| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
problem when auto-key-locate returns a list of keys, not all of which are
usable (revoked, expired, etc). Noted by Simon Josefsson.
|
|
Still does not build.
|
|
The gpg part does not yet build.
|
|
|
|
the key being imported. (import_keys_internal, import_keys_stream,
import): Change all callers.
|
|
"clean", and add "minimize".
* import.c (parse_import_options): Make help text match the export
versions of the options.
* options.h, export.c (parse_export_options, do_export_stream): Reduce
clean options to two: clean and minimize.
* trustdb.h, trustdb.c (clean_one_uid): New function that joins uid
and sig cleaning into one for a simple API outside trustdb.
|
|
cleaning from one convenient place.
* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
import_one): Reduce clean options to two: clean and minimize.
* parse-packet.c (setup_user_id): Remove. (parse_user_id,
parse_attribute): Just use xmalloc_clear instead.
|
|
import_one): Add import-minimal option. Similar to export-minimal, except
it works on the way in.
|
|
non-selfsigs from key during cleaning. Change all callers.
* export.c (do_export_stream): Use it here so we don't need additional
minimize code in the export path.
|
|
so keyserver mangled keys with doubled user IDs can be properly
cleaned - possibly sigs on the different user IDs cancel each other
out.
* import.c (parse_import_options), export.c (parse_export_options):
List "xxx-clean" before the longer options so we don't end up with a
partial match on the longer options.
* trustdb.c (clean_uids_from_key): Return proper number of cleaned
user IDs. Don't count user IDs as cleaned unless we actually delete
something.
|
|
strings in xxx-options commands.
* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
|
|
|
|
|
|
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
|
|
when compacting a uid. There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.
* keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed.
* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed). This allows
importing compacted uids.
|
|
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing. Like import-clean-sigs, this may nodify the local keyring.
* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
|
|
import_one): Add import-clean-sigs option to automatically clean a key
when importing. Note that when importing a key that is already on the
local keyring, the clean applies to the merged key - i.e. existing
superceded or invalid signatures are removed.
|
|
import-unusable-sigs is now a noop.
|
|
|
|
is dirty and --interactive is set, do an --update-trustdb. If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is
set.
* import.c (import_keys_internal): Moved from here.
* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end. This is Debian bug
#293816, noted by Kurt Roeckx.
|
|
* card-util.c (card_status): Create asecret key stub on the fly
and print more information about a card key.
* import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New.
* getkey.c (get_seckeyblock_byfprint): New.
* keylist.c (print_card_key_info): New.
|
|
* import.c (delete_inv_parts): Comments on import-unusable-sigs.
|
|
import-unusable-sigs flag to enable importing unusable (currently:
expired) sigs.
* options.h, export.c (parse_export_options, do_export_stream): Add
export-unusable-sigs flag to enable exporting unusable (currently:
expired) sigs.
|
|
(parse_import_options, import_keys_internal): Make the import-options and
export-options distinct since they can be mixed together as part of
keyserver-options.
|
|
secret key export.
* import.c (import_secret_one) [ENABLE_SELINUX_HACKS]: Likewise
|
|
|
|
opt.s2k_digest_algo. This helps fix a problem with PGP 2.x encrypted
symmetric messages. Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).
* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings. Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
|
|
card to fetch an updated copy. Works with either straight URLs or HKP or
LDAP keyservers.
* keyserver-internal.h, keyserver.c (keyserver_import_fprint), import.c
(revocation_present): Use a keyserver_spec so the caller can pass in
whatever keyserver they like.
|
|
and remove the printable stuff since we're print-ifying valid utf8
characters. Change all callers in import.c, sign.c, keylist.c, and
encode.c.
|
|
from parse_keyserver_options by calling the generic parse_options.
* keyserver.c (keyserver_spawn, keyserver_refresh), g10.c (main), gpgv.c
(main), mainproc.c (check_sig_and_print), import.c (revocation_present):
Change all callers.
|
|
keyserver.c (parse_keyserver_uri): Parse keyserver URI into a structure.
Cleanup for new "guess my keyserver" functionality, as well as refreshing
via a preferred keyserver subpacket.
|
|
|
|
functions in log_debug.
* import.c (import_one): Try and collapse user IDs when importing a key
for the first time.
* keyedit.c (menu_addrevoker): Allow appointing a subkey as a designated
revoker if the user forces it via keyid!, so long as the subkey can
certify. Also use the proper date string when prompting for confirmation.
* g10.c (main): Maintain ordering of multiple Comment lines. Requested by
Peter Hyman.
|
|
and a little better text. (import_one, import_secret_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, merge_blocks): Still
more --keyid-format conversions.
|
|
* main.h, misc.c (parse_options), export.c (parse_export_options),
import.c (parse_import_options), g10.c (main): Use it here to allow for
options with optional arguments. Change all callers.
|
|
import_secret_one): Without knowing the number of MPIs there are, we
cannot try and sk-to-pk-ize a key.
|
|
key to ensure that it does not advertise any that we cannot fulfill. Use
the keyedit command list function to optionally rewrite the prefs.
(import_one, import_secret_one): Use it here when importing a public key
that we have the secret half of, or when importing a secret key that we
have the public half of.
|
|
key, a revocation key set in a direct key signature, and a revocation from
that revocation key, all arrive piecemeal. Needless to say, this is pretty
obscure.
|
|
import_secret_one), keyserver.c (keyserver_refresh): Change --merge-only
to --import-option merge-only. Deprecate --merge-only.
|
|
the messages about which option didn't match or matched ambiguously.
Change all callers (g10.c, keyserver.c).
* main.h, import.c (import_options), export.c (export_options): Pass the
noisy flag through.
|
|
* keydb.h, keyid.c (hash_public_key, do_fingerprint_md): ... and make a
new one here that shares code with the fingerprint calculations. This
removes some duplicated functionality, and is also around 14% faster.
(Every bit helps).
* import.c (import_one): No longer need the Elgamal import warning.
* getkey.c (get_pubkey_fast): This one is sort of obscure. get_pubkey_fast
returns the primary key when requesting a subkey, so if a user has a key
signed by a subkey (we don't do this, but used to), AND that key is not
self-signed, AND the algorithm of the subkey in question is not present in
GnuPG, AND the algorithm of the primary key that owns the subkey in
question is present in GnuPG, then we will try and verify the subkey
signature using the primary key algorithm and hit a BUG(). The fix is to
not return a hit if the keyid is not the primary. All other users of
get_pubkey_fast already expect a primary only.
|
|
check_compress_algo): Add bzip2.
* compress.c (compress_filter): Make static to help force the use of
push_compress_filter. Remove default algorithm setting since that is done
in push_compress_filter now.
* main.h: Use named algorithm.
* filter.h, compress.c (push_compress_filter, push_compress_filter2): New.
Figure out which is the appropriate compression filter to use, and push it
into place.
* compress.c (handle_compressed), encode.c (encode_simple, encode_crypt),
sign.c (sign_file, sign_symencrypt_file), import.c (read_block), export.c
(do_export): Use push_compress_filter instead of pushing the compression
filter ourselves.
* compress-bz2.c: New. Bzlib versions of the compression filter routines.
* Makefile.am: Include compress-bz2.c if bz2lib is available.
|
|
import warning.
* g10.c (main): Older versions used --comment "" to indicate no comment.
Don't add an empty comment.
|
|
|
|
* options.skel: Note that keyserver.pgp.com isn't synchronized, and
explain the roundrobin a bit better.
* sig-check.c (check_key_signature2), import.c (import_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids,
merge_blocks): Make much quieter during import of slightly munged, but
recoverable, keys. Use log_error for unrecoverable import failures.
* keyring.c (keyring_rebuild_cache): Comment.
* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.
|
|
Provide a signing-key-is-revoked flag. Change all callers.
* status.h, status.c (get_status_string): New REVKEYSIG status tag for a
good signature from a revoked key.
* mainproc.c (do_check_sig, check_sig_and_print): Use it here.
* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare actual
signatures on import rather than using keyid or class matching. This does
not change actual behavior with a key, but does mean that all sigs are
imported whether they will be used or not.
* parse-packet.c (parse_signature): Don't give "signature packet without
xxxx" warnings for experimental pk algorithms. An experimental algorithm
may not have a notion of (for example) a keyid (i.e. PGP's x.509 stuff).
|
|
|
|
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types. Note, that not all changes are listed below becuause they are
too similar and done at far too many places. As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
|
