| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* g10/keyedit.c (subkey_expire_warning): New.
keyedit_menu): Call it when needed.
--
GnuPG-bug-id: 1715
The heuristic to detect a problem is not very advanced but it should
catch the most common cases.
(backported from commit ae3d1bbb65b65cf3c57bb14886be120f5e31635d)
[dkg: rebased to STABLE-BRANCH-1-4]
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
|
* g10/keyedit.c (keyedit_menu): Print message.
--
GnuPG-bug-id: 1420
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 0bf54e60d31389812d05c3fd29bece876204561d)
|
|
|
|
|
|
|
|
For compatibility reasons a few new files had to be added.
Also added estream-printf as this is now used in app-openpgp.c and provides
a better and generic asprintf implementation than the hack we used for the
W32 code in ttyio.c. Card code is not yet finished.
|
|
(list_keyblock_print), pkclist.c (do_edit_ownertrust), keyedit.c
(menu_showphoto), photoid.c (generate_photo_id, show_photos), misc.c
(pct_expando): Add %v and %V expandos so that displaying photo IDs
can show the attribute validity tag (%v) and string (%V). Originally
by Daniel Gillmor.
|
|
modified status after a "clean" or "minimize" that doesn't need to do
anything.
|
|
|
|
Updated gettext.
|
|
--rfc4880, and make --openpgp an alias to it. --rfc2440 now stands
alone. For now, use the old 2440 defaults for 4880.
* keyedit.c (keyedit_menu): Use compliance_option_string() instead of
printing the compliance modes here.
|
|
fix_keyblock() or collapse_uids()) make sure we reprocess the keyblock
so the flags are correct. Noted by Robin H. Johnson.
* getkey.c (fixup_uidnode): Properly clear flags that don't apply to
us (revoked, expired) so that we can reprocess a uid.
|
|
the time to use to calculate the expiration offset, rather than
querying it internally. Change all callers.
|
|
operation.
|
|
the need for ask_expiredate().
|
|
|
|
"already clean" when a minimized key is minimized again. From Dirk
Traulsen.
|
|
have no need to backsign.
|
|
* keyedit.c (menu_backsign): Allow backsigning even if the secret
subkey doesn't have a binding signature.
* armor.c (radix64_read): Don't report EOF when reading only a pad (=)
character. The EOF actually starts after the pad.
* gpg.c (main): Make --export, --send-keys, --recv-keys,
--refresh-keys, and --fetch-keys follow their arguments from left to
right. Suggested by Peter Palfrader.
|
|
is no backsig present. Give a URL for more information.
* keyedit.c (menu_backsign): Small tweak to work properly with keys
originally generated with older GnuPGs that included comments in the
secret keys.
|
|
to be deleted with a '-' prefix.
* keyedit.c (menu_set_notation): Use it here to allow deleting a notation
marked with '-'. This works with either "-notation" or "-notation=value".
|
|
self-signatures. (keyedit_menu): Call it here.
(tty_print_notations): Helper. (show_prefs): Show notations in
"showpref".
|
|
Use it here for the various notation commands.
* packet.h, main.h, keygen.c (keygen_add_notations), build-packet.c
(string_to_notation, sig_to_notation) (free_notation): New "one stop
shopping" functions to handle notations and start removing some code
duplication.
|
|
pka-lookups, not pka-lookup.
* options.h, gpg.c (main), keyedit.c [cmds], sig-check.c
(signature_check2): Rename "backsign" to "cross-certify" as a more
accurate name.
|
|
revoker record. Moved from keyedit.c:show_key_with_all_names_colon.
* keylist.c (list_keyblock_colon): Use it here ...
* keyedit.c (show_key_with_all_names_colon): ... and here.
|
|
"clean", and add "minimize".
* import.c (parse_import_options): Make help text match the export
versions of the options.
* options.h, export.c (parse_export_options, do_export_stream): Reduce
clean options to two: clean and minimize.
* trustdb.h, trustdb.c (clean_one_uid): New function that joins uid
and sig cleaning into one for a simple API outside trustdb.
|
|
command.
|
|
(clean_uids_from_key): Fix display bug where sigs cleaned for other
reasons caused a uid to appear as if it had been compacted.
|
|
|
|
non-selfsigs from key during cleaning. Change all callers.
* export.c (do_export_stream): Use it here so we don't need additional
minimize code in the export path.
|
|
adding a cert-only designated revoker. Code was looking for a key with
sign ability, and not cert ability. Noted by Timo Schulz.
|
|
add 0x19 backsigs to old keys that don't have them.
* misc.c (parse_options): Fix build warning.
* main.h, keygen.c (make_backsig): Make public.
|
|
show_key_with_all_names. (keyedit_menu): Call it here for pref and
showpref so they can show only the selected user ID. Suggested by
Timo Schulz.
|
|
suggested filename.
* keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto
filename" works.
|
|
algorithms.
* keyedit.c (sign_uids): Don't request a signing key to make a
certification.
* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?) (print_key_flags): Show certify flag. (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
|
|
Suggested by Michael Schierl.
|
|
|
|
match key expiry unless --ask-cert-expire is set. Suggested by Peter
Palfrader.
|
|
to enable the uid walking when signing a key with no uids specified to
sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
|
|
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
|
|
menu_clean_subkeys_from_key), trustdb.h, trustdb.c
(clean_subkeys_from_key): Remove subkey cleaning function. It is of
very limited usefulness since it cannot be used on any subkey that can
sign, and can only affect multiple selfsigs on encryption-only
subkeys.
|
|
(menu_clean_uids_from_key): Tweak algorithm to preserve the last
selfsig which helps prevent uid resurrections.
|
|
trustdb.c (clean_uids_from_key, clean_subkeys_from_key): Fix mingw32 build
warnings. Noted by Joe Vender.
|
|
|
|
the subkeys on a key, and mark any that aren't usable for deletion.
Note that a signing subkey is never marked for deletion since these
keys are still useful after expiration or revocation.
* keyedit.c (menu_clean_subkeys_from_key): New function to call
clean_subkeys_from_key() on a key. Note that the strings here are not
marked for translation yet. The UI is still in flux, and there is no
point in annoying the translators twice. (keyedit_menu): Call it here
as part of the "clean" command.
|
|
user IDs on a key, and mark any that aren't valid for deletion.
* keyedit.c (menu_clean_uids_from_key): New function to call
clean_uids_from_key() on a key. (keyedit_menu): Call it from here as
part of the "clean" command.
|
|
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c
(sign_uids): Use seconds rather than days internally to calculate
expiration. We no longer need the day-based code as we don't generate v3
keys.
|
|
--default-cert-expire options. Suggested by Florian Weimer.
* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.
* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
|
|
no-pubkey and chosen revocation cases. (clean_uid): New function to
clean a user ID of unusable (as defined by mark_usable_uid_certs)
certs.
* keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new
"clean" command that removes unusable sigs from a key.
|
|
specifying user ID via the namehash from --with-colons
--fixed-list-mode --list-keys. Suggested by Peter Palfrader.
|
