| Commit message (Collapse) | Author | Files | Lines |
|---|
|
unknown and undefined trust. Removed the did_add cruft. Reported
by Janusz A. Urbanowicz.
* g10.c: New option --no-use-agent.
Hmmm, is this a a good name? --do-not-use-agent seems a bit to long.
|
|
is a cert. A sig has sigclass 0x00, 0x01, 0x02, or 0x40, and everything
else is a cert.
Add a "nrlsign" for nonrevocable and local key signatures.
Add a --no-force-mdc to undo --force-mdc.
Add a knob to force --disable-mdc/--no-disable-mdc. Off by default, of
course, but is used in --pgp2 and --pgp6 modes.
Allow specifying multiple users in the "Enter the user ID" loop. Enter a
blank line to stop. Show each key+id as it is added.
It is not illegal (though possibly silly) to have multiple policy URLs in
a given signature, so print all that are present.
More efficient implementation of URL-ifying code for --search on an HKP
keyserver.
|
|
so the user can set different policies for key and data signing. For
backwards compatibility, "--set-policy-url" sets both, as before.
|
|
encoded string.
|
|
turns off force_mdc, turns on no_comment, escape_from, and force_v3_sigs,
and sets compression to 1. It also restricts the user to IDEA (if
present), 3DES, CAST5, MD5, SHA1, and RIPEMD160. See the comments above
algo_available() for lots of discussion on why you would want to do this.
|
|
* passphrase.c (agent_open): Let it override the environment info.
* seckey-cert.c (check_secret_key): Always try 3 times when the
agent is enabled.
* options.skel: Describe --use-agent.
|
|
keys (this is in the RFC), so that they can be (sometimes) used along
OpenPGP keys. Do not force using IDEA on an OpenPGP key, as this may
violate its prefs.
Also, revise the help text for the sig class explanation.
|
|
Some fixes.
|
|
Remove get_temp_dir (it's in exec.c now)
Allow --delete-key (now --delete-keys, though --delete-key still works) to
delete multiple keys in one go. This applies to
--delete-secret-key(s) and --delete-secret-and-public-key(s) as well
|
|
|
|
|
|
it is needed to figure out the default recipient. Reported by
Roger Sondermann.
|
|
change default compression to 1
add ask-sig-expire and ask-cert-expire (--expert was getting absurdly
overloaded)
permit v3 subkeys
use --expert to protect adding multiple photo ids and adding photos to a
v3 key
|
|
commands.
* keydb.c (keydb_add_resource): Use access to test for keyring
existence. This avoids cached opened files which are bad under
RISC OS.
|
|
Warn with pgp2 and non-detached signatures
Use the actual filesize rather than partial length packets in
symmetric messages (see ChangeLog or NEWS for discussion).
|
|
and simpler code in keyserver
|
|
|
|
Properly handle permission/ownership checks on files that are shared (for
example /usr/local/lib/gnupg/idea)
|
|
is only one attribute packet defined thus far, and it's a picture)
|
|
but cannot be revoked. Any revocation certificates for them are ignored.
|
|
* getkey.c (get_ctx_handle): New.
* keylist.c (list_one): Implement option here. By David Champion.
|
|
that live there for safe permission/ownership (--no-permission-warning to
disable)
The newer glibcs print scary warnings about using mktemp(). The use here
was actually safe, but the warning was bound to confuse people, so here is
an arguably better tempname creator that pulls random bits from the pool.
|
|
|
|
IDEA warning for pk messages encrypted with IDEA (symmetric is already done)
Print IDEA warning for each occurance except for secret key protection and
unknown cipher from an encrypted message.
|
|
|
|
pops up when the user uses "--cipher-algo idea", when setpref is used to
set a "S1" preference, and when a secret key protected with IDEA is used.
Tweak the --pgp2 mode to use this generic warning.
|
|
* pubkey-enc.c (get_session_key): Check that the public key
algorithm is indeed usable for en/decryption. This avoid a
strange error message from pubkey_decrypt if for some reasons a
bad algorithm indentifier is passed.
* hkp.c (hkp_export): Do not print possible control characters
from a keyserver response.
(parse_hkp_index): Made uid an unsigned char* because it is passed to
isspace().
(hkp_search): Ditto for the char* vars.
* g10.c (main): Print the IDEA warning also for -c and -se.
* g10.c (get_temp_dir): Assert that we have dropped privs
* encode.c (encode_crypt): Include the first key into the --pgp2
check.
|
|
warning if the user does something that would make the message not
compatible (i.e. encrypt with a non-RSA key, etc.)
|
|
Do not allow signing a revoked UID unless --expert is set, and ask even then.
Do not allow signing a revoked key unless --expert is set, and ask even then.
|
|
Allow setting a no-compression preference
|
|
|
|
displays in key listings, and shows flags for signature features.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
