aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.David Shaw2006-04-263-1567/+2
|
* * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer asDavid Shaw2006-04-266-30/+21
| | | | | | | | this is done via curl or fake-curl. * ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor #include tweaks as FAKE_CURL is no longer meaningful.
* * keyserver.c: Fix build problem with platforms that stick libcurl inDavid Shaw2006-04-222-3/+5
| | | | | a place not in the regular include search path.
* * make-dns-cert.c (main): Small exit code tweak from Peter Palfrader.David Shaw2006-04-202-1/+6
|
* * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. DefaultsDavid Shaw2006-04-205-34/+145
| | | | | | | | | | | | | | | | to disable. * pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to truncate hashes to fit DSA keys. * sign.c (match_dsa_hash): New. Return the best match hash for a given q size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it has q==160, assume it is an old DSA key and don't allow truncation unless --enable-dsa2 is also set. q!=160 always allows truncation since they must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a --cert-digest-algo, use match_dsa_hash to pick the best hash for key signatures.
* (generate): Tweak to allow keys larger than 1024 bits. Enforce that the qDavid Shaw2006-04-202-1/+4
| | | | | size doesn't end between byte boundaries.
* The plumbing necessary to create DSA keys with variable sized q.David Shaw2006-04-204-9/+34
| | | | | Not yet used (q==160).
* * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): AddDavid Shaw2006-04-208-50/+98
| | | | | | | | | | | | | | SHA-224. * sign.c (write_plaintext_packet), encode.c (encode_simple): Factor common literal packet setup code from here, to... * main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the literal packet filename field is UTF-8 encoded. * options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded and note when filenames are already UTF-8.
* * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512.David Shaw2006-04-203-0/+23
|
* Add SHA-224 supportDavid Shaw2006-04-206-7/+90
|
* * keyedit.c (menu_backsign): Give some more verbose errors when weDavid Shaw2006-04-192-6/+26
| | | | | have no need to backsign.
* * gpg.sgml: Reminders that --cipher-algo, --digest-algo, andDavid Shaw2006-04-192-6/+20
| | | | | --compress-algo should be avoided.
* * miscutil.c (make_printable_string): Fix bug where some controlDavid Shaw2006-04-172-1/+6
| | | | | characters lose part of their ASCII representation.
* use minimal posix sed Werner Koch2006-04-124-8/+20
|
* * memory.c (realloc): Revert m_guard fix and stick an #error in there toDavid Shaw2006-04-112-4/+10
| | | | | inform people not to use it.
* * options.skel, photoid.c (get_default_photo_command): Find an imageDavid Shaw2006-04-113-6/+24
| | | | | viewer at runtime. Seems FC5 doesn't have xloadimage.
* .Werner Koch2006-04-111-0/+0
|
* Add new regression testWerner Koch2006-04-115-9/+204
|
* * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quoteDavid Shaw2006-04-112-47/+13
| | | | | directly into place rather than mallocing temporary buffers.
* * gpgkeys_ldap.c (get_name): Build strings with strcat rather thanDavid Shaw2006-04-112-8/+22
| | | | | using sprintf which is harder to read and modify.
* * ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORTDavid Shaw2006-04-114-15/+108
| | | | | | | | and KS_SEARCH_KEYID_LONG to search for a key ID. * gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID searches to pgpKeyID or pgpCertID.
* * gpg.sgml: Some typo fixes. This is Debian 361324.David Shaw2006-04-092-6/+10
|
* * getkey.c (parse_auto_key_locate): Fix dupe-removal code.David Shaw2006-04-095-20/+41
| | | | | | | | | | | | | * keyedit.c (menu_backsign): Allow backsigning even if the secret subkey doesn't have a binding signature. * armor.c (radix64_read): Don't report EOF when reading only a pad (=) character. The EOF actually starts after the pad. * gpg.c (main): Make --export, --send-keys, --recv-keys, --refresh-keys, and --fetch-keys follow their arguments from left to right. Suggested by Peter Palfrader.
* Fixed segvWerner Koch2006-04-082-2/+9
|
* See ChangeLogWerner Koch2006-04-087-35/+83
|
* * memory.c (realloc): Fix compile problem with --enable-m-guard.David Shaw2006-04-062-5/+9
|
* * make-dns-cert.c: Some changes from Peter Palfrader to send errors toDavid Shaw2006-04-052-20/+53
| | | | | | | stderr and allow spaces in a fingerprint. Also warn when a key is over 16k (as that is the default max-cert-size) and fail when a key is over 64k as that is the DNS limit in many places.
* * make-dns-cert.c: New program to generate properly formatted CERT recordsDavid Shaw2006-04-043-1/+220
| | | | | so people don't have to do it manually.
* post release updatesWerner Koch2006-04-034-2/+10
|
* About to release 1.4.3gnupg-1.4.3Werner Koch2006-04-0343-10104/+10657
|
* * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.David Shaw2006-04-012-5/+12
| | | | | Fix strings to not start with a capital letter as per convention.
* Update copyrightDavid Shaw2006-03-301-1/+2
|
* * main.h, seskey.c (encode_md_value): Modify to allow a q size greaterDavid Shaw2006-03-305-35/+94
| | | | | | | | | | | | than 160 bits as per DSA2. This will allow us to verify and issue DSA2 signatures for some backwards compatibility once we start generating DSA2 keys. * sign.c (do_sign), sig-check.c (do_check): Change all callers. * sign.c (do_sign): Enforce the 160-bit check for new signatures here since encode_md_value can handle non-160-bit digests now. This will need to come out once the standard for DSA2 is firmed up.
* * README: Some more notes about building fat binaries.David Shaw2006-03-302-1/+8
|
* * cert.c (main): Fix test program build warning on OSX.David Shaw2006-03-302-2/+6
|
* * gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they useDavid Shaw2006-03-272-0/+8
| | | | | the regular old API that is compatible with other LDAP libraries.
* * README: Missing some instructions on building a fat binary.David Shaw2006-03-252-1/+5
|
* * getkey.c (parse_auto_key_locate): Silently strip out duplicates ratherDavid Shaw2006-03-222-5/+15
| | | | | than causing an error.
* Changed URLsWerner Koch2006-03-223-3/+8
|
* * mainproc.c (get_pka_address): Fix bug introduced as part ofDavid Shaw2006-03-222-1/+6
| | | | | sig_to_notation conversion. Noted by Peter Palfradrer.
* Allow for rmd160 signatures when using gpg-agent.Werner Koch2006-03-213-1/+13
|
* * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previousDavid Shaw2006-03-207-13/+18
| | | | | change. It's now all done in configure.
* * configure.ac: Improved --disable-endian-check that doesn't involveDavid Shaw2006-03-202-7/+20
| | | | | changing #ifdefs in the rest of the code.
* * configure.ac: Add --disable-endian-check for building fat binariesDavid Shaw2006-03-203-12/+44
| | | | | | | on OSX. * README: Add note on how to build a fat binary on OSX.
* * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if'David Shaw2006-03-207-13/+21
| | | | | | | rather than '#ifdef' BIG_ENDIAN_HOST. Harmless as we explicitly define BIG_ENDIAN_HOST to 1 when we need it, but needed for OSX fat builds when we define BIG_ENDIAN_HOST to another macro.
* * configure.ac: Allow the DNS stuff to work on OSX by trying theDavid Shaw2006-03-182-3/+28
| | | | | Apple-specific BIND_8_COMPAT.
* * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type forDavid Shaw2006-03-173-24/+43
| | | | | | | both the fingerprint alone, and fingerprint+URL cases. * getkey.c (get_pubkey_byname): Minor cleanup.
* * cert.c (get_cert): Handle the fixed IPGP type with fingerprint.David Shaw2006-03-165-19/+71
|
* * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use theDavid Shaw2006-03-144-31/+61
| | | | | | | | | | | | same API as the other auto-key-locate fetchers. * getkey.c (get_pubkey_byname): Use the fingerprint of the key that we actually fetched. This helps prevent problems where the key that we fetched doesn't have the same name that we used to fetch it. In the case of CERT and PKA, this is an actual security requirement as the URL might point to a key put in by an attacker. By forcing the use of the fingerprint, we won't use the attacker's key here.
* * keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,David Shaw2006-03-144-26/+40
| | | | | | keyserver_import_cert, keyserver_import_name, keyserver_import_ldap): Pass fingerprint info through.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 05:46:35 +0000