| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
user ID so the new ID gets validity set. Reported by Owen Taylor.
|
| |
|
|
|
|
| |
--bzip2-compress-lowmem to --bzip2-decompress-lowmem since it applies to
decompression, not compression.
|
| |
|
|
|
|
| |
menu_revsig, menu_showphoto): --keyid-format conversion.
(menu_addrevoker): Use print_pubkey_info() rather than duplicating code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
functions in log_debug.
* import.c (import_one): Try and collapse user IDs when importing a key
for the first time.
* keyedit.c (menu_addrevoker): Allow appointing a subkey as a designated
revoker if the user forces it via keyid!, so long as the subkey can
certify. Also use the proper date string when prompting for confirmation.
* g10.c (main): Maintain ordering of multiple Comment lines. Requested by
Peter Hyman.
|
| |
|
|
|
| |
--keyid-format conversion.
|
| |
|
|
|
|
| |
premerge_public_with_secret, lookup, get_user_id_string): --keyid-format
conversion.
|
| |
|
|
|
| |
get_validity, ask_ownertrust, validate_keys): --keyid-format conversion.
|
| |
|
|
|
|
|
| |
and a little better text. (import_one, import_secret_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, merge_blocks): Still
more --keyid-format conversions.
|
| |
|
|
|
|
|
| |
conversion. (list_keyblock_print): 0xshort should not push us into the new
list format since it is not much longer than regular 8-character short
keyids.
|
| |
|
|
|
|
|
|
|
| |
a key string from a key in one step. This isn't faster than before, but
makes for neater code.
* keylist.c (list_keyblock_print): Use keystr_from_xx here.
(print_key_data): No need to pass a keyid in.
|
| |
|
|
|
| |
keyids so we don't have to calculate them each time.
|
| |
|
|
|
|
|
|
|
| |
support their pk algorithm. This allows for early (during get_*)
rejection of a subkey, and selection of another.
* passphrase.c (passphrase_to_dek): Give a little more information when we
have room to do so.
|
| |
|
|
|
|
|
|
|
|
|
| |
(passphrase_to_dek), keyserver.c (print_keyrec): A few more places to use
--keyid-format.
* options.h, g10.c (main), export.c (parse_export_options,
do_export_stream): Remove --export-all and the "include-non-rfc"
export-option as they are no longer meaningful with the removal of v3
Elgamal keys.
|
| |
|
|
|
| |
(iobuf_set_block_mode, iobuf_in_block_mode): Removed as superfluous.
|
| | |
|
| |
|
|
|
| |
encoding for the faked plaintext packet.
|
| |
|
|
|
|
| |
verify-option show-long-keyids and replace with the more general
keyid-format.
|
| |
|
|
|
|
|
|
|
|
|
| |
length mode and change all callers. (do_plaintext): Turn off partial
length encoding now that we're done writing the packet. (do_comment,
do_user_id): Try for a headerlen of 2 since that's the smallest and most
likely encoding for these packets.
* parse-packet.c (parse): Remove call to start old gpg partial length
mode.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
replace the list-option (and eventually verify-option) show-long-keyids.
The format can be short, long, 0xshort, and 0xlong.
* keydb.h, keyid.c (keystr, keystrlen): New functions to generate a
printable keyid.
* keyedit.c (print_and_check_one_sig, show_key_with_all_names), keylist.c
(list_keyblock_print): Use new keystr() function here to print keyids.
|
| |
|
|
|
|
|
|
| |
(copy_packet, skip_packet, skip_rest, read_rest, parse_plaintext,
parse_encrypted, parse_gpg_control): Use a flag to indicate partial or
indeterminate encoding. This is the first step in some minor surgery to
remove the old gpg partial length encoding.
|
| |
|
|
|
| |
OpenPGP partial length encoding.
|
| |
|
|
|
| |
with a 5-byte length that happens to be zero.
|
| | |
|
| |
|
|
|
|
| |
can't handle blank lines after a \ continuation. Noted by Christoph
Moench-Tegeder.
|
| | |
|
| | |
|
| |
|
|
|
| |
--default-cert-level.
|
| |
|
|
|
|
| |
merge-only, remove old honor-http-proxy, --merge-only, and
--emulate-md-encode-bug. Document COLUMNS and LINES.
|
| |
|
|
|
|
|
| |
* NEWS: Note --max-output, --list-config, --min-cert-level, AIX fix, new
http-proxy keyserver-option, new LDAP server code, TLS, LDAPS, and
--show-session-key with --symmetric.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
present if --expert is set.
* plaintext.c (handle_plaintext): Make bytecount static so it works with
multiple literal packets inside a message.
* encode.c, helptext.c (keygen.algo, keygen.algo.elg_se), keygen.c
(ask_algo), sig-check.c (do_check_messages), skclist.c (build_sk_list):
Rename "ElGamal" to "Elgamal" as that is the proper spelling nowadays.
Suggested by Jon Callas.
|
| |
|
|
|
|
|
| |
attributes. This guarantees that if something goes wrong, we won't be
able to complete the transaction, thus leaving any key already existing on
the server intact.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* encode.c (encode_simple): Show cipher with --verbose.
* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level. If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
|
| | |
|
| |
|
|
|
|
|
|
| |
functionality added. Optional deduping functionality added (currently
only used for pgpSignerID). (build_attrs): Translate sig entries into
pgpSignerID. Properly build the timestamp for pgpKeyCreateTime and
pgpKeyExpireTime.
|
| |
|
|
|
|
| |
--min-cert-check-level option to specify minimum cert check level.
Defaults to 2 (so 0x11 sigs are ignored). 0x10 sigs cannot be ignored.
|
| |
|
|
|
|
|
|
|
| |
with NULL (a "delete" that works even for nonexistant attributes).
(send_key): Use it here to remove attributes so a modify operation starts
with a clean playing field. Bias sends to modify before add, since (I
suspect) people update their existing keys more often than they make and
send new keys to the server.
|
| |
|
|
|
| |
(do not limit output at all).
|
| |
|
|
|
|
|
| |
header lines, and include "sig:" records for the benefit of people who
store their keys in LDAP servers. It makes it easy to do queries for
things like "all keys signed by Isabella".
|
| |
|
|
|
|
|
|
|
|
| |
(make_one_attr): New. Build a modification list in memory to send to the
LDAP server. (build_attrs): New. Parse INFO lines sent over by gpg.
(free_mod_values): New. Unwinds a modification list.
(send_key_keyserver): Renamed from old send_key(). (send_key): New
function to send a key to a LDAP server. (main): Use send_key() for real
LDAP servers, send_key_keyserver() otherwise.
|
| | |
|
| |
|
|
|
| |
the keyserver helpers.
|
| | |
|
| |
|
|
|
|
|
| |
IDs. (keyserver_import): Clarify error message. (keyserver_spawn):
Properly handle 8 bit characters in user IDs in the info lines during
SEND.
|
| |
|
|
|
| |
and unsetenv().
|
| |
|
|
|
| |
* Makefile.am: Include @LIBOBJS@ for replacement functions.
|
| |
|
|
|
|
|
|
| |
* Makefile.am: We get mkdtemp.c from libutil.a now, so don't link with
@LIBOBJS@.
* keyserver.c (keyserver_spawn): Pass the scheme to the keyserver helper.
|
| |
|
|
|
|
|
|
|
|
| |
(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user whatever
the server did give us. (find_basekeyspacedn): There is no guarantee that
namingContexts will be readable.
* Makefile.am: Link gpgkeys_ldap with libutil.a to get the replacement
functions (and eventually translations, etc).
|
| |
|
|
|
|
|
| |
correct for timezones. (main): Find the basekeyspacedn before we try to
start TLS, so we can give a better error message when a user tries to use
TLS with a LDAP keyserver.
|
| |
|
|
|
| |
making gpgkeys_ldaps symlink to gpgkeys_ldap.
|
| |
|
|
|
|
|
|
|
|
| |
gpgkeys_ldap when needed.
* gpgkeys_ldap.c (main): Add support for LDAPS and TLS connections.
These are only useful and usable when talking to real LDAP keyservers.
Add new "tls" option to tune TLS use from off, to try quietly, to try
loudly, or to require TLS.
|
