15 years agoNew. Taken from gnupg 1.9.
Werner Koch [Fri, 15 Oct 2004 09:38:27 +0000 (09:38 +0000)]
New.  Taken from gnupg 1.9.

Werner Koch [Fri, 15 Oct 2004 09:37:49 +0000 (09:37 +0000)]

* Check whether vasprintf needs a replacement.

15 years agoFix up the @setfilename lines.
Werner Koch [Fri, 15 Oct 2004 09:34:21 +0000 (09:34 +0000)]
Fix up the @setfilename lines.

15 years ago* gpg.sgml: Document using "none" to remove preferred keyservers, the
David Shaw [Thu, 14 Oct 2004 21:33:38 +0000 (21:33 +0000)]
* gpg.sgml: Document using "none" to remove preferred keyservers, the
keyserver timeout parameter, and the direct trust model.

15 years agoanother s/unsigned char*/byte*/
Werner Koch [Thu, 14 Oct 2004 20:47:56 +0000 (20:47 +0000)]
another s/unsigned char*/byte*/

15 years ago* gpgkeys_finger.c (main): We do not support relay fingering (i.e.
David Shaw [Thu, 14 Oct 2004 20:36:40 +0000 (20:36 +0000)]
* gpgkeys_finger.c (main): We do not support relay fingering (i.e.
"finger://relayhost/"), but finger URLs are occasionally
miswritten that way.  Give an error in this case.

15 years ago* keylist.c (list_keyblock_print): Show the fingerprint after the key, not
David Shaw [Thu, 14 Oct 2004 20:13:16 +0000 (20:13 +0000)]
* keylist.c (list_keyblock_print): Show the fingerprint after the key, not
after the first user ID.

* keyedit.c (show_key_with_all_names): Don't show validity if we're just
printing user IDs for signing.

* armor.c (fake_packet): Properly handle the case where the line is
dash-space (i.e. a blank line that was quoted).  Give a warning for bad
dash escaping.

15 years ago* export.c (do_export_stream) [ENABLE_SELINUX_HACKS]: Don't allow
Werner Koch [Thu, 14 Oct 2004 10:48:15 +0000 (10:48 +0000)]
* export.c (do_export_stream) [ENABLE_SELINUX_HACKS]: Don't allow
secret key export.
* import.c (import_secret_one) [ENABLE_SELINUX_HACKS]: Likewise

15 years ago* rndunix.c (start_gatherer) [ENABLE_SELINUX_HACKS]: Don't allow
Werner Koch [Thu, 14 Oct 2004 07:21:17 +0000 (07:21 +0000)]
* rndunix.c (start_gatherer) [ENABLE_SELINUX_HACKS]: Don't allow

* gpgkeys_finger.c (get_key): s/unsigned char/byte/ due
to a strange typedef for RISC OS.  Noted by Stefan.

15 years ago(iobuf_get_fd): Removed double check on directfp and
Werner Koch [Thu, 14 Oct 2004 07:20:54 +0000 (07:20 +0000)]
(iobuf_get_fd): Removed double check on directfp and
cats it to FILEP becuase directfp is actually a void *.  Notes by

15 years ago* misc.c (is_secured_filename): New.
Werner Koch [Thu, 14 Oct 2004 07:11:57 +0000 (07:11 +0000)]
* misc.c (is_secured_filename): New.
* keydb.c (maybe_create_keyring)
* tdbio.c (tdbio_set_dbname)
* plaintext.c (handle_plaintext)
* openfile.c (copy_options_file, open_outfile)
* exec.c (exec_write)
* keygen.c (do_generate_keypair, gen_card_key_with_backup)
* sign.c (sign_file, clearsign_file)
* keyring.c (create_tmp_file, do_copy): Check for secured files
before creating them.

* keygen.c (print_status_key_created): s/unsigned char/byte/ due
to a strange typedef for RISC OS.  Noted by Stefan.

15 years ago* armor.c (fake_packet): Allow arbitrary dash-escaped lines as per
David Shaw [Wed, 13 Oct 2004 20:39:54 +0000 (20:39 +0000)]
* armor.c (fake_packet): Allow arbitrary dash-escaped lines as per
2440bis-10.  This is bug #158.

15 years ago* keyserver.c (keyserver_work): Handle keyserver timeouts.
David Shaw [Wed, 13 Oct 2004 18:40:13 +0000 (18:40 +0000)]
* keyserver.c (keyserver_work): Handle keyserver timeouts.

15 years ago* keyserver.h: Add KEYSERVER_TIMEOUT.
David Shaw [Wed, 13 Oct 2004 18:32:17 +0000 (18:32 +0000)]
* keyserver.h: Add KEYSERVER_TIMEOUT.

15 years ago* gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c (main),
David Shaw [Wed, 13 Oct 2004 18:30:29 +0000 (18:30 +0000)]
* gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c (main),
gpgkeys_finger.c (main): Call timeout functions before performing an
action that could block for a long time.

* ksutil.h, ksutil.c: New.  Right now just contains timeout functions.

15 years agoAdded SELInux hacks and did some cleanups.
Werner Koch [Wed, 13 Oct 2004 18:10:06 +0000 (18:10 +0000)]
Added SELInux hacks and did some cleanups.

15 years agoAdd dearmor.c
Werner Koch [Wed, 13 Oct 2004 18:09:10 +0000 (18:09 +0000)]
Add dearmor.c

15 years ago* Actually name the option --disable-finger and not
Werner Koch [Wed, 13 Oct 2004 18:08:39 +0000 (18:08 +0000)]
* Actually name the option --disable-finger and not
http.  Add option --enable-selinux-support.

* logger.c (g10_log_error_f, g10_log_fatal_f, g10_log_info_f)
(g10_log_debug_f, print_prefix_f): Removed.

* iobuf.c (iobuf_is_pipe_filename): New.
(iobuf_get_fd): New.

15 years ago* pkclist.c (do_edit_ownertrust): Different prompt when we're using direct
David Shaw [Wed, 13 Oct 2004 15:34:52 +0000 (15:34 +0000)]
* pkclist.c (do_edit_ownertrust): Different prompt when we're using direct
trust since the meaning is different.

* keyedit.c (trustsig_prompt): Change the strings to match the ones in
pkclist.c:do_edit_ownertrust to make translation easier.

* trustdb.c (trust_model_string, get_validity): Add direct trust model
which applies to the key as a whole and not per-uid.

* options.h, g10.c (parse_trust_model): New. (main): Call it from here to
do string-to-trust-model.

15 years ago* Actually name the option --disable-finger and not
Werner Koch [Wed, 13 Oct 2004 09:59:46 +0000 (09:59 +0000)]
* Actually name the option --disable-finger and not

* openfile.c (overwrite_filep, make_outfile_name, open_outfile)
(open_sigfile): Use iobuf_is_pipe_filename to check for pipes so
that special filesnames are taken into account. This is bug 327.
* tdbdump.c (import_ownertrust): Ditto.
* sign.c (write_plaintext_packet): Ditto.
* progress.c (handle_progress): Ditto.
* plaintext.c (handle_plaintext): Ditto.
* encode.c (encode_simple, encode_crypt): Ditto.

* iobuf.c (iobuf_is_pipe_filename): New.
* fileutil.c (is_file_compressed): Use it here.

15 years ago* (.S.o): Include MPI_SFLAGS. This is our bug 145.
Werner Koch [Wed, 13 Oct 2004 07:11:10 +0000 (07:11 +0000)]
* (.S.o): Include MPI_SFLAGS. This is our bug 145.

15 years ago * keygen.c (read_parameter_file): New keyword "Handle". This is
Werner Koch [Wed, 13 Oct 2004 07:10:51 +0000 (07:10 +0000)]
* keygen.c (read_parameter_file): New keyword "Handle".  This is
bug 287.
(print_status_key_not_created): New.
(print_status_key_created): Add new arg HANDLE.
(do_generate_keypair): Print not created status.
* status.c, tatus.h (STATUS_KEY_NOT_CREATED): New.

15 years ago* algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, blowfish.c,
David Shaw [Tue, 12 Oct 2004 17:35:50 +0000 (17:35 +0000)]
* algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, blowfish.c,
des.c, rijndael.c: Consistently use const for input buffers.

15 years ago(read_parameter_file): Changed to use iobuf based file
Werner Koch [Tue, 12 Oct 2004 16:41:17 +0000 (16:41 +0000)]
(read_parameter_file): Changed to use iobuf based file
reading to allow the special file name feature to work.

15 years ago* pkclist.c (do_edit_ownertrust): Use the same translated string for
David Shaw [Mon, 11 Oct 2004 21:08:37 +0000 (21:08 +0000)]
* pkclist.c (do_edit_ownertrust): Use the same translated string for
showing the user ID as mainproc.c:print_pkenc_list.

* mainproc.c (print_pkenc_list): Allow translating the quotes around the
user ID.

* card-util.c, g10.c, photoid.c, trustdb.c: The last of the \"%s\" -> `%s'
quoting for things that aren't user IDs.

* keyserver.c (keyserver_spawn): If there is no keyserver host, print the
whole URI since it is self-contained.

15 years ago* gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Fix a
David Shaw [Mon, 11 Oct 2004 20:33:22 +0000 (20:33 +0000)]
* gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Fix a
few occurances of "filename" to `filename'.

15 years agoOops commited binary instead of source.
Werner Koch [Mon, 11 Oct 2004 12:45:50 +0000 (12:45 +0000)]
Oops commited binary instead of source.

15 years ago* New option --disable-finger.
Werner Koch [Mon, 11 Oct 2004 08:44:35 +0000 (08:44 +0000)]
* New option --disable-finger.

* keyserver.c (keyserver_spawn): Print an empty string in log_info
if the host is not set (e.g. finger).

* gpgkeys_finger.c: New.

15 years ago* card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, keygen.c,
David Shaw [Sun, 10 Oct 2004 15:27:14 +0000 (15:27 +0000)]
* card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, keygen.c,
photoid.c, revoke.c: Some yes-or-no prompts end in "(y/n)".  Some don't.
Consistently use y/n everywhere.

15 years ago* keygen.c (ask_key_flags): New. (ask_algo): Call it here in --expert mode
David Shaw [Sun, 10 Oct 2004 14:33:37 +0000 (14:33 +0000)]
* keygen.c (ask_key_flags): New. (ask_algo): Call it here in --expert mode
so we don't need to specify each possible variation of RSA capabilities.

15 years ago* keygen.c (do_add_key_flags): The spec says that all primary keys MUST be
David Shaw [Sun, 10 Oct 2004 14:19:39 +0000 (14:19 +0000)]
* keygen.c (do_add_key_flags): The spec says that all primary keys MUST be
able to certify.  Force the certify flag on for primaries (and off for

15 years ago* keygen.c (generate_keypair): Fix generating keys with the auth flag.
David Shaw [Sun, 10 Oct 2004 13:13:47 +0000 (13:13 +0000)]
* keygen.c (generate_keypair): Fix generating keys with the auth flag.

15 years ago* encr-data.c (decrypt_data): Give a warning with a weak key, but still
David Shaw [Fri, 8 Oct 2004 21:54:26 +0000 (21:54 +0000)]
* encr-data.c (decrypt_data): Give a warning with a weak key, but still
allow to decrypt the message.

15 years ago* pkclist.c (build_pk_list): Keystrify.
David Shaw [Thu, 7 Oct 2004 21:14:31 +0000 (21:14 +0000)]
* pkclist.c (build_pk_list): Keystrify.

* mainproc.c (check_sig_and_print), pkclist.c (do_edit_ownertrust):
Improve translatability of user ID prompts.

15 years ago* helptext.c, pkclist.c (do_we_trust): It is not possible to get here with
David Shaw [Wed, 6 Oct 2004 21:50:23 +0000 (21:50 +0000)]
* helptext.c, pkclist.c (do_we_trust): It is not possible to get here with
a revoked or expired key, so BUG() that case.  Remove question about
overriding revoked/expired.  Also --keyid-format-ify. (do_we_trust_pre):
Use print_pubkey_info() instead of printing the info ourselves.

* passphrase.c (passphrase_to_dek): Improve translatability of user ID

* keylist.c (print_pubkey_info): Use the user ID the pk was selected by,
if any.

15 years ago* keyedit.c (sign_uids, ask_revoke_sig): Improve translatability of user
David Shaw [Wed, 6 Oct 2004 20:40:07 +0000 (20:40 +0000)]
* keyedit.c (sign_uids, ask_revoke_sig): Improve translatability of user
ID prompts. (ask_revoke_sig, menu_revsig): Try and use common strings for
these two functions so they don't need to be translated twice.

15 years ago* keyedit.c, keylist.c, keyserver.c, mainproc.c: The
David Shaw [Wed, 6 Oct 2004 19:51:45 +0000 (19:51 +0000)]
* keyedit.c, keylist.c, keyserver.c, mainproc.c: The
revoked/expired/expires string change of 2004-09-29 was too simple.  Use
two styles for each tag.

15 years ago* passphrase.c (agent_get_passphrase): Use keystrs for agent strings, and
David Shaw [Tue, 5 Oct 2004 14:33:02 +0000 (14:33 +0000)]
* passphrase.c (agent_get_passphrase): Use keystrs for agent strings, and
fix sprintf warnings.

* keyserver.c (keyserver_spawn): Fix BUG() with certain sets of mixed
regular and preferred keyserver refreshes.  Noted by Sebastian Wiesinger.

* keyedit.c (show_key_with_all_names): Show uid validity in menu.

15 years ago2004-10-03 Timo Schulz <>
Timo Schulz [Mon, 4 Oct 2004 17:25:29 +0000 (17:25 +0000)]
2004-10-03  Timo Schulz  <>

        * apdu.c (apdu_open_remote_reader) [_WIN32]: Do not set ENOSYS.

15 years ago* keyedit.c (print_and_check_one_sig_colon): Fix bad keyids in colon
David Shaw [Mon, 4 Oct 2004 01:17:27 +0000 (01:17 +0000)]
* keyedit.c (print_and_check_one_sig_colon): Fix bad keyids in colon
delsig output.  Noted by Peter Palfrader. (show_prefs): Do not reference
missing selfsig.  Noted by Alex Moroz.

15 years agopost release preparations
Werner Koch [Fri, 1 Oct 2004 13:59:09 +0000 (13:59 +0000)]
post release preparations

15 years ago* gpgv.c (i18n_init): Always use LC_ALL. V1-3-90
Werner Koch [Fri, 1 Oct 2004 10:18:31 +0000 (10:18 +0000)]
* gpgv.c (i18n_init): Always use LC_ALL.

* bftest.c (i18n_init): Always use LC_ALL.
* shmtest.c (i18n_init): Ditto.
* mpicalc.c (i18n_init): Ditto.

15 years ago* mk-w32-dist: Updated from stable branch.
Werner Koch [Fri, 1 Oct 2004 10:11:42 +0000 (10:11 +0000)]
* mk-w32-dist: Updated from stable branch.

* mk-gpg-texi: Changed to use the newer docbook2x-texi utility.

* config.guess, config.sub, mkinstalldirs, missing
* depcomp, install-sh: Upgraded.

15 years ago* gpgv.c, keydb.c (keydb_add_resource): Factored keyring creation out to
David Shaw [Thu, 30 Sep 2004 15:00:58 +0000 (15:00 +0000)]
* gpgv.c, keydb.c (keydb_add_resource): Factored keyring creation out to
.. (maybe_create_keyring): .. new.  Make sure that we do the checks in a
locked state.  Problem reported by Stefan Haller.  Try to create the home
directory before acquiring a lock for the keyring. From Werner on stable

* g10.c (main): Blow up if we didn't lose setuid.  From Werner on stable

15 years ago* util.h: Prototype destroy_dotlock(). From Werner on stable branch.
David Shaw [Thu, 30 Sep 2004 14:27:34 +0000 (14:27 +0000)]
* util.h: Prototype destroy_dotlock().  From Werner on stable branch.

15 years ago* iobuf.c (pop_filter): Make static.
David Shaw [Thu, 30 Sep 2004 14:26:36 +0000 (14:26 +0000)]
* iobuf.c (pop_filter): Make static.

* dotlock.c (destroy_dotlock): New.  Remove the handle from the list of
locks. (release_dotlock): Don't act if we don't have any locks at all.
From Werner on stable branch.

15 years ago* mpicoder.c (mpi_read): If we must fail due to a oversize (generally
David Shaw [Thu, 30 Sep 2004 04:07:23 +0000 (04:07 +0000)]
* mpicoder.c (mpi_read): If we must fail due to a oversize (generally
corrupt) MPI, make sure the number of bytes we read is valid so we can
skip the rest of the bad packet (in hopes the whole stream isn't invalid).

15 years ago* keyedit.c, keylist.c, keyserver.c, mainproc.c: Reduce the many
David Shaw [Wed, 29 Sep 2004 17:41:58 +0000 (17:41 +0000)]
* keyedit.c, keylist.c, keyserver.c, mainproc.c: Reduce the many
variations of "revoked" ("revoked", "[revoked]", " [revoked]", "[revoked]
") "and" expired down to two to simplify translation.

15 years ago* keyedit.c (print_and_check_one_sig): Account for the extra space that
David Shaw [Wed, 29 Sep 2004 03:21:05 +0000 (03:21 +0000)]
* keyedit.c (print_and_check_one_sig): Account for the extra space that
show-sig-expire takes up so we do not wrap lines.
(show_key_with_all_names): No need to show subkey revocations as a
seperate line since we now show revocation date in the main subkey line.

15 years ago* signal.c (got_fatal_signal): HAVE_DECL_SYS_SIGLIST is defined, but zero
David Shaw [Tue, 28 Sep 2004 14:50:05 +0000 (14:50 +0000)]
* signal.c (got_fatal_signal): HAVE_DECL_SYS_SIGLIST is defined, but zero
if not found.  Noted by John Clizbe.

* keyserver.c (parse_keyrec): Fix problem with non-expiring keys appearing
expired in --search-keys results.

15 years ago* card-util.c (card_edit): Take admin only status from the table.
Werner Koch [Mon, 27 Sep 2004 12:56:05 +0000 (12:56 +0000)]
* card-util.c (card_edit): Take admin only status from the table.

* app-openpgp.c: Made all strings translatable.
(verify_chv3) [GNUPG_MAJOR_VERSION]: Make opt.allow_admin
available for use in gnupg 2.
(verify_chv3): Reimplemented countdown showing to use only
functions from this module.  Flush the CVH status cache on a
successful read.
(get_one_do): Hack to bypass the cache for cards versions > 1.0.
(store_fpr): Store the creation date for card version > 1.0.

15 years agoWe need to take care that several files are also used in gnupg 1.9 and
Werner Koch [Mon, 27 Sep 2004 09:42:26 +0000 (09:42 +0000)]
We need to take care that several files are also used in gnupg 1.9 and
there by the scdaemon which is a bit different to the direct
integration in gpg 1.3.  In general they should all be maintained in
1.9 but while preparing 1.4 its okay to do it in 1.3.  We just need to
take some care not to break 1.9 to heavily.

app-openpgp.c: Made all strings translatable.
(verify_chv3) [GNUPG_MAJOR_VERSION]: Make opt.allow_admin
available for use in gnupg 2.
(verify_chv3): Reimplemented countdown showing to use only
functions from this module.

15 years ago* main.h, g10.c (main), card-util.c (change_pin): If "admin" has not been
David Shaw [Sat, 25 Sep 2004 13:04:55 +0000 (13:04 +0000)]
* main.h, g10.c (main), card-util.c (change_pin): If "admin" has not been
issued, skip right to the CHV1/CHV2 PIN change.  No need to show the
unblock or admin PIN change option. (card_edit): Add "admin" command to
add admin commands to the menu.  Do not allow admin commands until "admin"
is given.

* app-openpgp.c (verify_chv3): Show a countdown of how many wrong admin
PINs can be entered before the card is locked.

* options.h, g10.c (main), app-openpgp.c (verify_chv3): Remove

15 years ago* main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
David Shaw [Fri, 24 Sep 2004 20:34:38 +0000 (20:34 +0000)]
* main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
opt.s2k_digest_algo.  This helps fix a problem with PGP 2.x encrypted
symmetric messages.  Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).

* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings.  Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.

15 years ago* keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), keygen.c
David Shaw [Fri, 24 Sep 2004 14:34:45 +0000 (14:34 +0000)]
* keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), keygen.c
(copy_mpi, generate_raw_key): Fix a compile problem and a few warnings
when building without card support.

15 years agoNote: I have not fully tested the new key creation due to a pc/sc
Werner Koch [Thu, 23 Sep 2004 19:34:45 +0000 (19:34 +0000)]
Note: I have not fully tested the new key creation due to a pc/sc
error.  However the backupfile has been created successfully.

* rsa.c (rsa_generate): Return the dummy list of factors only if
the caller asked for it.

* card_util.c (generate_card_keys): ask whether backup should be
(card_store_subkey): Factored some code out to ..
* keygen.c (save_unprotected_key_to_card): .. new function.
(gen_card_key_with_backup): New.
(generate_raw_key): New.
(generate_keypair): New arg BACKUP_ENCRYPTION_DIR.  Changed all
(do_generate_keypair): Divert to gen_card_key_with_backup when

15 years ago* gpg.sgml: Document "addcardkey" and "keytocard".
Werner Koch [Thu, 23 Sep 2004 13:32:31 +0000 (13:32 +0000)]
* gpg.sgml: Document "addcardkey" and "keytocard".

* apdu.c (open_pcsc_reader): Do not print empty reader string.

* keygen.c (ask_algo): Allow creation of AUTH keys.

* keyid.c (usagestr_from_pk): New.

* app-openpgp.c (app_openpgp_storekey): Call flush_cache.

* keyedit.c (keyedit_menu): New command "keytocard"
(keyedit_menu): Bad hack for the not_with_sk element.
(show_key_with_all_names): Print the usage.
(find_pk_from_sknode): New.

* card-util.c (card_store_subkey): New.
(copy_mpi): New.
* cardglue.c (agent_openpgp_storekey): New.

15 years ago* mainproc.c (check_sig_and_print), keyedit.c (show_prefs,
David Shaw [Wed, 22 Sep 2004 03:16:41 +0000 (03:16 +0000)]
* mainproc.c (check_sig_and_print), keyedit.c (show_prefs,
menu_set_keyserver_url): Make sure that keyserver URLs with control
characters inside are printed properly.  In fact, handle them as UTF8.

15 years ago* keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if we do
David Shaw [Tue, 21 Sep 2004 22:24:47 +0000 (22:24 +0000)]
* keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if we do
not have card support.

* keydb.h, keyserver.c (print_keyrec, keyserver_spawn): fpr is an array of
unsigned bytes.

15 years ago* gpg.sgml: Document -K.
Werner Koch [Mon, 20 Sep 2004 18:38:39 +0000 (18:38 +0000)]
* gpg.sgml: Document -K.

* g10.c: Make -K an alias for --list-secret-keys.

* keylist.c (print_card_serialno): New. Taken from gnupg 1.9.11.
(list_keyblock_print): Make use of it.
* keyedit.c (show_key_with_all_names): Print the card S/N.

* keyedit.c (keyedit_menu): New command ADDCARDKEY.
* card-util.c (card_generate_subkey): New.
* keygen.c (generate_card_subkeypair): New.
(gen_card_key): New arg IS_PRIMARY; changed all callers.

* cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.

15 years ago* cardglue.c (open_card): Use shutdown code if possible.
Werner Koch [Mon, 20 Sep 2004 13:15:37 +0000 (13:15 +0000)]
* cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.

* ccid-driver.c (do_close_reader): Factored some code out from ...
(ccid_shutdown_reader): New.

* apdu.c (apdu_shutdown_reader): New.
(shutdown_ccid_reader): New.

15 years ago(apdu_open_reader): No fallback if a full CCID reader id has been
Werner Koch [Fri, 17 Sep 2004 14:26:50 +0000 (14:26 +0000)]
(apdu_open_reader): No fallback if a full CCID reader id has been

Removed test code from ccid-driver.c

15 years ago* Don't check for usb_create_match or
Werner Koch [Fri, 17 Sep 2004 13:57:29 +0000 (13:57 +0000)]
* Don't check for usb_create_match or
use_get_string_simple anymore.

* g10.c (list_config): New config option ccid-reader-id.
(gpgconf_list): Add "reader-port".

* apdu.c (open_ccid_reader): New arg PORTSTR.  Pass it to
(apdu_open_reader): Pass portstr to open_ccid_reader.

* ccid-driver.c (ccid_get_reader_list): New.
(ccid_open_reader): Changed API to take a string for the reader.
Removed al the cruft for the libusb development vesion which seems
not to be maintained anymore and there are no packages anyway.
The stable library works just fine.
(struct ccid_reader_id_s): Deleted and replaced everywhere by a
simple string.
(usb_get_string_simple): Removed.
(bulk_in): Do valgrind hack here and not just everywhere.

15 years ago* keyedit.c (show_key_with_all_names, show_prefs): Show preferred
David Shaw [Thu, 16 Sep 2004 20:55:09 +0000 (20:55 +0000)]
* keyedit.c (show_key_with_all_names, show_prefs): Show preferred
keyserver(s) in "showpref" output.

15 years ago* keygen.c (keygen_add_keyserver_url), keyedit.c (menu_set_keyserver_url):
David Shaw [Thu, 16 Sep 2004 20:07:42 +0000 (20:07 +0000)]
* keygen.c (keygen_add_keyserver_url), keyedit.c (menu_set_keyserver_url):
Allow setting a keyserver URL of "none" to remove an existing keyserver

15 years ago* keyedit.c (menu_set_keyserver_url): Confirm replacement of a keyserver
David Shaw [Thu, 16 Sep 2004 19:53:06 +0000 (19:53 +0000)]
* keyedit.c (menu_set_keyserver_url): Confirm replacement of a keyserver
URL before overwriting the old one.

15 years ago* DETAILS: Document the 'spk' signature subpacket record. Add more detail
David Shaw [Thu, 16 Sep 2004 13:35:37 +0000 (13:35 +0000)]
* DETAILS: Document the 'spk' signature subpacket record.  Add more detail
on "tru" records.

* gpg.sgml: Note that PGP scales photo IDs to fit in the dialog box.
Document show-sig-subpackets.  Document the '%c' signature counter

15 years ago* gpgv.c (agent_scd_getattr): Stub.
David Shaw [Wed, 15 Sep 2004 18:41:36 +0000 (18:41 +0000)]
* gpgv.c (agent_scd_getattr): Stub.

* misc.c (get_signature_count): New.  Get the signature count from a
smartcard. (pct_expando): Call it here so the %c expando becomes the
number of signatures issued.  This allows for notations or the like with
an automatic signature count.

* ccid-driver.c (usb_get_string_simple): Replacement function to work with
older libusb.

15 years ago* Give warning when using capabilities. Check for
David Shaw [Wed, 15 Sep 2004 18:33:13 +0000 (18:33 +0000)]
* Give warning when using capabilities.  Check for
usb_get_string_simple for old libusb reasons.

15 years ago* g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver.
Werner Koch [Wed, 15 Sep 2004 15:26:38 +0000 (15:26 +0000)]
* g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver.

* ccid-driver.c (read_device_info): Removed.
(make_reader_id, scan_or_find_devices): New.
(ccid_open_reader): Simplified by make use of the new functions.
(ccid_set_debug_level): New.  Changed the macros to make use of
it.  It has turned out that it is often useful to enable debugging
at runtime so I added this option.

15 years agoDocument "--debug-ccid-driver".
Werner Koch [Wed, 15 Sep 2004 15:26:17 +0000 (15:26 +0000)]
Document "--debug-ccid-driver".

15 years ago* gpg.sgml: Note that --throw-keyid is --throw-keyids. Note changes in
David Shaw [Tue, 14 Sep 2004 15:47:17 +0000 (15:47 +0000)]
* gpg.sgml: Note that --throw-keyid is --throw-keyids.  Note changes in
--pgp8.  Rephrase the "don't play algorithm games" warning now that PGP
has blowfish, zlib, and bzip2.

15 years ago* getkey.c (premerge_public_with_secret): Fix subkey<->binding sig
David Shaw [Tue, 14 Sep 2004 02:00:39 +0000 (02:00 +0000)]
* getkey.c (premerge_public_with_secret): Fix subkey<->binding sig
mismatch when some secret subkeys are missing.  Discovered by Michael

15 years ago* pgpgroup-to-gpggroup: New perl script to take groups from PGP command
David Shaw [Tue, 14 Sep 2004 01:57:25 +0000 (01:57 +0000)]
* pgpgroup-to-gpggroup: New perl script to take groups from PGP command
line and write out GnuPG 'group' config lines.

15 years ago* main.h, keylist.c (print_subpackets_colon): Make a public function.
David Shaw [Mon, 13 Sep 2004 12:31:25 +0000 (12:31 +0000)]
* main.h, keylist.c (print_subpackets_colon): Make a public function.

* keyedit.c (print_and_check_one_sig_colon): New.  Print a with-colons
version of the sig record. (menu_delsig): Call it here for a with-colons

15 years ago* options.h, keylist.c (print_one_subpacket, print_subpackets_colon):
David Shaw [Sun, 12 Sep 2004 15:27:38 +0000 (15:27 +0000)]
* options.h, keylist.c (print_one_subpacket, print_subpackets_colon):
Print a spk record for each request subpacket. (list_keyblock_colon): Call
them here.

* g10.c (parse_subpacket_list, parse_list_options): New.  Make the list of
subpackets we are going to print. (main): Call them here.

15 years ago* card-util.c (fetch_url, card_edit): Use the pubkey URL stored on the
David Shaw [Sat, 11 Sep 2004 15:42:19 +0000 (15:42 +0000)]
* card-util.c (fetch_url, card_edit): Use the pubkey URL stored on the
card to fetch an updated copy.  Works with either straight URLs or HKP or
LDAP keyservers.

* keyserver-internal.h, keyserver.c (keyserver_import_fprint), import.c
(revocation_present): Use a keyserver_spec so the caller can pass in
whatever keyserver they like.

15 years ago* app-openpgp.c (get_cached_data): Avoid mallocing zero since it breaks us
David Shaw [Sat, 11 Sep 2004 03:30:48 +0000 (03:30 +0000)]
* app-openpgp.c (get_cached_data): Avoid mallocing zero since it breaks us
when using --enable-m-guard.

15 years ago* NEWS: Note HTTP basic auth.
David Shaw [Sat, 11 Sep 2004 02:34:01 +0000 (02:34 +0000)]
* NEWS: Note HTTP basic auth.

* Check for usb_get_busses since very old stable libusb
doesn't have it.

15 years ago* ccid-driver.c (read_device_info): Fix segfault when usb device is not
David Shaw [Sat, 11 Sep 2004 02:29:36 +0000 (02:29 +0000)]
* ccid-driver.c (read_device_info): Fix segfault when usb device is not
accessible. (ccid_open_reader): Allow working with an even older version
of libusb (usb_busses global instead of usb_get_busses()).

15 years ago* http.h: Add auth field for a parsed_uri to allow for basic auth.
David Shaw [Fri, 10 Sep 2004 21:17:32 +0000 (21:17 +0000)]
* http.h: Add auth field for a parsed_uri to allow for basic auth.

15 years ago* http.c (make_radix64_string, do_parse_uri, send_request): Add basic auth
David Shaw [Fri, 10 Sep 2004 21:16:47 +0000 (21:16 +0000)]
* http.c (make_radix64_string, do_parse_uri, send_request): Add basic auth
for proxies and direct requests.  Suggested by Florent Thoumie.

15 years ago* http.c (main): Fix test code for http-test.
David Shaw [Fri, 10 Sep 2004 18:56:52 +0000 (18:56 +0000)]
* http.c (main): Fix test code for http-test.

15 years ago* README: Doc --disable-card-support and --without-readline.
Werner Koch [Thu, 9 Sep 2004 18:18:36 +0000 (18:18 +0000)]
* README: Doc --disable-card-support and --without-readline.

* Check for readline.  Make enable-card-support the
default.  New option --without-readline.  Allow the use of either
the development or the stable libusb.

* cardglue.h: Add members for CA fingerprints.
* cardglue.c (agent_release_card_info): Invalid them.
(learn_status_cb): Store them.

* app-common.h, app-openpgp.c, iso7816.c, iso7816.h
* apdu.c, apdu.h, ccid-driver.c, ccid-driver.h
* card-util.c: Updated from current gnupg-1.9.

* ccid-driver.h (CCID_DRIVER_ERR_ABORTED): New.
* ccid-driver.c (ccid_open_reader): Support the stable 0.1 version
of libusb.
(ccid_get_atr): Handle short messages.
* apdu.c (my_rapdu_get_status): Implemented.
* apdu.c: Include <signal.h>.
* apdu.c (reader_table_s):  Add function pointers for the backends.
(apdu_close_reader, apdu_get_status, apdu_activate)
(send_apdu): Make use of them.
(new_reader_slot): Intialize them to NULL.
(dump_ccid_reader_status, ct_dump_reader_status): New.
(dump_pcsc_reader_status): New.
(open_ct_reader, open_pcsc_reader, open_ccid_reader)
(open_osc_reader, open_rapdu_reader): Intialize function pointers.
(ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu)
(error_string): Removed.  Replaced by apdu_strerror.
(get_ccid_error_string): Removed.
(ct_activate_card): Remove the unused loop.
(reset_ct_reader): Implemented.
(ct_send_apdu): Activate the card if not yet done.
(pcsc_send_apdu): Ditto.
* ccid-driver.h: Add error codes.
* ccid-driver.c: Implement more or less proper error codes all
over the place.
* apdu.c (apdu_send_direct): New.
(get_ccid_error_string): Add some error code mappings.
(send_apdu): Pass error codes along for drivers already supporting
(host_sw_string): New.
(get_ccid_error_string): Use above.
(send_apdu_ccid): Reset the reader if it has not yet been done.
(open_ccid_reader): Don't care if the ATR can't be read.
(apdu_activate_card): New.
(apdu_strerror): New.
(dump_reader_status): Only enable it with opt.VERBOSE.
* iso7816.c (map_sw): Add mappings for the new error codes.
* apdu.c (open_ct_reader, open_pcsc_reader, open_ccid_reader)
(reset_ccid_reader, open_osc_reader): Call dump_reader_status only
in verbose mode.
* app-openpgp.c (do_getattr): Fix for sending CA-FPR.
* app-openpgp.c (app_openpgp_readkey): Fixed check for valid
* app-openpgp.c (do_setattr): Sync FORCE_CHV1.
* card-util.c (change_login): Kludge to allow reading data from a
(card_edit): Pass ARG_STRING to change_login.
(card_status): Print CA fingerprints.
(change_cafpr): New.
(card_edit): New command CAFPR.

* errors.h (G10ERR_NO_CARD, G10ERR_CANCELED): New error codes.

* errors.c (g10_errstr): New error codes G10ERR_NO_CARD,

15 years ago* Check for readline.
Werner Koch [Thu, 9 Sep 2004 17:04:44 +0000 (17:04 +0000)]
* Check for readline.

* signal.c (got_fatal_signal): Do readline cleanup.  Print signal
number if we can't print the name. Use new autoconf macro
(get_signal_name): Removed.

* ttyio.c (tty_get): Add readline support.

15 years ago* photoid.c: Include ttyio.h.
Werner Koch [Thu, 9 Sep 2004 12:42:10 +0000 (12:42 +0000)]
* photoid.c: Include ttyio.h.

* parse-packet.c (skip_rest): Removed.  Changed all callers to use
the new iobuf_skip_reset.  Orginal patch by Florian Weimer.

* iobuf.c (iobuf_skip_rest): New.  Orginal patch by Florian
Weimer.  Added new argument PARTIAL.

15 years ago(generate_photo_id): Use tty_printf and not just
Werner Koch [Tue, 7 Sep 2004 16:49:10 +0000 (16:49 +0000)]
(generate_photo_id): Use tty_printf and not just
printf.  Put _() around one string.

15 years ago* keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon as we
David Shaw [Fri, 3 Sep 2004 22:06:36 +0000 (22:06 +0000)]
* keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon as we
know the key is definitely expired.  Some translatable string cleanup.

15 years agochange back skey to unsigned and cast instead
Stefan Bellon [Fri, 27 Aug 2004 21:16:16 +0000 (21:16 +0000)]
change back skey to unsigned and cast instead

15 years agofix type incompatibility
Stefan Bellon [Fri, 27 Aug 2004 18:21:32 +0000 (18:21 +0000)]
fix type incompatibility

15 years ago* encode.c, exec.c, g10.c, sign.c: Some translatable string cleanup.
David Shaw [Fri, 27 Aug 2004 17:32:31 +0000 (17:32 +0000)]
* encode.c, exec.c, g10.c, sign.c: Some translatable string cleanup.
Change some "this" to `this'.

15 years ago* gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key,
David Shaw [Mon, 23 Aug 2004 19:54:40 +0000 (19:54 +0000)]
* gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key,
search_key), gpgkeys_http.c (get_key): Do not give informational logs
since this is now done inside gpg.

15 years ago* keyserver.c (keyserver_spawn): Show log line for what keyserver action
David Shaw [Mon, 23 Aug 2004 19:20:17 +0000 (19:20 +0000)]
* keyserver.c (keyserver_spawn): Show log line for what keyserver action
we are taking.

* keyid.c (keystr): If printing a keyid that lacks the high 4 bytes, print
the low 4 alone. (keystr_from_desc): Handle short keyids and warn on v3

15 years ago* keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
David Shaw [Mon, 23 Aug 2004 17:55:49 +0000 (17:55 +0000)]
* keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
and remove the printable stuff since we're print-ifying valid utf8
characters.  Change all callers in import.c, sign.c, keylist.c, and

15 years ago* gpgkeys_hkp.c (dehtmlize): Understand the quote character (i.e.
David Shaw [Mon, 23 Aug 2004 17:43:40 +0000 (17:43 +0000)]
* gpgkeys_hkp.c (dehtmlize): Understand the quote character (i.e.
"&quot;") in HTML responses. (search_key): Search key must be unsigned for
url encoder to work properly for 8-bit values.

15 years ago* gpgkeys_ldap.c (get_key): Factor out informational display into new
David Shaw [Mon, 23 Aug 2004 16:59:11 +0000 (16:59 +0000)]
* gpgkeys_ldap.c (get_key): Factor out informational display into new
function build_info().

15 years ago* keyserver.c (keyserver_search_prompt): Make sure the search string is
David Shaw [Mon, 23 Aug 2004 14:39:48 +0000 (14:39 +0000)]
* keyserver.c (keyserver_search_prompt): Make sure the search string is
converted from UTF-8 before display.

15 years ago* gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings that
David Shaw [Mon, 23 Aug 2004 14:24:05 +0000 (14:24 +0000)]
* gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings that
got shrunk due to encoding.

15 years ago* gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along with a
David Shaw [Mon, 23 Aug 2004 03:13:27 +0000 (03:13 +0000)]
* gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along with a
full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to find the
pgpServerInfo object.  Some LDAP setups don't like the search. (main):
Stop binding to the server since it seems no server really requires it,
and some require it not be there.

15 years ago* http.c (insert_escapes): Fix encoding problem for non-URI-safe
David Shaw [Thu, 19 Aug 2004 21:19:37 +0000 (21:19 +0000)]
* http.c (insert_escapes): Fix encoding problem for non-URI-safe
characters.  Noted by Vladimir Novak.