| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* build-aux/speed/w32/inst.nsi: stop installing skeleton files.
* doc/gpg.texi: stop documenting skeleton files.
* g10/Makefile.am: stop installing skeleton files.
* g10/openfile.c (copy_options_file): Remove.
(try_make_homedir): do not call copy_options_file.
--
The defaults for gpg and dirmngr are good. Both programs should work
fine for the simple case without any config file. The skeleton config
files were being copied at first use (when the defaults are fine).
But when the user needs to fiddle with them (after they've become
sophisticated users), they're likely out of date because gpg has been
upgraded since then. So they're used for documentation, but they're
stale documentation, which is probably worse than a clean empty file.
GnuPG-bug-id: 3086
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
|
--
Some of the options are too rarley used to deserve an entry in the
skeleton config file. Some are even the default for many years.
Added auto-key-locate because that is a very useful option.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/dirmngr-conf.skel: New.
* g10/Makefile.am (EXTRA_DIST): Add file.
(install-data-local, uninstall-local): Install that file.
* g10/openfile.c (copy_options_file): Add arg "name", return a value,
simplify with xstrconcat, and factor warning message out to:
(try_make_homedir): here. Also install dirmngr.conf.
* g10/options.skel: Remove --keyserver entry.
--
The option --keyserver in gpg has been deprecated in favor of
--keyserver in dirmngr.conf. Thus we need to install a skeleton file
for dirmngr to set a default keyserver.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
Also fixed some of my own copyright notices due to the termination of
my assignment. The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.
|
|
* g10/options.skel: Update.
(cherry picked from commit f3c5cc8bcd37e38b5d65db6a50466e22d03d1f0c)
|
|
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces. In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much. For future commits the pre-commit scripts
checks that this won't happen again.
|
|
has defaulted to off since 2007-10-25).
|
|
|
|
Change default keyserver.
Allow key protection with Camellia.
|
|
|
|
viewer at runtime. Seems FC5 doesn't have xloadimage.
|
|
Josefsson's page for CERT.
|
|
336211 by Javier Fernández-Sanguino Peña.
|
|
samples since it is being shut down.
* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.
|
|
|
|
--show-photos, --show-policy-url, --show-notation, and their respective
no- forms.
* options.skel: Remove show-photos and replace with list/verify-options
show-photos. Remove no-mangle-dos-filenames.
* misc.c (parse_options): Allow for incomplete (but unambiguous) options.
|
|
|
|
* options.skel: Note that keyserver.pgp.com isn't synchronized, and
explain the roundrobin a bit better.
* sig-check.c (check_key_signature2), import.c (import_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids,
merge_blocks): Make much quieter during import of slightly munged, but
recoverable, keys. Use log_error for unrecoverable import failures.
* keyring.c (keyring_rebuild_cache): Comment.
* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.
|
|
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
|
|
'GNUPG-1-9-BRANCH'.
|
|
they at least handle subkeys correctly.
* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
parse_one_sig_subpkt, can_handle_critical): Add read-only support for
preferred keyserver subpackets. They're basically policy URLs with a
different name. Add a verify-option "show-preferred-keyserver" to turn
them on and off (on by default, as per stable branch).
* g10.c (main): Add "--set-notation" as alias to "--notation-data" this is
to make things consistent with --set-policy-url meaning both sigs and
certs.
|
|
fully valid keys so that disabled keys are still counted in the web of
trust. (get_ownertrust_with_min): Do the same for the minimum ownertrust
calculation.
* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations. Fix cosmetic off-by-one length counter.
* options.skel: Add explantion and commented-out
"no-mangle-dos-filenames".
* mainproc.c (proc_encrypted): Make string translatable.
* keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit characters
in the uid strings sent to the keyserver helper.
* keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the
signature caches to prevent another gpg from tampering with the temporary
copy.
* keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in default
prefs.
* keyedit.c (show_prefs): Make strings translatable.
* keydb.c: Double the maximum number of keyrings to 40.
* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.
* g10.c (main): --openpgp disables --pgpX. Double the amount of secure
memory to 32k (keys are getting bigger these days).
* Makefile.am: Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
|
|
matter where the user puts the = sign.
* options.skel: Comment out the first three lines in case someone manually
copies the skel file to their homedir.
* sign.c (clearsign_file): Only use pgp2mode with v3 keys and MD5. This
matches what we do when decoding such messages and prevents creating a
message (v3+RIPEMD/160) that we can't verify.
* sig-check.c (signature_check2): Use G10ERR_GENERAL as the error for
signature digest conflict. BAD_SIGN implies that a signature was checked
and we may try and print out a user ID for a key that doesn't exist.
|
|
user" rather than "owner". Noted by Stefan Bellon.
* trustdb.h, trustdb.c (trustdb_pending_check): New function to
check if the trustdb needs a check.
* import.c (import_keys_internal): Used here so we don't rebuild
the trustdb if it is still clean.
(import_one, chk_self_sigs): Only mark trustdb dirty if the key
that is being imported has any sigs other than self-sigs.
Suggested by Adrian von Bidder.
* options.skel: Include the required '=' sign in the sample
'group' option. Noted by Stefan Bellon.
* import.c (chk_self_sigs): Don't try and check a subkey as if it
was a signature.
|
|
'GNUPG-1-9-BRANCH'.
|
|
|
|
* options.skel: The PGP LDAP keyserver is back. Use MIT keyserver as a
sample rather than cryptnet as cryptnet does not support searching yet.
* keyedit.c (show_key_with_all_names): Fix error message (preferences are
userid/selfsig and not key specific).
|
|
chk_self_sigs. This improves efficiency as the same signatures are not
checked multiple times. Clarify when a subkey is revoked (any revocation
signature, even if it is dated before the binding signature).
* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.
* keylist.c (list_one): Stats are only for public key listings.
* g10.c (main), options.skel: Default should be include-revoked for
keyserver operations.
|
|
|
|
section for random gatherers.
* keyring.c (create_tmp_file, rename_tmp_file): Create tmp files with
user-only permissions, but restore the original permissions if the user
has something special set.
* openfile.c (copy_options_file): Create new options file (gpg.conf) with
user-only permissions.
* keydb.c (keydb_add_resource): Create new keyrings with user-only
permissions.
|
|
* gpg.sgml: Fixed doc regarding the name change of the option
file.
|
|
viewers for Win32 since they are the defaults now.
* parse-packet.c (make_attribute_uidname), keylist.c (dump_attribs): Fix
two typecast warnings.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
