| Commit message (Collapse) | Author | Files | Lines |
|---|
|
(list_keyblock_print), pkclist.c (do_edit_ownertrust), keyedit.c
(menu_showphoto), photoid.c (generate_photo_id, show_photos), misc.c
(pct_expando): Add %v and %V expandos so that displaying photo IDs can
show the attribute validity tag (%v) and string (%V). Originally by
Daniel Gillmor.
|
|
pick a consensus winner across all keys.
|
|
|
|
|
|
Implemented key helper kdns
|
|
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
|
|
Removed intl/.
|
|
doc/
* com-certs.pem: Added the current root certifcates of D-Trust and
S-Trust.
g10/
* status.c (write_status_begin_signing): New.
* sign.c (sign_file, sign_symencrypt_file): Call it.
* textfilter.c (copy_clearsig_text): Call it.
* call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if
required.
* gpg.c (main): Let --no-use-agent and --gpg-agent-info print a
warning.
* misc.c (obsolete_option): New.
|
|
|
|
|
|
|
|
|
|
|
|
union for preference hints rather than doing void * games.
* sign.c (sign_file): Use it here.
|
|
a key that clearly isn't DSA1 (i.e. q!=160).
|
|
|
|
|
|
to disable.
* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.
* sign.c (match_dsa_hash): New. Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set. q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.
|
|
Still does not build.
|
|
The gpg part does not yet build.
|
|
(check_signatures_trust), mainproc.c (check_sig_and_print,
pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so that it
is a verify-option now.
|
|
|
|
|
|
|
|
so that gpg can get the key from DNS. This helps with opportunistic
encryption. No integration with the trust modell yet.
|
|
Noted by Michael Schierl.
|
|
|
|
|
|
|
|
|
|
Elgamal signing keys since we no longer support any Elgamal signing keys.
* sign.c (sign_file, clearsign_file): Use "writing to" instead of "writing
to file" to match other strings.
* pkclist.c (check_signatures_trust): Fix typo. Noted by Moray Allan.
This is Debian bug #278708.
* passphrase.c (ask_passphrase, passphrase_to_dek): "password" ->
"passphrase".
* keyedit.c (show_key_with_all_names): Show designated revoker as part of
translatable string.
|
|
missed possible \"username\" quotes.
|
|
* keygen.c (ask_user_id): Ditto.
* helptext.c: Typo fix.
|
|
trust since the meaning is different.
* keyedit.c (trustsig_prompt): Change the strings to match the ones in
pkclist.c:do_edit_ownertrust to make translation easier.
* trustdb.c (trust_model_string, get_validity): Add direct trust model
which applies to the key as a whole and not per-uid.
* options.h, g10.c (parse_trust_model): New. (main): Call it from here to
do string-to-trust-model.
|
|
showing the user ID as mainproc.c:print_pkenc_list.
* mainproc.c (print_pkenc_list): Allow translating the quotes around the
user ID.
* card-util.c, g10.c, photoid.c, trustdb.c: The last of the \"%s\" -> `%s'
quoting for things that aren't user IDs.
* keyserver.c (keyserver_spawn): If there is no keyserver host, print the
whole URI since it is self-contained.
|
|
photoid.c, revoke.c: Some yes-or-no prompts end in "(y/n)". Some don't.
Consistently use y/n everywhere.
|
|
* mainproc.c (check_sig_and_print), pkclist.c (do_edit_ownertrust):
Improve translatability of user ID prompts.
|
|
a revoked or expired key, so BUG() that case. Remove question about
overriding revoked/expired. Also --keyid-format-ify. (do_we_trust_pre):
Use print_pubkey_info() instead of printing the info ourselves.
* passphrase.c (passphrase_to_dek): Improve translatability of user ID
prompts.
* keylist.c (print_pubkey_info): Use the user ID the pk was selected by,
if any.
|
|
* g10.c (main): New alias --throw-keyid for --throw-keyids, so that it
continues to work in old configuration files. Noted by Jens Adam.
* pkclist.c (algo_available): --pgp8 now allows blowfish, zlib, and bzip2.
* status.c (do_get_from_fd): Flush stdout if status isn't flushing it for
us. This guarantees that any menus that were displayed before the prompt
don't get stuck in a buffer. Noted by Peter Palfrader. This is Debian
bug #254072.
* sign.c (update_keysig_packet): Revert change of 2004-05-18. It is not
appropriate to strip policy and notations when remaking a sig. That
should only happen when specifically requested by the user.
|
|
which we hashed them when issuing the signature. Noted by Nicholas Cole.
* pkclist.c (do_edit_ownertrust): Fix a kbnode leak and do another
keyid-format conversion.
|
|
keyserver to happen even if there is no global keyserver set.
* sig-check.c (do_check_messages): No need to check for Elgamal signatures
any longer. (do_check_messages, do_check, check_key_signature2):
--keyid-format conversion.
* pkclist.c (show_paths, edit_ownertrust): Remove some unused code.
|
|
(check_signatures_trust): Indicate who has revoked a key (the owner or a
designated revoker). If a key was revoked by both, prefer the owner.
|
|
* sig-check.c (check_revocation_keys): Comments.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.
* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs. It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.
* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.
* compress-bz2.c: Include stdio.h. Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
* tdbio.c: Fixed format string bugs related to the use of DB_NAME.
Reported by Florian Weimer.
|
|
mode.
* getkey.c (get_seckey_byname2): Disallow use of sign+encrypt Elgamal
keys.
|
|
the user to stop at any point.
|
|
list of ultimately trusted keys.
* keygen.c (do_generate_keypair): Use it here so that the ultimate
ownertrust happens before the trustdb (might be) rebuilt. Also fix an
error where the newly generated pk is thought to be a subkey by the
trustdb.
* g10.c (main): Fix --export-all do actually do something different than
--export.
* pkclist.c (build_pk_list): Show all recipients rather than showing each
recipient as they are added.
* mainproc.c (proc_symkey_enc, proc_encrypted): Keep a count of the number
of passphrases that can decrypt a symmetric or mixed symmetric/pk message
and include it in the list of keys shown to the user.
|
|
* trustdb.c (validate_keys): Give a little more information while
rebuilding trustdb.
* pkclist.c (do_edit_ownertrust): Clarify "don't know".
* g10.c (main): Default to --no-mangle-dos-filenames.
|
|
|
|
pkclist.c (algo_available): Drop TIGER/192 support.
|
|
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types. Note, that not all changes are listed below becuause they are
too similar and done at far too many places. As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
|
