16 years agoUpdated from latest NewPG project
Werner Koch [Thu, 9 Jan 2003 13:15:07 +0000 (13:15 +0000)]
Updated from latest NewPG project

16 years agoUpdated from latest NewPG project
Werner Koch [Thu, 9 Jan 2003 12:59:25 +0000 (12:59 +0000)]
Updated from latest NewPG project

16 years ago* keygen.c (keygen_set_std_prefs): Warn when setting an IDEA preference
David Shaw [Tue, 7 Jan 2003 15:30:02 +0000 (15:30 +0000)]
* keygen.c (keygen_set_std_prefs): Warn when setting an IDEA preference
when IDEA is not available.

16 years ago* trustdb.c (get_validity_info): 'd' for disabled is not a validity value
David Shaw [Tue, 7 Jan 2003 00:06:02 +0000 (00:06 +0000)]
* trustdb.c (get_validity_info): 'd' for disabled is not a validity value
any more.

16 years ago* gpgkeys_hkp.c (get_key): Use options=mr when getting a key so keyserver
David Shaw [Mon, 6 Jan 2003 23:05:39 +0000 (23:05 +0000)]
* gpgkeys_hkp.c (get_key): Use options=mr when getting a key so keyserver
doesn't attach the HTML header which we will just have to discard.

16 years ago* packet.h, tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record),
David Shaw [Mon, 6 Jan 2003 22:56:08 +0000 (22:56 +0000)]
* packet.h, tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record),
trustdb.c (update_validity): Store temporary full & marginal counts in the
trustdb. (clear_validity, get_validity_counts): Return and clear temp
counts. (store_validation_status): Keep track of which keyids have been
stored. (validate_one_keyblock, validate_key_list): Use per-uid copies of
the full & marginal counts so they can be recalled for multiple levels.
(validate_keys): Only use unused keys for each new round.
(reset_unconnected_keys): Rename to reset_trust_records, and only skip
specifically excluded records.

16 years ago* DETAILS: Document disabled flag in capabilities field.
David Shaw [Mon, 6 Jan 2003 21:12:34 +0000 (21:12 +0000)]
* DETAILS: Document disabled flag in capabilities field.

16 years ago* keylist.c (print_capabilities): Show 'D' for disabled keys in
David Shaw [Mon, 6 Jan 2003 21:01:44 +0000 (21:01 +0000)]
* keylist.c (print_capabilities): Show 'D' for disabled keys in
capabilities section.

* trustdb.c (is_disabled): Remove incorrect comment.

16 years ago* import.c (import_one): Only do the work to create the status display for
David Shaw [Fri, 3 Jan 2003 21:41:53 +0000 (21:41 +0000)]
* import.c (import_one): Only do the work to create the status display for
interactive import if status is enabled.

* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches.  Noted by Stefan Bellon.

* getkey.c (merge_selfsigs_main): Remove some unused code and make sure
that the pk selfsigversion member accounts for 1F direct sigs.

16 years ago* keydb.c (keydb_add_resource): Don't assume that try_make_homedir
Werner Koch [Thu, 2 Jan 2003 18:28:29 +0000 (18:28 +0000)]
* keydb.c (keydb_add_resource): Don't assume that try_make_homedir
terminates but check again for the existence of the directory and
continue then.
* openfile.c (copy_options_file): Print a warning if the skeleton
file has active options.

16 years ago* getkey.c (merge_selfsigs_main), main.h, sig-check.c
David Shaw [Sun, 29 Dec 2002 15:58:44 +0000 (15:58 +0000)]
* getkey.c (merge_selfsigs_main), main.h, sig-check.c
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.

16 years ago* keyserver.c (keyserver_refresh): Don't print the "refreshing..." line if
David Shaw [Fri, 27 Dec 2002 23:46:51 +0000 (23:46 +0000)]
* keyserver.c (keyserver_refresh): Don't print the "refreshing..." line if
there are no keys to refresh or if there is no keyserver set.

* getkey.c (merge_selfsigs_main): Any valid user ID should make a key
valid, not just the last one.  This also fixes Debian bug #174276.

16 years ago* gpg.sgml: Clarify --no-permission-warning to note that the permission
David Shaw [Fri, 27 Dec 2002 23:44:29 +0000 (23:44 +0000)]
* gpg.sgml: Clarify --no-permission-warning to note that the permission
warnings are not intended to be the be-all and end-all in security checks.
Add note to --group that when used on the command line, it may be
necessary to quote the argument so it is not treated as multiple
arguments.  Noted by Stefan Bellon.

16 years ago* NEWS: Add note about convert-from-106 script.
David Shaw [Fri, 27 Dec 2002 23:40:03 +0000 (23:40 +0000)]
* NEWS: Add note about convert-from-106 script.

16 years agofixed type problem
Stefan Bellon [Fri, 27 Dec 2002 22:17:25 +0000 (22:17 +0000)]
fixed type problem

16 years ago* keyedit.c (keyedit_menu, menu_revuid): Add "revuid" feature to revoke a
David Shaw [Fri, 27 Dec 2002 13:41:17 +0000 (13:41 +0000)]
* keyedit.c (keyedit_menu, menu_revuid): Add "revuid" feature to revoke a
user ID.  This is the same as issuing a revocation for the self-signature,
but a much simpler interface to do it.

16 years ago* keydb.h, getkey.c (key_byname): Flag to enable or disable including
David Shaw [Thu, 26 Dec 2002 22:22:50 +0000 (22:22 +0000)]
* keydb.h, getkey.c (key_byname): Flag to enable or disable including
disabled keys.  Keys specified via keyid (i.e. 0x...) are always included.

* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these

* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt.  Do include disabled keys for the default key and

* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled

* gpgv.c (is_disabled): Stub.

* keygen.c (keygen_add_key_expire): Properly handle updating a key
expiration to a no-expiration value.

* keyedit.c (enable_disable_key): Comment.

* import.c (import_one): When in interactive mode and --verbose, don't
repeat some key information twice.

16 years ago* iobuf.c (iobuf_flush): Only print debug info if debugging is on.
David Shaw [Thu, 26 Dec 2002 20:58:23 +0000 (20:58 +0000)]
* iobuf.c (iobuf_flush): Only print debug info if debugging is on.

16 years agoSimple script to create samplekeys.asc. CVS only.
Werner Koch [Mon, 23 Dec 2002 15:48:50 +0000 (15:48 +0000)]
Simple script to create samplekeys.asc.  CVS only.

16 years ago* samplekeys.asc: Updated.
Werner Koch [Mon, 23 Dec 2002 15:47:53 +0000 (15:47 +0000)]
* samplekeys.asc: Updated.

16 years ago2002-12-22 Timo Schulz <>
Timo Schulz [Sun, 22 Dec 2002 20:53:20 +0000 (20:53 +0000)]
2002-12-22  Timo Schulz  <>

        * import.c (print_import_check): New.
        (import_one): Use it here.
        Use merge_keys_and_selfsig in the interactive mode to avoid
        wrong key information.
        * status.h: Add new status code.
        * status.c: Ditto.

16 years ago* pkclist.c (do_we_trust): Tweak language to refer to the "named
David Shaw [Fri, 13 Dec 2002 21:10:53 +0000 (21:10 +0000)]
* pkclist.c (do_we_trust): Tweak language to refer to the "named
user" rather than "owner".  Noted by Stefan Bellon.

* trustdb.h, trustdb.c (trustdb_pending_check): New function to
check if the trustdb needs a check.

* import.c (import_keys_internal): Used here so we don't rebuild
the trustdb if it is still clean.
(import_one, chk_self_sigs): Only mark trustdb dirty if the key
that is being imported has any sigs other than self-sigs.
Suggested by Adrian von Bidder.

* options.skel: Include the required '=' sign in the sample
'group' option.  Noted by Stefan Bellon.

* import.c (chk_self_sigs): Don't try and check a subkey as if it
was a signature.

16 years ago* tdbio.c (tdbio_read_record, tdbio_write_record): Compact the
David Shaw [Wed, 11 Dec 2002 17:50:38 +0000 (17:50 +0000)]
* tdbio.c (tdbio_read_record, tdbio_write_record): Compact the
RECTYPE_TRUST records a bit.

* g10.c (main): Comment out --list-trust-path until it can be implemented.

* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich

* keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.

16 years ago* gpg.sgml: Clarify include-revoked and include-disabled so they match
David Shaw [Wed, 11 Dec 2002 03:47:03 +0000 (03:47 +0000)]
* gpg.sgml: Clarify include-revoked and include-disabled so they match
what the program actually does.  Noted by Dick Gevers.

* gpg.sgml: Document %-expandos for policy URLs and notations.

* gpg.sgml: Document --pgp8.  Clarify that --pgp6 and --pgp7 disable

16 years agofixed typo
Stefan Bellon [Fri, 6 Dec 2002 00:38:43 +0000 (00:38 +0000)]
fixed typo

16 years ago* gpg.sgml: Document --no-mangle-dos-filenames.
Werner Koch [Thu, 5 Dec 2002 15:25:46 +0000 (15:25 +0000)]
* gpg.sgml: Document --no-mangle-dos-filenames.

16 years ago* g10.c: New options --[no-]mangle-dos-filenames.
Werner Koch [Thu, 5 Dec 2002 15:25:16 +0000 (15:25 +0000)]
* g10.c: New options --[no-]mangle-dos-filenames.
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.

16 years ago* main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
David Shaw [Wed, 4 Dec 2002 18:50:10 +0000 (18:50 +0000)]
* main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
Minimal isn't always best.

* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time.  Make sure that this doesn't
cause a time warp.

* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).

* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.

* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).

* packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.

16 years ago* trustdb.c (validate_keys): Show trust parameters when building trustdb,
David Shaw [Wed, 4 Dec 2002 06:06:56 +0000 (06:06 +0000)]
* trustdb.c (validate_keys): Show trust parameters when building trustdb,
and make sure that the version record update was successful.
(init_trustdb): If the current parameters aren't what was used for
building the trustdb, the trustdb is invalid.

* tbio.c (tdbio_db_matches_options): Update to work with new trustdbs.

16 years ago* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store trust
David Shaw [Wed, 4 Dec 2002 00:05:11 +0000 (00:05 +0000)]
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store trust
model in the trustdb version record. (tdbio_update_version_record): New
function to update version record values during a trustdb check or update.
(tdbio_dump_record): Show trust model in dump.

* trustdb.c (validate_keys): Call tdbio_update_version_record on success
so that the correct options are stored in the trustdb.

* options.h: rearrange trust models so that CLASSIC is 0 and OPENPGP is 1.

16 years ago* options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
David Shaw [Tue, 3 Dec 2002 23:31:48 +0000 (23:31 +0000)]
* options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.

* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys

* g10.c (add_notation_data): Fix initialization.

16 years agoMarked unused slots in the trustdb.
Werner Koch [Tue, 3 Dec 2002 08:12:53 +0000 (08:12 +0000)]
Marked unused slots in the trustdb.

16 years ago* gpg.sgml: Point out that if the user absolutely must, it's better to use
David Shaw [Sun, 1 Dec 2002 21:06:13 +0000 (21:06 +0000)]
* gpg.sgml: Point out that if the user absolutely must, it's better to use
--pgpX than forcing an algorithm manually.  Better still not to use
anything, of course. CVS:
gpg.sgml CVS:

16 years ago* distfiles, Include convert-from-106.
David Shaw [Sun, 1 Dec 2002 21:04:07 +0000 (21:04 +0000)]
* distfiles, Include convert-from-106.

* convert-from-106: Script to automate the 1.0.6->later conversion.  It
marks all secret keys as ultimately trusted, adds the signature caches,
and checks the trustdb.

16 years ago* keyedit.c (menu_expire): Don't lose key flags when changing the
David Shaw [Sun, 1 Dec 2002 20:59:04 +0000 (20:59 +0000)]
* keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.

16 years ago* NEWS: Add notes about notation names and '@', the --trust-model option,
David Shaw [Tue, 26 Nov 2002 04:02:58 +0000 (04:02 +0000)]
* NEWS: Add notes about notation names and '@', the --trust-model option,
default algorithms from --personal-xxxx, --primary-keyring, changes with
--s2k-digest-algo, the new anonymous recipient improvements, and
non-optimized memory wiping.

16 years ago* gpg.sgml: Document --primary-keyring. Clarify --s2k-cipher-algo,
David Shaw [Tue, 26 Nov 2002 04:00:28 +0000 (04:00 +0000)]
* gpg.sgml: Document --primary-keyring.  Clarify --s2k-cipher-algo,
--s2k-digest-algo, --personal-cipher-preferences,
--personal-digest-preferences, and --personal-compress-preferences.

16 years ago* gpg.sgml: Document --sig-policy-url, --cert-policy-url, --sig-notation,
David Shaw [Mon, 25 Nov 2002 14:34:08 +0000 (14:34 +0000)]
* gpg.sgml: Document --sig-policy-url, --cert-policy-url, --sig-notation,
--cert-notation.  Clarify --show-notation and --show-policy-url that
policy URLs and notations can be used in data signatures as well.  Add
note about '@' being a required character in notation names.

16 years agono RISC OS filetype needed for nooutput
Stefan Bellon [Mon, 25 Nov 2002 13:30:34 +0000 (13:30 +0000)]
no RISC OS filetype needed for nooutput

16 years ago* main.h, misc.c (default_cipher_algo, default_compress_algo): New.
David Shaw [Mon, 25 Nov 2002 04:24:41 +0000 (04:24 +0000)]
* main.h, misc.c (default_cipher_algo, default_compress_algo): New.
Return the default algorithm by trying --cipher-algo/--compress-algo, then
the first item in the pref list, then s2k-cipher-algo or ZIP.

* sign.c (sign_file, sign_symencrypt_file), encode.c (encode_simple,
encode_crypt): Call default_cipher_algo and default_compress_algo to get

* g10.c (main): Allow pref selection for compress algo with --openpgp.

16 years ago* mainproc.c (proc_encrypted): Use --s2k-digest-algo for passphrase
David Shaw [Mon, 25 Nov 2002 04:11:02 +0000 (04:11 +0000)]
* mainproc.c (proc_encrypted): Use --s2k-digest-algo for passphrase
mangling rather than --digest-algo.

16 years ago* sign.c (hash_for): If --digest-algo is not set, but
David Shaw [Mon, 25 Nov 2002 04:06:04 +0000 (04:06 +0000)]
* sign.c (hash_for): If --digest-algo is not set, but
--personal-digest-preferences is, then use the first hash algorithm in the
personal list.  If the signing algorithm is DSA, then use the first
160-bit hash algorithm in the personal list. If --pgp2 is set and it's a
v3 RSA key, use MD5.

16 years ago* g10.c (main), keydb.c (keydb_add_resource, keydb_locate_writable):
David Shaw [Mon, 25 Nov 2002 03:18:48 +0000 (03:18 +0000)]
* g10.c (main), keydb.c (keydb_add_resource, keydb_locate_writable):
Rename --default-keyring as --primary-keyring.  Stefan wins the naming

16 years ago* g10.c (add_notation_data): Disallow notation names that do not contain a
David Shaw [Sun, 24 Nov 2002 01:49:32 +0000 (01:49 +0000)]
* g10.c (add_notation_data): Disallow notation names that do not contain a
'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file

16 years ago* encode.c (encode_simple), passphrase.c (passphrase_to_dek), sign.c
David Shaw [Sun, 24 Nov 2002 00:50:14 +0000 (00:50 +0000)]
* encode.c (encode_simple), passphrase.c (passphrase_to_dek), sign.c
(sign_symencrypt_file): Use --s2k-digest-algo for passphrase mangling
rather than --digest-algo.

16 years ago* gpg.sgml: Add an interoperability section.
David Shaw [Fri, 22 Nov 2002 03:53:53 +0000 (03:53 +0000)]
* gpg.sgml: Add an interoperability section.

16 years ago* keygen.c (keygen_set_std_prefs): Properly handle an empty preference
David Shaw [Thu, 21 Nov 2002 16:25:05 +0000 (16:25 +0000)]
* keygen.c (keygen_set_std_prefs): Properly handle an empty preference

* misc.c (string_to_compress_algo): "none" is a bad choice since it
conflicts with the "none" in setpref.

16 years ago* gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver protocol
David Shaw [Mon, 18 Nov 2002 00:43:33 +0000 (00:43 +0000)]
* gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver protocol

16 years ago* gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode. Noted
David Shaw [Sun, 17 Nov 2002 15:22:48 +0000 (15:22 +0000)]
* gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode. Noted
by Haakon Riiser.

16 years ago* config.links: Use OpenBSD/NetBSD powerpc assembler code for Darwin.
David Shaw [Sat, 16 Nov 2002 16:53:58 +0000 (16:53 +0000)]
* config.links: Use OpenBSD/NetBSD powerpc assembler code for Darwin.
Successfully tested by Gordon Worley.

16 years ago* gpg.sgml: --compress-algo now allows algorithm names.
David Shaw [Fri, 15 Nov 2002 04:15:39 +0000 (04:15 +0000)]
* gpg.sgml: --compress-algo now allows algorithm names.

* gpg.sgml: Document --trust-model.

* README.W32: Add blurb on how to create a ZIP file, changed requirement
for mingw32 to 0.3.2.

16 years ago* g10.c (main): Allow compression algorithm names as the argument to
David Shaw [Fri, 15 Nov 2002 04:07:24 +0000 (04:07 +0000)]
* g10.c (main): Allow compression algorithm names as the argument to
--compress-algo.  The old algorithm names still work for backwards

* misc.c (string_to_compress_algo): Allow "none" as an alias for

16 years ago* gpgkeys_ldap.c (get_key): The deduping code requires "pgpcertid", but
David Shaw [Thu, 14 Nov 2002 14:30:53 +0000 (14:30 +0000)]
* gpgkeys_ldap.c (get_key): The deduping code requires "pgpcertid", but
that was not available when running without verbose on.  Noted by Stefan.

16 years agofixed type incompatibility
Stefan Bellon [Wed, 13 Nov 2002 21:49:57 +0000 (21:49 +0000)]
fixed type incompatibility

16 years ago* encode.c (encode_simple): Make sure that files larger than about 4G use
David Shaw [Wed, 13 Nov 2002 17:43:27 +0000 (17:43 +0000)]
* encode.c (encode_simple): Make sure that files larger than about 4G use
partial length encoding.  This is required because OpenPGP allows only for
32 bit length fields.  From Werner on stable branch.

* getkey.c (get_pubkey_direct): Renamed to... (get_pubkey_fast): this and
made extern. (get_pubkey_byfprint_fast): New.  From Werner on stable

* keydb.h, import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might lead to
recursions. (revocation_present): Likewise for search by fingerprint.
From Werner on stable branch.

* g10.c (main): Try to create the trustdb even for non-colon-mode list-key
operations.  This is required because getkey needs to know whether a a key
is ultimately trusted.  From Werner on stable branch.

16 years ago* exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; we don't need
David Shaw [Wed, 13 Nov 2002 17:19:22 +0000 (17:19 +0000)]
* exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; we don't need
it here as it behaves more like a Posix system. From Werner on stable

* passphrase.c (agent_get_passphrase): Ditto.  From Werner on stable

* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.  From Werner on
stable branch.

* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from the
registry.  From Werner on stable branch.

16 years ago* mk-w32-dist: Don't use iconv for pl.po. From Werner on stable branch.
David Shaw [Wed, 13 Nov 2002 16:50:44 +0000 (16:50 +0000)]
* mk-w32-dist: Don't use iconv for pl.po.  From Werner on stable branch.

* mk-w32-dist: Include gpgkeys_ldap and gpgkeys_hkp.

16 years ago* util.h [__CYGWIN32__]: Don't need the registry prototypes. From Werner
David Shaw [Wed, 13 Nov 2002 16:38:07 +0000 (16:38 +0000)]
* util.h [__CYGWIN32__]: Don't need the registry prototypes.  From Werner
on stable branch.

16 years ago* THANKS: Changes from stable branch.
David Shaw [Wed, 13 Nov 2002 16:11:32 +0000 (16:11 +0000)]
* THANKS: Changes from stable branch.

* Check for ctermid().  From Werner on stable

Werner on stable branch.

* (try_gettext): Remove special case for cygwin.
This removes all the DOS specific macros and let Cygwin work like
a real OS.  Needs a couple of changes elsewhere but after all,
GnuPG presents itself much more like a Posix program and can be
used in a full Cygwin environment; e.g. used along with mutt.
Changes suggested by Volker Quetschke.  From Werner on stable

* acinclude.m4 (GNUPG_SYS_NM_PARSE): Allow for underscore in test
symbols.  Useful for Cygwin builds.
(GNUPG_SYS_SYMBOL_UNDERSCORE): Don't hardwire to yes for Cygwin.
From Werner on stable branch.

* README: Add an installation note for Darwin 6.1.  From Werner on
stable branch.

16 years ago* secmem.c (lock_pool) [__CYGWIN__]: Don't print secmem warning. From
David Shaw [Wed, 13 Nov 2002 15:39:10 +0000 (15:39 +0000)]
* secmem.c (lock_pool) [__CYGWIN__]: Don't print secmem warning. From
Werner on stable branch.

16 years ago* keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
David Shaw [Wed, 13 Nov 2002 13:23:03 +0000 (13:23 +0000)]
* keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.

* getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.

16 years ago* config.sub, config.guess: Updated from
Werner Koch [Tue, 12 Nov 2002 19:37:44 +0000 (19:37 +0000)]
* config.sub, config.guess: Updated from
to version 2002-11-08.

16 years agoPost release version number bump.
Werner Koch [Tue, 12 Nov 2002 16:45:22 +0000 (16:45 +0000)]
Post release version number bump.

16 years agoPreparing 1.3.1 release. V1-3-1
Werner Koch [Tue, 12 Nov 2002 16:15:57 +0000 (16:15 +0000)]
Preparing 1.3.1 release.

16 years ago* gpgkeys_ldap.c (get_key): Fix typo in deduping code.
David Shaw [Sun, 10 Nov 2002 21:32:11 +0000 (21:32 +0000)]
* gpgkeys_ldap.c (get_key): Fix typo in deduping code.

16 years ago* ttyio.c (TERMDEVICE): Removed.
Werner Koch [Sat, 9 Nov 2002 17:49:01 +0000 (17:49 +0000)]
* ttyio.c (TERMDEVICE): Removed.
(tty_get_ttyname): New.
(init_ttyfp): Use it here instead of the TERMDEVICE macro.

16 years ago* passphrase.c (agent_send_all_options): Use tty_get_ttyname to
Werner Koch [Sat, 9 Nov 2002 17:48:41 +0000 (17:48 +0000)]
* passphrase.c (agent_send_all_options): Use tty_get_ttyname to
get the default ttyname.

16 years agoFixed copyright year
Werner Koch [Sat, 9 Nov 2002 17:42:24 +0000 (17:42 +0000)]
Fixed copyright year

16 years ago* keyring.h, keyring.c (keyring_register_filename): Return the pointer if
David Shaw [Fri, 8 Nov 2002 03:31:21 +0000 (03:31 +0000)]
* keyring.h, keyring.c (keyring_register_filename): Return the pointer if
a given keyring is registered twice.

* keydb.h, keydb.c (keydb_add_resource): Use flags to indicate a default
keyring. (keydb_locate_writable): Prefer the default keyring if possible.

* g10.c (main): Add --default-keyring option.

16 years ago* options.h, g10.c (main), trustdb.c (ask_ownertrust): Add
David Shaw [Thu, 7 Nov 2002 04:37:27 +0000 (04:37 +0000)]
* options.h, g10.c (main), trustdb.c (ask_ownertrust): Add
--force-ownertrust option for debugging purposes.  This allows setting a
whole keyring to a given trust during an --update-trustdb.  Not for normal
use - it's just easier than hitting "4" all the time to test a large

16 years ago* w32reg.c (read_w32_registry_string): Fixed expanding of the environment
David Shaw [Wed, 6 Nov 2002 22:51:44 +0000 (22:51 +0000)]
* w32reg.c (read_w32_registry_string): Fixed expanding of the environment
buffer; didn't worked at all.  Reported by Thijmen Klok.  From Werner on
stable branch.

* secmem.c (secmem_free, secmem_term): Use wipememory2() instead of
memset() to overwrite secure memory

* iobuf.c (direct_open): Handle mode 'b' if O_BINARY is available. From
Werner on stable branch.

* fileutil.c: Comment from stable branch.

16 years ago* util.h: Add wipememory2() macro (same as wipememory, but can specify the
David Shaw [Wed, 6 Nov 2002 17:38:09 +0000 (17:38 +0000)]
* util.h: Add wipememory2() macro (same as wipememory, but can specify the
byte to wipe with).

16 years ago* rndw32.c [__CYGWIN32__]: Don't include winioctl.h - it is not required
David Shaw [Wed, 6 Nov 2002 17:32:37 +0000 (17:32 +0000)]
* rndw32.c [__CYGWIN32__]: Don't include winioctl.h - it is not required
anymore. (From Werner)

* random.c (read_seed_file,update_random_seed_file): Use binary mode for
__CYGWIN__. (From Werner)

* blowfish.c (burn_stack), cast5.c (burn_stack), des.c (burn_stack), md5.c
(burn_stack), random.c (burn_stack, read_pool, fast_random_poll),
rijndael.c (burn_stack), rmd160.c (burn_stack), rndegd.c
(rndegd_gather_random), rndlinux.c (rndlinux_gather_random), sha1.c
(burn_stack), tiger.c (burn_stack), twofish.c (burn_stack): Replace
various calls to memset() with the more secure wipememory().

16 years ago* pubkey-enc.c (get_session_key): With hidden recipients or try a given
David Shaw [Wed, 6 Nov 2002 16:58:28 +0000 (16:58 +0000)]
* pubkey-enc.c (get_session_key): With hidden recipients or try a given
passphrase against all secret keys rather than trying all secret keys in
turn.  Don't if --try-all-secrets or --status-fd is enabled.

* passphrase.c (passphrase_to_dek): Mode 1 means do a regular passphrase
query, but don't prompt with the key info.

* seckey-cert.c (do_check, check_secret_key): A negative ask count means
to enable passphrase mode 1.

* keydb.h, getkey.c (enum_secret_keys): Add flag to include
secret-parts-missing keys (or not) in the list.

16 years ago* gpgkeys_ldap.c (key_in_keylist, add_key_to_keylist, free_keylist,
David Shaw [Tue, 5 Nov 2002 22:08:02 +0000 (22:08 +0000)]
* gpgkeys_ldap.c (key_in_keylist, add_key_to_keylist, free_keylist,
get_key, search_key): The LDAP keyserver doesn't remove duplicates, so
remove them locally.  Do not include the key modification time in the
search response.

16 years ago* keyserver.c (keyserver_search_prompt): When --with-colons is enabled,
David Shaw [Tue, 5 Nov 2002 16:11:04 +0000 (16:11 +0000)]
* keyserver.c (keyserver_search_prompt): When --with-colons is enabled,
don't try and fit the search output to the screen size - just dump the
whole list.

16 years ago* keyserver.c (keyserver_search_prompt): When --with-colons is enabled,
David Shaw [Tue, 5 Nov 2002 04:28:40 +0000 (04:28 +0000)]
* keyserver.c (keyserver_search_prompt): When --with-colons is enabled,
just dump the raw keyserver protocol to stdout and don't print the menu.

16 years ago* KEYSERVER: New. Documents the --with-colons format for keyserver
David Shaw [Tue, 5 Nov 2002 04:24:45 +0000 (04:24 +0000)]
* KEYSERVER: New.  Documents the --with-colons format for keyserver

* DETAILS: Clarify meaning of 'u'.  Noted by Timo.

16 years ago* trustdb.c (trust_model_string, check_trustdb, update_trustdb,
David Shaw [Mon, 4 Nov 2002 17:30:38 +0000 (17:30 +0000)]
* trustdb.c (trust_model_string, check_trustdb, update_trustdb,
validate_one_keyblock): It's not clear what a trustdb rebuild or check
means with a trust model other than "classic" or "openpgp", so disallow

16 years ago* gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly handle an
David Shaw [Mon, 4 Nov 2002 13:59:08 +0000 (13:59 +0000)]
* gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly handle an
input file that does not include any key data at all.

16 years ago* options.h, g10.c (main): Add --trust-model option. Current models are
David Shaw [Sun, 3 Nov 2002 20:18:56 +0000 (20:18 +0000)]
* options.h, g10.c (main): Add --trust-model option.  Current models are
"openpgp" which is classic+trustsigs, "classic" which is classic only, and
"always" which is the same as the current option --always-trust (which
still works).  Default is "openpgp".

* trustdb.c (validate_one_keyblock): Use "openpgp" trust model to enable
trust sigs.

* gpgv.c (main), mainproc.c (check_sig_and_print), pkclist.c (do_we_trust,
do_we_trust_pre, check_signatures_trust): Use new --trust-model option in
place of --always-trust.

16 years ago* gpg.sgml: Document "tsign", clarify "setpref", clarify --recipient,
David Shaw [Sun, 3 Nov 2002 13:40:39 +0000 (13:40 +0000)]
* gpg.sgml: Document "tsign", clarify "setpref", clarify --recipient,
document --hidden-recipient, document --hidden-encrypt-to, clarify
--no-encrypt-to, clarify --throw-keyid, document --no-throw-keyid.

16 years ago* NEWS: Note trust signature support,
David Shaw [Sun, 3 Nov 2002 12:52:30 +0000 (12:52 +0000)]
* NEWS: Note trust signature support,
--hidden-encrypt-to/--hidden-recipient, and long algorithm name support

16 years ago* keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids, keyedit_menu):
David Shaw [Sun, 3 Nov 2002 12:46:52 +0000 (12:46 +0000)]
* keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids, keyedit_menu):
Prompt for and create a trust signature with "tsign".  This is functional,
but needs better UI text.

* build-packet.c (build_sig_subpkt): Able to build trust and regexp

* pkclist.c (do_edit_ownertrust): Comment.

16 years ago* keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the full
David Shaw [Sun, 3 Nov 2002 00:00:42 +0000 (00:00 +0000)]
* keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the full
algorithm name (CAST5, SHA1) rather than the short form (S3, H2).

* main.h, keygen.c (keygen_get_std_prefs), keyedit.c (keyedit_menu):
Return and use a fake uid packet rather than a string since we already
have a nice parser/printer in keyedit.c:show_prefs.

* main.h, misc.c (string_to_compress_algo): New.

16 years ago* cipher.c (string_to_cipher_algo), md.c (string_to_digest_algo): Allow
David Shaw [Sat, 2 Nov 2002 21:39:37 +0000 (21:39 +0000)]
* cipher.c (string_to_cipher_algo), md.c (string_to_digest_algo): Allow
the Sxxx and Hxxx format for cipher and digest names.

16 years ago* g10.c (main): Add --no-throw-keyid.
David Shaw [Fri, 1 Nov 2002 16:15:45 +0000 (16:15 +0000)]
* g10.c (main): Add --no-throw-keyid.

* keydb.h, encode.c (write_pubkey_enc_from_list), g10.c (main), pkclist.c
(build_pk_list): Add --hidden-recipient (-R) and --hidden-encrypt-to,
which do a single-user variation on --throw-keyid.  The "hide this key"
flag is carried in bit 0 of the pk_list flags field.

* keyserver.c (parse_keyrec): Fix shadowing warning.

16 years ago* Put gnupg.spec in the root directory so rpm -ta works.
David Shaw [Thu, 31 Oct 2002 18:29:53 +0000 (18:29 +0000)]
* Put gnupg.spec in the root directory so rpm -ta works.

16 years ago* Update source ftp path.
David Shaw [Thu, 31 Oct 2002 18:28:35 +0000 (18:28 +0000)]
* Update source ftp path.

16 years agoadded RISC OS module loading support
Stefan Bellon [Thu, 31 Oct 2002 16:58:47 +0000 (16:58 +0000)]
added RISC OS module loading support

16 years ago* build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
David Shaw [Thu, 31 Oct 2002 15:40:42 +0000 (15:40 +0000)]
* build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized

16 years ago* util.h: Add wipememory() macro.
David Shaw [Thu, 31 Oct 2002 15:35:24 +0000 (15:35 +0000)]
* util.h: Add wipememory() macro.

16 years ago* Add a check for volatile.
David Shaw [Thu, 31 Oct 2002 15:31:04 +0000 (15:31 +0000)]
* Add a check for volatile.

16 years ago* trustdb.c (check_regexp): Modern regexps require REG_EXTENDED.
David Shaw [Wed, 30 Oct 2002 23:40:05 +0000 (23:40 +0000)]
* trustdb.c (check_regexp): Modern regexps require REG_EXTENDED.

16 years ago* packet.h, trustdb.h, trustdb.c (trust_string): New. Return a string
David Shaw [Wed, 30 Oct 2002 03:11:57 +0000 (03:11 +0000)]
* packet.h, trustdb.h, trustdb.c (trust_string): New.  Return a string
like "fully trusted", "marginally trusted", etc. (get_min_ownertrust):
New.  Return minimum ownertrust. (update_min_ownertrust): New.  Set
minimum ownertrust. (check_regexp): New.  Check a regular epression
against a user ID. (ask_ownertrust): Allow specifying a minimum value.
(get_ownertrust_info): Follow the minimum ownertrust when returning a
letter. (clear_validity): Remove minimum ownertrust when a key becomes
invalid. (release_key_items): Release regexp along with the rest of the
info. (validate_one_keyblock, validate_keys): Build a trust sig chain
while validating.  Call check_regexp for regexps.  Use the minimum
ownertrust if the user does not specify a genuine ownertrust.

* pkclist.c (do_edit_ownertrust): Only allow user to select a trust level
greater than the minimum value.

* parse-packet.c (can_handle_critical): Can handle critical trust and
regexp subpackets.

* trustdb.h, trustdb.c (clear_ownertrusts), delkey.c (do_delete_key),
import.c (import_one): Rename clear_ownertrust to clear_ownertrusts and
have it clear the min_ownertrust value as well.

* keylist.c (list_keyblock_print): Indent uid to match pub and sig.

16 years ago* Add --disable-regex in case some platform just can't
David Shaw [Tue, 29 Oct 2002 22:44:07 +0000 (22:44 +0000)]
* Add --disable-regex in case some platform just can't
handle the regex stuff.  This means they can't fully handle trust sigs
with an attached regex either.

16 years ago* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
David Shaw [Tue, 29 Oct 2002 18:00:07 +0000 (18:00 +0000)]
* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.

* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.

* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).

16 years agotidied RISC OS filetype support
Stefan Bellon [Tue, 29 Oct 2002 14:37:12 +0000 (14:37 +0000)]
tidied RISC OS filetype support

16 years agofiletype support for RISC OS
Stefan Bellon [Mon, 28 Oct 2002 13:26:44 +0000 (13:26 +0000)]
filetype support for RISC OS

16 years ago* Use new path for keyserver helpers, /usr/lib is no longer
David Shaw [Sat, 26 Oct 2002 19:45:00 +0000 (19:45 +0000)]
* Use new path for keyserver helpers, /usr/lib is no longer
used for cipher/hash plugins, and include gpgv, gpgsplit, and the new
gnupg.7 man page.