| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
report that it can handle it, and we don't want it to.
|
| |
|
|
|
|
|
|
|
| |
saved codeset.
(agent_open): Add arg ORIG_CODESET and switch back to it in case
of error. Changed all callers.
* zh_TW.po, fr.po, cs.po: Updated.
|
| | |
|
| |
|
|
|
|
| |
match key expiry unless --ask-cert-expire is set. Suggested by Peter
Palfrader.
|
| |
|
|
|
|
| |
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
|
| |
|
|
|
|
|
|
|
| |
to enable the uid walking when signing a key with no uids specified to
sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
|
| |
|
|
|
|
|
|
| |
to see if it can handle a particular protocol. (keyserver_typemap): Call
it here.
* Makefile.am: Pull in libcurl for curl_version_info() if used.
|
| |
|
|
|
| |
* cardglue.c (open_card): Use it.
|
| |
|
|
|
|
|
|
|
|
| |
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.
* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
|
| |
|
|
|
|
| |
* ttyio.c (do_get): Move printing of the prompt after disabling
echo. Suggested by Scott Worley.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
when compacting a uid. There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.
* keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed.
* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed). This allows
importing compacted uids.
|
| | |
|
| |
|
|
|
|
| |
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
|
| |
|
|
|
|
|
| |
about missing timestamp or keyid. In case we don't use that key
there won't be no further error and thus gpg does not need to
return with an error.
|
| |
|
|
|
|
|
|
|
|
| |
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing. Like import-clean-sigs, this may nodify the local keyring.
* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
|
| |
|
|
|
|
|
|
| |
import_one): Add import-clean-sigs option to automatically clean a key
when importing. Note that when importing a key that is already on the
local keyring, the clean applies to the merged key - i.e. existing
superceded or invalid signatures are removed.
|
| |
|
|
|
|
| |
that even after keys may be merged together, we only have one chosen
selfsig.
|
| |
|
|
|
| |
import-unusable-sigs is now a noop.
|
| |
|
|
|
|
|
|
|
| |
menu_clean_subkeys_from_key), trustdb.h, trustdb.c
(clean_subkeys_from_key): Remove subkey cleaning function. It is of
very limited usefulness since it cannot be used on any subkey that can
sign, and can only affect multiple selfsigs on encryption-only
subkeys.
|
| |
|
|
|
|
|
|
| |
kbnode.
* trustdb.c (clean_uids_from_key): Further tweak the algorithm so that
the last good selfsig is kept when the chosen selfsig is a revocation.
|
| |
|
|
|
|
| |
(menu_clean_uids_from_key): Tweak algorithm to preserve the last
selfsig which helps prevent uid resurrections.
|
| |
|
|
|
|
|
| |
and revoked uids in fixup_uidnode(). No need to special case in
merge_selfsigs_main(). This also means that an expired uid will have
its selfsig tagged with chosen_selfsig.
|
| |
|
|
|
|
|
|
| |
do_export_stream): Add export-options export-clean-sigs,
export-clean-uids, export-clean-subkeys, and export-clean which is all
of the above. Export-minimal is the same except it also removes all
non-selfsigs. export-unusable-sigs is now a noop.
|
| |
|
|
|
|
|
| |
Noted by Joe Vender.
* passphrase.c [_WIN32]: Remove unused variables.
|
| |
|
|
|
|
| |
trustdb.c (clean_uids_from_key, clean_subkeys_from_key): Fix mingw32 build
warnings. Noted by Joe Vender.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* cardglue.c (assuan_strerror, assuan_transact): Dummy functions
if not build with agent support.
* zh_TW.po, zh_CN.po, es.po, ro.po: Updated.
* tr.po: Updated from TP. Note: this is an exception in general
translations from the Robot are not anymore accepted.
* regcomp.c (MB_CUR_MAX) [_WIN32]: Define it only if not defined.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
the subkeys on a key, and mark any that aren't usable for deletion.
Note that a signing subkey is never marked for deletion since these
keys are still useful after expiration or revocation.
* keyedit.c (menu_clean_subkeys_from_key): New function to call
clean_subkeys_from_key() on a key. Note that the strings here are not
marked for translation yet. The UI is still in flux, and there is no
point in annoying the translators twice. (keyedit_menu): Call it here
as part of the "clean" command.
|
| |
|
|
|
|
|
|
|
| |
user IDs on a key, and mark any that aren't valid for deletion.
* keyedit.c (menu_clean_uids_from_key): New function to call
clean_uids_from_key() on a key. (keyedit_menu): Call it from here as
part of the "clean" command.
|
| |
|
|
|
| |
"clean" UI can be finished.
|
| |
|
|
|
|
|
| |
* cardglue.c (unescape_status_string): Removed. Changed all
caller to use ...
* misc.c (unescape_percent_string): New.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
* cardglue.c (open_card): Check USE_AGENT.
(agent_scd_checkpin): Implemented Assuan part.
(agent_scd_change_pin): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10.c (main): Option --debug-ccid-driver may now be given
several times increase the debug level.
* ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version
5.14 as good.
(do_close_reader): Never do a reset. The caller should instead
make sure that the reader has been closed properly. The new retry
code in ccid_slot_status will make sure that the readersatrts up
fine even if the last process didn't closed the USB connection
properly.
(ccid_get_atr): For certain readers try switching to ISO mode.
Thanks to Ludovic Rousseau for this hint and the magic numbers.
(print_command_failed): New.
(bulk_in): Use it here. Add new arg NO_DEBUG.
(ccid_slot_status): Disabled debugging.
|
| |
|
|
|
|
|
|
|
|
|
| |
(agent_scd_writekey, inq_writekey_parms): New.
(agent_openpgp_storekey): Removed.
* cardglue.h: Add a few more error code mappings.
* keygen.c (copy_mpi): Removed.
(save_unprotected_key_to_card): Changed to use agent_scd_writekey.
* app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer
version in gnupg 1.9 CVS.
|
| |
|
|
|
|
| |
bit in the R-block than in the I block, this was wrong at one
place. Fixes bug #419 and hopefully several others.
|
| |
|
|
|
|
|
|
|
|
|
| |
comment packets.
* export.c (do_export_stream): Don't export comment packets any
longer.
* options.h, g10.c (main): Remove --sk-comments and --no-sk-comments
options, and replace with no-op.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
selfsig into both the pk and sk, so that someone importing their sk (which
will get an autoconvert to the pk) won't end up with two selfsigs.
(do_generate_keypair): Call it from here.
* parse-packet.c (can_handle_critical_notation): New. Check for
particular notation tags that we will accept when critical. Currently,
that's only [email protected], since we know how to handle
it (pass it through to a mail program). (can_handle_critical): Call it
from here. (parse_one_sig_subpkt): Sanity check that notations are
well-formed in that the internal lengths add up to the size of the
subpacket.
|
| |
|
|
|
|
| |
Some folks reported that it makes the SCR335 hang less often.
Look at the source on how to re-enable it.
|
| |
|
|
|
|
|
|
| |
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c
(sign_uids): Use seconds rather than days internally to calculate
expiration. We no longer need the day-based code as we don't generate v3
keys.
|
| |
|
|
|
| |
default sig expire value when signing in batchmode.
|
| |
|
|
|
| |
use any of these functions any longer.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(do_generate_keypair): Use it here rather than creating and deleting a
comment packet.
* keygen.c (gen_elg, gen_dsa): Do not put public factors in secret key as
a comment.
* options.h, encode.c (encode_simple, encode_crypt), keygen.c (do_create):
Remove disabled comment packet code.
|
| |
|
|
|
| |
preferences.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
--default-cert-expire options. Suggested by Florian Weimer.
* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.
* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changed all callers.
(ask_passphrase): Add new arg CACHEID and use it in agent mode.
Changed all callers.
(passphrase_clear_cache): New arg CACHEID. Changed all callers.
* cardglue.c (format_cacheid): New.
(pin_cb): Compute a cache ID.
(agent_scd_pksign, agent_scd_pkdecrypt): Use it.
(agent_clear_pin_cache): New.
* card-util.c (change_pin): Clear the PIN cache.
(check_pin_for_key_operation): Ditto.
|
| |
|
|
|
|
|
|
|
|
| |
no-pubkey and chosen revocation cases. (clean_uid): New function to
clean a user ID of unusable (as defined by mark_usable_uid_certs)
certs.
* keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new
"clean" command that removes unusable sigs from a key.
|
| |
|
|
|
|
| |
specifying user ID via the namehash from --with-colons
--fixed-list-mode --list-keys. Suggested by Peter Palfrader.
|
| |
|
|
|
|
|
| |
a key without specifying which user IDs to sign, and declines to sign
all user IDs, walk through the set of user IDs and prompt for which to
sign.
|
