| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
"pka" when those features are disabled.
* misc.c (has_invalid_email_chars): Fix some C syntax that broke the
compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha. Noted by Nelson H.
F. Beebe.
|
| |
|
|
|
|
|
|
| |
keyserver helpers on systems that use extensions.
* misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing with
drive letter systems.
|
| |
|
|
|
|
|
|
|
| |
add 0x19 backsigs to old keys that don't have them.
* misc.c (parse_options): Fix build warning.
* main.h, keygen.c (make_backsig): Make public.
|
| |
|
|
|
|
|
|
|
| |
strings in xxx-options commands.
* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
algorithms.
* keyedit.c (sign_uids): Don't request a signing key to make a
certification.
* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?) (print_key_flags): Show certify flag. (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* main.h, misc.c (path_access): New. Same as access() but does a PATH
search like execlp.
* keyserver.c (curl_can_handle): Removed. Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort. This is necessary because PGP LDAP and curl LDAP are apples
and oranges. (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.
|
| |
|
|
|
|
| |
so that gpg can get the key from DNS. This helps with opportunistic
encryption. No integration with the trust modell yet.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
|
| |
|
|
|
|
|
|
|
|
| |
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.
* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
|
| | |
|
| |
|
|
|
|
|
| |
* cardglue.c (unescape_status_string): Removed. Changed all
caller to use ...
* misc.c (unescape_percent_string): New.
|
| |
|
|
|
|
|
|
|
|
|
| |
(add_keyserver_url): Use isascii() to protect the isfoo macros and
to replace direct tests. Possible problems noted by Christian
Biere.
* keyserver.c (parse_keyserver_uri): Ditto.
* g10.c (main): Declare --pipemode deprecated.
* misc.c (deprecated_command): New.
|
| |
|
|
|
| |
not there. This may happen due to typos in the translation.
|
| |
|
|
|
|
|
|
| |
* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.
|
| |
|
|
|
|
|
|
|
| |
initialization.
* gpgv.c (i18n_init) [W32]: Ditto.
* simple-gettext.c (set_gettext_file): Use MO files depending on
the installation directory. Add new arg REGKEY.
|
| |
|
|
|
|
|
| |
MD5, so give a warning. (print_pubkey_algo_note, print_cipher_algo_note,
print_digest_algo_note): Give the algorithm name in the experimental algo
warning.
|
| |
|
|
|
|
|
|
| |
* strgutil.c (w32_strerror): New.
* ttyio.c (init_ttyfp, tty_printf, do_get): Use it here.
* iobuf.c (fd_cache_open, file_filter): Likewise.
(iobuf_seek, translate_file_handle): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* keydb.c (maybe_create_keyring)
* tdbio.c (tdbio_set_dbname)
* plaintext.c (handle_plaintext)
* openfile.c (copy_options_file, open_outfile)
* exec.c (exec_write)
* keygen.c (do_generate_keypair, gen_card_key_with_backup)
* sign.c (sign_file, clearsign_file)
* keyring.c (create_tmp_file, do_copy): Check for secured files
before creating them.
* keygen.c (print_status_key_created): s/unsigned char/byte/ due
to a strange typedef for RISC OS. Noted by Stefan.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
* misc.c (get_signature_count): New. Get the signature count from a
smartcard. (pct_expando): Call it here so the %c expando becomes the
number of signatures issued. This allows for notations or the like with
an automatic signature count.
* ccid-driver.c (usb_get_string_simple): Replacement function to work with
older libusb.
|
| |
|
|
|
| |
whitespace afterwards.
|
| |
|
|
|
| |
spaces" type options.
|
| |
|
|
|
|
|
|
| |
and properly handle a partial match against an option with an argument.
* keyserver-internal.h, keyserver.c (parse_keyserver_options): Use new
optsep and argsplit functions.
|
| |
|
|
|
| |
they can be called separately.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
along with a zero length, interpret this as an actual zero length packet
and not as an indeterminate length packet. (do_comment, do_user_id): Use
it here as these packets might be naturally zero length.
* parse-packet.c (parse): Show packet type when failing due to an
indeterminate length packet.
* misc.c (parse_options): Only provide args for the true (i.e. not
"no-xxx") form of options.
|
| |
|
|
|
|
|
| |
* main.h, misc.c (parse_options), export.c (parse_export_options),
import.c (parse_import_options), g10.c (main): Use it here to allow for
options with optional arguments. Change all callers.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
runtime as it properly handles algorithms disabled at build or run time.
* getkey.c (merge_selfsigs_main): Properly handle expired user IDs when
the expired self-sig is not the only self-sig.
* misc.c (compress_algo_to_string): Return NULL on failure like all of the
other xxxx_algo_to_string() functions.
* mainproc.c (list_node): Minor spacing tweak to match --list-keys output.
* keylist.c (list_keyblock_print), mainproc.c (list_node): Mark revoked
subkeys as revoked. Requested by Matthew Wilcox. Revoked overrides
expiration when both apply.
* keyedit.c (show_prefs): Use compress algo constants.
(show_basic_key_info): Make revoked and expired tags translatable.
* g10.c (rm_group): Properly ungroup from a list of groups.
|
| |
|
|
|
|
|
|
| |
at this point.
* keygen.c (do_create), misc.c (openpgp_pk_algo_usage): Remove the
last bits of Elgamal type 20 support.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sig-check.c (check_revocation_keys): Comments.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.
* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs. It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.
* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.
* compress-bz2.c: Include stdio.h. Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
* tdbio.c: Fixed format string bugs related to the use of DB_NAME.
Reported by Florian Weimer.
|
| |
|
|
|
|
|
|
|
| |
the messages about which option didn't match or matched ambiguously.
Change all callers (g10.c, keyserver.c).
* main.h, import.c (import_options), export.c (export_options): Pass the
noisy flag through.
|
| |
|
|
|
|
|
| |
* misc.c (compress_algo_to_string): Translate "Uncompressed". Requested by
Tommi Vainikainen. (string_to_compress_algo): Include multi-string for
"uncompressed|none".
|
| |
|
|
|
|
| |
(init_compress): Add --compress-level and --bzip2-compress-level. -z sets
them both. Change various callers.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
check_compress_algo): Add bzip2.
* compress.c (compress_filter): Make static to help force the use of
push_compress_filter. Remove default algorithm setting since that is done
in push_compress_filter now.
* main.h: Use named algorithm.
* filter.h, compress.c (push_compress_filter, push_compress_filter2): New.
Figure out which is the appropriate compression filter to use, and push it
into place.
* compress.c (handle_compressed), encode.c (encode_simple, encode_crypt),
sign.c (sign_file, sign_symencrypt_file), import.c (read_block), export.c
(do_export): Use push_compress_filter instead of pushing the compression
filter ourselves.
* compress-bz2.c: New. Bzlib versions of the compression filter routines.
* Makefile.am: Include compress-bz2.c if bz2lib is available.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changed all callers.
* cardglue.c (pin_cb): Use it here, so the machine interface can
tell whether the Admin PIN is requested.
* cardglue.c (agent_scd_checkpin): New.
* misc.c (openpgp_pk_algo_usage): Added AUTH usage.
* app-openpgp.c (check_against_given_fingerprint): New. Factored
out that code elsewhere.
(do_check_pin): New.
* card-util.c (card_edit): New command "passwd". Add logic to
check the PIN in advance.
(card_status): Add new args to return the serial number. Changed
all callers.
|
| |
|
|
|
|
|
|
|
|
|
| |
--show-photos, --show-policy-url, --show-notation, and their respective
no- forms.
* options.skel: Remove show-photos and replace with list/verify-options
show-photos. Remove no-mangle-dos-filenames.
* misc.c (parse_options): Allow for incomplete (but unambiguous) options.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
|
| |
|
|
|
|
|
|
|
| |
bug in the old version that did not handle report syntax errors after a
valid entry.
* import.c (parse_import_options), export.c (parse_export_options): Call
it here instead of duplicating the code.
|
| |
|
|
|
|
|
|
|
| |
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c,
signal.c, textfilter.c: Edit all preprocessor instructions to remove
whitespace before the '#'. This is not required by C89, but there are some
compilers out there that don't like it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket. This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.
* options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex. This is step one in simplifying them. No
functional change yet, just use a macro to check for compliance level.
* sign.c (sign_file): Fix bug that causes spurious compression preference
warning.
* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.
* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file,
clearsign_file), encode.c (encode_crypt, write_pubkey_enc_from_list): New
functions to put the "this message may not be usable...." warning in one
place.
* options.h, g10.c (main): Part two of the simplification. Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)
* g10.c (main): Show errors for failure in export, send-keys, recv-keys,
and refresh-keys.
* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.
* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.
* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.
|
| |
|
|
|
|
|
|
| |
ciphers.
* main.h, misc.c (idea_cipher_warn): We don't need this if IDEA has been
disabled.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Return the default algorithm by trying --cipher-algo/--compress-algo, then
the first item in the pref list, then s2k-cipher-algo or ZIP.
* sign.c (sign_file, sign_symencrypt_file), encode.c (encode_simple,
encode_crypt): Call default_cipher_algo and default_compress_algo to get
algorithms.
* g10.c (main): Allow pref selection for compress algo with --openpgp.
|
| |
|
|
|
|
|
|
| |
string.
* misc.c (string_to_compress_algo): "none" is a bad choice since it
conflicts with the "none" in setpref.
|
| |
|
|
|
|
|
|
|
| |
--compress-algo. The old algorithm names still work for backwards
compatibility.
* misc.c (string_to_compress_algo): Allow "none" as an alias for
"uncompressed".
|
| |
|
|
|
|
|
|
|
|
|
| |
algorithm name (CAST5, SHA1) rather than the short form (S3, H2).
* main.h, keygen.c (keygen_get_std_prefs), keyedit.c (keyedit_menu):
Return and use a fake uid packet rather than a string since we already
have a nice parser/printer in keyedit.c:show_prefs.
* main.h, misc.c (string_to_compress_algo): New.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
|
| | |
|
