| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
(signature_check2): Add --require-backsigs and --no-require-backsigs.
Currently defaults to --no-require-backsigs.
|
| |
|
|
|
|
|
| |
keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks. All is well, so I'm turning generation of backsigs on for new
keys. Checking for backsigs on verification is still off.
|
| | |
|
| | |
|
| |
|
|
| |
Filelength fixes for W32.
|
| |
|
|
|
| |
prompt.
|
| |
|
|
|
|
|
|
| |
IDs as well as regular text IDs.
* plaintext.c (ask_for_detached_datafile): Use make_filename() on
filename so tilde expansion works.
|
| |
|
|
|
|
|
|
|
| |
strings in xxx-options commands.
* keyserver.c (keyserver_opts), import.c (parse_import_options),
export.c (parse_export_options), g10.c (parse_list_options, main):
Add help strings to xxx-options.
|
| |
|
|
|
|
|
| |
show_key_with_all_names. (keyedit_menu): Call it here for pref and
showpref so they can show only the selected user ID. Suggested by
Timo Schulz.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
parse_attribute_subpkts): Make a number of warnings verbose items.
These fire on many slightly mangled keys in the field, so the
warning is becoming burdensome.
|
| |
|
|
|
|
|
|
| |
suggested filename.
* keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto
filename" works.
|
| |
|
|
|
| |
expansion for the JPEG prompt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
algorithms.
* keyedit.c (sign_uids): Don't request a signing key to make a
certification.
* keygen.c (do_add_key_flags): Force the certify flag on for all
primary keys, as the spec requires primary keys must be able to
certify (if nothing else, which key is going to issue the user ID
signature?) (print_key_flags): Show certify flag. (ask_key_flags,
ask_algo): Don't allow setting the C flag for subkeys.
* keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish
between a sign/certify key and a certify-only key.
|
| |
|
|
|
| |
Suggested by Michael Schierl.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* main.h, misc.c (path_access): New. Same as access() but does a PATH
search like execlp.
* keyserver.c (curl_can_handle): Removed. Replaced by...
(curl_cant_handle): We are now relying on curl as the handler of last
resort. This is necessary because PGP LDAP and curl LDAP are apples
and oranges. (keyserver_typemap): Only test for ldap and ldaps.
(keyserver_spawn): If a given handler is unusable (as determined by
path_access()) then try gpgkeys_curl.
|
| |
|
|
|
| |
Minor cleanup to use bitfield flags instead of a bunch of integers.
|
| |
|
|
|
| |
to make switching from PGP command line to GPG easier.
|
| |
|
|
|
|
|
|
| |
samples since it is being shut down.
* getkey.c (classify_user_id): Disable the '.' and '+' search modes
since they aren't supported yet.
|
| | |
|
| |
|
|
|
|
| |
--passphrase command line option. Only useful in very special
circumstances.
|
| |
|
|
|
|
| |
so that gpg can get the key from DNS. This helps with opportunistic
encryption. No integration with the trust modell yet.
|
| |
|
|
|
| |
file. Noted by Michael Schierl.
|
| |
|
|
|
| |
Noted by Michael Schierl.
|
| |
|
|
|
| |
we start our tree with one.
|
| | |
|
| |
|
|
|
| |
can then delete) to start the tree.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
report that it can handle it, and we don't want it to.
|
| |
|
|
|
|
|
|
|
| |
saved codeset.
(agent_open): Add arg ORIG_CODESET and switch back to it in case
of error. Changed all callers.
* zh_TW.po, fr.po, cs.po: Updated.
|
| | |
|
| |
|
|
|
|
| |
match key expiry unless --ask-cert-expire is set. Suggested by Peter
Palfrader.
|
| |
|
|
|
|
| |
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
|
| |
|
|
|
|
|
|
|
| |
to enable the uid walking when signing a key with no uids specified to
sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
|
| |
|
|
|
|
|
|
| |
to see if it can handle a particular protocol. (keyserver_typemap): Call
it here.
* Makefile.am: Pull in libcurl for curl_version_info() if used.
|
| |
|
|
|
| |
* cardglue.c (open_card): Use it.
|
| |
|
|
|
|
|
|
|
|
| |
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.
* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
|
| |
|
|
|
|
| |
* ttyio.c (do_get): Move printing of the prompt after disabling
echo. Suggested by Scott Worley.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
when compacting a uid. There is no reason to make an attacker's job
easier - this way they only have a revocation which is useless in
bringing the uid back.
* keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed.
* import.c (chk_self_sigs): Allow a uid revocation to be enough to
allow importing a particular uid (no self sig needed). This allows
importing compacted uids.
|
| | |
|
| |
|
|
|
|
| |
* g10.c, options.h: New option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use it.
|
| |
|
|
|
|
|
| |
about missing timestamp or keyid. In case we don't use that key
there won't be no further error and thus gpg does not need to
return with an error.
|
| |
|
|
|
|
|
|
|
|
| |
* options.h, import.c (parse_import_options, import_one): Add
import-clean-uids option to automatically compact unusable uids when
importing. Like import-clean-sigs, this may nodify the local keyring.
* trustdb.c (clean_uids_from_key): Only allow selfsigs to be a
candidate for re-inclusion.
|
| |
|
|
|
|
|
|
| |
import_one): Add import-clean-sigs option to automatically clean a key
when importing. Note that when importing a key that is already on the
local keyring, the clean applies to the merged key - i.e. existing
superceded or invalid signatures are removed.
|
| |
|
|
|
|
| |
that even after keys may be merged together, we only have one chosen
selfsig.
|
| |
|
|
|
| |
import-unusable-sigs is now a noop.
|
| |
|
|
|
|
|
|
|
| |
menu_clean_subkeys_from_key), trustdb.h, trustdb.c
(clean_subkeys_from_key): Remove subkey cleaning function. It is of
very limited usefulness since it cannot be used on any subkey that can
sign, and can only affect multiple selfsigs on encryption-only
subkeys.
|
