| Commit message (Collapse) | Author | Files | Lines |
|---|
|
the file descriptor gets closed. Fixes bug reported by Juan
F. Codagnone.
|
|
the file descriptor gets closed. Fixes bug reported by Juan
F. Codagnone.
|
|
'GNUPG-1-9-BRANCH'.
|
|
bug in the old version that did not handle report syntax errors after a
valid entry.
* import.c (parse_import_options), export.c (parse_export_options): Call
it here instead of duplicating the code.
|
|
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket. This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.
* options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex. This is step one in simplifying them. No
functional change yet, just use a macro to check for compliance level.
* sign.c (sign_file): Fix bug that causes spurious compression preference
warning.
* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.
* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file,
clearsign_file), encode.c (encode_crypt, write_pubkey_enc_from_list): New
functions to put the "this message may not be usable...." warning in one
place.
* options.h, g10.c (main): Part two of the simplification. Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)
* g10.c (main): Show errors for failure in export, send-keys, recv-keys,
and refresh-keys.
* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.
* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.
* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.
|
|
ultimately trusted key.
* keyedit.c (sign_uids): Allow replacing expired signatures. Allow
duplicate signatures with --expert.
* pkclist.c (check_signatures_trust): Don't display a null fingerprint
when checking a signature with --always-trust enabled.
* filter.h (progress_filter_context_t), progress.c (handle_progress),
plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler
warnings. Make "what" constant.
* build-packet.c (do_plaintext): Do not create invalid literal packets
with >255-byte names.
|
|
fix_pks_corruption): It's really PKS corruption, not HKP corruption.
Keep the old repair-hkp-subkey-bug command as an alias.
* g10.c (main): Rename --no-version to --no-emit-version for consistency.
Keep --no-version as an alias.
|
|
than a CERT.
* import.c (delete_inv_parts): Discard any key signatures that aren't key
types (i.e. 0x00, 0x01, etc.)
* g10.c (main): Add deprecated option warning for --list-ownertrust. Add
--compression-algo alias for --compress-algo. Change --version output
strings to match "showpref" strings, and make translatable.
* status.c (do_get_from_fd): Accept 'y' as well as 'Y' for --command-fd
boolean input.
* trustdb.c: Fix typo (DISABLE_REGEXP -> DISABLE_REGEX)
* keyedit.c (show_key_with_all_names_colon): Show no-ks-modify flag.
|
|
(treat as a v4 revocation).
* import.c (print_import_check): Do not re-utf8 convert user IDs.
|
|
interactive import if status is enabled.
* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches. Noted by Stefan Bellon.
* getkey.c (merge_selfsigs_main): Remove some unused code and make sure
that the pk selfsigversion member accounts for 1F direct sigs.
|
|
|
|
disabled keys. Keys specified via keyid (i.e. 0x...) are always included.
* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.
* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt. Do include disabled keys for the default key and
--encrypt-to.
* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.
* gpgv.c (is_disabled): Stub.
* keygen.c (keygen_add_key_expire): Properly handle updating a key
expiration to a no-expiration value.
* keyedit.c (enable_disable_key): Comment.
* import.c (import_one): When in interactive mode and --verbose, don't
repeat some key information twice.
|
|
* import.c (print_import_check): New.
(import_one): Use it here.
Use merge_keys_and_selfsig in the interactive mode to avoid
wrong key information.
* status.h: Add new status code.
* status.c: Ditto.
|
|
user" rather than "owner". Noted by Stefan Bellon.
* trustdb.h, trustdb.c (trustdb_pending_check): New function to
check if the trustdb needs a check.
* import.c (import_keys_internal): Used here so we don't rebuild
the trustdb if it is still clean.
(import_one, chk_self_sigs): Only mark trustdb dirty if the key
that is being imported has any sigs other than self-sigs.
Suggested by Adrian von Bidder.
* options.skel: Include the required '=' sign in the sample
'group' option. Noted by Stefan Bellon.
* import.c (chk_self_sigs): Don't try and check a subkey as if it
was a signature.
|
|
RECTYPE_TRUST records a bit.
* g10.c (main): Comment out --list-trust-path until it can be implemented.
* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.
* keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.
|
|
expiration date of a subkey. This is not the most optimal solution, but
it is minimal change on the stable branch.
* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.
* import.c (fix_hkp_corruption): Comment.
|
|
partial length encoding. This is required because OpenPGP allows only for
32 bit length fields. From Werner on stable branch.
* getkey.c (get_pubkey_direct): Renamed to... (get_pubkey_fast): this and
made extern. (get_pubkey_byfprint_fast): New. From Werner on stable
branch.
* keydb.h, import.c (import_one): Use get_pubkey_fast instead of
get_pubkey. We don't need a merged key and actually this might lead to
recursions. (revocation_present): Likewise for search by fingerprint.
From Werner on stable branch.
* g10.c (main): Try to create the trustdb even for non-colon-mode list-key
operations. This is required because getkey needs to know whether a a key
is ultimately trusted. From Werner on stable branch.
|
|
like "fully trusted", "marginally trusted", etc. (get_min_ownertrust):
New. Return minimum ownertrust. (update_min_ownertrust): New. Set
minimum ownertrust. (check_regexp): New. Check a regular epression
against a user ID. (ask_ownertrust): Allow specifying a minimum value.
(get_ownertrust_info): Follow the minimum ownertrust when returning a
letter. (clear_validity): Remove minimum ownertrust when a key becomes
invalid. (release_key_items): Release regexp along with the rest of the
info. (validate_one_keyblock, validate_keys): Build a trust sig chain
while validating. Call check_regexp for regexps. Use the minimum
ownertrust if the user does not specify a genuine ownertrust.
* pkclist.c (do_edit_ownertrust): Only allow user to select a trust level
greater than the minimum value.
* parse-packet.c (can_handle_critical): Can handle critical trust and
regexp subpackets.
* trustdb.h, trustdb.c (clear_ownertrusts), delkey.c (do_delete_key),
import.c (import_one): Rename clear_ownertrust to clear_ownertrusts and
have it clear the min_ownertrust value as well.
* keylist.c (list_keyblock_print): Indent uid to match pub and sig.
|
|
parse_import_options), g10.c (main): New import-option "convert-sk-to-pk"
to convert a secret key into a public key during import. It is on by
default.
|
|
'GNUPG-1-9-BRANCH'.
|
|
* keylist.c (print_capabilities): Properly indicate per-key capabilities
of sign&encrypt primary keys that have secret-parts-missing (i.e. no
capabilities at all)
* mainproc.c (symkey_decrypt_sesskey): Fix compiler warning.
|
|
warning.
* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping. Noted by Ingo Kl�cker.
|
|
cipher when importing a secret key.
* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.
* parse_packet.c (parse_key): Some comments.
* revoke.c (gen_revoke): Remove some debugging code.
* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
* seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher
in question is in fact IDEA.
|
|
clean ownertrust.
|
|
* keyring.c (keyring_rebuild_cache), sig-check.c (check_key_signature2),
import.c (import, chk_self_sigs): Minor language cleanups.
|
|
|
|
|
|
|
|
|
|
|
|
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.
* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
|
|
chk_self_sigs. This improves efficiency as the same signatures are not
checked multiple times. Clarify when a subkey is revoked (any revocation
signature, even if it is dated before the binding signature).
* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.
* keylist.c (list_one): Stats are only for public key listings.
* g10.c (main), options.skel: Default should be include-revoked for
keyserver operations.
|
|
which is currently not used becuase we terminate on errors.
|
|
(get_user_id_printable): this. Filter out all dangerous
characters. Checked all usages.
(get_user_id_string_native): Renamed to..
(get_user_id_string_printable): this. Filter out all dangerous
characters. Checked all usages.
* keyedit.c (show_basic_key_info): New.
* keylist.c (print_fingerprint): New mode 3.
* import.c (import_one): Use new function to display the user ID.
|
|
* g10.c (main): enable opt.interactive.
* import.c (import_one): Ask the user if the key shall be
imported when the interactive mode is used. Useful to extract
selected keys from a file.
|
|
"WARNING"
|
|
delete_inv_parts), g10.c (main): New import-option
"repair-hkp-subkey-bug", which repairs as much as possible the HKP
mangling multiple subkeys bug. It is on by default for keyserver
receives, and off by default for regular --import.
* main.h, import.c (import, import_one, delete_inv_parts), hkp.c
(hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver import
options when doing keyserver receives.
|
|
offset problem with reversed ("no-") meanings.
|
|
if found in the userid section of the key.
|
|
delete_inv_parts), keyserver.c (parse_keyserver_options): add new
--import-options option. The only current flag is "allow-local-sigs".
* g10.c (main): Don't disable MDC in pgp7 mode.
* options.h, g10.c (main), keyserver.c (parse_keyserver_options): Remove
old keyserver-option include-attributes now that there is an export-option
for the same thing.
|
|
|
|
Added new cipher mode and updated cipher test program.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
