| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* protect-tool.c (main): Ditto.
* signal.c (got_fatal_signal, got_usr_signal)
(got_fatal_signal) [DOSISH]: Don't build.
* simple-gettext.c: Include sysutils.h
* homedir.c: New.
* Makefile.am (libcommon_a_SOURCES): Add it.
(EXTRA_DIST): Removed mkerror and mkerrtok.
* gpgv.c, g10.c (main): Use default_hoemdir ().
* scdaemon.c (main): Use default_homedir().
* gpgsm.c (main): Use default_homedir().
|
| | |
|
| |
|
|
|
| |
default filename.
|
| |
|
|
|
|
|
|
|
|
| |
Introduce PACKAGE_GT and set it to gnupg2.
* gpg-agent.c (main): Use new libgcrypt thread library register
scheme.
* Makevars (DOMAIN): Init from PACKAGE_GT
|
| | |
|
| |
|
|
|
|
|
|
| |
* g10.c: New options --gpgconf-list, --debug-level and --log-file
(set_debug): Add arg DEBUG_LEVEL.
(main): Look at less and less version specific config files. From
gnupg 1.3.
|
| |
|
|
|
| |
* Makefile.am: Include cmacros.am for common flags.
|
| |
|
|
|
|
|
|
| |
check the PIN in advance.
(card_status): Add new args to return the serial number. Changed
all callers.
* call-agent.c (agent_scd_checkpin): New.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
structure, so that it can indeed be updated.
* card-util.c (fpr_is_zero): New.
(generate_card_keys): New.
(card_edit): New command "generate".
* keygen.c (generate_keypair): New arg CARD_SERIALNO, removed call
to check_smartcard.
(check_smartcard,show_smartcard): Removed.
(show_sha1_fpr,fpr_is_zero): Removed.
* app-openpgp.c (do_getattr): Support SERIALNO and AID.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* card-util.c (card_status): Use tty_fprintf for all output.
(print_sha1_fpr, print_isoname): Ditto.
(get_one_name,change_name, change_url, change_login,change_lang)
(change_sex): New; taken from keygen.c.
* keygen.c (smartcard_get_one_name, smartcard_change_name)
(smartcard_change_url, smartcard_change_login_data)
(smartcard_change_lang, smartcard_change_sex): Removed.
(check_smartcard): Removed most menu items.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(gpgsm_exit): Update the random seed file and enable debug output.
* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.
* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.
|
| |
|
|
|
|
|
|
|
| |
* card-util.c (card_status): New.
* call-agent.c (learn_status_cb): Parse more information.
* keylist.c (print_pubkey_info): Add FP arg for optinal printing
to a stream. Changed all callers.
|
| |
|
|
|
|
| |
(do_generate_keypair): Abd generate the authkey.
(check_smartcard): Changed menu accordingly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* seskey.c (encode_session_key): Debug output of the session key.
* pubkey-enc.c (get_it): Handle card case.
* call-agent.c (agent_scd_pkdecrypt): New.
* pkglue.c (pk_encrypt): Add RSA support.
* g10.c (main): Default to --use-agent.
* keygen.c (show_smartcard): Print info about the public key.
(check_smartcard): Check for existing key here.
(gen_card_key): And not anymore here.
(fpr_is_zero): New.
(generate_keypair): Generate both keys for a card.
(smartcard_change_url): Nw.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types. Note, that not all changes are listed below becuause they are
too similar and done at far too many places. As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
|
| |
|
|
|
|
| |
(Sorry, it does not build currently - I need to check it in to avoid
duplicate work.)
|
| |
|
|
| |
'GNUPG-1-9-BRANCH'.
|
| |
|
|
| |
'GNUPG-1-9-BRANCH'.
|
| |
|
|
|
| |
before the options file is loaded.
|
| |
|
|
|
|
| |
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
|
| |
|
|
|
| |
log_warning severity level from info to error.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* export.c (do_export_stream): Comment.
* sig-check.c (check_key_signature2): Properly handle a
non-designated revocation import.
2002-09-26 Werner Koch <[email protected]>
* g10.c (set_homedir): New. Changed all direct assignments to use
this.
* gpgv.c (set_homedir): Ditto.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* keyedit.c (menu_addrevoker): The direct key signature for revocation
keys must be at least v4 to carry the revocation key subpacket. Add a PGP
2.x warning for revocation keys.
* g10.c (check_permissions): Rearrange strings to make translating easier
(don't incorporate string parts).
* keyedit.c (sign_uids): Make strings translatable.
* sig-check.c (check_key_signature2): Make string translatable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2002-09-13 David Shaw <[email protected]>
* getkey.c (check_revocation_keys): Move....
* main.h, sig-check.c (check_revocation_keys): to here. Also
return the signature_check error code rather than 0/1 and cache
the sig result.
* sig-check.c (check_key_signature2): Divert to
check_revocation_keys if a revocation sig is made by someone other
than the pk owner.
* getkey.c (merge_selfsigs_main): Tidy.
2002-09-13 Werner Koch <[email protected]>
* g10.c (main) [__MINGW32__]: Activate oLoadExtension.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
|
| | |
|
| |
|
|
|
|
|
| |
Use a better error message for when no = is found.
* hkp.c (hkp_export): Use CRLF in headers.
|
| |
|
|
|
|
|
|
|
| |
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.
* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
chk_self_sigs. This improves efficiency as the same signatures are not
checked multiple times. Clarify when a subkey is revoked (any revocation
signature, even if it is dated before the binding signature).
* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.
* keylist.c (list_one): Stats are only for public key listings.
* g10.c (main), options.skel: Default should be include-revoked for
keyserver operations.
|
| |
|
|
|
|
|
|
|
| |
* g10.c (main): enable opt.interactive.
* import.c (import_one): Ask the user if the key shall be
imported when the interactive mode is used. Useful to extract
selected keys from a file.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
symmetric compressed files.
* encode.c (encode_simple, encode_crypt): If we are not using a MDC,
compress even if a file is already compressed. This is to help against
the chosen ciphertext attack.
* pkclist.c (select_algo_from_prefs): Fix requested algorithm bug so the
request succeeds even if the requested algorithm is not the first found.
* cipher.c (write_header), encode.c (use_mdc, encode_simple, encode_crypt,
encrypt_filter), g10.c (main): Be more eager to use a MDC. We use a MDC
if the keys directly support it, if the keys list AES (any) or TWOFISH
anywhere in the prefs, or if the cipher chosen does not have a 64 bit
blocksize.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
restarting gpg. This is Debian bug 124219, though their supplied patch
will not do the right thing.
* main.h, tdbio.c (tdbio_set_dbname), misc.c (removed check_permissions),
keydb.c (keydb_add_resource), g10.c (main, check_permissions): Significant
reworking of the permission check mechanism. The new behavior is to check
everything in the homedir by checking the homedir itself. If the user
wants to put (possibly shared) keyrings outside the homedir, they are not
checked. The options file and any extension files are checked wherever
they are, as well as their enclosing directories. This is Debian bug
147760.
|
| | |
|
| |
|
|
|
| |
option to turn a MDC check error into a warning.
|
| |
|
|
|
|
|
|
|
| |
clearsign_file): Use the same --pgpX warning string everywhere to ease
translations.
* encode.c (write_pubkey_enc_from_list): Warn when using --throw-keyid
with --pgpX. Noted by Vedaal Nistar.
|
| |
|
|
|
| |
* openfile.c (copy_options_file): Changed name of created file.
|
| |
|
|
|
|
|
|
|
| |
decryption failed error if a MDC does not verify. Warn if a MDC is not
present (can disable via --no-mdc-warning).
* exec.c (exec_write), g10.c (main), keyserver.c (keyserver_spawn): Use
new DISABLE_KEYSERVER_PATH rather than FIXED_EXEC_PATH.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
delete_inv_parts), g10.c (main): New import-option
"repair-hkp-subkey-bug", which repairs as much as possible the HKP
mangling multiple subkeys bug. It is on by default for keyserver
receives, and off by default for regular --import.
* main.h, import.c (import, import_one, delete_inv_parts), hkp.c
(hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver import
options when doing keyserver receives.
|
| |
|
|
|
|
|
|
| |
keyserver.c (keyserver_spawn): If the user does not use "exec-path",
completely replace $PATH with GNUPG_LIBEXECDIR before calling the
keyserver helper. If the user does use "exec-path", append
GNUPG_LIBEXECDIR after the specified path.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
delete_inv_parts), keyserver.c (parse_keyserver_options): add new
--import-options option. The only current flag is "allow-local-sigs".
* g10.c (main): Don't disable MDC in pgp7 mode.
* options.h, g10.c (main), keyserver.c (parse_keyserver_options): Remove
old keyserver-option include-attributes now that there is an export-option
for the same thing.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
g10.c (main): add new --export-options option. Current flags are
"include-non-rfc", "include-local-sigs", "include-attributes", and
"include-sensitive-revkeys".
* options.h, hkp.c (hkp_export), keyserver.c (parse_keyserver_options,
keyserver_spawn): try passing unknown keyserver options to export options,
and if successful, use them when doing a keyserver --send-key.
* build-packet.c (build_sig_subpkt): We do not generate
SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
designated revoker means "sensitive", not "local". It's exportable under
the right circumstances.
* main.h, options.h, export.c (do_export_stream), g10.c (main), hkp.c
(hkp_export), keyserver.c (keyserver_spawn: Add a flag to skip attribute
packets and their signatures while exporting. This is to accomodate
keyservers (pksd again) that choke on attributes. Use keyserver-option
"include-attributes" to control it. This defaults to ON (i.e. don't
skip).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIXED_PHOTO_VIEWER and DISABLE_PHOTO_VIEWER.
* mainproc.c (check_sig_and_print): Use --show-photos to show photos when
verifying a sig made by a key with a photo.
* keyserver.c (parse_keyserver_uri): Properly parse a URI with no :port
section and an empty file path, but with a terminating '/'.
(keyserver_work): Honor DISABLE_KEYSERVER_HELPERS.
* hkp.c (hkp_ask_import): Display keyserver URI as a URI, but only if
verbose.
* exec.c, g10.c: USE_EXEC_PATH -> FIXED_EXEC_PATH
|
| |
|
|
|
|
| |
USE_EXEC_PATH is defined at compile time, use it to lock the exec-path and
not allow the user to change it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
use the original keyserver URI for cosmetics rather than trying to
recreate it when needed.
* mainproc.c (check_sig_and_print): Properly disregard expired uids.
Make sure that the first uid listed is a real uid and not an attribute
(attributes should only be listed in the "aka" section). When there are
no valid textual userids, try for an invalid textual userid before using
any attribute uid.
|
