aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* More tests added; make distcheck worksWerner Koch2006-03-0733-7805/+8146
|
* * gpg.sgml: Document --auto-key-locate.David Shaw2006-03-072-5/+47
|
* * sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as thatDavid Shaw2006-03-072-3/+5
| | | | | is not a PGP 2.x algorithm.
* * mainproc.c (proc_compressed): "Uncompressed" is not a valid compressionDavid Shaw2006-03-062-1/+8
| | | | | algorithm.
* Stricter test of allowed signature packet compositions.Werner Koch2006-03-067-123/+299
| | | | | There is still one problem to solve.
* Fixed problem with PGP2 style signatures and mutilple plaintext dataWerner Koch2006-03-065-40/+74
|
* Replaced an assert and fixed batch mode issue in cardglue.Werner Koch2006-03-056-14/+43
|
* * gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAPDavid Shaw2006-03-032-5/+15
| | | | | libraries that have TLS.
* * getkey.c (parse_auto_key_locate): Error if the user selects "cert" orDavid Shaw2006-03-013-10/+20
| | | | | | | | | "pka" when those features are disabled. * misc.c (has_invalid_email_chars): Fix some C syntax that broke the compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha. Noted by Nelson H. F. Beebe.
* * configure.ac: Fix accidental enabling of SHA-384/512. Noted by NelsonDavid Shaw2006-03-012-1/+6
| | | | | H. F. Beebe.
* * options.skel: Document auto-key-locate and give a pointer to SimonDavid Shaw2006-02-272-0/+29
| | | | | Josefsson's page for CERT.
* * gpg.sgml: Document new --keyserver syntax.David Shaw2006-02-252-9/+17
|
* * keydb.h, getkey.c (release_akl), gpg.c (main): AddDavid Shaw2006-02-248-27/+114
| | | | | | | | | | | | | | | --no-auto-key-locate. * options.h, gpg.c (main): Keep track of each keyserver registered so we can match on them later. * keyserver-internal.h, keyserver.c (cmp_keyserver_spec, keyserver_match), gpgv.c: New. Find a keyserver that matches ours and return its spec. * getkey.c (get_pubkey_byname): Use it here to get the per-keyserver options from an earlier keyserver.
* * keyserver.c (parse_keyserver_options): Only change max_cert if it isDavid Shaw2006-02-242-1/+4
| | | | | used.
* * options.c, gpg.c (main), keyserver.c (keyserver_spawn): No specialDavid Shaw2006-02-234-26/+19
| | | | | | treatment of include-revoked, include-subkeys, and try-dns-srv. These are keyserver features, and GPG shouldn't get involved here.
* * ksutil.c (init_ks_options): Default include-revoked and include-subkeysDavid Shaw2006-02-232-0/+7
| | | | | to on, as gpg isn't doing this any longer.
* * keyserver.c (parse_keyserver_uri, add_canonical_option): Always appendDavid Shaw2006-02-232-3/+7
| | | | | options to the list, as ordering may be significant to the user.
* * gpg.c (add_notation_data): Fix reversed logic for isascii check whenDavid Shaw2006-02-232-1/+4
| | | | | adding notations. Noted by Christian Biere.
* * options.h, keyserver.c (add_canonical_option): New.David Shaw2006-02-234-20/+54
| | | | | | | (parse_keyserver_options): Moved from here. (parse_keyserver_uri): Use it here so each keyserver can have some private options in addition to the main keyserver-options (e.g. per-keyserver auth).
* * options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),David Shaw2006-02-226-9/+45
| | | | | | getkey.c (free_akl, parse_auto_key_locate, get_pubkey_byname): The obvious next step: allow arbitrary keyservers in the auto-key-locate list.
* * gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down onDavid Shaw2006-02-222-0/+8
| | | | | odd matches.
* * options.h, keyserver.c (parse_keyserver_options): RemoveDavid Shaw2006-02-223-7/+9
| | | | | | auto-cert-retrieve as it is no longer meaningful. Add max-cert-size to allow users to pick a max key size retrieved via CERT.
* * options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.cDavid Shaw2006-02-225-10/+19
| | | | | | (keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be consistent with honor-keyserver-url.
* * options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):David Shaw2006-02-225-64/+139
| | | | | | Parse a list of key access methods. (get_pubkey_byname): Walk the list here to try and retrieve keys we don't have locally.
* * gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allowDavid Shaw2006-02-222-29/+33
| | | | | duplicate attributes as OpenLDAP is now enforcing this.
* * gpgkeys_ldap.c (main): Add binddn and bindpw so users can passDavid Shaw2006-02-222-16/+78
| | | | | credentials to a remote LDAP server.
* * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,David Shaw2006-02-223-4/+7
| | | | | curl_easy_perform): Mingw has 'stderr' as a macro?
* * getkey.c (get_pubkey_byname): Fix minor security problem with PKA whenDavid Shaw2006-02-215-6/+27
| | | | | | | | | | importing at -r time. The URL in the PKA record may point to a key put in by an attacker. Fix is to use the fingerprint from the PKA record as the recipient. This ensures that the PKA record is followed. * keyserver-internal.h, keyserver.c (keyserver_import_pka): Return the fingerprint we requested.
* * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,David Shaw2006-02-213-3/+26
| | | | | | curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for easier debugging.
* * gpgv.c: Stub keyserver_import_ldap.David Shaw2006-02-214-0/+47
| | | | | | * keyserver-internal.h, keyserver.c (keyserver_import_ldap): Import using the PGP Universal trick of asking ldap://keys.(maildomain) for the key.
* * keyserver.c (parse_keyserver_uri): Include the scheme in the uriDavid Shaw2006-02-212-2/+12
| | | | | even when we've assumed "hkp" when there was no scheme.
* * http.c (send_request): A zero length proxy is the same as no proxy.David Shaw2006-02-192-1/+6
|
* * configure.ac: Try linking the UINT64_C test program (rather thanDavid Shaw2006-02-192-2/+8
| | | | | | just compiling it) as UINT64_C looks like a (missing) function, causing a false positive. Noted by Claus Assmann.
* about to release 1.4.3rc1gnupg-1.4.3rc1Werner Koch2006-02-1438-18743/+20536
|
* Fixed a wrong return code with gpg --verifyWerner Koch2006-02-1413-36/+116
|
* Lock random seed fileWerner Koch2006-02-097-2/+106
|
* Fixed a couple of problemsWerner Koch2006-02-081-20/+59
|
* Add support fro CardMan 4040Werner Koch2006-02-063-241/+563
|
* * cert.c (get_cert): Disable IPGP types for now until the format questionsDavid Shaw2006-01-263-2/+12
| | | | | | | in the draft are settled. * srv.c (getsrv): Error on oversize SRV responses.
* * keyserver.c (parse_keyserver_uri): If there is a path present, set theDavid Shaw2006-01-242-0/+8
| | | | | direct_uri flag so the right keyserver helper is run.
* * keyserver.c (keyserver_spawn): Include the EXEEXT so we can findDavid Shaw2006-01-223-3/+21
| | | | | | | | keyserver helpers on systems that use extensions. * misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing with drive letter systems.
* * configure.ac: Add define for EXEEXT so we can find keyserver helpersDavid Shaw2006-01-222-0/+8
| | | | | on systems that use extensions.
* * keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" aDavid Shaw2006-01-174-20/+43
| | | | | | | | | | | | | passphrase as if it was used (move from next_pw to last_pw). * pubkey-enc.c (get_session_key): Use it here to handle the case where a passphrase happens to be correct for a secret key, but yet that key isn't the anonymous recipient (i.e. the secret key could be decrypted, but not the session key). This also handles the case where a secret key is located on a card and a secret key with no passphrase. Note this does not fix bug 594 (anonymous recipients on smartcard do not work) - it just prevents the anonymous search from stopping when the card is encountered.
* * libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.David Shaw2006-01-172-6/+13
|
* * libcurl.m4: Remove GOPHER, as that is not supported in libcurl anyDavid Shaw2006-01-162-4/+8
| | | | | longer.
* * gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST whenDavid Shaw2006-01-162-13/+21
| | | | | uploading a key.
* * keyserver.c (keyserver_refresh): Fix problem when more than one keyDavid Shaw2006-01-072-1/+7
| | | | | | in a refresh batch has a preferred keyserver set. Noted by Nicolas Rachinsky.
* * mainproc.c (check_sig_and_print), keyserver.cDavid Shaw2006-01-014-3/+8
| | | | | | | (keyserver_import_pka), card-util.c (fetch_url): Always require a scheme:// for keyserver URLs except when used as part of the --keyserver command for backwards compatibility.
* * sign.c (write_signature_packets): Lost a digest_algo line.David Shaw2006-01-012-0/+3
|
* * sign.c (hash_for): Add code to detect if the sk lives on a smartDavid Shaw2006-01-013-19/+44
| | | | | | | | | | | | card. If it does, only allow 160-bit hashes, a la DSA. This involves passing the *sk in, so change all callers. This is correct for today, given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160 support in the openpgp card. It will almost certainly need changing down the road. * app-openpgp.c (do_sign): Give user error if hash algorithm is not supported by the card.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 08:35:35 +0000