13 years agoUpdated FSF street address and preparations for a release candidate.
Werner Koch [Tue, 31 May 2005 08:39:18 +0000 (08:39 +0000)]
Updated FSF street address and preparations for a release candidate.

13 years ago* trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk through
David Shaw [Tue, 31 May 2005 03:59:24 +0000 (03:59 +0000)]
* trustdb.h, trustdb.c (clean_subkeys_from_key): New.  Walk through
the subkeys on a key, and mark any that aren't usable for deletion.
Note that a signing subkey is never marked for deletion since these
keys are still useful after expiration or revocation.

* keyedit.c (menu_clean_subkeys_from_key): New function to call
clean_subkeys_from_key() on a key.  Note that the strings here are not
marked for translation yet.  The UI is still in flux, and there is no
point in annoying the translators twice.  (keyedit_menu): Call it here
as part of the "clean" command.

13 years ago* strgutil.c (set_native_charset) [_WIN32]: Add alias for codepage
David Shaw [Mon, 30 May 2005 03:46:17 +0000 (03:46 +0000)]
* strgutil.c (set_native_charset) [_WIN32]: Add alias for codepage
CP65001 to utf-8.

13 years ago* trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through the
David Shaw [Mon, 30 May 2005 03:43:30 +0000 (03:43 +0000)]
* trustdb.h, trustdb.c (clean_uids_from_key): New.  Walk through the
user IDs on a key, and mark any that aren't valid for deletion.

* keyedit.c (menu_clean_uids_from_key): New function to call
clean_uids_from_key() on a key.  (keyedit_menu): Call it from here as
part of the "clean" command.

13 years ago* g10.c (main): Default {export|import}-unusable-sigs to off until the
David Shaw [Fri, 27 May 2005 03:00:26 +0000 (03:00 +0000)]
* g10.c (main): Default {export|import}-unusable-sigs to off until the
"clean" UI can be finished.

13 years ago* NEWS: Note command completion and the new curl-based HKP helper.
David Shaw [Thu, 26 May 2005 15:13:05 +0000 (15:13 +0000)]
* NEWS: Note command completion and the new curl-based HKP helper.

13 years ago* passphrase.c (ask_passphrase): Unescape the description string.
Werner Koch [Tue, 24 May 2005 12:39:42 +0000 (12:39 +0000)]
* passphrase.c (ask_passphrase): Unescape the description string.
* cardglue.c (unescape_status_string): Removed.  Changed all
caller to use ...
* misc.c (unescape_percent_string): New.

13 years ago(add_notation_data): Check number of at-signs.
Werner Koch [Tue, 24 May 2005 09:15:01 +0000 (09:15 +0000)]
(add_notation_data): Check number of at-signs.

13 years ago(add_notation_data): Check number of at-signs.
Werner Koch [Tue, 24 May 2005 09:14:31 +0000 (09:14 +0000)]
(add_notation_data): Check number of at-signs.

13 years ago* app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS.
Werner Koch [Mon, 23 May 2005 20:16:21 +0000 (20:16 +0000)]
* app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS.

* cardglue.c (open_card): Check USE_AGENT.
(agent_scd_checkpin): Implemented Assuan part.
(agent_scd_change_pin): Ditto.

13 years ago* cardglue.c (open_card): Check USE_AGENT.
Werner Koch [Mon, 23 May 2005 14:38:05 +0000 (14:38 +0000)]
* cardglue.c (open_card): Check USE_AGENT.

* g10.c (main): Option --debug-ccid-driver may now be given
several times increase the debug level.

* ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version
5.14 as good.
(do_close_reader): Never do a reset. The caller should instead
make sure that the reader has been closed properly.  The new retry
code in ccid_slot_status will make sure that the readersatrts up
fine even if the last process didn't closed the USB connection
(ccid_get_atr): For certain readers try switching to ISO mode.
Thanks to Ludovic Rousseau for this hint and the magic numbers.
(print_command_failed): New.
(bulk_in): Use it here. Add new arg NO_DEBUG.
(ccid_slot_status): Disabled debugging.

13 years ago* cardglue.c (send_status_info): Make CTRL optional.
Werner Koch [Sat, 21 May 2005 14:04:32 +0000 (14:04 +0000)]
* cardglue.c (send_status_info): Make CTRL optional.
(agent_scd_writekey, inq_writekey_parms): New.
(agent_openpgp_storekey): Removed.
* cardglue.h: Add a few more error code mappings.
* keygen.c (copy_mpi): Removed.
(save_unprotected_key_to_card): Changed to use agent_scd_writekey.
* app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer
version in gnupg 1.9 CVS.

13 years ago(ccid_transceive): Arghhh. The seqno is another
Werner Koch [Fri, 20 May 2005 20:37:08 +0000 (20:37 +0000)]
(ccid_transceive): Arghhh.  The seqno is another
bit in the R-block than in the I block, this was wrong at one
place. Fixes bug #419 and hopefully several others.

13 years ago* gpg.sgml: Document --default-sig-expire and --default-cert-expire,
David Shaw [Sat, 14 May 2005 02:55:10 +0000 (02:55 +0000)]
* gpg.sgml: Document --default-sig-expire and --default-cert-expire,
remove --sk-comments and --no-sk-comments, and clarify the form of a
non-IETF notation for --sig-notation and --cert-notation.

13 years ago* build-packet.c (do_comment): Removed. (build_packet): Ignore
David Shaw [Sat, 14 May 2005 02:38:31 +0000 (02:38 +0000)]
* build-packet.c (do_comment): Removed.  (build_packet): Ignore
comment packets.

* export.c (do_export_stream): Don't export comment packets any

* options.h, g10.c (main): Remove --sk-comments and --no-sk-comments
options, and replace with no-op.

13 years ago* keygen.c (write_selfsigs): Rename from write_selfsig. Write the same
David Shaw [Wed, 11 May 2005 19:31:53 +0000 (19:31 +0000)]
* keygen.c (write_selfsigs): Rename from write_selfsig.  Write the same
selfsig into both the pk and sk, so that someone importing their sk (which
will get an autoconvert to the pk) won't end up with two selfsigs.
(do_generate_keypair): Call it from here.

* parse-packet.c (can_handle_critical_notation): New.  Check for
particular notation tags that we will accept when critical. Currently,
that's only, since we know how to handle
it (pass it through to a mail program). (can_handle_critical): Call it
from here. (parse_one_sig_subpkt): Sanity check that notations are
well-formed in that the internal lengths add up to the size of the

13 years ago(do_close_reader): Don't do a reset before close.
Werner Koch [Sat, 7 May 2005 15:22:01 +0000 (15:22 +0000)]
(do_close_reader): Don't do a reset before close.
Some folks reported that it makes the SCR335 hang less often.
Look at the source on how to re-enable it.

13 years ago* main.h, keygen.c (parse_expire_string, ask_expire_interval), sign.c
David Shaw [Fri, 6 May 2005 19:25:19 +0000 (19:25 +0000)]
* main.h, keygen.c (parse_expire_string, ask_expire_interval), sign.c
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c
(sign_uids): Use seconds rather than days internally to calculate
expiration.  We no longer need the day-based code as we don't generate v3

13 years ago* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use the
David Shaw [Fri, 6 May 2005 13:03:22 +0000 (13:03 +0000)]
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use the
default sig expire value when signing in batchmode.

13 years ago*, packet.h, main.h, comment.c: Remove comment.c. We don't
David Shaw [Thu, 5 May 2005 22:32:52 +0000 (22:32 +0000)]
*, packet.h, main.h, comment.c: Remove comment.c.  We don't
use any of these functions any longer.

13 years agoRemove add_days_to_timestamp (unused)
David Shaw [Thu, 5 May 2005 22:21:34 +0000 (22:21 +0000)]
Remove add_days_to_timestamp (unused)

13 years ago* keygen.c (start_tree): New function to "prime" a KBNODE list.
David Shaw [Thu, 5 May 2005 22:08:37 +0000 (22:08 +0000)]
* keygen.c (start_tree): New function to "prime" a KBNODE list.
(do_generate_keypair): Use it here rather than creating and deleting a
comment packet.

* keygen.c (gen_elg, gen_dsa): Do not put public factors in secret key as
a comment.

* options.h, encode.c (encode_simple, encode_crypt), keygen.c (do_create):
Remove disabled comment packet code.

13 years ago* keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default
David Shaw [Thu, 5 May 2005 21:18:47 +0000 (21:18 +0000)]
* keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default

13 years ago* options.h, g10.c (main): Add new --default-sig-expire and
David Shaw [Thu, 5 May 2005 19:21:40 +0000 (19:21 +0000)]
* options.h, g10.c (main): Add new --default-sig-expire and
--default-cert-expire options.  Suggested by Florian Weimer.

* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.

* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.

13 years ago* gpg.sgml: Clarify --min-cert-level a bit.
David Shaw [Thu, 5 May 2005 12:39:36 +0000 (12:39 +0000)]
* gpg.sgml: Clarify --min-cert-level a bit.

13 years ago* ksutil.h, ksutil.c: #ifdef so we can build without libcurl or
David Shaw [Wed, 4 May 2005 13:34:25 +0000 (13:34 +0000)]
* ksutil.h, ksutil.c: #ifdef so we can build without libcurl or

13 years ago* gpgkeys_http.c: Need GET defined.
David Shaw [Wed, 4 May 2005 02:46:02 +0000 (02:46 +0000)]
* gpgkeys_http.c: Need GET defined.

13 years ago* passphrase.c (agent_get_passphrase): Add new arg CACHEID.
Werner Koch [Tue, 3 May 2005 22:27:07 +0000 (22:27 +0000)]
* passphrase.c (agent_get_passphrase): Add new arg CACHEID.
Changed all callers.
(ask_passphrase): Add new arg CACHEID and use it in agent mode.
Changed all callers.
(passphrase_clear_cache): New arg CACHEID.  Changed all callers.
* cardglue.c (format_cacheid): New.
(pin_cb): Compute a cache ID.
(agent_scd_pksign, agent_scd_pkdecrypt): Use it.
(agent_clear_pin_cache): New.
* card-util.c (change_pin): Clear the PIN cache.
(check_pin_for_key_operation): Ditto.

13 years ago* gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup and
David Shaw [Mon, 2 May 2005 00:46:39 +0000 (00:46 +0000)]
* gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup and
comments as to the size of MAX_LINE and MAX_URL.

14 years ago* trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the
David Shaw [Sun, 24 Apr 2005 18:35:30 +0000 (18:35 +0000)]
* trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the
no-pubkey and chosen revocation cases.  (clean_uid): New function to
clean a user ID of unusable (as defined by mark_usable_uid_certs)

* keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new
"clean" command that removes unusable sigs from a key.

14 years ago* libcurl.m4: Add a check for curl_free() since older versions of
David Shaw [Sun, 24 Apr 2005 16:52:15 +0000 (16:52 +0000)]
* libcurl.m4: Add a check for curl_free() since older versions of
libcurl don't have it.  Substitute free() as an alternative.

14 years ago* trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): Allow
David Shaw [Sun, 24 Apr 2005 16:05:41 +0000 (16:05 +0000)]
* trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): Allow
specifying user ID via the namehash from --with-colons
--fixed-list-mode --list-keys.  Suggested by Peter Palfrader.

14 years ago* No longer any need to override libexecdir. The
David Shaw [Sat, 23 Apr 2005 01:15:29 +0000 (01:15 +0000)]
* No longer any need to override libexecdir.  The
makefiles now calculate this correctly internally.

14 years ago* distfiles: Add assuan.h.
David Shaw [Fri, 22 Apr 2005 23:52:58 +0000 (23:52 +0000)]
* distfiles: Add assuan.h.

14 years ago* keyedit.c (sign_uids, keyedit_menu): When the user requests to sign
David Shaw [Fri, 22 Apr 2005 03:36:20 +0000 (03:36 +0000)]
* keyedit.c (sign_uids, keyedit_menu): When the user requests to sign
a key without specifying which user IDs to sign, and declines to sign
all user IDs, walk through the set of user IDs and prompt for which to

14 years ago* mainproc.c (symkey_decrypt_seskey): There is no need to have an
David Shaw [Fri, 22 Apr 2005 03:21:14 +0000 (03:21 +0000)]
* mainproc.c (symkey_decrypt_seskey): There is no need to have an
extra check for a bad passphrase and/or unknown cipher algorithm here.
We'll fail quite happily later, and usually with a better error
message to boot.

14 years ago* keyserver.c (keyserver_spawn): Free some memory.
David Shaw [Sun, 17 Apr 2005 04:10:03 +0000 (04:10 +0000)]
* keyserver.c (keyserver_spawn): Free some memory.

* sign.c (hash_for): Comments.

14 years ago* gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.
David Shaw [Sun, 17 Apr 2005 02:18:32 +0000 (02:18 +0000)]
* gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.

* Build new gpgkeys_hkp.

* curl-shim.c (curl_easy_perform): Cleanup.

14 years ago* ksutil.h, ksutil.c (curl_writer), gpgkeys_curl.c (get_key): Pass a
David Shaw [Sun, 17 Apr 2005 01:52:04 +0000 (01:52 +0000)]
* ksutil.h, ksutil.c (curl_writer), gpgkeys_curl.c (get_key): Pass a
context to curl_writer so we can support multiple fetches in a single

14 years ago* curl-shim.h, curl-shim.c (handle_error, curl_easy_setopt,
David Shaw [Sun, 17 Apr 2005 01:39:24 +0000 (01:39 +0000)]
* curl-shim.h, curl-shim.c (handle_error, curl_easy_setopt,
curl_easy_perform): Add POST functionality to the curl shim.

14 years ago* Remove --disable-old-hkp - use new HKP handler for
David Shaw [Sun, 17 Apr 2005 00:06:04 +0000 (00:06 +0000)]
* Remove --disable-old-hkp - use new HKP handler for
--with-libcurl or --enable-fake-curl.

14 years ago* curl-shim.h, curl-shim.c (curl_escape, curl_free): Emulate
David Shaw [Sat, 16 Apr 2005 22:21:28 +0000 (22:21 +0000)]
* curl-shim.h, curl-shim.c (curl_escape, curl_free): Emulate
curl_escape and curl_free.

14 years ago* gpgkeys_curl.c (main): If the http-proxy option is given without any
David Shaw [Sat, 16 Apr 2005 18:50:46 +0000 (18:50 +0000)]
* gpgkeys_curl.c (main): If the http-proxy option is given without any
arguments, try to get the proxy from the environment.

* ksutil.h, ksutil.c (curl_err_to_gpg_err, curl_writer): Copy from

* gpgkeys_oldhkp.c: Copy from gpgkeys_hkp.c.

14 years ago* Add --disable-old-hkp option that can be used along
David Shaw [Sat, 16 Apr 2005 18:20:01 +0000 (18:20 +0000)]
* Add --disable-old-hkp option that can be used along
with --with-libcurl to build the curl version of HKP.

14 years agoCheck for memrchr()
David Shaw [Tue, 12 Apr 2005 16:11:03 +0000 (16:11 +0000)]
Check for memrchr()

14 years agoFix minor build problem on OSX (need a replacement for memrchr)
David Shaw [Tue, 12 Apr 2005 16:08:51 +0000 (16:08 +0000)]
Fix minor build problem on OSX (need a replacement for memrchr)

14 years ago* g10.c (main, add_notation_data, add_policy_url)
Werner Koch [Mon, 11 Apr 2005 18:24:09 +0000 (18:24 +0000)]
* g10.c (main, add_notation_data, add_policy_url)
(add_keyserver_url): Use isascii() to protect the isfoo macros and
to replace direct tests.  Possible problems noted by Christian
* keyserver.c (parse_keyserver_uri): Ditto.

* g10.c (main): Declare --pipemode deprecated.
* misc.c (deprecated_command): New.

14 years ago* ccid-driver.c (ccid_slot_status): Fixed debug messages.
Werner Koch [Thu, 7 Apr 2005 08:31:23 +0000 (08:31 +0000)]
* ccid-driver.c (ccid_slot_status): Fixed debug messages.

* card-util.c (card_edit): Add command "verify".  Enhanced admin
command to allow optional arguments "on", "off" and "verify".
(card_status): Print private DOs in colon mode.
* app-openpgp.c (do_check_pin): Add hack to allow verification of

14 years agoTypo fixes
Werner Koch [Tue, 5 Apr 2005 17:10:28 +0000 (17:10 +0000)]
Typo fixes

14 years agoChanges to make use of code taken from libassuan. This replaces the
Werner Koch [Tue, 5 Apr 2005 17:09:13 +0000 (17:09 +0000)]
Changes to make use of code taken from libassuan.  This replaces the
old ad-hoc connection code to gpg-agent.  We do need this for the
forthcoming diversion of card code to an already running gpg-agent
with card-support.

14 years ago* mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP)
David Shaw [Fri, 1 Apr 2005 16:22:34 +0000 (16:22 +0000)]
* mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP)
signatures that use hashes other than SHA-1, RIPEMD160, or MD5.

14 years ago(keygen_set_std_prefs): Explain the chosen order of
Werner Koch [Fri, 1 Apr 2005 09:03:15 +0000 (09:03 +0000)]
(keygen_set_std_prefs): Explain the chosen order of
AES key sizes.

14 years ago* exec.h, exec.c (set_exec_path): Remove some dead code and change all
David Shaw [Thu, 31 Mar 2005 17:11:53 +0000 (17:11 +0000)]
* exec.h, exec.c (set_exec_path): Remove some dead code and change all
callers.  We no longer need to append to $PATH.

14 years ago* keydb.c (keydb_add_resource): Clarify meaning of flags. Add new
Werner Koch [Thu, 31 Mar 2005 07:05:35 +0000 (07:05 +0000)]
* keydb.c (keydb_add_resource): Clarify meaning of flags.  Add new
flag 4.  Use log_info for errors registering the default secret key.
* g10.c (main): Flag the default keyrings.

14 years ago* keyserver.c (keyserver_spawn): Don't mess about with the $PATH.
David Shaw [Thu, 31 Mar 2005 03:58:53 +0000 (03:58 +0000)]
* keyserver.c (keyserver_spawn): Don't mess about with the $PATH.
Rather, call keyserver helpers with the full path.  This fixes some
PATH-inspired DLL problems on W32.  Noted by Carlo Luciano Bianco.

14 years ago* w32installer.nsi: Allow including of WINPT source. Include
Werner Koch [Wed, 30 Mar 2005 14:23:01 +0000 (14:23 +0000)]
* w32installer.nsi: Allow including of WINPT source.  Include
libiconv source.
* mk-w32-dist: Add code to detect presence of source.  Calculate a
build number; add option --build-number to overide.

14 years ago(pin_cb): Print a warning if the info string hack is
Werner Koch [Wed, 30 Mar 2005 10:39:13 +0000 (10:39 +0000)]
(pin_cb): Print a warning if the info string hack is
not there.  This may happen due to typos in the translation.

14 years ago(rndw32_gather_random_fast): While adding data use the
Werner Koch [Wed, 23 Mar 2005 08:50:27 +0000 (08:50 +0000)]
(rndw32_gather_random_fast): While adding data use the
size of the object and not the one of its address.  Bug reported by
Sascha Kiefer.

14 years ago* gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from
David Shaw [Tue, 22 Mar 2005 23:41:08 +0000 (23:41 +0000)]
* gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from
gpgkeys_ldap.c.  Print a string, but strip out any CRs.

* gpgkeys_finger.c (get_key), gpgkeys_hkp.c (get_key), gpgkeys_http.c
(get_key): Use it here when outputting key material to canonicalize
line endings.

14 years ago* gpgv.c: Stubs for tty_enable_completion() & tty_disable_completion().
David Shaw [Mon, 21 Mar 2005 20:47:28 +0000 (20:47 +0000)]
* gpgv.c: Stubs for tty_enable_completion() & tty_disable_completion().

* openfile.c (ask_outfile_name): Enable readline completion when prompting
for an output filename.

* plaintext.c (ask_for_detached_datafile): Enable readline completion when
prompting for a detached sig datafile.

14 years ago* keyedit.c (command_generator, keyedit_completion): Changed
Werner Koch [Mon, 21 Mar 2005 15:24:48 +0000 (15:24 +0000)]
* keyedit.c (command_generator, keyedit_completion): Changed
* card-util.c (command_generator, card_edit_completion): Ditto.

14 years ago* readline.m4: Check for completion functionality.
David Shaw [Mon, 21 Mar 2005 14:32:44 +0000 (14:32 +0000)]
* readline.m4: Check for completion functionality.

* ldap.m4: Comments.

14 years ago* card-util.c (command_generator, card_edit_completion)
David Shaw [Sun, 20 Mar 2005 03:59:07 +0000 (03:59 +0000)]
* card-util.c (command_generator, card_edit_completion)
[GNUPG_MAJOR_VERSION==1 && HAVE_LIBREADLINE]: New functions to enable
command completion in the --card-edit menu.  (card_edit): Call them

14 years ago* gpgkeys_ldap.c (main): Fix three wrong calls to fail_all(). Noted
David Shaw [Sat, 19 Mar 2005 14:24:36 +0000 (14:24 +0000)]
* gpgkeys_ldap.c (main): Fix three wrong calls to fail_all().  Noted
by Stefan Bellon.

14 years ago* keyedit.c (command_generator, keyedit_completion) [HAVE_LIBREADLINE]:
David Shaw [Fri, 18 Mar 2005 22:07:12 +0000 (22:07 +0000)]
* keyedit.c (command_generator, keyedit_completion) [HAVE_LIBREADLINE]:
New functions to enable command completion in the --edit-key menu.
(keyedit_menu): Call them here.

14 years ago* ttyio.c (tty_enable_completion, tty_disable_completion): Enable and
David Shaw [Fri, 18 Mar 2005 20:17:38 +0000 (20:17 +0000)]
* ttyio.c (tty_enable_completion, tty_disable_completion): Enable and
disable readline completion. (init_ttyfp): Completion is disabled by

14 years ago* getkey.c (get_seckey_byname2): If no explicit default key is set, don't
David Shaw [Thu, 17 Mar 2005 23:52:38 +0000 (23:52 +0000)]
* getkey.c (get_seckey_byname2): If no explicit default key is set, don't
pick a disabled default.  Noted by David Crick.

14 years ago* ksutil.c (parse_ks_options): Handle verbose=nnn.
David Shaw [Thu, 17 Mar 2005 23:16:41 +0000 (23:16 +0000)]
* ksutil.c (parse_ks_options): Handle verbose=nnn.

* Calculate GNUPG_LIBEXECDIR directly.  Do not redefine

14 years ago* Calculate GNUPG_LIBEXECDIR directly. Do not redefine
David Shaw [Thu, 17 Mar 2005 23:14:47 +0000 (23:14 +0000)]
* Calculate GNUPG_LIBEXECDIR directly.  Do not redefine

14 years ago* options.h, keyserver.c (parse_keyserver_options, keyserver_spawn): Don't
David Shaw [Thu, 17 Mar 2005 22:55:17 +0000 (22:55 +0000)]
* options.h, keyserver.c (parse_keyserver_options, keyserver_spawn): Don't
treat 'verbose' and 'include-disabled' as special.  Just pass them through
silently to the keyserver helper.

14 years ago* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using
David Shaw [Thu, 17 Mar 2005 16:42:41 +0000 (16:42 +0000)]
* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using
parse_ks_options and remove a lot of common code.

* ksutil.h, ksutil.c (parse_ks_options): Parse OPAQUE, and default
debug with no arguments to 1.

14 years ago* Move the LDAP detecting code to m4/ldap.m4.
David Shaw [Thu, 17 Mar 2005 04:09:37 +0000 (04:09 +0000)]
* Move the LDAP detecting code to m4/ldap.m4.

14 years ago* ldap.m4: New. Moved from
David Shaw [Thu, 17 Mar 2005 04:05:14 +0000 (04:05 +0000)]
* ldap.m4: New.  Moved from

14 years ago* gpgkeys_ldap.c: Include lber.h if configure determines we need it.
David Shaw [Thu, 17 Mar 2005 04:02:17 +0000 (04:02 +0000)]
* gpgkeys_ldap.c: Include lber.h if configure determines we need it.

14 years ago* ksutil.h, ksutil.c (ks_action_to_string): New. (free_ks_options): Only
David Shaw [Wed, 16 Mar 2005 23:46:07 +0000 (23:46 +0000)]
* ksutil.h, ksutil.c (ks_action_to_string): New. (free_ks_options): Only
free if options exist.

14 years ago(parse_ccid_descriptor): Make SCM workaround
Werner Koch [Wed, 16 Mar 2005 19:10:54 +0000 (19:10 +0000)]
(parse_ccid_descriptor): Make SCM workaround
reader type specific.
(scan_or_find_devices): Do not check the interface subclass in the
SPR532 kludge, as this depends on the firmware version.
(ccid_get_atr): Get the Slot status first.  This solves the
problem with readers hanging on recent Linux 2.6.x.
(bulk_in): Add argument TIMEOUT and changed all callers to pass an
appropriate one.  Change the standard timeout from 10 to 5 seconds.
(ccid_slot_status): Add a retry code with an initial short timeout.
(do_close_reader): Do an usb_reset before closing the reader.

14 years ago* ksutil.h, ksutil.c (init_ks_options, free_ks_options,
David Shaw [Wed, 16 Mar 2005 15:17:03 +0000 (15:17 +0000)]
* ksutil.h, ksutil.c (init_ks_options, free_ks_options,
parse_ks_options): Pull a lot of duplicated code into a single options
parser for all keyserver helpers.

14 years agoPost release preparations
Werner Koch [Tue, 15 Mar 2005 16:28:37 +0000 (16:28 +0000)]
Post release preparations

14 years agoPreparing a release V1-4-1
Werner Koch [Tue, 15 Mar 2005 15:51:52 +0000 (15:51 +0000)]
Preparing a release

14 years ago* card-util.c (card_status): Use isotimestamp and not the
Werner Koch [Mon, 14 Mar 2005 20:41:20 +0000 (20:41 +0000)]
* card-util.c (card_status): Use isotimestamp and not the
localized asctimestamp to match the timezone used in the key

* miscutil.c (isotimestamp): New.

14 years ago* cardglue.c (pin_cb): Disable debug output.
Werner Koch [Mon, 14 Mar 2005 19:19:21 +0000 (19:19 +0000)]
* cardglue.c (pin_cb): Disable debug output.

* mk-w32-dist: Check for patch files.
* w32installer.nsi: Translated a few more strings.  Print a
warning if permssions are not suitable for the installation.
Add Uninstaller entries.

14 years ago* New option --enable-noexecstack.
Werner Koch [Fri, 11 Mar 2005 11:02:12 +0000 (11:02 +0000)]
* New option --enable-noexecstack.

* (ASFLAGS): Renamed to AM_CCASFLAGS and added the
variable for non exectubale stack options.  Adapted users.

14 years ago* keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an
David Shaw [Thu, 10 Mar 2005 19:34:40 +0000 (19:34 +0000)]
* keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an
alias for http-proxy.

14 years ago* delkey.c (do_delete_key, delete_keys): Fix problem with --expert
David Shaw [Thu, 10 Mar 2005 18:43:36 +0000 (18:43 +0000)]
* delkey.c (do_delete_key, delete_keys): Fix problem with --expert
preventing --delete-secret-and-public-keys from deleting secret keys.

14 years ago(keyedit_menu) [W32]: Run the trustdb stale check
Werner Koch [Thu, 10 Mar 2005 18:40:57 +0000 (18:40 +0000)]
(keyedit_menu) [W32]: Run the trustdb stale check

14 years ago(secmem_realloc): Take control information into account
Werner Koch [Thu, 10 Mar 2005 09:52:05 +0000 (09:52 +0000)]
(secmem_realloc): Take control information into account
when checking whether a resize is needed.

14 years ago* primegen.c (is_prime): Free A2. Noted by
Werner Koch [Mon, 7 Mar 2005 13:59:59 +0000 (13:59 +0000)]
* primegen.c (is_prime): Free A2.  Noted by
Fixes #423.

* DETAILS: Document new status codes.

* cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign)
(agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin)
(agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a
SC_OP_FAILURE after card operations which might change data.
* card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has
been changed.
(change_name): Removed a debug output.
* status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE

* de.po: Updated. Translation is still in the works, though.

14 years ago* libcurl.m4: Use $LIBS instead of $LDFLAGS. This should help build
David Shaw [Tue, 1 Mar 2005 00:05:16 +0000 (00:05 +0000)]
* libcurl.m4: Use $LIBS instead of $LDFLAGS.  This should help build
problems on Mingw32.

14 years ago* keyedit.c (keyedit_menu): Only print the key signing hint when signing
David Shaw [Thu, 24 Feb 2005 21:21:14 +0000 (21:21 +0000)]
* keyedit.c (keyedit_menu): Only print the key signing hint when signing
from a place where it is useful (i.e. --edit-key and not --sign-key).

14 years ago* Fix problem with storing the gpgkeys helpers in
David Shaw [Thu, 17 Feb 2005 03:49:16 +0000 (03:49 +0000)]
* Fix problem with storing the gpgkeys helpers in
libexec, but calling them in libexec/gnupg.

14 years agoabout to release 1.4.1rc2 RC-1-4-1rc2
Werner Koch [Wed, 16 Feb 2005 20:29:20 +0000 (20:29 +0000)]
about to release 1.4.1rc2

14 years ago* card-util.c (fetch_url): Fetch the key from the default
Werner Koch [Wed, 16 Feb 2005 20:08:14 +0000 (20:08 +0000)]
* card-util.c (fetch_url): Fetch the key from the default
keyserver if no URL is available.

* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.

14 years ago* w32installer.nsi: Added page to select the language.
Werner Koch [Wed, 16 Feb 2005 13:27:57 +0000 (13:27 +0000)]
* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.

14 years ago* gpg.sgml: Add bkuptocard command for --edit-key.
Werner Koch [Tue, 15 Feb 2005 11:02:32 +0000 (11:02 +0000)]
* gpg.sgml: Add bkuptocard command for --edit-key.

* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.

14 years ago* curl-shim.c (curl_easy_perform): Fix compile warning.
David Shaw [Sat, 12 Feb 2005 03:15:02 +0000 (03:15 +0000)]
* curl-shim.c (curl_easy_perform): Fix compile warning.

* curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add
ca-cert-file option, to pass in the SSL cert.

14 years ago* curl-shim.h, curl-shim.c: New. This is code to fake the curl API in
David Shaw [Fri, 11 Feb 2005 18:05:13 +0000 (18:05 +0000)]
* curl-shim.h, curl-shim.c: New.  This is code to fake the curl API in
terms of the current HTTP iobuf API.

* gpgkeys_curl.c [FAKE_CURL], If FAKE_CURL is set, link with
the iobuf code rather than libcurl.

14 years ago* Add --enable-fake-curl option to help test no-curl HTTP.
David Shaw [Fri, 11 Feb 2005 17:46:15 +0000 (17:46 +0000)]
* Add --enable-fake-curl option to help test no-curl HTTP.

* NEWS: Note Mister/Zuccherato CFB countermeasures.

14 years agoDisable the "quick check" bytes for PK decryptions. This is in
David Shaw [Thu, 10 Feb 2005 04:06:30 +0000 (04:06 +0000)]
Disable the "quick check" bytes for PK decryptions.  This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.

14 years ago* trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
David Shaw [Sun, 6 Feb 2005 17:38:43 +0000 (17:38 +0000)]
* trustdb.h, trustdb.c (trustdb_check_or_update): New.  If the trustdb
is dirty and --interactive is set, do an --update-trustdb.  If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is

* import.c (import_keys_internal): Moved from here.

* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end.  This is Debian bug
#293816, noted by Kurt Roeckx.

14 years ago* gpg.sgml: Note that level 0 signatures are always accepted
David Shaw [Sat, 5 Feb 2005 19:52:02 +0000 (19:52 +0000)]
* gpg.sgml: Note that level 0 signatures are always accepted
regardless of --min-cert-level.