| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
--with-colons listing.
|
| |
|
|
|
| |
transition to 1.4.
|
| |
|
|
|
|
|
| |
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized
away.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
(get_pubkey_fast): this and made extern.
(get_pubkey_byfprint_fast): New.
* import.c (import_one): Use get_pubkey_fast instead of
get_pubkey. We don't need a merged key and actually this might
lead to recursions. --> There is still a problem, though.
(revocation_present): Likewise for search by fingerprint.
* g10.c (main): Try to create the trustdb even for non-colon-mode
list-key operations. This is required because getkey needs to
know whether a a key is ultimately trusted.
|
| | |
|
| | |
|
| |
|
|
|
| |
has been assigned.
|
| |
|
|
|
|
|
|
|
|
| |
we don't need it here as it behaves more like a Posix system.
* passphrase.c (agent_get_passphrase): Ditto.
* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.
* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from
the registry.
|
| |
|
|
|
|
| |
be enhanced to also show the current trust level. Suggested by
Florian Weimer.
|
| |
|
|
|
|
| |
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
of sign&encrypt primary keys that have secret-parts-missing (i.e. no
capabilities at all).
|
| |
|
|
|
|
|
|
|
| |
function as they may not have all their fields filled in.
* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
|
| |
|
|
|
| |
problem in %-escaping. Noted by Ingo Kl�cker.
|
| |
|
|
|
| |
that fact in the capabilities.
|
| |
|
|
|
|
|
|
| |
(it already exists for secret keys).
* keylist.c (print_capabilities): Only primary signing keys can certify
other keys.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cipher when importing a secret key.
* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.
* parse_packet.c (parse_key): Some comments.
* revoke.c (gen_revoke): Remove some debugging code.
* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
|
| |
|
|
|
| |
in question is in fact IDEA.
|
| |
|
|
|
|
| |
clean ownertrust. (import_revoke_cert): Remove ultimate trust when
revoking an ultimately trusted key.
|
| |
|
|
|
|
|
| |
(merge_selfsigs_main): Use it here to look for an ultimately
trusted key. Using the full get_pubkey might lead to a infinitive
recursion.
|
| |
|
|
|
|
| |
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
|
| |
|
|
|
| |
lowercase to be case-insensitive.
|
| |
|
|
|
| |
revocation import.
|
| |
|
|
|
|
| |
this.
* gpgv.c (set_homedir): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
| |
--with-colons listing.
* keyserver.c (keyserver_spawn): Properly handle line truncation. Don't
leak memory (~10-20 bytes) on searches.
(keyserver_search_prompt): Cleanup.
* hkp.c (hkp_search): Properly handle line truncation.
|
| |
|
|
|
|
| |
keys must be at least v4 to carry the revocation key subpacket. Add a PGP
2.x warning for revocation keys.
|
| |
|
|
|
| |
already done for 1.2.
|
| |
|
|
|
|
|
|
|
| |
(don't incorporate string parts).
* keyedit.c (sign_uids): Make strings translatable.
* sig-check.c (check_key_signature2): Make string translatable.
|
| |
|
|
|
|
|
|
|
|
|
| |
* main.h, sig-check.c (check_revocation_keys): to here. Also return the
signature_check error code rather than 0/1 and cache the sig result.
* sig-check.c (check_key_signature2): Divert to check_revocation_keys if a
revocation sig is made by someone other than the pk owner.
* getkey.c (merge_selfsigs_main): Tidy.
|
| | |
|
| |
|
|
|
| |
commands.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
|
| |
|
|
|
| |
(exec_write): Missed one tick.
|
| | |
|
| |
|
|
|
|
|
| |
Use a better error message for when no = is found.
* hkp.c (hkp_export): Use CRLF in headers.
|
| |
|
|
|
|
|
| |
printing the list of keys a message was encrypted to. This would make gpg
give a non-zero exit code even for completely valid messages if the
message was encrypted to more than one key that the user owned.
|
| |
|
|
|
|
|
|
|
| |
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.
* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
|
| |
|
|
|
|
| |
user. This (or a disabled key) fail with "unavailable pubkey"
(G10ERR_UNU_PUBKEY).
|
| |
|
|
|
|
|
|
|
| |
* options.skel: The PGP LDAP keyserver is back. Use MIT keyserver as a
sample rather than cryptnet as cryptnet does not support searching yet.
* keyedit.c (show_key_with_all_names): Fix error message (preferences are
userid/selfsig and not key specific).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* encode.c (encode_simple,encode_crypt): Use new style CTB for
compressssed packets when using MDC. We need to do this so that
concatenated messages are properly decrypted. Old style
compression assumes that it is the last packet; given that we
can't determine the length in advance, the uncompressor does not
know where to start. Actually we should use the new CTB always
but this would break PGP 2 compatibility.
* parse-packet.c (parse): Special treatment for new style CTB
compressed packets.
* build-packet.c (do_mdc): Removed. Was not used.
(do_encrypted_mdc): Count the version number and the MDC packet.
|
| |
|
|
|
|
| |
* keyserver.c (print_keyinfo): More readable key listings for
--search-keys responses.
|
| |
|
|
|
|
|
| |
"dehtmlize" function. Remove HTML before trying to parse each line from
the keyserver. If the keyserver provides key type information in the
listing, use it.
|
| |
|
|
|
|
|
|
| |
even for cached sigs. This also serves to protect against missing a sig
expiring while cached.
* getkey.c (merge_selfsigs_main): Don't check UID self-sigs twice.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
chk_self_sigs. This improves efficiency as the same signatures are not
checked multiple times. Clarify when a subkey is revoked (any revocation
signature, even if it is dated before the binding signature).
* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.
* keylist.c (list_one): Stats are only for public key listings.
* g10.c (main), options.skel: Default should be include-revoked for
keyserver operations.
|
| |
|
|
|
| |
which is currently not used becuase we terminate on errors.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* export.c (do_export_stream): Fix noop bug in exporting sensitive
revocation keys.
* pkclist.c (do_edit_ownertrust): Comment out the option for showing trust
paths until it can be implemented.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(get_user_id_printable): this. Filter out all dangerous
characters. Checked all usages.
(get_user_id_string_native): Renamed to..
(get_user_id_string_printable): this. Filter out all dangerous
characters. Checked all usages.
* keyedit.c (show_basic_key_info): New.
* keylist.c (print_fingerprint): New mode 3.
* import.c (import_one): Use new function to display the user ID.
|
| |
|
|
|
|
|
|
|
| |
* g10.c (main): enable opt.interactive.
* import.c (import_one): Ask the user if the key shall be
imported when the interactive mode is used. Useful to extract
selected keys from a file.
|
