aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* * encode.c (encode_simple): Make sure that files larger than about 4G useDavid Shaw2002-11-136-27/+102
| | | | | | | | | | | | | | | | | | | partial length encoding. This is required because OpenPGP allows only for 32 bit length fields. From Werner on stable branch. * getkey.c (get_pubkey_direct): Renamed to... (get_pubkey_fast): this and made extern. (get_pubkey_byfprint_fast): New. From Werner on stable branch. * keydb.h, import.c (import_one): Use get_pubkey_fast instead of get_pubkey. We don't need a merged key and actually this might lead to recursions. (revocation_present): Likewise for search by fingerprint. From Werner on stable branch. * g10.c (main): Try to create the trustdb even for non-colon-mode list-key operations. This is required because getkey needs to know whether a a key is ultimately trusted. From Werner on stable branch.
* * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; we don't needDavid Shaw2002-11-136-15/+28
| | | | | | | | | | | | | | | it here as it behaves more like a Posix system. From Werner on stable branch. * passphrase.c (agent_get_passphrase): Ditto. From Werner on stable branch. * tdbio.c (MY_O_BINARY): Need binary mode with Cygwin. From Werner on stable branch. * g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from the registry. From Werner on stable branch.
* * keyedit.c (show_key_with_all_names_colon): Make --with-colons --editDavid Shaw2002-11-135-41/+90
| | | | | | | | | | | | | | | | display match the validity and trust of --with-colons --list-keys. * passphrase.c (agent_send_all_options): Fix compile warning. * keylist.c (list_keyblock_colon): Validity for subkeys should match that of the primary key, and not that of the last user ID. * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry these facts onto all their subkeys, but only after the subkey has a chance to be marked valid. This is to fix an incorrect "invalid public key" error verifying a signature made by a revoked signing subkey, with a valid unrevoked primary key.
* * passphrase.c (agent_send_all_options): Use tty_get_ttyname toWerner Koch2002-11-092-2/+7
| | | | | get the default ttyname.
* * keyring.h, keyring.c (keyring_register_filename): Return the pointer ifDavid Shaw2002-11-086-29/+89
| | | | | | | | | | a given keyring is registered twice. * keydb.h, keydb.c (keydb_add_resource): Use flags to indicate a default keyring. (keydb_locate_writable): Prefer the default keyring if possible. * g10.c (main): Add --default-keyring option.
* * options.h, g10.c (main), trustdb.c (ask_ownertrust): AddDavid Shaw2002-11-074-6/+35
| | | | | | | | --force-ownertrust option for debugging purposes. This allows setting a whole keyring to a given trust during an --update-trustdb. Not for normal use - it's just easier than hitting "4" all the time to test a large trustdb.
* * pubkey-enc.c (get_session_key): With hidden recipients or try a givenDavid Shaw2002-11-066-13/+57
| | | | | | | | | | | | | | | passphrase against all secret keys rather than trying all secret keys in turn. Don't if --try-all-secrets or --status-fd is enabled. * passphrase.c (passphrase_to_dek): Mode 1 means do a regular passphrase query, but don't prompt with the key info. * seckey-cert.c (do_check, check_secret_key): A negative ask count means to enable passphrase mode 1. * keydb.h, getkey.c (enum_secret_keys): Add flag to include secret-parts-missing keys (or not) in the list.
* * keyserver.c (keyserver_search_prompt): When --with-colons is enabled,David Shaw2002-11-052-8/+16
| | | | | | don't try and fit the search output to the screen size - just dump the whole list.
* * keyserver.c (keyserver_search_prompt): When --with-colons is enabled,David Shaw2002-11-052-3/+27
| | | | | just dump the raw keyserver protocol to stdout and don't print the menu.
* * trustdb.c (trust_model_string, check_trustdb, update_trustdb,David Shaw2002-11-042-23/+54
| | | | | | | validate_one_keyblock): It's not clear what a trustdb rebuild or check means with a trust model other than "classic" or "openpgp", so disallow this.
* * options.h, g10.c (main): Add --trust-model option. Current models areDavid Shaw2002-11-037-16/+45
| | | | | | | | | | | | | | "openpgp" which is classic+trustsigs, "classic" which is classic only, and "always" which is the same as the current option --always-trust (which still works). Default is "openpgp". * trustdb.c (validate_one_keyblock): Use "openpgp" trust model to enable trust sigs. * gpgv.c (main), mainproc.c (check_sig_and_print), pkclist.c (do_we_trust, do_we_trust_pre, check_signatures_trust): Use new --trust-model option in place of --always-trust.
* * keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids, keyedit_menu):David Shaw2002-11-034-39/+191
| | | | | | | | | | | Prompt for and create a trust signature with "tsign". This is functional, but needs better UI text. * build-packet.c (build_sig_subpkt): Able to build trust and regexp subpackets. * pkclist.c (do_edit_ownertrust): Comment.
* * keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the fullDavid Shaw2002-11-035-85/+130
| | | | | | | | | | | algorithm name (CAST5, SHA1) rather than the short form (S3, H2). * main.h, keygen.c (keygen_get_std_prefs), keyedit.c (keyedit_menu): Return and use a fake uid packet rather than a string since we already have a nice parser/printer in keyedit.c:show_prefs. * main.h, misc.c (string_to_compress_algo): New.
* * g10.c (main): Add --no-throw-keyid.David Shaw2002-11-016-12/+69
| | | | | | | | | | * keydb.h, encode.c (write_pubkey_enc_from_list), g10.c (main), pkclist.c (build_pk_list): Add --hidden-recipient (-R) and --hidden-encrypt-to, which do a single-user variation on --throw-keyid. The "hide this key" flag is carried in bit 0 of the pk_list flags field. * keyserver.c (parse_keyrec): Fix shadowing warning.
* added RISC OS module loading supportStefan Bellon2002-10-316-13/+37
|
* * build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,David Shaw2002-10-314-5/+12
| | | | | | | encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead of memset() to wipe sensitive memory as the memset() might be optimized away.
* * trustdb.c (check_regexp): Modern regexps require REG_EXTENDED.David Shaw2002-10-302-1/+5
|
* * packet.h, trustdb.h, trustdb.c (trust_string): New. Return a stringDavid Shaw2002-10-309-37/+334
| | | | | | | | | | | | | | | | | | | | | | | | | | like "fully trusted", "marginally trusted", etc. (get_min_ownertrust): New. Return minimum ownertrust. (update_min_ownertrust): New. Set minimum ownertrust. (check_regexp): New. Check a regular epression against a user ID. (ask_ownertrust): Allow specifying a minimum value. (get_ownertrust_info): Follow the minimum ownertrust when returning a letter. (clear_validity): Remove minimum ownertrust when a key becomes invalid. (release_key_items): Release regexp along with the rest of the info. (validate_one_keyblock, validate_keys): Build a trust sig chain while validating. Call check_regexp for regexps. Use the minimum ownertrust if the user does not specify a genuine ownertrust. * pkclist.c (do_edit_ownertrust): Only allow user to select a trust level greater than the minimum value. * parse-packet.c (can_handle_critical): Can handle critical trust and regexp subpackets. * trustdb.h, trustdb.c (clear_ownertrusts), delkey.c (do_delete_key), import.c (import_one): Rename clear_ownertrust to clear_ownertrusts and have it clear the min_ownertrust value as well. * keylist.c (list_keyblock_print): Indent uid to match pub and sig.
* * keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,David Shaw2002-10-297-11/+56
| | | | | | | | | | | | | menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show "T" or the trust depth for trust signatures, and add spaces to some strings to make room for it. * packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt, parse_signature): Parse trust signature values. * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte for the minimum ownertrust value (for use with trust signatures).
* tidied RISC OS filetype supportStefan Bellon2002-10-295-52/+45
|
* filetype support for RISC OSStefan Bellon2002-10-284-8/+66
|
* * main.h, import.c (sec_to_pub_keyblock, import_secret_one,David Shaw2002-10-234-5/+85
| | | | | | | parse_import_options), g10.c (main): New import-option "convert-sk-to-pk" to convert a secret key into a public key during import. It is on by default.
* * pubkey-enc.c (get_it): Fix segv, test for revoked only when PKWerner Koch2002-10-232-1/+6
| | | | | has been assigned.
* 2002-10-18 Timo Schulz <[email protected]>Timo Schulz2002-10-185-57/+69
| | | | | | | | | * keylist.c: (print_pubkey_info): New. (print_seckey_info): New. * main.h: Prototypes for the new functions. * delkey.c (do_delete_key): Use it here. * revoke.c (gen_desig_revoke): Ditto.
* * pkclist.c (do_edit_ownertrust): Show all user IDs. This shouldWerner Koch2002-10-172-0/+35
| | | | | | be enhanced to also show the current trust level. Suggested by Florian Weimer.
* * g10.c (main): Handle --strict and --no-strict from the command lineDavid Shaw2002-10-172-0/+15
| | | | | before the options file is loaded.
* * g10.c (main): Disable --textmode when encrypting (symmetric or pk) inDavid Shaw2002-10-152-0/+17
| | | | | | --pgp2 mode as PGP 2 can't handle the unknown length literal packet. Reported by Michael Richardson.
* * keyserver-internal.h, keyserver.c (print_keyrec, parse_keyrec,David Shaw2002-10-143-205/+403
| | | | | | | | | | show_prompt, keyserver_search_prompt, keyserver_spawn): Go to version 1 of the keyserver protocol. This is a better design, similar to --with-colons, that allows for keys with multiple user IDs rather than using multiple keys. It also matches the machine readable pksd format. Also use a prettier --search-keys listing format that can fill different size windows (currently set at 24 lines).
* * keygen.c (print_status_key_created): New.Werner Koch2002-10-122-1/+27
| | | | | | (do_generate_keypair): Use it to print the fingerprint. (generate_subkeypair): Likewise.
* * keyedit.c (menu_addrevoker): Properly back out if the signature fails.David Shaw2002-10-112-4/+44
| | | | | | Also, do not allow appointing the same revoker twice, and report ALREADY_SIGNED if the user tries it.
* And changelog :)David Shaw2002-10-071-0/+10
|
* * import.c (import_keys_internal): Missed one s/inp/inp2/.David Shaw2002-10-073-9/+15
| | | | | | | | | * keylist.c (print_capabilities): Properly indicate per-key capabilities of sign&encrypt primary keys that have secret-parts-missing (i.e. no capabilities at all) * mainproc.c (symkey_decrypt_sesskey): Fix compiler warning.
* * getkey.c (get_pubkey_direct): Don't cache keys retrieved via thisDavid Shaw2002-10-043-4/+14
| | | | | | | | | function as they may not have all their fields filled in. * sig-check.c (signature_check2): Use new is_primary flag to check rather than comparing main_keyid with keyid as this still works in the case of a not fully filled in pk.
* * import.c (import_keys_internal): s/inp/inp2/ to avoid shadowingWerner Koch2002-10-043-13/+22
| | | | | | | | warning. * passphrase.c (agent_get_passphrase): Fixed signed/unsigned char problem in %-escaping. Noted by Ingo Kl�cker.
* * options.h, g10.c (main): Add --strict and --no-strict to switch theDavid Shaw2002-10-033-0/+10
| | | | | log_warning severity level from info to error.
* * keylist.c (print_capabilities): Secret-parts-missing keys should showDavid Shaw2002-10-034-5/+26
| | | | | | | | | that fact in the capabilities, and only primary signing keys can certify other keys. * packet.h, parse_packet.c (parse_key): Add is_primary flag for public keys (it already exists for secret keys).
* * import.c (import_secret_one): Check for an illegal (>110) protectionDavid Shaw2002-10-027-15/+42
| | | | | | | | | | | | | | | | | | cipher when importing a secret key. * keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing key. * parse_packet.c (parse_key): Some comments. * revoke.c (gen_revoke): Remove some debugging code. * trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option again. * seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher in question is in fact IDEA.
* * import.c (import_one): Make sure that a newly imported key starts with aDavid Shaw2002-10-012-1/+14
| | | | | clean ownertrust.
* * getkey.c (get_pubkey_direct): New.Werner Koch2002-10-012-1/+66
| | | | | | | (merge_selfsigs_main): Use it here to look for an ultimately trusted key. Using the full get_pubkey might lead to an infinitive recursion.
* * keyserver.c (parse_keyserver_uri): Force the keyserver URI scheme toDavid Shaw2002-09-302-0/+13
| | | | | lowercase to be case-insensitive.
* 2002-09-28 David Shaw <[email protected]>David Shaw2002-09-284-14/+40
| | | | | | | | | | | | | | * export.c (do_export_stream): Comment. * sig-check.c (check_key_signature2): Properly handle a non-designated revocation import. 2002-09-26 Werner Koch <[email protected]> * g10.c (set_homedir): New. Changed all direct assignments to use this. * gpgv.c (set_homedir): Ditto.
* * Makefile.am: Link gpg with EGDLIBS (i.e. NETLIBS) as EGD uses sockets.David Shaw2002-09-252-1/+7
| | | | | | Remove the old NETLIBS variable since the keyserver stuff is no longer internal.
* * import.c (import_keys_stream): Fix compiler type warning.David Shaw2002-09-244-11/+19
| | | | | | * keyring.c (keyring_rebuild_cache), sig-check.c (check_key_signature2), import.c (import, chk_self_sigs): Minor language cleanups.
* added fast-import to import-optionsStefan Bellon2002-09-235-21/+33
|
* avoid function cloneStefan Bellon2002-09-222-50/+40
|
* added trustdb update/check for stream import as wellStefan Bellon2002-09-212-3/+16
|
* trustdb checks/updates after importStefan Bellon2002-09-212-1/+16
|
* comment type fixWerner Koch2002-09-201-1/+1
|
* From stable branchDavid Shaw2002-09-193-13/+23
| | | | | | | | | | * keyserver.c (keyserver_spawn): Properly handle line truncation. Don't leak memory (~10-20 bytes) on searches. (keyserver_search_prompt): Cleanup. * keylist.c (list_keyblock_colon): Show 1F direct key signatures in --with-colons listing.
* From stable branchDavid Shaw2002-09-174-26/+102
| | | | | | | | | | | | | | * keyedit.c (menu_addrevoker): The direct key signature for revocation keys must be at least v4 to carry the revocation key subpacket. Add a PGP 2.x warning for revocation keys. * g10.c (check_permissions): Rearrange strings to make translating easier (don't incorporate string parts). * keyedit.c (sign_uids): Make strings translatable. * sig-check.c (check_key_signature2): Make string translatable.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 16:30:19 +0000