gnupg.git
13 years agoPreparing for an RC23
Werner Koch [Thu, 9 Mar 2006 12:45:02 +0000 (12:45 +0000)]
Preparing for an RC23

13 years ago* gpg.sgml: Document "notation".
David Shaw [Thu, 9 Mar 2006 04:00:18 +0000 (04:00 +0000)]
* gpg.sgml: Document "notation".

13 years ago* keyedit.c (menu_set_notation): New function to set notations on
David Shaw [Thu, 9 Mar 2006 03:49:39 +0000 (03:49 +0000)]
* keyedit.c (menu_set_notation): New function to set notations on
self-signatures.  (keyedit_menu): Call it here.
(tty_print_notations): Helper.  (show_prefs): Show notations in
"showpref".

13 years ago* mainproc.c (get_pka_address), keylist.c (show_notation): Remove
David Shaw [Thu, 9 Mar 2006 03:35:26 +0000 (03:35 +0000)]
* mainproc.c (get_pka_address), keylist.c (show_notation): Remove
duplicate code by using notation functions.

13 years ago* argparse.c (default_strusage): Update copyright year to 2006.
David Shaw [Thu, 9 Mar 2006 03:31:28 +0000 (03:31 +0000)]
* argparse.c (default_strusage): Update copyright year to 2006.

13 years ago* packet.h, build-packet.c (sig_to_notation), keygen.c
David Shaw [Thu, 9 Mar 2006 01:15:18 +0000 (01:15 +0000)]
* packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Provide printable text for non-human-readable
notation values.

13 years ago* packet.h, build-packet.c (sig_to_notation), keygen.c
David Shaw [Wed, 8 Mar 2006 23:42:45 +0000 (23:42 +0000)]
* packet.h, build-packet.c (sig_to_notation), keygen.c
(keygen_add_notations): Tweak to handle non-human-readable notation
values.

13 years ago* options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data):
David Shaw [Wed, 8 Mar 2006 23:30:12 +0000 (23:30 +0000)]
* options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data):
Use it here for the various notation commands.

* packet.h, main.h, keygen.c (keygen_add_notations), build-packet.c
(string_to_notation, sig_to_notation) (free_notation): New "one stop
shopping" functions to handle notations and start removing some code
duplication.

13 years ago* options.h, mainproc.c (check_sig_and_print), gpg.c (main):
David Shaw [Wed, 8 Mar 2006 02:40:42 +0000 (02:40 +0000)]
* options.h, mainproc.c (check_sig_and_print), gpg.c (main):
pka-lookups, not pka-lookup.

* options.h, gpg.c (main), keyedit.c [cmds], sig-check.c
(signature_check2): Rename "backsign" to "cross-certify" as a more
accurate name.

13 years ago* NEWS: Note CERT retrieval. Tweak PKA and backsig language to match
David Shaw [Wed, 8 Mar 2006 02:36:37 +0000 (02:36 +0000)]
* NEWS: Note CERT retrieval.  Tweak PKA and backsig language to match
current code.

13 years ago* gpg.sgml: Rename backsigs to cross-certification (backsigs is just
David Shaw [Tue, 7 Mar 2006 22:44:23 +0000 (22:44 +0000)]
* gpg.sgml: Rename backsigs to cross-certification (backsigs is just
shorthand).  Document max-cert-size.

13 years ago* gpg.sgml: Document new way of enabling the PKA functions. Some minor
David Shaw [Tue, 7 Mar 2006 21:47:36 +0000 (21:47 +0000)]
* gpg.sgml: Document new way of enabling the PKA functions.  Some minor
other cleanups.

13 years ago* options.h, gpg.c (main, parse_trust_model), pkclist.c
David Shaw [Tue, 7 Mar 2006 20:14:20 +0000 (20:14 +0000)]
* options.h, gpg.c (main, parse_trust_model), pkclist.c
(check_signatures_trust), mainproc.c (check_sig_and_print,
pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so that it
is a verify-option now.

13 years ago* NEWS: Note --auto-key-locate and that keyservers can handle binary data
David Shaw [Tue, 7 Mar 2006 16:20:03 +0000 (16:20 +0000)]
* NEWS: Note --auto-key-locate and that keyservers can handle binary data
now.

13 years agoMore tests added; make distcheck works
Werner Koch [Tue, 7 Mar 2006 11:05:41 +0000 (11:05 +0000)]
More tests added; make distcheck works

13 years ago* gpg.sgml: Document --auto-key-locate.
David Shaw [Tue, 7 Mar 2006 05:06:31 +0000 (05:06 +0000)]
* gpg.sgml: Document --auto-key-locate.

13 years ago* sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
David Shaw [Tue, 7 Mar 2006 01:16:31 +0000 (01:16 +0000)]
* sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
is not a PGP 2.x algorithm.

13 years ago* mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
David Shaw [Mon, 6 Mar 2006 23:14:13 +0000 (23:14 +0000)]
* mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
algorithm.

13 years agoStricter test of allowed signature packet compositions.
Werner Koch [Mon, 6 Mar 2006 21:28:25 +0000 (21:28 +0000)]
Stricter test of allowed signature packet compositions.
There is still one problem to solve.

13 years agoFixed problem with PGP2 style signatures and mutilple plaintext data
Werner Koch [Mon, 6 Mar 2006 12:28:46 +0000 (12:28 +0000)]
Fixed problem with PGP2 style signatures and mutilple plaintext data

13 years agoReplaced an assert and fixed batch mode issue in cardglue.
Werner Koch [Sun, 5 Mar 2006 15:13:18 +0000 (15:13 +0000)]
Replaced an assert and fixed batch mode issue in cardglue.

13 years ago* gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP
David Shaw [Fri, 3 Mar 2006 21:55:38 +0000 (21:55 +0000)]
* gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP
libraries that have TLS.

13 years ago* getkey.c (parse_auto_key_locate): Error if the user selects "cert" or
David Shaw [Wed, 1 Mar 2006 18:16:55 +0000 (18:16 +0000)]
* getkey.c (parse_auto_key_locate): Error if the user selects "cert" or
"pka" when those features are disabled.

* misc.c (has_invalid_email_chars): Fix some C syntax that broke the
compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha.  Noted by Nelson H.
F. Beebe.

13 years ago* configure.ac: Fix accidental enabling of SHA-384/512. Noted by Nelson
David Shaw [Wed, 1 Mar 2006 17:05:38 +0000 (17:05 +0000)]
* configure.ac: Fix accidental enabling of SHA-384/512.  Noted by Nelson
H. F. Beebe.

13 years ago* options.skel: Document auto-key-locate and give a pointer to Simon
David Shaw [Mon, 27 Feb 2006 19:31:13 +0000 (19:31 +0000)]
* options.skel: Document auto-key-locate and give a pointer to Simon
Josefsson's page for CERT.

13 years ago* gpg.sgml: Document new --keyserver syntax.
David Shaw [Sat, 25 Feb 2006 00:21:20 +0000 (00:21 +0000)]
* gpg.sgml: Document new --keyserver syntax.

13 years ago* keydb.h, getkey.c (release_akl), gpg.c (main): Add
David Shaw [Fri, 24 Feb 2006 14:27:22 +0000 (14:27 +0000)]
* keydb.h, getkey.c (release_akl), gpg.c (main): Add
--no-auto-key-locate.

* options.h, gpg.c (main): Keep track of each keyserver registered so
we can match on them later.

* keyserver-internal.h, keyserver.c (cmp_keyserver_spec,
keyserver_match), gpgv.c: New.  Find a keyserver that matches ours and
return its spec.

* getkey.c (get_pubkey_byname): Use it here to get the per-keyserver
options from an earlier keyserver.

13 years ago* keyserver.c (parse_keyserver_options): Only change max_cert if it is
David Shaw [Fri, 24 Feb 2006 03:57:11 +0000 (03:57 +0000)]
* keyserver.c (parse_keyserver_options): Only change max_cert if it is
used.

13 years ago* options.c, gpg.c (main), keyserver.c (keyserver_spawn): No special
David Shaw [Thu, 23 Feb 2006 22:39:40 +0000 (22:39 +0000)]
* options.c, gpg.c (main), keyserver.c (keyserver_spawn): No special
treatment of include-revoked, include-subkeys, and try-dns-srv.  These are
keyserver features, and GPG shouldn't get involved here.

13 years ago* ksutil.c (init_ks_options): Default include-revoked and include-subkeys
David Shaw [Thu, 23 Feb 2006 21:06:32 +0000 (21:06 +0000)]
* ksutil.c (init_ks_options): Default include-revoked and include-subkeys
to on, as gpg isn't doing this any longer.

13 years ago* keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
David Shaw [Thu, 23 Feb 2006 20:54:30 +0000 (20:54 +0000)]
* keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
options to the list, as ordering may be significant to the user.

13 years ago* gpg.c (add_notation_data): Fix reversed logic for isascii check when
David Shaw [Thu, 23 Feb 2006 19:52:20 +0000 (19:52 +0000)]
* gpg.c (add_notation_data): Fix reversed logic for isascii check when
adding notations.  Noted by Christian Biere.

13 years ago* options.h, keyserver.c (add_canonical_option): New.
David Shaw [Thu, 23 Feb 2006 17:00:02 +0000 (17:00 +0000)]
* options.h, keyserver.c (add_canonical_option): New.
(parse_keyserver_options): Moved from here. (parse_keyserver_uri): Use it
here so each keyserver can have some private options in addition to the
main keyserver-options (e.g. per-keyserver auth).

13 years ago* options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
David Shaw [Wed, 22 Feb 2006 23:37:23 +0000 (23:37 +0000)]
* options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
getkey.c (free_akl, parse_auto_key_locate, get_pubkey_byname): The obvious
next step: allow arbitrary keyservers in the auto-key-locate list.

13 years ago* gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on
David Shaw [Wed, 22 Feb 2006 23:19:36 +0000 (23:19 +0000)]
* gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on
odd matches.

13 years ago* options.h, keyserver.c (parse_keyserver_options): Remove
David Shaw [Wed, 22 Feb 2006 20:34:48 +0000 (20:34 +0000)]
* options.h, keyserver.c (parse_keyserver_options): Remove
auto-cert-retrieve as it is no longer meaningful.  Add max-cert-size to
allow users to pick a max key size retrieved via CERT.

13 years ago* options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
David Shaw [Wed, 22 Feb 2006 20:20:58 +0000 (20:20 +0000)]
* options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
(keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be
consistent with honor-keyserver-url.

13 years ago* options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):
David Shaw [Wed, 22 Feb 2006 19:06:23 +0000 (19:06 +0000)]
* options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):
Parse a list of key access methods. (get_pubkey_byname): Walk the list
here to try and retrieve keys we don't have locally.

13 years ago* gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allow
David Shaw [Wed, 22 Feb 2006 04:19:21 +0000 (04:19 +0000)]
* gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allow
duplicate attributes as OpenLDAP is now enforcing this.

13 years ago* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
David Shaw [Wed, 22 Feb 2006 03:49:49 +0000 (03:49 +0000)]
* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
credentials to a remote LDAP server.

13 years ago* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
David Shaw [Wed, 22 Feb 2006 02:11:35 +0000 (02:11 +0000)]
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
curl_easy_perform): Mingw has 'stderr' as a macro?

13 years ago* getkey.c (get_pubkey_byname): Fix minor security problem with PKA when
David Shaw [Tue, 21 Feb 2006 22:23:35 +0000 (22:23 +0000)]
* getkey.c (get_pubkey_byname): Fix minor security problem with PKA when
importing at -r time.  The URL in the PKA record may point to a key put in
by an attacker.  Fix is to use the fingerprint from the PKA record as the
recipient.  This ensures that the PKA record is followed.

* keyserver-internal.h, keyserver.c (keyserver_import_pka): Return the
fingerprint we requested.

13 years ago* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
David Shaw [Tue, 21 Feb 2006 16:16:09 +0000 (16:16 +0000)]
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for easier
debugging.

13 years ago* gpgv.c: Stub keyserver_import_ldap.
David Shaw [Tue, 21 Feb 2006 16:09:09 +0000 (16:09 +0000)]
* gpgv.c: Stub keyserver_import_ldap.

* keyserver-internal.h, keyserver.c (keyserver_import_ldap): Import using
the PGP Universal trick of asking ldap://keys.(maildomain) for the key.

13 years ago* keyserver.c (parse_keyserver_uri): Include the scheme in the uri
David Shaw [Tue, 21 Feb 2006 05:20:08 +0000 (05:20 +0000)]
* keyserver.c (parse_keyserver_uri): Include the scheme in the uri
even when we've assumed "hkp" when there was no scheme.

13 years ago* http.c (send_request): A zero length proxy is the same as no proxy.
David Shaw [Sun, 19 Feb 2006 21:03:01 +0000 (21:03 +0000)]
* http.c (send_request): A zero length proxy is the same as no proxy.

13 years ago* configure.ac: Try linking the UINT64_C test program (rather than
David Shaw [Sun, 19 Feb 2006 02:08:43 +0000 (02:08 +0000)]
* configure.ac: Try linking the UINT64_C test program (rather than
just compiling it) as UINT64_C looks like a (missing) function,
causing a false positive.  Noted by Claus Assmann.

13 years agoabout to release 1.4.3rc1 gnupg-1.4.3rc1
Werner Koch [Tue, 14 Feb 2006 16:28:34 +0000 (16:28 +0000)]
about to release 1.4.3rc1

13 years agoFixed a wrong return code with gpg --verify
Werner Koch [Tue, 14 Feb 2006 10:17:57 +0000 (10:17 +0000)]
Fixed a wrong return code with gpg --verify

13 years agoLock random seed file
Werner Koch [Thu, 9 Feb 2006 12:54:41 +0000 (12:54 +0000)]
Lock random seed file

13 years agoFixed a couple of problems
Werner Koch [Wed, 8 Feb 2006 17:55:20 +0000 (17:55 +0000)]
Fixed a couple of problems

13 years agoAdd support fro CardMan 4040
Werner Koch [Mon, 6 Feb 2006 16:34:20 +0000 (16:34 +0000)]
Add support fro CardMan 4040

13 years ago* cert.c (get_cert): Disable IPGP types for now until the format questions
David Shaw [Thu, 26 Jan 2006 16:51:04 +0000 (16:51 +0000)]
* cert.c (get_cert): Disable IPGP types for now until the format questions
in the draft are settled.

* srv.c (getsrv): Error on oversize SRV responses.

13 years ago* keyserver.c (parse_keyserver_uri): If there is a path present, set the
David Shaw [Tue, 24 Jan 2006 21:03:06 +0000 (21:03 +0000)]
* keyserver.c (parse_keyserver_uri): If there is a path present, set the
direct_uri flag so the right keyserver helper is run.

13 years ago* keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
David Shaw [Sun, 22 Jan 2006 21:40:20 +0000 (21:40 +0000)]
* keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
keyserver helpers on systems that use extensions.

* misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing with
drive letter systems.

13 years ago* configure.ac: Add define for EXEEXT so we can find keyserver helpers
David Shaw [Sun, 22 Jan 2006 21:38:02 +0000 (21:38 +0000)]
* configure.ac: Add define for EXEEXT so we can find keyserver helpers
on systems that use extensions.

13 years ago* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
David Shaw [Tue, 17 Jan 2006 20:55:53 +0000 (20:55 +0000)]
* keydb.h, passphrase.c (next_to_last_passphrase): New.  "Touch" a
passphrase as if it was used (move from next_pw to last_pw).

* pubkey-enc.c (get_session_key): Use it here to handle the case where a
passphrase happens to be correct for a secret key, but yet that key isn't
the anonymous recipient (i.e. the secret key could be decrypted, but not
the session key).  This also handles the case where a secret key is
located on a card and a secret key with no passphrase.  Note this does not
fix bug 594 (anonymous recipients on smartcard do not work) - it just
prevents the anonymous search from stopping when the card is encountered.

13 years ago* libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.
David Shaw [Tue, 17 Jan 2006 16:03:51 +0000 (16:03 +0000)]
* libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.

13 years ago* libcurl.m4: Remove GOPHER, as that is not supported in libcurl any
David Shaw [Mon, 16 Jan 2006 20:22:58 +0000 (20:22 +0000)]
* libcurl.m4: Remove GOPHER, as that is not supported in libcurl any
longer.

13 years ago* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
David Shaw [Mon, 16 Jan 2006 17:59:46 +0000 (17:59 +0000)]
* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
uploading a key.

13 years ago* keyserver.c (keyserver_refresh): Fix problem when more than one key
David Shaw [Sat, 7 Jan 2006 21:04:13 +0000 (21:04 +0000)]
* keyserver.c (keyserver_refresh): Fix problem when more than one key
in a refresh batch has a preferred keyserver set.  Noted by Nicolas
Rachinsky.

13 years ago* mainproc.c (check_sig_and_print), keyserver.c
David Shaw [Sun, 1 Jan 2006 18:12:57 +0000 (18:12 +0000)]
* mainproc.c (check_sig_and_print), keyserver.c
(keyserver_import_pka), card-util.c (fetch_url): Always require a
scheme:// for keyserver URLs except when used as part of the
--keyserver command for backwards compatibility.

13 years ago* sign.c (write_signature_packets): Lost a digest_algo line.
David Shaw [Sun, 1 Jan 2006 17:59:57 +0000 (17:59 +0000)]
* sign.c (write_signature_packets): Lost a digest_algo line.

13 years ago* sign.c (hash_for): Add code to detect if the sk lives on a smart
David Shaw [Sun, 1 Jan 2006 17:48:54 +0000 (17:48 +0000)]
* sign.c (hash_for): Add code to detect if the sk lives on a smart
card.  If it does, only allow 160-bit hashes, a la DSA.  This involves
passing the *sk in, so change all callers.  This is correct for today,
given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160
support in the openpgp card.  It will almost certainly need changing
down the road.

* app-openpgp.c (do_sign): Give user error if hash algorithm is not
supported by the card.

13 years ago* cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.
David Shaw [Sat, 24 Dec 2005 15:35:39 +0000 (15:35 +0000)]
* cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.

13 years ago* keyserver.c (keyserver_import_pka): New. Moved from
David Shaw [Fri, 23 Dec 2005 22:17:11 +0000 (22:17 +0000)]
* keyserver.c (keyserver_import_pka): New.  Moved from
getkey.c:get_pubkey_byname which was getting crowded.

* keyserver.c (keyserver_import_cert): Import a key found in DNS via CERT
records.  Can handle both the PGP (actual key) and IPGP (URL) CERT types.

* getkey.c (get_pubkey_byname): Call them both here.

* options.h, keyserver.c (parse_keyserver_options): Add
"auto-cert-retrieve" option with optional max size argument.

13 years ago* gpgv.c: Stub.
David Shaw [Fri, 23 Dec 2005 21:33:32 +0000 (21:33 +0000)]
* gpgv.c: Stub.

* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
keygerver_getname): New keyserver_getname function to fetch keys by name.

* getkey.c (get_pubkey_byname): Call it here to enable locating keys by
full mailbox from a keyserver a la PKA.  Try PKA first, though, as it is
likely to be faster.

13 years ago* ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
David Shaw [Fri, 23 Dec 2005 20:51:48 +0000 (20:51 +0000)]
* ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".

* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): Use it
here to do direct name (rather than key ID) fetches.

13 years agoNew code to do DNS CERT queries.
David Shaw [Fri, 23 Dec 2005 18:15:24 +0000 (18:15 +0000)]
New code to do DNS CERT queries.

13 years ago* srv.c, Makefile.am: Only build srv.c if we need to.
David Shaw [Fri, 23 Dec 2005 05:00:55 +0000 (05:00 +0000)]
* srv.c, Makefile.am: Only build srv.c if we need to.

13 years ago* configure.ac: Split PKA checking off from DNS SRV checking.
David Shaw [Fri, 23 Dec 2005 04:58:25 +0000 (04:58 +0000)]
* configure.ac: Split PKA checking off from DNS SRV checking.
Currently PKA is only enabled if HTTP or HKP is enabled which is not
necessary.

13 years agoFinished PKA feature
Werner Koch [Tue, 20 Dec 2005 20:19:16 +0000 (20:19 +0000)]
Finished PKA feature

13 years ago* getkey.c (merge_selfsigs_main): All primary keys can certify.
David Shaw [Mon, 19 Dec 2005 22:10:20 +0000 (22:10 +0000)]
* getkey.c (merge_selfsigs_main): All primary keys can certify.

13 years ago* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
David Shaw [Mon, 19 Dec 2005 19:39:32 +0000 (19:39 +0000)]
* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
curl_writer_finalize): New functionality to handle binary format keys by
armoring them for input to GPG.

* gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here.

13 years ago* gpg.c (main): Restore convert-sk-to-pk as programs rely on it.
David Shaw [Mon, 19 Dec 2005 01:51:31 +0000 (01:51 +0000)]
* gpg.c (main): Restore convert-sk-to-pk as programs rely on it.

* keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT flag.
It's no longer needed.

13 years ago* gpg.c (main): Don't default to import-options convert-sk-to-pk. It
David Shaw [Wed, 14 Dec 2005 14:52:04 +0000 (14:52 +0000)]
* gpg.c (main): Don't default to import-options convert-sk-to-pk.  It
causes confusing warning messages when importing a PGP-exported key
that contains a secret key without selfsigs followed by the public
key.

13 years ago* ttyio.c (tty_enable_completion, tty_disable_completion): Add checks
David Shaw [Mon, 12 Dec 2005 03:56:01 +0000 (03:56 +0000)]
* ttyio.c (tty_enable_completion, tty_disable_completion): Add checks
for no_terminal so we don't try to open("/dev/tty") when invoked with
--no-tty.

13 years ago* NEWS: Note --fetch-keys.
David Shaw [Thu, 8 Dec 2005 23:35:47 +0000 (23:35 +0000)]
* NEWS: Note --fetch-keys.

13 years ago* gpg.sgml: Document --fetch-keys.
David Shaw [Thu, 8 Dec 2005 19:39:59 +0000 (19:39 +0000)]
* gpg.sgml: Document --fetch-keys.

13 years ago* keyserver.c (keyserver_fetch): Switch on fast-import before we
David Shaw [Thu, 8 Dec 2005 15:37:26 +0000 (15:37 +0000)]
* keyserver.c (keyserver_fetch): Switch on fast-import before we
--fetch-keys so we don't rebuild the trustdb after each fetch.

13 years agoMade strings translatable. Minor fixes.
Werner Koch [Thu, 8 Dec 2005 07:42:41 +0000 (07:42 +0000)]
Made strings translatable. Minor fixes.

13 years ago* options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
David Shaw [Thu, 8 Dec 2005 05:52:41 +0000 (05:52 +0000)]
* options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
keyserver_fetch): Set a flag to indicate that we're doing a direct URI
fetch so we can differentiate between a keyserver operation and a URI
fetch for protocols like LDAP that can do either.

13 years ago* gpg.sgml: Document -d. Add [file] to a few options.
David Shaw [Thu, 8 Dec 2005 05:29:35 +0000 (05:29 +0000)]
* gpg.sgml: Document -d.  Add [file] to a few options.

13 years ago* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language
David Shaw [Wed, 7 Dec 2005 23:00:30 +0000 (23:00 +0000)]
* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language
for the key-not-found error.

13 years ago* keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
David Shaw [Wed, 7 Dec 2005 22:34:11 +0000 (22:34 +0000)]
* keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
when fetching a URI.

* keyserver-internal.h, keyserver.c (keyserver_fetch): New.  Fetch an
arbitrary URI using the keyserver helpers.

* gpg.c (main): Call it from here for --fetch-keys.

13 years ago* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.
David Shaw [Wed, 7 Dec 2005 22:25:58 +0000 (22:25 +0000)]
* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.

* gpgkeys_curl.c (get_key): Give key-not-found error if no data is found
(or file itself is not found) during a fetch.

13 years agoMissed file.
David Shaw [Tue, 6 Dec 2005 21:10:34 +0000 (21:10 +0000)]
Missed file.

13 years agoSome cleanup so we don't build files that are completely ifdeffed out.
David Shaw [Tue, 6 Dec 2005 20:54:05 +0000 (20:54 +0000)]
Some cleanup so we don't build files that are completely ifdeffed out.
This causes a warning on Sun's cc.  Do the internal regex code as well for
consistency.

13 years ago* idea-stub.c (load_module): Not legal to return a void * as a function
David Shaw [Tue, 6 Dec 2005 20:27:43 +0000 (20:27 +0000)]
* idea-stub.c (load_module): Not legal to return a void * as a function
pointer.

13 years ago* curl-shim.c (curl_easy_perform): Fix build warning (code before
David Shaw [Tue, 6 Dec 2005 18:49:34 +0000 (18:49 +0000)]
* curl-shim.c (curl_easy_perform): Fix build warning (code before
declaration).

13 years ago* mkdtemp.c (mkdtemp): Fix warning.
David Shaw [Tue, 6 Dec 2005 18:24:57 +0000 (18:24 +0000)]
* mkdtemp.c (mkdtemp): Fix warning.

* secmem.c, assuan-buffer.c, dotlock.c: Fix a few warnings from printf-ing
%p where the arg wasn't void *.

13 years ago* Makefile.am: Some cleanup so we don't build files that are completely
David Shaw [Tue, 6 Dec 2005 17:13:44 +0000 (17:13 +0000)]
* Makefile.am: Some cleanup so we don't build files that are completely
ifdeffed out.  This causes a warning on Sun's cc.  Do sha512.c as well for
consistency.

13 years ago* main.h, keylist.c (print_revokers): New. Print the "rvk" designated
David Shaw [Sun, 20 Nov 2005 15:02:03 +0000 (15:02 +0000)]
* main.h, keylist.c (print_revokers): New.  Print the "rvk" designated
revoker record.  Moved from keyedit.c:show_key_with_all_names_colon.

* keylist.c (list_keyblock_colon): Use it here ...

* keyedit.c (show_key_with_all_names_colon): ... and here.

13 years ago* free-packet.c (copy_secret_key): Copy secret key into secure memory
David Shaw [Sat, 19 Nov 2005 05:55:45 +0000 (05:55 +0000)]
* free-packet.c (copy_secret_key): Copy secret key into secure memory
since we may unprotect it.

* main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local user
support so users can use -u with --desig-revoke.  This bypasses the
interactive walk over the revocation keys.

13 years ago* gpg.sgml: Clarify "xxxxx-clean" and "clean". Document
David Shaw [Fri, 18 Nov 2005 04:50:15 +0000 (04:50 +0000)]
* gpg.sgml: Clarify "xxxxx-clean" and "clean".  Document
"xxxxx-minimal", and "minimize".

13 years ago* NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal
David Shaw [Fri, 18 Nov 2005 04:37:30 +0000 (04:37 +0000)]
* NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal
options.

13 years ago* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just
David Shaw [Fri, 18 Nov 2005 04:25:07 +0000 (04:25 +0000)]
* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just
"clean", and add "minimize".

* import.c (parse_import_options): Make help text match the export
versions of the options.

* options.h, export.c (parse_export_options, do_export_stream): Reduce
clean options to two: clean and minimize.

* trustdb.h, trustdb.c (clean_one_uid): New function that joins uid
and sig cleaning into one for a simple API outside trustdb.

13 years ago* armor.c (parse_header_line): A fussy bit of 2440: header lines are
David Shaw [Sun, 13 Nov 2005 21:48:52 +0000 (21:48 +0000)]
* armor.c (parse_header_line): A fussy bit of 2440: header lines are
delimited with a colon-space pair.  Therefore a line such as "Comment:
" is actually legal, albeit not particularly useful.

13 years ago* trustdb.h, trustdb.c (clean_key): New function to handle key
David Shaw [Sat, 12 Nov 2005 04:53:03 +0000 (04:53 +0000)]
* trustdb.h, trustdb.c (clean_key): New function to handle key
cleaning from one convenient place.

* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Reduce clean options to two: clean and minimize.

* parse-packet.c (setup_user_id): Remove.  (parse_user_id,
parse_attribute): Just use xmalloc_clear instead.

13 years ago* trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly
David Shaw [Sat, 12 Nov 2005 03:48:02 +0000 (03:48 +0000)]
* trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly
simpler implementation.