| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
This assumes at least an 80-character display, as there are a few other
similar assumptions here and there. Users who need unformatted hashes can
still use with-colons.
|
| |
|
|
|
|
|
|
| |
armor Hash: header.
* g10.c (print_hex): Print long hash strings a little neater. (print_mds):
Add the new SHAs to the hash list.
|
| |
|
|
|
|
| |
* Makefile.am, algorithms.h, md.c (load_digest_module,
string_to_digest_algo): Add read-only support for the new SHAs.
|
| | |
|
| |
|
|
|
| |
during ./configure.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(treat as a v4 revocation).
* keyedit.c (keyedit_menu, menu_revuid): Backport "revuid" from devel.
* import.c (print_import_check): Do not re-utf8 convert user IDs.
* status.h, status.c (get_status_string), import.c (import_one,
print_import_check): Backport Timo's IMPORT_CHECK status message from
devel.
|
| |
|
|
|
| |
keyid, but rather a text string from the user ID.
|
| |
|
|
|
| |
matter where the user puts the = sign.
|
| |
|
|
|
| |
copies the skel file to their homedir.
|
| |
|
|
|
|
| |
matches what we do when decoding such messages and prevents creating a
message (v3+RIPEMD/160) that we can't verify.
|
| |
|
|
|
|
| |
signature digest conflict. BAD_SIGN implies that a signature was checked
and we may try and print out a user ID for a key that doesn't exist.
|
| |
|
|
|
| |
delimiter in a row and also allow tab as delimiter.
|
| |
|
|
|
| |
non-fully-qualified trustdb names.
|
| |
|
|
|
|
|
| |
get_validity_info): Don't mask the trust level twice.
* armor.c (armor_filter): Comment about PGP's end of line tab problem.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
(release_public_key_parts): Remove unused namehash element for public
keys.
* trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info): Pass a
user ID in rather than a namehash, so we only have to do the hashing in
one place.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
corrected:
Intro - available *here* link corrected.
Was <http://www.gnupg.org/faq.html>, corrected to be:
<http://www.gnupg.org/documentation/faqs.html>
1.1 - RFC 2440 link corrected. Was
<http://www.gnupg.org/rfc2440.html>,
now linked to: <http://www.rfc-editor.org/>
2.1 - <http://www.gnupg.org/docs.html> corrected to be:
<http://www.gnupg.org/documentation/>
<http://lists.gnupg.org> corrected to be:
<http://www.gnupg.org/documentation/mailing-lists.html>
2.2 - <http://www.gnupg.org/mirrors.html> corrected to be:
<http://www.gnupg.org/download/mirrors.html>
3.1 - <http://gnupg.org/backend.html#supsys> corrected to be:
<http://gnupg.org/download/supported_systems.html>
3.2 - <http://www.gnupg.org/download.html> corrected to be:
<http://www.gnupg.org/download/>
* Corrected typo in question 4.12 - Changed "How can a get list of key
IDs..." to "How can I get list of key IDs..."
* Modified URL listed in question 6.19 to become an actual hyperlink.
* Removed line continuation character ("\") at the end of command-
strings that were split into two lines (to lessen confusion for those
using Windows or OSes that don't support line continuation).
* Removed paragraph on line continuation, replacing it with a paragraph
to remind the reader that although some command lines may be split
into two lines to allow for proper web page display of the FAQ file
in some browsers, the entire command-string is to be entered all on
one line.
* Corrected command-line entries that lacked a "$" character at the
beginning of the command-string to signafy a shell prompt in order to
apply consitancy throughout the FAQ.
* Replaced <pre> tags with <samp> for code entries to improve display
for those browser with limited window widths (does not apply to
tables).
* Trimmed whitespace in tables to narrow width to improve display for
those browsers with limited window widths.
|
| |
|
|
|
|
|
| |
* fi.po, zh_TW.po: New from TP Robot.
* es.po, gl.po, id.po, tr.po: Updated from TP Robot.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
trustdb.c (update_validity): Store temporary full & marginal counts in the
trustdb. (clear_validity, get_validity_counts): Return and clear temp
counts. (store_validation_status): Keep track of which keyids have been
stored. (validate_one_keyblock, validate_key_list): Use per-uid copies of
the full & marginal counts so they can be recalled for multiple levels.
(validate_keys): Only use unused keys for each new round.
(reset_unconnected_keys): Rename to reset_trust_records, and only skip
specifically excluded records.
|
| | |
|
| |
|
|
|
|
|
| |
capabilities section.
* trustdb.c (is_disabled): Remove incorrect comment.
|
| |
|
|
|
|
|
|
| |
that the pk selfsigversion member accounts for 1F direct sigs.
* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches. Noted by Stefan Bellon.
|
| |
|
|
|
|
|
|
| |
terminates but check again for the existence of the directory and
continue then.
* openfile.c (copy_options_file): Print a warning if the skeleton
file has active options.
|
| | |
|
| |
|
|
|
|
|
|
| |
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
|
| |
|
|
|
|
|
|
| |
there are no keys to refresh or if there is no keyserver set.
* getkey.c (merge_selfsigs_main): Any valid user ID should make a key
valid, not just the last one. This also fixes Debian bug #174276.
|
| |
|
|
|
|
|
|
|
|
| |
expiration to a no-expiration value.
* keyedit.c (enable_disable_key): Comment.
* import.c (import_one): When in interactive mode and --verbose, don't
repeat some key information twice.
|
| | |
|
| |
|
|
|
|
| |
* import.c (import_one): Use merge_keys_and_selfsig in the
interactive mode to avoid wrong key information.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
disabled keys. Keys specified via keyid (i.e. 0x...) are always included.
* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.
* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt. Do include disabled keys for the default key and
--encrypt-to.
* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.
* gpgv.c (is_disabled): Stub.
|
| |
|
|
|
|
|
|
| |
warnings are not intended to be the be-all and end-all in security checks.
Add note to --group that when used on the command line, it may be
necessary to quote the argument so it is not treated as multiple
arguments. Noted by Stefan.
|
| |
|
|
|
|
|
|
| |
option.
* import.c (chk_self_sigs): Don't try and check a subkey as if it was a
signature.
|
| |
|
|
|
|
|
| |
together by warning the user and processing only the first.
* g10.c (main): Comment out --list-trust-path until it can be implemented.
|
| |
|
|
|
| |
what the program actually does. Noted by Dick Gevers.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
remove the RSA sign+encrypt warning.
* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to $hGPGHTTP and update instances of variable throughout FAQ in
introduction area and sections 1.1, 2.1 and 2.2
* Added section 1.4 - What conventions are used in this FAQ?
+ unices vs. win32 (with hyperlink (<Rhomedir>) to section 4.18 for
example
+ gpg.conf vs. options (with hyperlink (<Roptions>) to section 5.8
to note name change
* Corrected section 2.2 - Changed ftp URL (both display and link URLs)
from "ftp://ftp.gnupg.org/pub/gcrypt" to ftp://ftp.gnupg.org/gcrypt/,
and the display URL (not the actual link URL, it's correct) of the http
URL from "http://www.gnupg.org/mirror.html" to
"http://www.gnupg.org/mirrors.html"
* Included variable ($hVERSION) for easier updating of latest gpg
version when referenced (as in section 2.2)
* Included variable ($hGPGFTP) for default gnupg.org ftp location
(ftp://ftp.gnupg.org) for use in sections 2.2 and 4.16
* Corrected section 3.1 visual display of link from
"http://www.gnupg.org/gnupg.html#supsys" to
"http://www.gnupg.org/backend.html#supsys"
* Edited sections 3.1, 3.2, 5.2 to include $hGPGHTTP variable
* Corrected section 3.2 - Word typo ("avoided" was "avoiced").
* Corrected / edited section 3.3 -
+ corrected link: ftp://ftp.gnupg.dk/pub/contrib-dk/
for idea.c.gz, idea.c.gz.sig, ideadll.zip, ideadll.zip.sig
+ edited section to include all files and added
~/.gnupg/gpg.conf info
* Edited section 4.6 - As this section deals with loosing a public key,
I added a paragraph containing a hyperlink to the end of section 4.21
("I still have my secret key, but lost my public key..."). The
paragraph reads: "If you've lost your public key and need to recreate
it instead for continued use with your secret key, you may be able to
use gpgsplit as detailed in question <Rgpgsplit>."
* Edited section 4.15 - Added paragraph below table on GPGrelay, an
application for MUAs that lack OpenPGP (rfc2015) support to. "Users of
Win32 MUAs that lack OpenPGP support may look into using GPGrelay
<http://http://gpgrelay.sourceforge.net>, a small email-relaying
server that uses GnuPG to enable many email clients to send and
receive emails that conform to PGP-MIME (RFC 2015)."
suggested by: Andreas John <[email protected]>
* Corrected section 4.16 - Incorportated Werner's URL fix for gpgme FTP
location to synchronize local CVS with released FAQ version 1.5.8.
* Added section 4.19 - "How do I verify signed packages?"
suggested by: Christian Reis <[email protected]>
* Added section 4.20 - "How do I export a keyring with only selected
signatures?"
by: David Shaw <[email protected]>
* Added section 4.21 - "I still have my secret key, but lost my public
key. What can I do?"
by: Werner Koch <[email protected]>
* Added section 4.22 - "Clearsigned messages sent from my web-mail
account have an invalid signature. Why?"
by: David Scribner <[email protected]>
* Edited / Corrected section 5.8 - Changed question from "I just
installed the most recent version of GnuPG and don't have a
~/.gnupg/options file. Is this missing from the installation?" to
"GnuPG no longer installs a ~/.gnupg/options file. Is it missing?"
+ Added "An existing options file can be renamed to gpg.conf for
users upgrading, or receiving the message that the "old default
options file" is ignored (occurs if both a gpg.conf and an
options file are found)." to the end of the paragraph.
+ Corrected ~/.gnupg/gpg.conf (was ~/.gnupg/conf)
* Added section 5.9 - "How to you export GnuPG keys for use with PGP?"
by: David Shaw <[email protected]>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.
NOT YET TESTED!
|
| | |
|
| |
|
|
|
| |
--throw-keyid.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Minimal isn't always best.
* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time. Make sure that this doesn't
cause a time warp.
* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).
* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.
* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).
|
| |
|
|
|
|
| |
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
|
| |
|
|
|
|
|
|
|
| |
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode. This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.
* getkey.c (finish_lookup): Comment.
|
