| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
packed s2k iteration count.
* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Enhanced gpg-connect-agent.
|
|
|
|
|
|
Migrated the gpg regression tests.
Some changes tp the gpg code to fix bugs and
for the use in testing.
make distcheck works now with gpg enabled.
|
|
shows no prblems. Needs more testing of course.
|
|
|
|
|
|
|
|
keygen_add_std_prefs, proc_parameter_file): Add --default-keyserver-url to
specify a keyserver URL at key generation time, and "Keyserver:" keyword
for doing the same through a batch file.
|
|
|
|
At least the keyids are now correctly computed again.
|
|
called with them closed. This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds. Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.
|
|
|
|
|
|
to disable.
* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.
* sign.c (match_dsa_hash): New. Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set. q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.
|
|
SHA-224.
* sign.c (write_plaintext_packet), encode.c (encode_simple): Factor
common literal packet setup code from here, to...
* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the
literal packet filename field is UTF-8 encoded.
* options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded
and note when filenames are already UTF-8.
|
|
The gpg part does not yet build.
|
|
* keyedit.c (menu_backsign): Allow backsigning even if the secret
subkey doesn't have a binding signature.
* armor.c (radix64_read): Don't report EOF when reading only a pad (=)
character. The EOF actually starts after the pad.
* gpg.c (main): Make --export, --send-keys, --recv-keys,
--refresh-keys, and --fetch-keys follow their arguments from left to
right. Suggested by Peter Palfrader.
|
|
|
|
Filelength fixes for W32.
|
|
strings in xxx-options commands.
* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
|
|
to make switching from PGP command line to GPG easier.
|
|
--passphrase command line option. Only useful in very special
circumstances.
|
|
|
|
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
|
|
to enable the uid walking when signing a key with no uids specified to
sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
|
|
* cardglue.c (open_card): Use it.
|
|
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
|
|
char * vs. unsigned char * warnings. The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.
|
|
do_export_stream): Add export-options export-clean-sigs,
export-clean-uids, export-clean-subkeys, and export-clean which is all
of the above. Export-minimal is the same except it also removes all
non-selfsigs. export-unusable-sigs is now a noop.
|
|
|
|
"clean" UI can be finished.
|
|
|
|
|
|
* g10.c (main): Option --debug-ccid-driver may now be given
several times increase the debug level.
* ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version
5.14 as good.
(do_close_reader): Never do a reset. The caller should instead
make sure that the reader has been closed properly. The new retry
code in ccid_slot_status will make sure that the readersatrts up
fine even if the last process didn't closed the USB connection
properly.
(ccid_get_atr): For certain readers try switching to ISO mode.
Thanks to Ludovic Rousseau for this hint and the magic numbers.
(print_command_failed): New.
(bulk_in): Use it here. Add new arg NO_DEBUG.
(ccid_slot_status): Disabled debugging.
|
|
comment packets.
* export.c (do_export_stream): Don't export comment packets any
longer.
* options.h, g10.c (main): Remove --sk-comments and --no-sk-comments
options, and replace with no-op.
|
|
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c
(sign_uids): Use seconds rather than days internally to calculate
expiration. We no longer need the day-based code as we don't generate v3
keys.
|
|
--default-cert-expire options. Suggested by Florian Weimer.
* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.
* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
|
|
(add_keyserver_url): Use isascii() to protect the isfoo macros and
to replace direct tests. Possible problems noted by Christian
Biere.
* keyserver.c (parse_keyserver_uri): Ditto.
* g10.c (main): Declare --pipemode deprecated.
* misc.c (deprecated_command): New.
|
|
old ad-hoc connection code to gpg-agent. We do need this for the
forthcoming diversion of card code to an already running gpg-agent
with card-support.
|
