| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
fix_pks_corruption): It's really PKS corruption, not HKP corruption.
Keep the old repair-hkp-subkey-bug command as an alias.
* g10.c (main): Rename --no-version to --no-emit-version for consistency.
Keep --no-version as an alias.
|
| | |
|
| |
|
|
|
|
| |
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove unused
code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
than a CERT.
* import.c (delete_inv_parts): Discard any key signatures that aren't key
types (i.e. 0x00, 0x01, etc.)
* g10.c (main): Add deprecated option warning for --list-ownertrust. Add
--compression-algo alias for --compress-algo. Change --version output
strings to match "showpref" strings, and make translatable.
* status.c (do_get_from_fd): Accept 'y' as well as 'Y' for --command-fd
boolean input.
* trustdb.c: Fix typo (DISABLE_REGEXP -> DISABLE_REGEX)
* keyedit.c (show_key_with_all_names_colon): Show no-ks-modify flag.
|
| |
|
|
|
|
|
|
|
| |
keyserver option. Defaults to on.
* passphrase.c (agent_get_passphrase): Fix memory leak with symmetric
messages. Fix segfault with symmetric messages. Fix incorrect prompt
with symmetric messages.
|
| |
|
|
|
|
| |
the output of implementations which don't run for PGP 2
compatibility won't get garbled.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fully valid keys so that disabled keys are still counted in the web of
trust. (get_ownertrust_with_min): Do the same for the minimum ownertrust
calculation.
* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations. Fix cosmetic off-by-one length counter.
* options.skel: Add explantion and commented-out
"no-mangle-dos-filenames".
* mainproc.c (proc_encrypted): Make string translatable.
* keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit characters
in the uid strings sent to the keyserver helper.
* keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the
signature caches to prevent another gpg from tampering with the temporary
copy.
* keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in default
prefs.
* keyedit.c (show_prefs): Make strings translatable.
* keydb.c: Double the maximum number of keyrings to 40.
* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.
* g10.c (main): --openpgp disables --pgpX. Double the amount of secure
memory to 32k (keys are getting bigger these days).
* Makefile.am: Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
about the key in the data sent to the keyserver helper. This allows the
helper to use it in instructing a remote server which may not have any
actual OpenPGP smarts in parsing keys.
* main.h, export.c (export_pubkeys_stream, do_export_stream): Add ability
to return only the first match in an exported keyblock for keyserver
usage. This should be replaced at some point with a more flexible
solution where each key can be armored seperately.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(segfault). Noted by Marcus Brinkmann. Push and reinitialize textmode
filter for each file in a multiple file list.
* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Set and show
the keyserver no-modify flag.
* keygen.c (add_keyserver_modify): New. (keygen_upd_std_prefs): Call it
here. (keygen_set_std_prefs): Accept "ks-modify" and "no-ks-modify" as
prefs to set and unset keyserver modify flag.
|
| |
|
|
|
|
|
|
| |
ciphers.
* main.h, misc.c (idea_cipher_warn): We don't need this if IDEA has been
disabled.
|
| |
|
|
|
| |
if they are disabled.
|
| |
|
|
|
|
| |
Use 3DES for the s2k cipher in --openpgp mode. (print_mds): #ifdef all of
the optional digest algorithms.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
per-desc item. Merge into one function since 'force_exact' is no longer
needed. (key_byname): Use new classify_user_id function, and new exact
flag in KEYDB_SEARCH_DESC.
* keyring.h, keyring.c (keyring_search): Return an optional index to show
which KEYDB_SEARCH_DESC was the matching one.
* keydb.h, keydb.c (keydb_search): Rename to keydb_search2, and pass the
optional index to keyring_search. Add a macro version of keydb_search
that calls this new function.
* export.c (do_export_stream): If the keyid! syntax is used, export only
that specified key. If the key in question is a subkey, export the
primary plus that subkey only.
|
| |
|
|
|
|
|
|
|
| |
* g10.c (print_hex, print_mds): Print long hash strings a lot neater.
This assumes at least an 80-character display, as there are a few other
similar assumptions here and there. Users who need unformatted hashes can
still use with-colons. Check that SHA384 and 512 are available before
using them as they are no longer always available.
|
| |
|
|
|
| |
GNUPG_LIBEXECDIR so it can be easily overridden at make time.
|
| |
|
|
|
|
|
|
| |
armor Hash: header.
* g10.c (print_hex): Print long hash strings a little neater. (print_mds):
Add the new SHAs to the hash list.
|
| |
|
|
|
|
|
| |
(treat as a v4 revocation).
* import.c (print_import_check): Do not re-utf8 convert user IDs.
|
| |
|
|
|
|
|
|
| |
sig records.
* keylist.c (list_keyblock_colon), mainproc.c (list_node): Show trust sig
information in with-colons sig records.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
matter where the user puts the = sign.
* options.skel: Comment out the first three lines in case someone manually
copies the skel file to their homedir.
* sign.c (clearsign_file): Only use pgp2mode with v3 keys and MD5. This
matches what we do when decoding such messages and prevents creating a
message (v3+RIPEMD/160) that we can't verify.
* sig-check.c (signature_check2): Use G10ERR_GENERAL as the error for
signature digest conflict. BAD_SIGN implies that a signature was checked
and we may try and print out a user ID for a key that doesn't exist.
|
| |
|
|
|
|
|
|
| |
to indicate a dirty trustdb, and never auto-rebuild a dirty trustdb with
the "always" trust model.
* g10.c (add_group): Last commit missed the \t ;)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
keydb.h, keyid.c (namehash_from_uid): New function to rmd160-hash the
contents of a user ID packet and cache it in the uid object.
* keylist.c (list_keyblock_colon): Use namehash in field 8 of uids. Show
dates for creation (selfsig date), and expiration in fields 6 and 7.
* trustdb.c (get_validity, get_validity_counts, update_validity): Use new
namehash function rather than hashing it locally.
|
| |
|
|
|
| |
delimiter in a row and also allow tab as delimiter.
|
| |
|
|
|
| |
non-fully-qualified trustdb names.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Simplify by returning a ? for error directly.
* keyedit.c (show_key_with_all_names): Use get_validity_string and
get_ownertrust_string to show full word versions of trust (i.e. "full"
instead of 'f').
* trustdb.h, trustdb.c (get_ownertrust_string, get_validity_string): Same
as get_ownertrust_info, and get_validity_info, except returns a full
string.
* trustdb.c (get_ownertrust_with_min): New. Same as 'get_ownertrust' but
takes the min_ownertrust value into account.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* trustdb.h, trustdb.c (trust_letter): Make static. (get_ownertrust_info,
get_validity_info): Don't mask the trust level twice.
* trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info),
keylist.c (list_keyblock_colon), keyedit.c (show_key_with_all_names_colon,
menu_revuid): Pass a user ID in rather than a namehash, so we only have to
do the hashing in one place.
* packet.h, pkclist.c (build_pk_list), free-packet.c
(release_public_key_parts): Remove unused namehash element for public
keys.
|
| |
|
|
|
| |
when IDEA is not available.
|
| |
|
|
|
| |
any more.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
trustdb.c (update_validity): Store temporary full & marginal counts in the
trustdb. (clear_validity, get_validity_counts): Return and clear temp
counts. (store_validation_status): Keep track of which keyids have been
stored. (validate_one_keyblock, validate_key_list): Use per-uid copies of
the full & marginal counts so they can be recalled for multiple levels.
(validate_keys): Only use unused keys for each new round.
(reset_unconnected_keys): Rename to reset_trust_records, and only skip
specifically excluded records.
|
| |
|
|
|
|
|
| |
capabilities section.
* trustdb.c (is_disabled): Remove incorrect comment.
|
| |
|
|
|
|
|
|
|
|
|
| |
interactive import if status is enabled.
* keyring.c (keyring_search): skipfnc didn't work properly with non-keyid
searches. Noted by Stefan Bellon.
* getkey.c (merge_selfsigs_main): Remove some unused code and make sure
that the pk selfsigversion member accounts for 1F direct sigs.
|
| |
|
|
|
|
|
|
| |
terminates but check again for the existence of the directory and
continue then.
* openfile.c (copy_options_file): Print a warning if the skeleton
file has active options.
|
| |
|
|
|
|
|
|
| |
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
|
| |
|
|
|
|
|
|
| |
there are no keys to refresh or if there is no keyserver set.
* getkey.c (merge_selfsigs_main): Any valid user ID should make a key
valid, not just the last one. This also fixes Debian bug #174276.
|
| | |
|
| |
|
|
|
|
| |
user ID. This is the same as issuing a revocation for the self-signature,
but a much simpler interface to do it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
disabled keys. Keys specified via keyid (i.e. 0x...) are always included.
* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.
* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt. Do include disabled keys for the default key and
--encrypt-to.
* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.
* gpgv.c (is_disabled): Stub.
* keygen.c (keygen_add_key_expire): Properly handle updating a key
expiration to a no-expiration value.
* keyedit.c (enable_disable_key): Comment.
* import.c (import_one): When in interactive mode and --verbose, don't
repeat some key information twice.
|
| |
|
|
|
|
|
|
|
|
| |
* import.c (print_import_check): New.
(import_one): Use it here.
Use merge_keys_and_selfsig in the interactive mode to avoid
wrong key information.
* status.h: Add new status code.
* status.c: Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
user" rather than "owner". Noted by Stefan Bellon.
* trustdb.h, trustdb.c (trustdb_pending_check): New function to
check if the trustdb needs a check.
* import.c (import_keys_internal): Used here so we don't rebuild
the trustdb if it is still clean.
(import_one, chk_self_sigs): Only mark trustdb dirty if the key
that is being imported has any sigs other than self-sigs.
Suggested by Adrian von Bidder.
* options.skel: Include the required '=' sign in the sample
'group' option. Noted by Stefan Bellon.
* import.c (chk_self_sigs): Don't try and check a subkey as if it
was a signature.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RECTYPE_TRUST records a bit.
* g10.c (main): Comment out --list-trust-path until it can be implemented.
* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.
* keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.
|
| | |
|
| |
|
|
|
|
|
| |
* options.h (opt): Added mangle-dos-filenames.
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
filename only when this option is set; this is the default.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Minimal isn't always best.
* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time. Make sure that this doesn't
cause a time warp.
* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).
* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.
* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).
* packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
|
| |
|
|
|
|
|
|
|
| |
and make sure that the version record update was successful.
(init_trustdb): If the current parameters aren't what was used for
building the trustdb, the trustdb is invalid.
* tbio.c (tdbio_db_matches_options): Update to work with new trustdbs.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
model in the trustdb version record. (tdbio_update_version_record): New
function to update version record values during a trustdb check or update.
(tdbio_dump_record): Show trust model in dump.
* trustdb.c (validate_keys): Call tdbio_update_version_record on success
so that the correct options are stored in the trustdb.
* options.h: rearrange trust models so that CLASSIC is 0 and OPENPGP is 1.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode. This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.
* getkey.c (finish_lookup): Comment.
* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.
* g10.c (add_notation_data): Fix initialization.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
expiration date of a subkey. This is not the most optimal solution, but
it is minimal change on the stable branch.
* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.
* import.c (fix_hkp_corruption): Comment.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Return the default algorithm by trying --cipher-algo/--compress-algo, then
the first item in the pref list, then s2k-cipher-algo or ZIP.
* sign.c (sign_file, sign_symencrypt_file), encode.c (encode_simple,
encode_crypt): Call default_cipher_algo and default_compress_algo to get
algorithms.
* g10.c (main): Allow pref selection for compress algo with --openpgp.
|
| |
|
|
|
| |
mangling rather than --digest-algo.
|
| |
|
|
|
|
|
|
| |
--personal-digest-preferences is, then use the first hash algorithm in the
personal list. If the signing algorithm is DSA, then use the first
160-bit hash algorithm in the personal list. If --pgp2 is set and it's a
v3 RSA key, use MD5.
|
