.ac: Check for getaddrinfo.  Don't bother to check for EGD libs
since we need to have the netlibs regardless because of the agent socket.

16 years ago* http.c (connect_server): Try and use getaddrinfo if it is available.
David Shaw [Mon, 25 Aug 2003 02:18:45 +0000 (02:18 +0000)]
* http.c (connect_server): Try and use getaddrinfo if it is available.
Try for IPv6 via getaddrinfo() or a IPv6-ized gethostbyname().  Suggested
by Jun-ichiro itojun Hagino.

16 years ago* mainproc.c (check_sig_and_print): Get the uid validity before printing
David Shaw [Sun, 24 Aug 2003 23:01:26 +0000 (23:01 +0000)]
* mainproc.c (check_sig_and_print): Get the uid validity before printing
any sig results to avoid munging the output with trustdb warnings.

* g10.c (main): Don't include --show-keyring in --help as it is
deprecated.

16 years ago* random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM twice.
David Shaw [Thu, 21 Aug 2003 23:26:57 +0000 (23:26 +0000)]
* random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM twice.
Use NAME_OF_DEV_URANDOM.

16 years ago* gpgv.c: Remove extra semicolon (typo).
David Shaw [Thu, 21 Aug 2003 23:20:58 +0000 (23:20 +0000)]
* gpgv.c: Remove extra semicolon (typo).

* options.skel: Note that keyserver.pgp.com isn't synchronized, and
explain the roundrobin a bit better.

* sig-check.c (check_key_signature2), import.c (import_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids,
merge_blocks): Make much quieter during import of slightly munged, but
recoverable, keys. Use log_error for unrecoverable import failures.

* keyring.c (keyring_rebuild_cache): Comment.

* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.

16 years ago* packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
David Shaw [Wed, 13 Aug 2003 03:31:36 +0000 (03:31 +0000)]
* packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
Provide a signing-key-is-revoked flag.  Change all callers.

* status.h, status.c (get_status_string): New REVKEYSIG status tag for a
good signature from a revoked key.

* mainproc.c (do_check_sig, check_sig_and_print): Use it here.

* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare actual
signatures on import rather than using keyid or class matching.  This does
not change actual behavior with a key, but does mean that all sigs are
imported whether they will be used or not.

* parse-packet.c (parse_signature): Don't give "signature packet without
xxxx" warnings for experimental pk algorithms.  An experimental algorithm
may not have a notion of (for example) a keyid (i.e. PGP's x.509 stuff).

16 years agoAbout to release the first 1.9 version. V1-9-0
Werner Koch [Tue, 5 Aug 2003 17:20:18 +0000 (17:20 +0000)]
About to release the first 1.9 version.

16 years agoCleanups, fixes and PC/SC support
Werner Koch [Tue, 5 Aug 2003 17:11:04 +0000 (17:11 +0000)]
Cleanups, fixes and PC/SC support

16 years ago* options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
David Shaw [Sun, 3 Aug 2003 02:37:48 +0000 (02:37 +0000)]
* options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
(print_and_check_one_sig): New "show-sig-expire" list-option to show
signature expiration dates (if any).

16 years agominor changes to make make distcheck happy
Werner Koch [Thu, 31 Jul 2003 15:45:11 +0000 (15:45 +0000)]
minor changes to make make distcheck happy

16 years agoRemove leftover cruft
Werner Koch [Tue, 29 Jul 2003 14:10:02 +0000 (14:10 +0000)]
Remove leftover cruft

16 years ago*** empty log message ***
Werner Koch [Tue, 29 Jul 2003 14:07:28 +0000 (14:07 +0000)]
*** empty log message ***

16 years ago* gpgsm.c (main): Add secmem features and set the random seed file.
Werner Koch [Tue, 29 Jul 2003 08:53:19 +0000 (08:53 +0000)]
* gpgsm.c (main): Add secmem features and set the random seed file.
(gpgsm_exit): Update the random seed file and enable debug output.

* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.

* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.

16 years agoAdjusted for use with current libgcrypt (1.1.42).
Werner Koch [Mon, 28 Jul 2003 08:59:18 +0000 (08:59 +0000)]
Adjusted for use with current libgcrypt (1.1.42).

16 years ago* options.h, g10.c (main, add_keyserver_url): Add
David Shaw [Thu, 24 Jul 2003 19:28:12 +0000 (19:28 +0000)]
* options.h, g10.c (main, add_keyserver_url): Add
--sig-preferred-keyserver to implant a "where to get my key" subpacket
into a signature.

* sign.c (mk_notation_and_policy): Rename to mk_notation_policy_etc and
add preferred keyserver support for signatures.

16 years ago* app-openpgp.c (do_learn_status): Print more status information.
Werner Koch [Thu, 24 Jul 2003 09:06:13 +0000 (09:06 +0000)]
* app-openpgp.c (do_learn_status): Print more status information.
(app_select_openpgp): Store the card version.
(store_fpr): Add argument card_version and fix DOs for old cards.
(app_openpgp_storekey): Likewise.

16 years ago* command.c (cmd_pkauth): New.
Werner Koch [Wed, 23 Jul 2003 07:13:05 +0000 (07:13 +0000)]
* command.c (cmd_pkauth): New.
(cmd_setdata): Check whether data was given at all to avoid
passing 0 to malloc.

* app.c (app_auth): New.
* app-openpgp.c (do_auth): New.

16 years ago* keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
David Shaw [Mon, 21 Jul 2003 23:19:15 +0000 (23:19 +0000)]
* keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.

* sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.

* trustdb.h, trustdb.c (read_trust_options): New.  Returns items from the
trustdb version record.

* keylist.c (public_key_list): Use it here for the new "tru" record.

* gpgv.c (read_trust_options): Stub.

16 years ago* keyedit.c (show_key_with_all_names): Use list-option show-validity in
David Shaw [Sun, 20 Jul 2003 17:09:43 +0000 (17:09 +0000)]
* keyedit.c (show_key_with_all_names): Use list-option show-validity in
--edit-key interface as well.

16 years ago* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
David Shaw [Sun, 20 Jul 2003 02:09:06 +0000 (02:09 +0000)]
* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
verify-options "show-validity" and "show-long-keyid" to show trustdb
validity and long keyids during (file) signature verification.

16 years ago* packet.h, main.h, sig-check.c (signature_check2, check_key_signature2,
David Shaw [Sun, 20 Jul 2003 00:10:13 +0000 (00:10 +0000)]
* packet.h, main.h, sig-check.c (signature_check2, check_key_signature2,
do_check): If ret_pk is set, fill in the pk used to verify the signature.
Change all callers in getkey.c, mainproc.c, and sig-check.c.

* keylist.c (list_keyblock_colon): Use the ret_pk from above to put the
fingerprint of the signing key in "sig" records during a --with-colons
--check-sigs.  This requires --no-sig-cache as well since we don't cache
fingerprints.

16 years ago* Makefile.am: Add sc-copykeys program.
Werner Koch [Wed, 16 Jul 2003 13:47:14 +0000 (13:47 +0000)]
* Makefile.am: Add sc-copykeys program.
* sc-copykeys.c: New.
* app-openpgp.c (app_openpgp_storekey): New.
(app_openpgp_cardinfo): New.
(count_bits): New.
(store_fpr): And use it here to get the actual length in bit.

16 years ago* simple-pwquery.c, simple-pwquery.h: New; moved from ../agent.
Werner Koch [Wed, 16 Jul 2003 13:44:43 +0000 (13:44 +0000)]
* simple-pwquery.c, simple-pwquery.h:  New; moved from ../agent.
* Makefile.am (libsimple_pwquery_a_LIBADD): New.

16 years ago* simple-pwquery.c, simple-pwquery.h: Moved to ../common.
Werner Koch [Wed, 16 Jul 2003 13:44:03 +0000 (13:44 +0000)]
* simple-pwquery.c, simple-pwquery.h:  Moved to ../common.
* Makefile.am (gpg_protect_tool_LDADD): Add simple-pwquery.o.
Removed it from xx_SOURCES.

16 years ago* Makefile.am: Add --no-permission-warning to avoid spurious warning when
David Shaw [Thu, 10 Jul 2003 15:10:02 +0000 (15:10 +0000)]
* Makefile.am: Add --no-permission-warning to avoid spurious warning when
importing demo keys.

16 years ago* configure.ac: configure.ac: Check for sigset_t and struct sigaction.
David Shaw [Thu, 10 Jul 2003 15:03:55 +0000 (15:03 +0000)]
* configure.ac: configure.ac: Check for sigset_t and struct sigaction.
This is for Forte c89 on Solaris which seems to define only the function
call half of the two pairs by default.

16 years ago* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
David Shaw [Thu, 10 Jul 2003 14:30:07 +0000 (14:30 +0000)]
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.

* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).

* Makefile.am: Include W32LIBS where appropriate.

* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.

* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.

* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.

* options.skel: Use subkeys.pgp.net as the default keyserver.

* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.

* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction.  This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.

* signal.c, tdbio.c: Comment out the transaction code.  It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).

* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading.  This
is a temporary kludge, and will be handled properly in 1.9/2.0.

* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.

* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids).  Do not allow signing a user ID without a
self-signature.  --expert overrides.  Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181

* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl.  Noted by Christian Biere.

* getkey.c (classify_user_id2): Replaced isspace by spacep

* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.

* keyedit.c (keyedit_menu): Ditto.

* tdbdump.c (import_ownertrust): Ditto.  s/isxdigit/hexdigitp/.

* revoke.c (ask_revocation_reason):

* keyserver.c (keyserver_spawn): Dito.

16 years ago* DETAILS: Document the --attribute-fd data.
David Shaw [Thu, 10 Jul 2003 12:42:49 +0000 (12:42 +0000)]
* DETAILS: Document the --attribute-fd data.

* gpg.sgml: Document --set-notation.  Explain why it is not possible to
disable permission warnings in the gpg.conf file about the homedir.  Add
pointer in --ignore-time-conflict to see --ignore-valid from, and vice
versa.  Warning not to try and parse --list-keys in scripts. Document the
signature flags (1-3/L/R/P/N/X), Document expandos %g and %p.  Note the
default --personal-digest-preferences are "H2".

16 years ago* Makefile.am: Use W32LIBS where appropriate.
David Shaw [Thu, 10 Jul 2003 12:32:57 +0000 (12:32 +0000)]
* Makefile.am: Use W32LIBS where appropriate.

16 years ago* iobuf.c (check_special_filename): Replaced is isdigit by digitp
David Shaw [Thu, 10 Jul 2003 12:26:42 +0000 (12:26 +0000)]
* iobuf.c (check_special_filename): Replaced is isdigit by digitp
to avoid passing negative values and potential locale problems.
Problem noted by Christian Biere.
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
pass a negative value.
* miscutil.c (scan_isodatestr): Ditto.

16 years ago* types.h: Prefer using uint64_t when creating a 64-bit unsigned type.
David Shaw [Thu, 10 Jul 2003 12:13:53 +0000 (12:13 +0000)]
* types.h: Prefer using uint64_t when creating a 64-bit unsigned type.
This avoids a warning on compilers that support but complain about
unsigned long long.

* util.h (ascii_isspace): New variation on isspace() that is immune from
locale changes.

* util.h: Make sure that only ascii is passed to isfoo functions. (From
Werner on stable branch).

16 years ago* THANKS: Updates from stable.
David Shaw [Thu, 10 Jul 2003 12:06:08 +0000 (12:06 +0000)]
* THANKS: Updates from stable.

* configure.ac: Include wsock32 in W32LIBS.  This is different from
NETLIBS so we don't need to force other platforms to pull in the netlibs
when they aren't actually needed.

* NEWS: Note portability changes.

16 years agoMinor changes to make make dist work correctly.
Werner Koch [Fri, 4 Jul 2003 09:40:19 +0000 (09:40 +0000)]
Minor changes to make make dist work correctly.

16 years ago* app-openpgp.c (do_setattr): Add setting of the URL.
Werner Koch [Thu, 3 Jul 2003 18:10:13 +0000 (18:10 +0000)]
* app-openpgp.c (do_setattr): Add setting of the URL.
(app_select_openpgp): Dump card data only in very verbose mode.
(do_decipher): New.

16 years ago* app-openpgp.c (store_fpr): Fixed fingerprint calculation.
Werner Koch [Tue, 1 Jul 2003 08:34:45 +0000 (08:34 +0000)]
* app-openpgp.c (store_fpr): Fixed fingerprint calculation.

* keygen.c (gen_card_key): Obviously we should use the creation
date received from SCDAEMON, so that the fingerprints will match.
* sign.c (do_sign): Pass the serialno to the sign code.
* keyid.c (serialno_and_fpr_from_sk): New.

16 years agoKey generation and signing using the OpenPGP card does rudimentary work.
Werner Koch [Fri, 27 Jun 2003 20:53:09 +0000 (20:53 +0000)]
Key generation and signing using the OpenPGP card does rudimentary work.

16 years agoFinished the bulk of changes for gnupg 1.9. This included switching
Werner Koch [Wed, 18 Jun 2003 19:56:13 +0000 (19:56 +0000)]
Finished the bulk of changes for gnupg 1.9.  This included switching
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types.  Note, that not all changes are listed below becuause they are
too similar and done at far too many places.  As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.

16 years ago* parse-packet.c (parse): Disallow old style partial length for
Werner Koch [Tue, 10 Jun 2003 09:05:38 +0000 (09:05 +0000)]
* parse-packet.c (parse): Disallow old style partial length for
all key material packets to avoid possible corruption of keyrings.

16 years ago* import.c (import_keys_internal): Invalidate the cache so that
Werner Koch [Sun, 8 Jun 2003 21:35:25 +0000 (21:35 +0000)]
* import.c (import_keys_internal): Invalidate the cache so that
the file descriptor gets closed.  Fixes bug reported by Juan
F. Codagnone.

16 years ago* import.c (import_keys_internal): Invalidate the cache so that
Werner Koch [Sun, 8 Jun 2003 21:23:48 +0000 (21:23 +0000)]
* import.c (import_keys_internal): Invalidate the cache so that
the file descriptor gets closed.  Fixes bug reported by Juan
F. Codagnone.

16 years agoA small step for GnuPG but a huge leap for error codes.
Werner Koch [Thu, 5 Jun 2003 07:14:21 +0000 (07:14 +0000)]
A small step for GnuPG but a huge leap for error codes.
(Sorry, it does not build currently - I need to check it in to avoid
duplicate work.)

16 years ago* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since
David Shaw [Thu, 5 Jun 2003 02:06:12 +0000 (02:06 +0000)]
* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since
they at least handle subkeys correctly.

* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
parse_one_sig_subpkt, can_handle_critical): Add read-only support for
preferred keyserver subpackets.  They're basically policy URLs with a
different name.  Add a verify-option "show-preferred-keyserver" to turn
them on and off (on by default, as per stable branch).

* g10.c (main): Add "--set-notation" as alias to "--notation-data" this is
to make things consistent with --set-policy-url meaning both sigs and
certs.

16 years agoUpdate error handling to match gpg-error in CVS.
Marcus Brinkmann [Wed, 4 Jun 2003 21:37:56 +0000 (21:37 +0000)]
Update error handling to match gpg-error in CVS.

16 years agoInadvertently left out of the 2003-06-01 checkin
David Shaw [Wed, 4 Jun 2003 21:21:23 +0000 (21:21 +0000)]
Inadvertently left out of the 2003-06-01 checkin

16 years agoFix small typo in comment.
Marcus Brinkmann [Tue, 3 Jun 2003 22:51:14 +0000 (22:51 +0000)]
Fix small typo in comment.

16 years ago* scdaemon.h: Include gpg-error.h and errno.h
Werner Koch [Tue, 3 Jun 2003 20:08:03 +0000 (20:08 +0000)]
* scdaemon.h: Include gpg-error.h and errno.h
* card.c (map_sc_err): Use unknown for the error source.
* Makefile.am: Link with libgpg-error

16 years agoMake use of libgpg-error
Werner Koch [Tue, 3 Jun 2003 19:55:50 +0000 (19:55 +0000)]
Make use of libgpg-error

16 years ago* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
David Shaw [Tue, 3 Jun 2003 17:47:58 +0000 (17:47 +0000)]
* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-validity" and "show-long-keyid" list-options.

* gpgv.c (get_validity, trust_value_to_string): Stubs.

* g10.c (main): Use SAFE_VERSION instead of VERSION in the
version-specific gpg.conf file so it can be overridden on RISCOS.

16 years ago* configure.ac: Define SAFE_VERSION so that RISCOS can override it and
David Shaw [Tue, 3 Jun 2003 17:42:22 +0000 (17:42 +0000)]
* configure.ac: Define SAFE_VERSION so that RISCOS can override it and
remove invalid chars.

16 years ago* g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
David Shaw [Sun, 1 Jun 2003 15:36:13 +0000 (15:36 +0000)]
* g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
(check_sig_and_print): Emulate the old policy and notation behavior
(display by default).  Send to status-fd whether it is displayed on the
screen or not.

* g10.c (main): Since we now have some options in devel that won't work in
a stable branch gpg.conf file, try for a version-specific gpg.conf-VERSION
file before falling back to gpg.conf.

* main.h, options.h: Move various option flags to options.h.

16 years ago* mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
David Shaw [Sat, 31 May 2003 23:23:19 +0000 (23:23 +0000)]
* mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
show_notation): Collapse the old print_notation_data into show_policy()
and show_notation() so there is only one function to print notations and
policy URLs.

* options.h, main.h, g10.c (main), keyedit.c (print_and_check_one_sig),
keylist.c (list_one, list_keyblock_print), pkclist.c (do_edit_ownertrust),
sign.c (mk_notation_and_policy): New "list-options" and "verify-options"
commands.  These replace the existing --show-photos/--no-show-photos,
--show-notation/--no-show-notation,
--show-policy-url/--no-show-policy-url, and --show-keyring options.  The
new method is more flexible since a user can specify (for example) showing
photos during sig verification, but not in key listings.  The old options
are emulated.

16 years ago* main.h, misc.c (parse_options): New general option line parser. Fix the
David Shaw [Sat, 31 May 2003 21:52:16 +0000 (21:52 +0000)]
* main.h, misc.c (parse_options): New general option line parser. Fix the
bug in the old version that did not handle report syntax errors after a
valid entry.

* import.c (parse_import_options), export.c (parse_export_options): Call
it here instead of duplicating the code.

16 years ago* keylist.c (list_one): Don't show the keyring filename when in
David Shaw [Sat, 31 May 2003 04:06:06 +0000 (04:06 +0000)]
* keylist.c (list_one): Don't show the keyring filename when in
--with-colons mode.  Actually translate "Keyring" string.

* mainproc.c (proc_tree): We can't currently handle multiple signatures of
different classes or digests (we'd pretty much have to run a different
hash context for each), but if they are all the same, make an exception.
This is Debian bug #194292.

* sig-check.c (check_key_signature2): Make string translatable.

* packet.h, getkey.c (fixup_uidnode): Mark real primary uids differently
than assumed primaries.

* keyedit.c (no_primary_warning): Use the differently marked primaries
here in a new function to warn when an --edit-key command might rearrange
the self-sig dates enough to change which uid is primary. (menu_expire,
menu_set_preferences): Use no_primary_warning() here.

* Makefile.am: Use @DLLIBS@ for -ldl.

16 years ago* gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available.
David Shaw [Sat, 31 May 2003 03:52:02 +0000 (03:52 +0000)]
* gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available.
Also include extern references for optarg and optind since there is no
guarantee that any header file will include them.  Standards?  We don't
need no stinkin' standards

* Makefile.am: Use @GETOPT@ to pull in libiberty on those platforms that
need it.

16 years ago* Makefile.am: Some cleanup, and use DLLIBS for -ldl.
David Shaw [Sat, 31 May 2003 03:41:42 +0000 (03:41 +0000)]
* Makefile.am: Some cleanup, and use DLLIBS for -ldl.

16 years ago* srv.h, srv.c: Include windows.h with MINGW32.
David Shaw [Sat, 31 May 2003 03:15:50 +0000 (03:15 +0000)]
* srv.h, srv.c: Include windows.h with MINGW32.

16 years ago* configure.ac: Put wsock32 in NETLIBS. Put zlib in ZLIBS. Put dl in
David Shaw [Sat, 31 May 2003 02:14:31 +0000 (02:14 +0000)]
* configure.ac: Put wsock32 in NETLIBS.  Put zlib in ZLIBS.  Put dl in
DLLIBS.  Check for getopt.h if available.  Look for getopt() in libiberty
if libc doesn't have it.  Enable GPGKEYS_HKP after AC_PROG_CC so that any
needed extension (i.e. ".exe") is defined.

16 years agoBumbed version number after release
Werner Koch [Tue, 27 May 2003 09:32:51 +0000 (09:32 +0000)]
Bumbed version number after release

16 years agoAbout to release 1.3.2 V1-3-2
Werner Koch [Tue, 27 May 2003 08:38:58 +0000 (08:38 +0000)]
About to release 1.3.2

16 years ago* NEWS: Document --gnupg and the deprecation of --no-openpgp and
David Shaw [Mon, 26 May 2003 19:56:32 +0000 (19:56 +0000)]
* NEWS: Document --gnupg and the deprecation of --no-openpgp and
--no-pgpX.

16 years ago* defs.inc (pgmname): Make sure there is a valid options file. (From wk on
David Shaw [Mon, 26 May 2003 14:14:03 +0000 (14:14 +0000)]
* defs.inc (pgmname): Make sure there is a valid options file. (From wk on
stable branch)

* mds.test: Note that missing algorithms are not errors.

16 years ago* mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable branch)
David Shaw [Mon, 26 May 2003 13:39:38 +0000 (13:39 +0000)]
* mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable branch)

16 years ago* gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable branch)
David Shaw [Mon, 26 May 2003 13:34:42 +0000 (13:34 +0000)]
* gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable branch)

* gnupg-w32.reg: Use HLM for the program and make sure the entries are
created.  Suggested by danielc@analysisandsolutions.com. (From wk on
stable branch)CVS: ----------------------------------------------------------------------

16 years ago* getkey.c (premerge_public_with_secret): Made "no secret subkey for"
David Shaw [Mon, 26 May 2003 13:21:12 +0000 (13:21 +0000)]
* getkey.c (premerge_public_with_secret): Made "no secret subkey for"
warning a verbose item and translatable. (From wk on stable branch)

* sig-check.c (check_key_signature2): Made "no subkey for subkey binding
packet" a verbose item instead of a !quiet one.  There are too many
garbled keys out in the wild. (From wk on stable branch)

* filter.h: Remove const from WHAT. (From wk on stable branch)

* progress.c (handle_progress): Store a copy of NAME. (progress_filter):
Release WHAT, make sure not to print a NULL WHAT. (From wk on stable
branch)

* openfile.c (open_sigfile): Adjust free for new progress semantics. (From
wk on stable branch)

* plaintext.c (ask_for_detached_datafile): Don't dealloc pfx->WHAT. (From
wk on stable branch)

* seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when the cipher
algo is IDEA to make it easier to track down the problem. (From twoaday on
stable branch)

16 years ago* Makefile.am: Make use of AM_CFLAGS. (From wk on stable branch)
David Shaw [Mon, 26 May 2003 13:15:24 +0000 (13:15 +0000)]
* Makefile.am: Make use of AM_CFLAGS. (From wk on stable branch)

16 years ago* POTFILES.in: Added a couple of missing source files. Noted by Pascal
David Shaw [Mon, 26 May 2003 13:13:11 +0000 (13:13 +0000)]
* POTFILES.in: Added a couple of missing source files.  Noted by Pascal
Hartig and Walter Koch. (From wk on stable branch)

16 years ago* armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
David Shaw [Sat, 24 May 2003 21:50:33 +0000 (21:50 +0000)]
* armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c,
signal.c, textfilter.c: Edit all preprocessor instructions to remove
whitespace before the '#'. This is not required by C89, but there are some
compilers out there that don't like it.

16 years ago* bftest.c, crlf.c, mk-tdata.c, mpicalc.c, shmtest.c: Edit all
David Shaw [Sat, 24 May 2003 18:38:35 +0000 (18:38 +0000)]
* bftest.c, crlf.c, mk-tdata.c, mpicalc.c, shmtest.c: Edit all
preprocessor instructions to remove whitespace before the '#'. This is not
required by C89, but there are some compilers out there that don't like
it.

16 years ago* bithelp.h, des.c, random.c, rndlinux.c, sha1.c, blowfish.c, elgamal.c,
David Shaw [Sat, 24 May 2003 18:31:33 +0000 (18:31 +0000)]
* bithelp.h, des.c, random.c, rndlinux.c, sha1.c, blowfish.c, elgamal.c,
rijndael.c, rndunix.c, sha256.c, cast5.c, idea-stub.c, rmd160.c, rndw32.c,
sha512.c, md5.c, rmd160test.c, rsa.c, tiger.c: Edit all preprocessor
instructions to remove whitespace before the '#'.  This is not required by
C89, but there are some compilers out there that don't like it.

16 years ago* mpicoder.c, mpi-inline.h, mpi-inv.c, mpiutil.c, mpih-div.c,
David Shaw [Sat, 24 May 2003 17:54:56 +0000 (17:54 +0000)]
* mpicoder.c, mpi-inline.h, mpi-inv.c, mpiutil.c, mpih-div.c,
mpi-internal.h, mpi-scan.c: Edit all preprocessor instructions to remove
whitespace before the '#'.  This is not required by C89, but there are
some compilers out there that don't like it.

16 years ago* argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c,
David Shaw [Sat, 24 May 2003 16:53:14 +0000 (16:53 +0000)]
* argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c,
simple-gettext.c, errors.c, http.c, memory.c, secmem.c, ttyio.c: Edit all
preprocessor instructions to remove whitespace before the '#'.  This is
not required by C89, but there are some compilers out there that don't
like it.

16 years ago* cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: Edit all
David Shaw [Sat, 24 May 2003 16:40:46 +0000 (16:40 +0000)]
* cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: Edit all
preprocessor instructions to remove whitespace before the '#'.  This is
not required by C89, but there are some compilers out there that don't
like it.

16 years ago* configure.ac: Edit preprocessor instructions in g10defs.h to remove
David Shaw [Sat, 24 May 2003 14:50:02 +0000 (14:50 +0000)]
* configure.ac: Edit preprocessor instructions in g10defs.h to remove
whitespace before the '#'.  This is not required by C89, but there are
some compilers out there that don't like it.

16 years ago* gpg.sgml: Document --trustdb-name. Document --gnupg in a new compliance
David Shaw [Sat, 24 May 2003 14:38:58 +0000 (14:38 +0000)]
* gpg.sgml: Document --trustdb-name.  Document --gnupg in a new compliance
section, and remove the various --no-PGPX options. Deprecate --no-comment
in favor of --no-sk-comments.

16 years ago* trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename
David Shaw [Wed, 21 May 2003 16:42:22 +0000 (16:42 +0000)]
* trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename
is_disabled to cache_disabled_value, which now takes a pk and not just the
keyid. This is for speed since there is no need to re-fetch a key when we
already have that key handy.  Cache the result of the check so we don't
need to hit the trustdb more than once.

* getkey.c (skip_disabled): New function to get a pk and call is_disabled
on it. (key_byname): Use it here.

* packet.h, getkey.c (skip_disabled), keylist.c (print_capabilities): New
"pk_is_disabled" macro to retrieve the cached disabled value if available,
and fill it in via cache_disabled_value if not available.

* trustdb.c (get_validity): Cache the disabled value since we have it
handy and it might be useful later.

* parse-packet.c (parse_key): Clear disabled flag when parsing a new key.
Just in case someone forgets to clear the whole key.

* getkey.c (merge_selfsigs_main): Add an "if all else fails" path for
setting a single user ID primary when there are multiple set primaries all
at the same second, or no primaries set and the most recent user IDs are
at the same second, or no signed user IDs at all. This is arbitrary, but
deterministic.

* exec.h, photoid.h: Add copyright message.

* keylist.c (list_keyblock_print): Don't dump attribs for
revoked/expired/etc uids for non-colon key listings.  This is for
consistency with --show-photos.

* main.h, keylist.c (dump_attribs), mainproc.c (check_sig_and_print): Dump
attribs if --attrib-fd is set when verifying signatures.

* g10.c (main): New --gnupg option to disable the various --openpgp,
--pgpX, etc. options.  This is the same as --no-XXXX for those options.

* revoke.c (ask_revocation_reason): Clear old reason if user elects to
repeat question.  This is bug 153.

* keyedit.c (sign_uids): Show keyid of the key making the signature.

16 years ago* fileutil.c (is_file_compressed): Fixed checking for "-" filename.
Werner Koch [Wed, 21 May 2003 08:49:03 +0000 (08:49 +0000)]
* fileutil.c (is_file_compressed): Fixed checking for "-" filename.

16 years ago* progress.c (handle_progress)
Werner Koch [Wed, 21 May 2003 08:48:26 +0000 (08:48 +0000)]
* progress.c (handle_progress)
* sign.c (write_plaintext_packet)
* encode.c (encode_simple,encode_crypt): Make sure that a filename
of "-" is considered to be stdin so that iobuf_get_filelength
won't get called.  This fixes bug 156 reported by Gregery Barton.

16 years ago* cipher.c (setup_cipher_table): #ifdef IDEA.
David Shaw [Thu, 15 May 2003 05:29:05 +0000 (05:29 +0000)]
* cipher.c (setup_cipher_table): #ifdef IDEA.

* random.c (fast_random_poll): Only use times() if we HAVE_TIMES.

* sha512.c, tiger.c: Use the U64_C() macro to specify 64-bit constants.
U64_C is defined in include/types.h and uses the correct suffix depending
on the underlying type of u64.

* idea-stub.c (load_module): Catch an error if the idea module file is
unloadable for some reason (unreadable, bad permissions, etc.)

* md.c (string_to_digest_algo): Give a warning about TIGER192 not being
part of OpenPGP.

16 years ago* types.h: Add initializer macros for 64-bit unsigned type.
David Shaw [Wed, 14 May 2003 04:32:32 +0000 (04:32 +0000)]
* types.h: Add initializer macros for 64-bit unsigned type.

16 years ago* configure.ac: Remove some stuff no longer needed with newer autoconf.
David Shaw [Sun, 11 May 2003 22:00:31 +0000 (22:00 +0000)]
* configure.ac: Remove some stuff no longer needed with newer autoconf.
Use AC_GNU_SOURCE instead of defining _GNU_SOURCE manually.  Add check for
strchr() for gettext.  Add "ngettext" check for gettext, since that check
supposedly implies a check for bind_textdomain_codeset.  Add check for
times() for random.c.  Fix URL for EGD.  Make --enable-old-tiger match the
stable branch as a separate item.

* NEWS: "OpenPGP" trust model is now "PGP".  Add note about TIGER being
dropped from OpenPGP.  Note trust bug fix.

* README: Fix all URLs to point to the right place in the reorganized
gnupg.org web pages.  Some minor language fixes.

16 years ago* gpg.sgml: Some general language tweaks. Note default algo for
David Shaw [Sun, 4 May 2003 17:05:04 +0000 (17:05 +0000)]
* gpg.sgml: Some general language tweaks.  Note default algo for
--symmetric.  --export-ownertrust takes no args.  Document
--no-escape-from-lines.  Fix escaped "<From" to be ">From".  Make
"openpgp" trust model into "pgp".

16 years ago* packet.h, build-packet.c (build_sig_subpkt), export.c
David Shaw [Sat, 3 May 2003 04:07:45 +0000 (04:07 +0000)]
* packet.h, build-packet.c (build_sig_subpkt), export.c
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket.  This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.

* options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex.  This is step one in simplifying them. No
functional change yet, just use a macro to check for compliance level.

* sign.c (sign_file): Fix bug that causes spurious compression preference
warning.

* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.

* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file,
clearsign_file), encode.c (encode_crypt, write_pubkey_enc_from_list): New
functions to put the "this message may not be usable...." warning in one
place.

* options.h, g10.c (main): Part two of the simplification.  Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)

* g10.c (main): Show errors for failure in export, send-keys, recv-keys,
and refresh-keys.

* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.

* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.

* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.

16 years ago* cipher.h: Add constants for compression algorithms.
David Shaw [Sat, 3 May 2003 03:21:29 +0000 (03:21 +0000)]
* cipher.h: Add constants for compression algorithms.

16 years ago* tdbio.c (create_version_record): Only create new trustdbs with
David Shaw [Thu, 1 May 2003 21:37:08 +0000 (21:37 +0000)]
* tdbio.c (create_version_record): Only create new trustdbs with
TM_CLASSIC or TM_PGP.

* trustdb.h, trustdb.c (trust_string, get_ownertrust_string,
get_validity_string, ask_ownertrust, validate_keys), pkclist.c
(do_edit_ownertrust): Rename trust_string to trust_value_to_string for
naming consistency.

* trustdb.h, trustdb.c (string_to_trust_value): New function to translate
a string to a trust value.

* g10.c (main): Use string_to_trust_value here for --force-ownertrust.

* options.h, g10.c (main), trustdb.c (trust_model_string, init_trustdb,
check_trustdb, update_trustdb, get_validity, validate_one_keyblock): An
"OpenPGP" trust model is misleading since there is no official OpenPGP
trust model.  Use "PGP" instead.

16 years ago* build-packet.c (build_sig_subpkt): Comments.
David Shaw [Wed, 30 Apr 2003 05:33:52 +0000 (05:33 +0000)]
* build-packet.c (build_sig_subpkt): Comments.

* exec.c (exec_write): Cast NULL to void* to properly terminate varargs
list.

* keyedit.c (show_key_with_all_names): Just for safety, catch an invalid
pk algorithm.

* sign.c (make_keysig_packet): Crucial that the call to mksubpkt comes
LAST before the calls to finalize the sig as that makes it possible for
the mksubpkt function to get a reliable pointer to the subpacket area.

* pkclist.c (do_we_trust_pre): If an untrusted key was chosen by a
particular user ID, use that ID as the one to ask about when prompting
whether to use the key anyway. (build_pk_list): Similar change here when
adding keys to the recipient list.

* trustdb.c (update_validity): Fix bug that prevented more than one
validity record per trust record. (get_validity): When retrieving validity
for a (user) supplied user ID, return the validity for that user ID only,
and do not fall back to the general key validity. (validate_one_keyblock):
Some commentary on whether non-self-signed user IDs belong in the web of
trust (arguably, they do).

16 years ago* gettextP.h: Add comment for HP/UX users. Local fix for GnuPG.
David Shaw [Wed, 30 Apr 2003 03:49:23 +0000 (03:49 +0000)]
* gettextP.h: Add comment for HP/UX users.  Local fix for GnuPG.

16 years ago* scdaemon.c: New options --print-atr and --reader-port
Werner Koch [Tue, 29 Apr 2003 19:08:35 +0000 (19:08 +0000)]
* scdaemon.c: New options --print-atr and --reader-port
* apdu.c, apdu.h: New

* card.c, card-p15.c, card-dinsig.c: Allow build without OpenSC.

16 years ago* Makefile.am: Use libassuan. Don't override LDFLAGS anymore.
Werner Koch [Tue, 29 Apr 2003 10:42:42 +0000 (10:42 +0000)]
* Makefile.am: Use libassuan.  Don't override LDFLAGS anymore.
* server.c (register_commands): Adjust for new Assuan semantics.

16 years ago* Makefile.am (LDFLAGS): Removed.
Werner Koch [Tue, 29 Apr 2003 10:42:05 +0000 (10:42 +0000)]
* Makefile.am (LDFLAGS): Removed.

* command.c (register_commands): Adjusted for new Assuan semantics.

16 years ago* util.h (fopencokokie): Removed prototype and struct.
Werner Koch [Tue, 29 Apr 2003 10:39:22 +0000 (10:39 +0000)]
* util.h (fopencokokie): Removed prototype and struct.

* maperror.c: Use system assuan.h

16 years ago* command.c (register_commands): Adjusted for new Assuan semantics.
Werner Koch [Tue, 29 Apr 2003 10:38:49 +0000 (10:38 +0000)]
* command.c (register_commands): Adjusted for new Assuan semantics.

* Makefile.am: Don't override LDFLAGS.

16 years agoRemoved assuan because we now use libassuan
Werner Koch [Tue, 29 Apr 2003 09:11:49 +0000 (09:11 +0000)]
Removed assuan because we now use libassuan

16 years ago* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig class, and a
David Shaw [Sun, 27 Apr 2003 20:37:26 +0000 (20:37 +0000)]
* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig class, and a
reserved field for flags in a future version.

* gpg.sgml: Document --no-textmode and --no-use-agent.  Clarify the
interoperability section.  Clarify that "hkp corruption"
(repair-hkp-subkey-bug) is really "pks corruption"
(repair-pks-subkey-bug).

16 years ago* BUGS: Fix bug reporting URL.
David Shaw [Sun, 27 Apr 2003 20:30:38 +0000 (20:30 +0000)]
* BUGS: Fix bug reporting URL.

* NEWS: Add sig version, pk algo, hash algo, and sig class to VALIDSIG.
Add notes about SRV, the "subkeyid!" syntax, configure options to disable
various algorithms, and the ability to change the keyserver no-modify
flag.

16 years ago* g10.c (main): Add --no-textmode.
David Shaw [Sun, 27 Apr 2003 20:22:09 +0000 (20:22 +0000)]
* g10.c (main): Add --no-textmode.

* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), sign.c (mk_notation_and_policy), trustdb.c (get_validity,
reset_trust_records, validate_keys): Make some strings translatable.

* mainproc.c (check_sig_and_print): Show digest algorithm and sig class
when verifying a sig with --verbose on, and add version, pk and hash
algorithms and sig class to VALIDSIG.

* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since we don't need to warn every time we see an unknown
critical (we only need to invalidate the signature).

* trustdb.c (init_trustdb): Check the trustdb options even with TM_AUTO
since the auto may become TM_CLASSIC or TM_OPENPGP.

16 years ago* sign.c (do_sign): Show the hash used when making a signature in verbose
David Shaw [Sat, 26 Apr 2003 20:38:16 +0000 (20:38 +0000)]
* sign.c (do_sign): Show the hash used when making a signature in verbose
mode.

* tdbio.h, tdbio.c (tdbio_read_model): New function to return the trust
model used in a given trustdb.

* options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb,
update_trustdb): Use tdbio_read_model to implement an "auto" trust model
which is set via the trustdb.

16 years ago* config.links: Re-disable assembler on Darwin. Darwin 6.5 broke it
David Shaw [Fri, 25 Apr 2003 04:12:57 +0000 (04:12 +0000)]
* config.links: Re-disable assembler on Darwin.  Darwin 6.5 broke it
again.

16 years ago* configure.ac: Big warning that TIGER/192 is being removed from the
David Shaw [Wed, 23 Apr 2003 22:57:49 +0000 (22:57 +0000)]
* configure.ac: Big warning that TIGER/192 is being removed from the
standard, and make it disabled by default.

* README: Put back proper copyright line.  Remove mention of TIGER/192.