| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
|
|
Set PUBKEY_USAGE_UNKNOWN to handle flags (i.e. authentication) that we
don't understand in this branch. (fixup_uidnode, merge_selfsigs_main,
merge_selfsigs_subkey): Call it from here to remove duplicate code. This
is bug 378.
|
|
mismatch when some secret subkeys are missing. Discovered by Michael
Roth.
|
|
before acquiring a lock for the keyring.
|
|
HTML responses.
* keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
and remove the printable stuff since we're print-ifying valid utf8
characters. Change all callers in import.c, sign.c, and encode.c.
|
|
before displaying it.
* keyserver.c (keyserver_search_prompt): Comments.
|
|
substituting code to actually do clever things. Thanks to
Matthias Urlichs for noting the implementation problem.
|
|
error state as send by current gpg-agents.
|
|
|
|
(maybe_create_keyring): .. new. Make sure that we do the checks
in a locked state. Problem reported by Stefan Haller.
|
|
* Makefile.am (LDADD): Replaced INTLLIBS by LIBINTL.
* Makefile.am (gpgkeys_hkp_LDADD): Replaced INTLLIBS by LIBINTL.
* ca.po: Updated.
* autogen.sh: Run aclocal with -I m4.
* Makefile.am: Replaced INTLLIBS by LIBINTL.
* Makefile.am (http-test): Replaced INTLLIBS by LIBINTL.
|
|
continues to work in old configuration files. Noted by Jens Adam.
|
|
|
|
us. This guarantees that any menus that were displayed before the prompt
don't get stuck in a buffer. Noted by Peter Palfrader. This is Debian
bug #254072.
|
|
|
|
appropriate to strip policy and notations when remaking a sig. That
should only happen when specifically requested by the user.
|
|
--symmetric messages.
|
|
hash algorithm before we try to generate a passphrase using it. This
prevents hitting BUG() when generating a passphrase using a hash that we
don't have.
|
|
expired user IDs. Also, once we've established that a given uid cannot or
will not be signed, don't continue to ask about each sig.
|
|
New status tags PLAINTEXT and PLAINTEXT_LENGTH.
|
|
successfully before we try and use it.
|
|
|
|
|
|
continuing confusion and make room for possible changes in devel.
* parse-packet.c (parse_plaintext): Show the hex value for the literal
packet mode since it may not be printable.
|
|
|
|
out when remaking a self-signature. Noted by Atom Smasher.
|
|
close the files.
(do_generate_keypair): Create the secret key file using safe
permissions. Noted by Atom Smasher.
|
|
large files in the same way as in encode.c.
|
|
backsigs.
* getkey.c (merge_selfsigs_subkey): Find 0x19 backsigs on subkey selfsigs
and verify they are valid. If DO_BACKSIGS is not defined, fake this as
always valid.
* packet.h, parse-packet.c (parse_signature): Make parse_signature
non-static so we can parse 0x19s in self-sigs.
* main.h, sig-check.c (check_backsig): Check a 0x19 signature.
(signature_check2): Give a backsig warning if there is no or a bad 0x19
with signatures from a subkey.
|
|
can_handle_critical): Parse and display 0x19 signatures.
|
|
"hkp". They are not the same thing.
|
|
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
|
|
* plaintext.c (handle_plaintext): Accept 'u' as a plaintext mode that
requires end of line conversion. This is being considered for a UTF8 text
packet. If this doesn't take place, no major harm done. If it does take
place, we'll get a jump on starting the changeover.
|
|
|
|
user ID so the new ID gets validity set. Reported by Owen Taylor.
|
|
(packet header indicates a size larger than the actual packet) encrypted
data packets when not compressing and using a filename longer than 255
characters.
|
|
--bzip2-decompress-lowmem since we do handle receiving a bzip2 message on
the stable branch.
|
|
primary warning for subkey expiration changes. These cannot reorder
primaries.
|
|
which self-sig we actually chose.
* keyedit.c (menu_expire, menu_set_primary_uid, menu_set_preferences): Use
it here to avoid updating non-used self-sigs and possibly promoting an old
self-sig into consideration again.
|
|
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
|
|
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
|
|
for the first time.
* build-packet.c (do_comment, do_user_id): Try for a headerlen of 2 since
that's the smallest and most likely encoding for these packets
* keyedit.c (menu_addrevoker): Allow appointing a subkey as a designated
revoker if the user forces it via keyid!, so long as the subkey can
certify. Also use the proper date string when prompting for confirmation.
|
|
* mainproc.c (check_sig_and_print): track whether we are
retrieving a key.
* status.c (status_currently_allowed): New.
(write_status_text, write_status_text_and_buffer): Use it here.
|
|
designated revoker.
|
|
present if --expert is set.
* plaintext.c (handle_plaintext): Make bytecount static so it works with
multiple literal packets inside a message.
|
|
* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level. If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
|
|
--min-cert-check-level option to specify minimum cert check level.
Defaults to 1 (so no sigs are ignored). 0x10 sigs cannot be ignored.
* options.h, g10.c (main), plaintext.c (handle_plaintext): Add
--max-output option to help people deal with decompression bombs.
|
|
as they require a new CTB, and we don't support forced headers for new
CTBs yet.
|
