gnupg.git
13 years agoFixed a couple of problems
Werner Koch [Wed, 8 Feb 2006 17:55:20 +0000 (17:55 +0000)]
Fixed a couple of problems

13 years agoAdd support fro CardMan 4040
Werner Koch [Mon, 6 Feb 2006 16:34:20 +0000 (16:34 +0000)]
Add support fro CardMan 4040

13 years ago* cert.c (get_cert): Disable IPGP types for now until the format questions
David Shaw [Thu, 26 Jan 2006 16:51:04 +0000 (16:51 +0000)]
* cert.c (get_cert): Disable IPGP types for now until the format questions
in the draft are settled.

* srv.c (getsrv): Error on oversize SRV responses.

13 years ago* keyserver.c (parse_keyserver_uri): If there is a path present, set the
David Shaw [Tue, 24 Jan 2006 21:03:06 +0000 (21:03 +0000)]
* keyserver.c (parse_keyserver_uri): If there is a path present, set the
direct_uri flag so the right keyserver helper is run.

13 years ago* keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
David Shaw [Sun, 22 Jan 2006 21:40:20 +0000 (21:40 +0000)]
* keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
keyserver helpers on systems that use extensions.

* misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing with
drive letter systems.

13 years ago* configure.ac: Add define for EXEEXT so we can find keyserver helpers
David Shaw [Sun, 22 Jan 2006 21:38:02 +0000 (21:38 +0000)]
* configure.ac: Add define for EXEEXT so we can find keyserver helpers
on systems that use extensions.

13 years ago* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
David Shaw [Tue, 17 Jan 2006 20:55:53 +0000 (20:55 +0000)]
* keydb.h, passphrase.c (next_to_last_passphrase): New.  "Touch" a
passphrase as if it was used (move from next_pw to last_pw).

* pubkey-enc.c (get_session_key): Use it here to handle the case where a
passphrase happens to be correct for a secret key, but yet that key isn't
the anonymous recipient (i.e. the secret key could be decrypted, but not
the session key).  This also handles the case where a secret key is
located on a card and a secret key with no passphrase.  Note this does not
fix bug 594 (anonymous recipients on smartcard do not work) - it just
prevents the anonymous search from stopping when the card is encountered.

13 years ago* libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.
David Shaw [Tue, 17 Jan 2006 16:03:51 +0000 (16:03 +0000)]
* libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.

13 years ago* libcurl.m4: Remove GOPHER, as that is not supported in libcurl any
David Shaw [Mon, 16 Jan 2006 20:22:58 +0000 (20:22 +0000)]
* libcurl.m4: Remove GOPHER, as that is not supported in libcurl any
longer.

13 years ago* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
David Shaw [Mon, 16 Jan 2006 17:59:46 +0000 (17:59 +0000)]
* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
uploading a key.

13 years ago* keyserver.c (keyserver_refresh): Fix problem when more than one key
David Shaw [Sat, 7 Jan 2006 21:04:13 +0000 (21:04 +0000)]
* keyserver.c (keyserver_refresh): Fix problem when more than one key
in a refresh batch has a preferred keyserver set.  Noted by Nicolas
Rachinsky.

13 years ago* mainproc.c (check_sig_and_print), keyserver.c
David Shaw [Sun, 1 Jan 2006 18:12:57 +0000 (18:12 +0000)]
* mainproc.c (check_sig_and_print), keyserver.c
(keyserver_import_pka), card-util.c (fetch_url): Always require a
scheme:// for keyserver URLs except when used as part of the
--keyserver command for backwards compatibility.

13 years ago* sign.c (write_signature_packets): Lost a digest_algo line.
David Shaw [Sun, 1 Jan 2006 17:59:57 +0000 (17:59 +0000)]
* sign.c (write_signature_packets): Lost a digest_algo line.

13 years ago* sign.c (hash_for): Add code to detect if the sk lives on a smart
David Shaw [Sun, 1 Jan 2006 17:48:54 +0000 (17:48 +0000)]
* sign.c (hash_for): Add code to detect if the sk lives on a smart
card.  If it does, only allow 160-bit hashes, a la DSA.  This involves
passing the *sk in, so change all callers.  This is correct for today,
given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160
support in the openpgp card.  It will almost certainly need changing
down the road.

* app-openpgp.c (do_sign): Give user error if hash algorithm is not
supported by the card.

13 years ago* cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.
David Shaw [Sat, 24 Dec 2005 15:35:39 +0000 (15:35 +0000)]
* cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.

13 years ago* keyserver.c (keyserver_import_pka): New. Moved from
David Shaw [Fri, 23 Dec 2005 22:17:11 +0000 (22:17 +0000)]
* keyserver.c (keyserver_import_pka): New.  Moved from
getkey.c:get_pubkey_byname which was getting crowded.

* keyserver.c (keyserver_import_cert): Import a key found in DNS via CERT
records.  Can handle both the PGP (actual key) and IPGP (URL) CERT types.

* getkey.c (get_pubkey_byname): Call them both here.

* options.h, keyserver.c (parse_keyserver_options): Add
"auto-cert-retrieve" option with optional max size argument.

13 years ago* gpgv.c: Stub.
David Shaw [Fri, 23 Dec 2005 21:33:32 +0000 (21:33 +0000)]
* gpgv.c: Stub.

* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keygerver_getname): New keyserver_getname function to fetch keys by name.

* getkey.c (get_pubkey_byname): Call it here to enable locating keys by
full mailbox from a keyserver a la PKA.  Try PKA first, though, as it is
likely to be faster.

13 years ago* ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
David Shaw [Fri, 23 Dec 2005 20:51:48 +0000 (20:51 +0000)]
* ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".

* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): Use it
here to do direct name (rather than key ID) fetches.

13 years agoNew code to do DNS CERT queries.
David Shaw [Fri, 23 Dec 2005 18:15:24 +0000 (18:15 +0000)]
New code to do DNS CERT queries.

13 years ago* srv.c, Makefile.am: Only build srv.c if we need to.
David Shaw [Fri, 23 Dec 2005 05:00:55 +0000 (05:00 +0000)]
* srv.c, Makefile.am: Only build srv.c if we need to.

13 years ago* configure.ac: Split PKA checking off from DNS SRV checking.
David Shaw [Fri, 23 Dec 2005 04:58:25 +0000 (04:58 +0000)]
* configure.ac: Split PKA checking off from DNS SRV checking.
Currently PKA is only enabled if HTTP or HKP is enabled which is not
necessary.

13 years agoFinished PKA feature
Werner Koch [Tue, 20 Dec 2005 20:19:16 +0000 (20:19 +0000)]
Finished PKA feature

13 years ago* getkey.c (merge_selfsigs_main): All primary keys can certify.
David Shaw [Mon, 19 Dec 2005 22:10:20 +0000 (22:10 +0000)]
* getkey.c (merge_selfsigs_main): All primary keys can certify.

13 years ago* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
David Shaw [Mon, 19 Dec 2005 19:39:32 +0000 (19:39 +0000)]
* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
curl_writer_finalize): New functionality to handle binary format keys by
armoring them for input to GPG.

* gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here.

13 years ago* gpg.c (main): Restore convert-sk-to-pk as programs rely on it.
David Shaw [Mon, 19 Dec 2005 01:51:31 +0000 (01:51 +0000)]
* gpg.c (main): Restore convert-sk-to-pk as programs rely on it.

* keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT flag.
It's no longer needed.

13 years ago* gpg.c (main): Don't default to import-options convert-sk-to-pk. It
David Shaw [Wed, 14 Dec 2005 14:52:04 +0000 (14:52 +0000)]
* gpg.c (main): Don't default to import-options convert-sk-to-pk.  It
causes confusing warning messages when importing a PGP-exported key
that contains a secret key without selfsigs followed by the public
key.

13 years ago* ttyio.c (tty_enable_completion, tty_disable_completion): Add checks
David Shaw [Mon, 12 Dec 2005 03:56:01 +0000 (03:56 +0000)]
* ttyio.c (tty_enable_completion, tty_disable_completion): Add checks
for no_terminal so we don't try to open("/dev/tty") when invoked with
--no-tty.

13 years ago* NEWS: Note --fetch-keys.
David Shaw [Thu, 8 Dec 2005 23:35:47 +0000 (23:35 +0000)]
* NEWS: Note --fetch-keys.

13 years ago* gpg.sgml: Document --fetch-keys.
David Shaw [Thu, 8 Dec 2005 19:39:59 +0000 (19:39 +0000)]
* gpg.sgml: Document --fetch-keys.

13 years ago* keyserver.c (keyserver_fetch): Switch on fast-import before we
David Shaw [Thu, 8 Dec 2005 15:37:26 +0000 (15:37 +0000)]
* keyserver.c (keyserver_fetch): Switch on fast-import before we
--fetch-keys so we don't rebuild the trustdb after each fetch.

13 years agoMade strings translatable. Minor fixes.
Werner Koch [Thu, 8 Dec 2005 07:42:41 +0000 (07:42 +0000)]
Made strings translatable. Minor fixes.

13 years ago* options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
David Shaw [Thu, 8 Dec 2005 05:52:41 +0000 (05:52 +0000)]
* options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
keyserver_fetch): Set a flag to indicate that we're doing a direct URI
fetch so we can differentiate between a keyserver operation and a URI
fetch for protocols like LDAP that can do either.

13 years ago* gpg.sgml: Document -d. Add [file] to a few options.
David Shaw [Thu, 8 Dec 2005 05:29:35 +0000 (05:29 +0000)]
* gpg.sgml: Document -d.  Add [file] to a few options.

13 years ago* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language
David Shaw [Wed, 7 Dec 2005 23:00:30 +0000 (23:00 +0000)]
* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language
for the key-not-found error.

13 years ago* keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
David Shaw [Wed, 7 Dec 2005 22:34:11 +0000 (22:34 +0000)]
* keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
when fetching a URI.

* keyserver-internal.h, keyserver.c (keyserver_fetch): New.  Fetch an
arbitrary URI using the keyserver helpers.

* gpg.c (main): Call it from here for --fetch-keys.

13 years ago* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.
David Shaw [Wed, 7 Dec 2005 22:25:58 +0000 (22:25 +0000)]
* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.

* gpgkeys_curl.c (get_key): Give key-not-found error if no data is found
(or file itself is not found) during a fetch.

13 years agoMissed file.
David Shaw [Tue, 6 Dec 2005 21:10:34 +0000 (21:10 +0000)]
Missed file.

13 years agoSome cleanup so we don't build files that are completely ifdeffed out.
David Shaw [Tue, 6 Dec 2005 20:54:05 +0000 (20:54 +0000)]
Some cleanup so we don't build files that are completely ifdeffed out.
This causes a warning on Sun's cc.  Do the internal regex code as well for
consistency.

13 years ago* idea-stub.c (load_module): Not legal to return a void * as a function
David Shaw [Tue, 6 Dec 2005 20:27:43 +0000 (20:27 +0000)]
* idea-stub.c (load_module): Not legal to return a void * as a function
pointer.

13 years ago* curl-shim.c (curl_easy_perform): Fix build warning (code before
David Shaw [Tue, 6 Dec 2005 18:49:34 +0000 (18:49 +0000)]
* curl-shim.c (curl_easy_perform): Fix build warning (code before
declaration).

13 years ago* mkdtemp.c (mkdtemp): Fix warning.
David Shaw [Tue, 6 Dec 2005 18:24:57 +0000 (18:24 +0000)]
* mkdtemp.c (mkdtemp): Fix warning.

* secmem.c, assuan-buffer.c, dotlock.c: Fix a few warnings from printf-ing
%p where the arg wasn't void *.

13 years ago* Makefile.am: Some cleanup so we don't build files that are completely
David Shaw [Tue, 6 Dec 2005 17:13:44 +0000 (17:13 +0000)]
* Makefile.am: Some cleanup so we don't build files that are completely
ifdeffed out.  This causes a warning on Sun's cc.  Do sha512.c as well for
consistency.

13 years ago* main.h, keylist.c (print_revokers): New. Print the "rvk" designated
David Shaw [Sun, 20 Nov 2005 15:02:03 +0000 (15:02 +0000)]
* main.h, keylist.c (print_revokers): New.  Print the "rvk" designated
revoker record.  Moved from keyedit.c:show_key_with_all_names_colon.

* keylist.c (list_keyblock_colon): Use it here ...

* keyedit.c (show_key_with_all_names_colon): ... and here.

13 years ago* free-packet.c (copy_secret_key): Copy secret key into secure memory
David Shaw [Sat, 19 Nov 2005 05:55:45 +0000 (05:55 +0000)]
* free-packet.c (copy_secret_key): Copy secret key into secure memory
since we may unprotect it.

* main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local user
support so users can use -u with --desig-revoke.  This bypasses the
interactive walk over the revocation keys.

13 years ago* gpg.sgml: Clarify "xxxxx-clean" and "clean". Document
David Shaw [Fri, 18 Nov 2005 04:50:15 +0000 (04:50 +0000)]
* gpg.sgml: Clarify "xxxxx-clean" and "clean".  Document
"xxxxx-minimal", and "minimize".

13 years ago* NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal
David Shaw [Fri, 18 Nov 2005 04:37:30 +0000 (04:37 +0000)]
* NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal
options.

13 years ago* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just
David Shaw [Fri, 18 Nov 2005 04:25:07 +0000 (04:25 +0000)]
* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just
"clean", and add "minimize".

* import.c (parse_import_options): Make help text match the export
versions of the options.

* options.h, export.c (parse_export_options, do_export_stream): Reduce
clean options to two: clean and minimize.

* trustdb.h, trustdb.c (clean_one_uid): New function that joins uid
and sig cleaning into one for a simple API outside trustdb.

13 years ago* armor.c (parse_header_line): A fussy bit of 2440: header lines are
David Shaw [Sun, 13 Nov 2005 21:48:52 +0000 (21:48 +0000)]
* armor.c (parse_header_line): A fussy bit of 2440: header lines are
delimited with a colon-space pair.  Therefore a line such as "Comment:
" is actually legal, albeit not particularly useful.

13 years ago* trustdb.h, trustdb.c (clean_key): New function to handle key
David Shaw [Sat, 12 Nov 2005 04:53:03 +0000 (04:53 +0000)]
* trustdb.h, trustdb.c (clean_key): New function to handle key
cleaning from one convenient place.

* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Reduce clean options to two: clean and minimize.

* parse-packet.c (setup_user_id): Remove.  (parse_user_id,
parse_attribute): Just use xmalloc_clear instead.

13 years ago* trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly
David Shaw [Sat, 12 Nov 2005 03:48:02 +0000 (03:48 +0000)]
* trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly
simpler implementation.

13 years ago* keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize"
David Shaw [Thu, 10 Nov 2005 23:25:20 +0000 (23:25 +0000)]
* keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize"
command.

13 years ago* packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c
David Shaw [Thu, 10 Nov 2005 23:16:34 +0000 (23:16 +0000)]
* packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c
(clean_uids_from_key): Fix display bug where sigs cleaned for other
reasons caused a uid to appear as if it had been compacted.

13 years ago* packet.h: Move some flags to a bitfield. Change all callers.
David Shaw [Thu, 10 Nov 2005 22:50:46 +0000 (22:50 +0000)]
* packet.h: Move some flags to a bitfield.  Change all callers.

13 years ago* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
David Shaw [Thu, 10 Nov 2005 21:30:27 +0000 (21:30 +0000)]
* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Add import-minimal option. Similar to export-minimal, except
it works on the way in.

13 years ago* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
David Shaw [Thu, 10 Nov 2005 21:18:49 +0000 (21:18 +0000)]
* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
non-selfsigs from key during cleaning.  Change all callers.

* export.c (do_export_stream): Use it here so we don't need additional
minimize code in the export path.

13 years ago* options.skel: Add a section for --encrypt-to. This is Debian bug
David Shaw [Sun, 6 Nov 2005 15:45:00 +0000 (15:45 +0000)]
* options.skel: Add a section for --encrypt-to.  This is Debian bug
336211 by Javier Fernández-Sanguino Peña.

13 years ago* Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. Strictly
David Shaw [Sun, 6 Nov 2005 04:32:54 +0000 (04:32 +0000)]
* Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS.  Strictly
speaking this should be only in gpg_CPPFLAGS, but then we have to
compile everything twice for gpg and gpgv.

* apdu.c (open_pcsc_reader): Fix double free.

* gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X
location.  Suggested by Patty A. Hardy.

13 years ago* libusb.m4: Check for libusb-config and if we find it, use --libs and
David Shaw [Sun, 6 Nov 2005 04:25:52 +0000 (04:25 +0000)]
* libusb.m4: Check for libusb-config and if we find it, use --libs and
--cflags.  This is needed for OS X since libusb brings in dependencies
to various Apple libraries.

13 years agoFix various build warnings reported by Joe Vender on MinGW.
David Shaw [Thu, 3 Nov 2005 04:46:20 +0000 (04:46 +0000)]
Fix various build warnings reported by Joe Vender on MinGW.

13 years ago* gpg.sgml: Clarify what is and isn't included in a "clean sigs".
David Shaw [Wed, 2 Nov 2005 16:53:40 +0000 (16:53 +0000)]
* gpg.sgml: Clarify what is and isn't included in a "clean sigs".

13 years ago* trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in
David Shaw [Wed, 2 Nov 2005 16:47:02 +0000 (16:47 +0000)]
* trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in
the sigs that are cleaned.  Suggested by Dirk Traulsen and many others.

13 years ago* import.c (import_one): Do collapse_uids() before we do any cleaning
David Shaw [Wed, 2 Nov 2005 05:22:01 +0000 (05:22 +0000)]
* import.c (import_one): Do collapse_uids() before we do any cleaning
so keyserver mangled keys with doubled user IDs can be properly
cleaned - possibly sigs on the different user IDs cancel each other
out.

* import.c (parse_import_options), export.c (parse_export_options):
List "xxx-clean" before the longer options so we don't end up with a
partial match on the longer options.

* trustdb.c (clean_uids_from_key): Return proper number of cleaned
user IDs.  Don't count user IDs as cleaned unless we actually delete
something.

13 years ago* gpg.sgml: Document backsign, --require-backsigs, and
David Shaw [Thu, 27 Oct 2005 19:18:05 +0000 (19:18 +0000)]
* gpg.sgml: Document backsign, --require-backsigs, and
--no-require-backsigs.

* DETAILS: Clarify Key-Usage.

13 years ago* keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
David Shaw [Thu, 27 Oct 2005 16:23:59 +0000 (16:23 +0000)]
* keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
adding a cert-only designated revoker.  Code was looking for a key with
sign ability, and not cert ability.  Noted by Timo Schulz.

13 years agocygwin fixes
Werner Koch [Thu, 27 Oct 2005 09:14:27 +0000 (09:14 +0000)]
cygwin fixes

13 years ago* keygen.c (proc_parameter_file): Default key and subkey usage flags to
David Shaw [Wed, 26 Oct 2005 16:09:23 +0000 (16:09 +0000)]
* keygen.c (proc_parameter_file): Default key and subkey usage flags to
algo capabilities if parameter file doesn't specify them. Noted by Timo
Schulz.

13 years ago* readline.m4: Check for rl_completion_func_t and rl_completion_matches.
David Shaw [Fri, 21 Oct 2005 15:03:18 +0000 (15:03 +0000)]
* readline.m4: Check for rl_completion_func_t and rl_completion_matches.

13 years agoFixed minor card related bugs and enhanced status messages
Werner Koch [Tue, 18 Oct 2005 17:41:20 +0000 (17:41 +0000)]
Fixed minor card related bugs and enhanced status messages

14 years agoexported subkeys are now merged into one output keyblock
Werner Koch [Mon, 17 Oct 2005 17:21:15 +0000 (17:21 +0000)]
exported subkeys are now merged into one output keyblock

14 years ago* NEWS: Clarify the cURL keyserver changes, and add a note about gpg-zip.
David Shaw [Fri, 14 Oct 2005 15:38:05 +0000 (15:38 +0000)]
* NEWS: Clarify the cURL keyserver changes, and add a note about gpg-zip.

* configure.ac: Remove the backsig configure options since this is all
done at runtime now.

14 years ago* keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
David Shaw [Fri, 14 Oct 2005 04:07:13 +0000 (04:07 +0000)]
* keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
add 0x19 backsigs to old keys that don't have them.

* misc.c (parse_options): Fix build warning.

* main.h, keygen.c (make_backsig): Make public.

14 years ago* options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
David Shaw [Wed, 12 Oct 2005 20:44:24 +0000 (20:44 +0000)]
* options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
(signature_check2): Add --require-backsigs and --no-require-backsigs.
Currently defaults to --no-require-backsigs.

14 years ago* getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
David Shaw [Tue, 11 Oct 2005 22:13:49 +0000 (22:13 +0000)]
* getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks.  All is well, so I'm turning generation of backsigs on for new
keys.  Checking for backsigs on verification is still off.

14 years agoYet another fix for the gpg.c rename
Werner Koch [Thu, 6 Oct 2005 10:38:23 +0000 (10:38 +0000)]
Yet another fix for the gpg.c rename

14 years agoFixes for the g10.c -> gpg.c renamed
Werner Koch [Wed, 5 Oct 2005 18:22:36 +0000 (18:22 +0000)]
Fixes for the g10.c -> gpg.c renamed

14 years agoRenamed g10.c to gpg.c
Werner Koch [Wed, 5 Oct 2005 16:58:50 +0000 (16:58 +0000)]
Renamed g10.c to gpg.c
Filelength fixes for W32.

14 years ago2005-10-02 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Mon, 3 Oct 2005 12:47:43 +0000 (12:47 +0000)]
2005-10-02  Marcus Brinkmann  <marcus@g10code.de>

* configure.ac [!$try_gettext]: Invoke AM_PO_SUBDIRS.

scripts/
2005-10-02  Marcus Brinkmann  <marcus@g10code.de>

* autogen.sh (DIE): Remove ugly hack for po dir suppression.

14 years ago* gpg.sgml: Note that --display-charset is just for display and
David Shaw [Thu, 22 Sep 2005 03:09:38 +0000 (03:09 +0000)]
* gpg.sgml: Note that --display-charset is just for display and
doesn't recode data.  Note that --search-keys can use the standard
search syntax now (<, =, *, @).  Document the @-address mode.

14 years ago* mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
Werner Koch [Tue, 20 Sep 2005 08:19:50 +0000 (08:19 +0000)]
* mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
prompt.

14 years ago* keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute
David Shaw [Tue, 20 Sep 2005 03:34:32 +0000 (03:34 +0000)]
* keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute
IDs as well as regular text IDs.

* plaintext.c (ask_for_detached_datafile): Use make_filename() on
filename so tilde expansion works.

14 years ago* main.h, misc.c (parse_options): Add the ability to have help
David Shaw [Wed, 14 Sep 2005 22:31:21 +0000 (22:31 +0000)]
* main.h, misc.c (parse_options): Add the ability to have help
strings in xxx-options commands.

* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.

14 years ago* keyedit.c (show_names): Moved name display code out from
David Shaw [Sat, 10 Sep 2005 16:50:41 +0000 (16:50 +0000)]
* keyedit.c (show_names): Moved name display code out from
show_key_with_all_names.  (keyedit_menu): Call it here for pref and
showpref so they can show only the selected user ID.  Suggested by
Timo Schulz.

14 years agoUpdated card stuff to support T=0 cards.
Werner Koch [Wed, 7 Sep 2005 17:05:42 +0000 (17:05 +0000)]
Updated card stuff to support T=0 cards.

14 years agoAdd "help" sub option to --*-options.
Werner Koch [Wed, 7 Sep 2005 15:53:03 +0000 (15:53 +0000)]
Add "help" sub option to --*-options.

14 years ago* parse-packet.c (enum_sig_subpkt, parse_signature,
David Shaw [Fri, 2 Sep 2005 19:23:33 +0000 (19:23 +0000)]
* parse-packet.c (enum_sig_subpkt, parse_signature,
parse_attribute_subpkts): Make a number of warnings verbose items.
These fire on many slightly mangled keys in the field, so the
warning is becoming burdensome.

14 years ago* photoid.h, photoid.c (generate_photo_id): Allow passing in a
David Shaw [Thu, 1 Sep 2005 20:51:13 +0000 (20:51 +0000)]
* photoid.h, photoid.c (generate_photo_id): Allow passing in a
suggested filename.

* keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto
filename" works.

14 years ago* mpicoder.c (mpi_read): Fix minor bug in reading a zero-length MPI
David Shaw [Thu, 1 Sep 2005 13:44:49 +0000 (13:44 +0000)]
* mpicoder.c (mpi_read): Fix minor bug in reading a zero-length MPI
(was failing unnecessarily).

14 years ago* photoid.c (generate_photo_id): Enable readline completion and tilde
David Shaw [Wed, 31 Aug 2005 18:40:39 +0000 (18:40 +0000)]
* photoid.c (generate_photo_id): Enable readline completion and tilde
expansion for the JPEG prompt.

14 years ago* fileutil.c (untilde): New. Expand ~/foo and ~username/foo filenames
David Shaw [Wed, 31 Aug 2005 15:36:50 +0000 (15:36 +0000)]
* fileutil.c (untilde): New.  Expand ~/foo and ~username/foo filenames
into full paths using $HOME if possible, or getpwuid/getpwnam if
necessary. (make_filename): Use it here.

14 years ago* misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing
David Shaw [Sat, 27 Aug 2005 03:09:40 +0000 (03:09 +0000)]
* misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing
algorithms.

* keyedit.c (sign_uids): Don't request a signing key to make a
certification.

* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?)  (print_key_flags): Show certify flag.  (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.

* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.

14 years ago* keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.
David Shaw [Sat, 27 Aug 2005 02:56:51 +0000 (02:56 +0000)]
* keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.
Suggested by Michael Schierl.

14 years ago* ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and
David Shaw [Fri, 26 Aug 2005 04:24:46 +0000 (04:24 +0000)]
* ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and
exact-email.  (classify_ks_search): Mimic the gpg search modes instead
with *, =, <, and @.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call them
here.  Suggested by Jason Harris.

14 years ago* gpg.sgml: Fix documentation for setpref/updpref, document
David Shaw [Tue, 23 Aug 2005 04:42:25 +0000 (04:42 +0000)]
* gpg.sgml: Fix documentation for setpref/updpref, document
import-clean, --status-file, --logger-file, --attribute-file,
--passphrase-file, --passphrase, and --command-file.  Comment out the
"+word match" selection syntax since it isn't supported.

14 years ago* gnupg.spec.in: Distribute gpg-zip.
David Shaw [Mon, 22 Aug 2005 02:26:57 +0000 (02:26 +0000)]
* gnupg.spec.in: Distribute gpg-zip.

14 years ago* Makefile.am: No need to link with curl any longer.
David Shaw [Sun, 21 Aug 2005 20:58:46 +0000 (20:58 +0000)]
* Makefile.am: No need to link with curl any longer.

* main.h, misc.c (path_access): New.  Same as access() but does a PATH
search like execlp.

* keyserver.c (curl_can_handle): Removed.  Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort.  This is necessary because PGP LDAP and curl LDAP are apples
and oranges.  (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.

14 years ago* exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read):
David Shaw [Sun, 21 Aug 2005 14:20:27 +0000 (14:20 +0000)]
* exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read):
Minor cleanup to use bitfield flags instead of a bunch of integers.

14 years ago* g10.c (main): Add aliases sign-with->local-user and user->recipient
David Shaw [Sat, 20 Aug 2005 19:38:45 +0000 (19:38 +0000)]
* g10.c (main): Add aliases sign-with->local-user and user->recipient
to make switching from PGP command line to GPG easier.

14 years ago* options.skel: Remove the surfnet LDAP keyserver from the list of
David Shaw [Fri, 19 Aug 2005 13:37:47 +0000 (13:37 +0000)]
* options.skel: Remove the surfnet LDAP keyserver from the list of
samples since it is being shut down.

* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.

14 years ago* ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-name.
David Shaw [Thu, 18 Aug 2005 21:14:16 +0000 (21:14 +0000)]
* ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-name.
The last of exact-name and exact-email overrides the earlier.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here to
do a name-only search.

14 years ago* gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP.
David Shaw [Thu, 18 Aug 2005 17:40:04 +0000 (17:40 +0000)]
* gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP.

* gpgkeys_ldap.c (search_key): Use it here to escape reserved characters
in searches.