| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
idea_get_info from inside load_module. From Stefan Bellon.
|
| |
|
|
|
|
|
| |
* g10c.c: Dead code. Remove.
* Makefile.am: Don't compile g10c.c.
|
| |
|
|
|
|
|
|
| |
* Makefile.am: Don't compile g10u.c.
* iobuf.c (block_filter): Properly handle a partial body stream that ends
with a 5-byte length.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sig-check.c (check_revocation_keys): Comments.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.
* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs. It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.
* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.
* compress-bz2.c: Include stdio.h. Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
* tdbio.c: Fixed format string bugs related to the use of DB_NAME.
Reported by Florian Weimer.
|
| |
|
|
|
|
|
| |
passes the proxy in from the outside. If the command file sends a proxy,
use it. If it sends "http-proxy" with no arguments, use $http_proxy from
the environment.
|
| |
|
|
|
|
|
| |
parse_keyserver_uri): honor-http-proxy is no longer an option since we can
do the same thing with http-proxy with no arguments. Also remove
broken-http-proxy since it can be better handled in the HTTP helper.
|
| |
|
|
|
| |
evironment.
|
| |
|
|
|
| |
proxy from outside rather than pulling it from the evironment.
|
| |
|
|
|
| |
arguments. (parse_keyserver_options): Use it here for optional arguments.
|
| | |
|
| |
|
|
|
|
|
| |
(parse_keyserver_options): Use them here to allow arguments to
keyserver-options. Since none of our options need arguments yet, just
pass them through whole to the keyserver helper.
|
| |
|
|
|
|
|
|
|
| |
the messages about which option didn't match or matched ambiguously.
Change all callers (g10.c, keyserver.c).
* main.h, import.c (import_options), export.c (export_options): Pass the
noisy flag through.
|
| |
|
|
|
|
|
|
| |
(do_check): Use an unsigned length for mpi_get_opaque.
* options.h: It's impolite to assign -1 to an unsigned
opt.force_ownertrust.
|
| |
|
|
|
| |
MPI unsigned.
|
| |
|
|
|
| |
length of an opaque MPI unsigned.
|
| |
|
|
|
|
|
| |
code.
* keyid.c (keyid_from_sk): Make sure lowbits is initialized.
|
| |
|
|
|
|
| |
rsa.c (rsa_verify), pubkey.c (dummy_verify, pubkey_verify): Remove old
unused code.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
here... (signature_check2): ... to here. (check_key_signature2): ... and
here. This is a minor optimization to avoid fetching a key (which can be
expensive, especially if it is not self-signed, and there are many key
signatures on it which need to be checked for ultimate trust) if the
signature would have failed anyway because of algorithm or hash problems.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* keydb.h, keyid.c (hash_public_key, do_fingerprint_md): ... and make a
new one here that shares code with the fingerprint calculations. This
removes some duplicated functionality, and is also around 14% faster.
(Every bit helps).
* import.c (import_one): No longer need the Elgamal import warning.
* getkey.c (get_pubkey_fast): This one is sort of obscure. get_pubkey_fast
returns the primary key when requesting a subkey, so if a user has a key
signed by a subkey (we don't do this, but used to), AND that key is not
self-signed, AND the algorithm of the subkey in question is not present in
GnuPG, AND the algorithm of the primary key that owns the subkey in
question is present in GnuPG, then we will try and verify the subkey
signature using the primary key algorithm and hit a BUG(). The fix is to
not return a hit if the keyid is not the primary. All other users of
get_pubkey_fast already expect a primary only.
|
| |
|
|
|
| |
keys. They are no longer needed.
|
| |
|
|
|
|
| |
fingerprint_from_sk): Enforce the v3-is-only-RSA rule. Anything that
isn't RSA gets a zero keyid and fingerprint.
|
| |
|
|
|
|
|
|
|
| |
don't know the structure of by using the opaque MPI.
(do_fingerprint_md_sk): We cannot calculate the fingerprint from a secret
key unless we know the structure (since we can't leave off the secret key
parts), so fail early..... (keyid_from_sk, fingerprint_from_sk): .... and
return all zeroes.
|
| | |
|
| |
|
|
|
|
|
| |
* README.CVS: New.
* autogen.sh: Revamped except for the --build-w32 hack.
* Makefile.am: Add README.CVS
|
| |
|
|
|
|
|
|
| |
Christian Biere. Some minor grammar fixes. Remove the "host -l pgp.net |
grep wwwkeys" advice since the nameserver no longer all allow zone
transfers. Replace it with a mention of hkp://subkeys.pgp.net. Note that
BZIP2 defaults to compression level 6.
|
| |
|
|
|
|
| |
Move it here. (handle_bzip2): Add this to handle BZIP2 compressed
messages.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
gone.
* defs.inc, pubring.asc, secring.asc, plain-1.asc, plain-2.asc,
plain-3.asc: Remove the old v3 Elgamal keys and replace with RSA+Elgamal
and RSA s+e.
|
| |
|
|
|
|
| |
alternate strings when not needed so we don't have to re-translate them.
Hopefully the comment will be enough to indicate multiple match strings.
|
| |
|
|
|
| |
K*BSD (GNU userland with BSD kernel).
|
| | |
|
| |
|
|
|
|
|
| |
encrypt-only Elgamal keys. (pubkey_get_npkey, pubkey_get_nskey,
pubkey_get_nsig, pubkey_get_nenc, pubkey_nbits): Wrap the RSA cheats in
!USE_RSA. Add cheats for sign+encrypt Elgamal.
|
| |
|
|
|
|
| |
output. (main): Set --bzip2-compress-level to the default value at
startup. Remove --emulate-checksum-bug noop.
|
| | |
|
| |
|
|
|
|
|
| |
encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove
--emulate-md-encode-bug as it only applied to Elgamal signatures, which
are going away.
|
| |
|
|
|
|
|
|
| |
* configure.ac: Add --disable-rsa.
* README: Add --with-zlib, --with-bzip2, --without-bzip2, --disable-rsa,
and --enable-minimal. Update gettext version.
|
| |
|
|
|
|
|
|
|
|
| |
(pubkey_get_npkey): Return 2 for RSA even if it isn't available so we can
at least handle RSA keys.
----------------------------------------------------------------------
pubkey.c CVS:
----------------------------------------------------------------------
|
| | |
|
| |
|
|
|
|
|
|
| |
--override-session-key on --symmetric messages (new-style or old-style).
(proc_pubkey_enc): Move code to show session key from here to
proc_encrypted() so it can work with any type of message. Suggested by
Michael Young.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
any ultimately trusted keys. This ensures that if we lose all our
ultimately trusted keys, we don't leave behind the old validity
calculations. Noted by Peter Palfrader.
* revoke.c (gen_desig_revoke): Specify in the comment when a designated
revocation is generated.
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Remove Elgamal check since we are removing type 20
keys altogether.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
longer.
|
| | |
|
| |
|
|
|
|
|
| |
* elgamal.c (gen_k): New arg SMALL_K.
(sign): Use it here with SMALL_K set to false
(do_encrypt): and here with SMALL_K set to true.
|
| |
|
|
|
|
|
|
| |
mode.
* getkey.c (get_seckey_byname2): Disallow use of sign+encrypt Elgamal
keys.
|
| | |
|
| | |
|
