aboutsummaryrefslogtreecommitdiffstats
path: root/g10/import.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Let export-clean remove expired subkeys.Werner Koch2018-07-091-3/+6
| | | | | | | | | | | | | | | * g10/key-clean.h (KEY_CLEAN_NONE, KEY_CLEAN_INVALID) (KEY_CLEAN_ENCR, KEY_CLEAN_AUTHENCR, KEY_CLEAN_ALL): New. * g10/key-clean.c (clean_one_subkey): New. (clean_all_subkeys): Add arg CLEAN_LEVEL. * g10/import.c (import_one): Call clean_all_subkeys with KEY_CLEAN_NONE. * g10/export.c (do_export_stream): Call clean_all_subkeys depedning on the export clean options. -- GnuPG-bug-id: 3622 Signed-off-by: Werner Koch <[email protected]>
* gpg: Split key cleaning function for clarity.Werner Koch2018-07-091-7/+20
| | | | | | | | | | | | * g10/key-clean.c (clean_key): Rename to clean_all_uids and split subkey cleaning into ... (clean_all_subkeys): new. Call that always after the former clean_key invocations. -- Note that the clean_all_subkeys function will later be extended. Signed-off-by: Werner Koch <[email protected]>
* gpg: Move key cleaning functions to a separate file.Werner Koch2018-07-061-0/+1
| | | | | | | | | | | | | | | * g10/trust.c (mark_usable_uid_certs, clean_sigs_from_uid) (clean_uid_from_key, clean_one_uid, clean_key): Move to ... * g10/key-clean.c: new file. * g10/key-clean.h: New. * g10/Makefile.am (gpg_sources): Add new files. * g10/export.c, g10/import.c, g10/keyedit.c, g10/trustdb.c: Include new header. * g10/trustdb.h (struct key_item, is_in_klist): Move to ... * g10/keydb.h: here. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Ignore too large user ids during import.Werner Koch2018-07-041-1/+30
| | | | | | | | | | | | * g10/import.c (read_block): Add special treatment for bad user ids and comment packets. -- See GnuPG-bug-id: 4022 for an example of a bogus user id. Signed-off-by: Werner Koch <[email protected]>
* indent: Fix indentation of read_block in g10/import.cWerner Koch2018-07-041-66/+67
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Print revocation reason for "rvs" records.Werner Koch2018-06-211-2/+117
| | | | | | | | | | | | | | | | | | | | * g10/import.c (get_revocation_reason): New. (list_standalone_revocation): Extend function. -- Note that this function extends the "rvs" field signature-class (field 11) with the revocation reason. GPGME does not yet parse this but it can be expected that the comma delimiter does not break other parsers. A new field is added to the "rvs" (and in future also the "rev") record to carry a record specific comment. Hopefully all parsers meanwhile learned the lesson from other new fields and don't bail out on more fields than they know about. This is partial solution to GnuPG-bug-id: 1173 Signed-off-by: Werner Koch <[email protected]>
* gpg: Let --show-keys print revocation certificates.Werner Koch2018-06-211-7/+114
| | | | | | | | | * g10/import.c (list_standalone_revocation): New. (import_revoke_cert): Call new function. -- GnuPG-bug-id: 4018 Signed-off-by: Werner Koch <[email protected]>
* gpg: Do not import revocations with --show-keys.Werner Koch2018-06-121-26/+30
| | | | | | | | | * g10/import.c (import_revoke_cert): Add arg 'options'. Take care of IMPORT_DRY_RUN. -- GnuPG-bug-id: 4017 Signed-off-by: Werner Koch <[email protected]>
* gpg: Add new usage option for drop-subkey filters.Daniel Kahn Gillmor2018-06-121-0/+10
| | | | | | | | | | | | | | * g10/import.c (impex_filter_getval): Add new "usage" property for drop-subkey filter. -- For example, this permits extraction of only encryption-capable subkeys like so: gpg --export-filter 'drop-subkey=usage !~ e' --export $FPR GnuPG-Bug-id: 4019 Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Improve verbose output during import.Werner Koch2018-06-071-13/+32
| | | | | | | | * g10/import.c (chk_self_sigs): Print the subkeyid in addition to the keyid. (delete_inv_parts): Ditto. Signed-off-by: Werner Koch <[email protected]>
* gpg: New command --show-keys.Werner Koch2018-06-061-1/+7
| | | | | | | | | | | | | | | | | | | * g10/gpg.c (aShowKeys): New const. (opts): New command --show-keys. (main): Implement command. * g10/import.c (import_keys_internal): Don't print stats in show-only mode. (import_one): Be silent in show-only mode. -- Using --import --import-options show-only to look at a key is too cumbersome. Provide this shortcut and also remove some diagnostic cruft in this case. Signed-off-by: Werner Koch <[email protected]>
* Merge branch 'STABLE-BRANCH-2-2' into masterWerner Koch2018-05-131-2/+4
|\ | | | | | | | | | | | | | | | | | | -- Resolved Conflicts: NEWS - removed configure.ac - removed Signed-off-by: Werner Koch <[email protected]>
| * gpg: Fix minor memory leak in the compress filter.Werner Koch2018-05-021-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | * g10/compress.c (push_compress_filter2): Return an error if no filter was pushed. (push_compress_filter): Ditto. (handle_compressed): Free CFX if no filter was pushed. * g10/import.c (read_block): Ditto. -- GnuPG-bug-id: 3898, 3930 Signed-off-by: Werner Koch <[email protected]>
* | gpg: Implement AEAD for SKESK packets.Werner Koch2018-01-231-0/+19
|/ | | | | | | | | | | | | | | | | | | | | | | | | | * g10/packet.h (PKT_symkey_enc): Add field aead_algo. * g10/build-packet.c (do_symkey_enc): Support version 5 packets. * g10/parse-packet.c (parse_symkeyenc): Ditto. * g10/encrypt.c (encrypt_symmetric): Force using a random session key in AEAD mode. (encrypt_seskey): Add and support arg aead_algo. (write_symkey_enc): Ditto. (encrypt_simple): Adjust accordingly. (encrypt_filter): Ditto. * g10/gpgcompose.c (sk_esk): For now call encrypt_seskey without AEAD support. * g10/mainproc.c (symkey_decrypt_seskey): Support AEAD. Nver call BUG but return an error. (proc_symkey_enc): Call symkey_decrypt_seskey in a bug compatible way. * g10/import.c (check_prefs): Check AEAD preferences. * g10/keyedit.c (show_prefs): Print AEAD preferences. -- For easier debugging this patch also changes some diagnostics to also print the encryption mode with the cipher algorithm. Signed-off-by: Werner Koch <[email protected]>
* gpg: Print sec/sbb with --import-option import-show or show-only.Werner Koch2017-10-191-1/+1
| | | | | | | | | | | | | * g10/import.c (import_one): Pass FROM_SK to list_keyblock_direct. -- Note that this will likely add the suffix '#' top "sec" because the secret key has not yet (or will not be) imported. If the secret key already exists locally another suffix might be printed. The upshot is that the suffix has no usefulness. GnuPG-bug-id: 3431 Signed-off-by: Werner Koch <[email protected]>
* gpg: Make --dry-run and show-only work for secret keys.Werner Koch2017-10-191-1/+2
| | | | | | | | | | | | | * g10/import.c (import_secret_one): Check for dry-run before transferring keys. -- The use of --dry-run or --import-option show-only had no effect when importing a secret key and the public key already existed. If the public key did not exist an error message inhibited the import of the secret key. Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve keydb handling in the main import function.Werner Koch2017-10-191-43/+23
| | | | | | | | | | * g10/getkey.c (get_pubkey_byfprint_fast): Factor most code out to ... (get_keyblock_byfprint_fast): .. new function. * g10/import.c (revocation_present): s/int rc/gpg_error_t err/. (import_one): Use get_keyblock_byfprint_fast to get the keyblock and a handle. Remove the now surplus keyblock fetch in the merge branch. Signed-off-by: Werner Koch <[email protected]>
* gpg: Simplify keydb handling of the main import function.Werner Koch2017-10-191-80/+79
| | | | | | | | | | | | | | | | | | | * g10/import.c (import_keys_internal): Return gpg_error_t instead of int. Change var names. (import_keys_es_stream): Ditto. (import_one): Ditto. Use a single keydb_new and simplify the use of of keydb_release. -- Note that this opens a keydb handle before we call get_pubkey_byfprint_fast which internally uses another key db handle. A further patch will cleanup this double use. Note that we also disable the keydb caching for the insert case. The s/int/gpg_error_t/ has been done while checking the call chains of the import functions and making sure that gpg_err_code is always used. Signed-off-by: Werner Koch <[email protected]>
* gpg: Avoid double fingerprint printing with import-show.Werner Koch2017-08-041-1/+2
| | | | | | | * g10/import.c (import_one) <IMPORT_SHOW>: Take care of fingerprint options. Signed-off-by: Werner Koch <[email protected]>
* gpg: New import option show-only.Werner Koch2017-08-041-1/+5
| | | | | | | | | | | | | * g10/options.h (IMPORT_DRY_RUN): New. * g10/import.c (parse_import_options): Add "show-only". (import_one): use that as alternative to opt.dry_run. -- This is just a convenience thing for --import-options import-show --dry-run Signed-off-by: Werner Koch <[email protected]>
* gpg: Avoid output to the tty during import.Werner Koch2017-07-271-1/+1
| | | | | | | | | | | | | | | | * g10/key-check.c (key_check_all_keysigs): Add arg mode and change all output calls to use it. * g10/keyedit.c (keyedit_print_one_sig): Add arg fp and chnage all output calls to use it. (keyedit_menu): Adjust for changes. * g10/gpgcompose.c (keyedit_print_one_sig): Add dummy arg fp. * g10/import.c (import_one): Call key_check_all_keysigs with output to the log stream. -- Fixes-commit: 404fa8211b6188a0abe83ef43a4b44d528c0b035 GnuPG-bug-id: 3288 Signed-off-by: Werner Koch <[email protected]>
* gpg: Update key origin info during import merge.Werner Koch2017-07-251-4/+97
| | | | | | | | | | | | * g10/import.c (update_key_origin): New. (merge_blocks): Add arg curtime. (import_one): Pass curtime to merge_blocks. Call update_key_origin. -- We probably need to refine the rules on how this is done. But it is a start. Signed-off-by: Werner Koch <[email protected]>
* gpg: Store key origin for new userids during import merge.Werner Koch2017-07-251-107/+157
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/import.c (apply_meta_data): Rename to ... (insert_key_origin): this. Factor code out to ... (insert_key_origin_pk, insert_key_origin_uid): new funcs. (import_one): Move insert_key_origin behind clean_key. (merge_blocks): Add args options, origin, and url. (append_uid): Rename to ... (append_new_uid): this. Add args options, curtime, origin, and url. Call insert_key_origin_uid for new UIDs. -- This is a straightforward change to handle new user ids. How to test: With an empty keyring run gpg --with-key-origin --locate-key \ --auto-key-locate clear,nodefault,wkd [email protected] and then append a new keyid using gpg --with-key-origin --locate-key \ --auto-key-locate clear,nodefault,wkd [email protected] Works with my current key 80615870F5BAD690333686D0F2AD85AC1E42B367. Signed-off-by: Werner Koch <[email protected]>
* gpg: Extend --key-origin to take an optional URL arg.Werner Koch2017-07-241-0/+26
| | | | | | | | | | | | | | | | * g10/getkey.c (parse_key_origin): Parse appended URL. * g10/options.h (struct opt): Add field 'key_origin_url'. * g10/gpg.c (main) <aImport>: Pass that option to import_keys. * g10/import.c (apply_meta_data): Extend for file and url. * g10/keyserver.c (keyserver_fetch): Pass the url to import_keys_es_stream. -- Example: gpg --key-origin url,myscheme://bla --import FILE Signed-off-by: Werner Koch <[email protected]>
* gpg: Store key origin info for new keys from a keyserverWerner Koch2017-07-241-26/+57
| | | | | | | | * g10/keyserver.c (keyserver_get_chunk): Use KEYORG_KS if request was done by fingerprint. * g10/import.c (apply_meta_data): Implement that. Signed-off-by: Werner Koch <[email protected]>
* gpg: Store key origin info for new DANE and WKD retrieved keys.Werner Koch2017-07-241-18/+63
| | | | | | | | | | | | | | | | | | | | * g10/import.c (apply_meta_data): Remove arg 'merge'. Add arg 'url'. Implement WKD and DANE key origin. (import_keys_internal): Add arg 'url' and change all callers. (import_keys_es_stream): Ditto. (import): Ditto. (import_one): Ditto. * g10/keylist.c (list_keyblock_print): Fix update URL printing. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): Add arg 'r_url' to return the SOURCE. Pass ks_status_cb to assuan_transact. * g10/keyserver.c (keyserver_import_wkd): Get that URL and pass it to the import function. -- Note that this only for new keys. Merging this info will be added soon. Signed-off-by: Werner Koch <[email protected]>
* g10: Make sure to emit NEED_PASSPHRASE on --import of secret key.Marcus Brinkmann2017-07-241-1/+2
| | | | | | | | | * call-agent.h (agent_import_key): Add keyid parameters. * call-agent.c (agent_import_key): Set keyid parameters. * import.c (transfer_secret_keys): Pass keyid parameters. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2667
* gpg: Use macros to check the signature class.Werner Koch2017-07-211-24/+24
| | | | | | * g10/import.c: Use the extistin macros for better readability. Signed-off-by: Werner Koch <[email protected]>
* g10: Clean keyblock on initial commit.Marcus Brinkmann2017-07-211-0/+5
| | | | | | | | * g10/import.c (import_one): If option import-clean is set, also clean on initial import, not only for merge. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2401
* gpg: Fix importing keys.Justus Winter2017-07-141-3/+6
| | | | | | | * g10/import.c (import_one): Fix error handling. Fixes-commit: 330212efb927c119bb5135856f8582c0e4e2e6b7 Signed-off-by: Justus Winter <[email protected]>
* gpg: Pass key origin values to import functions.Werner Koch2017-07-131-23/+41
| | | | | | | | | | | | | | | | | | | | | | | | | * g10/import.c (import_keys_stream): Remove this unused function. (import_keys_internal): Add arg origin. (import_keys): Ditto. (import_keys_es_stream): Ditto. (import): Ditto. (import_one): Ditto. (apply_meta_data): New stub. (import_secret_one): Pass 0 for ORIGIN. * g10/keyserver.c (keyserver_get_chunk): For now pass 0 for ORIGIN. (keyserver_fetch): Add arg origin. (keyserver_import_cert): Pass KEYORG_DANE for ORIGIN. (keyserver_import_wkd): Pass KEYORG_WKD for ORIGIN. * g10/gpg.c (main): Pass OPT.KEY_ORIGIN to import_keys and keyserver_fetch. * g10/card-util.c (fetch_url): Pass KEYORG_URL for ORIGIN. -- This is just the framework; applying the meta data will be done in another commit. GnuPG-bug-id: 3252 Signed-off-by: Werner Koch <[email protected]>
* gpg: Check and fix keys on import.Justus Winter2017-06-141-0/+7
| | | | | | | | | | | * doc/gpg.texi: Document the new import option. * g10/gpg.c (main): Make the new option default to yes. * g10/import.c (parse_import_options): Parse the new option. (import_one): Act on the new option. * g10/options.h (IMPORT_REPAIR_KEYS): New macro. GnuPG-bug-id: 2236 Signed-off-by: Justus Winter <[email protected]>
* g10, sm, dirmngr, common: Add comment for fall through.NIIBE Yutaka2017-05-101-1/+1
| | | | | | | | | | | | | | | * common/b64dec.c (b64dec_proc): Comment to clarify. * dirmngr/cdblib.c (cdb_make_put): Use same pattern to clarify. * dirmngr/dirmngr-client.c (read_pem_certificate): Likewise. * dirmngr/ks-engine-hkp.c (ks_hkp_get): Likewise. * g10/armor.c (unarmor_pump): Likewise. * g10/gpg.c (main): Likewise. * g10/import.c (read_block): Likewise. * g10/keygen.c (make_backsig): Likewise. * g10/pkclist.c (check_signatures_trust): Likewise. * sm/gpgsm.c (main): Likewise. Signed-off-by: NIIBE Yutaka <[email protected]>
* Spelling fixes in docs and comments.NIIBE Yutaka2017-04-281-2/+2
| | | | | | | | | | -- In addition, fix trailing spaces in tests/inittests. GnuPG-bug-id: 3121 Reported-by: ka7 (klemens) Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix import/export filter property match.NIIBE Yutaka2017-04-171-1/+1
| | | | | | * g10/import.c (impex_filter_getval): Fix to "else if". Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Assert that an opaque parameter is really what we expect.Werner Koch2017-03-311-0/+2
| | | | | | | | | * g10/gpg.h (SERVER_CONTROL_MAGIC): New const. (server_control_s): Add field 'magic'. * g10/gpg.c (gpg_init_default_ctrl): Init MAGIC. * g10/import.c (impex_filter_getval): Assert MAGIC. Signed-off-by: Werner Koch <[email protected]>
* gpg: Pass CTRL to many more functions.Werner Koch2017-03-311-56/+70
| | | | | | | | | | -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <[email protected]>
* gpg: Revamp reading and writing of ring trust packets.Werner Koch2017-03-301-8/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_trust): Rename to ... (parse_ring_trust): this. Change args and implement new ring trust packet format. (parse): Add special ring trust packet handling. * g10/packet.h (PKT_user_id): New fields KEYUPDATE, UPDATEURL, and KEYSRC. (PKT_public_key): Ditto. (RING_TRUST_SIG, RING_TRUST_KEY, RING_TRUST_UID): New consts. (PKT_ring_trust): New. (struct packet_struct): Remove member RING_TRUST. (strcu parse_packet_ctx_s): Add field SKIP_META. (init_parse_packet): Init SKIPT_META. * g10/free-packet.c (release_public_key_parts): Free UDPATEURL. (free_user_id): Ditto. * g10/mainproc.c (list_node): Remove printing of non-documented "rtv" lines. * g10/build-packet.c (build_packet_and_meta): New. (do_ring_trust): New. * g10/export.c (write_keyblock_to_output): Use build_packet_and_meta in backup mode. (do_export_one_keyblock): Ditto. * g10/import.c (read_block): Add arg WITH_META. Skip ring trust packets if that ism not set. (import): Call read_block WITH_META in restore mode. * g10/keydb.h (KEYSRC_UNKNOWN, KEYSRC_FILE, KEYSRC_KS, KEYSRC_PREF_KS) (KEYSRC_WKD, KEYSRC_WKD_SD, KEYSRC_DANE): New constants. They are not yet used, though. * g10/keydb.c (parse_keyblock_image): Allow ring trust packets. (build_keyblock_image): Ditto. Use build_packet_and_meta. * g10/keyring.c (keyring_get_keyblock): Remove specila treatment of ring trust packets. (write_keyblock): Use build_packet_and_meta. Remove special treatment of ring trust packets and initialization of the signature caches. -- This patch introduced the framework to store meta data for keys and user ids in the keyrings/keyboxes. Ring trust packets are implementation defined and have always been used in gpg to cache the signature verification status. Ring trust packets are only exported with the export option "backup" and only imported with the import option "restore". The new code uses a cleaner way to handle the ring trust packets: When the parser reads a ring trust packet and the previously read packet matches the type of that ring trust packet, the information is stored in that previously read packet (signature, user id, or primary key) and the next packet is read immediately. Thus only the parser sees the ring trust packets. Ring trust packets are written by using the new function build_packet_and_meta instead of build_packet. That function writes a ring trust packet when the needed information is available. As a side-effect of this patch the signature status cache works again and "gpg --check-sigs" is thus much faster. Signed-off-by: Werner Koch <[email protected]>
* gpg: Extend free_packet to handle a packet parser context.Werner Koch2017-03-291-6/+7
| | | | | | | | | | | | | | | * g10/packet.h (struct parse_packet_ctx_s): Add fields LAST_PKT and FREE_LAST_PKT. (init_parse_packet): Clear them. (deinit_parse_packet): New macro. Change all users if init_parse_packet to also call this macro. * g10/free-packet.c (free_packet): Add arg PARSECTX and handle shallow packet copies in the context. Change all callers. * g10/parse-packet.c (parse): Store certain packets in the parse context. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Change parse_packet to take a context.Werner Koch2017-03-291-1/+3
| | | | | | | | | | | | | | | | | | * g10/packet.h (struct parse_packet_ctx_s): New. (parse_packet_ctx_t): New type. (init_parse_packet): New macro. * g10/parse-packet.c (parse_packet, dbg_parse_packet): Change to take a parse context. Change all callers to provide a context instead of directly supplying the input stream. (search_packet, dbg_search_packet): Ditto. (copy_all_packets, dbg_copy_all_packets): Init an use a parse context. (copy_some_packets, dbg_copy_some_packets): Ditto. (skip_some_packets, dbg_skip_some_packets): Ditto. -- We will need this change to handle ring packets inside the parser. Signed-off-by: Werner Koch <[email protected]>
* g10: Move more flags into the flag bitfield.Justus Winter2017-03-081-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/packet.h (PKT_user_id): Move 'is_primary', 'is_revoked', and 'is_expired' into the flags bitfield, and drop the prefix. * g10/call-dirmngr.c: Adapt accordingly. * g10/export.c: Likewise. * g10/getkey.c: Likewise. * g10/import.c: Likewise. * g10/kbnode.c: Likewise. * g10/keyedit.c: Likewise. * g10/keylist.c: Likewise. * g10/keyserver.c: Likewise. * g10/mainproc.c: Likewise. * g10/pkclist.c: Likewise. * g10/pubkey-enc.c: Likewise. * g10/tofu.c: Likewise. * g10/trust.c: Likewise. * g10/trustdb.c: Likewise. -- This patch has been created by applying the following semantic patch: @@ expression E; @@ -E->is_expired +E->flags.expired @@ expression E; @@ -E->is_primary +E->flags.primary @@ expression E; @@ -E->is_revoked +E->flags.revoked Signed-off-by: Justus Winter <[email protected]>
* Remove -I option to common.NIIBE Yutaka2017-03-071-6/+5
| | | | | | | | | | | | | * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix possible segv when attribute packets are filtered.Werner Koch2017-03-031-6/+6
| | | | | | | | | | | | * g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as PKT_USER_ID (apply_drop_sig_filter): Ditto. -- The old code was plainly wrong in that it considered PKT_ATTRIBUTE to use a PKT_signature object. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add new variables to the import and export filters.Werner Koch2017-03-031-7/+34
| | | | | | | * g10/import.c (impex_filter_getval): Add new variables "expired", "revoked", and "disabled". Signed-off-by: Werner Koch <[email protected]>
* Clean up word replication.Yuri Chornoivan2017-02-211-1/+1
| | | | | | | | | -- This fixes extra word repetitions (like "the the" or "is is") in the code and docs. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: New export and import options "backup" and "restore".Werner Koch2017-01-231-2/+19
| | | | | | | | | | | | | | | | * g10/export.c (parse_export_options): Add "backup" and its alias "export-backup". (do_export_one_keyblock): Export ring trust packets in backup mode. * g10/import.c (parse_import_options): Add "restore" and its alias "import-restore". (read_block): Import ring trust packets. -- These options are intended to, well, backup and restore keys between GnuPG implementations. These options may eventually be enhanced to backup and restore all public key related information. Signed-off-by: Werner Koch <[email protected]>
* g10: Cache the effective policy. Recompute it when required.Neal H. Walfield2016-11-211-5/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/tofu.c (initdb): Add column effective_policy to the bindings table. (record_binding): New parameters effective_policy and set_conflict. Save the effective policy. If SET_CONFLICT is set, then set conflict according to CONFLICT. Otherwise, preserve the current value of conflict. Update callers. (get_trust): Don't compute the effective policy here... (get_policy): ... do it here, if it was not cached. Take new parameters, PK, the public key, and NOW, the time that the operation started. Update callers. (show_statistics): New parameter PK. Pass it to get_policy. Update callers. (tofu_notice_key_changed): New function. * g10/gpgv.c (tofu_notice_key_changed): New stub. * g10/import.c (import_revoke_cert): Take additional argument CTRL. Pass it to keydb_update_keyblock. * g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL. Update callers. [USE_TOFU]: Call tofu_notice_key_changed. * g10/test-stubs.c (tofu_notice_key_changed): New stub. * tests/openpgp/tofu.scm: Assume that manually setting a binding's policy to auto does not cause the tofu engine to forget about any conflict. -- Signed-off-by: Neal H. Walfield <[email protected]> We now store the computed policy in the tofu DB (in the effective_policy column of the bindings table) to avoid computing it every time, which is expensive. Further, policy is never overridden in case of a conflict. Instead, we detect a conflict if CONFLICT is not empty. This change is backwards compatible to existing DBs. The only minor incompatibility is that unresolved conflicts won't be automatically resolved in case we import a direct signature, or cross signatures.
* Change all http://www.gnu.org in license notices to https://Werner Koch2016-11-051-1/+1
| | | | --
* Fix typos.Justus Winter2016-10-271-1/+1
| | | | | -- Signed-off-by: Justus Winter <[email protected]>
* gpg: Convey --quick option to dirmngr for --auto-key-retrieve.Werner Koch2016-10-271-1/+1
| | | | | | | | | | | | | | | | | | * g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'. (gpg_dirmngr_wkd_get): Ditto. * g10/keyserver.c (keyserver_get): Add arg 'quick'. (keyserver_get_chunk): Add arg 'quick'. (keyserver_import_fprint): Ditto. Change callers to pass 0 for it. (keyserver_import_keyid): Ditto. (keyserver_import_wkd): Ditto. * g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with QUICK set. -- Note that this option has not yet been implemented by dirmngr. Dirmngr will simply ignore it for now. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 06:57:18 +0000