| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (PKT_public_key): Increased size of req_usage to 16.
* g10/getkey.c (key_byname): Set allow_adsk in the context if ir was
requested via req_usage.
(finish_lookup): Allow RENC usage matching.
* g10/keyedit.c (append_adsk_to_key): Adjust the assert.
* g10/keygen.c (prepare_adsk): Also allow to find an RENC subkey.
--
If an ADSK is to be added it may happen that an ADSK subkey is found
first and this should then be used even that it does not have the E
usage. However, it used to have that E usage when it was added.
While testing this I found another pecularity: If you do
gpg -k ADSK_SUBKEY_FPR
without the '!' suffix and no corresponding encryption subkey is dound,
you will get an unusabe key error. I hesitate to fix that due to
possible side-effects.
GnuPG-bug-id: 6882
Backported-from-master: d30e345692440b9c6677118c1d20b9d17d80f873
Note that we still use the NO_AKL and not the newer TRY_LDAP in 2.2.
We may want to backport that change as well.
|
| |
|
|
|
|
|
|
|
| |
* g10/keygen.c (prepare_adsk): Emit status error.
--
This is useful for GPGME.
GnuPG-bug-id: 7322
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (has_key_with_fingerprint): New.
* g10/keyedit.c (menu_addadsk): Replace code by new function.
(keyedit_quick_addadsk): Handle magic arg "default".
* g10/keygen.c (append_all_default_adsks): New.
--
GnuPG-bug-id: 6882
(cherry picked from commit 77afc9ee1c75a28083edf6d98888f9b472c3e39d)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (enum cmd_and_opt_values): Add aQuickAddADSK.
(opts): Add --quick-add-adsk.
(main): Call the actual function.
* g10/keyedit.c (keyedit_quick_addadsk): New.
(menu_addadsk): Add arg adskfpr and change caller.
--
GnuPG-bug-id: 6395
(cherry picked from commit 9f27e448bf1f825906f3c53e3428087d34bbd8fc)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/free-packet.c (copy_public_key): Factor some code out to ...
(copy_public_key_basics): new.
* keygen.c (keygen_add_key_flags_and_expire): Rewrite and make public.
* g10/keyedit.c (enum cmdids): Add cmdADDADSK.
(keyedit_menu): Add command "addadsk".
(menu_addadsk): New.
* g10/options.h (opt): Add field def_new_key_adsks.
* g10/gpg.c (oDefaultNewKeyADSK): New.
(opts): Add --default-new-key-adsk.
(main): Parse option.
* g10/keyedit.c (menu_addadsk): Factor some code out to ...
(append_adsk_to_key): new. Add compliance check.
* g10/keygen.c (pADSK): New.
(para_data_s): Add adsk to the union.
(release_parameter_list): Free the adsk.
(prepare_adsk): New.
(get_parameter_adsk): New.
(get_parameter_revkey): Remove unneeded arg key and change callers.
(proc_parameter_file): Prepare adsk parameter from the configured
fingerprints.
(do_generate_keypair): Create adsk.
--
GnuPG-bug-id: 6882
(cherry picked from commit ed118e2ed521d82c1be7765a0a19d5b4f19afe10)
and modified to adjust to other code changes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c (agent_probe_secret_key): Change semantics of
return value.
* g10/call-agent.h (agent_probe_secret_key): Change comment.
* g10/delkey.c (do_delete_key): Follow the change.
* g10/getkey.c (get_seckey, parse_def_secret_key): Likewise.
(finish_lookup, have_secret_key_with_kid): Likewise.
* g10/gpgv.c (agent_probe_secret_key): Likewise.
* g10/keyedit.c (keyedit_menu, quick_find_keyblock): Likewise.
(show_key_with_all_names_colon): Likewise.
* g10/revoke.c (gen_desig_revoke, gen_revoke): Likewise
* g10/test-stubs.c (agent_probe_secret_key): Likewise.
--
Cherry picked from 2.4 branch of:
853d5b7677ea01f65c9bc5160cd8509b62f486f7
GnuPG-bug-id: 3416
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
| |
* g10/keyedit.c (keyedit_quick_sign): Return an error status line.
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/card-util.c (card_store_subkey): Add arg processed_keys.
* g10/keyedit.c (keyedit_menu): Delete secret key.
--
This used to work using the gpg-agent: learn we called at "save" time.
However, the recent change inhibited the creation of a shadow key by
learn if a regular key still exists. Now we do an explicit delete key
at save time. This syncs the behaviour with the description of the
man page.
GnuPG-bug-id: 6378
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (PUBKEY_USAGE_RENC): New.
(PUBKEY_USAGE_TIME): New.
(PUBKEY_USAGE_GROUP): New.
* g10/getkey.c (parse_key_usage): Set the new key flags.
* g10/keyedit.c (show_key_with_all_names_colon): Show the new key
flags.
* g10/keyid.c (usagestr_from_pk): Ditto
* g10/keylist.c (print_capabilities): Ditto.
* g10/keygen.c (parse_usagestr): Parse line and set new flags.
(quickgen_set_para): Show flags.
--
See draft-koch-openpgp-2015-rfc4880bis-00 for the current version.
Actually these flags have been in the draft for years now. This patch
is a first step to make use of them.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (aQuickUpdatePref): New.
(opts): Add --quick-update-pref.
(main): Implement.
* g10/keyedit.c (keyedit_quick_update_pref): New.
(menu_set_preferences): Add arg 'unattended' and adjust caller.
--
This new quick command is in particular useful to update existing keys
so that they can be used with OCB mode.
(cherry picked from commit d40d23b233f0b2e6fc25937f1632ac5b9d4f61e5)
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (LIST_SHOW_PREF): New.
(LIST_SHOW_PREF_VERBOSE): New.
* g10/gpg.c (parse_list_options): Add new options.
* g10/keyedit.c (show_prefs): Factor code out to ...
* g10/keylist.c (show_preferences): new.
(list_keyblock_print): Call show_preferences.
--
Backported-from-master: 811cfa34cb3e7166f0cf1f94565504dee21cd9f5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (find_userid_by_namehash, find_userid): New.
(keyedit_quick_revuid): Use find_userid() instead of iterating over the
nodes of the keyblock.
* tests/openpgp/quick-key-manipulation.scm: Add test for revoking a
user ID specified by its hash.
--
This makes it possible to specify the user ID to revoke as UID hash when
calling --quick-revoke-uid.
GnuPG-bug-id: 5936
(cherry picked from commit 35b17550706c8b7479ae96654feb97c05263cfc9)
|
| |
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (oForceSignKey,opts): New option "--force-sign-key".
(main): Set it.
* g10/options.h (opt): New flag flags.force_sign_key.
* g10/keyedit.c (sign_uids): Use new flag.
--
GnuPG-bug-id: 4584
|
| |
|
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_quick_revsig): Take signature of correct node
--
GnuPG-bug-id: 5093
(cherry picked from commit db3854f55c91ca9c34cf6a306081c3709798db3d)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (enum cmd_and_opt_values): Add aQuickRevSig.
(opts): Add --quick-revoke-sig.
(main): Implement.
* g10/keyedit.c (quick_find_keyblock): Add arg 'want_secret' and
adjust all callers.
(keyedit_quick_revsig): new.
* g10/revoke.c (get_default_sig_revocation_reason): New.
* g10/keylist.c (cmp_signodes): New.
--
GnuPG-bug-id: 5093
Backported-from-master: 243f9176e799b2328f2e5bed93099bfc474fdc5a
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (preftype_t): Add PREFTYPE_AEAD.
* g10/keyedit.c (show_prefs): Print AEAD preferences.
* g10/getkey.c (fixup_uidnode): Set AEAD flags.
(merge_selfsigs): Ditto.
--
Although we are not able to create such keys we should be abale to
show them.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/keydb.h (enum get_pubkey_modes): New.
* g10/getkey.c (get_pubkey_byname): Repalce no_akl by a mode arg and
change all callers.
--
This change prepares the implementation of GET_PUBKEY_NO_LOCAL.
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 9980f81da765f88a65604ab083563bf15ccdb425)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/import.c (NODE_TRANSFER_SECKEY): New.
(import): Add attic kludge.
(transfer_secret_keys): Add arg only_marked.
(resync_sec_with_pub_keyblock): Return removed seckeys via new arg
r_removedsecs.
(import_secret_one): New arg r_secattic. Change to take ownership of
arg keyblock. Implement extra secret key import logic. Factor some
code out to ...
(do_transfer): New.
(import_matching_seckeys): New.
--
The PGP desktops exported secret keys are really stupid. And they
even a have kind of exception in rfc4880 which does not rule that
out (section 11.2):
[...] Implementations SHOULD include self-signatures on any user
IDs and subkeys, as this allows for a complete public key to be
automatically extracted from the transferable secret key.
Implementations MAY choose to omit the self-signatures, especially
if a transferable public key accompanies the transferable secret
key.
Now if they would only put the public key before the secret
key. Anyway we now have a workaround for that ugliness.
GnuPG-bug-id: 4392
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 5205512fc092c53c0a52c8379ef2a129ce6e58a9)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (show_basic_key_info): New arg 'print_sec'. Remove
useless code for "sub" and "ssb".
* g10/import.c (import_one): Pass FROM_SK to show_basic_key_info. Do
not print the first keyinfo in FROM_SK mode.
printing.
--
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit f64477db86568bdc28c313bfeb8b95d8edf05a3c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/trust.c (mark_usable_uid_certs, clean_sigs_from_uid)
(clean_uid_from_key, clean_one_uid, clean_key): Move to ...
* g10/key-clean.c: new file.
* g10/key-clean.h: New.
* g10/Makefile.am (gpg_sources): Add new files.
* g10/export.c, g10/import.c, g10/keyedit.c, g10/trustdb.c: Include
new header.
* g10/trustdb.h (struct key_item, is_in_klist): Move to ...
* g10/keydb.h: here.
--
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 135e46ea480d749b8a9692f71d4d0bfdadd8ee2f)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (get_user_id_string): Add arg R_NOUID. Change call
callers.
(get_user_id): Add arg R_NOUID. Change call callers.
* g10/mainproc.c (issuer_fpr_string): Make global.
* g10/keylist.c (list_keyblock_colon): Print a '?' for a missing key
also in --list-mode. Print the "issuer fpr" field also if there is an
issuer fingerprint subpacket.
--
Scripts used to rely on the "User ID not found" string even in the
--with-colons listing. However, that is not a good idea because that
string is subject to translations etc. Now we have an explicit way of
telling that a key is missing. For example:
gpg --list-sigs --with-colons | \
awk -F: '$1=="sig" && $2=="?" {if($13){print $13}else{print $5}}'
Prints all keyids or fingerprint of signing keys for which we do not
have the key in our local keyring.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/keyedit.c (menu_changeusage): Make strings translatable.
--
GnuPG-bug-id: 3816
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* g10/keyedit.c (change_passphrase): Take care of --dry-run.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_menu): Fix messages.
--
GnuPG-bug-id: 3787
Fixes-commit: a74aeb5dae1f673fcd98b39a6a0496f3c622709a
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (KEYEDIT_NEED_SUBSK): New.
(cmds): Add this flag to keytocard, bkuptocard, expire, and passwd.
(keyedit_menu): Check whether only subkeys are available and take care
of that in the command check and in the HELP listing. Also print a
different notice if only subkeys are available.
--
Print "Secret key is available" and the bailing out in all commands
which require the _primary_ secret key was surprising. Now we print
another notice and adjust the checks.
GnuPG-bug-id: 3463
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (KEYEDIT_NOT_SK, KEYEDIT_ONLY_SK): Remove.
(cmds): Remove them.
--
These flags were cruft from the time we had to switch between secret
and public key view.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_quick_revuid): Write status error on error.
Signed-off-by: Marcus Brinkmann <[email protected]>
GnuPG-bug-id: 2963
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/key-check.c (key_check_all_keysigs): Add arg mode and change all
output calls to use it.
* g10/keyedit.c (keyedit_print_one_sig): Add arg fp and chnage all
output calls to use it.
(keyedit_menu): Adjust for changes.
* g10/gpgcompose.c (keyedit_print_one_sig): Add dummy arg fp.
* g10/import.c (import_one): Call key_check_all_keysigs with output to
the log stream.
--
Fixes-commit: 404fa8211b6188a0abe83ef43a4b44d528c0b035
GnuPG-bug-id: 3288
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_quick_set_expire): Add new arg subkeyfprs.
(menu_expire): Rename arg force_mainkey to unattended and allow
unattended changing of subkey expiration.
* g10/gpg.c (main): Extend --quick-set-expire.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/Makefile.am (gpg_sources): Add new files.
* g10/gpgcompose.c (keyedit_print_one_sig): New stub.
* g10/keyedit.c (sig_comparison): Move to new module.
(check_all_keysigs): Likewise.
(fix_keyblock): Adapt callsite.
(keyedit_menu): Likewise.
* g10/key-check.c: New file.
* g10/key-check.h: Likewise.
GnuPG-bug-id: 2236
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/Makefile.am (gpg_SOURCES): Add new file.
* g10/keyedit.c (NODFLG_*): Move flags to the new header file.
(print_one_sig): Export symbol and rename accordingly.
(print_and_check_one_sig): Adapt accordingly.
(check_all_keysigs): Likewise.
* g10/keyedit.h: New file.
* g10/main.h: Drop declarations, include new header.
GnuPG-bug-id: 2236
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/compliance.c (gnupg_compliance_option_string): New function.
* common/compliance.h (gnupg_compliance_option_string): New prototype.
* g10/encrypt.c (write_pubkey_enc_from_list): Update callsite.
* g10/gpg.c (main): Likewise.
* g10/keyedit.c (keyedit_menu): Likewise.
* g10/pkclist.c (build_pk_list): Likewise.
* g10/main.h (compliance_option_string): Remove prototype.
* g10/misc.c (compliance_option_string): Remove function.
GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
--
In addition, fix trailing spaces in tests/inittests.
GnuPG-bug-id: 3121
Reported-by: ka7 (klemens)
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
--
For proper operations as a server we need to avoid global variables.
Thus we need to pass the session state CTRL to most functions. Quite
a lot of changes but fortunately straightforward to do.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (struct parse_packet_ctx_s): Add fields LAST_PKT and
FREE_LAST_PKT.
(init_parse_packet): Clear them.
(deinit_parse_packet): New macro. Change all users if
init_parse_packet to also call this macro.
* g10/free-packet.c (free_packet): Add arg PARSECTX and handle shallow
packet copies in the context. Change all callers.
* g10/parse-packet.c (parse): Store certain packets in the parse
context.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (struct parse_packet_ctx_s): New.
(parse_packet_ctx_t): New type.
(init_parse_packet): New macro.
* g10/parse-packet.c (parse_packet, dbg_parse_packet): Change to take
a parse context. Change all callers to provide a context instead of
directly supplying the input stream.
(search_packet, dbg_search_packet): Ditto.
(copy_all_packets, dbg_copy_all_packets): Init an use a parse context.
(copy_some_packets, dbg_copy_some_packets): Ditto.
(skip_some_packets, dbg_skip_some_packets): Ditto.
--
We will need this change to handle ring packets inside the parser.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (aQuickSetPrimaryUid): New const.
(opts): New command --quick-set-primary-uid.
(main): Implement it.
* g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ...
(quick_find_keyblock): new func.
(keyedit_quick_revuid): Use quick_find_keyblock.
(keyedit_quick_set_primary): New.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (PKT_user_id): Move 'is_primary', 'is_revoked', and
'is_expired' into the flags bitfield, and drop the prefix.
* g10/call-dirmngr.c: Adapt accordingly.
* g10/export.c: Likewise.
* g10/getkey.c: Likewise.
* g10/import.c: Likewise.
* g10/kbnode.c: Likewise.
* g10/keyedit.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyserver.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pubkey-enc.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
--
This patch has been created by applying the following semantic patch:
@@
expression E;
@@
-E->is_expired
+E->flags.expired
@@
expression E;
@@
-E->is_primary
+E->flags.primary
@@
expression E;
@@
-E->is_revoked
+E->flags.revoked
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_quick_revuid): Merge self signatures, then
make sure that we do not revoke the last valid UID.
(menu_revuid): Make sure that we do not revoke the last valid UID.
* tests/openpgp/quick-key-manipulation.scm: Demonstrate that
'--quick-revoke-uid' can not be used to revoke the last valid UID.
GnuPG-bug-id: 2960
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* g10/Makefile.am (AM_CPPFLAGS): Ditto.
* g13/Makefile.am (AM_CPPFLAGS): Ditto.
* kbx/Makefile.am (AM_CPPFLAGS): Ditto.
* scd/Makefile.am (AM_CPPFLAGS): Ditto.
* sm/Makefile.am (AM_CPPFLAGS): Ditto.
* tools/Makefile.am (AM_CPPFLAGS): Ditto.
* Throughout: Follow the change.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_quick_revuid): Signal an error when trying to
revoke non-existant UID.
* tests/openpgp/quick-key-manipulation.scm: Test that.
GnuPG-bug-id: 2962
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE.
Change to return an error code. Change all callers to to pass False
for NO_CREATE.
(tdb_get_ownertrust): New arg NO_CREATE. Call init_trustdb to test
for a non-existing trustdb. Change all callers to to pass False for
NO_CREATE.
(tdb_get_min_ownertrust): Ditto.
* g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE. Call
init_trustdb for a quick check.
(get_ownertrust_info): Add arg NO_CREATE.
(get_ownertrust_string): Ditto.
* g10/gpgv.c (get_ownertrust_info): Adjust stub.
* g10/test-stubs.c (get_ownertrust_info): Ditto.
* g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE
set.
* g10/pubkey-enc.c (get_it): Ditto.
--
Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b
For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to
gnupg-devel 'test failure on git master with
decrypt-session-key.scm (and: continuous integration?)'
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
--
This fixes extra word repetitions (like "the the" or "is is") in the
code and docs.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keylist.c (show_policy_url): Implement MODE -1.
(show_keyserver_url): Ditto.
(show_notation): Ditto.
* g10/keyedit.c (print_one_sig): Print policy URL, keyserver URL and
notation data to the tty.
--
With this change the listing of signatures in the key edit menu does
now include policy URLs et al in order and not possible after leaving
the menu (it used to go to stdout and not the tty).
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (aQuickSetExpire): New.
(opts): New option --quick-set-expire.
(main): Implement option.
* g10/keyedit.c (menu_expire): Add args FORCE_MAINKEY and
NEWEXPIRATION. Change semantics of the return value. Change caller.
(keyedit_quick_set_expire): New.
--
This patch partly solves
GnuPG-bug-id: 2701
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/trust.c (get_validity): Add new, optional parameter KB. Only
load the keyblock if KB is NULL. Update callers.
(get_validity): Likewise.
* g10/trustdb.c (tdb_get_validity_core): Likewise.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 2812
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/tofu.c (initdb): Add column effective_policy to the bindings
table.
(record_binding): New parameters effective_policy and set_conflict.
Save the effective policy. If SET_CONFLICT is set, then set conflict
according to CONFLICT. Otherwise, preserve the current value of
conflict. Update callers.
(get_trust): Don't compute the effective policy here...
(get_policy): ... do it here, if it was not cached. Take new
parameters, PK, the public key, and NOW, the time that the operation
started. Update callers.
(show_statistics): New parameter PK. Pass it to get_policy. Update
callers.
(tofu_notice_key_changed): New function.
* g10/gpgv.c (tofu_notice_key_changed): New stub.
* g10/import.c (import_revoke_cert): Take additional argument CTRL.
Pass it to keydb_update_keyblock.
* g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL.
Update callers.
[USE_TOFU]: Call tofu_notice_key_changed.
* g10/test-stubs.c (tofu_notice_key_changed): New stub.
* tests/openpgp/tofu.scm: Assume that manually setting a binding's
policy to auto does not cause the tofu engine to forget about any
conflict.
--
Signed-off-by: Neal H. Walfield <[email protected]>
We now store the computed policy in the tofu DB (in the
effective_policy column of the bindings table) to avoid computing it
every time, which is expensive. Further, policy is never overridden
in case of a conflict. Instead, we detect a conflict if CONFLICT is
not empty.
This change is backwards compatible to existing DBs. The only minor
incompatibility is that unresolved conflicts won't be automatically
resolved in case we import a direct signature, or cross signatures.
|
| |
|
|
|
|
| |
--
Reported-by: Nathan Musoke <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/keyedit.c (menu_adduid): Don't copy 'sig'.
--
Fixes-commit: 809d67e74014cb563efd965744fd11f87bbae743
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
* g10/keyedit.c (menu_adduid): Deallocate 'sig'.
Signed-off-by: Justus Winter <[email protected]>
|
