14 years ago* main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
David Shaw [Fri, 24 Sep 2004 20:34:38 +0000 (20:34 +0000)]
* main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
opt.s2k_digest_algo.  This helps fix a problem with PGP 2.x encrypted
symmetric messages.  Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).

* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings.  Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.

14 years ago* keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), keygen.c
David Shaw [Fri, 24 Sep 2004 14:34:45 +0000 (14:34 +0000)]
* keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), keygen.c
(copy_mpi, generate_raw_key): Fix a compile problem and a few warnings
when building without card support.

14 years agoNote: I have not fully tested the new key creation due to a pc/sc
Werner Koch [Thu, 23 Sep 2004 19:34:45 +0000 (19:34 +0000)]
Note: I have not fully tested the new key creation due to a pc/sc
error.  However the backupfile has been created successfully.

* rsa.c (rsa_generate): Return the dummy list of factors only if
the caller asked for it.

* card_util.c (generate_card_keys): ask whether backup should be
(card_store_subkey): Factored some code out to ..
* keygen.c (save_unprotected_key_to_card): .. new function.
(gen_card_key_with_backup): New.
(generate_raw_key): New.
(generate_keypair): New arg BACKUP_ENCRYPTION_DIR.  Changed all
(do_generate_keypair): Divert to gen_card_key_with_backup when

14 years ago* gpg.sgml: Document "addcardkey" and "keytocard".
Werner Koch [Thu, 23 Sep 2004 13:32:31 +0000 (13:32 +0000)]
* gpg.sgml: Document "addcardkey" and "keytocard".

* apdu.c (open_pcsc_reader): Do not print empty reader string.

* keygen.c (ask_algo): Allow creation of AUTH keys.

* keyid.c (usagestr_from_pk): New.

* app-openpgp.c (app_openpgp_storekey): Call flush_cache.

* keyedit.c (keyedit_menu): New command "keytocard"
(keyedit_menu): Bad hack for the not_with_sk element.
(show_key_with_all_names): Print the usage.
(find_pk_from_sknode): New.

* card-util.c (card_store_subkey): New.
(copy_mpi): New.
* cardglue.c (agent_openpgp_storekey): New.

14 years ago* mainproc.c (check_sig_and_print), keyedit.c (show_prefs,
David Shaw [Wed, 22 Sep 2004 03:16:41 +0000 (03:16 +0000)]
* mainproc.c (check_sig_and_print), keyedit.c (show_prefs,
menu_set_keyserver_url): Make sure that keyserver URLs with control
characters inside are printed properly.  In fact, handle them as UTF8.

14 years ago* keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if we do
David Shaw [Tue, 21 Sep 2004 22:24:47 +0000 (22:24 +0000)]
* keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if we do
not have card support.

* keydb.h, keyserver.c (print_keyrec, keyserver_spawn): fpr is an array of
unsigned bytes.

14 years ago* gpg.sgml: Document -K.
Werner Koch [Mon, 20 Sep 2004 18:38:39 +0000 (18:38 +0000)]
* gpg.sgml: Document -K.

* g10.c: Make -K an alias for --list-secret-keys.

* keylist.c (print_card_serialno): New. Taken from gnupg 1.9.11.
(list_keyblock_print): Make use of it.
* keyedit.c (show_key_with_all_names): Print the card S/N.

* keyedit.c (keyedit_menu): New command ADDCARDKEY.
* card-util.c (card_generate_subkey): New.
* keygen.c (generate_card_subkeypair): New.
(gen_card_key): New arg IS_PRIMARY; changed all callers.

* cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.

14 years ago* cardglue.c (open_card): Use shutdown code if possible.
Werner Koch [Mon, 20 Sep 2004 13:15:37 +0000 (13:15 +0000)]
* cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.

* ccid-driver.c (do_close_reader): Factored some code out from ...
(ccid_shutdown_reader): New.

* apdu.c (apdu_shutdown_reader): New.
(shutdown_ccid_reader): New.

15 years ago(apdu_open_reader): No fallback if a full CCID reader id has been
Werner Koch [Fri, 17 Sep 2004 14:26:50 +0000 (14:26 +0000)]
(apdu_open_reader): No fallback if a full CCID reader id has been

Removed test code from ccid-driver.c

15 years ago* Don't check for usb_create_match or
Werner Koch [Fri, 17 Sep 2004 13:57:29 +0000 (13:57 +0000)]
* Don't check for usb_create_match or
use_get_string_simple anymore.

* g10.c (list_config): New config option ccid-reader-id.
(gpgconf_list): Add "reader-port".

* apdu.c (open_ccid_reader): New arg PORTSTR.  Pass it to
(apdu_open_reader): Pass portstr to open_ccid_reader.

* ccid-driver.c (ccid_get_reader_list): New.
(ccid_open_reader): Changed API to take a string for the reader.
Removed al the cruft for the libusb development vesion which seems
not to be maintained anymore and there are no packages anyway.
The stable library works just fine.
(struct ccid_reader_id_s): Deleted and replaced everywhere by a
simple string.
(usb_get_string_simple): Removed.
(bulk_in): Do valgrind hack here and not just everywhere.

15 years ago* keyedit.c (show_key_with_all_names, show_prefs): Show preferred
David Shaw [Thu, 16 Sep 2004 20:55:09 +0000 (20:55 +0000)]
* keyedit.c (show_key_with_all_names, show_prefs): Show preferred
keyserver(s) in "showpref" output.

15 years ago* keygen.c (keygen_add_keyserver_url), keyedit.c (menu_set_keyserver_url):
David Shaw [Thu, 16 Sep 2004 20:07:42 +0000 (20:07 +0000)]
* keygen.c (keygen_add_keyserver_url), keyedit.c (menu_set_keyserver_url):
Allow setting a keyserver URL of "none" to remove an existing keyserver

15 years ago* keyedit.c (menu_set_keyserver_url): Confirm replacement of a keyserver
David Shaw [Thu, 16 Sep 2004 19:53:06 +0000 (19:53 +0000)]
* keyedit.c (menu_set_keyserver_url): Confirm replacement of a keyserver
URL before overwriting the old one.

15 years ago* DETAILS: Document the 'spk' signature subpacket record. Add more detail
David Shaw [Thu, 16 Sep 2004 13:35:37 +0000 (13:35 +0000)]
* DETAILS: Document the 'spk' signature subpacket record.  Add more detail
on "tru" records.

* gpg.sgml: Note that PGP scales photo IDs to fit in the dialog box.
Document show-sig-subpackets.  Document the '%c' signature counter

15 years ago* gpgv.c (agent_scd_getattr): Stub.
David Shaw [Wed, 15 Sep 2004 18:41:36 +0000 (18:41 +0000)]
* gpgv.c (agent_scd_getattr): Stub.

* misc.c (get_signature_count): New.  Get the signature count from a
smartcard. (pct_expando): Call it here so the %c expando becomes the
number of signatures issued.  This allows for notations or the like with
an automatic signature count.

* ccid-driver.c (usb_get_string_simple): Replacement function to work with
older libusb.

15 years ago* Give warning when using capabilities. Check for
David Shaw [Wed, 15 Sep 2004 18:33:13 +0000 (18:33 +0000)]
* Give warning when using capabilities.  Check for
usb_get_string_simple for old libusb reasons.

15 years ago* g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver.
Werner Koch [Wed, 15 Sep 2004 15:26:38 +0000 (15:26 +0000)]
* g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver.

* ccid-driver.c (read_device_info): Removed.
(make_reader_id, scan_or_find_devices): New.
(ccid_open_reader): Simplified by make use of the new functions.
(ccid_set_debug_level): New.  Changed the macros to make use of
it.  It has turned out that it is often useful to enable debugging
at runtime so I added this option.

15 years agoDocument "--debug-ccid-driver".
Werner Koch [Wed, 15 Sep 2004 15:26:17 +0000 (15:26 +0000)]
Document "--debug-ccid-driver".

15 years ago* gpg.sgml: Note that --throw-keyid is --throw-keyids. Note changes in
David Shaw [Tue, 14 Sep 2004 15:47:17 +0000 (15:47 +0000)]
* gpg.sgml: Note that --throw-keyid is --throw-keyids.  Note changes in
--pgp8.  Rephrase the "don't play algorithm games" warning now that PGP
has blowfish, zlib, and bzip2.

15 years ago* getkey.c (premerge_public_with_secret): Fix subkey<->binding sig
David Shaw [Tue, 14 Sep 2004 02:00:39 +0000 (02:00 +0000)]
* getkey.c (premerge_public_with_secret): Fix subkey<->binding sig
mismatch when some secret subkeys are missing.  Discovered by Michael

15 years ago* pgpgroup-to-gpggroup: New perl script to take groups from PGP command
David Shaw [Tue, 14 Sep 2004 01:57:25 +0000 (01:57 +0000)]
* pgpgroup-to-gpggroup: New perl script to take groups from PGP command
line and write out GnuPG 'group' config lines.

15 years ago* main.h, keylist.c (print_subpackets_colon): Make a public function.
David Shaw [Mon, 13 Sep 2004 12:31:25 +0000 (12:31 +0000)]
* main.h, keylist.c (print_subpackets_colon): Make a public function.

* keyedit.c (print_and_check_one_sig_colon): New.  Print a with-colons
version of the sig record. (menu_delsig): Call it here for a with-colons

15 years ago* options.h, keylist.c (print_one_subpacket, print_subpackets_colon):
David Shaw [Sun, 12 Sep 2004 15:27:38 +0000 (15:27 +0000)]
* options.h, keylist.c (print_one_subpacket, print_subpackets_colon):
Print a spk record for each request subpacket. (list_keyblock_colon): Call
them here.

* g10.c (parse_subpacket_list, parse_list_options): New.  Make the list of
subpackets we are going to print. (main): Call them here.

15 years ago* card-util.c (fetch_url, card_edit): Use the pubkey URL stored on the
David Shaw [Sat, 11 Sep 2004 15:42:19 +0000 (15:42 +0000)]
* card-util.c (fetch_url, card_edit): Use the pubkey URL stored on the
card to fetch an updated copy.  Works with either straight URLs or HKP or
LDAP keyservers.

* keyserver-internal.h, keyserver.c (keyserver_import_fprint), import.c
(revocation_present): Use a keyserver_spec so the caller can pass in
whatever keyserver they like.

15 years ago* app-openpgp.c (get_cached_data): Avoid mallocing zero since it breaks us
David Shaw [Sat, 11 Sep 2004 03:30:48 +0000 (03:30 +0000)]
* app-openpgp.c (get_cached_data): Avoid mallocing zero since it breaks us
when using --enable-m-guard.

15 years ago* NEWS: Note HTTP basic auth.
David Shaw [Sat, 11 Sep 2004 02:34:01 +0000 (02:34 +0000)]
* NEWS: Note HTTP basic auth.

* Check for usb_get_busses since very old stable libusb
doesn't have it.

15 years ago* ccid-driver.c (read_device_info): Fix segfault when usb device is not
David Shaw [Sat, 11 Sep 2004 02:29:36 +0000 (02:29 +0000)]
* ccid-driver.c (read_device_info): Fix segfault when usb device is not
accessible. (ccid_open_reader): Allow working with an even older version
of libusb (usb_busses global instead of usb_get_busses()).

15 years ago* http.h: Add auth field for a parsed_uri to allow for basic auth.
David Shaw [Fri, 10 Sep 2004 21:17:32 +0000 (21:17 +0000)]
* http.h: Add auth field for a parsed_uri to allow for basic auth.

15 years ago* http.c (make_radix64_string, do_parse_uri, send_request): Add basic auth
David Shaw [Fri, 10 Sep 2004 21:16:47 +0000 (21:16 +0000)]
* http.c (make_radix64_string, do_parse_uri, send_request): Add basic auth
for proxies and direct requests.  Suggested by Florent Thoumie.

15 years ago* http.c (main): Fix test code for http-test.
David Shaw [Fri, 10 Sep 2004 18:56:52 +0000 (18:56 +0000)]
* http.c (main): Fix test code for http-test.

15 years ago* README: Doc --disable-card-support and --without-readline.
Werner Koch [Thu, 9 Sep 2004 18:18:36 +0000 (18:18 +0000)]
* README: Doc --disable-card-support and --without-readline.

* Check for readline.  Make enable-card-support the
default.  New option --without-readline.  Allow the use of either
the development or the stable libusb.

* cardglue.h: Add members for CA fingerprints.
* cardglue.c (agent_release_card_info): Invalid them.
(learn_status_cb): Store them.

* app-common.h, app-openpgp.c, iso7816.c, iso7816.h
* apdu.c, apdu.h, ccid-driver.c, ccid-driver.h
* card-util.c: Updated from current gnupg-1.9.

* ccid-driver.h (CCID_DRIVER_ERR_ABORTED): New.
* ccid-driver.c (ccid_open_reader): Support the stable 0.1 version
of libusb.
(ccid_get_atr): Handle short messages.
* apdu.c (my_rapdu_get_status): Implemented.
* apdu.c: Include <signal.h>.
* apdu.c (reader_table_s):  Add function pointers for the backends.
(apdu_close_reader, apdu_get_status, apdu_activate)
(send_apdu): Make use of them.
(new_reader_slot): Intialize them to NULL.
(dump_ccid_reader_status, ct_dump_reader_status): New.
(dump_pcsc_reader_status): New.
(open_ct_reader, open_pcsc_reader, open_ccid_reader)
(open_osc_reader, open_rapdu_reader): Intialize function pointers.
(ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu)
(error_string): Removed.  Replaced by apdu_strerror.
(get_ccid_error_string): Removed.
(ct_activate_card): Remove the unused loop.
(reset_ct_reader): Implemented.
(ct_send_apdu): Activate the card if not yet done.
(pcsc_send_apdu): Ditto.
* ccid-driver.h: Add error codes.
* ccid-driver.c: Implement more or less proper error codes all
over the place.
* apdu.c (apdu_send_direct): New.
(get_ccid_error_string): Add some error code mappings.
(send_apdu): Pass error codes along for drivers already supporting
(host_sw_string): New.
(get_ccid_error_string): Use above.
(send_apdu_ccid): Reset the reader if it has not yet been done.
(open_ccid_reader): Don't care if the ATR can't be read.
(apdu_activate_card): New.
(apdu_strerror): New.
(dump_reader_status): Only enable it with opt.VERBOSE.
* iso7816.c (map_sw): Add mappings for the new error codes.
* apdu.c (open_ct_reader, open_pcsc_reader, open_ccid_reader)
(reset_ccid_reader, open_osc_reader): Call dump_reader_status only
in verbose mode.
* app-openpgp.c (do_getattr): Fix for sending CA-FPR.
* app-openpgp.c (app_openpgp_readkey): Fixed check for valid
* app-openpgp.c (do_setattr): Sync FORCE_CHV1.
* card-util.c (change_login): Kludge to allow reading data from a
(card_edit): Pass ARG_STRING to change_login.
(card_status): Print CA fingerprints.
(change_cafpr): New.
(card_edit): New command CAFPR.

* errors.h (G10ERR_NO_CARD, G10ERR_CANCELED): New error codes.

* errors.c (g10_errstr): New error codes G10ERR_NO_CARD,

15 years ago* Check for readline.
Werner Koch [Thu, 9 Sep 2004 17:04:44 +0000 (17:04 +0000)]
* Check for readline.

* signal.c (got_fatal_signal): Do readline cleanup.  Print signal
number if we can't print the name. Use new autoconf macro
(get_signal_name): Removed.

* ttyio.c (tty_get): Add readline support.

15 years ago* photoid.c: Include ttyio.h.
Werner Koch [Thu, 9 Sep 2004 12:42:10 +0000 (12:42 +0000)]
* photoid.c: Include ttyio.h.

* parse-packet.c (skip_rest): Removed.  Changed all callers to use
the new iobuf_skip_reset.  Orginal patch by Florian Weimer.

* iobuf.c (iobuf_skip_rest): New.  Orginal patch by Florian
Weimer.  Added new argument PARTIAL.

15 years ago(generate_photo_id): Use tty_printf and not just
Werner Koch [Tue, 7 Sep 2004 16:49:10 +0000 (16:49 +0000)]
(generate_photo_id): Use tty_printf and not just
printf.  Put _() around one string.

15 years ago* keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon as we
David Shaw [Fri, 3 Sep 2004 22:06:36 +0000 (22:06 +0000)]
* keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon as we
know the key is definitely expired.  Some translatable string cleanup.

15 years agochange back skey to unsigned and cast instead
Stefan Bellon [Fri, 27 Aug 2004 21:16:16 +0000 (21:16 +0000)]
change back skey to unsigned and cast instead

15 years agofix type incompatibility
Stefan Bellon [Fri, 27 Aug 2004 18:21:32 +0000 (18:21 +0000)]
fix type incompatibility

15 years ago* encode.c, exec.c, g10.c, sign.c: Some translatable string cleanup.
David Shaw [Fri, 27 Aug 2004 17:32:31 +0000 (17:32 +0000)]
* encode.c, exec.c, g10.c, sign.c: Some translatable string cleanup.
Change some "this" to `this'.

15 years ago* gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key,
David Shaw [Mon, 23 Aug 2004 19:54:40 +0000 (19:54 +0000)]
* gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key,
search_key), gpgkeys_http.c (get_key): Do not give informational logs
since this is now done inside gpg.

15 years ago* keyserver.c (keyserver_spawn): Show log line for what keyserver action
David Shaw [Mon, 23 Aug 2004 19:20:17 +0000 (19:20 +0000)]
* keyserver.c (keyserver_spawn): Show log line for what keyserver action
we are taking.

* keyid.c (keystr): If printing a keyid that lacks the high 4 bytes, print
the low 4 alone. (keystr_from_desc): Handle short keyids and warn on v3

15 years ago* keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
David Shaw [Mon, 23 Aug 2004 17:55:49 +0000 (17:55 +0000)]
* keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
and remove the printable stuff since we're print-ifying valid utf8
characters.  Change all callers in import.c, sign.c, keylist.c, and

15 years ago* gpgkeys_hkp.c (dehtmlize): Understand the quote character (i.e.
David Shaw [Mon, 23 Aug 2004 17:43:40 +0000 (17:43 +0000)]
* gpgkeys_hkp.c (dehtmlize): Understand the quote character (i.e.
"&quot;") in HTML responses. (search_key): Search key must be unsigned for
url encoder to work properly for 8-bit values.

15 years ago* gpgkeys_ldap.c (get_key): Factor out informational display into new
David Shaw [Mon, 23 Aug 2004 16:59:11 +0000 (16:59 +0000)]
* gpgkeys_ldap.c (get_key): Factor out informational display into new
function build_info().

15 years ago* keyserver.c (keyserver_search_prompt): Make sure the search string is
David Shaw [Mon, 23 Aug 2004 14:39:48 +0000 (14:39 +0000)]
* keyserver.c (keyserver_search_prompt): Make sure the search string is
converted from UTF-8 before display.

15 years ago* gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings that
David Shaw [Mon, 23 Aug 2004 14:24:05 +0000 (14:24 +0000)]
* gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings that
got shrunk due to encoding.

15 years ago* gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along with a
David Shaw [Mon, 23 Aug 2004 03:13:27 +0000 (03:13 +0000)]
* gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along with a
full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to find the
pgpServerInfo object.  Some LDAP setups don't like the search. (main):
Stop binding to the server since it seems no server really requires it,
and some require it not be there.

15 years ago* http.c (insert_escapes): Fix encoding problem for non-URI-safe
David Shaw [Thu, 19 Aug 2004 21:19:37 +0000 (21:19 +0000)]
* http.c (insert_escapes): Fix encoding problem for non-URI-safe
characters.  Noted by Vladimir Novak.

15 years ago(encode_session_key): Changed the zero random byte
Werner Koch [Thu, 19 Aug 2004 10:12:54 +0000 (10:12 +0000)]
(encode_session_key): Changed the zero random byte
substituting code to actually do clever things.  Thanks to
Matthias Urlichs for noting the implementation problem.

15 years ago2004-08-18 Marcus Brinkmann <>
Marcus Brinkmann [Wed, 18 Aug 2004 00:06:08 +0000 (00:06 +0000)]
2004-08-18  Marcus Brinkmann  <>

* passphrase.c (agent_get_passphrase):

15 years ago* plaintext.c (handle_plaintext): Bigger buffer for extra safety.
David Shaw [Sun, 8 Aug 2004 13:28:04 +0000 (13:28 +0000)]
* plaintext.c (handle_plaintext): Bigger buffer for extra safety.

* g10.c (main): New alias --throw-keyid for --throw-keyids, so that it
continues to work in old configuration files.  Noted by Jens Adam.

* pkclist.c (algo_available): --pgp8 now allows blowfish, zlib, and bzip2.

* status.c (do_get_from_fd): Flush stdout if status isn't flushing it for
us.  This guarantees that any menus that were displayed before the prompt
don't get stuck in a buffer.  Noted by Peter Palfrader.  This is Debian
bug #254072.

* sign.c (update_keysig_packet): Revert change of 2004-05-18.  It is not
appropriate to strip policy and notations when remaking a sig.  That
should only happen when specifically requested by the user.

15 years ago* gpg.sgml: Remove show-long-keyids since it is replaced by
David Shaw [Sat, 7 Aug 2004 14:36:47 +0000 (14:36 +0000)]
* gpg.sgml: Remove show-long-keyids since it is replaced by
--keyid-format.  Rename show-validity as show-uid-validity.
--ask-cert-level defaults to no.

15 years ago* armor.c (radix64_read): No armor CRC is legal according to the spec (the
David Shaw [Thu, 5 Aug 2004 20:18:44 +0000 (20:18 +0000)]
* armor.c (radix64_read): No armor CRC is legal according to the spec (the
CRC is a MAY).

15 years ago* gpgkeys_ldap.c (main): Add "debug" option. This is only really useful
David Shaw [Thu, 29 Jul 2004 14:01:04 +0000 (14:01 +0000)]
* gpgkeys_ldap.c (main): Add "debug" option.  This is only really useful
with OpenLDAP, but it's practically vital to debug SSL and TLS setups.
Add "basedn" option.  This allows users to override the autodetection for
base DN.  SSL overrides TLS, so TLS will not be started on SSL connections
(starting an already started car).

15 years ago* gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID"
David Shaw [Wed, 28 Jul 2004 19:55:21 +0000 (19:55 +0000)]
* gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID"
attributes so we can do subkey searches.

* gpgkeys_ldap.c (main): Under certain error conditions, we might try and
unbind twice.  Don't.

15 years ago* gpgkeys_ldap.c (join_two_modlists): New. (send_key): Use new function so
David Shaw [Wed, 28 Jul 2004 19:45:23 +0000 (19:45 +0000)]
* gpgkeys_ldap.c (join_two_modlists): New. (send_key): Use new function so
we can try a modify operation first, and fail over to an add if that
fails.  Add cannot cope with the NULLs at the head of the modify request,
so we jump into the list in the middle.

15 years ago* misc.c (argsplit): Properly split quoted args from the keyword and trim
David Shaw [Wed, 28 Jul 2004 15:36:23 +0000 (15:36 +0000)]
* misc.c (argsplit): Properly split quoted args from the keyword and trim
whitespace afterwards.

15 years ago* misc.c (optsep): Add the ability to understand keyword="quoted arg with
David Shaw [Wed, 28 Jul 2004 04:12:50 +0000 (04:12 +0000)]
* misc.c (optsep): Add the ability to understand keyword="quoted arg with
spaces" type options.

15 years ago* gpgkeys_ldap.c (main): Don't try and error out before making a ldaps
David Shaw [Wed, 28 Jul 2004 02:36:45 +0000 (02:36 +0000)]
* gpgkeys_ldap.c (main): Don't try and error out before making a ldaps
connection to the NAI keyserver since we cannot tell if it is a NAI
keyserver until we connect.  Fail if we cannot find a base keyspace DN.
Fix a false success message for TLS being enabled.

15 years agoUpdated po files from 1.2.5
Werner Koch [Tue, 27 Jul 2004 15:15:58 +0000 (15:15 +0000)]
Updated po files from 1.2.5

15 years ago* (AM_GNU_GETTEXT_VERSION): New.
Werner Koch [Tue, 27 Jul 2004 15:12:00 +0000 (15:12 +0000)]
(min_automake_version): New.

* LINGUAS: Added all languages we supported in 1.2.5.
Copied all po files from 1.2.5.

* Updated to the modern version, grepping the required
tool versions from

15 years ago* keylist.c (list_keyblock_print): Always use the new listing format where
David Shaw [Fri, 16 Jul 2004 14:30:55 +0000 (14:30 +0000)]
* keylist.c (list_keyblock_print): Always use the new listing format where
uids are always on a line for themselves.  Mark expired secret keys as

* options.h, g10.c (main): Rename list show-validity to show-uid-validity
as it only shows for uids.

* armor.c (armor_filter): Do not use padding to get us to 8 bytes of
header.  Rather, use 2+4 as two different chunks.  This avoids a fake
filename of "is".

15 years ago* keyedit.c (sign_uids): Properly handle remaking a self-sig on revoked or
David Shaw [Thu, 15 Jul 2004 21:16:54 +0000 (21:16 +0000)]
* keyedit.c (sign_uids): Properly handle remaking a self-sig on revoked or
expired user IDs.  Also, once we've established that a given uid cannot or
will not be signed, don't continue to ask about each sig.

* mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check the S2K
hash algorithm before we try to generate a passphrase using it.  This
prevents hitting BUG() when generating a passphrase using a hash that we
don't have.

* sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign
--symmetric messages.

15 years ago* g10.c (main): Alias --charset as --display-charset to help avoid the
David Shaw [Thu, 15 Jul 2004 21:00:35 +0000 (21:00 +0000)]
* g10.c (main): Alias --charset as --display-charset to help avoid the
continuing confusion and make room for possible changes in devel.

* parse-packet.c (parse_plaintext): Show the hex value for the literal
packet mode since it may not be printable.

* keygen.c (make_backsig): Make sure that the backsig was built
successfully before we try and use it.

* status.h, status.c (get_status_string), plaintext.c (handle_plaintext):

15 years ago* ring-a-party: ElGamal -> Elgamal
David Shaw [Sun, 4 Jul 2004 21:17:29 +0000 (21:17 +0000)]
* ring-a-party: ElGamal -> Elgamal

David Shaw [Tue, 29 Jun 2004 01:48:01 +0000 (01:48 +0000)]

* gpg.sgml: Clarify that --min-cert-level disregards level 1 certs by
default.  Clarify include-revoked a bit to note that keyservers might not
be accurate.  Note that --charset is --display-charset. Some language
tweaks for --simple-sk-checksum (Debian 251795). Note the PGP silliness
with preferred keyserver subpackets causing PGP/MIME.

15 years ago(copy_secret_key): Get last fix right.
Werner Koch [Wed, 16 Jun 2004 13:24:01 +0000 (13:24 +0000)]
(copy_secret_key): Get last fix right.

15 years agos/1/i/
Werner Koch [Wed, 16 Jun 2004 09:15:21 +0000 (09:15 +0000)]

15 years ago* free-packet.c (copy_secret_key): Fixed memory leak when D is not
Werner Koch [Wed, 16 Jun 2004 09:09:31 +0000 (09:09 +0000)]
* free-packet.c (copy_secret_key): Fixed memory leak when D is not

* passphrase.c (passphrase_to_dek): Added a few comments to the

15 years ago* mk-w32-dist: Do not include the en@* po files.
Werner Koch [Mon, 14 Jun 2004 05:49:19 +0000 (05:49 +0000)]
* mk-w32-dist: Do not include the en@* po files.

* <--build-w32>: Build keyserver helpers again.

15 years ago* gpgkeys_http.c: General polish and removal of leftover stuff from
David Shaw [Wed, 26 May 2004 19:38:38 +0000 (19:38 +0000)]
* gpgkeys_http.c: General polish and removal of leftover stuff from

15 years ago* keyserver.c (keyserver_refresh): Keep track of keys already fetched so
David Shaw [Wed, 26 May 2004 15:01:48 +0000 (15:01 +0000)]
* keyserver.c (keyserver_refresh): Keep track of keys already fetched so
we don't do a regular keyserver fetch if the preferred keyserver fetch has
exhausted the list.

15 years ago* Try for wldap32 on Win32 platforms.
David Shaw [Mon, 24 May 2004 23:20:11 +0000 (23:20 +0000)]
* Try for wldap32 on Win32 platforms.

15 years ago* verify.c (verify_signatures): Verify multiple files in the same order in
David Shaw [Sun, 23 May 2004 16:24:15 +0000 (16:24 +0000)]
* verify.c (verify_signatures): Verify multiple files in the same order in
which we hashed them when issuing the signature.  Noted by Nicholas Cole.

* pkclist.c (do_edit_ownertrust): Fix a kbnode leak and do another
keyid-format conversion.

15 years agosome late minor fixes. V1-3-6
Werner Koch [Sat, 22 May 2004 11:33:47 +0000 (11:33 +0000)]
some late minor fixes.

15 years agoAbout to release 1.3.6
Werner Koch [Sat, 22 May 2004 07:31:55 +0000 (07:31 +0000)]
About to release 1.3.6

15 years ago* NEWS: Note --sig-keyserver-url and the ability to use a preferred
David Shaw [Sat, 22 May 2004 03:57:22 +0000 (03:57 +0000)]
* NEWS: Note --sig-keyserver-url and the ability to use a preferred
keyserver in a regular data sig to fetch the signing key.

15 years ago* mainproc.c (check_sig_and_print): If we're honoring preferred
David Shaw [Sat, 22 May 2004 03:50:20 +0000 (03:50 +0000)]
* mainproc.c (check_sig_and_print): If we're honoring preferred
keyservers, and auto-key-retrieve is set, try and get a missing key from
the preferred keyserver subpacket when we verify the sig.

* gpgv.c (parse_preferred_keyserver, free_keyserver_spec): Stubs.

* keyserver.c (keyidlist): Use new parse_preferred_keyserver function.
(keyserver_work): Use the passed-in keyserver spec rather than the options
global one.

* keyserver-internal.h, keyserver.c (parse_preferred_keyserver): New
function to take a sig and return a split out keyserver_spec.
(keyserver_import_keyid): Now takes a keyserver_spec.

15 years ago* gpgkeys_http.c (get_key): Cosmetic fix - make sure that URLs with no
David Shaw [Sat, 22 May 2004 03:35:57 +0000 (03:35 +0000)]
* gpgkeys_http.c (get_key): Cosmetic fix - make sure that URLs with no
path use a path of "/".

15 years ago* gpg.sgml: Document --edit-key "keyserver" command, --keyid-format,
David Shaw [Sat, 22 May 2004 00:34:28 +0000 (00:34 +0000)]
* gpg.sgml: Document --edit-key "keyserver" command, --keyid-format,
--keyserver-option honor-keyserver-url, and --list and --verify option

15 years ago* keyserver.c (keyidlist): Go back to the old fast keyid lister. Only
David Shaw [Fri, 21 May 2004 17:32:30 +0000 (17:32 +0000)]
* keyserver.c (keyidlist): Go back to the old fast keyid lister. Only
merge selfsigs if we have to for honor-keyserver-url. (keyserver_refresh):
Keyserver URL handler moved here. (calculate_keyid_fpr): Removed.

* keydb.h, keyid.c (keystr_from_desc): Calculate a key string from a

15 years ago* gpgkeys_ldap.c (ldap2epochtime): We can always rely on timegm() being
David Shaw [Fri, 21 May 2004 15:46:53 +0000 (15:46 +0000)]
* gpgkeys_ldap.c (ldap2epochtime): We can always rely on timegm() being
available now, since it's a replacement function.

15 years ago* Replacement function for timegm(). No need to check for
David Shaw [Fri, 21 May 2004 15:19:53 +0000 (15:19 +0000)]
* Replacement function for timegm().  No need to check for
setenv() any longer.

15 years ago* timegm.c: New replacement function. Removes the need for setenv.c and
David Shaw [Fri, 21 May 2004 15:18:32 +0000 (15:18 +0000)]
* timegm.c: New replacement function.  Removes the need for setenv.c and

* setenv.c: Removed.

* unsetenv.c: Removed.

15 years ago* keyserver.c (keyserver_spawn): Fix keyserver options on tempfile only
David Shaw [Fri, 21 May 2004 12:29:53 +0000 (12:29 +0000)]
* keyserver.c (keyserver_spawn): Fix keyserver options on tempfile only
platforms.  Noted by Roger Sondermann.

15 years ago* keyserver.c (keyserver_work): Allow --refresh-keys with a preferred
David Shaw [Thu, 20 May 2004 20:42:01 +0000 (20:42 +0000)]
* keyserver.c (keyserver_work): Allow --refresh-keys with a preferred
keyserver to happen even if there is no global keyserver set.

* sig-check.c (do_check_messages): No need to check for Elgamal signatures
any longer. (do_check_messages, do_check, check_key_signature2):
--keyid-format conversion.

* pkclist.c (show_paths, edit_ownertrust): Remove some unused code.

15 years ago* NEWS: Note HTTP key fetching.
David Shaw [Thu, 20 May 2004 19:33:59 +0000 (19:33 +0000)]
* NEWS: Note HTTP key fetching.

* README: Update version and note that HKP is no longer build in.

* Handle --disable-http and other code to properly build

15 years ago* gpgkeys_http.c: New program to do a simple HTTP file fetch using the
David Shaw [Thu, 20 May 2004 19:07:10 +0000 (19:07 +0000)]
* gpgkeys_http.c: New program to do a simple HTTP file fetch using the
keyserver interface.

* Build it.

15 years ago* options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE.
David Shaw [Thu, 20 May 2004 18:04:33 +0000 (18:04 +0000)]
* options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE.

* mainproc.c (check_sig_and_print): track whether we are retrieving a key.

* status.c (status_currently_allowed): New. (write_status_text,
write_status_text_and_buffer): Use it here.

* g10.c: New command --gpgconf-list. (gpgconf_list): New.  From Werner on
stable branch.

15 years ago* longlong.h: Typo.
David Shaw [Thu, 20 May 2004 17:34:00 +0000 (17:34 +0000)]
* longlong.h: Typo.

* mpi-pow.c (mpi_powm): s/exp/exponent/ to shutup a compiler warning.
From Werner on stable branch.

15 years ago* dsa.c (verify): s/exp/exponent/ to fix a compiler warning. From Werner
David Shaw [Thu, 20 May 2004 17:16:34 +0000 (17:16 +0000)]
* dsa.c (verify): s/exp/exponent/ to fix a compiler warning.  From Werner
on stable branch.

15 years ago* g10.c: New command --gpgconf-list. (gpgconf_list): New. From Werner on
David Shaw [Thu, 20 May 2004 17:06:34 +0000 (17:06 +0000)]
* g10.c: New command --gpgconf-list. (gpgconf_list): New.  From Werner on
stable branch.

15 years ago* NEWS: Note the addition of preferred keyserver support,
David Shaw [Thu, 20 May 2004 03:19:25 +0000 (03:19 +0000)]
* NEWS: Note the addition of preferred keyserver support,
--ask-cert-level, --keyid-format, and the removal of show-long-keyids, the
quasi-1991 partial length encoding, --export-all, and include-non-rfc.

* acinclude.m4 (GNUPG_SYS_NM_PARSE): Remove a leftover slash in a sed

15 years ago* gpg.sgml: Clarify that --charset applies to informational strings and
David Shaw [Thu, 20 May 2004 03:01:46 +0000 (03:01 +0000)]
* gpg.sgml: Clarify that --charset applies to informational strings and
does not recode messages themselves.  Remove include-non-rfc

15 years ago* pubkey-enc.c (get_session_key, get_it), keyedit.c
David Shaw [Thu, 20 May 2004 02:51:23 +0000 (02:51 +0000)]
* pubkey-enc.c (get_session_key, get_it), keyedit.c
(show_key_with_all_names, show_basic_key_info): --keyid-format conversion.

15 years ago* sign.c (update_keysig_packet): Policies and notations should be stripped
David Shaw [Wed, 19 May 2004 03:11:22 +0000 (03:11 +0000)]
* sign.c (update_keysig_packet): Policies and notations should be stripped
out when remaking a self-signature.  Noted by Atom Smasher.

* keyserver.c (parse_keyserver_uri): Fix compiler warnings.

15 years ago* options.h, keyserver-internal.h, keyserver.c (parse_keyserver_uri):
David Shaw [Tue, 11 May 2004 19:36:44 +0000 (19:36 +0000)]
* options.h, keyserver-internal.h, keyserver.c (parse_keyserver_uri):
Improved URI parser that keeps track of the path information and doesn't
modify the input string. (keyserver_spawn): Tell keyserver plugins about
the path.

15 years ago* keylist.c (show_policy_url, show_keyserver_url, show_notation)
Werner Koch [Tue, 11 May 2004 07:43:19 +0000 (07:43 +0000)]
* keylist.c (show_policy_url, show_keyserver_url, show_notation)
(list_one): Use const char* for i18n string helpers.

* keygen.c (do_generate_keypair, read_parameter_file): Really
close the files.
(do_generate_keypair): Create the secret key file using safe
permissions.  Noted by Atom Smasher.

15 years ago* options.h, mainproc.c (symkey_decrypt_seskey), keyserver.c (struct
David Shaw [Mon, 10 May 2004 21:46:00 +0000 (21:46 +0000)]
* options.h, mainproc.c (symkey_decrypt_seskey), keyserver.c (struct
keyrec, parse_keyrec, keyserver_search_prompt), keyedit.c (keyedit_menu),
g10.c (add_keyserver_url, add_policy_url): Fix some compiler warnings.

15 years ago* DETAILS, credits-1.0, credits-1.2: ElGamal -> Elgamal.
David Shaw [Sat, 8 May 2004 16:32:30 +0000 (16:32 +0000)]
* DETAILS, credits-1.0, credits-1.2: ElGamal -> Elgamal.

* gpg.sgml: Document --no-use-embedded-filename and --min-cert-level.

* gpgv.sgml: Removed leftover </para>.

15 years ago* keyedit.c (keyedit_menu, menu_set_keyserver_url): Allow passing
David Shaw [Sat, 8 May 2004 13:51:14 +0000 (13:51 +0000)]
* keyedit.c (keyedit_menu, menu_set_keyserver_url): Allow passing
preferred keyserver on "keyserver" command line.  Sanity check keyserver
URL before accepting it.

* keyserver-internal.h, g10.c (main), keyserver.c (parse_keyserver_uri):
Add an option to require the scheme:// and change all callers.
(free_keyserver_spec): Make public.