| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
* keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT flag.
It's no longer needed.
|
|
causes confusing warning messages when importing a PGP-exported key
that contains a secret key without selfsigs followed by the public
key.
|
|
when fetching a URI.
* keyserver-internal.h, keyserver.c (keyserver_fetch): New. Fetch an
arbitrary URI using the keyserver helpers.
* gpg.c (main): Call it from here for --fetch-keys.
|
|
since we may unprotect it.
* main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local user
support so users can use -u with --desig-revoke. This bypasses the
interactive walk over the revocation keys.
|
|
speaking this should be only in gpg_CPPFLAGS, but then we have to
compile everything twice for gpg and gpgv.
* apdu.c (open_pcsc_reader): Fix double free.
* gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X
location. Suggested by Patty A. Hardy.
|
|
|
|
(signature_check2): Add --require-backsigs and --no-require-backsigs.
Currently defaults to --no-require-backsigs.
|
|
Filelength fixes for W32.
|
|
strings in xxx-options commands.
* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
|
|
to make switching from PGP command line to GPG easier.
|
|
--passphrase command line option. Only useful in very special
circumstances.
|
|
|
|
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
|
|
to enable the uid walking when signing a key with no uids specified to
sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
|
|
* cardglue.c (open_card): Use it.
|
|
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
|
|
do_export_stream): Add export-options export-clean-sigs,
export-clean-uids, export-clean-subkeys, and export-clean which is all
of the above. Export-minimal is the same except it also removes all
non-selfsigs. export-unusable-sigs is now a noop.
|
|
|
|
"clean" UI can be finished.
|
|
|
|
|
|
* g10.c (main): Option --debug-ccid-driver may now be given
several times increase the debug level.
* ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version
5.14 as good.
(do_close_reader): Never do a reset. The caller should instead
make sure that the reader has been closed properly. The new retry
code in ccid_slot_status will make sure that the readersatrts up
fine even if the last process didn't closed the USB connection
properly.
(ccid_get_atr): For certain readers try switching to ISO mode.
Thanks to Ludovic Rousseau for this hint and the magic numbers.
(print_command_failed): New.
(bulk_in): Use it here. Add new arg NO_DEBUG.
(ccid_slot_status): Disabled debugging.
|
|
comment packets.
* export.c (do_export_stream): Don't export comment packets any
longer.
* options.h, g10.c (main): Remove --sk-comments and --no-sk-comments
options, and replace with no-op.
|
|
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c
(sign_uids): Use seconds rather than days internally to calculate
expiration. We no longer need the day-based code as we don't generate v3
keys.
|
|
--default-cert-expire options. Suggested by Florian Weimer.
* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.
* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
|
|
(add_keyserver_url): Use isascii() to protect the isfoo macros and
to replace direct tests. Possible problems noted by Christian
Biere.
* keyserver.c (parse_keyserver_uri): Ditto.
* g10.c (main): Declare --pipemode deprecated.
* misc.c (deprecated_command): New.
|
|
old ad-hoc connection code to gpg-agent. We do need this for the
forthcoming diversion of card code to an already running gpg-agent
with card-support.
|
|
callers. We no longer need to append to $PATH.
|
|
flag 4. Use log_info for errors registering the default secret key.
* g10.c (main): Flag the default keyrings.
|
|
initialization.
* gpgv.c (i18n_init) [W32]: Ditto.
* simple-gettext.c (set_gettext_file): Use MO files depending on
the installation directory. Add new arg REGKEY.
|
|
* armor.c (is_armor_header): Allow CR and LF (not just actual spaces) in
an armor header line (-----BEGIN etc). This is needed due to CRLF issues
on win32. As before, --openpgp makes it strict.
|
|
* passphrase.c: Don't check for __CYGWIN__, so it is treated as a
unix-like system.
* options.h, g10.c (main), textfilter.c (standard): Use new option
--rfc2440-text to determine whether to filter "<space>\t\r\n" or just
"\r\n" before canonicalizing text line endings. Default to
"<space>\t\r\n".
|
|
exit if it cannot lock memory. Also remove --nrsign-key and --nrlsign-key
since this can better be done via --edit-key.
* secmem.c (secmem_init): Return a flag to indicate whether we got the
lock.
* memory.h: Return a flag to indicate whether we got the lock.
|
|
(status_one_subpacket, print_one_subpacket): Fix some compiler warnings.
* g10.c (main): Fix --compression-algo to take a string argument like
--compress-algo.
* trustdb.c (uid_trust_string_fixed): For safety, check for a pk.
|
|
--openpgp directly to determine the end of line hashing rule.
* trustdb.c (uid_trust_string_fixed): Show uids as expired if the key is
expired.
|
|
(not used). (standard): 2440 says that textmode hashes should canonicalize
line endings to CRLF and remove spaces and tabs. 2440bis-12 says to just
canonicalize to CRLF. So, we default to the 2440bis-12 behavior, but
revert to the strict 2440 behavior if the user specifies --rfc2440. In
practical terms this makes no difference to any signatures in the real
world except for a textmode detached signature.
|
|
(parse_import_options, import_keys_internal): Make the import-options and
export-options distinct since they can be mixed together as part of
keyserver-options.
|
|
|
|
(main): Unconditionally implement --status-file, --logger-file,
--attribute-file, --passphrase-file, --command-file. This is not
generally useful but easy to support and might make scripting
under Windows easier.
|
|
verify-option show-validity to show-uid-validity to match the similar
list-option.
* app-openpgp.c (verify_chv3): Fix typo.
|
|
with C89.
|
|
|
|
trust since the meaning is different.
* keyedit.c (trustsig_prompt): Change the strings to match the ones in
pkclist.c:do_edit_ownertrust to make translation easier.
* trustdb.c (trust_model_string, get_validity): Add direct trust model
which applies to the key as a whole and not per-uid.
* options.h, g10.c (parse_trust_model): New. (main): Call it from here to
do string-to-trust-model.
|
|
showing the user ID as mainproc.c:print_pkenc_list.
* mainproc.c (print_pkenc_list): Allow translating the quotes around the
user ID.
* card-util.c, g10.c, photoid.c, trustdb.c: The last of the \"%s\" -> `%s'
quoting for things that aren't user IDs.
* keyserver.c (keyserver_spawn): If there is no keyserver host, print the
whole URI since it is self-contained.
|
|
.. (maybe_create_keyring): .. new. Make sure that we do the checks in a
locked state. Problem reported by Stefan Haller. Try to create the home
directory before acquiring a lock for the keyring. From Werner on stable
branch.
* g10.c (main): Blow up if we didn't lose setuid. From Werner on stable
branch.
|
|
issued, skip right to the CHV1/CHV2 PIN change. No need to show the
unblock or admin PIN change option. (card_edit): Add "admin" command to
add admin commands to the menu. Do not allow admin commands until "admin"
is given.
* app-openpgp.c (verify_chv3): Show a countdown of how many wrong admin
PINs can be entered before the card is locked.
* options.h, g10.c (main), app-openpgp.c (verify_chv3): Remove
--allow-admin.
|
|
opt.s2k_digest_algo. This helps fix a problem with PGP 2.x encrypted
symmetric messages. Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).
* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings. Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
|
|
error. However the backupfile has been created successfully.
* rsa.c (rsa_generate): Return the dummy list of factors only if
the caller asked for it.
* card_util.c (generate_card_keys): ask whether backup should be
created.
(card_store_subkey): Factored some code out to ..
* keygen.c (save_unprotected_key_to_card): .. new function.
(gen_card_key_with_backup): New.
(generate_raw_key): New.
(generate_keypair): New arg BACKUP_ENCRYPTION_DIR. Changed all
callers.
(do_generate_keypair): Divert to gen_card_key_with_backup when
desired.
|
