From 76b73caf91b4631c282c4b744900a0d873c4ccf0 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 2 Dec 2011 19:42:56 +0100 Subject: Rename all ChangeLog files to ChangeLog-2011. * ChangeLog: New file. --- ChangeLog | 2257 +------- ChangeLog-2011 | 2256 ++++++++ checks/ChangeLog | 329 -- checks/ChangeLog-2011 | 334 ++ cipher/ChangeLog | 1389 ----- cipher/ChangeLog-2011 | 1396 +++++ doc/ChangeLog | 1180 ---- doc/ChangeLog-2011 | 1187 ++++ doc/fr/ChangeLog | 17 - doc/fr/ChangeLog-2011 | 22 + doc/gph/ChangeLog | 9 - doc/gph/ChangeLog-2011 | 14 + g10/ChangeLog | 13772 -------------------------------------------- g10/ChangeLog-2011 | 13779 +++++++++++++++++++++++++++++++++++++++++++++ include/ChangeLog | 665 --- include/ChangeLog-2011 | 672 +++ intl/ChangeLog | 4 - intl/ChangeLog-2011 | 10 + keyserver/ChangeLog | 1307 ----- keyserver/ChangeLog-2011 | 1314 +++++ m4/ChangeLog | 256 - m4/ChangeLog-2011 | 262 + mpi/ChangeLog | 564 -- mpi/ChangeLog-2011 | 571 ++ po/ChangeLog | 734 --- po/ChangeLog-2011 | 739 +++ scripts/ChangeLog | 547 -- scripts/ChangeLog-2011 | 554 ++ tests/ChangeLog | 68 - tests/ChangeLog-2011 | 73 + tools/ChangeLog | 246 - tools/ChangeLog-2011 | 251 + util/ChangeLog | 1928 ------- util/ChangeLog-2011 | 1933 +++++++ zlib/ChangeLog | 505 -- zlib/ChangeLog-2011 | 510 ++ 36 files changed, 25889 insertions(+), 25765 deletions(-) create mode 100644 ChangeLog-2011 delete mode 100644 checks/ChangeLog create mode 100644 checks/ChangeLog-2011 delete mode 100644 cipher/ChangeLog create mode 100644 cipher/ChangeLog-2011 delete mode 100644 doc/ChangeLog create mode 100644 doc/ChangeLog-2011 delete mode 100644 doc/fr/ChangeLog create mode 100644 doc/fr/ChangeLog-2011 delete mode 100644 doc/gph/ChangeLog create mode 100644 doc/gph/ChangeLog-2011 delete mode 100644 g10/ChangeLog create mode 100644 g10/ChangeLog-2011 delete mode 100644 include/ChangeLog create mode 100644 include/ChangeLog-2011 delete mode 100644 intl/ChangeLog create mode 100644 intl/ChangeLog-2011 delete mode 100644 keyserver/ChangeLog create mode 100644 keyserver/ChangeLog-2011 delete mode 100644 m4/ChangeLog create mode 100644 m4/ChangeLog-2011 delete mode 100644 mpi/ChangeLog create mode 100644 mpi/ChangeLog-2011 delete mode 100644 po/ChangeLog create mode 100644 po/ChangeLog-2011 delete mode 100644 scripts/ChangeLog create mode 100644 scripts/ChangeLog-2011 delete mode 100644 tests/ChangeLog create mode 100644 tests/ChangeLog-2011 delete mode 100644 tools/ChangeLog create mode 100644 tools/ChangeLog-2011 delete mode 100644 util/ChangeLog create mode 100644 util/ChangeLog-2011 delete mode 100644 zlib/ChangeLog create mode 100644 zlib/ChangeLog-2011 diff --git a/ChangeLog b/ChangeLog index fb3bec9e5..8bd68a626 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,2249 +1,16 @@ -2011-08-09 Werner Koch +No more ChangeLog files +======================== - * configure.ac: Fix usage of AC_LANG_PROGRAM. +Do not modify any of the ChangeLog files in GnuPG. Starting on +December 1st, 2011 we put change information only in the GIT commit +log, and generate a top-level ChangeLog file from logs at "make dist" +time. As such, there are strict requirements on the form of the +commit log messages. See doc/HACKING for details. The old ChangeLog +files have all be renamed to ChangeLog-2011. -2010-12-28 Werner Koch - * configure.ac (git_revision): Add new m4 macro. -2010-10-27 Werner Koch - - * acinclude.m4 (GNUPG_TIME_T_UNSIGNED): New. - * configure.ac: Call AC_HEADER_TIME and GNUPG_TIME_T_UNSIGNED. - -2010-10-18 Werner Koch - - Release 1.4.11. - -2010-10-10 Werner Koch - - * configure.ac (AH_BOTTOM): Add GNUPG_BAK_SFX and GNUPG_TMP_SFX. - Define GNUPG_HOMEDIR et al for VMS. - -2010-10-05 Werner Koch - - * configure.ac: Remove check for the faqprog. - -2010-09-28 Werner Koch - - * configure.ac (AH_BOTTOM) [__VMS]: Fix homedir. - -2010-09-23 Werner Koch - - Release 1.4.11rc1. - - * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Remove - --enable-selinux-support option. - -2009-09-02 Werner Koch - - Release 1.4.10. - - * configure.ac (AC_RG_ENABLE): Don't disable try_gettext in - --enable-minimal. - * README <--enable-minimal>: Mention --disable-nls. - -2009-08-13 Werner Koch - - Release 1.4.10rc1. - - * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Remove now obsolete - --enable-camellia - -2009-08-13 David Shaw - - * NEWS: Note Camellia and hkps. - -2009-07-21 Werner Koch - - * configure.ac (AH_BOTTOM): Add macros for estream-printf. - (estream_PRINTF_INIT): Add it. - -2009-06-05 David Shaw - - * configure.ac: Remove Camellia restriction. - -2008-10-03 David Shaw - - * configure.ac, acinclude.m4: Remove GNUPG_CHECK_DOCBOOK_TO_TEXI - as we no longer use it. Noted by John Clizbe. - -2008-08-27 David Shaw - - * configure.ac: Use printf for the most portable SVN version - detection. - -2008-08-11 Werner Koch - - * configure.ac: Check for size of time_t. - -2008-04-01 Werner Koch - - * configure.ac (AC_INIT): Fix quoting. - -2008-03-31 David Shaw - - * configure.ac: Require curl 7.10 (Oct 1 2002) or later as we use - curl_version_info(). - -2008-03-26 Werner Koch - - Release 1.4.9. - -2008-03-07 David Shaw - - * configure.ac: Darwin's /bin/sh has a builtin echo that doesn't - understand '-n'. Use tr to trim the carriage return instead. - -2008-03-06 David Shaw - - * configure.ac: Post-release update. - -2007-12-20 Werner Koch - - Released 1.4.8. - -2007-12-17 Werner Koch - - * configure.ac: Add special treatment for HAVE_LDAP_START_TLS_SA. - -2007-12-14 Werner Koch - - Released 1.4.8rc1. - -2007-12-13 David Shaw - - * NEWS: Note SHA-224 typo. - -2007-11-17 David Shaw - - * NEWS: Say a bit more about RFC-4880. Note some defaults - changing. - -2007-11-16 Werner Koch - - Released 1.4.8rc1. - -2007-10-27 David Shaw - - * README: Update notes about OSX Leopard. - -2007-10-23 Werner Koch - - Switched entire package to GPLv3+. - - * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Enable Camellia and mailto. - - * configure.ac (MPI_OPT_FLAGS): Always use AM_PO_SUBDIRS. - -2007-10-23 gettextize - - * configure.ac (AM_GNU_GETTEXT_VERSION): Bump to 0.16.1. - -2007-10-17 David Shaw - - * configure.ac: Change various help messages to use - AC_HELP_STRING. - -2007-07-18 David Shaw - - * configure.ac: It seems that AM_GNU_GETTEXT doesn't like being - run conditionally and it confuses the includes when doing later - type checks. This is bug#810. - -2007-07-08 David Shaw - - * configure.ac: AM_PROG_CC_C_O is desired by automake 1.10 to do - per-target builds (like we do in the keyserver dir), but exists in - the currently-used 1.9.3 as well. - -2007-06-13 David Shaw - - * configure.ac: Add --enable-camellia. Disabled by default. Do - not enable this unless you're doing interop testing. - -2007-04-16 Werner Koch - - * acinclude.m4: Fix last change. Make test self-contained by - checking for sysconf and getpagesize. Remove indentation for the - sake of broken C-89 cpp. - -2007-04-16 David Shaw - - * configure.ac: Add a HAVE_SHM conditional. - - * acinclude.m4: Use sysconf() if available to avoid a false - positive on HAVE_BROKEN_MLOCK when checking for page size. - - * configure.ac: Check for sysconf. - -2007-04-15 David Shaw - - * configure.ac: QNX puts resolver functions in libsocket. From - Sean Boudreau. - -2007-03-05 Werner Koch - - Released 1.4.7. - -2007-03-04 David Shaw - - * NEWS: Note --allow-multiple-messages. - -2006-12-21 David Shaw - - * configure.ac: Only check for libusb if we're building with card - support. Noted by Gilles Espinasse. - -2006-12-11 Werner Koch - - * Makefile.am (DISTCLEANFILES): Removed g10defs.h. - - * configure.ac (AC_CONFIG_COMMANDS): Removed creation of - g10defs.h. - (AH_BOTTOM): Moved stuff from g10defs.h to config.h. - -2006-12-07 David Shaw - - * configure.ac: AM_CONDITIONAL must not be used inside an if/then. - -2006-12-07 Werner Koch - - * configure.ac: Remove GNUPG_DATADIR for non-W32 systems. - -2006-12-06 Werner Koch - - Released 1.4.6. - -2006-12-04 Werner Koch - - * README: Add hint on hjow to set CC_FOR_BUILD. - * configure.ac (CC_FOR_BUILD): New. - -2006-12-02 David Shaw - - * NEWS: Note the CVE for bug#728, --s2k-count, - --passphrase-repeat, and the OpenSSL exception. - -2006-11-29 Werner Koch - - Released 1.4.6rc1. - -2006-11-05 David Shaw - - * configure.ac: --enable-minimal leaves out gettext and all - resolver functions (SRV, PKA, & CERT). - -2006-10-02 Werner Koch - - * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add case for mingw32 - and allow setting the variable on the command line. Fixes bug 518. - Also use HOST instead of TARGET. - - * README: Add information about the forthcoming GnuPG 2.0. - - * configure.ac (AB_INIT): New. - -2006-09-28 David Shaw - - * configure.ac: Move strsep to AC_REPLACE_FUNCS so it will end up - in libcompat. - -2006-08-01 Werner Koch - - Released 1.4.5. - -2006-07-31 Werner Koch - - * README: Updated info on the key used to sign the tarball. - -2006-07-28 Werner Koch - - Released 1.4.5rc1. - -2006-07-08 David Shaw - - * configure.ac: Fix resolver autoconf code so it works (fails) - properly with uClibc. - -2006-06-25 Werner Koch - - Released 1.4.4. - -2006-05-23 David Shaw - - * configure.ac: Add --disable-optimization. This is handy for - debugging so the compiler doesn't rearrange things and eliminate - variables. - -2006-05-22 Marcus Brinkmann - - * configure.ac: Remove check for noexecstack and invoke - CL_AS_NOEXECSTACK instead. - -2006-05-16 Werner Koch - - * README: Removed note for OSF5 as this is the default now. - Reported by Joerg Honegger. - - * configure.ac [osf5]: Fixed warning name to ptrmismatch1. - -2006-04-27 David Shaw - - * NEWS: Note SHA-224 and DSA2. - - * configure.ac: Remove --enable-old-keyserver-helpers. Comment - out --enable-m-guard for now. - -2006-04-12 Werner Koch - - * configure.ac: Print version at end of run. - (svn_revision): Posix adjustment. - -2006-04-07 Werner Koch - - * configure.ac: Use new method to include the SVN revison. Now it - is the actual global revision number. - -2006-04-04 Werner Koch - - * NEWS: Fixed old news entry to point to rfc4398 which has been - published just before 1.4.3. - -2006-04-03 Werner Koch - - Released 1.4.3. - -2006-03-30 David Shaw - - * README: Some more notes about building fat binaries. - -2006-03-24 David Shaw - - * README: Missing some instructions on building a fat binary. - -2006-03-20 David Shaw - - * configure.ac: Improved --disable-endian-check that doesn't - involve changing #ifdefs in the rest of the code. - -2006-03-19 David Shaw - - * configure.ac: Add --disable-endian-check for building fat - binaries on OSX. - - * README: Add note on how to build a fat binary on OSX. - -2006-03-17 David Shaw - - * configure.ac: Allow the DNS stuff to work on OSX by trying the - Apple-specific BIND_8_COMPAT. - -2006-03-09 Werner Koch - - Released 1.4.3rc2. - -2006-03-07 David Shaw - - * NEWS: Note CERT retrieval. Tweak PKA and backsig language to - match current code. - - * NEWS: Note --auto-key-locate and that keyservers can handle - binary data now. - -2006-03-01 David Shaw - - * configure.ac: Fix accidental enabling of SHA-384/512. Noted by - Nelson H. F. Beebe. - -2006-02-18 David Shaw - - * configure.ac: Try linking the UINT64_C test program (rather than - just compiling it) as UINT64_C looks like a (missing) function, - causing a false positive. Noted by Claus Assmann. - -2006-02-14 Werner Koch - - Released 1.4.3rc1. - -2006-02-09 Werner Koch - - * configure.ac: Check for fcntl and ftruncate. - -2006-01-22 David Shaw - - * configure.ac: Add define for EXEEXT so we can find keyserver - helpers on systems that use extensions. - -2005-12-23 David Shaw - - * configure.ac: Add switch for DNS CERT. - -2005-12-22 David Shaw - - * configure.ac: Split PKA checking off from DNS SRV checking. - Currently PKA is only enabled if HTTP or HKP is enabled which is - not necessary. - -2005-12-08 David Shaw - - * NEWS: Note --fetch-keys. - -2005-12-06 David Shaw - - * configure.ac: UINT64_C test needs #include . - - * configure.ac: Some cleanup so we don't build files that are - completely ifdeffed out. This causes a warning on Sun's cc. Do - sha512.c and the internal regex code as well for consistency. - -2005-11-17 David Shaw - - * NEWS: Note backsigs, the xxxxx-clean options, and the - xxxxx-minimal options. - -2005-11-02 David Shaw - - * configure.ac: Check for a getpagesize() declaration. - -2005-10-14 David Shaw - - * NEWS: Clarify the cURL keyserver changes, and add a note about - gpg-zip. - - * configure.ac: Remove the backsig configure options since this is - all done at runtime now. - -2005-10-11 David Shaw - - * configure.ac: Did some backsig testing with the PGP folks. All - is well, so I'm turning generation of backsigs on for new keys. - Checking for backsigs on verification is still off. - -2005-10-05 Werner Koch - - * configure.ac: Changed identification file name to g10/gpg.c - -2005-10-02 Marcus Brinkmann - - * configure.ac [!$try_gettext]: Invoke AM_PO_SUBDIRS. - -2005-08-31 David Shaw - - * configure.ac: Check for getpwnam, getpwuid, and pwd.h. - -2005-08-09 David Shaw - - * configure.ac: Remove hardcoded -I and -L for /usr/local on - FreeBSD. - -2005-08-04 David Shaw - - * configure.ac: Call GNUPG_CHECK_USTAR and generate tools/gpg-zip. - -2005-07-28 Werner Koch - - * configure.ac (USE_DNS_PKA): Define in addition to USE_DNS_SRV. - -2005-07-27 Werner Koch - - Replaced in all directories all calls to m_free, m_alloc, - m_realloc, m_strdup by calls to xfoo functions. This is to ease - porting to gnupg 1.9. - - * README.CVS: Renamed to README.SVN. - -2005-07-26 David Shaw - - * NEWS, configure.ac: Switch over to using curl or fake-curl by - default. Add --enable-old-keyserver-helpers to not use curl. - -2005-07-26 Werner Koch - - Released 1.4.2. - -2005-07-20 David Shaw - - * configure.ac: Add a define for FAKE_CURL. - -2005-07-19 Werner Koch - - * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH. - -2005-06-21 Werner Koch - - Released 1.4.2rc2. - -2005-06-20 David Shaw - - * NEWS: Note key cleaning commands. - -2005-06-13 David Shaw - - * configure.ac: Add check for no-pointer-sign warning keyword, and - disable. This is gcc4 specific. - -2005-05-31 Werner Koch - - Released 1.4.2rc1. - - * README: Add a note on GnuPG 1.9. - - Updated FSF address in all files. - -2005-05-26 David Shaw - - * NEWS: Note command completion and the new curl-based HKP helper. - -2005-04-16 David Shaw - - * configure.ac: Remove --disable-old-hkp - use new HKP handler for - --with-libcurl or --enable-fake-curl. - - * configure.ac: Add --disable-old-hkp option that can be used - along with --with-libcurl to build the curl version of HKP. - -2005-04-12 David Shaw - - * configure.ac: Check for memrchr() - -2005-03-31 Werner Koch - - * configure.ac: New option --disable-agent-support. Define - ENABLE_AGENT_SUPPORT as AC_DEFINE and AM_CONDITIONAL. - Disable support for card and agent with --enable-minimal. - (AC_REPLACE_FUNCS): Add isascii. - (g10defs.h): Define PATHSEP_C and PATHSEP_S. - - * README: Changed the instruction on how to verify a signature to - show a .sig extension and not the .asc we used to use ages ago. - -2005-03-16 David Shaw - - * configure.ac: Move the LDAP detecting code to m4/ldap.m4. - -2005-03-15 Werner Koch - - Released 1.4.1. - -2005-03-11 Werner Koch - - * configure.ac: New option --enable-noexecstack. - -2005-02-16 Werner Koch - - Released 1.4.1rc2. - -2005-02-11 David Shaw - - * configure.ac: Add --enable-fake-curl option to help test no-curl - HTTP. - - * NEWS: Note Mister/Zuccherato CFB countermeasures. - -2005-02-04 Werner Koch - - * configure.ac (GNUPG_CHECK_GNUMAKE): Removed. Not needed for - decent automakes. - -2005-02-03 David Shaw - - * NEWS: Fix typo. - -2005-02-03 Werner Koch - - Released 1.4.1rc1. - -2005-01-22 David Shaw - - * configure.ac: Define FTPS flag if we're using curl, and FTPS is - available. - - * README: Fix some typos (noted by Norihiko Murase), update to - 1.4.1, and tweak some descriptions. - - * NEWS: Note FTPS. - -2005-01-18 Werner Koch - - * configure.ac (HAVE_W32_SYSTEM): Define it. - -2005-01-18 David Shaw - - * NEWS: Note --rfc2440-text import/export-unusable-sigs and - gpgkeys_curl. - - * configure.ac: gpgkeys_mailto is disabled by default. Define - HTTPS flag if we're using curl, and HTTPS is available. - -2005-01-17 Werner Koch - - * README: Updated for SHA1 checksums. - - * configure.ac: Make --without-included-zlib work as - expected. Reported by Norihiko Murase. Same for - --without-included-regex. - -2005-01-03 David Shaw - - * configure.ac: Use new GNUPG_CHECK_LIBUSB macro. - -2004-12-28 David Shaw - - * configure.ac: Better implementation for the SRV check. We don't - need to actually check all the header files individually since the - SRV test compile uses them together. - -2004-12-24 David Shaw - - * configure.ac: Use new LIBCURL_CHECK_CONFIG macro for - all libcurl stuff. This simplifies, and we don't need the - automake conditional stuff any longer. - -2004-12-22 David Shaw - - * configure.ac: --enable-ftp is on by default, --with-libcurl is - off by default. If we have neither of --enable-ftp or - --enable-http, don't even check for curl. - -2004-12-21 David Shaw - - * configure.ac: Add check for --enable-ftp. It is disabled by - default for now. - -2004-12-18 David Shaw - - * configure.ac: Call the new GNUPG_CHECK_READLINE macro for - readline stuff. - -2004-12-17 David Shaw - - * configure.ac: Add a --with-ldap=DIR so people can add to the - search path. - -2004-12-16 David Shaw - - * configure.ac: Check for arpa/nameser.h. - -2004-12-16 Werner Koch - - * THANKS: Added John Clizbe for help testing the 1.4.0a W32 - binary. - -2004-12-16 Werner Koch - - Released 1.4.0. - -2004-12-14 Werner Koch - - Released 1.3.93. - - * Makefile.am (AUTOMAKE_OPTIONS): Add filename-length-max=99. - -2004-11-06 David Shaw - - * configure.ac: Autodetect wldap32 on Windoze. - -2004-11-04 David Shaw - - * README, configure.ac: Add --enable-backsigs to enable the - experimental backsigs code. - -2004-11-04 Werner Koch - - * AUTHORS: Use Maxim Britov. I am not that accustomed to the - Russian way of writing names. - -2004-10-28 Werner Koch - - Released 1.3.92. - -2004-10-26 Werner Koch - - * configure.ac: New option --disable-gnupg-iconv, define - USE_GNUPG_ICONV. - (AC_CANONICAL_TARGET): Replaced by AC_CANONICAL_HOST. Changed all - reference to TARGET to HOST. Made sure that i586-mingw32msvc gets - detected as mingw32. - (UNIT64_C): Don't include inttype.h uncoditional but use a test to - ensure that it gets into conftest.h. - (AH_TOP): New. Prevent double inclusion of config.h. - -2004-10-21 David Shaw - - * acinclude.m4: aclocal 1.9 wants quoting on AC_DEFUN arguments. - -2004-10-21 Werner Koch - - * configure.ac: Remove the check for asprintf - -2004-10-15 Werner Koch - - Released 1.3.91. - - * README: Mentioned --enable-selinux-support. - -2004-10-15 David Shaw - - * NEWS: Note gpgkeys_finger, keyserver timeouts, and the direct - trust model. - -2004-10-15 Werner Koch - - * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): New. - (AUTOMAKE_OPTIONS): New. - - * configure.ac: Check whether vasprintf needs a replacement. - -2004-10-13 Werner Koch - - * configure.ac: Actually name the option --disable-finger and not - http. Add option --enable-selinux-support. - -2004-10-11 Werner Koch - - * configure.ac: New option --disable-finger. - -2004-09-17 Werner Koch - - * configure.ac: Don't check for usb_create_match or - use_get_string_simple anymore. - -2004-09-15 David Shaw - - * configure.ac: Give warning when using capabilities. Check for - usb_get_string_simple for old libusb reasons. - -2004-09-10 David Shaw - - * NEWS: Note HTTP basic auth. - - * configure.ac: Check for usb_get_busses since very old stable - libusb doesn't have it. - -2004-09-09 Werner Koch - - * README: Doc --disable-card-support and --without-readline. - - * configure.ac: Check for readline. Make enable-card-support the - default. New option --without-readline. Allow the use of either - the development or the stable libusb. - -2004-07-27 Werner Koch - - * configure.ac (AM_GNU_GETTEXT_VERSION): New. - (min_automake_version): New. - -2004-05-24 David Shaw - - * configure.ac: Try for wldap32 on Win32 platforms. - -2004-05-22 Werner Koch - - Releases 1.3.6. - -2004-05-21 David Shaw - - * NEWS: Note --sig-keyserver-url and the ability to use a - preferred keyserver in a regular data sig to fetch the signing - key. - - * configure.ac: Replacement function for timegm(). No need to - check for setenv() any longer. - -2004-05-20 David Shaw - - * NEWS: Note HTTP key fetching. - - * README: Update version and note that HKP is no longer build in. - - * configure.ac: Handle --disable-http and other code to properly - build gpgkeys_http. - -2004-05-19 David Shaw - - * NEWS: Note the addition of preferred keyserver support, - --ask-cert-level, --keyid-format, and the removal of - show-long-keyids, the quasi-1991 partial length encoding, - --export-all, and include-non-rfc. - - * acinclude.m4 (GNUPG_SYS_NM_PARSE): Remove a leftover slash in a - sed expression. - -2004-05-01 Werner Koch - - * acinclude.m4 (ac_pipe_works): Fixed BRE syntax \? -> \{0,1\}. - Reported by Todd Vierling. - -2004-02-26 Werner Koch - - Released 1.3.5. - -2004-02-25 David Shaw - - * README: Update copyright. - - * NEWS: Note --max-output, --list-config, --min-cert-level, AIX - fix, new http-proxy keyserver-option, new LDAP server code, TLS, - LDAPS, and --show-session-key with --symmetric. - -2004-02-20 David Shaw - - * configure.ac: Check for timegm(). Replacement functions for - setenv() and unsetenv(). - -2004-02-19 David Shaw - - * configure.ac: Check for ln -s and add GPGKEYS_LDAP conditional, - both for making gpgkeys_ldaps symlink to gpgkeys_ldap. - - * configure.ac: Simplify the LDAP checking code since OpenLDAP is - far more mature these days and dependencies are cleaner. Add - checks for ldap_set_option and ldap_start_tls_s. - -2004-01-27 David Shaw - - * NEWS: Note --enable-key-cache, the OpenBSD/i386 and HPPA fixes, - and Elgamal removal. - - * README, configure.ac: Add --enable-key-cache=SIZE configure - option. This sets the key/uid cache size. Default is 4096. - -2004-01-11 David Shaw - - * configure.ac: Include stdio.h when checking for bzlib.h. Solaris - 9 has a very old bzip2 library and we can at least guarantee that - it won't fail because of the lack of stdio.h. - - * THANKS: Added Phong Nguyen, who found the Elgamal signing key - problem. - -2003-12-23 Werner Koch - - * configure.ac: Use -Wformat-nonliteral in maintainer-mode. - -2003-11-30 David Shaw - - * NEWS: Note --disable-rsa. - - * configure.ac: Add --disable-rsa. - - * README: Add --with-zlib, --with-bzip2, --without-bzip2, - --disable-rsa, and --enable-minimal. Update gettext version. - - * README: Update version number. Add BZIP2. Remove Elgamal - sign+encrypt. - -2003-11-27 Werner Koch - - Released 1.3.4. - -2003-11-27 David Shaw - - * NEWS: Note that we won't encrypt to an Elgamal sign+encrypt key - any longer. - - * configure.ac: Use MSG_NOTICE instead of MSG_WARN for less - serious notifications. - - * NEWS: I meant "less" not "more". - -2003-11-12 David Shaw - - * NEWS: Note BZIP2. - - * configure.ac: Make sure that the resolver API actually compiles, - and not just that the right functions exist. - -2003-10-30 David Shaw - - * configure.ac: Locate libbz2 for bzip2 compression support. - -2003-10-26 David Shaw - - * NEWS: Note --symmetric --encrypt and the improved config file - search. - - * configure.ac: Add SAFE_VERSION_DOT and SAFE_VERSION_DASH. - -2003-10-25 Werner Koch - - * Makefile.am (SUBDIRS): Add intl. - (ACLOCAL_AMFLAGS): New variable. - (EXTRA_DIST): Add scripts/config.rpath. - * configure.ac (AC_CONFIG_FILES): Add po/Makefile.in, - (AL_LINGUAS): Removed. - -2003-10-24 David Shaw - - * configure.ac (DLLIBS): Work properly on platforms where dlopen - and friends are in libc instead of libdl. - -2003-10-24 Werner Koch - - * configure.ac (DLLIBS): Fixed last change. - -2003-10-23 Werner Koch - - * configure.ac (DLLIBS): Do not include -ldl in the mingw32 case. - -2003-10-21 Werner Koch - - * configure.ac (PRINTABLE_OS_NAME): Remove special case for The - Hurd; Robert Millan reported that the uname test is now - sufficient. - -2003-10-16 David Shaw - - * configure.ac: Include -ldl when card support is used. - -2003-10-10 Werner Koch - - Release 1.3.3. - -2003-10-09 David Shaw - - * NEWS: Note multiple Comment: support and --sig-keyserver-url. - -2003-10-01 Werner Koch - - * configure.ac (AH_BOTTOM): Define GNUPG_MAJOR_VERSION. - (ENABLE_CARD_SUPPORT): Define as automake conditional. - -2003-09-30 David Shaw - - * NEWS: Note that SHA-256 is read-write now, that TIGER/192 is no - more, that revoked and expired uids are skipped in -r, and that - --no-mangle-dos-filenames is now the default. - -2003-09-27 Werner Koch - - * configure.ac (LIBUSB_LIBS,HAVE_LIBUSB): Check for Libusb. - (--enable-card-support): New. - -2003-09-04 David Shaw - - * configure.ac: Drop TIGER/192 support. Check for UINT64_C to go - along with uint64_t. - -2003-09-01 David Shaw - - * NEWS: Note --list-options, --verify-options, the deprecation of - --show-photos, --show-policy-url, --show-notation, and - --show-keyring, and getting the signer's fingerprint in sig - records. - -2003-08-28 David Shaw - - * AUTHORS, THANKS: Updates from stable. - -2003-08-25 David Shaw - - * NEWS: Note %g and %p, the "tru" --with-colons record, and the - REVKEYSIG --status-fd tag. - - * README: Add a note about the SunOS symbol underscore problem and - how to fix it. Note problem with gcc < 2.96 and non-gnu as. - -2003-08-24 David Shaw - - * configure.ac: Check for getaddrinfo. Don't bother to check for - EGD libs since we need to have the netlibs regardless because of - the agent socket. - -2003-07-10 David Shaw - - * configure.ac: configure.ac: Check for sigset_t and struct - sigaction. This is for Forte c89 on Solaris which seems to define - only the function call half of the two pairs by default. - - * THANKS: Updates from stable. - - * configure.ac: Include wsock32 in W32LIBS. This is different - from NETLIBS so we don't need to force other platforms to pull in - the netlibs when they aren't actually needed. - - * NEWS: Note portability changes. - -2003-06-03 David Shaw - - * configure.ac: Define SAFE_VERSION so that RISCOS can override it - and remove invalid chars. - -2003-05-30 David Shaw - - * configure.ac: Put wsock32 in NETLIBS. Put zlib in ZLIBS. Put - dl in DLLIBS. Check for getopt.h if available. Look for getopt() - in libiberty if libc doesn't have it. Enable GPGKEYS_HKP after - AC_PROG_CC so that any needed extension (i.e. ".exe") is defined. - -2003-05-27 Werner Koch - - Released 1.3.2. - -2003-05-26 David Shaw - - * NEWS: Document --gnupg and the deprecation of --no-openpgp and - --no-pgpX. - -2003-05-24 David Shaw - - * configure.ac: Edit preprocessor instructions in g10defs.h to - remove whitespace before the '#'. This is not required by C89, - but there are some compilers out there that don't like it. - -2003-05-11 David Shaw - - * configure.ac: Remove some stuff no longer needed with newer - autoconf. Use AC_GNU_SOURCE instead of defining _GNU_SOURCE - manually. Add check for strchr() for gettext. Add "ngettext" - check for gettext, since that check supposedly implies a check for - bind_textdomain_codeset. Add check for times() for random.c. Fix - URL for EGD. Make --enable-old-tiger match the stable branch as a - separate item. - - * NEWS: "OpenPGP" trust model is now "PGP". Add note about TIGER - being dropped from OpenPGP. Note trust bug fix. - - * README: Fix all URLs to point to the right place in the - reorganized gnupg.org web pages. Some minor language fixes. - -2003-04-27 David Shaw - - * BUGS: Fix bug reporting URL. - - * NEWS: Add sig version, pk algo, hash algo, and sig class to - VALIDSIG. Add notes about SRV, the "subkeyid!" syntax, configure - options to disable various algorithms, and the ability to change - the keyserver no-modify flag. - -2003-04-23 David Shaw - - * configure.ac: Big warning that TIGER/192 is being removed from - the standard, and make it disabled by default. - - * README: Put back proper copyright line. Remove mention of - TIGER/192. - -2003-04-15 Werner Koch - - * configure.ac (HAVE_DOSISH_SYSTEM): New automake conditional. - - * acinclude.m4 (GNUPG_CHECK_ENDIAN): Fixed quoting of r.e. using - quadrigraphs. - -2003-04-08 Werner Koch - - * Makefile.am (EXTRA_DIST): Add autogen.sh wrapper. - -2003-04-07 David Shaw - - * configure.ac: Use much more accurate method to determine whether - DNS SRV is usable. - - * README: Document the various --disable-xxx switches, and add a - note about existing keys that may use one of the missing ciphers - as a preference. Update copyright date. - - * NEWS: Add note about SHA-256/384/512. - - * acinclude.m4: Fix URL to faqprog.pl. - -2003-03-24 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume - little only for Intel CPUs. - - * configure.ac: Check for ranlib and ar. This is required for - cross compiling. - -2003-03-11 David Shaw - - * configure.ac: Look for res_query so we can use DNS SRV, and add - --disable-dns-srv to disable it. - -2003-03-04 David Shaw - - * configure.ac: Define @CAPLIBS@ to link in -lcap if we are using - capabilities. - -2003-02-22 David Shaw - - * configure.ac: Add --disable-idea for IDEA. Note that disabling - IDEA disables both the real IDEA and the possibility of using the - IDEA loadable module. Remove the --disable-dynload option since - it is no longer meaningful (it is only used if idea-stub is used). - -2003-02-21 David Shaw - - * configure.ac: Add --disable-xxx options for CAST5, BLOWFISH, AES - (all), TWOFISH, TIGER192, SHA256, and SHA384/512. Add a - --enable-minimal that disables all of them as well as - --disable-exec. - -2003-02-11 David Shaw - - * configure.ac: Do not set GNUPG_LIBEXECDIR in ./configure, so - that makefiles can override it. Verify that we have a 64-bit type - before building tiger.c or sha512.c. Add uint64_t as a possible - 64-bit type. - -2003-02-02 David Shaw - - * NEWS: Add notes about disabled keys, trustdb tweaks, and - "revuid". - -2002-12-27 David Shaw - - * NEWS: Add note about convert-from-106 script. - -2002-11-25 David Shaw - - * NEWS: Add notes about notation names and '@', the --trust-model - option, default algorithms from --personal-xxxx, - --primary-keyring, changes with --s2k-digest-algo, the new - anonymous recipient improvements, and non-optimized memory wiping. - -2002-11-13 David Shaw - - * THANKS: Changes from stable branch. - - * configure.ac: Check for ctermid(). From Werner on stable - branch. - - * configure.ac (GPGKEYS_LDAP,GPGKEYS_HKP): Add $EXEEXT. From - Werner on stable branch. - - * configure.ac (try_gettext): Remove special case for cygwin. - This removes all the DOS specific macros and let Cygwin work like - a real OS. Needs a couple of changes elsewhere but after all, - GnuPG presents itself much more like a Posix program and can be - used in a full Cygwin environment; e.g. used along with mutt. - Changes suggested by Volker Quetschke. From Werner on stable - branch. - - * acinclude.m4 (GNUPG_SYS_NM_PARSE): Allow for underscore in test - symbols. Useful for Cygwin builds. - (GNUPG_SYS_SYMBOL_UNDERSCORE): Don't hardwire to yes for Cygwin. - From Werner on stable branch. - - * README: Add an installation note for Darwin 6.1. From Werner on - stable branch. - -2002-11-12 Werner Koch - - Released 1.3.1 - -2002-11-03 David Shaw - - * NEWS: Note trust signature support, - --hidden-encrypt-to/--hidden-recipient, and long algorithm name - support everywhere. - -2002-10-31 David Shaw - - * Makefile.am: Put gnupg.spec in the root directory so rpm -ta - works. - - * configure.ac: Add a check for volatile. - -2002-10-29 David Shaw - - * configure.ac: Add --disable-regex in case some platform just - can't handle the regex stuff. This means they can't fully handle - trust sigs with an attached regex either. - -2002-10-19 David Shaw - - * configure.ac: Regex tests adapted from mutt to decide whether to - use the internal regex code or not. - -2002-10-18 Werner Koch - - Released 1.3.0. - - * configure.ac: Changed version number comments. - (ALL_LINGUAS): Removed all except for de. During development it - might not be a good idea to keep all of them - they get outdated - too soon and diff files will be far too large. - -2002-10-17 David Shaw - - * README: Multiple A record rotation works with MINGW32 now, and - clarify how it works with LDAP. - -2002-10-16 David Shaw - - * README: Some typo fixes from Florian Weimer, and bump version - number. - -2002-10-15 David Shaw - - * NEWS: Some 1.3 notes. - -2002-10-12 Werner Koch - - * configure.ac (NAME_OF_DEV_URANDOM): Use /dev/urandom for - NetBSD. Reported by Christian Biere. - -2002-10-07 David Shaw - - * configure.ac: OpenLDAP 2.0.27 changed the dependencies again. - Add a "LDAPLIBS" variable so users can try and suggest the right - dependencies for their platform. - -2002-10-02 David Shaw - - * configure.ac: Add an --enable-old-tiger, to revert back to the - old OID. - -2002-09-27 David Shaw - - * configure.ac: Remove --enable-tiger, as TIGER is now always - enabled. - -2002-09-25 David Shaw - - * configure.ac: Add NETLIBS to EGDLIBS when using EGD as EGD uses - sockets. - -2002-09-24 David Shaw - - * THANKS: Remove duplicate. - - * NEWS: Bring in cosmetic changes from stable branch. - - * configure.ac: Figure out whether the LDAP library supports - ldap_get_option, ld_errno, or neither. - -2002-09-19 David Shaw - - * configure.ac: Try linking LDAP as just -lldap as it seems very - recent OpenLDAPs (>=2.0.23) support that. - -2002-09-14 David Shaw - - * configure.ac: Try linking LDAP without -lresolv first, just in - case the platform has libresolv, but doesn't actually need it to - use LDAP. - -2002-09-12 David Shaw - - * NEWS: Note that the old IDEA plugin won't work with post-1.1.90 - gpg. - -2002-09-12 David Shaw - - * configure.ac: Remove --enable-external-hkp as this is always on - now. Add --disable-hkp to match the other - --disable-{keyservertype} options. - - * NEWS, configure.ac: Move to devel version 1.3. - -2002-09-11 Werner Koch - - Released 1.1.92. - - * configure.ac (random_modules): The default random module for - system lacking a /dev/random is now auto selected at runtime. - -2002-09-09 David Shaw - - * NEWS: typo. - - * configure.ac: Add a link test for LDAP without -lresolv for - HPUX. Remove "hstrerror" test as it is no longer needed. - -2002-09-02 Werner Koch - - * README: Removed the note about a development version so that we - later don't forget this. Minor other changes. - -2002-08-29 Werner Koch - - * configure.ac (random_modules): Reworked the code to select the - random module. Define USE_ALL_RANDOM_MODULES for value all. - -2002-08-27 David Shaw - - * configure.ac: Check type of mode_t. - - * NEWS: Clarify that --libexecdir is a configure option. - - * configure.ac: Check for hstrerror. - -2002-08-19 David Shaw - - * NEWS: Document new ways to enable MDC, and change in automatic - compression disabling. - - * configure.ac: No such thing as the "none" random gather any - longer. - -2002-08-08 David Shaw - - * configure.ac: Add an --enable-tiger. - - * NEWS: Clarify new permission checks. - -2002-08-07 David Shaw - - * configure.ac: If the static IDEA cipher is present, disable - dynamic loading. Also fix backwards grammar of keyserver - exec-path CHECKING message. - -2002-08-05 Werner Koch - - * configure.ac: Bumbed version number. - -2002-08-04 Werner Koch - - Released 1.1.91. - - * configure.ac (ALL_LINGUAS): Added Catalan. - -2002-08-02 Werner Koch - - * configure.ac: Removed all extension stuff but keep the tests for - dlopen. We don't need to figure out the flags required. All - stuff is now statically loaded. - -2002-07-30 David Shaw - - * README, configure.ac: --with-exec-path is now clarified into - --disable-keyserver-path - - * NEWS: changes since 1.1.90. - -2002-07-24 David Shaw - - * configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h, as well - as a SUBST for Makefiles. - -2002-07-22 Timo Schulz - - * configure.ac: Replace the 'c:/' variables with 'c:\' due - to the fact we already use '\' in the remaining code. - -2002-07-08 David Shaw - - * configure.ac: Add --with-mailprog to override the use of - sendmail with another MTA. We can use anything that follows the - "$MAILPROG -t" convention. - -2002-07-04 David Shaw - - * configure.ac: --enable-exec-path should be a 'with'. Fix 'no' - cases of --with-exec-path and --with-photo-viewer. - - * README: Document --disable-exec, --disable-photo-viewers, - --disable-keyserver-helpers, --enable-exec-path, and - --with-photo-viewer. - - * configure.ac: Add --with-photo-viewer to lock the viewer at - compile time and --disable-keyserver-helpers and - --disable-photo-viewers to allow disabling one without disabling - the other. - -2002-07-03 David Shaw - - * configure.ac: Allow setting USE_EXEC_PATH to lock the exec-path - to a fixed value. - -2002-07-01 Werner Koch - - * configure.ac: Set version number to 1.1.91. - - Released 1.1.90. - - * INSTALL: Replaced by generic install file. - * README: Marked as development version and moved most stuff of - the old INSTALL file to here. - -2002-06-30 Werner Koch - - * configure.ac: Link W32 version against libwsock32. - -2002-06-29 Werner Koch - - * configure.ac (development_version): New. - (HAVE_DEV_RANDOM_IOCTL): Removed test for it; it was never used. - - * BUGS, AUTHORS: Add a note on how to send security related bug - reports. - -2002-06-20 David Shaw - - * NEWS: changes since 1.0.7. - - * configure.ac: Set new version number (1.1.90), and fix Solaris - compiler flags for shared objects. - -2002-06-11 David Shaw - - * configure.ac: Move -lsocket and -lnsl checks before LDAP link - tests so they work properly on Solaris. Noted by David Champion. - Also, check for the Mozilla LDAP library if the OpenLDAP library - check fails. Put -lsocket and -lnsl in NETLIBS rather than LIBS - so not all programs are forced to link to them. - -2002-06-05 David Shaw - - * configure.ac: Add a switch for the experimental external HKP - keyserver interface. - -2002-05-22 Werner Koch - - * configure.ac: Check for strcasecmp and strncasecmp. Removed - stricmp and memicmp checks. - -2002-05-08 David Shaw - - * configure.ac: If LDAP comes up unusable, try #including - before giving up. Old versions of OpenLDAP require that. - -2002-05-03 David Shaw - - * configure.ac: In g10defs.h, use \ for the directory separator - when HAVE_DOSISH_SYSTEM is on. - - * configure.ac: Add --disable-exec flag to disable all remote - program execution. --disable-exec implies --disable-ldap and - --disable-mailto. Also look in /usr/lib for sendmail. If - sendmail is not found, do not default - just fail. - -2002-04-30 David Shaw - - * configure.ac: Try and link to a sample LDAP program to check if - the LDAP we're about to use is really sane. The most common - problem (using a very old OpenLDAP), could be fixed with an extra - #include, but this would not be very portable to other LDAP - libraries. - -2002-04-29 Werner Koch - - Released 1.0.7. - - * README: Fixed some minor things. - -2002-04-25 Werner Koch - - * configure.ac: Check for locale.h and setlocale - -2002-04-24 David Shaw - - * Update NEWS with recent changes. - -2002-04-19 Werner Koch - - Released 1.0.6e snapshot. - -2002-04-12 Werner Koch - - * configure.ac: Add a warning note to the definition of the - EXTSEP macros. - -2002-04-09 Werner Koch - - * configure.ac (ALL_LINGUAS): Added Czech, Galician and Greek - translations. s/es_ES/es/. - -2002-03-06 Werner Koch - - * configure.ac (ALL_LINGUAS): s/pt_PT/pt/ - -2002-03-04 David Shaw - - * Add a AC_DEFINE(_GNU_SOURCE). Since this is always defined in - config.h, the various autoconf tests should be tested with it - enabled. This also works around a compiler warning caused by a - minor header bug in glibc 2.1 that causes fseeko to be defined - when building gpg, but not when tested for in configure. - -2002-03-03 Werner Koch - - Release 1.0.6d snapshot. - -2002-01-04 David Shaw - - * NEWS: about symmetric messages and fixed file sizes. - -2001-12-22 Werner Koch - - Released 1.0.6c snapshot. - - * configure.ac (AH_BOTTOM): Moved EXEC_TEMPFILE_ONLY to here. - - * acconfig.h: Removed, it should no longer be used. - -2001-12-21 David Shaw - - * Add an acconfig.h to define EXEC_TEMPFILE_ONLY on platforms that - can't do fork/exec. - -2001-12-21 Werner Koch - - * Makefile.am (dist-hook): We should also look in include for - distfiles. - (EXTRA_DIST): Remove VERSION because it is generated by dist-hook. - -2001-12-20 David Shaw - - * configure.ac: replacement function for mkdtemp() - -2001-12-19 David Shaw - - * configure.ac: Check for stat() - -2001-12-19 Werner Koch - - * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Support Cygwin target - * configure.ac [CYGWIN32]: Don't build tiger. By Disastry. - -2001-12-18 Werner Koch - - * Makefile.am (SUBDIRS): Add keyserver. - (dist-hook): Only look in mpi and scripts for distfiles; this way - we don't include those of a stale "make dist" directory. - -2001-10-23 Werner Koch - - Released 1.0.6b snapshot. - -2001-10-22 Werner Koch - - * configure.ac: Fixed for automake 1.5 - -2001-10-17 Werner Koch - - * README: Removed note on local_ID. - -2001-09-28 Werner Koch - - * configure.ac: From now on add a string "-cvs" to the version to - indicate that this is a pre-release of the given version number. - -2001-09-26 Werner Koch - - * configure.ac [MINGW32]: Switched from wsock.dll to ws2_32.dll. - -2001-09-09 Werner Koch - - * configure.ac: autoconf changed the name of the maintainer mode - flag, so that not all warnings where enabled. Fixed that. - Reported by Dirk Meyer. - -2001-09-07 Werner Koch - - * configure.ac: Test for strsep(). - -2001-09-03 Werner Koch - - * configure.ac: Removed GDBM tests. - -2001-08-23 Werner Koch - - * configure.in (AC_FUNC_FSEEKO): Add. - (AC_CHECK_FUNCS): Remove fseeko. By Paul Eggert . - -2001-08-22 Werner Koch - - * configure.ac (gethrtime): Enhanced the test by running a test - program. - * INSTALL: Removed the note about Solaris problems because the - above test should catch this. - -2001-08-20 Werner Koch - - * acinclude.m4: Add check for plock if mlock is broken. - * configure.ac: Use regular tests for -lsocket and -lnsl, - more thorough test for gethrtime, allow specifying the path to - the zlib library if it is not in the default compiler/linker - search path, use ${datadir}. All these test enhancements are by - Albert Chin. - - * configure.ac: Set some compiler flags for dec-osf and hpux. By - Tim Mooney. - - * configure.ac: Create g10defs.h with EXTSEP_S et al. - -2001-08-03 Werner Koch - - * configure.ac (VERSION,PACKAGE): Fixed quoting. - -2001-07-26 Werner Koch - - * configure.ac: Finally got it running with the new autoconf. Had - to define PACKAGE and VERSION and to add -I.. to each Makefile.am. - -2001-07-09 Werner Koch - - Migrated to autoconf 2.50. - * acinclude.m4: Removed the temporary LFS macros and GNUPG_LINK_FILES. - * acconfig.h: Removed - * configure.in: Replaced by... - * configure.ac: and modified for use with autoconf 2.50, use a - literal string for the version number. Replaced GNUPG_LINK_FILES - with AC_CONFIG_LINKS and moved some informational messages to the end. - * VERSION: Removed. - * Makefile.am (DISTCLEANFILES): gettext is better now; no more - need to remove the libintl.h symlink. - (dist-hook): Create VERSION file. - -2001-06-08 Werner Koch - - * configure.in (DYNLINK_MOD_CFLAGS): Use -shared with dec-osf. - Reported by Chris Adams. Merged some cases. - -2001-05-29 Werner Koch - - Released version 1.0.6. - -2001-05-28 Werner Koch - - * configure.in (BUILD_INCLUDED_LIBINTL): Set to no for W32. - -2001-04-29 Werner Koch - - Released version 1.0.5. - -2001-04-28 Werner Koch - - Updated all copyright notices. - -2001-04-27 Werner Koch - - * README: Removed a few outdated paragraphs. - -2001-04-17 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_DOCBOOK_TO_TEXI): New. - (GNUPG_CHECK_TYPEDEF): Define _GNU_SOURCE because we will use it - anyway. - - * configure.in: Use it here. - - * configure.in (ALL_LINGUAS): Add Estonian translation by Toomas Soome. - (use_m_debug): Removed --enable-m-debug because it does not work - anymore. - -2001-04-06 Werner Koch - - * configure.in (ALL_LINGUAS): Add Turkish translation. Thanks - to Nilgun Belma Buguner. - -2001-03-18 Werner Koch - - * configure.in: Hardwire the use of -lsocket for some - systems. Thanks to Reinhard Wobst. - -2001-03-13 Werner Koch - - * configure.in: Add copyright notice and -lwsock32. - -2001-03-12 Werner Koch - - * INSTALL: Add a note to VPATH builds. - -2001-03-08 Werner Koch - - * debian/: Applied update from James. - - Added copyright and license notices to some more files. - -2001-01-18 Werner Koch - - * configure.in: Removed tool definitions for MingW32 - -2000-11-17 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_FAQPROG): Do not prinnt the warning. - -2000-11-11 Paul Eggert - - Actually Paul's patches are dated 2000-20-17; I applied them today - and merged some ChangeLog entries (wk@gnupg.org). - - * configure.in (AC_SYS_LARGEFILE): Add. - (try_large_file): Remove. All uses removed. - (AC_CHECK_FUNCS): Remove fopen64 and fstat64. - - * acinclude.m4 (AC_SYS_LARGEFILE_TEST_INCLUDES, - AC_SYS_LARGEFILE_MACRO_VALUE, AC_SYS_LARGEFILE): New macros, - taken from GNU tar. - - * configure.in (AC_CHECK_FUNCS): Add fseeko. - -2000-10-17 Werner Koch - - * configure.in: Disabled fopen64 checks for Solaris and HPUX. - -2000-10-13 Werner Koch - - * configure.in: Append mpi/mpi-asm-defs.h to g10defs.h - -2000-10-09 Werner Koch - - * acinclude.m4: Changed wording of the faqprog.pl warning. - -Wed Oct 4 15:50:18 CEST 2000 Werner Koch - - * configure.in: Set DYNLINK_MOD_CFLAGS for Irix. It seems that Irix - needs the -shared flag. In 1.1 we are going to use libtool, so this - module stuff will get redesigned anyway. Suggested by Jeff Long. - -Thu Sep 14 14:20:38 CEST 2000 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_FAQPROG): New. - * configure.in: Test for this. - - * configure.in (DYNLINK_MOD_CFLAGS): Fix by David Champion. - -Wed Sep 6 17:55:47 CEST 2000 Werner Koch - - * configure.in: Check for fstat64 and fopen64 - -Wed Sep 6 14:59:09 CEST 2000 Werner Koch - - * configure.in (GNUPG_HOMEDIR): New. - -Fri Aug 25 16:05:38 CEST 2000 Werner Koch - - * configure.in: Changes to allow for Solaris random device. - By Nils Ellmenreich. - (--with-egd-socket): New. - -Wed Aug 23 19:52:51 CEST 2000 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_MLOCK): Removed that silly mkdir(). - -Wed Jul 19 11:26:43 CEST 2000 Werner Koch - - * configure.in (mingw32): Changes to allow for mingw32msvc - -Fri Jul 14 10:17:30 CEST 2000 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_MLOCK): Fixed syntax error in C code. - -Wed Jul 12 13:32:06 CEST 2000 Werner Koch - - Version 1.0.2 - -Fri Jun 9 10:09:52 CEST 2000 Werner Koch - - * configure.in: Add check for termio.h, wait unctiosn and sigaction. - -Wed Jun 7 19:19:09 CEST 2000 Werner Koch - - * acinclude.m4 (MKDIR_TAKES_ONE_ARG): Check some headers. By Gaël Quéri. - * configure.in (AM_INIT_AUTOMAKE): Use this now. By Gaël. - -Mon Jun 5 12:37:43 CEST 2000 Werner Koch - - * acnclude.m4 (GNUPG_CHECK_EXPORTDYNAMIC): Replacement for - GNUPG_CHECK_RDYNAMIC which should handle gcc with non GNU ld nicer. - Contributed by Dave Dykstra. - * configure.in (GNYPG_CHECK_RDYNAMIC): Replaced by the new check. - - * configure.in (AC_CHECK_AWK): Moved before the first use of AWK. Suggested - by Dave Dykstra. - -Tue May 30 16:37:55 CEST 2000 Werner Koch - - Version 1.0.1-ePit-1 - -Sun May 28 13:55:17 CEST 2000 Werner Koch - - * acinclude.m4 (GNUPG_SYS_NM_PARSE): Added BSDI support. - (GNUPG_CHECK_RDYNAMIC): Ditto. - -Wed Apr 19 10:57:26 CEST 2000 Werner Koch - - * acconfig.h (HAVE_MLOCK): Added - -Wed Mar 22 13:50:24 CET 2000 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_MLOCK): Changed the way to test for - librt. Test suggested by Jeff Long. - -Fri Mar 17 17:50:25 CET 2000 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_MLOCK): Do librt check only when - we can't link a test program. This way GNU systems don't need - to link against linrt. - (GNUPG_CHECK_IPC): Fixed use of TRY_COMPILE macro. From Tim Mooney. - -2000-03-14 12:07:54 Werner Koch (wk@habibti.openit.de) - - * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add support for - DJGPP. - (GNUPG_CHECK_MLOCK): Check whether mlock sits in librt. - * configure.in: Add a test for unisgned long long. - -Tue Mar 7 18:45:31 CET 2000 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Add NetBSD. By Thomas Klausner. - * configure.in (DYNLINK_MOD_CFLAGS): Set different for NetBSD. - -Thu Mar 2 15:37:46 CET 2000 Werner Koch - - * configure.in: Add check for clock_gettime - -Wed Feb 23 10:07:57 CET 2000 Werner Koch - - * configure.in (ALL_LINGUAS): Add nl. - -Wed Feb 16 16:25:09 CET 2000 Werner Koch - - * configure.in (ALL_LINGUAS): Add Esperanto. - -Wed Feb 16 14:09:00 CET 2000 Werner Koch - - * configure.in (ALL_LINGUAS): Add sv and ja. - - * AUTHORS: Converted to a more compact format. - - * INSTALL: Wrote a note about a Solaris problem. - -Thu Feb 10 17:39:44 CET 2000 Werner Koch - - * configure.in: Use /usr/local for CFLAGS and LDFLAGS when - target is freebsd. By Rémi. - -Thu Jan 13 19:31:58 CET 2000 Werner Koch - - * configure.in: Do not set development version when the version has - a dash in it. Suggested by Dave Dykstra. - -Thu Dec 16 10:07:58 CET 1999 Werner Koch - - * VERSION: Set to 1.0.1. - - * configure.in: Removed substitution for doc/gph/Makefile. - Do all the gcc warning only in maintainer mode. - -Thu Dec 9 10:31:05 CET 1999 Werner Koch - - * INSTALL: Add a hint for AIX. By Jos Backus. - -Sat Dec 4 12:30:28 CET 1999 Werner Koch - - * configure.in (dlopen): Use CHECK_FUNC for a test of dlopen in libc. - Suggested by Alexandre Oliva. - (-Wall): Moved the settting of gcc warning options near to the end - so that tests don't get confused. Suggested by Paul D. Smith. - -Mon Nov 22 11:14:53 CET 1999 Werner Koch - - * BUGS: Replaced content with a link to the online list. - -Fri Nov 12 20:33:19 CET 1999 Werner Koch - - * README: Fixed a type and add a note about the gnupg-i18n ML. - -Thu Oct 28 16:08:20 CEST 1999 Werner Koch - - * acinclude.m4, configure.in (GNUPG_CHECK_GNUMAKE): New. - -Sat Oct 9 20:34:41 CEST 1999 Werner Koch - - * configure.in: Tweaked handling of random modules and removed - dummy support for libgcrypt. - * Makefile.am: Removed libgcrypt support. - * cgrypt/ : Removed. - - * Makefile.am: Removed libtool. - -Fri Oct 8 20:32:01 CEST 1999 Werner Koch - - * configure.in: Fixed quoting in test for development version. - - * THANKS: Add entries for Michael, Brenno and J Horacio who did - very nice Howto documents - I apoligize for forgetting to mention them - earlier. - -Tue Sep 28 20:54:37 CEST 1999 Werner Koch - - * textfilter.c (copy_clearsig_text) [__MINGW32__): Use CR,LF. - -Fri Sep 17 12:56:42 CEST 1999 Werner Koch - - * configure.in: Add "-lcap" when capabilities are requested. - Add the conditional CROSS_COMPILING. - * Makefile.am: Don't use checks when CROSS_COMPILING. - -Wed Sep 15 16:22:17 CEST 1999 Werner Koch - - * configure.in (ALL_LINGUAS): Add pt_PT. - - * configure.in: Some tweaks for cross compiling under MingW32 - * acconfig.h (USE_STATIC_RNDW32): New. - -Tue Sep 7 17:08:10 CEST 1999 Werner Koch - - * VERSION: Set to 1.0.0. - -Mon Sep 6 19:59:08 CEST 1999 Werner Koch - - * configure.in: Create makefile in doc/gph - - * acinclude.m4 (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): New - * configure.in: use the above. - -Thu Sep 2 16:40:55 CEST 1999 Werner Koch - - * VERSION: Set to 0.9.11. - -Tue Aug 31 17:20:44 CEST 1999 Werner Koch - - * configure.in: Minor changes to the OS/2 and Mingw32 system labels. - Add a printable name for Hurd. - -Mon Aug 30 20:38:33 CEST 1999 Werner Koch - - * configure.in: Some support for DJGPP (Mark Elbrecht) - -Wed Aug 4 10:34:46 CEST 1999 Werner Koch - - * VERSION: Set to 0.9.10. - -Mon Jul 26 09:34:46 CEST 1999 Werner Koch - - * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): remove init of ac_cv_... - - * Makefile.am (DISCLEANFILES): New - -Fri Jul 23 13:53:03 CEST 1999 Werner Koch - - * VERSION: Set to 0.9.9. - - * configure.in: Print a notice when rndunix is used. - -Thu Jul 15 10:15:35 CEST 1999 Werner Koch - - * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fixed last modification. - -Wed Jul 7 13:08:40 CEST 1999 Werner Koch - - * Makefile.am: Support for libtool. - * configure.in: Ditto. - -Tue Jun 29 21:44:25 CEST 1999 Werner Koch - - * configure.in (use_local_zlib): The lost dollar is back. - - * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add EMX case. - * configure.in: Another variant of the MX vendor string - - * configure.in (--with-capabilities): Some test code (Remi). - -Sat Jun 26 12:15:59 CEST 1999 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Support for HPUX and IRIX. - * configure.in (HAVE_DL_SHL_LOAD): New for HPUX (Dave Dykstra). - - * VERSION: Now 0.9.8 - -Wed Jun 16 20:16:21 CEST 1999 Werner Koch - - * configure.in: Add test for docbook-to-man - -Tue Jun 15 12:21:08 CEST 1999 Werner Koch - - * acinclude.m4 (GNUPG_SYS_NM_PARSE): Support for {net,free}bsd, - -Thu Jun 10 14:18:23 CEST 1999 Werner Koch - - * configure.in (ZLIB,GDBM): Check both, header and lib. - -Sat Jun 5 15:30:33 CEST 1999 Werner Koch - - * pkclist.c (key_present_in_pk_list): New (Michael). - -Tue May 25 19:50:32 CEST 1999 Werner Koch - - * configure.in (IS_DEVELOPMENT_VERSION): Fixed detection. - -Sun May 23 14:20:22 CEST 1999 Werner Koch - - * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): assume yes when - cross-compiling. - -Mon May 17 21:54:43 CEST 1999 Werner Koch - - * configure.in (socket): Fix for Unisys by Katsuhiro Kondou. - -Sat May 8 19:28:08 CEST 1999 Werner Koch - - * NEWS: Add a marker line which I forgot to do for 0.9.6. - -Thu May 6 14:18:17 CEST 1999 Werner Koch - - * README: Minor updates - - * VERSION: Now 0.9.6 - -Thu Apr 8 09:35:53 CEST 1999 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for - amiga-openbsd (Peter Reich) - (GNUPG_PROG_NM): Ditto - -Wed Apr 7 20:51:39 CEST 1999 Werner Koch - - * Makefile.am (g10defs.h): Removed. - * configure.in (AC_OUTPUT_COMMANDS): Create g10defs.h - -Sat Mar 20 12:55:33 CET 1999 Werner Koch - - * VERSION: Now 0.9.5 - -Sun Mar 14 19:34:36 CET 1999 Werner Koch - - * acinclude.m4 (AM_SYS_SYMBOL_UNDERSCORE): Removed because it is - now in the latest libtool. - -Thu Mar 11 16:39:46 CET 1999 Werner Koch - - * configure.in: Removed the need for libtool - -Mon Mar 8 20:47:17 CET 1999 Werner Koch - - * configure.in (DLSYM_NEEDS_UNDERSCORE): Replaced. - * acinclude.in (AM_SYS_SYMBOL_UNDERSCORE): New. - - * VERSION: Now 0.9.4 - -Sun Feb 28 19:11:00 CET 1999 Werner Koch - - * configure.in (dld): Test disabled. - -Fri Feb 26 17:55:41 CET 1999 Werner Koch - - * encode.c (encode_simple): temporary fix. - -Wed Feb 24 11:07:27 CET 1999 Werner Koch - - * configure.in: New option --enable-static-rnd. - -Mon Feb 22 20:04:00 CET 1999 Werner Koch - - * BUGS: Now we assign bug numbers. - * OBUGS: New to keep rack o fixed bugs (CVS only) - -Fri Feb 19 18:01:54 CET 1999 Werner Koch - - * VERSION: Released 0.9.3 - -Fri Feb 19 15:49:15 CET 1999 Werner Koch - - * acinclude.m4: Removed gettext macros. - -Tue Feb 16 14:10:02 CET 1999 Werner Koch - - * configure.in (socket): Check for -lsocket and -lnsl. - (osf4): Disable all warnings for DEC's cc. - (-Wall): Add more warning options for gcc - -Sat Feb 13 12:04:43 CET 1999 Werner Koch - - * configure.in: Changed detection of compiler flags. - * intl/ : Removed directory - -Wed Feb 10 17:15:39 CET 1999 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for freebsd 2.2 - - * configure.in: a lot of changes to allow selection of modules. - Add support for OS/2. - - * acinclude.m4: add some more caching - - * README: Spelling and grammar corrections (John A. Martin) - * INSTALL: Ditto. - -Wed Jan 20 21:40:21 CET 1999 Werner Koch - - * configure.in: --enable-m-guard is now default - -Wed Jan 13 12:49:36 CET 1999 Werner Koch - - * INSTALL: Applied new information how to build rpms by Fabio Coatti - * Makefile.in (gnupg.spec): Changed the names. - -Tue Jan 12 11:17:18 CET 1999 Werner Koch - - * config.links (m68k-atari-mint): New - -Tue Jan 12 09:17:19 CET 1999 Gaël Quéri - - * all: Fixed typos all over the place - -Sat Jan 9 16:02:23 CET 1999 Werner Koch - - * configure.in: Add a way to statically link rndunix - -Sun Jan 3 15:28:44 CET 1999 Werner Koch - - * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): New. - * configure.in (DYNLOAD_CFLAGS): Use result from CHECK_RDYNAMIC - -Wed Dec 23 13:18:14 CET 1998 Werner Koch - - * README: Replaced the command overview with a short intro. - -Sat Dec 12 18:40:32 CET 1998 Werner Koch - - * configure.in: Add check for dlopen in libc (Greg Troxel) - and a new define - * acconfig.h (DLSYM_NEEDS_UNDERSCORE): New. - -Thu Dec 10 20:15:36 CET 1998 Werner Koch - - * acinclude.m (GNUPG_CHECK_PIC): New - * configure.in, acinclude.m4: Renamed all WK_ to GNUPG_ - -Tue Dec 8 15:09:29 CET 1998 Werner Koch - - * VERSION: Set to 0.4.5 - -Wed Nov 25 12:38:29 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (USE_RNDLINUX): New. - -Fri Nov 20 19:34:57 1998 Werner Koch (wk@isil.d.shuttle.de) - - * VERSION: Released 0.4.4 - - * configure.in (try_asm_modules): For option --disable-asm - -Tue Nov 10 19:32:40 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (MPI_SFLAGS): New. - -Tue Nov 10 13:44:53 1998 Werner Koch (wk@isil.d.shuttle.de) - - * ABOUT-NLS: New - * configure.in (AC_REVISION): New. - -Sun Nov 8 18:20:35 1998 Werner Koch (wk@isil.d.shuttle.de) - - * VERSION: Set to 0.4.3 - -Sun Oct 25 19:49:37 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am (g10defs.h): New macro GNUPG_DATADIR. - -Wed Oct 21 17:24:24 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in: Removed gettext kludge - * acinclude.m4: Add patched AM_WITH_NKS macro - -Tue Oct 20 19:03:36 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in: Kludge to make AM_GNU_GETTEXT work, - changed some macors to more modern versions. Also - changeg the all makefiles to remove duplicate ../intl. - * acinclude.m4: Removed the gettext stuff, as this - already comes with automake now. - -Wed Oct 14 12:11:34 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (NAME_OF_DEV_RANDOM): New. - (DYNLINK_MOD_CFLAGS): New. - -Thu Oct 8 10:55:15 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am (g10defs.h): creates include file - * acconfig.h: now includes g10defs.h - * configure.in: Removed G10_LOCALEDIR and GNUPG_LIB - -Thu Sep 17 18:49:40 1998 Werner Koch (wk@(none)) - - * Makefile.am (dist-hook): Now creates RPM file. - * scripts/gnupg.spec: New template file for RPMs - -Thu Jul 30 19:17:07 1998 Werner Koch (wk@(none)) - - * acinclude.h (WK_CHECK_IPC): New - * configure.in : Add checks for SysV IPC - -Thu Jun 25 11:18:49 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (--disable-dynload): New. - -Wed Jun 10 07:48:59 1998 Werner Koch,mobil,,, (wk@tobold) - - * configure.in (GNUPG_LIBDIR): New. - -Mon May 25 19:10:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rand-unix.c (fast_random_poll): fixed syntax bug. - -Mon May 11 10:21:31 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (PRINTABLE_OS_NAME): Linux is now GNU/Linux - -Tue Apr 14 19:08:05 1998 Werner Koch (wk@isil.d.shuttle.de) - - * [all files]: Applied Matthew Skala's typo and grammar fixes. - -Wed Mar 4 10:32:40 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (getrusage,gettimeofday): New tests. - -Fri Feb 27 13:14:17 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (--disable-m-guard): New. - -Thu Feb 26 17:09:27 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in, acinclude.m4, intl/, po/: New macros taken - from GNOME, switched to automake 1.2f - -Thu Feb 26 09:05:46 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (doc/Makefile): New - -Thu Feb 26 07:40:47 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in: Changed gettext stuff - -Wed Feb 25 11:44:10 1998 Werner Koch (wk@isil.d.shuttle.de) - - * checks/*test : restructured the directory. - -Tue Feb 24 15:59:12 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in: Changed the name of the package to GNUPG and - chnaged several other names too. - -Wed Feb 18 17:36:45 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am (checks): New. - -Sat Feb 14 15:37:55 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (mpi_config_done): Removed asm links caching. - -Sat Feb 14 14:02:20 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in (PRINTABLE_OS_NAME): New. - * acconfig.h: Likewise. - -Fri Feb 13 19:43:41 1998 Werner Koch (wk@isil.d.shuttle.de) - - * configure.in : Fixed zlib stuff - * Makefile.am: Likewise - - - Copyright 1998, 1999, 2000, 2001, 2002, 2003, - 2004, 2005, 2006 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +Local Variables: +buffer-read-only: t +mode: text +End: diff --git a/ChangeLog-2011 b/ChangeLog-2011 new file mode 100644 index 000000000..57933c846 --- /dev/null +++ b/ChangeLog-2011 @@ -0,0 +1,2256 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-08-09 Werner Koch + + * configure.ac: Fix usage of AC_LANG_PROGRAM. + +2010-12-28 Werner Koch + + * configure.ac (git_revision): Add new m4 macro. + +2010-10-27 Werner Koch + + * acinclude.m4 (GNUPG_TIME_T_UNSIGNED): New. + * configure.ac: Call AC_HEADER_TIME and GNUPG_TIME_T_UNSIGNED. + +2010-10-18 Werner Koch + + Release 1.4.11. + +2010-10-10 Werner Koch + + * configure.ac (AH_BOTTOM): Add GNUPG_BAK_SFX and GNUPG_TMP_SFX. + Define GNUPG_HOMEDIR et al for VMS. + +2010-10-05 Werner Koch + + * configure.ac: Remove check for the faqprog. + +2010-09-28 Werner Koch + + * configure.ac (AH_BOTTOM) [__VMS]: Fix homedir. + +2010-09-23 Werner Koch + + Release 1.4.11rc1. + + * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Remove + --enable-selinux-support option. + +2009-09-02 Werner Koch + + Release 1.4.10. + + * configure.ac (AC_RG_ENABLE): Don't disable try_gettext in + --enable-minimal. + * README <--enable-minimal>: Mention --disable-nls. + +2009-08-13 Werner Koch + + Release 1.4.10rc1. + + * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Remove now obsolete + --enable-camellia + +2009-08-13 David Shaw + + * NEWS: Note Camellia and hkps. + +2009-07-21 Werner Koch + + * configure.ac (AH_BOTTOM): Add macros for estream-printf. + (estream_PRINTF_INIT): Add it. + +2009-06-05 David Shaw + + * configure.ac: Remove Camellia restriction. + +2008-10-03 David Shaw + + * configure.ac, acinclude.m4: Remove GNUPG_CHECK_DOCBOOK_TO_TEXI + as we no longer use it. Noted by John Clizbe. + +2008-08-27 David Shaw + + * configure.ac: Use printf for the most portable SVN version + detection. + +2008-08-11 Werner Koch + + * configure.ac: Check for size of time_t. + +2008-04-01 Werner Koch + + * configure.ac (AC_INIT): Fix quoting. + +2008-03-31 David Shaw + + * configure.ac: Require curl 7.10 (Oct 1 2002) or later as we use + curl_version_info(). + +2008-03-26 Werner Koch + + Release 1.4.9. + +2008-03-07 David Shaw + + * configure.ac: Darwin's /bin/sh has a builtin echo that doesn't + understand '-n'. Use tr to trim the carriage return instead. + +2008-03-06 David Shaw + + * configure.ac: Post-release update. + +2007-12-20 Werner Koch + + Released 1.4.8. + +2007-12-17 Werner Koch + + * configure.ac: Add special treatment for HAVE_LDAP_START_TLS_SA. + +2007-12-14 Werner Koch + + Released 1.4.8rc1. + +2007-12-13 David Shaw + + * NEWS: Note SHA-224 typo. + +2007-11-17 David Shaw + + * NEWS: Say a bit more about RFC-4880. Note some defaults + changing. + +2007-11-16 Werner Koch + + Released 1.4.8rc1. + +2007-10-27 David Shaw + + * README: Update notes about OSX Leopard. + +2007-10-23 Werner Koch + + Switched entire package to GPLv3+. + + * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Enable Camellia and mailto. + + * configure.ac (MPI_OPT_FLAGS): Always use AM_PO_SUBDIRS. + +2007-10-23 gettextize + + * configure.ac (AM_GNU_GETTEXT_VERSION): Bump to 0.16.1. + +2007-10-17 David Shaw + + * configure.ac: Change various help messages to use + AC_HELP_STRING. + +2007-07-18 David Shaw + + * configure.ac: It seems that AM_GNU_GETTEXT doesn't like being + run conditionally and it confuses the includes when doing later + type checks. This is bug#810. + +2007-07-08 David Shaw + + * configure.ac: AM_PROG_CC_C_O is desired by automake 1.10 to do + per-target builds (like we do in the keyserver dir), but exists in + the currently-used 1.9.3 as well. + +2007-06-13 David Shaw + + * configure.ac: Add --enable-camellia. Disabled by default. Do + not enable this unless you're doing interop testing. + +2007-04-16 Werner Koch + + * acinclude.m4: Fix last change. Make test self-contained by + checking for sysconf and getpagesize. Remove indentation for the + sake of broken C-89 cpp. + +2007-04-16 David Shaw + + * configure.ac: Add a HAVE_SHM conditional. + + * acinclude.m4: Use sysconf() if available to avoid a false + positive on HAVE_BROKEN_MLOCK when checking for page size. + + * configure.ac: Check for sysconf. + +2007-04-15 David Shaw + + * configure.ac: QNX puts resolver functions in libsocket. From + Sean Boudreau. + +2007-03-05 Werner Koch + + Released 1.4.7. + +2007-03-04 David Shaw + + * NEWS: Note --allow-multiple-messages. + +2006-12-21 David Shaw + + * configure.ac: Only check for libusb if we're building with card + support. Noted by Gilles Espinasse. + +2006-12-11 Werner Koch + + * Makefile.am (DISTCLEANFILES): Removed g10defs.h. + + * configure.ac (AC_CONFIG_COMMANDS): Removed creation of + g10defs.h. + (AH_BOTTOM): Moved stuff from g10defs.h to config.h. + +2006-12-07 David Shaw + + * configure.ac: AM_CONDITIONAL must not be used inside an if/then. + +2006-12-07 Werner Koch + + * configure.ac: Remove GNUPG_DATADIR for non-W32 systems. + +2006-12-06 Werner Koch + + Released 1.4.6. + +2006-12-04 Werner Koch + + * README: Add hint on hjow to set CC_FOR_BUILD. + * configure.ac (CC_FOR_BUILD): New. + +2006-12-02 David Shaw + + * NEWS: Note the CVE for bug#728, --s2k-count, + --passphrase-repeat, and the OpenSSL exception. + +2006-11-29 Werner Koch + + Released 1.4.6rc1. + +2006-11-05 David Shaw + + * configure.ac: --enable-minimal leaves out gettext and all + resolver functions (SRV, PKA, & CERT). + +2006-10-02 Werner Koch + + * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add case for mingw32 + and allow setting the variable on the command line. Fixes bug 518. + Also use HOST instead of TARGET. + + * README: Add information about the forthcoming GnuPG 2.0. + + * configure.ac (AB_INIT): New. + +2006-09-28 David Shaw + + * configure.ac: Move strsep to AC_REPLACE_FUNCS so it will end up + in libcompat. + +2006-08-01 Werner Koch + + Released 1.4.5. + +2006-07-31 Werner Koch + + * README: Updated info on the key used to sign the tarball. + +2006-07-28 Werner Koch + + Released 1.4.5rc1. + +2006-07-08 David Shaw + + * configure.ac: Fix resolver autoconf code so it works (fails) + properly with uClibc. + +2006-06-25 Werner Koch + + Released 1.4.4. + +2006-05-23 David Shaw + + * configure.ac: Add --disable-optimization. This is handy for + debugging so the compiler doesn't rearrange things and eliminate + variables. + +2006-05-22 Marcus Brinkmann + + * configure.ac: Remove check for noexecstack and invoke + CL_AS_NOEXECSTACK instead. + +2006-05-16 Werner Koch + + * README: Removed note for OSF5 as this is the default now. + Reported by Joerg Honegger. + + * configure.ac [osf5]: Fixed warning name to ptrmismatch1. + +2006-04-27 David Shaw + + * NEWS: Note SHA-224 and DSA2. + + * configure.ac: Remove --enable-old-keyserver-helpers. Comment + out --enable-m-guard for now. + +2006-04-12 Werner Koch + + * configure.ac: Print version at end of run. + (svn_revision): Posix adjustment. + +2006-04-07 Werner Koch + + * configure.ac: Use new method to include the SVN revison. Now it + is the actual global revision number. + +2006-04-04 Werner Koch + + * NEWS: Fixed old news entry to point to rfc4398 which has been + published just before 1.4.3. + +2006-04-03 Werner Koch + + Released 1.4.3. + +2006-03-30 David Shaw + + * README: Some more notes about building fat binaries. + +2006-03-24 David Shaw + + * README: Missing some instructions on building a fat binary. + +2006-03-20 David Shaw + + * configure.ac: Improved --disable-endian-check that doesn't + involve changing #ifdefs in the rest of the code. + +2006-03-19 David Shaw + + * configure.ac: Add --disable-endian-check for building fat + binaries on OSX. + + * README: Add note on how to build a fat binary on OSX. + +2006-03-17 David Shaw + + * configure.ac: Allow the DNS stuff to work on OSX by trying the + Apple-specific BIND_8_COMPAT. + +2006-03-09 Werner Koch + + Released 1.4.3rc2. + +2006-03-07 David Shaw + + * NEWS: Note CERT retrieval. Tweak PKA and backsig language to + match current code. + + * NEWS: Note --auto-key-locate and that keyservers can handle + binary data now. + +2006-03-01 David Shaw + + * configure.ac: Fix accidental enabling of SHA-384/512. Noted by + Nelson H. F. Beebe. + +2006-02-18 David Shaw + + * configure.ac: Try linking the UINT64_C test program (rather than + just compiling it) as UINT64_C looks like a (missing) function, + causing a false positive. Noted by Claus Assmann. + +2006-02-14 Werner Koch + + Released 1.4.3rc1. + +2006-02-09 Werner Koch + + * configure.ac: Check for fcntl and ftruncate. + +2006-01-22 David Shaw + + * configure.ac: Add define for EXEEXT so we can find keyserver + helpers on systems that use extensions. + +2005-12-23 David Shaw + + * configure.ac: Add switch for DNS CERT. + +2005-12-22 David Shaw + + * configure.ac: Split PKA checking off from DNS SRV checking. + Currently PKA is only enabled if HTTP or HKP is enabled which is + not necessary. + +2005-12-08 David Shaw + + * NEWS: Note --fetch-keys. + +2005-12-06 David Shaw + + * configure.ac: UINT64_C test needs #include . + + * configure.ac: Some cleanup so we don't build files that are + completely ifdeffed out. This causes a warning on Sun's cc. Do + sha512.c and the internal regex code as well for consistency. + +2005-11-17 David Shaw + + * NEWS: Note backsigs, the xxxxx-clean options, and the + xxxxx-minimal options. + +2005-11-02 David Shaw + + * configure.ac: Check for a getpagesize() declaration. + +2005-10-14 David Shaw + + * NEWS: Clarify the cURL keyserver changes, and add a note about + gpg-zip. + + * configure.ac: Remove the backsig configure options since this is + all done at runtime now. + +2005-10-11 David Shaw + + * configure.ac: Did some backsig testing with the PGP folks. All + is well, so I'm turning generation of backsigs on for new keys. + Checking for backsigs on verification is still off. + +2005-10-05 Werner Koch + + * configure.ac: Changed identification file name to g10/gpg.c + +2005-10-02 Marcus Brinkmann + + * configure.ac [!$try_gettext]: Invoke AM_PO_SUBDIRS. + +2005-08-31 David Shaw + + * configure.ac: Check for getpwnam, getpwuid, and pwd.h. + +2005-08-09 David Shaw + + * configure.ac: Remove hardcoded -I and -L for /usr/local on + FreeBSD. + +2005-08-04 David Shaw + + * configure.ac: Call GNUPG_CHECK_USTAR and generate tools/gpg-zip. + +2005-07-28 Werner Koch + + * configure.ac (USE_DNS_PKA): Define in addition to USE_DNS_SRV. + +2005-07-27 Werner Koch + + Replaced in all directories all calls to m_free, m_alloc, + m_realloc, m_strdup by calls to xfoo functions. This is to ease + porting to gnupg 1.9. + + * README.CVS: Renamed to README.SVN. + +2005-07-26 David Shaw + + * NEWS, configure.ac: Switch over to using curl or fake-curl by + default. Add --enable-old-keyserver-helpers to not use curl. + +2005-07-26 Werner Koch + + Released 1.4.2. + +2005-07-20 David Shaw + + * configure.ac: Add a define for FAKE_CURL. + +2005-07-19 Werner Koch + + * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH. + +2005-06-21 Werner Koch + + Released 1.4.2rc2. + +2005-06-20 David Shaw + + * NEWS: Note key cleaning commands. + +2005-06-13 David Shaw + + * configure.ac: Add check for no-pointer-sign warning keyword, and + disable. This is gcc4 specific. + +2005-05-31 Werner Koch + + Released 1.4.2rc1. + + * README: Add a note on GnuPG 1.9. + + Updated FSF address in all files. + +2005-05-26 David Shaw + + * NEWS: Note command completion and the new curl-based HKP helper. + +2005-04-16 David Shaw + + * configure.ac: Remove --disable-old-hkp - use new HKP handler for + --with-libcurl or --enable-fake-curl. + + * configure.ac: Add --disable-old-hkp option that can be used + along with --with-libcurl to build the curl version of HKP. + +2005-04-12 David Shaw + + * configure.ac: Check for memrchr() + +2005-03-31 Werner Koch + + * configure.ac: New option --disable-agent-support. Define + ENABLE_AGENT_SUPPORT as AC_DEFINE and AM_CONDITIONAL. + Disable support for card and agent with --enable-minimal. + (AC_REPLACE_FUNCS): Add isascii. + (g10defs.h): Define PATHSEP_C and PATHSEP_S. + + * README: Changed the instruction on how to verify a signature to + show a .sig extension and not the .asc we used to use ages ago. + +2005-03-16 David Shaw + + * configure.ac: Move the LDAP detecting code to m4/ldap.m4. + +2005-03-15 Werner Koch + + Released 1.4.1. + +2005-03-11 Werner Koch + + * configure.ac: New option --enable-noexecstack. + +2005-02-16 Werner Koch + + Released 1.4.1rc2. + +2005-02-11 David Shaw + + * configure.ac: Add --enable-fake-curl option to help test no-curl + HTTP. + + * NEWS: Note Mister/Zuccherato CFB countermeasures. + +2005-02-04 Werner Koch + + * configure.ac (GNUPG_CHECK_GNUMAKE): Removed. Not needed for + decent automakes. + +2005-02-03 David Shaw + + * NEWS: Fix typo. + +2005-02-03 Werner Koch + + Released 1.4.1rc1. + +2005-01-22 David Shaw + + * configure.ac: Define FTPS flag if we're using curl, and FTPS is + available. + + * README: Fix some typos (noted by Norihiko Murase), update to + 1.4.1, and tweak some descriptions. + + * NEWS: Note FTPS. + +2005-01-18 Werner Koch + + * configure.ac (HAVE_W32_SYSTEM): Define it. + +2005-01-18 David Shaw + + * NEWS: Note --rfc2440-text import/export-unusable-sigs and + gpgkeys_curl. + + * configure.ac: gpgkeys_mailto is disabled by default. Define + HTTPS flag if we're using curl, and HTTPS is available. + +2005-01-17 Werner Koch + + * README: Updated for SHA1 checksums. + + * configure.ac: Make --without-included-zlib work as + expected. Reported by Norihiko Murase. Same for + --without-included-regex. + +2005-01-03 David Shaw + + * configure.ac: Use new GNUPG_CHECK_LIBUSB macro. + +2004-12-28 David Shaw + + * configure.ac: Better implementation for the SRV check. We don't + need to actually check all the header files individually since the + SRV test compile uses them together. + +2004-12-24 David Shaw + + * configure.ac: Use new LIBCURL_CHECK_CONFIG macro for + all libcurl stuff. This simplifies, and we don't need the + automake conditional stuff any longer. + +2004-12-22 David Shaw + + * configure.ac: --enable-ftp is on by default, --with-libcurl is + off by default. If we have neither of --enable-ftp or + --enable-http, don't even check for curl. + +2004-12-21 David Shaw + + * configure.ac: Add check for --enable-ftp. It is disabled by + default for now. + +2004-12-18 David Shaw + + * configure.ac: Call the new GNUPG_CHECK_READLINE macro for + readline stuff. + +2004-12-17 David Shaw + + * configure.ac: Add a --with-ldap=DIR so people can add to the + search path. + +2004-12-16 David Shaw + + * configure.ac: Check for arpa/nameser.h. + +2004-12-16 Werner Koch + + * THANKS: Added John Clizbe for help testing the 1.4.0a W32 + binary. + +2004-12-16 Werner Koch + + Released 1.4.0. + +2004-12-14 Werner Koch + + Released 1.3.93. + + * Makefile.am (AUTOMAKE_OPTIONS): Add filename-length-max=99. + +2004-11-06 David Shaw + + * configure.ac: Autodetect wldap32 on Windoze. + +2004-11-04 David Shaw + + * README, configure.ac: Add --enable-backsigs to enable the + experimental backsigs code. + +2004-11-04 Werner Koch + + * AUTHORS: Use Maxim Britov. I am not that accustomed to the + Russian way of writing names. + +2004-10-28 Werner Koch + + Released 1.3.92. + +2004-10-26 Werner Koch + + * configure.ac: New option --disable-gnupg-iconv, define + USE_GNUPG_ICONV. + (AC_CANONICAL_TARGET): Replaced by AC_CANONICAL_HOST. Changed all + reference to TARGET to HOST. Made sure that i586-mingw32msvc gets + detected as mingw32. + (UNIT64_C): Don't include inttype.h uncoditional but use a test to + ensure that it gets into conftest.h. + (AH_TOP): New. Prevent double inclusion of config.h. + +2004-10-21 David Shaw + + * acinclude.m4: aclocal 1.9 wants quoting on AC_DEFUN arguments. + +2004-10-21 Werner Koch + + * configure.ac: Remove the check for asprintf + +2004-10-15 Werner Koch + + Released 1.3.91. + + * README: Mentioned --enable-selinux-support. + +2004-10-15 David Shaw + + * NEWS: Note gpgkeys_finger, keyserver timeouts, and the direct + trust model. + +2004-10-15 Werner Koch + + * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): New. + (AUTOMAKE_OPTIONS): New. + + * configure.ac: Check whether vasprintf needs a replacement. + +2004-10-13 Werner Koch + + * configure.ac: Actually name the option --disable-finger and not + http. Add option --enable-selinux-support. + +2004-10-11 Werner Koch + + * configure.ac: New option --disable-finger. + +2004-09-17 Werner Koch + + * configure.ac: Don't check for usb_create_match or + use_get_string_simple anymore. + +2004-09-15 David Shaw + + * configure.ac: Give warning when using capabilities. Check for + usb_get_string_simple for old libusb reasons. + +2004-09-10 David Shaw + + * NEWS: Note HTTP basic auth. + + * configure.ac: Check for usb_get_busses since very old stable + libusb doesn't have it. + +2004-09-09 Werner Koch + + * README: Doc --disable-card-support and --without-readline. + + * configure.ac: Check for readline. Make enable-card-support the + default. New option --without-readline. Allow the use of either + the development or the stable libusb. + +2004-07-27 Werner Koch + + * configure.ac (AM_GNU_GETTEXT_VERSION): New. + (min_automake_version): New. + +2004-05-24 David Shaw + + * configure.ac: Try for wldap32 on Win32 platforms. + +2004-05-22 Werner Koch + + Releases 1.3.6. + +2004-05-21 David Shaw + + * NEWS: Note --sig-keyserver-url and the ability to use a + preferred keyserver in a regular data sig to fetch the signing + key. + + * configure.ac: Replacement function for timegm(). No need to + check for setenv() any longer. + +2004-05-20 David Shaw + + * NEWS: Note HTTP key fetching. + + * README: Update version and note that HKP is no longer build in. + + * configure.ac: Handle --disable-http and other code to properly + build gpgkeys_http. + +2004-05-19 David Shaw + + * NEWS: Note the addition of preferred keyserver support, + --ask-cert-level, --keyid-format, and the removal of + show-long-keyids, the quasi-1991 partial length encoding, + --export-all, and include-non-rfc. + + * acinclude.m4 (GNUPG_SYS_NM_PARSE): Remove a leftover slash in a + sed expression. + +2004-05-01 Werner Koch + + * acinclude.m4 (ac_pipe_works): Fixed BRE syntax \? -> \{0,1\}. + Reported by Todd Vierling. + +2004-02-26 Werner Koch + + Released 1.3.5. + +2004-02-25 David Shaw + + * README: Update copyright. + + * NEWS: Note --max-output, --list-config, --min-cert-level, AIX + fix, new http-proxy keyserver-option, new LDAP server code, TLS, + LDAPS, and --show-session-key with --symmetric. + +2004-02-20 David Shaw + + * configure.ac: Check for timegm(). Replacement functions for + setenv() and unsetenv(). + +2004-02-19 David Shaw + + * configure.ac: Check for ln -s and add GPGKEYS_LDAP conditional, + both for making gpgkeys_ldaps symlink to gpgkeys_ldap. + + * configure.ac: Simplify the LDAP checking code since OpenLDAP is + far more mature these days and dependencies are cleaner. Add + checks for ldap_set_option and ldap_start_tls_s. + +2004-01-27 David Shaw + + * NEWS: Note --enable-key-cache, the OpenBSD/i386 and HPPA fixes, + and Elgamal removal. + + * README, configure.ac: Add --enable-key-cache=SIZE configure + option. This sets the key/uid cache size. Default is 4096. + +2004-01-11 David Shaw + + * configure.ac: Include stdio.h when checking for bzlib.h. Solaris + 9 has a very old bzip2 library and we can at least guarantee that + it won't fail because of the lack of stdio.h. + + * THANKS: Added Phong Nguyen, who found the Elgamal signing key + problem. + +2003-12-23 Werner Koch + + * configure.ac: Use -Wformat-nonliteral in maintainer-mode. + +2003-11-30 David Shaw + + * NEWS: Note --disable-rsa. + + * configure.ac: Add --disable-rsa. + + * README: Add --with-zlib, --with-bzip2, --without-bzip2, + --disable-rsa, and --enable-minimal. Update gettext version. + + * README: Update version number. Add BZIP2. Remove Elgamal + sign+encrypt. + +2003-11-27 Werner Koch + + Released 1.3.4. + +2003-11-27 David Shaw + + * NEWS: Note that we won't encrypt to an Elgamal sign+encrypt key + any longer. + + * configure.ac: Use MSG_NOTICE instead of MSG_WARN for less + serious notifications. + + * NEWS: I meant "less" not "more". + +2003-11-12 David Shaw + + * NEWS: Note BZIP2. + + * configure.ac: Make sure that the resolver API actually compiles, + and not just that the right functions exist. + +2003-10-30 David Shaw + + * configure.ac: Locate libbz2 for bzip2 compression support. + +2003-10-26 David Shaw + + * NEWS: Note --symmetric --encrypt and the improved config file + search. + + * configure.ac: Add SAFE_VERSION_DOT and SAFE_VERSION_DASH. + +2003-10-25 Werner Koch + + * Makefile.am (SUBDIRS): Add intl. + (ACLOCAL_AMFLAGS): New variable. + (EXTRA_DIST): Add scripts/config.rpath. + * configure.ac (AC_CONFIG_FILES): Add po/Makefile.in, + (AL_LINGUAS): Removed. + +2003-10-24 David Shaw + + * configure.ac (DLLIBS): Work properly on platforms where dlopen + and friends are in libc instead of libdl. + +2003-10-24 Werner Koch + + * configure.ac (DLLIBS): Fixed last change. + +2003-10-23 Werner Koch + + * configure.ac (DLLIBS): Do not include -ldl in the mingw32 case. + +2003-10-21 Werner Koch + + * configure.ac (PRINTABLE_OS_NAME): Remove special case for The + Hurd; Robert Millan reported that the uname test is now + sufficient. + +2003-10-16 David Shaw + + * configure.ac: Include -ldl when card support is used. + +2003-10-10 Werner Koch + + Release 1.3.3. + +2003-10-09 David Shaw + + * NEWS: Note multiple Comment: support and --sig-keyserver-url. + +2003-10-01 Werner Koch + + * configure.ac (AH_BOTTOM): Define GNUPG_MAJOR_VERSION. + (ENABLE_CARD_SUPPORT): Define as automake conditional. + +2003-09-30 David Shaw + + * NEWS: Note that SHA-256 is read-write now, that TIGER/192 is no + more, that revoked and expired uids are skipped in -r, and that + --no-mangle-dos-filenames is now the default. + +2003-09-27 Werner Koch + + * configure.ac (LIBUSB_LIBS,HAVE_LIBUSB): Check for Libusb. + (--enable-card-support): New. + +2003-09-04 David Shaw + + * configure.ac: Drop TIGER/192 support. Check for UINT64_C to go + along with uint64_t. + +2003-09-01 David Shaw + + * NEWS: Note --list-options, --verify-options, the deprecation of + --show-photos, --show-policy-url, --show-notation, and + --show-keyring, and getting the signer's fingerprint in sig + records. + +2003-08-28 David Shaw + + * AUTHORS, THANKS: Updates from stable. + +2003-08-25 David Shaw + + * NEWS: Note %g and %p, the "tru" --with-colons record, and the + REVKEYSIG --status-fd tag. + + * README: Add a note about the SunOS symbol underscore problem and + how to fix it. Note problem with gcc < 2.96 and non-gnu as. + +2003-08-24 David Shaw + + * configure.ac: Check for getaddrinfo. Don't bother to check for + EGD libs since we need to have the netlibs regardless because of + the agent socket. + +2003-07-10 David Shaw + + * configure.ac: configure.ac: Check for sigset_t and struct + sigaction. This is for Forte c89 on Solaris which seems to define + only the function call half of the two pairs by default. + + * THANKS: Updates from stable. + + * configure.ac: Include wsock32 in W32LIBS. This is different + from NETLIBS so we don't need to force other platforms to pull in + the netlibs when they aren't actually needed. + + * NEWS: Note portability changes. + +2003-06-03 David Shaw + + * configure.ac: Define SAFE_VERSION so that RISCOS can override it + and remove invalid chars. + +2003-05-30 David Shaw + + * configure.ac: Put wsock32 in NETLIBS. Put zlib in ZLIBS. Put + dl in DLLIBS. Check for getopt.h if available. Look for getopt() + in libiberty if libc doesn't have it. Enable GPGKEYS_HKP after + AC_PROG_CC so that any needed extension (i.e. ".exe") is defined. + +2003-05-27 Werner Koch + + Released 1.3.2. + +2003-05-26 David Shaw + + * NEWS: Document --gnupg and the deprecation of --no-openpgp and + --no-pgpX. + +2003-05-24 David Shaw + + * configure.ac: Edit preprocessor instructions in g10defs.h to + remove whitespace before the '#'. This is not required by C89, + but there are some compilers out there that don't like it. + +2003-05-11 David Shaw + + * configure.ac: Remove some stuff no longer needed with newer + autoconf. Use AC_GNU_SOURCE instead of defining _GNU_SOURCE + manually. Add check for strchr() for gettext. Add "ngettext" + check for gettext, since that check supposedly implies a check for + bind_textdomain_codeset. Add check for times() for random.c. Fix + URL for EGD. Make --enable-old-tiger match the stable branch as a + separate item. + + * NEWS: "OpenPGP" trust model is now "PGP". Add note about TIGER + being dropped from OpenPGP. Note trust bug fix. + + * README: Fix all URLs to point to the right place in the + reorganized gnupg.org web pages. Some minor language fixes. + +2003-04-27 David Shaw + + * BUGS: Fix bug reporting URL. + + * NEWS: Add sig version, pk algo, hash algo, and sig class to + VALIDSIG. Add notes about SRV, the "subkeyid!" syntax, configure + options to disable various algorithms, and the ability to change + the keyserver no-modify flag. + +2003-04-23 David Shaw + + * configure.ac: Big warning that TIGER/192 is being removed from + the standard, and make it disabled by default. + + * README: Put back proper copyright line. Remove mention of + TIGER/192. + +2003-04-15 Werner Koch + + * configure.ac (HAVE_DOSISH_SYSTEM): New automake conditional. + + * acinclude.m4 (GNUPG_CHECK_ENDIAN): Fixed quoting of r.e. using + quadrigraphs. + +2003-04-08 Werner Koch + + * Makefile.am (EXTRA_DIST): Add autogen.sh wrapper. + +2003-04-07 David Shaw + + * configure.ac: Use much more accurate method to determine whether + DNS SRV is usable. + + * README: Document the various --disable-xxx switches, and add a + note about existing keys that may use one of the missing ciphers + as a preference. Update copyright date. + + * NEWS: Add note about SHA-256/384/512. + + * acinclude.m4: Fix URL to faqprog.pl. + +2003-03-24 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume + little only for Intel CPUs. + + * configure.ac: Check for ranlib and ar. This is required for + cross compiling. + +2003-03-11 David Shaw + + * configure.ac: Look for res_query so we can use DNS SRV, and add + --disable-dns-srv to disable it. + +2003-03-04 David Shaw + + * configure.ac: Define @CAPLIBS@ to link in -lcap if we are using + capabilities. + +2003-02-22 David Shaw + + * configure.ac: Add --disable-idea for IDEA. Note that disabling + IDEA disables both the real IDEA and the possibility of using the + IDEA loadable module. Remove the --disable-dynload option since + it is no longer meaningful (it is only used if idea-stub is used). + +2003-02-21 David Shaw + + * configure.ac: Add --disable-xxx options for CAST5, BLOWFISH, AES + (all), TWOFISH, TIGER192, SHA256, and SHA384/512. Add a + --enable-minimal that disables all of them as well as + --disable-exec. + +2003-02-11 David Shaw + + * configure.ac: Do not set GNUPG_LIBEXECDIR in ./configure, so + that makefiles can override it. Verify that we have a 64-bit type + before building tiger.c or sha512.c. Add uint64_t as a possible + 64-bit type. + +2003-02-02 David Shaw + + * NEWS: Add notes about disabled keys, trustdb tweaks, and + "revuid". + +2002-12-27 David Shaw + + * NEWS: Add note about convert-from-106 script. + +2002-11-25 David Shaw + + * NEWS: Add notes about notation names and '@', the --trust-model + option, default algorithms from --personal-xxxx, + --primary-keyring, changes with --s2k-digest-algo, the new + anonymous recipient improvements, and non-optimized memory wiping. + +2002-11-13 David Shaw + + * THANKS: Changes from stable branch. + + * configure.ac: Check for ctermid(). From Werner on stable + branch. + + * configure.ac (GPGKEYS_LDAP,GPGKEYS_HKP): Add $EXEEXT. From + Werner on stable branch. + + * configure.ac (try_gettext): Remove special case for cygwin. + This removes all the DOS specific macros and let Cygwin work like + a real OS. Needs a couple of changes elsewhere but after all, + GnuPG presents itself much more like a Posix program and can be + used in a full Cygwin environment; e.g. used along with mutt. + Changes suggested by Volker Quetschke. From Werner on stable + branch. + + * acinclude.m4 (GNUPG_SYS_NM_PARSE): Allow for underscore in test + symbols. Useful for Cygwin builds. + (GNUPG_SYS_SYMBOL_UNDERSCORE): Don't hardwire to yes for Cygwin. + From Werner on stable branch. + + * README: Add an installation note for Darwin 6.1. From Werner on + stable branch. + +2002-11-12 Werner Koch + + Released 1.3.1 + +2002-11-03 David Shaw + + * NEWS: Note trust signature support, + --hidden-encrypt-to/--hidden-recipient, and long algorithm name + support everywhere. + +2002-10-31 David Shaw + + * Makefile.am: Put gnupg.spec in the root directory so rpm -ta + works. + + * configure.ac: Add a check for volatile. + +2002-10-29 David Shaw + + * configure.ac: Add --disable-regex in case some platform just + can't handle the regex stuff. This means they can't fully handle + trust sigs with an attached regex either. + +2002-10-19 David Shaw + + * configure.ac: Regex tests adapted from mutt to decide whether to + use the internal regex code or not. + +2002-10-18 Werner Koch + + Released 1.3.0. + + * configure.ac: Changed version number comments. + (ALL_LINGUAS): Removed all except for de. During development it + might not be a good idea to keep all of them - they get outdated + too soon and diff files will be far too large. + +2002-10-17 David Shaw + + * README: Multiple A record rotation works with MINGW32 now, and + clarify how it works with LDAP. + +2002-10-16 David Shaw + + * README: Some typo fixes from Florian Weimer, and bump version + number. + +2002-10-15 David Shaw + + * NEWS: Some 1.3 notes. + +2002-10-12 Werner Koch + + * configure.ac (NAME_OF_DEV_URANDOM): Use /dev/urandom for + NetBSD. Reported by Christian Biere. + +2002-10-07 David Shaw + + * configure.ac: OpenLDAP 2.0.27 changed the dependencies again. + Add a "LDAPLIBS" variable so users can try and suggest the right + dependencies for their platform. + +2002-10-02 David Shaw + + * configure.ac: Add an --enable-old-tiger, to revert back to the + old OID. + +2002-09-27 David Shaw + + * configure.ac: Remove --enable-tiger, as TIGER is now always + enabled. + +2002-09-25 David Shaw + + * configure.ac: Add NETLIBS to EGDLIBS when using EGD as EGD uses + sockets. + +2002-09-24 David Shaw + + * THANKS: Remove duplicate. + + * NEWS: Bring in cosmetic changes from stable branch. + + * configure.ac: Figure out whether the LDAP library supports + ldap_get_option, ld_errno, or neither. + +2002-09-19 David Shaw + + * configure.ac: Try linking LDAP as just -lldap as it seems very + recent OpenLDAPs (>=2.0.23) support that. + +2002-09-14 David Shaw + + * configure.ac: Try linking LDAP without -lresolv first, just in + case the platform has libresolv, but doesn't actually need it to + use LDAP. + +2002-09-12 David Shaw + + * NEWS: Note that the old IDEA plugin won't work with post-1.1.90 + gpg. + +2002-09-12 David Shaw + + * configure.ac: Remove --enable-external-hkp as this is always on + now. Add --disable-hkp to match the other + --disable-{keyservertype} options. + + * NEWS, configure.ac: Move to devel version 1.3. + +2002-09-11 Werner Koch + + Released 1.1.92. + + * configure.ac (random_modules): The default random module for + system lacking a /dev/random is now auto selected at runtime. + +2002-09-09 David Shaw + + * NEWS: typo. + + * configure.ac: Add a link test for LDAP without -lresolv for + HPUX. Remove "hstrerror" test as it is no longer needed. + +2002-09-02 Werner Koch + + * README: Removed the note about a development version so that we + later don't forget this. Minor other changes. + +2002-08-29 Werner Koch + + * configure.ac (random_modules): Reworked the code to select the + random module. Define USE_ALL_RANDOM_MODULES for value all. + +2002-08-27 David Shaw + + * configure.ac: Check type of mode_t. + + * NEWS: Clarify that --libexecdir is a configure option. + + * configure.ac: Check for hstrerror. + +2002-08-19 David Shaw + + * NEWS: Document new ways to enable MDC, and change in automatic + compression disabling. + + * configure.ac: No such thing as the "none" random gather any + longer. + +2002-08-08 David Shaw + + * configure.ac: Add an --enable-tiger. + + * NEWS: Clarify new permission checks. + +2002-08-07 David Shaw + + * configure.ac: If the static IDEA cipher is present, disable + dynamic loading. Also fix backwards grammar of keyserver + exec-path CHECKING message. + +2002-08-05 Werner Koch + + * configure.ac: Bumbed version number. + +2002-08-04 Werner Koch + + Released 1.1.91. + + * configure.ac (ALL_LINGUAS): Added Catalan. + +2002-08-02 Werner Koch + + * configure.ac: Removed all extension stuff but keep the tests for + dlopen. We don't need to figure out the flags required. All + stuff is now statically loaded. + +2002-07-30 David Shaw + + * README, configure.ac: --with-exec-path is now clarified into + --disable-keyserver-path + + * NEWS: changes since 1.1.90. + +2002-07-24 David Shaw + + * configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h, as well + as a SUBST for Makefiles. + +2002-07-22 Timo Schulz + + * configure.ac: Replace the 'c:/' variables with 'c:\' due + to the fact we already use '\' in the remaining code. + +2002-07-08 David Shaw + + * configure.ac: Add --with-mailprog to override the use of + sendmail with another MTA. We can use anything that follows the + "$MAILPROG -t" convention. + +2002-07-04 David Shaw + + * configure.ac: --enable-exec-path should be a 'with'. Fix 'no' + cases of --with-exec-path and --with-photo-viewer. + + * README: Document --disable-exec, --disable-photo-viewers, + --disable-keyserver-helpers, --enable-exec-path, and + --with-photo-viewer. + + * configure.ac: Add --with-photo-viewer to lock the viewer at + compile time and --disable-keyserver-helpers and + --disable-photo-viewers to allow disabling one without disabling + the other. + +2002-07-03 David Shaw + + * configure.ac: Allow setting USE_EXEC_PATH to lock the exec-path + to a fixed value. + +2002-07-01 Werner Koch + + * configure.ac: Set version number to 1.1.91. + + Released 1.1.90. + + * INSTALL: Replaced by generic install file. + * README: Marked as development version and moved most stuff of + the old INSTALL file to here. + +2002-06-30 Werner Koch + + * configure.ac: Link W32 version against libwsock32. + +2002-06-29 Werner Koch + + * configure.ac (development_version): New. + (HAVE_DEV_RANDOM_IOCTL): Removed test for it; it was never used. + + * BUGS, AUTHORS: Add a note on how to send security related bug + reports. + +2002-06-20 David Shaw + + * NEWS: changes since 1.0.7. + + * configure.ac: Set new version number (1.1.90), and fix Solaris + compiler flags for shared objects. + +2002-06-11 David Shaw + + * configure.ac: Move -lsocket and -lnsl checks before LDAP link + tests so they work properly on Solaris. Noted by David Champion. + Also, check for the Mozilla LDAP library if the OpenLDAP library + check fails. Put -lsocket and -lnsl in NETLIBS rather than LIBS + so not all programs are forced to link to them. + +2002-06-05 David Shaw + + * configure.ac: Add a switch for the experimental external HKP + keyserver interface. + +2002-05-22 Werner Koch + + * configure.ac: Check for strcasecmp and strncasecmp. Removed + stricmp and memicmp checks. + +2002-05-08 David Shaw + + * configure.ac: If LDAP comes up unusable, try #including + before giving up. Old versions of OpenLDAP require that. + +2002-05-03 David Shaw + + * configure.ac: In g10defs.h, use \ for the directory separator + when HAVE_DOSISH_SYSTEM is on. + + * configure.ac: Add --disable-exec flag to disable all remote + program execution. --disable-exec implies --disable-ldap and + --disable-mailto. Also look in /usr/lib for sendmail. If + sendmail is not found, do not default - just fail. + +2002-04-30 David Shaw + + * configure.ac: Try and link to a sample LDAP program to check if + the LDAP we're about to use is really sane. The most common + problem (using a very old OpenLDAP), could be fixed with an extra + #include, but this would not be very portable to other LDAP + libraries. + +2002-04-29 Werner Koch + + Released 1.0.7. + + * README: Fixed some minor things. + +2002-04-25 Werner Koch + + * configure.ac: Check for locale.h and setlocale + +2002-04-24 David Shaw + + * Update NEWS with recent changes. + +2002-04-19 Werner Koch + + Released 1.0.6e snapshot. + +2002-04-12 Werner Koch + + * configure.ac: Add a warning note to the definition of the + EXTSEP macros. + +2002-04-09 Werner Koch + + * configure.ac (ALL_LINGUAS): Added Czech, Galician and Greek + translations. s/es_ES/es/. + +2002-03-06 Werner Koch + + * configure.ac (ALL_LINGUAS): s/pt_PT/pt/ + +2002-03-04 David Shaw + + * Add a AC_DEFINE(_GNU_SOURCE). Since this is always defined in + config.h, the various autoconf tests should be tested with it + enabled. This also works around a compiler warning caused by a + minor header bug in glibc 2.1 that causes fseeko to be defined + when building gpg, but not when tested for in configure. + +2002-03-03 Werner Koch + + Release 1.0.6d snapshot. + +2002-01-04 David Shaw + + * NEWS: about symmetric messages and fixed file sizes. + +2001-12-22 Werner Koch + + Released 1.0.6c snapshot. + + * configure.ac (AH_BOTTOM): Moved EXEC_TEMPFILE_ONLY to here. + + * acconfig.h: Removed, it should no longer be used. + +2001-12-21 David Shaw + + * Add an acconfig.h to define EXEC_TEMPFILE_ONLY on platforms that + can't do fork/exec. + +2001-12-21 Werner Koch + + * Makefile.am (dist-hook): We should also look in include for + distfiles. + (EXTRA_DIST): Remove VERSION because it is generated by dist-hook. + +2001-12-20 David Shaw + + * configure.ac: replacement function for mkdtemp() + +2001-12-19 David Shaw + + * configure.ac: Check for stat() + +2001-12-19 Werner Koch + + * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Support Cygwin target + * configure.ac [CYGWIN32]: Don't build tiger. By Disastry. + +2001-12-18 Werner Koch + + * Makefile.am (SUBDIRS): Add keyserver. + (dist-hook): Only look in mpi and scripts for distfiles; this way + we don't include those of a stale "make dist" directory. + +2001-10-23 Werner Koch + + Released 1.0.6b snapshot. + +2001-10-22 Werner Koch + + * configure.ac: Fixed for automake 1.5 + +2001-10-17 Werner Koch + + * README: Removed note on local_ID. + +2001-09-28 Werner Koch + + * configure.ac: From now on add a string "-cvs" to the version to + indicate that this is a pre-release of the given version number. + +2001-09-26 Werner Koch + + * configure.ac [MINGW32]: Switched from wsock.dll to ws2_32.dll. + +2001-09-09 Werner Koch + + * configure.ac: autoconf changed the name of the maintainer mode + flag, so that not all warnings where enabled. Fixed that. + Reported by Dirk Meyer. + +2001-09-07 Werner Koch + + * configure.ac: Test for strsep(). + +2001-09-03 Werner Koch + + * configure.ac: Removed GDBM tests. + +2001-08-23 Werner Koch + + * configure.in (AC_FUNC_FSEEKO): Add. + (AC_CHECK_FUNCS): Remove fseeko. By Paul Eggert . + +2001-08-22 Werner Koch + + * configure.ac (gethrtime): Enhanced the test by running a test + program. + * INSTALL: Removed the note about Solaris problems because the + above test should catch this. + +2001-08-20 Werner Koch + + * acinclude.m4: Add check for plock if mlock is broken. + * configure.ac: Use regular tests for -lsocket and -lnsl, + more thorough test for gethrtime, allow specifying the path to + the zlib library if it is not in the default compiler/linker + search path, use ${datadir}. All these test enhancements are by + Albert Chin. + + * configure.ac: Set some compiler flags for dec-osf and hpux. By + Tim Mooney. + + * configure.ac: Create g10defs.h with EXTSEP_S et al. + +2001-08-03 Werner Koch + + * configure.ac (VERSION,PACKAGE): Fixed quoting. + +2001-07-26 Werner Koch + + * configure.ac: Finally got it running with the new autoconf. Had + to define PACKAGE and VERSION and to add -I.. to each Makefile.am. + +2001-07-09 Werner Koch + + Migrated to autoconf 2.50. + * acinclude.m4: Removed the temporary LFS macros and GNUPG_LINK_FILES. + * acconfig.h: Removed + * configure.in: Replaced by... + * configure.ac: and modified for use with autoconf 2.50, use a + literal string for the version number. Replaced GNUPG_LINK_FILES + with AC_CONFIG_LINKS and moved some informational messages to the end. + * VERSION: Removed. + * Makefile.am (DISTCLEANFILES): gettext is better now; no more + need to remove the libintl.h symlink. + (dist-hook): Create VERSION file. + +2001-06-08 Werner Koch + + * configure.in (DYNLINK_MOD_CFLAGS): Use -shared with dec-osf. + Reported by Chris Adams. Merged some cases. + +2001-05-29 Werner Koch + + Released version 1.0.6. + +2001-05-28 Werner Koch + + * configure.in (BUILD_INCLUDED_LIBINTL): Set to no for W32. + +2001-04-29 Werner Koch + + Released version 1.0.5. + +2001-04-28 Werner Koch + + Updated all copyright notices. + +2001-04-27 Werner Koch + + * README: Removed a few outdated paragraphs. + +2001-04-17 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_DOCBOOK_TO_TEXI): New. + (GNUPG_CHECK_TYPEDEF): Define _GNU_SOURCE because we will use it + anyway. + + * configure.in: Use it here. + + * configure.in (ALL_LINGUAS): Add Estonian translation by Toomas Soome. + (use_m_debug): Removed --enable-m-debug because it does not work + anymore. + +2001-04-06 Werner Koch + + * configure.in (ALL_LINGUAS): Add Turkish translation. Thanks + to Nilgun Belma Buguner. + +2001-03-18 Werner Koch + + * configure.in: Hardwire the use of -lsocket for some + systems. Thanks to Reinhard Wobst. + +2001-03-13 Werner Koch + + * configure.in: Add copyright notice and -lwsock32. + +2001-03-12 Werner Koch + + * INSTALL: Add a note to VPATH builds. + +2001-03-08 Werner Koch + + * debian/: Applied update from James. + + Added copyright and license notices to some more files. + +2001-01-18 Werner Koch + + * configure.in: Removed tool definitions for MingW32 + +2000-11-17 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_FAQPROG): Do not prinnt the warning. + +2000-11-11 Paul Eggert + + Actually Paul's patches are dated 2000-20-17; I applied them today + and merged some ChangeLog entries (wk@gnupg.org). + + * configure.in (AC_SYS_LARGEFILE): Add. + (try_large_file): Remove. All uses removed. + (AC_CHECK_FUNCS): Remove fopen64 and fstat64. + + * acinclude.m4 (AC_SYS_LARGEFILE_TEST_INCLUDES, + AC_SYS_LARGEFILE_MACRO_VALUE, AC_SYS_LARGEFILE): New macros, + taken from GNU tar. + + * configure.in (AC_CHECK_FUNCS): Add fseeko. + +2000-10-17 Werner Koch + + * configure.in: Disabled fopen64 checks for Solaris and HPUX. + +2000-10-13 Werner Koch + + * configure.in: Append mpi/mpi-asm-defs.h to g10defs.h + +2000-10-09 Werner Koch + + * acinclude.m4: Changed wording of the faqprog.pl warning. + +Wed Oct 4 15:50:18 CEST 2000 Werner Koch + + * configure.in: Set DYNLINK_MOD_CFLAGS for Irix. It seems that Irix + needs the -shared flag. In 1.1 we are going to use libtool, so this + module stuff will get redesigned anyway. Suggested by Jeff Long. + +Thu Sep 14 14:20:38 CEST 2000 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_FAQPROG): New. + * configure.in: Test for this. + + * configure.in (DYNLINK_MOD_CFLAGS): Fix by David Champion. + +Wed Sep 6 17:55:47 CEST 2000 Werner Koch + + * configure.in: Check for fstat64 and fopen64 + +Wed Sep 6 14:59:09 CEST 2000 Werner Koch + + * configure.in (GNUPG_HOMEDIR): New. + +Fri Aug 25 16:05:38 CEST 2000 Werner Koch + + * configure.in: Changes to allow for Solaris random device. + By Nils Ellmenreich. + (--with-egd-socket): New. + +Wed Aug 23 19:52:51 CEST 2000 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_MLOCK): Removed that silly mkdir(). + +Wed Jul 19 11:26:43 CEST 2000 Werner Koch + + * configure.in (mingw32): Changes to allow for mingw32msvc + +Fri Jul 14 10:17:30 CEST 2000 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_MLOCK): Fixed syntax error in C code. + +Wed Jul 12 13:32:06 CEST 2000 Werner Koch + + Version 1.0.2 + +Fri Jun 9 10:09:52 CEST 2000 Werner Koch + + * configure.in: Add check for termio.h, wait unctiosn and sigaction. + +Wed Jun 7 19:19:09 CEST 2000 Werner Koch + + * acinclude.m4 (MKDIR_TAKES_ONE_ARG): Check some headers. By Gaël Quéri. + * configure.in (AM_INIT_AUTOMAKE): Use this now. By Gaël. + +Mon Jun 5 12:37:43 CEST 2000 Werner Koch + + * acnclude.m4 (GNUPG_CHECK_EXPORTDYNAMIC): Replacement for + GNUPG_CHECK_RDYNAMIC which should handle gcc with non GNU ld nicer. + Contributed by Dave Dykstra. + * configure.in (GNYPG_CHECK_RDYNAMIC): Replaced by the new check. + + * configure.in (AC_CHECK_AWK): Moved before the first use of AWK. Suggested + by Dave Dykstra. + +Tue May 30 16:37:55 CEST 2000 Werner Koch + + Version 1.0.1-ePit-1 + +Sun May 28 13:55:17 CEST 2000 Werner Koch + + * acinclude.m4 (GNUPG_SYS_NM_PARSE): Added BSDI support. + (GNUPG_CHECK_RDYNAMIC): Ditto. + +Wed Apr 19 10:57:26 CEST 2000 Werner Koch + + * acconfig.h (HAVE_MLOCK): Added + +Wed Mar 22 13:50:24 CET 2000 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_MLOCK): Changed the way to test for + librt. Test suggested by Jeff Long. + +Fri Mar 17 17:50:25 CET 2000 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_MLOCK): Do librt check only when + we can't link a test program. This way GNU systems don't need + to link against linrt. + (GNUPG_CHECK_IPC): Fixed use of TRY_COMPILE macro. From Tim Mooney. + +2000-03-14 12:07:54 Werner Koch (wk@habibti.openit.de) + + * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add support for + DJGPP. + (GNUPG_CHECK_MLOCK): Check whether mlock sits in librt. + * configure.in: Add a test for unisgned long long. + +Tue Mar 7 18:45:31 CET 2000 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Add NetBSD. By Thomas Klausner. + * configure.in (DYNLINK_MOD_CFLAGS): Set different for NetBSD. + +Thu Mar 2 15:37:46 CET 2000 Werner Koch + + * configure.in: Add check for clock_gettime + +Wed Feb 23 10:07:57 CET 2000 Werner Koch + + * configure.in (ALL_LINGUAS): Add nl. + +Wed Feb 16 16:25:09 CET 2000 Werner Koch + + * configure.in (ALL_LINGUAS): Add Esperanto. + +Wed Feb 16 14:09:00 CET 2000 Werner Koch + + * configure.in (ALL_LINGUAS): Add sv and ja. + + * AUTHORS: Converted to a more compact format. + + * INSTALL: Wrote a note about a Solaris problem. + +Thu Feb 10 17:39:44 CET 2000 Werner Koch + + * configure.in: Use /usr/local for CFLAGS and LDFLAGS when + target is freebsd. By Rémi. + +Thu Jan 13 19:31:58 CET 2000 Werner Koch + + * configure.in: Do not set development version when the version has + a dash in it. Suggested by Dave Dykstra. + +Thu Dec 16 10:07:58 CET 1999 Werner Koch + + * VERSION: Set to 1.0.1. + + * configure.in: Removed substitution for doc/gph/Makefile. + Do all the gcc warning only in maintainer mode. + +Thu Dec 9 10:31:05 CET 1999 Werner Koch + + * INSTALL: Add a hint for AIX. By Jos Backus. + +Sat Dec 4 12:30:28 CET 1999 Werner Koch + + * configure.in (dlopen): Use CHECK_FUNC for a test of dlopen in libc. + Suggested by Alexandre Oliva. + (-Wall): Moved the settting of gcc warning options near to the end + so that tests don't get confused. Suggested by Paul D. Smith. + +Mon Nov 22 11:14:53 CET 1999 Werner Koch + + * BUGS: Replaced content with a link to the online list. + +Fri Nov 12 20:33:19 CET 1999 Werner Koch + + * README: Fixed a type and add a note about the gnupg-i18n ML. + +Thu Oct 28 16:08:20 CEST 1999 Werner Koch + + * acinclude.m4, configure.in (GNUPG_CHECK_GNUMAKE): New. + +Sat Oct 9 20:34:41 CEST 1999 Werner Koch + + * configure.in: Tweaked handling of random modules and removed + dummy support for libgcrypt. + * Makefile.am: Removed libgcrypt support. + * cgrypt/ : Removed. + + * Makefile.am: Removed libtool. + +Fri Oct 8 20:32:01 CEST 1999 Werner Koch + + * configure.in: Fixed quoting in test for development version. + + * THANKS: Add entries for Michael, Brenno and J Horacio who did + very nice Howto documents - I apoligize for forgetting to mention them + earlier. + +Tue Sep 28 20:54:37 CEST 1999 Werner Koch + + * textfilter.c (copy_clearsig_text) [__MINGW32__): Use CR,LF. + +Fri Sep 17 12:56:42 CEST 1999 Werner Koch + + * configure.in: Add "-lcap" when capabilities are requested. + Add the conditional CROSS_COMPILING. + * Makefile.am: Don't use checks when CROSS_COMPILING. + +Wed Sep 15 16:22:17 CEST 1999 Werner Koch + + * configure.in (ALL_LINGUAS): Add pt_PT. + + * configure.in: Some tweaks for cross compiling under MingW32 + * acconfig.h (USE_STATIC_RNDW32): New. + +Tue Sep 7 17:08:10 CEST 1999 Werner Koch + + * VERSION: Set to 1.0.0. + +Mon Sep 6 19:59:08 CEST 1999 Werner Koch + + * configure.in: Create makefile in doc/gph + + * acinclude.m4 (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): New + * configure.in: use the above. + +Thu Sep 2 16:40:55 CEST 1999 Werner Koch + + * VERSION: Set to 0.9.11. + +Tue Aug 31 17:20:44 CEST 1999 Werner Koch + + * configure.in: Minor changes to the OS/2 and Mingw32 system labels. + Add a printable name for Hurd. + +Mon Aug 30 20:38:33 CEST 1999 Werner Koch + + * configure.in: Some support for DJGPP (Mark Elbrecht) + +Wed Aug 4 10:34:46 CEST 1999 Werner Koch + + * VERSION: Set to 0.9.10. + +Mon Jul 26 09:34:46 CEST 1999 Werner Koch + + * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): remove init of ac_cv_... + + * Makefile.am (DISCLEANFILES): New + +Fri Jul 23 13:53:03 CEST 1999 Werner Koch + + * VERSION: Set to 0.9.9. + + * configure.in: Print a notice when rndunix is used. + +Thu Jul 15 10:15:35 CEST 1999 Werner Koch + + * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fixed last modification. + +Wed Jul 7 13:08:40 CEST 1999 Werner Koch + + * Makefile.am: Support for libtool. + * configure.in: Ditto. + +Tue Jun 29 21:44:25 CEST 1999 Werner Koch + + * configure.in (use_local_zlib): The lost dollar is back. + + * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add EMX case. + * configure.in: Another variant of the MX vendor string + + * configure.in (--with-capabilities): Some test code (Remi). + +Sat Jun 26 12:15:59 CEST 1999 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Support for HPUX and IRIX. + * configure.in (HAVE_DL_SHL_LOAD): New for HPUX (Dave Dykstra). + + * VERSION: Now 0.9.8 + +Wed Jun 16 20:16:21 CEST 1999 Werner Koch + + * configure.in: Add test for docbook-to-man + +Tue Jun 15 12:21:08 CEST 1999 Werner Koch + + * acinclude.m4 (GNUPG_SYS_NM_PARSE): Support for {net,free}bsd, + +Thu Jun 10 14:18:23 CEST 1999 Werner Koch + + * configure.in (ZLIB,GDBM): Check both, header and lib. + +Sat Jun 5 15:30:33 CEST 1999 Werner Koch + + * pkclist.c (key_present_in_pk_list): New (Michael). + +Tue May 25 19:50:32 CEST 1999 Werner Koch + + * configure.in (IS_DEVELOPMENT_VERSION): Fixed detection. + +Sun May 23 14:20:22 CEST 1999 Werner Koch + + * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): assume yes when + cross-compiling. + +Mon May 17 21:54:43 CEST 1999 Werner Koch + + * configure.in (socket): Fix for Unisys by Katsuhiro Kondou. + +Sat May 8 19:28:08 CEST 1999 Werner Koch + + * NEWS: Add a marker line which I forgot to do for 0.9.6. + +Thu May 6 14:18:17 CEST 1999 Werner Koch + + * README: Minor updates + + * VERSION: Now 0.9.6 + +Thu Apr 8 09:35:53 CEST 1999 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for + amiga-openbsd (Peter Reich) + (GNUPG_PROG_NM): Ditto + +Wed Apr 7 20:51:39 CEST 1999 Werner Koch + + * Makefile.am (g10defs.h): Removed. + * configure.in (AC_OUTPUT_COMMANDS): Create g10defs.h + +Sat Mar 20 12:55:33 CET 1999 Werner Koch + + * VERSION: Now 0.9.5 + +Sun Mar 14 19:34:36 CET 1999 Werner Koch + + * acinclude.m4 (AM_SYS_SYMBOL_UNDERSCORE): Removed because it is + now in the latest libtool. + +Thu Mar 11 16:39:46 CET 1999 Werner Koch + + * configure.in: Removed the need for libtool + +Mon Mar 8 20:47:17 CET 1999 Werner Koch + + * configure.in (DLSYM_NEEDS_UNDERSCORE): Replaced. + * acinclude.in (AM_SYS_SYMBOL_UNDERSCORE): New. + + * VERSION: Now 0.9.4 + +Sun Feb 28 19:11:00 CET 1999 Werner Koch + + * configure.in (dld): Test disabled. + +Fri Feb 26 17:55:41 CET 1999 Werner Koch + + * encode.c (encode_simple): temporary fix. + +Wed Feb 24 11:07:27 CET 1999 Werner Koch + + * configure.in: New option --enable-static-rnd. + +Mon Feb 22 20:04:00 CET 1999 Werner Koch + + * BUGS: Now we assign bug numbers. + * OBUGS: New to keep rack o fixed bugs (CVS only) + +Fri Feb 19 18:01:54 CET 1999 Werner Koch + + * VERSION: Released 0.9.3 + +Fri Feb 19 15:49:15 CET 1999 Werner Koch + + * acinclude.m4: Removed gettext macros. + +Tue Feb 16 14:10:02 CET 1999 Werner Koch + + * configure.in (socket): Check for -lsocket and -lnsl. + (osf4): Disable all warnings for DEC's cc. + (-Wall): Add more warning options for gcc + +Sat Feb 13 12:04:43 CET 1999 Werner Koch + + * configure.in: Changed detection of compiler flags. + * intl/ : Removed directory + +Wed Feb 10 17:15:39 CET 1999 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for freebsd 2.2 + + * configure.in: a lot of changes to allow selection of modules. + Add support for OS/2. + + * acinclude.m4: add some more caching + + * README: Spelling and grammar corrections (John A. Martin) + * INSTALL: Ditto. + +Wed Jan 20 21:40:21 CET 1999 Werner Koch + + * configure.in: --enable-m-guard is now default + +Wed Jan 13 12:49:36 CET 1999 Werner Koch + + * INSTALL: Applied new information how to build rpms by Fabio Coatti + * Makefile.in (gnupg.spec): Changed the names. + +Tue Jan 12 11:17:18 CET 1999 Werner Koch + + * config.links (m68k-atari-mint): New + +Tue Jan 12 09:17:19 CET 1999 Gaël Quéri + + * all: Fixed typos all over the place + +Sat Jan 9 16:02:23 CET 1999 Werner Koch + + * configure.in: Add a way to statically link rndunix + +Sun Jan 3 15:28:44 CET 1999 Werner Koch + + * acinclude.m4 (GNUPG_CHECK_RDYNAMIC): New. + * configure.in (DYNLOAD_CFLAGS): Use result from CHECK_RDYNAMIC + +Wed Dec 23 13:18:14 CET 1998 Werner Koch + + * README: Replaced the command overview with a short intro. + +Sat Dec 12 18:40:32 CET 1998 Werner Koch + + * configure.in: Add check for dlopen in libc (Greg Troxel) + and a new define + * acconfig.h (DLSYM_NEEDS_UNDERSCORE): New. + +Thu Dec 10 20:15:36 CET 1998 Werner Koch + + * acinclude.m (GNUPG_CHECK_PIC): New + * configure.in, acinclude.m4: Renamed all WK_ to GNUPG_ + +Tue Dec 8 15:09:29 CET 1998 Werner Koch + + * VERSION: Set to 0.4.5 + +Wed Nov 25 12:38:29 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (USE_RNDLINUX): New. + +Fri Nov 20 19:34:57 1998 Werner Koch (wk@isil.d.shuttle.de) + + * VERSION: Released 0.4.4 + + * configure.in (try_asm_modules): For option --disable-asm + +Tue Nov 10 19:32:40 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (MPI_SFLAGS): New. + +Tue Nov 10 13:44:53 1998 Werner Koch (wk@isil.d.shuttle.de) + + * ABOUT-NLS: New + * configure.in (AC_REVISION): New. + +Sun Nov 8 18:20:35 1998 Werner Koch (wk@isil.d.shuttle.de) + + * VERSION: Set to 0.4.3 + +Sun Oct 25 19:49:37 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am (g10defs.h): New macro GNUPG_DATADIR. + +Wed Oct 21 17:24:24 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in: Removed gettext kludge + * acinclude.m4: Add patched AM_WITH_NKS macro + +Tue Oct 20 19:03:36 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in: Kludge to make AM_GNU_GETTEXT work, + changed some macors to more modern versions. Also + changeg the all makefiles to remove duplicate ../intl. + * acinclude.m4: Removed the gettext stuff, as this + already comes with automake now. + +Wed Oct 14 12:11:34 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (NAME_OF_DEV_RANDOM): New. + (DYNLINK_MOD_CFLAGS): New. + +Thu Oct 8 10:55:15 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am (g10defs.h): creates include file + * acconfig.h: now includes g10defs.h + * configure.in: Removed G10_LOCALEDIR and GNUPG_LIB + +Thu Sep 17 18:49:40 1998 Werner Koch (wk@(none)) + + * Makefile.am (dist-hook): Now creates RPM file. + * scripts/gnupg.spec: New template file for RPMs + +Thu Jul 30 19:17:07 1998 Werner Koch (wk@(none)) + + * acinclude.h (WK_CHECK_IPC): New + * configure.in : Add checks for SysV IPC + +Thu Jun 25 11:18:49 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (--disable-dynload): New. + +Wed Jun 10 07:48:59 1998 Werner Koch,mobil,,, (wk@tobold) + + * configure.in (GNUPG_LIBDIR): New. + +Mon May 25 19:10:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rand-unix.c (fast_random_poll): fixed syntax bug. + +Mon May 11 10:21:31 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (PRINTABLE_OS_NAME): Linux is now GNU/Linux + +Tue Apr 14 19:08:05 1998 Werner Koch (wk@isil.d.shuttle.de) + + * [all files]: Applied Matthew Skala's typo and grammar fixes. + +Wed Mar 4 10:32:40 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (getrusage,gettimeofday): New tests. + +Fri Feb 27 13:14:17 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (--disable-m-guard): New. + +Thu Feb 26 17:09:27 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in, acinclude.m4, intl/, po/: New macros taken + from GNOME, switched to automake 1.2f + +Thu Feb 26 09:05:46 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (doc/Makefile): New + +Thu Feb 26 07:40:47 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in: Changed gettext stuff + +Wed Feb 25 11:44:10 1998 Werner Koch (wk@isil.d.shuttle.de) + + * checks/*test : restructured the directory. + +Tue Feb 24 15:59:12 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in: Changed the name of the package to GNUPG and + chnaged several other names too. + +Wed Feb 18 17:36:45 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am (checks): New. + +Sat Feb 14 15:37:55 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (mpi_config_done): Removed asm links caching. + +Sat Feb 14 14:02:20 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in (PRINTABLE_OS_NAME): New. + * acconfig.h: Likewise. + +Fri Feb 13 19:43:41 1998 Werner Koch (wk@isil.d.shuttle.de) + + * configure.in : Fixed zlib stuff + * Makefile.am: Likewise + + + Copyright 1998, 1999, 2000, 2001, 2002, 2003, + 2004, 2005, 2006 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/checks/ChangeLog b/checks/ChangeLog deleted file mode 100644 index 5c75b6058..000000000 --- a/checks/ChangeLog +++ /dev/null @@ -1,329 +0,0 @@ -2010-10-19 David Shaw - - * armor.test: Tweak the bug 1179 test to only run if Twofish is - included in the program. The sample message requires Twofish. - -2010-05-12 Werner Koch - - * armor.test: Extend to test bug 1179. - -2007-12-14 Werner Koch - - * Makefile.am (./gpg_dearmor): Revert last change. The actual fix - was to make --no-options work correctly. - -2007-11-28 David Shaw - - * defs.inc: Use new --list-config method to get cipher and digest - names. - -2007-11-22 Werner Koch - - * Makefile.am (./gpg_dearmor): Add --homedir so that we don't - auto create a ~/.gnupg/. From Gentoo. - -2007-07-18 David Shaw - - * defs.inc (all_hash_algos): See "all_cipher_algos", below. - - * sigs.test: Use it here, and also test with >=160 bit hashes for - DSA2. - -2007-05-14 David Shaw - - * defs.inc (all_cipher_algos): New function to return all ciphers - we support. This is safer than the previous setup which could - hide that some ciphers weren't being tested. Plus, this - automatically tests any new ciphers we may add. - - * conventional.test, encrypt-test, encrypt-dsa.test, - conventional-mdc.test: Use it here. - -2007-05-02 David Shaw - - * conventional.test, encrypt.test, encrypt-dsa.test, - conventional-mdc.test: Fix some broken tests that were only - testing 3DES instead of all available ciphers. - -2007-03-04 David Shaw - - * verify.test: Use --allow-multiple-messages instead of - --allow-multisig-verification. Two clearsigs in a row counts as a - multiple-message test. - -2006-12-11 Werner Koch - - * verify.test (msg_clsclss_asc): Work around a bug in OpenBSD. - -2006-04-19 David Shaw - - * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and - SHA-512. - -2006-04-11 Werner Koch - - * armor.test: New. - -2006-03-09 Werner Koch - - * defs.inc: Removed Basishm by proper redirection. - -2006-03-06 Werner Koch - - * defs.inc: Print error messages also to stderr. Allow for - verbose environment variable. - (linefeed): New. - (suspend_error, resume_error): New. - * verify.test: More tests. - * multisig.test: Better error printing. - (sig_1ls1ls_valid, sig_ls_valid): Moved to the non-valid group. - -2006-02-14 Werner Koch - - * verify.test: New. - -2005-06-21 Werner Koch - - * conventional.test (algos): Uhh ohh, cut+paste error and not - tested. - -2005-06-02 Werner Koch - - * conventional.test: have_cipher_algo now requires uppercase - algorithm names. Changed. Noted by John R. Shannon. - -2004-02-09 David Shaw - - * clearsig.test, sigs.test: Properly detect RSA being missing, and - use the proper key for doing an RSA test. - -2003-12-31 David Shaw - - * clearsig.test, conventional-mdc.test, conventional.test, - defs.inc, encrypt-dsa.test, encrypt.test, genkey1024.test, - plain-1.asc, plain-1-pgp.asc, plain-2.asc, plain-3.asc, - pubring.asc, secring.asc, sigs.test: Rework tests to work properly - with a gpg binary that doesn't have all ciphers and all pk algos. - Basically, we test for the ciphers we have, only test signing with - non-160-bit hashes with RSA (we test all hashes as hashes). Test - all key lengths of AES. - -2003-12-05 David Shaw - - * Makefile.am: Reenable tests now that the Elgamal signature keys - are gone. - - * defs.inc, pubring.asc, secring.asc, plain-1.asc, plain-2.asc, - plain-3.asc: Remove the old v3 Elgamal keys and replace with - RSA+Elgamal and RSA s+e. - -2003-12-03 David Shaw - - * options: Remove emulate-md-encode-bug. - -2003-11-27 Werner Koch - - * Makefile.am (TESTS): Temporary remove tests using ElG signatures. - -2003-09-04 David Shaw - - * mds.test, sigs.test: Remove TIGER/192 and make SHA-256 optional - (since it might not be compiled in). - -2003-07-10 David Shaw - - * Makefile.am: Add --no-permission-warning to avoid spurious - warning when importing demo keys. - -2003-05-27 Werner Koch - - * Makefile.am (CLEANFILES): Add gpg.conf - -2003-05-26 David Shaw - - * defs.inc (pgmname): Make sure there is a valid options - file. (From wk on stable branch) - - * mds.test: Note that missing algorithms are not errors. - -2003-04-23 David Shaw - - * Makefile.am, options.in: Rename options.in to options since it - no longer needs to be a generated file. - - * sigs.test: TODO note to add the new SHAs when we start - generating them. - - * mds.test: Test the new SHAs. - -2002-05-10 Werner Koch - - * Makefile.am: Add gpg_dearmor to all targets where it is used. - Noted by Andreas Haumer. - -2002-04-19 Werner Koch - - * signencrypt-dsa.test, sigs-dsa.test: Don't check with MD5 as - this is not valid with DSA signatures. - -2001-12-22 Werner Koch - - * options.in: Add no-permission-warning. - -2001-12-21 Werner Koch - - * Makefile.am (distclean-local): prefix mkdemodirs with srcdir - (DISTCLEANFILES): Add random_seed. - -2001-12-19 Werner Koch - - * options.in: Remove load-extension tiger - * Makefile.am (./options): append it if there is such a module. - -2001-10-23 Werner Koch - - * defs.inc, Makefile.am: Do not use $srcdir when invoking gpg. - Write the logfile to the current directory. - -2001-09-28 Werner Koch - - * defs.inc: Write a log file for each test. - * run-gpg, run-gpgm, run-gpg.patterns: Removed. Replaced in all - tests by a simple macro from defs.inc. - * Makefile.am (CLEANFILES): Remove log files. - (./gpg_dearmor): create it and use it instead of the macro. - This is needed in multisig.test due to IFS tricks. - - * armsignencrypt.test, signencrypt-dsa.test, signencrypt.test, - armencryptp.test, armencrypt.test, encryptp.test, seat.test, - encrypt-dsa.test, encrypt.test: Use --always-trust because the - test are not designed to check the validity. - -2001-09-06 Werner Koch - - * genkey1024.test: Simplified by using a parameter file. - -2001-05-30 Werner Koch - - * multisig.test (IFS): Reset IFS just before the test. - -2001-04-30 Werner Koch - - * multisig.test: Add an set +x to avoid ksh problems - -2001-04-28 Werner Koch - - * run-gpg.patterns: a v3 test key expired yesterday, suppress the - messages. - -2001-03-27 Werner Koch - - * defs.inc: Removed creation of options file. - * options.in: New. - * Makefile.am: Create options file and fixed import of pubdemo.asc. - - * run-gpg.patterns (gpg): Add some more patterns. - -2001-03-20 Werner Koch - - * Makefile.am: Import the pubdemo.asc file - - * sigs.test (hash_algo_list): s/tiger/tiger192/ - -2001-03-19 Werner Koch - - * mkdemodirs (GPGDEMO): Add --allow-secret-key-import to all gpg - invocations. Use echon -n instead of an argument with \c. - -2001-02-12 Werner Koch - - * multisig.test: new - * Makefile.am (TESTS): Added. - -2000-10-18 Werner Koch - - * conventional-mdc.test: Add Rijndael and fix for empty plain texts. - -Thu Feb 10 17:39:44 CET 2000 Werner Koch - - * mkdemodirs: Fixed the --clean loop. - -Thu Jan 13 19:31:58 CET 2000 Werner Koch - - * defs.inc (chdir): Removed becuase it is unsused an plain old sh - does not like this name. Reported by Alec Habig. - -Tue Oct 26 20:02:23 1999 Werner Koch (wk@gnupg.org) - - * Makefile.am (GPG_DEARMOR): New and use --no-options. - -Tue Aug 31 17:20:44 CEST 1999 Werner Koch - - * defs.inc: set LC_ALL empty - -Wed Aug 4 10:34:18 CEST 1999 Werner Koch - - * defs.inc (echo_n): New and used instead of /bin/echo "\c" - -Sun Apr 18 10:11:28 CEST 1999 Werner Koch - - * mkdemodirs: New - * signdemokey: New. - * Makefile.am (distclean-local): New. - -Wed Mar 17 13:09:03 CET 1999 Werner Koch - - * mds.test: replaced the "echo -n" - -Mon Mar 8 20:47:17 CET 1999 Werner Koch - - * pubdemo.asc, secdemo.asc: New. - -Fri Feb 19 15:49:15 CET 1999 Werner Koch - - * genkey1024.test: Be really quiet. - -1999-01-01 Geoff Keating - - * Makefile.am (CLEANFILES): Also delete trustdb and any leftover - lockfiles. - -Fri Nov 27 15:30:24 CET 1998 Werner Koch - - * clearsig.test: Some more test cases. - -Sun Oct 25 18:19:35 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mds.test: Check whether TIGER is available. - * sigs.tesr: Ditto. - -Wed Sep 23 12:25:07 1998 Werner Koch (wk@isil.d.shuttle.de) - - * run-gpg.patterns: New (because Solaris fgrep does not like -f -). - -Mon Aug 10 21:33:38 1998 Werner Koch (wk@(none)) - - * genkey1024.test: Ariel fixed this. - -Wed Jul 8 10:43:47 1998 Werner Koch (wk@isil.d.shuttle.de) - - * seat.test: New. - -Mon May 18 15:40:02 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am: Now uses mk-tdata to produce random test data. - - * ChangeLog: New. - - - Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - diff --git a/checks/ChangeLog-2011 b/checks/ChangeLog-2011 new file mode 100644 index 000000000..78ac0de03 --- /dev/null +++ b/checks/ChangeLog-2011 @@ -0,0 +1,334 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2010-10-19 David Shaw + + * armor.test: Tweak the bug 1179 test to only run if Twofish is + included in the program. The sample message requires Twofish. + +2010-05-12 Werner Koch + + * armor.test: Extend to test bug 1179. + +2007-12-14 Werner Koch + + * Makefile.am (./gpg_dearmor): Revert last change. The actual fix + was to make --no-options work correctly. + +2007-11-28 David Shaw + + * defs.inc: Use new --list-config method to get cipher and digest + names. + +2007-11-22 Werner Koch + + * Makefile.am (./gpg_dearmor): Add --homedir so that we don't + auto create a ~/.gnupg/. From Gentoo. + +2007-07-18 David Shaw + + * defs.inc (all_hash_algos): See "all_cipher_algos", below. + + * sigs.test: Use it here, and also test with >=160 bit hashes for + DSA2. + +2007-05-14 David Shaw + + * defs.inc (all_cipher_algos): New function to return all ciphers + we support. This is safer than the previous setup which could + hide that some ciphers weren't being tested. Plus, this + automatically tests any new ciphers we may add. + + * conventional.test, encrypt-test, encrypt-dsa.test, + conventional-mdc.test: Use it here. + +2007-05-02 David Shaw + + * conventional.test, encrypt.test, encrypt-dsa.test, + conventional-mdc.test: Fix some broken tests that were only + testing 3DES instead of all available ciphers. + +2007-03-04 David Shaw + + * verify.test: Use --allow-multiple-messages instead of + --allow-multisig-verification. Two clearsigs in a row counts as a + multiple-message test. + +2006-12-11 Werner Koch + + * verify.test (msg_clsclss_asc): Work around a bug in OpenBSD. + +2006-04-19 David Shaw + + * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and + SHA-512. + +2006-04-11 Werner Koch + + * armor.test: New. + +2006-03-09 Werner Koch + + * defs.inc: Removed Basishm by proper redirection. + +2006-03-06 Werner Koch + + * defs.inc: Print error messages also to stderr. Allow for + verbose environment variable. + (linefeed): New. + (suspend_error, resume_error): New. + * verify.test: More tests. + * multisig.test: Better error printing. + (sig_1ls1ls_valid, sig_ls_valid): Moved to the non-valid group. + +2006-02-14 Werner Koch + + * verify.test: New. + +2005-06-21 Werner Koch + + * conventional.test (algos): Uhh ohh, cut+paste error and not + tested. + +2005-06-02 Werner Koch + + * conventional.test: have_cipher_algo now requires uppercase + algorithm names. Changed. Noted by John R. Shannon. + +2004-02-09 David Shaw + + * clearsig.test, sigs.test: Properly detect RSA being missing, and + use the proper key for doing an RSA test. + +2003-12-31 David Shaw + + * clearsig.test, conventional-mdc.test, conventional.test, + defs.inc, encrypt-dsa.test, encrypt.test, genkey1024.test, + plain-1.asc, plain-1-pgp.asc, plain-2.asc, plain-3.asc, + pubring.asc, secring.asc, sigs.test: Rework tests to work properly + with a gpg binary that doesn't have all ciphers and all pk algos. + Basically, we test for the ciphers we have, only test signing with + non-160-bit hashes with RSA (we test all hashes as hashes). Test + all key lengths of AES. + +2003-12-05 David Shaw + + * Makefile.am: Reenable tests now that the Elgamal signature keys + are gone. + + * defs.inc, pubring.asc, secring.asc, plain-1.asc, plain-2.asc, + plain-3.asc: Remove the old v3 Elgamal keys and replace with + RSA+Elgamal and RSA s+e. + +2003-12-03 David Shaw + + * options: Remove emulate-md-encode-bug. + +2003-11-27 Werner Koch + + * Makefile.am (TESTS): Temporary remove tests using ElG signatures. + +2003-09-04 David Shaw + + * mds.test, sigs.test: Remove TIGER/192 and make SHA-256 optional + (since it might not be compiled in). + +2003-07-10 David Shaw + + * Makefile.am: Add --no-permission-warning to avoid spurious + warning when importing demo keys. + +2003-05-27 Werner Koch + + * Makefile.am (CLEANFILES): Add gpg.conf + +2003-05-26 David Shaw + + * defs.inc (pgmname): Make sure there is a valid options + file. (From wk on stable branch) + + * mds.test: Note that missing algorithms are not errors. + +2003-04-23 David Shaw + + * Makefile.am, options.in: Rename options.in to options since it + no longer needs to be a generated file. + + * sigs.test: TODO note to add the new SHAs when we start + generating them. + + * mds.test: Test the new SHAs. + +2002-05-10 Werner Koch + + * Makefile.am: Add gpg_dearmor to all targets where it is used. + Noted by Andreas Haumer. + +2002-04-19 Werner Koch + + * signencrypt-dsa.test, sigs-dsa.test: Don't check with MD5 as + this is not valid with DSA signatures. + +2001-12-22 Werner Koch + + * options.in: Add no-permission-warning. + +2001-12-21 Werner Koch + + * Makefile.am (distclean-local): prefix mkdemodirs with srcdir + (DISTCLEANFILES): Add random_seed. + +2001-12-19 Werner Koch + + * options.in: Remove load-extension tiger + * Makefile.am (./options): append it if there is such a module. + +2001-10-23 Werner Koch + + * defs.inc, Makefile.am: Do not use $srcdir when invoking gpg. + Write the logfile to the current directory. + +2001-09-28 Werner Koch + + * defs.inc: Write a log file for each test. + * run-gpg, run-gpgm, run-gpg.patterns: Removed. Replaced in all + tests by a simple macro from defs.inc. + * Makefile.am (CLEANFILES): Remove log files. + (./gpg_dearmor): create it and use it instead of the macro. + This is needed in multisig.test due to IFS tricks. + + * armsignencrypt.test, signencrypt-dsa.test, signencrypt.test, + armencryptp.test, armencrypt.test, encryptp.test, seat.test, + encrypt-dsa.test, encrypt.test: Use --always-trust because the + test are not designed to check the validity. + +2001-09-06 Werner Koch + + * genkey1024.test: Simplified by using a parameter file. + +2001-05-30 Werner Koch + + * multisig.test (IFS): Reset IFS just before the test. + +2001-04-30 Werner Koch + + * multisig.test: Add an set +x to avoid ksh problems + +2001-04-28 Werner Koch + + * run-gpg.patterns: a v3 test key expired yesterday, suppress the + messages. + +2001-03-27 Werner Koch + + * defs.inc: Removed creation of options file. + * options.in: New. + * Makefile.am: Create options file and fixed import of pubdemo.asc. + + * run-gpg.patterns (gpg): Add some more patterns. + +2001-03-20 Werner Koch + + * Makefile.am: Import the pubdemo.asc file + + * sigs.test (hash_algo_list): s/tiger/tiger192/ + +2001-03-19 Werner Koch + + * mkdemodirs (GPGDEMO): Add --allow-secret-key-import to all gpg + invocations. Use echon -n instead of an argument with \c. + +2001-02-12 Werner Koch + + * multisig.test: new + * Makefile.am (TESTS): Added. + +2000-10-18 Werner Koch + + * conventional-mdc.test: Add Rijndael and fix for empty plain texts. + +Thu Feb 10 17:39:44 CET 2000 Werner Koch + + * mkdemodirs: Fixed the --clean loop. + +Thu Jan 13 19:31:58 CET 2000 Werner Koch + + * defs.inc (chdir): Removed becuase it is unsused an plain old sh + does not like this name. Reported by Alec Habig. + +Tue Oct 26 20:02:23 1999 Werner Koch (wk@gnupg.org) + + * Makefile.am (GPG_DEARMOR): New and use --no-options. + +Tue Aug 31 17:20:44 CEST 1999 Werner Koch + + * defs.inc: set LC_ALL empty + +Wed Aug 4 10:34:18 CEST 1999 Werner Koch + + * defs.inc (echo_n): New and used instead of /bin/echo "\c" + +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * mkdemodirs: New + * signdemokey: New. + * Makefile.am (distclean-local): New. + +Wed Mar 17 13:09:03 CET 1999 Werner Koch + + * mds.test: replaced the "echo -n" + +Mon Mar 8 20:47:17 CET 1999 Werner Koch + + * pubdemo.asc, secdemo.asc: New. + +Fri Feb 19 15:49:15 CET 1999 Werner Koch + + * genkey1024.test: Be really quiet. + +1999-01-01 Geoff Keating + + * Makefile.am (CLEANFILES): Also delete trustdb and any leftover + lockfiles. + +Fri Nov 27 15:30:24 CET 1998 Werner Koch + + * clearsig.test: Some more test cases. + +Sun Oct 25 18:19:35 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mds.test: Check whether TIGER is available. + * sigs.tesr: Ditto. + +Wed Sep 23 12:25:07 1998 Werner Koch (wk@isil.d.shuttle.de) + + * run-gpg.patterns: New (because Solaris fgrep does not like -f -). + +Mon Aug 10 21:33:38 1998 Werner Koch (wk@(none)) + + * genkey1024.test: Ariel fixed this. + +Wed Jul 8 10:43:47 1998 Werner Koch (wk@isil.d.shuttle.de) + + * seat.test: New. + +Mon May 18 15:40:02 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am: Now uses mk-tdata to produce random test data. + + * ChangeLog: New. + + + Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/cipher/ChangeLog b/cipher/ChangeLog deleted file mode 100644 index 6457035ef..000000000 --- a/cipher/ChangeLog +++ /dev/null @@ -1,1389 +0,0 @@ -2011-08-09 Werner Koch - - * rijndael.c (u32_a_t): New. - (do_encrypt_aligned, do_decrypt): Use the new type to avoid - problems with strict aliasing rules. - - * dynload.c (register_cipher_extension): Remove unused var. - -2010-10-18 Werner Koch - - * rndw32.c (slow_gatherer_windowsNT): Add GNUPG_RNDW32_NOPERF envvar. - -2010-09-28 Steven M. Schweda (wk) - - Changes to help the VMS port. See - http://antinode.info/dec/sw/gnupg.html . - - * random.c [__VMS]: Include rmsdef.h and vms.h. - (LOCK_SEED_FILE) [__VMS]: Set to 0. - (getfnc_gather_random) [USE_RNDVMS]: Call rndvms_gather_random. - (read_seed_file) [__VMS]: Allow reading by others. - (update_random_seed_file) [__VMS]: Use VMS specific open call. - * rand-internal.h (rndvms_gather_random): New. - -2008-04-17 David Shaw - - * camellia-glue.c (selftest, camellia_get_info), cipher.c - (setup_cipher_table): Add Camellia-192. - -2008-03-22 Werner Koch - - * cipher.c (struct cipher_handle_s): Make sure IV is u32 - aligned. Change all users of IV. - (do_cfb_encrypt): Optimize and use bulk code for AES. - (do_cfb_decrypt): Ditto. - * rijndael.c (do_encrypt): Remove. - (do_encrypt_aligned, do_encrypt): New. Taken from libgcrypt. - (rijndael_cfb_enc, rijndael_cfb_dec): New. - -2007-12-12 Werner Koch - - * pubkey.c (pubkey_encrypt, pubkey_decrypt): Allow type 20 keys. - (pubkey_algo_to_string): Ditto. - -2007-12-11 Werner Koch - - * pubkey.c (check_pubkey_algo2): Hack to allow decryption using an - type 20 Elgamal key. - -2007-11-29 David Shaw - - * camellia-glue.c (camellia_get_info), cipher.c - (setup_cipher_table): Add 128-bit variant of Camellia. - -2007-11-28 David Shaw - - * sha256.c (sha224_get_info): 4880 has an error in the SHA-224 OID - and we inherited it. Fixing. - -2007-10-23 Werner Koch - - Switched entire package to GPLv3+. - -2007-07-09 Werner Koch - - * camellia.c, camellia.h: Fixed the FSF's postal address. - -2007-06-13 David Shaw - - * Makefile.am, algorithms.h, cipher.c (setup_cipher_table): Add - Camellia. - - * camellia-glue.c: New. These are glue functions to interface - GnuPG to the stock NTT Camellia distribution. - - * camellia.h, camellia.c: New. Version 1.2.0 of the Camellia code - (GPL) unchanged from - http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html - -2006-12-11 Werner Koch - - * elgamal.c (test_keys): Use new mpi_nlimb_hint_from_nbits - function. This also rounds up the value. - (generate): Use new mpi_nlimb_hint_from_nbits function. - * rsa.c (test_keys): Ditto. - (generate): Ditto. - (rsa_verify): Ditto. - * primegen.c (generate_elg_prime): Ditto. - (gen_prime): Ditto. - * dsa.c (test_keys): Ditto. This also rounds up the value. - - * Makefile.am (AM_CPPFLAGS): Use instead of INCLUDES. define - GNUPG_LIBDIR. - -2006-11-03 Werner Koch - - * random.c [HAVE_GETTIMEOFDAY]: Included sys/time.h and not - sys/times.h. Reported by Rafaël Carré. - -2006-06-28 David Shaw - - * rsa.c (generate): Use e=65537 for new RSA keys. - -2006-04-20 David Shaw - - * dsa.c (dsa2_generate): New function to generate a DSA key with a - variable sized q. - (generate): Tweak to allow keys larger than 1024 bits. Enforce - that the q size doesn't end between byte boundaries. - -2006-04-19 David Shaw - - * sha256.c (sha224_get_info, sha224_init): New init functions for - the 224-bit variant of SHA-256. - * algorithms.h, md.c (load_digest_module): Call them here. - -2006-03-20 David Shaw - - * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert - previous change. It's now all done in configure. - -2006-03-19 David Shaw - - * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use - '#if' rather than '#ifdef' BIG_ENDIAN_HOST. Harmless as we - explicitly define BIG_ENDIAN_HOST to 1 when we need it, but needed - for OSX fat builds when we define BIG_ENDIAN_HOST to another - macro. - -2006-02-14 Werner Koch - - * random.c (lock_seed_file): Build even when not used. - -2006-02-09 Werner Koch - - * random.c (lock_seed_file): New. - (read_seed_file, update_random_seed_file): Use it. - (random_disable_locking): New. - -2005-12-06 David Shaw - - * idea-stub.c (load_module): Not legal to return a void * as a - function pointer. - - * Makefile.am, rndegd.c, rndlinux.c, rndunix.c, rndw32.c: Some - cleanup so we don't build files that are completely ifdeffed out. - This causes a warning on Sun's cc. Do sha512.c as well for - consistency. - -2005-08-11 Werner Koch - - * rijndael.c (rijndael_cfb_encrypt): Experimental code to improve - AES performance. Got about 25% on ia32. - * cipher.c (do_cfb_encrypt): Ditto. - -2005-06-07 David Shaw - - * random.c: Fix prototype of the fast random gatherer. Noted by - Joe Vender. - -2005-03-23 Werner Koch - - * rndw32.c (rndw32_gather_random_fast): While adding data use the - size of the object and not the one of its address. Bug reported by - Sascha Kiefer. - -2005-03-07 Werner Koch - - * primegen.c (is_prime): Free A2. Noted by pmike2001@mail.ru. - Fixes #423. - -2004-11-30 David Shaw - - * md.c (string_to_digest_algo): Allow read/write SHA384 and - SHA512. - -2004-11-03 Timo Schulz - - * idea-stub.c (dlopen, dlsym): Use w32_strerror instead of - just showing the error number. - -2004-10-14 Werner Koch - - * rndunix.c (start_gatherer) [ENABLE_SELINUX_HACKS]: Don't allow - logging. - -2004-10-12 David Shaw - - * algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, - blowfish.c, des.c, rijndael.c: Consistently use const for input - buffers. - -2004-09-23 Werner Koch - - * rsa.c (rsa_generate): Return the dummy list of factors only if - the caller asked for it. - -2004-05-20 David Shaw - - * dsa.c (verify): s/exp/exponent/ to fix a compiler warning. From - Werner on stable branch. - -2004-01-16 David Shaw - - * cipher.c (setup_cipher_table): May as well call Rijndael AES at - this point. - - * pubkey.c (setup_pubkey_table), elgamal.c (sign, verify, - test_keys, elg_sign, elg_verify, elg_get_info): Remove the last - bits of Elgamal type 20 support. - -2003-12-29 David Shaw - - * idea-stub.c (load_module, idea_get_info): Return the proper type - for idea_get_info from inside load_module. From Stefan Bellon. - - * rijndael.c, rndunix.c, twofish.c: Remove dead IS_MODULE code. - - * g10c.c: Dead code. Remove. - - * Makefile.am: Don't compile g10c.c. - -2003-12-28 Stefan Bellon - - * rndriscos.c (rndriscos_gather_random) [__riscos__]: Declare - variable outside loop. - - * blowfish.c, twofish.c [__riscos__]: Removal of unnecessary - #ifdef __riscos__ sections. - -2003-12-17 David Shaw - - * dsa.h, dsa.c (dsa_verify), elgamal.h, elgamal.c (elg_verify), - rsa.h, rsa.c (rsa_verify), pubkey.c (dummy_verify, pubkey_verify): - Remove old unused code. - -2003-12-03 David Shaw - - * pubkey.c (setup_pubkey_table): Don't allow signatures to and - from encrypt-only Elgamal keys. - (pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig, - pubkey_get_nenc, pubkey_nbits): Wrap the RSA cheats in !USE_RSA. - Add cheats for sign+encrypt Elgamal. - -2003-11-30 David Shaw - - * pubkey.c (setup_pubkey_table): Only include RSA if USE_RSA is - defined. - (pubkey_get_npkey): Return 2 for RSA even if it isn't available so - we can at least handle RSA keys. - -2003-11-27 Werner Koch - - * pubkey.c (pubkey_sign): Return an error if an ElGamal key is - used. - - * elgamal.c (gen_k): New arg SMALL_K. - (sign): Use it here with SMALL_K set to false - (do_encrypt): and here with SMALL_K set to true. - -2003-10-10 Werner Koch - - * primegen.c (gen_prime): Bail out if we try to generate a prime - with less than 16 bits. Include i18n.h. - -2003-10-06 Werner Koch - - * primegen.c (gen_prime): Bail out if NBITS is zero. This is - Debian bug #213989 reported by Max . - -2003-09-04 David Shaw - - * md.c (string_to_digest_algo): Enable read-write SHA-256 support. - - * algorithms.h, Makefile.am, md.c (load_digest_module, - string_to_digest_algo), tiger.c: Drop TIGER/192 support. - -2003-08-28 David Shaw - - * idea-stub.c, random.c; s/__MINGW32__/_WIN32/ to help building on - native Windows compilers. Requested by Brian Gladman. From - Werner on stable branch. - -2003-08-21 David Shaw - - * random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM - twice. Use NAME_OF_DEV_URANDOM. - -2003-05-24 David Shaw - - * bithelp.h, des.c, random.c, rndlinux.c, sha1.c, blowfish.c, - elgamal.c, rijndael.c, rndunix.c, sha256.c, cast5.c, idea-stub.c, - rmd160.c, rndw32.c, sha512.c, md5.c, rmd160test.c, rsa.c, tiger.c: - Edit all preprocessor instructions to remove whitespace before the - '#'. This is not required by C89, but there are some compilers - out there that don't like it. - -2003-05-15 David Shaw - - * cipher.c (setup_cipher_table): #ifdef IDEA. - - * random.c (fast_random_poll): Only use times() if we HAVE_TIMES. - - * sha512.c, tiger.c: Use the U64_C() macro to specify 64-bit - constants. U64_C is defined in include/types.h and uses the - correct suffix depending on the underlying type of u64. - - * idea-stub.c (load_module): Catch an error if the idea module - file is unloadable for some reason (unreadable, bad permissions, - etc.) - - * md.c (string_to_digest_algo): Give a warning about TIGER192 not - being part of OpenPGP. - -2003-04-15 Werner Koch - - * md.c (md_start_debug): Need to open the file in binary mode. - -2003-02-21 David Shaw - - * cipher.c (setup_cipher_table): #ifdef all optional ciphers. - - * md.c (load_digest_module): #ifdef all optional digests. - -2003-02-11 David Shaw - - * Makefile.am, md.c (load_digest_module): Only build in SHA384/512 - and TIGER if specifically enabled by the 64-bit type check in - configure. - -2003-02-04 David Shaw - - * sha256.c, sha512.c: New. - - * Makefile.am, algorithms.h, md.c (load_digest_module, - string_to_digest_algo): Add read-only support for the new SHAs. - -2002-11-06 David Shaw - - * rndw32.c [__CYGWIN32__]: Don't include winioctl.h - it is not - required anymore. (From Werner) - - * random.c (read_seed_file,update_random_seed_file): Use binary - mode for __CYGWIN__. (From Werner) - - * blowfish.c (burn_stack), cast5.c (burn_stack), des.c - (burn_stack), md5.c (burn_stack), random.c (burn_stack, read_pool, - fast_random_poll), rijndael.c (burn_stack), rmd160.c (burn_stack), - rndegd.c (rndegd_gather_random), rndlinux.c - (rndlinux_gather_random), sha1.c (burn_stack), tiger.c - (burn_stack), twofish.c (burn_stack): Replace various calls to - memset() with the more secure wipememory(). - -2002-11-02 David Shaw - - * cipher.c (string_to_cipher_algo), md.c (string_to_digest_algo): - Allow the Sxxx and Hxxx format for cipher and digest names. - -2002-10-31 Stefan Bellon - - * rndriscos.c (rndriscos_gather_random): Use riscos_load_module() - to load CryptRandom module. - -2002-10-12 Werner Koch - - * rndunix.c (my_popen): Make sure that stdin and stderr are - connected to a file. This is to avoid NetBSD to complain about - set{u,g}id programs invoked with fd 0, 2 closed. Reported by - Cristian Biere. - (start_gatherer): Likewise. Reordered code. - -2002-10-02 David Shaw - - * tiger.c (tiger_get_info): Select the OID to use for TIGER at - compile time. - -2002-09-27 David Shaw - - * Makefile.am, md.c (load_digest_module): TIGER is now always - enabled. - -2002-09-26 Werner Koch - - * tiger.c (tiger_get_info): Use a regular OID. Note that this - breaks all TIGER generated signatures; if we want to do something - about it we have to do it in ../g10/sig-check.c . - -2002-09-17 Werner Koch - - * rndw32.c (SIZEOF_DISK_PERFORMANCE_STRUCT): Increased to 256. - -2002-09-12 Stefan Bellon - - * rand-internal.h (rndriscos_gather_random): Added prototype. - -2002-08-30 Werner Koch - - * random.c: Automagically detect the entropy gatherer when - this feature is configured. - * rndegd.c (rndegd_connect_socket): New. Factored out from .. - (rndegd_gather_random): here and call it. - (do_read): Update the counter variables correctly. This was not a - problem due to the way EGD works. Bug found by Christian Biere. - -2002-08-20 Werner Koch - - * primegen.c (generate_elg_prime): Return all factors for mode 1. - Bug reported by Bob Mathews. - -2002-08-12 Werner Koch - - * cipher.c: Include the DUMMY cipher only when the new ALLOW_DUMMY - is defined. It should only be defined for hard core debugging. - -2002-08-08 David Shaw - - * Makefile.am, md.c (load_digest_module): Allow switching TIGER on - and off via configure. - -2002-08-07 David Shaw - - * md.c (md_algo_present): New function to check if a given algo is - in use for a given MD_HANDLE. - -2002-08-04 Werner Koch - - * blowfish.h, cast5.h, des.h: Removed after moving all prototypes to - * algorithms.h: here. Changed all sources to use this one. - -2002-08-03 Stefan Bellon - - * idea-stub.c (idea_get_info): RISC OS' Norcroft C needs a cast. - * random.c (getfnc_gather_random): Added RISC OS support. - * rndriscos.c: Removed dynload code and tidied up a bit. - -2002-08-03 Werner Koch - - * rndegd.c (do_read): Handle case when read returns 0 to avoid - gpg hanging when EGD died. By Christian Biere. - -2002-08-02 Werner Koch - - The big extension removal. - - * Makefile.am: Removed all extension stuff. - * dynload.c: Removed everything except for - register_cipher_extension. - (dynload_enum_module_names): New. - * dynload.h: Removed. - * random.c (getfnc_gather_random,getfnc_fast_random_poll): - New. Replaced all dynload functions with these ones. - * rndunix.c (rndunix_gather_random): Renamed from - gather_random. Made global. Removed all dynload stuff. - * rndlinux.c (rndlinux_gather_random): Likewise. - * rndegd.c (rndegd_gather_random): Likewise. - * rndw32.c (rndw32_gather_random) - (rndw32_gather_random_fast): Likewise. Also removed the unsued - entropy dll code. - * md.c (new_list_item): Changed return value to indicate whether - an algorithms was loaded. - (load_digest_module): Simplified by removing all the dynload code. - * algorithms.h: New. - * md5.c (md5_get_info): Made global. Removed all dynload stuff. - * rmd160.c (rmd160_get_info): Likewise. - * sha1.c (sha1_get_info): Likewise. - * tiger.c (tiger_get_info): Likewise. Return NULL if we can't use - this module. - * idea-stub.c: New. - * blowfish.h (idea_get_info): Add prototype. - * cipher.c (setup_cipher_table): Try to load IDEA. - (load_cipher_modules): Removed all dynload code. - * pubkey.c (load_pubkey_modules): Removed the dynloading code. - -2002-07-25 David Shaw - - * random.c: "warning" -> "WARNING" - -2002-07-02 Werner Koch - - * rndw32.c (slow_gatherer_windowsNT): Use a simple array for the - disk performance structure and increase it to the size required by - W2000. - -2002-06-29 Werner Koch - - * rndlinux.c: Removed HAVE_LINUX_RANDOM_H conditional because it - was never used and the configure test did set the wrong macro - anyway. - -2002-05-07 Stefan Bellon - - * md.c (md_start_debug): Use EXTSEP_S instead of ".". - -2002-04-24 Werner Koch - - * tiger.c (tiger_final): Removed superfluous token pasting operators. - * md5.c (md5_final): Ditto. - -2002-04-22 Stefan Bellon - - * rndriscos.c (func_table): Made func a function pointer. - (init_device): Improved loading of CryptRandom module. - -2002-04-18 Werner Koch - - * rndlinux.c, rndegd.c, rndunix.c (func_table): Made func a - function pointer. Note that we still need to change the module - interface to cope with data vs function pointer problems. Hmmm, - even dlsym has a problem with this. - -2002-04-10 David Shaw - - * cipher.c (setup_cipher_table, cipher_open, cipher_encrypt, - cipher_decrypt, dummy_setkey, dummy_encrypt_block, - dummy_decrypt_block): the dummy cipher should only be built on - development versions. - -2002-04-06 Werner Koch - - * rijndael.c (rijndael_get_info): We do only support a 128 bit - blocksize so it makes sense to change the algorithm strings to - AES. - * cipher.c (string_to_cipher_algo): Map "RIJNDAEL" to "AES". - -2002-02-14 Werner Koch - - * random.c (mix_pool): Removed the failsafe stuff again. It makes - the code more complicate and may give the path to more bugs. - -2002-02-10 Werner Koch - - * random.c (mix_pool): Carry an extra failsafe_digest buffer - around to make the function more robust. - -2002-02-08 Werner Koch - - * random.c (add_randomness): Xor new data into the pool and not - just copy it. This avoids any choosen input attacks which are not - serious in our setting because an outsider won't be able to mix - data in and even then we keep going with a PRNG. Thanks to Stefan - Keller for pointing this out. - -2002-01-02 Stefan Bellon - - * rndriscos.c [__riscos__]: Updated include file name. - -2001-12-21 Werner Koch - - * Makefile.am (DISCLEANFILES): Add construct.c - -2001-12-19 Werner Koch - - * rndw32.c [CYGWIN32]: Include winioctl.h. By Disastry. - -2001-11-08 Werner Koch - - * primegen.c (gen_prime): Set 2 high order bits for secret primes. - * rsa.c (generate): Loop until we find the exact modulus size. - Changed the exponent to 41. - -2001-10-22 Werner Koch - - * Makefile.am: Need to use $(EXEEXT) where approriate. - -2001-09-09 Werner Koch - - * rsa.c (rsa_get_info): s/usage/r_usage/ to avoid shadow warnings. - -2001-08-24 Werner Koch - - * md.c (md_write): Made buf arg const. - -2001-08-22 Werner Koch - - * random.c (fast_random_poll): Don't use gethrtime if it is broken. - -2001-08-20 Werner Koch - - Applied patches from Stefan Bellon to support - RISC OS. Nearly all of these patches are identified by the - __riscos__ macro. - * blowfish.c, twofish.c: Added pragmas for use with a Norcraft - compiler. - * dynload.c, md5.c, rmd160.c, sha1.c: Minor patches for RISC OS. - * rndriscos.c: New. - * rnd-internal.h: Added prototype. - * random.c (fast_random_poll): Use '#if defined' instead of just - 'defined'; needed for RISC OS. - * primegen.c (gen_prime): count? are now ints for consistence - with is_prime(). - -2001-08-08 Werner Koch - - * rndw32.c (gather_random): Use toolhelp in addition to the NT - gatherer for Windows2000. Suggested by Sami Tolvanen. - - * random.c (read_pool): Fixed length check, this used to be one - byte to strict. Made an assert out of it because the caller has - already made sure that only poolsize bytes are requested. - Reported by Marcus Brinkmann. - -2001-07-18 Werner Koch - - * rndlinux.c (gather_random): casted a size_t arg to int so that - the format string is correct. Casting is okay here and avoids - translation changes. - -2001-06-12 Werner Koch - - * cipher.c (string_to_cipher_algo): Use ascii_strcasecmp(). - * md.c (string_to_digest_algo): Ditto. - * pubkey.c (string_to_pubkey_algo): Ditto. - * rndw32.c (slow_gatherer_windowsNT): Ditto. Not really needed - here but anyway. - -2001-04-29 Werner Koch - - * random.c (fast_random_poll): Do not check the return code of - getrusage. - -2001-04-17 Werner Koch - - * rndunix.c: Add a signal.h header to avoid warnings on Solaris 7 - and 8. - -2001-04-16 Werner Koch - - * dynload.c [__MINGW32__]: Applied patch from Timo Schulz to make - it work under W32. This patches is based on the one from - Disastry@saiknes.lv - -2001-04-06 Werner Koch - - * rijndael.c, des.c, blowfish.c, twofish.c, cast5.c (burn_stack): - New. Add wrappers for most functions to be able to call - burn_stack after the function invocation. This methods seems to be - the most portable way to zeroise the stack used. It does only work - on stack frame based machines but it is highly portable and has no - side effects. Just setting the automatic variables at the end of - a function to zero does not work well because the compiler will - optimize them away - marking them as volatile would be bad for - performance. - * md5.c, sha1.c, rmd160.c, tiger.c (burn_stack): Likewise. - * random.c (burn_stack): New. - (mix_pool): Use it here to burn the stack of the mixblock function. - -2001-04-02 Werner Koch - - * primegen.c (generate_elg_prime): I was not initialized for mode - != 1. Freed q at 3 places. Thanks to Tommi Komulainen. - -2001-03-28 Werner Koch - - * md5.c (md5_final): Fixed calculation of hashed length. Thanks - to disastry@saiknes.lv for pointing out that it was horrible wrong - for more than 512MB of input. - * sha1.c (sha1_final): Ditto. - * rmd160.c (rmd160_final): Ditto. - * tiger.c (tiger_final): Ditto. - -2001-03-19 Werner Koch - - * blowfish.c (encrypt,do_encrypt): Changed name to do_encrypt to - avoid name clahses with an encrypt function in stdlib.h of - Dynix/PIX. Thanks to Gene Carter. - * elgamal.c (encrypt,do_encrypt): Ditto. - -2001-03-12 Werner Koch - - * twofish.c (gnupgext_enum_func): Add some static when comnpiled - as a module. - - * tiger.c (tiger_get_info): Return "TIGER192" and not just - "TIGER". By Edwin Woudt. - -2001-03-08 Werner Koch - - * random.c: Always include time.h - standard requirement. Thanks - to James Troup. - -2001-01-18 Werner Koch - - * rndw32.c: Fixed typo and wrong ifdef for VER_PLATFORM* macro - -2001-01-12 Werner Koch - - * cipher.c (cipher_encrypt,cipher_encrypt): Use blocksize and - not 8 for CBC mode (However: we don't use CBS in OpenPGP). - -2000-11-22 Werner Koch - - * rndegd.c (gather_random): Fixed default socket to be '=entropy'. - Thanks to Tomasz Kozlowski. - -2000-10-12 Werner Koch - - * rijndael.c: New. - * cipher.c: Add Rijndael support. - -Wed Oct 4 15:50:18 CEST 2000 Werner Koch - - * sha1.c (transform): Use rol() macro. Actually this is not needed - for a newer gcc but there are still aoter compilers. - -Thu Sep 14 14:20:38 CEST 2000 Werner Koch - - * random.c (fast_random_poll): Check ENOSYS for getrusage. - * rndunix.c: Add 2 sources for QNX. By Sam Roberts. - -Wed Sep 13 18:12:34 CEST 2000 Werner Koch - - * rsa.c (secret): Speed up by using the CRT. For a 2k keys this - is about 3 times faster. - (stronger_key_check): New but unused code to check the secret key. - -Wed Sep 6 17:55:47 CEST 2000 Werner Koch - - * rsa.c: Changed the comment about the patent. - * Makefile.am: Included rsa.[ch]. - * pubkey.c: Enabled RSA support. - (pubkey_get_npkey): Removed RSA workaround. - -Fri Aug 25 16:05:38 CEST 2000 Werner Koch - - * rndlinux.c (open_device): Loose random device checking. - By Nils Ellmenreich. - - * rndegd.c (gather_random): Name of socket is nom configurable. - -Wed Jun 28 11:54:44 CEST 2000 Werner Koch - - * rsa.c, rsa.h: New based on the old module version (only in CVS for now). - * pubkey.c (setup_pubkey_table): Added commented support for RSA. - -Fri Jun 9 10:09:52 CEST 2000 Werner Koch - - * rndunix.c (waitpid): New. For UTS 2.1. All by Dave Dykstra. - (my_popen): Do the FD_CLOEXEC only if it is available - (start_gatherer): Cope with missing _SC_OPEN_MAX - -Sun May 28 13:55:17 CEST 2000 Werner Koch - - * random.c (read_seed_file): Binary open for DOSish system - (update_random_seed_file): Ditto. - - * rndw32.c: Add some debuging code enabled by an environment variable. - -Tue May 23 09:19:00 CEST 2000 Werner Koch - - * rndw32.c: Started with alternative code to replace entropy.dll - -Thu May 18 11:38:54 CEST 2000 Werner Koch - - * primegen.c (register_primegen_progress): New. - * dsa.c (register_pk_dsa_progress): New. - * elgamal.c (register_pk_elg_progress): New. - -Fri Apr 14 19:37:08 CEST 2000 Werner Koch - - * twofish.c (twofish_get_info): Fixed warning about cast. - -Tue Mar 28 14:26:58 CEST 2000 Werner Koch - - * random.c [MINGW32]: Include process.h for getpid. - -Thu Mar 2 15:37:46 CET 2000 Werner Koch - - * random.c (fast_random_poll): Add clock_gettime() as fallback for - system which support this POSIX.4 fucntion. By Sam Roberts. - - * rndunix.c: Add some more headers for QNX. By Sam Roberts. - - * random.c (read_seed_file): Removed the S_ISLNK test becuase it - is already covered by !S_ISREG and is not defined in Unixware. - Reported by Dave Dykstra. - - * sha1.c (sha1_get_info): Removed those stupid double lines. Dave - is really a good lint. - -Wed Feb 23 10:07:57 CET 2000 Werner Koch - - * twofish.c (twofish_get_info): Add some const to the casts. By Martin - Kahlert. - -Mon Feb 14 14:30:20 CET 2000 Werner Koch - - (update_random_seed_file): Silently ignore update request when pool - is not filled. - -Fri Feb 11 17:44:40 CET 2000 Werner Koch - - * random.c (read_seed_file): New. - (set_random_seed_file): New. - (read_pool): Try to read the seeding file. - (update_random_seed_file): New. - - (read_pool): Do an initial extra seeding when level 2 quality random - is requested the first time. This requestes at least POOLSIZE/2 bytes - of entropy. Compined with the seeding file this should make normal - random bytes cheaper and increase the quality of the random bytes - used for key generation. - - * rndegd.c (gather_random): Shortcut level 0. - * rndunix.c (gather_random): Ditto. - * rndw32.c (gather_random): Ditto. - -Fri Jan 14 18:32:01 CET 2000 Werner Koch - - * rmd160.c (rmd160_get_info): Moved casting to the left side due to a - problem with UTS4.3. Suggested by Dave Dykstra. - * sha1.c (sha1_get_info): Ditto. - * tiger.c (tiger_get_info): Ditto. - * md5.c (md5_get_info): Ditto - * des.c (des_get_info): Ditto. - * blowfish.c (blowfish_get_info): Ditto. - * cast5.c (cast5_get_info): Ditto. - * twofish.c (twofish_get_info): Ditto. - -Thu Jan 13 19:31:58 CET 2000 Werner Koch - - * elgamal.c (wiener_map): New. - (gen_k): Use a much smaller k. - (generate): Calculate the qbits using the wiener map and - choose an x at a size comparable to the one choosen in gen_k - - * random.c (read_pool): Print a more friendly error message in - cases when too much random is requested in one call. - - * Makefile.am (tiger): Replaced -O1 by -O. Suggested by Alec Habig. - -Sat Dec 4 12:30:28 CET 1999 Werner Koch - - * primegen.c (generate_elg_prime): All primes are now generated with - the lowest random quality level. Becuase they are public anyway we - don't need stronger random and by this we do not drain the systems - entropy so much. - -Thu Oct 28 16:08:20 CEST 1999 Werner Koch - - * random.c (fast_random_poll): Check whether RUSAGE_SELF is defined; - this is not the case for some ESIX and Unixware, although they have - getrusage(). - - * elgamal.c (sign): Hugh found strange code here. Replaced by BUG(). - -Mon Oct 11 09:24:12 CEST 1999 Werner Koch - - * rndw32.c (gather_random): Handle PCP_SEEDER_TOO_SMALL. - -Sat Oct 9 20:34:41 CEST 1999 Werner Koch - - * Makefile.am: Tweaked module build and removed libtool - -Fri Oct 8 20:32:01 CEST 1999 Werner Koch - - * rndw32.c (load_and_init_winseed): Use the Registry to locate the DLL - -Mon Oct 4 21:23:04 CEST 1999 Werner Koch - - * md.c (md_reset): Clear finalized; thanks to Ulf Moeller for - fixing this bug. - -Sat Sep 18 12:51:51 CEST 1999 Werner Koch - - * Makefile.am: Never compile mingw32 as module - -Wed Sep 15 14:39:59 CEST 1999 Michael Roth - - * des.c: Various speed improvements: One bit pre rotation - trick after initial permutation (Richard Outerbridge). - Finished test of SSLeay Tripple-DES patterns. - -Wed Sep 15 16:22:17 CEST 1999 Werner Koch - - * rndw32.c: New. - -Mon Sep 13 10:51:29 CEST 1999 Werner Koch - - * bithelp.h: New. - * rmd160.h, sha1.h, md5.h: Use the rol macro from bithelp.h - -Tue Sep 7 16:23:36 CEST 1999 Werner Koch - - * Makefile.am: Fixed seds for latest egcc. By Ollivier Robert. - -Mon Sep 6 19:59:08 CEST 1999 Werner Koch - - * des.c (selftest): Add some testpattern - -Mon Aug 30 20:38:33 CEST 1999 Werner Koch - - * cipher.c (do_cbc_encrypt): Fixed serious bug occuring when not using - in place encryption. Pointed out by Frank Stajano. - -Mon Jul 26 09:34:46 CEST 1999 Werner Koch - - * md5.c (md5_final): Fix for a SCO cpp bug. - -Thu Jul 15 10:15:35 CEST 1999 Werner Koch - - * elgamal.c (elg_check_secret_key,elg_encrypt - elg_decrypt,elg_sign,elg_verify): Sanity check on the args. - * dsa.c (dsa_check_secret_key,dsa_sign,dsa_verify): Ditto. - - * pubkey.c (disable_pubkey_algo): New. - (check_pubkey_algo2): Look at disabled algo table. - * cipher.c (disable_cipher_algo): New. - (check_cipher_algo): Look at disabled algo table. - -Wed Jul 7 13:08:40 CEST 1999 Werner Koch - - * Makefile.am: Support for libtool. - -Fri Jul 2 11:45:54 CEST 1999 Werner Koch - - * dsa.c (gen_k): Changed algorithm to consume less random bytes - * elgamal.c (gen_k): Ditto. - - * random.c (random_dump_stats): New. - -Thu Jul 1 12:47:31 CEST 1999 Werner Koch - - * primegen.c, elgamal.c, dsa.c (progess): New and replaced all - fputc with a call to this function. - -Sat Jun 26 12:15:59 CEST 1999 Werner Koch - - * rndegd.c (do_write): s/ssize_t/int/ due to SunOS 4.1 probs. - - * cipher.c (do_cbc_encrypt, do_cbc_decrypt): New. - - * dynload.c (HAVE_DL_SHL_LOAD): Map hpux API to dlopen (Dave Dykstra). - * Makefile.am (install-exec-hook): Removed. - -Sun May 23 14:20:22 CEST 1999 Werner Koch - - * cipher.c (setup_cipher_table): Enable Twofish - - * random.c (fast_random_poll): Disable use of times() for mingw32. - -Mon May 17 21:54:43 CEST 1999 Werner Koch - - * dynload.c (register_internal_cipher_extension): Minor init fix. - -Tue May 4 15:47:53 CEST 1999 Werner Koch - - * primegen.c (gen_prime): Readded the Fermat test. Fixed the bug - that we didn't correct for step when passing the prime to the - Rabin-Miller test which led to bad performance (Stefan Keller). - (check_prime): Add a first Fermat test. - -Sun Apr 18 10:11:28 CEST 1999 Werner Koch - - * cipher.c (cipher_setiv): Add ivlen arg, changed all callers. - - * random.c (randomize_buffer): alway use secure memory because - we can't use m_is_secure() on a statically allocated buffer. - - * twofish.c: Replaced some macros by a loop to reduce text size. - * Makefile.am (twofish): No more need for sed editing. - -Fri Apr 9 12:26:25 CEST 1999 Werner Koch - - * cipher.c (cipher_open): Reversed the changes for AUTO_CFB. - - * blowfish.c: Dropped the Blowfish 160 mode. - * cipher.c (cipher_open): Ditto. - (setup_cipher_table): Ditto. And removed support of twofish128 - -Wed Apr 7 20:51:39 CEST 1999 Werner Koch - - * random.c (get_random_bits): Can now handle requests > POOLSIZE - - * cipher.c (cipher_open): Now uses standard CFB for automode if - the blocksize is gt 8 (according to rfc2440). - - * twofish.c: Applied Matthew Skala's patches for 256 bit key. - -Tue Apr 6 19:58:12 CEST 1999 Werner Koch - - * random.c (get_random_bits): Can now handle requests > POOLSIZE - - * cipher.c (cipher_open): Now uses standard CFB for automode if - the blocksize is gt 8 (according to rfc2440). - -Sat Mar 20 11:44:21 CET 1999 Werner Koch - - * rndlinux.c (tty_printf) [IS_MODULE]: Removed. - - * rndegd.c (gather_random): Some fixes. - -Wed Mar 17 13:09:03 CET 1999 Werner Koch - - * rndegd.c (do_read): New. - (gather_random): Changed the implementation. - -Mon Mar 8 20:47:17 CET 1999 Werner Koch - - * dynload.c (DLSYM_NEEDS_UNDERSCORE): Renamed. - -Fri Feb 26 17:55:41 CET 1999 Werner Koch - - * md.c: Nearly a total rewrote. - -Wed Feb 24 11:07:27 CET 1999 Werner Koch - - * cipher.c (context): Fixed alignment - * md.c: Ditto. - - * rndegd.c: New - -Mon Feb 22 20:04:00 CET 1999 Werner Koch - - * rndegd.c: New. - -Wed Feb 10 17:15:39 CET 1999 Werner Koch - - * Makefile.am: Modules are now figured out by configure - * construct.c: New. Generated by configure. Changed all modules - to work with that. - * sha1.h: Removed. - * md5.h: Removed. - - * twofish.c: Changed interface to allow Twofish/256 - - * rndunix.c (start_gatherer): Die on SIGPIPE. - -Wed Jan 20 18:59:49 CET 1999 Werner Koch - - * rndunix.c (gather_random): Fix to avoid infinite loop. - -Sun Jan 17 11:04:33 CET 1999 Werner Koch - - * des.c (is_weak_key): Replace system memcmp due to bugs - in SunOS's memcmp. - (des_get_info): Return error on failed selftest. - * twofish.c (twofish_setkey): Return error on failed selftest or - invalid keylength. - * cast5.c (cast_setkey): Ditto. - * blowfish.c (bf_setkey): Return error on failed selftest. - -Tue Jan 12 11:17:18 CET 1999 Werner Koch - - * random.c (random_is_faked): New. - - * tiger.c: Only compile if we have the u64 type - -Sat Jan 9 16:02:23 CET 1999 Werner Koch - - * rndunix.c (gather_random): check for setuid. - - * Makefile.am: Add a way to staically link random modules - -Thu Jan 7 18:00:58 CET 1999 Werner Koch - - * md.c (md_stop_debug): Do a flush first. - (md_open): size of buffer now depends on the secure parameter - -Sun Jan 3 15:28:44 CET 1999 Werner Koch - - * rndunix.c (start_gatherer): Fixed stupid ==/= bug - -1998-12-31 Geoff Keating - - * des.c (is_weak_key): Rewrite loop end condition. - -Tue Dec 29 14:41:47 CET 1998 Werner Koch - - * random.c: add unistd.h for getpid(). - (RAND_MAX): Fallback value for Sun. - -Wed Dec 23 17:12:24 CET 1998 Werner Koch - - * md.c (md_copy): Reset debug. - -Mon Dec 14 21:18:49 CET 1998 Werner Koch - - * random.c (read_random_source): Changed the interface to the - random gathering function. - (gather_faked): Use new interface. - * dynload.c (dynload_getfnc_fast_random_poll): Ditto. - (dynload_getfnc_gather_random): Ditto. - * rndlinux.c (gather_random): Ditto. - * rndunix.c (gather_random): Ditto. - -Sat Dec 12 18:40:32 CET 1998 Werner Koch - - * dynload.c (SYMBOL_VERSION): New to cope with system which needs - underscores. - - * rndunix.c: Rewrote large parts - -Thu Dec 10 20:15:36 CET 1998 Werner Koch - - * dynload.c (load_extension): increased needed verbosity level. - - * random.c (fast_random_poll): Fallback to a default fast random - poll function. - (read_random_source): Always use the faked entroy gatherer if no - gather module is available. - * rndlinux.c (fast_poll): Removed. - * rndunix.c (fast_poll): Removed. - - -Wed Nov 25 12:33:41 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rand-*.c: Removed. - * rndlinux.c : New. - * rndunix.c : New. - * random.c : Restructured the interface to the gather modules. - (intialize): Call constructor functions - (read_radnom_source): Moved to here. - * dynload.c (dynload_getfnc_gather_random): New. - (dynload_getfnc_fast_random_poll): New. - (register_internal_cipher_extension): New. - (register_cipher_extension): Support of internal modules. - -Sun Nov 8 17:44:36 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rand-unix.c (read_random_source): Removed the assert. - -Mon Oct 19 18:34:30 1998 me,,, (wk@tobold) - - * pubkey.c: Hack to allow us to give some info about RSA keys back. - -Thu Oct 15 11:47:57 1998 Werner Koch (wk@isil.d.shuttle.de) - - * dynload.c: Support for DLD - -Wed Oct 14 12:13:07 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rand-unix.c: Now uses names from configure for /dev/random. - -1998-10-10 SL Baur - - * Makefile.am: fix sed -O substitutions to catch -O6, etc. - -Tue Oct 6 10:06:32 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rand-unix.c (HAVE_GETTIMEOFDAY): Fixed (was ..GETTIMEOFTIME :-) - * rand-dummy.c (HAVE_GETTIMEOFDAY): Ditto. - -Mon Sep 28 13:23:09 1998 Werner Koch (wk@isil.d.shuttle.de) - - * md.c (md_digest): New. - (md_reset): New. - -Wed Sep 23 12:27:02 1998 Werner Koch (wk@isil.d.shuttle.de) - - * tiger.c (TIGER_CONTEXT): moved "buf", so that it is 64 bit aligned. - -Mon Sep 21 06:22:53 1998 Werner Koch (wk@(none)) - - * des.c: Some patches from Michael. - -Thu Sep 17 19:00:06 1998 Werner Koch (wk@(none)) - - * des.c : New file from Michael Roth - -Mon Sep 14 11:10:55 1998 Werner Koch (wk@(none)) - - * blowfish.c (bf_setkey): Niklas Hernaeus patch to detect weak keys. - -Mon Sep 14 09:19:25 1998 Werner Koch (wk@(none)) - - * dynload.c (RTLD_NOW): Now defined to 1 if it is undefined. - -Mon Sep 7 17:04:33 1998 Werner Koch (wk@(none)) - - * Makefile.am: Fixes to allow a different build directory - -Thu Aug 6 17:25:38 1998 Werner Koch,mobil,,, (wk@tobold) - - * random.c (get_random_byte): Removed and changed all callers - to use get_random_bits() - -Mon Jul 27 10:30:22 1998 Werner Koch (wk@(none)) - - * cipher.c : Support for other blocksizes - (cipher_get_blocksize): New. - * twofish.c: New. - * Makefile.am: Add twofish module. - -Mon Jul 13 21:30:52 1998 Werner Koch (wk@isil.d.shuttle.de) - - * random.c (read_pool): Simple alloc if secure_alloc is not set. - (get_random_bits): Ditto. - -Thu Jul 9 13:01:14 1998 Werner Koch (wk@isil.d.shuttle.de) - - * dynload.c (load_extension): Function now nbails out if - the program is run setuid. - -Wed Jul 8 18:58:23 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rmd160.c (rmd160_hash_buffer): New. - -Thu Jul 2 10:50:30 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.c (cipher_open): algos >=100 use standard CFB - -Thu Jun 25 11:18:25 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am: Support for extensions - -Thu Jun 18 12:09:38 1998 Werner Koch (wk@isil.d.shuttle.de) - - * random.c (mix_pool): simpler handling for level 0 - -Mon Jun 15 14:40:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * tiger.c: Removed from dist, will reappear as dynload module - -Sat Jun 13 14:16:57 1998 Werner Koch (wk@isil.d.shuttle.de) - - * pubkey.c: Major changes to allow extensions. Changed the inteface - of all public key ciphers and added the ability to load extensions - on demand. - - * misc.c: Removed. - -Wed Jun 10 07:52:08 1998 Werner Koch,mobil,,, (wk@tobold) - - * dynload.c: New. - * cipher.c: Major changes to allow extensions. - -Mon Jun 8 22:43:00 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.c: Major internal chnages to support extensions. - * blowfish.c (blowfish_get_info): New and made all internal - functions static, changed heder. - * cast5.c (cast5_get_info): Likewise. - -Mon Jun 8 12:27:52 1998 Werner Koch (wk@isil.d.shuttle.de) - - * tiger.c (transform): Fix for big endian - - * cipher.c (do_cfb_decrypt): Big endian fix. - -Fri May 22 07:30:39 1998 Werner Koch (wk@isil.d.shuttle.de) - - * md.c (md_get_oid): Add a new one for TIGER. - -Thu May 21 13:24:52 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.c: Add support for a dummy cipher - -Thu May 14 15:40:36 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rmd160.c (transform): fixed sigbus - I should better - add Christian von Roques's new implemenation of rmd160_write. - -Fri May 8 18:07:44 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rand-internal.h, rand-unix.c, rand-w32.c, rand_dummy.c: New - * random.c: Moved system specific functions to rand-****.c - -Fri May 8 14:01:17 1998 Werner Koch (wk@isil.d.shuttle.de) - - * random.c (fast_random_poll): add call to gethrtime. - -Tue May 5 21:28:55 1998 Werner Koch (wk@isil.d.shuttle.de) - - * elgamal.c (elg_generate): choosing x was not correct, could - yield 6 bytes which are not from the random pool, tsss, tsss.. - -Tue May 5 14:09:06 1998 Werner Koch (wk@isil.d.shuttle.de) - - * primegen.c (generate_elg_prime): Add arg mode, changed all - callers and implemented mode 1. - -Mon Apr 27 14:41:58 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.c (cipher_get_keylen): New. - -Sun Apr 26 14:44:52 1998 Werner Koch (wk@isil.d.shuttle.de) - - * tiger.c, tiger.h: New. - -Wed Apr 8 14:57:11 1998 Werner Koch (wk@isil.d.shuttle.de) - - * misc.c (check_pubkey_algo2): New. - -Tue Apr 7 18:46:49 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.c: New - * misc.c (check_cipher_algo): Moved to cipher.c - * cast5.c: Moved many functions to cipher.c - * blowfish.c: Likewise. - -Sat Apr 4 19:52:08 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cast5.c: Implemented and tested. - -Wed Apr 1 16:38:27 1998 Werner Koch (wk@isil.d.shuttle.de) - - * elgamal.c (elg_generate): Faster generation of x in some cases. - -Thu Mar 19 13:54:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * blowfish.c (blowfish_decode_cfb): changed XOR operation - (blowfish_encode_cfb): Ditto. - -Thu Mar 12 14:04:05 1998 Werner Koch (wk@isil.d.shuttle.de) - - * sha1.c (transform): Rewrote - - * blowfish.c (encrypt): Unrolled for rounds == 16 - (decrypt): Ditto. - -Tue Mar 10 16:32:08 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rmd160.c (transform): Unrolled the loop. - -Tue Mar 10 13:05:14 1998 Werner Koch (wk@isil.d.shuttle.de) - - * random.c (read_pool): Add pool_balance stuff. - (get_random_bits): New. - - * elgamal.c (elg_generate): Now uses get_random_bits to generate x. - - -Tue Mar 10 11:33:51 1998 Werner Koch (wk@isil.d.shuttle.de) - - * md.c (md_digest_length): New. - -Tue Mar 10 11:27:41 1998 Werner Koch (wk@isil.d.shuttle.de) - - * dsa.c (dsa_verify): Works. - -Mon Mar 9 12:59:08 1998 Werner Koch (wk@isil.d.shuttle.de) - - * dsa.c, dsa.h: Removed some unused code. - -Wed Mar 4 10:39:22 1998 Werner Koch (wk@isil.d.shuttle.de) - - * md.c (md_open): Add call to fast_random_poll. - blowfish.c (blowfish_setkey): Ditto. - -Tue Mar 3 13:32:54 1998 Werner Koch (wk@isil.d.shuttle.de) - - * rmd160.c (rmd160_mixblock): New. - * random.c: Restructured to start with a new RNG implementation. - * random.h: New. - -Mon Mar 2 19:21:46 1998 Werner Koch (wk@isil.d.shuttle.de) - - * gost.c, gost.h: Removed because they did only conatin trash. - -Sun Mar 1 16:42:29 1998 Werner Koch (wk@isil.d.shuttle.de) - - * random.c (fill_buffer): removed error message if n == -1. - -Fri Feb 27 16:39:34 1998 Werner Koch (wk@isil.d.shuttle.de) - - * md.c (md_enable): No init if called twice. - -Thu Feb 26 07:57:02 1998 Werner Koch (wk@isil.d.shuttle.de) - - * primegen.c (generate_elg_prime): Changed the progress printing. - (gen_prime): Ditto. - -Tue Feb 24 12:28:42 1998 Werner Koch (wk@isil.d.shuttle.de) - - * md5.c, md.5 : Replaced by a modified version of md5.c from - GNU textutils 1.22. - -Wed Feb 18 14:08:30 1998 Werner Koch (wk@isil.d.shuttle.de) - - * md.c, md.h : New debugging support - -Mon Feb 16 10:08:47 1998 Werner Koch (wk@isil.d.shuttle.de) - - * misc.c (cipher_algo_to_string): New - (pubkey_algo_to_string): New. - (digest_algo_to_string): New. - - - - Copyright 1998, 1999, 2000, 2001, 2002, 2003, - 2004, 2005 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/cipher/ChangeLog-2011 b/cipher/ChangeLog-2011 new file mode 100644 index 000000000..f19309554 --- /dev/null +++ b/cipher/ChangeLog-2011 @@ -0,0 +1,1396 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-08-09 Werner Koch + + * rijndael.c (u32_a_t): New. + (do_encrypt_aligned, do_decrypt): Use the new type to avoid + problems with strict aliasing rules. + + * dynload.c (register_cipher_extension): Remove unused var. + +2010-10-18 Werner Koch + + * rndw32.c (slow_gatherer_windowsNT): Add GNUPG_RNDW32_NOPERF envvar. + +2010-09-28 Steven M. Schweda (wk) + + Changes to help the VMS port. See + http://antinode.info/dec/sw/gnupg.html . + + * random.c [__VMS]: Include rmsdef.h and vms.h. + (LOCK_SEED_FILE) [__VMS]: Set to 0. + (getfnc_gather_random) [USE_RNDVMS]: Call rndvms_gather_random. + (read_seed_file) [__VMS]: Allow reading by others. + (update_random_seed_file) [__VMS]: Use VMS specific open call. + * rand-internal.h (rndvms_gather_random): New. + +2008-04-17 David Shaw + + * camellia-glue.c (selftest, camellia_get_info), cipher.c + (setup_cipher_table): Add Camellia-192. + +2008-03-22 Werner Koch + + * cipher.c (struct cipher_handle_s): Make sure IV is u32 + aligned. Change all users of IV. + (do_cfb_encrypt): Optimize and use bulk code for AES. + (do_cfb_decrypt): Ditto. + * rijndael.c (do_encrypt): Remove. + (do_encrypt_aligned, do_encrypt): New. Taken from libgcrypt. + (rijndael_cfb_enc, rijndael_cfb_dec): New. + +2007-12-12 Werner Koch + + * pubkey.c (pubkey_encrypt, pubkey_decrypt): Allow type 20 keys. + (pubkey_algo_to_string): Ditto. + +2007-12-11 Werner Koch + + * pubkey.c (check_pubkey_algo2): Hack to allow decryption using an + type 20 Elgamal key. + +2007-11-29 David Shaw + + * camellia-glue.c (camellia_get_info), cipher.c + (setup_cipher_table): Add 128-bit variant of Camellia. + +2007-11-28 David Shaw + + * sha256.c (sha224_get_info): 4880 has an error in the SHA-224 OID + and we inherited it. Fixing. + +2007-10-23 Werner Koch + + Switched entire package to GPLv3+. + +2007-07-09 Werner Koch + + * camellia.c, camellia.h: Fixed the FSF's postal address. + +2007-06-13 David Shaw + + * Makefile.am, algorithms.h, cipher.c (setup_cipher_table): Add + Camellia. + + * camellia-glue.c: New. These are glue functions to interface + GnuPG to the stock NTT Camellia distribution. + + * camellia.h, camellia.c: New. Version 1.2.0 of the Camellia code + (GPL) unchanged from + http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html + +2006-12-11 Werner Koch + + * elgamal.c (test_keys): Use new mpi_nlimb_hint_from_nbits + function. This also rounds up the value. + (generate): Use new mpi_nlimb_hint_from_nbits function. + * rsa.c (test_keys): Ditto. + (generate): Ditto. + (rsa_verify): Ditto. + * primegen.c (generate_elg_prime): Ditto. + (gen_prime): Ditto. + * dsa.c (test_keys): Ditto. This also rounds up the value. + + * Makefile.am (AM_CPPFLAGS): Use instead of INCLUDES. define + GNUPG_LIBDIR. + +2006-11-03 Werner Koch + + * random.c [HAVE_GETTIMEOFDAY]: Included sys/time.h and not + sys/times.h. Reported by Rafaël Carré. + +2006-06-28 David Shaw + + * rsa.c (generate): Use e=65537 for new RSA keys. + +2006-04-20 David Shaw + + * dsa.c (dsa2_generate): New function to generate a DSA key with a + variable sized q. + (generate): Tweak to allow keys larger than 1024 bits. Enforce + that the q size doesn't end between byte boundaries. + +2006-04-19 David Shaw + + * sha256.c (sha224_get_info, sha224_init): New init functions for + the 224-bit variant of SHA-256. + * algorithms.h, md.c (load_digest_module): Call them here. + +2006-03-20 David Shaw + + * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert + previous change. It's now all done in configure. + +2006-03-19 David Shaw + + * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use + '#if' rather than '#ifdef' BIG_ENDIAN_HOST. Harmless as we + explicitly define BIG_ENDIAN_HOST to 1 when we need it, but needed + for OSX fat builds when we define BIG_ENDIAN_HOST to another + macro. + +2006-02-14 Werner Koch + + * random.c (lock_seed_file): Build even when not used. + +2006-02-09 Werner Koch + + * random.c (lock_seed_file): New. + (read_seed_file, update_random_seed_file): Use it. + (random_disable_locking): New. + +2005-12-06 David Shaw + + * idea-stub.c (load_module): Not legal to return a void * as a + function pointer. + + * Makefile.am, rndegd.c, rndlinux.c, rndunix.c, rndw32.c: Some + cleanup so we don't build files that are completely ifdeffed out. + This causes a warning on Sun's cc. Do sha512.c as well for + consistency. + +2005-08-11 Werner Koch + + * rijndael.c (rijndael_cfb_encrypt): Experimental code to improve + AES performance. Got about 25% on ia32. + * cipher.c (do_cfb_encrypt): Ditto. + +2005-06-07 David Shaw + + * random.c: Fix prototype of the fast random gatherer. Noted by + Joe Vender. + +2005-03-23 Werner Koch + + * rndw32.c (rndw32_gather_random_fast): While adding data use the + size of the object and not the one of its address. Bug reported by + Sascha Kiefer. + +2005-03-07 Werner Koch + + * primegen.c (is_prime): Free A2. Noted by pmike2001@mail.ru. + Fixes #423. + +2004-11-30 David Shaw + + * md.c (string_to_digest_algo): Allow read/write SHA384 and + SHA512. + +2004-11-03 Timo Schulz + + * idea-stub.c (dlopen, dlsym): Use w32_strerror instead of + just showing the error number. + +2004-10-14 Werner Koch + + * rndunix.c (start_gatherer) [ENABLE_SELINUX_HACKS]: Don't allow + logging. + +2004-10-12 David Shaw + + * algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, + blowfish.c, des.c, rijndael.c: Consistently use const for input + buffers. + +2004-09-23 Werner Koch + + * rsa.c (rsa_generate): Return the dummy list of factors only if + the caller asked for it. + +2004-05-20 David Shaw + + * dsa.c (verify): s/exp/exponent/ to fix a compiler warning. From + Werner on stable branch. + +2004-01-16 David Shaw + + * cipher.c (setup_cipher_table): May as well call Rijndael AES at + this point. + + * pubkey.c (setup_pubkey_table), elgamal.c (sign, verify, + test_keys, elg_sign, elg_verify, elg_get_info): Remove the last + bits of Elgamal type 20 support. + +2003-12-29 David Shaw + + * idea-stub.c (load_module, idea_get_info): Return the proper type + for idea_get_info from inside load_module. From Stefan Bellon. + + * rijndael.c, rndunix.c, twofish.c: Remove dead IS_MODULE code. + + * g10c.c: Dead code. Remove. + + * Makefile.am: Don't compile g10c.c. + +2003-12-28 Stefan Bellon + + * rndriscos.c (rndriscos_gather_random) [__riscos__]: Declare + variable outside loop. + + * blowfish.c, twofish.c [__riscos__]: Removal of unnecessary + #ifdef __riscos__ sections. + +2003-12-17 David Shaw + + * dsa.h, dsa.c (dsa_verify), elgamal.h, elgamal.c (elg_verify), + rsa.h, rsa.c (rsa_verify), pubkey.c (dummy_verify, pubkey_verify): + Remove old unused code. + +2003-12-03 David Shaw + + * pubkey.c (setup_pubkey_table): Don't allow signatures to and + from encrypt-only Elgamal keys. + (pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig, + pubkey_get_nenc, pubkey_nbits): Wrap the RSA cheats in !USE_RSA. + Add cheats for sign+encrypt Elgamal. + +2003-11-30 David Shaw + + * pubkey.c (setup_pubkey_table): Only include RSA if USE_RSA is + defined. + (pubkey_get_npkey): Return 2 for RSA even if it isn't available so + we can at least handle RSA keys. + +2003-11-27 Werner Koch + + * pubkey.c (pubkey_sign): Return an error if an ElGamal key is + used. + + * elgamal.c (gen_k): New arg SMALL_K. + (sign): Use it here with SMALL_K set to false + (do_encrypt): and here with SMALL_K set to true. + +2003-10-10 Werner Koch + + * primegen.c (gen_prime): Bail out if we try to generate a prime + with less than 16 bits. Include i18n.h. + +2003-10-06 Werner Koch + + * primegen.c (gen_prime): Bail out if NBITS is zero. This is + Debian bug #213989 reported by Max . + +2003-09-04 David Shaw + + * md.c (string_to_digest_algo): Enable read-write SHA-256 support. + + * algorithms.h, Makefile.am, md.c (load_digest_module, + string_to_digest_algo), tiger.c: Drop TIGER/192 support. + +2003-08-28 David Shaw + + * idea-stub.c, random.c; s/__MINGW32__/_WIN32/ to help building on + native Windows compilers. Requested by Brian Gladman. From + Werner on stable branch. + +2003-08-21 David Shaw + + * random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM + twice. Use NAME_OF_DEV_URANDOM. + +2003-05-24 David Shaw + + * bithelp.h, des.c, random.c, rndlinux.c, sha1.c, blowfish.c, + elgamal.c, rijndael.c, rndunix.c, sha256.c, cast5.c, idea-stub.c, + rmd160.c, rndw32.c, sha512.c, md5.c, rmd160test.c, rsa.c, tiger.c: + Edit all preprocessor instructions to remove whitespace before the + '#'. This is not required by C89, but there are some compilers + out there that don't like it. + +2003-05-15 David Shaw + + * cipher.c (setup_cipher_table): #ifdef IDEA. + + * random.c (fast_random_poll): Only use times() if we HAVE_TIMES. + + * sha512.c, tiger.c: Use the U64_C() macro to specify 64-bit + constants. U64_C is defined in include/types.h and uses the + correct suffix depending on the underlying type of u64. + + * idea-stub.c (load_module): Catch an error if the idea module + file is unloadable for some reason (unreadable, bad permissions, + etc.) + + * md.c (string_to_digest_algo): Give a warning about TIGER192 not + being part of OpenPGP. + +2003-04-15 Werner Koch + + * md.c (md_start_debug): Need to open the file in binary mode. + +2003-02-21 David Shaw + + * cipher.c (setup_cipher_table): #ifdef all optional ciphers. + + * md.c (load_digest_module): #ifdef all optional digests. + +2003-02-11 David Shaw + + * Makefile.am, md.c (load_digest_module): Only build in SHA384/512 + and TIGER if specifically enabled by the 64-bit type check in + configure. + +2003-02-04 David Shaw + + * sha256.c, sha512.c: New. + + * Makefile.am, algorithms.h, md.c (load_digest_module, + string_to_digest_algo): Add read-only support for the new SHAs. + +2002-11-06 David Shaw + + * rndw32.c [__CYGWIN32__]: Don't include winioctl.h - it is not + required anymore. (From Werner) + + * random.c (read_seed_file,update_random_seed_file): Use binary + mode for __CYGWIN__. (From Werner) + + * blowfish.c (burn_stack), cast5.c (burn_stack), des.c + (burn_stack), md5.c (burn_stack), random.c (burn_stack, read_pool, + fast_random_poll), rijndael.c (burn_stack), rmd160.c (burn_stack), + rndegd.c (rndegd_gather_random), rndlinux.c + (rndlinux_gather_random), sha1.c (burn_stack), tiger.c + (burn_stack), twofish.c (burn_stack): Replace various calls to + memset() with the more secure wipememory(). + +2002-11-02 David Shaw + + * cipher.c (string_to_cipher_algo), md.c (string_to_digest_algo): + Allow the Sxxx and Hxxx format for cipher and digest names. + +2002-10-31 Stefan Bellon + + * rndriscos.c (rndriscos_gather_random): Use riscos_load_module() + to load CryptRandom module. + +2002-10-12 Werner Koch + + * rndunix.c (my_popen): Make sure that stdin and stderr are + connected to a file. This is to avoid NetBSD to complain about + set{u,g}id programs invoked with fd 0, 2 closed. Reported by + Cristian Biere. + (start_gatherer): Likewise. Reordered code. + +2002-10-02 David Shaw + + * tiger.c (tiger_get_info): Select the OID to use for TIGER at + compile time. + +2002-09-27 David Shaw + + * Makefile.am, md.c (load_digest_module): TIGER is now always + enabled. + +2002-09-26 Werner Koch + + * tiger.c (tiger_get_info): Use a regular OID. Note that this + breaks all TIGER generated signatures; if we want to do something + about it we have to do it in ../g10/sig-check.c . + +2002-09-17 Werner Koch + + * rndw32.c (SIZEOF_DISK_PERFORMANCE_STRUCT): Increased to 256. + +2002-09-12 Stefan Bellon + + * rand-internal.h (rndriscos_gather_random): Added prototype. + +2002-08-30 Werner Koch + + * random.c: Automagically detect the entropy gatherer when + this feature is configured. + * rndegd.c (rndegd_connect_socket): New. Factored out from .. + (rndegd_gather_random): here and call it. + (do_read): Update the counter variables correctly. This was not a + problem due to the way EGD works. Bug found by Christian Biere. + +2002-08-20 Werner Koch + + * primegen.c (generate_elg_prime): Return all factors for mode 1. + Bug reported by Bob Mathews. + +2002-08-12 Werner Koch + + * cipher.c: Include the DUMMY cipher only when the new ALLOW_DUMMY + is defined. It should only be defined for hard core debugging. + +2002-08-08 David Shaw + + * Makefile.am, md.c (load_digest_module): Allow switching TIGER on + and off via configure. + +2002-08-07 David Shaw + + * md.c (md_algo_present): New function to check if a given algo is + in use for a given MD_HANDLE. + +2002-08-04 Werner Koch + + * blowfish.h, cast5.h, des.h: Removed after moving all prototypes to + * algorithms.h: here. Changed all sources to use this one. + +2002-08-03 Stefan Bellon + + * idea-stub.c (idea_get_info): RISC OS' Norcroft C needs a cast. + * random.c (getfnc_gather_random): Added RISC OS support. + * rndriscos.c: Removed dynload code and tidied up a bit. + +2002-08-03 Werner Koch + + * rndegd.c (do_read): Handle case when read returns 0 to avoid + gpg hanging when EGD died. By Christian Biere. + +2002-08-02 Werner Koch + + The big extension removal. + + * Makefile.am: Removed all extension stuff. + * dynload.c: Removed everything except for + register_cipher_extension. + (dynload_enum_module_names): New. + * dynload.h: Removed. + * random.c (getfnc_gather_random,getfnc_fast_random_poll): + New. Replaced all dynload functions with these ones. + * rndunix.c (rndunix_gather_random): Renamed from + gather_random. Made global. Removed all dynload stuff. + * rndlinux.c (rndlinux_gather_random): Likewise. + * rndegd.c (rndegd_gather_random): Likewise. + * rndw32.c (rndw32_gather_random) + (rndw32_gather_random_fast): Likewise. Also removed the unsued + entropy dll code. + * md.c (new_list_item): Changed return value to indicate whether + an algorithms was loaded. + (load_digest_module): Simplified by removing all the dynload code. + * algorithms.h: New. + * md5.c (md5_get_info): Made global. Removed all dynload stuff. + * rmd160.c (rmd160_get_info): Likewise. + * sha1.c (sha1_get_info): Likewise. + * tiger.c (tiger_get_info): Likewise. Return NULL if we can't use + this module. + * idea-stub.c: New. + * blowfish.h (idea_get_info): Add prototype. + * cipher.c (setup_cipher_table): Try to load IDEA. + (load_cipher_modules): Removed all dynload code. + * pubkey.c (load_pubkey_modules): Removed the dynloading code. + +2002-07-25 David Shaw + + * random.c: "warning" -> "WARNING" + +2002-07-02 Werner Koch + + * rndw32.c (slow_gatherer_windowsNT): Use a simple array for the + disk performance structure and increase it to the size required by + W2000. + +2002-06-29 Werner Koch + + * rndlinux.c: Removed HAVE_LINUX_RANDOM_H conditional because it + was never used and the configure test did set the wrong macro + anyway. + +2002-05-07 Stefan Bellon + + * md.c (md_start_debug): Use EXTSEP_S instead of ".". + +2002-04-24 Werner Koch + + * tiger.c (tiger_final): Removed superfluous token pasting operators. + * md5.c (md5_final): Ditto. + +2002-04-22 Stefan Bellon + + * rndriscos.c (func_table): Made func a function pointer. + (init_device): Improved loading of CryptRandom module. + +2002-04-18 Werner Koch + + * rndlinux.c, rndegd.c, rndunix.c (func_table): Made func a + function pointer. Note that we still need to change the module + interface to cope with data vs function pointer problems. Hmmm, + even dlsym has a problem with this. + +2002-04-10 David Shaw + + * cipher.c (setup_cipher_table, cipher_open, cipher_encrypt, + cipher_decrypt, dummy_setkey, dummy_encrypt_block, + dummy_decrypt_block): the dummy cipher should only be built on + development versions. + +2002-04-06 Werner Koch + + * rijndael.c (rijndael_get_info): We do only support a 128 bit + blocksize so it makes sense to change the algorithm strings to + AES. + * cipher.c (string_to_cipher_algo): Map "RIJNDAEL" to "AES". + +2002-02-14 Werner Koch + + * random.c (mix_pool): Removed the failsafe stuff again. It makes + the code more complicate and may give the path to more bugs. + +2002-02-10 Werner Koch + + * random.c (mix_pool): Carry an extra failsafe_digest buffer + around to make the function more robust. + +2002-02-08 Werner Koch + + * random.c (add_randomness): Xor new data into the pool and not + just copy it. This avoids any choosen input attacks which are not + serious in our setting because an outsider won't be able to mix + data in and even then we keep going with a PRNG. Thanks to Stefan + Keller for pointing this out. + +2002-01-02 Stefan Bellon + + * rndriscos.c [__riscos__]: Updated include file name. + +2001-12-21 Werner Koch + + * Makefile.am (DISCLEANFILES): Add construct.c + +2001-12-19 Werner Koch + + * rndw32.c [CYGWIN32]: Include winioctl.h. By Disastry. + +2001-11-08 Werner Koch + + * primegen.c (gen_prime): Set 2 high order bits for secret primes. + * rsa.c (generate): Loop until we find the exact modulus size. + Changed the exponent to 41. + +2001-10-22 Werner Koch + + * Makefile.am: Need to use $(EXEEXT) where approriate. + +2001-09-09 Werner Koch + + * rsa.c (rsa_get_info): s/usage/r_usage/ to avoid shadow warnings. + +2001-08-24 Werner Koch + + * md.c (md_write): Made buf arg const. + +2001-08-22 Werner Koch + + * random.c (fast_random_poll): Don't use gethrtime if it is broken. + +2001-08-20 Werner Koch + + Applied patches from Stefan Bellon to support + RISC OS. Nearly all of these patches are identified by the + __riscos__ macro. + * blowfish.c, twofish.c: Added pragmas for use with a Norcraft + compiler. + * dynload.c, md5.c, rmd160.c, sha1.c: Minor patches for RISC OS. + * rndriscos.c: New. + * rnd-internal.h: Added prototype. + * random.c (fast_random_poll): Use '#if defined' instead of just + 'defined'; needed for RISC OS. + * primegen.c (gen_prime): count? are now ints for consistence + with is_prime(). + +2001-08-08 Werner Koch + + * rndw32.c (gather_random): Use toolhelp in addition to the NT + gatherer for Windows2000. Suggested by Sami Tolvanen. + + * random.c (read_pool): Fixed length check, this used to be one + byte to strict. Made an assert out of it because the caller has + already made sure that only poolsize bytes are requested. + Reported by Marcus Brinkmann. + +2001-07-18 Werner Koch + + * rndlinux.c (gather_random): casted a size_t arg to int so that + the format string is correct. Casting is okay here and avoids + translation changes. + +2001-06-12 Werner Koch + + * cipher.c (string_to_cipher_algo): Use ascii_strcasecmp(). + * md.c (string_to_digest_algo): Ditto. + * pubkey.c (string_to_pubkey_algo): Ditto. + * rndw32.c (slow_gatherer_windowsNT): Ditto. Not really needed + here but anyway. + +2001-04-29 Werner Koch + + * random.c (fast_random_poll): Do not check the return code of + getrusage. + +2001-04-17 Werner Koch + + * rndunix.c: Add a signal.h header to avoid warnings on Solaris 7 + and 8. + +2001-04-16 Werner Koch + + * dynload.c [__MINGW32__]: Applied patch from Timo Schulz to make + it work under W32. This patches is based on the one from + Disastry@saiknes.lv + +2001-04-06 Werner Koch + + * rijndael.c, des.c, blowfish.c, twofish.c, cast5.c (burn_stack): + New. Add wrappers for most functions to be able to call + burn_stack after the function invocation. This methods seems to be + the most portable way to zeroise the stack used. It does only work + on stack frame based machines but it is highly portable and has no + side effects. Just setting the automatic variables at the end of + a function to zero does not work well because the compiler will + optimize them away - marking them as volatile would be bad for + performance. + * md5.c, sha1.c, rmd160.c, tiger.c (burn_stack): Likewise. + * random.c (burn_stack): New. + (mix_pool): Use it here to burn the stack of the mixblock function. + +2001-04-02 Werner Koch + + * primegen.c (generate_elg_prime): I was not initialized for mode + != 1. Freed q at 3 places. Thanks to Tommi Komulainen. + +2001-03-28 Werner Koch + + * md5.c (md5_final): Fixed calculation of hashed length. Thanks + to disastry@saiknes.lv for pointing out that it was horrible wrong + for more than 512MB of input. + * sha1.c (sha1_final): Ditto. + * rmd160.c (rmd160_final): Ditto. + * tiger.c (tiger_final): Ditto. + +2001-03-19 Werner Koch + + * blowfish.c (encrypt,do_encrypt): Changed name to do_encrypt to + avoid name clahses with an encrypt function in stdlib.h of + Dynix/PIX. Thanks to Gene Carter. + * elgamal.c (encrypt,do_encrypt): Ditto. + +2001-03-12 Werner Koch + + * twofish.c (gnupgext_enum_func): Add some static when comnpiled + as a module. + + * tiger.c (tiger_get_info): Return "TIGER192" and not just + "TIGER". By Edwin Woudt. + +2001-03-08 Werner Koch + + * random.c: Always include time.h - standard requirement. Thanks + to James Troup. + +2001-01-18 Werner Koch + + * rndw32.c: Fixed typo and wrong ifdef for VER_PLATFORM* macro + +2001-01-12 Werner Koch + + * cipher.c (cipher_encrypt,cipher_encrypt): Use blocksize and + not 8 for CBC mode (However: we don't use CBS in OpenPGP). + +2000-11-22 Werner Koch + + * rndegd.c (gather_random): Fixed default socket to be '=entropy'. + Thanks to Tomasz Kozlowski. + +2000-10-12 Werner Koch + + * rijndael.c: New. + * cipher.c: Add Rijndael support. + +Wed Oct 4 15:50:18 CEST 2000 Werner Koch + + * sha1.c (transform): Use rol() macro. Actually this is not needed + for a newer gcc but there are still aoter compilers. + +Thu Sep 14 14:20:38 CEST 2000 Werner Koch + + * random.c (fast_random_poll): Check ENOSYS for getrusage. + * rndunix.c: Add 2 sources for QNX. By Sam Roberts. + +Wed Sep 13 18:12:34 CEST 2000 Werner Koch + + * rsa.c (secret): Speed up by using the CRT. For a 2k keys this + is about 3 times faster. + (stronger_key_check): New but unused code to check the secret key. + +Wed Sep 6 17:55:47 CEST 2000 Werner Koch + + * rsa.c: Changed the comment about the patent. + * Makefile.am: Included rsa.[ch]. + * pubkey.c: Enabled RSA support. + (pubkey_get_npkey): Removed RSA workaround. + +Fri Aug 25 16:05:38 CEST 2000 Werner Koch + + * rndlinux.c (open_device): Loose random device checking. + By Nils Ellmenreich. + + * rndegd.c (gather_random): Name of socket is nom configurable. + +Wed Jun 28 11:54:44 CEST 2000 Werner Koch + + * rsa.c, rsa.h: New based on the old module version (only in CVS for now). + * pubkey.c (setup_pubkey_table): Added commented support for RSA. + +Fri Jun 9 10:09:52 CEST 2000 Werner Koch + + * rndunix.c (waitpid): New. For UTS 2.1. All by Dave Dykstra. + (my_popen): Do the FD_CLOEXEC only if it is available + (start_gatherer): Cope with missing _SC_OPEN_MAX + +Sun May 28 13:55:17 CEST 2000 Werner Koch + + * random.c (read_seed_file): Binary open for DOSish system + (update_random_seed_file): Ditto. + + * rndw32.c: Add some debuging code enabled by an environment variable. + +Tue May 23 09:19:00 CEST 2000 Werner Koch + + * rndw32.c: Started with alternative code to replace entropy.dll + +Thu May 18 11:38:54 CEST 2000 Werner Koch + + * primegen.c (register_primegen_progress): New. + * dsa.c (register_pk_dsa_progress): New. + * elgamal.c (register_pk_elg_progress): New. + +Fri Apr 14 19:37:08 CEST 2000 Werner Koch + + * twofish.c (twofish_get_info): Fixed warning about cast. + +Tue Mar 28 14:26:58 CEST 2000 Werner Koch + + * random.c [MINGW32]: Include process.h for getpid. + +Thu Mar 2 15:37:46 CET 2000 Werner Koch + + * random.c (fast_random_poll): Add clock_gettime() as fallback for + system which support this POSIX.4 fucntion. By Sam Roberts. + + * rndunix.c: Add some more headers for QNX. By Sam Roberts. + + * random.c (read_seed_file): Removed the S_ISLNK test becuase it + is already covered by !S_ISREG and is not defined in Unixware. + Reported by Dave Dykstra. + + * sha1.c (sha1_get_info): Removed those stupid double lines. Dave + is really a good lint. + +Wed Feb 23 10:07:57 CET 2000 Werner Koch + + * twofish.c (twofish_get_info): Add some const to the casts. By Martin + Kahlert. + +Mon Feb 14 14:30:20 CET 2000 Werner Koch + + (update_random_seed_file): Silently ignore update request when pool + is not filled. + +Fri Feb 11 17:44:40 CET 2000 Werner Koch + + * random.c (read_seed_file): New. + (set_random_seed_file): New. + (read_pool): Try to read the seeding file. + (update_random_seed_file): New. + + (read_pool): Do an initial extra seeding when level 2 quality random + is requested the first time. This requestes at least POOLSIZE/2 bytes + of entropy. Compined with the seeding file this should make normal + random bytes cheaper and increase the quality of the random bytes + used for key generation. + + * rndegd.c (gather_random): Shortcut level 0. + * rndunix.c (gather_random): Ditto. + * rndw32.c (gather_random): Ditto. + +Fri Jan 14 18:32:01 CET 2000 Werner Koch + + * rmd160.c (rmd160_get_info): Moved casting to the left side due to a + problem with UTS4.3. Suggested by Dave Dykstra. + * sha1.c (sha1_get_info): Ditto. + * tiger.c (tiger_get_info): Ditto. + * md5.c (md5_get_info): Ditto + * des.c (des_get_info): Ditto. + * blowfish.c (blowfish_get_info): Ditto. + * cast5.c (cast5_get_info): Ditto. + * twofish.c (twofish_get_info): Ditto. + +Thu Jan 13 19:31:58 CET 2000 Werner Koch + + * elgamal.c (wiener_map): New. + (gen_k): Use a much smaller k. + (generate): Calculate the qbits using the wiener map and + choose an x at a size comparable to the one choosen in gen_k + + * random.c (read_pool): Print a more friendly error message in + cases when too much random is requested in one call. + + * Makefile.am (tiger): Replaced -O1 by -O. Suggested by Alec Habig. + +Sat Dec 4 12:30:28 CET 1999 Werner Koch + + * primegen.c (generate_elg_prime): All primes are now generated with + the lowest random quality level. Becuase they are public anyway we + don't need stronger random and by this we do not drain the systems + entropy so much. + +Thu Oct 28 16:08:20 CEST 1999 Werner Koch + + * random.c (fast_random_poll): Check whether RUSAGE_SELF is defined; + this is not the case for some ESIX and Unixware, although they have + getrusage(). + + * elgamal.c (sign): Hugh found strange code here. Replaced by BUG(). + +Mon Oct 11 09:24:12 CEST 1999 Werner Koch + + * rndw32.c (gather_random): Handle PCP_SEEDER_TOO_SMALL. + +Sat Oct 9 20:34:41 CEST 1999 Werner Koch + + * Makefile.am: Tweaked module build and removed libtool + +Fri Oct 8 20:32:01 CEST 1999 Werner Koch + + * rndw32.c (load_and_init_winseed): Use the Registry to locate the DLL + +Mon Oct 4 21:23:04 CEST 1999 Werner Koch + + * md.c (md_reset): Clear finalized; thanks to Ulf Moeller for + fixing this bug. + +Sat Sep 18 12:51:51 CEST 1999 Werner Koch + + * Makefile.am: Never compile mingw32 as module + +Wed Sep 15 14:39:59 CEST 1999 Michael Roth + + * des.c: Various speed improvements: One bit pre rotation + trick after initial permutation (Richard Outerbridge). + Finished test of SSLeay Tripple-DES patterns. + +Wed Sep 15 16:22:17 CEST 1999 Werner Koch + + * rndw32.c: New. + +Mon Sep 13 10:51:29 CEST 1999 Werner Koch + + * bithelp.h: New. + * rmd160.h, sha1.h, md5.h: Use the rol macro from bithelp.h + +Tue Sep 7 16:23:36 CEST 1999 Werner Koch + + * Makefile.am: Fixed seds for latest egcc. By Ollivier Robert. + +Mon Sep 6 19:59:08 CEST 1999 Werner Koch + + * des.c (selftest): Add some testpattern + +Mon Aug 30 20:38:33 CEST 1999 Werner Koch + + * cipher.c (do_cbc_encrypt): Fixed serious bug occuring when not using + in place encryption. Pointed out by Frank Stajano. + +Mon Jul 26 09:34:46 CEST 1999 Werner Koch + + * md5.c (md5_final): Fix for a SCO cpp bug. + +Thu Jul 15 10:15:35 CEST 1999 Werner Koch + + * elgamal.c (elg_check_secret_key,elg_encrypt + elg_decrypt,elg_sign,elg_verify): Sanity check on the args. + * dsa.c (dsa_check_secret_key,dsa_sign,dsa_verify): Ditto. + + * pubkey.c (disable_pubkey_algo): New. + (check_pubkey_algo2): Look at disabled algo table. + * cipher.c (disable_cipher_algo): New. + (check_cipher_algo): Look at disabled algo table. + +Wed Jul 7 13:08:40 CEST 1999 Werner Koch + + * Makefile.am: Support for libtool. + +Fri Jul 2 11:45:54 CEST 1999 Werner Koch + + * dsa.c (gen_k): Changed algorithm to consume less random bytes + * elgamal.c (gen_k): Ditto. + + * random.c (random_dump_stats): New. + +Thu Jul 1 12:47:31 CEST 1999 Werner Koch + + * primegen.c, elgamal.c, dsa.c (progess): New and replaced all + fputc with a call to this function. + +Sat Jun 26 12:15:59 CEST 1999 Werner Koch + + * rndegd.c (do_write): s/ssize_t/int/ due to SunOS 4.1 probs. + + * cipher.c (do_cbc_encrypt, do_cbc_decrypt): New. + + * dynload.c (HAVE_DL_SHL_LOAD): Map hpux API to dlopen (Dave Dykstra). + * Makefile.am (install-exec-hook): Removed. + +Sun May 23 14:20:22 CEST 1999 Werner Koch + + * cipher.c (setup_cipher_table): Enable Twofish + + * random.c (fast_random_poll): Disable use of times() for mingw32. + +Mon May 17 21:54:43 CEST 1999 Werner Koch + + * dynload.c (register_internal_cipher_extension): Minor init fix. + +Tue May 4 15:47:53 CEST 1999 Werner Koch + + * primegen.c (gen_prime): Readded the Fermat test. Fixed the bug + that we didn't correct for step when passing the prime to the + Rabin-Miller test which led to bad performance (Stefan Keller). + (check_prime): Add a first Fermat test. + +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * cipher.c (cipher_setiv): Add ivlen arg, changed all callers. + + * random.c (randomize_buffer): alway use secure memory because + we can't use m_is_secure() on a statically allocated buffer. + + * twofish.c: Replaced some macros by a loop to reduce text size. + * Makefile.am (twofish): No more need for sed editing. + +Fri Apr 9 12:26:25 CEST 1999 Werner Koch + + * cipher.c (cipher_open): Reversed the changes for AUTO_CFB. + + * blowfish.c: Dropped the Blowfish 160 mode. + * cipher.c (cipher_open): Ditto. + (setup_cipher_table): Ditto. And removed support of twofish128 + +Wed Apr 7 20:51:39 CEST 1999 Werner Koch + + * random.c (get_random_bits): Can now handle requests > POOLSIZE + + * cipher.c (cipher_open): Now uses standard CFB for automode if + the blocksize is gt 8 (according to rfc2440). + + * twofish.c: Applied Matthew Skala's patches for 256 bit key. + +Tue Apr 6 19:58:12 CEST 1999 Werner Koch + + * random.c (get_random_bits): Can now handle requests > POOLSIZE + + * cipher.c (cipher_open): Now uses standard CFB for automode if + the blocksize is gt 8 (according to rfc2440). + +Sat Mar 20 11:44:21 CET 1999 Werner Koch + + * rndlinux.c (tty_printf) [IS_MODULE]: Removed. + + * rndegd.c (gather_random): Some fixes. + +Wed Mar 17 13:09:03 CET 1999 Werner Koch + + * rndegd.c (do_read): New. + (gather_random): Changed the implementation. + +Mon Mar 8 20:47:17 CET 1999 Werner Koch + + * dynload.c (DLSYM_NEEDS_UNDERSCORE): Renamed. + +Fri Feb 26 17:55:41 CET 1999 Werner Koch + + * md.c: Nearly a total rewrote. + +Wed Feb 24 11:07:27 CET 1999 Werner Koch + + * cipher.c (context): Fixed alignment + * md.c: Ditto. + + * rndegd.c: New + +Mon Feb 22 20:04:00 CET 1999 Werner Koch + + * rndegd.c: New. + +Wed Feb 10 17:15:39 CET 1999 Werner Koch + + * Makefile.am: Modules are now figured out by configure + * construct.c: New. Generated by configure. Changed all modules + to work with that. + * sha1.h: Removed. + * md5.h: Removed. + + * twofish.c: Changed interface to allow Twofish/256 + + * rndunix.c (start_gatherer): Die on SIGPIPE. + +Wed Jan 20 18:59:49 CET 1999 Werner Koch + + * rndunix.c (gather_random): Fix to avoid infinite loop. + +Sun Jan 17 11:04:33 CET 1999 Werner Koch + + * des.c (is_weak_key): Replace system memcmp due to bugs + in SunOS's memcmp. + (des_get_info): Return error on failed selftest. + * twofish.c (twofish_setkey): Return error on failed selftest or + invalid keylength. + * cast5.c (cast_setkey): Ditto. + * blowfish.c (bf_setkey): Return error on failed selftest. + +Tue Jan 12 11:17:18 CET 1999 Werner Koch + + * random.c (random_is_faked): New. + + * tiger.c: Only compile if we have the u64 type + +Sat Jan 9 16:02:23 CET 1999 Werner Koch + + * rndunix.c (gather_random): check for setuid. + + * Makefile.am: Add a way to staically link random modules + +Thu Jan 7 18:00:58 CET 1999 Werner Koch + + * md.c (md_stop_debug): Do a flush first. + (md_open): size of buffer now depends on the secure parameter + +Sun Jan 3 15:28:44 CET 1999 Werner Koch + + * rndunix.c (start_gatherer): Fixed stupid ==/= bug + +1998-12-31 Geoff Keating + + * des.c (is_weak_key): Rewrite loop end condition. + +Tue Dec 29 14:41:47 CET 1998 Werner Koch + + * random.c: add unistd.h for getpid(). + (RAND_MAX): Fallback value for Sun. + +Wed Dec 23 17:12:24 CET 1998 Werner Koch + + * md.c (md_copy): Reset debug. + +Mon Dec 14 21:18:49 CET 1998 Werner Koch + + * random.c (read_random_source): Changed the interface to the + random gathering function. + (gather_faked): Use new interface. + * dynload.c (dynload_getfnc_fast_random_poll): Ditto. + (dynload_getfnc_gather_random): Ditto. + * rndlinux.c (gather_random): Ditto. + * rndunix.c (gather_random): Ditto. + +Sat Dec 12 18:40:32 CET 1998 Werner Koch + + * dynload.c (SYMBOL_VERSION): New to cope with system which needs + underscores. + + * rndunix.c: Rewrote large parts + +Thu Dec 10 20:15:36 CET 1998 Werner Koch + + * dynload.c (load_extension): increased needed verbosity level. + + * random.c (fast_random_poll): Fallback to a default fast random + poll function. + (read_random_source): Always use the faked entroy gatherer if no + gather module is available. + * rndlinux.c (fast_poll): Removed. + * rndunix.c (fast_poll): Removed. + + +Wed Nov 25 12:33:41 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rand-*.c: Removed. + * rndlinux.c : New. + * rndunix.c : New. + * random.c : Restructured the interface to the gather modules. + (intialize): Call constructor functions + (read_radnom_source): Moved to here. + * dynload.c (dynload_getfnc_gather_random): New. + (dynload_getfnc_fast_random_poll): New. + (register_internal_cipher_extension): New. + (register_cipher_extension): Support of internal modules. + +Sun Nov 8 17:44:36 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rand-unix.c (read_random_source): Removed the assert. + +Mon Oct 19 18:34:30 1998 me,,, (wk@tobold) + + * pubkey.c: Hack to allow us to give some info about RSA keys back. + +Thu Oct 15 11:47:57 1998 Werner Koch (wk@isil.d.shuttle.de) + + * dynload.c: Support for DLD + +Wed Oct 14 12:13:07 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rand-unix.c: Now uses names from configure for /dev/random. + +1998-10-10 SL Baur + + * Makefile.am: fix sed -O substitutions to catch -O6, etc. + +Tue Oct 6 10:06:32 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rand-unix.c (HAVE_GETTIMEOFDAY): Fixed (was ..GETTIMEOFTIME :-) + * rand-dummy.c (HAVE_GETTIMEOFDAY): Ditto. + +Mon Sep 28 13:23:09 1998 Werner Koch (wk@isil.d.shuttle.de) + + * md.c (md_digest): New. + (md_reset): New. + +Wed Sep 23 12:27:02 1998 Werner Koch (wk@isil.d.shuttle.de) + + * tiger.c (TIGER_CONTEXT): moved "buf", so that it is 64 bit aligned. + +Mon Sep 21 06:22:53 1998 Werner Koch (wk@(none)) + + * des.c: Some patches from Michael. + +Thu Sep 17 19:00:06 1998 Werner Koch (wk@(none)) + + * des.c : New file from Michael Roth + +Mon Sep 14 11:10:55 1998 Werner Koch (wk@(none)) + + * blowfish.c (bf_setkey): Niklas Hernaeus patch to detect weak keys. + +Mon Sep 14 09:19:25 1998 Werner Koch (wk@(none)) + + * dynload.c (RTLD_NOW): Now defined to 1 if it is undefined. + +Mon Sep 7 17:04:33 1998 Werner Koch (wk@(none)) + + * Makefile.am: Fixes to allow a different build directory + +Thu Aug 6 17:25:38 1998 Werner Koch,mobil,,, (wk@tobold) + + * random.c (get_random_byte): Removed and changed all callers + to use get_random_bits() + +Mon Jul 27 10:30:22 1998 Werner Koch (wk@(none)) + + * cipher.c : Support for other blocksizes + (cipher_get_blocksize): New. + * twofish.c: New. + * Makefile.am: Add twofish module. + +Mon Jul 13 21:30:52 1998 Werner Koch (wk@isil.d.shuttle.de) + + * random.c (read_pool): Simple alloc if secure_alloc is not set. + (get_random_bits): Ditto. + +Thu Jul 9 13:01:14 1998 Werner Koch (wk@isil.d.shuttle.de) + + * dynload.c (load_extension): Function now nbails out if + the program is run setuid. + +Wed Jul 8 18:58:23 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rmd160.c (rmd160_hash_buffer): New. + +Thu Jul 2 10:50:30 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.c (cipher_open): algos >=100 use standard CFB + +Thu Jun 25 11:18:25 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am: Support for extensions + +Thu Jun 18 12:09:38 1998 Werner Koch (wk@isil.d.shuttle.de) + + * random.c (mix_pool): simpler handling for level 0 + +Mon Jun 15 14:40:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * tiger.c: Removed from dist, will reappear as dynload module + +Sat Jun 13 14:16:57 1998 Werner Koch (wk@isil.d.shuttle.de) + + * pubkey.c: Major changes to allow extensions. Changed the inteface + of all public key ciphers and added the ability to load extensions + on demand. + + * misc.c: Removed. + +Wed Jun 10 07:52:08 1998 Werner Koch,mobil,,, (wk@tobold) + + * dynload.c: New. + * cipher.c: Major changes to allow extensions. + +Mon Jun 8 22:43:00 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.c: Major internal chnages to support extensions. + * blowfish.c (blowfish_get_info): New and made all internal + functions static, changed heder. + * cast5.c (cast5_get_info): Likewise. + +Mon Jun 8 12:27:52 1998 Werner Koch (wk@isil.d.shuttle.de) + + * tiger.c (transform): Fix for big endian + + * cipher.c (do_cfb_decrypt): Big endian fix. + +Fri May 22 07:30:39 1998 Werner Koch (wk@isil.d.shuttle.de) + + * md.c (md_get_oid): Add a new one for TIGER. + +Thu May 21 13:24:52 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.c: Add support for a dummy cipher + +Thu May 14 15:40:36 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rmd160.c (transform): fixed sigbus - I should better + add Christian von Roques's new implemenation of rmd160_write. + +Fri May 8 18:07:44 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rand-internal.h, rand-unix.c, rand-w32.c, rand_dummy.c: New + * random.c: Moved system specific functions to rand-****.c + +Fri May 8 14:01:17 1998 Werner Koch (wk@isil.d.shuttle.de) + + * random.c (fast_random_poll): add call to gethrtime. + +Tue May 5 21:28:55 1998 Werner Koch (wk@isil.d.shuttle.de) + + * elgamal.c (elg_generate): choosing x was not correct, could + yield 6 bytes which are not from the random pool, tsss, tsss.. + +Tue May 5 14:09:06 1998 Werner Koch (wk@isil.d.shuttle.de) + + * primegen.c (generate_elg_prime): Add arg mode, changed all + callers and implemented mode 1. + +Mon Apr 27 14:41:58 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.c (cipher_get_keylen): New. + +Sun Apr 26 14:44:52 1998 Werner Koch (wk@isil.d.shuttle.de) + + * tiger.c, tiger.h: New. + +Wed Apr 8 14:57:11 1998 Werner Koch (wk@isil.d.shuttle.de) + + * misc.c (check_pubkey_algo2): New. + +Tue Apr 7 18:46:49 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.c: New + * misc.c (check_cipher_algo): Moved to cipher.c + * cast5.c: Moved many functions to cipher.c + * blowfish.c: Likewise. + +Sat Apr 4 19:52:08 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cast5.c: Implemented and tested. + +Wed Apr 1 16:38:27 1998 Werner Koch (wk@isil.d.shuttle.de) + + * elgamal.c (elg_generate): Faster generation of x in some cases. + +Thu Mar 19 13:54:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * blowfish.c (blowfish_decode_cfb): changed XOR operation + (blowfish_encode_cfb): Ditto. + +Thu Mar 12 14:04:05 1998 Werner Koch (wk@isil.d.shuttle.de) + + * sha1.c (transform): Rewrote + + * blowfish.c (encrypt): Unrolled for rounds == 16 + (decrypt): Ditto. + +Tue Mar 10 16:32:08 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rmd160.c (transform): Unrolled the loop. + +Tue Mar 10 13:05:14 1998 Werner Koch (wk@isil.d.shuttle.de) + + * random.c (read_pool): Add pool_balance stuff. + (get_random_bits): New. + + * elgamal.c (elg_generate): Now uses get_random_bits to generate x. + + +Tue Mar 10 11:33:51 1998 Werner Koch (wk@isil.d.shuttle.de) + + * md.c (md_digest_length): New. + +Tue Mar 10 11:27:41 1998 Werner Koch (wk@isil.d.shuttle.de) + + * dsa.c (dsa_verify): Works. + +Mon Mar 9 12:59:08 1998 Werner Koch (wk@isil.d.shuttle.de) + + * dsa.c, dsa.h: Removed some unused code. + +Wed Mar 4 10:39:22 1998 Werner Koch (wk@isil.d.shuttle.de) + + * md.c (md_open): Add call to fast_random_poll. + blowfish.c (blowfish_setkey): Ditto. + +Tue Mar 3 13:32:54 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rmd160.c (rmd160_mixblock): New. + * random.c: Restructured to start with a new RNG implementation. + * random.h: New. + +Mon Mar 2 19:21:46 1998 Werner Koch (wk@isil.d.shuttle.de) + + * gost.c, gost.h: Removed because they did only conatin trash. + +Sun Mar 1 16:42:29 1998 Werner Koch (wk@isil.d.shuttle.de) + + * random.c (fill_buffer): removed error message if n == -1. + +Fri Feb 27 16:39:34 1998 Werner Koch (wk@isil.d.shuttle.de) + + * md.c (md_enable): No init if called twice. + +Thu Feb 26 07:57:02 1998 Werner Koch (wk@isil.d.shuttle.de) + + * primegen.c (generate_elg_prime): Changed the progress printing. + (gen_prime): Ditto. + +Tue Feb 24 12:28:42 1998 Werner Koch (wk@isil.d.shuttle.de) + + * md5.c, md.5 : Replaced by a modified version of md5.c from + GNU textutils 1.22. + +Wed Feb 18 14:08:30 1998 Werner Koch (wk@isil.d.shuttle.de) + + * md.c, md.h : New debugging support + +Mon Feb 16 10:08:47 1998 Werner Koch (wk@isil.d.shuttle.de) + + * misc.c (cipher_algo_to_string): New + (pubkey_algo_to_string): New. + (digest_algo_to_string): New. + + + + Copyright 1998, 1999, 2000, 2001, 2002, 2003, + 2004, 2005 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/doc/ChangeLog b/doc/ChangeLog deleted file mode 100644 index 8444c271f..000000000 --- a/doc/ChangeLog +++ /dev/null @@ -1,1180 +0,0 @@ -2011-02-23 Werner Koch - - * gpg-zip.1: Update by taking a built copy from master. - -2010-10-05 Werner Koch - - * FAQ: Make it a static file with a pointer to the online location. - * Makefile.am (EXTRA_DIST): Remove faq.raw and faq.html. - (FAQ, faq.html): Remove these targets - -2010-02-11 Werner Koch - - * faq.raw: Fixed the bug reporting address. - -2010-01-29 Werner Koch - - * gnupg1.texi: Fix dir entry. Fixes bug#1183. - -2009-09-02 Werner Koch - - * gpgv.texi, gpg.texi: Update from GnuPG-2. - -2009-08-18 Werner Koch - - * Makefile.am (sources_from_trunk): New. - (update-source-from-gnupg-2): New. Run it. Fixes bug#917 - -2009-08-13 Werner Koch - - * gpgv.texi, gpg.texi: Update from GnuPG-2. - -2008-04-30 David Shaw - - * gpg-zip.1: Add man page thanks to Colin Tuckley and Daniel - Leidert. - -2008-04-02 Werner Koch - - * opt-homedir.texi: Remove special case for Registry key. - - * yat2m.c (proc_texi_cmd): Use the \(aq glyph for @samp. This is - bug#898. - (proc_texi_buffer): Handle backslashs correctly. - -2007-12-21 Werner Koch - - * README.W32: Tell that Vista is supported and that at least NT-4 - is required. It might still work on older systems, but I don't - know for sure. - -2007-12-12 Werner Koch - - * gpg.texi, specify-user-id.texi: Update from gnupg-2. - * yat2m.c: Update from gnupg-2. - -2007-10-27 David Shaw - - * gpg.texi: Update from gnupg-2. - -2007-10-23 Werner Koch - - * gpg.texi: Updated from gnupg-2. - - * gpl.texi: Replace by GPLv3 version. - - * Makefile.am: Use standard suffix rules. - -2006-12-04 Werner Koch - - * yat2m.c: New. - * Makefile.am: New rules to build yatm and the man pages. - -2006-06-22 David Shaw - - * gpg.sgml: Document --enable-dsa2, --disable-dsa2, and - --default-keyserver-url. - - * DETAILS: Note "Keyserver:" - - * gpg.sgml: Note that --pgp8 does not include SHA224. Clarify - that clearsigned messages are not reversible. - -2006-05-23 David Shaw - - * mksamplekeys: Incorporate new package signature key and minimize - keys when generating samplekeys.asc. - -2006-05-17 Werner Koch - - * samplekeys.asc: Added new package signature key and cleaned all - keys to save space. - -2006-04-18 David Shaw - - * gpg.sgml: Reminders that --cipher-algo, --digest-algo, and - --compress-algo should be avoided. - -2006-04-11 Michael Roth (wk) - - * gpg.sgml (passphrase-fd): Explain that only the first line is used. - -2006-04-09 David Shaw - - * gpg.sgml: Some typo fixes. This is Debian 361324. - -2006-03-11 David Shaw - - * samplekeys.asc: Update 99242560 to have a signing subkey - backsig. - -2006-03-09 David Shaw - - * gpg.sgml: Clarify new notation delete feature. - -2006-03-08 David Shaw - - * gpg.sgml: Document "notation". - -2006-03-07 David Shaw - - * gpg.sgml: Rename backsigs to cross-certification (backsigs is - just shorthand). Document max-cert-size. - - * gpg.sgml: Document new way of enabling the PKA functions. Some - minor other cleanups. - -2006-03-06 David Shaw - - * gpg.sgml: Document --auto-key-locate. - -2006-02-24 David Shaw - - * gpg.sgml: Document new --keyserver syntax. - -2005-12-20 Werner Koch - - * gpg.sgml (trust-model): Document "auto" and the "pka" variants. - (keyserver-options): Document "auto-pka-retrieve". - (allow-pka-lookup): Document. - -2005-12-08 David Shaw - - * gpg.sgml: Document --fetch-keys. - -2005-12-07 David Shaw - - * gpg.sgml: Document -d. Add [file] to a few options. - -2005-11-17 David Shaw - - * gpg.sgml: Clarify "xxxxx-clean" and "clean". Document - "xxxxx-minimal", and "minimize". - -2005-11-02 David Shaw - - * gpg.sgml: Clarify what is and isn't included in a "clean sigs". - -2005-10-27 David Shaw - - * gpg.sgml: Document backsign, --require-backsigs, and - --no-require-backsigs. - - * DETAILS: Clarify Key-Usage. - -2005-10-07 Werner Koch - - * gpgv.sgml: Small spelling corrections by Mike Dowling. - -2005-09-21 David Shaw - - * gpg.sgml: Note that --display-charset is just for display and - doesn't recode data. Note that --search-keys can use the standard - search syntax now (<, =, *, @). Document the @-address mode. - -2005-08-23 David Shaw - - * gpg.sgml: Fix documentation for setpref/updpref, document - import-clean, --status-file, --logger-file, --attribute-file, - --passphrase-file, --passphrase, and --command-file. Comment out - the "+word match" selection syntax since it isn't supported. - -2005-07-22 Werner Koch - - * gpg.sgml: Removed entry for --no-interactive-selection. - -2005-07-19 Werner Koch - - * gpg.sgml: Document --limit-card-insert-tries. - -2005-07-18 David Shaw - - * samplekeys.asc: Update 99242560. - - * gpg.sgml: Clarify --throw-keyid and --hidden-recipient a bit. - -2005-06-20 David Shaw - - * gpg.sgml: Document --edit-key/clean, import-clean, and - export-clean. - -2005-06-20 Werner Koch - - * gpg.sgml: Document smartcard related options. - -2005-06-06 Werner Koch - - * DETAILS: New subcode 5 for CARDCTRL. - -2005-05-13 David Shaw - - * gpg.sgml: Document --default-sig-expire and - --default-cert-expire, remove --sk-comments and --no-sk-comments, - and clarify the form of a non-IETF notation for --sig-notation and - --cert-notation. - -2005-05-05 David Shaw - - * gpg.sgml: Clarify --min-cert-level a bit. - -2005-03-14 Werner Koch - - * gnupg-w32.reg: Removed. - -2005-03-07 Werner Koch - - * gpg.sgml (comment): Add note to keep the comment short. - - * DETAILS: Document new status codes. - -2005-02-15 Werner Koch - - * faq.raw: Add htmlcharset header line as suggested by Maxim - Britov. s/ElGamal/Elgamal/. Replaced reference to NAI by PGP - Corp. - - * gpg.ru.sgml: Updated from upstream. Added a closing PARA. - - * gpg.sgml: Add bkuptocard command for --edit-key. - -2005-02-05 David Shaw - - * gpg.sgml: Note that level 0 signatures are always accepted - regardless of --min-cert-level. - -2005-02-03 Werner Koch - - * README.W32: Updated to match the switch to the NSIS installer. - -2005-01-27 Werner Koch - - * faq.raw: Updated to the version from 1.2.7. - -2005-01-18 Werner Koch - - * gnupg-w32.reg: Remove the entry for the home directory. - -2004-12-16 Werner Koch - - * TRANSLATE: Add a note on how to send translations. - -2004-12-16 David Shaw - - * gpg.sgml: Document --require-secmem/--no-require-secmem. Note - that the sign flags (l, t, nr) can be mixed. Remove --nrsign-key. - -2004-12-12 Werner Koch - - * samplekeys.asc, mksamplekeys (keys): Removed my old 621CC013 key - which expires at the end of this year. Add g10 Code's source code - signing key 37D92FFB. - -2004-12-09 David Shaw - - * highlights-1.4.txt: New. - - * mksamplekeys, samplekeys.asc: Add the PGP global directory key. - -2004-11-26 David Shaw - - * gpg.sgml: Document export-minimal. - -2004-10-28 David Shaw - - * DETAILS: Document SIG_SUBPACKET status tag. - -2004-10-28 Werner Koch - - * Makefile.am (EXTRA_DIST): Add gpg.ru.1. - -2004-10-18 David Shaw - - * gpg.sgml: Minor language tweaks. - - * samplekeys.asc: Updated 99242560. - - * DETAILS: spk flags are hex. - -2004-10-15 Werner Koch - - * DETAILS: Document IMPORT_CHECK. - -2004-10-14 David Shaw - - * gpg.sgml: Document using "none" to remove preferred keyservers, - the keyserver timeout parameter, and the direct trust model. - -2004-09-23 Werner Koch - - * gpg.sgml: Document "addcardkey" and "keytocard". - -2004-09-20 Werner Koch - - * gpg.sgml: Document -K. - -2004-09-16 David Shaw - - * DETAILS: Document the 'spk' signature subpacket record. Add - more detail on "tru" records. - - * gpg.sgml: Note that PGP scales photo IDs to fit in the dialog - box. Document show-sig-subpackets. Document the '%c' signature - counter expando. - -2004-09-15 Werner Koch - - * gpg.sgml: Document "--debug-ccid-driver". - -2004-09-14 David Shaw - - * gpg.sgml: Note that --throw-keyid is --throw-keyids. Note - changes in --pgp8. Rephrase the "don't play algorithm games" - warning now that PGP has blowfish, zlib, and bzip2. - -2004-08-07 David Shaw - - * gpg.sgml: Remove show-long-keyids since it is replaced by - --keyid-format. Rename show-validity as - show-uid-validity. --ask-cert-level defaults to no. - -2004-06-28 David Shaw - - * DETAILS: Document PLAINTEXT and PLAINTEXT_LENGTH. - - * gpg.sgml: Clarify that --min-cert-level disregards level 1 certs - by default. Clarify include-revoked a bit to note that keyservers - might not be accurate. Note that --charset is --display-charset. - Some language tweaks for --simple-sk-checksum (Debian 251795). - Note the PGP silliness with preferred keyserver subpackets causing - PGP/MIME. - -2004-05-21 David Shaw - - * gpg.sgml: Document --edit-key "keyserver" command, - --keyid-format, --keyserver-option honor-keyserver-url, and --list - and --verify option show-std/user-notations. - -2004-05-19 David Shaw - - * gpg.sgml: Clarify that --charset applies to informational - strings and does not recode messages themselves. Remove - include-non-rfc export-option. - -2004-05-08 David Shaw - - * DETAILS, credits-1.0, credits-1.2: ElGamal -> Elgamal. - - * gpg.sgml: Document --no-use-embedded-filename and - --min-cert-level. - - * gpgv.sgml: Removed leftover . - -2004-05-03 Werner Koch - - * gpgv.sgml: Removed reference to non-available option - --no-default-keyring. - -2004-04-09 David Shaw - - * gpg.sgml: Document delsig. Clarify that --refresh-keys - arguments are optional. Document --bzip2-decompress-lowmem. - -2004-04-05 Werner Koch - - * DETAILS (NEWSIG): Documented. - -2004-02-25 David Shaw - - * gpg.sgml: Document --ask-cert-level, --max-output, and - --default-cert-level. - - * gpg.sgml: Document keyserver-option http-proxy, import-option - merge-only, remove old honor-http-proxy, --merge-only, and - --emulate-md-encode-bug. Document COLUMNS and LINES. - -2004-02-12 David Shaw - - * gnupg.7: Clarify that 'gpgv' doesn't encrypt, and that's not a - bug. - - * samplekeys.asc: Update 99242560. - - * gpg.sgml: Clarify -u/--local-user and --default-key. Note what - happens if you run 'gpg' without any commands. Document - --multifile. Document list-option show-unusable-subkeys. - -2004-01-30 David Shaw - - * DETAILS: Details for --list-config. - - * gpg.sgml: Document --ungroup and --list-config. - -2004-01-07 David Shaw - - * gpg.sgml: Fix a few minor typos. Clarify what --textmode is - useful for. - - * gpg.sgml: List proper documentation URL. Note that addrevoker - takes an optional "sensitive" argument. Remind that $GNUPGHOME - can be used instead of --homedir. Clarify --no-default-keyring, - and note why it may not take effect if there are no other keyrings - present. Remove --pgp2 from the list of --pgpXes that are just - for bad preference lists. Explain more why locking memory pages - is good. - - * gpg.sgml: Add an example of what an exclamation mark is, as - people seem to miss it often. - -2003-12-08 David Shaw - - * gpg.sgml: Fix a few missing semicolons in & entities. Noted by - Christian Biere. Some minor grammar fixes. Remove the "host -l - pgp.net | grep wwwkeys" advice since the nameserver no longer all - allow zone transfers. Replace it with a mention of - hkp://subkeys.pgp.net. Note that BZIP2 defaults to compression - level 6. - -2003-10-31 Werner Koch - - * DETAILS: Add a note about the date format for X.509. - -2003-11-21 David Shaw - - * gpg.sgml: Note the new combinations with --symmetric and - --encrypt. Document --bzip2-compress-level, and - --bzip2-compress-lowmem. Clarify the plurarility (or not) of - various list and verify options. Document BZIP2 in the - --compress-algo section. Warn about compatibility issues with - ZLIB and BZIP2. - -2003-11-20 David Shaw - - * gpg.sgml: Document --compress-level. Some minor tweaks to other - entries. - - * TRANSLATE: New, note to translators about the yes|yes multiple - match syntax. - - * Makefile.am: Include TRANSLATE in distributed files. - -2003-10-28 Werner Koch - - * DETAILS: Add the 'a' value for field 12 and the new field 15. - -2003-10-01 David Shaw - - * samplekeys.asc: Update 99242560. - - * gpg.sgml: Document --no-groups. - -2003-09-30 David Shaw - - * gpg.sgml: Note web bug like behavior of auto-key-retrieve. Note - that big photos mean big keys. Document --rfc2440. Document - verify-option show-unusable-uids. - - * gpg.sgml: Clarify --mangle-dos-filenames, document list-option - show-unusable-uids, remove --no-comment (which is now - --no-sk-comments), add --no-comments (to remove --comment), remove - --default-comment, and document --sig-keyserver-url. - -2003-09-01 David Shaw - - * DETAILS: Note fingerprint of signing key in sig records. - -2003-08-31 David Shaw - - * gpg.sgml: Use "keyserver-url" instead of "preferred-keyserver" - for the sake of short and simple commands. - -2003-08-29 David Shaw - - * gpg.sgml: Document list-options (show-preferred-keyserver, - show-validity, show-long-keyid, and show-sig-expire), and - verify-options (show-preferred-keyserver, show-validity, - show-long-keyid). - -2003-08-28 David Shaw - - * samplekeys.asc: Updated. - - * DETAILS: Document "tru" trust record. Document REVKEYSIG status - tag. Removed paragraph on gdbm usage. Note that pipemode is - deprecated. - -2003-08-25 David Shaw - - * gpg.sgml: Document --list-options (show-photos, show-policy-url, - show-notation, show-keyring) and --verify-options (show-photos, - show-policy-url, show-notation). Deprecate --show-photos, - --show-policy-url, --show-notation, and --show-keyring. - -2003-07-10 David Shaw - - * DETAILS: Document the --attribute-fd data. - - * gpg.sgml: Document --set-notation. Explain why it is not - possible to disable permission warnings in the gpg.conf file about - the homedir. Add pointer in --ignore-time-conflict to see - --ignore-valid from, and vice versa. Warning not to try and parse - --list-keys in scripts. Document the signature flags - (1-3/L/R/P/N/X/T), Document expandos %g and %p. Note the default - --personal-digest-preferences are SHA-1. - -2003-05-26 David Shaw - - * gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable - branch) - - * gnupg-w32.reg: Use HLM for the program and make sure the entries - are created. Suggested by danielc@analysisandsolutions.com. (From - wk on stable branch) - -2003-05-24 David Shaw - - * gpg.sgml: Document --trustdb-name. Document --gnupg in a new - compliance section, and remove the various --no-PGPX - options. Deprecate --no-comment in favor of --no-sk-comments. - -2003-05-04 David Shaw - - * gpg.sgml: Some general language tweaks. Note default algo for - --symmetric. --export-ownertrust takes no args. Document - --no-escape-from-lines. Fix escaped "From". Make - "openpgp" trust model into "pgp". - -2003-04-27 David Shaw - - * DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig - class, and a reserved field for flags in a future version. - - * gpg.sgml: Document --no-textmode and --no-use-agent. Clarify - the interoperability section. Clarify that "hkp corruption" - (repair-hkp-subkey-bug) is really "pks corruption" - (repair-pks-subkey-bug). - -2003-04-15 Werner Koch - - * gpg.sgml: Document --enable-progress-filter. - -2003-04-07 David Shaw - - * DETAILS: Don't specify which hash is used to make up the - namehash since it may change in the future. - - * samplekeys.asc: Updated. - - * gpg.sgml: Document "revuid". Clarify that --openpgp resets - --pgpX. Some cleanup of --no-xxx options, make sure that all SGML - tags are closed, clarify --pgp8 allows SHA-256, and document - --no-emit-version. - - * Makefile.am: Allow CVS version to build without faqprog.pl. - -2003-04-01 Werner Koch - - * DETAILS (VALIDSIG): Add primary keys fingerprint. - -2003-01-27 David Shaw - - * DETAILS: Document trust depth, value, and regexp. - -2003-01-14 David Shaw - - * gpg.sgml: Minor language tweaks, spell check, copyright date, - etc. - - * DETAILS: Note that user IDs/UATs fill in creation and expiration - date. Document namehash. - -2003-01-06 David Shaw - - * DETAILS: Document disabled flag in capabilities field. - -2002-12-27 David Shaw - - * gpg.sgml: Clarify --no-permission-warning to note that the - permission warnings are not intended to be the be-all and end-all - in security checks. Add note to --group that when used on the - command line, it may be necessary to quote the argument so it is - not treated as multiple arguments. Noted by Stefan Bellon. - -2002-12-23 Werner Koch - - * samplekeys.asc: Updated. - -2002-12-10 David Shaw - - * gpg.sgml: Clarify include-revoked and include-disabled so they - match what the program actually does. Noted by Dick Gevers. - - * gpg.sgml: Document %-expandos for policy URLs and notations. - - * gpg.sgml: Document --pgp8. Clarify that --pgp6 and --pgp7 - disable --throw-keyid. - -2002-12-05 Werner Koch - - * gpg.sgml: Document --no-mangle-dos-filenames. - -2002-12-01 David Shaw - - * gpg.sgml: Point out that if the user absolutely must, it's - better to use --pgpX than forcing an algorithm manually. Better - still not to use anything, of course. - -2002-11-25 David Shaw - - * gpg.sgml: Document --primary-keyring. Clarify - --s2k-cipher-algo, --s2k-digest-algo, - --personal-cipher-preferences, --personal-digest-preferences, and - --personal-compress-preferences. - - * gpg.sgml: Document --sig-policy-url, --cert-policy-url, - --sig-notation, --cert-notation. Clarify --show-notation and - --show-policy-url that policy URLs and notations can be used in - data signatures as well. Add note about '@' being a required - character in notation names. - -2002-11-21 David Shaw - - * gpg.sgml: Add an interoperability section. - -2002-11-17 David Shaw - - * gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode. - Noted by Haakon Riiser. - -2002-11-14 David Shaw - - * gpg.sgml: --compress-algo now allows algorithm names. - -2002-11-13 David Shaw - - * gpg.sgml: Document --trust-model. - -2002-11-04 David Shaw - - * KEYSERVER: New. Documents the --with-colons format for - keyserver listings. - - * DETAILS: Clarify meaning of 'u'. Noted by Timo. - -2002-11-03 David Shaw - - * gpg.sgml: Document "tsign", clarify "setpref", clarify - --recipient, document --hidden-recipient, document - --hidden-encrypt-to, clarify --no-encrypt-to, clarify - --throw-keyid, document --no-throw-keyid. - -2002-10-25 Werner Koch - - * README.W32: Add blurb on how to create a ZIP file, changed - requirement for mingw32 to 0.3.2. - -2002-10-24 David Shaw - - * gpg.sgml: Document --refresh-keys. - -2002-10-19 David Shaw - - * gpg.sgml: Clarify --force-mdc, and document --disable-mdc. - -2002-10-12 Werner Koch - - * DETAILS (KEY_CREATED): Enhanced by fingerprint. - -2002-10-03 David Shaw - - * gpg.sgml: Note that '#' means secret-key-unavailable, and that - keyserver schemes are case-insensitive. - -2002-09-30 David Shaw - - * gpg.sgml: Note that --pgp2 disables --textmode when encrypting. - -2002-09-20 David Shaw - - * gpg.sgml: Some minor language cleanup. - -2002-09-20 Werner Koch - - * DETAILS: s/XORed/ORed/. - -2002-09-15 Werner Koch - - * gpg.sgml: Add rebuild-keydb-caches. - -2002-09-12 David Shaw - - * DETAILS: Fix batch key generation example. - -2002-09-11 Werner Koch - - * Makefile.am (EXTRA_DIST): Include gnupg-32.reg - -2002-09-02 Werner Koch - - * gpg.sgml: Updated the charset option. - - * DETAILS: Added status IMPORT_OK. - - * gnupg.7: New mini man page. - -2002-08-30 David Shaw - - * gpg.sgml: Document keyserver-option include-subkeys. Note that - honor-http-proxy is a keyserver-option now. - - * DETAILS: Add "Key not trusted" to INV_RECP status code. - -2002-08-23 Werner Koch - - * faq.raw: Updated. New Maintainer is David D. Scribner. - -2002-08-22 David Shaw - - * gpg.sgml: Clarify meaning of keyserver option include-revoked. - -2002-08-21 Werner Koch - - * DETAILS: Added IMPORT_PROBLEM. - -2002-08-20 David Shaw - - * DETAILS: Clarify that trust letters 'q' and '-' can be treated - identically. - - * gpg.sgml: Document --ignore-mdc-error. - -2002-08-06 David Shaw - - * gpg.sgml: Clarify that only long-form options can go in the - config file. - -2002-08-06 Werner Koch - - * gpg.sgml: Fixed doc regarding the name change of the option - file. - -2002-07-30 David Shaw - - * gpg.sgml: Clarify --edit/addrevoker (sensitive), and - --keyserver-options (--import/export-options may be used as well). - Document --import-options and --export-options with their various - options. --show-photos now works during signature verification as - well. Document --exec-path. Note in --simple-sk-checksum that - the passphrase must be changed for this to take effect. Note that - --pgp7 does not disable MDC. Document --no-mdc-warning. - -2002-07-25 Werner Koch - - * gpg.sgml: Document new --delete behaviour. - -2002-07-25 David Shaw - - * gpg.sgml: Clarify the differences between "pref" and "showpref". - Note in "setpref" that a list of available algorithms can be - printed with "gpg -v --version". Note in "updpref" that we don't - select keys via attribute uids, so preferences there will be - ignored. - -2002-07-01 David Shaw - - * gpg.sgml: Clarify "group". - -2002-07-01 Werner Koch - - * Makefile.am: Due to problems with VPATH builds we don't try to - build the texi vesions of the manual pages anymore automatically. - -2002-06-30 Werner Koch - - * README.W32: Adjusted some descriptions. Fixed the regsitry - entry descriptions. - -2002-06-21 David Shaw - - * DETAILS: Document "uat". - - * gpg.sgml: Document - --personal-{compress|digest|compress}-preferences, --group, and - add comments to --expert. - -2002-06-17 Werner Koch - - * gpg.sgml: Grammar fix. - -2002-06-03 David Shaw - - * DETAILS: Details of ATTRIBUTE. - - * gpg.sgml: Document --attribute-fd - -2002-06-03 Timo Schulz - - * DETAILS: Add ATTRIBUTE. - -2002-05-31 David Shaw - - * gpg.sgml: Add "edit/addrevoker". Document --desig-revoke. Note - that -z and --compress are the same option. Note that - --digest-algo can no longer violate OpenPGP with a non-160 bit - hash with DSA. Document --cert-digest-algo with suitable warnings - not to use it. Note the default s2k-cipher-algo is now CAST5. - Note that --force-v3-sigs overrides --ask-sig-expire. Revise - --expert documentation, as it is now definitely legal to have more - than one photo ID on a key. --preference-list is now - --default-preference-list with the new meaning. Document - --personal-preference-list. - - * DETAILS: Document "Revoker" for batch key generation. - -2002-05-22 Werner Koch - - * gpg.sgml: sgml syntax fix. - -2002-05-12 Werner Koch - - * gpg.sgml: Fixed URL in the description section. - - * faq.raw: Minor typo fixes noted by kromJx@myrealbox.com. - -2002-05-11 Werner Koch - - * gpg.sgml: Typo fix. - -2002-05-07 David Shaw - - * gpg.sgml: Add entries for --sk-comments, --no-sk-comments, - --pgp7, and --no-pgp7. Fix --pgp2 and --pgp6: the proper name is - --escape-from-lines and not --escape-from. - -2002-04-30 Timo Schulz - - * gpg.sgml: Add an entry for --encrypt-files and --decrypt-files. - -2002-04-29 David Shaw - - * gpg.sgml: Fix minor error in --pgp6 documentation: it does not - imply --digest-algo MD5 - -2002-04-29 Werner Koch - - * samplekeys.asc: Added gnupg distribution key 57548DCD. - - * faq.raw: Inserted Douglas Calvert as new maintainer. Acknowledge - Nils. Add entry about trust packet parsing problems. - -2002-04-24 David Shaw - - * gpg.sgml: Add some documentation for - --edit/{addphoto|showphoto|nrsign|nrlsign}, and the difference - between %t and %T in photo viewer command lines. - -2002-04-23 Stefan Bellon - - * gpg.sgml: Moved options from section "COMMANDS" to - section "OPTIONS". - -2002-04-20 David Shaw - - * samplekeys.asc: Added 0x5B0358A2 - -2002-04-19 David Shaw - - * gpg.sgml: Add "%t" flag for photo IDs, a note about primary - having different meanings for photo and regular IDs, rename - --default-check-level to --default-cert-check-level, add - --auto-check-trustdb, and --pgp6. - - * DETAILS: Add EXPSIG, EXPKEYSIG, and KEYEXPIRED. Add notes to - SIGEXPIRED (deprecated), and VALIDSIG (added expiration date). - Add "Preferences" command to unattended key generation - instructions. Also fixed a few typos. - - * samplekeys.asc: new (added to EXTRA_DIST in Makefile.am as well) - -2002-01-31 Marcus Brinkmann - - * DETAILS: Fix a spelling error, correct IMPORTED_RES to IMPORT_RES, - correct INV_RECP (the second occurence) to NO_RECP. - -2002-04-03 David Shaw - - * gpg.sgml: auto-key-retrieve is a keyserver-option (noted by - Roger Sondermann). - -2002-03-27 David Shaw - - * gpg.sgml: --pgp2 also means --disable-mdc, --no-ask-sig-expire, - and --no-ask-cert-expire. It does not mean --no-force-v3-sigs - (noted by Timo). - -2002-03-27 David Shaw - - * gpg.sgml: Add a few notes about --pgp2 meaning MIT PGP 2.6.2, - and keyserver details about HKP and NAI HKP. - -2002-03-18 David Shaw - - * gpg.sgml: Change meaning of --allow-non-selfsigned-uid to match - change in code, and add --no-allow-non-selfsigned-uid. - -2002-03-13 Werner Koch - - * faq.raw: Due to a lack of time Nils can't serve anymore as a - maintainer. Removed his address and setup a generic address. - -2002-03-06 Werner Koch - - * gpg.sgml: Add an entry for --export-ownertrust. Suggested by - Bernhard Reiter. - -2002-01-26 Timo Schulz - - * gnupg-w32.reg: New. Registry file for W32 in registry format. - -2002-01-26 Werner Koch - - * gpg.sgml: A few words about --gpg-agent-info and GPG_AGENT_INFO. - -2002-01-25 Timo Schulz - - * README.W32: Modify the filename because now the .exe extension - is automatically added to the binary. - -2002-01-14 Werner Koch - - * gpg.sgml: Talk about PGP 5 and higher. - -2002-01-11 David Shaw - - * gpg.sgml: Added documentation for --{no-}ask-cert-expire, - --{no-}ask-sig-expire, and revise --expert (it doesn't switch on - the expiration prompt anymore) and --default-check-level (to be - clearer as to what makes a good key check before signing). - -2002-01-07 Werner Koch - - * DETAILS: Removed the comment that unattended key generation is - experimental. It is now a standard feature. - -2001-12-22 David Shaw - - * gpg.sgml: Fixed a few typos. - - * gpg.sgml: Added documentation for --show-photos, - --no-show-photos, --photo-viewer, --nrsign-key, - --default-check-level, --search-keys, --keyserver-options, - --show-notation, --no-show-notation, --show-policy-url, - --no-show-policy-url, --for-your-eyes-only, - --no-for-your-eyes-only, --pgp2, --no-pgp2, - --no-permission-warning, --expert, --no-expert. - -2001-10-31 Werner Koch - - * gpg.sgml: Add a remark on how to get the long key ID. Suggested - by Sebastian Klemke. - -2001-10-23 Werner Koch - - * gpg.sgml: Add missing tag. - -2001-09-28 Werner Koch - - * gpg.sgml: Add a note on option parsing. - -2001-09-24 Werner Koch - - * gpg.sgml: Described --{update,check}-trustdb. - -2001-09-03 Werner Koch - - * gpg.sgml, gpgv.sgml: Removed GDBM stuff. - -2001-08-29 Werner Koch - - * faq.raw: Described how to delete a secret key w/o a public key - and changed the entry on updating the preferences. - -2001-08-08 Werner Koch - - * gpg.sgml: Documented --print-mds and marked the --print-md * as - deprecated because it does not work in the W32 version. Suggested - by John Kane. - (WARNINGS): Typo fix. - (--with-colons): Clarified that the output is in UTF-8. - -2001-08-01 Werner Koch - - * gpg.sgml: Added --ignore-valid-from - -2001-04-20 Werner Koch - - * faq.raw (Maintained-by): Removed note that load-extension is not - available under Windoze. - - * gpg.sgml: Add new --charset UTF-8. - -2001-04-19 Werner Koch - - * faq.raw: Add a note about dates displayed as ????-??-??. - -2001-04-17 Werner Koch - - * Makefile.am (%.texi): Add rules to create .texi from .sgml. - However we can't automate this because automake does not like - .texi files as BUILT_SOURCES. - (%.dvi,%.ps): Removed these rules, because they are not needed - and get in the way of automake's dvi target - - * HACKING: Changed CVS description. - -2001-04-06 Werner Koch - - * gpg.sgml: Small typo fixes by Florian Weimer. - -2001-03-27 Werner Koch - - * gpg.sgml: Add --no-sig-cache and --no-sig-create-check. - -2001-03-23 Werner Koch - - * DETAILS: New status UNEXPECTED. - -2001-03-13 Werner Koch - - * gpg.sgml: Described --fixed-list-mode. - -2001-03-06 Werner Koch - - * gpgv.sgml: Changed some gpg to gpgv. Thanks to John A. Murdie. - -2001-03-03 Werner Koch - - * gpg.sgml: Tell something about the 0x12345678! key ID syntax. - -2001-01-18 Werner Koch - - * README.W32: Changed building instructions for MinGW32/CPD 0.3 - -2001-01-09 Werner Koch - - * DETAILS: Fixed docs for NEED_PASSPHRASE and added USERID_HINT. - -2000-11-30 Werner Koch - - * gpg.sgml: Fixed the description of --verify. Add a short note - the warnings sections. - -2000-10-19 Werner Koch - - * gpg.sgml: Fixed doc for --allow-non-selfsigned-uid. - Add entry for --ignore-crc-error. - -2000-10-18 Werner Koch - - * OpenPGP: Dropped the paragraph that RSA is not implemented. - -2000-10-14 Werner Koch - - * faq.raw: Add an answer to the problem of multiple signatures. - -Wed Oct 4 15:50:18 CEST 2000 Werner Koch - - * gpgv.sgml: New. - * Makefile.am: build it. - -Thu Sep 14 14:20:38 CEST 2000 Werner Koch - - * faq.raw: New. - * Makefile.am: Support to build FAQs - -Wed Jul 12 13:32:06 CEST 2000 Werner Koch - - * gpg.sgml: Add a note about the availability of the GPH. - -2000-07-03 13:59:24 Werner Koch (wk@habibti.openit.de) - - * DETAILS, FAQ: Typo fixes by Yosiaki IIDA. - -2000-05-12 10:57:21 Werner Koch (wk@habibti.openit.de) - - * gpg.sgml: Documented --no-tty. - -2000-03-09 15:01:51 Werner Koch (wk@habibti.openit.de) - - * DETAILS: Ad a short blurb about unattended key generation. - -Wed Feb 9 15:33:44 CET 2000 Werner Koch - - * gpg.sgml: Describe --ignore-time-conflict. - - * gpg.sgml: Fixed a few typos. Thanks to Holger Trapp. - -Wed Jan 5 11:51:17 CET 2000 Werner Koch - - * FAQ: Enhanced answer for the 3des-s2k bug. - -Sat Dec 4 12:30:28 CET 1999 Werner Koch - - * gpg.sgml: Add section about the user ID - -Mon Nov 22 11:14:53 CET 1999 Werner Koch - - * gph: Removed the directory from the dist becuase it will - go into it's own package. - -Thu Sep 23 09:52:58 CEST 1999 Werner Koch - - * README.W32: New. - -Mon Sep 6 19:59:08 CEST 1999 Werner Koch - - - * Makefile.am (SUBDIRS): New subdir gph for the manual. - -Thu Jul 22 20:03:03 CEST 1999 Werner Koch - - - * gpg.sgml (--always-trust): Added. - -Wed Jul 14 19:42:08 CEST 1999 Werner Koch - - - * Makefile.am: Create a dummy man page if docbook-to-man is missing. - -Wed Jun 16 20:16:21 CEST 1999 Werner Koch - - - * gpg1.pod: Removed. - * gpg.sgml: New. Replaces the pod file - * Makefile.am: Add rule to make a man file from sgml - -Tue Jun 15 12:21:08 CEST 1999 Werner Koch - - - * Makefile.in.in: Use DESTDIR. - -Mon May 31 19:41:10 CEST 1999 Werner Koch - - * gpg.1pod: Enhanced the Bugs section (Michael). - -Wed Feb 10 17:15:39 CET 1999 Werner Koch - - - * gpg.1pod: Spelling and grammar corrections (John A. Martin) - * FAQ: Ditto. - * DETAILS: Ditto. - - - Copyright 1998, 1999, 2000, 2001, 2009 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/doc/ChangeLog-2011 b/doc/ChangeLog-2011 new file mode 100644 index 000000000..5700b6cf6 --- /dev/null +++ b/doc/ChangeLog-2011 @@ -0,0 +1,1187 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-02-23 Werner Koch + + * gpg-zip.1: Update by taking a built copy from master. + +2010-10-05 Werner Koch + + * FAQ: Make it a static file with a pointer to the online location. + * Makefile.am (EXTRA_DIST): Remove faq.raw and faq.html. + (FAQ, faq.html): Remove these targets + +2010-02-11 Werner Koch + + * faq.raw: Fixed the bug reporting address. + +2010-01-29 Werner Koch + + * gnupg1.texi: Fix dir entry. Fixes bug#1183. + +2009-09-02 Werner Koch + + * gpgv.texi, gpg.texi: Update from GnuPG-2. + +2009-08-18 Werner Koch + + * Makefile.am (sources_from_trunk): New. + (update-source-from-gnupg-2): New. Run it. Fixes bug#917 + +2009-08-13 Werner Koch + + * gpgv.texi, gpg.texi: Update from GnuPG-2. + +2008-04-30 David Shaw + + * gpg-zip.1: Add man page thanks to Colin Tuckley and Daniel + Leidert. + +2008-04-02 Werner Koch + + * opt-homedir.texi: Remove special case for Registry key. + + * yat2m.c (proc_texi_cmd): Use the \(aq glyph for @samp. This is + bug#898. + (proc_texi_buffer): Handle backslashs correctly. + +2007-12-21 Werner Koch + + * README.W32: Tell that Vista is supported and that at least NT-4 + is required. It might still work on older systems, but I don't + know for sure. + +2007-12-12 Werner Koch + + * gpg.texi, specify-user-id.texi: Update from gnupg-2. + * yat2m.c: Update from gnupg-2. + +2007-10-27 David Shaw + + * gpg.texi: Update from gnupg-2. + +2007-10-23 Werner Koch + + * gpg.texi: Updated from gnupg-2. + + * gpl.texi: Replace by GPLv3 version. + + * Makefile.am: Use standard suffix rules. + +2006-12-04 Werner Koch + + * yat2m.c: New. + * Makefile.am: New rules to build yatm and the man pages. + +2006-06-22 David Shaw + + * gpg.sgml: Document --enable-dsa2, --disable-dsa2, and + --default-keyserver-url. + + * DETAILS: Note "Keyserver:" + + * gpg.sgml: Note that --pgp8 does not include SHA224. Clarify + that clearsigned messages are not reversible. + +2006-05-23 David Shaw + + * mksamplekeys: Incorporate new package signature key and minimize + keys when generating samplekeys.asc. + +2006-05-17 Werner Koch + + * samplekeys.asc: Added new package signature key and cleaned all + keys to save space. + +2006-04-18 David Shaw + + * gpg.sgml: Reminders that --cipher-algo, --digest-algo, and + --compress-algo should be avoided. + +2006-04-11 Michael Roth (wk) + + * gpg.sgml (passphrase-fd): Explain that only the first line is used. + +2006-04-09 David Shaw + + * gpg.sgml: Some typo fixes. This is Debian 361324. + +2006-03-11 David Shaw + + * samplekeys.asc: Update 99242560 to have a signing subkey + backsig. + +2006-03-09 David Shaw + + * gpg.sgml: Clarify new notation delete feature. + +2006-03-08 David Shaw + + * gpg.sgml: Document "notation". + +2006-03-07 David Shaw + + * gpg.sgml: Rename backsigs to cross-certification (backsigs is + just shorthand). Document max-cert-size. + + * gpg.sgml: Document new way of enabling the PKA functions. Some + minor other cleanups. + +2006-03-06 David Shaw + + * gpg.sgml: Document --auto-key-locate. + +2006-02-24 David Shaw + + * gpg.sgml: Document new --keyserver syntax. + +2005-12-20 Werner Koch + + * gpg.sgml (trust-model): Document "auto" and the "pka" variants. + (keyserver-options): Document "auto-pka-retrieve". + (allow-pka-lookup): Document. + +2005-12-08 David Shaw + + * gpg.sgml: Document --fetch-keys. + +2005-12-07 David Shaw + + * gpg.sgml: Document -d. Add [file] to a few options. + +2005-11-17 David Shaw + + * gpg.sgml: Clarify "xxxxx-clean" and "clean". Document + "xxxxx-minimal", and "minimize". + +2005-11-02 David Shaw + + * gpg.sgml: Clarify what is and isn't included in a "clean sigs". + +2005-10-27 David Shaw + + * gpg.sgml: Document backsign, --require-backsigs, and + --no-require-backsigs. + + * DETAILS: Clarify Key-Usage. + +2005-10-07 Werner Koch + + * gpgv.sgml: Small spelling corrections by Mike Dowling. + +2005-09-21 David Shaw + + * gpg.sgml: Note that --display-charset is just for display and + doesn't recode data. Note that --search-keys can use the standard + search syntax now (<, =, *, @). Document the @-address mode. + +2005-08-23 David Shaw + + * gpg.sgml: Fix documentation for setpref/updpref, document + import-clean, --status-file, --logger-file, --attribute-file, + --passphrase-file, --passphrase, and --command-file. Comment out + the "+word match" selection syntax since it isn't supported. + +2005-07-22 Werner Koch + + * gpg.sgml: Removed entry for --no-interactive-selection. + +2005-07-19 Werner Koch + + * gpg.sgml: Document --limit-card-insert-tries. + +2005-07-18 David Shaw + + * samplekeys.asc: Update 99242560. + + * gpg.sgml: Clarify --throw-keyid and --hidden-recipient a bit. + +2005-06-20 David Shaw + + * gpg.sgml: Document --edit-key/clean, import-clean, and + export-clean. + +2005-06-20 Werner Koch + + * gpg.sgml: Document smartcard related options. + +2005-06-06 Werner Koch + + * DETAILS: New subcode 5 for CARDCTRL. + +2005-05-13 David Shaw + + * gpg.sgml: Document --default-sig-expire and + --default-cert-expire, remove --sk-comments and --no-sk-comments, + and clarify the form of a non-IETF notation for --sig-notation and + --cert-notation. + +2005-05-05 David Shaw + + * gpg.sgml: Clarify --min-cert-level a bit. + +2005-03-14 Werner Koch + + * gnupg-w32.reg: Removed. + +2005-03-07 Werner Koch + + * gpg.sgml (comment): Add note to keep the comment short. + + * DETAILS: Document new status codes. + +2005-02-15 Werner Koch + + * faq.raw: Add htmlcharset header line as suggested by Maxim + Britov. s/ElGamal/Elgamal/. Replaced reference to NAI by PGP + Corp. + + * gpg.ru.sgml: Updated from upstream. Added a closing PARA. + + * gpg.sgml: Add bkuptocard command for --edit-key. + +2005-02-05 David Shaw + + * gpg.sgml: Note that level 0 signatures are always accepted + regardless of --min-cert-level. + +2005-02-03 Werner Koch + + * README.W32: Updated to match the switch to the NSIS installer. + +2005-01-27 Werner Koch + + * faq.raw: Updated to the version from 1.2.7. + +2005-01-18 Werner Koch + + * gnupg-w32.reg: Remove the entry for the home directory. + +2004-12-16 Werner Koch + + * TRANSLATE: Add a note on how to send translations. + +2004-12-16 David Shaw + + * gpg.sgml: Document --require-secmem/--no-require-secmem. Note + that the sign flags (l, t, nr) can be mixed. Remove --nrsign-key. + +2004-12-12 Werner Koch + + * samplekeys.asc, mksamplekeys (keys): Removed my old 621CC013 key + which expires at the end of this year. Add g10 Code's source code + signing key 37D92FFB. + +2004-12-09 David Shaw + + * highlights-1.4.txt: New. + + * mksamplekeys, samplekeys.asc: Add the PGP global directory key. + +2004-11-26 David Shaw + + * gpg.sgml: Document export-minimal. + +2004-10-28 David Shaw + + * DETAILS: Document SIG_SUBPACKET status tag. + +2004-10-28 Werner Koch + + * Makefile.am (EXTRA_DIST): Add gpg.ru.1. + +2004-10-18 David Shaw + + * gpg.sgml: Minor language tweaks. + + * samplekeys.asc: Updated 99242560. + + * DETAILS: spk flags are hex. + +2004-10-15 Werner Koch + + * DETAILS: Document IMPORT_CHECK. + +2004-10-14 David Shaw + + * gpg.sgml: Document using "none" to remove preferred keyservers, + the keyserver timeout parameter, and the direct trust model. + +2004-09-23 Werner Koch + + * gpg.sgml: Document "addcardkey" and "keytocard". + +2004-09-20 Werner Koch + + * gpg.sgml: Document -K. + +2004-09-16 David Shaw + + * DETAILS: Document the 'spk' signature subpacket record. Add + more detail on "tru" records. + + * gpg.sgml: Note that PGP scales photo IDs to fit in the dialog + box. Document show-sig-subpackets. Document the '%c' signature + counter expando. + +2004-09-15 Werner Koch + + * gpg.sgml: Document "--debug-ccid-driver". + +2004-09-14 David Shaw + + * gpg.sgml: Note that --throw-keyid is --throw-keyids. Note + changes in --pgp8. Rephrase the "don't play algorithm games" + warning now that PGP has blowfish, zlib, and bzip2. + +2004-08-07 David Shaw + + * gpg.sgml: Remove show-long-keyids since it is replaced by + --keyid-format. Rename show-validity as + show-uid-validity. --ask-cert-level defaults to no. + +2004-06-28 David Shaw + + * DETAILS: Document PLAINTEXT and PLAINTEXT_LENGTH. + + * gpg.sgml: Clarify that --min-cert-level disregards level 1 certs + by default. Clarify include-revoked a bit to note that keyservers + might not be accurate. Note that --charset is --display-charset. + Some language tweaks for --simple-sk-checksum (Debian 251795). + Note the PGP silliness with preferred keyserver subpackets causing + PGP/MIME. + +2004-05-21 David Shaw + + * gpg.sgml: Document --edit-key "keyserver" command, + --keyid-format, --keyserver-option honor-keyserver-url, and --list + and --verify option show-std/user-notations. + +2004-05-19 David Shaw + + * gpg.sgml: Clarify that --charset applies to informational + strings and does not recode messages themselves. Remove + include-non-rfc export-option. + +2004-05-08 David Shaw + + * DETAILS, credits-1.0, credits-1.2: ElGamal -> Elgamal. + + * gpg.sgml: Document --no-use-embedded-filename and + --min-cert-level. + + * gpgv.sgml: Removed leftover . + +2004-05-03 Werner Koch + + * gpgv.sgml: Removed reference to non-available option + --no-default-keyring. + +2004-04-09 David Shaw + + * gpg.sgml: Document delsig. Clarify that --refresh-keys + arguments are optional. Document --bzip2-decompress-lowmem. + +2004-04-05 Werner Koch + + * DETAILS (NEWSIG): Documented. + +2004-02-25 David Shaw + + * gpg.sgml: Document --ask-cert-level, --max-output, and + --default-cert-level. + + * gpg.sgml: Document keyserver-option http-proxy, import-option + merge-only, remove old honor-http-proxy, --merge-only, and + --emulate-md-encode-bug. Document COLUMNS and LINES. + +2004-02-12 David Shaw + + * gnupg.7: Clarify that 'gpgv' doesn't encrypt, and that's not a + bug. + + * samplekeys.asc: Update 99242560. + + * gpg.sgml: Clarify -u/--local-user and --default-key. Note what + happens if you run 'gpg' without any commands. Document + --multifile. Document list-option show-unusable-subkeys. + +2004-01-30 David Shaw + + * DETAILS: Details for --list-config. + + * gpg.sgml: Document --ungroup and --list-config. + +2004-01-07 David Shaw + + * gpg.sgml: Fix a few minor typos. Clarify what --textmode is + useful for. + + * gpg.sgml: List proper documentation URL. Note that addrevoker + takes an optional "sensitive" argument. Remind that $GNUPGHOME + can be used instead of --homedir. Clarify --no-default-keyring, + and note why it may not take effect if there are no other keyrings + present. Remove --pgp2 from the list of --pgpXes that are just + for bad preference lists. Explain more why locking memory pages + is good. + + * gpg.sgml: Add an example of what an exclamation mark is, as + people seem to miss it often. + +2003-12-08 David Shaw + + * gpg.sgml: Fix a few missing semicolons in & entities. Noted by + Christian Biere. Some minor grammar fixes. Remove the "host -l + pgp.net | grep wwwkeys" advice since the nameserver no longer all + allow zone transfers. Replace it with a mention of + hkp://subkeys.pgp.net. Note that BZIP2 defaults to compression + level 6. + +2003-10-31 Werner Koch + + * DETAILS: Add a note about the date format for X.509. + +2003-11-21 David Shaw + + * gpg.sgml: Note the new combinations with --symmetric and + --encrypt. Document --bzip2-compress-level, and + --bzip2-compress-lowmem. Clarify the plurarility (or not) of + various list and verify options. Document BZIP2 in the + --compress-algo section. Warn about compatibility issues with + ZLIB and BZIP2. + +2003-11-20 David Shaw + + * gpg.sgml: Document --compress-level. Some minor tweaks to other + entries. + + * TRANSLATE: New, note to translators about the yes|yes multiple + match syntax. + + * Makefile.am: Include TRANSLATE in distributed files. + +2003-10-28 Werner Koch + + * DETAILS: Add the 'a' value for field 12 and the new field 15. + +2003-10-01 David Shaw + + * samplekeys.asc: Update 99242560. + + * gpg.sgml: Document --no-groups. + +2003-09-30 David Shaw + + * gpg.sgml: Note web bug like behavior of auto-key-retrieve. Note + that big photos mean big keys. Document --rfc2440. Document + verify-option show-unusable-uids. + + * gpg.sgml: Clarify --mangle-dos-filenames, document list-option + show-unusable-uids, remove --no-comment (which is now + --no-sk-comments), add --no-comments (to remove --comment), remove + --default-comment, and document --sig-keyserver-url. + +2003-09-01 David Shaw + + * DETAILS: Note fingerprint of signing key in sig records. + +2003-08-31 David Shaw + + * gpg.sgml: Use "keyserver-url" instead of "preferred-keyserver" + for the sake of short and simple commands. + +2003-08-29 David Shaw + + * gpg.sgml: Document list-options (show-preferred-keyserver, + show-validity, show-long-keyid, and show-sig-expire), and + verify-options (show-preferred-keyserver, show-validity, + show-long-keyid). + +2003-08-28 David Shaw + + * samplekeys.asc: Updated. + + * DETAILS: Document "tru" trust record. Document REVKEYSIG status + tag. Removed paragraph on gdbm usage. Note that pipemode is + deprecated. + +2003-08-25 David Shaw + + * gpg.sgml: Document --list-options (show-photos, show-policy-url, + show-notation, show-keyring) and --verify-options (show-photos, + show-policy-url, show-notation). Deprecate --show-photos, + --show-policy-url, --show-notation, and --show-keyring. + +2003-07-10 David Shaw + + * DETAILS: Document the --attribute-fd data. + + * gpg.sgml: Document --set-notation. Explain why it is not + possible to disable permission warnings in the gpg.conf file about + the homedir. Add pointer in --ignore-time-conflict to see + --ignore-valid from, and vice versa. Warning not to try and parse + --list-keys in scripts. Document the signature flags + (1-3/L/R/P/N/X/T), Document expandos %g and %p. Note the default + --personal-digest-preferences are SHA-1. + +2003-05-26 David Shaw + + * gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable + branch) + + * gnupg-w32.reg: Use HLM for the program and make sure the entries + are created. Suggested by danielc@analysisandsolutions.com. (From + wk on stable branch) + +2003-05-24 David Shaw + + * gpg.sgml: Document --trustdb-name. Document --gnupg in a new + compliance section, and remove the various --no-PGPX + options. Deprecate --no-comment in favor of --no-sk-comments. + +2003-05-04 David Shaw + + * gpg.sgml: Some general language tweaks. Note default algo for + --symmetric. --export-ownertrust takes no args. Document + --no-escape-from-lines. Fix escaped "From". Make + "openpgp" trust model into "pgp". + +2003-04-27 David Shaw + + * DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig + class, and a reserved field for flags in a future version. + + * gpg.sgml: Document --no-textmode and --no-use-agent. Clarify + the interoperability section. Clarify that "hkp corruption" + (repair-hkp-subkey-bug) is really "pks corruption" + (repair-pks-subkey-bug). + +2003-04-15 Werner Koch + + * gpg.sgml: Document --enable-progress-filter. + +2003-04-07 David Shaw + + * DETAILS: Don't specify which hash is used to make up the + namehash since it may change in the future. + + * samplekeys.asc: Updated. + + * gpg.sgml: Document "revuid". Clarify that --openpgp resets + --pgpX. Some cleanup of --no-xxx options, make sure that all SGML + tags are closed, clarify --pgp8 allows SHA-256, and document + --no-emit-version. + + * Makefile.am: Allow CVS version to build without faqprog.pl. + +2003-04-01 Werner Koch + + * DETAILS (VALIDSIG): Add primary keys fingerprint. + +2003-01-27 David Shaw + + * DETAILS: Document trust depth, value, and regexp. + +2003-01-14 David Shaw + + * gpg.sgml: Minor language tweaks, spell check, copyright date, + etc. + + * DETAILS: Note that user IDs/UATs fill in creation and expiration + date. Document namehash. + +2003-01-06 David Shaw + + * DETAILS: Document disabled flag in capabilities field. + +2002-12-27 David Shaw + + * gpg.sgml: Clarify --no-permission-warning to note that the + permission warnings are not intended to be the be-all and end-all + in security checks. Add note to --group that when used on the + command line, it may be necessary to quote the argument so it is + not treated as multiple arguments. Noted by Stefan Bellon. + +2002-12-23 Werner Koch + + * samplekeys.asc: Updated. + +2002-12-10 David Shaw + + * gpg.sgml: Clarify include-revoked and include-disabled so they + match what the program actually does. Noted by Dick Gevers. + + * gpg.sgml: Document %-expandos for policy URLs and notations. + + * gpg.sgml: Document --pgp8. Clarify that --pgp6 and --pgp7 + disable --throw-keyid. + +2002-12-05 Werner Koch + + * gpg.sgml: Document --no-mangle-dos-filenames. + +2002-12-01 David Shaw + + * gpg.sgml: Point out that if the user absolutely must, it's + better to use --pgpX than forcing an algorithm manually. Better + still not to use anything, of course. + +2002-11-25 David Shaw + + * gpg.sgml: Document --primary-keyring. Clarify + --s2k-cipher-algo, --s2k-digest-algo, + --personal-cipher-preferences, --personal-digest-preferences, and + --personal-compress-preferences. + + * gpg.sgml: Document --sig-policy-url, --cert-policy-url, + --sig-notation, --cert-notation. Clarify --show-notation and + --show-policy-url that policy URLs and notations can be used in + data signatures as well. Add note about '@' being a required + character in notation names. + +2002-11-21 David Shaw + + * gpg.sgml: Add an interoperability section. + +2002-11-17 David Shaw + + * gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode. + Noted by Haakon Riiser. + +2002-11-14 David Shaw + + * gpg.sgml: --compress-algo now allows algorithm names. + +2002-11-13 David Shaw + + * gpg.sgml: Document --trust-model. + +2002-11-04 David Shaw + + * KEYSERVER: New. Documents the --with-colons format for + keyserver listings. + + * DETAILS: Clarify meaning of 'u'. Noted by Timo. + +2002-11-03 David Shaw + + * gpg.sgml: Document "tsign", clarify "setpref", clarify + --recipient, document --hidden-recipient, document + --hidden-encrypt-to, clarify --no-encrypt-to, clarify + --throw-keyid, document --no-throw-keyid. + +2002-10-25 Werner Koch + + * README.W32: Add blurb on how to create a ZIP file, changed + requirement for mingw32 to 0.3.2. + +2002-10-24 David Shaw + + * gpg.sgml: Document --refresh-keys. + +2002-10-19 David Shaw + + * gpg.sgml: Clarify --force-mdc, and document --disable-mdc. + +2002-10-12 Werner Koch + + * DETAILS (KEY_CREATED): Enhanced by fingerprint. + +2002-10-03 David Shaw + + * gpg.sgml: Note that '#' means secret-key-unavailable, and that + keyserver schemes are case-insensitive. + +2002-09-30 David Shaw + + * gpg.sgml: Note that --pgp2 disables --textmode when encrypting. + +2002-09-20 David Shaw + + * gpg.sgml: Some minor language cleanup. + +2002-09-20 Werner Koch + + * DETAILS: s/XORed/ORed/. + +2002-09-15 Werner Koch + + * gpg.sgml: Add rebuild-keydb-caches. + +2002-09-12 David Shaw + + * DETAILS: Fix batch key generation example. + +2002-09-11 Werner Koch + + * Makefile.am (EXTRA_DIST): Include gnupg-32.reg + +2002-09-02 Werner Koch + + * gpg.sgml: Updated the charset option. + + * DETAILS: Added status IMPORT_OK. + + * gnupg.7: New mini man page. + +2002-08-30 David Shaw + + * gpg.sgml: Document keyserver-option include-subkeys. Note that + honor-http-proxy is a keyserver-option now. + + * DETAILS: Add "Key not trusted" to INV_RECP status code. + +2002-08-23 Werner Koch + + * faq.raw: Updated. New Maintainer is David D. Scribner. + +2002-08-22 David Shaw + + * gpg.sgml: Clarify meaning of keyserver option include-revoked. + +2002-08-21 Werner Koch + + * DETAILS: Added IMPORT_PROBLEM. + +2002-08-20 David Shaw + + * DETAILS: Clarify that trust letters 'q' and '-' can be treated + identically. + + * gpg.sgml: Document --ignore-mdc-error. + +2002-08-06 David Shaw + + * gpg.sgml: Clarify that only long-form options can go in the + config file. + +2002-08-06 Werner Koch + + * gpg.sgml: Fixed doc regarding the name change of the option + file. + +2002-07-30 David Shaw + + * gpg.sgml: Clarify --edit/addrevoker (sensitive), and + --keyserver-options (--import/export-options may be used as well). + Document --import-options and --export-options with their various + options. --show-photos now works during signature verification as + well. Document --exec-path. Note in --simple-sk-checksum that + the passphrase must be changed for this to take effect. Note that + --pgp7 does not disable MDC. Document --no-mdc-warning. + +2002-07-25 Werner Koch + + * gpg.sgml: Document new --delete behaviour. + +2002-07-25 David Shaw + + * gpg.sgml: Clarify the differences between "pref" and "showpref". + Note in "setpref" that a list of available algorithms can be + printed with "gpg -v --version". Note in "updpref" that we don't + select keys via attribute uids, so preferences there will be + ignored. + +2002-07-01 David Shaw + + * gpg.sgml: Clarify "group". + +2002-07-01 Werner Koch + + * Makefile.am: Due to problems with VPATH builds we don't try to + build the texi vesions of the manual pages anymore automatically. + +2002-06-30 Werner Koch + + * README.W32: Adjusted some descriptions. Fixed the regsitry + entry descriptions. + +2002-06-21 David Shaw + + * DETAILS: Document "uat". + + * gpg.sgml: Document + --personal-{compress|digest|compress}-preferences, --group, and + add comments to --expert. + +2002-06-17 Werner Koch + + * gpg.sgml: Grammar fix. + +2002-06-03 David Shaw + + * DETAILS: Details of ATTRIBUTE. + + * gpg.sgml: Document --attribute-fd + +2002-06-03 Timo Schulz + + * DETAILS: Add ATTRIBUTE. + +2002-05-31 David Shaw + + * gpg.sgml: Add "edit/addrevoker". Document --desig-revoke. Note + that -z and --compress are the same option. Note that + --digest-algo can no longer violate OpenPGP with a non-160 bit + hash with DSA. Document --cert-digest-algo with suitable warnings + not to use it. Note the default s2k-cipher-algo is now CAST5. + Note that --force-v3-sigs overrides --ask-sig-expire. Revise + --expert documentation, as it is now definitely legal to have more + than one photo ID on a key. --preference-list is now + --default-preference-list with the new meaning. Document + --personal-preference-list. + + * DETAILS: Document "Revoker" for batch key generation. + +2002-05-22 Werner Koch + + * gpg.sgml: sgml syntax fix. + +2002-05-12 Werner Koch + + * gpg.sgml: Fixed URL in the description section. + + * faq.raw: Minor typo fixes noted by kromJx@myrealbox.com. + +2002-05-11 Werner Koch + + * gpg.sgml: Typo fix. + +2002-05-07 David Shaw + + * gpg.sgml: Add entries for --sk-comments, --no-sk-comments, + --pgp7, and --no-pgp7. Fix --pgp2 and --pgp6: the proper name is + --escape-from-lines and not --escape-from. + +2002-04-30 Timo Schulz + + * gpg.sgml: Add an entry for --encrypt-files and --decrypt-files. + +2002-04-29 David Shaw + + * gpg.sgml: Fix minor error in --pgp6 documentation: it does not + imply --digest-algo MD5 + +2002-04-29 Werner Koch + + * samplekeys.asc: Added gnupg distribution key 57548DCD. + + * faq.raw: Inserted Douglas Calvert as new maintainer. Acknowledge + Nils. Add entry about trust packet parsing problems. + +2002-04-24 David Shaw + + * gpg.sgml: Add some documentation for + --edit/{addphoto|showphoto|nrsign|nrlsign}, and the difference + between %t and %T in photo viewer command lines. + +2002-04-23 Stefan Bellon + + * gpg.sgml: Moved options from section "COMMANDS" to + section "OPTIONS". + +2002-04-20 David Shaw + + * samplekeys.asc: Added 0x5B0358A2 + +2002-04-19 David Shaw + + * gpg.sgml: Add "%t" flag for photo IDs, a note about primary + having different meanings for photo and regular IDs, rename + --default-check-level to --default-cert-check-level, add + --auto-check-trustdb, and --pgp6. + + * DETAILS: Add EXPSIG, EXPKEYSIG, and KEYEXPIRED. Add notes to + SIGEXPIRED (deprecated), and VALIDSIG (added expiration date). + Add "Preferences" command to unattended key generation + instructions. Also fixed a few typos. + + * samplekeys.asc: new (added to EXTRA_DIST in Makefile.am as well) + +2002-01-31 Marcus Brinkmann + + * DETAILS: Fix a spelling error, correct IMPORTED_RES to IMPORT_RES, + correct INV_RECP (the second occurence) to NO_RECP. + +2002-04-03 David Shaw + + * gpg.sgml: auto-key-retrieve is a keyserver-option (noted by + Roger Sondermann). + +2002-03-27 David Shaw + + * gpg.sgml: --pgp2 also means --disable-mdc, --no-ask-sig-expire, + and --no-ask-cert-expire. It does not mean --no-force-v3-sigs + (noted by Timo). + +2002-03-27 David Shaw + + * gpg.sgml: Add a few notes about --pgp2 meaning MIT PGP 2.6.2, + and keyserver details about HKP and NAI HKP. + +2002-03-18 David Shaw + + * gpg.sgml: Change meaning of --allow-non-selfsigned-uid to match + change in code, and add --no-allow-non-selfsigned-uid. + +2002-03-13 Werner Koch + + * faq.raw: Due to a lack of time Nils can't serve anymore as a + maintainer. Removed his address and setup a generic address. + +2002-03-06 Werner Koch + + * gpg.sgml: Add an entry for --export-ownertrust. Suggested by + Bernhard Reiter. + +2002-01-26 Timo Schulz + + * gnupg-w32.reg: New. Registry file for W32 in registry format. + +2002-01-26 Werner Koch + + * gpg.sgml: A few words about --gpg-agent-info and GPG_AGENT_INFO. + +2002-01-25 Timo Schulz + + * README.W32: Modify the filename because now the .exe extension + is automatically added to the binary. + +2002-01-14 Werner Koch + + * gpg.sgml: Talk about PGP 5 and higher. + +2002-01-11 David Shaw + + * gpg.sgml: Added documentation for --{no-}ask-cert-expire, + --{no-}ask-sig-expire, and revise --expert (it doesn't switch on + the expiration prompt anymore) and --default-check-level (to be + clearer as to what makes a good key check before signing). + +2002-01-07 Werner Koch + + * DETAILS: Removed the comment that unattended key generation is + experimental. It is now a standard feature. + +2001-12-22 David Shaw + + * gpg.sgml: Fixed a few typos. + + * gpg.sgml: Added documentation for --show-photos, + --no-show-photos, --photo-viewer, --nrsign-key, + --default-check-level, --search-keys, --keyserver-options, + --show-notation, --no-show-notation, --show-policy-url, + --no-show-policy-url, --for-your-eyes-only, + --no-for-your-eyes-only, --pgp2, --no-pgp2, + --no-permission-warning, --expert, --no-expert. + +2001-10-31 Werner Koch + + * gpg.sgml: Add a remark on how to get the long key ID. Suggested + by Sebastian Klemke. + +2001-10-23 Werner Koch + + * gpg.sgml: Add missing tag. + +2001-09-28 Werner Koch + + * gpg.sgml: Add a note on option parsing. + +2001-09-24 Werner Koch + + * gpg.sgml: Described --{update,check}-trustdb. + +2001-09-03 Werner Koch + + * gpg.sgml, gpgv.sgml: Removed GDBM stuff. + +2001-08-29 Werner Koch + + * faq.raw: Described how to delete a secret key w/o a public key + and changed the entry on updating the preferences. + +2001-08-08 Werner Koch + + * gpg.sgml: Documented --print-mds and marked the --print-md * as + deprecated because it does not work in the W32 version. Suggested + by John Kane. + (WARNINGS): Typo fix. + (--with-colons): Clarified that the output is in UTF-8. + +2001-08-01 Werner Koch + + * gpg.sgml: Added --ignore-valid-from + +2001-04-20 Werner Koch + + * faq.raw (Maintained-by): Removed note that load-extension is not + available under Windoze. + + * gpg.sgml: Add new --charset UTF-8. + +2001-04-19 Werner Koch + + * faq.raw: Add a note about dates displayed as ????-??-??. + +2001-04-17 Werner Koch + + * Makefile.am (%.texi): Add rules to create .texi from .sgml. + However we can't automate this because automake does not like + .texi files as BUILT_SOURCES. + (%.dvi,%.ps): Removed these rules, because they are not needed + and get in the way of automake's dvi target + + * HACKING: Changed CVS description. + +2001-04-06 Werner Koch + + * gpg.sgml: Small typo fixes by Florian Weimer. + +2001-03-27 Werner Koch + + * gpg.sgml: Add --no-sig-cache and --no-sig-create-check. + +2001-03-23 Werner Koch + + * DETAILS: New status UNEXPECTED. + +2001-03-13 Werner Koch + + * gpg.sgml: Described --fixed-list-mode. + +2001-03-06 Werner Koch + + * gpgv.sgml: Changed some gpg to gpgv. Thanks to John A. Murdie. + +2001-03-03 Werner Koch + + * gpg.sgml: Tell something about the 0x12345678! key ID syntax. + +2001-01-18 Werner Koch + + * README.W32: Changed building instructions for MinGW32/CPD 0.3 + +2001-01-09 Werner Koch + + * DETAILS: Fixed docs for NEED_PASSPHRASE and added USERID_HINT. + +2000-11-30 Werner Koch + + * gpg.sgml: Fixed the description of --verify. Add a short note + the warnings sections. + +2000-10-19 Werner Koch + + * gpg.sgml: Fixed doc for --allow-non-selfsigned-uid. + Add entry for --ignore-crc-error. + +2000-10-18 Werner Koch + + * OpenPGP: Dropped the paragraph that RSA is not implemented. + +2000-10-14 Werner Koch + + * faq.raw: Add an answer to the problem of multiple signatures. + +Wed Oct 4 15:50:18 CEST 2000 Werner Koch + + * gpgv.sgml: New. + * Makefile.am: build it. + +Thu Sep 14 14:20:38 CEST 2000 Werner Koch + + * faq.raw: New. + * Makefile.am: Support to build FAQs + +Wed Jul 12 13:32:06 CEST 2000 Werner Koch + + * gpg.sgml: Add a note about the availability of the GPH. + +2000-07-03 13:59:24 Werner Koch (wk@habibti.openit.de) + + * DETAILS, FAQ: Typo fixes by Yosiaki IIDA. + +2000-05-12 10:57:21 Werner Koch (wk@habibti.openit.de) + + * gpg.sgml: Documented --no-tty. + +2000-03-09 15:01:51 Werner Koch (wk@habibti.openit.de) + + * DETAILS: Ad a short blurb about unattended key generation. + +Wed Feb 9 15:33:44 CET 2000 Werner Koch + + * gpg.sgml: Describe --ignore-time-conflict. + + * gpg.sgml: Fixed a few typos. Thanks to Holger Trapp. + +Wed Jan 5 11:51:17 CET 2000 Werner Koch + + * FAQ: Enhanced answer for the 3des-s2k bug. + +Sat Dec 4 12:30:28 CET 1999 Werner Koch + + * gpg.sgml: Add section about the user ID + +Mon Nov 22 11:14:53 CET 1999 Werner Koch + + * gph: Removed the directory from the dist becuase it will + go into it's own package. + +Thu Sep 23 09:52:58 CEST 1999 Werner Koch + + * README.W32: New. + +Mon Sep 6 19:59:08 CEST 1999 Werner Koch + + + * Makefile.am (SUBDIRS): New subdir gph for the manual. + +Thu Jul 22 20:03:03 CEST 1999 Werner Koch + + + * gpg.sgml (--always-trust): Added. + +Wed Jul 14 19:42:08 CEST 1999 Werner Koch + + + * Makefile.am: Create a dummy man page if docbook-to-man is missing. + +Wed Jun 16 20:16:21 CEST 1999 Werner Koch + + + * gpg1.pod: Removed. + * gpg.sgml: New. Replaces the pod file + * Makefile.am: Add rule to make a man file from sgml + +Tue Jun 15 12:21:08 CEST 1999 Werner Koch + + + * Makefile.in.in: Use DESTDIR. + +Mon May 31 19:41:10 CEST 1999 Werner Koch + + * gpg.1pod: Enhanced the Bugs section (Michael). + +Wed Feb 10 17:15:39 CET 1999 Werner Koch + + + * gpg.1pod: Spelling and grammar corrections (John A. Martin) + * FAQ: Ditto. + * DETAILS: Ditto. + + + Copyright 1998, 1999, 2000, 2001, 2009 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/doc/fr/ChangeLog b/doc/fr/ChangeLog deleted file mode 100644 index 167093dcc..000000000 --- a/doc/fr/ChangeLog +++ /dev/null @@ -1,17 +0,0 @@ -2001-09-10 Gilbert Fernandes - - * Traduction en français des documents doc/* - - -Copyright 2001 Free Software Foundation, Inc. - -Ce fichier est un logiciel libre ; l'auteur vous donne une autorisation -spéciale de copies illimitées et/ou distribution illimitée avec ou sans -modifications attendu que cette notice de copyright et note associée -se trouve conservée dans le document. - -This file is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY, to the extent permitted by law; without even the -implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - diff --git a/doc/fr/ChangeLog-2011 b/doc/fr/ChangeLog-2011 new file mode 100644 index 000000000..30e125021 --- /dev/null +++ b/doc/fr/ChangeLog-2011 @@ -0,0 +1,22 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2001-09-10 Gilbert Fernandes + + * Traduction en français des documents doc/* + + +Copyright 2001 Free Software Foundation, Inc. + +Ce fichier est un logiciel libre ; l'auteur vous donne une autorisation +spéciale de copies illimitées et/ou distribution illimitée avec ou sans +modifications attendu que cette notice de copyright et note associée +se trouve conservée dans le document. + +This file is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/doc/gph/ChangeLog b/doc/gph/ChangeLog deleted file mode 100644 index 0d42fa163..000000000 --- a/doc/gph/ChangeLog +++ /dev/null @@ -1,9 +0,0 @@ -Tue Sep 7 16:18:03 1999 Werner Koch (wk@gnupg.org) - - * Makefile.am: Ugly workarounds to do a VPATH build. - -Fri Sep 3 13:24:45 1999 Werner Koch (wk@gnupg.org) - - * Makefile.am: New - - diff --git a/doc/gph/ChangeLog-2011 b/doc/gph/ChangeLog-2011 new file mode 100644 index 000000000..a5af5f15a --- /dev/null +++ b/doc/gph/ChangeLog-2011 @@ -0,0 +1,14 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +Tue Sep 7 16:18:03 1999 Werner Koch (wk@gnupg.org) + + * Makefile.am: Ugly workarounds to do a VPATH build. + +Fri Sep 3 13:24:45 1999 Werner Koch (wk@gnupg.org) + + * Makefile.am: New diff --git a/g10/ChangeLog b/g10/ChangeLog deleted file mode 100644 index d812cfd42..000000000 --- a/g10/ChangeLog +++ /dev/null @@ -1,13772 +0,0 @@ -2011-09-12 Werner Koch - - * gpg.c [__VMS]: Include vms.h. - (main) [__VMS]: Init batch mode according to actual process mode. - Suggested by Steven M. Schweda. - -2011-08-09 Werner Koch - - * keyedit.c (show_key_with_all_names): Remove unused var. - - * apdu.c (open_pcsc_reader_direct): Remove unused var. - - * sig-check.c (do_check): Remove unused var. - - * keygen.c (ask_user_id): Fix loop break condition. See bug#1307. - - * import.c (import_keys_internal): Make breaking the loop more - explicit. See bug#1307. - -2011-07-22 Werner Koch - - * parse-packet.c (parse_key): Print the decoded iteration count. - Fixes bug#1355. - -2011-04-05 David Shaw - - * photoid.c (generate_photo_id): Check for the JPEG magic numbers - instead of JFIF since some programs generate an EXIF header first. - This is issue 1331. - -2011-02-23 Werner Koch - - * Makefile.am (LDADD): Move LIBREADLINE to .. - (gpg_LDADD): here. Fixes bug#1318. - * gpgv.c (rl_cleanup_after_signal, rl_free_line_state): New stubs. - -2010-10-29 David Shaw - - * gpg.c (main): Do not provide a default for - --personal-digest-preferences. This allows the usual digest - selection algorithm to pick a digest based on recipient keys. - - * pkclist.c (select_algo_from_prefs): Make sure the scores can't - overflow when picking an algorithm (not a security issue since we - can't pick something not present in all preference lists, but we - might pick something that isn't scored first choice). - - * pkclist.c (select_algo_from_prefs): Slightly improve the - handling of MD5 in preference lists. Instead of replacing MD5 - with SHA-1, just remove MD5 from the list altogether, and let the - next-highest ranked algorithm be chosen. - -2010-10-27 Werner Koch - - * keygen.c (ask_expire_interval): Print 2038 warning only for 32 - bit signed time_t. - * keyid.c (mk_datestr): Do the y2038 test only for a signed time_t. - (INVALID_TIME_CHECK): New. - -2010-10-20 Werner Koch - - * encr-data.c (decode_filter): Cast -1 to size_t. Reported by - Steven M. Schweda. - * parse-packet.c (parse_key): Ditto. - * trustdb.c (validate_keys): Likewise to unsigned int. - -2010-10-18 Werner Koch - - * app-openpgp.c (parse_algorithm_attribute): Remove extra const in - definition of DESC. - -2010-10-10 Werner Koch - - * keyring.c (create_tmp_file): Use GNUPG_TMP_SFX anf GNUPG_BAK_SFX. - -2010-09-28 David Shaw - - * options.skel: Make the example for force-v3-sigs match - reality (it has defaulted to off since 2007-10-22). - -2010-09-28 Steven M. Schweda (wk) - - Changes to help the VMS port. See - http://antinode.info/dec/sw/gnupg.html . - - * gpgv.c (ttyfp_is, init_ttyfp) [__VMS]: Add stubs. - * build-packet.c (do_plaintext) [__VMS]: Disable error message. - * keyserver.c (keyserver_spawn) [__VMS]: Do not add the DIRSEP_S. - * misc.c [__VMS]: Include . - * signal.c [__VMS]: Include vms.h. - (got_fatal_signal) [__VMS]: Restore terminal echo. - * plaintext.c [__VMS]: Include vms.h. - * openfile.c (make_outfile_name): __VMS] Do not use. - (open_outfile) [__VMS]: Use vms_append_ext. - (try_make_homedir) [__VMS]: chmod directory. - * misc.c (disable_core_dumps) [__VMS]: Disable. - (path_access) [__VMS]: Do not use. - -2010-09-28 Werner Koch - - * passphrase.c [!ENABLE_AGENT_SUPPORT]: Do not include - sys/socket.h to help the VMS port. - -2010-08-31 Werner Koch - - * mainproc.c (print_pkenc_list): Print a STATUS_ERROR. Fixes - bug#1255. - -2010-07-24 Werner Koch - - * cardglue.c (agent_scd_pksign): Allow more hash algorithms when - using with scdaemon. - * cardglue.h (GCRY_MD_MD5): New. - -2010-06-18 Werner Koch - - * parse-packet.c (skip_packet, parse_gpg_control): Take care of - premature EOFs. Backport from trunk. - -2010-06-01 Werner Koch - - * gpg.c (main): Add dummy option --debug-level and ignore - --log-file if a socket prefix is given. - -2010-05-12 Werner Koch - - * armor.c (radix64_read): Change fix 2006-04-08 to fix bug#1179. - -2010-05-07 Werner Koch - - * import.c (chk_self_sigs): Check direct key signatures. Fixes - bug#1223. - (fix_bad_direct_key_sigs): New. - (import_one): Call it. - -2010-03-26 David Shaw - - * plaintext.c (handle_plaintext): Make sure that the stdout flush - succeeded, so we can't lose data when using gpg in a pipeline. - Fixes bug #1207. - -2010-02-25 Werner Koch - - * sign.c (hash_for): Force SHA1 only for v1 OpenPGP cards. Fixes - bug#1194. - -2010-02-17 Werner Koch - - * keygen.c (ask_user_id): Avoid infinite loop in case of invalid - data. Fixes bug#1186. - -2010-02-02 Werner Koch - - * card-util.c (card_edit): Change prompt to "gpg/card". - * keyedit.c (keyedit_menu): Change prompt to "gpg". - -2009-12-17 Werner Koch - - * sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag. - Fixes bug#1059. - -2009-12-15 Werner Koch - - * iso7816.c (do_generate_keypair): s/readonly/read_only/. - * keydb.c (keydb_add_resource): Ditto. - - * tdbio.c (tdbio_set_dbname): Do not call log_fatal after creating - the directory. Fixes bug#1169. Reported by Daniel Leidert. - -2009-09-28 Werner Koch - - * trustdb.c (get_validity_info): Take care of a NULL PK. Fixes - bug#1138. - (get_validity_string): Ditto. - -2009-09-02 Werner Koch - - * app-openpgp.c (do_decipher): Compute required Le. - * iso7816.c (iso7816_decipher): Add new arg LE. - - * compress-bz2.c (do_uncompress): Detect unexpected EOF. Fixes - bug#1011. - -2009-08-26 Werner Koch - - * keyedit.c (menu_revsig): Check for signature right away. Fix - Debian-bug#543530. - -2009-08-13 Werner Koch - - * cardglue.h: Add new error code mappings. - - From GnuPG-2: - * app-openpgp.c (change_keyattr_from_string): New. - (do_setattr): Support KEY-ATTR. - * ccid-driver.c (print_pr_data): Fix 64 bit compat problem. - * ccid-driver.c (parse_ccid_descriptor): Enable hack for SCR 3320. - * card-util.c (generate_card_keys): Remove special case for - GnuPG-2. Ask for the keysize and change it. - (card_generate_subkey): Ask for the keysize and change it. - (get_info_for_key_operation): Read KEY-ATTR. - (show_keysize_warning, ask_card_keysize): New. - (do_change_keysize): New. - -2009-08-11 David Shaw - - * keyserver.c (keyserver_spawn): Try and detect mis-coded Latin1 - and convert it to UTF8. Whether the heuristics succeed or not, - the resulting string must be valid UTF8 as LDAP requires that. - This is bug 1055. - -2009-08-03 Werner Koch - - * card-util.c (generate_card_keys): Ask for off-card keys only if - the card supports it. - (get_info_for_key_operation): Read EXTCAP. - (card_store_subkey): Check for non matching sizes. - - * cardglue.c (agent_scd_writecert, agent_scd_readcert): New stubs. - * misc.c (not_in_gpg1_notice): New. - -2009-07-30 Werner Koch - - * misc.c (md5_digest_warn): New. - (print_digest_algo_note): Divert to new function. - * sig-check.c (do_check): Print MD5 warning. - -2009-07-31 David Shaw - - * gpg.c (main): --pgp6 includes --disable-mdc. - -2009-07-29 Werner Koch - - * keygen.c (keygen_set_std_prefs): Remove RMD-160 from the list. - Change order to SHA-256, SHA-1, SHA-384, SHA-512, SHA-224. - (gen_dsa): Use a 256 bit Q for 2048 bit P. Round to FIPS allowed - values in non-expert mode. - (ask_algo): Add arg R_SUBKEY_ALGO. Change return value semantics. - Change presented order of algorithms. Make RSA+RSA the default. - (generate_keypair, generate_subkeypair): Adjust for change. - -2009-07-23 Werner Koch - - * keygen.c (generate_keypair): Allow Elgamal > 3072 in BOTH mode. - Reported by Jeroen Schot. Fixes bug#1091. - (ask_keysize): Add new arg PRIMARY_KEYSIZE. Set DSA default to - 2048. Print a different prompt for a subkey. - (gen_dsa): Remove check for dsa2 option. - - * trustdb.c (how_to_fix_the_trustdb): New. - * tdbio.c (tdbio_invalid): Print hints on how to fix the trustdb. - * gpg.c (main) : Print hints. - -2009-07-23 David Shaw - - * keyserver.c (keyserver_import_ldap): Try a DNS-SD lookup to find - a domain-specific LDAP server before resorting to keys.{domain}. - -2009-07-22 Werner Koch - - * cardglue.h (struct agent_card_info_s): Add field EXTCAP. - * cardglue.c (agent_learn): Read KEY-ATTR. - (learn_status_cb): Parse EXTCAP. - -2009-07-21 Werner Koch - - * app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c, - * apdu.h, ccid-driver.c, ccid-driver.h, card-util.c: Update from - GnuPG 2.0 SVN revision 5084. - - * cardglue.h (GCRY_MD_SHA256): Add more GCRY_MD constants. - (gcry_handler_progress_t): Add definition. - (struct agent_card_info_s): Add fields apptype, is_v2, key_attr. - * cardglue.c (learn_status_cb): Set them. - (agent_release_card_info): Release APPTYPE. - (unescape_status_string, send_status_direct): New. - (gcry_mpi_release, gcry_mpi_set_opaque): New. - (gcry_md_algo_name): New. - (open_card): s/initialized/ref_count/. - (agent_learn): Pass new new flag arg to learn_status. - (agent_scd_genkey): Add new arg createtime. - * keygen.c (gen_card_key, gen_card_key_with_backup): Add new arg - TIMESTAMP. - (write_direct_sig, write_selfsigs, write_keybinding) - (make_backsig): Ditto. - (do_generate_keypair): Pass timestamp to all signing functions. - (generate_card_subkeypair): Ditto. - * keyedit.c (menu_backsign): Pass a new timestamp to all backsisg. - - * gpg.c (main): Disable keypad support. - * options.h (struct): Add field disable_keypad. - -2009-07-17 Werner Koch - - * keyring.c (keyring_rebuild_cache): Replace the assert by a - proper error message and allow to delete a bad keyblock. - -2009-07-16 Werner Koch - - * misc.c (has_invalid_email_chars): Let non-ascii characters pass - through. Fixes bug#1087. - -2009-06-24 Werner Koch - - * passphrase.c (passphrase_to_dek): Do not deref a PW of NULL. - * revoke.c (gen_revoke): Remove unused malloc of PK. - -2009-06-17 Werner Koch - - * parse-packet.c (parse): Use a casted -1 instead of a 32 bit - constant to check for a garbled package. Fixes bug#1040. - -2009-06-05 David Shaw - - * gpg.c (main): Remove Camellia restriction. - -2009-06-02 Werner Koch - - * gpgv.c (tty_cleanup_after_signal): Add new stub. - -2009-05-22 Werner Koch - - * signal.c (got_fatal_signal): Call tty_cleanup_after_signal. - -2009-05-20 Werner Koch - - * gpg.c (main): Fix --fingerprint/--with-fingerprint command - detection. Fixes bug#1044. - -2009-05-11 Werner Koch - - * apdu.c (send_le): Replace log_error by log_info. Fixes bug#1043. - - * skclist.c (build_sk_list): Use log_info for "duplicated entry". - Fixes bug#1045. - - * encode.c (encode_simple, encode_crypt): Print empty file warning - only in verbose mode. Closes bug#1039. - * sign.c (write_plaintext_packet): - -2009-05-06 Werner Koch - - * keyring.c (keyring_get_keyblock): Fix memory leak due to - ring_trust packets. Fixes bug#1034. - - * getkey.c (finish_lookup): Remove dead code. - -2009-05-05 Werner Koch - - * keygen.c (read_parameter_file): Add keyword "Creation-Date". - (output_control_s): s/create/creation/. - (enum para_name): Add pCREATIONDATE, pKEYCREATIONDATE. Remove - pCREATETIME. - (generate_keypair): Do not set old pCREATETIME. - (parse_creation_string): New. - (proc_parameter_file): Set pCREATIONDATE. - (do_generate_keypair): Remove arg TIMESTAMP. Set it using - pKEYCREATIONDATE. - (get_parameter_u32): Set a default pKEYCREATIONDATE. - - * tdbio.c (lookup_hashtable): Add const to function args. - (cmp_trec_fpr): Ditto. - (tdbio_search_trust_byfpr): Remove cast. - - * parse-packet.c (parse): Remove special treatment for compressed - new style packets. Fixes bug#931. - -2009-04-03 Werner Koch - - * gpgv.c (main): Pass readonly flag to keydb_add_resource. - * keydb.c (keydb_add_resource): Add arg READONLY. - -2009-03-20 David Shaw - - * keyring.c (rename_tmp_file): Force a fsync (via iobuf_ioctl) on - secret keyring files to be extra safe on filesystems that may not - sync data and metadata together (ext4). Also check return code - from the cache invalidation to make sure we're safe over NFS and - similar. - -2009-03-14 David Shaw - - * gpgv.c (strusage): Fix name of program in "Syntax" line. - -2009-02-09 Werner Koch - - * keylist.c (print_capabilities): Take care of cert-only keys. - Fixes bug#998. - -2009-02-03 David Shaw - - * keyserver.c (keyserver_typemap): gpgkeys_hkp handles hkps as - well. - -2008-12-21 David Shaw - - * gpg.c (main): Properly handle UTF8 usernames with --sign-key and - --lsign-key. - -2008-12-11 Werner Koch - - * sig-check.c (check_revocation_keys): Close message digest. - (signature_check2): Switch to SHA-1 for SIG_ID computation. This - is to match 2.0.10. - -2008-12-09 Werner Koch - - * keygen.c (proc_parameter_file): Check that key and subkey usages - are allowed. - -2008-11-18 David Shaw - - * trustdb.c (validate_one_keyblock): Fix the trust signature - calculations so that we lower the trust depth of signatures to fit - within the current chain, rather than discarding any signature - that does not fit within the trust depth. - -2008-10-03 David Shaw - - * main.h, mainproc.c (check_sig_and_print), - keylist.c (list_keyblock_print), pkclist.c (do_edit_ownertrust), - keyedit.c (menu_showphoto), photoid.c (generate_photo_id, - show_photos), misc.c (pct_expando): Add %v and %V expandos so - that displaying photo IDs can show the attribute validity - tag (%v) and string (%V). Originally by Daniel Gillmor. - -2008-09-24 David Shaw - - * keyedit.c (keyedit_menu): Fix bug where a modified keyring loses - its modified status after a "clean" or "minimize" that doesn't - need to do anything. - -2008-09-23 David Shaw - - * pkclist.c (select_algo_from_prefs): Redo function to rank prefs - and pick a consensus winner across all keys. - -2008-09-04 David Shaw - - * keyserver.c (keyserver_import_cert): Allow keyserver URLs in - addition to full URLs in CERT records. - -2008-08-11 Werner Koch - - * keygen.c (ask_expire_interval): Check for time overflow of an - u32. Fixes bug #947. Use SIZEOF_TIME_T for the 2039--2106 check. - -2008-08-01 Werner Koch - - * tdbio.c (open_db) [!EROFS]: Move closing parens out of the - ifdef. Reported by Ken Takusagawa. - -2008-04-30 Werner Koch - - * getkey.c (parse_auto_key_locate): Ignore nodefault and local - methods. - -2008-04-17 David Shaw - - * parse-packet.c (parse_key): Add constant for Camellia-192. - -2008-04-12 David Shaw - - * getkey.c (merge_selfsigs_subkey): If there are multiple 0x19 - backsigs, take the most recent one. - -2008-03-25 Werner Koch - - * keyserver.c (parse_keyrec): Take care of char defaulting to - unsigned when using hextobyte. - - * options.skel: Make the default keyserver keys.gnupg.net. - -2008-03-23 David Shaw - - * import.c (collapse_uids): Fix bug 894: possible memory - corruption around deduplication of user IDs. - -2008-03-17 David Shaw - - * parse-packet.c (parse_key): Parse a secret key encrypted with - Camellia. - -2008-02-09 Marcus Brinkmann - - * gpg.c (main): New variable default_configname. Use it if - save_configname is NULL (can happen if default configfile does - not exist). Move default configname determination to ... - (get_default_configname): ... this new function. - -2008-01-26 Werner Koch - - * card-util.c (get_manufacturer): Add vendor 004 and support for - the unmanaged range. - -2007-12-14 Werner Koch - - * gpg.c (main): Set opt.no_homedir_creation already on the first - option parsing pass. This is required so that the gpg_dearmor - tool won't create a ~/.gnupg. - -2007-12-12 Werner Koch - - * misc.c (print_pubkey_algo_note): Print a warning for type 20 keys. - (openpgp_pk_test_algo, openpgp_pk_algo_usage): Allow type 20 fro - encryption only with option --rfc2440. - * mainproc.c (proc_pubkey_enc): Ditto. - -2007-12-12 David Shaw - - * trustdb.c (sanitize_regexp): New. Protect against dangerous - regexps (malloc bombs) by force-commenting any characters aside - from the ones we explicitly want. - (check_regexp): Use it here before passing the regexp to - regcomp(). - -2007-12-11 Werner Koch - - * mainproc.c (proc_pubkey_enc): Allow type 20 Elgamal key for - decryption. - -2007-12-10 Werner Koch - - * cardglue.h (gpg_error_from_syserror): New. - - * app-openpgp.c (do_decipher): Take care of cryptograms shorter - that 128 bytes. Fixes bug#851. - - * import.c (auto_create_card_key_stub): Do not clear the entire - fingerprint. This finally makes the stub creation work. My past - tests seemed to work because there was a key with a all zero - fingerprint available (Elgamal signing keys). - -2007-12-08 Werner Koch - - * misc.c (openpgp_pk_algo_usage): Allow Elgamal type 20 for - encryption. - -2007-12-03 Werner Koch - - * keygen.c (ask_key_flags): Add a translation remark and implement - a workaround. - -2007-11-28 David Shaw - - * sig-check.c (do_check): Code to try both the incorrect and - correct SHA-224 DER prefixes when verifying a signature. See the - change itself for more discussion. - - * main.h, seskey.c (do_encode_md): Rename to pkcs1_encode_md and - make non-static. - - * gpg.c (print_algo_names): New. - (list_config): Use it here for the "ciphername" and "digestname" - config items so we can get a script-parseable list of the names. - -2007-11-19 Werner Koch - - * keyedit.c (keyedit_menu): String grammar fix. - -2007-11-12 Werner Koch - - * status.c (do_get_from_fd, do_shm_get): s/bool/getbool/ to - overcome problems with Mac OS 10.5 which seems to include - stdbool.h silently. - -2007-10-27 David Shaw - - * parse-packet.c (parse_onepass_sig): Sigclass is hex, so include - the 0x. - - * keyserver.c (keyserver_spawn): Cosmetic, but looks cleaner. - -2007-10-23 Werner Koch - - Switched entire package to GPLv3+. - -2007-10-22 David Shaw - - * gpg.c (main): Add --require-cross-certification to - --openpgp/--rfc4880 mode. - - * gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by - default. Enable --require-cross-certification by default. - --openpgp (--rfc4880) is the same as --rfc2440 except with - "--enable-dsa2 --no-rfc2440-text --escape-from-lines". - -2007-10-21 David Shaw - - * misc.c (compliance_option_string, compliance_failure): Minor - cleanup. - - * armor.c (is_armor_header): Comment about 4880. - -2007-10-17 David Shaw - - * options.h, gpg.c (main), misc.c (compliance_option_string): Add - --rfc4880, and make --openpgp an alias to it. --rfc2440 now - stands alone. For now, use the old 2440 defaults for 4880. - - * keyedit.c (keyedit_menu): Use compliance_option_string() instead - of printing the compliance modes here. - -2007-09-02 David Shaw - - * import.c (collapse_uids): Significant speedup for de-duping user - IDs. - -2007-08-24 Werner Koch - - * keyring.c (keyring_register_filename): Use same_file_p. - Suggested by Kurt Fitzner. - -2007-07-19 David Shaw - - * gpg.c (main): Fix typo. Noted by John Clizbe. - - * armor.c (parse_header_line): Improve test so that the header - test only allows "Hash" in the signed data section. - -2007-07-18 David Shaw - - * armor.c (is_armor_tag): New. Detect if an armor header matches - 2440bis-21. - (parse_header_line): Call it here, as bis-21 requires warning the - user (but continuing to process the message) when seeing an - unknown header. - -2007-07-09 Werner Koch - - * gpg.c: Better print an extra warning if Camellia has been - configured. - -2007-07-06 David Shaw - - * encode.c (encode_crypt): Missed one call to - setup_plaintext_name(). This is bug#809. - -2007-06-12 David Shaw - - * sign.c (mk_notation_policy_etc): expect all sigs that this is - called for are >=v4. - (write_signature_packets, make_keysig_packet): Only call it for - >=v4 sigs. This allows --force-v3-sigs and --force-v4-certs to - enable or disable notations, policies, and keyserver URLs. This - is bug#800. - -2007-05-09 Werner Koch - - * openfile.c (overwrite_filep, open_outfile) [W32]: Need to use - just "nul". Though, I am pretty sure that some MSDOS versions - grok the extra /dev/. - -2007-05-07 Werner Koch - - * openfile.c (open_outfile, overwrite_filep) [W32]: Use "/dev/nul". - -2007-04-16 David Shaw - - * packet.h, mainproc.c (reset_literals_seen): New function to - reset the literals count. - - * verify.c (verify_one_file), decrypt.c (decrypt_messages): Call - it here so we allow multiple literals in --multifile mode (in - different files - not concatenated together). - - * gpg.c, pkclist.c: #include for strcasecmp if it is - present. Note that autoconf protects us against a strings.h that - cannot be used together with string.h. - -2007-04-03 David Shaw - - * parse-packet.c (parse_marker): New. Enforce that the marker - contains 'P', 'G', 'P', and nothing but. - (parse): Call it here. - (skip_packet): No longer need to handle marker packets here. - -2007-03-14 David Shaw - - * keyserver.c: Windows Vista doesn't grok X_OK and so fails - access() tests. Previous versions interpreted X_OK as F_OK - anyway, so we'll just use F_OK directly. - -2007-03-08 Werner Koch - - * plaintext.c (handle_plaintext): Add two extra fflush for stdout. - -2007-03-06 David Shaw - - * keyedit.c (keyedit_menu): If we modify the keyblock (via - fix_keyblock() or collapse_uids()) make sure we reprocess the - keyblock so the flags are correct. Noted by Robin H. Johnson. - - * getkey.c (fixup_uidnode): Properly clear flags that don't apply - to us (revoked, expired) so that we can reprocess a uid. - -2007-03-01 David Shaw - - * options.h, gpg.c (main), mainproc.c (check_sig_and_print): Allow - multiple sig verification again as this is protected via the - multiple-messages code. - -2007-02-26 Werner Koch - - * gpg.c (main): Add verify option show-primary-uid-only. - * options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New. - * mainproc.c (check_sig_and_print): Implement it. - - * status.h (STATUS_ERROR): New status code. - * status.c (get_status_string): Ditto. - * mainproc.c (proc_plaintext): Emit it if multiple messages are - detected. - -2007-02-20 David Shaw - - * mainproc.c (literals_seen): New. - (proc_plaintext): Error out if more than one plaintext packet is - encountered - - * options.h, gpg.c: New option --allow-multiple-messages and --no - variant. - -2007-02-13 David Shaw - - * parse-packet.c (parse_signature): It's hex. - - * getkey.c (merge_selfsigs_subkey): Avoid listing the contents of - a backsig when list mode is on. Noted by Timo Schulz. - -2007-02-04 Werner Koch - - * parse-packet.c (parse_signature): Limit bytes read for an - unknown alogorithm. Fixes Debian bug#402592. - -2007-02-01 David Shaw - - * main.h, keygen.c (ask_expire_interval, parse_expire_string): - Pass in the time to use to calculate the expiration offset, rather - than querying it internally. Change all callers. - -2007-01-31 David Shaw - - * keygen.c (do_generate_keypair, proc_parameter_file) - (generate_keypair, generate_subkeypair): Pass a timestamp through - to all the gen_xxx functions. - - * keyedit.c (sign_uids): Another multiple to single timestamp - operation. - - * sign.c (write_plaintext_packet): Take timestamp from outside. - Change all callers. - (sign_file, clearsign_file, sign_symencrypt_file): Calculate one - timestamp for the whole transaction. Different timestamps for - each step can leak performance information. - - * main.h, keygen.c (ask_expiredate), keyedit.c (menu_expire): - Remove the need for ask_expiredate(). - -2007-01-30 David Shaw - - * keygen.c (make_backsig, write_direct_sig, write_selfsigs) - (write_keybinding): Have the various selfsigs created during key - generation use the timestamp of their parent key. This helps - avoid leaking information about the performance of the machine - where the keys were generated. Noted by Christian Danner. - -2007-01-15 Werner Koch - - * parse-packet.c (read_protected_v3_mpi): Make sure to stop - reading even for corrupted packets. - * keygen.c (generate_user_id): Need to allocate one byte more. - Reported by Felix von Leitner. - -2006-12-14 David Shaw - - * options.skel: Tweak some examples to match reality and update - the RFC for CERT now that it is out of draft. - -2006-12-13 David Shaw - - * Makefile.am: Install options.skel via dist_pkgdata_DATA so that - "make uninstall" works properly. - -2006-12-13 Werner Koch - - * gpgv.c, gpg.c: Do not include the now removed g10defs.h file. - -2006-12-11 Werner Koch - - * seskey.c (encode_session_key, do_encode_md): Use new - mpi_nlimb_hint_from_nbytes function. - * sign.c (do_sign): Ditto. - - * Makefile.am (AM_CPPFLAGS): Define GNUPG_LIBDIR. - * gpgv.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/. - * gpg.c (i18n_init): Ditto. - -2006-12-07 Werner Koch - - * Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR. - * openfile.c (copy_options_file): Use log_info and not log_error - to avoid error returns in case of a missing skeleton file. - -2006-12-04 Werner Koch - - * filter.h (armor_filter_context_t): New field REFCOUNT. - * armor.c (new_armor_context, release_armor_context) - (push_armor_filter): New. - (armor_filter): Call releae_armor_context for IOBUFCTRL_FREE. - * import.c (import): Use the new function here instead of the - old hack using the iobuf_push_filter2. - * keyserver.c (keyserver_spawn): Ditto. - -2006-12-03 Werner Koch - - * keyedit.c (menu_clean): Made strings translatable. - -2006-12-03 David Shaw - - * keyedit.c (menu_clean): Show "already minimized" rather than - "already clean" when a minimized key is minimized again. From - Dirk Traulsen. - -2006-12-02 David Shaw - - * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add - --passphrase-repeat option to control how many times gpg will - re-prompt for a passphrase to ensure the user has typed it - correctly. Defaults to 1. - -2006-12-02 Werner Koch - - * encr-data.c: Allocate DFX context on the heap and not on the - stack. Changes at several places. Fixes CVE-2006-6235. - -2006-11-27 Werner Koch - - * openfile.c (ask_outfile_name): Fixed buffer overflow occurring - if make_printable_string returns a longer string. Fixes bug 728. - -2006-10-23 Werner Koch - - * gpg.c (main): New command --gpgconf-list. - -2006-10-12 David Shaw - - * parse-packet.c (parse_symkeyenc): Show the unpacked as well as - the packed s2k iteration count. - - * main.h, options.h, gpg.c (encode_s2k_iterations, main), - passphrase.c (hash_passphrase): Add --s2k-count option to specify - the number of s2k hash iterations. - -2006-10-06 David Shaw - - * keyserver.c (keyserver_spawn): Write the 16-digit keyid rather - than whatever key selector the user used on the command line. - -2006-10-02 Werner Koch - - * encr-data.c (decrypt_data, mdc_decode_filter): Check the MDC - right here and don't let parse-packet handle the MDC. - -2006-08-21 Werner Koch - - * skclist.c (is_insecure): Also test for uppercase version of the - insecure string. - -2006-07-31 Werner Koch - - * openfile.c (open_outfile) [USE_ONLY_8DOT3]: Search backwards for - the dot. Fixes bug 654. - - * passphrase.c (agent_open): Use log_info instead of log_error to - allow a fallback without having gpg return an error code. Fixes - bug #655. - - * encode.c (encode_crypt_files): Invalidate the whole fd cache. - This is a workaround for problems in iobuf's stupid fd cache. - * decrypt.c (decrypt_messages): Ditto. - * verify.c (verify_files): Ditto. - -2006-07-26 Werner Koch - - * keygen.c (gen_card_key_with_backup): Initialize sk_{un}protected. - - * import.c (import): Initialize KEYBLOCK. - - * pkclist.c (edit_ownertrust): Intialize trust to avoid gcc - warning. - - * parse-packet.c (parse_comment): Cap comments at 65k. - (parse_gpg_control): Skip too large control packets. - -2006-06-28 David Shaw - - * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): - Pass a union for preference hints rather than doing void * games. - - * sign.c (sign_file): Use it here. - - * sign.c (sign_file): When signing with multiple DSA keys, one - being DSA1 and one being DSA2 and encrypting at the same time, if - the recipient preferences give a hash that can work with the DSA2 - key, then allow the DSA1 key to be promoted rather than giving up - and using hash_for(). - - * pkclist.c (algo_available): Automatically enable DSA2 mode when - handling a key that clearly isn't DSA1 (i.e. q!=160). - -2006-06-28 Werner Koch - - * import.c (check_prefs_warning): Fix change for better - translatability. - - * app-openpgp.c (do_writekey): Fixed computation of memmove - length. This led to garbled keys if E was larger than one byte. - Thanks to Achim Pietig for hinting at the garbled E. - -2006-06-27 Werner Koch - - * gpg.c (reopen_std) [HAVE_W32_SYSTEM]: Do not use it. - -2006-06-22 David Shaw - - * options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs, - keygen_add_std_prefs, proc_parameter_file): Add - --default-keyserver-url to specify a keyserver URL at key - generation time, and "Keyserver:" keyword for doing the same - through a batch file. - - * sign.c (do_sign): Accept a truncated hash even for DSA1 keys (be - liberal in what you accept, etc). - -2006-06-12 David Shaw - - * import.c (import_one): Add a flag (from_sk) so we don't check - prefs on an autoconverted public key. The check should only - happen on the sk side. Noted by Dirk Traulsen. - -2006-06-09 David Shaw - - * keygen.c (gen_card_key): Add optional argument to return a - pointer (not a copy) of the stub secret key for the secret key we - just generated on the card. - (generate_card_subkeypair): Use it here so that the signing key on - the card can use the card to generate the 0x19 backsig on the - primary key. Noted by Janko Heilgeist and Jonas Oberg. - - * parse-packet.c (parse_user_id): Cap the user ID size at 2048 - bytes. This prevents a memory allocation attack with a very large - user ID. A very large packet length could even cause the - allocation (a u32) to wrap around to a small number. Noted by - Evgeny Legerov on full-disclosure. - -2006-05-25 David Shaw - - * keygen.c (gen_dsa): Allow generating DSA2 keys - (allow specifying sizes > 1024 when --enable-dsa2 is set). The - size of q is set automatically based on the key size. - (ask_keysize, generate_keypair): Ask for DSA size when - --enable-dsa2 is set. - -2006-05-24 David Shaw - - * exec.c (make_tempdir): Fix bug with a temporary directory on - Win32 that is over 256 bytes long. Noted by Israel G. Lugo. - -2006-05-23 David Shaw - - * gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we - are called with them closed. This is to protect our - keyring/trustdb files from corruption if they get attached to one - of the standard fds. Print a warning if possible that this has - happened, and fail completely if we cannot reopen (should never - happen). - (main): Call it here. - -2006-05-22 David Shaw - - * parse-packet.c (dump_sig_subpkt, parse_signature), - build-packet.c (build_sig_subpkt_from_sig), getkey.c - (fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey), - keygen.c (keygen_add_key_expire): Fix meaning of key expiration - and sig expiration subpackets - zero means "never expire" - according to 2440, not "expire instantly". - - * getkey.c (get_pubkey_byname), import.c (import_one): Fix key - selection problem when auto-key-locate returns a list of keys, not - all of which are usable (revoked, expired, etc). Noted by Simon - Josefsson. - -2006-04-26 David Shaw - - * keyserver.c (direct_uri_map): New. - (keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx - helpers when the meaning is different if a path is provided - (i.e. ldap). - (keyserver_import_cert): Show warning if there is a CERT - fingerprint, but no --keyserver set. - -2006-04-22 David Shaw - - * keyserver.c: Fix build problem with platforms that stick libcurl - in a place not in the regular include search path. - -2006-04-20 David Shaw - - * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. - Defaults to disable. - - * pkclist.c (algo_available): If --enable-dsa2 is set, we're - allowed to truncate hashes to fit DSA keys. - - * sign.c (match_dsa_hash): New. Return the best match hash for a - given q size. - (do_sign, hash_for, sign_file): When signing with a DSA key, if it - has q==160, assume it is an old DSA key and don't allow truncation - unless --enable-dsa2 is also set. q!=160 always allows truncation - since they must be DSA2 keys. - (make_keysig_packet): If the user doesn't specify a - --cert-digest-algo, use match_dsa_hash to pick the best hash for - key signatures. - -2006-04-19 David Shaw - - * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): - Add SHA-224. - - * sign.c (write_plaintext_packet), encode.c (encode_simple): - Factor common literal packet setup code from here, to... - - * main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure - the literal packet filename field is UTF-8 encoded. - - * options.h, gpg.c (main): Make sure --set-filename is UTF-8 - encoded and note when filenames are already UTF-8. - -2006-04-18 David Shaw - - * keyedit.c (menu_backsign): Give some more verbose errors when we - have no need to backsign. - -2006-04-11 David Shaw - - * options.skel, photoid.c (get_default_photo_command): Find an - image viewer at runtime. Seems FC5 doesn't have xloadimage. - -2006-04-08 David Shaw - - * getkey.c (parse_auto_key_locate): Fix dupe-removal code. - - * keyedit.c (menu_backsign): Allow backsigning even if the secret - subkey doesn't have a binding signature. - - * armor.c (radix64_read): Don't report EOF when reading only a pad - (=) character. The EOF actually starts after the pad. - - * gpg.c (main): Make --export, --send-keys, --recv-keys, - --refresh-keys, and --fetch-keys follow their arguments from left - to right. Suggested by Peter Palfrader. - -2006-04-08 Werner Koch - - * mainproc.c (list_node): Print ring trust value only if not empty - and --with-colons has been given. - -2006-04-05 Werner Koch - - * getkey.c (user_id_not_found_utf8): New. - (get_primary_uid, get_user_id): Use it. Fixes Debian bug #205028 - in the right way. - -2006-04-03 Werner Koch - - * import.c (check_prefs_warning): Merged strings for better - translation. - - * gpg.c (main) [__GLIBC__]: Default to libpcsclite.so.1. - - * status.h, status.c (STATUS_BEGIN_SIGNING): New. Suggested by - Daiki Ueno. - * textfilter.c (copy_clearsig_text): Issue new status code. - * sign.c (sign_file, sign_symencrypt_file): Ditto. - -2006-03-31 David Shaw - - * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve - unlock. Fix strings to not start with a capital letter as per - convention. - -2006-03-30 David Shaw - - * main.h, seskey.c (encode_md_value): Modify to allow a q size - greater than 160 bits as per DSA2. This will allow us to verify - and issue DSA2 signatures for some backwards compatibility once we - start generating DSA2 keys. - * sign.c (do_sign), sig-check.c (do_check): Change all callers. - - * sign.c (do_sign): Enforce the 160-bit check for new signatures - here since encode_md_value can handle non-160-bit digests now. - This will need to come out once the standard for DSA2 is firmed - up. - -2006-03-28 Werner Koch - - * openfile.c (overwrite_filep): Fix small cpr issue. Noted by - Daiki Ueno. - -2006-03-22 David Shaw - - * getkey.c (parse_auto_key_locate): Silently strip out duplicates - rather than causing an error. - -2006-03-22 Werner Koch - - * sig-check.c (signature_check2): Changed warning URL to include faq. - * misc.c (idea_cipher_warn): Ditto. - -2006-03-22 David Shaw - - * mainproc.c (get_pka_address): Fix bug introduced as part of - sig_to_notation conversion. Noted by Peter Palfradrer. - -2006-03-21 Werner Koch - - * cardglue.c (agent_scd_pksign): Allow the use of ripemd-160 along - with scdaemon. - -2006-03-16 David Shaw - - * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type - for both the fingerprint alone, and fingerprint+URL cases. - - * getkey.c (get_pubkey_byname): Minor cleanup. - -2006-03-13 David Shaw - - * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use - the same API as the other auto-key-locate fetchers. - - * getkey.c (get_pubkey_byname): Use the fingerprint of the key - that we actually fetched. This helps prevent problems where the - key that we fetched doesn't have the same name that we used to - fetch it. In the case of CERT and PKA, this is an actual security - requirement as the URL might point to a key put in by an attacker. - By forcing the use of the fingerprint, we won't use the attacker's - key here. - - * keyserver-internal.h, keyserver.c (keyserver_spawn, - keyserver_work, keyserver_import_cert, keyserver_import_name, - keyserver_import_ldap): Pass fingerprint info through. - - * main.h, import.c (import_one): Optionally return the fingerprint - of the key being imported. - (import_keys_internal, import_keys_stream, import): Change all - callers. - -2006-03-12 David Shaw - - * sig-check.c (signature_check2): Print the backsig warning when - there is no backsig present. Give a URL for more information. - - * keyedit.c (menu_backsign): Small tweak to work properly with - keys originally generated with older GnuPGs that included comments - in the secret keys. - -2006-03-10 Werner Koch - - * card-util.c (get_manufacturer): Added Vendor 3 - -2006-03-09 David Shaw - - * build-packet.c (string_to_notation): Add ability to indicate a - notation to be deleted with a '-' prefix. - - * keyedit.c (menu_set_notation): Use it here to allow deleting a - notation marked with '-'. This works with either "-notation" or - "-notation=value". - -2006-03-08 David Shaw - - * keyedit.c (menu_set_notation): New function to set notations on - self-signatures. - (keyedit_menu): Call it here. - (tty_print_notations): Helper. - (show_prefs): Show notations in "showpref". - - * mainproc.c (get_pka_address) - * keylist.c (show_notation): Remove - duplicate code by using notation functions. - - * packet.h, build-packet.c (sig_to_notation) - * keygen.c (keygen_add_notations): Provide printable text for - non-human-readable notation values. - - * packet.h, build-packet.c (sig_to_notation) - * keygen.c (keygen_add_notations): Tweak to handle non-human-readable - notation values. - - * options.h, sign.c (mk_notation_policy_etc) - * gpg.c (add_notation_data): Use it here for the various notation - commands. - - * packet.h, main.h, keygen.c (keygen_add_notations) - * build-packet.c (string_to_notation, sig_to_notation) - (free_notation): New "one stop shopping" functions to handle - notations and start removing some code duplication. - -2006-03-08 Werner Koch - - * mainproc.c (do_check_sig): Use log_error for standalone revocations. - -2006-03-07 David Shaw - - * options.h, mainproc.c (check_sig_and_print), gpg.c (main): - pka-lookups, not pka-lookup. - - * options.h, gpg.c (main), keyedit.c [cmds], sig-check.c - (signature_check2): Rename "backsign" to "cross-certify" as a more - accurate name. - - * options.h, gpg.c (main, parse_trust_model), pkclist.c - (check_signatures_trust), mainproc.c (check_sig_and_print, - pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so - that it is a verify-option now. - -2006-03-07 Werner Koch - - * mainproc.c (proc_signature_packets): Return any_sig_seen to caller. - (check_sig_and_print): Option to partly allow the old behaviour. - * gpg.c: New option --allow-multisig-verification. - -2006-03-06 David Shaw - - * sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as - that is not a PGP 2.x algorithm. - - * mainproc.c (proc_compressed): "Uncompressed" is not a valid - compression algorithm. - -2006-03-06 Werner Koch - - * mainproc.c (check_sig_and_print): Made the composition test more - tight. This is due to another bug report by Tavis Ormandy. - (add_onepass_sig): Simplified. - -2006-03-05 Werner Koch - - * plaintext.c (handle_plaintext): Replace assert by explict error - conflict message. Reported by Tavis Ormandy. - -2006-03-02 Werner Koch - - * cardglue.c (check_card_serialno): Don't ask in batch mode. - -2006-03-01 David Shaw - - * getkey.c (parse_auto_key_locate): Error if the user selects - "cert" or "pka" when those features are disabled. - - * misc.c (has_invalid_email_chars): Fix some C syntax that broke - the compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha. Noted - by Nelson H. F. Beebe. - -2006-02-27 David Shaw - - * options.skel: Document auto-key-locate and give a pointer to - Simon Josefsson's page for CERT. - -2006-02-24 David Shaw - - * keydb.h, getkey.c (release_akl), gpg.c (main): Add - --no-auto-key-locate. - - * options.h, gpg.c (main): Keep track of each keyserver registered - so we can match on them later. - - * keyserver-internal.h, keyserver.c (cmp_keyserver_spec, - keyserver_match), gpgv.c: New. Find a keyserver that matches ours - and return its spec. - - * getkey.c (get_pubkey_byname): Use it here to get the - per-keyserver options from an earlier keyserver. - -2006-02-23 David Shaw - - * keyserver.c (parse_keyserver_options): Only change max_cert if - it is used. - - * options.c, gpg.c (main), keyserver.c (keyserver_spawn): No - special treatment of include-revoked, include-subkeys, and - try-dns-srv. These are keyserver features, and GPG shouldn't get - involved here. - - * keyserver.c (parse_keyserver_uri, add_canonical_option): Always - append options to the list, as ordering may be significant to the - user. - - * gpg.c (add_notation_data): Fix reversed logic for isascii check - when adding notations. Noted by Christian Biere. - - * options.h, keyserver.c (add_canonical_option): New. - (parse_keyserver_options): Moved from here. - (parse_keyserver_uri): Use it here so each keyserver can have some - private options in addition to the main keyserver-options - (e.g. per-keyserver auth). - -2006-02-22 David Shaw - - * options.h, keyserver-internal.h, keyserver.c - (keyserver_import_name), getkey.c (free_akl, - parse_auto_key_locate, get_pubkey_byname): The obvious next step: - allow arbitrary keyservers in the auto-key-locate list. - - * options.h, keyserver.c (parse_keyserver_options): Remove - auto-cert-retrieve as it is no longer meaningful. Add - max-cert-size to allow users to pick a max key size retrieved via - CERT. - - * options.h, gpg.c (main), mainproc.c (check_sig_and_print), - keyserver.c (keyserver_opts): Rename auto-pka-retrieve to - honor-pka-record to be consistent with honor-keyserver-url. - - * options.h, keydb.h, g10.c (main), getkey.c - (parse_auto_key_locate): Parse a list of key access methods. - (get_pubkey_byname): Walk the list here to try and retrieve keys - we don't have locally. - -2006-02-21 David Shaw - - * getkey.c (get_pubkey_byname): Fix minor security problem with - PKA when importing at -r time. The URL in the PKA record may - point to a key put in by an attacker. Fix is to use the - fingerprint from the PKA record as the recipient. This ensures - that the PKA record is followed. - - * keyserver-internal.h, keyserver.c (keyserver_import_pka): Return - the fingerprint we requested. - - * gpgv.c: Stub keyserver_import_ldap. - - * keyserver-internal.h, keyserver.c (keyserver_import_ldap): - Import using the PGP Universal trick of asking - ldap://keys.(maildomain) for the key. - -2006-02-20 David Shaw - - * keyserver.c (parse_keyserver_uri): Include the scheme in the uri - even when we've assumed "hkp" when there was no scheme. - -2006-02-20 Werner Koch - - * apdu.c (open_pcsc_reader): As a precaution set LIST to NULL - after free. - -2006-02-14 Werner Koch - - * verify.c (verify_signatures): Print warning also for NO_DATA. - - * mainproc.c (struct mainproc_context): New field any_sig_seen. - (add_signature): Set it. - (proc_signature_packets): Test and return NO_DATA. - -2006-02-09 Werner Koch - - * gpg.c (main) : Disable random locking. - -2006-02-06 Werner Koch - - * ccid-driver.c, ccid-driver.h: Updated from GnuPG 1.9. Changes: - * ccid-driver.h (CCID_DRIVER_ERR_NO_KEYPAD): New. - * ccid-driver.c (send_escape_cmd): New args RESULT, RESULTLEN and - RESULTMAX. Changed all callers. - (ccid_transceive_escape): New. - * ccid-driver.c (special_transport): New - (ccid_open_reader, do_close_reader, ccid_shutdown_reader) - (bulk_out, bulk_in): Add support for CardMan 4040 reader. - * ccid-driver.c (scan_or_find_devices): Factored most code out to - (scan_or_find_usb_device): .. new. - (make_reader_id): Fixed vendor mask. - -2006-01-24 David Shaw - - * keyserver.c (parse_keyserver_uri): If there is a path present, - set the direct_uri flag so the right keyserver helper is run. - -2006-01-22 David Shaw - - * keyserver.c (keyserver_spawn): Include the EXEEXT so we can find - keyserver helpers on systems that use extensions. - - * misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing - with drive letter systems. - -2006-01-17 David Shaw - - * keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a - passphrase as if it was used (move from next_pw to last_pw). - - * pubkey-enc.c (get_session_key): Use it here to handle the case - where a passphrase happens to be correct for a secret key, but yet - that key isn't the anonymous recipient (i.e. the secret key could - be decrypted, but not the session key). This also handles the - case where a secret key is located on a card and a secret key with - no passphrase. Note this does not fix bug 594 (anonymous - recipients on smartcard do not work) - it just prevents the - anonymous search from stopping when the card is encountered. - -2006-01-07 David Shaw - - * keyserver.c (keyserver_refresh): Fix problem when more than one - key in a refresh batch has a preferred keyserver set. Noted by - Nicolas Rachinsky. - -2006-01-01 David Shaw - - * mainproc.c (check_sig_and_print), keyserver.c - (keyserver_import_pka), card-util.c (fetch_url): Always require a - scheme:// for keyserver URLs except when used as part of the - --keyserver command for backwards compatibility. - - * sign.c (write_signature_packets): Lost a digest_algo line. - - * sign.c (hash_for): Add code to detect if the sk lives on a smart - card. If it does, only allow 160-bit hashes, a la DSA. This - involves passing the *sk in, so change all callers. This is - correct for today, given the current 160-bit q in DSA, and the - current SHA-1/RIPEMD160 support in the openpgp card. It will - almost certainly need changing down the road. - - * app-openpgp.c (do_sign): Give user error if hash algorithm is - not supported by the card. - -2005-12-23 David Shaw - - * keyserver.c (keyserver_import_pka): New. Moved from - getkey.c:get_pubkey_byname which was getting crowded. - - * keyserver.c (keyserver_import_cert): Import a key found in DNS - via CERT records. Can handle both the PGP (actual key) and IPGP - (URL) CERT types. - - * getkey.c (get_pubkey_byname): Call them both here. - - * options.h, keyserver.c (parse_keyserver_options): Add - "auto-cert-retrieve" option with optional max size argument. - - * gpgv.c: Stubs. - - * keyserver-internal.h, keyserver.c (keyserver_spawn, - keyserver_work, keygerver_getname): New keyserver_getname function - to fetch keys by name. - - * getkey.c (get_pubkey_byname): Call it here to enable locating - keys by full mailbox from a keyserver a la PKA. Try PKA first, - though, as it is likely to be faster. - -2005-12-20 Werner Koch - - * gpg.c: New option --allow-pka-lookup. - (parse_trust_model): Add "+pka" variants. - (main): Make KEYSERVER_AUTO_PKA_RETRIEVE teh default. - * options.h (opt): New fields PKA_TRUST_INCREASE and - ALLOW_PKA_LOOKUP. - * status.h (STATUS_PKA_TRUST_BAD, STATUS_PKA_TRUST_GOOD): New. - * pkclist.c (check_signatures_trust): Increase trust due to valid - PKA only if that new option has been set. Issue new status lines. - * trustdb.c (init_trustdb): Print info if this option is active. - * getkey.c (get_pubkey_byname): Honor allow-pka-lookup. - * mainproc.c (pka_uri_from_sig): Ditto. - - * trustdb.c (validate_keys): Print no "ultimately trusted keys - found" only in non-quiet mode. - -2005-12-19 David Shaw - - * getkey.c (merge_selfsigs_main): All primary keys can certify. - -2005-12-18 David Shaw - - * gpg.c (main): Restore convert-sk-to-pk as programs rely on it. - - * keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT - flag. It's no longer needed. - -2005-12-14 David Shaw - - * gpg.c (main): Don't default to import-options convert-sk-to-pk. - It causes confusing warning messages when importing a PGP-exported - key that contains a secret key without selfsigs followed by the - public key. - -2005-12-08 David Shaw - - * keyserver.c (keyserver_fetch): Switch on fast-import before we - --fetch-keys so we don't rebuild the trustdb after each fetch. - -2005-12-08 Werner Koch - - * gpg.c (main): Check for DBCS lead byte when converting the - homedir. By Kazuyoshi Kakihara. Fixes PR561. - - * keyserver.c (keyserver_fetch): Made strings translatable. - -2005-12-08 David Shaw - - * options.h, keyserver.c (curl_cant_handle, keyserver_spawn) - (keyserver_fetch): Set a flag to indicate that we're doing a direct - URI fetch so we can differentiate between a keyserver operation - and a URI fetch for protocols like LDAP that can do either. - -2005-12-07 David Shaw - - * keyserver.c (keyserver_spawn): Don't print "searching for key - 00000000" when fetching a URI. - - * keyserver-internal.h, keyserver.c (keyserver_fetch): New. Fetch - an arbitrary URI using the keyserver helpers. - - * gpg.c (main): Call it from here for --fetch-keys. - -2005-12-07 Werner Koch - - * pkclist.c (do_we_trust): Add NOTREACHED comment. - -2005-11-20 David Shaw - - * main.h, keylist.c (print_revokers): New. Print the "rvk" - designated revoker record. Moved from - keyedit.c:show_key_with_all_names_colon. - - * keylist.c (list_keyblock_colon): Use it here ... - - * keyedit.c (show_key_with_all_names_colon): ... and here. - -2005-11-19 David Shaw - - * free-packet.c (copy_secret_key): Copy secret key into secure - memory since we may unprotect it. - - * main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local - user support so users can use -u with --desig-revoke. This - bypasses the interactive walk over the revocation keys. - -2005-11-17 David Shaw - - * keyedit.c (keyedit_menu, menu_clean): Simplify clean options to - just "clean", and add "minimize". - - * import.c (parse_import_options): Make help text match the export - versions of the options. - - * options.h, export.c (parse_export_options, do_export_stream): - Reduce clean options to two: clean and minimize. - - * trustdb.h, trustdb.c (clean_one_uid): New function that joins - uid and sig cleaning into one for a simple API outside trustdb. - -2005-11-13 David Shaw - - * armor.c (parse_header_line): A fussy bit of 2440: header lines - are delimited with a colon-space pair. Therefore a line such as - "Comment: " (with a trailing space) is actually legal, albeit not - particularly useful. - -2005-11-11 David Shaw - - * trustdb.h, trustdb.c (clean_key): New function to handle key - cleaning from one convenient place. - - * options.h, import.c (parse_import_options, - clean_sigs_from_all_uids, import_one): Reduce clean options to - two: clean and minimize. - - * parse-packet.c (setup_user_id): Remove. - (parse_user_id, parse_attribute): Just use xmalloc_clear instead. - - * trustdb.c (clean_uid_from_key, clean_uids_from_key): - Significantly simpler implementation. - -2005-11-10 David Shaw - - * keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add - "minimize" command. - - * packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c - (clean_uids_from_key): Fix display bug where sigs cleaned for - other reasons caused a uid to appear as if it had been compacted. - - * packet.h: Move some flags to a bitfield. Change all callers. - - * options.h, import.c (parse_import_options, - clean_sigs_from_all_uids, import_one): Add import-minimal option. - Similar to export-minimal, except it works on the way in. - - * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove - all non-selfsigs from key during cleaning. Change all callers. - - * export.c (do_export_stream): Use it here for export-minimal so - we don't need additional minimize code in the export path. - -2005-11-06 David Shaw - - * options.skel: Add a section for --encrypt-to. This is Debian - bug 336211 by Javier Fernández-Sanguino Peña. - -2005-11-05 David Shaw - - * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. - Strictly speaking this should be only in gpg_CPPFLAGS, but then we - have to compile everything twice for gpg and gpgv. - - * apdu.c (open_pcsc_reader): Fix double free. - - * gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X - location. Suggested by Patty A. Hardy. - -2005-11-02 David Shaw - - * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable - keys in the sigs that are cleaned. Suggested by Dirk Traulsen and - many others. - -2005-11-01 David Shaw - - * import.c (import_one): Do collapse_uids() before we do any - cleaning so keyserver mangled keys with doubled user IDs can be - properly cleaned - possibly sigs on the different user IDs cancel - each other out. - - * import.c (parse_import_options), export.c - (parse_export_options): List "xxx-clean" before the longer options - so we don't end up with a partial match on the longer options. - - * trustdb.c (clean_uids_from_key): Return proper number of cleaned - user IDs. Don't count user IDs as cleaned unless we actually - delete something. - -2005-10-27 David Shaw - - * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix - problem with adding a cert-only designated revoker. Code was - looking for a key with sign ability, and not cert ability. Noted - by Timo Schulz. - -2005-10-27 Werner Koch - - * gpg.c [__CYGWIN__]: Set default driver to winscard.dll. - - * apdu.c, apdu.h: Updated from gnupg 1.9. Changes are: - * apdu.c [__CYGWIN__]: Make cygwin environment similar to _WIN32. - Suggested by John P. Clizbe. - * apdu.h (SW_HOST_NO_KEYPAD): New. - * apdu.c (host_sw_string): Support new code. - (reader_table_s): New field CHECK_KEYPAD. - (new_reader_slot, open_ct_reader, open_pcsc_reader) - (open_ccid_reader, open_rapdu_reader): Initialize it. - (check_ccid_keypad): New. - (apdu_check_keypad): New. - (apdu_send_le): Factored all code out to ... - (send_le): .. new. Takes an additional arg; changed all callers - of the orginal function to use this one with a NULL for the new - arg. - (apdu_send_simple_kp): New. - (ct_send_apdu, pcsc_send_apdu, my_rapdu_send_apdu) - (send_apdu_ccid): New arg PININFO. - (send_apdu_ccid): Use the new arg. - -2005-10-26 David Shaw - - * keygen.c (proc_parameter_file): Default key and subkey usage - flags to algo capabilities if parameter file doesn't specify them. - Noted by Timo Schulz. - -2005-10-18 Werner Koch - - * cardglue.c (pin_cb): Fixed prompt for repeated PIN. Return - G10ERR_CANCELED and not just -1. - (status_sc_op_failure): New. Use it where we issue that status. - (pin_cb): Append serial number to the need-pin status message. - (agent_scd_change_pin): Add arg SERIALNO. Changed all callers. - (agent_scd_writekey): Ditto. - (agent_scd_setattr): Ditto. - (agent_scd_genkey): Ditto. - (agent_scd_checkpin): Pass serialno to the pin_cb. - - * keygen.c (parse_expire_string): Allow setting the expire - interval using a "seconds=" syntax. This is useful for - debugging. - -2005-10-17 Werner Koch - - * export.c (do_export_stream): Factored some code out to ... - (skip_subkey_p): .. new. - (subkey_in_list_p, release_subkey_list): New. - (new_subkey_list_item): New. - (do_export_stream): Export exactly specified subkeys into one - keyblock. - -2005-10-13 David Shaw - - * keyedit.c (keyedit_menu, menu_backsign): New "backsign" command - to add 0x19 backsigs to old keys that don't have them. - - * misc.c (parse_options): Fix build warning. - - * main.h, keygen.c (make_backsig): Make public. - -2005-10-12 David Shaw - - * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), - sig-check.c (signature_check2): Add --require-backsigs and - --no-require-backsigs. Currently defaults to - --no-require-backsigs. - -2005-10-11 David Shaw - - * getkey.c (merge_selfsigs_subkey), sig-check.c - (signature_check2), keygen.c (make_backsig): Did some backsig - interop testing with the PGP folks. All is well, so I'm turning - generation of backsigs on for new keys. Checking for backsigs on - verification is still off. - -2005-10-05 Werner Koch - - * g10.c: Renamed to .. - * gpg.c: ..this. - * Makefile.am: Adjusted accordingly. - -2005-09-22 Werner Koch - - * sign.c (write_plaintext_packet): Don't print an empty file - warning if the file is actually too large. - * encode.c (encode_simple,encode_crypt): Ditto. - * progress.c (handle_progress): Adjusted for iobuf_get_filelength - change. - * photoid.c (generate_photo_id): Ditto. - -2005-09-20 Werner Koch - - * mainproc.c (proc_symkey_enc): Take care of a canceled passphrase - prompt. - -2005-09-19 David Shaw - - * keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder - attribute IDs as well as regular text IDs. - - * plaintext.c (ask_for_detached_datafile): Use make_filename() on - filename so tilde expansion works. - -2005-09-14 David Shaw - - * main.h, misc.c (parse_options): Add the ability to have help - strings in xxx-options commands. - - * keyserver.c (keyserver_opts), import.c (parse_import_options), - export.c (parse_export_options), g10.c (parse_list_options, main): - Add help strings to xxx-options. - -2005-09-10 David Shaw - - * keyedit.c (show_names): Moved name display code out from - show_key_with_all_names. - (keyedit_menu): Call it here for pref and showpref so they can - show only the selected user ID. Suggested by Timo Schulz. - -2005-09-07 Werner Koch - - * cardglue.h (GPG_ERR_TOO_LARGE): New. - - * apdu.c, apdu.h, iso7816.c, iso7816.h - * ccid-driver.c, ccid-driver.h: Updated from GnuPG 1.9 source. - Changes are: - * iso7816.c (iso7816_select_path): New. - * iso7816.c (iso7816_read_binary): Use Le=0 when reading all - data. Handle 6C00 error and take 6B00 as indication for EOF. - * apdu.h (SW_EXACT_LENGTH_P): New. - * apdu.c (new_reader_slot, reset_pcsc_reader, pcsc_get_status) - (open_pcsc_reader): Set new reader state IS_T0. - (apdu_send_le): When doing T=0 make sure not to send Lc and Le. - Problem reported by Carl Meijer. - (apdu_send_direct): Initialize RESULTLEN. - - * misc.c (parse_options): Allow meta option "help" to list all - options and to exit the program. - -2005-09-02 David Shaw - - * parse-packet.c (enum_sig_subpkt, parse_signature, - parse_attribute_subpkts): Make a number of warnings verbose items. - These fire on many slightly mangled keys in the field, so the - warning is becoming burdensome. - -2005-09-01 David Shaw - - * photoid.h, photoid.c (generate_photo_id): Allow passing in a - suggested filename. - - * keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto - filename" works. - -2005-08-31 David Shaw - - * photoid.c (generate_photo_id): Enable readline completion and - tilde expansion for the JPEG prompt. - -2005-08-30 Werner Koch - - * passphrase.c (agent_open): Print a warning and not an error in - case of a missing agent. Should fix Debian bug #325578. - -2005-08-26 David Shaw - - * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for - signing algorithms. - - * keyedit.c (sign_uids): Don't request a signing key to make a - certification. - - * keygen.c (do_add_key_flags): Force the certify flag on for all - primary keys, as the spec requires primary keys must be able to - certify (if nothing else, which key is going to issue the user ID - signature?) - (print_key_flags): Show certify flag. - (ask_key_flags, ask_algo): Don't allow setting the C flag for - subkeys. - - * keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): - Distinguish between a sign/certify key and a certify-only key. - - * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode. - Suggested by Michael Schierl. - -2005-08-21 David Shaw - - * Makefile.am: No need to link with curl any longer. - - * main.h, misc.c (path_access): New. Same as access() but does a - PATH search like execlp. - - * keyserver.c (curl_can_handle): Removed. Replaced by... - (curl_cant_handle): We are now relying on curl as the handler of - last resort. This is necessary because PGP LDAP and curl LDAP are - apples and oranges. - (keyserver_typemap): Only test for ldap and ldaps. - (keyserver_spawn): If a given handler is unusable (as determined - by path_access()) then try gpgkeys_curl. - - * exec.h, exec.c (make_tempdir, expand_args, exec_write, - exec_read): Minor cleanup to use bitfield flags instead of a bunch - of integers. - -2005-08-20 David Shaw - - * g10.c (main): Add aliases sign-with->local-user and - user->recipient to make switching from PGP command line to GPG - easier. - -2005-08-19 David Shaw - - * options.skel: Remove the surfnet LDAP keyserver from the list of - samples since it is being shut down. - - * getkey.c (classify_user_id): Disable the '.' and '+' search - modes since they aren't supported yet. - -2005-08-05 David Shaw - - * g10.c (main), passphrase.c (set_passphrase_from_string): New - --passphrase command line option. Only useful in very special - circumstances. - -2005-08-05 Werner Koch - - * gpgv.c (keyserver_import_fprint): New stub. - - * keygen.c (ask_user_id): Moved email checking code out to .. - * misc.c (is_valid_mailbox): .. new. - * mainproc.c (get_pka_address): Use it here. - * getkey.c (get_pubkey_byname): Add falback to auto-retrieve a key - via the PKA mechanism. - - * options.h (KEYSERVER_AUTO_PKA_RETRIEVE): New. - * keyserver.c (keyserver_opts): Ditto. - * mainproc.c (check_sig_and_print): Use it here to retrieve keys - from a PKA DNS record. - - * pkclist.c (build_pk_list): Add comments to this function; - re-indented it. - -2005-08-04 David Shaw - - * keygen.c (proc_parameter_file): Sanity check items in keygen - batch file. Noted by Michael Schierl. - - * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0. - Noted by Michael Schierl. - - * keygen.c (write_keyblock): Don't try and build deleted kbnodes - since we start our tree with one. - -2005-08-04 Werner Koch - - * export.c (do_export_stream): Skip on-card keys when only subkeys - are to be exported. It does not make sense to replace the on-card - key stub by a no-key stub. - - * revoke.c (gen_revoke): Check for non-online keys. - - * seckey-cert.c (is_secret_key_protected): Return -3 for - non-online key stubs. The old code assumes that a protection - algorithm is still set but in some cases this one is 0 and thus it - won't be possible to decide whether it is unprotected or - protected. - -2005-07-28 Werner Koch - - * Makefile.am (other_libs): Add SRVLIBS. - - * parse-packet.c (can_handle_critical_notation): We know about - pka-address@gnupg.org. - * packet.h (PKT_signature): New fields PKA_INFO and PKA_TRIED. - (pka_info_t): New. - * free-packet.c (cp_pka_info): New. - (free_seckey_enc, copy_signature): Support new fields. - * mainproc.c (get_pka_address, pka_uri_from_sig): New. - (check_sig_and_print): Try to get the keyserver from the PKA - record. - * pkclist.c (check_signatures_trust): Adjust the trust based on - the PKA. - * gpgv.c (parse_keyserver_uri): New stub. - - * keygen.c (has_invalid_email_chars): Moved to .. - * misc.c (has_invalid_email_chars): .. here and made global. - -2005-07-27 Werner Koch - - * export.c (do_export_stream): Make two strings translatable. - -2005-07-26 David Shaw - - * keyserver.c (keyserver_typemap): Special-case LDAP since curl - will report that it can handle it, and we don't want it to. - -2005-07-26 Werner Koch - - * passphrase.c (agent_get_passphrase): Make sure to release the - saved codeset. - (agent_open): Add arg ORIG_CODESET and switch back to it in case - of error. Changed all callers. - -2005-07-22 David Shaw - - * keyedit.c (sign_uids): Don't prompt for setting signature expiry - to match key expiry unless --ask-cert-expire is set. Suggested by - Peter Palfrader. - -2005-07-22 Werner Koch - - * g10.c, options.h: New option --exit-on-status-write-error. - * status.c (write_status_text): Make use of this option. - -2005-07-22 David Shaw - - * options.h, g10.c (main): Removed option --no-interactive-selection. - * keyedit.c (keyedit_menu): Use --interactive to enable the uid - walking when signing a key with no uids specified to sign. - - * keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg - Sabino Mullane. - -2005-07-20 Werner Koch - - * openfile.c (open_outfile): Disable FD caching for created files. - * encode.c (encode_simple, encode_crypt): Disable FD caching for - input files. - * verify.c (verify_one_file): Ditto. - * decrypt.c (decrypt_messages): Ditto. This is bug #479. - - * misc.c (get_libexecdir) [W32]: Changed to return the value of - program used to create the process. - * keyserver.c (keyserver_spawn) [DISABLE_KEYSERVER_PATH]: Don't - change the exec-path at all. - -2005-07-20 David Shaw - - * keyserver.c (curl_can_handle): New. Do a runtime check against - libcurl to see if it can handle a particular protocol. - (keyserver_typemap): Call it here. - - * Makefile.am: Pull in libcurl for curl_version_info() if used. - -2005-07-19 Werner Koch - - * g10.c, options.h: New option --limit-card-insert-tries. - * cardglue.c (open_card): Use it. - - * export.c (parse_export_options): New option - export-reset-subkey-passwd. - (do_export_stream): Implement it. - - * misc.c (get_libexecdir): New. - * keyserver.c (keyserver_spawn): Use it - -2005-07-18 Werner Koch - - * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols. - -2005-07-08 David Shaw - - * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig - around when compacting a uid. There is no reason to make an - attacker's job easier - this way they only have a revocation which - is useless in bringing the uid back. - - * keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed. - - * import.c (chk_self_sigs): Allow a uid revocation to be enough to - allow importing a particular uid (no self sig needed). This - allows importing compacted uids. - -2005-06-20 David Shaw - - * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 - warning. - -2005-06-20 Werner Koch - - * g10.c, options.h: New option --no-interactive-selection. - * keyedit.c (keyedit_menu): Use it. - -2005-06-18 Werner Koch - - * parse-packet.c (parse_signature): Use log_info for messages - about missing timestamp or keyid. In case we don't use that key - there won't be no further error and thus gpg does not need to - return with an error. - -2005-06-13 David Shaw - - * keygen.c (save_unprotected_key_to_card): Fix gcc4 warning. - - * options.h, import.c (parse_import_options, import_one): Add - import-clean-uids option to automatically compact unusable uids - when importing. Like import-clean-sigs, this may nodify the local - keyring. - - * trustdb.c (clean_uids_from_key): Only allow selfsigs to be a - candidate for re-inclusion. - -2005-06-12 David Shaw - - * options.h, import.c (parse_import_options, - clean_sigs_from_all_uids, import_one): Add import-clean-sigs - option to automatically clean a key when importing. Note that - when importing a key that is already on the local keyring, the - clean applies to the merged key - i.e. existing superceded or - invalid signatures are removed. - - * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure - that even after keys may be merged together, we only have one - chosen selfsig. - -2005-06-09 David Shaw - - * options.h, import.c (parse_import_options, delete_inv_parts): - import-unusable-sigs is now a noop. - - * options.h, export.c (do_export_stream), keyedit.c (keyedit_menu, - menu_clean_subkeys_from_key), trustdb.h, trustdb.c - (clean_subkeys_from_key): Remove subkey cleaning function. It is - of very limited usefulness since it cannot be used on any subkey - that can sign, and can only affect multiple selfsigs on - encryption-only subkeys. - - * keydb.h, kbnode.c (undelete_kbnode): New function to undelete a - kbnode. - - * trustdb.c (clean_uids_from_key): Further tweak the algorithm so - that the last good selfsig is kept when the chosen selfsig is a - revocation. - -2005-06-08 David Shaw - - * trustdb.c (clean_uids_from_key), keyedit.c - (menu_clean_uids_from_key): Tweak algorithm to preserve the last - selfsig which helps prevent uid resurrections. - - * getkey.c (fixup_uidnode, merge_selfsigs_main): Handle both - expired and revoked uids in fixup_uidnode(). No need to special - case in merge_selfsigs_main(). This also means that an expired - uid will have its selfsig tagged with chosen_selfsig. - -2005-06-07 David Shaw - - * options.h, g10.c (main), export.c (parse_export_options, - do_export_stream): Add export-options export-clean-sigs, - export-clean-uids, export-clean-subkeys, and export-clean which is - all of the above. Export-minimal is the same except it also - removes all non-selfsigs. export-unusable-sigs is now a noop. - -2005-06-06 Werner Koch - - * cardglue.c (open_card): Emit new CARDCTRL status 5 for no reader - available. - -2005-06-02 Werner Koch - - * app-openpgp.c (do_writekey): Typo fix. - - * status.c, status.h: Removed STATUS_BAD_PASSPHRASE_PIN. - -2005-06-01 David Shaw - - * signal.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on - mingw32. Noted by Joe Vender. - - * passphrase.c [_WIN32]: Remove unused variables. - -2005-05-31 David Shaw - - * keyedit.c (menu_clean_uids_from_key, - menu_clean_subkeys_from_key), trustdb.c (clean_uids_from_key, - clean_subkeys_from_key): Fix mingw32 build warnings. Noted by Joe - Vender. - -2005-05-31 Werner Koch - - * keydb.h [!ENABLE_AGENT_SUPPORT]: Define dummy types. - - * cardglue.c (assuan_strerror, assuan_transact): Dummy functions - if not build with agent support. - - * armor.c (check_input): Don't bail out on invalid header lines - unless in struict rfc2440 mode. Suggested by Richard Patterson. - -2005-05-30 Werner Koch - - * tlv.c: Add hack to compile without gpg-error.h. - -2005-05-30 David Shaw - - * trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk - through the subkeys on a key, and mark any that aren't usable for - deletion. Note that a signing subkey is never marked for deletion - since these keys are still useful after expiration or revocation. - - * keyedit.c (menu_clean_subkeys_from_key): New function to call - clean_subkeys_from_key() on a key. Note that the strings here are - not marked for translation yet. The UI is still in flux, and - there is no point in annoying the translators twice. - (keyedit_menu): Call it here as part of the "clean" command. - -2005-05-29 David Shaw - - * trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through - the user IDs on a key, and mark any that aren't valid for - deletion. - - * keyedit.c (menu_clean_uids_from_key): New function to call - clean_uids_from_key() on a key. - (keyedit_menu): Call it from here as part of the "clean" command. - -2005-05-26 David Shaw - - * g10.c (main): Default {export|import}-unusable-sigs to off until - the "clean" UI can be finished. - -2005-05-24 Werner Koch - - * passphrase.c (ask_passphrase): Unescape the description string. - * cardglue.c (unescape_status_string): Removed. Changed all - caller to use ... - * misc.c (unescape_percent_string): New. - - * g10.c (add_notation_data): Check number of at-signs. - -2005-05-23 Werner Koch - - * app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS. - - * cardglue.c (open_card): Check USE_AGENT. - (agent_scd_checkpin): Implemented Assuan part. - (agent_scd_change_pin): Ditto. - - * g10.c (main): Option --debug-ccid-driver may now be given - several times increase the debug level. - - * ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version - 5.14 as good. - (do_close_reader): Never do a reset. The caller should instead - make sure that the reader has been closed properly. The new retry - code in ccid_slot_status will make sure that the readersatrts up - fine even if the last process didn't closed the USB connection - properly. - (ccid_get_atr): For certain readers try switching to ISO mode. - Thanks to Ludovic Rousseau for this hint and the magic numbers. - (print_command_failed): New. - (bulk_in): Use it here. Add new arg NO_DEBUG. - (ccid_slot_status): Disabled debugging. - -2005-05-21 Werner Koch - - * cardglue.c (send_status_info): Make CTRL optional. - (agent_scd_writekey, inq_writekey_parms): New. - (agent_openpgp_storekey): Removed. - * cardglue.h: Add a few more error code mappings. - * keygen.c (copy_mpi): Removed. - (save_unprotected_key_to_card): Changed to use agent_scd_writekey. - * app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer - version in gnupg 1.9 CVS. - -2005-05-20 Werner Koch - - * ccid-driver.c (ccid_transceive): Arghhh. The seqno is another - bit in the R-block than in the I block, this was wrong at one - place. Fixes bug #419 and hopefully several others. - -2005-05-19 Werner Koch - - * app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer - version in gnupg 1.9 CVS. - -2005-05-18 Werner Koch - - * passphrase.c (agent_open): Made global and add arg TRY. - (agent_close): Made global. - - * app-common.h (app_t): Add a field to store the Assuan context. - -2005-05-13 David Shaw - - * build-packet.c (do_comment): Removed. - (build_packet): Ignore comment packets. - - * export.c (do_export_stream): Don't export comment packets any - longer. - - * options.h, g10.c (main): Remove --sk-comments and - --no-sk-comments options, and replace with no-op. - -2005-05-11 David Shaw - - * keygen.c (write_selfsigs): Rename from write_selfsig. Write the - same selfsig into both the pk and sk, so that someone importing - their sk (which will get an autoconvert to the pk) won't end up - with two selfsigs. - (do_generate_keypair): Call it from here. - - * parse-packet.c (can_handle_critical_notation): New. Check for - particular notation tags that we will accept when critical. - Currently, that's only preferred-email-encoding@pgp.com, since we - know how to handle it (pass it through to a mail program). - (can_handle_critical): Call it from here. - (parse_one_sig_subpkt): Sanity check that notations are - well-formed in that the internal lengths add up to the size of the - subpacket. - -2005-05-07 Werner Koch - - * ccid-driver.c (do_close_reader): Don't do a reset before close. - Some folks reported that it makes the SCR335 hang less often. - Look at the source on how to re-enable it. - -2005-05-06 David Shaw - - * main.h, keygen.c (parse_expire_string, ask_expire_interval), - sign.c (sign_file, clearsign_file, sign_symencrypt_file), g10.c - (main), keyedit.c (sign_uids): Use seconds rather than days - internally to calculate expiration. We no longer need the - day-based code as we don't generate v3 keys. - - * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use - the default sig expire value when signing in batchmode. - -2005-05-05 David Shaw - - * Makefile.am, packet.h, main.h, comment.c: Remove comment.c. We - don't use any of these functions any longer. - - * keygen.c (start_tree): New function to "prime" a KBNODE list. - (do_generate_keypair): Use it here rather than creating and - deleting a comment packet. - - * keygen.c (gen_elg, gen_dsa): Do not put public factors in secret - key as a comment. - - * options.h, encode.c (encode_simple, encode_crypt), keygen.c - (do_create): Remove disabled comment packet code. - - * keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default - preferences. - - * options.h, g10.c (main): Add new --default-sig-expire and - --default-cert-expire options. Suggested by Florian Weimer. - - * main.h, keygen.c (parse_expire_string, ask_expire_interval): Use - defaults passed in, or "0" to control what default expiration is. - - * keyedit.c (sign_uids), sign.c (sign_file, clearsign_file, - sign_symencrypt_file): Call them here, so that default expiration - is used when --ask-xxxxx-expire is off. - -2005-05-03 Werner Koch - - * passphrase.c (agent_get_passphrase): Add new arg CACHEID. - Changed all callers. - (ask_passphrase): Add new arg CACHEID and use it in agent mode. - Changed all callers. - (passphrase_clear_cache): New arg CACHEID. Changed all callers. - * cardglue.c (format_cacheid): New. - (pin_cb): Compute a cache ID. - (agent_scd_pksign, agent_scd_pkdecrypt): Use it. - (agent_clear_pin_cache): New. - * card-util.c (change_pin): Clear the PIN cache. - (check_pin_for_key_operation): Ditto. - -2005-04-24 David Shaw - - * trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the - no-pubkey and chosen revocation cases. - (clean_uid): New function to clean a user ID of unusable (as - defined by mark_usable_uid_certs) certs. - - * keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new - "clean" command that removes unusable sigs from a key. - - * trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): - Allow specifying user ID via the namehash from --with-colons - --fixed-list-mode --list-keys. Suggested by Peter Palfrader. - -2005-04-21 David Shaw - - * keyedit.c (sign_uids, keyedit_menu): When the user requests to - sign a key without specifying which user IDs to sign, and declines - to sign all user IDs, walk through the set of user IDs and prompt - for which to sign. - - * mainproc.c (symkey_decrypt_seskey): There is no need to have an - extra check for a bad passphrase and/or unknown cipher algorithm - here. We'll fail quite happily later, and usually with a better - error message to boot. - -2005-04-20 Werner Koch - - * sign.c (sign_file, sign_symencrypt_file): Allow for hash - debugging. - -2005-04-16 David Shaw - - * keyserver.c (keyserver_spawn): Free some memory. - - * sign.c (hash_for): Comments. - -2005-04-11 Werner Koch - - * g10.c (main, add_notation_data, add_policy_url) - (add_keyserver_url): Use isascii() to protect the isfoo macros and - to replace direct tests. Possible problems noted by Christian - Biere. - * keyserver.c (parse_keyserver_uri): Ditto. - -2005-04-07 Werner Koch - - * g10.c (main): Declare --pipemode deprecated. - * misc.c (deprecated_command): New. - - * ccid-driver.c (ccid_slot_status): Fixed debug messages. - - * card-util.c (card_edit): Add command "verify". Enhanced admin - command to allow optional arguments "on", "off" and "verify". - (card_status): Print private DOs in colon mode. - * app-openpgp.c (do_check_pin): Add hack to allow verification of - CHV3. - -2005-04-01 Werner Koch - - * keygen.c (keygen_set_std_prefs): Explain the chosen order of - AES key sizes. - -2005-04-01 David Shaw - - * mainproc.c (proc_plaintext): Properly handle SIG+LITERAL - (old-style PGP) signatures that use hashes other than SHA-1, - RIPEMD160, or MD5. - -2005-03-31 David Shaw - - * exec.h, exec.c (set_exec_path): Remove some dead code and change - all callers. We no longer need to append to $PATH. - -2005-03-31 Werner Koch - - * passphrase.c (agent_open): Dropped support for W32 - is was - never actually used. Removed support for the old non-assuan - protocol; there has never been a matured implementation and - gpg-agent is now arround for quite some time. Rewritten to make - use of the Assuan code from ../util. - (gpga_protocol_codes): Removed. - (readn): Removed. - (agent_close): Simplified for use with Assuan. - (agent_get_passphrase, passphrase_clear_cache): Removed support - for old protocol. Use only with ENABLE_CARD_SUPPORT defined. - (agent_send_all_options): Take assuan context instead of a file - descriptor. - (agent_send_option): Likewise. Use assuan_transact. - * passphrase.c (writen, readaline): Removed. - - * g10.c (main): Print a warning if --use-agent has been used but - it has not been build with support for it. - - * keydb.c (keydb_add_resource): Clarify meaning of flags. Add new - flag 4. Use log_info for errors registering the default secret key. - * g10.c (main): Flag the default keyrings. - -2005-03-30 David Shaw - - * keyserver.c (keyserver_spawn): Don't mess about with the $PATH. - Rather, call keyserver helpers with the full path. This fixes - some PATH-inspired DLL problems on W32. Noted by Carlo Luciano - Bianco. - -2005-03-30 Werner Koch - - * cardglue.c (pin_cb): Print a warning if the info string hack is - not there. This may happen due to typos in the translation. - -2005-03-22 Werner Koch - - * misc.c (w32_shgetfolderpath) [W32]: Changed declaration of - function ptr. Noted by Tim Costello. - * apdu.c [W32]: Changed declaration of dlopened function pointers. - -2005-03-21 David Shaw - - * gpgv.c: Stubs for tty_enable_completion() & - tty_disable_completion(). - - * openfile.c (ask_outfile_name): Enable readline completion when - prompting for an output filename. - - * plaintext.c (ask_for_detached_datafile): Enable readline - completion when prompting for a detached sig datafile. - -2005-03-21 Werner Koch - - * keyedit.c (command_generator, keyedit_completion): Changed - indentation. - * card-util.c (command_generator, card_edit_completion): Ditto. - -2005-03-19 David Shaw - - * card-util.c (command_generator, card_edit_completion) - [GNUPG_MAJOR_VERSION==1 && HAVE_LIBREADLINE]: New functions to - enable command completion in the --card-edit menu. - (card_edit): Call them here. - -2005-03-18 David Shaw - - * keyedit.c (command_generator, keyedit_completion) - [HAVE_LIBREADLINE]: New functions to enable command completion in - the --edit-key menu. - (keyedit_menu): Call them here. - -2005-03-17 David Shaw - - * getkey.c (get_seckey_byname2): If no explicit default key is - set, don't pick a disabled default. Noted by David Crick. - - * Makefile.am: Calculate GNUPG_LIBEXECDIR directly. Do not - redefine $libexecdir. - - * options.h, keyserver.c (parse_keyserver_options) - (keyserver_spawn): Don't treat 'verbose' and 'include-disabled' as - special. Just pass them through silently to the keyserver helper. - -2005-03-16 Werner Koch - - * ccid-driver.c (parse_ccid_descriptor): Make SCM workaround - reader type specific. - (scan_or_find_devices): Do not check the interface subclass in the - SPR532 kludge, as this depends on the firmware version. - (ccid_get_atr): Get the Slot status first. This solves the - problem with readers hanging on recent Linux 2.6.x. - (bulk_in): Add argument TIMEOUT and changed all callers to pass an - appropriate one. Change the standard timeout from 10 to 5 seconds. - (ccid_slot_status): Add a retry code with an initial short timeout. - (do_close_reader): Do an usb_reset before closing the reader. - -2005-03-14 Werner Koch - - * card-util.c (card_status): Use isotimestamp and not the - localized asctimestamp to match the timezone used in the key - information. - - * cardglue.c (pin_cb): Disable debug output. - -2005-03-11 Werner Koch - - * keygen.c (gen_card_key_with_backup): Write status line with the - backup filename. - - * status.h, status.h (STATUS_BACKUP_KEY_CREATED): New. - -2005-03-10 David Shaw - - * keyserver.c (parse_keyserver_options): Accept honor-http-proxy - as an alias for http-proxy. - - * delkey.c (do_delete_key, delete_keys): Fix problem with --expert - preventing --delete-secret-and-public-keys from deleting secret - keys. - -2005-03-10 Werner Koch - - * keyedit.c (keyedit_menu) [W32]: Run the trustdb stale check - earlier. - -2005-03-07 Werner Koch - - * cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign) - (agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin) - (agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a - SC_OP_FAILURE after card operations which might change data. - * card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has - been changed. - (change_name): Removed a debug output. - * status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE - and SC_OP_SUCCESS. - -2005-02-24 David Shaw - - * keyedit.c (keyedit_menu): Only print the key signing hint when - signing from a place where it is useful (i.e. --edit-key and not - --sign-key). - -2005-02-16 Werner Koch - - * card-util.c (fetch_url): Fetch the key from the default - keyserver if no URL is available. - -2005-02-15 Werner Koch - - * passphrase.c (agent_get_passphrase): Don't call free_public_key - if PK is NULL. - (passphrase_clear_cache): Ditto. Removed debug output. - (passphrase_to_dek): Ditto. - -2005-02-13 Werner Koch - - * keyedit.c (cmds): Limit code to 80 columns. Add command - BKUPTOCARD. - -2005-02-09 David Shaw - - * encr-data.c (decrypt_data): Use it here to turn off the "quick - check" bytes for PK decryptions. This is in regards to the Mister - and Zuccherato attack on OpenPGP CFB mode. - - * mainproc.c (proc_symkey_enc): Set a flag to indicate that a - particular session key came from a passphrase and not a PK. - -2005-02-08 Werner Koch - - * misc.c (w32_shgetfolderpath): New. - (default_homedir): Use it to avoid problems under Windows95. - -2005-02-06 David Shaw - - * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the - trustdb is dirty and --interactive is set, do an --update-trustdb. - If not interactive, do a --check_trustdb unless - --no-auto-check-trustdb is set. - - * import.c (import_keys_internal): Moved from here. - - * keyserver.c (keyserver_refresh): Call it here after all - refreshing has happened so that we don't rebuild after each - preferred keyserver set of imports, but do one big rebuild at the - end. This is Debian bug #293816, noted by Kurt Roeckx. - -2005-02-04 David Shaw - - * getkey.c (merge_selfsigs_subkey): Merged away definition from - the backsigs code. - -2005-01-31 David Shaw - - * keygen.c (do_generate_keypair): Write the auth key to the card - before the encryption key. This is a partial workaround for a PGP - bug (as of this writing, all versions including 8.1), that causes - it to try and encrypt to the most recent subkey regardless of - whether that subkey is actually an encryption type. In this case, - the auth key is an RSA key so it succeeds. - -2005-01-27 David Shaw - - * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF - instead of 0x0000000000000000 for the invalid key ID since - all-zeroes is reserved for the anonymous recipient. - - * keyedit.c (change_passphrase), keygen.c (generate_subkeypair): - Fix a string ;) - -2005-01-27 Werner Koch - - * parse-packet.c (listfp): New. - (set_packet_list_mode): Intialize it to stdout or stderr depending - on a global option. Made all printing in list mode use LISTFP. - - * keygen.c (generate_subkeypair): Detect primary key on-card and - ask for the passphrase. Return an error if the primary key is a - plain stub. - - * keyedit.c (change_passphrase): Don't ever change any stub key. - Print a note if a key consists of only stub keys. Reported by - Dany Nativel. These are bugs #401 and #402. - -2005-01-26 Werner Koch - - * ccid-driver.c (parse_ccid_descriptor): Need the CSM workaround - also for newer firmware versions. Need to get a list of fixed - firmware versions and use that. - -2005-01-26 David Shaw - - * keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal - address] syntax in keyserver URLs. - (keyserver_typemap): Map ftps if we are supporting it. - -2005-01-25 Werner Koch - - * keygen.c (do_generate_keypair): Don't continue after an error; - fixed at two places. Why at all didn't I used a goto to cleanup, - tsss? - - * app-openpgp.c (get_cached_data): New arg GET_IMMEDIATE to bypass - the cache. Changed all callers. - (get_one_do): Bypass the cache if the value would have been read - directly for v1.1 cards. It makes things a bit slower but only for - 1.0 cards and there are not that many cards out in the wild. This - is required to fix a caching bug when generating new keys; as a - side effect of the retrieval of the the C4 DO from the 6E DO the - chaced fingerprint will get updated to the old value and later - when signing the generated key the checking of the fingerprint - fails becuase it won't match the new one. Thanks to Moritz for - analyzing this problem. - (verify_chv3): Removed the CHV status reread logic because we - won't cache the C4 DO anymore. - -2005-01-21 David Shaw - - * keyserver.c (free_keyserver_spec): Fix small leak. - (keyserver_typemap): Map https if we are supporting it. - -2005-01-20 Werner Koch - - * cardglue.c (open_card): Issue new CARDCTRL(4) status. - - * gpgv.c (tty_fprintf): New stub. - - * card-util.c (card_status): Create a secret key stub on the fly - and print more information about a card key. - * import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New. - * getkey.c (get_seckeyblock_byfprint): New. - * keylist.c (print_card_key_info): New. - - * g10.c (i18n_init) [W32]: Pass registry key to gettext - initialization. - * gpgv.c (i18n_init) [W32]: Ditto. - -2005-01-18 Werner Koch - - * misc.c (default_homedir): New. Taken from gnupg 1.9.15. - * g10.c (main): Use it. - * gpgv.c (main): Ditto. - - * keylist.c (public_key_list): Do a trustdb staleness check before - opening the keyring. - (secret_key_list): Ditto. - -2005-01-10 David Shaw - - * keyedit.c (keyedit_menu): Move command strings outside the - function to get ready for the readline completion code. - - * passphrase.c (readline, agent_send_option, agent_open, - agent_get_passphrase, passphrase_clear_cache): Rename readline() - to readaline() to keep readline library namespace clear. - -2005-01-06 David Shaw - - * filter.h, armor.c (armor_filter): Use the eol string from the - armor filter context instead of hardcoding '\n' or '\r\n'. If no - eol string is provided, default to '\n' or '\r\n' as appropriate. - (is_armor_header): Trim tabs in armor header lines as well. - - * keyserver.c (keyserver_spawn): Use it here to force '\n' line - endings since the keyserver output file gets a LF->CRLF expansion - on win32. - -2005-01-05 David Shaw - - * g10.c (main): Typo. - - * armor.c (is_armor_header): Allow CR and LF (not just actual - spaces) in an armor header line (-----BEGIN etc). This is needed - due to CRLF issues on win32. As before, --openpgp makes it - strict. - -2005-01-03 David Shaw - - * Makefile.am: Use @LIBUSB@ instead of @LIBUSB_LIBS@ - - * import.c (delete_inv_parts): Comments on import-unusable-sigs. - -2005-01-01 David Shaw - - * options.h, import.c (parse_import_options, delete_inv_parts): - Add import-unusable-sigs flag to enable importing unusable - (currently: expired) sigs. - - * options.h, export.c (parse_export_options, do_export_stream): - Add export-unusable-sigs flag to enable exporting unusable - (currently: expired) sigs. - -2004-12-29 David Shaw - - * packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info), - keyid.c (revokestr_from_pk), keyedit.c (show_key_with_all_names): - Show who revoked a key (either the same key or a designated - revoker) and when. - -2004-12-28 Werner Koch - - * ccid-driver.c (find_endpoint): New. - (scan_or_find_devices): Add new args to return endpoint info and - interface number. - (ccid_open_reader, ccid_shutdown_reader): Take care of these new - args. - (bulk_in, bulk_out): Use the correct endpoints. - (ccid_transceive_apdu_level): New. - (ccid_transceive): Divert to above. - (parse_ccid_descriptor): Allow APDU level exchange mode. - (do_close_reader): Pass the interface number to usb_release_interface. - -2004-12-24 David Shaw - - * keyserver.c (keyserver_typemap): Only map HTTP and FTP if - libcurl has specifically been selected to handle them. - -2004-12-22 David Shaw - - * options.h, keyserver.c (parse_keyserver_uri): Properly parse - auth data from URLs and pass to keyserver helpers. - - * keyserver.c (keyserver_typemap): New. Map certain keyserver - types to a common type (e.g. ldaps -> ldap). If we are building - with curl, map both http and ftp to curl. - - * build-packet.c (build_sig_subpkt): Only allow one preferred - keyserver subpacket at a time. - -2004-12-21 David Shaw - - * keyedit.c (menu_set_keyserver_url): Make sure we only operate on - the chosen selfsig so we don't accidentally promote an older - selfsig to chosen. Discovered by Simon Josefsson and 'Todd'. - - * keygen.c (ask_expire_interval): Fix typo. - -2004-12-20 David Shaw - - * keylist.c (list_keyblock_print): Secret key listings should - always show everything (expired UIDs, revoked subkeys, etc, etc). - - * keyedit.c (keyedit_menu): Add additional help for the "sign" - flags. - -2004-12-20 Werner Koch - - * keygen.c (ask_expire_interval): For better translations chnage 2 - strings. - - * seckey-cert.c (do_check): Handle case when checksum was okay but - passphrase still wrong. Roman Pavlik found such a case. - -2004-12-20 David Shaw - - * keyedit.c (keyedit_menu): Invisible alias "passwd" as - "password". - - * passphrase.c: Don't check for __CYGWIN__, so it is treated as a - unix-like system. - - * options.h, g10.c (main), textfilter.c (standard): Use new option - --rfc2440-text to determine whether to filter "\t\r\n" or - just "\r\n" before canonicalizing text line endings. Default to - "\t\r\n". - -2004-12-19 David Shaw - - * keygen.c (keygen_get_std_prefs): Set reference count when - creating the temporary user ID. - - * keyedit.c (keyedit_menu): Merge updpref and setpref. Keep - updpref as an invisible alias. Add invisible alias for revphoto. - Fix small memory leak when using "setpref" (not all of the uid was - freed). - (menu_revkey): Trigger a trust rebuild after revoking a key. - Don't allow revoking an already-revoked whole key. - (menu_revsubkey): Don't allow revoking an already-revoked subkey. - -2004-12-18 David Shaw - - * keyedit.c (menu_revkey): Rename to menu_revsubkey. - (menu_revkey): New. Revoke a whole key. - (keyedit_menu): Call it here for when 'revkey' is used without any - subkeys selected. This is to be consistent with the other - functions which are "selected part if selected, whole key if not". - - * signal.c: Use only HAVE_LIBREADLINE to detect readline - availability. - - * Makefile.am: Link with readline where necessary. - -2004-12-17 Werner Koch - - * passphrase.c (agent_get_passphrase): Define NREAD locally as - size_t or int. - - * keylist.c (list_keyblock_print): Make field width an int. - * keyedit.c (show_key_with_all_names): Ditto. - -2004-12-16 David Shaw - - * g10.c (main): Add --require-secmem/--no-require-secmem to cause - gpg to exit if it cannot lock memory. Also remove --nrsign-key - and --nrlsign-key since this can better be done via --edit-key. - -2004-12-15 David Shaw - - * apdu.c (apdu_send_le, apdu_send_direct), keylist.c - (status_one_subpacket, print_one_subpacket): Fix some compiler - warnings. - - * g10.c (main): Fix --compression-algo to take a string argument - like --compress-algo. - - * trustdb.c (uid_trust_string_fixed): For safety, check for a pk. - -2004-12-14 David Shaw - - * keyedit.c (keyedit_menu): Re-remove the N_() markers. - - * trustdb.c (uid_trust_string_fixed): Show uids as revoked if the - key is revoked. - - * keyedit.c (show_key_with_all_names): Don't show validity for - secret key UIDs. - - * keyedit.c (parse_sign_type): New. Figure out the flags (local, - nonrevoke, trust) for a signature. - (keyedit_menu): Call it here so we can mix and match flags, and - don't need "nrltsign", "ltsign", "tnrsign", etc, etc, etc. - -2004-12-14 Werner Koch - - * passphrase.c (agent_get_passphrase): Removed debug output - - * keyserver.c (keyserver_work, keyserver_spawn): Map ldaps to ldap. - - * keyedit.c (keyedit_menu): Removed the N_() markers from the - command names. - * card-util.c (card_edit): Ditto. - -2004-12-13 Werner Koch - - * passphrase.c (read_passphrase_from_fd): Fixed memory leak. - Noted by Andrei Darashenka. - -2004-12-11 David Shaw - - * keyserver.c (parse_preferred_keyserver): Force preferred - keyserver subpackets to have a URI scheme specified. - -2004-12-10 David Shaw - - * options.h, g10.c (main), textfilter.c (standard): Use --rfc2440 - or --openpgp directly to determine the end of line hashing rule. - - * trustdb.c (uid_trust_string_fixed): Show uids as expired if the - key is expired. - -2004-12-10 Werner Koch - - * app-openpgp.c (send_fprtime_if_not_null): New. - (do_getattr): Add KEY_TIME. - (do_learn_status): Print KEY_TIME. - * cardglue.c (learn_status_cb): Parse KEY-TIME. - * card-util.c (card_status): Print creation time if available. - -2004-12-09 David Shaw - - * options.h, g10.c (main), textfilter.c (len_without_trailing_ws): - Removed (not used). - (standard): 2440 says that textmode hashes should canonicalize - line endings to CRLF and remove spaces and tabs. 2440bis-12 says - to just canonicalize to CRLF. So, we default to the 2440bis-12 - behavior, but revert to the strict 2440 behavior if the user - specifies --rfc2440. In practical terms this makes no difference - to any signatures in the real world except for a textmode detached - signature. - -2004-12-09 Werner Koch - - * passphrase.c (agent_get_passphrase): New args CUSTOM_PROMPT and - CUSTOM_DESCRIPTION. Changed all callers. - - * app-openpgp.c (do_getattr, do_learn_status, do_setattr): Support - the new private DOs. - (do_change_pin): Add a "N" prefix to the strings so that the - callback can act accordingly for a new PIN. Unfortunately this - breaks existing translations but I see no wother way to overvome - this. - - * cardglue.c (learn_status_cb): Ditto. - (agent_release_card_info): Ditto. - (struct pin_cb_info_s): Removed and changed all users. - (pin_cb): Reworked. - - * card-util.c (card_status): Print them - (card_edit): New command PRIVATEDO. - (change_private_do): New. - -2004-12-09 David Shaw - - * keygen.c (ask_algo): Add a choose-your-own-capabilities option - for DSA. - -2004-12-07 David Shaw - - * keygen.c (ask_keysize): Change strings to always use %u instead - of hardcoding key sizes. Bump default to 2048. Bump minimum down - to 512, where possible, but require --expert to get there. DSA is - always 1024 unless --expert is given. - -2004-11-29 David Shaw - - * getkey.c (parse_key_usage): New function to parse out key usage - flags. Set PUBKEY_USAGE_UNKNOWN to handle flags that we don't - understand. - (fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey): Call - it from here to remove duplicate code. - -2004-11-26 David Shaw - - * export.c (do_export_stream): Allow export-minimal to work with - secret keys, even though a non-selfsig secret key signature is - rare. - - * options.h, export.c (parse_export_options, do_export_stream), - import.c (parse_import_options, import_keys_internal): Make the - import-options and export-options distinct since they can be mixed - together as part of keyserver-options. - -2004-11-24 David Shaw - - * options.h, export.c (parse_export_options, do_export_stream): - Add "export-minimal" option to disregard any sigs except selfsigs. - - * trustdb.c (uid_trust_string_fixed): Use a string that can be - atoi-ed, but also has a comment for the translator. - - * trustdb.h, trustdb.c (uid_trust_string_fixed): New. Return a - fixed-size translatable string similar to trust_value_to_string. - This allows for easier lining up of displays. - - * keyedit.c (show_key_with_all_names), keylist.c - (list_keyblock_print): Use it here to print validity strings. - - * gpgv.c: Stub. - -2004-11-18 Werner Koch - - * g10.c (S_IRGRP) [HAVE_DOSISH_SYSTEM]: Define to 0. - -2004-11-17 Werner Koch - - * g10.c (open_info_file): New. - (main): Unconditionally implement --status-file, --logger-file, - --attribute-file, --passphrase-file, --command-file. This is not - generally useful but easy to support and might make scripting - under Windows easier. - -2004-11-11 Werner Koch - - * passphrase.c (readn): Fixed test against EINTR. - -2004-11-05 Werner Koch - - * app-openpgp.c: Made more strings translatable. - (verify_chv3, do_change_pin): Add a special prefix to the prompt - of the Admin PIN prompts. - * passphrase.c (ask_passphrase): Add arg TRYAGAIN_TEXT. Changed - call callers. - * cardglue.c (pin_cb): Make use of the OPAQUE arg to pass - arguments to the PIN callback. Use this to implement a way to - check for correct PIN repetition. Changed all callers to pass an - opaque argument. Improved detection of Admin PIN prompts. - -2004-11-04 David Shaw - - * plaintext.c (handle_plaintext): Don't try and create a - zero-length filename when using --use-embedded-filename with input - that has no filename (clearsigned or message generated from a - pipe). - - * encode.c (encode_simple, encode_crypt), progress.c - (handle_progress), sign.c (write_plaintext_packet): Fix a few - inconsistent calls (NULL filename means a pipe here, so don't - bother to check it twice). - -2004-11-03 David Shaw - - * misc.c (print_digest_algo_note): The latest 2440bis drafts - deprecates MD5, so give a warning. - (print_pubkey_algo_note, print_cipher_algo_note, - print_digest_algo_note): Give the algorithm name in the - experimental algo warning. - -2004-11-03 Timo Schulz - - * passphrase.c (readn, writen): Use w32_strerror instead - of just showing the error number. - * misc.c [_WIN32]: Fix warning about missing prototypes. - -2004-10-28 David Shaw - - * skclist.c (build_sk_list): Don't need to warn about - PGP-generated Elgamal signing keys since we no longer support any - Elgamal signing keys. - - * sign.c (sign_file, clearsign_file): Use "writing to" instead of - "writing to file" to match other strings. - - * pkclist.c (check_signatures_trust): Fix typo. Noted by Moray - Allan. This is Debian bug #278708. - - * passphrase.c (ask_passphrase, passphrase_to_dek): "password" -> - "passphrase". - - * keyedit.c (show_key_with_all_names): Show designated revoker as - part of translatable string. - -2004-10-28 Werner Koch - - * Makefile.am (other_libs): New. Also include LIBICONV. Noted by - Tim Mooney. - -2004-10-28 Werner Koch - - * apdu.c (open_pcsc_reader): Removed bad free in error handler. - -2004-10-27 David Shaw - - * card-util.c, delkey.c, keygen.c, plaintext.c, keyedit.c, - passphrase.c, revoke.c: Collapse the two different "can't do that - in batch mode" strings into one. - - * keylist.c (status_one_subpacket): New. Send the subpacket data - to the --status interface. - - * card-util.c (card_edit): Show when admin is enabled or not. - - * status.h, status.c: New STATUS_SIG_SUBPACKET type. - - * build-packet.c (build_sig_subpkt): Multiple keyserver URLs are - allowed. - - * keyring.c: Make some strings translatable. - - * exec.c, sign.c: Change "can't open file" to "can't open" and - "can't create file" to "can't create" to be consistent with other - strings so we don't have to translate both. - - * delkey.c, export.c, keyedit.c, pkclist.c, revoke.c, skclist.c: - Fix a few missed possible \"username\" quotes. - -2004-10-26 Werner Koch - - * app-openpgp.c (verify_chv3): The minimum length for CHV3 is - 8. Changed string to match the other ones. - - * passphrase.c (agent_send_all_options): Try to deduce the ttyname - from stdin. - -2004-10-22 Werner Koch - - * card-util.c (fetch_url): Disable for gnupg 1.9 - (card_generate_subkey): Ditto. - (card_store_subkey): Ditto. - -2004-10-21 David Shaw - - * options.h, g10.c (main), mainproc.c (check_sig_and_print): - Rename verify-option show-validity to show-uid-validity to match - the similar list-option. - - * app-openpgp.c (verify_chv3): Fix typo. - -2004-10-21 Werner Koch - - * app-common.h (app_openpgp_storekey): Add prototype. - - * app-openpgp.c (do_sign): Replace asprintf by direct allocation. - This avoids problems with missing vasprintf implementations. - - * card-util.c (generate_card_keys): Add a #warning for gnupg 1.9 - and use the same string there. - -2004-10-20 David Shaw - - * g10.c (parse_list_options): Fix non-constant initializer so we - can build with C89. - -2004-10-17 David Shaw - - * keylist.c (print_one_subpacket): The flags field should be hex. - -2004-10-17 Werner Koch - - * passphrase.c (agent_get_passphrase): Cast UIDLEN to int. Noted - by Christian Cornelssen. - -2004-10-16 David Shaw - - * parse-packet.c (parse_one_sig_subpkt, enum_sig_subpkt): Don't - BUG() on unknown subpackets. Rather, just return them silently. - -2004-10-15 Werner Koch - - * status.h (STATUS_NEED_PASSPHRASE_PIN): New. - * status.c (get_status_string): Added. - * passphrase.c (ask_passphrase): Moved status printing to .. - * cardglue.c (pin_cb): .. here and issue new status message. - - * keyedit.c (sign_uids): Don't include the leading LF in the - translatable string but print them separately. - - * apdu.c (apdu_open_remote_reader) [_WIN32]: We don't have ENOSYS. - - * app-openpgp.c (parse_login_data): New. - (app_select_openpgp): Call it. - (do_setattr): Reparse it after change. - - * pkclist.c (do_edit_ownertrust): Add a note to translators. - * keygen.c (ask_user_id): Ditto. - - * helptext.c: Typo fix. - -2004-10-14 David Shaw - - * keylist.c (list_keyblock_print): Show the fingerprint after the - key, not after the first user ID. - - * keyedit.c (show_key_with_all_names): Don't show validity if - we're just printing user IDs for signing. - - * armor.c (fake_packet): Properly handle the case where the line - is dash-space (i.e. a blank line that was quoted). Give a warning - for bad dash escaping. - -2004-10-14 Werner Koch - - * export.c (do_export_stream) [ENABLE_SELINUX_HACKS]: Don't allow - secret key export. - * import.c (import_secret_one) [ENABLE_SELINUX_HACKS]: Likewise - - * misc.c (is_secured_filename): New. - * keydb.c (maybe_create_keyring) - * tdbio.c (tdbio_set_dbname) - * plaintext.c (handle_plaintext) - * openfile.c (copy_options_file, open_outfile) - * exec.c (exec_write) - * keygen.c (do_generate_keypair, gen_card_key_with_backup) - - * sign.c (sign_file, clearsign_file) - * keyring.c (create_tmp_file, do_copy): Check for secured files - before creating them. - - * keygen.c (print_status_key_created, read_parameter_file): - s/unsigned char/byte/ due to a strange typedef for RISC OS. Noted - by Stefan. - -2004-10-13 David Shaw - - * armor.c (fake_packet): Allow arbitrary dash-escaped lines as per - 2440bis-10. This is bug #158. - - * keyserver.c (keyserver_work): Handle keyserver timeouts. - - * pkclist.c (do_edit_ownertrust): Different prompt when we're - using direct trust since the meaning is different. - - * keyedit.c (trustsig_prompt): Change the strings to match the - ones in pkclist.c:do_edit_ownertrust to make translation easier. - - * trustdb.c (trust_model_string, get_validity): Add direct trust - model which applies to the key as a whole and not per-uid. - - * options.h, g10.c (parse_trust_model): New. - (main): Call it from here to do string-to-trust-model. - -2004-10-13 Werner Koch - - * tdbdump.c (import_ownertrust): Removed all log_error_f and - reworded the messages. - - * dermor.c: Include i18n.h. Made 2 strings translatable. - - * misc.c (register_secured_file, is_secured_file) - (unregister_secured_file): New. - * keyring.c (do_copy, rename_tmp_file): Implement the SELinux hacks. - (keyring_register_filename): Ditto. - * tdbio.c (open_db): Ditto. - * openfile.c (copy_options_file, open_sigfile): Ditto. - * verify.c (verify_signatures, verify_one_file): Ditto. - * photoid.c (generate_photo_id): Ditto. - * keygen.c (read_parameter_file): Ditto. - * import.c (import_keys_internal): Ditto. - * decrypt.c (decrypt_message, decrypt_messages): Ditto. - * dearmor.c (dearmor_file, enarmor_file): Ditto. - * g10.c (main, print_mds): Ditto. - * exec.c (exec_write, exec_read): Ditto. - * card-util.c (change_login): Ditto. - * encode.c (encode_simple, encode_crypt): Ditto. - - * openfile.c (overwrite_filep, make_outfile_name, open_outfile) - (open_sigfile): Use iobuf_is_pipe_filename to check for pipes so - that special filesnames are taken into account. This is bug 327. - - * tdbdump.c (import_ownertrust): Ditto. - - * sign.c (write_plaintext_packet): Ditto. - (sign_file, clearsign_file, sign_symencrypt_file): - - * progress.c (handle_progress): Ditto. - * plaintext.c (handle_plaintext): Ditto. - (ask_for_detached_datafile, hash_datafiles): - - * encode.c (encode_simple, encode_crypt): Ditto. - -2004-10-12 Werner Koch - - * keygen.c (read_parameter_file): Changed to use iobuf based file - reading to allow the special file name feature to work. - - * keygen.c (read_parameter_file): New keyword "Handle". This is - bug 287. - (print_status_key_not_created): New. - (print_status_key_created): Add new arg HANDLE. - (do_generate_keypair): Print not created status. - * status.c, tatus.h (STATUS_KEY_NOT_CREATED): New. - -2004-10-11 David Shaw - - * pkclist.c (do_edit_ownertrust): Use the same translated string - for showing the user ID as mainproc.c:print_pkenc_list. - - * mainproc.c (print_pkenc_list): Allow translating the quotes - around the user ID. - - * card-util.c, g10.c, photoid.c, trustdb.c: The last of the \"%s\" - -> `%s' quoting for things that aren't user IDs. - - * keyserver.c (keyserver_spawn): If there is no keyserver host, - print the whole URI since it is self-contained. - -2004-10-11 Werner Koch - - * keyserver.c (keyserver_spawn): Print an empty string in log_info - if the host is not set (e.g. finger). - -2004-10-10 David Shaw - - * card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, - keygen.c, photoid.c, revoke.c: Some yes-or-no prompts end in - "(y/n)". Some don't. Consistently use y/n everywhere. - - * keygen.c (ask_key_flags): New. - (ask_algo): Call it here in --expert mode so we don't need to - specify each possible variation of RSA capabilities. - - * keygen.c (do_add_key_flags): The spec says that all primary keys - MUST be able to certify. Force the certify flag on for primaries - (and off for subkeys). - - * keygen.c (generate_keypair): Fix generating keys with the auth - flag. - -2004-10-08 David Shaw - - * encr-data.c (decrypt_data): Give a warning with a weak key, but - still allow to decrypt the message. - -2004-10-07 David Shaw - - * pkclist.c (build_pk_list): Keystrify. - - * mainproc.c (check_sig_and_print), pkclist.c - (do_edit_ownertrust): Improve translatability of user ID prompts. - -2004-10-06 David Shaw - - * helptext.c, pkclist.c (do_we_trust): It is not possible to get - here with a revoked or expired key, so BUG() that case. Remove - question about overriding revoked/expired. Also - --keyid-format-ify. - (do_we_trust_pre): Use print_pubkey_info() instead of printing the - info ourselves. - - * passphrase.c (passphrase_to_dek): Improve translatability of - user ID prompts. - - * keylist.c (print_pubkey_info): Use the user ID the pk was - selected by, if any. - - * keyedit.c (sign_uids, ask_revoke_sig): Improve translatability - of user ID prompts. - (ask_revoke_sig, menu_revsig): Try and use common strings for - these two functions so they don't need to be translated twice. - - * keyedit.c, keylist.c, keyserver.c, mainproc.c: The - revoked/expired/expires string change of 2004-09-29 was too - simple. Use two styles for each tag. - -2004-10-06 Werner Koch - - * ccid-driver.c (ccid_open_reader): Store the vendor ID. - (ccid_transceive_secure): New. - (parse_ccid_descriptor): Workaround for an SCM reader problem. - (send_escape_cmd): New. - -2004-10-05 David Shaw - - * passphrase.c (agent_get_passphrase): Use keystrs for agent - strings, and fix sprintf warnings. - - * keyserver.c (keyserver_spawn): Fix BUG() with certain sets of - mixed regular and preferred keyserver refreshes. Noted by - Sebastian Wiesinger. - - * keyedit.c (show_key_with_all_names): Show uid validity in menu. - -2004-10-03 Timo Schulz - - * apdu.c (apdu_open_remote_reader) [_WIN32]: Do not set ENOSYS. - -2004-10-03 David Shaw - - * keyedit.c (print_and_check_one_sig_colon): Fix bad keyids in - colon delsig output. Noted by Peter Palfrader. - (show_prefs): Do not reference missing selfsig. Noted by Alex - Moroz. - -2004-10-01 Werner Koch - - * gpgv.c (i18n_init): Always use LC_ALL. - -2004-09-30 Werner Koch - - * app-openpgp.c (verify_chv3) [GNUPG_MAJOR_VERSION!=1]: Typo fix. - -2004-09-30 David Shaw - - * gpgv.c, keydb.c (keydb_add_resource): Factored keyring creation - out to .. - (maybe_create_keyring): .. new. Make sure that we do the checks - in a locked state. Problem reported by Stefan Haller. Try to - create the home directory before acquiring a lock for the keyring. - From Werner on stable branch. - - * g10.c (main): Blow up if we didn't lose setuid. From Werner on - stable branch. - -2004-09-29 David Shaw - - * keyedit.c, keylist.c, keyserver.c, mainproc.c: Reduce the many - variations of "revoked" ("revoked", "[revoked]", " [revoked]", - "[revoked] ") "and" expired down to two to simplify translation. - -2004-09-28 David Shaw - - * keyedit.c (print_and_check_one_sig): Account for the extra space - that show-sig-expire takes up so we do not wrap lines. - (show_key_with_all_names): No need to show subkey revocations as a - seperate line since we now show revocation date in the main subkey - line. - - * signal.c (got_fatal_signal): HAVE_DECL_SYS_SIGLIST is defined, - but zero if not found. Noted by John Clizbe. - - * keyserver.c (parse_keyrec): Fix problem with non-expiring keys - appearing expired in --search-keys results. - -2004-09-27 Werner Koch - - * card-util.c (card_edit): Take admin only status from the table. - - * app-openpgp.c: Made all strings translatable. - (verify_chv3) [GNUPG_MAJOR_VERSION]: Make opt.allow_admin - available for use in gnupg 2. - (verify_chv3): Reimplemented countdown showing to use only - functions from this module. Flush the CVH status cache on a - successful read. - (get_one_do): Hack to bypass the cache for cards versions > 1.0. - (store_fpr): Store the creation date for card version > 1.0. - -2004-09-25 David Shaw - - * main.h, g10.c (main), card-util.c (change_pin): If "admin" has - not been issued, skip right to the CHV1/CHV2 PIN change. No need - to show the unblock or admin PIN change option. - (card_edit): Add "admin" command to add admin commands to the - menu. Do not allow admin commands until "admin" is given. - - * app-openpgp.c (verify_chv3): Show a countdown of how many wrong - admin PINs can be entered before the card is locked. - - * options.h, g10.c (main), app-openpgp.c (verify_chv3): Remove - --allow-admin. - -2004-09-24 David Shaw - - * main.h: Create S2K_DIGEST_ALGO macro so we do not need to always - set opt.s2k_digest_algo. This helps fix a problem with PGP 2.x - encrypted symmetric messages. Change all callers (encode.c, - g10.c, keyedit.c, keygen.c, passphrase.c, sign.c). - - * armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent - in some more quoted strings. Always use 'user ID', not 'user id', - "quotes" for user IDs, etc. - - * keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), - keygen.c (copy_mpi, generate_raw_key): Fix a compile problem and a - few warnings when building without card support. - -2004-09-23 Werner Koch - - * card_util.c (generate_card_keys): ask whether backup should be - created. - (card_store_subkey): Factored some code out to .. - * keygen.c (save_unprotected_key_to_card): .. new function. - (gen_card_key_with_backup): New. - (generate_raw_key): New. - (generate_keypair): New arg BACKUP_ENCRYPTION_DIR. Changed all - callers. - (do_generate_keypair): Divert to gen_card_key_with_backup when - desired. - - * apdu.c (open_pcsc_reader): Do not print empty reader string. - - * keygen.c (ask_algo): Allow creation of AUTH keys. - - * keyid.c (usagestr_from_pk): New. - - * app-openpgp.c (app_openpgp_storekey): Call flush_cache. - (get_cached_data): Move local data initialization to .. - (app_select_openpgp): .. here. Read some flags for later use. - (do_getattr): New read-only attribute EXTCAP. - - * keyedit.c (keyedit_menu): New command "keytocard" - (keyedit_menu): Bad hack for the not_with_sk element. - (show_key_with_all_names): Print the usage. - (find_pk_from_sknode): New. - - * card-util.c (card_store_subkey): New. - (copy_mpi): New. - - * cardglue.c (agent_openpgp_storekey): New. - -2004-09-22 Werner Koch - - * card-util.c (card_generate_subkey, generate_card_keys): Factored - common code out to ... - (get_info_for_key_operation, check_pin_for_key_operation) - (restore_forced_chv1, replace_existing_key_p) - (show_card_key_info): ... new functions. - -2004-09-21 David Shaw - - * mainproc.c (check_sig_and_print), keyedit.c (show_prefs, - menu_set_keyserver_url): Make sure that keyserver URLs with - control characters inside are printed properly. In fact, handle - them as UTF8. - - * keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if - we do not have card support. - - * keydb.h, keyserver.c (print_keyrec, keyserver_spawn): fpr is an - array of unsigned bytes. - -2004-09-20 Werner Koch - - * g10.c: Make -K an alias for --list-secret-keys. - - * keylist.c (print_card_serialno): New. Taken from gnupg 1.9.11. - (list_keyblock_print): Make use of it. - * keyedit.c (show_key_with_all_names): Print the card S/N. - - * keyedit.c (keyedit_menu): New command ADDCARDKEY. - * card-util.c (card_generate_subkey): New. - * keygen.c (generate_card_subkeypair): New. - (gen_card_key): New arg IS_PRIMARY; changed all callers. - - * cardglue.c (open_card): Use shutdown code if possible. - (check_card_serialno): Ditto. - - * ccid-driver.c (do_close_reader): Factored some code out from ... - (ccid_close_reader): ..here. - (ccid_shutdown_reader): New. - - * apdu.c (apdu_shutdown_reader): New. - (shutdown_ccid_reader): New. - -2004-09-17 Werner Koch - - * g10.c (list_config): New config option ccid-reader-id. - (gpgconf_list): Add "reader-port". - - * apdu.c (open_ccid_reader): New arg PORTSTR. Pass it to - ccid_open_reader. - (apdu_open_reader): Pass portstr to open_ccid_reader. - (apdu_open_reader): No fallback if a full CCID reader id has been - given. - - * ccid-driver.c (ccid_get_reader_list): New. - (ccid_open_reader): Changed API to take a string for the reader. - Removed al the cruft for the libusb development vesion which seems - not to be maintained anymore and there are no packages anyway. - The stable library works just fine. - (struct ccid_reader_id_s): Deleted and replaced everywhere by a - simple string. - (usb_get_string_simple): Removed. - (bulk_in): Do valgrind hack here and not just everywhere. - -2004-09-16 David Shaw - - * keyedit.c (show_key_with_all_names, show_prefs): Show preferred - keyserver(s) in "showpref" output. - - * keygen.c (keygen_add_keyserver_url), keyedit.c - (menu_set_keyserver_url): Allow setting a keyserver URL of "none" - to remove an existing keyserver URL. - - * keyedit.c (menu_set_keyserver_url): Confirm replacement of a - keyserver URL before overwriting the old one. - -2004-09-15 David Shaw - - * gpgv.c (agent_scd_getattr): Stub. - - * misc.c (get_signature_count): New. Get the signature count from - a smartcard. - (pct_expando): Call it here so the %c expando becomes the number - of signatures issued. This allows for notations or the like with - an automatic signature count. - - * ccid-driver.c (usb_get_string_simple): Replacement function to - work with older libusb. - -2004-09-15 Werner Koch - - * g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver. - - * ccid-driver.c (read_device_info): Removed. - (make_reader_id, scan_or_find_devices): New. - (ccid_open_reader): Simplified by make use of the new functions. - (ccid_set_debug_level): New. Changed the macros to make use of - it. It has turned out that it is often useful to enable debugging - at runtime so I added this option. - -2004-09-13 David Shaw - - * getkey.c (premerge_public_with_secret): Fix subkey<->binding sig - mismatch when some secret subkeys are missing. Discovered by - Michael Roth. - - * main.h, keylist.c (print_subpackets_colon): Make a public - function. - - * keyedit.c (print_and_check_one_sig_colon): New. Print a - with-colons version of the sig record. - (menu_delsig): Call it here for a with-colons delsig. - -2004-09-12 David Shaw - - * options.h, keylist.c (print_one_subpacket, - print_subpackets_colon): Print a spk record for each request - subpacket. - (list_keyblock_colon): Call them here. - - * g10.c (parse_subpacket_list, parse_list_options): New. Make the - list of subpackets we are going to print. - (main): Call them here. - -2004-09-11 David Shaw - - * card-util.c (fetch_url, card_edit): Use the pubkey URL stored on - the card to fetch an updated copy. Works with either straight - URLs or HKP or LDAP keyservers. - - * keyserver-internal.h, keyserver.c (keyserver_import_fprint), - import.c (revocation_present): Use a keyserver_spec so the caller - can pass in whatever keyserver they like. - -2004-09-10 David Shaw - - * app-openpgp.c (get_cached_data): Avoid mallocing zero since it - breaks us when using --enable-m-guard. - - * ccid-driver.c (read_device_info): Fix segfault when usb device - is not accessible. - (ccid_open_reader): Allow working with an even older version of - libusb (usb_busses global instead of usb_get_busses()). - -2004-09-09 Werner Koch - - * cardglue.h: Add members for CA fingerprints. - * cardglue.c (agent_release_card_info): Invalid them. - (learn_status_cb): Store them. - - * app-common.h, app-openpgp.c, iso7816.c, iso7816.h - * apdu.c, apdu.h, ccid-driver.c, ccid-driver.h - * card-util.c: Updated from current gnupg-1.9. - - Changes are: - - * ccid-driver.h (CCID_DRIVER_ERR_ABORTED): New. - * ccid-driver.c (ccid_open_reader): Support the stable 0.1 version - of libusb. - (ccid_get_atr): Handle short messages. - * apdu.c (my_rapdu_get_status): Implemented. - * apdu.c: Include . - * apdu.c (reader_table_s): Add function pointers for the backends. - (apdu_close_reader, apdu_get_status, apdu_activate) - (send_apdu): Make use of them. - (new_reader_slot): Intialize them to NULL. - (dump_ccid_reader_status, ct_dump_reader_status): New. - (dump_pcsc_reader_status): New. - (open_ct_reader, open_pcsc_reader, open_ccid_reader) - (open_osc_reader, open_rapdu_reader): Intialize function pointers. - (ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu) - (error_string): Removed. Replaced by apdu_strerror. - (get_ccid_error_string): Removed. - (ct_activate_card): Remove the unused loop. - (reset_ct_reader): Implemented. - (ct_send_apdu): Activate the card if not yet done. - (pcsc_send_apdu): Ditto. - * ccid-driver.h: Add error codes. - * ccid-driver.c: Implement more or less proper error codes all - over the place. - * apdu.c (apdu_send_direct): New. - (get_ccid_error_string): Add some error code mappings. - (send_apdu): Pass error codes along for drivers already supporting - them. - (host_sw_string): New. - (get_ccid_error_string): Use above. - (send_apdu_ccid): Reset the reader if it has not yet been done. - (open_ccid_reader): Don't care if the ATR can't be read. - (apdu_activate_card): New. - (apdu_strerror): New. - (dump_reader_status): Only enable it with opt.VERBOSE. - * iso7816.c (map_sw): Add mappings for the new error codes. - * apdu.c (open_ct_reader, open_pcsc_reader, open_ccid_reader) - (reset_ccid_reader, open_osc_reader): Call dump_reader_status only - in verbose mode. - * app-openpgp.c (do_getattr): Fix for sending CA-FPR. - * app-openpgp.c (app_openpgp_readkey): Fixed check for valid - exponent. - * app-openpgp.c (do_setattr): Sync FORCE_CHV1. - * card-util.c (change_login): Kludge to allow reading data from a - file. - (card_edit): Pass ARG_STRING to change_login. - (card_status): Print CA fingerprints. - (change_cafpr): New. - (card_edit): New command CAFPR. - -2004-04-30 Werner Koch - - * g10.c (main) : Use gpg.conf and not /dev/null as - default filename. - -2004-04-28 Werner Koch - - * card-util.c (card_edit): Remove PIN verification. - (generate_card_keys): New arg SERIALNO. Do PIN verification here - after resetting forced_chv1. - - -2004-09-09 Werner Koch - - * signal.c (got_fatal_signal): Do readline cleanup. Print signal - number if we can't print the name. Use new autoconf macro - HAVE_DECL_SYS_SIGLIST. - (get_signal_name): Removed. - - * photoid.c: Include ttyio.h. - - * parse-packet.c (skip_rest): Removed. Changed all callers to use - the new iobuf_skip_reset. Orginal patch by Florian Weimer. - -2004-09-07 Werner Koch - - * photoid.c (generate_photo_id): Use tty_printf and not just - printf. Put _() around one string. - -2004-09-03 David Shaw - - * keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon - as we know the key is definitely expired. Some translatable - string cleanup. - -2004-08-27 David Shaw - - * encode.c, exec.c, g10.c, sign.c: Some translatable string - cleanup. Change some "this" to `this'. - -2004-08-23 David Shaw - - * keyserver.c (keyserver_spawn): Show log line for what keyserver - action we are taking. - - * keyid.c (keystr): If printing a keyid that lacks the high 4 - bytes, print the low 4 alone. - (keystr_from_desc): Handle short keyids and warn on v3 - fingerprints. - - * keydb.h, getkey.c (get_user_id_printable, - get_user_id_string_printable): Rename to get_user_id_native and - get_user_id_string_native and remove the printable stuff since - we're print-ifying valid utf8 characters. Change all callers in - import.c, sign.c, keylist.c, and encode.c. - - * keyserver.c (keyserver_search_prompt): Make sure the search - string is converted from UTF-8 before display. - -2004-08-19 Werner Koch - - * seskey.c (encode_session_key): Changed the zero random byte - substituting code to actually do clever things. Thanks to - Matthias Urlichs for noting the implementation problem. - -2004-08-18 Marcus Brinkmann - - * passphrase.c (agent_get_passphrase): Fix detection of gpg-agent - cancellation. - -2004-08-08 David Shaw - - * plaintext.c (handle_plaintext): Bigger buffer for extra safety. - - * g10.c (main): New alias --throw-keyid for --throw-keyids, so - that it continues to work in old configuration files. Noted by - Jens Adam. - - * pkclist.c (algo_available): --pgp8 now allows blowfish, zlib, - and bzip2. - - * status.c (do_get_from_fd): Flush stdout if status isn't flushing - it for us. This guarantees that any menus that were displayed - before the prompt don't get stuck in a buffer. Noted by Peter - Palfrader. This is Debian bug #254072. - - * sign.c (update_keysig_packet): Revert change of 2004-05-18. It - is not appropriate to strip policy and notations when remaking a - sig. That should only happen when specifically requested by the - user. - -2004-08-05 David Shaw - - * armor.c (radix64_read): No armor CRC is legal according to the - spec (the CRC is a MAY). - -2004-07-28 David Shaw - - * misc.c (argsplit): Properly split quoted args from the keyword - and trim whitespace afterwards. - -2004-07-27 David Shaw - - * misc.c (optsep): Add the ability to understand keyword="quoted - arg with spaces" type options. - -2004-07-16 David Shaw - - * keylist.c (list_keyblock_print): Always use the new listing - format where uids are always on a line for themselves. Mark - expired secret keys as expired. - - * options.h, g10.c (main): Rename list show-validity to - show-uid-validity as it only shows for uids. - - * armor.c (armor_filter): Do not use padding to get us to 8 bytes - of header. Rather, use 2+4 as two different chunks. This avoids - a fake filename of "is". - -2004-07-15 David Shaw - - * keyedit.c (sign_uids): Properly handle remaking a self-sig on - revoked or expired user IDs. Also, once we've established that a - given uid cannot or will not be signed, don't continue to ask - about each sig. - - * mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check - the S2K hash algorithm before we try to generate a passphrase - using it. This prevents hitting BUG() when generating a - passphrase using a hash that we don't have. - - * sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign - --symmetric messages. - - * g10.c (main): Alias --charset as --display-charset to help avoid - the continuing confusion and make room for possible changes in - devel. - - * parse-packet.c (parse_plaintext): Show the hex value for the - literal packet mode since it may not be printable. - - * keygen.c (make_backsig): Make sure that the backsig was built - successfully before we try and use it. - - * status.h, status.c (get_status_string), plaintext.c - (handle_plaintext): New status tags PLAINTEXT and - PLAINTEXT_LENGTH. - -2004-06-16 Werner Koch - - * free-packet.c (copy_secret_key): Get last fix right. - -2004-06-16 Werner Koch - - * free-packet.c (copy_secret_key): Fixed memory leak when D is not - NULL. - - * passphrase.c (passphrase_to_dek): Added a few comments to the - code. - -2004-05-26 David Shaw - - * keyserver.c (keyserver_refresh): Keep track of keys already - fetched so we don't do a regular keyserver fetch if the preferred - keyserver fetch has exhausted the list. - -2004-05-23 David Shaw - - * verify.c (verify_signatures): Verify multiple files in the same - order in which we hashed them when issuing the signature. Noted - by Nicholas Cole. - - * pkclist.c (do_edit_ownertrust): Fix a kbnode leak and do another - keyid-format conversion. - -2004-05-22 Werner Koch - - * trustdb.c (check_regexp): s/EXP/EXPR/. - - * keyedit.c (trustsig_prompt): Remoev useless range check. - - * options.h: Renamed ctrl to glo_ctrl. Changed all users. - - * ccid-driver.c (ccid_open_reader): Print a warning when CCID - can't be used. - -2004-05-21 David Shaw - - * mainproc.c (check_sig_and_print): If we're honoring preferred - keyservers, and auto-key-retrieve is set, try and get a missing - key from the preferred keyserver subpacket when we verify the sig. - - * gpgv.c (parse_preferred_keyserver, free_keyserver_spec): Stubs. - - * keyserver.c (keyidlist): Use new parse_preferred_keyserver - function. - (keyserver_work): Use the passed-in keyserver spec rather than the - options global one. - - * keyserver-internal.h, keyserver.c (parse_preferred_keyserver): - New function to take a sig and return a split out keyserver_spec. - (keyserver_import_keyid): Now takes a keyserver_spec. - - * keyserver.c (keyidlist): Go back to the old fast keyid lister. - Only merge selfsigs if we have to for honor-keyserver-url. - (keyserver_refresh): Keyserver URL handler moved here. - (calculate_keyid_fpr): Removed. - - * keydb.h, keyid.c (keystr_from_desc): Calculate a key string from - a KEYDB_SEARCH_DESC. - - * keyserver.c (keyserver_spawn): Fix keyserver options on tempfile - only platforms. Noted by Roger Sondermann. - -2004-05-20 David Shaw - - * keyserver.c (keyserver_work): Allow --refresh-keys with a - preferred keyserver to happen even if there is no global keyserver - set. - - * sig-check.c (do_check_messages): No need to check for Elgamal - signatures any longer. - (do_check_messages, do_check, check_key_signature2): - --keyid-format conversion. - - * pkclist.c (show_paths, edit_ownertrust): Remove some unused - code. - - * options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE. - - * mainproc.c (check_sig_and_print): track whether we are - retrieving a key. - - * status.c (status_currently_allowed): New. - (write_status_text, write_status_text_and_buffer): Use it here. - - * g10.c: New command --gpgconf-list. - (gpgconf_list): New. From Werner on stable branch. - -2004-05-19 David Shaw - - * pubkey-enc.c (get_session_key, get_it), keyedit.c - (show_key_with_all_names, show_basic_key_info): --keyid-format - conversion. - -2004-05-18 David Shaw - - * sign.c (update_keysig_packet): Policies and notations should be - stripped out when remaking a self-signature. Noted by Atom - Smasher. - - * keyserver.c (parse_keyserver_uri): Fix compiler warnings. - -2004-05-11 David Shaw - - * options.h, keyserver-internal.h, keyserver.c - (parse_keyserver_uri): Improved URI parser that keeps track of the - path information and doesn't modify the input string. - (keyserver_spawn): Tell keyserver plugins about the path. - -2004-05-11 Werner Koch - - * keylist.c (show_policy_url, show_keyserver_url, show_notation) - (list_one): Use const char* for i18n string helpers. - - * keygen.c (do_generate_keypair, read_parameter_file): Really - close the files. - (do_generate_keypair): Create the secret key file using safe - permissions. Noted by Atom Smasher. - -2004-05-10 David Shaw - - * options.h, mainproc.c (symkey_decrypt_seskey), keyserver.c - (struct keyrec, parse_keyrec, keyserver_search_prompt), keyedit.c - (keyedit_menu), g10.c (add_keyserver_url, add_policy_url): Fix - some compiler warnings. - -2004-05-08 David Shaw - - * keyedit.c (keyedit_menu, menu_set_keyserver_url): Allow passing - preferred keyserver on "keyserver" command line. Sanity check - keyserver URL before accepting it. - - * keyserver-internal.h, g10.c (main), keyserver.c - (parse_keyserver_uri): Add an option to require the scheme:// and - change all callers. - (free_keyserver_spec): Make public. - -2004-05-07 Werner Koch - - * sign.c (write_plaintext_packet): Fixed the detection of too - large files in the same way as in encode.c. - -2004-05-04 David Shaw - - * keylist.c (show_notation): Use bits to select which sort of - notation to show. Don't allow a not-shown notation to prevent us - from issuing the proper --status-fd message. - - * options.h, g10.c (main): Add show-std/standard-notations and - show-user-notations. show-notations is both. Default is to show - standard notations only during verify. Change all callers. - -2004-04-28 David Shaw - - * main.h, keylist.c (show_notation): Add argument to show only - user notations, only standard notations, or both. Change all - callers. - - * keyserver.c (keyserver_spawn): We still need EXEC_TEMPFILE_ONLY. - -2004-04-28 Werner Koch - - * card-util.c (card_edit): Require PIN only for generate. - - * app-openpgp.c (do_setattr): Sync FORCE_CHV1. - -2004-04-27 Werner Koch - - * keyserver.c (keyserver_spawn) [EXEC_TEMPFILE_ONLY]: Removed - setting use_temp_file because this option has been removed. - - * g10.c: New commands --allow-admin and --deny-admin. - * options.h (opt): Add member ALLOW_ADMIN. - - * tlv.h, tlv.c: New. Copied from gnupg-1.9. - * cardglue.c (open_card): The serialno is now set internally by - app_select_openpgp; changed invocation. - * cardglue.h (app_t, ctrl_t): New. - (GPG_ERR_EBUSY, GPG_ERR_ENOENT, GPG_ERR_NOT_FOUND, GPG_ERR_BUG) - (GPG_ERR_NOT_IMPLEMENTED, GPG_ERR_EACCESS): New. - (gpg_err_code_from_errno): New. - - * app-common.h, app-openpgp.c, iso7816.c, iso7816.h - * apdu.c, apdu.h, ccid-driver.c, ccid-driver.h - * card-util.c: Updated from current gnupg-1.9. - - Changes are: - - * app-common.h: New members FNC.DEINIT and APP_LOCAL. - * app-openpgp.c (do_deinit): New. - (get_cached_data, flush_cache_item, flush_cache_after_error) - (flush_cache): New. - (get_one_do): Replaced arg SLOT by APP. Make used of cached data. - (verify_chv2, verify_chv3): Flush some cache item after error. - (do_change_pin): Ditto. - (do_sign): Ditto. - (do_setattr): Flush cache item. - (do_genkey): Flush the entire cache. - (compare_fingerprint): Use cached data. - - * apdu.c (apdu_send_le): Reinitialize RESULTLEN. Handle - SW_EOF_REACHED like SW_SUCCESS. - - * ccid-driver.c (parse_ccid_descriptor): Store some of the reader - features away. New arg HANDLE - (read_device_info): New arg HANDLE. Changed caller. - (bulk_in): Handle time extension requests. - (ccid_get_atr): Setup parameters and the IFSD. - (compute_edc): New. Factored out code. - (ccid_transceive): Use default NADs when required. - - * apdu.h: New pseudo stati SW_HOST_NOT_SUPPORTED, - SW_HOST_LOCKING_FAILED and SW_HOST_BUSY. - * iso7816.c (map_sw): Map it. - - * ccid-driver.c (ccid_slot_status): Add arg STATUSBITS. - * apdu.c (apdu_get_status): New. - (ct_get_status, pcsc_get_status, ocsc_get_status): New stubs. - (get_status_ccid): New. - (apdu_reset): New. - (reset_ct_reader, reset_pcsc_reader, reset_osc_reader): New stubs. - (reset_ccid_reader): New. - (apdu_enum_reader): New. - - * apdu.c (lock_slot, trylock_slot, unlock_slot): New helpers. - (new_reader_slot) [USE_GNU_PTH]: Init mutex. - (apdu_reset, apdu_get_status, apdu_send_le): Run functions - in locked mode. - -2004-04-25 David Shaw - - * getkey.c (get_seckey_byname2): Significantly simplify this - function by using key_byname to do the heavy lifting. Note that - this also fixes an old problem when the first key on the secret - keyring has an unusable stub primary, but is still chosen. - - * getkey.c (key_byname): If namelist is NULL, return the first key - in the keyring. - -2004-04-22 David Shaw - - * keygen.c (make_backsig): If DO_BACKSIGS is not defined, do not - create backsigs. - - * getkey.c (merge_selfsigs_subkey): Find 0x19 backsigs on subkey - selfsigs and verify they are valid. If DO_BACKSIGS is not - defined, fake this as always valid. - - * packet.h, parse-packet.c (parse_signature): Make parse_signature - non-static so we can parse 0x19s in self-sigs. - - * main.h, sig-check.c (check_backsig): Check a 0x19 signature. - (signature_check2): Give a backsig warning if there is no or a bad - 0x19 with signatures from a subkey. - -2004-04-21 David Shaw - - * parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt, - can_handle_critical): Parse and display 0x19 signatures. - -2004-04-20 David Shaw - - * keyserver.c (parse_keyserver_uri): Do not accept "http" as an - alias for "hkp". They are not the same thing. - -2004-04-19 David Shaw - - * options.h, g10.c (main): Add keyserver-option - honor-keyserver-url. parse_keyserver_options now returns a - success code. - - * keyserver.c (parse_keyserver_options): Return error on failure - to parse. Currently there is no way to fail as any unrecognized - options get saved to be sent to the keyserver plugins later. - Check length of keyserver option tokens since with =arguments we - must only match the prefix. - (free_keyserver_spec): Moved code from parse_keyserver_url. - (keyserver_work, keyserver_spawn): Pass in a struct keyserver_spec - rather than using the global keyserver option. - (calculate_keyid_fpr): New. Fills in a KEYDB_SEARCH_DESC for a - key. - (keyidlist): New implementation using get_pubkey_bynames rather - than searching the keydb directly. If honor-keyserver-url is set, - make up a keyserver_spec and try and fetch that key directly. Do - not include it in the returned keyidlist in that case. - -2004-04-16 David Shaw - - * plaintext.c (handle_plaintext): Accept 'u' as a plaintext mode - that requires end of line conversion. This is being considered - for a UTF8 text packet. If this doesn't take place, no major harm - done. If it does take place, we'll get a jump on starting the - changeover. - - * g10.c (main): --no-use-embedded-filename. - - * build-packet.c (calc_plaintext, do_plaintext): Do not create - illegal (packet header indicates a size larger than the actual - packet) encrypted data packets when not compressing and using a - filename longer than 255 characters. - - * keyedit.c (no_primary_warning): Cleanup. (menu_expire): Don't - give primary warning for subkey expiration changes. These cannot - reorder primaries. - - * keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, - do_generate_keypair, generate_subkeypair): New is_subkey argument - to set whether a generated key is a subkey. Do not overload the - ret_sk. This is some early cleanup to do backsigs for signing - subkeys. - - * keygen.c (write_keybinding, do_generate_keypair, - generate_subkeypair): Keep track of the unprotected subkey secret - key so we can make a backsig with it. - - * keygen.c (make_backsig): New function to add a backsig to a - binding sig of signing subkeys. Currently disabled. - (write_keybinding): Call it here, for signing subkeys only. - - * sign.c (make_keysig_packet): Allow generating 0x19 signatures - (same as 0x18 or 0x28, but used for backsigs). - - * packet.h, build-packet.c (build_sig_subpkt): Add new - SIGSUBPKT_SIGNATURE type for embedded signatures. - - * main.h, misc.c (optsep, argsplit, optlen, parse_options): - Simplify code and properly handle a partial match against an - option with an argument. - - * keyserver-internal.h, keyserver.c (parse_keyserver_options): Use - new optsep and argsplit functions. - -2004-04-15 David Shaw - - * main.h, misc.c (argsplit): Refactor argsep into argsplit and - argsep so they can be called separately. - - * options.h, keyserver.c (parse_keyserver_options): Remove - duplicate code from parse_keyserver_options by calling the generic - parse_options. - - * keyserver.c (keyserver_spawn, keyserver_refresh), g10.c (main), - gpgv.c (main), mainproc.c (check_sig_and_print), import.c - (revocation_present): Change all callers. - -2004-04-14 David Shaw - - * packet.h, getkey.c (fixup_uidnode, merge_selfsigs_subkey): Keep - track of which self-sig we actually chose. - - * keyedit.c (menu_expire, menu_set_primary_uid, - menu_set_preferences): Use it here to avoid updating non-used - self-sigs and possibly promoting an old self-sig into - consideration again. - - * options.h, import.c, keyserver-internal.h, g10.c, mainproc.c, - keyserver.c (parse_keyserver_uri): Parse keyserver URI into a - structure. Cleanup for new "guess my keyserver" functionality, as - well as refreshing via a preferred keyserver subpacket. - - * options.h: Encapsulate keyserver details. Change all callers. - -2004-04-05 Werner Koch - - * status.h (STATUS_NEWSIG): New. - * status.c (get_status_string): Add it. - -2004-03-27 David Shaw - - * keyedit.c (keyedit_menu): Request a trustdb update when adding a - new user ID so the new ID gets validity set. Reported by Owen - Taylor. - -2004-03-25 David Shaw - - * options.h, g10.c (main), compress-bz2.c (init_uncompress): - Rename --bzip2-compress-lowmem to --bzip2-decompress-lowmem since - it applies to decompression, not compression. - -2004-03-24 David Shaw - - * keyedit.c (sign_uids, show_key_and_fingerprint, ask_revoke_sig, - menu_revsig, menu_showphoto): --keyid-format conversion. - (menu_addrevoker): Use print_pubkey_info() rather than duplicating - code. - -2004-03-19 David Shaw - - * trustdb.c (update_min_ownertrust, validate_keys): Do not use - keystr functions in log_debug. - - * import.c (import_one): Try and collapse user IDs when importing - a key for the first time. - - * keyedit.c (menu_addrevoker): Allow appointing a subkey as a - designated revoker if the user forces it via keyid!, so long as - the subkey can certify. Also use the proper date string when - prompting for confirmation. - - * g10.c (main): Maintain ordering of multiple Comment lines. - Requested by Peter Hyman. - -2004-03-17 David Shaw - - * mainproc.c (proc_pubkey_enc, print_pkenc_list, list_node): - --keyid-format conversion. - -2004-03-16 David Shaw - - * getkey.c (skip_unusable, merge_selfsigs_main, - premerge_public_with_secret, lookup, get_user_id_string): - --keyid-format conversion. - -2004-03-15 David Shaw - - * trustdb.c (add_utk, verify_own_keys, update_min_ownertrust, - get_validity, ask_ownertrust, validate_keys): --keyid-format - conversion. - - * import.c (check_prefs_warning, check_prefs): --keyid-format - conversion and a little better text. - (import_one, import_secret_one, import_revoke_cert, chk_self_sigs, - delete_inv_parts, merge_blocks): Still more --keyid-format - conversions. - -2004-03-06 David Shaw - - * keylist.c (print_seckey_info, print_pubkey_info): --keyid-format - conversion. - (list_keyblock_print): 0xshort should not push us into the new - list format since it is not much longer than regular 8-character - short keyids. - - * keydb.h, keyid.c (keystr_from_pk, keystr_from_sk): New functions - to pull a key string from a key in one step. This isn't faster - than before, but makes for neater code. - - * keylist.c (list_keyblock_print): Use keystr_from_xx here. - (print_key_data): No need to pass a keyid in. - -2004-03-05 David Shaw - - * keyid.c (keyid_from_sk): Minor performance boost by caching - secret key keyids so we don't have to calculate them each time. - - * getkey.c (merge_selfsigs_subkey): Do not mark subkeys valid if - we do not support their pk algorithm. This allows for early - (during get_*) rejection of a subkey, and selection of another. - - * passphrase.c (passphrase_to_dek): Give a little more information - when we have room to do so. - -2004-03-04 David Shaw - - * revoke.c (export_minimal_pk), export.c (do_export_stream), - passphrase.c (passphrase_to_dek), keyserver.c (print_keyrec): A - few more places to use --keyid-format. - - * options.h, g10.c (main), export.c (parse_export_options, - do_export_stream): Remove --export-all and the "include-non-rfc" - export-option as they are no longer meaningful with the removal of - v3 Elgamal keys. - - * armor.c (fake_packet, armor_filter): Use the 2440 partial length - encoding for the faked plaintext packet. - -2004-03-03 David Shaw - - * options.h, g10.c (main), mainproc.c (check_sig_and_print): - Remove verify-option show-long-keyids and replace with - the more general keyid-format. - - * build-packet.c (write_header2): Remove call to start old gpg - partial length mode and change all callers. - (do_plaintext): Turn off partial length encoding now that we're - done writing the packet. - (do_comment, do_user_id): Try for a headerlen of 2 since that's - the smallest and most likely encoding for these packets. - - * parse-packet.c (parse): Remove call to start old gpg partial - length mode. - -2004-03-02 David Shaw - - * options.h, g10.c (main): Add a more flexible --keyid-format - option to replace the list-option (and eventually verify-option) - show-long-keyids. The format can be short, long, 0xshort, and - 0xlong. - - * keydb.h, keyid.c (keystr, keystrlen): New functions to generate - a printable keyid. - - * keyedit.c (print_and_check_one_sig, show_key_with_all_names), - keylist.c (list_keyblock_print): Use new keystr() function here to - print keyids. - - * packet.h, free-packet.c (free_encrypted, free_plaintext), - parse-packet.c (copy_packet, skip_packet, skip_rest, read_rest, - parse_plaintext, parse_encrypted, parse_gpg_control): Use a flag - to indicate partial or indeterminate encoding. This is the first - step in some minor surgery to remove the old gpg partial length - encoding. - -2004-03-01 David Shaw - - * parse-packet.c (parse): Only data-type packets are allowed to - use OpenPGP partial length encoding. - -2004-02-25 David Shaw - - * delkey.c (do_delete_key): Allow deleting a public key with a - secret present if --expert is set. - - * plaintext.c (handle_plaintext): Make bytecount static so it - works with multiple literal packets inside a message. - - * encode.c, helptext.c (keygen.algo, keygen.algo.elg_se), keygen.c - (ask_algo), sig-check.c (do_check_messages), skclist.c - (build_sk_list): Rename "ElGamal" to "Elgamal" as that is the - proper spelling nowadays. Suggested by Jon Callas. - -2004-02-24 David Shaw - - * plaintext.c: Copyright. - - * encode.c (encode_simple): Show cipher with --verbose. - - * options.h, g10.c (main), keyedit.c (sign_keys): Add - --ask-cert-level option to enable cert level prompts during - sigs. Defaults to on. Simplify --default-cert-check-level to - --default-cert-level. If ask-cert-level is off, or batch is on, - use the default-cert-level as the cert level. - - * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): - Simplify --min-cert-check-level to --min-cert-level. - -2004-02-22 David Shaw - - * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add - --min-cert-check-level option to specify minimum cert check level. - Defaults to 2 (so 0x11 sigs are ignored). 0x10 sigs cannot be - ignored. - -2004-02-21 David Shaw - - * plaintext.c (handle_plaintext): Properly handle a --max-output - of zero (do not limit output at all). - - * keyserver.c (keyserver_spawn): Use the full 64-bit keyid in the - INFO header lines, and include "sig:" records for the benefit of - people who store their keys in LDAP servers. It makes it easy to - do queries for things like "all keys signed by Isabella". - - * main.h, misc.c (hextobyte): Removed. It's in libutil.a now. - -2004-02-20 David Shaw - - * keyserver.c (keyserver_export): Disallow user strings that - aren't key IDs. - (keyserver_import): Clarify error message. - (keyserver_spawn): Properly handle 8 bit characters in user IDs in - the info lines during SEND. - - * mkdtemp.c: Removed. - - * Makefile.am: We get mkdtemp.c from libutil.a now, so don't link - with @LIBOBJS@. - - * keyserver.c (keyserver_spawn): Pass the scheme to the keyserver - helper. - -2004-02-18 David Shaw - - * options.h, g10.c (main), plaintext.c (handle_plaintext): Add - --max-output option to help people deal with decompression bombs. - -2004-02-15 David Shaw - - * build-packet.c (do_user_id): Do not force a header for attribute - packets as they require a new CTB, and we don't support forced - headers for new CTBs yet. - -2004-02-14 David Shaw - - * build-packet.c (write_header2): If a suggested header length is - provided along with a zero length, interpret this as an actual - zero length packet and not as an indeterminate length packet. - (do_comment, do_user_id): Use it here as these packets might be - naturally zero length. - - * parse-packet.c (parse): Show packet type when failing due to an - indeterminate length packet. - - * misc.c (parse_options): Only provide args for the true (i.e. not - "no-xxx") form of options. - -2004-02-13 David Shaw - - * keyserver.c (argsep): Move to misc.c. - - * main.h, misc.c (parse_options), export.c (parse_export_options), - import.c (parse_import_options), g10.c (main): Use it here to - allow for options with optional arguments. Change all callers. - - * import.c (check_prefs): Some language fixes. - (sec_to_pub_keyblock, import_secret_one): Without knowing the - number of MPIs there are, we cannot try and sk-to-pk-ize a key. - -2004-02-12 David Shaw - - * import.c (check_prefs): New function to check preferences on a - public key to ensure that it does not advertise any that we cannot - fulfill. Use the keyedit command list function to optionally - rewrite the prefs. - (import_one, import_secret_one): Use it here when importing a - public key that we have the secret half of, or when importing a - secret key that we have the public half of. - - * main.h, keyedit.c (keyedit_menu): Remove sign_mode and enhance - the more general command list functionality to replace it. - - * g10.c (main): Use the general command functionality to implement - --sign-key, --lsign-key, --nrsign-key, and --nrlsign-key. - - * import.c (import_one): Do the revocation check even in the case - when a key, a revocation key set in a direct key signature, and a - revocation from that revocation key, all arrive piecemeal. - Needless to say, this is pretty obscure. - -2004-02-11 David Shaw - - * options.h, g10.c (main), keylist.c (list_keyblock_print): Add - "show-unusable-subkeys" list-option to show revoked and/or expired - subkeys. - -2004-02-10 David Shaw - - * keyedit.c (keyedit_menu): Prompt for subkey removal for both - secret and public subkeys. - - * keylist.c (list_keyblock_print), keyedit.c - (show_key_with_all_names): Show the revocation date of a - key/subkey, and general formatting work. - - * packet.h, getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, - merge_selfsigs): Keep track of the revocation date of a key. - - * keydb.h, keyid.c (revokestr_from_pk): New function to print the - revocation date of a key. - - * keygen.c (keygen_set_std_prefs): Build the default preferences - list at runtime as it properly handles algorithms disabled at - build or run time. - - * getkey.c (merge_selfsigs_main): Properly handle expired user IDs - when the expired self-sig is not the only self-sig. - - * misc.c (compress_algo_to_string): Return NULL on failure like - all of the other xxxx_algo_to_string() functions. - - * mainproc.c (list_node): Minor spacing tweak to match --list-keys - output. - - * keylist.c (list_keyblock_print), mainproc.c (list_node): Mark - revoked subkeys as revoked. Requested by Matthew Wilcox. Revoked - overrides expiration when both apply. - - * keyedit.c (show_prefs): Use compress algo constants. - (show_basic_key_info): Make revoked and expired tags translatable. - - * g10.c (rm_group): Properly ungroup from a list of groups. - -2004-01-30 David Shaw - - * g10.c (main, rm_group): Add --ungroup command to remove a - particular group. - (add_group): When adding a group with the same name as an already - existing group, merge the two groups. - (list_config): Show an error message when listing a config item - that doesn't exist. - (main): Replace -z0 trick for no compression. - - * packet.h, keyedit.c (show_key_with_all_names_colon), keylist.c - (list_keyblock_colon), mainproc.c (list_node, proc_tree): Minor - cleanup to remove local_id, which is no longer used. - -2004-01-27 David Shaw - - * getkey.c: Set MAX_PK_CACHE_ENTRIES and MAX_UID_CACHE_ENTRIES to - PK_UID_CACHE_SIZE (set in ./configure). - - * getkey.c (get_pubkey): When reading key data into the cache, - properly handle keys that are partially (pk, no UIDs) cached - already. This is Debian bug #176425 and #229549. - - * compress.c (init_compress, push_compress_filter2): Do the right - thing (i.e. nothing) with compress algo 0. - - * main.h, decrypt.c (decrypt_messages): Accept filenames to - decrypt on stdin. This is bug #253. - -2004-01-23 David Shaw - - * mainproc.c (list_node): Show sigs with --verbose. - - * options.h, g10.c (set_screen_dimensions): New function to look - at COLUMNS and LINES. - - * keyserver.c (parse_keyrec, keyserver_search_prompt), keyedit.c - (print_and_check_one_sig): Use new screen dimension variables. - -2004-01-21 David Shaw - - * g10.c (list_config): New function to dump config options to - stdout. Currently requires --with-colons. - (collapse_args): New function to turn argc/argv into a single - string. - (main): Use it here to pass list_config() more than one argument - as a single string. - (print_algo_numbers): Helper to print algorithm number for - --list-config "pubkey", "cipher", "hash"/"digest", and "compress" - config options. - - * packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), - pkclist.c (check_signatures_trust): Indicate who has revoked a key - (the owner or a designated revoker). If a key was revoked by - both, prefer the owner. If a subkey is already revoked by the - owner, don't allow a designated revokation of the whole key to - override this. We're still revoked either way, of course. - - * keyedit.c (print_and_check_one_sig, keyedit_menu): Use the - COLUMNS environment variable (if any) to hint how wide the - terminal is. Disabled on _WIN32. Suggested by Janusz - A. Urbanowicz. - -2004-01-20 David Shaw - - * keylist.c (set_attrib_fd): Open attribute fd in binary - mode. This isn't meaningful on POSIX systems, but the Mingw builds - aren't exactly POSIX. - - * trustdb.c (reset_trust_records): New, faster, implementation - that doesn't involve a keyring scan. - (clear_validity): Removed. - - * g10.c (main), keydb.h, keydb.c (keydb_rebuild_caches), - keyring.h, keyring.c (keyring_rebuild_cache): Add "noisy" flag so - cache rebuilds can remain noisy when called for itself, and quiet - when called as part of the trustdb rebuild. - - * trustdb.c (validate_keys): Rebuild the sig caches before - building the trustdb. Note that this is going to require some - architectual re-thinking, as it is agonizingly slow. - -2004-01-19 David Shaw - - * sig-check.c (check_key_signature2): Comments. - - * keyring.c (keyring_rebuild_cache): Clear sig cache for any - signatures that we can no longer process (say, if the user removed - support for a necessary pubkey or digest algorithm). - -2004-01-16 David Shaw - - * misc.c (print_cipher_algo_note): May as well call Rijndael AES - at this point. - - * keygen.c (do_create), misc.c (openpgp_pk_algo_usage): Remove the - last bits of Elgamal type 20 support. - -2004-01-03 Stefan Bellon - - * compress.c [__riscos__]: Only use RISC OS' own ZLib module if - configured to use it. - -2003-12-30 David Shaw - - * options.h, g10.c (main), import.c (parse_import_options, - import_one, import_secret_one), keyserver.c (keyserver_refresh): - Change --merge-only to --import-option merge-only. Deprecate - --merge-only. - -2003-12-29 David Shaw - - * misc.c (pull_in_libs): Dead code. Removed. - - * sig-check.c (check_revocation_keys): Comments. - - * getkey.c (merge_selfsigs_main): Don't bother to check designated - revoker sigs if the key is already revoked. - - * packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" - flag on PKs. It is set when there is a revocation signature from - a valid revocation key, but the revocation key is not present to - verify the signature. - - * pkclist.c (check_signatures_trust): Use it here to give a - warning when showing key trust. - - * compress-bz2.c: Include stdio.h. Solaris 9 has a very old bzip2 - library and we can at least guarantee that it won't fail because - of the lack of stdio.h. - - * tdbio.c: Fixed format string bugs related to the use of DB_NAME. - Reported by Florian Weimer. - -2003-12-28 David Shaw - - * options.h, g10.c (main), keyserver.c (keyserver_opts, - parse_keyserver_uri): honor-http-proxy is no longer an option - since we can do the same thing with http-proxy with no arguments. - Also remove broken-http-proxy since it can be better handled in - the HTTP helper. - - * keyserver.c (argsep): New variation on strsep that knows about - optional arguments. - (parse_keyserver_options): Use it here for optional arguments. - -2003-12-28 Stefan Bellon - - * plaintext.c (handle_plaintext) [__riscos__]: Don't mangle - filename if the user specified it. - - * g10.c, gpgv.c [__riscos__]: Removal of unnecessary #ifdef - __riscos__ sections. - -2003-12-27 David Shaw - - * keyserver.c (strip_leading_space, get_arg): New. - (parse_keyserver_options): Use them here to allow arguments to - keyserver-options. Since none of our options need arguments yet, - just pass them through whole to the keyserver helper. - - * main.h, misc.c (parse_options): Add a "noisy" flag to enable and - disable the messages about which option didn't match or matched - ambiguously. Change all callers (g10.c, keyserver.c). - - * main.h, import.c (import_options), export.c (export_options): - Pass the noisy flag through. - -2003-12-17 David Shaw - - * build-packet.c (write_fake_data, do_secret_key), seckey-cert.c - (do_check): Use an unsigned length for mpi_get_opaque. - - * options.h: It's impolite to assign -1 to an unsigned - opt.force_ownertrust. - - * sig-check.c (cmp_help, do_check), sign.c (do_sign): Remove old - unused code. - - * keyid.c (keyid_from_sk): Make sure lowbits is initialized. - -2003-12-12 David Shaw - - * sig-check.c (do_check): Move the signing algo and hash checks - from here... - (signature_check2): ... to here. - (check_key_signature2): ... and here. This is a minor - optimization to avoid fetching a key (which can be expensive, - especially if it is not self-signed, and there are many key - signatures on it which need to be checked for ultimate trust) if - the signature would have failed anyway because of algorithm or - hash problems. - -2003-12-10 David Shaw - - * packet.h, build-packet.c (hash_public_key): Remove function ... - - * keydb.h, keyid.c (hash_public_key, do_fingerprint_md): ... and - make a new one here that shares code with the fingerprint - calculations. This removes some duplicated functionality, and is - also around 14% faster. (Every bit helps). - - * import.c (import_one): No longer need the Elgamal import - warning. - - * getkey.c (get_pubkey_fast): This one is sort of obscure. - get_pubkey_fast returns the primary key when requesting a subkey, - so if a user has a key signed by a subkey (we don't do this, but - used to), AND that key is not self-signed, AND the algorithm of - the subkey in question is not present in GnuPG, AND the algorithm - of the primary key that owns the subkey in question is present in - GnuPG, then we will try and verify the subkey signature using the - primary key algorithm and hit a BUG(). The fix is to not return a - hit if the keyid is not the primary. All other users of - get_pubkey_fast already expect a primary only. - -2003-12-09 David Shaw - - * keyid.c (do_fingerprint_md): Remove the rules to hash the old v3 - Elgamal keys. They are no longer needed. - - * keyid.c (keyid_from_sk, keyid_from_pk, fingerprint_from_pk, - fingerprint_from_sk): Enforce the v3-is-only-RSA rule. Anything - that isn't RSA gets a zero keyid and fingerprint. - - * keyid.c (do_fingerprint_md): Properly handle hashing of keys - that we don't know the structure of by using the opaque MPI. - (do_fingerprint_md_sk): We cannot calculate the fingerprint from a - secret key unless we know the structure (since we can't leave off - the secret key parts), so fail early..... - (keyid_from_sk, fingerprint_from_sk): .... and return all zeroes. - -2003-12-03 David Shaw - - * g10.c (strusage, main): Show development version warning in - --version output. - (main): Set --bzip2-compress-level to the default value at - startup. Remove --emulate-checksum-bug noop. - - * options.h, g10.c (main), main.h, seskey.c (do_encode_md, - encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove - --emulate-md-encode-bug as it only applied to Elgamal signatures, - which are going away. - -2003-11-30 David Shaw - - * mainproc.c (proc_symkey_enc, proc_encrypted): Add ability to use - --override-session-key on --symmetric messages (new-style or - old-style). - (proc_pubkey_enc): Move code to show session key from here to - proc_encrypted() so it can work with any type of message. - Suggested by Michael Young. - -2003-11-29 David Shaw - - * trustdb.c (validate_keys): Reset the trustdb before checking if - we have any ultimately trusted keys. This ensures that if we lose - all our ultimately trusted keys, we don't leave behind the old - validity calculations. Noted by Peter Palfrader. - - * revoke.c (gen_desig_revoke): Specify in the comment when a - designated revocation is generated. - - * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, - get_seckey_byname2): Remove Elgamal check since we are removing - type 20 keys altogether. - -2003-11-27 David Shaw - - * pkclist.c (build_pk_list): Do not allow an empty PK list in - interactive mode. - - * keygen.c (ask_algo): Remove ability to generate Elgamal - sign+encrypt keys. - - * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, - get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys. - -2003-11-20 David Shaw - - * seskey.c (do_encode_md): Comment about earlier (pre-PGP 2.3) - encodings. - - * misc.c (compress_algo_to_string): Translate "Uncompressed". - Requested by Tommi Vainikainen. - (string_to_compress_algo): Include multi-string for - "uncompressed|none". - -2003-11-17 David Shaw - - * options.h, g10.c (main), compress-bz2.c (init_uncompress): Add - --bz2-compress-lowmem to set bzlib "small" flag for low memory - (but slow) decompression. - -2003-11-15 David Shaw - - * compress.c (init_compress): Remove compress level 10 trick, - since it is no longer needed. - - * g10.c: Fix typoed option name. - - * compress-bz2.c (init_compress): Compression level 0 is not - meaningful for bzip2. - - * options.h, g10.c (main), compress.c (init_compress), - compress-bz2.c (init_compress): Add --compress-level and - --bzip2-compress-level. -z sets them both. Change various - callers. - - * encode.c (encode_simple), sign.c (sign_symencrypt_file): - Properly use default_compress_algo (--compress-algo, followed by - the highest --personal-compress-preference, followed by ZIP) to - get the algorithm. - -2003-11-14 David Shaw - - * options.h, trustdb.c (trust_model_string, init_trustdb): Add - support for "external" trust model, where the user can provide a - pregenerated trustdb. - - * keyedit.c (keyedit_menu): Do not allow editing ownertrust with - an external trust model trustdb. - -2003-11-13 David Shaw - - * options.h, g10.c, keyedit.c, keylist.c, mainproc.c: Clarify the - plurarility (or not) of various list and verify options. - -2003-11-12 David Shaw - - * g10.c (main): Add --symmetric --sign --encrypt. - - * main.h, encode.c (setup_symkey): New. Prompt for a passphrase - and create a DEK for symmetric encryption. - (write_symkey_enc): New. Write out symmetrically encrypted - session keys. - (encode_crypt, encrypt_filter): Use them here here when creating a - message that can be decrypted with a passphrase or a pk. - - * sign.c (sign_file): Call setup_symkey if we are doing a - --symmetric --sign --encrypt. - -2003-11-09 David Shaw - - * mainproc.c (proc_symkey_enc): Don't show algorithm information - when --quiet is set. Suggested by Duncan Harris. Also don't fail - with BUG() when processing a --symmetric message with a cipher we - don't have. - - * g10.c: Alias --personal-xxx-prefs to --personal-xxx-preferences. - - * pkclist.c (build_pk_list): When adding recipients interactively, - allow the user to stop at any point. - -2003-10-31 David Shaw - - * trustdb.h, trustdb.c (register_trusted_keyid): New. Adds a - keyid to the list of ultimately trusted keys. - - * keygen.c (do_generate_keypair): Use it here so that the ultimate - ownertrust happens before the trustdb (might be) rebuilt. Also - fix an error where the newly generated pk is thought to be a - subkey by the trustdb. - - * g10.c (main): Fix --export-all do actually do something - different than --export. - - * pkclist.c (build_pk_list): Show all recipients rather than - showing each recipient as they are added. - - * mainproc.c (proc_symkey_enc, proc_encrypted): Keep a count of - the number of passphrases that can decrypt a symmetric or mixed - symmetric/pk message and include it in the list of keys shown to - the user. - -2003-10-30 David Shaw - - * misc.c (compress_algo_to_string, string_to_compress_algo, - check_compress_algo): Add bzip2. - - * compress.c (compress_filter): Make static to help force the use - of push_compress_filter. Remove default algorithm setting since - that is done in push_compress_filter now. - - * main.h: Use named algorithm. - - * filter.h, compress.c (push_compress_filter, - push_compress_filter2): New. Figure out which is the appropriate - compression filter to use, and push it into place. - - * compress.c (handle_compressed), encode.c (encode_simple, - encode_crypt), sign.c (sign_file, sign_symencrypt_file), import.c - (read_block), export.c (do_export): Use push_compress_filter - instead of pushing the compression filter ourselves. - - * compress-bz2.c: New. Bzlib versions of the compression filter - routines. - - * Makefile.am: Include compress-bz2.c if bz2lib is available. - -2003-10-30 Werner Koch - - * apdu.c (close_ct_reader, close_pcsc_reader): Implemented. - (get_ccid_error_string): New. Not very useful messages, though. - -2003-10-29 Werner Koch - - * cardglue.c (open_card): Ask for card insertion. - (check_card_serialno): New. - (agent_scd_pksign, agent_scd_pkdecrypt): Use it here. - * cardglue.c (open_card): Issue insertion status message. - * status.h, status.c (STATUS_CARDCTRL): New. - - * status.c (cpr_get_answer_okay_cancel): New. - -2003-10-28 Werner Koch - - * keylist.c (list_keyblock_print): Denote secrets keys stored on a - card with an '>'. Print the '#' also for subkeys. - (list_keyblock_colon): Introduce new field 15 for sec/ssb to print - the serial number. - -2003-10-26 David Shaw - - * g10.c (main): Enhance the version-specific config file code to - try for more specific matches before giving up (e.g. 1.3.3-cvs, - 1.3.3, 1.3, 1). - -2003-10-25 David Shaw - - * g10.c (main): Add --symmetric --encrypt command. This generates - a message that can be decrypted via a passphrase or public key - system. - - * main.h, encode.c (encode_seskey): Allow passing in an - already-created session key dek. - (encode_simple): Use the actual symmetric cipher when encrypting a - session key for a symmetric message. - (encode_crypt): Add a flag to trigger a hybrid mode that can be - decrypted via a passphrase or a pk. Change all callers. - - * mainproc.c (symkey_decrypt_sesskey): There is no way to tell the - difference here between a bad passphrase and a cipher algorithm - that we don't have, so use a error message that makes that clear. - Use the actual list of ciphers when checking whether a cipher is - invalid. Return error if the decrypted cipher algorithm is - invalid. - (proc_symkey_enc): In a mixed passphrase/pk message, if a valid - dek already exists from decrypting via pk, do not try to process - the passphrase. - (proc_symkey_enc): Indicate when we're decrypting a session key as - opposed to decrypting data. If a passphrase is invalid, discard - the dek so we'll keep trying. - -2003-10-25 Werner Koch - - * ccid-driver.c (ccid_open_reader): Return an error if no USB - devices are found. - - * Makefile.am: Replaced INTLLIBS by LIBINTL. - - * g10.c (main) [ENABLE_CARD_SUPPORT]: Add a default for - --pcsc-driver. - - * cardglue.c (learn_status_cb): Fixed faulty use of !space. - -2003-10-24 Werner Koch - - * apdu.c (apdu_open_reader): Hacks for PC/SC under Windows. - -2003-10-21 Werner Koch - - * passphrase.c (ask_passphrase): Add optional promptid arg. - Changed all callers. - * cardglue.c (pin_cb): Use it here, so the machine interface can - tell whether the Admin PIN is requested. - - * cardglue.c (agent_scd_checkpin): New. - - * misc.c (openpgp_pk_algo_usage): Added AUTH usage. - - * app-openpgp.c (check_against_given_fingerprint): New. Factored - out that code elsewhere. - (do_check_pin): New. - * card-util.c (card_edit): New command "passwd". Add logic to - check the PIN in advance. - (card_status): Add new args to return the serial number. Changed - all callers. - -2003-10-14 David Shaw - - * import.c (import_one): Show the keyid when giving the Elgamal - slow import warning. - - * g10.c (main): Older versions used --comment "" to indicate no - comment. Don't add an empty comment. - -2003-10-13 David Shaw - - * keyedit.c (show_key_with_all_names): Ownertrust is only - meaningful for the PGP or classic trust models. Both validity and - ownertrust are not meaningful for the always trust model. - -2003-10-11 Werner Koch - - * keygen.c: Always enable the gen_card_key prototype. - -2003-10-10 Werner Koch - - * cardglue.c (card_close): New. - (agent_scd_change_pin): Implemented. - - * ccid-driver.c (ccid_close_reader): New. - * apdu.c (close_ccid_reader, close_ct_reader, close_csc_reader) - (close_osc_reader, apdu_close_reader): New. Not all are properly - implemented yet. - * g10.c (g10_exit): Use close_card. - -2003-10-09 David Shaw - - * g10.c (main): Give a deprecated option warning for - --show-keyring, --show-photos, --show-policy-url, --show-notation, - and their respective no- forms. - - * options.skel: Remove show-photos and replace with - list/verify-options show-photos. Remove no-mangle-dos-filenames. - - * misc.c (parse_options): Allow for incomplete (but unambiguous) - options. - -2003-10-09 Werner Koch - - * ccid-driver.c (ccid_transceive): Add T=1 chaining for sending. - - * sign.c (do_sign) [!ENABLE_CARD_SUPPORT]: Return an error for - card keys. - - * cardglue.c (agent_scd_pkdecrypt): Implemented. - * pubkey-enc.c (get_it) [ENABLE_CARD_SUPPORT]: Divert decryption - to card - -2003-10-08 Werner Koch - - * cardglue.c (pin_cb): Detect whether an admin or regular PIN is - requested. - (genkey_status_cb): New. - (agent_scd_genkey): Implemented. - - * keygen.c (generate_keypair): New arg CARD_SERIALNO and prepare - parameters for on card key generation. Changed all callers. - (do_generate_keypair): Add new arg card and merged casrd specific - changes from 1.9. - (proc_parameter_file): New arg card, apss it down to - do_generate_keypair and changed all callers. - (gen_card_key): New. - - * g10.c: Include cardclue.h. - (main): s/app_set_default_reader_port/card_set_reader_port/. - * cardglue.c (card_set_reader_port): New to address include file - issues. - -2003-10-02 Werner Koch - - * cardglue.c (learn_status_cb): Release values before assignment - so that it can be used by getattr to update the structure. - (agent_scd_getattr): New. - - * keylist.c (print_pubkey_info): Add FP arg for optional printing - to a stream. Changed all callers. - -2003-10-01 Werner Koch - - * app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c - * apdu.h, ccid-driver.c, ccid-driver.h, card-util.c: Updated - from current GnuPG 1.9. Changes over there are: - * card-util.c: Tweaked to use this source also under 1.3. - (card_edit): New command "forcesig". - * card-util.c (print_name, print_isoname): Use 0 and not LF fro - the max_n arg of tty_print_utf8_string2. - * card-util.c (change_pin): Simplified. We now have only a PIN - and an Admin PIN. - * ccid-driver.c: Detect GnuPG 1.3 and include appropriate files. - * apdu.c: Ditto. - * app-openpgp.c: Ditto. - * iso7816.c: Ditto. - (generate_keypair): Renamed to .. - (do_generate_keypair): .. this. - * app-common.h [GNUPG_MAJOR_VERSION]: New. - * iso7816.h [GNUPG_MAJOR_VERSION]: Include cardglue.h - * app-openpgp.c (do_change_pin): Make sure CVH1 and CHV2 are - always synced. - (verify_chv2, verify_chv3): New. Factored out common code. - (do_setattr, do_sign, do_auth, do_decipher): Change the names of - the prompts to match that we have only 2 different PINs. - (app_select_openpgp): Check whether the card enforced CHV1. - (convert_sig_counter_value): New. Factor out code from - get_sig_counter. - - * Makefile.am (card_support_source): Depend on new AM conditional - to get the ifdef ENABLE_CARD_SUPPORT off the way from source - copied files. - (update-source-from-gnupg-2): Maintainer helper. - -2003-10-01 David Shaw - - * g10.c (main): Add --no-groups to zero --group list. - - * encode.c (encode_simple): Allow for 32 bytes (256 bits) of - symmetrically encrypted session key. Use --s2k-cipher-algo to - choose cipher, rather than the default cipher. - - * parse-packet.c (parse_subkeyenc): Give a warning if an - symmetrically encrypted session key is seen without salt. Show in - --list-packets if a symetrically encrypted session key is present. - - * pubkey-enc.c (get_it): Always show cipher-not-in-prefs warning - unless --quiet is set. Use text name of cipher in warning. - -2003-09-30 David Shaw - - * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add - --verify-option show-unusable-uids. - - * gpgv.c (check_trustdb_stale): Stub. - - * trustdb.c (get_validity): Move the up-to-date check to - check_trustdb_stale (new), so that it can be called before - validity is checked. - - * keylist.c (list_keyblock_print): Disable the overall key - validity display until it can be thought about more. Use - check_trustdb_stale here to avoid putting the check warning in the - middle of a listed key. - - * trustdb.c (init_trustdb): Only verify_own_keys() for those trust - models that it applies to (i.e. classic and OpenPGP). - -2003-09-29 Werner Koch - - * keygen.c (do_add_key_flags, parse_parameter_usage): Add support - the proposed AUTH key flag. - * getkey.c (fixup_uidnode, merge_selfsigs_main) - (merge_selfsigs_subkey, premerge_public_with_secret): Ditto. - * keylist.c (print_capabilities): Ditto. - - * parse-packet.c (parse_key): Allow to parse the divert-to-card - S2K mode. - * build-packet.c (do_secret_key): Handle divert-to-card S2K - * seckey-cert.c (is_secret_key_protected): Ditto. - (check_secret_key): Ditto. - - * keygen.c (do_ask_passphrase): Renamed from ask_passphrase. - * passphrase.c (ask_passphrase): New. - -2003-09-28 Werner Koch - - * g10.c (main): New commands --card-edit, --card-status and - --change-pin. New options --ctapi-driver, --pcsc-driver and - --disable-ccid - * options.h (DBG_CARD_IO): New. - * cardglue.c, cardclue.h: Enhanced. - * card-util.c: New. Taken from current the gnupg 1.9 branch. - * app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c - * apdu.h, ccid-driver.c, ccid-driver.h: New. Takem from the current - gnupg 1.9 branch withy minor changes to include directives. - * Makefile.am: Added these files. - -2003-09-27 Werner Koch - - * sign.c (do_sign) [ENABLE_CARD_SUPPORT]: Divert to card. - * cardglue.c, cardglue.h: New. - * Makefile.am (gpg_LDADD): Added. - (card_support_sources): New. - -2003-09-25 David Shaw - - * options.h, g10.c (main), keylist.c (list_keyblock_print): Add - "show-unusable-uids" list-option to show revoked and/or expired - user IDs. - -2003-09-24 David Shaw - - * keyedit.c (show_key_with_all_names): Show names a little neater - by putting the [revoked] or [expired] in the space used for the - [validity]. There is also no point in showing "[unknown] - [revoked]". - -2003-09-23 David Shaw - - * sign.c (mk_notation_policy_etc): Capitalize "URL". - - * trustdb.c (validate_keys): Give a little more information while - rebuilding trustdb. - - * pkclist.c (do_edit_ownertrust): Clarify "don't know". - - * g10.c (main): Default to --no-mangle-dos-filenames. - - * keydb.h, keyring.c (keyring_search), trustdb.c (search_skipfnc): - Expand the skipfnc to include a pointer to the user ID that - matched. - - * getkey.c (skip_disabled): Rename to skip_unusable, and add - checks for expired or revoked user IDs. - -2003-09-22 David Shaw - - * g10.c (main): Deprecate --default-comment in favor of - --no-comments. - - * options.h, g10.c (main), armor.c (armor_filter): Allow using - --comment multiple times to get multiple Comment: header lines. - --no-comments resets list. - -2003-09-11 David Shaw - - * g10.c (main): Trim --help to commonly used options. Remove -f. - -2003-09-08 David Shaw - - * g10.c (main): Error out if --multifile is used with the commands - that don't support it yet (--sign, --clearsign, --detach-sign, - --symmetric, and --store). - - * g10.c (main): Add --multifile as an alias to turn --encrypt into - --encrypt-files (plus --verify-files, --decrypt-files). - - * encode.c (use_mdc), g10.c (main): Use RFC1991 and RFC2440 - directly to check for MDC usability. Do not set the force_mdc or - disable_mdc flags since there is no point any longer. - -2003-09-04 David Shaw - - * armor.c (parse_hash_header, armor_filter), g10.c (print_hex, - print_mds), pkclist.c (algo_available): Drop TIGER/192 support. - -2003-09-03 David Shaw - - * keyedit.c (show_key_with_all_names): Fix assertion failure when - using toggle to see a secret key. Reported by Maxim Britov. - -2003-08-31 David Shaw - - * g10.c (add_keyserver_url), keyedit.c (keyedit_menu), sign.c - (mk_notation_policy_etc): Clarify a few strings. It's a - "preferred keyserver URL". - - * g10.c (main): Use "keyserver-url" instead of - "preferred-keyserver" for the sake of short and simple commands. - -2003-08-30 David Shaw - - * main.h, keygen.c (keygen_add_keyserver_url): Signature callback - for adding a keyserver URL. - - * keyedit.c (keyedit_menu, menu_set_keyserver_url): New command to - set preferred keyserver to specified (or all) user IDs. - - * build-packet.c (build_sig_subpkt): Set preferred keyserver flag - while building a preferred keyserver subpacket. - - * keylist.c (show_policy_url, show_keyserver_url): URLs might be - UTF8. - - * keyedit.c (menu_addrevoker): Fix leaking a few bytes. - -2003-08-29 David Shaw - - * keyedit.c (show_key_with_all_names): Use list-option - show-long-keyid in main --edit-key display. - - * keyedit.c (print_and_check_one_sig): Use list-option - show-long-keyid in --edit-key "check" function. - -2003-08-28 David Shaw - - * passphrase.c (agent_send_all_options): Make use of $GPG_TTY. - - * g10.c (main): Disable use-agent if passphrase-fd is given - later. Suggested by Kurt Garloff. - - * exec.c, g10.c, gpgv.c, passphrase.c, photoid.c: - s/__MINGW32__/_WIN32/ to help building on native Windows - compilers. Requested by Brian Gladman. From Werner on stable - branch. - -2003-08-25 David Shaw - - * options.h, g10.c (main): Add list-option - list-preferred-keyserver. - - * keyedit.c (change_passphrase): When responding 'no' to the blank - passphrase question, re-prompt for a new passphrase. This is bug - #202. - - * mainproc.c (check_sig_and_print): Use two different preferred - keyserver displays - one if the key is not present (to tell the - user where to get the key), the other if it is present (to tell - the user where the key can be refreshed). - - * packet.h, parse-packet.c (parse_signature): Set flag if a - preferred keyserver is present. - - * keylist.c (list_keyblock_print): Show keyserver url in listings - with list-option show-keyserver-url. - -2003-08-24 David Shaw - - * Makefile.am: Use NETLIBS instead of EGDLIBS. - - * mainproc.c (check_sig_and_print): Get the uid validity before - printing any sig results to avoid munging the output with trustdb - warnings. - - * g10.c (main): Don't include --show-keyring in --help as it is - deprecated. - -2003-08-21 David Shaw - - * gpgv.c: Remove extra semicolon (typo). - - * options.skel: Note that keyserver.pgp.com isn't synchronized, - and explain the roundrobin a bit better. - - * sig-check.c (check_key_signature2), import.c (import_one, - import_revoke_cert, chk_self_sigs, delete_inv_parts, - collapse_uids, merge_blocks): Make much quieter during import of - slightly munged, but recoverable, keys. Use log_error for - unrecoverable import failures. - - * keyring.c (keyring_rebuild_cache): Comment. - - * sign.c (mk_notation_and_policy): Making a v3 signature with - notations or policy urls is an error, not an info (i.e. increment - the errorcount). Don't print the notation or policy url to stdout - since it can be mixed into the output stream when piping and munge - the stream. - -2003-08-12 David Shaw - - * packet.h, sig-check.c (signature_check2, do_check, - do_check_messages): Provide a signing-key-is-revoked flag. Change - all callers. - - * status.h, status.c (get_status_string): New REVKEYSIG status tag - for a good signature from a revoked key. - - * mainproc.c (do_check_sig, check_sig_and_print): Use it here. - - * import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare - actual signatures on import rather than using keyid or class - matching. This does not change actual behavior with a key, but - does mean that all sigs are imported whether they will be used or - not. - - * parse-packet.c (parse_signature): Don't give "signature packet - without xxxx" warnings for experimental pk algorithms. An - experimental algorithm may not have a notion of (for example) a - keyid (i.e. PGP's x.509 stuff). - -2003-08-02 David Shaw - - * options.h, g10.c (main), keylist.c (list_keyblock_print), - keyedit.c (print_and_check_one_sig): New "show-sig-expire" - list-option to show signature expiration dates (if any). - -2003-07-24 David Shaw - - * options.h, g10.c (main, add_keyserver_url): Add - --sig-preferred-keyserver to implant a "where to get my key" - subpacket into a signature. - - * sign.c (mk_notation_and_policy): Rename to - mk_notation_policy_etc and add preferred keyserver support for - signatures. - -2003-07-21 David Shaw - - * keygen.c (do_add_key_flags): Don't set the certify flag for - subkeys. - (ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal - subkeys. - (generate_keypair): Provide key flags for the default DSA/Elgamal - keys. - - * sig-check.c (signature_check, signature_check2, - check_key_signature, check_key_signature2): Allow passing NULLs - for unused parameters in the x2 form of each function to avoid the - need for dummy variables. getkey.c, mainproc.c: Change all - callers. - - * trustdb.h, trustdb.c (read_trust_options): New. Returns items - from the trustdb version record. - - * keylist.c (public_key_list): Use it here for the new "tru" - record. - - * gpgv.c (read_trust_options): Stub. - -2003-07-20 David Shaw - - * keyedit.c (show_key_with_all_names): Use list-option - show-validity in --edit-key interface as well. - -2003-07-19 David Shaw - - * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add - verify-options "show-validity" and "show-long-keyid" to show - trustdb validity and long keyids during (file) signature - verification. - - * packet.h, main.h, sig-check.c (signature_check2, - check_key_signature2, do_check): If ret_pk is set, fill in the pk - used to verify the signature. Change all callers in getkey.c, - mainproc.c, and sig-check.c. - - * keylist.c (list_keyblock_colon): Use the ret_pk from above to - put the fingerprint of the signing key in "sig" records during a - --with-colons --check-sigs. This requires --no-sig-cache as well - since we don't cache fingerprints. - -2003-07-10 David Shaw - - * parse-packet.c (parse_signature): No need to reserve 8 bytes for - the unhashed signature cache any longer. - - * misc.c (pct_expando): Add two new expandos - signer's - fingerprint (%g), and signer's primary fingerprint (%p). - - * Makefile.am: Include W32LIBS where appropriate. - - * g10.c (main): Add --rfc2440 alias for --openpgp since in a few - months, they won't be the same thing. - - * keyserver.c (parse_keyserver_uri): Accept "http" as an alias for - "hkp", since it is occasionally written that way. - (keyserver_spawn): Use ascii_isspace to avoid locale issues. - - * keygen.c (ask_user_id): Make --allow-freeform-uid apply to the - email field as well as the name field, and allow mixing fields - when it is set. - - * options.skel: Use subkeys.pgp.net as the default keyserver. - - * trustdb.c (validate_one_keyblock): Certifications on revoked or - expired uids do not count in the web of trust. - - * signal.c (init_one_signal, pause_on_sigusr, do_block): Only use - sigprocmask() if we have sigset_t, and only use sigaction() if we - have struct sigaction. This is for Forte c89 on Solaris which - seems to define only the function call half of the two pairs by - default. - (pause_on_sigusr): Typo. - (do_block): If we can't use sigprocmask() and sigset_t, try to get - the number of signals from NSIG as well as MAXSIG, and if we - can't, fail with an explanation. - - * signal.c, tdbio.c: Comment out the transaction code. It was not - used in this version, and was causing some build problems on - quasi-posix platforms (Solaris and Forte c89). - - * keylist.c (list_keyblock_colon): Don't include validity values - when listing secret keys since they can be incorrect and/or - misleading. This is a temporary kludge, and will be handled - properly in 1.9/2.0. - - * mainproc.c (check_sig_and_print): Only show the "key available - from" preferred keyserver line if the key is not currently - present. - - * keyedit.c (sign_uids): Do not sign expired uids without --expert - (same behavior as revoked uids). Do not allow signing a user ID - without a self-signature. --expert overrides. Add additional - prompt to the signature level question. - (menu_expire): When changing expiration dates, don't replace - selfsigs on revoked uids since this would effectively unrevoke - them. There is also no point in replacing expired selfsigs. This - is bug #181 - -2003-07-10 David Shaw (from Werner on stable branch) - - * g10.c (add_notation_data): Make sure that only ascii is passed - to iscntrl. Noted by Christian Biere. - * getkey.c (classify_user_id2): Replaced isspace by spacep - * keygen.c (ask_user_id): Ditto. - (get_parameter_algo): Ditto. - * keyedit.c (keyedit_menu): Ditto. - * tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/. - * revoke.c (ask_revocation_reason): - * keyserver.c (keyserver_spawn): Dito. - -2003-06-10 Werner Koch - - * parse-packet.c (parse): Disallow old style partial length for - all key material packets to avoid possible corruption of keyrings. - -2003-06-08 Werner Koch - - * import.c (import_keys_internal): Invalidate the cache so that - the file descriptor gets closed. Fixes bug reported by Juan - F. Codagnone. - -2003-06-04 David Shaw - - * options.skel: Use new hkp://subkeys.pgp.net as sample keyserver - since they at least handle subkeys correctly. - - * options.h, g10.c (main), main.h, keylist.c (show_keyserver_url), - mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt, - parse_one_sig_subpkt, can_handle_critical): Add read-only support - for preferred keyserver subpackets. They're basically policy URLs - with a different name. Add a verify-option - "show-preferred-keyserver" to turn them on and off (on by default, - as per stable branch). - - * g10.c (main): Add "--set-notation" as alias to "--notation-data" - this is to make things consistent with --set-policy-url meaning - both sigs and certs. - -2003-06-03 David Shaw - - * options.h, g10.c (main), keylist.c (list_keyblock_print): Add - "show-validity" and "show-long-keyid" list-options. - - * gpgv.c (get_validity, trust_value_to_string): Stubs. - - * g10.c (main): Use SAFE_VERSION instead of VERSION in the - version-specific gpg.conf file so it can be overridden on RISCOS. - -2003-06-01 David Shaw - - * g10.c (main), keylist.c (show_policy_url, show_notation), - mainproc.c (check_sig_and_print): Emulate the old policy and - notation behavior (display by default). Send to status-fd whether - it is displayed on the screen or not. - - * g10.c (main): Since we now have some options in devel that won't - work in a stable branch gpg.conf file, try for a version-specific - gpg.conf-VERSION file before falling back to gpg.conf. - - * main.h, options.h: Move various option flags to options.h. - -2003-05-31 David Shaw - - * mainproc.c (check_sig_and_print), main.h, keylist.c - (show_policy, show_notation): Collapse the old print_notation_data - into show_policy() and show_notation() so there is only one - function to print notations and policy URLs. - - * options.h, main.h, g10.c (main), keyedit.c - (print_and_check_one_sig), keylist.c (list_one, - list_keyblock_print), pkclist.c (do_edit_ownertrust), sign.c - (mk_notation_and_policy): New "list-options" and "verify-options" - commands. These replace the existing - --show-photos/--no-show-photos, - --show-notation/--no-show-notation, - --show-policy-url/--no-show-policy-url, and --show-keyring - options. The new method is more flexible since a user can specify - (for example) showing photos during sig verification, but not in - key listings. The old options are emulated. - - * main.h, misc.c (parse_options): New general option line - parser. Fix the bug in the old version that did not handle report - syntax errors after a valid entry. - - * import.c (parse_import_options), export.c - (parse_export_options): Call it here instead of duplicating the - code. - -2003-05-30 David Shaw - - * keylist.c (list_one): Don't show the keyring filename when in - --with-colons mode. Actually translate "Keyring" string. - - * mainproc.c (proc_tree): We can't currently handle multiple - signatures of different classes or digests (we'd pretty much have - to run a different hash context for each), but if they are all the - same, make an exception. This is Debian bug #194292. - - * sig-check.c (check_key_signature2): Make string translatable. - - * packet.h, getkey.c (fixup_uidnode): Mark real primary uids - differently than assumed primaries. - - * keyedit.c (no_primary_warning): Use the differently marked - primaries here in a new function to warn when an --edit-key - command might rearrange the self-sig dates enough to change which - uid is primary. - (menu_expire, menu_set_preferences): Use no_primary_warning() - here. - - * Makefile.am: Use @DLLIBS@ for -ldl. - -2003-05-26 David Shaw - - * getkey.c (premerge_public_with_secret): Made "no secret subkey - for" warning a verbose item and translatable. (From wk on stable - branch) - - * sig-check.c (check_key_signature2): Made "no subkey for subkey - binding packet" a verbose item instead of a !quiet one. There are - too many garbled keys out in the wild. (From wk on stable branch) - - * filter.h: Remove const from WHAT. (From wk on stable branch) - - * progress.c (handle_progress): Store a copy of - NAME. (progress_filter): Release WHAT, make sure not to print a - NULL WHAT. (From wk on stable branch) - - * openfile.c (open_sigfile): Adjust free for new progress - semantics. (From wk on stable branch) - - * plaintext.c (ask_for_detached_datafile): Don't dealloc - pfx->WHAT. (From wk on stable branch) - - * seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when the - cipher algo is IDEA to make it easier to track down the - problem. (From twoaday on stable branch) - -2003-05-24 David Shaw - - * armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, - build-packet.c, getkey.c, keydb.c, openfile.c, plaintext.c, - status.c, gpgv.c, keygen.c, options.h, sig-check.c, tdbio.h, - encode.c, mainproc.c, parse-packet.c, signal.c, textfilter.c: Edit - all preprocessor instructions to remove whitespace before the '#'. - This is not required by C89, but there are some compilers out - there that don't like it. - -2003-05-21 David Shaw - - * trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename - is_disabled to cache_disabled_value, which now takes a pk and not - just the keyid. This is for speed since there is no need to - re-fetch a key when we already have that key handy. Cache the - result of the check so we don't need to hit the trustdb more than - once. - - * getkey.c (skip_disabled): New function to get a pk and call - is_disabled on it. (key_byname): Use it here. - - * packet.h, getkey.c (skip_disabled), keylist.c - (print_capabilities): New "pk_is_disabled" macro to retrieve the - cached disabled value if available, and fill it in via - cache_disabled_value if not available. - - * trustdb.c (get_validity): Cache the disabled value since we have - it handy and it might be useful later. - - * parse-packet.c (parse_key): Clear disabled flag when parsing a - new key. Just in case someone forgets to clear the whole key. - - * getkey.c (merge_selfsigs_main): Add an "if all else fails" path - for setting a single user ID primary when there are multiple set - primaries all at the same second, or no primaries set and the most - recent user IDs are at the same second, or no signed user IDs at - all. This is arbitrary, but deterministic. - - * exec.h, photoid.h: Add copyright message. - - * keylist.c (list_keyblock_print): Don't dump attribs for - revoked/expired/etc uids for non-colon key listings. This is for - consistency with --show-photos. - - * main.h, keylist.c (dump_attribs), mainproc.c - (check_sig_and_print): Dump attribs if --attrib-fd is set when - verifying signatures. - - * g10.c (main): New --gnupg option to disable the various - --openpgp, --pgpX, etc. options. This is the same as --no-XXXX - for those options. - - * revoke.c (ask_revocation_reason): Clear old reason if user - elects to repeat question. This is bug 153. - - * keyedit.c (sign_uids): Show keyid of the key making the - signature. - -2003-05-21 Werner Koch - - * progress.c (handle_progress) - * sign.c (write_plaintext_packet) - * encode.c (encode_simple,encode_crypt): Make sure that a filename - of "-" is considered to be stdin so that iobuf_get_filelength - won't get called. This fixes bug 156 reported by Gregery Barton. - -2003-05-02 David Shaw - - * packet.h, build-packet.c (build_sig_subpkt), export.c - (do_export_stream), import.c (remove_bad_stuff, import), - parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt): Remove - vestigal code for the old sig cache subpacket. This wasn't - completely harmless as it caused subpacket 101 to disappear on - import and export. - - * options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, - sign.c, encode.c, getkey.c, revoke.c: The current flags for - different levels of PGP-ness are massively complex. This is step - one in simplifying them. No functional change yet, just use a - macro to check for compliance level. - - * sign.c (sign_file): Fix bug that causes spurious compression - preference warning. - - * sign.c (clearsign_file): Fix bug that prevents proper warning - message from appearing when clearsigning in --pgp2 mode with a - non-v3 RSA key. - - * main.h, misc.c (compliance_option_string, compliance_string, - compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file, - clearsign_file), encode.c (encode_crypt, - write_pubkey_enc_from_list): New functions to put the "this - message may not be usable...." warning in one place. - - * options.h, g10.c (main): Part two of the simplification. Use a - single enum to indicate what we are compliant to (1991, 2440, - PGPx, etc.) - - * g10.c (main): Show errors for failure in export, send-keys, - recv-keys, and refresh-keys. - - * options.h, g10.c (main): Give algorithm warnings for algorithms - chosen against the --pgpX and --openpgp rules. - - * keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in - --openpgp mode. - - * sign.c (sign_file), pkclist.c (algo_available): Allow passing a - hint of 0. - -2003-05-01 David Shaw - - * tdbio.c (create_version_record): Only create new trustdbs with - TM_CLASSIC or TM_PGP. - - * trustdb.h, trustdb.c (trust_string, get_ownertrust_string, - get_validity_string, ask_ownertrust, validate_keys), pkclist.c - (do_edit_ownertrust): Rename trust_string to trust_value_to_string - for naming consistency. - - * trustdb.h, trustdb.c (string_to_trust_value): New function to - translate a string to a trust value. - - * g10.c (main): Use string_to_trust_value here for - --force-ownertrust. - - * options.h, g10.c (main), trustdb.c (trust_model_string, - init_trustdb, check_trustdb, update_trustdb, get_validity, - validate_one_keyblock): An "OpenPGP" trust model is misleading - since there is no official OpenPGP trust model. Use "PGP" - instead. - -2003-04-30 David Shaw - - * build-packet.c (build_sig_subpkt): Comments. - - * exec.c (exec_write): Cast NULL to void* to properly terminate - varargs list. - - * keyedit.c (show_key_with_all_names): Just for safety, catch an - invalid pk algorithm. - - * sign.c (make_keysig_packet): Crucial that the call to mksubpkt - comes LAST before the calls to finalize the sig as that makes it - possible for the mksubpkt function to get a reliable pointer to - the subpacket area. - - * pkclist.c (do_we_trust_pre): If an untrusted key was chosen by a - particular user ID, use that ID as the one to ask about when - prompting whether to use the key anyway. - (build_pk_list): Similar change here when adding keys to the - recipient list. - - * trustdb.c (update_validity): Fix bug that prevented more than - one validity record per trust record. - (get_validity): When retrieving validity for a (user) supplied - user ID, return the validity for that user ID only, and do not - fall back to the general key validity. - (validate_one_keyblock): Some commentary on whether - non-self-signed user IDs belong in the web of trust (arguably, - they do). - -2003-04-27 David Shaw - - * g10.c (main): Add --no-textmode. - - * export.c (do_export_stream), keyedit.c (show_key_with_all_names, - menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c - (show_photos), sign.c (mk_notation_and_policy), trustdb.c - (get_validity, reset_trust_records, validate_keys): Make some - strings translatable. - - * mainproc.c (check_sig_and_print): Show digest algorithm and sig - class when verifying a sig with --verbose on, and add version, pk - and hash algorithms and sig class to VALIDSIG. - - * parse-packet.c (enum_sig_subpkt): Make a warning message a - --verbose warning message since we don't need to warn every time - we see an unknown critical (we only need to invalidate the - signature). - - * trustdb.c (init_trustdb): Check the trustdb options even with - TM_AUTO since the auto may become TM_CLASSIC or TM_OPENPGP. - -2003-04-26 David Shaw - - * sign.c (do_sign): Show the hash used when making a signature in - verbose mode. - - * tdbio.h, tdbio.c (tdbio_read_model): New function to return the - trust model used in a given trustdb. - - * options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb, - update_trustdb): Use tdbio_read_model to implement an "auto" trust - model which is set via the trustdb. - -2003-04-23 David Shaw - - * import.c (import_revoke_cert): Remove ultimate trust when - revoking an ultimately trusted key. - - * keyedit.c (sign_uids): Allow replacing expired signatures. - Allow duplicate signatures with --expert. - - * pkclist.c (check_signatures_trust): Don't display a null - fingerprint when checking a signature with --always-trust enabled. - - * filter.h (progress_filter_context_t), progress.c - (handle_progress), plaintext.c (ask_for_detached_datafile, - hash_datafiles): Fix compiler warnings. Make "what" constant. - - * build-packet.c (do_plaintext): Do not create invalid literal - packets with >255-byte names. - -2003-04-15 Werner Koch - - * Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS. - - * g10.c, options.h: New option --enable-progress-filter. - * progress.c (handle_progress): Make use of it. - -2003-04-15 Marcus Brinkmann - - * progress.c: New file. - * Makefile.am (common_source): Add progress.c. - * filter.h (progress_filter_context_t): New type. - (progress_filter, handle_progress): New prototypes. - * main.h (open_sigfile): New argument for prototype. - * openfile.c (open_sigfile): New argument to install progress - filter. - * encode.c (encode_simple): New variable PFX. Register - progress filter. Install text_filter after that. - (encode_crypt): Likewise. - * sign.c (sign_file): Likewise. - (clearsign_file): Likewise. - * decrypt.c (decrypt_message): Likewise. - (decrypt_messages): Likewise. - * verify.c (verify_signatures): Likewise. - (verify_one_file): Likewise. - * plaintext.c (hash_datafiles): Likewise. - (ask_for_detached_datafile): Likewise. - -2003-04-10 Werner Koch - - * passphrase.c (read_passphrase_from_fd): Do a dummy read if the - agent is to be used. Noted by Ingo Klöcker. - (agent_get_passphrase): Inhibit caching when we have no - fingerprint. This is required for key generation as well as for - symmetric only encryption. - - * passphrase .c (agent_get_passphrase): New arg CANCELED. - (passphrase_to_dek): Ditto. Passed to above. Changed all - callers to pass NULL. - * seckey-cert.c (do_check): New arg CANCELED. - (check_secret_key): Terminate loop when canceled. - - * keyedit.c (change_passphrase): Pass ERRTEXT untranslated to - passphrase_to_dek and translate where appropriate. - * seckey-cert.c (check_secret_key): Ditto. - * keygen.c (ask_passphrase): Ditto. - * passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT. - Switch the codeset to utf-8. - -2003-04-09 Werner Koch - - * decrypt.c (decrypt_messages): Fixed error handling; the function - used to re-loop with same file after an error. Reported by Joseph - Walton. - -2003-04-08 David Shaw - - * main.h, g10.c (main), import.c (parse_import_options, - fix_pks_corruption): It's really PKS corruption, not HKP - corruption. Keep the old repair-hkp-subkey-bug command as an - alias. - - * g10.c (main): Rename --no-version to --no-emit-version for - consistency. Keep --no-version as an alias. - -2003-04-04 David Shaw - - * pkclist.c (algo_available): PGP 8 can use the SHA-256 hash. - - * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove - unused code. - -2003-04-01 Werner Koch - - * mainproc.c (check_sig_and_print): Add primary key fpr to VALIDSIG - status. - -2003-03-24 David Shaw - - * keydb.h: Err on the side of making an unknown signature a SIG - rather than a CERT. - - * import.c (delete_inv_parts): Discard any key signatures that - aren't key types (i.e. 0x00, 0x01, etc.) - - * g10.c (main): Add deprecated option warning for - --list-ownertrust. Add --compression-algo alias for - --compress-algo. Change --version output strings to match - "showpref" strings, and make translatable. - - * status.c (do_get_from_fd): Accept 'y' as well as 'Y' for - --command-fd boolean input. - - * trustdb.c: Fix typo (DISABLE_REGEXP -> DISABLE_REGEX) - - * keyedit.c (show_key_with_all_names_colon): Show no-ks-modify - flag. - -2003-03-11 David Shaw - - * options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv" - keyserver option. Defaults to on. - - * passphrase.c (agent_get_passphrase): Fix memory leak with - symmetric messages. Fix segfault with symmetric messages. Fix - incorrect prompt with symmetric messages. - -2003-03-10 Werner Koch - - * compress.c (init_uncompress): Use a 15 bit window size so that - the output of implementations which don't run for PGP 2 - compatibility won't get garbled. - -2003-03-04 David Shaw - - * trustdb.c (validate_keys): Mask the ownertrust when building the - list of fully valid keys so that disabled keys are still counted - in the web of trust. - (get_ownertrust_with_min): Do the same for the minimum ownertrust - calculation. - - * parse-packet.c (dump_sig_subpkt): Show the notation names for - not-human-readable notations. Fix cosmetic off-by-one length - counter. - - * options.skel: Add explantion and commented-out - "no-mangle-dos-filenames". - - * mainproc.c (proc_encrypted): Make string translatable. - - * keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit - characters in the uid strings sent to the keyserver helper. - - * keyring.c (keyring_rebuild_cache): Lock the keyring while - rebuilding the signature caches to prevent another gpg from - tampering with the temporary copy. - - * keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in - default prefs. - - * keyedit.c (show_prefs): Make strings translatable. - - * keydb.c: Double the maximum number of keyrings to 40. - - * gpgv.c (main): Fix bug #113 - gpgv should accept the - --ignore-time-conflict option. - - * g10.c (main): --openpgp disables --pgpX. Double the amount of - secure memory to 32k (keys are getting bigger these days). - - * Makefile.am: Makefile.am: Use @CAPLIBS@ to link in -lcap if we - are using capabilities. - -2003-02-26 David Shaw - - * keyserver.c (keyserver_spawn): Include various pieces of - information about the key in the data sent to the keyserver - helper. This allows the helper to use it in instructing a remote - server which may not have any actual OpenPGP smarts in parsing - keys. - - * main.h, export.c (export_pubkeys_stream, do_export_stream): Add - ability to return only the first match in an exported keyblock for - keyserver usage. This should be replaced at some point with a - more flexible solution where each key can be armored seperately. - -2003-02-22 David Shaw - - * sign.c (sign_file): Do not push textmode filter onto an unopened - IOBUF (segfault). Noted by Marcus Brinkmann. Push and - reinitialize textmode filter for each file in a multiple file - list. - - * packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Set - and show the keyserver no-modify flag. - - * keygen.c (add_keyserver_modify): New. - (keygen_upd_std_prefs): Call it here. - (keygen_set_std_prefs): Accept "ks-modify" and "no-ks-modify" as - prefs to set and unset keyserver modify flag. - - * g10.c (main): Accept "s1" in addition to "idea" to match the - other ciphers. - - * main.h, misc.c (idea_cipher_warn): We don't need this if IDEA - has been disabled. - -2003-02-21 David Shaw - - * keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in - default prefs if they are disabled. - - * g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5 - support. Use 3DES for the s2k cipher in --openpgp mode. - (print_mds): #ifdef all of the optional digest algorithms. - -2003-02-12 David Shaw - - * keydb.h, getkey.c (classify_user_id, classify_user_id2): Make - 'exact' a per-desc item. Merge into one function since - 'force_exact' is no longer needed. - (key_byname): Use new classify_user_id function, and new exact - flag in KEYDB_SEARCH_DESC. - - * keyring.h, keyring.c (keyring_search): Return an optional index - to show which KEYDB_SEARCH_DESC was the matching one. - - * keydb.h, keydb.c (keydb_search): Rename to keydb_search2, and - pass the optional index to keyring_search. Add a macro version of - keydb_search that calls this new function. - - * export.c (do_export_stream): If the keyid! syntax is used, - export only that specified key. If the key in question is a - subkey, export the primary plus that subkey only. - -2003-02-11 David Shaw - - * exec.c (set_exec_path): Add debugging line. - - * g10.c (print_hex, print_mds): Print long hash strings a lot - neater. This assumes at least an 80-character display, as there - are a few other similar assumptions here and there. Users who - need unformatted hashes can still use with-colons. Check that - SHA384 and 512 are available before using them as they are no - longer always available. - - * Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ - as GNUPG_LIBEXECDIR so it can be easily overridden at make time. - -2003-02-04 David Shaw - - * armor.c (parse_hash_header, armor_filter): Accept the new SHAs - in the armor Hash: header. - - * g10.c (print_hex): Print long hash strings a little neater. - (print_mds): Add the new SHAs to the hash list. - -2003-02-02 David Shaw - - * keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on - a v4 key (treat as a v4 revocation). - - * import.c (print_import_check): Do not re-utf8 convert user IDs. - -2003-01-27 David Shaw - - * mainproc.c (list_node): Show signature expiration date in - with-colons sig records. - - * keylist.c (list_keyblock_colon), mainproc.c (list_node): Show - trust sig information in with-colons sig records. - -2003-01-16 David Shaw - - * g10.c (add_group): Trim whitespace after a group name so it does - not matter where the user puts the = sign. - - * options.skel: Comment out the first three lines in case someone - manually copies the skel file to their homedir. - - * sign.c (clearsign_file): Only use pgp2mode with v3 keys and - MD5. This matches what we do when decoding such messages and - prevents creating a message (v3+RIPEMD/160) that we can't verify. - - * sig-check.c (signature_check2): Use G10ERR_GENERAL as the error - for signature digest conflict. BAD_SIGN implies that a signature - was checked and we may try and print out a user ID for a key that - doesn't exist. - -2003-01-15 David Shaw - - * trustdb.c (init_trustdb, get_validity): Don't use a changed - trust model to indicate a dirty trustdb, and never auto-rebuild a - dirty trustdb with the "always" trust model. - - * g10.c (add_group): Last commit missed the \t ;) - -2003-01-14 David Shaw - - * packet.h, parse-packet.c (setup_user_id), free-packet.c - (free_user_id), keydb.h, keyid.c (namehash_from_uid): New function - to rmd160-hash the contents of a user ID packet and cache it in - the uid object. - - * keylist.c (list_keyblock_colon): Use namehash in field 8 of - uids. Show dates for creation (selfsig date), and expiration in - fields 6 and 7. - - * trustdb.c (get_validity, get_validity_counts, update_validity): - Use new namehash function rather than hashing it locally. - -2003-01-14 Werner Koch - - * g10.c (add_group): Fixed group parsing to allow more than one - delimiter in a row and also allow tab as delimiter. - -2003-01-12 David Shaw - - * tdbio.c (tdbio_set_dbname): Fix assertion failure with - non-fully-qualified trustdb names. - -2003-01-11 David Shaw - - * trustdb.c (get_validity_info, get_ownertrust_info, - trust_letter): Simplify by returning a ? for error directly. - - * keyedit.c (show_key_with_all_names): Use get_validity_string and - get_ownertrust_string to show full word versions of trust - (i.e. "full" instead of 'f'). - - * trustdb.h, trustdb.c (get_ownertrust_string, - get_validity_string): Same as get_ownertrust_info, and - get_validity_info, except returns a full string. - - * trustdb.c (get_ownertrust_with_min): New. Same as - 'get_ownertrust' but takes the min_ownertrust value into account. - -2003-01-10 David Shaw - - * armor.c (armor_filter): Comment about PGP's end of line tab - problem. - - * trustdb.h, trustdb.c (trust_letter): Make - static. (get_ownertrust_info, get_validity_info): Don't mask the - trust level twice. - - * trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info), - keylist.c (list_keyblock_colon), keyedit.c - (show_key_with_all_names_colon, menu_revuid): Pass a user ID in - rather than a namehash, so we only have to do the hashing in one - place. - - * packet.h, pkclist.c (build_pk_list), free-packet.c - (release_public_key_parts): Remove unused namehash element for - public keys. - -2003-01-07 David Shaw - - * keygen.c (keygen_set_std_prefs): Warn when setting an IDEA - preference when IDEA is not available. - -2003-01-06 David Shaw - - * trustdb.c (get_validity_info): 'd' for disabled is not a - validity value any more. - - * packet.h, tdbio.h, tdbio.c (tdbio_read_record, - tdbio_write_record), trustdb.c (update_validity): Store temporary - full & marginal counts in the trustdb. - (clear_validity, get_validity_counts): Return and clear temp - counts. - (store_validation_status): Keep track of which keyids have been - stored. - (validate_one_keyblock, validate_key_list): Use per-uid copies of - the full & marginal counts so they can be recalled for multiple - levels. - (validate_keys): Only use unused keys for each new round. - (reset_unconnected_keys): Rename to reset_trust_records, and only - skip specifically excluded records. - - * keylist.c (print_capabilities): Show 'D' for disabled keys in - capabilities section. - - * trustdb.c (is_disabled): Remove incorrect comment. - -2003-01-03 David Shaw - - * import.c (import_one): Only do the work to create the status - display for interactive import if status is enabled. - - * keyring.c (keyring_search): skipfnc didn't work properly with - non-keyid searches. Noted by Stefan Bellon. - - * getkey.c (merge_selfsigs_main): Remove some unused code and make - sure that the pk selfsigversion member accounts for 1F direct - sigs. - -2003-01-02 Werner Koch - - * keydb.c (keydb_add_resource): Don't assume that try_make_homedir - terminates but check again for the existence of the directory and - continue then. - * openfile.c (copy_options_file): Print a warning if the skeleton - file has active options. - -2002-12-29 David Shaw - - * getkey.c (merge_selfsigs_main), main.h, sig-check.c - (check_key_signature2): Pass the ultimately trusted pk directly to - check_key_signature2 to avoid going through the key selection - mechanism. This prevents a deadly embrace when two keys without - selfsigs each sign the other. - -2002-12-27 David Shaw - - * keyserver.c (keyserver_refresh): Don't print the "refreshing..." - line if there are no keys to refresh or if there is no keyserver - set. - - * getkey.c (merge_selfsigs_main): Any valid user ID should make a - key valid, not just the last one. This also fixes Debian bug - #174276. - -2002-12-27 Stefan Bellon - - * import.c (print_import_check): Changed int to size_t. - -2002-12-27 David Shaw - - * keyedit.c (keyedit_menu, menu_revuid): Add "revuid" feature to - revoke a user ID. This is the same as issuing a revocation for - the self-signature, but a much simpler interface to do it. - -2002-12-26 David Shaw - - * keydb.h, getkey.c (key_byname): Flag to enable or disable - including disabled keys. Keys specified via keyid (i.e. 0x...) - are always included. - - * getkey.c (get_pubkey_byname, get_seckey_byname2, - get_seckey_bynames), keyedit.c (keyedit_menu, menu_addrevoker): - Include disabled keys in these functions. - - * pkclist.c (build_pk_list): Do not include disabled keys for -r - or the key prompt. Do include disabled keys for the default key - and --encrypt-to. - - * trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping - disabled keys. - - * gpgv.c (is_disabled): Stub. - - * keygen.c (keygen_add_key_expire): Properly handle updating a key - expiration to a no-expiration value. - - * keyedit.c (enable_disable_key): Comment. - - * import.c (import_one): When in interactive mode and --verbose, - don't repeat some key information twice. - -2002-12-22 Timo Schulz - - * import.c (print_import_check): New. - (import_one): Use it here. - Use merge_keys_and_selfsig in the interactive mode to avoid - wrong key information. - * status.h: Add new status code. - * status.c: Ditto. - -2002-12-13 David Shaw - - * pkclist.c (do_we_trust): Tweak language to refer to the "named - user" rather than "owner". Noted by Stefan Bellon. - - * trustdb.h, trustdb.c (trustdb_pending_check): New function to - check if the trustdb needs a check. - - * import.c (import_keys_internal): Used here so we don't rebuild - the trustdb if it is still clean. - (import_one, chk_self_sigs): Only mark trustdb dirty if the key - that is being imported has any sigs other than self-sigs. - Suggested by Adrian von Bidder. - - * options.skel: Include the required '=' sign in the sample - 'group' option. Noted by Stefan Bellon. - - * import.c (chk_self_sigs): Don't try and check a subkey as if it - was a signature. - -2002-12-11 David Shaw - - * tdbio.c (tdbio_read_record, tdbio_write_record): Compact the - RECTYPE_TRUST records a bit. - - * g10.c (main): Comment out --list-trust-path until it can be - implemented. - - * import.c (import_one): Warn when importing an Elgamal primary - that this may take some time (to verify self-sigs). - (chk_self_sigs): Try and cache all self-sigs so the keyblock is - written to the keyring with a good rich cache. - - * keygen.c (ask_algo): Make the Elgamal sign+encrypt warning - stronger, and remove the RSA sign+encrypt warning. - -2002-12-06 Stefan Bellon - - * options.h: Fixed typo (mangle_dos_names instead of - mangle_dos_filenames). - -2002-12-05 Werner Koch - - * g10.c: New options --[no-]mangle-dos-filenames. - * options.h (opt): Added mangle-dos-filenames. - * openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the - filename only when this option is set; this is the default. - -2002-12-04 David Shaw - - * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) - change. Minimal isn't always best. - - * sign.c (update_keysig_packet): Use the current time rather then - a modification of the original signature time. Make sure that - this doesn't cause a time warp. - - * keygen.c (keygen_add_key_expire): Properly handle a key - expiration date in the past (use a duration of 0). - - * keyedit.c (menu_expire): Use update_keysig_packet so any sig - subpackets are maintained during the update. - - * build-packet.c (build_sig_subpkt): Mark sig expired or unexpired - when the sig expiration subpacket is added. - (build_sig_subpkt_from_sig): Handle making an expiration subpacket - from a sig that has already expired (use a duration of 0). - - * packet.h, sign.c (update_keysig_packet), keyedit.c - (menu_set_primary_uid, menu_set_preferences): Add ability to issue - 0x18 subkey binding sigs to update_keysig_packet and change all - callers. - - * trustdb.c (validate_keys): Show trust parameters when building - the trustdb, and make sure that the version record update was - successful. - (init_trustdb): If the current parameters aren't what was used for - building the trustdb, the trustdb is invalid. - - * tbio.c (tdbio_db_matches_options): Update to work with new - trustdbs. - -2002-12-03 David Shaw - - * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store - trust model in the trustdb version record. - (tdbio_update_version_record): New function to update version - record values during a trustdb check or update. - (tdbio_dump_record): Show trust model in dump. - - * trustdb.c (validate_keys): Call tdbio_update_version_record on - success so that the correct options are stored in the trustdb. - - * options.h: rearrange trust models so that CLASSIC is 0 and - OPENPGP is 1. - - * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list), - pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 - mode. This is basically identical to --pgp7 in all ways except - that signing subkeys, v4 data sigs (including expiration), and SK - comments are allowed. - - * getkey.c (finish_lookup): Comment. - - * main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): - Reorder user ID display in the --edit-key menu to match that of - the --list-keys display. - - * g10.c (add_notation_data): Fix initialization. - -2002-12-01 David Shaw - - * keyedit.c (menu_expire): Don't lose key flags when changing the - expiration date of a subkey. This is not the most optimal - solution, but it is minimal change on the stable branch. - - * main.h, keygen.c (do_copy_key_flags): New function to copy key - flags, if any, from one sig to another. - (do_add_key_expire): New function to add key expiration to a sig. - (keygen_copy_flags_add_expire): New version of - keygen_add_key_expire that also copies key flags. - (keygen_add_key_flags_and_expire): Use do_add_key_expire. - - * import.c (fix_hkp_corruption): Comment. - -2002-11-25 Stefan Bellon - - * plaintext.c (handle_plaintext) [__riscos__]: If nooutput is set, - no filetype is needed obviously. - -2002-11-24 David Shaw - - * main.h, misc.c (default_cipher_algo, default_compress_algo): - New. Return the default algorithm by trying - --cipher-algo/--compress-algo, then the first item in the pref - list, then s2k-cipher-algo or ZIP. - - * sign.c (sign_file, sign_symencrypt_file), encode.c - (encode_simple, encode_crypt): Call default_cipher_algo and - default_compress_algo to get algorithms. - - * g10.c (main): Allow pref selection for compress algo with - --openpgp. - - * mainproc.c (proc_encrypted): Use --s2k-digest-algo for - passphrase mangling rather than --digest-algo. - - * sign.c (hash_for): If --digest-algo is not set, but - --personal-digest-preferences is, then use the first hash - algorithm in the personal list. If the signing algorithm is DSA, - then use the first 160-bit hash algorithm in the personal list. - If --pgp2 is set and it's a v3 RSA key, use MD5. - - * g10.c (main), keydb.c (keydb_add_resource, - keydb_locate_writable): Rename --default-keyring as - --primary-keyring. Stefan wins the naming contest. - -2002-11-23 David Shaw - - * g10.c (add_notation_data): Disallow notation names that do not - contain a '@', unless --expert is set. This is to help prevent - people from polluting the (as yet unused) IETF namespace. - - * main.h: Comments about default algorithms. - - * photoid.c (image_type_to_string): Comments about 3-letter file - extensions. - - * encode.c (encode_simple), passphrase.c (passphrase_to_dek), - sign.c (sign_symencrypt_file): Use --s2k-digest-algo for - passphrase mangling rather than --digest-algo. - -2002-11-21 David Shaw - - * keygen.c (keygen_set_std_prefs): Properly handle an empty - preference string. - - * misc.c (string_to_compress_algo): "none" is a bad choice since - it conflicts with the "none" in setpref. - -2002-11-14 David Shaw - - * g10.c (main): Allow compression algorithm names as the argument - to --compress-algo. The old algorithm names still work for - backwards compatibility. - - * misc.c (string_to_compress_algo): Allow "none" as an alias for - "uncompressed". - -2002-11-13 Stefan Bellon - - * getkey.c (get_pubkey_byfprint_fast): Fixed type incompatibility, - was unsigned char instead of byte. - -2002-11-13 David Shaw - - * encode.c (encode_simple): Make sure that files larger than about - 4G use partial length encoding. This is required because OpenPGP - allows only for 32 bit length fields. From Werner on stable - branch. - - * getkey.c (get_pubkey_direct): Renamed to... - (get_pubkey_fast): this and made extern. - (get_pubkey_byfprint_fast): New. From Werner on stable branch. - - * keydb.h, import.c (import_one): Use get_pubkey_fast instead of - get_pubkey. We don't need a merged key and actually this might - lead to recursions. - (revocation_present): Likewise for search by fingerprint. From - Werner on stable branch. - - * g10.c (main): Try to create the trustdb even for non-colon-mode - list-key operations. This is required because getkey needs to - know whether a a key is ultimately trusted. From Werner on stable - branch. - - * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; - we don't need it here as it behaves more like a Posix system. - From Werner on stable branch. - - * passphrase.c (agent_get_passphrase): Ditto. From Werner on - stable branch. - - * tdbio.c (MY_O_BINARY): Need binary mode with Cygwin. From - Werner on stable branch. - - * g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from - the registry. From Werner on stable branch. - - * keyedit.c (show_key_with_all_names_colon): Make --with-colons - --edit display match the validity and trust of --with-colons - --list-keys. - - * passphrase.c (agent_send_all_options): Fix compile warning. - - * keylist.c (list_keyblock_colon): Validity for subkeys should - match that of the primary key, and not that of the last user ID. - - * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys - carry these facts onto all their subkeys, but only after the - subkey has a chance to be marked valid. This is to fix an - incorrect "invalid public key" error verifying a signature made by - a revoked signing subkey, with a valid unrevoked primary key. - -2002-11-09 Werner Koch - - * passphrase.c (agent_send_all_options): Use tty_get_ttyname to - get the default ttyname. - -2002-11-07 David Shaw - - * keyring.h, keyring.c (keyring_register_filename): Return the - pointer if a given keyring is registered twice. - - * keydb.h, keydb.c (keydb_add_resource): Use flags to indicate a - default keyring. - (keydb_locate_writable): Prefer the default keyring if possible. - - * g10.c (main): Add --default-keyring option. - -2002-11-06 David Shaw - - * options.h, g10.c (main), trustdb.c (ask_ownertrust): Add - --force-ownertrust option for debugging purposes. This allows - setting a whole keyring to a given trust during an - --update-trustdb. Not for normal use - it's just easier than - hitting "4" all the time to test a large trustdb. - - * pubkey-enc.c (get_session_key): With hidden recipients or try a - given passphrase against all secret keys rather than trying all - secret keys in turn. Don't if --try-all-secrets or --status-fd is - enabled. - - * passphrase.c (passphrase_to_dek): Mode 1 means do a regular - passphrase query, but don't prompt with the key info. - - * seckey-cert.c (do_check, check_secret_key): A negative ask count - means to enable passphrase mode 1. - - * keydb.h, getkey.c (enum_secret_keys): Add flag to include - secret-parts-missing keys (or not) in the list. - -2002-11-05 David Shaw - - * keyserver.c (keyserver_search_prompt): When --with-colons is - enabled, don't try and fit the search output to the screen size - - just dump the whole list. - -2002-11-04 David Shaw - - * keyserver.c (keyserver_search_prompt): When --with-colons is - enabled, just dump the raw keyserver protocol to stdout and don't - print the menu. - - * keyserver.c (show_prompt): Don't show a prompt when command-fd - is being used. - - * trustdb.c (trust_model_string, check_trustdb, update_trustdb, - validate_one_keyblock): It's not clear what a trustdb rebuild or - check means with a trust model other than "classic" or "openpgp", - so disallow this. - -2002-11-03 David Shaw - - * options.h, g10.c (main): Add --trust-model option. Current - models are "openpgp" which is classic+trustsigs, "classic" which - is classic only, and "always" which is the same as the current - option --always-trust (which still works). Default is "openpgp". - - * trustdb.c (validate_one_keyblock): Use "openpgp" trust model to - enable trust sigs. - - * gpgv.c (main), mainproc.c (check_sig_and_print), pkclist.c - (do_we_trust, do_we_trust_pre, check_signatures_trust): Use new - --trust-model option in place of --always-trust. - - * keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids, - keyedit_menu): Prompt for and create a trust signature with - "tsign". This is functional, but needs better UI text. - - * build-packet.c (build_sig_subpkt): Able to build trust and - regexp subpackets. - - * pkclist.c (do_edit_ownertrust): Comment. - -2002-11-02 David Shaw - - * keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the - full algorithm name (CAST5, SHA1) rather than the short form (S3, - H2). - - * main.h, keygen.c (keygen_get_std_prefs), keyedit.c - (keyedit_menu): Return and use a fake uid packet rather than a - string since we already have a nice parser/printer in - keyedit.c:show_prefs. - - * main.h, misc.c (string_to_compress_algo): New. - -2002-11-01 David Shaw - - * g10.c (main): Add --no-throw-keyid. - - * keydb.h, encode.c (write_pubkey_enc_from_list), g10.c (main), - pkclist.c (build_pk_list): Add --hidden-recipient (-R) and - --hidden-encrypt-to, which do a single-user variation on - --throw-keyid. The "hide this key" flag is carried in bit 0 of - the pk_list flags field. - - * keyserver.c (parse_keyrec): Fix shadowing warning. - -2002-10-31 Stefan Bellon - - * compress.c (init_compress) [__riscos__]: Use - riscos_load_module() to load ZLib module. - - * g10.c (main) [__riscos__]: Renames due to changes in riscos.c - (e.g. prefixes all RISC OS specific functions with riscos_*). - * photoid.c (show_photos) [__riscos__]: Likewise. - * signal.c (got_fatal_signal) [__riscos__]: Likewise. - - * trustdb.c (check_regexp) [__riscos__]: Branch to RISC OS RegEx - handling. - -2002-10-31 David Shaw - - * build-packet.c (do_plaintext), encode.c (encode_sesskey, - encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use - wipememory() instead of memset() to wipe sensitive memory as the - memset() might be optimized away. - -2002-10-30 David Shaw - - * trustdb.c (check_regexp): Modern regexps require REG_EXTENDED. - -2002-10-29 David Shaw - - * packet.h, trustdb.h, trustdb.c (trust_string): New. Return a - string like "fully trusted", "marginally trusted", etc. - (get_min_ownertrust): New. Return minimum ownertrust. - (update_min_ownertrust): New. Set minimum ownertrust. - (check_regexp): New. Check a regular epression against a user ID. - (ask_ownertrust): Allow specifying a minimum value. - (get_ownertrust_info): Follow the minimum ownertrust when - returning a letter. - (clear_validity): Remove minimum ownertrust when a key becomes - invalid. - (release_key_items): Release regexp along with the rest of the - info. - (validate_one_keyblock, validate_keys): Build a trust sig chain - while validating. Call check_regexp for regexps. Use the minimum - ownertrust if the user does not specify a genuine ownertrust. - - * pkclist.c (do_edit_ownertrust): Only allow user to select a - trust level greater than the minimum value. - - * parse-packet.c (can_handle_critical): Can handle critical trust - and regexp subpackets. - - * trustdb.h, trustdb.c (clear_ownertrusts), delkey.c - (do_delete_key), import.c (import_one): Rename clear_ownertrust to - clear_ownertrusts and have it clear the min_ownertrust value as - well. - - * keylist.c (list_keyblock_print): Indent uid to match pub and - sig. - - * keyedit.c (print_and_check_one_sig, show_key_and_fingerprint, - menu_addrevoker), keylist.c (list_keyblock_print, - print_fingerprint): Show "T" or the trust depth for trust - signatures, and add spaces to some strings to make room for it. - - * packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt, - parse_signature): Parse trust signature values. - - * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): - Reserve a byte for the minimum ownertrust value (for use with - trust signatures). - -2002-10-29 Stefan Bellon - - * build-packet.c (calc_plaintext, do_plaintext): Removed RISC OS - specific filetype parts (it's now done in make_basename()). - - * plaintext.c (handle_plaintext): Tidied up RISC OS specific - filetype parts. - - * encode.c (encode_simple, encode_crypt): Added argument to - make_basename() call. - - * sign.c (write_plaintext_packet): Added argument to - make_basename() call. - -2002-10-28 Stefan Bellon - - * build-packet.c (calc_plaintext, do_plaintext): Added filetype - handling for RISC OS' file types. - - * plaintext.c (handle_plaintext) [__riscos__]: Added filetype - handling for RISC OS' file types. - -2002-10-23 David Shaw - - * main.h, import.c (sec_to_pub_keyblock, import_secret_one, - parse_import_options), g10.c (main): New import-option - "convert-sk-to-pk" to convert a secret key into a public key - during import. It is on by default. - -2002-10-23 Werner Koch - - * pubkey-enc.c (get_it): Fix segv, test for revoked only when PK - has been assigned. - -2002-10-18 Timo Schulz - - * keylist.c: (print_pubkey_info): New. - (print_seckey_info): New. - * main.h: Prototypes for the new functions. - * delkey.c (do_delete_key): Use it here. - * revoke.c (gen_desig_revoke): Ditto. - -2002-10-17 Werner Koch - - * pkclist.c (do_edit_ownertrust): Show all user IDs. This should - be enhanced to also show the current trust level. Suggested by - Florian Weimer. - -2002-10-17 David Shaw - - * g10.c (main): Handle --strict and --no-strict from the command - line before the options file is loaded. - -2002-10-15 David Shaw - - * g10.c (main): Disable --textmode when encrypting (symmetric or - pk) in --pgp2 mode as PGP 2 can't handle the unknown length - literal packet. Reported by Michael Richardson. - -2002-10-14 David Shaw - - * keyserver-internal.h, keyserver.c (print_keyrec, parse_keyrec, - show_prompt, keyserver_search_prompt, keyserver_spawn): Go to - version 1 of the keyserver protocol. This is a better design, - similar to --with-colons, that allows for keys with multiple user - IDs rather than using multiple keys. It also matches the machine - readable pksd format. Also use a prettier --search-keys listing - format that can fill different size windows (currently set at 24 - lines). - -2002-10-12 Werner Koch - - * keygen.c (print_status_key_created): New. - (do_generate_keypair): Use it to print the fingerprint. - (generate_subkeypair): Likewise. - -2002-10-11 David Shaw - - * keyedit.c (menu_addrevoker): Properly back out if the signature - fails. Also, do not allow appointing the same revoker twice, and - report ALREADY_SIGNED if the user tries it. - -2002-10-07 David Shaw - - * import.c (import_keys_internal): Missed one s/inp/inp2/. - - * keylist.c (print_capabilities): Properly indicate per-key - capabilities of sign&encrypt primary keys that have - secret-parts-missing (i.e. no capabilities at all) - - * mainproc.c (symkey_decrypt_sesskey): Fix compiler warning. - -2002-10-04 David Shaw - - * getkey.c (get_pubkey_direct): Don't cache keys retrieved via - this function as they may not have all their fields filled in. - - * sig-check.c (signature_check2): Use new is_primary flag to check - rather than comparing main_keyid with keyid as this still works in - the case of a not fully filled in pk. - -2002-10-04 Werner Koch - - * import.c (import_keys_internal): s/inp/inp2/ to avoid shadowing - warning. - - * passphrase.c (agent_get_passphrase): Fixed signed/unsigned char - problem in %-escaping. Noted by Ingo Klöcker. - -2002-10-03 David Shaw - - * options.h, g10.c (main): Add --strict and --no-strict to switch - the log_warning severity level from info to error. - - * keylist.c (print_capabilities): Secret-parts-missing keys should - show that fact in the capabilities, and only primary signing keys - can certify other keys. - - * packet.h, parse_packet.c (parse_key): Add is_primary flag for - public keys (it already exists for secret keys). - -2002-10-02 David Shaw - - * import.c (import_secret_one): Check for an illegal (>110) - protection cipher when importing a secret key. - - * keylist.c (list_keyblock_print): Show a '#' for a - secret-parts-missing key. - - * parse_packet.c (parse_key): Some comments. - - * revoke.c (gen_revoke): Remove some debugging code. - - * trustdb.c (verify_own_keys): Make trusted-key a non-deprecated - option again. - - * seckey-cert.c (do_check): Don't give the IDEA warning unless the - cipher in question is in fact IDEA. - -2002-10-01 David Shaw - - * import.c (import_one): Make sure that a newly imported key - starts with a clean ownertrust. - -2002-10-01 Werner Koch - - * getkey.c (get_pubkey_direct): New. - (merge_selfsigs_main): Use it here to look for an ultimately - trusted key. Using the full get_pubkey might lead to an - infinitive recursion. - -2002-09-29 David Shaw - - * keyserver.c (parse_keyserver_uri): Force the keyserver URI - scheme to lowercase to be case-insensitive. - -2002-09-28 David Shaw - - * export.c (do_export_stream): Comment. - - * sig-check.c (check_key_signature2): Properly handle a - non-designated revocation import. - -2002-09-26 Werner Koch - - * g10.c (set_homedir): New. Changed all direct assignments to use - this. - * gpgv.c (set_homedir): Ditto. - -2002-09-25 David Shaw - - * Makefile.am: Link gpg with EGDLIBS (i.e. NETLIBS) as EGD uses - sockets. Remove the old NETLIBS variable since the keyserver - stuff is no longer internal. - -2002-09-24 David Shaw - - * import.c (import_keys_stream): Fix compiler type warning. - - * keyring.c (keyring_rebuild_cache), sig-check.c - (check_key_signature2), import.c (import, chk_self_sigs): Minor - language cleanups. - -2002-09-23 Stefan Bellon - - * main.h: Introduced fast-import as import option. Removed - fast as separate option from prototypes. - * import.c (parse_import_options): Added fast-import option. - (import_*): Removed fast as separate option. - * g10.c (main): Added option fast-import, removed old fast - as separate argument. - * keyserver.c (keyserver_spawn): Removed old fast as separate - argument. - -2002-09-22 Stefan Bellon - - * import.c (import_keys, import_keys_stream, - import_keys_internal): Added trustdb update/check to key import if - not fast-import and interactive set/no-auto-check-trustdb unset. - Avoided function clone by introducing import_keys_internal. - -2002-09-19 David Shaw - - * keyserver.c (keyserver_spawn): Properly handle line truncation. - Don't leak memory (~10-20 bytes) on searches. - (keyserver_search_prompt): Cleanup. - - * keylist.c (list_keyblock_colon): Show 1F direct key signatures - in --with-colons listing. - -2002-09-16 David Shaw - - * keyedit.c (menu_addrevoker): The direct key signature for - revocation keys must be at least v4 to carry the revocation key - subpacket. Add a PGP 2.x warning for revocation keys. - -2002-09-14 David Shaw - - * g10.c (check_permissions): Rearrange strings to make translating - easier (don't incorporate string parts). - - * keyedit.c (sign_uids): Make strings translatable. - - * sig-check.c (check_key_signature2): Make string translatable. - -2002-09-13 David Shaw - - * getkey.c (check_revocation_keys): Move.... - * main.h, sig-check.c (check_revocation_keys): to here. Also - return the signature_check error code rather than 0/1 and cache - the sig result. - - * sig-check.c (check_key_signature2): Divert to - check_revocation_keys if a revocation sig is made by someone other - than the pk owner. - - * getkey.c (merge_selfsigs_main): Tidy. - -2002-09-13 Werner Koch - - * g10.c (main) [__MINGW32__]: Activate oLoadExtension. - -2002-09-12 David Shaw - - * Makefile.am, hkp.c, hkp.h, keyserver.c (keyserver_work): Remove - internal HKP support. - - * keyserver.c (keyserver_spawn): Remove whitespace after keyserver - commands. - -2002-09-10 David Shaw - - * exec.c (expand_args): Remove loop left over from earlier - implementation. - (exec_write): Missed one tick. - -2002-09-10 Werner Koch - - * g10.c, options.h: Removed option --emulate-checksum-bug. - * misc.c (checksum_u16_nobug): Removed. - (checksum_u16): Removed the bug emulation. - (checksum_mpi): Ditto. - (checksum_mpi_counted_nbits): Removed and replaced all calls - with checksum_mpi. - - * parse-packet.c (read_protected_v3_mpi): New. - (parse_key): Use it here to store it as an opaque MPI. - * seckey-cert.c (do_check): Changed the v3 unprotection to the new - why to store these keys. - (protect_secret_key): Likewise. - * build-packet.c (do_secret_key): And changed the writing. - - * tdbio.c (tdbio_set_dbname, open_db): Use new macro MY_O_BINARY - to avoid silly ifdefs. - (open_db): Fallback to RDONLY so that gpg may be used from a - RO-medium. - - * encode.c (encode_simple): Make sure we don't use an ESK packet - when we don't have a salt in the S2K. - - * misc.c (pct_expando) : Make sure that LEN is initialized. - - * exec.c (exec_finish): Use ticks to denote filenames in messages. - (make_tempdir, exec_write): Changed format of messages. - - * keyserver.c (print_keyinfo): Release USERID in on error. - (keyserver_work) [!DISABLE_KEYSERVER_HELPERS]: Exclude the unused - code. - -2002-09-09 Werner Koch - - * parse-packet.c (make_attribute_uidname): Add new ar MAX_NAMELEN - for sanity checks. Changed both callers. Limit the size of an %s. - - * options.skel: Comment lock-once out, so that this file does not - change anything when copied to a new home directory. - * openfile.c (try_make_homedir): Don't exit after copying the - option skeleton. - - * options.h: Don't use a comma when declaring variables over more - than one line. - - * mainproc.c (symkey_decrypt_sesskey): Check length of the session - key. - - * hkp.c (dehtmlize): Use ascii_tolower to protect against weird - locales. Cast the argument for isspace for the sake of broken - HP/UXes. - (parse_hkp_index): s/ascii_memcasecmp/ascii_strncasecmp/. - - * g10.c: Removed option --emulate-3des-s2k-bug. - - * passphrase.c (hash_passphrase): Was used here. - - * export.c (parse_export_options) - * keyserver.c (parse_keyserver_options) - * import.c (parse_import_options) - * g10.c (check_permissions): s/ascii_memcasecmp/ascii_strncasecmp/. - -2002-09-09 David Shaw - - * g10.c (add_group): Use '=' to separate group name from group - members. Use a better error message for when no = is found. - - * hkp.c (hkp_export): Use CRLF in headers. - -2002-09-03 David Shaw - - * mainproc.c (print_pkenc_list): Don't increment the error counter - when printing the list of keys a message was encrypted to. This - would make gpg give a non-zero exit code even for completely valid - messages if the message was encrypted to more than one key that - the user owned. - -2002-09-02 Werner Koch - - * g10.c (main): Try to set a default character set. Print the - used one in verbosity level 3. - * gpgv.c (main): Try to set a default character set. - - * status.c, status.h (STATUS_IMPORT_OK): New. - * import.c (import_one,import_secret_one): Print new status. - -2002-08-30 David Shaw - - * pkclist.c (build_pk_list): Add new status code to indicate an - untrusted user. This (or a disabled key) fail with "unavailable - pubkey" (G10ERR_UNU_PUBKEY). - - * pkclist.c (build_pk_list): Fail if any recipient keys are - unusable. - - * options.skel: The PGP LDAP keyserver is back. Use MIT keyserver - as a sample rather than cryptnet as cryptnet does not support - searching yet. - - * keyedit.c (show_key_with_all_names): Fix error message - (preferences are userid/selfsig and not key specific). - -2002-08-30 Werner Koch - - * pkclist.c (do_we_trust_pre): Changed the wording of a warning. - - * encode.c (encode_simple,encode_crypt): Use new style CTB for - compressssed packets when using MDC. We need to do this so that - concatenated messages are properly decrypted. Old style - compression assumes that it is the last packet; given that we - can't determine the length in advance, the uncompressor does not - know where to start. Actually we should use the new CTB always - but this would break PGP 2 compatibility. - - * parse-packet.c (parse): Special treatment for new style CTB - compressed packets. - - * build-packet.c (do_mdc): Removed. Was not used. - (do_encrypted_mdc): Count in the version number and the MDC packet. - -2002-08-28 David Shaw - - * sig-check.c (do_check_messages, do_check): Show keyid in error - messages. - - * keyserver.c (print_keyinfo): More readable key listings for - --search-keys responses. - -2002-08-26 David Shaw - - * hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into - new "dehtmlize" function. Remove HTML before trying to parse each - line from the keyserver. If the keyserver provides key type - information in the listing, use it. - -2002-08-23 David Shaw - - * sig-check.c (do_check, do_check_messages): Emit the usual sig - warnings even for cached sigs. This also serves to protect - against missing a sig expiring while cached. - - * getkey.c (merge_selfsigs_main): Don't check UID self-sigs twice. - -2002-08-22 David Shaw - - * import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys - into chk_self_sigs. This improves efficiency as the same - signatures are not checked multiple times. Clarify when a subkey - is revoked (any revocation signature, even if it is dated before - the binding signature). - - * getkey.c (merge_selfsigs_subkey): Subkey revocation comments. - - * keylist.c (list_one): Stats are only for public key listings. - - * g10.c (main), options.skel: Default should be include-revoked - for keyserver operations. - -2002-08-21 Werner Koch - - * import.c (import_print_stats): Print new non_imported counter - which is currently not used because we terminate on errors. - -2002-08-20 David Shaw - - * options.skel: Document no-include-attributes for - keyserver-options. - - * keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and - comments. - - * export.c (do_export_stream): Fix noop bug in exporting sensitive - revocation keys. - - * pkclist.c (do_edit_ownertrust): Comment out the option for - showing trust paths until it can be implemented. - -2002-08-19 Werner Koch - - * getkey.c (get_user_id_native): Renamed to .. - (get_user_id_printable): this. Filter out all dangerous - characters. Checked all usages. - (get_user_id_string_native): Renamed to.. - (get_user_id_string_printable): this. Filter out all dangerous - characters. Checked all usages. - * keyedit.c (show_basic_key_info): New. - * keylist.c (print_fingerprint): New mode 3. - * import.c (import_one): Use new function to display the user ID. - -2002-08-16 Timo Schulz - - * g10.c (main): Enable opt.interactive. - - * import.c (import_one): Ask the user if the key shall be - imported when the interactive mode is used. Useful to extract - selected keys from a file. - -2002-08-16 Werner Koch - - * seckey-cert.c: Workaround to allow decryption of v3 keys created - with a bug in the mpi_get_secure_buffer. - -2002-08-14 David Shaw - - * hkp.c (parse_hkp_index): Properly handle really large keys - (5 digit key length) in HKP searches. - -2002-08-13 David Shaw - - * encode.c (encode_simple): Fix problem with using compression - algo 2 and symmetric compressed files. - - * encode.c (encode_simple, encode_crypt): If we are not using a - MDC, compress even if a file is already compressed. This is to - help against the chosen ciphertext attack. - - * pkclist.c (select_algo_from_prefs): Fix requested algorithm bug - so the request succeeds even if the requested algorithm is not the - first found. - - * cipher.c (write_header), encode.c (use_mdc, encode_simple, - encode_crypt, encrypt_filter), g10.c (main): Be more eager to use - a MDC. We use a MDC if the keys directly support it, if the keys - list AES (any) or TWOFISH anywhere in the prefs, or if the cipher - chosen does not have a 64 bit blocksize. - -2002-08-08 David Shaw - - * options.skel: Some language tweaks, and remove the - load-extension section for random gatherers. - - * keyring.c (create_tmp_file, rename_tmp_file): Create tmp files - with user-only permissions, but restore the original permissions - if the user has something special set. - - * openfile.c (copy_options_file): Create new options file - (gpg.conf) with user-only permissions. - - * keydb.c (keydb_add_resource): Create new keyrings with user-only - permissions. - - * tdbio.c (tdbio_set_dbname): Create new trustdbs with user-only - permissions. - -2002-08-07 David Shaw - - * sig-check.c (signature_check2): Sanity check that the md has a - context for the hash that the sig is expecting. This can happen - if a onepass sig header does not match the actual sig, and also if - the clearsign "Hash:" header is missing or does not match the - actual sig. - - * keyedit.c (menu_revsig): Properly show a uid is revoked without - restarting gpg. This is Debian bug 124219, though their supplied - patch will not do the right thing. - - * main.h, tdbio.c (tdbio_set_dbname), misc.c (removed - check_permissions), keydb.c (keydb_add_resource), g10.c (main, - check_permissions): Significant reworking of the permission check - mechanism. The new behavior is to check everything in the homedir - by checking the homedir itself. If the user wants to put - (possibly shared) keyrings outside the homedir, they are not - checked. The options file and any extension files are checked - wherever they are, as well as their enclosing directories. This - is Debian bug 147760. - -2002-08-06 Stefan Bellon - - * g10.c (main): Use of EXTSEP_S in new gpg.conf string. - * openfile.c (copy_options_file): Ditto. - -2002-08-06 David Shaw - - * options.h, g10.c (main), mainproc.c (proc_encrypted): - --ignore-mdc-error option to turn a MDC check error into a - warning. - - * encode.c (encode_crypt), g10.c (main), sign.c (sign_file, - clearsign_file): Use the same --pgpX warning string everywhere to - ease translations. - - * encode.c (write_pubkey_enc_from_list): Warn when using - --throw-keyid with --pgpX. Noted by Vedaal Nistar. - - * revoke.c (export_minimal_pk, gen_desig_revoke, gen_revoke): - Export a minimal pk along with the revocation cert when in --pgpX - mode so that PGP can import it. - -2002-08-06 Werner Koch - - * options.skel: Changed comments. - - * g10.c (main): Try to use "gpg.conf" as default option file. - * openfile.c (copy_options_file): Changed name of created file. - -2002-08-02 Werner Koch - - * Makefile.am (LDFLAGS): Removed DYNLINK_LDFLAGS. - -2002-07-30 David Shaw - - * options.h, g10.c (main), mainproc.c (proc_encrypted): Return a - decryption failed error if a MDC does not verify. Warn if a MDC - is not present (can disable via --no-mdc-warning). - - * exec.c (exec_write), g10.c (main), keyserver.c - (keyserver_spawn): Use new DISABLE_KEYSERVER_PATH rather than - FIXED_EXEC_PATH. - -2002-07-28 David Shaw - - * sig-check.c (do_check): Properly validate v4 sigs with no hashed - section at all. - -2002-07-25 Werner Koch - - * delkey.c (do_delete_key): Always allow to delete a key in batch mode - when specified by fingerprint. Suggested by Enzo Michelangeli. - -2002-07-25 David Shaw - - * keyedit.c (menu_revsig): Change "revsig" to honor selected uids - so the user can revoke sigs from particular uids only. - - * keylist.c (list_keyblock_print): Don't display expired uids in - --list-keys unless -v and not --list-sigs (just like revoked - uids). - - * exec.c, export.c, import.c, keyedit.c, keyserver.c, misc.c: - "Warning" -> "WARNING" - -2002-07-24 David Shaw - - * main.h, import.c (parse_import_options, fix_hkp_corruption, - import_one, delete_inv_parts), g10.c (main): New import-option - "repair-hkp-subkey-bug", which repairs as much as possible the HKP - mangling multiple subkeys bug. It is on by default for keyserver - receives, and off by default for regular --import. - - * main.h, import.c (import, import_one, delete_inv_parts), hkp.c - (hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver - import options when doing keyserver receives. - - * options.h, exec.h, exec.c (set_exec_path, exec_write), g10.c - (main), keyserver.c (keyserver_spawn): If the user does not use - "exec-path", completely replace $PATH with GNUPG_LIBEXECDIR before - calling the keyserver helper. If the user does use "exec-path", - append GNUPG_LIBEXECDIR after the specified path. - -2002-07-23 David Shaw - - * import.c (parse_import_options), export.c - (parse_export_options): Fix offset problem with reversed ("no-") - meanings. - - * import.c (delete_inv_parts): Discard subkey signatures (0x18 and - 0x28) if found in the userid section of the key. - - * sig-check.c (signature_check2): Signatures made by invalid - subkeys (bad/missing binding sig) are also invalid. - - * keylist.c (print_fingerprint): Show the primary as well as the - secondary key fingerprint in modes 1 & 2. - -2002-07-22 David Shaw - - * options.h, main.h, g10.c (main), import.c - (parse_import_options, delete_inv_parts), keyserver.c - (parse_keyserver_options): add new --import-options option. The - only current flag is "allow-local-sigs". - - * g10.c (main): Don't disable MDC in pgp7 mode. - - * options.h, g10.c (main), keyserver.c (parse_keyserver_options): - Remove old keyserver-option include-attributes now that there is - an export-option for the same thing. - - * options.h, main.h, export.c (parse_export_options, - do_export_stream), g10.c (main): add new --export-options option. - Current flags are "include-non-rfc", "include-local-sigs", - "include-attributes", and "include-sensitive-revkeys". - - * options.h, hkp.c (hkp_export), keyserver.c - (parse_keyserver_options, keyserver_spawn): try passing unknown - keyserver options to export options, and if successful, use them - when doing a keyserver --send-key. - - * build-packet.c (build_sig_subpkt): We do not generate - SIGSUBPKT_PRIV_VERIFY_CACHE anymore. - - * revoke.c (gen_desig_revoke): Lots more comments about including - sensitive revkeys along with the revocation sig itself. - - * keyserver.c (parse_keyserver_options): Simpler implementation - that can skip one pass over the options. - -2002-07-18 David Shaw - - * keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying - "sensitive" as an argument to an addrevoker command. This sets - the 0x40 sensitive revoker flag. - - * revoke.c (gen_desig_revoke): When generating a designated - revocation, include the direct key sig that contains the - designated revoker subpacket. This allows sensitive designated - revocation subpackets to be exported. Also indicate which - revokers are sensitive in the first place. - -2002-07-17 David Shaw - - * keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in - a designated revoker means "sensitive", not "local". It's - exportable under the right circumstances. - - * main.h, options.h, export.c (do_export_stream), g10.c (main), - hkp.c (hkp_export), keyserver.c (keyserver_spawn: Add a flag to - skip attribute packets and their signatures while exporting. This - is to accomodate keyservers (pksd again) that choke on attributes. - Use keyserver-option "include-attributes" to control it. This - defaults to ON (i.e. don't skip). - -2002-07-09 David Shaw - - * options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn, - keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search): - Use a much more strict reading of RFC-2396 for the keyserver URIs. - Specifically, don't try and be smart about checking the value of - ":port" so long as it is all digits, and properly handle opaque - data (those scheme specific parts that do not start with "//"). - -2002-07-04 David Shaw - - * photoid.c (get_default_photo_command, show_photos): Honor - FIXED_PHOTO_VIEWER and DISABLE_PHOTO_VIEWER. - - * mainproc.c (check_sig_and_print): Use --show-photos to show - photos when verifying a sig made by a key with a photo. - - * keyserver.c (parse_keyserver_uri): Properly parse a URI with no - :port section and an empty file path, but with a terminating '/'. - (keyserver_work): Honor DISABLE_KEYSERVER_HELPERS. - - * hkp.c (hkp_ask_import): Display keyserver URI as a URI, but only - if verbose. - - * exec.c, g10.c: USE_EXEC_PATH -> FIXED_EXEC_PATH - -2002-07-03 David Shaw - - * exec.h, exec.c (set_exec_path, exec_write), g10.c (main): If - USE_EXEC_PATH is defined at compile time, use it to lock the - exec-path and not allow the user to change it. - -2002-07-02 David Shaw - - * options.h, g10.c (main), keyserver.c (keyserver_refresh): - Maintain and use the original keyserver URI for cosmetics rather - than trying to recreate it when needed. - - * mainproc.c (check_sig_and_print): Properly disregard expired - uids. Make sure that the first uid listed is a real uid and not - an attribute (attributes should only be listed in the "aka" - section). When there are no valid textual userids, try for an - invalid textual userid before using any attribute uid. - -2002-07-01 David Shaw - - * options.skel: Fix a few typos, clarify "group", and remove - sample photo viewers for Win32 since they are the defaults now. - - * parse-packet.c (make_attribute_uidname), keylist.c - (dump_attribs): Fix two typecast warnings. - - * packet.h, build-packet.c (build_attribute_subpkt), exec.c - (expand_args), mkdtemp.c (mkdtemp), photoid.c - (parse_image_header): Fix some signedness compiler warnings. - -2002-07-01 Werner Koch - - * photoid.c (get_default_photo_command): Also use __MINGW32__ - instead of HAVE_DOSISH_SYSTEM. - - * encode.c (encode_symmetric): Do not use the new encryption code. - -2002-06-30 Werner Koch - - * photoid.c: Use __MINGW32__ to include windows because - HAVE_DOSISH_SYSTEM is also set for OS/2 and plain DOS. Provide - constant missing in older mingw installations. - -2002-06-21 Stefan Bellon - - * g10.c [__riscos__]: Moved RISC OS specific stuff to util/riscos.c - and include/util.h. - - * gpgv.c [__riscos__]: Likewise. - -2002-06-20 David Shaw - - * keydb.h, pkclist.c (select_algo_from_prefs): Allow passing a - suggested algorithm which will be used if available. - - * encode.c (encode_crypt, encrypt_filter), sign.c (sign_file): Use - new select_algo_from_prefs feature to check if forcing an - algorithm would violate the recipient preferences. - - * photoid.c (get_default_photo_command, show_photos): Use - different default viewers on different platforms. Currently we - have Win 9x, Win NT (2k, xp), Mac OSX, RISC OS, and "everybody - else". These are #ifdefs as much as possible to avoid clutter. - - * g10.c (strusage, build_list), keyedit.c (show_prefs), main.h, - misc.c (compress_algo_to_string, check_compress_algo), pkclist.c - (algo_available), keygen.c (keygen_set_std_prefs): New - algo_to_string and check functions for compress algorithms. - -2002-06-20 Werner Koch - - * misc.c (setsysinfo): Removed a #warning for Alpha's uniligedn - trap disabling - it is quite possible that this is a debug relict. - -2002-06-20 Stefan Bellon - - * g10.c [__riscos__]: Added image file system feature. - - * gpgv.c [__riscos__]: Added image file system feature. - - * photoid.c (show_photos) [__riscos__]: Set RISC OS filetype of - photo id according to MIME type. - -2002-06-19 David Shaw - - * hkp.c (parse_hkp_index): Don't leak memory when failing out of a - bad HKP keyserver. - - * g10.c (add_notation_data): Relax slightly the rules as to what - can go into a notation name - 2440 allows "@", for example. - -2002-06-17 David Shaw - - * import.c (clean_subkeys, import_one): Only allow at most 1 - binding sig and at most 1 revocation sig on a subkey, as per - 2440:11.1. - - * hkp.c (parse_hkp_index, hkp_search): Error if the keyserver - returns an unparseable HKP response. - -2002-06-15 David Shaw - - * keyedit.c (show_key_with_all_names), keylist.c - (list_keyblock_print): Show "[expired]" before expired uids. - - * keyedit.c (show_key_with_all_names_colon), mainproc.c - (list_node), keylist.c (list_keyblock_colon): Show flag 'e' for - expired user ids. Use "uat" for user attribute packets instead of - "uid". Also use ' ' rather than the fake user id - string on attributes. - - * keygen.c (keygen_add_revkey): Remove unused code. - - * misc.c (check_permissions): Check directory permissions - properly - they are not special files. - - * pkclist.c (expand_id, expand_group, build_pk_list): When - expanding groups before building a pk list, inherit flags from the - original pre-expanded string. - - * pubkey-enc.c (is_algo_in_prefs): Don't use prefs from expired - uids. - -2002-06-14 David Shaw - - * free-packet.c (copy_signature): Properly copy a signature that - carries a revocation key on it. - - * pkclist.c (expand_id, expand_group, build_pk_list): Groups now - work properly when used in the "Enter the user ID" prompt. - -2002-06-14 David Shaw - - * keyedit.c (show_key_with_all_names): Display warning if a user - tries to show prefs on a v3 key with a v3 selfsig. - - * kbnode.c (dump_kbnode): Show if a uid is expired. - - * import.c (merge_blocks, import_revoke_cert): Show user ID - receiving a revocation certificate. - - * free-packet.c (cmp_user_ids): Properly compare attribute ids. - - * pkclist.c (expand_groups): Maintain the strlist flags while - expanding. Members of an expansion inherit their flags from the - expansion key. - - * options.h, cipher.c (write_header), g10.c (main), keygen.c - (keygen_set_std_prefs): remove the personal_mdc flag. It no - longer serves a purpose now that the personal preference lists are - split into cipher/digest/zip. - -2002-06-14 Timo Schulz - - * skclist.c (is_insecure): Implemented. - -2002-06-12 David Shaw - - * keyserver.c (keyserver_spawn): Properly handle PROGRAM responses - when they have a CRLF ending. Noted by Keith Ray. - - * keyserver.c (keyserver_spawn): Handle CRLF endings from - keyserver helpers. Also don't leak the last line worth of memory - from the keyserver response. - - * main.h, misc.c (deprecated_warning): New function to warn about - deprecated options and commands. - - * g10.c (main), keyserver-internal.h, keyserver.c - (parse_keyserver_uri): Use new deprecated function to warn about - honor-http-proxy, auto-key-retrieve, and x-broken-hkp. - -2002-06-11 David Shaw - - * Makefile.am: link gpg with NETLIBS for the built-in HKP access. - -2002-06-10 David Shaw - - * options.h, keyserver.c (keyserver_opts), g10.c (main): New - keyserver option "include-subkeys". This feature already existed, - but now can be turned off. It defaults to on. - - * options.h, keyserver.c (parse_keyserver_options, - keyserver_spawn): There are now enough options to justify making a - structure for the keyserver options rather than a page of - if-then-else-if-then-etc. - - * getkey.c (merge_keys_and_selfsig, merge_selfsigs_main): Fix bug - in calculating key expiration dates. - -2002-06-09 David Shaw - - * keydb.h, getkey.c (get_user_id_native), import.c (import_one): - Display user ID while importing a key. Note this applies to both - --import and keyserver --recv-keys. - - * exec.c (exec_finish): Log unnatural exit (core dump, killed - manually, etc) for fork/exec/pipe child processes. - -2002-06-08 Timo Schulz - - * encode.c (encode_symmetric): Disable the compat flag - when the expert mode is enabled. - -2002-06-07 David Shaw - - * options.skel, options.h, main.h, keydb.h, pkclist.c - (build_pk_list, expand_groups), g10.c (main, add_group): Add new - "group" command to allow one name to expand into multiple keys. - For simplicity, and to avoid potential loops, we only expand once - - you can't make an alias that points to an alias. - - * main.h, g10.c (main), keygen.c (build_personal_digest_list): - Simplify the default digest list - there is really no need for the - other hashes since they will never be used after SHA-1 in the - list. - - * options.skel, options.h, g10.c (main), hkp.c (hkp_ask_import, - hkp_export, hkp_search), keyserver.c (parse_keyserver_options, - parse_keyserver_uri, keyserver_work, keyserver_refresh): Make the - "x-broken-hkp" keyserver scheme into keyserver-option - "broken-http-proxy". Move honor_http_proxy into - keyserver_options. Canonicalize the three variations of "hkp", - "x-hkp", and "x-broken-hkp" into "hkp". - -2002-06-07 Stefan Bellon - - * g10.c [__riscos__]: Added --attribute-file to do the same as - --attribute-fd, but with a filename not a fd as argument. - Added magic symbol for RISC OS to use different memory management. - - * gpgv.c [__riscos__]: Added magic symbol for RISC OS to use - different memory management. - -2002-06-06 David Shaw - - * main.h, g10.c (main), keygen.c (build_personal_digest_list): Put - in a default digest preference list consisting of SHA-1, followed - by every other installed digest except MD5. Note this is the same - as having no digest preference at all except for SHA-1 being - favored. - - * options.h, g10.c (main), keygen.c (keygen_set_std_prefs), - pkclist.c (select_algo_from_prefs): Split - --personal-preference-list into three: - --personal-{cipher|digest|compress}-preferences. This allows a - user to set one without affecting another (i.e. setting only a - digest pref doesn't imply an empty cipher pref). - - * exec.c (exec_read): This is a safer way of guessing the return - value of system(). Noted by Stefan Bellon. - -2002-06-05 David Shaw - - * hkp.c (parse_hkp_index): Be more robust with keyservers - returning very unparseable responses. - - * exec.c (exec_read): Catch and display an error when the remote - process exits unnaturally (i.e. segfault) so the user knows what - happened. Also fix exec_write stub which has a different number - of arguments now. - -2002-06-05 Timo Schulz - - * encode.c (encode_simple): Ignore the new mode for RFC1991. - * mainproc.c (symkey_decrypt_sesskey): Better check for weird - keysizes. - -2002-06-05 Timo Schulz - - * encode.c (encode_sesskey): New. - (encode_simple): Use it here. But by default we use the compat - mode which supress to generate encrypted session keys. - -2002-06-05 Timo Schulz - - * mainproc.c (symkey_decrypt_sesskey): New. - (proc_symkey_enc): Support for encrypted session keys. - -2002-06-04 David Shaw - - * sign.c (hash_for, sign_file): When encrypting and signing at the - same time, consult the various hash prefs to pick a hash algorithm - to use. Pass in a 160-bit hint if any of the signing keys are - DSA. - - * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): - Pass a "hints" opaque pointer in to let the caller give hints as - to what algorithms would be acceptable. The only current hint is - for PREFTYPE_HASH to require a 160-bit hash for DSA. Change all - callers in encode.c (encode_crypt, encrypt_filter) and sign.c - (sign_file). If we settle on MD5 as the best algorithm based - solely on recepient keys and SHA1 is also a possibility, use SHA1 - unless the user intentionally chose MD5. This is as per 2440:13. - - * exec.c (make_tempdir): Fix duplicated filename problem. - -2002-06-03 David Shaw - - * packet.h, parse-packet.c (enum_sig_subpkt): Report back from - enum_sig_subpkt when a subpacket is critical and change all - callers in keylist.c (show_policy_url, show_notation), mainproc.c - (print_notation_data), and pkclist.c (do_show_revocation_reason). - - * keylist.c (show_policy_url, show_notation): Display if the - policy or notation is critical. - -2002-06-03 David Shaw - - * main.h, g10.c (main), keylist.c (dump_attribs, set_attrib_fd, - list_keyblock_print, list_keyblock_colon), status.h, status.c - (get_status_string): New --attribute-fd feature to dump the - contents of attribute subpackets for frontends. If --status-fd is - also used, then a new status tag ATTRIBUTE is provided for each - subpacket. - - * packet.h, getkey.c (fixup_uidnode, merge_selfsigs_main, - merge_selfsigs_subkey), parse-packet.c (setup_user_id): Keep track - of the expiration time of a user ID, and while we're at it, use - the expired flag from the selfsig rather than reparsing the - SIG_EXPIRE subpacket. - - * photoid.c (generate_photo_id): When adding a new photo ID, - showing the photo for confirmation is not safe when noninteractive - since the "user" may not be able to dismiss a viewer window. - Noted by Timo Schulz. - -2002-06-03 David Shaw - - * options.skel: Sample photo viewers for Win32. - - * misc.c (pct_expando): Use the seckey for %k/%K if the pubkey is - not available. - - * photoid.h, photoid.c (show_photos): Include the seckey in case a - user tries to view a photo on a secret key, and change all callers - in keyedit.c (menu_showphoto), keylist.c (list_keyblock_print), - and photoid.c (generate_photo_id). - -2002-06-02 David Shaw - - * photoid.c (show_photos): Work properly when not called with a - public key. - -2002-05-31 David Shaw - - * sign.c (mk_notation_and_policy): Free unneeded buffer. - - * hkp.c (parse_hkp_index): Properly handle the '&' character - (i.e. "&") in HKP responses. - - * getkey.c (merge_selfsigs_main): Fix reversed expiration time - check with self-sigs. - - * keyedit.c (sign_uids): When making a new self-sig on a v3 key, - make a v3 self-sig unless it is currently a v3 self-sig being - promoted to v4. - -2002-05-31 Timo Schulz - - * pkclist.c (do_show_revocation_reason): Don't use capital - letters for non-interactive output. - (show_revocation_reason): Now it is global. - * pubkey-enc.c (get_it): Show if the key has been revoked. - -2002-05-30 David Shaw - - * sign.c (write_signature_packets, sign_file, clearsign_file, - sign_symencrypt_file): Make a v4 signature if a policy URL or - notation is set, unless v3 sigs are forced via rfc1991 or - force-v3-sigs. Also remove some doubled code and clarify an error - message (we don't sign in PGP2 mode - just detach-sign). - - * parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any - size" section. - -2002-05-29 David Shaw - - * keygen.c (keygen_set_std_prefs, add_feature_mdc): Use "mdc" and - "no-mdc" in the prefs string to allow switching on and off the MDC - feature. This is needed to properly export a key from GnuPG for - use on PGP which does not support MDC - without this, MDC-capable - implementations will still try and generate MDCs which will break - PGP. - - * keygen.c (keygen_get_std_prefs): Show "[mdc]" in prefs string if - it is enabled. - - * options.h, g10.c (main), cipher.c (write_header), keygen.c - (keygen_set_std_prefs): For consistency, allow the user to specify - mdc/no-mdc in the --personal-preference-list. If disabled, it - acts just like --disable-mdc. - -2002-05-29 David Shaw - - * options.h, exec.c: Add some debugging info, using the 1024 debug - flag. - - * exec.c (win_system): New system()-like function for win32 that - does not return until the child process terminates. Of course, - this doesn't help if the process itself exits before it is - finished. - -2002-05-29 Werner Koch - - * encode.c (encode_simple): Intialize PKT when --no-literal is used. - - * keyedit.c (show_key_with_all_names_colon): Renamed the record - for revocation keys to "rvk". - -2002-05-27 Werner Koch - - * keyedit.c (show_key_with_all_names_colon): New. - (show_key_with_all_names): Divert to new function when required. - Sanitize printing of revoker name. - -2002-05-27 David Shaw - - * build-packet.c (build_sig_subpkt): Handle setting sig flags for - certain subpacket types (notation, policy url, exportable, - revocable). keyedit.c (sign_mk_attrib): Flags no longer need to - be set here. - - * packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c - (build_sig_subpkt): Call parse_one_sig_subpkt to sanity check - buffer lengths before building a sig subpacket. - -2002-05-26 David Shaw - - * sign.c (mk_notation_and_policy): Include secret key to enable %s - expandos, and pass notations through pct_expando as well. - - * main.h, misc.c (pct_expando): Add %s and %S expandos for - signer's keyid. - -2002-05-25 David Shaw - - * g10.c (strusage, build_list): Add compress algorithms to - --version list. Show algorithm numbers when --verbose --version - is done. - -2002-05-22 David Shaw - - * options.h, main.h, keygen.c (keygen_set_set_prefs, - keygen_get_std_prefs, keygen_upd_std_prefs), keyedit.c - (keyedit_menu), g10.c (main), pkclist.c (select_algo_from_prefs): - Add --personal-preference-list which allows the user to factor in - their own preferred algorithms when the preference lists are - consulted. Obviously, this does not let the user violate a - recepient's preferences (and the RFC) - this only influences the - ranking of the agreed-on (and available) algorithms from the - recepients. Suggested by David Hollenberg. - - * options.h, keygen.c (keygen_set_std_prefs), g10.c (main): Rename - --preference-list to --default-preference-list (as that is what it - really is), and make it a true default in that if the user selects - "default" they get this list and not the compiled-in list. - -2002-05-22 Werner Koch - - * g10.c (main): Add missing LF in a info printout and made it - translatable. Noted by Michael Tokarev. - -2002-05-21 Werner Koch - - * g10.c (main): Removed the undef of USE_SHM_COPROCESSING which - was erroneously introduced on 2002-01-09. - - * signal.c (got_fatal_signal): Don't write the Nul to stderr. - Reported by David Hollenberg. - -2002-05-18 David Shaw - - * main.h, g10.c (main), revoke.c (gen_desig_revoke): Generate a - designated revocation via --desig-revoke - - * keyedit.c (keyedit_menu, menu_addrevoker): New "addrevoker" - command to add a designated revoker to a key. - -2002-05-17 David Shaw - - * gpgv.c: Add stub for get_ownertrust(). - - * g10.c (main): --allow-freeform-uid should be implied by - OpenPGP. Add --no-allow-freeform-uid. - - * keyedit.c (sign_uids): Issue a warning when signing a - non-selfsigned uid. - - * getkey.c (merge_selfsigs_main): If a key has no selfsigs, and - allow-non-selfsigned-uid is not set, still try and make the key - valid by checking all uids for a signature from an ultimately - trusted key. - -2002-05-16 David Shaw - - * main.h, keygen.c (keygen_add_revkey): Add revocation key - subpackets to a signature (callable by - make_keysig_packet). (write_direct_sig): Write a 1F direct key - signature. (parse_revocation_key): Parse a string in - algo:fpr:sensitive format into a revocation - key. (get_parameter_revkey, do_generate_keypair): Call above - functions when prompted from a batch key generation file. - - * build-packet.c (build_sig_subpkt): Allow multiple revocation key - subpackets in a single sig. - - * keydb.h, getkey.c (get_seckey_byfprint): Same as - get_pubkey_byfprint, except for secret keys. We only know the - fingerprint of a revocation key, so this is needed to retrieve the - secret key needed to issue a revokation. - - * packet.h, parse-packet.c (parse_signature, parse_revkeys): Split - revkey parsing off into a new function that can be used to reparse - after manipulating the revkey list. - - * sign.c (make_keysig_packet): Ability to make 1F direct key - signatures. - -2002-05-15 David Shaw - - * options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl - as a sample LDAP server instead. - - * getkey.c (merge_selfsigs_main): Properly handle multiple - revocation keys in a single packet. Properly handle revocation - keys that are in out-of-order packets. Remove duplicates in - revocation key list. - -2002-05-14 Timo Schulz - - * exec.c (make_tempdir) [MINGW32]: Added missing '\'. - -2002-05-14 Stefan Bellon - - * exec.c (make_tempdir): Make use of EXTSEP_S instead of hardcoded - dot as extension separator. - -2002-05-13 David Shaw - - * photoid.c (show_photos): Use the long keyid as the filename for - the photo. Use the short keyid as the filename on 8.3 systems. - - * exec.h, exec.c (make_tempdir, exec_write, exec_finish): Allow - caller to specify filename. This should make things easier on - windows and macs where the file extension is required, but a whole - filename is even better. - - * keyedit.c (show_key_with_all_names, show_prefs): Show proper - prefs for a v4 key uid with no selfsig at all. - - * misc.c (check_permissions): Don't check permissions on - non-normal files (pipes, character devices, etc.) - -2002-05-11 Werner Koch - - * mainproc.c (proc_symkey_enc): Avoid segv in case the parser - encountered an invalid packet. - - * keyserver.c (keyserver_export): Get confirmation before sending - all keys. - -2002-05-10 Stefan Bellon - - * g10.c, hkp.c, keyedit.c, keyserver.c: Replaced all occurrances - of strcasecmp with ascii_strcasecmp and all occurrances of - strncasecmp with ascii_memcasecmp. - -2002-05-10 David Shaw - - * packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Show - assumed prefs for hash and compression as well as the cipher pref. - Show assumed prefs if there are no prefs at all on a v4 - self-signed key. - - * options.h, g10.c (main), sign.c (make_keysig_packet): New - --cert-digest-algo function to override the default key signing - hash algorithm. - -2002-05-09 David Shaw - - * getkey.c (merge_selfsigs_main): Make sure the revocation key - list starts clean as this function may be called more than once - (e.g. from functions in --edit). - - * g10.c, encode.c (encode_crypt), sign.c (sign_file, - sign_symencrypt_file): Make --compress-algo work like the - documentation says. It should be like --cipher-algo and - --digest-algo in that it can override the preferences calculation - and impose the setting the user wants. No --compress-algo setting - allows the usual preferences calculation to take place. - - * main.h, compress.c (compress_filter): use new - DEFAULT_COMPRESS_ALGO define, and add a sanity check for compress - algo value. - -2002-05-08 David Shaw - - * pkclist.c (select_algo_from_prefs): There is an assumed - compression preference for uncompressed data. - -2002-05-07 David Shaw - - * options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c - (algo_available): --pgp7, identical to --pgp6 except that it - permits a few algorithms that PGP 7 added: AES128, AES192, AES256, - and TWOFISH. Any more of these --pgpX flags, and it'll be time to - start looking at a generic --emulate-pgp X option. - - * export.c (do_export_stream): Warn the user when exporting a - secret key if it or any of its secret subkeys are protected with - SHA1 while simple_sk_checksum is set. - - * parse-packet.c (parse_key): Show when the SHA1 protection is - used in --list-packets. - - * options.h, build-packet.c (do_comment), g10.c (main): Rename - --no-comment as --sk-comments/--no-sk-comments (--no-comment still - works) and make the default be --no-sk-comments. - -2002-05-07 Werner Koch - - * keygen.c (get_parameter_algo): Never allow generation of the - deprecated RSA-E or RSA-S flavors of PGP RSA. - (ask_algo): Allow generation of RSA sign and encrypt in expert - mode. Don't allow ElGamal S+E unless in expert mode. - * helptext.c: Added entry keygen.algo.rsa_se. - -2002-05-07 David Shaw - - * keyedit.c (sign_uids): If --expert is set, allow re-signing a - uid to promote a v3 self-sig to a v4 one. This essentially - deletes the old v3 self-sig and replaces it with a v4 one. - - * packet.h, parse-packet.c (parse_key), getkey.c - (merge_keys_and_selfsig, merge_selfsigs_main): a v3 key with a v4 - self-sig must never let the v4 self-sig express a key expiration - time that extends beyond the original v3 expiration time. - -2002-05-06 David Shaw - - * keyedit.c (sign_uids): When making a self-signature via "sign" - don't ask about sig level or expiration, and include the usual - preferences and such for v4 self-sigs. (menu_set_preferences): - Convert uids from UTF8 to native before printing. - - * keyedit.c (sign_uids): Convert uids from UTF8 to native before - printing. (menu_set_primary_uid): Show error if the user tries to - make a uid with a v3 self-sig primary. - -2002-05-05 David Shaw - - * import.c (import_one): When merging with a key we already have, - don't let a key conflict (same keyid but different key) stop the - import: just skip the bad key and continue. - - * exec.c (make_tempdir): Under Win32, don't try environment - variables for temp directories - GetTempDir tries environment - variables internally, and it's better not to second-guess it in - case MS adds some sort of temp dir handling to Windows at some - point. - -2002-05-05 Timo Schulz - - * mainproc.c (proc_symkey_enc): Don't ask for a passphrase - in the list only mode. - -2002-05-05 David Shaw - - * keyserver.c (keyserver_refresh): --refresh-keys implies - --merge-only so as not to import keys with keyids that match the - ones being refreshed. Noted by Florian Weimer. - -2002-05-04 Stefan Bellon - - * free-packet.c (copy_public_key): Don't call m_alloc(0), therefore - added consistency check for revkey and numrefkeys. - - * getkey.c (check_revocation_keys): Added consistency check for - revkey and numrefkeys. - - * keyedit.c (show_key_with_all_names): Likewise. - -2002-05-03 David Shaw - - * photoid.c: Provide default image viewer for Win32. - - * misc.c (pct_expando): %t means extension, not name ("jpg", not - "jpeg"). - - * keyserver.c (keyserver_spawn), photoid.c (show_photos), exec.h, - exec.c: Allow the caller to determine the temp file extension when - starting an exec_write and change all callers. - - * keyedit.c (sign_uids): Nonrevocable key signatures cause an - automatic promotion to v4. - - * exec.c: Provide stubs for exec_ functions when NO_EXEC is - defined. - -2002-05-02 David Shaw - - * photoid.h, photoid.c (parse_image_header, image_type_to_string): - Useful functions to return data about an image. - - * packet.h, parse-packet.c (make_attribute_uidname, - parse_attribute_subpkts, parse_attribute), photoid.h, photoid.c - (show_photos): Handle multiple images in a single attribute - packet. - - * main.h, misc.c (pct_expando), sign.c (mk_notation_and_policy), - photoid.c (show_photos): Simpler expando code that does not - require using compile-time string sizes. Call - image_type_to_string to get image strings (i.e. "jpg", - "image/jpeg"). Change all callers. - - * keyedit.c (menu_showphoto), keylist.c (list_keyblock_print): - Allow viewing multiple images within a single attribute packet. - - * gpgv.c: Various stubs for link happiness. - -2002-05-02 David Shaw - - * build-packet.c (build_sig_subpkt), keyedit.c (sign_uids), - options.h, sign.c (mk_notation_and_policy), g10.c (main, - add_notation_data, add_policy_url (new), check_policy_url - (removed)): Allow multiple policy URLs on a given signature. - Split "--notation-data" into "--cert-notation" and - "--sig-notation" so the user can set different policies for key - and data signing. For backwards compatibility, "--notation-data" - sets both, as before. - -2002-05-02 Werner Koch - - * options.skel: Removed the comment on trusted-keys because this - option is now deprecated. - -2002-05-01 David Shaw - - * keyedit.c (menu_adduid): 2440bis04 says that multiple attribute - packets on a given key are legal. - - * keyserver.c (keyserver_refresh): the fake v3 keyid hack applies - to "mailto" URLs as well since they are also served by pksd. - -2002-04-29 Werner Koch - - Added a copyright year for files changed this year. - -2002-04-25 Werner Koch - - * g10.c, options.h: New options --display, --ttyname, --ttytype, - --lc-ctype, --lc-messages to be used with future versions of the - gpg-agent. - * passphrase.c (agent_send_option,agent_send_all_options): New. - (agent_open): Send options to the agent. - - * trustdb.c (update_ownertrust, clear_ownertrust): Do an explicit - do_sync because revalidation_mark does it only if when the - timestamp actually changes. - -2002-04-23 David Shaw - - * main.h, keygen.c (do_generate_keypair), keylist.c - (print_signature_stats, list_all, list_one, list_keyblock, - list_keyblock_print, list_keyblock_colon): After generating a new - key, show the key information (name, keyid, fingerprint, etc.) - Also do not print uncheckable signatures (missing key..) in - --check-sigs. Print statistics (N missing keys, etc.) after - --check-sigs. - - * keyedit.c (sign_uids): When signing a key with an expiration - date on it, the "Do you want your signature to expire at the same - time?" question should default to YES. - -2002-04-22 David Shaw - - * parse-packet.c (parse_plaintext), packet.h, plaintext.c - (handle_plaintext): Fix bug in handling literal packets with - zero-length data (no data was being confused with partial body - length). - - * misc.c (pct_expando), options.skel: %t means extension ("jpg"). - %T means MIME type ("image/jpeg"). - - * import.c (import_one): Only trigger trust update if the keyring - is actually changed. - - * export.c (do_export_stream): Missing a m_free. - -2002-04-22 Stefan Bellon - - * keyid.c (expirestr_from_sk, expirestr_from_sig): Added _() to - string constant. - - * exec.c (make_tempdir) [__riscos__]: Better placement of - temporary file. - -2002-04-20 David Shaw - - * keygen.c (generate_subkeypair): 2440bis04 adds that creating - subkeys on v3 keys is a MUST NOT. - - * getkey.c (finish_lookup): The --pgp6 "use the primary key" - behavior should only apply while data signing and not encryption. - Noted by Roger Sondermann. - -2002-04-19 Werner Koch - - * keygen.c (keygen_set_std_prefs): Put back 3DES because the RFC - says it is good form to do so. - -2002-04-19 David Shaw - - * keyedit.c (menu_deluid): Only cause a trust update if we delete - a non-revoked user id. - - * hkp.c (hkp_ask_import), keyserver.c (parse_keyserver_options, - keyserver_spawn), options.h: Remove fast-import keyserver option - (no longer meaningful). - - * g10.c (main), keyedit.c (sign_uids), options.h: Change - --default-check-level to --default-cert-check-level as it makes - clear what it operates on. - - * g10.c (main): --pgp6 also implies --no-ask-sig-expire. - - * delkey.c (do_delete_key): Comment. - - * keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig, - menu_expire, menu_revsig, menu_revkey): Only force a trustdb check - if we did something that changes it. - - * g10.c: add "--auto-check-trustdb" to override a - "--no-auto-check-trustdb" - -2002-04-19 Werner Koch - - * tdbio.c (tdbio_write_nextcheck): Return a status whether the - stamp was actually changed. - * trustdb.c (revalidation_mark): Sync the changes. Removed the - sync operation done by its callers. - (get_validity): Add logic for maintaining a pending_check flag. - (clear_ownertrust): New. - - * keyedit.c (sign_uids): Don't call revalidation_mark depending on - primary_pk. - (keyedit_menu): Call revalidation_mark after "trust". - (show_key_with_all_names): Print a warning on the wrong listed key - validity. - - * delkey.c (do_delete_key): Clear the owenertrust information when - deleting a public key. - -2002-04-18 Werner Koch - - * seskey.c (encode_md_value): Print an error message if a wrong - digest algorithm is used with DSA. Changed all callers to cope - with a NULL return. Problem noted by Imad R. Faiad. - -2002-04-18 David Shaw - - * trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable - signatures that can expire. In short, the only thing that can - override an unexpired nonrevocable signature is another unexpired - nonrevocable signature. - - * getkey.c (finish_lookup): Always use primary signing key for - signatures when --pgp6 is on since pgp6 and 7 do not understand - signatures made by signing subkeys. - -2002-04-18 Werner Koch - - * trustdb.c (validate_keys): Never schedule a nextcheck into the - past. - (validate_key_list): New arg curtime use it to set next_expire. - (validate_one_keyblock): Take the current time from the caller. - (clear_validity, reset_unconnected_keys): New. - (validate_keys): Reset all unconnected keys. - - * getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax - for use with secret keys. - (lookup): Advance the searchmode after a search FIRST. - - * seckey-cert.c (do_check): Always calculate the old checksum for - use after unprotection. - - * g10.c, options.skel: New option --no-escape-from. Made - --escape-from and --force-v3-sigs the default and removed them - from the options skeleton. - -2002-04-16 Werner Koch - - * parse-packet.c (parse_key): Support a SHA1 checksum as per - draft-rfc2440-bis04. - * packet.h (PKT_secret_key): Add field sha1chk. - * seckey-cert.c (do_check): Check the SHA1 checksum - (protect_secret_key): And create it. - * build-packet.c (do_secret_key): Mark it as sha-1 protected. - * g10.c, options.h: New option --simple-sk-checksum. - -2002-04-13 David Shaw - - * parse-packet.c (parse_signature): Minor fix - signatures should - expire at their expiration time and not one second later. - - * keygen.c (proc_parameter_file): Allow specifying preferences - string (i.e. "s5 s2 z1 z2", etc) in a batchmode key generation - file. - - * keyedit.c (keyedit_menu): Print standard error message when - signing a revoked key (no new translation). - - * getkey.c (merge_selfsigs): Get the default set of key prefs from - the real (not attribute) primary uid. - -2002-04-12 David Shaw - - * pkclist.c (build_pk_list): Fix bug that allowed a key to be - selected twice in batch mode if one instance was the default - recipient and the other was an encrypt-to. Noted by Stefan - Bellon. - - * parse-packet.c (dump_sig_subpkt): Show data in trust and regexp - sig subpackets. - - * keyedit.c (keyedit_menu): Use new function real_uids_left to - prevent deleting the last real (i.e. non-attribute) uid. Again, - according to the attribute draft. (menu_showphoto): Make another - string translatable. - -2002-04-11 David Shaw - - * build-packet.c (build_sig_subpkt): Delete subpackets from both - hashed and unhashed area on update. (find_subpkt): No longer - needed. - - * keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key - with a v4 signature. As usual, --expert overrides. Try to tweak - some strings to a closer match so they can all be translated in - one place. Use different helptext keys to allow different help - text for different questions. - - * keygen.c (keygen_upd_std_prefs): Remove preferences from both - hashed and unhashed areas if they are not going to be used. - -2002-04-10 David Shaw - - * misc.c (pct_expando), options.skel: Use %t to indicate type of a - photo ID (in this version, it's always "jpeg"). Also tweak string - expansion loop to minimize reallocs. - - * mainproc.c (do_check_sig): Variable type fix. - - * keyedit.c (menu_set_primary_uid): Differentiate between true - user IDs and attribute user IDs when making one of them primary. - That is, if we are making a user ID primary, we alter user IDs. - If we are making an attribute packet primary, we alter attribute - packets. This matches the language in the latest attribute packet - draft. - - * keyedit.c (sign_uids): No need for the empty string hack. - - * getkey.c (fixup_uidnode): Only accept preferences from the - hashed segment of the self-sig. - -2002-04-10 Werner Koch - - * tdbio.c (migrate_from_v2): Fixed the offset to read the old - ownertrust value and only add entries to the table if we really - have a value. - -2002-04-08 David Shaw - - * status.h, status.c (get_status_string): Add KEYEXPIRED, EXPSIG, - and EXPKEYSIG. Add "deprecated-use-keyexpired-instead" to - SIGEXPIRED. - - * sig-check.c (do_check): Start transition from SIGEXPIRED to - KEYEXPIRED, since the actual event is signature verification by an - expired key and not an expired signature. (do_signature_check, - packet.h): Rename as signature_check2, make public, and change all - callers. - - * mainproc.c (check_sig_and_print, do_check_sig): Use status - EXPSIG for an expired, but good, signature. Add the expiration - time (or 0) to the VALIDSIG status line. Use status KEYEXPSIG for - a good signature from an expired key. - - * g10.c (main): remove checks for no arguments now that argparse - does it. - -2002-04-06 Werner Koch - - * keyring.c (keyring_get_keyblock): Disable the keylist mode here. - - * encode.c (encode_simple, encode_crypt): Only test on compressed - files if a compress level was not explicity set. - - * keygen.c (keygen_set_std_prefs): Removed Blowfish and Twofish - from the list of default preferences, swapped the preferences of - RMD160 and SHA1. Don't include a preference to 3DES unless the - IDEA kludge gets used. - - * free-packet.c (free_packet): call free_encrypted also for - PKT_ENCRYPTED_MDC. - - * compress.c (release_context): New. - (handle_compressed): Allocate the context and setup a closure to - release the context. This is required because there is no - guarabntee that the filter gets popped from the chain at the end - of the function. Problem noted by Timo and probably also the - cause for a couple of other reports. - (compress_filter): Use the release function if set. - - * tdbio.c [__CYGWIN32__]: Don't rename ftruncate. Noted by - Disastry. - - * parse-packet.c (parse_signature): Put parens around a bit test. - - * exec.c (make_tempdir): Double backslash for TMP directory - creation under Windows. Better strlen the DIRSEP_S constants for - allocation measurements. - - * decrypt.c (decrypt_messages): Release the passphrase aquired - by get_last_passphrase. - -2002-04-02 Werner Koch - - * Makefile.am (EXTRA_DIST): Removed OPTIONS an pubring.asc - they - are no longer of any use. - -2002-04-03 David Shaw - - * keyserver.c (parse_keyserver_options): fix auto-key-retrieve to - actually work as a keyserver-option (noted by Roger Sondermann). - - * keylist.c (reorder_keyblock): do not reorder the primary - attribute packet - the first user ID must be a genuine one. - -2002-03-31 David Shaw - - * keylist.c (list_keyblock_colon): Fix ownertrust display with - --with-colons. - - * keygen.c (generate_user_id), photoid.c (generate_photo_id): - Properly initialize the user ID refcount. A few more "y/n" -> - "y/N" in photoid.c. - - * keyedit.c (ask_revoke_sig): Warn the user if they are about to - revoke an expired sig (not a problem, but they should know). Also - tweak a few prompts to change "y/n" to "y/N", which is how most - other prompts are written. - - * keyserver.c (keyserver_search_prompt): Control-d escapes the - keyserver search prompt. - - * pkclist.c (show_revocation_reason & callers): If a subkey is - considered revoked solely because the parent key is revoked, print - the revocation reason from the parent key. - - * trustdb.c (get_validity): Allow revocation/expiration to apply - to a uid/key with no entry in the trustdb. - -2002-03-29 David Shaw - - * keyserver.c (printunquoted): unquote backslashes from keyserver - searches - - * hkp.c (write_quoted): quote backslashes from keyserver searches - -2002-03-26 Werner Koch - - * keygen.c (ask_keysize): Removed the warning for key sizes > 1536. - -2002-03-25 Werner Koch - - * keyedit.c (sign_uids): Use 2 strings and not a %s so that - translations can be done the right way. - * helptext.c: Fixed small typo. - -2002-03-23 David Shaw - - * import.c (append_uid, merge_sigs): it is okay to import - completely non-signed uids now (with --allow-non-selfsigned-uid). - - * getkey.c (get_primary_uid, merge_selfsigs_main): do not choose - an attribute packet (i.e. photo) as primary uid. This prevents - oddities like "Good signature from [image of size 2671]". This is - still not perfect (one can still select an attribute packet as - primary in --edit), but is closer to the way the draft is going. - - * g10.c (build_list): algorithms should include 110. - - * g10.c (main): --pgp2 implies --no-ask-sig-expire and - --no-ask-cert-expire as those would cause a v4 sig/cert. - - * armor.c (is_armor_header): be more lenient in what constitutes a - valid armor header (i.e. -----BEGIN blah blah-----) as some - Windows programs seem to add spaces at the end. --openpgp makes - it strict again. - -2002-03-18 David Shaw - - * keyserver.c (keyserver_search_prompt): Properly handle a "no - keys found" case from the internal HKP code (external HKP is ok). - Also, make a COUNT -1 (i.e. streamed) keyserver response a little - more efficient. - - * g10.c (main): Add --no-allow-non-selfsigned-uid - -2002-03-17 David Shaw - - * g10.c (main): --openpgp implies --allow-non-selfsigned-uid. - - * getkey.c (merge_selfsigs_main): If none of the uids are primary - (because none are valid) then pick the first to be primary (but - still invalid). This is for cosmetics in case some display needs - to print a user ID from a non-selfsigned key. Also use - --allow-non-selfsigned-uid to make such a key valid and not - --always-trust. The key is *not* automatically trusted via - --allow-non-selfsigned-uid. - - * mainproc.c (check_sig_and_print): Make sure non-selfsigned uids - print [uncertain] on verification even though one is primary now. - - * getkey.c (merge_selfsigs): If the main key is not valid, then - neither are the subkeys. - - * import.c (import_one): Allow --allow-non-selfsigned-uid to work - on completely unsigned keys. Print the uids in UTF8. Remove - mark_non_selfsigned_uids_valid(). - - * keyedit.c (show_key_with_all_names): Show revocation key as - UTF8. - - * sign.c (clearsign_file): Allow --not-dash-escaped to work with - v3 keys. - -2002-03-14 Werner Koch - - * main.h: Changed the default algorithms to CAST5 and SHA1. - -2002-03-13 David Shaw - - * import.c (chk_self_sigs): Show which user ID a bad self-sig - (invald sig or unsupported public key algorithm) resides on. - - * import.c (chk_self_sigs): any valid self-sig should mark a user - ID or subkey as valid - otherwise, an attacker could DoS the user - by inventing a bogus invalid self-signature. - -2002-03-07 David Shaw - - * g10.c (main): make a few more strings translatable. - - * options.h, options.skel, g10.c (main), gpgv.c, mainproc.c - (check_sig_and_print), keyserver.c (parse_keyserver_options): - --auto-key-retrieve should really be a keyserver-option variable. - - * import.c (revocation_present): new function to print a warning - if a key is imported that has been revoked by designated revoker, - but the designated revoker is not present to verify the - revocation. If keyserver-options auto-key-retrieve is set, try - and fetch the designated revoker from the keyserver. - - * import.c (import_one): call revocation_present after importing a - new key. Note that this applies to --import, --recv-keys, and - --search-keys. - - * keyserver-internal.h, keyserver.c (keyserver_import_fprint): - import via fingerprint (for revocation keys). - - * keyserver.c (keyserver_import_keyid): much simpler - implementation now that we're using KEYDB_SEARCH_DESC internally. - -2002-03-04 David Shaw - - * revoke.c (gen_revoke): do not prompt for revocation reason for - v3 revocations (unless force-v4-certs is on) since they wouldn't - be used anyway. - - * keyedit.c (menu_revsig): show the status of the sigs - (exportable? revocable?) to the user before prompting for which - sig to revoke. Also, make sure that local signatures get local - revocations. - - * keyedit.c (ask_revoke_sig): remind the user which sigs are - local. - - * g10.c (main): Add "exec-path" variable to override PATH for - execing programs. - - * export.c (do_export_stream): properly check return code from - classify_user_id to catch unclassifiable keys. - -2002-03-03 David Shaw - - * parse-packet.c (parse_signature): variable type tweak for RISC - OS (from Stefan) - -2002-02-28 David Shaw - - * getkey.c (check_revocation_keys): New function to check a - revocation against a list of potential revocation keys. Note the - loop-breaking code here. This is to prevent blowing up if A is - B's revocation key, while B is also A's. Note also that this is - written so that a revoked revoker can still issue revocations: - i.e. If A revokes B, but A is revoked, B is still revoked. I'm - not completely convinced this is the proper behavior, but it - matches how PGP does it. It does at least have the advantage of - much simpler code - my first version of this had lots of loop - maintaining code so you could chain revokers many levels deep and - if D was revoked, C was not, which meant that B was, and so on. - It was sort of scary, actually. - - * getkey.c (merge_selfsigs_main): Add any revocation keys onto the - pk. This is particularly interesting since we normally only get - data from the most recent 1F signature, but you need multiple 1F - sigs to properly handle revocation keys (PGP does it this way, and - a revocation key could be marked "sensitive" and hence in a - different signature). Also, if a pk has a revocation key set, - check for revocation sigs that were not made by us - if made by a - valid revocation key, mark the pk revoked. - - * packet.h, getkey.c (cache_public_key): do not cache key if - "dont_cache" is set. This allows the revocation key code to look - up a key and return information that may be inaccurate to prevent - loops without caching the fake data. - - * packet.h, sig-check.c (do_signature_check): Record if a - signature was made by a revoked pk. - - * packet.h, parse-packet.c (parse_one_sig_subpkt, - can_handle_critical, parse_signature): Get revocation key - information out of direct sigs. - - * keylist.c (list_keyblock_print): don't assume that the presence - of a 0x20 signature means the key is revoked. With revocation - keys, this may not be true if the revocation key is not around to - verify it or if verification failed. Also, 0x1F should get listed - as "sig", and not "unexpected signature class". - - * keyedit.c (show_key_with_all_names): Add a flag for printing - revoker information and change all callers. - - * import.c (merge_blocks): merge in any new direct key (0x1F) - sigs. - - * import.c (import_revoke_cert): don't keep processing after a - revocation is rejected. - - * import.c (delete_inv_parts): Allow importing a revocation - signature even if it was not issued by the key. This allows a - revocation key to issue it. Of course, the sig still needs to be - checked before we trust it. - - * free-packet.c (copy_public_key): Include a new copy of the - revocation keys when duping a pk. - - * free-packet.c (free_seckey_enc, release_public_key_parts): Free - any revocation keys that are attached to a sig or pk. - - * export.c (do_export_stream): Do not export signatures with - "sensitive" revocation keys in them. - -2002-02-27 David Shaw - - * export.c (do_export_stream): Do not include v3 keys in a - --export-secret-subkeys export. - - * getkey.c (merge_selfsigs_main): If a key isn't valid (say, - because of no self-signature), allow --always-trust to force it - valid so it can be trusted. - -2002-02-25 David Shaw - - * hkp.c (hkp_ask_import), hkp.h, keyserver.c (all): treat key - lists internally as fingerprints when possible. All this is via - KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows - the helper program to search the keyserver by fingerprint if - desired (and the keyserver supports it). Note that automatic - fingerprint promotion during refresh only applies to v4 keys as a - v4 fingerprint can be easily changed into a long or short key id, - and a v3 cannot. - - * pubkey-enc.c, getkey.c, misc.c, main.h: Take two copies of - hextobyte() from pubkey-enc.c and getkey.c and make them into one - copy in misc.c. - -2002-02-22 David Shaw - - * keyserver.c (keyserver_search_prompt): Detect a "no keys found" - case even if the helper program does not explicitly say how many - keys were found. - - * hkp.c (parse_hkp_index): Bug fix - don't report non-revoked keys - as revoked in HKP key searches. - -2002-02-19 Werner Koch - - * parse-packet.c (parse_trust): Made parsing more robust. - -2002-02-19 David Shaw - - * hkp.c (parse_hkp_index): Catch corruption in HKP index lines - (can be caused by broken or malicious keyservers). - - * keyserver.c (keyserver_work): Add KEYSERVER_NOT_SUPPORTED for - unsupported actions (say, a keyserver that has no way to search, - or a readonly keyserver that has no way to add). Also add a - USE_EXTERNAL_HKP define to disable the internal HKP keyserver - code. - -2002-02-14 Werner Koch - - * g10.c: New option --no-use-agent. - - * pkclist.c (check_signatures_trust): Always print the warning for - unknown and undefined trust. Removed the did_add cruft. Reported - by Janusz A. Urbanowicz. - -2002-02-11 David Shaw - - * hkp.c (parse_hkp_index): Bug fix - properly handle user IDs with - colons (":") in them while HKP searching. - -2002-02-09 David Shaw - - * misc.c (pct_expando): More comments. - - * keydb.h, sign.c (mk_notation_and_policy): Clarify what is a sig - and what is a cert. A sig has sigclass 0x00, 0x01, 0x02, or 0x40, - and everything else is a cert. - - * g10.c (main), keyedit.c (keyedit_menu): Add a "nrlsign" for - nonrevocable and local key signatures. - - * g10.c (main): Add a --no-force-mdc to undo --force-mdc. - - * options.h, g10.c (main), cipher.c (write_header): Add a knob to - --disable-mdc/--no-disable-mdc. Off by default, of course, but is - used in --pgp2 and --pgp6 modes. - - * pkclist.c (build_pk_list): Allow specifying multiple users in - the "Enter the user ID" loop. Enter a blank line to stop. Show - each key+id as it is added. - - * keylist.c (show_policy_url), mainproc.c (print_notation_data): - It is not illegal (though possibly silly) to have multiple policy - URLs in a given signature, so print all that are present. - - * hkp.c (hkp_search): More efficient implementation of URL-ifying - code. - -2002-02-04 David Shaw - - * main.h, misc.c (pct_expando): New function to generalize - %-expando processing in any arbitrary string. - - * photoid.c (show_photo): Call the new pct_expando function rather - than expand strings internally. - - * sign.c (mk_notation_and_policy): Show policy URLs and notations - when making a signature if show-policy/show-notation is on. - %-expand policy URLs during generation. This lets the user have - policy URLs of the form "http://notary.jabberwocky.com/keysign/%K" - which will generate a per-signature policy URL. - - * main.h, keylist.c (show_policy_url, show_notation): Add amount - to indent so the same function can be used in key listings as well - as during sig generation. Change all callers. - -2002-02-04 David Shaw - - * keyserver.c, options.h (parse_keyserver_options, keyidlist): - Workaround for the pksd and OKS keyserver bug that calculates v4 - RSA keyids as if they were v3. The workaround/hack is to fetch - both the v4 (e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids. This - only happens for key refresh while using the HKP scheme and the - refresh-add-fake-v3-keyids keyserver option must be set. This - should stay off by default. - -2002-02-03 David Shaw - - * keyserver.c (keyserver_spawn): Bug fix - do not append keys to - each other when --sending more than one. - -2002-02-02 David Shaw - - * options.h, g10.c (main), keyedit.c (sign_uids), sign.c - (mk_notation_and_policy): Split "--set-policy-url" into - "--cert-policy-url" and "--sig-policy-url" so the user can set - different policies for key and data signing. For backwards - compatibility, "--set-policy-url" sets both, as before. - -2002-01-30 Werner Koch - - * g10.c (main): --gen-random --armor does now output a base64 - encoded string. - -2002-01-28 David Shaw - - * g10.c (main), options.h, pkclist.c (algo_available): --pgp6 - flag. This is not nearly as involved as --pgp2. In short, it - turns off force_mdc, turns on no_comment, escape_from, and - force_v3_sigs, and sets compression to 1. It also restricts the - user to IDEA (if present), 3DES, CAST5, MD5, SHA1, and RIPEMD160. - See the comments above algo_available() for lots of discussion on - why you would want to do this. - -2002-01-27 David Shaw - - * keygen.c (keygen_set_std_prefs): Comment - - * keyedit.c (sign_uids): Bug fix - when signing with multiple - secret keys at the same time, make sure each key gets the sigclass - prompt. - - * exec.c (exec_finish): Close the iobuf and FILE before trying to - waitpid, so the remote process will get a SIGPIPE and exit. This - is only a factor when using a pipe to communicate. - - * exec.c (exec_write): Disable cache-on-close of the fd iobuf (is - this right? Why is a fd iobuf cached at all?) - -2002-01-26 Werner Koch - - * g10.c, options.h: New option --gpg-agent-info - * passphrase.c (agent_open): Let it override the environment info. - * seckey-cert.c (check_secret_key): Always try 3 times when the - agent is enabled. - * options.skel: Describe --use-agent. - -2002-01-24 David Shaw - - * pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences - against keys with v4 self sigs - there is really little point in - warning for every single non-IDEA message encrypted to an old key. - - * pkclist.c (select_algo_from_prefs): Only put in the fake IDEA - preference if --pgp2 is on. - - * mainproc.c (check_sig_and_print): Print "Expired" for expired - but good signatures (this still prints "BAD" for expired but bad - signatures). - -2002-01-23 David Shaw - - * keygen.c (ask_keysize): Cosmetic: don't present a RSA signing - key as a "keypair" which can be 768 bits long (as RSA minimum is - 1024). - - * pubkey-enc.c (is_algo_in_prefs): Allow IDEA as a fake preference - for v3 keys with v3 selfsigs. - -2002-01-22 David Shaw - - * packet.h, getkey.c (merge_selfsigs_main), pkclist.c - (select_algo_from_prefs): Implement the fake IDEA preference as - per RFC2440:12.1. This doesn't mean that IDEA will be used (the - plugin may not be present), but it does mean that a v3 key with a - v3 selfsig has an implicit IDEA preference instead of 3DES. v3 - keys with v4 selfsigs use preferences as normal. - - * encode.c (encode_crypt): if select_algo_from_prefs fails, this - means that we could not find a cipher that both keys like. Since - all v4 keys have an implicit 3DES preference, this means there is - a v3 key with a v3 selfsig in the list. Use 3DES in this case as - it is the safest option (we know the v4 key can handle it, and - we'll just hope the v3 key is being used in an implementation that - can handle it). If --pgp2 is on, warn the user what we're doing - since it'll probably break PGP2 compatibility. - - * g10.c (main): Do not force using IDEA for encrypted files in - --pgp2 mode - let the fake IDEA preference choose this for us for - better compatibility when encrypting to multiple keys, only some - of which are v3. - - * keygen.c (keygen_set_std_prefs): Put 3DES on the end of the - default cipher pref list (RFC2440: "...it is good form to place it - there explicitly."). If the user has the IDEA plugin installed, - put a preference for IDEA *after* 3DES to effectively disable its - use for everything except encrypting along with v3 keys. - - * encode.c, g10.c, sign.c: Change the PGP2 warning line from - "... will not be usable ..." to "... may not be usable ..." as the - user could be using one of the enhanced PGP2 variations. - - * helptext.c: Revise the sign_uid.class help text as suggested by - Stefan. - -2002-01-20 Werner Koch - - * passphrase.c (passphrase_to_dek): Add tryagain_text arg to be - used with the agent. Changed all callers. - (agent_get_passphrase): Likewise and send it to the agent - * seckey-cert.c (do_check): New arg tryagain_text. - (check_secret_key): Pass the string to do_check. - * keygen.c (ask_passphrase): Set the error text is required. - * keyedit.c (change_passphrase): Ditto. - - * passphrase.c (agent_open): Disable opt.use_agent in case of a - problem with the agent. - (agent_get_passphrase): Ditto. - (passphrase_clear_cache): Ditto. - -2002-01-19 Werner Koch - - * passphrase.c (agent_open): Add support for the new Assuan based - gpg-agent. New arg to return the used protocol version. - (agent_get_passphrase): Implemented new protocol here. - (passphrase_clear_cache): Ditto. - (readline): New. - -2002-01-15 Timo Schulz - - * encode.c (encode_crypt_files): Fail if --output is used. - - * g10.c: New command --decrypt-files. - - * decrypt.c (decrypt_messages): New. - -2002-01-09 David Shaw - - * g10.c, misc.c, gpgv.c: move idea_cipher_warn to misc.c so gpgv.c - doesn't need a stub for it any longer. - - * g10.c (get_temp_dir), main.h: no longer used (it's in exec.c now) - - * g10.c (main), delkey.c (delete_keys), main.h : Allow - --delete-key (now --delete-keys, though --delete-key still works, - of course) to delete multiple keys in one go. This applies to - --delete-secret-key(s) and --delete-secret-and-public-key(s) as - well. - -2002-01-09 Timo Schulz - - * encode.c (encode_crypt_files): Now it behaves like verify_files. - - * g10.c (main): We don't need to check argc for encode_crypt_files - any longer. - -2002-01-09 Timo Schulz - - * exec.c: Include windows.h for dosish systems. - -2002-01-08 Timo Schulz - - * g10.c (main): New description for --encrypt-files. - -2002-01-08 Werner Koch - - * g10.c (main): Must register the secring for encryption because - it is needed to figure out the default recipient. Reported by - Roger Sondermann. - -2002-01-05 David Shaw - - * keyedit.c (menu_adduid): Require --expert before adding a photo - ID to a v3 key, and before adding a second photo ID to any key. - - * keyedit.c (keyedit_menu): Don't allow adding photo IDs in - rfc1991 or pgp2 mode. - - * getkey.c (merge_selfsigs_subkey): Permit v3 subkeys. Believe it - or not, this is allowed by rfc 2440, and both PGP 6 and PGP 7 work - fine with them. - - * g10.c, options.h, keyedit.c, sign.c: Move the "ask for - expiration" switch off of --expert, which was getting quite - overloaded, and onto ask-sig-expire and ask-cert-expire. Both - default to off. - - * g10.c (main): Change the default compression algo to 1, to be - more OpenPGP compliant (PGP also uses this, so it'll help with - interoperability problems as well). - - * encode.c (encode_crypt): Handle compression algo 2, since the - default is now 1. - - * build-packet.c (build_attribute_subpkt): Fix off-by-one error. - -2002-01-05 Werner Koch - - * g10.c (main): Do not register the secret keyrings for certain - commands. - - * keydb.c (keydb_add_resource): Use access to test for keyring - existence. This avoids cached opened files which are bad under - RISC OS. - -2002-01-04 David Shaw - - * sign.c (sign_file, sign_symencrypt_file): always use one-pass - packets unless rfc1991 is enabled. This allows a signature made - with a v3 key to work in PGP 6 and 7. Signatures made with v4 - keys are unchanged. - - * g10.c (main): Disallow non-detached signatures in PGP2 mode. - Move the "you must use files and not pipes" PGP2 warning up so all - the PGP2 stuff is together. - - * encode.c (encode_simple): Use the actual filesize instead of - partial length packets in the internal literal packet from a - symmetric message. This breaks PGP5(?), but fixes PGP2, 6, and 7. - It's a decent tradeoff. Note there was only an issue with - old-style RFC1991 symmetric messages. 2440-style messages in 6 - and 7 work with or without partial length packets. - -2002-01-03 David Shaw - - * g10.c (main): Removed --no-default-check-level option, as it is - not consistent with other "default" options. Plus, it is the same - as saying --default-check-level 0. - - * exec.c (exec_read): Disallow caching tempfile from child - process, as this keeps the file handle open and can cause unlink - problems on some platforms. - - * keyserver.c (keyserver_search_prompt): Minor tweak - don't - bother to transform keyids into textual form if they're just going - to be transformed back to numbers. - -2002-01-03 Timo Schulz - - * g10.c: New command --encrypt-files. - - * verify.c (print_file_status): Removed the static because - encode_crypt_files also uses this function. - - * main.h (print_files_status): New. - (encode_crypt_files): New. - - * encode.c (encode_crypt_files): New. - -2002-01-02 Stefan Bellon - - * keyserver.c: Moved util.h include down in order to avoid - redefinition problems on RISC OS. - - * keyring.c (keyring_lock): Only lock keyrings that are writable. - - * keyring.c (keyring_update_keyblock): Close unused iobuf. - - * hkp.c (parse_hkp_index, hkp_search) [__riscos__]: Changed - unsigned char* to char* because of compiler issues. - - * exec.c (exec_finish) [__riscos__]: Invalidate close cache so - that file can be unlinked. - -2001-12-28 David Shaw - - * g10.c (main): Use a different strlist to check extensions since - they need to be handled seperately now. - - * misc.c,main.h (check_permissions): Properly handle permission - and ownership checks on files in the lib directory - (e.g. /usr/local/lib/gnupg), which are owned by root and are - world-readable, and change all callers to specify extension or - per-user file. - - * photoid.c (show_photo), keyserver.c (keyserver_spawn): Bug fix - - don't call exec_finish if exec_write fails. - - * keyserver.c (keyserver_spawn): Look for OPTIONS from the - keyserver helper - specifically, a "OUTOFBAND" option for the - email keyserver. - - * mainproc.c (list_node), keylist.c (list_keyblock_colon), - import.c (delete_inv_parts), export.c (do_export_stream): Use - signature flags for exportability check rather than re-parsing the - subpacket. - - * keyid.c, keydb.h (get_lsign_letter): No longer needed. - -2001-12-27 David Shaw - - * exec.c (exec_finish): Show errors when temp files cannot be - deleted for whatever reason. - - * exec.c (exec_read): Don't rely on WEXITSTATUS being present. - - * exec.c (make_tempdir): Add temp file creator for win32. Don't - create an incoming temp file if the exec is write-only. - - * keyserver.c (keyserver_spawn): Clean up error handling, for when - the spawn fails. - - * photoid.c (show_photo): Clean up error handling. - - * misc.c (check_permissions): Neaten. - -2001-12-25 David Shaw - - * mkdtemp.c (mkdtemp): Add copyleft info and tweak the 'X' counter - to be a bit simpler. - - * keyserver.c, photoid.c: Remove unused headers left over from - when the exec functions lived there. - -2001-12-23 Timo Schulz - - * misc.c (check_permissions): Do not use it for W32 systems. - - * tdbio.c (migrate_from_v2): Define ftruncate as chsize() for W32. - - * mkdtemp.c: W32 support. - - * photoid.c: Ditto. - - * exec.c: Ditto. - -2001-12-22 David Shaw - - * exec.c (make_tempdir): avoid compiler warning with const - - * mkdtemp.c (mkdtemp): catch the empty ("") string case in case - someone repurposes mkdtemp at some point. - - * photoid.c (generate_photo_id, show_photo): some type changes - from Stefan Bellon. - - * exec.c (make_tempdir): handle Win32 systems, suggested by Timo - Schulz. - -2001-12-22 Werner Koch - - * encode.c (encode_simple, encode_crypt): i18n 2 strings. - -2001-12-22 Timo Schulz - - * encode.c (encode_simple, encode_crypt): Use is_file_compressed - to avoid to compress compressed files. - -2001-12-22 Werner Koch - - * keyserver.c (keyserver_spawn): Removed some variables - declaration due to shadowing warnings. - - * build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid - compiler warnig due to index(3). - - * getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value. - * keylist.c (list_one): Made resname const. - - * keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is - not used. - - * options.skel: Changed one example photo viewer to qiv. - -2001-12-21 David Shaw - - * Makefile.am: add exec.c, exec.h, photoid.c, and photoid.h - - * build-packet.c (build_attribute_subpkt): new function to build - the raw attribute subpacket. Note that attribute subpackets have - the same format as signature subpackets. - - * exec.c: new file with generic exec-a-program functionality. - Used by both photo IDs and keyserver helpers. This is pretty much - the same code that used to be keyserver specific, with some - changes to be usable generically. - - * free-packet.c (free_attributes (new)): function to free an - attribute packet. - - * gpgv.c: added stub show_photo - - * keyedit.c (keyedit_menu, menu_adduid, menu_showphoto): can add a - photo (calls generate_photo_id), or display a photo (calls - show_photo) from the --edit menu. New commands are "addphoto", - and "delphoto" (same as "deluid"). - - * keylist.c (list_keyblock_print): show photos during key list if - --show-photos enabled. - - * keyserver.c (keyserver_spawn): use the generic exec_xxx - functions to call keyserver helper. - - * g10.c, options.h: three new options - --{no-}show-photos, and - --photo-viewer to give the command line to display a picture. - - * options.skel: instructions for the photo viewer - - * parse-packet.c (parse_user_id, setup_user_id (new)): common code - for both user IDs and attribute IDs moved to setup_user_id. - - * parse-packet.c (make_attribute_uidname (new)): constructs a fake - "name" for attribute packets (e.g. "[image of size ...]") - - * parse-packet.c (parse_attribute (replaces parse_photo_id), - parse_attribute_subpkts): Builds an array of individual - attributes. Currently only handles attribute image / type jpeg - subpackets. - - * sign.c (hash_uid): Fix bug in signing attribute (formerly - photo_id) packets. - - * packet.h, and callers: globally change "photo_id" to "attribute" - and add structures for attributes. The packet format is generic - attributes, even though the only attribute type thus far defined - is jpeg. - -2001-12-21 David Shaw - - * parse-packet.c (can_handle_critical): Can handle critical - revocation subpackets now. - - * trustdb.c (mark_usable_uid_certs): Disregard revocations for - nonrevocable sigs. Note that this allows a newer revocable - signature to override an older nonrevocable signature. - - * sign.c (make_keysig_packet): add a duration field and change all - callers. This makes make_keysig_packet closer to - write_signature_packets and removes some duplicated expiration - code. - - * keyedit.c (keyedit_menu, menu_revsig, sign_uids, - sign_mk_attrib): Add nrsign command, don't allow revoking a - nonrevocable signature, - - * g10.c (main): Add --nrsign option to nonrevocably sign a key - from the command line. - - * build-packet.c (build_sig_subpkt_from_sig): Comment to explain - the use of CRITICAL. - -2001-12-21 Werner Koch - - * g10.c. options.h : New option --show-keyring - * getkey.c (get_ctx_handle): New. - * keylist.c (list_one): Implement option here. By David Champion. - -2001-12-20 David Shaw - - * keyserver.c (keyserver_spawn): Use mkdtemp() to make temp - directory. - - * mkdtemp.c: replacement function for those platforms that don't - have mkdtemp (make a temp directory securely). - -2001-12-19 David Shaw - - * misc.c (check_permissions): New function to stat() and ensure - the permissions of GNUPGHOME and the files have safe permissions. - - * keydb.c (keydb_add_resource): Check keyring permissions. - - * tdbio.c (tdbio_set_dbname): Check permissions of trustdb.gpg - - * keyserver.c (keyserver_spawn): Disable keyserver schemes that - involve running external programs if the options file has unsafe - permissions or ownership. - - * g10.c, options.h: New option --no-permission-warning to disable - the permission warning message(s). This also permits use of the - keyserver if it had been disabled (see above). Also check the - permissions/ownership of random_seed. - - * keyserver.c (keyserver_spawn): The new glibc prints a warning - when using mktemp() (the code was already secure, but the warning - was bound to cause confusion). Use a different implementation - based on get_random_bits() instead. Also try a few times to get - the temp dir before giving up. - -2001-12-19 Werner Koch - - * g10.c, passphrase.c [CYGWIN32]: Allow this as an alias for MINGW32. - -2001-12-18 David Shaw - - * g10.c (idea_cipher_warn): Add a flag to show the warning always - or once per session and change all callers (show always except for - the secret key protection and unknown cipher from an encrypted - message errors). Also make the strings translatable. - - * pubkey-enc.c (get_it): Add the IDEA cipher warning if the user - tries to decrypt an IDEA encrypted message without the IDEA - plugin. - - * keyserver.c (parse_keyserver_uri): More strict checking of the - keyserver URI. Specifically, fail if the ":port" section is - anything except a number between 1 and 65535. - -2001-12-17 David Shaw - - * keyserver.c (print_keyinfo): No need to check for - control/illegal characters, as utf8_to_native does this for us. - - * mainproc.c (proc_encrypted): Use generic IDEA warning. - - * gpgv.c: add stub for idea_cipher_warn - - * g10.c, hkp.c, keyserver.c: Fix capitalization and plural issues. - - * encode.c (encode_crypt), sign.c (sign_file, clearsign_file): - disable pgp2 mode after the message is no longer pgp2 compatible. - - * g10.c (main): Tweak the PGP2.x IDEA warning to use the generic - warning, and not merely fail if the IDEA plugin isn't there. - - * g10.c (main, idea_cipher_warn), keygen.c (set_one_pref), - seckey-cert.c (do_check): Add a generic IDEA warning for when the - IDEA plugin is not present. This pops up when the user uses - "--cipher-algo idea", when setpref is used to set a "S1" - preference, and when a secret key protected with IDEA is used. - -2001-12-15 Werner Koch - - * keyserver.c (keyserver_spawn): Assert that we have dropped privs. - -2001-12-13 Werner Koch - - * pubkey-enc.c (get_session_key): Check that the public key - algorithm is indeed usable for en/decryption. This avoid a - strange error message from pubkey_decrypt if for some reasons a - bad algorithm indentifier is passed. - -2001-12-12 David Shaw - - * Fixed some types for portability. Noted by Stefan Bellon. - -2001-12-11 Werner Koch - - * hkp.c (hkp_export): Do not print possible control characters - from a keyserver response. - (parse_hkp_index): Made uid an unsigned char* because it is passed to - isspace(). - (hkp_search): Ditto for the char* vars. - - * g10.c (main): Print the IDEA warning also for -c and -se. - - * g10.c (get_temp_dir): Assert that we have dropped privs - - * encode.c (encode_crypt): Include the first key into the --pgp2 - check. - -2001-12-07 David Shaw - - * g10.c, options.h: New option --pgp2. This is identical to - "--rfc1991 --cipher-algo idea --compress-algo 1 --digest-algo md5 - --force_v3_sigs" with the addition of an warning to advise the - user not to use a pipe (which would break pgp2 compatibility). - - * encode.c (encode_crypt): warn if the user tries to encrypt to - any key that is not RSA and <= 2048 bits when the --pgp2 option is - used. - - * sign.c (sign_file, clearsign_file): When using --pgp2, make a v3 - sig, and warn if the signature is made with a non-v3 key. - -2001-12-05 David Shaw - - * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Prompt - for sig expiration if --expert is set and --force-v3-sigs is not - set (v3 sigs cannot expire). - - * mainproc.c (check_sig_and_print): After checking a sig, print - expiration status. This causes a error return if the sig is - expired. - - * build-packet.c (build_sig_subpkt_from_sig): Include a critical - sig expiration subpacket if the sig is to expire. - - * keyedit.c (sign_uids): Do not sign an expired key unless - --expert is set, in which case prompt. Also, offer to expire a - signature when the key the user is signing expires. - - * keygen.c (ask_expire_interval): Add a value to determine whether - to prompt for a key or sig expiration and change all callers. - - * keyid.c: New functions: expirestr_from_sig and - colon_expirestr_from_sig. - - * keylist.c (list_keyblock_colon): Show sig expiration date in the - --with-colons listing. - - * sign.c (make_keysig_packet, write_signature_packets): Pass in an - optional timestamp for the signature packet, and change all - callers. - - * keyedit.c (sign_mk_attrib): Include a critical expiration - subpacket in the signature if an expiration date is given. - -2001-12-04 David Shaw - - * keyedit.c (sign_uids): If the user tries to sign a - locally-signed key, allow the cert to be promoted to a full - exportable signature. This essentially deletes the old - non-exportable sig, and replaces it with a new exportable one. - -2001-12-04 David Shaw - - * keyedit.c (keyedit_menu): Do not allow signing a revoked key - unless --expert is set, and ask even then. - - * keyedit.c (sign_uids): Do not allow signing a revoked UID unless - --expert is set, and ask even then. - - * g10.c, options.h : New option --expert - -2001-11-16 David Shaw - - * Allow the user to select no compression via "--compress-algo 0" - on the command line. - - * keyedit.c (show_prefs): Show compression preferences in the - long-form "showpref" style. - - * keygen.c (set_one_pref): Permit setting a no-compression ("Z0") - preference. - - * getkey.c (fixup_uidnode): Fix compression preference corruption - bug. - -2001-12-02 David Shaw - - * g10.c: Add advisory --for-your-eyes-only option as per section - 5.9 of 2440. - -2001-12-05 David Shaw - - * Force a V4 sig if the user has a notation or policy URL set. - -2001-12-04 David Shaw - - * g10.c: Add options --keyserver-options, --temp-directory, and - auto-key-retrieve (the opposite of no-auto-key-retrieve). - - * hkp.c (hkp_search): New function to handle searching a HKP - keyserver for a key - - * hkp.c (hkp_ask_import, hkp_export): Pretty large changes to make - them communicate via the generic functions in keyserver.c - - * keyserver.c: new file with generic keyserver routines for - getting keys from a keyserver, sending keys to a keyserver, and - searching for keys on a keyserver. Calls the internal HKP stuff - in hkp.c for HKP keyserver functions. Other calls are handled by - an external program which is spawned and written to and read from - via pipes. Platforms that don't have pipes use temp files. - -2001-11-20 David Shaw - - * options.h, g10.c: New options show-notation, no-show-notation, - default-check-level, no-default-check-level, show-policy-url, - no-show-policy-url. - - * packet.h, sign.c (make_keysig_packet), parse-packet.c - (parse_signature), free-packet.c (free_seckey_enc): Fill in - structures for notation, policy, sig class, exportability, etc. - - * keyedit.c, keylist.c (print_and_check_one_sig, - list_keyblock_print): Show flags in signature display for cert - details (class, local, notation, policy, revocable). If selected, - show the notation and policy url. - - * keyedit.c (sign_uids): Prompt for and use different key sig - classes. - - * helptext.c (helptexts): Add help text to explain different - key signature classes - -2001-11-26 David Shaw - - * trustdb.c (mark_usable_uid_certs): Fix segfault from bad - initialization and fix reversed key signature expiration check. - -2001-11-09 Werner Koch - - * export.c (do_export_stream): Put all given names into a search - description and change the loop so that all matching names are - returned. - -2001-11-08 Werner Koch - - * pubkey-enc.c (get_it): To reduce the number of questions on the - MLs print the the name of cipher algorithm 1 with the error message. - - * mainproc.c: Changed the way old rfc1991 encryption cipher is - selected. Based on a patch by W Lewis. - - * pkclist.c (do_edit_ownertrust): Allow to skip over keys, the non - working "show info" is now assigned to "i" - * trustdb.c (ask_ownertrust, validate_keys): Implement a real quit - here. Both are by David Shaw. - - * trustdb.c (validate_keys): Make sure next_exipire is initialized. - - * sign.c (make_keysig_packet): Use SHA-1 with v4 RSA keys. - - * g10.c, options.h : New option --[no-]froce-v4-certs. - * sign.c (make_keysig_packet): Create v4 sigs on v4 keys even with - a v3 key. Use that new option. By David Shaw - - * revoke.c (ask_revocation_reason): Allow to select "no reason". - By David Shaw. - - * keyid.c (fingerprint_from_sk): Calculation of an v3 fpr was - plain wrong - nearly the same code in fingerprint_from_pk is correct. - - * build-packet.c (do_secret_key): Added a few comments to the code. - -2001-11-07 Werner Koch - - * g10.c (main): Print a warning when -r is used w/o encryption. - Suggested by Pascal Scheffers. - -2001-10-23 Werner Koch - - * keyedit.c (keyedit_menu): Changed helptext for showpref - command. Suggested by Reinhard Wobst. - - * keyring.c (keyring_search): When marking the offtbl ready, take - into account that we may have more than one keyring. - -2001-10-22 Werner Koch - - * Makefile.am: Do not use OMIT_DEPENDENCIES - - * build-packet.c (build_sig_subpkt): Default is now to put all - types of subpackets into the hashed area and only list those which - should go into the unhashed area. - -2001-10-18 Werner Koch - - * keydb.c (keydb_add_resource): Rearranged the way we keep track - of the resource. There will now be an entry for each keyring here - and not in keyring.c itself. Store a token to allow creation of a - keyring handle. Changed all functions to utilize this new design. - (keydb_locate_writable): Make a real implementation. - * keyring.c (next_kr): Removed and changed all callers to set the - resource directly from the one given with the handle. - (keyring_is_writable): New. - (keyring_rebuild_cache): Add an arg to pass the token from keydb. - -2001-10-17 Werner Koch - - * keyring.c (keyring_search): Enabled word search mode but print a - warning that it is buggy. - -2001-10-11 Werner Koch - - * hkp.c (hkp_ask_import): No more need to set the port number for - the x-hkp scheme. - (hkp_export): Ditto. - -2001-10-06 Stefan Bellon - - * passphrase.c [__riscos__]: Disabled agent specific stuff. - * g10.c: New option --no-force-v3-sigs. - -2001-10-04 Werner Koch - - * export.c (do_export_stream): Do not push the compress filter - here because the context would run out of scope due to the - iobuf_close done by the caller. - (do_export): Do it here instead. - -2001-09-28 Werner Koch - - * keyedit.c (sign_uids): Always use the primary key to sign keys. - * getkey.c (finish_lookup): Hack to return only the primary key if - a certification key has been requested. - - * trustdb.c (cmp_kid_for_make_key_array): Renamed to - (validate_one_keyblock): this and changed arg for direct calling. - (make_key_array): Renamed to - (validate_one_keyblock): this and changed args for direct calling. - (mark_usable_uid_certs, validate_one_keyblock) - (validate_key_list): Add next_expire arg to keep track of - expiration times. - (validate_keys): Ditto for UTKs and write the stamp. - - * tdbio.c (migrate_from_v2): Check return code of tbdio_sync. - - * tdbdump.c (import_ownertrust): Do a tdbio_sync(). - - * keyring.c: Made the offtbl an global object. - -2001-09-27 Werner Koch - - * pkclist.c (do_edit_ownertrust): Allow settin of ultimate trust. - - * trustdb.c (mark_keyblock_seen): New. - (make_key_array): Use it to mark the subkeys too. - (validate_keys): Store validity for ultimatly trusted keys. - -2001-09-26 Werner Koch - - * pkclist.c (check_signatures_trust, do_we_trust): Removed the - invocation of add_ownertrust. Minor changes to the wording. - (add_ownertrust, add_ownertrust_cb): Removed. - - * trustdb.c (get_validity): Allow to lookup the validity using a - subkey. - - * trustdb.c (new_key_hash_table): Increased the table size to 1024 - and changed the masks accordingly. - (validate): Changed stats printing. - (mark_usable_uid_certs): New. - (cmp_kid_for_make_key_array): Does now check the signatures and - figures out a usable one. - -2001-09-25 Werner Koch - - * keyring.c (new_offset_item,release_offset_items) - (new_offset_hash_table, lookup_offset_hash_table) - (update_offset_hash_table, update_offset_hash_table_from_kb): New. - (keyring_search): Use a offset table to optimize search for - unknown keys. - (keyring_update_keyblock, keyring_insert_keyblock): Insert new - offsets. - * getkey.c (MAX_UNK_CACHE_ENTRIES): Removed the unknown keys - caching code. - - * g10.c, options.h, import.c: Removed the entire - allow-secret-key-import stuff because the validity is now - controlled by other means. - - * g10.c: New command --rebuild-keydb-caches. - * keydb.c (keydb_rebuild_caches): New. - * keyring.c (do_copy): Moved some code to - (create_tmp_file, rename_tmp_file, write_keyblock): new functions. - (keyring_rebuild_cache): New. - - * packet.h (PKT_ring_trust): Add sigcache field. - * parse-packet.c (parse_trust): Parse sigcache. - * keyring.c (do_copy): Always insert a sigcache packet. - (keyring_get_keyblock): Copy the sigcache packet to the signature. - * sig-check.c (cache_sig_result): Renamed from - cache_selfsig_result. Changed implementation to use the flag bits - and changed all callers. - (mdc_kludge_check): Removed this unused code. - (do_check): Do not set the sig flags here. - - * import.c (read_block): Make sure that ring_trust packets are - never imported. - * export.c (do_export_stream): and never export them. - - * trustdb.c (make_key_array): Skip revoked and expired keys. - -2001-09-24 Werner Koch - - * g10.c, options.h: New option --no-auto-check-trustdb. - - * keygen.c (do_generate_keypair): Set newly created keys to - ultimately trusted. - - * tdbio.h, tdbio.c: Removed all support for records DIR, KEY, UID, - PREF, SIG, SDIR and CACH. Changed migration function to work - direct on the file. - (tdbio_read_nextcheck): New. - (tdbio_write_nextcheck): New. - -2001-09-21 Werner Koch - - Revamped the entire key validation system. - * trustdb.c: Complete rewrite. No more validation on demand, - removed some functions, adjusted to all callers to use the new - and much simpler interface. Does not use the LID anymore. - * tdbio.c, tdbio.h: Add new record types trust and valid. Wrote a - migration function to convert to the new trustdb layout. - * getkey.c (classify_user_id2): Do not allow the use of the "#" - prefix. - * keydb.h: Removed the TDBIDX mode add a skipfnc to the - descriptor. - * keyring.c (keyring_search): Implemented skipfnc. - - * passphrase.c (agent_open): Add missing bracket. Include windows.h. - -2001-09-19 Werner Koch - - * keylist.c (print_fingerprint): Renamed from fingerprint, made - global available. Added new arg to control the print style. - * mainproc.c (print_fingerprint): Removed. - * pkclist.c (print_fpr, fpr_info): Removed and changed callers to - use print_fingerprint. - * keyedit.c (show_fingerprint): Ditto. - - * passphrase.c (writen, readn) - (agent_open, agent_close) - (agent_get_passphrase) - (passphrase_clear_cache): Support for W32. Contributed by Timo. - - * import.c (import_one): Release keydb handles at 2 more places. - - * keyring.c (keyring_release): Close the iobuf. - (keyring_get_keyblock): Init ret_kb to NULL and store error contidion. - - * import.c (import_new_stats_handle): New. - (import_release_stats_handle): New. - (import_print_stats): Renamed from static fnc print_stats. - (import_keys, import_keys_stream): Add an optional status handle - arg and changed all callers. - * hkp.c (hkp_ask_import): Add an stats_handle arg and changed all - callers. - - * mainproc.c (print_pkenc_list): Use print_utf8_string2(). - -2001-09-18 Werner Koch - - * g10.c: New command --refresh-keys. - * hkp.c (hkp_refresh_keys): New. Contributed by Timo Schulz. - - * parse-packet.c (parse): Stop on impossible packet lengths. - -2001-09-17 Werner Koch - - * mainproc.c (print_notation_data): Wrap notation data status lines - after 50 chars. - - * mainproc.c (proc_pubkey_enc): Make option try-all-secrets work. - By disastry@saiknes.lv. - -2001-09-14 Werner Koch - - * parse-packet.c (dump_sig_subpkt): List key server preferences - and show the revocable flag correctly. Contributed by David Shaw. - -2001-09-09 Werner Koch - - * keyedit.c (keyedit_menu): No need to define another p. - - * keylist.c (print_capabilities): s/used/use/ so that it - does not shadow a global. - * sign.c (sign_file): Renamed arg encrypt to encryptflag - * keygen.c: Replaced all "usage" by "use". - * misc.c (openpgp_pk_algo_usage): Ditto. - - * pubkey-enc.c (get_it): Renamed arg k to enc so that the later - defined k does not shadow it. - - * parse-packet.c (parse_gpg_control): No need to define another i. - - * getkey.c (get_pubkey_byfprint): Must use the enum values and not - the fprint_len. - * keyring.c (keyring_search): Removed a non-sense break. Both - bugs pointed out by Stefan. - -2001-09-07 Werner Koch - - * status.c, status.h: Added NO_RECP and ALREADY_SIGNED. - * pkclist.c (build_pk_list): Issue NO_RECP. - * keyedit.c (sign_uids): Added experimental ALREADY_SIGNED - - * hkp.c (hkp_import): Use log_error. Bug reported by Neal H - Walfield. - - * getkey.c (classify_user_id2): Change args to take the desc union - direct. It was a stupid idea to pass the individual fields of an - union to this function. Changed all callers. - (classify_user_id): Ditto and allow to pass NULL as the description. - -2001-09-06 Werner Koch - - * getkey.c (fixup_uidnode): Features flag is now a bit vector. - * keygen.c (add_feature_mdc): Ditto. - - Revamped the entire key I/O code to be prepared for other ways of - key storages and to get rid of the existing shit. GDBM support has - gone. - * keydb.c: New - * keyring.c, keyring.h: New. - * ringedit.c: Removed. Moved some stuff to keyring.c - * getkey.c: Changed everything related to the key retrieving - functions which are now using the keydb_ functions. - (prepare_search, word_match_chars, word_match) - (prepare_word_match, compare_name): Moved to keyring.c - (get_pubkey_byname): Removed ctx arg and add ret_kdbhd - arg. Changed all callers. - (key_byname): Use get_pubkey_end to release the context and take - new ret_kbdhd arg. Changed all callers. - (classify_user_id2): Fill the 16 byte fingerprint up with 4 null - bytes not with zero bytes of value 4, tsss. - * import.c (import_one): Updated to use the new keydb interface. - (import_secret_one): Ditto. - (import_revoke_cert): Ditto. - * delkey.c (do_delete_key): Ditto. - * keyedit.c (keyedit_menu): Ditto. - (get_keyblock_byname): Removed. - * revoke.c (gen_revoke): Ditto. - * export.c (do_export_stream): Ditto. - * trustdb.c (update_trustdb): Ditto. - * g10.c, gpgv.c (main): Renamed add_keyblock_resource to - keydb_add_resource. - * Makefile.am: Added and removed files. - - * keydb.h: Moved KBNODE typedef and MAX_FINGERPRINT_LEN to - * global.h: this new header. - -2001-09-03 Werner Koch - - * passphrase.c (agent_get_passphrase): Changed nread to size_t. - (passphrase_clear_cache): Ditto. - - * keyid.c (mk_datestr): Avoid trigraphs. - (fingerprint_from_pk): Cache the keyid in the pk. - - * options.h: Add opt.with_fingerprint so that we know whether the - corresponding options was used. - * g10.c (main): Set it here. - * pkclist.c (check_signatures_trust): Always print fingerprint - when this option is used. Mixed a minor memory leak. - - * status.c, status.h: New status INV_RECP. - * pkclist.c (build_pk_list): Issue this status. - -2001-08-31 Werner Koch - - * parse-packet.c (parse_key,parse_pubkeyenc) - (parse_signature): Return error on reading bad MPIs. - - * mainproc.c (check_sig_and_print): Always print the user ID even - if it is not bound by a signature. Use the primary UID in the - status messages and encode them in UTF-8 - * status.c (write_status_text_and_buffer): New. - -2001-08-30 Werner Koch - - * packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES. - (PKT_public_key, PKT_user_id): Add a flag for it. - * parse-packet.c, build-packet.c: Add support for them. - * getkey.c (fixup_uidnode, merge_selfsigs): Set the MDC flags. - * keygen.c (add_feature_mdc): New. - (keygen_upd_std_prefs): Always set the MDC feature. - * keyedit.c (show_prefs): List the MDC flag - * pkclist.c (select_mdc_from_pklist): New. - * encode.c (encode_crypt, encrypt_filter): Test whether MDC - should be used. - * cipher.c (write_header): Set MDC use depending on the above test. - Print more status info. - - * delkey.c (do_delete_key): Kludge to delete a secret key with no - public key available. - - * ringedit.c (find_secret_keyblock_direct): New. - * getkey.c (seckey_available): Simplified. - - * ringedit.c (cmp_seckey): Now compares the secret key against the - public key while ignoring all secret parts. - (keyring_search): Use a public key packet as arg. Allow to search - for subnkeys - (search): Likewise. Changed all callers. - (find_secret_keyblock_bypk): New. - (find_secret_keyblock_byname): First locate the pubkey and then - find the correponding secret key. - * parse-packet.c (parse): Renamed pkttype arg to onlykeypkts and - changed code accordingly. Changed all callers. - (search_packet): Removed pkttype arg. - * keyedit.c (keyedit_menu): First locate the public key and then - try to locate a secret key. - - * ringedit.c (locate_keyblock_by_fpr): Removed. - (locate_keyblock_by_keyid): Removed. - (find_keyblock_bysk): Removed. - - * sig-check.c (check_key_signature2): Print the keyid along with - the wrong sig class errors. - -2001-08-24 Werner Koch - - * sign.c (sign_file): Stripped the disabled comment packet code. - (sign_file, sign_symencrypt_file): Moved common code to .. - (write_onepass_sig_packets): .. this new function. - (sign_file, clearsign_file, sign_symencrypt_file): Moved common - code to - (write_signature_packets): this new function. - (write_signature_packets, make_keysig_packet) - (update_keysig_packet): Moved common code to - (hash_uid, hash_sigclass_to_magic): these new functions - (sign_file, sign_symencrypt_file): Moved common code to - (write_plaintext_packet): this new function. - -2001-08-21 Stefan Bellon - - * trustdb.c (query_trust_info): Changed trustlevel to signed int. - * g10.c [__riscos__]: Fixed handling of --use-agent --lock-multiple. - -2001-08-20 Werner Koch - - * encr-data.c (decrypt_data): Keep track on whether we already - printed information about the used algorithm. - * mainproc.c (proc_encrypted): Removed the non-working IDEA hack - and print a message about the assumed algorithm. - * passphrase.c (passphrase_to_dek): Use the same algorithm as above. - (proc_symkey_enc): Print the algorithm, so that the user knows it - before entering the passphrase. - (proc_pubkey_enc, proc_pubkey_enc): Zero the DEK out. - * encode.c (encode_crypt, encrypt_filter): Ditto. - - * g10.c: Allow for --sign --symmetric. - * sign.c (sign_and_symencrypt): New. - - Applied patches from Stefan Bellon to support - RISC OS. Nearly all of these patches are identified by the - __riscos__ macro. - * compress.c: Added a couple of casts. - * g10.c [__riscos__]: Some patches and new options foo-file similar - to all foo-fd options. - * gpgv.c, openfile.c, ringedit.c, tdbio.c: Minor fixes. Mainly - replaced hardcoded path separators with EXTSEP_S like macros. - * passprase.c [__riscos__]: Disabled agent stuff - * trustdb.c (check_trust): Changed r_trustlevel to signed int to - avoid mismatch problems in pkclist.c - * pkclist.c (add_ownertrust): Ditto. - * plaintext.c (handle_plaintext) [__riscos__]: Print a note when - file can't be created. - * options.h [__riscos__]: Use an extern unless included from the - main module. - * signal.c (got_fatal_signal) [__riscos__]: Close all files. - -2001-08-14 Werner Koch - - * keygen.c (ask_algo): New arg r_usage. Allow for RSA keys. - (gen_rsa): Enabled the code. - (do_create): Enabled RSA branch. - (parse_parameter_usage): New. - (proc_parameter_file): Handle usage parameter. - (read_parameter_file): Ditto. - (generate_keypair): Ditto. - (generate_subkeypair): Ditto. - (do_generate_keypair): Ditto. - (do_add_key_flags): New. - (keygen_add_std_prefs): Use the new function. - (keygen_add_key_flags_and_expire): New. - (write_selfsig, write_keybinding): Handle new usage arg. - * build-packet.c (build_sig_subpkt): Make sure that key flags go - into the hashed area. - - * keygen.c (write_uid): Initialize the reference cunter. - - * keyedit.c (keyedit_menu): No more need to update the trustdb for - preferences. Added calls to merge keblock. - - * kbnode.c (dump_kbnode): Print some more flags. - -2001-08-10 Werner Koch - - Revamped the preference handling. - - * packet.h (prefitem_t, preftype_t): New. - (PKT_public_key): Added a uid field. - (PKT_user_id): Added field to store preferences and a reference - counter. - * parse-packet.c (parse_user_id,parse_photo_id): Initialize them - * free-packet.c (free_user_id): Free them. - (copy_user_id): Removed. - (scopy_user_id): New. - (cmp_user_ids): Optimized for identical pointers. - (release_public_key_parts): Release the uid. - (copy_public_key_with_new_namehash): Removed. - (copy_prefs): New. - * keyedit.c (menu_adduid): Use the new shallow copy user id. - (show_prefs): Adjusted implementation. - (keyedit_menu): No more need to update the trustdb after changing - preferences. - * getkey.c (fixup_uidnode): Store preferences. - (find_by_name): Return a user id packet and remove namehash stuff. - (lookup): Removed the unused namehash stuff. - (finish_lookup): Added foundu arg. - (pk_from_block): Removed the namehash arg and changed all callers. - (merge_selfsigs): Copy prefs to all keys. - * trustdb.c (get_pref_data): Removed. - (is_algo_in_prefs): Removed. - (make_pref_record): Deleted and removed all class. - * pkclist.c (select_algo_from_prefs): Adjusted for the new - preference implementation. - * pubkey-enc.c (is_algo_in_prefs): New. - (get_it): Use that new function. - -2001-08-09 Werner Koch - - * build-packet.c (build_sig_subpkt): Fixed calculation of - newarea->size. - - * g10.c (main): New option "--preference-list" - * keyedit.c (keyedit_menu): New commands "setpref" and "updpref". - (menu_set_preferences): New. - * keygen.c (keygen_set_std_prefs): New. - (set_one_pref): New. - (check_zip_algo): New. - (keygen_get_std_prefs): New. - (keygen_upd_std_prefs): New - (keygen_add_std_prefs): Move the pref setting code into the above fnc. - * build-packet.c (build_sig_subpkt): Updated the list of allowed - to update subpackets. - -2001-08-08 Werner Koch - - * packet.h (subpktarea_t): New. - (PKT_signature): Use that type for hashed_data and unhashed_data and - removed the _data prefix from those fields. Changed all users. - * parse-packet.c (parse_signature): Changed allocation for that. - (parse_sig_subpkt): Changed declaration - (enum_sig_subpkt): Ditto and changed implementation accordingly. - * free-packet.c (cp_subpktarea): Renamed from cp_data_block and - adjusted implementation. Changed caller. - * sig-check.c (mdc_kludge_check): Adjusted the hashing. - (do_check): Ditto. - * sign.c (sign_file, clearsign_file, make_keysig_packet, - update_keysig_packet): Ditto. - * build-packet.c (build_sig_subpkt): Partial rewrite. - (find_subpkt): Adjusted and made static. - (delete_sig_subpkt): Adjusted. - (do_signature): Ditto. - - * keygen.c (ask_keysize): Do not print the notes about suggested - key sizes if just a DSA key is generated. - - * trustdb.c (add_ultimate_key): s/log_error/log_info/ for - duplicated inserted trusted keys. - -2001-08-07 Werner Koch - - * sign.c (sleep): Redefine for W32. - - * g10.c, options.h: Set new flag opt.no_homedir_creation when - --no-options is given. - * openfile.c (try_make_homedir): Don't create the homedir in that case. - -2001-08-03 Werner Koch - - * armor.c (armor_filter): Removed the default comment string - because it could get us in trouble due to translations using non - ascii characters. - -2001-08-01 Werner Koch - - * keylist.c (list_keyblock_print): Do not list revoked UIDs unless - in verbose mode and we do no signature listing. - - * getkey.c (finish_lookup): Skip subkeys which are not yet valid. - * g10.c, options.h: New option --ignore-valid-from. - - * sign.c (make_keysig_packet): Added new sigversion argument to - allow the caller to force generation of required signature - version. Changed all callers. Suggested by Thomas Roessler. - - * keyedit.c (sign_uids): Force v4 signature generation for local - sigs. Removed the check for local signature and pre-v4 keys. - -2001-07-27 Werner Koch - - * keyedit.c (sign_uids): Check that we are not trying to to a - lsign with a pre-v4 key. Bug noticed by Thomas Roessler. - -2001-07-26 Werner Koch - - * parse-packet.c (parse_photo_id): Reset all variables. - * getkey.c (merge_selfsigs_main): Removed checks on PHOTO_ID - because this is handled identically to a user ID. - -2001-07-06 Werner Koch - - * cipher.c (write_header): Don't use MDC with --rfc1991. Suggested - by disastry@saiknes.lv. - -2001-07-05 Werner Koch - - * g10.c, options.h: New option --preserve-permissions. - * ringedit.c (add_keyblock_resource): Use it here - (keyring_copy): and here. - - * trustdb.c (verify_own_keys): Be more silent on --quiet. - Suggested by Thomas Roessler. - * sig-check.c (check_key_signature2): Ditto. - * mainproc.c (proc_encrypted, proc_tree): Ditto - * getkey.c (lookup): Ditto. - -2001-07-04 Werner Koch - - * ringedit.c (add_keyblock_resource): Restore filename in case of error. - -2001-06-25 Werner Koch - - * kbnode.c (dump_kbnode): Print the signature timestamp. - - * keyedit.c (keyedit_menu): New menu point "primary". - (change_primary_uid_cb): New. - (menu_set_primary_uid): New. - * sign.c (update_keysig_packet): New. - * build-packet.c (build_sig_subpkt): Put the primary UID flag into - the hashed area. Allow update of some more packets. - -2001-06-15 Werner Koch - - * getkey.c (merge_selfsigs): Exit gracefully when a secret key is - encountered. May happen if a secret key is in public keyring. - Reported by Francesco Potorti. - -2001-06-12 Werner Koch - - * getkey.c (compare_name): Use ascii_memistr(), ascii_memcasecmp() - * keyedit.c (keyedit_menu): Use ascii_strcasecmp(). - * armor.c (radix64_read): Use ascii_toupper(). - * ringedit.c (do_bm_search): Ditto. - * keygen.c (read_parameter_file): Ditto. - * openfile.c (CMP_FILENAME): Ditto. - * g10.c (i18n_init): We can now use just LC_ALL. - -2001-05-29 Werner Koch - - * keygen.c (generate_subkeypair): Print a warning if a subkey is - created on a v3 key. Suggested by Brian M. Carlson. - -2001-05-27 Werner Koch - - * keyid.c (get_lsign_letter): New. - * keylist.c (list_keyblock_colon): Use it here. - * mainproc.c (list_node): and here. - - * getkey.c, packet.h, free-packet.c: Removed that useless key - created field; I dunno why I introducded this at all - the - creation time is always bound to the key packet and subject to - fingerprint calculation etc. - - * getkey.c (fixup_uidnode): Add keycreated arg and use this - instead of the signature timestamp to calculate the - help_key_expire. Bug reported by David R. Bergstein. - (merge_selfsigs_main): Correct key expiration time calculation. - (merge_selfsigs_subkey): Ditto. - -2001-05-25 Werner Koch - - * revoke.c (gen_revoke): Add a cast to a tty_printf arg. - * delkey.c (do_delete_key): Ditto. - * keyedit.c (print_and_check_one_sig): Ditto. - (ask_revoke_sig): Ditto. - (menu_revsig): Ditto. - (check_all_keysigs): Removed unused arg. - -2001-05-23 Werner Koch - - * g10.c (opts): Typo fix by Robert C. Ames. - -2001-05-06 Werner Koch - - * revoke.c: Small typo fix - -2001-05-04 Werner Koch - - * passphrase.c (passphrase_clear_cache): Shortcut if agent usage - is not enabled. - -2001-05-01 Werner Koch - - * passphrase.c (writen): Replaced ssize_t by int. Thanks to - to Robert Joop for reporting that SunOS 4.1.4 does not have it. - -2001-04-28 Werner Koch - - * getkey.c (merge_public_with_secret): pkttype was not set to subkey. - -2001-04-27 Werner Koch - - * skclist.c (build_sk_list): Changed one log_debug to log_info. - -2001-04-25 Werner Koch - - * keyedit.c (show_prefs): Add a verbose mode. - (show_key_with_all_names): Pass verbose flag for special value of - with_pref. - (keyedit_menu): New command "showpref" - (show_key_with_all_names): Mark revoked uids and the primary key. - -2001-04-24 Werner Koch - - * getkey.c (get_primary_uid): Return a different string in case of - error and made it translatable. - - * build-packet.c (do_secret_key): Ugly, we wrote a zero - instead of the computed ndays. Thanks to M Taylor for complaining - about a secret key import problem. - -2001-04-23 Werner Koch - - * hkp.c (hkp_ask_import): Allow to specify a port number for the - keyserver. Add a kudge to set the no_shutdown flag. - (hkp_export): Ditto. - * options.skel: Document the changes - -2001-04-20 Werner Koch - - * options.skel: Add some more comments. - -2001-04-19 Werner Koch - - * keyid.c (mk_datestr): New. Handles negative times. We must do - this because Windoze segvs on negative times passed to gmtime(). - Changed all datestr_from function to use this one. - - * keyid.c, keyid.h (colon_strtime): New. To implement the - fixed-list-mode. - (colon_datestr_from_pk): New. - (colon_datestr_from_sk): New. - (colon_datestr_from_sig): New. - * keylist.c (list_keyblock_colon): Use these functions here. - * mainproc.c (list_node): Ditto. - -2001-04-18 Werner Koch - - * openfile.c (open_sigfile): Fixed the handling of ".sign". - * mainproc.c (proc_tree): Use iobuf_get_real_fname. - Both are by Vincent Broman. - -2001-04-14 Werner Koch - - * getkey.c (fixup_uidnode): Removed check for !sig which is - pointless here. Thanks to Jan Niehusmann. - -2001-04-10 Werner Koch - - * sig-check.c (check_key_signature2): Use log_info instead of - log_error so that messed up keys do not let gpg return an error. - Suggested by Christian Kurz. - - * getkey.c (merge_selfsigs_main): Do a fixup_uidnode only if we - have both, uid and sig. Thanks to M Taylor. - -2001-04-05 Werner Koch - - * armor.c (unarmor_pump_new,unarmor_pump_release): New. - (unarmor_pump): New. - * pipemode.c (pipemode_filter): Use the unarmor_pump to handle - armored or non-armored detached signatures. We can't use the - regular armor_filter becuase this does only chack for armored - signatures the very first time. In pipemode we may have a mix of - armored and binary detached signatures. - * mainproc.c (proc_tree): Do not print the "old style" notice when - this is a pipemode processes detached signature. - (proc_plaintext): Special handling of pipemode detached sigs. - - * packet.h (CTRLPKT_PLAINTEXT_MARK): New. - * parse-packet.c (create_gpg_control): New. - * kbnode.c (dump_kbnode): Support it here. - * mainproc.c (check_sig_and_print): Fixed the check for bad - sequences of multiple signatures. - (proc_plaintext): Add the marker packet. - (proc_tree): We can now check multiple detached signatures. - -2001-04-02 Werner Koch - - The length of encrypted packets for blocksizes != 8 was not - correct encoded. I think this is a minor problem, because we - usually use partial length packets. Kudos to Kahil D. Jallad for - pointing this out. - * packet.h: Add extralen to PKT_encrypted. - * cipher.c (write_header): Set extralen. - * build-packet.c (do_encrypted): Use extralen instead of const 10. - (do_encrypted_mdc): Ditto. - * parse-packet.c (parse_encrypted): Set extralen to 0 because we - don't know it here. - -2001-03-30 Werner Koch - - * getkey.c (premerge_public_with_secret): Changed wording an add - the keyID to the info message. - -2001-03-29 Werner Koch - - * getkey.c (premerge_public_with_secret): Use log_info instead of - log_error when no secret key was found for a public one. - Fix the usage if the secret parts of a key are not available. - - * openfile.c (ask_outfile_name): Trim spaces. - (open_outfile): Allow to enter an alternate filename. Thanks to - Stefan Bellon. - * plaintext.c (handle_plaintext): Ditto. - -2001-03-28 Werner Koch - - * mainproc.c (do_check_sig): Allow direct key and subkey - revocation signature. - * sig-check.c (check_key_signature2): Check direct key signatures. - Print the signature class along with an error. - -2001-03-27 Werner Koch - - * packet.h: Add a missing typedef to an enum. Thanks to Stefan Bellon. - - * g10.c: New option --no-sig-create-check. - * sign.c (do_sign): Implement it here. - * g10.c: New option --no-sig-cache. - * sig-check.c (check_key_signature2): Implement it here. - (cache_selfsig_result): and here. - - * keylist.c (list_keyblock): Removed debugging stuff. - - * getkey.c (cache_public_key): Made global. - * keygen.c (write_selfsig, write_keybinding): Cache the new key. - - * getkey.c (key_byname): Add new arg secmode and changed all - callers to request explicitly the mode. Deriving this information - from the other supplied parameters does not work if neither pk nor - sk are supplied. - -2001-03-25 Werner Koch - - * packet.h (ctrlpkttype_t): New. - * mainproc.c (add_gpg_control,proc_plaintext,proc_tree): Use the - new enum values. - * pipemode.c (make_control): Ditto. - * armor.c (armor_filter): Ditto. - -2001-03-24 Werner Koch - - * sign.c (do_sign): Verify the signature right after creation. - -2001-03-23 Werner Koch - - * status.c, status.h (STATUS_UNEXPECTED): New. - * mainproc.c (do_proc_packets): And emit it here. - -2001-03-21 Werner Koch - - * status.c: Add sys/types.h so that it runs on Ultrix. Reported - by Georg Schwarz.x - - * build-packet.c (build_sig_subpkt): Fixed generaton of packet - length header in case where 2 bytes headers are needed. Thanks to - Piotr Krukowiecki. - -2001-03-19 Werner Koch - - * g10.c (main): the default keyring is no always used unless - --no-default-keyring is given. - - * ringedit.c (add_keyblock_resource): invalidate cache after file - creation. - -2001-03-15 Werner Koch - - * keygen.c (ask_algo): Changed the warning of the ElGamal S+E Algo. - - * keylist.c (print_capabilities): New. - (list_keyblock_colon): and use it here. - -2001-03-13 Werner Koch - - * main.c, options.h: New option --fixed_list_mode. - * keylist.c (list_keyblock_colon): use it here. - - * getkey.c (merge_keys_and_selfsig): Divert merging of public keys - to the function used in key selection.. - * keylist.c (is_uid_valid): Removed. - (list_keyblock): Splitted into .. - (list_keyblock_print, list_keyblock_colon): .. these. - functions. Changed them to use the flags set in the key lookup code. - (reorder_keyblock): New, so that primary user IDs are listed first. - - * ringedit.c (keyring_copy): flush the new iobuf chaces before - rename or remove operations. This is mainly needed for W32. - - * hkp.c [HAVE_DOSISH_SYSTEM]: Removed the disabled code because we - have now W32 socket support in ../util/http.c - - * skclist.c (key_present_in_sk_list): New. - (is_duplicated_entry): New. - (build_sk_list): Check for duplicates and do that before unlocking. - -2001-03-12 Werner Koch - - * armor.c (parse_header_line): Removed double empty line check. - (parse_header_line): Replaced trim_trailing_ws with a counting - function so that we can adjust for the next read. - - * options.skel: Fixed 3 typos. By Thomas Klausner. Replaced the - keyserver example by a better working server. - - * parse-packet.c (parse_symkeyenc): Return Invalid_Packet on error. - (parse_pubkeyenc): Ditto. - (parse_onepass_sig): Ditto. - (parse_plaintext): Ditto. - (parse_encrypted): Ditto. - (parse_signature): Return error at other places too. - (parse_key): Ditto. - * g10.c (main): Set opt.list_packets to another value when invoked - with the --list-packets command. - * mainproc.c (do_proc_packets): Don's stop processing when running - under --list-packets command. - - * signal.c (do_sigaction): Removed. - (init_one_signal): New to replace the above. Needed to support - systems without sigactions. Suggested by Dave Dykstra. - (got_fatal_signal,init_signals): Use the above here. - (do_block): Use sigset() if sigprocmask() is not available. - - * armor.c (parse_hash_header): Test on TIGER192, which is the - correct value as per rfc2440. By Edwin Woudt. - -2001-03-08 Werner Koch - - * misc.c: Include time.h. By James Troup. - - * getkey.c: Re-enabled the unknown user Id and PK caches and - increased their sizes. - - * getkey.c (merge_selfsigs_main): Set expire date and continue - processing even if we found a revoked key. - (merge_selfsigs_subkeys): Ditto. - - * packet.h: Add an is_revoked flag to the user_id packet. - * getkey.c (fixup_uidnode): Set that flag here. - (merge_selfsigs_main): Fix so that the latest signature is used to - find the self-signature for an UID. - * parse-packet.c (parse_user_id): Zero out all fields. - * mainproc.c (check_sig_and_print): Print the primary user ID - according the the node flag and then all other non-revoked user IDs. - (is_uid_revoked): Removed; it is now handled by the key selection code. - - Changed the year list of all copyright notices. - -2001-03-07 Werner Koch - - * getkey.c (finish_lookup): Print an info message only in verbose mode. - -2001-03-05 Werner Koch - - * packet.h: Replaced sigsubpkt_t value 101 by PRIV_VERIFY_CACHE. - We have never used the old value, so we can do this without any harm. - * parse-packet.c (dump_sig_subpkt): Ditto. - (parse_one_sig_subpkt): Parse that new sub packet. - * build-packet.c (build_sig_subpkt): Removed the old one from the - hashed area. - (delete_sig_subpkt): New. - (build_sig_subpkt): Allow an update of that new subpkt. - * sig-check.c (check_key_signature2): Add verification caching - (cache_selfsig_result): New. - * export.c (do_export_stream): Delete that sig subpkt before exporting. - * import.c (remove_bad_stuff): New. - (import): Apply that function to all imported data - -2001-03-03 Werner Koch - - * getkey.c: Introduced a new lookup context flag "exact" and used - it in all place where we once used primary. - (classify_user_id2): Replaced the old function and add an extra - argument to return whether an exact keyID has been requested. - (key_byname): Removed the unused ctx.primary flag - (get_seckey_byname2): Ditto. - (finish_lookup): Changed debugging output. - -2001-03-02 Werner Koch - - * keylist.c (list_one): Remove the merge key calls. - -2001-03-01 Werner Koch - - * getkey.c (finish_lookup): Don't use it if we no specific usage - has been requested. - (merge_selfsigs_main): fix UID only if we have an signature. - (lookup): Return UNU_PUBKEY etc. instead of NO_PUBKEY if we found - a key but the requested usage does not allow this key. - * import.c (import_one): Take UNU_PUBKEY into account. - * mainproc.c (list_node): Ditto. - * keylist.c (list_keyblock): Ditto. - * keyedit.c (print_and_check_one_sig): Ditto. - -2001-02-09 Werner Koch - - * delkey.c (delete_key): Removed that silly assert which rendered - the whole new stuff meaningless. - -2001-02-08 Werner Koch - - * getkey.c (key_byname): It can happen that we have both, sk and pk - NULL, fix for that. - - * parse-packet.c (parse_one_sig_subpkt): Add support for - primary_uid and key_flags. - (can_handle_critical): Ditto - - * parse-packet.c (parse_encrypted): Fixed listing of pktlen for - MDC packets. - - * getkey.c: Backported the version of this file from gpg 1.1. this - involved some changes in other files too. - * parse-packet.c (parse_key): Clear req_usage. - * skclist.c (build_sk_list): Use req_usage to pass the usage - information to the lookup function. - * pkclist.c (build_pk_list): Ditto. - * free-packet.c (copy_public_parts_to_secret_key): New. - * keydb.h: Add IS_* macros to check the sig_class. - * misc.c (openpgp_cipher_test_algo): New. - (openpgp_pk_test_algo): New. - (openpgp_pk_algo_usage): New. - (openpgp_md_test_algo): New. - * packet.h: Add a few fields to PKT_{public,secret}_key and - PKT_user_id. - * seckey-cert.c (do_check): Use the new main_keyid field. - -2001-02-04 Werner Koch - - * encr-data.c (decrypt_data): Catch error when we had problems to - parse the encrypted packet. By Timo. - -2001-01-29 Werner Koch - - * g10.c (main): --batch does now set nogreeting. - - * delkey.c (do_delete_key): Fixed delete-both functionality. - -2001-01-22 Werner Koch - - * g10.c: New command --delete-secret-and-public-key. - * delkey.c (delete_key): Add new arg allow_both. - (do_delete_key): Move most stuff from above to this new function. - -2001-01-12 Werner Koch - - * passphrase.c (passphrase_to_dek): Use MD5 when IDEA is installed - and we have no S2K. - * mainproc.c (proc_encrypted): Likewise - -2001-01-11 Werner Koch - - * sig-check.c (do_check): Print the signature key expire message - only in verbose mode and added the keyID. - -2001-01-09 Werner Koch - - * status.c, status.h: New status USERID_HINT. - (write_status_text): Replace LF and CR int text by C-escape sequence. - - * passphrase.c (passphrase_to_dek): Fixed the NEED_PASSPHRASE - output. It does now always print 2 keyIDs. Emit the new - USERID_HINT. - -2001-01-08 Werner Koch - - * g10.c, options.h: New option --no-expensive-trust-checks. - * keylist.c (list_keyblock): Act on this option. - -2001-01-04 Werner Koch - - * g10.c (main): Set homedir only in the pre-parsing phase and - replace backslashes in the W32 version. - -2001-01-03 Werner Koch - - * status.c, status.h : New status KEY_CREATED - * keygen.c (do_generate_keypair,generate_subkeypair): Emit it. - -2000-12-28 Werner Koch - - * signal.c (got_fatal_signal): Remove lockfiles here because the - atexit stuff does not work due to the use of raise. Suggested by - Peter Fales. - * gpgv.c (remove_lockfiles): New stub. - -2000-12-19 Werner Koch - - * status.c, status.h (cpr_get_no_help): New. - * keyedit.c (keyedit_menu): Use it here because we have our own - help list here. - -2000-12-18 Werner Koch - - * mainproc.c (print_failed_pkenc): Don't print the sometimes - confusing message about unavailabe secret key. Renamed ... - (print_pkenc_list): ... to this and introduced failed arg. - (proc_encrypted): Print the failed encryption keys and then - the one to be used. - (proc_pubkey_enc): Store also the key we are going to use. - - * mainproc.c (check_sig_and_print): Don't list revoked user IDs. - (is_uid_revoked): New. - -2000-12-08 Werner Koch - - * pipemode.c: Made the command work. Currently only for - non-armored detached signatures. - * mainproc.c (release_list): Reset the new pipemode vars. - (add_gpg_control): Handle the control packets for pipemode - * status.c, status.h: New stati {BEGIN,END}_STREAM. - -2000-12-07 Werner Koch - - * g10.c: New option --allow-secret-key-import. - * import.c (import_keys,import_keys_stream): Honor this option. - (import): New arg allow_secret and pass that arg down to ... - (import_secret_one): to this and print a warning if secret key - importing is not allowed. - -2000-12-05 Werner Koch - - * cipher.c (cipher_filter): Moved the end_encryption status ... - * encode.c (encode_simple,encode_crypt): to here - * sign.c (sign_file): and here. - - * status.c (mywrite): Removed. - (get_status_string): Removed the LFs from the strings. - (set_status_fd,is_status_enabed,write_status_text, - write_status_buffer): Replaced all mywrite by stdio calls and use - fdopen to create a strem. This is needed to make things smoother - in the W32 version. - -2000-12-04 Werner Koch - - * import.c (merge_blocks): Increment n_sigs for revocations. - -2000-11-30 Werner Koch - - * g10.c (main): Use iobuf_translate_file_handle for all options - with filehandles as arguments. This is function does some magic - for the W32 API. - - * verify.c (verify_signatures): Add a comment rant about the - detached signature problem. - * mainproc.c (proc_tree): Issue an error if a detached signature - is assumed but a standard one was found. - * plaintext.c (hash_datafiles): Don't fall back to read signature - from stdin. - * openfile.c (open_sigfile): Print verbose message only if the - file could be accessed. - -2000-11-24 Werner Koch - - * passphrase.c [HAVE_DOSISH_SYSTEM]: Disabled all the agent stuff. - -2000-11-16 Werner Koch - - * g10.c: New option --use-agent - * passphrase.c (agent_open,agent_close): New. - (agent_get_passphrase,agent_clear_passphrase): New. - (passphrase_clear_cache): New. - (passphrase_to_dek): Use the agent here. - * seckey-cert.c (do_check): Clear cached passphrases. - -2000-11-15 Werner Koch - - * status.c (write_status_text): Moved the big switch to ... - (get_status_string): ... new function. - (write_status_buffer): New. - - * status.c (mywrite): New and replaced all write() by this. - - * status.c, status.h: Add 3 status lcodes for notaions and policy. - * mainproc.c (print_notation_data): Do status output of notations. - -2000-11-13 Werner Koch - - * sign.c (clearsign_file): Use LF macro to print linefeed. - -2000-11-11 Paul Eggert - - Clean up the places in the code that incorrectly use "long" or - "unsigned long" for file offsets. The correct type to use is - "off_t". The difference is important on large-file hosts, - where "off_t" is longer than "long". - - * keydb.h (struct keyblock_pos_struct.offset): - Use off_t, not ulong, for file offsets. - * packet.h (dbg_search_packet, dbg_copy_some_packets, - search_packet, copy_some_packets): Likewise. - * parse-packet.c (parse, dbg_search_packet, search_packet, - dbg_copy_some_packets, copy_some_packets): Likewise. - * ringedit.c (keyring_search): Likewise. - - * parse-packet.c (parse): Do not use %lu to report file - offsets in error diagnostics; it's not portable. - * ringedit.c (keyring_search): Likewise. - -2000-11-09 Werner Koch - - * g10.c (main): New option --enable-special-filenames. - -2000-11-07 Werner Koch - - * g10.c (main): New command --pipemode. - * pipemode.c: New. - -2000-10-23 Werner Koch - - * armor.c (armor_filter): Changed output of hdrlines, so that a CR - is emitted for DOS systems. - - * keygen.c (read_parameter_file): Add a cast for isspace(). - - * status.c (myread): Use SIGINT instead of SIGHUP for DOS. - -2000-10-19 Werner Koch - - * g10.c: New option --ignore-crc-error - * armor.c (invalid_crc): New. - (radix64_read): Act on new option. - - * openfile.c (try_make_homedir): Klaus Singvogel fixed a stupid - error introduced on Sep 6th. - -2000-10-18 Werner Koch - - * misc.c (print_cipher_algo_note): Don't print the note for AES. - Changed wording. - -2000-10-16 Werner Koch - - * mainproc.c (do_proc_packets): Hack to fix the problem that - signatures are not detected when there is a MDC packet but no - compression packet. - - * g10.c (print_hashline): New. - (print_mds): Use above func with --with-colons. - - * mainproc.c (check_sig_and_print): Detect multiple signatures - and don't verify them. - -2000-10-14 Werner Koch - - * mainproc.c (add_onepass_sig): There is an easier solution to the - error fixed yesterday; just check that we only have onepass - packets. However, the other solution provides an cleaner - interface and opens the path to get access to other information - from the armore headers. - (release_list): Reset some more variables. - -2000-10-13 Werner Koch - - * mainproc.c (add_gpg_control): New. - (do_proc_packets): use it. - (proc_plaintext): Changed logic to detect clearsigns. - (proc_tree): Check the cleartext sig with some new code. - - * packet.h: New packet PKT_GPG_CONTROL. - * parse-packet.c (parse_gpg_control): New. - * misc.c (get_session_marker): New. - * armor.c (armor_filter): Replaced the faked 1-pass packet by the - new control packet. - - * keyedit.c (keyedit_menu): Allow batchmode with a command_fd. - * status.c (my_read): New. - (do_get_from_fd): use it. - -2000-10-12 Werner Koch - - * keygen.c (keygen_add_std_prefs): Add Rijndael to the prefs. - -2000-10-07 Werner Koch - - * gpgv.c: Add more stubs for ununsed code to make the binary smaller. - -Wed Oct 4 15:50:18 CEST 2000 Werner Koch - - * sign.c (hash_for): New arg to take packet version in account, changed - call callers. - - * gpgv.c: New. - * Makefile.am: Rearranged source files so that gpgv can be build with - at least files as possible. - -Mon Sep 18 12:13:52 CEST 2000 Werner Koch - - * hkp.c (not_implemented): Print a notice for W32 - -Fri Sep 15 18:40:36 CEST 2000 Werner Koch - - * keygen.c (keygen_add_std_prefs): Changed order of preferences to - twofish, cast5, blowfish. - - * pkclist.c (algo_available): Removed hack to disable Twofish. - -Thu Sep 14 17:45:11 CEST 2000 Werner Koch - - * parse-packet.c (dump_sig_subpkt): Dump key flags. Print special - warning in case of faked ARRs. - - * getkey.c (finsih_lookup): Hack so that for v4 RSA keys the subkey - is used for encryption. - -Thu Sep 14 14:20:38 CEST 2000 Werner Koch - - * g10.c (main): Default S2K algorithms are now SHA1 and CAST5 - this - should solve a lot of compatibility problems with other OpenPGP - apps because those algorithms are SHOULD and not optional. The old - way to force it was by using the --openpgp option whith the drawback - that this would disable a couple of workarounds for PGP. - - * g10.c (main): Don't set --quite along with --no-tty. By Frank Tobin. - - * misc.c (disable_core_dump): Don't display a warning here but a return - a status value and ... - * g10.c (main): ...print warnining here. Suggested by Sam Roberts. - -Wed Sep 13 18:12:34 CEST 2000 Werner Koch - - * keyedit.c (keyedit_menu): Allow to use "debug" on the secret key. - - * ringedit.c (cmp_seckey): Fix for v4 RSA keys. - * seckey-cert.c (do_check): Workaround for PGP 7 bug. - -Wed Sep 6 17:55:47 CEST 2000 Werner Koch - - * misc.c (print_pubkey_algo_note): Do not print the RSA notice. - * sig-check.c (do_signature_check): Do not emit the RSA status message. - * pubkey-enc.c (get_session_key): Ditto. - - * encode.c (encode_simple, encode_crypt): Fix for large files. - * sign.c (sign_file): Ditto. - -Wed Sep 6 14:59:09 CEST 2000 Werner Koch - - * passphrase.c (hash_passphrase): Removed funny assert. Reported by - David Mathog. - - * openfile.c (try_make_homedir): Changes for non-Posix systems. - * g10.c (main): Take the default homedir from macro. - - * g10.c: The --trusted-key option is back. - * trustdb.c (verify_own_key): Handle this option. - (add_ultimate_key): Moved stuff from verify_own_key to this new func. - (register_trusted_key): New. - -Fri Aug 25 16:05:38 CEST 2000 Werner Koch - - * parse-packet.c (dump_sig_subpkt): Print info about the ARR. - - * openfile.c (overwrite_filep): Always return okay if the file is - called /dev/null. - (make_outfile_name): Add ".sign" to the list of know extensions. - (open_sigfile): Ditto. - -Wed Aug 23 19:52:51 CEST 2000 Werner Koch - - * g10.c: New option --allow-freeform-uid. By Jeroen C. van Gelderen. - * keygen.c (ask_user_id): Implemented here. - -Fri Aug 4 14:23:05 CEST 2000 Werner Koch - - * status.c (do_get_from_fd): Ooops, we used fd instead of opt.command_fd. - Thanks to Michael Tokarev. - -Tue Aug 1 20:06:23 CEST 2000 Werner Koch - - * g10.c: New opttion --try-all-secrets on suggestion from Matthias Urlichs. - * pubkey-enc.c (get_session_key): Quite easy to implement here. - -Thu Jul 27 17:33:04 CEST 2000 Werner Koch - - * g10.c: New option --merge-only. Suggested by Brendan O'Dea. - * import.c (import_one): Implemented it here - (import_secret_one): Ditto. - (print_stats): and give some stats. - -Thu Jul 27 12:01:00 CEST 2000 Werner Koch - - * g10.c: New options --show-session-key and --override-session-key - * pubkey-enc.c (hextobyte): New. - (get_override_session_key): New. - * mainproc.c (proc_pubkey_enc): Add session-key stuff. - * status.h, status.c (STATUS_SESSION_KEY): New. - -Thu Jul 27 10:02:38 CEST 2000 Werner Koch - - * g10.c (main): Use setmode(O_BINARY) for MSDOS while generating random bytes - (print_mds): Likewise for stdin. - * plaintext.c (handle_plaintext): Likewise for stdout. - -Mon Jul 24 10:30:17 CEST 2000 Werner Koch - - * keyedit.c (menu_expire): expire date for primary key can be set again. - -Wed Jul 19 11:26:43 CEST 2000 Werner Koch - - * keylist.c (is_uid_valid): New. - (list_keyblock): Print validity information for all user IDs. Note, this - has to be done at other places too; for now we have only minimal support. - -Wed Jul 12 13:32:06 CEST 2000 Werner Koch - - * helptext.c, pkclist.c: s/superseeded/superseded/ - -Mon Jul 10 16:08:57 CEST 2000 Werner Koch - - * parse-packet.c (enum_sig_subpkt): Fixed testing on crtitical bit in case - of a NULL buffer. Reported by Peter Marschall. - -Wed Jul 5 13:28:45 CEST 2000 Werner Koch - - * keyedit.c, keyid.c: Add some _() - - * argparse.c: Changed the flag to suppress --version handling to also - suppress --help. - -Wed Jun 28 11:54:44 CEST 2000 Werner Koch - - * armor.c (armor_filter): Set sigclass to 0 in case of non-dash-escaped - clearsig. This makes this mode work again. - - * mainproc.c (proc_tree): Fixed handling of one-pass-sig packets in textmode. - Disabled the ugly workaround for PGP 5 - let's see whether thi breaks less - cases. Found by Ted Cabeen. - - * options.h (DBG_HASHING): New. All commented md_start_debug are now - controlled by this debug option. - - * sign.c (print_status_sig_created): New and called from 2 places. - - * keygen.c (gen_rsa): New, but commented. - (ask_algo): Commented support for RSA. - - * seckey-cert.c (protect_secret_key): Started to fix the code for v4 RSA - keys - it is not solved yet. However, we have time until, Sep 20th ;) - -Wed Jun 14 12:27:09 CEST 2000 Werner Koch - - * status.c (init_shm_coprocessing): Changed the sequence of the get,attach - to cope with the changes in newer Linux kernels. This bug has been found - by who also proposed this solution. Hopefully - this does not break gpg on to many systems. - - * cipher.c (write_header): Protect the IV with the MDC too. - * encr-data.c (decrypt_data): Likewise. - -Fri Jun 9 10:09:52 CEST 2000 Werner Koch - - * g10.c: New options --no-auto-key-retrieve - * options.h (auto_key_retrieve): New. - * mainproc.c (check_sig_and_print): Implemented that. - -Wed Jun 7 19:19:09 CEST 2000 Werner Koch - - * sig-check.c (do_check): Use EMULATE_MDENCODE also on v4 packets. - -Wed Jun 7 17:25:38 CEST 2000 Werner Koch - - * cipher.c (write_header): Use plain CFB mode for MDC encrypted packets. - * encr-data.c (decrypt_data): Ditto. - -Mon Jun 5 23:41:54 CEST 2000 Werner Koch - - * seskey.c (do_encode_md, encode_md_value): Add new arg v3compathack to work - around a bug in old versions. - * sig-check.c (do_check): use the aboved workaround when enabled. - * g10.c: New option --emulate-md-decode-bug - -Mon Jun 5 12:37:43 CEST 2000 Werner Koch - - * build-packet.c (do_mdc): New. - (do_encrypted_mdc): Changed for the new proposal. - * parse-packet.c (parse_mdc): New. - (parse_encrypted): Fixed for the new proposal. - * packet.h (PKT_MDC): New. - * cipher.c (cipher_filter): Build the MDC packet here. - * g10.c (main): Enable --force-mdc. - * encr-data.c (mdc_decode_filter): Fixed for new MDC method - - * options.h(rfc2440): New. - * g10.c (main): Changed the selected values for --openpgp to not include - optional algorithms. - -Thu May 18 11:38:54 CEST 2000 Werner Koch - - * keyedit.c (keyedit_menu): Add a keyword arg to the prompt. - - * status.c, status.h: Added 3 new status tokens. - * status.c (do_get_from_fd): New. - (cpr_enabled,cpr_get,cpr_get_hidden,cpr_kill_prompt, - cpr_get_answer_is_yes,cpr_get_answer_yes_no_quit): Modified to work - with the new function. - * g10.c: Add new option --command-fd. - - * status.c (progress_cb): New. - (set_status_fd): Register progress functions - -Fri May 12 14:01:20 CEST 2000 Werner Koch - - * delkey.c (delete_key): Add 2 new status messages - * status.c, status.h (STATUS_DELETE_PROBLEM): New. - - Fixed years of copyright in all source files. - -Mon May 1 17:08:14 CEST 2000 Werner Koch - - * trustdb.c (propagate_validity): Fixed the bug that only one uid - gets fully trusted even when all are signed by an ultimate key. - -Mon May 1 15:38:04 CEST 2000 Werner Koch - - * getkey.c (key_byname): Always returned a defined context. Fixed - a segv for invalid user id specifications. Reported by Walter Koch. - - * getkey.c (get_user_id): I18ned "no user id" string. By Walter. - - * pkclist.c (do_show_revocation_reason): Typo fixes. - * helptext.c: Ditto. - - * armor.c (armor_filter): Fixed some CRLF issues. By Mike McEwan. - -Fri Apr 14 19:37:08 CEST 2000 Werner Koch - - * pkclist.c (do_show_revocation_reason): New. - (show_revocation_reason): New and called at various places. - - * g10.c (main): Fixed small typo. - - * pkclist.c (do_we_trust): Act on always_trust but not for revoked - keys. Suggested by Chip Salzenberg. - - * g10.c: New option --lock-never. - - * ringedit.c (get_writable_keyblock_file): New. - * keygen.c (do_generate_keypair): Use this instead of the hardwired one. - - * keygen.c (ask_user_id): Check that the email address is in the - correct field. Suggested by Christian Kurz. - -Mon Apr 10 13:34:19 CEST 2000 Werner Koch - - * keyedit.c (show_key_with_all_names): s/sbb/ssb/ - -Tue Mar 28 14:26:58 CEST 2000 Werner Koch - - * trustdb.c (verify_own_keys): Do not print warning about unprotected - key when in quiet mode. - -Wed Mar 22 13:50:24 CET 2000 Werner Koch - - * mainproc.c (print_userid): Do UTF8 conversion before printing. - * import.c (import_one): Ditto. - (import_secret_one): Ditto. - (delete_inv_parts): Ditto. - -Thu Mar 16 16:20:23 CET 2000 Werner Koch - - * keylist.c (print_key_data): Handle a NULL pk gracefully. - - * getkey.c (merge_one_pk_and_selfsig): Fixed silly code for - getting the primary keys keyID but kept using the one from the - subkey. - * pubkey-enc.c (get_it): Print a note for expired subkeys. - - * getkey.c (has_expired): New. - (subkeys_expiretime): New. - (finish_lookup): Check for expired subkeys needed for encryption. - (merge_keys_and_selfsig): Fixed expiration date merging for subkeys. - - * keylist.c (list_keyblock): Print expiration time for "sub". - (list_one): Add missing merging for public keys. - * mainproc.c (list_node): Ditto. - -2000-03-14 13:49:38 Werner Koch (wk@habibti.openit.de) - - * keygen.c (keyedit_menu): Do not allow to use certain commands - while the secret key is selected. - -2000-03-09 12:53:09 Werner Koch (wk@habibti.openit.de) - - * keygen.c (ask_expire_interval): Movede parsig to ... - (parse_expire_string): ... this new function. And some new control - commands. - (proc_parameter_file): Add expire date parsing. - (do_generate_keypair): Allow the use of specified output files. - -2000-03-08 10:38:38 Werner Koch (wk@habibti.openit.de) - - * keygen.c (ask_algo): Removed is_v4 return value and the commented - code to create Elg keys in a v3 packet. Removed the rounding - of key sizes here. - (do_create): Likewise removed arg v4_packet. - (gen_elg): Likewise removed arg version. Now rounding keysizes here. - (gen_dsa): Rounding keysize now here. - (release_parameter_list): New - (get_parameter*): New. - (proc_parameter_file): New. - (read_parameter_file): New. - (generate_keypair): Splitted. Now uses read_parameter_file when in - batch mode. Additional argument to specify a parameter file. - (do_generate_keypair): Main bulk of above fucntion and uses the - parameter list. - (do_create): Don't print long notice in batch mode. - * g10.c (main): Allow batched key generation. - -Thu Mar 2 15:37:46 CET 2000 Werner Koch - - * pubkey-enc.c (get_it): Print a note about unknown cipher algos. - - * g10.c (opts): Add a note to the help listing about the man page - and removed some options from the help listing. - - * keyedit.c (print_and_check_one_sig): Use a new function to truncate - the output of the user ID. Suggested by Jan-Benedict Glaw. - -Wed Feb 23 10:07:57 CET 2000 Werner Koch - - * helptext.c: typo fix. - -Thu Feb 17 13:39:32 CET 2000 Werner Koch - - * revoke.c: Removed a bunch of commented code. - - * packet.h (SIGSUBPKT_REVOC_REASON): New. - * build-packet.c (build_sig_subpkt): Support new sub packet. - * parse-packet.c (parse_one_sig_subpkt): Ditto. - (dump_sig_subpkt): Ditto. - * revoke.c (ask_revocation_reason): New. - (release_revocation_reason_info): New. - (revocation_reason_build_cb): New. - (gen_revoke): Ask for reason. - * main.h (struct revocation_reason_info): Add declaration. - * keyedit.c (menu_revsig): Add support for revocation reason. - (menu_revkey): Ditto. - (sign_uid_mk_attrib): Renamed to ... - (sign_mk_attrib): ... this, made static and add support for reasons. - -Tue Feb 15 08:48:13 CET 2000 Werner Koch - - * build-packet.c (build_packet): Fixed fixing of old comment packets. - - * import.c (import_keys): Fixed importing from stdin when called with - nnames set to zero as it normally happens. - -Mon Feb 14 14:30:20 CET 2000 Werner Koch - - * sig-check.c (check_key_signature2): Add new arg r_expired. - (do_signature_check): New arg to pass it down to ... - (do_check): New arg r-expire which is set when the signature - has expired. - * trustdb.c (check_sig_record): Set SIGF_EXPIRED flag and set - the expiretime to zero so that thi signature will not be checked - anymore. - -Fri Feb 11 17:44:40 CET 2000 Werner Koch - - * g10.c (g10_exit): Update the random seed_file. - (main): Set the random seed file. New option --no-random-seed-file. - -Thu Feb 10 17:39:44 CET 2000 Werner Koch - - * keyedit.c (menu_expire): Fixed segv due to unitialized sub_pk. - By Rémi. - -Thu Feb 10 11:39:41 CET 2000 Werner Koch - - * keylist.c (list_keyblock): Don't print warnings in the middle of - regulat output lines. By Rémi. - - * sig-check.c: Include options.h - -Wed Feb 9 15:33:44 CET 2000 Werner Koch - - * gpg.c: New option --ignore-time-conflict - * sig-check.c (do_check): Implemented this option. - * trustdb.c (check_trust): Ditto. - * sign.c (do_sign): Ditto. - * keygen.c (generate_subkeypair): Ditto. - - * encode.c (encode_simple): use iobuf_cancel after open failure. - Reported by Huy Le. - -Fri Jan 14 18:32:01 CET 2000 Werner Koch - - * packet.h (STRING2KEY): Changed mode from byte to int. - * parse-packet.c (parse_key): Add the special GNU protection stuff - * build-packet.c (so_secret_key): Ditto. - * seckey-cert.c (do_check): Ditto. - * keyedit.c (change_passphrase): Ditto. - * export.c (export_secsubkeys): New. - (do_export_stream): Hack to export the primary key using mode 1001. - * g10.c: New command --export-secret-subkeys - -Thu Jan 13 19:31:58 CET 2000 Werner Koch - - * armor.c (is_armored): Check for 1-pass-sig packets. Reported by - David Hallinan . - (armor_filter): Replaced one LF by the LF macro. Reported by - Wolfgang Redtenbacher. - -Wed Jan 5 11:51:17 CET 2000 Werner Koch - - * g10.c (main): Reset new global flag opt.pgp2_workarounds - when --openpgp is used. - * mainproc.c (proc_plaintext): Do the PGP2,5 workarounds only - when the global flag is set. - (proc_tree): Ditto. - * textfilter.c (copy_clearsig_text): Ditto. - * armor.c (armor_filter): Ditto. - - * g10.c: New option --list-only - * mainproc.c (proc_tree): Don't do it if opt.list_only is active. - (proc_pubkey_enc): Implement option. - - * status.h, status.c ({BEGIN,END}_{EN,DE}CRYPTION): New. - * cipher.c (cipher_filter): New status outputs. - * mainproc.c (proc_encrypted): New status outputs. - -Fri Dec 31 14:08:15 CET 1999 Werner Koch - - * armor.c (armor_filter): Made the "Comment:" header translatable. - - * hkp.c (hkp_import): Make sure that the program does not return - success when there is a connection problem. Reported by Phillip Jones. - -Sun Dec 19 15:22:26 CET 1999 Werner Koch - - * armor.c (LF): Use this new macro at all places where a line LF - is needed. This way DOSish textfiles should be created when the - input data is also in dos mode. - * sign.c (LF): Ditto. - * textfilter.c (LF): Ditto. - (copy_clearsig_text): Disabled the forcing of CR,LF sequences - for DOS systems. - - * plaintext.c (handle_plaintext): Fixes for line endings on DOS. - and react on a LF in cleartext. - * armor.c (fake_packet): Restore the original line ending after - removing trailing spaces. - - * signal.c (got_fatal_signal): DOS fix. - -Thu Dec 16 10:07:58 CET 1999 Werner Koch - - * mainproc.c (print_failed_pkenc): Fix for unknown algorithm. - Found by fygrave@epr0.org. - -Thu Dec 9 10:31:05 CET 1999 Werner Koch - - * hkp.c: i18n the strings. - -Sat Dec 4 15:32:20 CET 1999 Werner Koch - - * trustdb.c (verify_key): Shortcut for ultimately trusted keys. - -Sat Dec 4 12:30:28 CET 1999 Werner Koch - - * pkclist.c (build_pk_list): Validate the trust using the namehash - if this one has been set by the key lookup. - - * g10.c: Add --delete-secret-key to the help page. - - * openfile.c (copy_options_file): Made static. - (try_make_homedir): New. - * ringedit.c (add_keyblock_resource): Use the try_make_hoemdir logic. - * tdbio.c (tdbio_set_dbname): Likewise. - - * keygen.c (generate_user_id): Use m_alloc_clear() here. We should - better use an allocation function specific to the user_id packet. - - * keygen.c (keygen_add_std_prefs): Changed symmetric preferences - to include Blowfish again. This is due to it's better speed compared - to CAST5. - - * g10.c (strusage): Print the home directory. - - * armor.c (armor_filter): Take action on the cancel control msg. - * filter.h (armor_filter_context_t): Add cancel flag. - -Mon Nov 29 21:52:11 CET 1999 Werner Koch - - * g10.c: New option --fast-list-mode .. - * keylist.c (list_keyblock): .. and implemented. - * mainproc.c (list_node): Ditto. - - * import.c (mark_non_selfsigned_uids_valid): Fixed the case that there - is a uid without any packet following. - -Mon Nov 22 11:14:53 CET 1999 Werner Koch - - * mainproc.c (proc_plaintext): Never enable the hash processing - when skip_verify is active. - - * armor.c (parse_header_line): Stop parsing on a WS line too. - Suggested by Aric Cyr. - - * tdbdump.c (HEXTOBIN): Changed the name of the argument, so that - traditional cpp don't mess up the macros. Suggested by Jos Backus. - - * mainproc.c (list_node): Print the PK algo in the --with-colon mode. - * keylist.c (list_keyblock): Ditto. - - * signal.c (got_fatal_signal): Found the reason why exit(8) did not - work - it is better to set the disposition back to default before - raising the signal. Print the notice on stderr always. - -Fri Nov 12 20:33:19 CET 1999 Werner Koch - - * g10.c (make_username): Swapped the logic. - * keylist.c (public_key_list): Now takes a STRLIST as arg and moved - the creation ot this list to the caller, so that he can copy with - UTF-conversion of user IDs. Changed all callers. - (secret_key_list): Likewise. - - * getkey.c (get_user_id_string_native): New and ... - * encode.c (write_pubkey_enc_from_list): ... use it here. - - * pubring.asc: Updated. - - * packet.h (PKT_PHOTO_ID): New. - * parse-packet.c (parse_photo_id): New. - * build-packet.c (do_user_id: Handle photo IDs. - (build_packet): Change CTB for photo IDs - * free-packet.c (free_user_id): Release memory used for photo IDs - * sig-check.c (hash_uid_node): Handle photo IDs too. - * trustdb.c (print_uid_from_keyblock): Hash photo ID. - (make_uid_records): Ditto. - * getkey.c (find_by_name): Ditto. - * keyedit.c (show_prefs): Ditto. - * keylist.c (list_keyblock): Ditto. - -Thu Oct 28 16:08:20 CEST 1999 Werner Koch - - * keygen.c (ask_expire_interval): Print a warning for systems - with a signed 32 time_t if the exiration time is beyoind 2038. - -Fri Oct 8 20:40:50 CEST 1999 Werner Koch - - * ringedit.c (enum_keyblocks): The last fix way really stupid; - reverted and set rt to Unknown. - -Fri Oct 8 20:32:01 CEST 1999 Werner Koch - - * ringedit.c (enum_keyblocks): Zero the entire kbpos out on open. - - * g10.c (oEntropyDLL): Removed option. - (main): Made the warning on development versions more verbose. - - * g10.c (oHonorHttpProxy): New option. - * hkp.c (hkp_ask_import,hkp_export): Implement this option. - * options.skel: Enable this option for new installations - -Mon Oct 4 21:23:04 CEST 1999 Werner Koch - - * import.c (import_keys): Changed calling interface, adjusted caller. - (import): Moved printing of stats out ... - (print_stats): New. ... to here. - (import_keys_stream): Call stats print here. - (import_keys): Print stats as totals for all files. - - * tdbio.h (DIRF_NEWKEYS): New - * tdbio.c (tdbio_dump_record): Print the new flag. - * trustdb.c (check_trust_record): New arg sigs_only. Adapted all - callers. - (do_update_trust_record): Removed recheck arg and add a new sigs_only - do we can later improve on the performance. Changed all callers too. - (check_trustdb): Evalutate the new flag and add a status output. - Do a check when the dir record has not been checked. - (build_cert_tree): Evaluate the new flag. - (check_trust): Ditto. Do a trust_record check, when the dir record - is not marked as checked. - (mark_fresh_keys): New. - (clear_lid_table): New. - (sync_trustdb): New. - * import.c (import_keys): Call sync_trustdb() after processing. - (import_keys_stream): Ditto. - * tdbdump.c (import_ownertrust): Ditto. - - * import.c (import_revoke_cert): Notify the trust DB. - (do_update_trust_record): Use |= to set the REVOKED bit and not &=; - shame on me for this bad copy+paste introduced bug. - (do_we_trust): Add trustmask to allow revoked key override to work. - Chnaged are to allow return of a mofified trustlevel. Adapted the - one caller. - - * g10.c: New options --emulate-3des-s2k-bug - * passphrase.c (hash_passphrase): Implemented above. - - * mainproc.c (proc_tree): Check for standalone signatures. - (do_check_sig): Print a notice for a standalone revocation - (check_sig_and_print): Do not print an error for unchecked standalone - revocations. - -Tue Sep 28 20:54:37 CEST 1999 Werner Koch - - * encode.c (encode_simple): Use new CTB when we don't have the - length of the file. This is somewhat strange as the comment above - indicates that this part is actually fixed for PGP 5 - maybe I simply - lost the source line, tsss. - - * armor.c (armor_filter): Set a flag if no OpenPGP data has been found. - * verify.c (verify_signatures): Add an error helptext. - -Thu Sep 23 19:24:30 CEST 1999 Werner Koch - - * openfile.c (open_outfile): Fixed the 8dot3 handling. - - * passphrase.c (passphrase_to_dek): Print uid using utf8 func. - * delkey.c (delete_key): Ditto. - * pkclist.c (show_paths,do_edit_ownertrust,do_we_trust): Ditto - (do_we_trust_pre): Ditto. - * trustdb.c (print_user_id,check_uidsigs): Ditto. - * revoke.c (gen_revoke,ask_revoke_sig): Ditto. - -Thu Sep 23 09:52:58 CEST 1999 Werner Koch - - * verify.c (print_file_status): New. - (verify_one_file): Moved status print to th new fnc. Add error status. - * status.c, status.h (STATUS_FILE_ERROR): New - -Wed Sep 22 10:14:17 CEST 1999 Werner Koch - - * openfile.c (make_outfile_name): Use case-insenstive compare for - DOS systems. Add ".pgp" to the list of know extensions. - (open_outfile): For DOS systems try to replace the suffiy instead of - appending it. - - * status.c, status.h: Add STATUS_FILE_{START,DONE}. - * verify.c (verify_one_file): Emit these new stati. - - * sign.c (clearsign_file): Avoid duplicated Entries in the "Hash:" - line. Those headers are now only _not_ printed when there are - only old-style keys _and_ all hashs are MD5. - -Mon Sep 20 12:24:41 CEST 1999 Werner Koch - - - * verify.c (verify_files, ferify_one_file): New. - * g10.c: New command --verify-files - -Fri Sep 17 12:56:42 CEST 1999 Werner Koch - - * g10.c: Add UK spelling as alias for armor options ;-) - - * import.c (append_uid): Fixed a SEGV when there is no selfsig and - no subkey. - (merge_sigs): Ditto. Removed the assertion. - -Wed Sep 15 16:22:17 CEST 1999 Werner Koch - - * g10.c: New option --entropy-dll-name - -Mon Sep 13 10:51:29 CEST 1999 Werner Koch - - * signal.c (got_fatal_signal): Print message using write(2) and - only for development versions. - -Mon Sep 6 19:59:08 CEST 1999 Werner Koch - - * tdbio.c (tdbio_set_dbname): Use mkdir macro - * ringedit.c (add_keyblock_resource): Ditto. - -Fri Sep 3 10:04:45 CEST 1999 Werner Koch - - * pkclist.c (build_pk_list): Skip keys set with --encrypt-to also - when asking for a key. - - * plaintext.c (handle_plaintext): Make sure that we don't read a - second EOF in the read loop for partial length packets. - - * mainproc.c (check_sig_and_print): print user ID as utf-8. - -Thu Sep 2 16:40:55 CEST 1999 Werner Koch - - * import.c (merge_blocks): First add new subkeys, then merge subkey - certificates. - (merge_sigs): Don't merge subkey signatures here. - -Wed Sep 1 15:30:44 CEST 1999 Werner Koch - - * keygen.c (ask_expire_interval): Fixed bug related to cpr_xx (tnx - Francis J. Lacoste). - -Tue Aug 31 17:20:44 CEST 1999 Werner Koch - - * plaintext.c (do_hash): Hash CR,LF for a single CR. - (ask_for_detached_datafile): Changed arguments to be closer to - those of hash_datafiles and cleanup the code a bit. - * mainproc.c (proc_tree): Workaround for pgp5 textmode detached - signatures. Changed behavior of asking for data file to be the same - as with provided data files. - - * keylist.c (list_keyblock): Use UTF8 print functions. - -Mon Aug 30 20:38:33 CEST 1999 Werner Koch - - * import.c (chk_self_sigs): some s/log_error/log_info/ so that gpg - does not return an error if a key has some invalid packets. - - * helptext.c: Fixed some typos and changed the way the - translation works. The english text is now the keyword for gettext - and not anymore the keyword supplied to the function. Done after - some discussion with Walter who thinks this is much easier for the - translators. - - * misc.c (disable_core_dumps): Don't do it for DOSish systems. - - * signal.c (signal_name): Bounds check on signum. - -Wed Aug 4 10:34:18 CEST 1999 Werner Koch - - * pubring.asc: Updated. - - * pkclist.c (do_we_trust_pre,check_signatures_trust): Do not print - the warning about --always_trust when --quiet is used. - - * pkclist.c (fpr_info): New and called at several places. - - * parse-packet.c (dump_sig_subpkt): List revocation key contents. - -Mon Jul 26 09:34:46 CEST 1999 Werner Koch - - * pkclist.c (build_pk_list): Fixed typo in format string. - - * trustdb.c (create_shadow_dir): Don't translate the error string. - - * g10.c (main): Fixed spelling of user-id. - * getkey.c (find_by_name_pk,find_by_name_sk, - find_by_keyid,find_by_keyid_sk): Ditto and translate it. - * import.c (mark_non_selfsigned_uids_valid,delete_inv_parts): Ditto. - - -Mon Jul 26 01:01:39 CEST 1999 Michael Roth - - * g10.c, options.h: New options --no-literal and --set-filesize - - * encode.c (encode_simple, encode_crypt): Support for the options - --no-literal and --set-filesize. - - * sign.c (sign_file): ditto. - -Fri Jul 23 13:53:03 CEST 1999 Werner Koch - - - * ringedit.c (enum_keyblocks): Removed annoying error message in cases - when we have no keyring at all to enum. - - * getkey.c (classify_user_id): Rewrote to relax the recognition of - keyIDs and fingerprints (Michael). - - * mainproc.c (check_sig_and_print): Print status NO_PUBKEY. - (print_failed_pkenc): Print status NO_SECKEY. - - * import.c (mark_non_selfsigned_uids_valid): New. - * g10.c: New option --allow-non-selfsigned-uid. - - * pkclist.c (print_fpr): New. - (do_we_trust_pre): Print the fpr before asking whether to use the key - anyway. - (do_edit_ownertrust): Likewise. - -Thu Jul 22 20:03:03 CEST 1999 Werner Koch - - - * ringedit.c (enum_keyblocks): Removed annoying error message in cases - when we have no keyring at all to enum. - - * getkey.c (classify_user_id): Rewrote to relax the recognition of - keyIDs and fingerprints (Michael). - - * mainproc.c (check_sig_and_print): Print status NO_PUBKEY. - (print_failed_pkenc): Print status NO_SECKEY. - - * import.c (mark_non_selfsigned_uids_valid): New. - * g10.c: New option --allow-non-selfsigned-uid. - -Thu Jul 15 10:15:35 CEST 1999 Werner Koch - - * g10.c: New options --disable-{cipher,pubkey}-algo. - -Wed Jul 14 19:42:08 CEST 1999 Werner Koch - - * status.h (STATUS_IMPORTED): New. - * import.c (import): Print some status information (Holger Schurig). - - * g10.c (main): Make --no-greeting work again. Add a warning when - --force-mds is used. - -Tue Jul 13 17:39:25 CEST 1999 Werner Koch - - * pkclist.c (do_edit_ownertrust): Changed the way help works. - (build_pk_list): Implemented default recipient stuff. - * g10.c: New options --default-recipient[-self] - (main): Suppress greeting in most cases, entering a passphrase or - a missing value is not considered to be interactive use. - Merged --print-md and --print-mds; the latter is now obsolete. - Changed the way --gen-random works and documented it. - Changed the way --gen-prime works and add a man entry. - * g10.c (MAINTAINER_OPTIONS): Removed. - -Mon Jul 12 18:45:57 CEST 1999 Werner Koch - - * keyedit.c (keyedit_menu): Add arg sign_mode and changed callers - * g10.c (main): New command --lsign-key. - -Mon Jul 12 14:55:34 CEST 1999 Werner Koch - - * mainproc.c (kidlist_item): New. - (release_list): Release failed pk-enc-list. - (print_failed_pkenc): New - (proc_encrypted): Print info about failed PK enc. - - * openfile.c (make_outfile_name): s/error/info/ - - * passphrase.c (passphrase_to_dek): Return an empty passphrase when - in batch mode and don't make the warning message fatal - * seckey-cert.c (check_secret_key): Try only once when in batch mode. - - * g10.c (make_username): New. - -Thu Jul 8 16:21:27 CEST 1999 Werner Koch - - - * packet.h (PKT_ring_trust): New - * parse-packet.c (parse_trust): Store trust value - * build-packet (build_packet): Ignore ring trust packets. - * mainproc.c (add_ring_trust): New. - (list_node): Print "rtv" records. - * g10.c: New option --with-fingerprint. - - * trustdb.c (verify_own_keys): Don't insert if we are dry running - (check_trust): Ditto. - -Wed Jul 7 13:08:40 CEST 1999 Werner Koch - - * Makefile.am: Support for libtool. - - * keygen.c (ask_expire_interval): Hack to allow for an expire date. - - * trustdb.c (do_update_trust_record,update_trust_record): Splitted. - (check_trust_record): New. - (check_trust,build_cert_tree): Check the dir record as needed. - (upd_pref_record): Removed. - (make_pref_record): New. - (propagate_validity): Stop as soon as we have enough validity. - - * tbdio.c (MAX_CACHE_ENTRIES_HARD): Increased the limit. - - -Fri Jul 2 11:45:54 CEST 1999 Werner Koch - - * g10.c (g10_exit): Dump random stats. - - * sig-check.c (check_key_signature,check_key_signature2): Enhanced - version and wrapper for old function. - (do_signature_check,signature_check): Ditto. - -Thu Jul 1 12:47:31 CEST 1999 Werner Koch - - - * keyedit.c (show_key_with_all_names): Print a notice for disabled keys. - (enable_disable_keys): Add functionality - * pkclist.c (edit_ownertrust): preserve disabled state. - (build_pk_list): Skip disabled keys. - * trustdb.c (upd_one_ownertrust): Ditto. - (build_cert_tree): Mask the ownertrust. - (trust_letter): Mask the value. - (do_check): Take disabled flag into account. - - * passphrase.c (passphrase_to_dek): Add a pubkey_algo arg and changed - all callers. - - * g10.c (utf8_strings): 2 new options. - - * trustdb.c (insert_trust_record_by_pk): New, replaces the next one. - (insert_trust_record): Now takes a keyblock as arg. Changed all - callers to use the appropritae function. - - * openfile.c (ask_outfile_name): New. - * plaintext.c (handle_plaintext): Ask for filename if there is - no valid syntax. Don't use fname varbatim but filter it. - -Tue Jun 29 21:44:25 CEST 1999 Werner Koch - - - * trustdb.h (TRUST_FLAG_DISABLED): New. - - * status.c (USE_CAPABILITIES): Capabilities support (Remi). - - * tdbio.c : Added new fields to the DIR record. - (tdbio_write_record): Fixed the update of the hash tables. - (tdbio_delete_record): Drop the record from the hash tables. - (drop_from_hashtbl): New. - - * status.c (cpr_get): Special online help mode. - * helptext.c ("keyedit.cmd"): Removed. - * keyedit.c (keyedit_menu): Use only help system. - (enable_disable_key): New bit doies not yet work. - -Sat Jun 26 12:15:59 CEST 1999 Werner Koch - - - * dearmor.c (enarmor_file): Fixed comment string. - * tdbdump.c (export_ownertrust): Text fix. - * tbio.c (tdbio_invalid): Ditto. - - * parse-packet.c (parse_key): Made temp buffer larger. - - * Makefile.am (install-data-local): Add missing backslashes - -Tue Jun 15 12:21:08 CEST 1999 Werner Koch - - * g10.c (main): Made iterated+salted the default S2K method. - - * Makefile.am (install-data-local): Use DESTDIR. - - * passphrase.c (passphrase_to_dek): Emit missing-passphrase while in - batchmode. - - * parse-packet.c (parse_pubkeyenc): Fixed a SEGV. - -Mon Jun 14 21:18:54 CEST 1999 Michael Roth - - * g10.c: New options --openpgp, --no-tty, --emit-version, - --default-comment and --lock-multiple - -Thu Jun 10 14:18:23 CEST 1999 Werner Koch - - * free-packet.c (free_encrypted): Fixed EOF case (Remi). - (free_plaintext): Ditto. - - * helptext.c (keyedit.delsig.unknown): New (Remi). - * keyedit.c (print_and_check_one_sig): Add arg print_without_key and - changed all callers to make use of it (Remi): - -Tue Jun 8 13:36:25 CEST 1999 Werner Koch - - * keylist.c (print_key_data): New and called elsewhere. - * g10.c: New option --with-key-data - -Wed Jun 2 14:17:19 CEST 1999 Werner Koch - - * mainproc.c (proc_tree): Yet another bad hack to cope with - broken pgp2 created detached messages in textmode. - -Tue Jun 1 16:01:46 CEST 1999 Werner Koch - - * openfile.c (make_outfile_name): New. - * plaintext.c (handle_plaintext): Outputfile is now the inputfile - without the suffix. - * g10.c: New option --use-embedded-filename - -Mon May 31 19:41:10 CEST 1999 Werner Koch - - * g10.c (main): Fix for SHM init (Michael). - - * compress.c, encr-data.c, mdfilter.c, - plaintext.c, free-packet.c: Speed patches (Rémi). - -Thu May 27 09:40:55 CEST 1999 Werner Koch - - * status.c (cpr_get_answer_yes_no_quit): New. - * keyedit.c (menu_delsig): New. - (check_all_keysigs): Splitted. - (print_and_check_one_sig): New. - -Wed May 26 14:36:29 CEST 1999 Werner Koch - - * build-packet.c (build_sig_subpkt): Support large packets. - * parse-packet.c (enum_sig_subpkt): Replaces parse_sig_subpkt. - * mainproc.c (print_notation_data): Print all notation packets. - * g10.c (add_notation_data): Add a way to specify the critical flag. - (main): Add option --set-policy-url. - (check_policy_url): Basic checks. - * sign.c (mk_notation_and_policy): Replaces mk_notation. - - * parse-packet.c (can_handle_critical): Moved decision whether we can - handle critical subpacket to an extra function. - -Tue May 25 19:50:32 CEST 1999 Werner Koch - - * sign.c (sign_file): Always use compression algo 1 for signed - onyl file becuase we can´ be sure the the verifier supports other - algorithms. - - * build-packet.c (build_sig_subpkt): Support for notation data. - * sign.c (sign_file,clearsign_file,make_keysig_packet): Ditto. - (mk_notation): New. - * g10.c (add_notation_data): New and add option -N - * mainproc.c (print_notation_data): New. - (check_sig_and_print): Print any notation data of the signed text. - -Sun May 23 14:20:22 CEST 1999 Werner Koch - - * pkclist.c (check_signatures_trust): Print a warning and return - immediateley if opt.always_trust is true. - - * g10.c (main): Corrected handling of no-default-keyring - - * pkclist.c (algo_available): Disable Twofish until we have settled - how to do the MDC. - - * hkp.c: Disable everything for mingw32 - -Sat May 22 22:47:26 CEST 1999 Werner Koch - - * mainproc.c (check_sig_and_print): Add sig creation time to the - VALIDSIG status output. Add more info to the ERRSIG output. - * sig-check.c (signature_check): Add sig time after epoch to SIG_ID. - - * import.c (import_one): Merge duplicate user IDs. - (collapse_uids): New. - * kbnode.c (move_kbnode): New. - (remove_kbnode): New. - * keyedit.c (keyedit_menu): Call collapse_uids. - - * g10.c: new option --logger-fd. - - * import.c: s/log_*_f/log_*/ - -Thu May 20 14:04:08 CEST 1999 Werner Koch - - * misc.c (pull_in_libs): do the volatile only for gcc - - * sig-check (signature_check): Emit SIG_iD only for classes 0 and 1. - - * armor.c (armor_filter): Add detection of PGP2 created clearsigs. - (fake_packet): A tab is not a WS for pgp2 - handle this. - * textfilter.c (len_without_trailing_chars): New. - (copy_clearsig_text): Add pgp2mode arg. - * sign.c (clearsign_file): pass old_style to the above fnc. - - -Wed May 19 16:04:30 CEST 1999 Werner Koch - - * g10.c: New option --interactive. - - * mainproc.c (proc_plaintext): Add workaround for pgp2 bug - (do_check_sig): Ditto. - (proc_tree): Ditto. - * plaintext.c (do_hash): Ditto. - (hash_datafiles): Ditto, add an arg, changed all callers. - * mdfilter.c (md_filter): Add support for the alternate hash context. - -Mon May 17 21:54:43 CEST 1999 Werner Koch - - * parse-packet.c (parse_encrypted): Support for PKT_ENCRYPTED_MDC. - * build-packet.c (do_encrypted_mdc): Ditto. - * cipher.c (write_header): Add mdc hashing. - (cipher_filter): write out the hash. - * mainproc.c (do_proc_packets): Add PKT_ENCRYPTED_MDC. - * encr-data.c (decrypt_data): Add mdc hashing. - (mdc_decode_filter): New. - - * parse-packet.c (parse_sig_subpkt): Fixed stupid bug for subpkt - length calculation - (parse_signature): Fixed even more stupid bug. - -Sat May 8 19:28:08 CEST 1999 Werner Koch - - * build-packet.c (do_signature): Removed MDC hack. - * encode.c (encode_crypt_mdc): Removed. - * mainproc.c (do_check_sig): Removed MDC hack. - (check_sig_and_print): Ditto. - * parse-packet.c (parse_signature): Ditto. - * sig-check.c (mdc_kludge_check): Ditto. - * free-packte.c (copy_signature, free_seckey_enc): Ditto. - - * parse-packet.c (parse_signature,parse_key): Store data of - unknown algorithms with mpi_set_opaque inseatd of the old - faked data stuff. - (read_rest): Removed. - (read_rest2): Renamed to read_rest - * build-packet.c (write_fake_data): Use mpi_get_opaque. - * free-packet.c (cp_fake_data): Removed and cahnged all callers - to use mpi_copy. - (free_pubkey_enc,free_seckey_enc,release_public_key_parts, - release_secret_key_parts): Use mpi_free for opaque data. - -Thu May 6 14:18:17 CEST 1999 Werner Koch - - * trustdb.c (check_trust): Check for revoked subkeys. - * pkclist.c (do_we_trust): Handled revoked subkeys. - (do_we_trust_pre): Ditto. - (check_signatures_trust): Ditto. - - * build-packet.c (hash_public_key): Fix for ancient g10 keys. - - * mainproc.c (do_proc_packets): Return EOF if no data has been read. - * g10.c (main): Catch errors for default operation. - -Thu Apr 29 12:29:22 CEST 1999 Werner Koch - - * sign.c (sign_file): Fixed hashing in case of no subpackets. - (clearsign_file): Ditto. - (make_keysig_packet): Ditto. - -Wed Apr 28 13:03:03 CEST 1999 Werner Koch - - * keyedit.c (keyedit_menu): Add new command revkey. - * (menu_revkey): New. - - -Mon Apr 26 17:48:15 CEST 1999 Werner Koch - - * parse-packet.c (parse_signature): Add the MDC hack. - * build-packet.c (do_signature): Ditto. - * free-packet.c (free_seckey_enc,copy_signature,cmp_signatures): Ditto. - * mainproc.c (do_check_sig): Ditto. - * sig-check.c (mdc_kludge_check): New. - * encode.c (encrypt_mdc_file): New. - - * keyedit.c (check_all_keysigs): List revocations. - * (menu_revsig): New. - * sign (make_keysig_packet): Support for class 0x30. - -Sun Apr 18 20:48:15 CEST 1999 Werner Koch - - * pkclist.c (select_algo_from_prefs): Fixed the case that one key - has no preferences (Remi Guyomarch). - - keylist.c (list_keyblock): ulti_hack to propagate trust to all uids. - -Sun Apr 18 10:11:28 CEST 1999 Werner Koch - - * seckey-cert.c (do_check): Use real IV instead of a 0 one, so that - it works even if the length of the IV doesn't match the blocksize. - Removed the save_iv stuff. - (protect_secret_key): Likewise. Create the IV here. - * packet.h (PKT_secret_key): Increased size of IV field and add a - ivlen field. - * parse-packet.c (parse_key): Use the len protect.ivlen. - * build-packet.c (do_secret_key). Ditto. - - * getkey.c (key_byname): Close keyblocks. - - * Makefile.am (gpgm): Removed this - * g10.c: Merged gpg and gpgm - - * import.c (import): Utilize option quiet. - * tdbio.c (tdbio_set_dbname): Ditto. - * ringedit.c (add_keyblock_resource,keyring_copy): Ditto. - - * keyedit.c (sign_uids): Add some batch support. - - * g10.c (main): add call to tty_batchmode. - -Fri Apr 9 12:26:25 CEST 1999 Werner Koch - - * status.c (write_status_text): Some more status codes. - * passphrase_to_dek (passphrase_to_dek): add a status code. - * seckey_cert.c (check_secret_key): Likewise. - - * encr-data.c (decrypt_data): Reverse the last changes - * cipher.c (write_header): Ditto. - - * parse-packet.c (parse_key): Dropped kludge for ancient blowfish mode. - -Thu Apr 8 09:35:53 CEST 1999 Werner Koch - - * mainproc.c (proc_encrypted): Add a new status output - * passphrase.c (passphrase_to_dek): Ditto. - * status.h status.c: Add new status tokens. - -Wed Apr 7 20:51:39 CEST 1999 Werner Koch - - * encr-data.c (decrypt_data): Fixes for 128 bit blocksize - * cipher.c (write_header): Ditto. - * seckey-cert.c (do_check): Ditto. - (protect_secret_key). Ditto. - * misc.c (print_cipher_algo_note): Twofish is now a standard algo. - - * keygen.c (do_create): Fixed spelling (Gaël Quéri) - (ask_keysize): Only allow keysizes up to 4096 - - * ringedit.c (add_keyblock_resource): chmod newly created secrings. - - * import.c (delete_inv_parts): Fixed accidently deleted subkeys. - -Tue Apr 6 19:58:12 CEST 1999 Werner Koch - - * armor.c: Removed duped include (John Bley) - * mainproc.c: Ditto. - - * build-packet.c (hash_public_key): Fixed hashing of the header. - - * import.c (delete_inv_parts): Allow import of own non-exportable sigs. - -Sat Mar 20 13:59:47 CET 1999 Werner Koch - - * armor.c (fake_packet): Fix for not not-dash-escaped - -Sat Mar 20 11:44:21 CET 1999 Werner Koch - - * g10.c (main): Added command --recv-keys - * hkp.c (hkp_import): New. - -Wed Mar 17 13:09:03 CET 1999 Werner Koch - - * trustdb.c (check_trust): add new arg add_fnc and changed all callers. - (do_check): Ditto. - (verify_key): Ditto. - (propagate_validity): Use the new add_fnc arg. - (print_user_id): Add the FILE arg. - (propagate_ownertrust): New. - * pkclist.c (add_ownertrust_cb): New and changed the add_ownertrust - logic. - - * getkey.c (get_keyblock_bylid): New. - * trustdb.c (print_uid_from_keyblock): New. - (dump_tn_tree_with_colons): New. - (list_trust_path): Add colon print mode. - - * trustdb.c (insert_trust_record): Always use the primary key. - - * encode.c (encode_simple): Added text_mode filter (Rémi Guyomarch) - (encode_crypt): Ditto. - - * mainproc.c (proc_pubkey_enc): Added status ENC_TO. - * armor.c (armor_filter): Added status NODATA. - * passphrase.c (passphrase_to_dek): Always print NEED_PASSPHRASE - * seckey_cert.c (check_secret_key): Added BAD_PASS status. - - * g10.c (main): Set g10_opt_homedir. - -Sun Mar 14 19:34:36 CET 1999 Werner Koch - - * keygen.c (do_create): Changed wording of the note (Hugh Daniel) - -Thu Mar 11 16:39:46 CET 1999 Werner Koch - - * tdbdump.c: New - - * trustdb.c (walk_sigrecs,do_list_sigs,list_sigs, - list_records,list_trustdb,export_ownertrust,import_ownertrust): Moved - to tdbdump.c - (init_trustdb): renamed to setup_trustdb. Changed all callers. - (do_init_trustdb): renamed to init_trustdb(). - * trustdb.c (die_invalid_db): replaced by tdbio_invalid. - * tdbio.c (tdbio_invalid): New. - - * import.c (delete_inv_parts): Skip non exportable signatures. - * keyedit.c (sign_uid_mk_attrib): New. - (sign_uids): Add the local argument. - (keyedit_menu): New "lsign" command. - * trustdb.c (register_trusted_key): Removed this and all related stuff. - * g10.c (oTrustedKey): Removed option. - - * tdbio.h (dir.valcheck): New trustdb field. - * tdbio.c: Add support for this field - (tdbio_read_modify_stamp): New. - (tdbio_write_modify_stamp): New. - * trustdb.c (do_check): Check against this field. Removed cache update. - (verify_key): Add cache update. - (upd_uid_record): Some functional changes. - (upd_cert_record): Ditto - -Wed Mar 10 11:26:18 CET 1999 Werner Koch - - * keylist.c (list_keyblock): Fixed segv in uid. Print 'u' as - validity of sks. - -Mon Mar 8 20:47:17 CET 1999 Werner Koch - - * getkey.c (classify_user_id): Add new mode 12 (#). - - * seckey-cert.c (check_secret_key): replaced error by info. - - * trustdb.c (query_trust_info): Add another arg, changed all callers. - (check_trust): Ditto. - (do_check): Ditto. - (verify_key): Handle namehash. - * keylist.c (list_keyblock): print trust info for user ids. - - * sig-check.c (signature_check): Add sig-created to status output. - -Tue Mar 2 16:44:57 CET 1999 Werner Koch - - * textfilter.c (copy_clearsig_text): New. - (clearsign): Removed. - * sign.c (clearsign_file): does not use textfiler anymore. - - * keygen.c (ask_user_id): print a note about the used charset. - -Tue Mar 2 10:38:42 CET 1999 Werner Koch - - * sig-check.c (signature_check): sig-id now works for all algos. - - * armor.c (armor_filter): Fixed armor bypassing. - -Sun Feb 28 19:11:00 CET 1999 Werner Koch - - * keygen.c (ask_user_id): Don't change the case of email addresses. - (has_invalid_email_chars): Adjusted. - - * keylist.c (list_one): Really list serect keys (Remi Guyomarch) - - * keyedit.c (menu_select_uid): Add some braces to make egcs happy. - (menu_select_key): Ditto. - - * mainproc.c (do_proc_packets): List sym-enc packets (Remi Guyomarch) - -Fri Feb 26 17:55:41 CET 1999 Werner Koch - - * pkclist.c (build_pk_list): Return error if there are no recipients. - - * sig-check.c (signature_check): New signature id feature. - * armor.c (make_radic64_string): New. - - * mainproc.c (proc_pubkey_enc): early check for seckey availability. - - * pkclist.c (do_we_trust_pre): print user id before asking. - - * ringedit.c (add_keyblock_resource,get_keyblock_handle): Cleaner - handling of default resource. - - -Thu Feb 25 18:47:39 CET 1999 Werner Koch - - * pkclist.c (algo_available): New. - (select_algo_from_prefs): Check whether algo is available. - - * ringedit.c (keyring_copy): Take care of opt.dry_run. - (do_gdbm_store): Ditto. - * openfile.c (open_outfile). Ditto. - (copy_options_file): Ditto. - * trustdb.c (update_trustdb): Ditto. - (clear_trust_checked_flag): Ditto. - (update_trust_record): Ditto. - (insert_trust_record): Ditto. - -Wed Feb 24 11:07:27 CET 1999 Werner Koch - - * keylist.c (secret_key_list): Now really list the secret key. - - * trustdb.c (do_init_trustdb): New. Init is now deferred. - -Mon Feb 22 20:04:00 CET 1999 Werner Koch - - * getkey.c (lookup_sk): Return G10ERR_NO_SECKEY and not x_PUBKEY. - -Fri Feb 19 15:49:15 CET 1999 Werner Koch - - * pkclist.c (select_algo_from_prefs): retrieve LID if not there. - - * armor.c (fake_packet): Replaced ugly lineending handling. - - * g10.c (oNoEncryptTo): New. - * pkclist.c (build_pk_list): Implemented this option. - - * g10.c (main): Greeting is now printed to stderr and not to tty. - Use add_to_strlist() instead of direct coding. - - * import.c (import): Use iobuf_push_filter2. - - * mainproc.c (check_sig_and_print): Print all user ids - for good signatures. - * getkey.c (get_pubkeyblock): New. - - * import.c (chk_self_sigs): Fixed SEGV for unbounded class 0x18 keys. - (delete_inv_parts): Delete special marked packets. - -Tue Feb 16 14:10:02 CET 1999 Werner Koch - - * g10.c (main): New option --encrypt-to - - * pkclist.c (build_pk_list): Implemented encrypt-to. - - * parse-packet.c (parse_user_id): Removed the hack to work with - utf-8 strings. - - * g10.c (main): Install lockfile cleanup handler. - * tdbio.c (cleanup): Removed: this is now handled by dotlock. - -Sat Feb 13 14:13:04 CET 1999 Werner Koch - - * tdbio.c (tdbio_set_dbname): Init lockhandle for a new trustdb - -Wed Feb 10 17:15:39 CET 1999 Werner Koch - - * g10.c (main): check for development version now in configure - - * tdbio.c (tdbio_write_record): Add uid.validity - (tdbio_read_record) : Ditto. - (tdbio_dump_record) : Ditto. - - * keygen.c (keygen_add_std_prefs): Replaced Blowfish by Twofish, - removed MD5 and Tiger. - * pubkey-enc.c (get_it): Suppress warning about missing Blowfish - in preferences in certain cases. - - * ringedit.c (lock_rentry,unlock_rentry): New. - - * getkey.c (key_byname): Pass ret_kb down to lookup_xx. - - * armor.c (armor_filter): No output of of empty comment lines. - Add option --no-version to suppress the output of the version string. - - * getkey.c: Release the getkey context for auto context variables. - -Sun Jan 24 18:16:26 CET 1999 Werner Koch - - * getkey.c: Changed the internal design to allow simultaneous - lookup of multible user ids - (get_pubkey_bynames): New. - (get_seckey_bynames): New. - (get_seckey_next): New. - (get_seckey_end): New. - * keylist.c (list_one): Use the new functions. - - * keylist.c (list_keyblock): add a newline for normal listings. - - * g10.c (--recipient): New option name to replace --remote-user - - -Wed Jan 20 18:59:49 CET 1999 Werner Koch - - * textfilter.c: Mostly rewritten - * plaintext.c (handle_plaintext): Use now text_filter semantics. - -Tue Jan 19 19:34:58 CET 1999 Werner Koch - - * export.c (export_pubkeys_stream): New. - (do_export_stream): New. - * g10.c (aSendKeys): New command. - * hkp.c (hkp_export): New. - - * compress.c (do_uncompress): Hack for algo 1 and 1.1.3 - -Sun Jan 17 11:04:33 CET 1999 Werner Koch - - * textfilter.c (text_filter): Now uses iobuf_read_line(). - (read_line): Removed. - - * armor.c (trim_trailing_spaces): Removed and replaced - by trim_trailing_ws from libutil - -Sat Jan 16 12:03:27 CET 1999 Werner Koch - - * hkp.c (hkp_ask_import): Use only the short keyid - -Sat Jan 16 09:27:30 CET 1999 Werner Koch - - * import.c (import_key_stream): New - (import): New, moved most of import_keys here. - * g10.c: New option --keyserver - * mainproc.c (check_sig_and_print): Hook to import a pubkey. - - * pref.c pref.h : Removed - - * hkp.c hkp.h: New - -Wed Jan 13 14:10:15 CET 1999 Werner Koch - - * armor.c (radix64_read): Print an error if a bad armor was detected. - -Wed Jan 13 12:49:36 CET 1999 Werner Koch - - * armor.c (radix64_read): Now handles malformed armors produced - by some buggy MUAs. - -Tue Jan 12 11:17:18 CET 1999 Werner Koch - - * ringedit.c (find_keyblock_bysk): New. - - * skc_list.c (is_insecure): New. - (build_sk_list): usage check for insecure keys. - - * import.c (chk_self_sigs): Add handling for subkeys. - (delete_inv_parts): Skip unsigned subkeys - - * sig-check.c (do_check): Print info if the signature is older - than the key. - * keygen.c (generate_subkeypair): Fail on time warp. - * sign.c (do_sign): Ditto. - -Sun Jan 10 15:10:02 CET 1999 Werner Koch - - * armor.c (fake_packet): Fixed not-dash-escaped bug. - -Sat Jan 9 16:02:23 CET 1999 Werner Koch - - * sig-check.c (do_check): Output time diff on error - - * status.c (STATUS_VALIDSIG): New. - (is_status_enabled): New. - * mainproc.c (check_sig_and_print): Issue that status message. - - * plaintext.c (special_md_putc): Removed - - * armor.c (armor_filter): print error for truncated lines. - - * free-packet.c (free_encrypted): Revomed call to set_block_mode. - (free_plaintext): Ditto. - -Thu Jan 7 18:00:58 CET 1999 Werner Koch - - * pkclist.c (add_ownertrust): Fixed return value. - - * encr-data.c (decrypt_data): Disabled iobuf_set_limit and - iobuf_pop_filter stuff. - * compress.c (handle_compressed): Disabled iobuf_pop_filter. - - * packet.h (PKT_secret_key): Add is_primary flag. - * parse-packet.c (parse_key): Set this flag. - * passphrase.c (passphrase_to_dek): Kludge to print the primary - keyid - changed the API: keyid must now hold 2 keyids. - * getkey.c (get_primary_seckey): New. - * seckey-cert.c (do_check): pass primary keyid to passphrase query - - * tbdio.c (open_db): removed the atexit - (tdbio_set_dbname): and moved it to here. - - * armor.c: Rewrote large parts. - -Tue Dec 29 19:55:38 CET 1998 Werner Koch - - * revoke.c (gen_revoke): Removed compression. - - * pkclist.c (do_we_trust_pre): special check for revoked keys - - * trustdb.c (update_trust_record): Fixed revoke flag. - -Tue Dec 29 14:41:47 CET 1998 Werner Koch - - * misc.c (disable_core_dumps): Check for EINVAL (Atari) - - * getkey (merge_one_pk_and_selfsig): Fixed search of expiredate. - (merge_keys_and_selfsig): Ditto. - - * free-packet.c (cmp_public_keys): cmp expire only for v3 packets - (cmp_secret_keys): Ditto. - (cmp_public_secret_key): Ditto. - -Wed Dec 23 17:12:24 CET 1998 Werner Koch - - * armor.c (find_header): Reset not_dashed at every header - -Wed Dec 23 13:18:14 CET 1998 Werner Koch - - * pkclist.c (add_ownertrust): Refresh validity values. - - * trustdb.c (enum_cert_paths_print): New arg refresh. - - * ringedit.c: Fixed problems fix keyrings - * parse-packet.c (dbg_parse_packet): New debug functions. - - * getkey.c (getkey_disable_caches): New. - * import.c (import_keys): Disable caches. - -Thu Dec 17 18:31:15 CET 1998 Werner Koch - - * misc.c (trap_unaligned): Only for glibc 1 - - * sign.c (write_dash_escaped): Now escapes "From " lines - * g10.c: New option --escape-from-lines - - * trustdb.c (sort_tsl_list): New - (list_trust_path): Now prints sorted list. - (enum_cert_paths): Likewise. - (enum_cert_paths_print): New. - (print_paths): New printing format. - * pkclist.c (add_ownertrust): New arg quit. - (edit_ownertrust): New quit selection and does not query - the recipients ownertrust anymore. - (add_ownertrust): Print the ceritficate path. - - -Mon Dec 14 21:18:49 CET 1998 Werner Koch - - * parse-packet.c (parse_signature): Now checks for critical bit - (parse_sig_subpkt): Splitted. - (parse_one_sig_subpkt): New. - * sig-check.c (do_check): handle critical bit. - -Sun Dec 13 14:10:56 CET 1998 Werner Koch - - * pcklist.c (select_algo_from_prefs): Preferences should - now work (lost the != ? ) - -Thu Dec 10 20:15:36 CET 1998 Werner Koch - - * ringedit.c (gdbm_store): Fix for inserts - - * g10.c (main): New option --export-all - * export.c (export_pubkeys): New arg. - (do_export): Now may skip old keys. - - * status.c: Minor patches for Sun's cc - - * keygen.c (ask_algo): Disabled v3 ElGamal choice, rearranged - the numbers. Add a warning question when a sign+encrypt key - is selected. - - * g10.c (do_not_use_RSA): Removed. - * misc.c (print_pubkey_algo_note): New as replacement for the - do_not_use_RSA() and chnaged all callers. - (print_cipher_algo_note): New. - (print_hash_algo_note): New. - - * cipher.c (write_header): Add a call to print_cipher_algo_note. - * seckey-cert.c (protect_secret_key): Ditto - * sign.c (do_sign): Add a call to print_digest_algo_note. - - * getkey.c (get_long_user_id_string): New. - * mainproc.c (check_sig_and_print): Changed the format of the - status output. - - * encrypt.c (write_pubkey_enc_from_list): print used symmetric cipher. - - * pkclist.c (do_we_trust): Changed a message. - -Wed Dec 9 13:41:06 CET 1998 Werner Koch - - * misc.c (trap_unaligned) [ALPHA]: Only if UAC_SIGBUS is defined. - - * sign.c (write_dash_escaped): Add the forgotten patch by Brian Moore. - - * compress.c (do_uncompress): Fixed the inflating bug. - - -Tue Dec 8 13:15:16 CET 1998 Werner Koch - - * trustdb.c (upd_uid_record): Now uses the newest self-signature - (insert_trust_record): Now calls update with recheck set to true. - (register_trusted_key): New. - (verify_own_keys): Enhanced by list of trusted keys. - - * g10.c (main): Print a warning when a devel version is used. - (main): New option --trusted-key - - * import.c (merge_blocks): Fixed merging of new user ids and - added merging of subkeys. - (append_uid): Ditto. - (merge_keysig): New. - (append_key): New. - * getkey.c (merge_one_pk_and_selfsig): Get the expiration time - from the newest self-signature. - (merge_keys_and_selfsig): Ditto. - - * free-packet.c (cmp_secret_key): New. - - -Fri Nov 27 21:37:41 CET 1998 Werner Koch - - * g10.c: New option --lock-once - * tdbio.c (open_db): Add an atexit - (cleanup): New. - (tdbio_sync): Add locking. - (tdbio_end_transaction): Ditto. - (put_record_into_cache): Ditto. - * ringedit.c (keyring_copy): Ditto. - (cleanup): New. - (add_keyblock_resource): Add an atexit. - -Fri Nov 27 15:30:24 CET 1998 Werner Koch - - * armor.c (find_header): Another fix for clearsigs. - -Fri Nov 27 12:39:29 CET 1998 Werner Koch - - - * status.c (display_help): Removed. - * helptext.c: New and removed the N_() from all cpr_gets. - - -Fri Nov 20 16:54:52 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): New option --not-dash-escaped - * sign.c (write_dashed_escaped): Ditto. - * armor.c (find_header): Support for NotDashEscaped header. - - * getkey.c: print "disabled cache.." only if verbose is used. - -Thu Nov 19 07:17:31 1998 Werner Koch - - * parse-packet.c (dump_sig_subpkt): Fixed expire listing - * getkey.c (merge_keys_and_selfsig): Fixed expire calculation. - (merge_one_pk_and_selfsig): Ditto. - * keyedit.c (menu_expire). Ditto. - * keygen.c (keygen_add_key_expire): Ditto. - (ask_expire_interval): New and changed all local function to use - this instead. - (keygen_add_key_expire): Opaque should now be a public key; - changed all callers. - - * parse.packet.c (parse): use skip_rest to skip packets. - - * keyedit.c (keyedit_menu): New arg for cmdline cmds. - -Wed Nov 18 20:33:50 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (check_trustdb): Now rechecks all gived userids. - (collect_paths): Some fixes. - (upd_pref_records): Skips empty items, evaluate all items. - - * parse-packet.c (dump_sig_subpkt): Better listing of prefs. - (skip_packet): Now knows about marker packet - - * g10.c: removed cmd "--edit-sig". - - * pubring.asc: Updated. - -Sat Nov 14 14:01:29 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): Changed syntax of --list-trust-path - * trustdb.c (list_trust_path): Replaced max_depth by - opt.max_cert_depth - -Fri Nov 13 07:39:58 1998 Werner Koch - - * trustdb.c (collect_paths): Removed a warning message. - (enum_trust_web): Removed. - (enum_cert_paths): New. - * pkclist.c (add_ownertrust): Changed to use enum_cert_paths. - (edit_ownertrust): Now list ceritficates on request. - (show_paths): New. - -Wed Nov 11 18:05:44 1998 Werner Koch - - * g10.c (main): New option --max-cert-depth - * tdbio.h: add new fields to ver and dir record. - * tdbio.c: read/write/dump of these fields. - (tdbio_db_matches_options): New. - * trustdb.c: replaced MAC_CERT_DEPTH by opt.max_cert_depth. - (do_check): cache validity and changed other functions - to reset the cached value. - - * keylist.c (list_one): Now lists the ownertrust. - * mainproc.c (list_node): Ditto. - -Tue Nov 10 10:08:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (g10_exit): Now looks at the new g10_errors_seen. - * mainproc.c (check_sig_and_print): Sets g10_errors_seen. - - * *.c : i18n many more strings. - - * ringedit.c (locate_keyblock_by_keyid): Add HAVE_LIBGDBM - (locate_keyblock_by_fpr): Ditto. - - * g10.c (main): removed unsused "int errors". - (main): Add new option --charset. - - * g10.c (main): special message for the unix newbie. - -Mon Nov 9 07:17:42 1998 Werner Koch - - * getkey.c (finish_lookup): Kludge to prefere algo 16. - - * trustdb.c (new_lid_table): Clear cached item. - - * status.c (cpr_get_utf8): New. - * pkclist.c (build_pk_list): Uses this. - -Sun Nov 8 17:20:39 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mainproc.c (check_sig_and_print): Why did I use strlen()-1 - in the printf? - This truncated the TZ. - -Sat Nov 7 15:57:28 1998 me,,, (wk@tobold) - - * getkey.c (lookup): Changes to support a read_next. - (get_pubkey): Fixed a memory leak. - - * keylist.c (list_one): Now lists all matching user IDs. - -Tue Nov 3 16:19:21 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keygen.c (ask_user_id): Now converted to UTF-8 - - * g10.c (main): Kludge for pgp clearsigs and textmode. - -Fri Oct 30 16:40:39 1998 me,,, (wk@tobold) - - * signal.c (block_all_signals): New. - (unblock_all_signals): New - * tdbio.c (tdbio_end_transaction): Now blocks all signals. - - * trustdb.c (new_lid_table): Changed the representation of the - former local_lid_info stuff. - - * trustdb.c (update_trust_record): Reorganized the whole thing. - * sig-check.c (check_key_signature): Now handles class 0x28 - - -Wed Oct 28 18:56:33 1998 me,,, (wk@tobold) - - * export.c (do_export): Takes care of the exportable sig flag. - -Tue Oct 27 14:53:04 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (update_trust_record): New "fast" parameter. - -Sun Oct 25 19:32:05 1998 Werner Koch (wk@isil.d.shuttle.de) - - * openfile.c (copy_options_File): New. - * ringedit.c (add_keyblock_resource): Creates options file - * tdbio.c (tdbio_set_dbname): Ditto. - -Sat Oct 24 14:10:53 1998 brian moore - - * mainproc.c (proc_pubkey_enc): Don't release the DEK - (do_proc_packets): Ditto. - -Fri Oct 23 06:49:38 1998 me,,, (wk@tobold) - - * keyedit.c (keyedit_menu): Comments are now allowed - - * trustdb.c: Rewrote large parts. - - -Thu Oct 22 15:56:45 1998 Michael Roth (mroth@nessie.de) - - * encode.c: (encode_simple): Only the plain filename without - a given directory is stored in generated packets. - (encode_crypt): Ditto. - - * sign.c: (sign_file) Ditto. - - -Thu Oct 22 10:53:41 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (update_trust_record): Add new optional arg. - - * import.c (import_keys): Add statistics output - * trustdb.c (update_trustdb): Ditto. - (insert_trustdb): Ditto. - - * tdbio.c (tdbio_begin_transaction): New. - (tdbio_end_transaction): New. - (tdbio_cancel_transaction): New. - - * g10.c (main): New option --quit. - - * trustdb.c (check_hint_sig): No tests for user-id w/o sig. - This caused an assert while checking the sigs. - - * trustdb.c (upd_sig_record): Splitted into several functions. - - * import.c (import_keys): New arg "fast". - * g10.c (main): New command --fast-import. - -Wed Oct 21 18:19:36 1998 Michael Roth - - * ringedit.c (add_keyblock_resource): Directory is now created. - * tdbio.c (tdbio_set_dbname): New info message. - -Wed Oct 21 11:52:04 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (update_trustdb): released keyblock in loop. - - * keylist.c (list_block): New. - (list_all): Changed to use list_block. - - * trustdb.c: Completed support for GDBM - - * sign.c (only_old_style): Changed the way force_v3 is handled - (sign_file): Ditto. - (clearsign_file): Ditto. - - * keygen.c (has_invalid_email_chars): Splitted into mailbox and - host part. - - * keylist.c (list_one): Add a merge_keys_and_selfsig. - * mainproc.c (proc_tree): Ditto. - -Sun Oct 18 11:49:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * sign.c (only_old_style): Add option force_v3_sigs - (sign_file): Fixed a bug in sig->version - (clearsign_file): Ditto. - - * parse-packet.c (dump_sig_subpkt): New - - * keyedit.c (menu_expire): New. - * free-packet.c (cmp_signatures): New - - -Sat Oct 17 10:22:39 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c: changed output line length from 72 to 64. - - * keyedit.c (fix_keyblock): New. - -Fri Oct 16 10:24:47 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c: Rewrote most. - * tdbio.c: Add cache and generalized hash tables. - - * options.h (ENABLE_COMMENT_PACKETS): New but undef'ed. - * encode.c, sign.c, keygen.c: Disabled comment packets. - * export.c (do_export): Comment packets are never exported, - except for those in the secret keyring. - - * g10.c (main): Removed option do-no-export-rsa; should be - be replaced by a secpial tool. - * export.c (do_export): Removed the code for the above option. - - * armor.c (find_header): Support for new only_keyblocks. - * import.c (import_keys): Only looks for keyblock armors. - - * packet.h: replaced valid_days by expiredate and changed all users. - * build-packet.c (do_public_key): calculates valid-days - (do_secret_key): Ditto. - * parse-packet.c (parse_key): expiredate is calucated from the - valid_period in v3 packets. - * keyid.c (do_fingerprint_md): calculates valid_dates. - - * keygen.c (add_key_expire): fixed key expiration time for v4 packets. - - * armor.c (find_header): A LF in the first 28 bytes - was skipped for non-armored data. - -Thu Oct 8 11:35:51 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (is_armored): Add test on old comment packets. - - * tdbio.c (tdbio_search_dir_bypk): fixed memory leak. - - * getkey.c: Changed the caching algorithms. - -Wed Oct 7 19:33:28 1998 Werner Koch (wk@isil.d.shuttle.de) - - * kbnodes.c (unused_nodes): New. - -Wed Oct 7 11:15:36 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keyedit.c (sign_uids): Fixed a problem with SK which could caused - a save of an unprotected key. - (menu_adduid): Ditto. - - * keyedit.c (keyedit_menu): Prefs are now correctly listed for - new user ids. - - * trustdb.c (update_trust_record): New. - (insert_trust_record): Now makes use of update_trust_record. - -Tue Oct 6 16:18:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (read_record): replaces most of the tdbio_read_records. - (write_record): Ditto. - -Sat Oct 3 11:01:21 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keygen.c (ask_alogo): enable ElGamal enc-only only for addmode. - -Wed Sep 30 10:15:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * import.c (import_one): Fixed update of wrong keyblock. - -Tue Sep 29 08:32:08 1998 me,,, (wk@tobold) - - * mainproc.c (proc_plaintext): Display note for special filename. - * plaintext.c (handle_plaintext): Suppress output of special file. - -Mon Sep 28 12:57:12 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (verify_own_keys): Add warning if a key is not protected. - - * passphrase (hash_passphrase): Fixed iterated+salted mode and - setup for keysizes > hashsize. - - * g10.c (main): New options: --s2k-{cipher,digest,mode}. - -Fri Sep 25 09:34:23 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c: Chnaged some help texts. - -Tue Sep 22 19:34:39 1998 Werner Koch (wk@isil.d.shuttle.de) - - * passphrase.c (read_passphrase_from_fd): fixed bug for long - passphrases. - -Mon Sep 21 11:28:05 1998 Werner Koch (wk@(none)) - - * getkey.c (lookup): Add code to use the sub key if the primary one - does not match the usage. - - * armor.c (armor_filter): New error message: no valid data found. - (radix64_read): Changes to support multiple messages. - (i18n.h): New. - * mainproc.c (add_onepass_sig): bug fix. - -Mon Sep 21 08:03:16 1998 Werner Koch (wk@isil.d.shuttle.de) - - * pkclist.c (do_we_trust): Add keyid to most messages. - - * passphrase.c (read_passphrase_from_fd): New. - (have_static_passphrase): New - (get_passphrase_fd): Removed. - (set_passphrase_fd): Removed. - * g10.c (main): passphrase is now read here. - - * keyedit.c (keyedit_menu): "help" texts should now translate fine. - -Mon Sep 21 06:40:02 1998 Werner Koch (wk@isil.d.shuttle.de) - - * encode.c (encode_simple): Now disables compression - when --rfc1991 is used. - (encode_crypt): Ditto. - -Fri Sep 18 16:50:32 1998 Werner Koch (wk@isil.d.shuttle.de) - - * getkey.c (merge_key_and_selfsig): New. - -Fri Sep 18 10:20:11 1998 Werner Koch (wk@isil.d.shuttle.de) - - * pkclist.c (select_algo_from_prefs): Removed 3DES kludge. - - * seskey.c (make_session_key): Fixed SERIOUS bug introduced - by adding the weak key detection code. - - * sign.c (sign_file): Changed aremor header in certain cases. - -Tue Sep 15 17:52:55 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mainproc.c (check_sig_and_print): Replaced ascime by asctimestamp. - -Mon Sep 14 11:40:52 1998 Werner Koch (wk@isil.d.shuttle.de) - - * seskey.c (make_session_key): Now detects weak keys. - - * trustdb (clear_trust_checked_flag): New. - - * plaintext.c (handle_plaintext): Does no anymore suppress CR from - cleartext signed messages. - -Sun Sep 13 12:54:29 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (insert_trust_record): Fixed a stupid bug in the free - liunked list loops. - -Sat Sep 12 15:49:16 1998 Werner Koch (wk@isil.d.shuttle.de) - - * status.c (remove_shmid): New. - (init_shm_comprocess): Now sets permission to the real uid. - -Wed Sep 9 11:15:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * packet.h (PKT_pubkey_enc): New flah throw_keyid, and add logic to - implement it. - * g10.c (main): New Option --throw-keyid - - * getkey.c (enum_secret_keys): Add new ar and changed all callers. - -Tue Sep 8 20:04:09 1998 Werner Koch (wk@isil.d.shuttle.de) - - * delkey.c (delete_key): Moved from keyedit.c. - -Mon Sep 7 16:37:52 1998 Werner Koch (wk@isil.d.shuttle.de) - - * build-packet.c (calc_length_header): New arg new_ctb to correctly - calculate the length of new style packets. - - * armor.c (is_armored): Checks for symkey_enc packets. - - * pkclist.c (select_algo_from_prefs): 3DEs substitute is now CAST5. - -Tue Aug 11 17:54:50 1998 Werner Koch (wk@isil.d.shuttle.de) - - * build-packet.c (do_secret_key): Fixed handling of old keys. - - * getkey.c (compare_name): Fixed exact and email matching - - * openfile.c (open_outfile): Changed arguments and all callers. - -Tue Aug 11 09:14:35 1998 Werner Koch (wk@isil.d.shuttle.de) - - * encode.c (encode_simple): Applied option set-filename and comment. - (encode_crypt): Ditto. - * sign.c (sign_file): Ditto. - * armor.c (armor_filter): Applied option comment. - - * encode.c (encode_crypt): Moved init_packet to the begin. - (encode_simple): add an init_packet(). - - * comment (write_comment): Now enforces a hash sign as the 1st byte. - - * import.c (import_one): Add explanation for "no user ids". - - * compress.c (do_uncompress): Applied Brian Warner's patch to support - zlib 1.1.3 etc. - - * trustdb.c (check_trust): Fixed a problem after inserting new keys. - - * getkey (lookup): do not return the primary key if usage is given - (lookup_sk): Ditto and take usage into account. - - * status.c (cpr_get_answer_is_yes): add display_help. - -Mon Aug 10 10:11:28 1998 Werner Koch (wk@isil.d.shuttle.de) - - * getkey.c (lookup_sk): Now always returns the primary if arg - primary is true. - (lookup): Likewise. - (get_pubkey_byname): Now returns the primary key - (get_seckey_byname): Ditto. - - -Mon Aug 10 08:34:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keyid.c (pubkey_letter): ELG_E is now a small g. - -Sat Aug 8 17:26:12 1998 Werner Koch (wk@isil.d.shuttle.de) - - * openfile (overwrite_filep): Changed semantics and all callers. - -Sat Aug 8 12:17:07 1998 Werner Koch (wk@isil.d.shuttle.de) - - * status.c (display_help): New. - -Thu Aug 6 16:30:41 1998 Werner Koch,mobil,,, (wk@tobold) - - * seskey.c (encode_session_key): Now uses get_random_bits(). - -Thu Aug 6 07:34:56 1998 Werner Koch,mobil,,, (wk@tobold) - - * ringedit.c (keyring_copy): No more backupfiles for - secret keyrings and add additional warning in case of - a failed secret keyring operation. - -Wed Aug 5 11:54:37 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (check_opts): Moved to main. Changed def_cipher_algo - semantics and chnaged all users. - - * pubkey-enc.c (get_sssion_key): New informational output - about preferences. - - * parse-packet.c (parse_symkeyenc): Fixed salted+iterated S2K - (parse_key): Ditto. - * build-packet.c (do_secret_key): Ditto. - (do_symkey_enc): Ditto. - -Tue Aug 4 08:59:10 1998 Werner Koch (wk@isil.d.shuttle.de) - - * getkey.c (enum_secret_keys): Now returns only primary keys. - - * getkey (lookup): Now sets the new namehash field. - - * parse-packet.c (parse_sig_subpkt2): New. - - * sign.c (sign_file): one-pass sigs are now emiited reverse. - Preference data is considered when selecting the compress algo. - -Wed Jul 29 12:53:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * free-packet.c (copy_signature): New. - - * keygen.c (generate_subkeypair): rewritten - * g10.c (aKeyadd): Removed option --add-key - -Mon Jul 27 10:37:28 1998 Werner Koch (wk@isil.d.shuttle.de) - - * seckey-cert.c (do_check): Additional check on cipher blocksize. - (protect_secret_key): Ditto. - * encr-data.c: Support for other blocksizes. - * cipher.c (write_header): Ditto. - -Fri Jul 24 16:47:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * kbnode.c (insert_kbnode): Changed semantics and all callers. - * keyedit.c : More or less a complete rewrite - -Wed Jul 22 17:10:04 1998 Werner Koch (wk@isil.d.shuttle.de) - - * build-packet.c (write_sign_packet_header): New. - -Tue Jul 21 14:37:09 1998 Werner Koch (wk@isil.d.shuttle.de) - - * import.c (import_one): Now creates a trustdb record. - - * g10.c (main): New command --check-trustdb - -Mon Jul 20 11:15:07 1998 Werner Koch (wk@isil.d.shuttle.de) - - * genkey.c (generate_keypair): Default key is now DSA with - encryption only ElGamal subkey. - -Thu Jul 16 10:58:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keyid.c (keyid_from_fingerprint): New. - * getkey.c (get_pubkey_byfprint): New. - -Tue Jul 14 18:09:51 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keyid.c (fingerprint_from_pk): Add argument and changed all callers. - (fingerprint_from_sk): Ditto. - -Tue Jul 14 10:10:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * plaintext.c (handle_plaintext): Now returns create error if - the file could not be created or the user responded not to overwrite - the file. - * mainproc.c (proc_plaintext): Tries again if the file could not - be created to check the signature without output. - - * misc.c (disable_core_dumps): New. - * g10.c (main): disable coredumps for gpg - - * g10.c (MAINTAINER_OPTIONS): New to disable some options - -Mon Jul 13 16:47:54 1998 Werner Koch (wk@isil.d.shuttle.de) - - * plaintext.c (hash_datafiles): New arg for better support of - detached sigs. Changed all callers. - * mainproc.c (proc_signature_packets): Ditto. - - * g10.c (main): New option "compress-sigs" - * sig.c (sign_file): detached signatures are not anymore compressed - unless the option --compress-sigs is used. - -Thu Jul 9 19:54:54 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c: Fixes to allow zero length cleartext signatures - -Thu Jul 9 14:52:47 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (build_list): Now drops setuid. - (main): Changed the way keyrings and algorithms are registered . - -Wed Jul 8 14:17:30 1998 Werner Koch (wk@isil.d.shuttle.de) - - * packet.h (PKT_public_key): Add field keyid. - * parse-packet.c (parse_key): Reset the above field. - * keyid.c (keyid_from_pk): Use above field as cache. - - * tdbio.c, tdbio.h: New - * trustdb.c: Moved some functions to tdbio.c. - (print_keyid): New. - - * pkclist.c (check_signatures_trust): New. - -Wed Jul 8 10:45:28 1998 Werner Koch (wk@isil.d.shuttle.de) - - * plaintext.c (special_md_putc): New. - (handle_plaintext): add clearsig argument - * mainproc.c (proc_plaintext): detection of clearsig - * sign.c (write_dased_escaped): Changed clearsig format - -Tue Jul 7 18:56:19 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (find_header): Now makes sure that there is only one - empty line for clearsigs, as this is what OP now says. - -Mon Jul 6 13:09:07 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): New option default-secret-key - * getkey.c (get_seckey_byname): support for this option. - -Mon Jul 6 09:03:49 1998 Werner Koch (wk@isil.d.shuttle.de) - - * getkey.c (add_keyring): Keyrings are now added to end of the - list of keyrings. The first added keyringwill be created. - (add_secret_keyring): Likewise. - - * ringedit.c (add_keyblock_resource): Files are created here. - - * g10.c (aNOP): Removed - - * getkey.c (lookup): Add checking of usage for name lookups - * packet.h (pubkey_usage): Add a field which may be used to store - usage capabilities. - * pkclist.c (build_pk_list): getkey now called with usage arg. - * skclist.c (build_sk_list): Ditto. - - * sign.c (clearsign_file): Fixed "Hash:" headers - -Sat Jul 4 13:33:31 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (list_ownertrust): New. - * g10.c (aListOwnerTrust): New. - - * g10.c (def_pubkey_algo): Removed. - - * trustdb.c (verify_private_data): Removed and also the call to it. - (sign_private_data): Removed. - -Fri Jul 3 13:26:10 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (aEditKey): was aEditSig. Changed usage msg. - - * keyedit.c: Done some i18n stuff. - - * g10.c (do_not_use_RSA): New. - * sign.c (do_sign): Add call to above function. - * encode.c (write_pubkey_enc_from_list): Ditto. - -Thu Jul 2 21:01:25 1998 Werner Koch (wk@isil.d.shuttle.de) - - * parse-packet.c: Now is able sto store data of unknown - algorithms. - * free-packet.c: Support for this. - * build-packet.c: Can write data of packet with unknown algos. - -Thu Jul 2 11:46:36 1998 Werner Koch (wk@isil.d.shuttle.de) - - * parse-packet.c (parse): fixed 4 byte length header - -Wed Jul 1 12:36:55 1998 Werner Koch (wk@isil.d.shuttle.de) - - * packet.h (new_ctb): New field for some packets - * build-packet.c (build_packet): Support for new_ctb - * parse-packet.c (parse): Ditto. - -Mon Jun 29 12:54:45 1998 Werner Koch (wk@isil.d.shuttle.de) - - * packet.h: changed all "_cert" to "_key", "subcert" to "subkey". - - * free-packet.c (free_packet): Removed memory leak for subkeys. - -Sun Jun 28 18:32:27 1998 Werner Koch (wk@isil.d.shuttle.de) - - * import.c (import_keys): Renamed from import_pubkeys. - (import_secret_one): New. - - * g10.c (aExportSecret): New. - - * export.c (export_seckeys): New. - - * parse-packet.c (parse_certificate): Cleaned up. - (parse_packet): Trust packets are now considered as unknown. - (parse_pubkey_warning): New. - -Fri Jun 26 10:37:35 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keygen.c (has_invalid_email_chars): New. - -Wed Jun 24 16:40:22 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (armor_filter): Now creates valid onepass_sig packets - with all detected hash algorithms. - * mainproc.c (proc_plaintext): Now uses the hash algos as specified - in the onepass_sig packets (if there are any) - -Mon Jun 22 11:54:08 1998 Werner Koch (wk@isil.d.shuttle.de) - - * plaintext.c (handle_plaintext): add arg to disable outout - * mainproc.c (proc_plaintext): disable output when in sigs_only mode. - -Thu Jun 18 13:17:27 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keygen.c: Removed all rsa packet stuff, chnaged defaults - for key generation. - -Sun Jun 14 21:28:31 1998 Werner Koch (wk@isil.d.shuttle.de) - - * misc.c (checksum_u16): Fixed a stupid bug which caused a - wrong checksum calculation for the secret key protection and - add a backward compatibility option. - * g10.c (main): Add option --emulate-checksum-bug. - -Thu Jun 11 13:26:44 1998 Werner Koch (wk@isil.d.shuttle.de) - - * packet.h: Major changes to the structure of public key material - which is now stored in an array and not anaymore in a union of - algorithm specific structures. These is needed to make the system - more extendable and makes a lot of stuff much simpler. Changed - all over the system. - - * dsa.c, rsa.c, elg.c: Removed. - -Wed Jun 10 07:22:02 1998 Werner Koch,mobil,,, (wk@tobold) - - * g10.c ("load-extension"): New option. - -Mon Jun 8 22:23:37 1998 Werner Koch (wk@isil.d.shuttle.de) - - * seckey-cert.c (do_check): Removed cipher constants - (protect_secret_key): Ditto. - -Fri May 29 10:00:28 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (query_trust_info): New. - * keylist.c (list_one): Add output of trust info - * mainproc (list_node): ditto. - * g10.c (main): full trustdb init if -with-colons and any of the - key list modes. - -Thu May 28 10:34:42 1998 Werner Koch (wk@isil.d.shuttle.de) - - * status.c (STATUS_RSA_OR_IDEA): New. - * sig-check.c (check_signature): Output special status message. - * pubkey-enc.c (get_session_key): Ditto. - - * mainproc.c (check_sig_and_print): Changed format of output. - * passpharse.c (passphrase_to_dek): Likewise. - -Wed May 27 13:46:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (aListSecretKeys): New option --list-secret-keys - * keylist.c (std_key_list): Renamed to public_key_list. - (secret_key_list): New - (list_one, list_all): Add support for secret keys. - * getkey.c (get_secret_keyring): New. - * mainproc.c (list_node): Add option --with-colons for secret keys - - * sig-check.c (check_key_signature): detection of selfsigs - * mainproc.c (list_node): fixed listing. - - * g10.c (aListSecretKeys): New option --always-trust - * pkclist.c (do_we_trust): Override per option added - - * status.c (write_status_text): Add a prefix to every output line. - -Wed May 27 07:49:21 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10 (--compress-keys): New. - * options.h (compress_keys): New. - * export.c (export_pubkeys): Only compresses with the new option. - -Tue May 26 11:24:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * passphrase.c (get_last_passphrase): New - (set_next_passphrase): New. - (passphrase_to_dek): add support for the above functions. - * keyedit.c (make_keysig_packet): Add sigclass 0x18, - changed all callers due to a new argument. - * keygen.c (write_keybinding): New - (generate_subkeypair): Add functionality - (ask_algo, ask_keysize, ask_valid_days): Broke out of generate_keypair - (ask_user_id, ask_passphrase): Ditto. - -Thu May 21 11:26:13 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c,gpgd.c (main): Does now return an int, so that egcs does - not complain. - - * armor.c (fake_packet): Removed erro message and add a noticed - that this part should be fixed. - - * sign.c (sign_file): Compression now comes in front of encryption. - * encode.c (encode_simple): Ditto. - (encode_crypt): Ditto. - -Tue May 19 16:18:19 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (fake_packet): Changed assertion to log_error - -Sat May 16 16:02:06 1998 Werner Koch (wk@isil.d.shuttle.de) - - * build-packet.c (build_packet): Add SUBKEY packets. - -Fri May 15 17:57:23 1998 Werner Koch (wk@isil.d.shuttle.de) - - * sign.c (hash_for): New and used in all places here. - * main.h (DEFAULT_): new macros. - * g10.c (opt.def_digest_algo): Now set to 0 - - * compress.c (init_compress): Add support for algo 1 - * options.h (def_compress_algo): New - * g10.c (main): New option --compress-algo - -Fri May 15 13:23:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (print_mds): New feature to print only one hash, - chnaged formatting. - -Thu May 14 15:36:24 1998 Werner Koch (wk@isil.d.shuttle.de) - - * misc.c (trap_unaligned) [__alpha__]: New - * g10.c (trap_unaligned): Add call to this to track down SIGBUS - on Alphas (to avoid the slow emulation code). - -Wed May 13 11:48:27 1998 Werner Koch (wk@isil.d.shuttle.de) - - * build-packet.c (do_signature): Support for v4 pakets. - * keyedit.c (make_keysig_packet): Ditto. - * build-packet.c (build_sig_subpkt_from_sig): New. - (build_sig_subpkt): New. - - * elg.c (g10_elg_sign): removed keyid_from_skc. - * dsa.c (g10_dsa_sign): Ditto. - * rsa.c (g10_rsa_sign): Ditto. - * keyedit.c (make_keysig_packet): Add call to keyid_from_skc - - * sign.c (clearsign_file): Support for v4 signatures. - (sign_file): Ditto. - -Wed May 6 09:31:24 1998 Werner Koch (wk@isil.d.shuttle.de) - - * parse-packet.c (do_parse): add support for 5 byte length leader. - (parse_subpkt): Ditto. - * build-packet.c (write_new_header): Ditto. - - * packet.h (SIGSUBPKT_): New constants. - * parse-packet.c (parse_sig_subpkt): Changed name, made global, - and arg to return packet length, chnaged all callers - - -Tue May 5 22:11:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keygen.c (gen_dsa): New. - * build_packet.c (do_secret_cert): Support for DSA - -Mon May 4 19:01:25 1998 Werner Koch (wk@isil.d.shuttle.de) - - * compress.c: doubled buffer sizes - * parse-packet.c (do_plaintext): now uses iobuf_read/write. - -Mon May 4 09:35:53 1998 Werner Koch (wk@isil.d.shuttle.de) - - * seskey.c (encode_md_value): Add optional argument hash_algo, - changed all callers. - - * passphrase.c (make_dek_from_passphrase): Removed - * (get_passhrase_hash): Changed name to passphrase_to_dek, add arg, - changed all callers. - - * all: Introduced the new ELG identifier and added support for the - encryption only one (which is okay to use by GNUPG for signatures). - -Sun May 3 17:50:26 1998 Werner Koch (wk@isil.d.shuttle.de) - - * packet.h (PKT_OLD_COMMENT): New name for type 16. - * parse-packet.c (parse_comment): Now uses type 61 - -Fri May 1 12:44:39 1998 Werner Koch,mobil,,, (wk@tobold) - - * packet.h (count): Chnaged s2k count from byte to u32. - * seckey-cert.c (do_check): Changed s2k algo 3 to 4, changed - reading of count. - * build-packet.c (do_secret_cert): ditto. - * parse-packet.c (parse_certificate): ditto. - - * parse-packet.c (parse_symkeyenc): New. - * build-packet.c (do_symkey_enc): New. - -Thu Apr 30 16:33:34 1998 Werner Koch (wk@isil.d.shuttle.de) - - * sign.c (clearsign_file): Fixed "Hash: " armor line. - -Tue Apr 28 14:27:42 1998 Werner Koch (wk@isil.d.shuttle.de) - - * parse-packet.c (parse_subpkt): Some new types. - -Mon Apr 27 12:53:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): Add option --skip-verify. - * mainproc.c (check_sig_and_print): Ditto. - - * g10.c (print_mds): Add output for Tiger. - - * sign.c (sign_file): Now uses partial length headers if used - in canonical textmode (kludge to fix a bug). - - * parse-packet.c (parse_certificate): Changed BLOWFISH id. - * pubkey-enc.c (get_session_key): Ditto. - * seskey.c (make_session_key): Ditto. - * seckey-cert.c (protect_secret_key,do_check): Add BLOWFISH160. - -Fri Apr 24 17:38:48 1998 Werner Koch,mobil,,, (wk@tobold) - - * sig-check.c (check_key_signature): Add sig-class 0x14..0x17 - * keyedit.c (sign-key): Some changes to start with support of - the above new sig-classes. - -Wed Apr 22 09:01:57 1998 Werner Koch,mobil,,, (wk@tobold) - - * getkey.c (compare_name): add email matching - -Tue Apr 21 16:17:12 1998 Werner Koch,mobil,,, (wk@tobold) - - * armor.c (armor_filter): fixed missing last LF before CSUM. - -Thu Apr 9 11:35:22 1998 Werner Koch (wk@isil.d.shuttle.de) - - * seckey-cert.c (do_check): New; combines all the check functions - into one. - - * sign.c: removed all key management functions - * keyedit.c: New. - -Thu Apr 9 09:49:36 1998 Werner Koch (wk@isil.d.shuttle.de) - - * import.c (chk_self_sigs): Changed an error message. - -Wed Apr 8 16:19:39 1998 Werner Koch (wk@isil.d.shuttle.de) - - * packet.h: packet structs now uses structs from the pubkey, - removed all copy operations from packet to pubkey structs. - -Wed Apr 8 13:40:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (verify_own_certs): Fixed "public key not found". - - * getkey.c (key_byname): New, combines public and secret key search. - - * pkclist.c (build_pkc_list): Add new arg usage, changed all callers. - * skclist.c (build_skc_list): Likewise. - - * ringedit.c (find_keyblock, keyring_search2): Removed. - -Wed Apr 8 09:47:21 1998 Werner Koch (wk@isil.d.shuttle.de) - - * sig-check.c (do_check): Applied small fix from Ulf Möller. - -Tue Apr 7 19:28:07 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.c, encr-data.c, seckey-cert.c: Now uses cipher_xxxx - functions instead of blowfish_xxx or cast_xxx - -Tue Apr 7 11:04:02 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am (g10maint.o): Changed the way it is created. - -Mon Apr 6 11:17:08 1998 Werner Koch (wk@isil.d.shuttle.de) - - * misc.c: New. - * keygen.c (checksum,checksum_u16,checksum_mpi): Moved to misc.c - * seckey-cert.c: Kludge for wrong ELG checksum implementation. - -Sat Apr 4 20:07:01 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.c (cipher_filter): Support for CAST5 - * encr-data.c (decode_filter): Ditto. - (decrypt_data): Ditto. - * seskey.c (make_session_key): Ditto. - * seckey-cert.c (check_elg, check_dsa): Ditto, - (protect_secret_key): Ditto. - * pubkey-enc.c (get_session_key): Ditto. - * passphrase.c (hash_passphrase): Ditto. - -Thu Apr 2 20:22:35 1998 Werner Koch (wk@isil.d.shuttle.de) - - * gpgd.c: New - -Thu Apr 2 10:38:16 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keygen.c (generate_keypair): Add valid_days stuff. - * trustdb.c (check_trust): Add check for valid_days. - -Wed Apr 1 16:15:58 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keygen.c (generate_keypair): Addional question whether the - selected large keysize is really needed. - -Wed Apr 1 15:56:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * seckey-cert.c (protect_secret_key): merged protect_xxx to here. - -Wed Apr 1 10:34:46 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am (g10maint.c): Changed creation rule, so that it works - on FreeBSD (missing CFLAGS). - - * parse-packet.c (parse_subkey): Removed. - -Thu Mar 19 15:22:36 1998 Werner Koch (wk@isil.d.shuttle.de) - - * ringedit.c (keyring_enum): Fixed problem with reading too - many packets. Add support to read secret keyrings. - - * getkey.c (scan_keyring): Removed - (lookup): New to replace scan_keyring. - (scan_secret_keyring): Removed. - (lookup_skc): New. - -Wed Mar 18 11:47:34 1998 Werner Koch (wk@isil.d.shuttle.de) - - * ringedit.c (enum_keyblocks): New read mode 11. - - * keyid.c (elg_fingerprint_md): New and changed all other functions - to call this if the packet version is 4 or above. - -Tue Mar 17 20:46:16 1998 Werner Koch (wk@isil.d.shuttle.de) - - * parse-packet.c (parse_certificate): Add listing support for subkeys. - -Tue Mar 17 20:32:22 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (is_armored): Allow marker packet. - -Thu Mar 12 13:36:49 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (check_trust): Checks timestamp of pubkey. - * sig-check. (do_check): Compares timestamps. - -Tue Mar 10 17:01:56 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): Add call to init_signals. - * signal.c: New. - -Mon Mar 9 12:43:42 1998 Werner Koch (wk@isil.d.shuttle.de) - - * dsa.c: New - * packet.h, free-packet.c, parse-packet.c : Add support for DSA - * sig-check.c, getkey.c, keyid.c, ringedit.c: Ditto. - * seckey-cert.c: Ditto. - - * packet.h : Moved .digest_algo of signature packets to outer - structure. Changed all references - -Sun Mar 8 13:06:42 1998 Werner Koch (wk@isil.d.shuttle.de) - - * openfile.c : Support for stdout filename "-". - - * mainproc.c (check_sig_and_print): Enhanced status output: - * status.c (write_status_text): New. - -Fri Mar 6 16:10:54 1998 Werner Koch (wk@isil.d.shuttle.de) - - * kbnode.c (clone_kbnode): Fixed private_flag. - - * mainproc.c (list_node): Output of string "Revoked" as user-id. - -Fri Mar 6 14:26:39 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): Add userids to "-kv" and cleaned up this stuff. - -Fri Mar 6 12:45:58 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): Changed semantics of the list-... commands - and added a new one. Removed option "-d" - - * decrypt.c: New. - - * trustdb.c (init_trustdb): Autocreate directory only if it ends - in "/.gnupg". - -Thu Mar 5 12:12:11 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mainproc.c (do_proc_packets): New. Common part of proc_packet. - (proc_signature_packets): special version to handle signature data. - * verify.c: New. - * g10.c (aVerify): New. - * plaintext.c (hash_datafiles): New. - * compress.c (handle_compressed): Add callback arg, changed caller. - -Thu Mar 5 10:20:06 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c: Is nom the common source for gpg and gpgm - * g10maint.c: Removed - * Makefile.am: Add rule to build g10maint.c - -Thu Mar 5 08:43:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): Changed the way clear text sigs are faked. - -Wed Mar 4 19:47:37 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10maint.c (aMuttKeyList): New - * keylist.c: New. - -Wed Mar 4 17:20:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * getkey.c (get_pubkey_byname): Kludge to allow 0x prefix. - -Tue Mar 3 13:46:55 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10maint.c (main): New option --gen-random. - -Tue Mar 3 09:50:08 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (aDeleteSecretKey): New. - (aEditSig): Add option "--edit-key" as synonym for "--edit-sig". - (aDeleteSecretKey): New. - * getkey.c (seckey_available): New. - * sign.c (delete_key): Enhanced to delete secret keys, changed all - callers. - -Mon Mar 2 21:23:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * pkc_list.c (build_pkc_list): Add interactive input of user ID. - -Mon Mar 2 20:54:05 1998 Werner Koch (wk@isil.d.shuttle.de) - - * pkclist.c (do_we_trust_pre): New. - (add_ownertrust): Add message. - * trustdb.c (enum_trust_web): Quick fix. - -Mon Mar 2 13:50:53 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): New action aDeleteKey - * sign.c (delete_key): New. - -Sun Mar 1 16:38:58 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (do_check): No returns TRUST_UNDEFINED instead of - eof error. - -Fri Feb 27 18:14:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (find_header): Removed trailing CR on headers. - -Fri Feb 27 18:02:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * ringedit.c (keyring_search) [MINGW32]: Open and close file here - because rename does not work on open files. Chnaged callers. - -Fri Feb 27 16:43:11 1998 Werner Koch (wk@isil.d.shuttle.de) - - * sig-check.c (do_check): Add an md_enable. - * mainproc.c (do_check_sig): Use md_open in case of detached sig - (proc_tree): Take detached sigs into account. - -Fri Feb 27 15:22:46 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): Make use of GNUPGHOME envvar. - * g10main.c (main): Ditto. - -Wed Feb 25 11:40:04 1998 Werner Koch (wk@isil.d.shuttle.de) - - * plaintext.c (ask_for_detached_datafile): add opt.verbose to - info output. - - * openfile.c (open_sigfile): Try also name ending in ".asc" - -Wed Feb 25 08:41:00 1998 Werner Koch (wk@isil.d.shuttle.de) - - * keygen.c (generate_keypair): Fixed memory overflow. - -Tue Feb 24 15:51:55 1998 Werner Koch (wk@isil.d.shuttle.de) - - * parse-packet.c (parse_certificate): Support for S2K. - * build-packet.c (do_secret_cert): Ditto. - * keygen.c (gen_elg): Ditto. - * seckey-cert.c (check_elg): Ditto - (protect_elg): Ditto. - * sign.c (chnage_passphrase): Ditto. - * passphrase.c (get_passphrase_hash): Support for a salt and - changed all callers. - (make_dek_from_passphrase): Ditto. - -Tue Feb 24 12:30:56 1998 Werner Koch (wk@isil.d.shuttle.de) - - * build-packet.c (hash_public_cert): Disabled debug output. - -Fri Feb 20 17:22:28 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (init_trustdb) [MINGW32]: Removed 2nd mkdir arg. - (keyring_copy) [MINGW32]: Add a remove prior to the renames. - -Wed Feb 18 18:39:02 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am (OMIT_DEPENDENCIES): New. - - * rsa.c: Replaced log_bug by BUG. - -Wed Feb 18 13:35:58 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mainproc.c (do_check_sig): Now uses hash_public_cert. - * parse-packet.c (parse_certificate): Removed hashing. - * packet.h (public_cert): Removed hash variable. - * free-packet.c (copy_public_cert, free_public_cert): Likewise. - - * sig-check.c (check_key_signatures): Changed semantics. - -Wed Feb 18 12:11:28 1998 Werner Koch (wk@isil.d.shuttle.de) - - * trustdb.c (do_check): Add handling for revocation certificates. - (build_sigrecs): Ditto. - (check_sigs): Ditto. - -Wed Feb 18 09:31:04 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (armor_filter): Add afx->hdrlines. - * revoke.c (gen_revoke): Add comment line. - * dearmor.c (enarmor_file): Ditto. - - * sig-check.c (check_key_signature): Add handling for class 0x20. - * mainproc.c : Ditto. - -Tue Feb 17 21:24:17 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c : Add header lines "...ARMORED FILE .." - * dearmor.c (enarmor_file): New. - * g10maint.c (main): New option "--enarmor" - -Tue Feb 17 19:03:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mainproc.c : Changed a lot, because the packets are now stored - a simple linlked list and not anymore in a complicatd tree structure. - -Tue Feb 17 10:14:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * free_packet.c (cmp_public_certs): New. - (cmp_user_ids): New. - - * kbnode.c (clone_kbnode): New. - (release_kbnode): Add clone support. - - * ringedit.c (find_keyblock_bypkc): New. - - * sign.c (remove_keysigs): Self signatures are now skipped, - changed arguments and all callers. - - * import.c : Add functionality. - -Tue Feb 17 09:31:40 1998 Werner Koch (wk@isil.d.shuttle.de) - - * options.h (homedir): New option. - * g10.c, g10maint.c, getkey.c, keygen.c, trustdb.c (opt.homedir): New. - - * trustdb.c (init_trustdb): mkdir for hoem directory - (sign_private_data): Renamed "sig" to "g10.sig" - -Mon Feb 16 20:02:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * kbnode.c (commit_kbnode): New. - (delete_kbnode): removed unused first arg. Changed all Callers. - - * ringedit.c (keyblock_resource_name): New. - (get_keyblock_handle): NULL for filename returns default resource. - -Mon Feb 16 19:38:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * sig-check.s (check_key_signature): Now uses the supplied - public key to check the signature and not any more the one - from the getkey.c - (do_check): New. - (check_signature): Most work moved to do_check. - -Mon Feb 16 14:48:57 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (find_header): Fixed another bug. - -Mon Feb 16 12:18:34 1998 Werner Koch (wk@isil.d.shuttle.de) - - * getkey.c (scan_keyring): Add handling of compressed keyrings. - -Mon Feb 16 10:44:51 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c, g10maint.c (strusage): Rewrote. - (build_list): New - -Mon Feb 16 08:58:41 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (use_armor): New. - -Sat Feb 14 14:30:57 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mainproc.c (proc_tree): Sigclass fix. - -Sat Feb 14 14:16:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * armor.c (armor_filter): Changed version and comment string. - * encode.c, sign.c, keygen.c: Changed all comment packet strings. - -Sat Feb 14 12:39:24 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (aGenRevoke): New command. - * revoke.c: New. - * sign.c (make_keysig_packet): Add support for sigclass 0x20. - -Fri Feb 13 20:18:14 1998 Werner Koch (wk@isil.d.shuttle.de) - - * ringedit.c (enum_keyblocks, keyring_enum): New. - -Fri Feb 13 19:33:40 1998 Werner Koch (wk@isil.d.shuttle.de) - - * export.c: Add functionality. - - * keygen.c (generate_keypair): Moved the leading comment behind the - key packet. - * kbnode.c (walk_kbnode): Fixed. - - * g10.c (main): listing armored keys now work. - -Fri Feb 13 16:17:43 1998 Werner Koch (wk@isil.d.shuttle.de) - - * parse-packet.c (parse_publickey, parse_signature): Fixed calls - to mpi_read used for ELG b. - -Fri Feb 13 15:13:23 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10.c (main): changed formatting of help output. - -Thu Feb 12 22:24:42 1998 Werner Koch (wk@frodo) - - * pubkey-enc.c (get_session_key): rewritten - - - Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, - 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/g10/ChangeLog-2011 b/g10/ChangeLog-2011 new file mode 100644 index 000000000..5dc251192 --- /dev/null +++ b/g10/ChangeLog-2011 @@ -0,0 +1,13779 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-09-12 Werner Koch + + * gpg.c [__VMS]: Include vms.h. + (main) [__VMS]: Init batch mode according to actual process mode. + Suggested by Steven M. Schweda. + +2011-08-09 Werner Koch + + * keyedit.c (show_key_with_all_names): Remove unused var. + + * apdu.c (open_pcsc_reader_direct): Remove unused var. + + * sig-check.c (do_check): Remove unused var. + + * keygen.c (ask_user_id): Fix loop break condition. See bug#1307. + + * import.c (import_keys_internal): Make breaking the loop more + explicit. See bug#1307. + +2011-07-22 Werner Koch + + * parse-packet.c (parse_key): Print the decoded iteration count. + Fixes bug#1355. + +2011-04-05 David Shaw + + * photoid.c (generate_photo_id): Check for the JPEG magic numbers + instead of JFIF since some programs generate an EXIF header first. + This is issue 1331. + +2011-02-23 Werner Koch + + * Makefile.am (LDADD): Move LIBREADLINE to .. + (gpg_LDADD): here. Fixes bug#1318. + * gpgv.c (rl_cleanup_after_signal, rl_free_line_state): New stubs. + +2010-10-29 David Shaw + + * gpg.c (main): Do not provide a default for + --personal-digest-preferences. This allows the usual digest + selection algorithm to pick a digest based on recipient keys. + + * pkclist.c (select_algo_from_prefs): Make sure the scores can't + overflow when picking an algorithm (not a security issue since we + can't pick something not present in all preference lists, but we + might pick something that isn't scored first choice). + + * pkclist.c (select_algo_from_prefs): Slightly improve the + handling of MD5 in preference lists. Instead of replacing MD5 + with SHA-1, just remove MD5 from the list altogether, and let the + next-highest ranked algorithm be chosen. + +2010-10-27 Werner Koch + + * keygen.c (ask_expire_interval): Print 2038 warning only for 32 + bit signed time_t. + * keyid.c (mk_datestr): Do the y2038 test only for a signed time_t. + (INVALID_TIME_CHECK): New. + +2010-10-20 Werner Koch + + * encr-data.c (decode_filter): Cast -1 to size_t. Reported by + Steven M. Schweda. + * parse-packet.c (parse_key): Ditto. + * trustdb.c (validate_keys): Likewise to unsigned int. + +2010-10-18 Werner Koch + + * app-openpgp.c (parse_algorithm_attribute): Remove extra const in + definition of DESC. + +2010-10-10 Werner Koch + + * keyring.c (create_tmp_file): Use GNUPG_TMP_SFX anf GNUPG_BAK_SFX. + +2010-09-28 David Shaw + + * options.skel: Make the example for force-v3-sigs match + reality (it has defaulted to off since 2007-10-22). + +2010-09-28 Steven M. Schweda (wk) + + Changes to help the VMS port. See + http://antinode.info/dec/sw/gnupg.html . + + * gpgv.c (ttyfp_is, init_ttyfp) [__VMS]: Add stubs. + * build-packet.c (do_plaintext) [__VMS]: Disable error message. + * keyserver.c (keyserver_spawn) [__VMS]: Do not add the DIRSEP_S. + * misc.c [__VMS]: Include . + * signal.c [__VMS]: Include vms.h. + (got_fatal_signal) [__VMS]: Restore terminal echo. + * plaintext.c [__VMS]: Include vms.h. + * openfile.c (make_outfile_name): __VMS] Do not use. + (open_outfile) [__VMS]: Use vms_append_ext. + (try_make_homedir) [__VMS]: chmod directory. + * misc.c (disable_core_dumps) [__VMS]: Disable. + (path_access) [__VMS]: Do not use. + +2010-09-28 Werner Koch + + * passphrase.c [!ENABLE_AGENT_SUPPORT]: Do not include + sys/socket.h to help the VMS port. + +2010-08-31 Werner Koch + + * mainproc.c (print_pkenc_list): Print a STATUS_ERROR. Fixes + bug#1255. + +2010-07-24 Werner Koch + + * cardglue.c (agent_scd_pksign): Allow more hash algorithms when + using with scdaemon. + * cardglue.h (GCRY_MD_MD5): New. + +2010-06-18 Werner Koch + + * parse-packet.c (skip_packet, parse_gpg_control): Take care of + premature EOFs. Backport from trunk. + +2010-06-01 Werner Koch + + * gpg.c (main): Add dummy option --debug-level and ignore + --log-file if a socket prefix is given. + +2010-05-12 Werner Koch + + * armor.c (radix64_read): Change fix 2006-04-08 to fix bug#1179. + +2010-05-07 Werner Koch + + * import.c (chk_self_sigs): Check direct key signatures. Fixes + bug#1223. + (fix_bad_direct_key_sigs): New. + (import_one): Call it. + +2010-03-26 David Shaw + + * plaintext.c (handle_plaintext): Make sure that the stdout flush + succeeded, so we can't lose data when using gpg in a pipeline. + Fixes bug #1207. + +2010-02-25 Werner Koch + + * sign.c (hash_for): Force SHA1 only for v1 OpenPGP cards. Fixes + bug#1194. + +2010-02-17 Werner Koch + + * keygen.c (ask_user_id): Avoid infinite loop in case of invalid + data. Fixes bug#1186. + +2010-02-02 Werner Koch + + * card-util.c (card_edit): Change prompt to "gpg/card". + * keyedit.c (keyedit_menu): Change prompt to "gpg". + +2009-12-17 Werner Koch + + * sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag. + Fixes bug#1059. + +2009-12-15 Werner Koch + + * iso7816.c (do_generate_keypair): s/readonly/read_only/. + * keydb.c (keydb_add_resource): Ditto. + + * tdbio.c (tdbio_set_dbname): Do not call log_fatal after creating + the directory. Fixes bug#1169. Reported by Daniel Leidert. + +2009-09-28 Werner Koch + + * trustdb.c (get_validity_info): Take care of a NULL PK. Fixes + bug#1138. + (get_validity_string): Ditto. + +2009-09-02 Werner Koch + + * app-openpgp.c (do_decipher): Compute required Le. + * iso7816.c (iso7816_decipher): Add new arg LE. + + * compress-bz2.c (do_uncompress): Detect unexpected EOF. Fixes + bug#1011. + +2009-08-26 Werner Koch + + * keyedit.c (menu_revsig): Check for signature right away. Fix + Debian-bug#543530. + +2009-08-13 Werner Koch + + * cardglue.h: Add new error code mappings. + + From GnuPG-2: + * app-openpgp.c (change_keyattr_from_string): New. + (do_setattr): Support KEY-ATTR. + * ccid-driver.c (print_pr_data): Fix 64 bit compat problem. + * ccid-driver.c (parse_ccid_descriptor): Enable hack for SCR 3320. + * card-util.c (generate_card_keys): Remove special case for + GnuPG-2. Ask for the keysize and change it. + (card_generate_subkey): Ask for the keysize and change it. + (get_info_for_key_operation): Read KEY-ATTR. + (show_keysize_warning, ask_card_keysize): New. + (do_change_keysize): New. + +2009-08-11 David Shaw + + * keyserver.c (keyserver_spawn): Try and detect mis-coded Latin1 + and convert it to UTF8. Whether the heuristics succeed or not, + the resulting string must be valid UTF8 as LDAP requires that. + This is bug 1055. + +2009-08-03 Werner Koch + + * card-util.c (generate_card_keys): Ask for off-card keys only if + the card supports it. + (get_info_for_key_operation): Read EXTCAP. + (card_store_subkey): Check for non matching sizes. + + * cardglue.c (agent_scd_writecert, agent_scd_readcert): New stubs. + * misc.c (not_in_gpg1_notice): New. + +2009-07-30 Werner Koch + + * misc.c (md5_digest_warn): New. + (print_digest_algo_note): Divert to new function. + * sig-check.c (do_check): Print MD5 warning. + +2009-07-31 David Shaw + + * gpg.c (main): --pgp6 includes --disable-mdc. + +2009-07-29 Werner Koch + + * keygen.c (keygen_set_std_prefs): Remove RMD-160 from the list. + Change order to SHA-256, SHA-1, SHA-384, SHA-512, SHA-224. + (gen_dsa): Use a 256 bit Q for 2048 bit P. Round to FIPS allowed + values in non-expert mode. + (ask_algo): Add arg R_SUBKEY_ALGO. Change return value semantics. + Change presented order of algorithms. Make RSA+RSA the default. + (generate_keypair, generate_subkeypair): Adjust for change. + +2009-07-23 Werner Koch + + * keygen.c (generate_keypair): Allow Elgamal > 3072 in BOTH mode. + Reported by Jeroen Schot. Fixes bug#1091. + (ask_keysize): Add new arg PRIMARY_KEYSIZE. Set DSA default to + 2048. Print a different prompt for a subkey. + (gen_dsa): Remove check for dsa2 option. + + * trustdb.c (how_to_fix_the_trustdb): New. + * tdbio.c (tdbio_invalid): Print hints on how to fix the trustdb. + * gpg.c (main) : Print hints. + +2009-07-23 David Shaw + + * keyserver.c (keyserver_import_ldap): Try a DNS-SD lookup to find + a domain-specific LDAP server before resorting to keys.{domain}. + +2009-07-22 Werner Koch + + * cardglue.h (struct agent_card_info_s): Add field EXTCAP. + * cardglue.c (agent_learn): Read KEY-ATTR. + (learn_status_cb): Parse EXTCAP. + +2009-07-21 Werner Koch + + * app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c, + * apdu.h, ccid-driver.c, ccid-driver.h, card-util.c: Update from + GnuPG 2.0 SVN revision 5084. + + * cardglue.h (GCRY_MD_SHA256): Add more GCRY_MD constants. + (gcry_handler_progress_t): Add definition. + (struct agent_card_info_s): Add fields apptype, is_v2, key_attr. + * cardglue.c (learn_status_cb): Set them. + (agent_release_card_info): Release APPTYPE. + (unescape_status_string, send_status_direct): New. + (gcry_mpi_release, gcry_mpi_set_opaque): New. + (gcry_md_algo_name): New. + (open_card): s/initialized/ref_count/. + (agent_learn): Pass new new flag arg to learn_status. + (agent_scd_genkey): Add new arg createtime. + * keygen.c (gen_card_key, gen_card_key_with_backup): Add new arg + TIMESTAMP. + (write_direct_sig, write_selfsigs, write_keybinding) + (make_backsig): Ditto. + (do_generate_keypair): Pass timestamp to all signing functions. + (generate_card_subkeypair): Ditto. + * keyedit.c (menu_backsign): Pass a new timestamp to all backsisg. + + * gpg.c (main): Disable keypad support. + * options.h (struct): Add field disable_keypad. + +2009-07-17 Werner Koch + + * keyring.c (keyring_rebuild_cache): Replace the assert by a + proper error message and allow to delete a bad keyblock. + +2009-07-16 Werner Koch + + * misc.c (has_invalid_email_chars): Let non-ascii characters pass + through. Fixes bug#1087. + +2009-06-24 Werner Koch + + * passphrase.c (passphrase_to_dek): Do not deref a PW of NULL. + * revoke.c (gen_revoke): Remove unused malloc of PK. + +2009-06-17 Werner Koch + + * parse-packet.c (parse): Use a casted -1 instead of a 32 bit + constant to check for a garbled package. Fixes bug#1040. + +2009-06-05 David Shaw + + * gpg.c (main): Remove Camellia restriction. + +2009-06-02 Werner Koch + + * gpgv.c (tty_cleanup_after_signal): Add new stub. + +2009-05-22 Werner Koch + + * signal.c (got_fatal_signal): Call tty_cleanup_after_signal. + +2009-05-20 Werner Koch + + * gpg.c (main): Fix --fingerprint/--with-fingerprint command + detection. Fixes bug#1044. + +2009-05-11 Werner Koch + + * apdu.c (send_le): Replace log_error by log_info. Fixes bug#1043. + + * skclist.c (build_sk_list): Use log_info for "duplicated entry". + Fixes bug#1045. + + * encode.c (encode_simple, encode_crypt): Print empty file warning + only in verbose mode. Closes bug#1039. + * sign.c (write_plaintext_packet): + +2009-05-06 Werner Koch + + * keyring.c (keyring_get_keyblock): Fix memory leak due to + ring_trust packets. Fixes bug#1034. + + * getkey.c (finish_lookup): Remove dead code. + +2009-05-05 Werner Koch + + * keygen.c (read_parameter_file): Add keyword "Creation-Date". + (output_control_s): s/create/creation/. + (enum para_name): Add pCREATIONDATE, pKEYCREATIONDATE. Remove + pCREATETIME. + (generate_keypair): Do not set old pCREATETIME. + (parse_creation_string): New. + (proc_parameter_file): Set pCREATIONDATE. + (do_generate_keypair): Remove arg TIMESTAMP. Set it using + pKEYCREATIONDATE. + (get_parameter_u32): Set a default pKEYCREATIONDATE. + + * tdbio.c (lookup_hashtable): Add const to function args. + (cmp_trec_fpr): Ditto. + (tdbio_search_trust_byfpr): Remove cast. + + * parse-packet.c (parse): Remove special treatment for compressed + new style packets. Fixes bug#931. + +2009-04-03 Werner Koch + + * gpgv.c (main): Pass readonly flag to keydb_add_resource. + * keydb.c (keydb_add_resource): Add arg READONLY. + +2009-03-20 David Shaw + + * keyring.c (rename_tmp_file): Force a fsync (via iobuf_ioctl) on + secret keyring files to be extra safe on filesystems that may not + sync data and metadata together (ext4). Also check return code + from the cache invalidation to make sure we're safe over NFS and + similar. + +2009-03-14 David Shaw + + * gpgv.c (strusage): Fix name of program in "Syntax" line. + +2009-02-09 Werner Koch + + * keylist.c (print_capabilities): Take care of cert-only keys. + Fixes bug#998. + +2009-02-03 David Shaw + + * keyserver.c (keyserver_typemap): gpgkeys_hkp handles hkps as + well. + +2008-12-21 David Shaw + + * gpg.c (main): Properly handle UTF8 usernames with --sign-key and + --lsign-key. + +2008-12-11 Werner Koch + + * sig-check.c (check_revocation_keys): Close message digest. + (signature_check2): Switch to SHA-1 for SIG_ID computation. This + is to match 2.0.10. + +2008-12-09 Werner Koch + + * keygen.c (proc_parameter_file): Check that key and subkey usages + are allowed. + +2008-11-18 David Shaw + + * trustdb.c (validate_one_keyblock): Fix the trust signature + calculations so that we lower the trust depth of signatures to fit + within the current chain, rather than discarding any signature + that does not fit within the trust depth. + +2008-10-03 David Shaw + + * main.h, mainproc.c (check_sig_and_print), + keylist.c (list_keyblock_print), pkclist.c (do_edit_ownertrust), + keyedit.c (menu_showphoto), photoid.c (generate_photo_id, + show_photos), misc.c (pct_expando): Add %v and %V expandos so + that displaying photo IDs can show the attribute validity + tag (%v) and string (%V). Originally by Daniel Gillmor. + +2008-09-24 David Shaw + + * keyedit.c (keyedit_menu): Fix bug where a modified keyring loses + its modified status after a "clean" or "minimize" that doesn't + need to do anything. + +2008-09-23 David Shaw + + * pkclist.c (select_algo_from_prefs): Redo function to rank prefs + and pick a consensus winner across all keys. + +2008-09-04 David Shaw + + * keyserver.c (keyserver_import_cert): Allow keyserver URLs in + addition to full URLs in CERT records. + +2008-08-11 Werner Koch + + * keygen.c (ask_expire_interval): Check for time overflow of an + u32. Fixes bug #947. Use SIZEOF_TIME_T for the 2039--2106 check. + +2008-08-01 Werner Koch + + * tdbio.c (open_db) [!EROFS]: Move closing parens out of the + ifdef. Reported by Ken Takusagawa. + +2008-04-30 Werner Koch + + * getkey.c (parse_auto_key_locate): Ignore nodefault and local + methods. + +2008-04-17 David Shaw + + * parse-packet.c (parse_key): Add constant for Camellia-192. + +2008-04-12 David Shaw + + * getkey.c (merge_selfsigs_subkey): If there are multiple 0x19 + backsigs, take the most recent one. + +2008-03-25 Werner Koch + + * keyserver.c (parse_keyrec): Take care of char defaulting to + unsigned when using hextobyte. + + * options.skel: Make the default keyserver keys.gnupg.net. + +2008-03-23 David Shaw + + * import.c (collapse_uids): Fix bug 894: possible memory + corruption around deduplication of user IDs. + +2008-03-17 David Shaw + + * parse-packet.c (parse_key): Parse a secret key encrypted with + Camellia. + +2008-02-09 Marcus Brinkmann + + * gpg.c (main): New variable default_configname. Use it if + save_configname is NULL (can happen if default configfile does + not exist). Move default configname determination to ... + (get_default_configname): ... this new function. + +2008-01-26 Werner Koch + + * card-util.c (get_manufacturer): Add vendor 004 and support for + the unmanaged range. + +2007-12-14 Werner Koch + + * gpg.c (main): Set opt.no_homedir_creation already on the first + option parsing pass. This is required so that the gpg_dearmor + tool won't create a ~/.gnupg. + +2007-12-12 Werner Koch + + * misc.c (print_pubkey_algo_note): Print a warning for type 20 keys. + (openpgp_pk_test_algo, openpgp_pk_algo_usage): Allow type 20 fro + encryption only with option --rfc2440. + * mainproc.c (proc_pubkey_enc): Ditto. + +2007-12-12 David Shaw + + * trustdb.c (sanitize_regexp): New. Protect against dangerous + regexps (malloc bombs) by force-commenting any characters aside + from the ones we explicitly want. + (check_regexp): Use it here before passing the regexp to + regcomp(). + +2007-12-11 Werner Koch + + * mainproc.c (proc_pubkey_enc): Allow type 20 Elgamal key for + decryption. + +2007-12-10 Werner Koch + + * cardglue.h (gpg_error_from_syserror): New. + + * app-openpgp.c (do_decipher): Take care of cryptograms shorter + that 128 bytes. Fixes bug#851. + + * import.c (auto_create_card_key_stub): Do not clear the entire + fingerprint. This finally makes the stub creation work. My past + tests seemed to work because there was a key with a all zero + fingerprint available (Elgamal signing keys). + +2007-12-08 Werner Koch + + * misc.c (openpgp_pk_algo_usage): Allow Elgamal type 20 for + encryption. + +2007-12-03 Werner Koch + + * keygen.c (ask_key_flags): Add a translation remark and implement + a workaround. + +2007-11-28 David Shaw + + * sig-check.c (do_check): Code to try both the incorrect and + correct SHA-224 DER prefixes when verifying a signature. See the + change itself for more discussion. + + * main.h, seskey.c (do_encode_md): Rename to pkcs1_encode_md and + make non-static. + + * gpg.c (print_algo_names): New. + (list_config): Use it here for the "ciphername" and "digestname" + config items so we can get a script-parseable list of the names. + +2007-11-19 Werner Koch + + * keyedit.c (keyedit_menu): String grammar fix. + +2007-11-12 Werner Koch + + * status.c (do_get_from_fd, do_shm_get): s/bool/getbool/ to + overcome problems with Mac OS 10.5 which seems to include + stdbool.h silently. + +2007-10-27 David Shaw + + * parse-packet.c (parse_onepass_sig): Sigclass is hex, so include + the 0x. + + * keyserver.c (keyserver_spawn): Cosmetic, but looks cleaner. + +2007-10-23 Werner Koch + + Switched entire package to GPLv3+. + +2007-10-22 David Shaw + + * gpg.c (main): Add --require-cross-certification to + --openpgp/--rfc4880 mode. + + * gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by + default. Enable --require-cross-certification by default. + --openpgp (--rfc4880) is the same as --rfc2440 except with + "--enable-dsa2 --no-rfc2440-text --escape-from-lines". + +2007-10-21 David Shaw + + * misc.c (compliance_option_string, compliance_failure): Minor + cleanup. + + * armor.c (is_armor_header): Comment about 4880. + +2007-10-17 David Shaw + + * options.h, gpg.c (main), misc.c (compliance_option_string): Add + --rfc4880, and make --openpgp an alias to it. --rfc2440 now + stands alone. For now, use the old 2440 defaults for 4880. + + * keyedit.c (keyedit_menu): Use compliance_option_string() instead + of printing the compliance modes here. + +2007-09-02 David Shaw + + * import.c (collapse_uids): Significant speedup for de-duping user + IDs. + +2007-08-24 Werner Koch + + * keyring.c (keyring_register_filename): Use same_file_p. + Suggested by Kurt Fitzner. + +2007-07-19 David Shaw + + * gpg.c (main): Fix typo. Noted by John Clizbe. + + * armor.c (parse_header_line): Improve test so that the header + test only allows "Hash" in the signed data section. + +2007-07-18 David Shaw + + * armor.c (is_armor_tag): New. Detect if an armor header matches + 2440bis-21. + (parse_header_line): Call it here, as bis-21 requires warning the + user (but continuing to process the message) when seeing an + unknown header. + +2007-07-09 Werner Koch + + * gpg.c: Better print an extra warning if Camellia has been + configured. + +2007-07-06 David Shaw + + * encode.c (encode_crypt): Missed one call to + setup_plaintext_name(). This is bug#809. + +2007-06-12 David Shaw + + * sign.c (mk_notation_policy_etc): expect all sigs that this is + called for are >=v4. + (write_signature_packets, make_keysig_packet): Only call it for + >=v4 sigs. This allows --force-v3-sigs and --force-v4-certs to + enable or disable notations, policies, and keyserver URLs. This + is bug#800. + +2007-05-09 Werner Koch + + * openfile.c (overwrite_filep, open_outfile) [W32]: Need to use + just "nul". Though, I am pretty sure that some MSDOS versions + grok the extra /dev/. + +2007-05-07 Werner Koch + + * openfile.c (open_outfile, overwrite_filep) [W32]: Use "/dev/nul". + +2007-04-16 David Shaw + + * packet.h, mainproc.c (reset_literals_seen): New function to + reset the literals count. + + * verify.c (verify_one_file), decrypt.c (decrypt_messages): Call + it here so we allow multiple literals in --multifile mode (in + different files - not concatenated together). + + * gpg.c, pkclist.c: #include for strcasecmp if it is + present. Note that autoconf protects us against a strings.h that + cannot be used together with string.h. + +2007-04-03 David Shaw + + * parse-packet.c (parse_marker): New. Enforce that the marker + contains 'P', 'G', 'P', and nothing but. + (parse): Call it here. + (skip_packet): No longer need to handle marker packets here. + +2007-03-14 David Shaw + + * keyserver.c: Windows Vista doesn't grok X_OK and so fails + access() tests. Previous versions interpreted X_OK as F_OK + anyway, so we'll just use F_OK directly. + +2007-03-08 Werner Koch + + * plaintext.c (handle_plaintext): Add two extra fflush for stdout. + +2007-03-06 David Shaw + + * keyedit.c (keyedit_menu): If we modify the keyblock (via + fix_keyblock() or collapse_uids()) make sure we reprocess the + keyblock so the flags are correct. Noted by Robin H. Johnson. + + * getkey.c (fixup_uidnode): Properly clear flags that don't apply + to us (revoked, expired) so that we can reprocess a uid. + +2007-03-01 David Shaw + + * options.h, gpg.c (main), mainproc.c (check_sig_and_print): Allow + multiple sig verification again as this is protected via the + multiple-messages code. + +2007-02-26 Werner Koch + + * gpg.c (main): Add verify option show-primary-uid-only. + * options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New. + * mainproc.c (check_sig_and_print): Implement it. + + * status.h (STATUS_ERROR): New status code. + * status.c (get_status_string): Ditto. + * mainproc.c (proc_plaintext): Emit it if multiple messages are + detected. + +2007-02-20 David Shaw + + * mainproc.c (literals_seen): New. + (proc_plaintext): Error out if more than one plaintext packet is + encountered + + * options.h, gpg.c: New option --allow-multiple-messages and --no + variant. + +2007-02-13 David Shaw + + * parse-packet.c (parse_signature): It's hex. + + * getkey.c (merge_selfsigs_subkey): Avoid listing the contents of + a backsig when list mode is on. Noted by Timo Schulz. + +2007-02-04 Werner Koch + + * parse-packet.c (parse_signature): Limit bytes read for an + unknown alogorithm. Fixes Debian bug#402592. + +2007-02-01 David Shaw + + * main.h, keygen.c (ask_expire_interval, parse_expire_string): + Pass in the time to use to calculate the expiration offset, rather + than querying it internally. Change all callers. + +2007-01-31 David Shaw + + * keygen.c (do_generate_keypair, proc_parameter_file) + (generate_keypair, generate_subkeypair): Pass a timestamp through + to all the gen_xxx functions. + + * keyedit.c (sign_uids): Another multiple to single timestamp + operation. + + * sign.c (write_plaintext_packet): Take timestamp from outside. + Change all callers. + (sign_file, clearsign_file, sign_symencrypt_file): Calculate one + timestamp for the whole transaction. Different timestamps for + each step can leak performance information. + + * main.h, keygen.c (ask_expiredate), keyedit.c (menu_expire): + Remove the need for ask_expiredate(). + +2007-01-30 David Shaw + + * keygen.c (make_backsig, write_direct_sig, write_selfsigs) + (write_keybinding): Have the various selfsigs created during key + generation use the timestamp of their parent key. This helps + avoid leaking information about the performance of the machine + where the keys were generated. Noted by Christian Danner. + +2007-01-15 Werner Koch + + * parse-packet.c (read_protected_v3_mpi): Make sure to stop + reading even for corrupted packets. + * keygen.c (generate_user_id): Need to allocate one byte more. + Reported by Felix von Leitner. + +2006-12-14 David Shaw + + * options.skel: Tweak some examples to match reality and update + the RFC for CERT now that it is out of draft. + +2006-12-13 David Shaw + + * Makefile.am: Install options.skel via dist_pkgdata_DATA so that + "make uninstall" works properly. + +2006-12-13 Werner Koch + + * gpgv.c, gpg.c: Do not include the now removed g10defs.h file. + +2006-12-11 Werner Koch + + * seskey.c (encode_session_key, do_encode_md): Use new + mpi_nlimb_hint_from_nbytes function. + * sign.c (do_sign): Ditto. + + * Makefile.am (AM_CPPFLAGS): Define GNUPG_LIBDIR. + * gpgv.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/. + * gpg.c (i18n_init): Ditto. + +2006-12-07 Werner Koch + + * Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR. + * openfile.c (copy_options_file): Use log_info and not log_error + to avoid error returns in case of a missing skeleton file. + +2006-12-04 Werner Koch + + * filter.h (armor_filter_context_t): New field REFCOUNT. + * armor.c (new_armor_context, release_armor_context) + (push_armor_filter): New. + (armor_filter): Call releae_armor_context for IOBUFCTRL_FREE. + * import.c (import): Use the new function here instead of the + old hack using the iobuf_push_filter2. + * keyserver.c (keyserver_spawn): Ditto. + +2006-12-03 Werner Koch + + * keyedit.c (menu_clean): Made strings translatable. + +2006-12-03 David Shaw + + * keyedit.c (menu_clean): Show "already minimized" rather than + "already clean" when a minimized key is minimized again. From + Dirk Traulsen. + +2006-12-02 David Shaw + + * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add + --passphrase-repeat option to control how many times gpg will + re-prompt for a passphrase to ensure the user has typed it + correctly. Defaults to 1. + +2006-12-02 Werner Koch + + * encr-data.c: Allocate DFX context on the heap and not on the + stack. Changes at several places. Fixes CVE-2006-6235. + +2006-11-27 Werner Koch + + * openfile.c (ask_outfile_name): Fixed buffer overflow occurring + if make_printable_string returns a longer string. Fixes bug 728. + +2006-10-23 Werner Koch + + * gpg.c (main): New command --gpgconf-list. + +2006-10-12 David Shaw + + * parse-packet.c (parse_symkeyenc): Show the unpacked as well as + the packed s2k iteration count. + + * main.h, options.h, gpg.c (encode_s2k_iterations, main), + passphrase.c (hash_passphrase): Add --s2k-count option to specify + the number of s2k hash iterations. + +2006-10-06 David Shaw + + * keyserver.c (keyserver_spawn): Write the 16-digit keyid rather + than whatever key selector the user used on the command line. + +2006-10-02 Werner Koch + + * encr-data.c (decrypt_data, mdc_decode_filter): Check the MDC + right here and don't let parse-packet handle the MDC. + +2006-08-21 Werner Koch + + * skclist.c (is_insecure): Also test for uppercase version of the + insecure string. + +2006-07-31 Werner Koch + + * openfile.c (open_outfile) [USE_ONLY_8DOT3]: Search backwards for + the dot. Fixes bug 654. + + * passphrase.c (agent_open): Use log_info instead of log_error to + allow a fallback without having gpg return an error code. Fixes + bug #655. + + * encode.c (encode_crypt_files): Invalidate the whole fd cache. + This is a workaround for problems in iobuf's stupid fd cache. + * decrypt.c (decrypt_messages): Ditto. + * verify.c (verify_files): Ditto. + +2006-07-26 Werner Koch + + * keygen.c (gen_card_key_with_backup): Initialize sk_{un}protected. + + * import.c (import): Initialize KEYBLOCK. + + * pkclist.c (edit_ownertrust): Intialize trust to avoid gcc + warning. + + * parse-packet.c (parse_comment): Cap comments at 65k. + (parse_gpg_control): Skip too large control packets. + +2006-06-28 David Shaw + + * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): + Pass a union for preference hints rather than doing void * games. + + * sign.c (sign_file): Use it here. + + * sign.c (sign_file): When signing with multiple DSA keys, one + being DSA1 and one being DSA2 and encrypting at the same time, if + the recipient preferences give a hash that can work with the DSA2 + key, then allow the DSA1 key to be promoted rather than giving up + and using hash_for(). + + * pkclist.c (algo_available): Automatically enable DSA2 mode when + handling a key that clearly isn't DSA1 (i.e. q!=160). + +2006-06-28 Werner Koch + + * import.c (check_prefs_warning): Fix change for better + translatability. + + * app-openpgp.c (do_writekey): Fixed computation of memmove + length. This led to garbled keys if E was larger than one byte. + Thanks to Achim Pietig for hinting at the garbled E. + +2006-06-27 Werner Koch + + * gpg.c (reopen_std) [HAVE_W32_SYSTEM]: Do not use it. + +2006-06-22 David Shaw + + * options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs, + keygen_add_std_prefs, proc_parameter_file): Add + --default-keyserver-url to specify a keyserver URL at key + generation time, and "Keyserver:" keyword for doing the same + through a batch file. + + * sign.c (do_sign): Accept a truncated hash even for DSA1 keys (be + liberal in what you accept, etc). + +2006-06-12 David Shaw + + * import.c (import_one): Add a flag (from_sk) so we don't check + prefs on an autoconverted public key. The check should only + happen on the sk side. Noted by Dirk Traulsen. + +2006-06-09 David Shaw + + * keygen.c (gen_card_key): Add optional argument to return a + pointer (not a copy) of the stub secret key for the secret key we + just generated on the card. + (generate_card_subkeypair): Use it here so that the signing key on + the card can use the card to generate the 0x19 backsig on the + primary key. Noted by Janko Heilgeist and Jonas Oberg. + + * parse-packet.c (parse_user_id): Cap the user ID size at 2048 + bytes. This prevents a memory allocation attack with a very large + user ID. A very large packet length could even cause the + allocation (a u32) to wrap around to a small number. Noted by + Evgeny Legerov on full-disclosure. + +2006-05-25 David Shaw + + * keygen.c (gen_dsa): Allow generating DSA2 keys + (allow specifying sizes > 1024 when --enable-dsa2 is set). The + size of q is set automatically based on the key size. + (ask_keysize, generate_keypair): Ask for DSA size when + --enable-dsa2 is set. + +2006-05-24 David Shaw + + * exec.c (make_tempdir): Fix bug with a temporary directory on + Win32 that is over 256 bytes long. Noted by Israel G. Lugo. + +2006-05-23 David Shaw + + * gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we + are called with them closed. This is to protect our + keyring/trustdb files from corruption if they get attached to one + of the standard fds. Print a warning if possible that this has + happened, and fail completely if we cannot reopen (should never + happen). + (main): Call it here. + +2006-05-22 David Shaw + + * parse-packet.c (dump_sig_subpkt, parse_signature), + build-packet.c (build_sig_subpkt_from_sig), getkey.c + (fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey), + keygen.c (keygen_add_key_expire): Fix meaning of key expiration + and sig expiration subpackets - zero means "never expire" + according to 2440, not "expire instantly". + + * getkey.c (get_pubkey_byname), import.c (import_one): Fix key + selection problem when auto-key-locate returns a list of keys, not + all of which are usable (revoked, expired, etc). Noted by Simon + Josefsson. + +2006-04-26 David Shaw + + * keyserver.c (direct_uri_map): New. + (keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx + helpers when the meaning is different if a path is provided + (i.e. ldap). + (keyserver_import_cert): Show warning if there is a CERT + fingerprint, but no --keyserver set. + +2006-04-22 David Shaw + + * keyserver.c: Fix build problem with platforms that stick libcurl + in a place not in the regular include search path. + +2006-04-20 David Shaw + + * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. + Defaults to disable. + + * pkclist.c (algo_available): If --enable-dsa2 is set, we're + allowed to truncate hashes to fit DSA keys. + + * sign.c (match_dsa_hash): New. Return the best match hash for a + given q size. + (do_sign, hash_for, sign_file): When signing with a DSA key, if it + has q==160, assume it is an old DSA key and don't allow truncation + unless --enable-dsa2 is also set. q!=160 always allows truncation + since they must be DSA2 keys. + (make_keysig_packet): If the user doesn't specify a + --cert-digest-algo, use match_dsa_hash to pick the best hash for + key signatures. + +2006-04-19 David Shaw + + * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): + Add SHA-224. + + * sign.c (write_plaintext_packet), encode.c (encode_simple): + Factor common literal packet setup code from here, to... + + * main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure + the literal packet filename field is UTF-8 encoded. + + * options.h, gpg.c (main): Make sure --set-filename is UTF-8 + encoded and note when filenames are already UTF-8. + +2006-04-18 David Shaw + + * keyedit.c (menu_backsign): Give some more verbose errors when we + have no need to backsign. + +2006-04-11 David Shaw + + * options.skel, photoid.c (get_default_photo_command): Find an + image viewer at runtime. Seems FC5 doesn't have xloadimage. + +2006-04-08 David Shaw + + * getkey.c (parse_auto_key_locate): Fix dupe-removal code. + + * keyedit.c (menu_backsign): Allow backsigning even if the secret + subkey doesn't have a binding signature. + + * armor.c (radix64_read): Don't report EOF when reading only a pad + (=) character. The EOF actually starts after the pad. + + * gpg.c (main): Make --export, --send-keys, --recv-keys, + --refresh-keys, and --fetch-keys follow their arguments from left + to right. Suggested by Peter Palfrader. + +2006-04-08 Werner Koch + + * mainproc.c (list_node): Print ring trust value only if not empty + and --with-colons has been given. + +2006-04-05 Werner Koch + + * getkey.c (user_id_not_found_utf8): New. + (get_primary_uid, get_user_id): Use it. Fixes Debian bug #205028 + in the right way. + +2006-04-03 Werner Koch + + * import.c (check_prefs_warning): Merged strings for better + translation. + + * gpg.c (main) [__GLIBC__]: Default to libpcsclite.so.1. + + * status.h, status.c (STATUS_BEGIN_SIGNING): New. Suggested by + Daiki Ueno. + * textfilter.c (copy_clearsig_text): Issue new status code. + * sign.c (sign_file, sign_symencrypt_file): Ditto. + +2006-03-31 David Shaw + + * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve + unlock. Fix strings to not start with a capital letter as per + convention. + +2006-03-30 David Shaw + + * main.h, seskey.c (encode_md_value): Modify to allow a q size + greater than 160 bits as per DSA2. This will allow us to verify + and issue DSA2 signatures for some backwards compatibility once we + start generating DSA2 keys. + * sign.c (do_sign), sig-check.c (do_check): Change all callers. + + * sign.c (do_sign): Enforce the 160-bit check for new signatures + here since encode_md_value can handle non-160-bit digests now. + This will need to come out once the standard for DSA2 is firmed + up. + +2006-03-28 Werner Koch + + * openfile.c (overwrite_filep): Fix small cpr issue. Noted by + Daiki Ueno. + +2006-03-22 David Shaw + + * getkey.c (parse_auto_key_locate): Silently strip out duplicates + rather than causing an error. + +2006-03-22 Werner Koch + + * sig-check.c (signature_check2): Changed warning URL to include faq. + * misc.c (idea_cipher_warn): Ditto. + +2006-03-22 David Shaw + + * mainproc.c (get_pka_address): Fix bug introduced as part of + sig_to_notation conversion. Noted by Peter Palfradrer. + +2006-03-21 Werner Koch + + * cardglue.c (agent_scd_pksign): Allow the use of ripemd-160 along + with scdaemon. + +2006-03-16 David Shaw + + * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type + for both the fingerprint alone, and fingerprint+URL cases. + + * getkey.c (get_pubkey_byname): Minor cleanup. + +2006-03-13 David Shaw + + * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use + the same API as the other auto-key-locate fetchers. + + * getkey.c (get_pubkey_byname): Use the fingerprint of the key + that we actually fetched. This helps prevent problems where the + key that we fetched doesn't have the same name that we used to + fetch it. In the case of CERT and PKA, this is an actual security + requirement as the URL might point to a key put in by an attacker. + By forcing the use of the fingerprint, we won't use the attacker's + key here. + + * keyserver-internal.h, keyserver.c (keyserver_spawn, + keyserver_work, keyserver_import_cert, keyserver_import_name, + keyserver_import_ldap): Pass fingerprint info through. + + * main.h, import.c (import_one): Optionally return the fingerprint + of the key being imported. + (import_keys_internal, import_keys_stream, import): Change all + callers. + +2006-03-12 David Shaw + + * sig-check.c (signature_check2): Print the backsig warning when + there is no backsig present. Give a URL for more information. + + * keyedit.c (menu_backsign): Small tweak to work properly with + keys originally generated with older GnuPGs that included comments + in the secret keys. + +2006-03-10 Werner Koch + + * card-util.c (get_manufacturer): Added Vendor 3 + +2006-03-09 David Shaw + + * build-packet.c (string_to_notation): Add ability to indicate a + notation to be deleted with a '-' prefix. + + * keyedit.c (menu_set_notation): Use it here to allow deleting a + notation marked with '-'. This works with either "-notation" or + "-notation=value". + +2006-03-08 David Shaw + + * keyedit.c (menu_set_notation): New function to set notations on + self-signatures. + (keyedit_menu): Call it here. + (tty_print_notations): Helper. + (show_prefs): Show notations in "showpref". + + * mainproc.c (get_pka_address) + * keylist.c (show_notation): Remove + duplicate code by using notation functions. + + * packet.h, build-packet.c (sig_to_notation) + * keygen.c (keygen_add_notations): Provide printable text for + non-human-readable notation values. + + * packet.h, build-packet.c (sig_to_notation) + * keygen.c (keygen_add_notations): Tweak to handle non-human-readable + notation values. + + * options.h, sign.c (mk_notation_policy_etc) + * gpg.c (add_notation_data): Use it here for the various notation + commands. + + * packet.h, main.h, keygen.c (keygen_add_notations) + * build-packet.c (string_to_notation, sig_to_notation) + (free_notation): New "one stop shopping" functions to handle + notations and start removing some code duplication. + +2006-03-08 Werner Koch + + * mainproc.c (do_check_sig): Use log_error for standalone revocations. + +2006-03-07 David Shaw + + * options.h, mainproc.c (check_sig_and_print), gpg.c (main): + pka-lookups, not pka-lookup. + + * options.h, gpg.c (main), keyedit.c [cmds], sig-check.c + (signature_check2): Rename "backsign" to "cross-certify" as a more + accurate name. + + * options.h, gpg.c (main, parse_trust_model), pkclist.c + (check_signatures_trust), mainproc.c (check_sig_and_print, + pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so + that it is a verify-option now. + +2006-03-07 Werner Koch + + * mainproc.c (proc_signature_packets): Return any_sig_seen to caller. + (check_sig_and_print): Option to partly allow the old behaviour. + * gpg.c: New option --allow-multisig-verification. + +2006-03-06 David Shaw + + * sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as + that is not a PGP 2.x algorithm. + + * mainproc.c (proc_compressed): "Uncompressed" is not a valid + compression algorithm. + +2006-03-06 Werner Koch + + * mainproc.c (check_sig_and_print): Made the composition test more + tight. This is due to another bug report by Tavis Ormandy. + (add_onepass_sig): Simplified. + +2006-03-05 Werner Koch + + * plaintext.c (handle_plaintext): Replace assert by explict error + conflict message. Reported by Tavis Ormandy. + +2006-03-02 Werner Koch + + * cardglue.c (check_card_serialno): Don't ask in batch mode. + +2006-03-01 David Shaw + + * getkey.c (parse_auto_key_locate): Error if the user selects + "cert" or "pka" when those features are disabled. + + * misc.c (has_invalid_email_chars): Fix some C syntax that broke + the compilers on SGI IRIX MIPS and Compaq/DEC OSF/1 Alpha. Noted + by Nelson H. F. Beebe. + +2006-02-27 David Shaw + + * options.skel: Document auto-key-locate and give a pointer to + Simon Josefsson's page for CERT. + +2006-02-24 David Shaw + + * keydb.h, getkey.c (release_akl), gpg.c (main): Add + --no-auto-key-locate. + + * options.h, gpg.c (main): Keep track of each keyserver registered + so we can match on them later. + + * keyserver-internal.h, keyserver.c (cmp_keyserver_spec, + keyserver_match), gpgv.c: New. Find a keyserver that matches ours + and return its spec. + + * getkey.c (get_pubkey_byname): Use it here to get the + per-keyserver options from an earlier keyserver. + +2006-02-23 David Shaw + + * keyserver.c (parse_keyserver_options): Only change max_cert if + it is used. + + * options.c, gpg.c (main), keyserver.c (keyserver_spawn): No + special treatment of include-revoked, include-subkeys, and + try-dns-srv. These are keyserver features, and GPG shouldn't get + involved here. + + * keyserver.c (parse_keyserver_uri, add_canonical_option): Always + append options to the list, as ordering may be significant to the + user. + + * gpg.c (add_notation_data): Fix reversed logic for isascii check + when adding notations. Noted by Christian Biere. + + * options.h, keyserver.c (add_canonical_option): New. + (parse_keyserver_options): Moved from here. + (parse_keyserver_uri): Use it here so each keyserver can have some + private options in addition to the main keyserver-options + (e.g. per-keyserver auth). + +2006-02-22 David Shaw + + * options.h, keyserver-internal.h, keyserver.c + (keyserver_import_name), getkey.c (free_akl, + parse_auto_key_locate, get_pubkey_byname): The obvious next step: + allow arbitrary keyservers in the auto-key-locate list. + + * options.h, keyserver.c (parse_keyserver_options): Remove + auto-cert-retrieve as it is no longer meaningful. Add + max-cert-size to allow users to pick a max key size retrieved via + CERT. + + * options.h, gpg.c (main), mainproc.c (check_sig_and_print), + keyserver.c (keyserver_opts): Rename auto-pka-retrieve to + honor-pka-record to be consistent with honor-keyserver-url. + + * options.h, keydb.h, g10.c (main), getkey.c + (parse_auto_key_locate): Parse a list of key access methods. + (get_pubkey_byname): Walk the list here to try and retrieve keys + we don't have locally. + +2006-02-21 David Shaw + + * getkey.c (get_pubkey_byname): Fix minor security problem with + PKA when importing at -r time. The URL in the PKA record may + point to a key put in by an attacker. Fix is to use the + fingerprint from the PKA record as the recipient. This ensures + that the PKA record is followed. + + * keyserver-internal.h, keyserver.c (keyserver_import_pka): Return + the fingerprint we requested. + + * gpgv.c: Stub keyserver_import_ldap. + + * keyserver-internal.h, keyserver.c (keyserver_import_ldap): + Import using the PGP Universal trick of asking + ldap://keys.(maildomain) for the key. + +2006-02-20 David Shaw + + * keyserver.c (parse_keyserver_uri): Include the scheme in the uri + even when we've assumed "hkp" when there was no scheme. + +2006-02-20 Werner Koch + + * apdu.c (open_pcsc_reader): As a precaution set LIST to NULL + after free. + +2006-02-14 Werner Koch + + * verify.c (verify_signatures): Print warning also for NO_DATA. + + * mainproc.c (struct mainproc_context): New field any_sig_seen. + (add_signature): Set it. + (proc_signature_packets): Test and return NO_DATA. + +2006-02-09 Werner Koch + + * gpg.c (main) : Disable random locking. + +2006-02-06 Werner Koch + + * ccid-driver.c, ccid-driver.h: Updated from GnuPG 1.9. Changes: + * ccid-driver.h (CCID_DRIVER_ERR_NO_KEYPAD): New. + * ccid-driver.c (send_escape_cmd): New args RESULT, RESULTLEN and + RESULTMAX. Changed all callers. + (ccid_transceive_escape): New. + * ccid-driver.c (special_transport): New + (ccid_open_reader, do_close_reader, ccid_shutdown_reader) + (bulk_out, bulk_in): Add support for CardMan 4040 reader. + * ccid-driver.c (scan_or_find_devices): Factored most code out to + (scan_or_find_usb_device): .. new. + (make_reader_id): Fixed vendor mask. + +2006-01-24 David Shaw + + * keyserver.c (parse_keyserver_uri): If there is a path present, + set the direct_uri flag so the right keyserver helper is run. + +2006-01-22 David Shaw + + * keyserver.c (keyserver_spawn): Include the EXEEXT so we can find + keyserver helpers on systems that use extensions. + + * misc.c (path_access) [HAVE_DRIVE_LETTERS]: Do the right thing + with drive letter systems. + +2006-01-17 David Shaw + + * keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a + passphrase as if it was used (move from next_pw to last_pw). + + * pubkey-enc.c (get_session_key): Use it here to handle the case + where a passphrase happens to be correct for a secret key, but yet + that key isn't the anonymous recipient (i.e. the secret key could + be decrypted, but not the session key). This also handles the + case where a secret key is located on a card and a secret key with + no passphrase. Note this does not fix bug 594 (anonymous + recipients on smartcard do not work) - it just prevents the + anonymous search from stopping when the card is encountered. + +2006-01-07 David Shaw + + * keyserver.c (keyserver_refresh): Fix problem when more than one + key in a refresh batch has a preferred keyserver set. Noted by + Nicolas Rachinsky. + +2006-01-01 David Shaw + + * mainproc.c (check_sig_and_print), keyserver.c + (keyserver_import_pka), card-util.c (fetch_url): Always require a + scheme:// for keyserver URLs except when used as part of the + --keyserver command for backwards compatibility. + + * sign.c (write_signature_packets): Lost a digest_algo line. + + * sign.c (hash_for): Add code to detect if the sk lives on a smart + card. If it does, only allow 160-bit hashes, a la DSA. This + involves passing the *sk in, so change all callers. This is + correct for today, given the current 160-bit q in DSA, and the + current SHA-1/RIPEMD160 support in the openpgp card. It will + almost certainly need changing down the road. + + * app-openpgp.c (do_sign): Give user error if hash algorithm is + not supported by the card. + +2005-12-23 David Shaw + + * keyserver.c (keyserver_import_pka): New. Moved from + getkey.c:get_pubkey_byname which was getting crowded. + + * keyserver.c (keyserver_import_cert): Import a key found in DNS + via CERT records. Can handle both the PGP (actual key) and IPGP + (URL) CERT types. + + * getkey.c (get_pubkey_byname): Call them both here. + + * options.h, keyserver.c (parse_keyserver_options): Add + "auto-cert-retrieve" option with optional max size argument. + + * gpgv.c: Stubs. + + * keyserver-internal.h, keyserver.c (keyserver_spawn, + keyserver_work, keygerver_getname): New keyserver_getname function + to fetch keys by name. + + * getkey.c (get_pubkey_byname): Call it here to enable locating + keys by full mailbox from a keyserver a la PKA. Try PKA first, + though, as it is likely to be faster. + +2005-12-20 Werner Koch + + * gpg.c: New option --allow-pka-lookup. + (parse_trust_model): Add "+pka" variants. + (main): Make KEYSERVER_AUTO_PKA_RETRIEVE teh default. + * options.h (opt): New fields PKA_TRUST_INCREASE and + ALLOW_PKA_LOOKUP. + * status.h (STATUS_PKA_TRUST_BAD, STATUS_PKA_TRUST_GOOD): New. + * pkclist.c (check_signatures_trust): Increase trust due to valid + PKA only if that new option has been set. Issue new status lines. + * trustdb.c (init_trustdb): Print info if this option is active. + * getkey.c (get_pubkey_byname): Honor allow-pka-lookup. + * mainproc.c (pka_uri_from_sig): Ditto. + + * trustdb.c (validate_keys): Print no "ultimately trusted keys + found" only in non-quiet mode. + +2005-12-19 David Shaw + + * getkey.c (merge_selfsigs_main): All primary keys can certify. + +2005-12-18 David Shaw + + * gpg.c (main): Restore convert-sk-to-pk as programs rely on it. + + * keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT + flag. It's no longer needed. + +2005-12-14 David Shaw + + * gpg.c (main): Don't default to import-options convert-sk-to-pk. + It causes confusing warning messages when importing a PGP-exported + key that contains a secret key without selfsigs followed by the + public key. + +2005-12-08 David Shaw + + * keyserver.c (keyserver_fetch): Switch on fast-import before we + --fetch-keys so we don't rebuild the trustdb after each fetch. + +2005-12-08 Werner Koch + + * gpg.c (main): Check for DBCS lead byte when converting the + homedir. By Kazuyoshi Kakihara. Fixes PR561. + + * keyserver.c (keyserver_fetch): Made strings translatable. + +2005-12-08 David Shaw + + * options.h, keyserver.c (curl_cant_handle, keyserver_spawn) + (keyserver_fetch): Set a flag to indicate that we're doing a direct + URI fetch so we can differentiate between a keyserver operation + and a URI fetch for protocols like LDAP that can do either. + +2005-12-07 David Shaw + + * keyserver.c (keyserver_spawn): Don't print "searching for key + 00000000" when fetching a URI. + + * keyserver-internal.h, keyserver.c (keyserver_fetch): New. Fetch + an arbitrary URI using the keyserver helpers. + + * gpg.c (main): Call it from here for --fetch-keys. + +2005-12-07 Werner Koch + + * pkclist.c (do_we_trust): Add NOTREACHED comment. + +2005-11-20 David Shaw + + * main.h, keylist.c (print_revokers): New. Print the "rvk" + designated revoker record. Moved from + keyedit.c:show_key_with_all_names_colon. + + * keylist.c (list_keyblock_colon): Use it here ... + + * keyedit.c (show_key_with_all_names_colon): ... and here. + +2005-11-19 David Shaw + + * free-packet.c (copy_secret_key): Copy secret key into secure + memory since we may unprotect it. + + * main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local + user support so users can use -u with --desig-revoke. This + bypasses the interactive walk over the revocation keys. + +2005-11-17 David Shaw + + * keyedit.c (keyedit_menu, menu_clean): Simplify clean options to + just "clean", and add "minimize". + + * import.c (parse_import_options): Make help text match the export + versions of the options. + + * options.h, export.c (parse_export_options, do_export_stream): + Reduce clean options to two: clean and minimize. + + * trustdb.h, trustdb.c (clean_one_uid): New function that joins + uid and sig cleaning into one for a simple API outside trustdb. + +2005-11-13 David Shaw + + * armor.c (parse_header_line): A fussy bit of 2440: header lines + are delimited with a colon-space pair. Therefore a line such as + "Comment: " (with a trailing space) is actually legal, albeit not + particularly useful. + +2005-11-11 David Shaw + + * trustdb.h, trustdb.c (clean_key): New function to handle key + cleaning from one convenient place. + + * options.h, import.c (parse_import_options, + clean_sigs_from_all_uids, import_one): Reduce clean options to + two: clean and minimize. + + * parse-packet.c (setup_user_id): Remove. + (parse_user_id, parse_attribute): Just use xmalloc_clear instead. + + * trustdb.c (clean_uid_from_key, clean_uids_from_key): + Significantly simpler implementation. + +2005-11-10 David Shaw + + * keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add + "minimize" command. + + * packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c + (clean_uids_from_key): Fix display bug where sigs cleaned for + other reasons caused a uid to appear as if it had been compacted. + + * packet.h: Move some flags to a bitfield. Change all callers. + + * options.h, import.c (parse_import_options, + clean_sigs_from_all_uids, import_one): Add import-minimal option. + Similar to export-minimal, except it works on the way in. + + * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove + all non-selfsigs from key during cleaning. Change all callers. + + * export.c (do_export_stream): Use it here for export-minimal so + we don't need additional minimize code in the export path. + +2005-11-06 David Shaw + + * options.skel: Add a section for --encrypt-to. This is Debian + bug 336211 by Javier Fernández-Sanguino Peña. + +2005-11-05 David Shaw + + * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. + Strictly speaking this should be only in gpg_CPPFLAGS, but then we + have to compile everything twice for gpg and gpgv. + + * apdu.c (open_pcsc_reader): Fix double free. + + * gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X + location. Suggested by Patty A. Hardy. + +2005-11-02 David Shaw + + * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable + keys in the sigs that are cleaned. Suggested by Dirk Traulsen and + many others. + +2005-11-01 David Shaw + + * import.c (import_one): Do collapse_uids() before we do any + cleaning so keyserver mangled keys with doubled user IDs can be + properly cleaned - possibly sigs on the different user IDs cancel + each other out. + + * import.c (parse_import_options), export.c + (parse_export_options): List "xxx-clean" before the longer options + so we don't end up with a partial match on the longer options. + + * trustdb.c (clean_uids_from_key): Return proper number of cleaned + user IDs. Don't count user IDs as cleaned unless we actually + delete something. + +2005-10-27 David Shaw + + * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix + problem with adding a cert-only designated revoker. Code was + looking for a key with sign ability, and not cert ability. Noted + by Timo Schulz. + +2005-10-27 Werner Koch + + * gpg.c [__CYGWIN__]: Set default driver to winscard.dll. + + * apdu.c, apdu.h: Updated from gnupg 1.9. Changes are: + * apdu.c [__CYGWIN__]: Make cygwin environment similar to _WIN32. + Suggested by John P. Clizbe. + * apdu.h (SW_HOST_NO_KEYPAD): New. + * apdu.c (host_sw_string): Support new code. + (reader_table_s): New field CHECK_KEYPAD. + (new_reader_slot, open_ct_reader, open_pcsc_reader) + (open_ccid_reader, open_rapdu_reader): Initialize it. + (check_ccid_keypad): New. + (apdu_check_keypad): New. + (apdu_send_le): Factored all code out to ... + (send_le): .. new. Takes an additional arg; changed all callers + of the orginal function to use this one with a NULL for the new + arg. + (apdu_send_simple_kp): New. + (ct_send_apdu, pcsc_send_apdu, my_rapdu_send_apdu) + (send_apdu_ccid): New arg PININFO. + (send_apdu_ccid): Use the new arg. + +2005-10-26 David Shaw + + * keygen.c (proc_parameter_file): Default key and subkey usage + flags to algo capabilities if parameter file doesn't specify them. + Noted by Timo Schulz. + +2005-10-18 Werner Koch + + * cardglue.c (pin_cb): Fixed prompt for repeated PIN. Return + G10ERR_CANCELED and not just -1. + (status_sc_op_failure): New. Use it where we issue that status. + (pin_cb): Append serial number to the need-pin status message. + (agent_scd_change_pin): Add arg SERIALNO. Changed all callers. + (agent_scd_writekey): Ditto. + (agent_scd_setattr): Ditto. + (agent_scd_genkey): Ditto. + (agent_scd_checkpin): Pass serialno to the pin_cb. + + * keygen.c (parse_expire_string): Allow setting the expire + interval using a "seconds=" syntax. This is useful for + debugging. + +2005-10-17 Werner Koch + + * export.c (do_export_stream): Factored some code out to ... + (skip_subkey_p): .. new. + (subkey_in_list_p, release_subkey_list): New. + (new_subkey_list_item): New. + (do_export_stream): Export exactly specified subkeys into one + keyblock. + +2005-10-13 David Shaw + + * keyedit.c (keyedit_menu, menu_backsign): New "backsign" command + to add 0x19 backsigs to old keys that don't have them. + + * misc.c (parse_options): Fix build warning. + + * main.h, keygen.c (make_backsig): Make public. + +2005-10-12 David Shaw + + * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), + sig-check.c (signature_check2): Add --require-backsigs and + --no-require-backsigs. Currently defaults to + --no-require-backsigs. + +2005-10-11 David Shaw + + * getkey.c (merge_selfsigs_subkey), sig-check.c + (signature_check2), keygen.c (make_backsig): Did some backsig + interop testing with the PGP folks. All is well, so I'm turning + generation of backsigs on for new keys. Checking for backsigs on + verification is still off. + +2005-10-05 Werner Koch + + * g10.c: Renamed to .. + * gpg.c: ..this. + * Makefile.am: Adjusted accordingly. + +2005-09-22 Werner Koch + + * sign.c (write_plaintext_packet): Don't print an empty file + warning if the file is actually too large. + * encode.c (encode_simple,encode_crypt): Ditto. + * progress.c (handle_progress): Adjusted for iobuf_get_filelength + change. + * photoid.c (generate_photo_id): Ditto. + +2005-09-20 Werner Koch + + * mainproc.c (proc_symkey_enc): Take care of a canceled passphrase + prompt. + +2005-09-19 David Shaw + + * keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder + attribute IDs as well as regular text IDs. + + * plaintext.c (ask_for_detached_datafile): Use make_filename() on + filename so tilde expansion works. + +2005-09-14 David Shaw + + * main.h, misc.c (parse_options): Add the ability to have help + strings in xxx-options commands. + + * keyserver.c (keyserver_opts), import.c (parse_import_options), + export.c (parse_export_options), g10.c (parse_list_options, main): + Add help strings to xxx-options. + +2005-09-10 David Shaw + + * keyedit.c (show_names): Moved name display code out from + show_key_with_all_names. + (keyedit_menu): Call it here for pref and showpref so they can + show only the selected user ID. Suggested by Timo Schulz. + +2005-09-07 Werner Koch + + * cardglue.h (GPG_ERR_TOO_LARGE): New. + + * apdu.c, apdu.h, iso7816.c, iso7816.h + * ccid-driver.c, ccid-driver.h: Updated from GnuPG 1.9 source. + Changes are: + * iso7816.c (iso7816_select_path): New. + * iso7816.c (iso7816_read_binary): Use Le=0 when reading all + data. Handle 6C00 error and take 6B00 as indication for EOF. + * apdu.h (SW_EXACT_LENGTH_P): New. + * apdu.c (new_reader_slot, reset_pcsc_reader, pcsc_get_status) + (open_pcsc_reader): Set new reader state IS_T0. + (apdu_send_le): When doing T=0 make sure not to send Lc and Le. + Problem reported by Carl Meijer. + (apdu_send_direct): Initialize RESULTLEN. + + * misc.c (parse_options): Allow meta option "help" to list all + options and to exit the program. + +2005-09-02 David Shaw + + * parse-packet.c (enum_sig_subpkt, parse_signature, + parse_attribute_subpkts): Make a number of warnings verbose items. + These fire on many slightly mangled keys in the field, so the + warning is becoming burdensome. + +2005-09-01 David Shaw + + * photoid.h, photoid.c (generate_photo_id): Allow passing in a + suggested filename. + + * keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto + filename" works. + +2005-08-31 David Shaw + + * photoid.c (generate_photo_id): Enable readline completion and + tilde expansion for the JPEG prompt. + +2005-08-30 Werner Koch + + * passphrase.c (agent_open): Print a warning and not an error in + case of a missing agent. Should fix Debian bug #325578. + +2005-08-26 David Shaw + + * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for + signing algorithms. + + * keyedit.c (sign_uids): Don't request a signing key to make a + certification. + + * keygen.c (do_add_key_flags): Force the certify flag on for all + primary keys, as the spec requires primary keys must be able to + certify (if nothing else, which key is going to issue the user ID + signature?) + (print_key_flags): Show certify flag. + (ask_key_flags, ask_algo): Don't allow setting the C flag for + subkeys. + + * keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): + Distinguish between a sign/certify key and a certify-only key. + + * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode. + Suggested by Michael Schierl. + +2005-08-21 David Shaw + + * Makefile.am: No need to link with curl any longer. + + * main.h, misc.c (path_access): New. Same as access() but does a + PATH search like execlp. + + * keyserver.c (curl_can_handle): Removed. Replaced by... + (curl_cant_handle): We are now relying on curl as the handler of + last resort. This is necessary because PGP LDAP and curl LDAP are + apples and oranges. + (keyserver_typemap): Only test for ldap and ldaps. + (keyserver_spawn): If a given handler is unusable (as determined + by path_access()) then try gpgkeys_curl. + + * exec.h, exec.c (make_tempdir, expand_args, exec_write, + exec_read): Minor cleanup to use bitfield flags instead of a bunch + of integers. + +2005-08-20 David Shaw + + * g10.c (main): Add aliases sign-with->local-user and + user->recipient to make switching from PGP command line to GPG + easier. + +2005-08-19 David Shaw + + * options.skel: Remove the surfnet LDAP keyserver from the list of + samples since it is being shut down. + + * getkey.c (classify_user_id): Disable the '.' and '+' search + modes since they aren't supported yet. + +2005-08-05 David Shaw + + * g10.c (main), passphrase.c (set_passphrase_from_string): New + --passphrase command line option. Only useful in very special + circumstances. + +2005-08-05 Werner Koch + + * gpgv.c (keyserver_import_fprint): New stub. + + * keygen.c (ask_user_id): Moved email checking code out to .. + * misc.c (is_valid_mailbox): .. new. + * mainproc.c (get_pka_address): Use it here. + * getkey.c (get_pubkey_byname): Add falback to auto-retrieve a key + via the PKA mechanism. + + * options.h (KEYSERVER_AUTO_PKA_RETRIEVE): New. + * keyserver.c (keyserver_opts): Ditto. + * mainproc.c (check_sig_and_print): Use it here to retrieve keys + from a PKA DNS record. + + * pkclist.c (build_pk_list): Add comments to this function; + re-indented it. + +2005-08-04 David Shaw + + * keygen.c (proc_parameter_file): Sanity check items in keygen + batch file. Noted by Michael Schierl. + + * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0. + Noted by Michael Schierl. + + * keygen.c (write_keyblock): Don't try and build deleted kbnodes + since we start our tree with one. + +2005-08-04 Werner Koch + + * export.c (do_export_stream): Skip on-card keys when only subkeys + are to be exported. It does not make sense to replace the on-card + key stub by a no-key stub. + + * revoke.c (gen_revoke): Check for non-online keys. + + * seckey-cert.c (is_secret_key_protected): Return -3 for + non-online key stubs. The old code assumes that a protection + algorithm is still set but in some cases this one is 0 and thus it + won't be possible to decide whether it is unprotected or + protected. + +2005-07-28 Werner Koch + + * Makefile.am (other_libs): Add SRVLIBS. + + * parse-packet.c (can_handle_critical_notation): We know about + pka-address@gnupg.org. + * packet.h (PKT_signature): New fields PKA_INFO and PKA_TRIED. + (pka_info_t): New. + * free-packet.c (cp_pka_info): New. + (free_seckey_enc, copy_signature): Support new fields. + * mainproc.c (get_pka_address, pka_uri_from_sig): New. + (check_sig_and_print): Try to get the keyserver from the PKA + record. + * pkclist.c (check_signatures_trust): Adjust the trust based on + the PKA. + * gpgv.c (parse_keyserver_uri): New stub. + + * keygen.c (has_invalid_email_chars): Moved to .. + * misc.c (has_invalid_email_chars): .. here and made global. + +2005-07-27 Werner Koch + + * export.c (do_export_stream): Make two strings translatable. + +2005-07-26 David Shaw + + * keyserver.c (keyserver_typemap): Special-case LDAP since curl + will report that it can handle it, and we don't want it to. + +2005-07-26 Werner Koch + + * passphrase.c (agent_get_passphrase): Make sure to release the + saved codeset. + (agent_open): Add arg ORIG_CODESET and switch back to it in case + of error. Changed all callers. + +2005-07-22 David Shaw + + * keyedit.c (sign_uids): Don't prompt for setting signature expiry + to match key expiry unless --ask-cert-expire is set. Suggested by + Peter Palfrader. + +2005-07-22 Werner Koch + + * g10.c, options.h: New option --exit-on-status-write-error. + * status.c (write_status_text): Make use of this option. + +2005-07-22 David Shaw + + * options.h, g10.c (main): Removed option --no-interactive-selection. + * keyedit.c (keyedit_menu): Use --interactive to enable the uid + walking when signing a key with no uids specified to sign. + + * keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg + Sabino Mullane. + +2005-07-20 Werner Koch + + * openfile.c (open_outfile): Disable FD caching for created files. + * encode.c (encode_simple, encode_crypt): Disable FD caching for + input files. + * verify.c (verify_one_file): Ditto. + * decrypt.c (decrypt_messages): Ditto. This is bug #479. + + * misc.c (get_libexecdir) [W32]: Changed to return the value of + program used to create the process. + * keyserver.c (keyserver_spawn) [DISABLE_KEYSERVER_PATH]: Don't + change the exec-path at all. + +2005-07-20 David Shaw + + * keyserver.c (curl_can_handle): New. Do a runtime check against + libcurl to see if it can handle a particular protocol. + (keyserver_typemap): Call it here. + + * Makefile.am: Pull in libcurl for curl_version_info() if used. + +2005-07-19 Werner Koch + + * g10.c, options.h: New option --limit-card-insert-tries. + * cardglue.c (open_card): Use it. + + * export.c (parse_export_options): New option + export-reset-subkey-passwd. + (do_export_stream): Implement it. + + * misc.c (get_libexecdir): New. + * keyserver.c (keyserver_spawn): Use it + +2005-07-18 Werner Koch + + * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols. + +2005-07-08 David Shaw + + * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig + around when compacting a uid. There is no reason to make an + attacker's job easier - this way they only have a revocation which + is useless in bringing the uid back. + + * keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed. + + * import.c (chk_self_sigs): Allow a uid revocation to be enough to + allow importing a particular uid (no self sig needed). This + allows importing compacted uids. + +2005-06-20 David Shaw + + * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 + warning. + +2005-06-20 Werner Koch + + * g10.c, options.h: New option --no-interactive-selection. + * keyedit.c (keyedit_menu): Use it. + +2005-06-18 Werner Koch + + * parse-packet.c (parse_signature): Use log_info for messages + about missing timestamp or keyid. In case we don't use that key + there won't be no further error and thus gpg does not need to + return with an error. + +2005-06-13 David Shaw + + * keygen.c (save_unprotected_key_to_card): Fix gcc4 warning. + + * options.h, import.c (parse_import_options, import_one): Add + import-clean-uids option to automatically compact unusable uids + when importing. Like import-clean-sigs, this may nodify the local + keyring. + + * trustdb.c (clean_uids_from_key): Only allow selfsigs to be a + candidate for re-inclusion. + +2005-06-12 David Shaw + + * options.h, import.c (parse_import_options, + clean_sigs_from_all_uids, import_one): Add import-clean-sigs + option to automatically clean a key when importing. Note that + when importing a key that is already on the local keyring, the + clean applies to the merged key - i.e. existing superceded or + invalid signatures are removed. + + * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure + that even after keys may be merged together, we only have one + chosen selfsig. + +2005-06-09 David Shaw + + * options.h, import.c (parse_import_options, delete_inv_parts): + import-unusable-sigs is now a noop. + + * options.h, export.c (do_export_stream), keyedit.c (keyedit_menu, + menu_clean_subkeys_from_key), trustdb.h, trustdb.c + (clean_subkeys_from_key): Remove subkey cleaning function. It is + of very limited usefulness since it cannot be used on any subkey + that can sign, and can only affect multiple selfsigs on + encryption-only subkeys. + + * keydb.h, kbnode.c (undelete_kbnode): New function to undelete a + kbnode. + + * trustdb.c (clean_uids_from_key): Further tweak the algorithm so + that the last good selfsig is kept when the chosen selfsig is a + revocation. + +2005-06-08 David Shaw + + * trustdb.c (clean_uids_from_key), keyedit.c + (menu_clean_uids_from_key): Tweak algorithm to preserve the last + selfsig which helps prevent uid resurrections. + + * getkey.c (fixup_uidnode, merge_selfsigs_main): Handle both + expired and revoked uids in fixup_uidnode(). No need to special + case in merge_selfsigs_main(). This also means that an expired + uid will have its selfsig tagged with chosen_selfsig. + +2005-06-07 David Shaw + + * options.h, g10.c (main), export.c (parse_export_options, + do_export_stream): Add export-options export-clean-sigs, + export-clean-uids, export-clean-subkeys, and export-clean which is + all of the above. Export-minimal is the same except it also + removes all non-selfsigs. export-unusable-sigs is now a noop. + +2005-06-06 Werner Koch + + * cardglue.c (open_card): Emit new CARDCTRL status 5 for no reader + available. + +2005-06-02 Werner Koch + + * app-openpgp.c (do_writekey): Typo fix. + + * status.c, status.h: Removed STATUS_BAD_PASSPHRASE_PIN. + +2005-06-01 David Shaw + + * signal.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on + mingw32. Noted by Joe Vender. + + * passphrase.c [_WIN32]: Remove unused variables. + +2005-05-31 David Shaw + + * keyedit.c (menu_clean_uids_from_key, + menu_clean_subkeys_from_key), trustdb.c (clean_uids_from_key, + clean_subkeys_from_key): Fix mingw32 build warnings. Noted by Joe + Vender. + +2005-05-31 Werner Koch + + * keydb.h [!ENABLE_AGENT_SUPPORT]: Define dummy types. + + * cardglue.c (assuan_strerror, assuan_transact): Dummy functions + if not build with agent support. + + * armor.c (check_input): Don't bail out on invalid header lines + unless in struict rfc2440 mode. Suggested by Richard Patterson. + +2005-05-30 Werner Koch + + * tlv.c: Add hack to compile without gpg-error.h. + +2005-05-30 David Shaw + + * trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk + through the subkeys on a key, and mark any that aren't usable for + deletion. Note that a signing subkey is never marked for deletion + since these keys are still useful after expiration or revocation. + + * keyedit.c (menu_clean_subkeys_from_key): New function to call + clean_subkeys_from_key() on a key. Note that the strings here are + not marked for translation yet. The UI is still in flux, and + there is no point in annoying the translators twice. + (keyedit_menu): Call it here as part of the "clean" command. + +2005-05-29 David Shaw + + * trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through + the user IDs on a key, and mark any that aren't valid for + deletion. + + * keyedit.c (menu_clean_uids_from_key): New function to call + clean_uids_from_key() on a key. + (keyedit_menu): Call it from here as part of the "clean" command. + +2005-05-26 David Shaw + + * g10.c (main): Default {export|import}-unusable-sigs to off until + the "clean" UI can be finished. + +2005-05-24 Werner Koch + + * passphrase.c (ask_passphrase): Unescape the description string. + * cardglue.c (unescape_status_string): Removed. Changed all + caller to use ... + * misc.c (unescape_percent_string): New. + + * g10.c (add_notation_data): Check number of at-signs. + +2005-05-23 Werner Koch + + * app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS. + + * cardglue.c (open_card): Check USE_AGENT. + (agent_scd_checkpin): Implemented Assuan part. + (agent_scd_change_pin): Ditto. + + * g10.c (main): Option --debug-ccid-driver may now be given + several times increase the debug level. + + * ccid-driver.c (parse_ccid_descriptor): Mark SCR335 FW version + 5.14 as good. + (do_close_reader): Never do a reset. The caller should instead + make sure that the reader has been closed properly. The new retry + code in ccid_slot_status will make sure that the readersatrts up + fine even if the last process didn't closed the USB connection + properly. + (ccid_get_atr): For certain readers try switching to ISO mode. + Thanks to Ludovic Rousseau for this hint and the magic numbers. + (print_command_failed): New. + (bulk_in): Use it here. Add new arg NO_DEBUG. + (ccid_slot_status): Disabled debugging. + +2005-05-21 Werner Koch + + * cardglue.c (send_status_info): Make CTRL optional. + (agent_scd_writekey, inq_writekey_parms): New. + (agent_openpgp_storekey): Removed. + * cardglue.h: Add a few more error code mappings. + * keygen.c (copy_mpi): Removed. + (save_unprotected_key_to_card): Changed to use agent_scd_writekey. + * app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer + version in gnupg 1.9 CVS. + +2005-05-20 Werner Koch + + * ccid-driver.c (ccid_transceive): Arghhh. The seqno is another + bit in the R-block than in the I block, this was wrong at one + place. Fixes bug #419 and hopefully several others. + +2005-05-19 Werner Koch + + * app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer + version in gnupg 1.9 CVS. + +2005-05-18 Werner Koch + + * passphrase.c (agent_open): Made global and add arg TRY. + (agent_close): Made global. + + * app-common.h (app_t): Add a field to store the Assuan context. + +2005-05-13 David Shaw + + * build-packet.c (do_comment): Removed. + (build_packet): Ignore comment packets. + + * export.c (do_export_stream): Don't export comment packets any + longer. + + * options.h, g10.c (main): Remove --sk-comments and + --no-sk-comments options, and replace with no-op. + +2005-05-11 David Shaw + + * keygen.c (write_selfsigs): Rename from write_selfsig. Write the + same selfsig into both the pk and sk, so that someone importing + their sk (which will get an autoconvert to the pk) won't end up + with two selfsigs. + (do_generate_keypair): Call it from here. + + * parse-packet.c (can_handle_critical_notation): New. Check for + particular notation tags that we will accept when critical. + Currently, that's only preferred-email-encoding@pgp.com, since we + know how to handle it (pass it through to a mail program). + (can_handle_critical): Call it from here. + (parse_one_sig_subpkt): Sanity check that notations are + well-formed in that the internal lengths add up to the size of the + subpacket. + +2005-05-07 Werner Koch + + * ccid-driver.c (do_close_reader): Don't do a reset before close. + Some folks reported that it makes the SCR335 hang less often. + Look at the source on how to re-enable it. + +2005-05-06 David Shaw + + * main.h, keygen.c (parse_expire_string, ask_expire_interval), + sign.c (sign_file, clearsign_file, sign_symencrypt_file), g10.c + (main), keyedit.c (sign_uids): Use seconds rather than days + internally to calculate expiration. We no longer need the + day-based code as we don't generate v3 keys. + + * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use + the default sig expire value when signing in batchmode. + +2005-05-05 David Shaw + + * Makefile.am, packet.h, main.h, comment.c: Remove comment.c. We + don't use any of these functions any longer. + + * keygen.c (start_tree): New function to "prime" a KBNODE list. + (do_generate_keypair): Use it here rather than creating and + deleting a comment packet. + + * keygen.c (gen_elg, gen_dsa): Do not put public factors in secret + key as a comment. + + * options.h, encode.c (encode_simple, encode_crypt), keygen.c + (do_create): Remove disabled comment packet code. + + * keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default + preferences. + + * options.h, g10.c (main): Add new --default-sig-expire and + --default-cert-expire options. Suggested by Florian Weimer. + + * main.h, keygen.c (parse_expire_string, ask_expire_interval): Use + defaults passed in, or "0" to control what default expiration is. + + * keyedit.c (sign_uids), sign.c (sign_file, clearsign_file, + sign_symencrypt_file): Call them here, so that default expiration + is used when --ask-xxxxx-expire is off. + +2005-05-03 Werner Koch + + * passphrase.c (agent_get_passphrase): Add new arg CACHEID. + Changed all callers. + (ask_passphrase): Add new arg CACHEID and use it in agent mode. + Changed all callers. + (passphrase_clear_cache): New arg CACHEID. Changed all callers. + * cardglue.c (format_cacheid): New. + (pin_cb): Compute a cache ID. + (agent_scd_pksign, agent_scd_pkdecrypt): Use it. + (agent_clear_pin_cache): New. + * card-util.c (change_pin): Clear the PIN cache. + (check_pin_for_key_operation): Ditto. + +2005-04-24 David Shaw + + * trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the + no-pubkey and chosen revocation cases. + (clean_uid): New function to clean a user ID of unusable (as + defined by mark_usable_uid_certs) certs. + + * keyedit.c (keyedit_menu, menu_clean_uids): Call it here for new + "clean" command that removes unusable sigs from a key. + + * trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): + Allow specifying user ID via the namehash from --with-colons + --fixed-list-mode --list-keys. Suggested by Peter Palfrader. + +2005-04-21 David Shaw + + * keyedit.c (sign_uids, keyedit_menu): When the user requests to + sign a key without specifying which user IDs to sign, and declines + to sign all user IDs, walk through the set of user IDs and prompt + for which to sign. + + * mainproc.c (symkey_decrypt_seskey): There is no need to have an + extra check for a bad passphrase and/or unknown cipher algorithm + here. We'll fail quite happily later, and usually with a better + error message to boot. + +2005-04-20 Werner Koch + + * sign.c (sign_file, sign_symencrypt_file): Allow for hash + debugging. + +2005-04-16 David Shaw + + * keyserver.c (keyserver_spawn): Free some memory. + + * sign.c (hash_for): Comments. + +2005-04-11 Werner Koch + + * g10.c (main, add_notation_data, add_policy_url) + (add_keyserver_url): Use isascii() to protect the isfoo macros and + to replace direct tests. Possible problems noted by Christian + Biere. + * keyserver.c (parse_keyserver_uri): Ditto. + +2005-04-07 Werner Koch + + * g10.c (main): Declare --pipemode deprecated. + * misc.c (deprecated_command): New. + + * ccid-driver.c (ccid_slot_status): Fixed debug messages. + + * card-util.c (card_edit): Add command "verify". Enhanced admin + command to allow optional arguments "on", "off" and "verify". + (card_status): Print private DOs in colon mode. + * app-openpgp.c (do_check_pin): Add hack to allow verification of + CHV3. + +2005-04-01 Werner Koch + + * keygen.c (keygen_set_std_prefs): Explain the chosen order of + AES key sizes. + +2005-04-01 David Shaw + + * mainproc.c (proc_plaintext): Properly handle SIG+LITERAL + (old-style PGP) signatures that use hashes other than SHA-1, + RIPEMD160, or MD5. + +2005-03-31 David Shaw + + * exec.h, exec.c (set_exec_path): Remove some dead code and change + all callers. We no longer need to append to $PATH. + +2005-03-31 Werner Koch + + * passphrase.c (agent_open): Dropped support for W32 - is was + never actually used. Removed support for the old non-assuan + protocol; there has never been a matured implementation and + gpg-agent is now arround for quite some time. Rewritten to make + use of the Assuan code from ../util. + (gpga_protocol_codes): Removed. + (readn): Removed. + (agent_close): Simplified for use with Assuan. + (agent_get_passphrase, passphrase_clear_cache): Removed support + for old protocol. Use only with ENABLE_CARD_SUPPORT defined. + (agent_send_all_options): Take assuan context instead of a file + descriptor. + (agent_send_option): Likewise. Use assuan_transact. + * passphrase.c (writen, readaline): Removed. + + * g10.c (main): Print a warning if --use-agent has been used but + it has not been build with support for it. + + * keydb.c (keydb_add_resource): Clarify meaning of flags. Add new + flag 4. Use log_info for errors registering the default secret key. + * g10.c (main): Flag the default keyrings. + +2005-03-30 David Shaw + + * keyserver.c (keyserver_spawn): Don't mess about with the $PATH. + Rather, call keyserver helpers with the full path. This fixes + some PATH-inspired DLL problems on W32. Noted by Carlo Luciano + Bianco. + +2005-03-30 Werner Koch + + * cardglue.c (pin_cb): Print a warning if the info string hack is + not there. This may happen due to typos in the translation. + +2005-03-22 Werner Koch + + * misc.c (w32_shgetfolderpath) [W32]: Changed declaration of + function ptr. Noted by Tim Costello. + * apdu.c [W32]: Changed declaration of dlopened function pointers. + +2005-03-21 David Shaw + + * gpgv.c: Stubs for tty_enable_completion() & + tty_disable_completion(). + + * openfile.c (ask_outfile_name): Enable readline completion when + prompting for an output filename. + + * plaintext.c (ask_for_detached_datafile): Enable readline + completion when prompting for a detached sig datafile. + +2005-03-21 Werner Koch + + * keyedit.c (command_generator, keyedit_completion): Changed + indentation. + * card-util.c (command_generator, card_edit_completion): Ditto. + +2005-03-19 David Shaw + + * card-util.c (command_generator, card_edit_completion) + [GNUPG_MAJOR_VERSION==1 && HAVE_LIBREADLINE]: New functions to + enable command completion in the --card-edit menu. + (card_edit): Call them here. + +2005-03-18 David Shaw + + * keyedit.c (command_generator, keyedit_completion) + [HAVE_LIBREADLINE]: New functions to enable command completion in + the --edit-key menu. + (keyedit_menu): Call them here. + +2005-03-17 David Shaw + + * getkey.c (get_seckey_byname2): If no explicit default key is + set, don't pick a disabled default. Noted by David Crick. + + * Makefile.am: Calculate GNUPG_LIBEXECDIR directly. Do not + redefine $libexecdir. + + * options.h, keyserver.c (parse_keyserver_options) + (keyserver_spawn): Don't treat 'verbose' and 'include-disabled' as + special. Just pass them through silently to the keyserver helper. + +2005-03-16 Werner Koch + + * ccid-driver.c (parse_ccid_descriptor): Make SCM workaround + reader type specific. + (scan_or_find_devices): Do not check the interface subclass in the + SPR532 kludge, as this depends on the firmware version. + (ccid_get_atr): Get the Slot status first. This solves the + problem with readers hanging on recent Linux 2.6.x. + (bulk_in): Add argument TIMEOUT and changed all callers to pass an + appropriate one. Change the standard timeout from 10 to 5 seconds. + (ccid_slot_status): Add a retry code with an initial short timeout. + (do_close_reader): Do an usb_reset before closing the reader. + +2005-03-14 Werner Koch + + * card-util.c (card_status): Use isotimestamp and not the + localized asctimestamp to match the timezone used in the key + information. + + * cardglue.c (pin_cb): Disable debug output. + +2005-03-11 Werner Koch + + * keygen.c (gen_card_key_with_backup): Write status line with the + backup filename. + + * status.h, status.h (STATUS_BACKUP_KEY_CREATED): New. + +2005-03-10 David Shaw + + * keyserver.c (parse_keyserver_options): Accept honor-http-proxy + as an alias for http-proxy. + + * delkey.c (do_delete_key, delete_keys): Fix problem with --expert + preventing --delete-secret-and-public-keys from deleting secret + keys. + +2005-03-10 Werner Koch + + * keyedit.c (keyedit_menu) [W32]: Run the trustdb stale check + earlier. + +2005-03-07 Werner Koch + + * cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign) + (agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin) + (agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a + SC_OP_FAILURE after card operations which might change data. + * card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has + been changed. + (change_name): Removed a debug output. + * status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE + and SC_OP_SUCCESS. + +2005-02-24 David Shaw + + * keyedit.c (keyedit_menu): Only print the key signing hint when + signing from a place where it is useful (i.e. --edit-key and not + --sign-key). + +2005-02-16 Werner Koch + + * card-util.c (fetch_url): Fetch the key from the default + keyserver if no URL is available. + +2005-02-15 Werner Koch + + * passphrase.c (agent_get_passphrase): Don't call free_public_key + if PK is NULL. + (passphrase_clear_cache): Ditto. Removed debug output. + (passphrase_to_dek): Ditto. + +2005-02-13 Werner Koch + + * keyedit.c (cmds): Limit code to 80 columns. Add command + BKUPTOCARD. + +2005-02-09 David Shaw + + * encr-data.c (decrypt_data): Use it here to turn off the "quick + check" bytes for PK decryptions. This is in regards to the Mister + and Zuccherato attack on OpenPGP CFB mode. + + * mainproc.c (proc_symkey_enc): Set a flag to indicate that a + particular session key came from a passphrase and not a PK. + +2005-02-08 Werner Koch + + * misc.c (w32_shgetfolderpath): New. + (default_homedir): Use it to avoid problems under Windows95. + +2005-02-06 David Shaw + + * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the + trustdb is dirty and --interactive is set, do an --update-trustdb. + If not interactive, do a --check_trustdb unless + --no-auto-check-trustdb is set. + + * import.c (import_keys_internal): Moved from here. + + * keyserver.c (keyserver_refresh): Call it here after all + refreshing has happened so that we don't rebuild after each + preferred keyserver set of imports, but do one big rebuild at the + end. This is Debian bug #293816, noted by Kurt Roeckx. + +2005-02-04 David Shaw + + * getkey.c (merge_selfsigs_subkey): Merged away definition from + the backsigs code. + +2005-01-31 David Shaw + + * keygen.c (do_generate_keypair): Write the auth key to the card + before the encryption key. This is a partial workaround for a PGP + bug (as of this writing, all versions including 8.1), that causes + it to try and encrypt to the most recent subkey regardless of + whether that subkey is actually an encryption type. In this case, + the auth key is an RSA key so it succeeds. + +2005-01-27 David Shaw + + * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF + instead of 0x0000000000000000 for the invalid key ID since + all-zeroes is reserved for the anonymous recipient. + + * keyedit.c (change_passphrase), keygen.c (generate_subkeypair): + Fix a string ;) + +2005-01-27 Werner Koch + + * parse-packet.c (listfp): New. + (set_packet_list_mode): Intialize it to stdout or stderr depending + on a global option. Made all printing in list mode use LISTFP. + + * keygen.c (generate_subkeypair): Detect primary key on-card and + ask for the passphrase. Return an error if the primary key is a + plain stub. + + * keyedit.c (change_passphrase): Don't ever change any stub key. + Print a note if a key consists of only stub keys. Reported by + Dany Nativel. These are bugs #401 and #402. + +2005-01-26 Werner Koch + + * ccid-driver.c (parse_ccid_descriptor): Need the CSM workaround + also for newer firmware versions. Need to get a list of fixed + firmware versions and use that. + +2005-01-26 David Shaw + + * keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal + address] syntax in keyserver URLs. + (keyserver_typemap): Map ftps if we are supporting it. + +2005-01-25 Werner Koch + + * keygen.c (do_generate_keypair): Don't continue after an error; + fixed at two places. Why at all didn't I used a goto to cleanup, + tsss? + + * app-openpgp.c (get_cached_data): New arg GET_IMMEDIATE to bypass + the cache. Changed all callers. + (get_one_do): Bypass the cache if the value would have been read + directly for v1.1 cards. It makes things a bit slower but only for + 1.0 cards and there are not that many cards out in the wild. This + is required to fix a caching bug when generating new keys; as a + side effect of the retrieval of the the C4 DO from the 6E DO the + chaced fingerprint will get updated to the old value and later + when signing the generated key the checking of the fingerprint + fails becuase it won't match the new one. Thanks to Moritz for + analyzing this problem. + (verify_chv3): Removed the CHV status reread logic because we + won't cache the C4 DO anymore. + +2005-01-21 David Shaw + + * keyserver.c (free_keyserver_spec): Fix small leak. + (keyserver_typemap): Map https if we are supporting it. + +2005-01-20 Werner Koch + + * cardglue.c (open_card): Issue new CARDCTRL(4) status. + + * gpgv.c (tty_fprintf): New stub. + + * card-util.c (card_status): Create a secret key stub on the fly + and print more information about a card key. + * import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New. + * getkey.c (get_seckeyblock_byfprint): New. + * keylist.c (print_card_key_info): New. + + * g10.c (i18n_init) [W32]: Pass registry key to gettext + initialization. + * gpgv.c (i18n_init) [W32]: Ditto. + +2005-01-18 Werner Koch + + * misc.c (default_homedir): New. Taken from gnupg 1.9.15. + * g10.c (main): Use it. + * gpgv.c (main): Ditto. + + * keylist.c (public_key_list): Do a trustdb staleness check before + opening the keyring. + (secret_key_list): Ditto. + +2005-01-10 David Shaw + + * keyedit.c (keyedit_menu): Move command strings outside the + function to get ready for the readline completion code. + + * passphrase.c (readline, agent_send_option, agent_open, + agent_get_passphrase, passphrase_clear_cache): Rename readline() + to readaline() to keep readline library namespace clear. + +2005-01-06 David Shaw + + * filter.h, armor.c (armor_filter): Use the eol string from the + armor filter context instead of hardcoding '\n' or '\r\n'. If no + eol string is provided, default to '\n' or '\r\n' as appropriate. + (is_armor_header): Trim tabs in armor header lines as well. + + * keyserver.c (keyserver_spawn): Use it here to force '\n' line + endings since the keyserver output file gets a LF->CRLF expansion + on win32. + +2005-01-05 David Shaw + + * g10.c (main): Typo. + + * armor.c (is_armor_header): Allow CR and LF (not just actual + spaces) in an armor header line (-----BEGIN etc). This is needed + due to CRLF issues on win32. As before, --openpgp makes it + strict. + +2005-01-03 David Shaw + + * Makefile.am: Use @LIBUSB@ instead of @LIBUSB_LIBS@ + + * import.c (delete_inv_parts): Comments on import-unusable-sigs. + +2005-01-01 David Shaw + + * options.h, import.c (parse_import_options, delete_inv_parts): + Add import-unusable-sigs flag to enable importing unusable + (currently: expired) sigs. + + * options.h, export.c (parse_export_options, do_export_stream): + Add export-unusable-sigs flag to enable exporting unusable + (currently: expired) sigs. + +2004-12-29 David Shaw + + * packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info), + keyid.c (revokestr_from_pk), keyedit.c (show_key_with_all_names): + Show who revoked a key (either the same key or a designated + revoker) and when. + +2004-12-28 Werner Koch + + * ccid-driver.c (find_endpoint): New. + (scan_or_find_devices): Add new args to return endpoint info and + interface number. + (ccid_open_reader, ccid_shutdown_reader): Take care of these new + args. + (bulk_in, bulk_out): Use the correct endpoints. + (ccid_transceive_apdu_level): New. + (ccid_transceive): Divert to above. + (parse_ccid_descriptor): Allow APDU level exchange mode. + (do_close_reader): Pass the interface number to usb_release_interface. + +2004-12-24 David Shaw + + * keyserver.c (keyserver_typemap): Only map HTTP and FTP if + libcurl has specifically been selected to handle them. + +2004-12-22 David Shaw + + * options.h, keyserver.c (parse_keyserver_uri): Properly parse + auth data from URLs and pass to keyserver helpers. + + * keyserver.c (keyserver_typemap): New. Map certain keyserver + types to a common type (e.g. ldaps -> ldap). If we are building + with curl, map both http and ftp to curl. + + * build-packet.c (build_sig_subpkt): Only allow one preferred + keyserver subpacket at a time. + +2004-12-21 David Shaw + + * keyedit.c (menu_set_keyserver_url): Make sure we only operate on + the chosen selfsig so we don't accidentally promote an older + selfsig to chosen. Discovered by Simon Josefsson and 'Todd'. + + * keygen.c (ask_expire_interval): Fix typo. + +2004-12-20 David Shaw + + * keylist.c (list_keyblock_print): Secret key listings should + always show everything (expired UIDs, revoked subkeys, etc, etc). + + * keyedit.c (keyedit_menu): Add additional help for the "sign" + flags. + +2004-12-20 Werner Koch + + * keygen.c (ask_expire_interval): For better translations chnage 2 + strings. + + * seckey-cert.c (do_check): Handle case when checksum was okay but + passphrase still wrong. Roman Pavlik found such a case. + +2004-12-20 David Shaw + + * keyedit.c (keyedit_menu): Invisible alias "passwd" as + "password". + + * passphrase.c: Don't check for __CYGWIN__, so it is treated as a + unix-like system. + + * options.h, g10.c (main), textfilter.c (standard): Use new option + --rfc2440-text to determine whether to filter "\t\r\n" or + just "\r\n" before canonicalizing text line endings. Default to + "\t\r\n". + +2004-12-19 David Shaw + + * keygen.c (keygen_get_std_prefs): Set reference count when + creating the temporary user ID. + + * keyedit.c (keyedit_menu): Merge updpref and setpref. Keep + updpref as an invisible alias. Add invisible alias for revphoto. + Fix small memory leak when using "setpref" (not all of the uid was + freed). + (menu_revkey): Trigger a trust rebuild after revoking a key. + Don't allow revoking an already-revoked whole key. + (menu_revsubkey): Don't allow revoking an already-revoked subkey. + +2004-12-18 David Shaw + + * keyedit.c (menu_revkey): Rename to menu_revsubkey. + (menu_revkey): New. Revoke a whole key. + (keyedit_menu): Call it here for when 'revkey' is used without any + subkeys selected. This is to be consistent with the other + functions which are "selected part if selected, whole key if not". + + * signal.c: Use only HAVE_LIBREADLINE to detect readline + availability. + + * Makefile.am: Link with readline where necessary. + +2004-12-17 Werner Koch + + * passphrase.c (agent_get_passphrase): Define NREAD locally as + size_t or int. + + * keylist.c (list_keyblock_print): Make field width an int. + * keyedit.c (show_key_with_all_names): Ditto. + +2004-12-16 David Shaw + + * g10.c (main): Add --require-secmem/--no-require-secmem to cause + gpg to exit if it cannot lock memory. Also remove --nrsign-key + and --nrlsign-key since this can better be done via --edit-key. + +2004-12-15 David Shaw + + * apdu.c (apdu_send_le, apdu_send_direct), keylist.c + (status_one_subpacket, print_one_subpacket): Fix some compiler + warnings. + + * g10.c (main): Fix --compression-algo to take a string argument + like --compress-algo. + + * trustdb.c (uid_trust_string_fixed): For safety, check for a pk. + +2004-12-14 David Shaw + + * keyedit.c (keyedit_menu): Re-remove the N_() markers. + + * trustdb.c (uid_trust_string_fixed): Show uids as revoked if the + key is revoked. + + * keyedit.c (show_key_with_all_names): Don't show validity for + secret key UIDs. + + * keyedit.c (parse_sign_type): New. Figure out the flags (local, + nonrevoke, trust) for a signature. + (keyedit_menu): Call it here so we can mix and match flags, and + don't need "nrltsign", "ltsign", "tnrsign", etc, etc, etc. + +2004-12-14 Werner Koch + + * passphrase.c (agent_get_passphrase): Removed debug output + + * keyserver.c (keyserver_work, keyserver_spawn): Map ldaps to ldap. + + * keyedit.c (keyedit_menu): Removed the N_() markers from the + command names. + * card-util.c (card_edit): Ditto. + +2004-12-13 Werner Koch + + * passphrase.c (read_passphrase_from_fd): Fixed memory leak. + Noted by Andrei Darashenka. + +2004-12-11 David Shaw + + * keyserver.c (parse_preferred_keyserver): Force preferred + keyserver subpackets to have a URI scheme specified. + +2004-12-10 David Shaw + + * options.h, g10.c (main), textfilter.c (standard): Use --rfc2440 + or --openpgp directly to determine the end of line hashing rule. + + * trustdb.c (uid_trust_string_fixed): Show uids as expired if the + key is expired. + +2004-12-10 Werner Koch + + * app-openpgp.c (send_fprtime_if_not_null): New. + (do_getattr): Add KEY_TIME. + (do_learn_status): Print KEY_TIME. + * cardglue.c (learn_status_cb): Parse KEY-TIME. + * card-util.c (card_status): Print creation time if available. + +2004-12-09 David Shaw + + * options.h, g10.c (main), textfilter.c (len_without_trailing_ws): + Removed (not used). + (standard): 2440 says that textmode hashes should canonicalize + line endings to CRLF and remove spaces and tabs. 2440bis-12 says + to just canonicalize to CRLF. So, we default to the 2440bis-12 + behavior, but revert to the strict 2440 behavior if the user + specifies --rfc2440. In practical terms this makes no difference + to any signatures in the real world except for a textmode detached + signature. + +2004-12-09 Werner Koch + + * passphrase.c (agent_get_passphrase): New args CUSTOM_PROMPT and + CUSTOM_DESCRIPTION. Changed all callers. + + * app-openpgp.c (do_getattr, do_learn_status, do_setattr): Support + the new private DOs. + (do_change_pin): Add a "N" prefix to the strings so that the + callback can act accordingly for a new PIN. Unfortunately this + breaks existing translations but I see no wother way to overvome + this. + + * cardglue.c (learn_status_cb): Ditto. + (agent_release_card_info): Ditto. + (struct pin_cb_info_s): Removed and changed all users. + (pin_cb): Reworked. + + * card-util.c (card_status): Print them + (card_edit): New command PRIVATEDO. + (change_private_do): New. + +2004-12-09 David Shaw + + * keygen.c (ask_algo): Add a choose-your-own-capabilities option + for DSA. + +2004-12-07 David Shaw + + * keygen.c (ask_keysize): Change strings to always use %u instead + of hardcoding key sizes. Bump default to 2048. Bump minimum down + to 512, where possible, but require --expert to get there. DSA is + always 1024 unless --expert is given. + +2004-11-29 David Shaw + + * getkey.c (parse_key_usage): New function to parse out key usage + flags. Set PUBKEY_USAGE_UNKNOWN to handle flags that we don't + understand. + (fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey): Call + it from here to remove duplicate code. + +2004-11-26 David Shaw + + * export.c (do_export_stream): Allow export-minimal to work with + secret keys, even though a non-selfsig secret key signature is + rare. + + * options.h, export.c (parse_export_options, do_export_stream), + import.c (parse_import_options, import_keys_internal): Make the + import-options and export-options distinct since they can be mixed + together as part of keyserver-options. + +2004-11-24 David Shaw + + * options.h, export.c (parse_export_options, do_export_stream): + Add "export-minimal" option to disregard any sigs except selfsigs. + + * trustdb.c (uid_trust_string_fixed): Use a string that can be + atoi-ed, but also has a comment for the translator. + + * trustdb.h, trustdb.c (uid_trust_string_fixed): New. Return a + fixed-size translatable string similar to trust_value_to_string. + This allows for easier lining up of displays. + + * keyedit.c (show_key_with_all_names), keylist.c + (list_keyblock_print): Use it here to print validity strings. + + * gpgv.c: Stub. + +2004-11-18 Werner Koch + + * g10.c (S_IRGRP) [HAVE_DOSISH_SYSTEM]: Define to 0. + +2004-11-17 Werner Koch + + * g10.c (open_info_file): New. + (main): Unconditionally implement --status-file, --logger-file, + --attribute-file, --passphrase-file, --command-file. This is not + generally useful but easy to support and might make scripting + under Windows easier. + +2004-11-11 Werner Koch + + * passphrase.c (readn): Fixed test against EINTR. + +2004-11-05 Werner Koch + + * app-openpgp.c: Made more strings translatable. + (verify_chv3, do_change_pin): Add a special prefix to the prompt + of the Admin PIN prompts. + * passphrase.c (ask_passphrase): Add arg TRYAGAIN_TEXT. Changed + call callers. + * cardglue.c (pin_cb): Make use of the OPAQUE arg to pass + arguments to the PIN callback. Use this to implement a way to + check for correct PIN repetition. Changed all callers to pass an + opaque argument. Improved detection of Admin PIN prompts. + +2004-11-04 David Shaw + + * plaintext.c (handle_plaintext): Don't try and create a + zero-length filename when using --use-embedded-filename with input + that has no filename (clearsigned or message generated from a + pipe). + + * encode.c (encode_simple, encode_crypt), progress.c + (handle_progress), sign.c (write_plaintext_packet): Fix a few + inconsistent calls (NULL filename means a pipe here, so don't + bother to check it twice). + +2004-11-03 David Shaw + + * misc.c (print_digest_algo_note): The latest 2440bis drafts + deprecates MD5, so give a warning. + (print_pubkey_algo_note, print_cipher_algo_note, + print_digest_algo_note): Give the algorithm name in the + experimental algo warning. + +2004-11-03 Timo Schulz + + * passphrase.c (readn, writen): Use w32_strerror instead + of just showing the error number. + * misc.c [_WIN32]: Fix warning about missing prototypes. + +2004-10-28 David Shaw + + * skclist.c (build_sk_list): Don't need to warn about + PGP-generated Elgamal signing keys since we no longer support any + Elgamal signing keys. + + * sign.c (sign_file, clearsign_file): Use "writing to" instead of + "writing to file" to match other strings. + + * pkclist.c (check_signatures_trust): Fix typo. Noted by Moray + Allan. This is Debian bug #278708. + + * passphrase.c (ask_passphrase, passphrase_to_dek): "password" -> + "passphrase". + + * keyedit.c (show_key_with_all_names): Show designated revoker as + part of translatable string. + +2004-10-28 Werner Koch + + * Makefile.am (other_libs): New. Also include LIBICONV. Noted by + Tim Mooney. + +2004-10-28 Werner Koch + + * apdu.c (open_pcsc_reader): Removed bad free in error handler. + +2004-10-27 David Shaw + + * card-util.c, delkey.c, keygen.c, plaintext.c, keyedit.c, + passphrase.c, revoke.c: Collapse the two different "can't do that + in batch mode" strings into one. + + * keylist.c (status_one_subpacket): New. Send the subpacket data + to the --status interface. + + * card-util.c (card_edit): Show when admin is enabled or not. + + * status.h, status.c: New STATUS_SIG_SUBPACKET type. + + * build-packet.c (build_sig_subpkt): Multiple keyserver URLs are + allowed. + + * keyring.c: Make some strings translatable. + + * exec.c, sign.c: Change "can't open file" to "can't open" and + "can't create file" to "can't create" to be consistent with other + strings so we don't have to translate both. + + * delkey.c, export.c, keyedit.c, pkclist.c, revoke.c, skclist.c: + Fix a few missed possible \"username\" quotes. + +2004-10-26 Werner Koch + + * app-openpgp.c (verify_chv3): The minimum length for CHV3 is + 8. Changed string to match the other ones. + + * passphrase.c (agent_send_all_options): Try to deduce the ttyname + from stdin. + +2004-10-22 Werner Koch + + * card-util.c (fetch_url): Disable for gnupg 1.9 + (card_generate_subkey): Ditto. + (card_store_subkey): Ditto. + +2004-10-21 David Shaw + + * options.h, g10.c (main), mainproc.c (check_sig_and_print): + Rename verify-option show-validity to show-uid-validity to match + the similar list-option. + + * app-openpgp.c (verify_chv3): Fix typo. + +2004-10-21 Werner Koch + + * app-common.h (app_openpgp_storekey): Add prototype. + + * app-openpgp.c (do_sign): Replace asprintf by direct allocation. + This avoids problems with missing vasprintf implementations. + + * card-util.c (generate_card_keys): Add a #warning for gnupg 1.9 + and use the same string there. + +2004-10-20 David Shaw + + * g10.c (parse_list_options): Fix non-constant initializer so we + can build with C89. + +2004-10-17 David Shaw + + * keylist.c (print_one_subpacket): The flags field should be hex. + +2004-10-17 Werner Koch + + * passphrase.c (agent_get_passphrase): Cast UIDLEN to int. Noted + by Christian Cornelssen. + +2004-10-16 David Shaw + + * parse-packet.c (parse_one_sig_subpkt, enum_sig_subpkt): Don't + BUG() on unknown subpackets. Rather, just return them silently. + +2004-10-15 Werner Koch + + * status.h (STATUS_NEED_PASSPHRASE_PIN): New. + * status.c (get_status_string): Added. + * passphrase.c (ask_passphrase): Moved status printing to .. + * cardglue.c (pin_cb): .. here and issue new status message. + + * keyedit.c (sign_uids): Don't include the leading LF in the + translatable string but print them separately. + + * apdu.c (apdu_open_remote_reader) [_WIN32]: We don't have ENOSYS. + + * app-openpgp.c (parse_login_data): New. + (app_select_openpgp): Call it. + (do_setattr): Reparse it after change. + + * pkclist.c (do_edit_ownertrust): Add a note to translators. + * keygen.c (ask_user_id): Ditto. + + * helptext.c: Typo fix. + +2004-10-14 David Shaw + + * keylist.c (list_keyblock_print): Show the fingerprint after the + key, not after the first user ID. + + * keyedit.c (show_key_with_all_names): Don't show validity if + we're just printing user IDs for signing. + + * armor.c (fake_packet): Properly handle the case where the line + is dash-space (i.e. a blank line that was quoted). Give a warning + for bad dash escaping. + +2004-10-14 Werner Koch + + * export.c (do_export_stream) [ENABLE_SELINUX_HACKS]: Don't allow + secret key export. + * import.c (import_secret_one) [ENABLE_SELINUX_HACKS]: Likewise + + * misc.c (is_secured_filename): New. + * keydb.c (maybe_create_keyring) + * tdbio.c (tdbio_set_dbname) + * plaintext.c (handle_plaintext) + * openfile.c (copy_options_file, open_outfile) + * exec.c (exec_write) + * keygen.c (do_generate_keypair, gen_card_key_with_backup) + + * sign.c (sign_file, clearsign_file) + * keyring.c (create_tmp_file, do_copy): Check for secured files + before creating them. + + * keygen.c (print_status_key_created, read_parameter_file): + s/unsigned char/byte/ due to a strange typedef for RISC OS. Noted + by Stefan. + +2004-10-13 David Shaw + + * armor.c (fake_packet): Allow arbitrary dash-escaped lines as per + 2440bis-10. This is bug #158. + + * keyserver.c (keyserver_work): Handle keyserver timeouts. + + * pkclist.c (do_edit_ownertrust): Different prompt when we're + using direct trust since the meaning is different. + + * keyedit.c (trustsig_prompt): Change the strings to match the + ones in pkclist.c:do_edit_ownertrust to make translation easier. + + * trustdb.c (trust_model_string, get_validity): Add direct trust + model which applies to the key as a whole and not per-uid. + + * options.h, g10.c (parse_trust_model): New. + (main): Call it from here to do string-to-trust-model. + +2004-10-13 Werner Koch + + * tdbdump.c (import_ownertrust): Removed all log_error_f and + reworded the messages. + + * dermor.c: Include i18n.h. Made 2 strings translatable. + + * misc.c (register_secured_file, is_secured_file) + (unregister_secured_file): New. + * keyring.c (do_copy, rename_tmp_file): Implement the SELinux hacks. + (keyring_register_filename): Ditto. + * tdbio.c (open_db): Ditto. + * openfile.c (copy_options_file, open_sigfile): Ditto. + * verify.c (verify_signatures, verify_one_file): Ditto. + * photoid.c (generate_photo_id): Ditto. + * keygen.c (read_parameter_file): Ditto. + * import.c (import_keys_internal): Ditto. + * decrypt.c (decrypt_message, decrypt_messages): Ditto. + * dearmor.c (dearmor_file, enarmor_file): Ditto. + * g10.c (main, print_mds): Ditto. + * exec.c (exec_write, exec_read): Ditto. + * card-util.c (change_login): Ditto. + * encode.c (encode_simple, encode_crypt): Ditto. + + * openfile.c (overwrite_filep, make_outfile_name, open_outfile) + (open_sigfile): Use iobuf_is_pipe_filename to check for pipes so + that special filesnames are taken into account. This is bug 327. + + * tdbdump.c (import_ownertrust): Ditto. + + * sign.c (write_plaintext_packet): Ditto. + (sign_file, clearsign_file, sign_symencrypt_file): + + * progress.c (handle_progress): Ditto. + * plaintext.c (handle_plaintext): Ditto. + (ask_for_detached_datafile, hash_datafiles): + + * encode.c (encode_simple, encode_crypt): Ditto. + +2004-10-12 Werner Koch + + * keygen.c (read_parameter_file): Changed to use iobuf based file + reading to allow the special file name feature to work. + + * keygen.c (read_parameter_file): New keyword "Handle". This is + bug 287. + (print_status_key_not_created): New. + (print_status_key_created): Add new arg HANDLE. + (do_generate_keypair): Print not created status. + * status.c, tatus.h (STATUS_KEY_NOT_CREATED): New. + +2004-10-11 David Shaw + + * pkclist.c (do_edit_ownertrust): Use the same translated string + for showing the user ID as mainproc.c:print_pkenc_list. + + * mainproc.c (print_pkenc_list): Allow translating the quotes + around the user ID. + + * card-util.c, g10.c, photoid.c, trustdb.c: The last of the \"%s\" + -> `%s' quoting for things that aren't user IDs. + + * keyserver.c (keyserver_spawn): If there is no keyserver host, + print the whole URI since it is self-contained. + +2004-10-11 Werner Koch + + * keyserver.c (keyserver_spawn): Print an empty string in log_info + if the host is not set (e.g. finger). + +2004-10-10 David Shaw + + * card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, + keygen.c, photoid.c, revoke.c: Some yes-or-no prompts end in + "(y/n)". Some don't. Consistently use y/n everywhere. + + * keygen.c (ask_key_flags): New. + (ask_algo): Call it here in --expert mode so we don't need to + specify each possible variation of RSA capabilities. + + * keygen.c (do_add_key_flags): The spec says that all primary keys + MUST be able to certify. Force the certify flag on for primaries + (and off for subkeys). + + * keygen.c (generate_keypair): Fix generating keys with the auth + flag. + +2004-10-08 David Shaw + + * encr-data.c (decrypt_data): Give a warning with a weak key, but + still allow to decrypt the message. + +2004-10-07 David Shaw + + * pkclist.c (build_pk_list): Keystrify. + + * mainproc.c (check_sig_and_print), pkclist.c + (do_edit_ownertrust): Improve translatability of user ID prompts. + +2004-10-06 David Shaw + + * helptext.c, pkclist.c (do_we_trust): It is not possible to get + here with a revoked or expired key, so BUG() that case. Remove + question about overriding revoked/expired. Also + --keyid-format-ify. + (do_we_trust_pre): Use print_pubkey_info() instead of printing the + info ourselves. + + * passphrase.c (passphrase_to_dek): Improve translatability of + user ID prompts. + + * keylist.c (print_pubkey_info): Use the user ID the pk was + selected by, if any. + + * keyedit.c (sign_uids, ask_revoke_sig): Improve translatability + of user ID prompts. + (ask_revoke_sig, menu_revsig): Try and use common strings for + these two functions so they don't need to be translated twice. + + * keyedit.c, keylist.c, keyserver.c, mainproc.c: The + revoked/expired/expires string change of 2004-09-29 was too + simple. Use two styles for each tag. + +2004-10-06 Werner Koch + + * ccid-driver.c (ccid_open_reader): Store the vendor ID. + (ccid_transceive_secure): New. + (parse_ccid_descriptor): Workaround for an SCM reader problem. + (send_escape_cmd): New. + +2004-10-05 David Shaw + + * passphrase.c (agent_get_passphrase): Use keystrs for agent + strings, and fix sprintf warnings. + + * keyserver.c (keyserver_spawn): Fix BUG() with certain sets of + mixed regular and preferred keyserver refreshes. Noted by + Sebastian Wiesinger. + + * keyedit.c (show_key_with_all_names): Show uid validity in menu. + +2004-10-03 Timo Schulz + + * apdu.c (apdu_open_remote_reader) [_WIN32]: Do not set ENOSYS. + +2004-10-03 David Shaw + + * keyedit.c (print_and_check_one_sig_colon): Fix bad keyids in + colon delsig output. Noted by Peter Palfrader. + (show_prefs): Do not reference missing selfsig. Noted by Alex + Moroz. + +2004-10-01 Werner Koch + + * gpgv.c (i18n_init): Always use LC_ALL. + +2004-09-30 Werner Koch + + * app-openpgp.c (verify_chv3) [GNUPG_MAJOR_VERSION!=1]: Typo fix. + +2004-09-30 David Shaw + + * gpgv.c, keydb.c (keydb_add_resource): Factored keyring creation + out to .. + (maybe_create_keyring): .. new. Make sure that we do the checks + in a locked state. Problem reported by Stefan Haller. Try to + create the home directory before acquiring a lock for the keyring. + From Werner on stable branch. + + * g10.c (main): Blow up if we didn't lose setuid. From Werner on + stable branch. + +2004-09-29 David Shaw + + * keyedit.c, keylist.c, keyserver.c, mainproc.c: Reduce the many + variations of "revoked" ("revoked", "[revoked]", " [revoked]", + "[revoked] ") "and" expired down to two to simplify translation. + +2004-09-28 David Shaw + + * keyedit.c (print_and_check_one_sig): Account for the extra space + that show-sig-expire takes up so we do not wrap lines. + (show_key_with_all_names): No need to show subkey revocations as a + seperate line since we now show revocation date in the main subkey + line. + + * signal.c (got_fatal_signal): HAVE_DECL_SYS_SIGLIST is defined, + but zero if not found. Noted by John Clizbe. + + * keyserver.c (parse_keyrec): Fix problem with non-expiring keys + appearing expired in --search-keys results. + +2004-09-27 Werner Koch + + * card-util.c (card_edit): Take admin only status from the table. + + * app-openpgp.c: Made all strings translatable. + (verify_chv3) [GNUPG_MAJOR_VERSION]: Make opt.allow_admin + available for use in gnupg 2. + (verify_chv3): Reimplemented countdown showing to use only + functions from this module. Flush the CVH status cache on a + successful read. + (get_one_do): Hack to bypass the cache for cards versions > 1.0. + (store_fpr): Store the creation date for card version > 1.0. + +2004-09-25 David Shaw + + * main.h, g10.c (main), card-util.c (change_pin): If "admin" has + not been issued, skip right to the CHV1/CHV2 PIN change. No need + to show the unblock or admin PIN change option. + (card_edit): Add "admin" command to add admin commands to the + menu. Do not allow admin commands until "admin" is given. + + * app-openpgp.c (verify_chv3): Show a countdown of how many wrong + admin PINs can be entered before the card is locked. + + * options.h, g10.c (main), app-openpgp.c (verify_chv3): Remove + --allow-admin. + +2004-09-24 David Shaw + + * main.h: Create S2K_DIGEST_ALGO macro so we do not need to always + set opt.s2k_digest_algo. This helps fix a problem with PGP 2.x + encrypted symmetric messages. Change all callers (encode.c, + g10.c, keyedit.c, keygen.c, passphrase.c, sign.c). + + * armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent + in some more quoted strings. Always use 'user ID', not 'user id', + "quotes" for user IDs, etc. + + * keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), + keygen.c (copy_mpi, generate_raw_key): Fix a compile problem and a + few warnings when building without card support. + +2004-09-23 Werner Koch + + * card_util.c (generate_card_keys): ask whether backup should be + created. + (card_store_subkey): Factored some code out to .. + * keygen.c (save_unprotected_key_to_card): .. new function. + (gen_card_key_with_backup): New. + (generate_raw_key): New. + (generate_keypair): New arg BACKUP_ENCRYPTION_DIR. Changed all + callers. + (do_generate_keypair): Divert to gen_card_key_with_backup when + desired. + + * apdu.c (open_pcsc_reader): Do not print empty reader string. + + * keygen.c (ask_algo): Allow creation of AUTH keys. + + * keyid.c (usagestr_from_pk): New. + + * app-openpgp.c (app_openpgp_storekey): Call flush_cache. + (get_cached_data): Move local data initialization to .. + (app_select_openpgp): .. here. Read some flags for later use. + (do_getattr): New read-only attribute EXTCAP. + + * keyedit.c (keyedit_menu): New command "keytocard" + (keyedit_menu): Bad hack for the not_with_sk element. + (show_key_with_all_names): Print the usage. + (find_pk_from_sknode): New. + + * card-util.c (card_store_subkey): New. + (copy_mpi): New. + + * cardglue.c (agent_openpgp_storekey): New. + +2004-09-22 Werner Koch + + * card-util.c (card_generate_subkey, generate_card_keys): Factored + common code out to ... + (get_info_for_key_operation, check_pin_for_key_operation) + (restore_forced_chv1, replace_existing_key_p) + (show_card_key_info): ... new functions. + +2004-09-21 David Shaw + + * mainproc.c (check_sig_and_print), keyedit.c (show_prefs, + menu_set_keyserver_url): Make sure that keyserver URLs with + control characters inside are printed properly. In fact, handle + them as UTF8. + + * keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if + we do not have card support. + + * keydb.h, keyserver.c (print_keyrec, keyserver_spawn): fpr is an + array of unsigned bytes. + +2004-09-20 Werner Koch + + * g10.c: Make -K an alias for --list-secret-keys. + + * keylist.c (print_card_serialno): New. Taken from gnupg 1.9.11. + (list_keyblock_print): Make use of it. + * keyedit.c (show_key_with_all_names): Print the card S/N. + + * keyedit.c (keyedit_menu): New command ADDCARDKEY. + * card-util.c (card_generate_subkey): New. + * keygen.c (generate_card_subkeypair): New. + (gen_card_key): New arg IS_PRIMARY; changed all callers. + + * cardglue.c (open_card): Use shutdown code if possible. + (check_card_serialno): Ditto. + + * ccid-driver.c (do_close_reader): Factored some code out from ... + (ccid_close_reader): ..here. + (ccid_shutdown_reader): New. + + * apdu.c (apdu_shutdown_reader): New. + (shutdown_ccid_reader): New. + +2004-09-17 Werner Koch + + * g10.c (list_config): New config option ccid-reader-id. + (gpgconf_list): Add "reader-port". + + * apdu.c (open_ccid_reader): New arg PORTSTR. Pass it to + ccid_open_reader. + (apdu_open_reader): Pass portstr to open_ccid_reader. + (apdu_open_reader): No fallback if a full CCID reader id has been + given. + + * ccid-driver.c (ccid_get_reader_list): New. + (ccid_open_reader): Changed API to take a string for the reader. + Removed al the cruft for the libusb development vesion which seems + not to be maintained anymore and there are no packages anyway. + The stable library works just fine. + (struct ccid_reader_id_s): Deleted and replaced everywhere by a + simple string. + (usb_get_string_simple): Removed. + (bulk_in): Do valgrind hack here and not just everywhere. + +2004-09-16 David Shaw + + * keyedit.c (show_key_with_all_names, show_prefs): Show preferred + keyserver(s) in "showpref" output. + + * keygen.c (keygen_add_keyserver_url), keyedit.c + (menu_set_keyserver_url): Allow setting a keyserver URL of "none" + to remove an existing keyserver URL. + + * keyedit.c (menu_set_keyserver_url): Confirm replacement of a + keyserver URL before overwriting the old one. + +2004-09-15 David Shaw + + * gpgv.c (agent_scd_getattr): Stub. + + * misc.c (get_signature_count): New. Get the signature count from + a smartcard. + (pct_expando): Call it here so the %c expando becomes the number + of signatures issued. This allows for notations or the like with + an automatic signature count. + + * ccid-driver.c (usb_get_string_simple): Replacement function to + work with older libusb. + +2004-09-15 Werner Koch + + * g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver. + + * ccid-driver.c (read_device_info): Removed. + (make_reader_id, scan_or_find_devices): New. + (ccid_open_reader): Simplified by make use of the new functions. + (ccid_set_debug_level): New. Changed the macros to make use of + it. It has turned out that it is often useful to enable debugging + at runtime so I added this option. + +2004-09-13 David Shaw + + * getkey.c (premerge_public_with_secret): Fix subkey<->binding sig + mismatch when some secret subkeys are missing. Discovered by + Michael Roth. + + * main.h, keylist.c (print_subpackets_colon): Make a public + function. + + * keyedit.c (print_and_check_one_sig_colon): New. Print a + with-colons version of the sig record. + (menu_delsig): Call it here for a with-colons delsig. + +2004-09-12 David Shaw + + * options.h, keylist.c (print_one_subpacket, + print_subpackets_colon): Print a spk record for each request + subpacket. + (list_keyblock_colon): Call them here. + + * g10.c (parse_subpacket_list, parse_list_options): New. Make the + list of subpackets we are going to print. + (main): Call them here. + +2004-09-11 David Shaw + + * card-util.c (fetch_url, card_edit): Use the pubkey URL stored on + the card to fetch an updated copy. Works with either straight + URLs or HKP or LDAP keyservers. + + * keyserver-internal.h, keyserver.c (keyserver_import_fprint), + import.c (revocation_present): Use a keyserver_spec so the caller + can pass in whatever keyserver they like. + +2004-09-10 David Shaw + + * app-openpgp.c (get_cached_data): Avoid mallocing zero since it + breaks us when using --enable-m-guard. + + * ccid-driver.c (read_device_info): Fix segfault when usb device + is not accessible. + (ccid_open_reader): Allow working with an even older version of + libusb (usb_busses global instead of usb_get_busses()). + +2004-09-09 Werner Koch + + * cardglue.h: Add members for CA fingerprints. + * cardglue.c (agent_release_card_info): Invalid them. + (learn_status_cb): Store them. + + * app-common.h, app-openpgp.c, iso7816.c, iso7816.h + * apdu.c, apdu.h, ccid-driver.c, ccid-driver.h + * card-util.c: Updated from current gnupg-1.9. + + Changes are: + + * ccid-driver.h (CCID_DRIVER_ERR_ABORTED): New. + * ccid-driver.c (ccid_open_reader): Support the stable 0.1 version + of libusb. + (ccid_get_atr): Handle short messages. + * apdu.c (my_rapdu_get_status): Implemented. + * apdu.c: Include . + * apdu.c (reader_table_s): Add function pointers for the backends. + (apdu_close_reader, apdu_get_status, apdu_activate) + (send_apdu): Make use of them. + (new_reader_slot): Intialize them to NULL. + (dump_ccid_reader_status, ct_dump_reader_status): New. + (dump_pcsc_reader_status): New. + (open_ct_reader, open_pcsc_reader, open_ccid_reader) + (open_osc_reader, open_rapdu_reader): Intialize function pointers. + (ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu) + (error_string): Removed. Replaced by apdu_strerror. + (get_ccid_error_string): Removed. + (ct_activate_card): Remove the unused loop. + (reset_ct_reader): Implemented. + (ct_send_apdu): Activate the card if not yet done. + (pcsc_send_apdu): Ditto. + * ccid-driver.h: Add error codes. + * ccid-driver.c: Implement more or less proper error codes all + over the place. + * apdu.c (apdu_send_direct): New. + (get_ccid_error_string): Add some error code mappings. + (send_apdu): Pass error codes along for drivers already supporting + them. + (host_sw_string): New. + (get_ccid_error_string): Use above. + (send_apdu_ccid): Reset the reader if it has not yet been done. + (open_ccid_reader): Don't care if the ATR can't be read. + (apdu_activate_card): New. + (apdu_strerror): New. + (dump_reader_status): Only enable it with opt.VERBOSE. + * iso7816.c (map_sw): Add mappings for the new error codes. + * apdu.c (open_ct_reader, open_pcsc_reader, open_ccid_reader) + (reset_ccid_reader, open_osc_reader): Call dump_reader_status only + in verbose mode. + * app-openpgp.c (do_getattr): Fix for sending CA-FPR. + * app-openpgp.c (app_openpgp_readkey): Fixed check for valid + exponent. + * app-openpgp.c (do_setattr): Sync FORCE_CHV1. + * card-util.c (change_login): Kludge to allow reading data from a + file. + (card_edit): Pass ARG_STRING to change_login. + (card_status): Print CA fingerprints. + (change_cafpr): New. + (card_edit): New command CAFPR. + +2004-04-30 Werner Koch + + * g10.c (main) : Use gpg.conf and not /dev/null as + default filename. + +2004-04-28 Werner Koch + + * card-util.c (card_edit): Remove PIN verification. + (generate_card_keys): New arg SERIALNO. Do PIN verification here + after resetting forced_chv1. + + +2004-09-09 Werner Koch + + * signal.c (got_fatal_signal): Do readline cleanup. Print signal + number if we can't print the name. Use new autoconf macro + HAVE_DECL_SYS_SIGLIST. + (get_signal_name): Removed. + + * photoid.c: Include ttyio.h. + + * parse-packet.c (skip_rest): Removed. Changed all callers to use + the new iobuf_skip_reset. Orginal patch by Florian Weimer. + +2004-09-07 Werner Koch + + * photoid.c (generate_photo_id): Use tty_printf and not just + printf. Put _() around one string. + +2004-09-03 David Shaw + + * keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon + as we know the key is definitely expired. Some translatable + string cleanup. + +2004-08-27 David Shaw + + * encode.c, exec.c, g10.c, sign.c: Some translatable string + cleanup. Change some "this" to `this'. + +2004-08-23 David Shaw + + * keyserver.c (keyserver_spawn): Show log line for what keyserver + action we are taking. + + * keyid.c (keystr): If printing a keyid that lacks the high 4 + bytes, print the low 4 alone. + (keystr_from_desc): Handle short keyids and warn on v3 + fingerprints. + + * keydb.h, getkey.c (get_user_id_printable, + get_user_id_string_printable): Rename to get_user_id_native and + get_user_id_string_native and remove the printable stuff since + we're print-ifying valid utf8 characters. Change all callers in + import.c, sign.c, keylist.c, and encode.c. + + * keyserver.c (keyserver_search_prompt): Make sure the search + string is converted from UTF-8 before display. + +2004-08-19 Werner Koch + + * seskey.c (encode_session_key): Changed the zero random byte + substituting code to actually do clever things. Thanks to + Matthias Urlichs for noting the implementation problem. + +2004-08-18 Marcus Brinkmann + + * passphrase.c (agent_get_passphrase): Fix detection of gpg-agent + cancellation. + +2004-08-08 David Shaw + + * plaintext.c (handle_plaintext): Bigger buffer for extra safety. + + * g10.c (main): New alias --throw-keyid for --throw-keyids, so + that it continues to work in old configuration files. Noted by + Jens Adam. + + * pkclist.c (algo_available): --pgp8 now allows blowfish, zlib, + and bzip2. + + * status.c (do_get_from_fd): Flush stdout if status isn't flushing + it for us. This guarantees that any menus that were displayed + before the prompt don't get stuck in a buffer. Noted by Peter + Palfrader. This is Debian bug #254072. + + * sign.c (update_keysig_packet): Revert change of 2004-05-18. It + is not appropriate to strip policy and notations when remaking a + sig. That should only happen when specifically requested by the + user. + +2004-08-05 David Shaw + + * armor.c (radix64_read): No armor CRC is legal according to the + spec (the CRC is a MAY). + +2004-07-28 David Shaw + + * misc.c (argsplit): Properly split quoted args from the keyword + and trim whitespace afterwards. + +2004-07-27 David Shaw + + * misc.c (optsep): Add the ability to understand keyword="quoted + arg with spaces" type options. + +2004-07-16 David Shaw + + * keylist.c (list_keyblock_print): Always use the new listing + format where uids are always on a line for themselves. Mark + expired secret keys as expired. + + * options.h, g10.c (main): Rename list show-validity to + show-uid-validity as it only shows for uids. + + * armor.c (armor_filter): Do not use padding to get us to 8 bytes + of header. Rather, use 2+4 as two different chunks. This avoids + a fake filename of "is". + +2004-07-15 David Shaw + + * keyedit.c (sign_uids): Properly handle remaking a self-sig on + revoked or expired user IDs. Also, once we've established that a + given uid cannot or will not be signed, don't continue to ask + about each sig. + + * mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check + the S2K hash algorithm before we try to generate a passphrase + using it. This prevents hitting BUG() when generating a + passphrase using a hash that we don't have. + + * sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign + --symmetric messages. + + * g10.c (main): Alias --charset as --display-charset to help avoid + the continuing confusion and make room for possible changes in + devel. + + * parse-packet.c (parse_plaintext): Show the hex value for the + literal packet mode since it may not be printable. + + * keygen.c (make_backsig): Make sure that the backsig was built + successfully before we try and use it. + + * status.h, status.c (get_status_string), plaintext.c + (handle_plaintext): New status tags PLAINTEXT and + PLAINTEXT_LENGTH. + +2004-06-16 Werner Koch + + * free-packet.c (copy_secret_key): Get last fix right. + +2004-06-16 Werner Koch + + * free-packet.c (copy_secret_key): Fixed memory leak when D is not + NULL. + + * passphrase.c (passphrase_to_dek): Added a few comments to the + code. + +2004-05-26 David Shaw + + * keyserver.c (keyserver_refresh): Keep track of keys already + fetched so we don't do a regular keyserver fetch if the preferred + keyserver fetch has exhausted the list. + +2004-05-23 David Shaw + + * verify.c (verify_signatures): Verify multiple files in the same + order in which we hashed them when issuing the signature. Noted + by Nicholas Cole. + + * pkclist.c (do_edit_ownertrust): Fix a kbnode leak and do another + keyid-format conversion. + +2004-05-22 Werner Koch + + * trustdb.c (check_regexp): s/EXP/EXPR/. + + * keyedit.c (trustsig_prompt): Remoev useless range check. + + * options.h: Renamed ctrl to glo_ctrl. Changed all users. + + * ccid-driver.c (ccid_open_reader): Print a warning when CCID + can't be used. + +2004-05-21 David Shaw + + * mainproc.c (check_sig_and_print): If we're honoring preferred + keyservers, and auto-key-retrieve is set, try and get a missing + key from the preferred keyserver subpacket when we verify the sig. + + * gpgv.c (parse_preferred_keyserver, free_keyserver_spec): Stubs. + + * keyserver.c (keyidlist): Use new parse_preferred_keyserver + function. + (keyserver_work): Use the passed-in keyserver spec rather than the + options global one. + + * keyserver-internal.h, keyserver.c (parse_preferred_keyserver): + New function to take a sig and return a split out keyserver_spec. + (keyserver_import_keyid): Now takes a keyserver_spec. + + * keyserver.c (keyidlist): Go back to the old fast keyid lister. + Only merge selfsigs if we have to for honor-keyserver-url. + (keyserver_refresh): Keyserver URL handler moved here. + (calculate_keyid_fpr): Removed. + + * keydb.h, keyid.c (keystr_from_desc): Calculate a key string from + a KEYDB_SEARCH_DESC. + + * keyserver.c (keyserver_spawn): Fix keyserver options on tempfile + only platforms. Noted by Roger Sondermann. + +2004-05-20 David Shaw + + * keyserver.c (keyserver_work): Allow --refresh-keys with a + preferred keyserver to happen even if there is no global keyserver + set. + + * sig-check.c (do_check_messages): No need to check for Elgamal + signatures any longer. + (do_check_messages, do_check, check_key_signature2): + --keyid-format conversion. + + * pkclist.c (show_paths, edit_ownertrust): Remove some unused + code. + + * options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE. + + * mainproc.c (check_sig_and_print): track whether we are + retrieving a key. + + * status.c (status_currently_allowed): New. + (write_status_text, write_status_text_and_buffer): Use it here. + + * g10.c: New command --gpgconf-list. + (gpgconf_list): New. From Werner on stable branch. + +2004-05-19 David Shaw + + * pubkey-enc.c (get_session_key, get_it), keyedit.c + (show_key_with_all_names, show_basic_key_info): --keyid-format + conversion. + +2004-05-18 David Shaw + + * sign.c (update_keysig_packet): Policies and notations should be + stripped out when remaking a self-signature. Noted by Atom + Smasher. + + * keyserver.c (parse_keyserver_uri): Fix compiler warnings. + +2004-05-11 David Shaw + + * options.h, keyserver-internal.h, keyserver.c + (parse_keyserver_uri): Improved URI parser that keeps track of the + path information and doesn't modify the input string. + (keyserver_spawn): Tell keyserver plugins about the path. + +2004-05-11 Werner Koch + + * keylist.c (show_policy_url, show_keyserver_url, show_notation) + (list_one): Use const char* for i18n string helpers. + + * keygen.c (do_generate_keypair, read_parameter_file): Really + close the files. + (do_generate_keypair): Create the secret key file using safe + permissions. Noted by Atom Smasher. + +2004-05-10 David Shaw + + * options.h, mainproc.c (symkey_decrypt_seskey), keyserver.c + (struct keyrec, parse_keyrec, keyserver_search_prompt), keyedit.c + (keyedit_menu), g10.c (add_keyserver_url, add_policy_url): Fix + some compiler warnings. + +2004-05-08 David Shaw + + * keyedit.c (keyedit_menu, menu_set_keyserver_url): Allow passing + preferred keyserver on "keyserver" command line. Sanity check + keyserver URL before accepting it. + + * keyserver-internal.h, g10.c (main), keyserver.c + (parse_keyserver_uri): Add an option to require the scheme:// and + change all callers. + (free_keyserver_spec): Make public. + +2004-05-07 Werner Koch + + * sign.c (write_plaintext_packet): Fixed the detection of too + large files in the same way as in encode.c. + +2004-05-04 David Shaw + + * keylist.c (show_notation): Use bits to select which sort of + notation to show. Don't allow a not-shown notation to prevent us + from issuing the proper --status-fd message. + + * options.h, g10.c (main): Add show-std/standard-notations and + show-user-notations. show-notations is both. Default is to show + standard notations only during verify. Change all callers. + +2004-04-28 David Shaw + + * main.h, keylist.c (show_notation): Add argument to show only + user notations, only standard notations, or both. Change all + callers. + + * keyserver.c (keyserver_spawn): We still need EXEC_TEMPFILE_ONLY. + +2004-04-28 Werner Koch + + * card-util.c (card_edit): Require PIN only for generate. + + * app-openpgp.c (do_setattr): Sync FORCE_CHV1. + +2004-04-27 Werner Koch + + * keyserver.c (keyserver_spawn) [EXEC_TEMPFILE_ONLY]: Removed + setting use_temp_file because this option has been removed. + + * g10.c: New commands --allow-admin and --deny-admin. + * options.h (opt): Add member ALLOW_ADMIN. + + * tlv.h, tlv.c: New. Copied from gnupg-1.9. + * cardglue.c (open_card): The serialno is now set internally by + app_select_openpgp; changed invocation. + * cardglue.h (app_t, ctrl_t): New. + (GPG_ERR_EBUSY, GPG_ERR_ENOENT, GPG_ERR_NOT_FOUND, GPG_ERR_BUG) + (GPG_ERR_NOT_IMPLEMENTED, GPG_ERR_EACCESS): New. + (gpg_err_code_from_errno): New. + + * app-common.h, app-openpgp.c, iso7816.c, iso7816.h + * apdu.c, apdu.h, ccid-driver.c, ccid-driver.h + * card-util.c: Updated from current gnupg-1.9. + + Changes are: + + * app-common.h: New members FNC.DEINIT and APP_LOCAL. + * app-openpgp.c (do_deinit): New. + (get_cached_data, flush_cache_item, flush_cache_after_error) + (flush_cache): New. + (get_one_do): Replaced arg SLOT by APP. Make used of cached data. + (verify_chv2, verify_chv3): Flush some cache item after error. + (do_change_pin): Ditto. + (do_sign): Ditto. + (do_setattr): Flush cache item. + (do_genkey): Flush the entire cache. + (compare_fingerprint): Use cached data. + + * apdu.c (apdu_send_le): Reinitialize RESULTLEN. Handle + SW_EOF_REACHED like SW_SUCCESS. + + * ccid-driver.c (parse_ccid_descriptor): Store some of the reader + features away. New arg HANDLE + (read_device_info): New arg HANDLE. Changed caller. + (bulk_in): Handle time extension requests. + (ccid_get_atr): Setup parameters and the IFSD. + (compute_edc): New. Factored out code. + (ccid_transceive): Use default NADs when required. + + * apdu.h: New pseudo stati SW_HOST_NOT_SUPPORTED, + SW_HOST_LOCKING_FAILED and SW_HOST_BUSY. + * iso7816.c (map_sw): Map it. + + * ccid-driver.c (ccid_slot_status): Add arg STATUSBITS. + * apdu.c (apdu_get_status): New. + (ct_get_status, pcsc_get_status, ocsc_get_status): New stubs. + (get_status_ccid): New. + (apdu_reset): New. + (reset_ct_reader, reset_pcsc_reader, reset_osc_reader): New stubs. + (reset_ccid_reader): New. + (apdu_enum_reader): New. + + * apdu.c (lock_slot, trylock_slot, unlock_slot): New helpers. + (new_reader_slot) [USE_GNU_PTH]: Init mutex. + (apdu_reset, apdu_get_status, apdu_send_le): Run functions + in locked mode. + +2004-04-25 David Shaw + + * getkey.c (get_seckey_byname2): Significantly simplify this + function by using key_byname to do the heavy lifting. Note that + this also fixes an old problem when the first key on the secret + keyring has an unusable stub primary, but is still chosen. + + * getkey.c (key_byname): If namelist is NULL, return the first key + in the keyring. + +2004-04-22 David Shaw + + * keygen.c (make_backsig): If DO_BACKSIGS is not defined, do not + create backsigs. + + * getkey.c (merge_selfsigs_subkey): Find 0x19 backsigs on subkey + selfsigs and verify they are valid. If DO_BACKSIGS is not + defined, fake this as always valid. + + * packet.h, parse-packet.c (parse_signature): Make parse_signature + non-static so we can parse 0x19s in self-sigs. + + * main.h, sig-check.c (check_backsig): Check a 0x19 signature. + (signature_check2): Give a backsig warning if there is no or a bad + 0x19 with signatures from a subkey. + +2004-04-21 David Shaw + + * parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt, + can_handle_critical): Parse and display 0x19 signatures. + +2004-04-20 David Shaw + + * keyserver.c (parse_keyserver_uri): Do not accept "http" as an + alias for "hkp". They are not the same thing. + +2004-04-19 David Shaw + + * options.h, g10.c (main): Add keyserver-option + honor-keyserver-url. parse_keyserver_options now returns a + success code. + + * keyserver.c (parse_keyserver_options): Return error on failure + to parse. Currently there is no way to fail as any unrecognized + options get saved to be sent to the keyserver plugins later. + Check length of keyserver option tokens since with =arguments we + must only match the prefix. + (free_keyserver_spec): Moved code from parse_keyserver_url. + (keyserver_work, keyserver_spawn): Pass in a struct keyserver_spec + rather than using the global keyserver option. + (calculate_keyid_fpr): New. Fills in a KEYDB_SEARCH_DESC for a + key. + (keyidlist): New implementation using get_pubkey_bynames rather + than searching the keydb directly. If honor-keyserver-url is set, + make up a keyserver_spec and try and fetch that key directly. Do + not include it in the returned keyidlist in that case. + +2004-04-16 David Shaw + + * plaintext.c (handle_plaintext): Accept 'u' as a plaintext mode + that requires end of line conversion. This is being considered + for a UTF8 text packet. If this doesn't take place, no major harm + done. If it does take place, we'll get a jump on starting the + changeover. + + * g10.c (main): --no-use-embedded-filename. + + * build-packet.c (calc_plaintext, do_plaintext): Do not create + illegal (packet header indicates a size larger than the actual + packet) encrypted data packets when not compressing and using a + filename longer than 255 characters. + + * keyedit.c (no_primary_warning): Cleanup. (menu_expire): Don't + give primary warning for subkey expiration changes. These cannot + reorder primaries. + + * keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, + do_generate_keypair, generate_subkeypair): New is_subkey argument + to set whether a generated key is a subkey. Do not overload the + ret_sk. This is some early cleanup to do backsigs for signing + subkeys. + + * keygen.c (write_keybinding, do_generate_keypair, + generate_subkeypair): Keep track of the unprotected subkey secret + key so we can make a backsig with it. + + * keygen.c (make_backsig): New function to add a backsig to a + binding sig of signing subkeys. Currently disabled. + (write_keybinding): Call it here, for signing subkeys only. + + * sign.c (make_keysig_packet): Allow generating 0x19 signatures + (same as 0x18 or 0x28, but used for backsigs). + + * packet.h, build-packet.c (build_sig_subpkt): Add new + SIGSUBPKT_SIGNATURE type for embedded signatures. + + * main.h, misc.c (optsep, argsplit, optlen, parse_options): + Simplify code and properly handle a partial match against an + option with an argument. + + * keyserver-internal.h, keyserver.c (parse_keyserver_options): Use + new optsep and argsplit functions. + +2004-04-15 David Shaw + + * main.h, misc.c (argsplit): Refactor argsep into argsplit and + argsep so they can be called separately. + + * options.h, keyserver.c (parse_keyserver_options): Remove + duplicate code from parse_keyserver_options by calling the generic + parse_options. + + * keyserver.c (keyserver_spawn, keyserver_refresh), g10.c (main), + gpgv.c (main), mainproc.c (check_sig_and_print), import.c + (revocation_present): Change all callers. + +2004-04-14 David Shaw + + * packet.h, getkey.c (fixup_uidnode, merge_selfsigs_subkey): Keep + track of which self-sig we actually chose. + + * keyedit.c (menu_expire, menu_set_primary_uid, + menu_set_preferences): Use it here to avoid updating non-used + self-sigs and possibly promoting an old self-sig into + consideration again. + + * options.h, import.c, keyserver-internal.h, g10.c, mainproc.c, + keyserver.c (parse_keyserver_uri): Parse keyserver URI into a + structure. Cleanup for new "guess my keyserver" functionality, as + well as refreshing via a preferred keyserver subpacket. + + * options.h: Encapsulate keyserver details. Change all callers. + +2004-04-05 Werner Koch + + * status.h (STATUS_NEWSIG): New. + * status.c (get_status_string): Add it. + +2004-03-27 David Shaw + + * keyedit.c (keyedit_menu): Request a trustdb update when adding a + new user ID so the new ID gets validity set. Reported by Owen + Taylor. + +2004-03-25 David Shaw + + * options.h, g10.c (main), compress-bz2.c (init_uncompress): + Rename --bzip2-compress-lowmem to --bzip2-decompress-lowmem since + it applies to decompression, not compression. + +2004-03-24 David Shaw + + * keyedit.c (sign_uids, show_key_and_fingerprint, ask_revoke_sig, + menu_revsig, menu_showphoto): --keyid-format conversion. + (menu_addrevoker): Use print_pubkey_info() rather than duplicating + code. + +2004-03-19 David Shaw + + * trustdb.c (update_min_ownertrust, validate_keys): Do not use + keystr functions in log_debug. + + * import.c (import_one): Try and collapse user IDs when importing + a key for the first time. + + * keyedit.c (menu_addrevoker): Allow appointing a subkey as a + designated revoker if the user forces it via keyid!, so long as + the subkey can certify. Also use the proper date string when + prompting for confirmation. + + * g10.c (main): Maintain ordering of multiple Comment lines. + Requested by Peter Hyman. + +2004-03-17 David Shaw + + * mainproc.c (proc_pubkey_enc, print_pkenc_list, list_node): + --keyid-format conversion. + +2004-03-16 David Shaw + + * getkey.c (skip_unusable, merge_selfsigs_main, + premerge_public_with_secret, lookup, get_user_id_string): + --keyid-format conversion. + +2004-03-15 David Shaw + + * trustdb.c (add_utk, verify_own_keys, update_min_ownertrust, + get_validity, ask_ownertrust, validate_keys): --keyid-format + conversion. + + * import.c (check_prefs_warning, check_prefs): --keyid-format + conversion and a little better text. + (import_one, import_secret_one, import_revoke_cert, chk_self_sigs, + delete_inv_parts, merge_blocks): Still more --keyid-format + conversions. + +2004-03-06 David Shaw + + * keylist.c (print_seckey_info, print_pubkey_info): --keyid-format + conversion. + (list_keyblock_print): 0xshort should not push us into the new + list format since it is not much longer than regular 8-character + short keyids. + + * keydb.h, keyid.c (keystr_from_pk, keystr_from_sk): New functions + to pull a key string from a key in one step. This isn't faster + than before, but makes for neater code. + + * keylist.c (list_keyblock_print): Use keystr_from_xx here. + (print_key_data): No need to pass a keyid in. + +2004-03-05 David Shaw + + * keyid.c (keyid_from_sk): Minor performance boost by caching + secret key keyids so we don't have to calculate them each time. + + * getkey.c (merge_selfsigs_subkey): Do not mark subkeys valid if + we do not support their pk algorithm. This allows for early + (during get_*) rejection of a subkey, and selection of another. + + * passphrase.c (passphrase_to_dek): Give a little more information + when we have room to do so. + +2004-03-04 David Shaw + + * revoke.c (export_minimal_pk), export.c (do_export_stream), + passphrase.c (passphrase_to_dek), keyserver.c (print_keyrec): A + few more places to use --keyid-format. + + * options.h, g10.c (main), export.c (parse_export_options, + do_export_stream): Remove --export-all and the "include-non-rfc" + export-option as they are no longer meaningful with the removal of + v3 Elgamal keys. + + * armor.c (fake_packet, armor_filter): Use the 2440 partial length + encoding for the faked plaintext packet. + +2004-03-03 David Shaw + + * options.h, g10.c (main), mainproc.c (check_sig_and_print): + Remove verify-option show-long-keyids and replace with + the more general keyid-format. + + * build-packet.c (write_header2): Remove call to start old gpg + partial length mode and change all callers. + (do_plaintext): Turn off partial length encoding now that we're + done writing the packet. + (do_comment, do_user_id): Try for a headerlen of 2 since that's + the smallest and most likely encoding for these packets. + + * parse-packet.c (parse): Remove call to start old gpg partial + length mode. + +2004-03-02 David Shaw + + * options.h, g10.c (main): Add a more flexible --keyid-format + option to replace the list-option (and eventually verify-option) + show-long-keyids. The format can be short, long, 0xshort, and + 0xlong. + + * keydb.h, keyid.c (keystr, keystrlen): New functions to generate + a printable keyid. + + * keyedit.c (print_and_check_one_sig, show_key_with_all_names), + keylist.c (list_keyblock_print): Use new keystr() function here to + print keyids. + + * packet.h, free-packet.c (free_encrypted, free_plaintext), + parse-packet.c (copy_packet, skip_packet, skip_rest, read_rest, + parse_plaintext, parse_encrypted, parse_gpg_control): Use a flag + to indicate partial or indeterminate encoding. This is the first + step in some minor surgery to remove the old gpg partial length + encoding. + +2004-03-01 David Shaw + + * parse-packet.c (parse): Only data-type packets are allowed to + use OpenPGP partial length encoding. + +2004-02-25 David Shaw + + * delkey.c (do_delete_key): Allow deleting a public key with a + secret present if --expert is set. + + * plaintext.c (handle_plaintext): Make bytecount static so it + works with multiple literal packets inside a message. + + * encode.c, helptext.c (keygen.algo, keygen.algo.elg_se), keygen.c + (ask_algo), sig-check.c (do_check_messages), skclist.c + (build_sk_list): Rename "ElGamal" to "Elgamal" as that is the + proper spelling nowadays. Suggested by Jon Callas. + +2004-02-24 David Shaw + + * plaintext.c: Copyright. + + * encode.c (encode_simple): Show cipher with --verbose. + + * options.h, g10.c (main), keyedit.c (sign_keys): Add + --ask-cert-level option to enable cert level prompts during + sigs. Defaults to on. Simplify --default-cert-check-level to + --default-cert-level. If ask-cert-level is off, or batch is on, + use the default-cert-level as the cert level. + + * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): + Simplify --min-cert-check-level to --min-cert-level. + +2004-02-22 David Shaw + + * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add + --min-cert-check-level option to specify minimum cert check level. + Defaults to 2 (so 0x11 sigs are ignored). 0x10 sigs cannot be + ignored. + +2004-02-21 David Shaw + + * plaintext.c (handle_plaintext): Properly handle a --max-output + of zero (do not limit output at all). + + * keyserver.c (keyserver_spawn): Use the full 64-bit keyid in the + INFO header lines, and include "sig:" records for the benefit of + people who store their keys in LDAP servers. It makes it easy to + do queries for things like "all keys signed by Isabella". + + * main.h, misc.c (hextobyte): Removed. It's in libutil.a now. + +2004-02-20 David Shaw + + * keyserver.c (keyserver_export): Disallow user strings that + aren't key IDs. + (keyserver_import): Clarify error message. + (keyserver_spawn): Properly handle 8 bit characters in user IDs in + the info lines during SEND. + + * mkdtemp.c: Removed. + + * Makefile.am: We get mkdtemp.c from libutil.a now, so don't link + with @LIBOBJS@. + + * keyserver.c (keyserver_spawn): Pass the scheme to the keyserver + helper. + +2004-02-18 David Shaw + + * options.h, g10.c (main), plaintext.c (handle_plaintext): Add + --max-output option to help people deal with decompression bombs. + +2004-02-15 David Shaw + + * build-packet.c (do_user_id): Do not force a header for attribute + packets as they require a new CTB, and we don't support forced + headers for new CTBs yet. + +2004-02-14 David Shaw + + * build-packet.c (write_header2): If a suggested header length is + provided along with a zero length, interpret this as an actual + zero length packet and not as an indeterminate length packet. + (do_comment, do_user_id): Use it here as these packets might be + naturally zero length. + + * parse-packet.c (parse): Show packet type when failing due to an + indeterminate length packet. + + * misc.c (parse_options): Only provide args for the true (i.e. not + "no-xxx") form of options. + +2004-02-13 David Shaw + + * keyserver.c (argsep): Move to misc.c. + + * main.h, misc.c (parse_options), export.c (parse_export_options), + import.c (parse_import_options), g10.c (main): Use it here to + allow for options with optional arguments. Change all callers. + + * import.c (check_prefs): Some language fixes. + (sec_to_pub_keyblock, import_secret_one): Without knowing the + number of MPIs there are, we cannot try and sk-to-pk-ize a key. + +2004-02-12 David Shaw + + * import.c (check_prefs): New function to check preferences on a + public key to ensure that it does not advertise any that we cannot + fulfill. Use the keyedit command list function to optionally + rewrite the prefs. + (import_one, import_secret_one): Use it here when importing a + public key that we have the secret half of, or when importing a + secret key that we have the public half of. + + * main.h, keyedit.c (keyedit_menu): Remove sign_mode and enhance + the more general command list functionality to replace it. + + * g10.c (main): Use the general command functionality to implement + --sign-key, --lsign-key, --nrsign-key, and --nrlsign-key. + + * import.c (import_one): Do the revocation check even in the case + when a key, a revocation key set in a direct key signature, and a + revocation from that revocation key, all arrive piecemeal. + Needless to say, this is pretty obscure. + +2004-02-11 David Shaw + + * options.h, g10.c (main), keylist.c (list_keyblock_print): Add + "show-unusable-subkeys" list-option to show revoked and/or expired + subkeys. + +2004-02-10 David Shaw + + * keyedit.c (keyedit_menu): Prompt for subkey removal for both + secret and public subkeys. + + * keylist.c (list_keyblock_print), keyedit.c + (show_key_with_all_names): Show the revocation date of a + key/subkey, and general formatting work. + + * packet.h, getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, + merge_selfsigs): Keep track of the revocation date of a key. + + * keydb.h, keyid.c (revokestr_from_pk): New function to print the + revocation date of a key. + + * keygen.c (keygen_set_std_prefs): Build the default preferences + list at runtime as it properly handles algorithms disabled at + build or run time. + + * getkey.c (merge_selfsigs_main): Properly handle expired user IDs + when the expired self-sig is not the only self-sig. + + * misc.c (compress_algo_to_string): Return NULL on failure like + all of the other xxxx_algo_to_string() functions. + + * mainproc.c (list_node): Minor spacing tweak to match --list-keys + output. + + * keylist.c (list_keyblock_print), mainproc.c (list_node): Mark + revoked subkeys as revoked. Requested by Matthew Wilcox. Revoked + overrides expiration when both apply. + + * keyedit.c (show_prefs): Use compress algo constants. + (show_basic_key_info): Make revoked and expired tags translatable. + + * g10.c (rm_group): Properly ungroup from a list of groups. + +2004-01-30 David Shaw + + * g10.c (main, rm_group): Add --ungroup command to remove a + particular group. + (add_group): When adding a group with the same name as an already + existing group, merge the two groups. + (list_config): Show an error message when listing a config item + that doesn't exist. + (main): Replace -z0 trick for no compression. + + * packet.h, keyedit.c (show_key_with_all_names_colon), keylist.c + (list_keyblock_colon), mainproc.c (list_node, proc_tree): Minor + cleanup to remove local_id, which is no longer used. + +2004-01-27 David Shaw + + * getkey.c: Set MAX_PK_CACHE_ENTRIES and MAX_UID_CACHE_ENTRIES to + PK_UID_CACHE_SIZE (set in ./configure). + + * getkey.c (get_pubkey): When reading key data into the cache, + properly handle keys that are partially (pk, no UIDs) cached + already. This is Debian bug #176425 and #229549. + + * compress.c (init_compress, push_compress_filter2): Do the right + thing (i.e. nothing) with compress algo 0. + + * main.h, decrypt.c (decrypt_messages): Accept filenames to + decrypt on stdin. This is bug #253. + +2004-01-23 David Shaw + + * mainproc.c (list_node): Show sigs with --verbose. + + * options.h, g10.c (set_screen_dimensions): New function to look + at COLUMNS and LINES. + + * keyserver.c (parse_keyrec, keyserver_search_prompt), keyedit.c + (print_and_check_one_sig): Use new screen dimension variables. + +2004-01-21 David Shaw + + * g10.c (list_config): New function to dump config options to + stdout. Currently requires --with-colons. + (collapse_args): New function to turn argc/argv into a single + string. + (main): Use it here to pass list_config() more than one argument + as a single string. + (print_algo_numbers): Helper to print algorithm number for + --list-config "pubkey", "cipher", "hash"/"digest", and "compress" + config options. + + * packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), + pkclist.c (check_signatures_trust): Indicate who has revoked a key + (the owner or a designated revoker). If a key was revoked by + both, prefer the owner. If a subkey is already revoked by the + owner, don't allow a designated revokation of the whole key to + override this. We're still revoked either way, of course. + + * keyedit.c (print_and_check_one_sig, keyedit_menu): Use the + COLUMNS environment variable (if any) to hint how wide the + terminal is. Disabled on _WIN32. Suggested by Janusz + A. Urbanowicz. + +2004-01-20 David Shaw + + * keylist.c (set_attrib_fd): Open attribute fd in binary + mode. This isn't meaningful on POSIX systems, but the Mingw builds + aren't exactly POSIX. + + * trustdb.c (reset_trust_records): New, faster, implementation + that doesn't involve a keyring scan. + (clear_validity): Removed. + + * g10.c (main), keydb.h, keydb.c (keydb_rebuild_caches), + keyring.h, keyring.c (keyring_rebuild_cache): Add "noisy" flag so + cache rebuilds can remain noisy when called for itself, and quiet + when called as part of the trustdb rebuild. + + * trustdb.c (validate_keys): Rebuild the sig caches before + building the trustdb. Note that this is going to require some + architectual re-thinking, as it is agonizingly slow. + +2004-01-19 David Shaw + + * sig-check.c (check_key_signature2): Comments. + + * keyring.c (keyring_rebuild_cache): Clear sig cache for any + signatures that we can no longer process (say, if the user removed + support for a necessary pubkey or digest algorithm). + +2004-01-16 David Shaw + + * misc.c (print_cipher_algo_note): May as well call Rijndael AES + at this point. + + * keygen.c (do_create), misc.c (openpgp_pk_algo_usage): Remove the + last bits of Elgamal type 20 support. + +2004-01-03 Stefan Bellon + + * compress.c [__riscos__]: Only use RISC OS' own ZLib module if + configured to use it. + +2003-12-30 David Shaw + + * options.h, g10.c (main), import.c (parse_import_options, + import_one, import_secret_one), keyserver.c (keyserver_refresh): + Change --merge-only to --import-option merge-only. Deprecate + --merge-only. + +2003-12-29 David Shaw + + * misc.c (pull_in_libs): Dead code. Removed. + + * sig-check.c (check_revocation_keys): Comments. + + * getkey.c (merge_selfsigs_main): Don't bother to check designated + revoker sigs if the key is already revoked. + + * packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" + flag on PKs. It is set when there is a revocation signature from + a valid revocation key, but the revocation key is not present to + verify the signature. + + * pkclist.c (check_signatures_trust): Use it here to give a + warning when showing key trust. + + * compress-bz2.c: Include stdio.h. Solaris 9 has a very old bzip2 + library and we can at least guarantee that it won't fail because + of the lack of stdio.h. + + * tdbio.c: Fixed format string bugs related to the use of DB_NAME. + Reported by Florian Weimer. + +2003-12-28 David Shaw + + * options.h, g10.c (main), keyserver.c (keyserver_opts, + parse_keyserver_uri): honor-http-proxy is no longer an option + since we can do the same thing with http-proxy with no arguments. + Also remove broken-http-proxy since it can be better handled in + the HTTP helper. + + * keyserver.c (argsep): New variation on strsep that knows about + optional arguments. + (parse_keyserver_options): Use it here for optional arguments. + +2003-12-28 Stefan Bellon + + * plaintext.c (handle_plaintext) [__riscos__]: Don't mangle + filename if the user specified it. + + * g10.c, gpgv.c [__riscos__]: Removal of unnecessary #ifdef + __riscos__ sections. + +2003-12-27 David Shaw + + * keyserver.c (strip_leading_space, get_arg): New. + (parse_keyserver_options): Use them here to allow arguments to + keyserver-options. Since none of our options need arguments yet, + just pass them through whole to the keyserver helper. + + * main.h, misc.c (parse_options): Add a "noisy" flag to enable and + disable the messages about which option didn't match or matched + ambiguously. Change all callers (g10.c, keyserver.c). + + * main.h, import.c (import_options), export.c (export_options): + Pass the noisy flag through. + +2003-12-17 David Shaw + + * build-packet.c (write_fake_data, do_secret_key), seckey-cert.c + (do_check): Use an unsigned length for mpi_get_opaque. + + * options.h: It's impolite to assign -1 to an unsigned + opt.force_ownertrust. + + * sig-check.c (cmp_help, do_check), sign.c (do_sign): Remove old + unused code. + + * keyid.c (keyid_from_sk): Make sure lowbits is initialized. + +2003-12-12 David Shaw + + * sig-check.c (do_check): Move the signing algo and hash checks + from here... + (signature_check2): ... to here. + (check_key_signature2): ... and here. This is a minor + optimization to avoid fetching a key (which can be expensive, + especially if it is not self-signed, and there are many key + signatures on it which need to be checked for ultimate trust) if + the signature would have failed anyway because of algorithm or + hash problems. + +2003-12-10 David Shaw + + * packet.h, build-packet.c (hash_public_key): Remove function ... + + * keydb.h, keyid.c (hash_public_key, do_fingerprint_md): ... and + make a new one here that shares code with the fingerprint + calculations. This removes some duplicated functionality, and is + also around 14% faster. (Every bit helps). + + * import.c (import_one): No longer need the Elgamal import + warning. + + * getkey.c (get_pubkey_fast): This one is sort of obscure. + get_pubkey_fast returns the primary key when requesting a subkey, + so if a user has a key signed by a subkey (we don't do this, but + used to), AND that key is not self-signed, AND the algorithm of + the subkey in question is not present in GnuPG, AND the algorithm + of the primary key that owns the subkey in question is present in + GnuPG, then we will try and verify the subkey signature using the + primary key algorithm and hit a BUG(). The fix is to not return a + hit if the keyid is not the primary. All other users of + get_pubkey_fast already expect a primary only. + +2003-12-09 David Shaw + + * keyid.c (do_fingerprint_md): Remove the rules to hash the old v3 + Elgamal keys. They are no longer needed. + + * keyid.c (keyid_from_sk, keyid_from_pk, fingerprint_from_pk, + fingerprint_from_sk): Enforce the v3-is-only-RSA rule. Anything + that isn't RSA gets a zero keyid and fingerprint. + + * keyid.c (do_fingerprint_md): Properly handle hashing of keys + that we don't know the structure of by using the opaque MPI. + (do_fingerprint_md_sk): We cannot calculate the fingerprint from a + secret key unless we know the structure (since we can't leave off + the secret key parts), so fail early..... + (keyid_from_sk, fingerprint_from_sk): .... and return all zeroes. + +2003-12-03 David Shaw + + * g10.c (strusage, main): Show development version warning in + --version output. + (main): Set --bzip2-compress-level to the default value at + startup. Remove --emulate-checksum-bug noop. + + * options.h, g10.c (main), main.h, seskey.c (do_encode_md, + encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove + --emulate-md-encode-bug as it only applied to Elgamal signatures, + which are going away. + +2003-11-30 David Shaw + + * mainproc.c (proc_symkey_enc, proc_encrypted): Add ability to use + --override-session-key on --symmetric messages (new-style or + old-style). + (proc_pubkey_enc): Move code to show session key from here to + proc_encrypted() so it can work with any type of message. + Suggested by Michael Young. + +2003-11-29 David Shaw + + * trustdb.c (validate_keys): Reset the trustdb before checking if + we have any ultimately trusted keys. This ensures that if we lose + all our ultimately trusted keys, we don't leave behind the old + validity calculations. Noted by Peter Palfrader. + + * revoke.c (gen_desig_revoke): Specify in the comment when a + designated revocation is generated. + + * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, + get_seckey_byname2): Remove Elgamal check since we are removing + type 20 keys altogether. + +2003-11-27 David Shaw + + * pkclist.c (build_pk_list): Do not allow an empty PK list in + interactive mode. + + * keygen.c (ask_algo): Remove ability to generate Elgamal + sign+encrypt keys. + + * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, + get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys. + +2003-11-20 David Shaw + + * seskey.c (do_encode_md): Comment about earlier (pre-PGP 2.3) + encodings. + + * misc.c (compress_algo_to_string): Translate "Uncompressed". + Requested by Tommi Vainikainen. + (string_to_compress_algo): Include multi-string for + "uncompressed|none". + +2003-11-17 David Shaw + + * options.h, g10.c (main), compress-bz2.c (init_uncompress): Add + --bz2-compress-lowmem to set bzlib "small" flag for low memory + (but slow) decompression. + +2003-11-15 David Shaw + + * compress.c (init_compress): Remove compress level 10 trick, + since it is no longer needed. + + * g10.c: Fix typoed option name. + + * compress-bz2.c (init_compress): Compression level 0 is not + meaningful for bzip2. + + * options.h, g10.c (main), compress.c (init_compress), + compress-bz2.c (init_compress): Add --compress-level and + --bzip2-compress-level. -z sets them both. Change various + callers. + + * encode.c (encode_simple), sign.c (sign_symencrypt_file): + Properly use default_compress_algo (--compress-algo, followed by + the highest --personal-compress-preference, followed by ZIP) to + get the algorithm. + +2003-11-14 David Shaw + + * options.h, trustdb.c (trust_model_string, init_trustdb): Add + support for "external" trust model, where the user can provide a + pregenerated trustdb. + + * keyedit.c (keyedit_menu): Do not allow editing ownertrust with + an external trust model trustdb. + +2003-11-13 David Shaw + + * options.h, g10.c, keyedit.c, keylist.c, mainproc.c: Clarify the + plurarility (or not) of various list and verify options. + +2003-11-12 David Shaw + + * g10.c (main): Add --symmetric --sign --encrypt. + + * main.h, encode.c (setup_symkey): New. Prompt for a passphrase + and create a DEK for symmetric encryption. + (write_symkey_enc): New. Write out symmetrically encrypted + session keys. + (encode_crypt, encrypt_filter): Use them here here when creating a + message that can be decrypted with a passphrase or a pk. + + * sign.c (sign_file): Call setup_symkey if we are doing a + --symmetric --sign --encrypt. + +2003-11-09 David Shaw + + * mainproc.c (proc_symkey_enc): Don't show algorithm information + when --quiet is set. Suggested by Duncan Harris. Also don't fail + with BUG() when processing a --symmetric message with a cipher we + don't have. + + * g10.c: Alias --personal-xxx-prefs to --personal-xxx-preferences. + + * pkclist.c (build_pk_list): When adding recipients interactively, + allow the user to stop at any point. + +2003-10-31 David Shaw + + * trustdb.h, trustdb.c (register_trusted_keyid): New. Adds a + keyid to the list of ultimately trusted keys. + + * keygen.c (do_generate_keypair): Use it here so that the ultimate + ownertrust happens before the trustdb (might be) rebuilt. Also + fix an error where the newly generated pk is thought to be a + subkey by the trustdb. + + * g10.c (main): Fix --export-all do actually do something + different than --export. + + * pkclist.c (build_pk_list): Show all recipients rather than + showing each recipient as they are added. + + * mainproc.c (proc_symkey_enc, proc_encrypted): Keep a count of + the number of passphrases that can decrypt a symmetric or mixed + symmetric/pk message and include it in the list of keys shown to + the user. + +2003-10-30 David Shaw + + * misc.c (compress_algo_to_string, string_to_compress_algo, + check_compress_algo): Add bzip2. + + * compress.c (compress_filter): Make static to help force the use + of push_compress_filter. Remove default algorithm setting since + that is done in push_compress_filter now. + + * main.h: Use named algorithm. + + * filter.h, compress.c (push_compress_filter, + push_compress_filter2): New. Figure out which is the appropriate + compression filter to use, and push it into place. + + * compress.c (handle_compressed), encode.c (encode_simple, + encode_crypt), sign.c (sign_file, sign_symencrypt_file), import.c + (read_block), export.c (do_export): Use push_compress_filter + instead of pushing the compression filter ourselves. + + * compress-bz2.c: New. Bzlib versions of the compression filter + routines. + + * Makefile.am: Include compress-bz2.c if bz2lib is available. + +2003-10-30 Werner Koch + + * apdu.c (close_ct_reader, close_pcsc_reader): Implemented. + (get_ccid_error_string): New. Not very useful messages, though. + +2003-10-29 Werner Koch + + * cardglue.c (open_card): Ask for card insertion. + (check_card_serialno): New. + (agent_scd_pksign, agent_scd_pkdecrypt): Use it here. + * cardglue.c (open_card): Issue insertion status message. + * status.h, status.c (STATUS_CARDCTRL): New. + + * status.c (cpr_get_answer_okay_cancel): New. + +2003-10-28 Werner Koch + + * keylist.c (list_keyblock_print): Denote secrets keys stored on a + card with an '>'. Print the '#' also for subkeys. + (list_keyblock_colon): Introduce new field 15 for sec/ssb to print + the serial number. + +2003-10-26 David Shaw + + * g10.c (main): Enhance the version-specific config file code to + try for more specific matches before giving up (e.g. 1.3.3-cvs, + 1.3.3, 1.3, 1). + +2003-10-25 David Shaw + + * g10.c (main): Add --symmetric --encrypt command. This generates + a message that can be decrypted via a passphrase or public key + system. + + * main.h, encode.c (encode_seskey): Allow passing in an + already-created session key dek. + (encode_simple): Use the actual symmetric cipher when encrypting a + session key for a symmetric message. + (encode_crypt): Add a flag to trigger a hybrid mode that can be + decrypted via a passphrase or a pk. Change all callers. + + * mainproc.c (symkey_decrypt_sesskey): There is no way to tell the + difference here between a bad passphrase and a cipher algorithm + that we don't have, so use a error message that makes that clear. + Use the actual list of ciphers when checking whether a cipher is + invalid. Return error if the decrypted cipher algorithm is + invalid. + (proc_symkey_enc): In a mixed passphrase/pk message, if a valid + dek already exists from decrypting via pk, do not try to process + the passphrase. + (proc_symkey_enc): Indicate when we're decrypting a session key as + opposed to decrypting data. If a passphrase is invalid, discard + the dek so we'll keep trying. + +2003-10-25 Werner Koch + + * ccid-driver.c (ccid_open_reader): Return an error if no USB + devices are found. + + * Makefile.am: Replaced INTLLIBS by LIBINTL. + + * g10.c (main) [ENABLE_CARD_SUPPORT]: Add a default for + --pcsc-driver. + + * cardglue.c (learn_status_cb): Fixed faulty use of !space. + +2003-10-24 Werner Koch + + * apdu.c (apdu_open_reader): Hacks for PC/SC under Windows. + +2003-10-21 Werner Koch + + * passphrase.c (ask_passphrase): Add optional promptid arg. + Changed all callers. + * cardglue.c (pin_cb): Use it here, so the machine interface can + tell whether the Admin PIN is requested. + + * cardglue.c (agent_scd_checkpin): New. + + * misc.c (openpgp_pk_algo_usage): Added AUTH usage. + + * app-openpgp.c (check_against_given_fingerprint): New. Factored + out that code elsewhere. + (do_check_pin): New. + * card-util.c (card_edit): New command "passwd". Add logic to + check the PIN in advance. + (card_status): Add new args to return the serial number. Changed + all callers. + +2003-10-14 David Shaw + + * import.c (import_one): Show the keyid when giving the Elgamal + slow import warning. + + * g10.c (main): Older versions used --comment "" to indicate no + comment. Don't add an empty comment. + +2003-10-13 David Shaw + + * keyedit.c (show_key_with_all_names): Ownertrust is only + meaningful for the PGP or classic trust models. Both validity and + ownertrust are not meaningful for the always trust model. + +2003-10-11 Werner Koch + + * keygen.c: Always enable the gen_card_key prototype. + +2003-10-10 Werner Koch + + * cardglue.c (card_close): New. + (agent_scd_change_pin): Implemented. + + * ccid-driver.c (ccid_close_reader): New. + * apdu.c (close_ccid_reader, close_ct_reader, close_csc_reader) + (close_osc_reader, apdu_close_reader): New. Not all are properly + implemented yet. + * g10.c (g10_exit): Use close_card. + +2003-10-09 David Shaw + + * g10.c (main): Give a deprecated option warning for + --show-keyring, --show-photos, --show-policy-url, --show-notation, + and their respective no- forms. + + * options.skel: Remove show-photos and replace with + list/verify-options show-photos. Remove no-mangle-dos-filenames. + + * misc.c (parse_options): Allow for incomplete (but unambiguous) + options. + +2003-10-09 Werner Koch + + * ccid-driver.c (ccid_transceive): Add T=1 chaining for sending. + + * sign.c (do_sign) [!ENABLE_CARD_SUPPORT]: Return an error for + card keys. + + * cardglue.c (agent_scd_pkdecrypt): Implemented. + * pubkey-enc.c (get_it) [ENABLE_CARD_SUPPORT]: Divert decryption + to card + +2003-10-08 Werner Koch + + * cardglue.c (pin_cb): Detect whether an admin or regular PIN is + requested. + (genkey_status_cb): New. + (agent_scd_genkey): Implemented. + + * keygen.c (generate_keypair): New arg CARD_SERIALNO and prepare + parameters for on card key generation. Changed all callers. + (do_generate_keypair): Add new arg card and merged casrd specific + changes from 1.9. + (proc_parameter_file): New arg card, apss it down to + do_generate_keypair and changed all callers. + (gen_card_key): New. + + * g10.c: Include cardclue.h. + (main): s/app_set_default_reader_port/card_set_reader_port/. + * cardglue.c (card_set_reader_port): New to address include file + issues. + +2003-10-02 Werner Koch + + * cardglue.c (learn_status_cb): Release values before assignment + so that it can be used by getattr to update the structure. + (agent_scd_getattr): New. + + * keylist.c (print_pubkey_info): Add FP arg for optional printing + to a stream. Changed all callers. + +2003-10-01 Werner Koch + + * app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c + * apdu.h, ccid-driver.c, ccid-driver.h, card-util.c: Updated + from current GnuPG 1.9. Changes over there are: + * card-util.c: Tweaked to use this source also under 1.3. + (card_edit): New command "forcesig". + * card-util.c (print_name, print_isoname): Use 0 and not LF fro + the max_n arg of tty_print_utf8_string2. + * card-util.c (change_pin): Simplified. We now have only a PIN + and an Admin PIN. + * ccid-driver.c: Detect GnuPG 1.3 and include appropriate files. + * apdu.c: Ditto. + * app-openpgp.c: Ditto. + * iso7816.c: Ditto. + (generate_keypair): Renamed to .. + (do_generate_keypair): .. this. + * app-common.h [GNUPG_MAJOR_VERSION]: New. + * iso7816.h [GNUPG_MAJOR_VERSION]: Include cardglue.h + * app-openpgp.c (do_change_pin): Make sure CVH1 and CHV2 are + always synced. + (verify_chv2, verify_chv3): New. Factored out common code. + (do_setattr, do_sign, do_auth, do_decipher): Change the names of + the prompts to match that we have only 2 different PINs. + (app_select_openpgp): Check whether the card enforced CHV1. + (convert_sig_counter_value): New. Factor out code from + get_sig_counter. + + * Makefile.am (card_support_source): Depend on new AM conditional + to get the ifdef ENABLE_CARD_SUPPORT off the way from source + copied files. + (update-source-from-gnupg-2): Maintainer helper. + +2003-10-01 David Shaw + + * g10.c (main): Add --no-groups to zero --group list. + + * encode.c (encode_simple): Allow for 32 bytes (256 bits) of + symmetrically encrypted session key. Use --s2k-cipher-algo to + choose cipher, rather than the default cipher. + + * parse-packet.c (parse_subkeyenc): Give a warning if an + symmetrically encrypted session key is seen without salt. Show in + --list-packets if a symetrically encrypted session key is present. + + * pubkey-enc.c (get_it): Always show cipher-not-in-prefs warning + unless --quiet is set. Use text name of cipher in warning. + +2003-09-30 David Shaw + + * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add + --verify-option show-unusable-uids. + + * gpgv.c (check_trustdb_stale): Stub. + + * trustdb.c (get_validity): Move the up-to-date check to + check_trustdb_stale (new), so that it can be called before + validity is checked. + + * keylist.c (list_keyblock_print): Disable the overall key + validity display until it can be thought about more. Use + check_trustdb_stale here to avoid putting the check warning in the + middle of a listed key. + + * trustdb.c (init_trustdb): Only verify_own_keys() for those trust + models that it applies to (i.e. classic and OpenPGP). + +2003-09-29 Werner Koch + + * keygen.c (do_add_key_flags, parse_parameter_usage): Add support + the proposed AUTH key flag. + * getkey.c (fixup_uidnode, merge_selfsigs_main) + (merge_selfsigs_subkey, premerge_public_with_secret): Ditto. + * keylist.c (print_capabilities): Ditto. + + * parse-packet.c (parse_key): Allow to parse the divert-to-card + S2K mode. + * build-packet.c (do_secret_key): Handle divert-to-card S2K + * seckey-cert.c (is_secret_key_protected): Ditto. + (check_secret_key): Ditto. + + * keygen.c (do_ask_passphrase): Renamed from ask_passphrase. + * passphrase.c (ask_passphrase): New. + +2003-09-28 Werner Koch + + * g10.c (main): New commands --card-edit, --card-status and + --change-pin. New options --ctapi-driver, --pcsc-driver and + --disable-ccid + * options.h (DBG_CARD_IO): New. + * cardglue.c, cardclue.h: Enhanced. + * card-util.c: New. Taken from current the gnupg 1.9 branch. + * app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c + * apdu.h, ccid-driver.c, ccid-driver.h: New. Takem from the current + gnupg 1.9 branch withy minor changes to include directives. + * Makefile.am: Added these files. + +2003-09-27 Werner Koch + + * sign.c (do_sign) [ENABLE_CARD_SUPPORT]: Divert to card. + * cardglue.c, cardglue.h: New. + * Makefile.am (gpg_LDADD): Added. + (card_support_sources): New. + +2003-09-25 David Shaw + + * options.h, g10.c (main), keylist.c (list_keyblock_print): Add + "show-unusable-uids" list-option to show revoked and/or expired + user IDs. + +2003-09-24 David Shaw + + * keyedit.c (show_key_with_all_names): Show names a little neater + by putting the [revoked] or [expired] in the space used for the + [validity]. There is also no point in showing "[unknown] + [revoked]". + +2003-09-23 David Shaw + + * sign.c (mk_notation_policy_etc): Capitalize "URL". + + * trustdb.c (validate_keys): Give a little more information while + rebuilding trustdb. + + * pkclist.c (do_edit_ownertrust): Clarify "don't know". + + * g10.c (main): Default to --no-mangle-dos-filenames. + + * keydb.h, keyring.c (keyring_search), trustdb.c (search_skipfnc): + Expand the skipfnc to include a pointer to the user ID that + matched. + + * getkey.c (skip_disabled): Rename to skip_unusable, and add + checks for expired or revoked user IDs. + +2003-09-22 David Shaw + + * g10.c (main): Deprecate --default-comment in favor of + --no-comments. + + * options.h, g10.c (main), armor.c (armor_filter): Allow using + --comment multiple times to get multiple Comment: header lines. + --no-comments resets list. + +2003-09-11 David Shaw + + * g10.c (main): Trim --help to commonly used options. Remove -f. + +2003-09-08 David Shaw + + * g10.c (main): Error out if --multifile is used with the commands + that don't support it yet (--sign, --clearsign, --detach-sign, + --symmetric, and --store). + + * g10.c (main): Add --multifile as an alias to turn --encrypt into + --encrypt-files (plus --verify-files, --decrypt-files). + + * encode.c (use_mdc), g10.c (main): Use RFC1991 and RFC2440 + directly to check for MDC usability. Do not set the force_mdc or + disable_mdc flags since there is no point any longer. + +2003-09-04 David Shaw + + * armor.c (parse_hash_header, armor_filter), g10.c (print_hex, + print_mds), pkclist.c (algo_available): Drop TIGER/192 support. + +2003-09-03 David Shaw + + * keyedit.c (show_key_with_all_names): Fix assertion failure when + using toggle to see a secret key. Reported by Maxim Britov. + +2003-08-31 David Shaw + + * g10.c (add_keyserver_url), keyedit.c (keyedit_menu), sign.c + (mk_notation_policy_etc): Clarify a few strings. It's a + "preferred keyserver URL". + + * g10.c (main): Use "keyserver-url" instead of + "preferred-keyserver" for the sake of short and simple commands. + +2003-08-30 David Shaw + + * main.h, keygen.c (keygen_add_keyserver_url): Signature callback + for adding a keyserver URL. + + * keyedit.c (keyedit_menu, menu_set_keyserver_url): New command to + set preferred keyserver to specified (or all) user IDs. + + * build-packet.c (build_sig_subpkt): Set preferred keyserver flag + while building a preferred keyserver subpacket. + + * keylist.c (show_policy_url, show_keyserver_url): URLs might be + UTF8. + + * keyedit.c (menu_addrevoker): Fix leaking a few bytes. + +2003-08-29 David Shaw + + * keyedit.c (show_key_with_all_names): Use list-option + show-long-keyid in main --edit-key display. + + * keyedit.c (print_and_check_one_sig): Use list-option + show-long-keyid in --edit-key "check" function. + +2003-08-28 David Shaw + + * passphrase.c (agent_send_all_options): Make use of $GPG_TTY. + + * g10.c (main): Disable use-agent if passphrase-fd is given + later. Suggested by Kurt Garloff. + + * exec.c, g10.c, gpgv.c, passphrase.c, photoid.c: + s/__MINGW32__/_WIN32/ to help building on native Windows + compilers. Requested by Brian Gladman. From Werner on stable + branch. + +2003-08-25 David Shaw + + * options.h, g10.c (main): Add list-option + list-preferred-keyserver. + + * keyedit.c (change_passphrase): When responding 'no' to the blank + passphrase question, re-prompt for a new passphrase. This is bug + #202. + + * mainproc.c (check_sig_and_print): Use two different preferred + keyserver displays - one if the key is not present (to tell the + user where to get the key), the other if it is present (to tell + the user where the key can be refreshed). + + * packet.h, parse-packet.c (parse_signature): Set flag if a + preferred keyserver is present. + + * keylist.c (list_keyblock_print): Show keyserver url in listings + with list-option show-keyserver-url. + +2003-08-24 David Shaw + + * Makefile.am: Use NETLIBS instead of EGDLIBS. + + * mainproc.c (check_sig_and_print): Get the uid validity before + printing any sig results to avoid munging the output with trustdb + warnings. + + * g10.c (main): Don't include --show-keyring in --help as it is + deprecated. + +2003-08-21 David Shaw + + * gpgv.c: Remove extra semicolon (typo). + + * options.skel: Note that keyserver.pgp.com isn't synchronized, + and explain the roundrobin a bit better. + + * sig-check.c (check_key_signature2), import.c (import_one, + import_revoke_cert, chk_self_sigs, delete_inv_parts, + collapse_uids, merge_blocks): Make much quieter during import of + slightly munged, but recoverable, keys. Use log_error for + unrecoverable import failures. + + * keyring.c (keyring_rebuild_cache): Comment. + + * sign.c (mk_notation_and_policy): Making a v3 signature with + notations or policy urls is an error, not an info (i.e. increment + the errorcount). Don't print the notation or policy url to stdout + since it can be mixed into the output stream when piping and munge + the stream. + +2003-08-12 David Shaw + + * packet.h, sig-check.c (signature_check2, do_check, + do_check_messages): Provide a signing-key-is-revoked flag. Change + all callers. + + * status.h, status.c (get_status_string): New REVKEYSIG status tag + for a good signature from a revoked key. + + * mainproc.c (do_check_sig, check_sig_and_print): Use it here. + + * import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare + actual signatures on import rather than using keyid or class + matching. This does not change actual behavior with a key, but + does mean that all sigs are imported whether they will be used or + not. + + * parse-packet.c (parse_signature): Don't give "signature packet + without xxxx" warnings for experimental pk algorithms. An + experimental algorithm may not have a notion of (for example) a + keyid (i.e. PGP's x.509 stuff). + +2003-08-02 David Shaw + + * options.h, g10.c (main), keylist.c (list_keyblock_print), + keyedit.c (print_and_check_one_sig): New "show-sig-expire" + list-option to show signature expiration dates (if any). + +2003-07-24 David Shaw + + * options.h, g10.c (main, add_keyserver_url): Add + --sig-preferred-keyserver to implant a "where to get my key" + subpacket into a signature. + + * sign.c (mk_notation_and_policy): Rename to + mk_notation_policy_etc and add preferred keyserver support for + signatures. + +2003-07-21 David Shaw + + * keygen.c (do_add_key_flags): Don't set the certify flag for + subkeys. + (ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal + subkeys. + (generate_keypair): Provide key flags for the default DSA/Elgamal + keys. + + * sig-check.c (signature_check, signature_check2, + check_key_signature, check_key_signature2): Allow passing NULLs + for unused parameters in the x2 form of each function to avoid the + need for dummy variables. getkey.c, mainproc.c: Change all + callers. + + * trustdb.h, trustdb.c (read_trust_options): New. Returns items + from the trustdb version record. + + * keylist.c (public_key_list): Use it here for the new "tru" + record. + + * gpgv.c (read_trust_options): Stub. + +2003-07-20 David Shaw + + * keyedit.c (show_key_with_all_names): Use list-option + show-validity in --edit-key interface as well. + +2003-07-19 David Shaw + + * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add + verify-options "show-validity" and "show-long-keyid" to show + trustdb validity and long keyids during (file) signature + verification. + + * packet.h, main.h, sig-check.c (signature_check2, + check_key_signature2, do_check): If ret_pk is set, fill in the pk + used to verify the signature. Change all callers in getkey.c, + mainproc.c, and sig-check.c. + + * keylist.c (list_keyblock_colon): Use the ret_pk from above to + put the fingerprint of the signing key in "sig" records during a + --with-colons --check-sigs. This requires --no-sig-cache as well + since we don't cache fingerprints. + +2003-07-10 David Shaw + + * parse-packet.c (parse_signature): No need to reserve 8 bytes for + the unhashed signature cache any longer. + + * misc.c (pct_expando): Add two new expandos - signer's + fingerprint (%g), and signer's primary fingerprint (%p). + + * Makefile.am: Include W32LIBS where appropriate. + + * g10.c (main): Add --rfc2440 alias for --openpgp since in a few + months, they won't be the same thing. + + * keyserver.c (parse_keyserver_uri): Accept "http" as an alias for + "hkp", since it is occasionally written that way. + (keyserver_spawn): Use ascii_isspace to avoid locale issues. + + * keygen.c (ask_user_id): Make --allow-freeform-uid apply to the + email field as well as the name field, and allow mixing fields + when it is set. + + * options.skel: Use subkeys.pgp.net as the default keyserver. + + * trustdb.c (validate_one_keyblock): Certifications on revoked or + expired uids do not count in the web of trust. + + * signal.c (init_one_signal, pause_on_sigusr, do_block): Only use + sigprocmask() if we have sigset_t, and only use sigaction() if we + have struct sigaction. This is for Forte c89 on Solaris which + seems to define only the function call half of the two pairs by + default. + (pause_on_sigusr): Typo. + (do_block): If we can't use sigprocmask() and sigset_t, try to get + the number of signals from NSIG as well as MAXSIG, and if we + can't, fail with an explanation. + + * signal.c, tdbio.c: Comment out the transaction code. It was not + used in this version, and was causing some build problems on + quasi-posix platforms (Solaris and Forte c89). + + * keylist.c (list_keyblock_colon): Don't include validity values + when listing secret keys since they can be incorrect and/or + misleading. This is a temporary kludge, and will be handled + properly in 1.9/2.0. + + * mainproc.c (check_sig_and_print): Only show the "key available + from" preferred keyserver line if the key is not currently + present. + + * keyedit.c (sign_uids): Do not sign expired uids without --expert + (same behavior as revoked uids). Do not allow signing a user ID + without a self-signature. --expert overrides. Add additional + prompt to the signature level question. + (menu_expire): When changing expiration dates, don't replace + selfsigs on revoked uids since this would effectively unrevoke + them. There is also no point in replacing expired selfsigs. This + is bug #181 + +2003-07-10 David Shaw (from Werner on stable branch) + + * g10.c (add_notation_data): Make sure that only ascii is passed + to iscntrl. Noted by Christian Biere. + * getkey.c (classify_user_id2): Replaced isspace by spacep + * keygen.c (ask_user_id): Ditto. + (get_parameter_algo): Ditto. + * keyedit.c (keyedit_menu): Ditto. + * tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/. + * revoke.c (ask_revocation_reason): + * keyserver.c (keyserver_spawn): Dito. + +2003-06-10 Werner Koch + + * parse-packet.c (parse): Disallow old style partial length for + all key material packets to avoid possible corruption of keyrings. + +2003-06-08 Werner Koch + + * import.c (import_keys_internal): Invalidate the cache so that + the file descriptor gets closed. Fixes bug reported by Juan + F. Codagnone. + +2003-06-04 David Shaw + + * options.skel: Use new hkp://subkeys.pgp.net as sample keyserver + since they at least handle subkeys correctly. + + * options.h, g10.c (main), main.h, keylist.c (show_keyserver_url), + mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt, + parse_one_sig_subpkt, can_handle_critical): Add read-only support + for preferred keyserver subpackets. They're basically policy URLs + with a different name. Add a verify-option + "show-preferred-keyserver" to turn them on and off (on by default, + as per stable branch). + + * g10.c (main): Add "--set-notation" as alias to "--notation-data" + this is to make things consistent with --set-policy-url meaning + both sigs and certs. + +2003-06-03 David Shaw + + * options.h, g10.c (main), keylist.c (list_keyblock_print): Add + "show-validity" and "show-long-keyid" list-options. + + * gpgv.c (get_validity, trust_value_to_string): Stubs. + + * g10.c (main): Use SAFE_VERSION instead of VERSION in the + version-specific gpg.conf file so it can be overridden on RISCOS. + +2003-06-01 David Shaw + + * g10.c (main), keylist.c (show_policy_url, show_notation), + mainproc.c (check_sig_and_print): Emulate the old policy and + notation behavior (display by default). Send to status-fd whether + it is displayed on the screen or not. + + * g10.c (main): Since we now have some options in devel that won't + work in a stable branch gpg.conf file, try for a version-specific + gpg.conf-VERSION file before falling back to gpg.conf. + + * main.h, options.h: Move various option flags to options.h. + +2003-05-31 David Shaw + + * mainproc.c (check_sig_and_print), main.h, keylist.c + (show_policy, show_notation): Collapse the old print_notation_data + into show_policy() and show_notation() so there is only one + function to print notations and policy URLs. + + * options.h, main.h, g10.c (main), keyedit.c + (print_and_check_one_sig), keylist.c (list_one, + list_keyblock_print), pkclist.c (do_edit_ownertrust), sign.c + (mk_notation_and_policy): New "list-options" and "verify-options" + commands. These replace the existing + --show-photos/--no-show-photos, + --show-notation/--no-show-notation, + --show-policy-url/--no-show-policy-url, and --show-keyring + options. The new method is more flexible since a user can specify + (for example) showing photos during sig verification, but not in + key listings. The old options are emulated. + + * main.h, misc.c (parse_options): New general option line + parser. Fix the bug in the old version that did not handle report + syntax errors after a valid entry. + + * import.c (parse_import_options), export.c + (parse_export_options): Call it here instead of duplicating the + code. + +2003-05-30 David Shaw + + * keylist.c (list_one): Don't show the keyring filename when in + --with-colons mode. Actually translate "Keyring" string. + + * mainproc.c (proc_tree): We can't currently handle multiple + signatures of different classes or digests (we'd pretty much have + to run a different hash context for each), but if they are all the + same, make an exception. This is Debian bug #194292. + + * sig-check.c (check_key_signature2): Make string translatable. + + * packet.h, getkey.c (fixup_uidnode): Mark real primary uids + differently than assumed primaries. + + * keyedit.c (no_primary_warning): Use the differently marked + primaries here in a new function to warn when an --edit-key + command might rearrange the self-sig dates enough to change which + uid is primary. + (menu_expire, menu_set_preferences): Use no_primary_warning() + here. + + * Makefile.am: Use @DLLIBS@ for -ldl. + +2003-05-26 David Shaw + + * getkey.c (premerge_public_with_secret): Made "no secret subkey + for" warning a verbose item and translatable. (From wk on stable + branch) + + * sig-check.c (check_key_signature2): Made "no subkey for subkey + binding packet" a verbose item instead of a !quiet one. There are + too many garbled keys out in the wild. (From wk on stable branch) + + * filter.h: Remove const from WHAT. (From wk on stable branch) + + * progress.c (handle_progress): Store a copy of + NAME. (progress_filter): Release WHAT, make sure not to print a + NULL WHAT. (From wk on stable branch) + + * openfile.c (open_sigfile): Adjust free for new progress + semantics. (From wk on stable branch) + + * plaintext.c (ask_for_detached_datafile): Don't dealloc + pfx->WHAT. (From wk on stable branch) + + * seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when the + cipher algo is IDEA to make it easier to track down the + problem. (From twoaday on stable branch) + +2003-05-24 David Shaw + + * armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, + build-packet.c, getkey.c, keydb.c, openfile.c, plaintext.c, + status.c, gpgv.c, keygen.c, options.h, sig-check.c, tdbio.h, + encode.c, mainproc.c, parse-packet.c, signal.c, textfilter.c: Edit + all preprocessor instructions to remove whitespace before the '#'. + This is not required by C89, but there are some compilers out + there that don't like it. + +2003-05-21 David Shaw + + * trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename + is_disabled to cache_disabled_value, which now takes a pk and not + just the keyid. This is for speed since there is no need to + re-fetch a key when we already have that key handy. Cache the + result of the check so we don't need to hit the trustdb more than + once. + + * getkey.c (skip_disabled): New function to get a pk and call + is_disabled on it. (key_byname): Use it here. + + * packet.h, getkey.c (skip_disabled), keylist.c + (print_capabilities): New "pk_is_disabled" macro to retrieve the + cached disabled value if available, and fill it in via + cache_disabled_value if not available. + + * trustdb.c (get_validity): Cache the disabled value since we have + it handy and it might be useful later. + + * parse-packet.c (parse_key): Clear disabled flag when parsing a + new key. Just in case someone forgets to clear the whole key. + + * getkey.c (merge_selfsigs_main): Add an "if all else fails" path + for setting a single user ID primary when there are multiple set + primaries all at the same second, or no primaries set and the most + recent user IDs are at the same second, or no signed user IDs at + all. This is arbitrary, but deterministic. + + * exec.h, photoid.h: Add copyright message. + + * keylist.c (list_keyblock_print): Don't dump attribs for + revoked/expired/etc uids for non-colon key listings. This is for + consistency with --show-photos. + + * main.h, keylist.c (dump_attribs), mainproc.c + (check_sig_and_print): Dump attribs if --attrib-fd is set when + verifying signatures. + + * g10.c (main): New --gnupg option to disable the various + --openpgp, --pgpX, etc. options. This is the same as --no-XXXX + for those options. + + * revoke.c (ask_revocation_reason): Clear old reason if user + elects to repeat question. This is bug 153. + + * keyedit.c (sign_uids): Show keyid of the key making the + signature. + +2003-05-21 Werner Koch + + * progress.c (handle_progress) + * sign.c (write_plaintext_packet) + * encode.c (encode_simple,encode_crypt): Make sure that a filename + of "-" is considered to be stdin so that iobuf_get_filelength + won't get called. This fixes bug 156 reported by Gregery Barton. + +2003-05-02 David Shaw + + * packet.h, build-packet.c (build_sig_subpkt), export.c + (do_export_stream), import.c (remove_bad_stuff, import), + parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt): Remove + vestigal code for the old sig cache subpacket. This wasn't + completely harmless as it caused subpacket 101 to disappear on + import and export. + + * options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, + sign.c, encode.c, getkey.c, revoke.c: The current flags for + different levels of PGP-ness are massively complex. This is step + one in simplifying them. No functional change yet, just use a + macro to check for compliance level. + + * sign.c (sign_file): Fix bug that causes spurious compression + preference warning. + + * sign.c (clearsign_file): Fix bug that prevents proper warning + message from appearing when clearsigning in --pgp2 mode with a + non-v3 RSA key. + + * main.h, misc.c (compliance_option_string, compliance_string, + compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file, + clearsign_file), encode.c (encode_crypt, + write_pubkey_enc_from_list): New functions to put the "this + message may not be usable...." warning in one place. + + * options.h, g10.c (main): Part two of the simplification. Use a + single enum to indicate what we are compliant to (1991, 2440, + PGPx, etc.) + + * g10.c (main): Show errors for failure in export, send-keys, + recv-keys, and refresh-keys. + + * options.h, g10.c (main): Give algorithm warnings for algorithms + chosen against the --pgpX and --openpgp rules. + + * keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in + --openpgp mode. + + * sign.c (sign_file), pkclist.c (algo_available): Allow passing a + hint of 0. + +2003-05-01 David Shaw + + * tdbio.c (create_version_record): Only create new trustdbs with + TM_CLASSIC or TM_PGP. + + * trustdb.h, trustdb.c (trust_string, get_ownertrust_string, + get_validity_string, ask_ownertrust, validate_keys), pkclist.c + (do_edit_ownertrust): Rename trust_string to trust_value_to_string + for naming consistency. + + * trustdb.h, trustdb.c (string_to_trust_value): New function to + translate a string to a trust value. + + * g10.c (main): Use string_to_trust_value here for + --force-ownertrust. + + * options.h, g10.c (main), trustdb.c (trust_model_string, + init_trustdb, check_trustdb, update_trustdb, get_validity, + validate_one_keyblock): An "OpenPGP" trust model is misleading + since there is no official OpenPGP trust model. Use "PGP" + instead. + +2003-04-30 David Shaw + + * build-packet.c (build_sig_subpkt): Comments. + + * exec.c (exec_write): Cast NULL to void* to properly terminate + varargs list. + + * keyedit.c (show_key_with_all_names): Just for safety, catch an + invalid pk algorithm. + + * sign.c (make_keysig_packet): Crucial that the call to mksubpkt + comes LAST before the calls to finalize the sig as that makes it + possible for the mksubpkt function to get a reliable pointer to + the subpacket area. + + * pkclist.c (do_we_trust_pre): If an untrusted key was chosen by a + particular user ID, use that ID as the one to ask about when + prompting whether to use the key anyway. + (build_pk_list): Similar change here when adding keys to the + recipient list. + + * trustdb.c (update_validity): Fix bug that prevented more than + one validity record per trust record. + (get_validity): When retrieving validity for a (user) supplied + user ID, return the validity for that user ID only, and do not + fall back to the general key validity. + (validate_one_keyblock): Some commentary on whether + non-self-signed user IDs belong in the web of trust (arguably, + they do). + +2003-04-27 David Shaw + + * g10.c (main): Add --no-textmode. + + * export.c (do_export_stream), keyedit.c (show_key_with_all_names, + menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c + (show_photos), sign.c (mk_notation_and_policy), trustdb.c + (get_validity, reset_trust_records, validate_keys): Make some + strings translatable. + + * mainproc.c (check_sig_and_print): Show digest algorithm and sig + class when verifying a sig with --verbose on, and add version, pk + and hash algorithms and sig class to VALIDSIG. + + * parse-packet.c (enum_sig_subpkt): Make a warning message a + --verbose warning message since we don't need to warn every time + we see an unknown critical (we only need to invalidate the + signature). + + * trustdb.c (init_trustdb): Check the trustdb options even with + TM_AUTO since the auto may become TM_CLASSIC or TM_OPENPGP. + +2003-04-26 David Shaw + + * sign.c (do_sign): Show the hash used when making a signature in + verbose mode. + + * tdbio.h, tdbio.c (tdbio_read_model): New function to return the + trust model used in a given trustdb. + + * options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb, + update_trustdb): Use tdbio_read_model to implement an "auto" trust + model which is set via the trustdb. + +2003-04-23 David Shaw + + * import.c (import_revoke_cert): Remove ultimate trust when + revoking an ultimately trusted key. + + * keyedit.c (sign_uids): Allow replacing expired signatures. + Allow duplicate signatures with --expert. + + * pkclist.c (check_signatures_trust): Don't display a null + fingerprint when checking a signature with --always-trust enabled. + + * filter.h (progress_filter_context_t), progress.c + (handle_progress), plaintext.c (ask_for_detached_datafile, + hash_datafiles): Fix compiler warnings. Make "what" constant. + + * build-packet.c (do_plaintext): Do not create invalid literal + packets with >255-byte names. + +2003-04-15 Werner Koch + + * Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS. + + * g10.c, options.h: New option --enable-progress-filter. + * progress.c (handle_progress): Make use of it. + +2003-04-15 Marcus Brinkmann + + * progress.c: New file. + * Makefile.am (common_source): Add progress.c. + * filter.h (progress_filter_context_t): New type. + (progress_filter, handle_progress): New prototypes. + * main.h (open_sigfile): New argument for prototype. + * openfile.c (open_sigfile): New argument to install progress + filter. + * encode.c (encode_simple): New variable PFX. Register + progress filter. Install text_filter after that. + (encode_crypt): Likewise. + * sign.c (sign_file): Likewise. + (clearsign_file): Likewise. + * decrypt.c (decrypt_message): Likewise. + (decrypt_messages): Likewise. + * verify.c (verify_signatures): Likewise. + (verify_one_file): Likewise. + * plaintext.c (hash_datafiles): Likewise. + (ask_for_detached_datafile): Likewise. + +2003-04-10 Werner Koch + + * passphrase.c (read_passphrase_from_fd): Do a dummy read if the + agent is to be used. Noted by Ingo Klöcker. + (agent_get_passphrase): Inhibit caching when we have no + fingerprint. This is required for key generation as well as for + symmetric only encryption. + + * passphrase .c (agent_get_passphrase): New arg CANCELED. + (passphrase_to_dek): Ditto. Passed to above. Changed all + callers to pass NULL. + * seckey-cert.c (do_check): New arg CANCELED. + (check_secret_key): Terminate loop when canceled. + + * keyedit.c (change_passphrase): Pass ERRTEXT untranslated to + passphrase_to_dek and translate where appropriate. + * seckey-cert.c (check_secret_key): Ditto. + * keygen.c (ask_passphrase): Ditto. + * passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT. + Switch the codeset to utf-8. + +2003-04-09 Werner Koch + + * decrypt.c (decrypt_messages): Fixed error handling; the function + used to re-loop with same file after an error. Reported by Joseph + Walton. + +2003-04-08 David Shaw + + * main.h, g10.c (main), import.c (parse_import_options, + fix_pks_corruption): It's really PKS corruption, not HKP + corruption. Keep the old repair-hkp-subkey-bug command as an + alias. + + * g10.c (main): Rename --no-version to --no-emit-version for + consistency. Keep --no-version as an alias. + +2003-04-04 David Shaw + + * pkclist.c (algo_available): PGP 8 can use the SHA-256 hash. + + * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove + unused code. + +2003-04-01 Werner Koch + + * mainproc.c (check_sig_and_print): Add primary key fpr to VALIDSIG + status. + +2003-03-24 David Shaw + + * keydb.h: Err on the side of making an unknown signature a SIG + rather than a CERT. + + * import.c (delete_inv_parts): Discard any key signatures that + aren't key types (i.e. 0x00, 0x01, etc.) + + * g10.c (main): Add deprecated option warning for + --list-ownertrust. Add --compression-algo alias for + --compress-algo. Change --version output strings to match + "showpref" strings, and make translatable. + + * status.c (do_get_from_fd): Accept 'y' as well as 'Y' for + --command-fd boolean input. + + * trustdb.c: Fix typo (DISABLE_REGEXP -> DISABLE_REGEX) + + * keyedit.c (show_key_with_all_names_colon): Show no-ks-modify + flag. + +2003-03-11 David Shaw + + * options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv" + keyserver option. Defaults to on. + + * passphrase.c (agent_get_passphrase): Fix memory leak with + symmetric messages. Fix segfault with symmetric messages. Fix + incorrect prompt with symmetric messages. + +2003-03-10 Werner Koch + + * compress.c (init_uncompress): Use a 15 bit window size so that + the output of implementations which don't run for PGP 2 + compatibility won't get garbled. + +2003-03-04 David Shaw + + * trustdb.c (validate_keys): Mask the ownertrust when building the + list of fully valid keys so that disabled keys are still counted + in the web of trust. + (get_ownertrust_with_min): Do the same for the minimum ownertrust + calculation. + + * parse-packet.c (dump_sig_subpkt): Show the notation names for + not-human-readable notations. Fix cosmetic off-by-one length + counter. + + * options.skel: Add explantion and commented-out + "no-mangle-dos-filenames". + + * mainproc.c (proc_encrypted): Make string translatable. + + * keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit + characters in the uid strings sent to the keyserver helper. + + * keyring.c (keyring_rebuild_cache): Lock the keyring while + rebuilding the signature caches to prevent another gpg from + tampering with the temporary copy. + + * keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in + default prefs. + + * keyedit.c (show_prefs): Make strings translatable. + + * keydb.c: Double the maximum number of keyrings to 40. + + * gpgv.c (main): Fix bug #113 - gpgv should accept the + --ignore-time-conflict option. + + * g10.c (main): --openpgp disables --pgpX. Double the amount of + secure memory to 32k (keys are getting bigger these days). + + * Makefile.am: Makefile.am: Use @CAPLIBS@ to link in -lcap if we + are using capabilities. + +2003-02-26 David Shaw + + * keyserver.c (keyserver_spawn): Include various pieces of + information about the key in the data sent to the keyserver + helper. This allows the helper to use it in instructing a remote + server which may not have any actual OpenPGP smarts in parsing + keys. + + * main.h, export.c (export_pubkeys_stream, do_export_stream): Add + ability to return only the first match in an exported keyblock for + keyserver usage. This should be replaced at some point with a + more flexible solution where each key can be armored seperately. + +2003-02-22 David Shaw + + * sign.c (sign_file): Do not push textmode filter onto an unopened + IOBUF (segfault). Noted by Marcus Brinkmann. Push and + reinitialize textmode filter for each file in a multiple file + list. + + * packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Set + and show the keyserver no-modify flag. + + * keygen.c (add_keyserver_modify): New. + (keygen_upd_std_prefs): Call it here. + (keygen_set_std_prefs): Accept "ks-modify" and "no-ks-modify" as + prefs to set and unset keyserver modify flag. + + * g10.c (main): Accept "s1" in addition to "idea" to match the + other ciphers. + + * main.h, misc.c (idea_cipher_warn): We don't need this if IDEA + has been disabled. + +2003-02-21 David Shaw + + * keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in + default prefs if they are disabled. + + * g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5 + support. Use 3DES for the s2k cipher in --openpgp mode. + (print_mds): #ifdef all of the optional digest algorithms. + +2003-02-12 David Shaw + + * keydb.h, getkey.c (classify_user_id, classify_user_id2): Make + 'exact' a per-desc item. Merge into one function since + 'force_exact' is no longer needed. + (key_byname): Use new classify_user_id function, and new exact + flag in KEYDB_SEARCH_DESC. + + * keyring.h, keyring.c (keyring_search): Return an optional index + to show which KEYDB_SEARCH_DESC was the matching one. + + * keydb.h, keydb.c (keydb_search): Rename to keydb_search2, and + pass the optional index to keyring_search. Add a macro version of + keydb_search that calls this new function. + + * export.c (do_export_stream): If the keyid! syntax is used, + export only that specified key. If the key in question is a + subkey, export the primary plus that subkey only. + +2003-02-11 David Shaw + + * exec.c (set_exec_path): Add debugging line. + + * g10.c (print_hex, print_mds): Print long hash strings a lot + neater. This assumes at least an 80-character display, as there + are a few other similar assumptions here and there. Users who + need unformatted hashes can still use with-colons. Check that + SHA384 and 512 are available before using them as they are no + longer always available. + + * Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ + as GNUPG_LIBEXECDIR so it can be easily overridden at make time. + +2003-02-04 David Shaw + + * armor.c (parse_hash_header, armor_filter): Accept the new SHAs + in the armor Hash: header. + + * g10.c (print_hex): Print long hash strings a little neater. + (print_mds): Add the new SHAs to the hash list. + +2003-02-02 David Shaw + + * keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on + a v4 key (treat as a v4 revocation). + + * import.c (print_import_check): Do not re-utf8 convert user IDs. + +2003-01-27 David Shaw + + * mainproc.c (list_node): Show signature expiration date in + with-colons sig records. + + * keylist.c (list_keyblock_colon), mainproc.c (list_node): Show + trust sig information in with-colons sig records. + +2003-01-16 David Shaw + + * g10.c (add_group): Trim whitespace after a group name so it does + not matter where the user puts the = sign. + + * options.skel: Comment out the first three lines in case someone + manually copies the skel file to their homedir. + + * sign.c (clearsign_file): Only use pgp2mode with v3 keys and + MD5. This matches what we do when decoding such messages and + prevents creating a message (v3+RIPEMD/160) that we can't verify. + + * sig-check.c (signature_check2): Use G10ERR_GENERAL as the error + for signature digest conflict. BAD_SIGN implies that a signature + was checked and we may try and print out a user ID for a key that + doesn't exist. + +2003-01-15 David Shaw + + * trustdb.c (init_trustdb, get_validity): Don't use a changed + trust model to indicate a dirty trustdb, and never auto-rebuild a + dirty trustdb with the "always" trust model. + + * g10.c (add_group): Last commit missed the \t ;) + +2003-01-14 David Shaw + + * packet.h, parse-packet.c (setup_user_id), free-packet.c + (free_user_id), keydb.h, keyid.c (namehash_from_uid): New function + to rmd160-hash the contents of a user ID packet and cache it in + the uid object. + + * keylist.c (list_keyblock_colon): Use namehash in field 8 of + uids. Show dates for creation (selfsig date), and expiration in + fields 6 and 7. + + * trustdb.c (get_validity, get_validity_counts, update_validity): + Use new namehash function rather than hashing it locally. + +2003-01-14 Werner Koch + + * g10.c (add_group): Fixed group parsing to allow more than one + delimiter in a row and also allow tab as delimiter. + +2003-01-12 David Shaw + + * tdbio.c (tdbio_set_dbname): Fix assertion failure with + non-fully-qualified trustdb names. + +2003-01-11 David Shaw + + * trustdb.c (get_validity_info, get_ownertrust_info, + trust_letter): Simplify by returning a ? for error directly. + + * keyedit.c (show_key_with_all_names): Use get_validity_string and + get_ownertrust_string to show full word versions of trust + (i.e. "full" instead of 'f'). + + * trustdb.h, trustdb.c (get_ownertrust_string, + get_validity_string): Same as get_ownertrust_info, and + get_validity_info, except returns a full string. + + * trustdb.c (get_ownertrust_with_min): New. Same as + 'get_ownertrust' but takes the min_ownertrust value into account. + +2003-01-10 David Shaw + + * armor.c (armor_filter): Comment about PGP's end of line tab + problem. + + * trustdb.h, trustdb.c (trust_letter): Make + static. (get_ownertrust_info, get_validity_info): Don't mask the + trust level twice. + + * trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info), + keylist.c (list_keyblock_colon), keyedit.c + (show_key_with_all_names_colon, menu_revuid): Pass a user ID in + rather than a namehash, so we only have to do the hashing in one + place. + + * packet.h, pkclist.c (build_pk_list), free-packet.c + (release_public_key_parts): Remove unused namehash element for + public keys. + +2003-01-07 David Shaw + + * keygen.c (keygen_set_std_prefs): Warn when setting an IDEA + preference when IDEA is not available. + +2003-01-06 David Shaw + + * trustdb.c (get_validity_info): 'd' for disabled is not a + validity value any more. + + * packet.h, tdbio.h, tdbio.c (tdbio_read_record, + tdbio_write_record), trustdb.c (update_validity): Store temporary + full & marginal counts in the trustdb. + (clear_validity, get_validity_counts): Return and clear temp + counts. + (store_validation_status): Keep track of which keyids have been + stored. + (validate_one_keyblock, validate_key_list): Use per-uid copies of + the full & marginal counts so they can be recalled for multiple + levels. + (validate_keys): Only use unused keys for each new round. + (reset_unconnected_keys): Rename to reset_trust_records, and only + skip specifically excluded records. + + * keylist.c (print_capabilities): Show 'D' for disabled keys in + capabilities section. + + * trustdb.c (is_disabled): Remove incorrect comment. + +2003-01-03 David Shaw + + * import.c (import_one): Only do the work to create the status + display for interactive import if status is enabled. + + * keyring.c (keyring_search): skipfnc didn't work properly with + non-keyid searches. Noted by Stefan Bellon. + + * getkey.c (merge_selfsigs_main): Remove some unused code and make + sure that the pk selfsigversion member accounts for 1F direct + sigs. + +2003-01-02 Werner Koch + + * keydb.c (keydb_add_resource): Don't assume that try_make_homedir + terminates but check again for the existence of the directory and + continue then. + * openfile.c (copy_options_file): Print a warning if the skeleton + file has active options. + +2002-12-29 David Shaw + + * getkey.c (merge_selfsigs_main), main.h, sig-check.c + (check_key_signature2): Pass the ultimately trusted pk directly to + check_key_signature2 to avoid going through the key selection + mechanism. This prevents a deadly embrace when two keys without + selfsigs each sign the other. + +2002-12-27 David Shaw + + * keyserver.c (keyserver_refresh): Don't print the "refreshing..." + line if there are no keys to refresh or if there is no keyserver + set. + + * getkey.c (merge_selfsigs_main): Any valid user ID should make a + key valid, not just the last one. This also fixes Debian bug + #174276. + +2002-12-27 Stefan Bellon + + * import.c (print_import_check): Changed int to size_t. + +2002-12-27 David Shaw + + * keyedit.c (keyedit_menu, menu_revuid): Add "revuid" feature to + revoke a user ID. This is the same as issuing a revocation for + the self-signature, but a much simpler interface to do it. + +2002-12-26 David Shaw + + * keydb.h, getkey.c (key_byname): Flag to enable or disable + including disabled keys. Keys specified via keyid (i.e. 0x...) + are always included. + + * getkey.c (get_pubkey_byname, get_seckey_byname2, + get_seckey_bynames), keyedit.c (keyedit_menu, menu_addrevoker): + Include disabled keys in these functions. + + * pkclist.c (build_pk_list): Do not include disabled keys for -r + or the key prompt. Do include disabled keys for the default key + and --encrypt-to. + + * trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping + disabled keys. + + * gpgv.c (is_disabled): Stub. + + * keygen.c (keygen_add_key_expire): Properly handle updating a key + expiration to a no-expiration value. + + * keyedit.c (enable_disable_key): Comment. + + * import.c (import_one): When in interactive mode and --verbose, + don't repeat some key information twice. + +2002-12-22 Timo Schulz + + * import.c (print_import_check): New. + (import_one): Use it here. + Use merge_keys_and_selfsig in the interactive mode to avoid + wrong key information. + * status.h: Add new status code. + * status.c: Ditto. + +2002-12-13 David Shaw + + * pkclist.c (do_we_trust): Tweak language to refer to the "named + user" rather than "owner". Noted by Stefan Bellon. + + * trustdb.h, trustdb.c (trustdb_pending_check): New function to + check if the trustdb needs a check. + + * import.c (import_keys_internal): Used here so we don't rebuild + the trustdb if it is still clean. + (import_one, chk_self_sigs): Only mark trustdb dirty if the key + that is being imported has any sigs other than self-sigs. + Suggested by Adrian von Bidder. + + * options.skel: Include the required '=' sign in the sample + 'group' option. Noted by Stefan Bellon. + + * import.c (chk_self_sigs): Don't try and check a subkey as if it + was a signature. + +2002-12-11 David Shaw + + * tdbio.c (tdbio_read_record, tdbio_write_record): Compact the + RECTYPE_TRUST records a bit. + + * g10.c (main): Comment out --list-trust-path until it can be + implemented. + + * import.c (import_one): Warn when importing an Elgamal primary + that this may take some time (to verify self-sigs). + (chk_self_sigs): Try and cache all self-sigs so the keyblock is + written to the keyring with a good rich cache. + + * keygen.c (ask_algo): Make the Elgamal sign+encrypt warning + stronger, and remove the RSA sign+encrypt warning. + +2002-12-06 Stefan Bellon + + * options.h: Fixed typo (mangle_dos_names instead of + mangle_dos_filenames). + +2002-12-05 Werner Koch + + * g10.c: New options --[no-]mangle-dos-filenames. + * options.h (opt): Added mangle-dos-filenames. + * openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the + filename only when this option is set; this is the default. + +2002-12-04 David Shaw + + * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) + change. Minimal isn't always best. + + * sign.c (update_keysig_packet): Use the current time rather then + a modification of the original signature time. Make sure that + this doesn't cause a time warp. + + * keygen.c (keygen_add_key_expire): Properly handle a key + expiration date in the past (use a duration of 0). + + * keyedit.c (menu_expire): Use update_keysig_packet so any sig + subpackets are maintained during the update. + + * build-packet.c (build_sig_subpkt): Mark sig expired or unexpired + when the sig expiration subpacket is added. + (build_sig_subpkt_from_sig): Handle making an expiration subpacket + from a sig that has already expired (use a duration of 0). + + * packet.h, sign.c (update_keysig_packet), keyedit.c + (menu_set_primary_uid, menu_set_preferences): Add ability to issue + 0x18 subkey binding sigs to update_keysig_packet and change all + callers. + + * trustdb.c (validate_keys): Show trust parameters when building + the trustdb, and make sure that the version record update was + successful. + (init_trustdb): If the current parameters aren't what was used for + building the trustdb, the trustdb is invalid. + + * tbio.c (tdbio_db_matches_options): Update to work with new + trustdbs. + +2002-12-03 David Shaw + + * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store + trust model in the trustdb version record. + (tdbio_update_version_record): New function to update version + record values during a trustdb check or update. + (tdbio_dump_record): Show trust model in dump. + + * trustdb.c (validate_keys): Call tdbio_update_version_record on + success so that the correct options are stored in the trustdb. + + * options.h: rearrange trust models so that CLASSIC is 0 and + OPENPGP is 1. + + * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list), + pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 + mode. This is basically identical to --pgp7 in all ways except + that signing subkeys, v4 data sigs (including expiration), and SK + comments are allowed. + + * getkey.c (finish_lookup): Comment. + + * main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): + Reorder user ID display in the --edit-key menu to match that of + the --list-keys display. + + * g10.c (add_notation_data): Fix initialization. + +2002-12-01 David Shaw + + * keyedit.c (menu_expire): Don't lose key flags when changing the + expiration date of a subkey. This is not the most optimal + solution, but it is minimal change on the stable branch. + + * main.h, keygen.c (do_copy_key_flags): New function to copy key + flags, if any, from one sig to another. + (do_add_key_expire): New function to add key expiration to a sig. + (keygen_copy_flags_add_expire): New version of + keygen_add_key_expire that also copies key flags. + (keygen_add_key_flags_and_expire): Use do_add_key_expire. + + * import.c (fix_hkp_corruption): Comment. + +2002-11-25 Stefan Bellon + + * plaintext.c (handle_plaintext) [__riscos__]: If nooutput is set, + no filetype is needed obviously. + +2002-11-24 David Shaw + + * main.h, misc.c (default_cipher_algo, default_compress_algo): + New. Return the default algorithm by trying + --cipher-algo/--compress-algo, then the first item in the pref + list, then s2k-cipher-algo or ZIP. + + * sign.c (sign_file, sign_symencrypt_file), encode.c + (encode_simple, encode_crypt): Call default_cipher_algo and + default_compress_algo to get algorithms. + + * g10.c (main): Allow pref selection for compress algo with + --openpgp. + + * mainproc.c (proc_encrypted): Use --s2k-digest-algo for + passphrase mangling rather than --digest-algo. + + * sign.c (hash_for): If --digest-algo is not set, but + --personal-digest-preferences is, then use the first hash + algorithm in the personal list. If the signing algorithm is DSA, + then use the first 160-bit hash algorithm in the personal list. + If --pgp2 is set and it's a v3 RSA key, use MD5. + + * g10.c (main), keydb.c (keydb_add_resource, + keydb_locate_writable): Rename --default-keyring as + --primary-keyring. Stefan wins the naming contest. + +2002-11-23 David Shaw + + * g10.c (add_notation_data): Disallow notation names that do not + contain a '@', unless --expert is set. This is to help prevent + people from polluting the (as yet unused) IETF namespace. + + * main.h: Comments about default algorithms. + + * photoid.c (image_type_to_string): Comments about 3-letter file + extensions. + + * encode.c (encode_simple), passphrase.c (passphrase_to_dek), + sign.c (sign_symencrypt_file): Use --s2k-digest-algo for + passphrase mangling rather than --digest-algo. + +2002-11-21 David Shaw + + * keygen.c (keygen_set_std_prefs): Properly handle an empty + preference string. + + * misc.c (string_to_compress_algo): "none" is a bad choice since + it conflicts with the "none" in setpref. + +2002-11-14 David Shaw + + * g10.c (main): Allow compression algorithm names as the argument + to --compress-algo. The old algorithm names still work for + backwards compatibility. + + * misc.c (string_to_compress_algo): Allow "none" as an alias for + "uncompressed". + +2002-11-13 Stefan Bellon + + * getkey.c (get_pubkey_byfprint_fast): Fixed type incompatibility, + was unsigned char instead of byte. + +2002-11-13 David Shaw + + * encode.c (encode_simple): Make sure that files larger than about + 4G use partial length encoding. This is required because OpenPGP + allows only for 32 bit length fields. From Werner on stable + branch. + + * getkey.c (get_pubkey_direct): Renamed to... + (get_pubkey_fast): this and made extern. + (get_pubkey_byfprint_fast): New. From Werner on stable branch. + + * keydb.h, import.c (import_one): Use get_pubkey_fast instead of + get_pubkey. We don't need a merged key and actually this might + lead to recursions. + (revocation_present): Likewise for search by fingerprint. From + Werner on stable branch. + + * g10.c (main): Try to create the trustdb even for non-colon-mode + list-key operations. This is required because getkey needs to + know whether a a key is ultimately trusted. From Werner on stable + branch. + + * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; + we don't need it here as it behaves more like a Posix system. + From Werner on stable branch. + + * passphrase.c (agent_get_passphrase): Ditto. From Werner on + stable branch. + + * tdbio.c (MY_O_BINARY): Need binary mode with Cygwin. From + Werner on stable branch. + + * g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from + the registry. From Werner on stable branch. + + * keyedit.c (show_key_with_all_names_colon): Make --with-colons + --edit display match the validity and trust of --with-colons + --list-keys. + + * passphrase.c (agent_send_all_options): Fix compile warning. + + * keylist.c (list_keyblock_colon): Validity for subkeys should + match that of the primary key, and not that of the last user ID. + + * getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys + carry these facts onto all their subkeys, but only after the + subkey has a chance to be marked valid. This is to fix an + incorrect "invalid public key" error verifying a signature made by + a revoked signing subkey, with a valid unrevoked primary key. + +2002-11-09 Werner Koch + + * passphrase.c (agent_send_all_options): Use tty_get_ttyname to + get the default ttyname. + +2002-11-07 David Shaw + + * keyring.h, keyring.c (keyring_register_filename): Return the + pointer if a given keyring is registered twice. + + * keydb.h, keydb.c (keydb_add_resource): Use flags to indicate a + default keyring. + (keydb_locate_writable): Prefer the default keyring if possible. + + * g10.c (main): Add --default-keyring option. + +2002-11-06 David Shaw + + * options.h, g10.c (main), trustdb.c (ask_ownertrust): Add + --force-ownertrust option for debugging purposes. This allows + setting a whole keyring to a given trust during an + --update-trustdb. Not for normal use - it's just easier than + hitting "4" all the time to test a large trustdb. + + * pubkey-enc.c (get_session_key): With hidden recipients or try a + given passphrase against all secret keys rather than trying all + secret keys in turn. Don't if --try-all-secrets or --status-fd is + enabled. + + * passphrase.c (passphrase_to_dek): Mode 1 means do a regular + passphrase query, but don't prompt with the key info. + + * seckey-cert.c (do_check, check_secret_key): A negative ask count + means to enable passphrase mode 1. + + * keydb.h, getkey.c (enum_secret_keys): Add flag to include + secret-parts-missing keys (or not) in the list. + +2002-11-05 David Shaw + + * keyserver.c (keyserver_search_prompt): When --with-colons is + enabled, don't try and fit the search output to the screen size - + just dump the whole list. + +2002-11-04 David Shaw + + * keyserver.c (keyserver_search_prompt): When --with-colons is + enabled, just dump the raw keyserver protocol to stdout and don't + print the menu. + + * keyserver.c (show_prompt): Don't show a prompt when command-fd + is being used. + + * trustdb.c (trust_model_string, check_trustdb, update_trustdb, + validate_one_keyblock): It's not clear what a trustdb rebuild or + check means with a trust model other than "classic" or "openpgp", + so disallow this. + +2002-11-03 David Shaw + + * options.h, g10.c (main): Add --trust-model option. Current + models are "openpgp" which is classic+trustsigs, "classic" which + is classic only, and "always" which is the same as the current + option --always-trust (which still works). Default is "openpgp". + + * trustdb.c (validate_one_keyblock): Use "openpgp" trust model to + enable trust sigs. + + * gpgv.c (main), mainproc.c (check_sig_and_print), pkclist.c + (do_we_trust, do_we_trust_pre, check_signatures_trust): Use new + --trust-model option in place of --always-trust. + + * keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids, + keyedit_menu): Prompt for and create a trust signature with + "tsign". This is functional, but needs better UI text. + + * build-packet.c (build_sig_subpkt): Able to build trust and + regexp subpackets. + + * pkclist.c (do_edit_ownertrust): Comment. + +2002-11-02 David Shaw + + * keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the + full algorithm name (CAST5, SHA1) rather than the short form (S3, + H2). + + * main.h, keygen.c (keygen_get_std_prefs), keyedit.c + (keyedit_menu): Return and use a fake uid packet rather than a + string since we already have a nice parser/printer in + keyedit.c:show_prefs. + + * main.h, misc.c (string_to_compress_algo): New. + +2002-11-01 David Shaw + + * g10.c (main): Add --no-throw-keyid. + + * keydb.h, encode.c (write_pubkey_enc_from_list), g10.c (main), + pkclist.c (build_pk_list): Add --hidden-recipient (-R) and + --hidden-encrypt-to, which do a single-user variation on + --throw-keyid. The "hide this key" flag is carried in bit 0 of + the pk_list flags field. + + * keyserver.c (parse_keyrec): Fix shadowing warning. + +2002-10-31 Stefan Bellon + + * compress.c (init_compress) [__riscos__]: Use + riscos_load_module() to load ZLib module. + + * g10.c (main) [__riscos__]: Renames due to changes in riscos.c + (e.g. prefixes all RISC OS specific functions with riscos_*). + * photoid.c (show_photos) [__riscos__]: Likewise. + * signal.c (got_fatal_signal) [__riscos__]: Likewise. + + * trustdb.c (check_regexp) [__riscos__]: Branch to RISC OS RegEx + handling. + +2002-10-31 David Shaw + + * build-packet.c (do_plaintext), encode.c (encode_sesskey, + encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use + wipememory() instead of memset() to wipe sensitive memory as the + memset() might be optimized away. + +2002-10-30 David Shaw + + * trustdb.c (check_regexp): Modern regexps require REG_EXTENDED. + +2002-10-29 David Shaw + + * packet.h, trustdb.h, trustdb.c (trust_string): New. Return a + string like "fully trusted", "marginally trusted", etc. + (get_min_ownertrust): New. Return minimum ownertrust. + (update_min_ownertrust): New. Set minimum ownertrust. + (check_regexp): New. Check a regular epression against a user ID. + (ask_ownertrust): Allow specifying a minimum value. + (get_ownertrust_info): Follow the minimum ownertrust when + returning a letter. + (clear_validity): Remove minimum ownertrust when a key becomes + invalid. + (release_key_items): Release regexp along with the rest of the + info. + (validate_one_keyblock, validate_keys): Build a trust sig chain + while validating. Call check_regexp for regexps. Use the minimum + ownertrust if the user does not specify a genuine ownertrust. + + * pkclist.c (do_edit_ownertrust): Only allow user to select a + trust level greater than the minimum value. + + * parse-packet.c (can_handle_critical): Can handle critical trust + and regexp subpackets. + + * trustdb.h, trustdb.c (clear_ownertrusts), delkey.c + (do_delete_key), import.c (import_one): Rename clear_ownertrust to + clear_ownertrusts and have it clear the min_ownertrust value as + well. + + * keylist.c (list_keyblock_print): Indent uid to match pub and + sig. + + * keyedit.c (print_and_check_one_sig, show_key_and_fingerprint, + menu_addrevoker), keylist.c (list_keyblock_print, + print_fingerprint): Show "T" or the trust depth for trust + signatures, and add spaces to some strings to make room for it. + + * packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt, + parse_signature): Parse trust signature values. + + * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): + Reserve a byte for the minimum ownertrust value (for use with + trust signatures). + +2002-10-29 Stefan Bellon + + * build-packet.c (calc_plaintext, do_plaintext): Removed RISC OS + specific filetype parts (it's now done in make_basename()). + + * plaintext.c (handle_plaintext): Tidied up RISC OS specific + filetype parts. + + * encode.c (encode_simple, encode_crypt): Added argument to + make_basename() call. + + * sign.c (write_plaintext_packet): Added argument to + make_basename() call. + +2002-10-28 Stefan Bellon + + * build-packet.c (calc_plaintext, do_plaintext): Added filetype + handling for RISC OS' file types. + + * plaintext.c (handle_plaintext) [__riscos__]: Added filetype + handling for RISC OS' file types. + +2002-10-23 David Shaw + + * main.h, import.c (sec_to_pub_keyblock, import_secret_one, + parse_import_options), g10.c (main): New import-option + "convert-sk-to-pk" to convert a secret key into a public key + during import. It is on by default. + +2002-10-23 Werner Koch + + * pubkey-enc.c (get_it): Fix segv, test for revoked only when PK + has been assigned. + +2002-10-18 Timo Schulz + + * keylist.c: (print_pubkey_info): New. + (print_seckey_info): New. + * main.h: Prototypes for the new functions. + * delkey.c (do_delete_key): Use it here. + * revoke.c (gen_desig_revoke): Ditto. + +2002-10-17 Werner Koch + + * pkclist.c (do_edit_ownertrust): Show all user IDs. This should + be enhanced to also show the current trust level. Suggested by + Florian Weimer. + +2002-10-17 David Shaw + + * g10.c (main): Handle --strict and --no-strict from the command + line before the options file is loaded. + +2002-10-15 David Shaw + + * g10.c (main): Disable --textmode when encrypting (symmetric or + pk) in --pgp2 mode as PGP 2 can't handle the unknown length + literal packet. Reported by Michael Richardson. + +2002-10-14 David Shaw + + * keyserver-internal.h, keyserver.c (print_keyrec, parse_keyrec, + show_prompt, keyserver_search_prompt, keyserver_spawn): Go to + version 1 of the keyserver protocol. This is a better design, + similar to --with-colons, that allows for keys with multiple user + IDs rather than using multiple keys. It also matches the machine + readable pksd format. Also use a prettier --search-keys listing + format that can fill different size windows (currently set at 24 + lines). + +2002-10-12 Werner Koch + + * keygen.c (print_status_key_created): New. + (do_generate_keypair): Use it to print the fingerprint. + (generate_subkeypair): Likewise. + +2002-10-11 David Shaw + + * keyedit.c (menu_addrevoker): Properly back out if the signature + fails. Also, do not allow appointing the same revoker twice, and + report ALREADY_SIGNED if the user tries it. + +2002-10-07 David Shaw + + * import.c (import_keys_internal): Missed one s/inp/inp2/. + + * keylist.c (print_capabilities): Properly indicate per-key + capabilities of sign&encrypt primary keys that have + secret-parts-missing (i.e. no capabilities at all) + + * mainproc.c (symkey_decrypt_sesskey): Fix compiler warning. + +2002-10-04 David Shaw + + * getkey.c (get_pubkey_direct): Don't cache keys retrieved via + this function as they may not have all their fields filled in. + + * sig-check.c (signature_check2): Use new is_primary flag to check + rather than comparing main_keyid with keyid as this still works in + the case of a not fully filled in pk. + +2002-10-04 Werner Koch + + * import.c (import_keys_internal): s/inp/inp2/ to avoid shadowing + warning. + + * passphrase.c (agent_get_passphrase): Fixed signed/unsigned char + problem in %-escaping. Noted by Ingo Klöcker. + +2002-10-03 David Shaw + + * options.h, g10.c (main): Add --strict and --no-strict to switch + the log_warning severity level from info to error. + + * keylist.c (print_capabilities): Secret-parts-missing keys should + show that fact in the capabilities, and only primary signing keys + can certify other keys. + + * packet.h, parse_packet.c (parse_key): Add is_primary flag for + public keys (it already exists for secret keys). + +2002-10-02 David Shaw + + * import.c (import_secret_one): Check for an illegal (>110) + protection cipher when importing a secret key. + + * keylist.c (list_keyblock_print): Show a '#' for a + secret-parts-missing key. + + * parse_packet.c (parse_key): Some comments. + + * revoke.c (gen_revoke): Remove some debugging code. + + * trustdb.c (verify_own_keys): Make trusted-key a non-deprecated + option again. + + * seckey-cert.c (do_check): Don't give the IDEA warning unless the + cipher in question is in fact IDEA. + +2002-10-01 David Shaw + + * import.c (import_one): Make sure that a newly imported key + starts with a clean ownertrust. + +2002-10-01 Werner Koch + + * getkey.c (get_pubkey_direct): New. + (merge_selfsigs_main): Use it here to look for an ultimately + trusted key. Using the full get_pubkey might lead to an + infinitive recursion. + +2002-09-29 David Shaw + + * keyserver.c (parse_keyserver_uri): Force the keyserver URI + scheme to lowercase to be case-insensitive. + +2002-09-28 David Shaw + + * export.c (do_export_stream): Comment. + + * sig-check.c (check_key_signature2): Properly handle a + non-designated revocation import. + +2002-09-26 Werner Koch + + * g10.c (set_homedir): New. Changed all direct assignments to use + this. + * gpgv.c (set_homedir): Ditto. + +2002-09-25 David Shaw + + * Makefile.am: Link gpg with EGDLIBS (i.e. NETLIBS) as EGD uses + sockets. Remove the old NETLIBS variable since the keyserver + stuff is no longer internal. + +2002-09-24 David Shaw + + * import.c (import_keys_stream): Fix compiler type warning. + + * keyring.c (keyring_rebuild_cache), sig-check.c + (check_key_signature2), import.c (import, chk_self_sigs): Minor + language cleanups. + +2002-09-23 Stefan Bellon + + * main.h: Introduced fast-import as import option. Removed + fast as separate option from prototypes. + * import.c (parse_import_options): Added fast-import option. + (import_*): Removed fast as separate option. + * g10.c (main): Added option fast-import, removed old fast + as separate argument. + * keyserver.c (keyserver_spawn): Removed old fast as separate + argument. + +2002-09-22 Stefan Bellon + + * import.c (import_keys, import_keys_stream, + import_keys_internal): Added trustdb update/check to key import if + not fast-import and interactive set/no-auto-check-trustdb unset. + Avoided function clone by introducing import_keys_internal. + +2002-09-19 David Shaw + + * keyserver.c (keyserver_spawn): Properly handle line truncation. + Don't leak memory (~10-20 bytes) on searches. + (keyserver_search_prompt): Cleanup. + + * keylist.c (list_keyblock_colon): Show 1F direct key signatures + in --with-colons listing. + +2002-09-16 David Shaw + + * keyedit.c (menu_addrevoker): The direct key signature for + revocation keys must be at least v4 to carry the revocation key + subpacket. Add a PGP 2.x warning for revocation keys. + +2002-09-14 David Shaw + + * g10.c (check_permissions): Rearrange strings to make translating + easier (don't incorporate string parts). + + * keyedit.c (sign_uids): Make strings translatable. + + * sig-check.c (check_key_signature2): Make string translatable. + +2002-09-13 David Shaw + + * getkey.c (check_revocation_keys): Move.... + * main.h, sig-check.c (check_revocation_keys): to here. Also + return the signature_check error code rather than 0/1 and cache + the sig result. + + * sig-check.c (check_key_signature2): Divert to + check_revocation_keys if a revocation sig is made by someone other + than the pk owner. + + * getkey.c (merge_selfsigs_main): Tidy. + +2002-09-13 Werner Koch + + * g10.c (main) [__MINGW32__]: Activate oLoadExtension. + +2002-09-12 David Shaw + + * Makefile.am, hkp.c, hkp.h, keyserver.c (keyserver_work): Remove + internal HKP support. + + * keyserver.c (keyserver_spawn): Remove whitespace after keyserver + commands. + +2002-09-10 David Shaw + + * exec.c (expand_args): Remove loop left over from earlier + implementation. + (exec_write): Missed one tick. + +2002-09-10 Werner Koch + + * g10.c, options.h: Removed option --emulate-checksum-bug. + * misc.c (checksum_u16_nobug): Removed. + (checksum_u16): Removed the bug emulation. + (checksum_mpi): Ditto. + (checksum_mpi_counted_nbits): Removed and replaced all calls + with checksum_mpi. + + * parse-packet.c (read_protected_v3_mpi): New. + (parse_key): Use it here to store it as an opaque MPI. + * seckey-cert.c (do_check): Changed the v3 unprotection to the new + why to store these keys. + (protect_secret_key): Likewise. + * build-packet.c (do_secret_key): And changed the writing. + + * tdbio.c (tdbio_set_dbname, open_db): Use new macro MY_O_BINARY + to avoid silly ifdefs. + (open_db): Fallback to RDONLY so that gpg may be used from a + RO-medium. + + * encode.c (encode_simple): Make sure we don't use an ESK packet + when we don't have a salt in the S2K. + + * misc.c (pct_expando) : Make sure that LEN is initialized. + + * exec.c (exec_finish): Use ticks to denote filenames in messages. + (make_tempdir, exec_write): Changed format of messages. + + * keyserver.c (print_keyinfo): Release USERID in on error. + (keyserver_work) [!DISABLE_KEYSERVER_HELPERS]: Exclude the unused + code. + +2002-09-09 Werner Koch + + * parse-packet.c (make_attribute_uidname): Add new ar MAX_NAMELEN + for sanity checks. Changed both callers. Limit the size of an %s. + + * options.skel: Comment lock-once out, so that this file does not + change anything when copied to a new home directory. + * openfile.c (try_make_homedir): Don't exit after copying the + option skeleton. + + * options.h: Don't use a comma when declaring variables over more + than one line. + + * mainproc.c (symkey_decrypt_sesskey): Check length of the session + key. + + * hkp.c (dehtmlize): Use ascii_tolower to protect against weird + locales. Cast the argument for isspace for the sake of broken + HP/UXes. + (parse_hkp_index): s/ascii_memcasecmp/ascii_strncasecmp/. + + * g10.c: Removed option --emulate-3des-s2k-bug. + + * passphrase.c (hash_passphrase): Was used here. + + * export.c (parse_export_options) + * keyserver.c (parse_keyserver_options) + * import.c (parse_import_options) + * g10.c (check_permissions): s/ascii_memcasecmp/ascii_strncasecmp/. + +2002-09-09 David Shaw + + * g10.c (add_group): Use '=' to separate group name from group + members. Use a better error message for when no = is found. + + * hkp.c (hkp_export): Use CRLF in headers. + +2002-09-03 David Shaw + + * mainproc.c (print_pkenc_list): Don't increment the error counter + when printing the list of keys a message was encrypted to. This + would make gpg give a non-zero exit code even for completely valid + messages if the message was encrypted to more than one key that + the user owned. + +2002-09-02 Werner Koch + + * g10.c (main): Try to set a default character set. Print the + used one in verbosity level 3. + * gpgv.c (main): Try to set a default character set. + + * status.c, status.h (STATUS_IMPORT_OK): New. + * import.c (import_one,import_secret_one): Print new status. + +2002-08-30 David Shaw + + * pkclist.c (build_pk_list): Add new status code to indicate an + untrusted user. This (or a disabled key) fail with "unavailable + pubkey" (G10ERR_UNU_PUBKEY). + + * pkclist.c (build_pk_list): Fail if any recipient keys are + unusable. + + * options.skel: The PGP LDAP keyserver is back. Use MIT keyserver + as a sample rather than cryptnet as cryptnet does not support + searching yet. + + * keyedit.c (show_key_with_all_names): Fix error message + (preferences are userid/selfsig and not key specific). + +2002-08-30 Werner Koch + + * pkclist.c (do_we_trust_pre): Changed the wording of a warning. + + * encode.c (encode_simple,encode_crypt): Use new style CTB for + compressssed packets when using MDC. We need to do this so that + concatenated messages are properly decrypted. Old style + compression assumes that it is the last packet; given that we + can't determine the length in advance, the uncompressor does not + know where to start. Actually we should use the new CTB always + but this would break PGP 2 compatibility. + + * parse-packet.c (parse): Special treatment for new style CTB + compressed packets. + + * build-packet.c (do_mdc): Removed. Was not used. + (do_encrypted_mdc): Count in the version number and the MDC packet. + +2002-08-28 David Shaw + + * sig-check.c (do_check_messages, do_check): Show keyid in error + messages. + + * keyserver.c (print_keyinfo): More readable key listings for + --search-keys responses. + +2002-08-26 David Shaw + + * hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into + new "dehtmlize" function. Remove HTML before trying to parse each + line from the keyserver. If the keyserver provides key type + information in the listing, use it. + +2002-08-23 David Shaw + + * sig-check.c (do_check, do_check_messages): Emit the usual sig + warnings even for cached sigs. This also serves to protect + against missing a sig expiring while cached. + + * getkey.c (merge_selfsigs_main): Don't check UID self-sigs twice. + +2002-08-22 David Shaw + + * import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys + into chk_self_sigs. This improves efficiency as the same + signatures are not checked multiple times. Clarify when a subkey + is revoked (any revocation signature, even if it is dated before + the binding signature). + + * getkey.c (merge_selfsigs_subkey): Subkey revocation comments. + + * keylist.c (list_one): Stats are only for public key listings. + + * g10.c (main), options.skel: Default should be include-revoked + for keyserver operations. + +2002-08-21 Werner Koch + + * import.c (import_print_stats): Print new non_imported counter + which is currently not used because we terminate on errors. + +2002-08-20 David Shaw + + * options.skel: Document no-include-attributes for + keyserver-options. + + * keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and + comments. + + * export.c (do_export_stream): Fix noop bug in exporting sensitive + revocation keys. + + * pkclist.c (do_edit_ownertrust): Comment out the option for + showing trust paths until it can be implemented. + +2002-08-19 Werner Koch + + * getkey.c (get_user_id_native): Renamed to .. + (get_user_id_printable): this. Filter out all dangerous + characters. Checked all usages. + (get_user_id_string_native): Renamed to.. + (get_user_id_string_printable): this. Filter out all dangerous + characters. Checked all usages. + * keyedit.c (show_basic_key_info): New. + * keylist.c (print_fingerprint): New mode 3. + * import.c (import_one): Use new function to display the user ID. + +2002-08-16 Timo Schulz + + * g10.c (main): Enable opt.interactive. + + * import.c (import_one): Ask the user if the key shall be + imported when the interactive mode is used. Useful to extract + selected keys from a file. + +2002-08-16 Werner Koch + + * seckey-cert.c: Workaround to allow decryption of v3 keys created + with a bug in the mpi_get_secure_buffer. + +2002-08-14 David Shaw + + * hkp.c (parse_hkp_index): Properly handle really large keys + (5 digit key length) in HKP searches. + +2002-08-13 David Shaw + + * encode.c (encode_simple): Fix problem with using compression + algo 2 and symmetric compressed files. + + * encode.c (encode_simple, encode_crypt): If we are not using a + MDC, compress even if a file is already compressed. This is to + help against the chosen ciphertext attack. + + * pkclist.c (select_algo_from_prefs): Fix requested algorithm bug + so the request succeeds even if the requested algorithm is not the + first found. + + * cipher.c (write_header), encode.c (use_mdc, encode_simple, + encode_crypt, encrypt_filter), g10.c (main): Be more eager to use + a MDC. We use a MDC if the keys directly support it, if the keys + list AES (any) or TWOFISH anywhere in the prefs, or if the cipher + chosen does not have a 64 bit blocksize. + +2002-08-08 David Shaw + + * options.skel: Some language tweaks, and remove the + load-extension section for random gatherers. + + * keyring.c (create_tmp_file, rename_tmp_file): Create tmp files + with user-only permissions, but restore the original permissions + if the user has something special set. + + * openfile.c (copy_options_file): Create new options file + (gpg.conf) with user-only permissions. + + * keydb.c (keydb_add_resource): Create new keyrings with user-only + permissions. + + * tdbio.c (tdbio_set_dbname): Create new trustdbs with user-only + permissions. + +2002-08-07 David Shaw + + * sig-check.c (signature_check2): Sanity check that the md has a + context for the hash that the sig is expecting. This can happen + if a onepass sig header does not match the actual sig, and also if + the clearsign "Hash:" header is missing or does not match the + actual sig. + + * keyedit.c (menu_revsig): Properly show a uid is revoked without + restarting gpg. This is Debian bug 124219, though their supplied + patch will not do the right thing. + + * main.h, tdbio.c (tdbio_set_dbname), misc.c (removed + check_permissions), keydb.c (keydb_add_resource), g10.c (main, + check_permissions): Significant reworking of the permission check + mechanism. The new behavior is to check everything in the homedir + by checking the homedir itself. If the user wants to put + (possibly shared) keyrings outside the homedir, they are not + checked. The options file and any extension files are checked + wherever they are, as well as their enclosing directories. This + is Debian bug 147760. + +2002-08-06 Stefan Bellon + + * g10.c (main): Use of EXTSEP_S in new gpg.conf string. + * openfile.c (copy_options_file): Ditto. + +2002-08-06 David Shaw + + * options.h, g10.c (main), mainproc.c (proc_encrypted): + --ignore-mdc-error option to turn a MDC check error into a + warning. + + * encode.c (encode_crypt), g10.c (main), sign.c (sign_file, + clearsign_file): Use the same --pgpX warning string everywhere to + ease translations. + + * encode.c (write_pubkey_enc_from_list): Warn when using + --throw-keyid with --pgpX. Noted by Vedaal Nistar. + + * revoke.c (export_minimal_pk, gen_desig_revoke, gen_revoke): + Export a minimal pk along with the revocation cert when in --pgpX + mode so that PGP can import it. + +2002-08-06 Werner Koch + + * options.skel: Changed comments. + + * g10.c (main): Try to use "gpg.conf" as default option file. + * openfile.c (copy_options_file): Changed name of created file. + +2002-08-02 Werner Koch + + * Makefile.am (LDFLAGS): Removed DYNLINK_LDFLAGS. + +2002-07-30 David Shaw + + * options.h, g10.c (main), mainproc.c (proc_encrypted): Return a + decryption failed error if a MDC does not verify. Warn if a MDC + is not present (can disable via --no-mdc-warning). + + * exec.c (exec_write), g10.c (main), keyserver.c + (keyserver_spawn): Use new DISABLE_KEYSERVER_PATH rather than + FIXED_EXEC_PATH. + +2002-07-28 David Shaw + + * sig-check.c (do_check): Properly validate v4 sigs with no hashed + section at all. + +2002-07-25 Werner Koch + + * delkey.c (do_delete_key): Always allow to delete a key in batch mode + when specified by fingerprint. Suggested by Enzo Michelangeli. + +2002-07-25 David Shaw + + * keyedit.c (menu_revsig): Change "revsig" to honor selected uids + so the user can revoke sigs from particular uids only. + + * keylist.c (list_keyblock_print): Don't display expired uids in + --list-keys unless -v and not --list-sigs (just like revoked + uids). + + * exec.c, export.c, import.c, keyedit.c, keyserver.c, misc.c: + "Warning" -> "WARNING" + +2002-07-24 David Shaw + + * main.h, import.c (parse_import_options, fix_hkp_corruption, + import_one, delete_inv_parts), g10.c (main): New import-option + "repair-hkp-subkey-bug", which repairs as much as possible the HKP + mangling multiple subkeys bug. It is on by default for keyserver + receives, and off by default for regular --import. + + * main.h, import.c (import, import_one, delete_inv_parts), hkp.c + (hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver + import options when doing keyserver receives. + + * options.h, exec.h, exec.c (set_exec_path, exec_write), g10.c + (main), keyserver.c (keyserver_spawn): If the user does not use + "exec-path", completely replace $PATH with GNUPG_LIBEXECDIR before + calling the keyserver helper. If the user does use "exec-path", + append GNUPG_LIBEXECDIR after the specified path. + +2002-07-23 David Shaw + + * import.c (parse_import_options), export.c + (parse_export_options): Fix offset problem with reversed ("no-") + meanings. + + * import.c (delete_inv_parts): Discard subkey signatures (0x18 and + 0x28) if found in the userid section of the key. + + * sig-check.c (signature_check2): Signatures made by invalid + subkeys (bad/missing binding sig) are also invalid. + + * keylist.c (print_fingerprint): Show the primary as well as the + secondary key fingerprint in modes 1 & 2. + +2002-07-22 David Shaw + + * options.h, main.h, g10.c (main), import.c + (parse_import_options, delete_inv_parts), keyserver.c + (parse_keyserver_options): add new --import-options option. The + only current flag is "allow-local-sigs". + + * g10.c (main): Don't disable MDC in pgp7 mode. + + * options.h, g10.c (main), keyserver.c (parse_keyserver_options): + Remove old keyserver-option include-attributes now that there is + an export-option for the same thing. + + * options.h, main.h, export.c (parse_export_options, + do_export_stream), g10.c (main): add new --export-options option. + Current flags are "include-non-rfc", "include-local-sigs", + "include-attributes", and "include-sensitive-revkeys". + + * options.h, hkp.c (hkp_export), keyserver.c + (parse_keyserver_options, keyserver_spawn): try passing unknown + keyserver options to export options, and if successful, use them + when doing a keyserver --send-key. + + * build-packet.c (build_sig_subpkt): We do not generate + SIGSUBPKT_PRIV_VERIFY_CACHE anymore. + + * revoke.c (gen_desig_revoke): Lots more comments about including + sensitive revkeys along with the revocation sig itself. + + * keyserver.c (parse_keyserver_options): Simpler implementation + that can skip one pass over the options. + +2002-07-18 David Shaw + + * keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying + "sensitive" as an argument to an addrevoker command. This sets + the 0x40 sensitive revoker flag. + + * revoke.c (gen_desig_revoke): When generating a designated + revocation, include the direct key sig that contains the + designated revoker subpacket. This allows sensitive designated + revocation subpackets to be exported. Also indicate which + revokers are sensitive in the first place. + +2002-07-17 David Shaw + + * keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in + a designated revoker means "sensitive", not "local". It's + exportable under the right circumstances. + + * main.h, options.h, export.c (do_export_stream), g10.c (main), + hkp.c (hkp_export), keyserver.c (keyserver_spawn: Add a flag to + skip attribute packets and their signatures while exporting. This + is to accomodate keyservers (pksd again) that choke on attributes. + Use keyserver-option "include-attributes" to control it. This + defaults to ON (i.e. don't skip). + +2002-07-09 David Shaw + + * options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn, + keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search): + Use a much more strict reading of RFC-2396 for the keyserver URIs. + Specifically, don't try and be smart about checking the value of + ":port" so long as it is all digits, and properly handle opaque + data (those scheme specific parts that do not start with "//"). + +2002-07-04 David Shaw + + * photoid.c (get_default_photo_command, show_photos): Honor + FIXED_PHOTO_VIEWER and DISABLE_PHOTO_VIEWER. + + * mainproc.c (check_sig_and_print): Use --show-photos to show + photos when verifying a sig made by a key with a photo. + + * keyserver.c (parse_keyserver_uri): Properly parse a URI with no + :port section and an empty file path, but with a terminating '/'. + (keyserver_work): Honor DISABLE_KEYSERVER_HELPERS. + + * hkp.c (hkp_ask_import): Display keyserver URI as a URI, but only + if verbose. + + * exec.c, g10.c: USE_EXEC_PATH -> FIXED_EXEC_PATH + +2002-07-03 David Shaw + + * exec.h, exec.c (set_exec_path, exec_write), g10.c (main): If + USE_EXEC_PATH is defined at compile time, use it to lock the + exec-path and not allow the user to change it. + +2002-07-02 David Shaw + + * options.h, g10.c (main), keyserver.c (keyserver_refresh): + Maintain and use the original keyserver URI for cosmetics rather + than trying to recreate it when needed. + + * mainproc.c (check_sig_and_print): Properly disregard expired + uids. Make sure that the first uid listed is a real uid and not + an attribute (attributes should only be listed in the "aka" + section). When there are no valid textual userids, try for an + invalid textual userid before using any attribute uid. + +2002-07-01 David Shaw + + * options.skel: Fix a few typos, clarify "group", and remove + sample photo viewers for Win32 since they are the defaults now. + + * parse-packet.c (make_attribute_uidname), keylist.c + (dump_attribs): Fix two typecast warnings. + + * packet.h, build-packet.c (build_attribute_subpkt), exec.c + (expand_args), mkdtemp.c (mkdtemp), photoid.c + (parse_image_header): Fix some signedness compiler warnings. + +2002-07-01 Werner Koch + + * photoid.c (get_default_photo_command): Also use __MINGW32__ + instead of HAVE_DOSISH_SYSTEM. + + * encode.c (encode_symmetric): Do not use the new encryption code. + +2002-06-30 Werner Koch + + * photoid.c: Use __MINGW32__ to include windows because + HAVE_DOSISH_SYSTEM is also set for OS/2 and plain DOS. Provide + constant missing in older mingw installations. + +2002-06-21 Stefan Bellon + + * g10.c [__riscos__]: Moved RISC OS specific stuff to util/riscos.c + and include/util.h. + + * gpgv.c [__riscos__]: Likewise. + +2002-06-20 David Shaw + + * keydb.h, pkclist.c (select_algo_from_prefs): Allow passing a + suggested algorithm which will be used if available. + + * encode.c (encode_crypt, encrypt_filter), sign.c (sign_file): Use + new select_algo_from_prefs feature to check if forcing an + algorithm would violate the recipient preferences. + + * photoid.c (get_default_photo_command, show_photos): Use + different default viewers on different platforms. Currently we + have Win 9x, Win NT (2k, xp), Mac OSX, RISC OS, and "everybody + else". These are #ifdefs as much as possible to avoid clutter. + + * g10.c (strusage, build_list), keyedit.c (show_prefs), main.h, + misc.c (compress_algo_to_string, check_compress_algo), pkclist.c + (algo_available), keygen.c (keygen_set_std_prefs): New + algo_to_string and check functions for compress algorithms. + +2002-06-20 Werner Koch + + * misc.c (setsysinfo): Removed a #warning for Alpha's uniligedn + trap disabling - it is quite possible that this is a debug relict. + +2002-06-20 Stefan Bellon + + * g10.c [__riscos__]: Added image file system feature. + + * gpgv.c [__riscos__]: Added image file system feature. + + * photoid.c (show_photos) [__riscos__]: Set RISC OS filetype of + photo id according to MIME type. + +2002-06-19 David Shaw + + * hkp.c (parse_hkp_index): Don't leak memory when failing out of a + bad HKP keyserver. + + * g10.c (add_notation_data): Relax slightly the rules as to what + can go into a notation name - 2440 allows "@", for example. + +2002-06-17 David Shaw + + * import.c (clean_subkeys, import_one): Only allow at most 1 + binding sig and at most 1 revocation sig on a subkey, as per + 2440:11.1. + + * hkp.c (parse_hkp_index, hkp_search): Error if the keyserver + returns an unparseable HKP response. + +2002-06-15 David Shaw + + * keyedit.c (show_key_with_all_names), keylist.c + (list_keyblock_print): Show "[expired]" before expired uids. + + * keyedit.c (show_key_with_all_names_colon), mainproc.c + (list_node), keylist.c (list_keyblock_colon): Show flag 'e' for + expired user ids. Use "uat" for user attribute packets instead of + "uid". Also use ' ' rather than the fake user id + string on attributes. + + * keygen.c (keygen_add_revkey): Remove unused code. + + * misc.c (check_permissions): Check directory permissions + properly - they are not special files. + + * pkclist.c (expand_id, expand_group, build_pk_list): When + expanding groups before building a pk list, inherit flags from the + original pre-expanded string. + + * pubkey-enc.c (is_algo_in_prefs): Don't use prefs from expired + uids. + +2002-06-14 David Shaw + + * free-packet.c (copy_signature): Properly copy a signature that + carries a revocation key on it. + + * pkclist.c (expand_id, expand_group, build_pk_list): Groups now + work properly when used in the "Enter the user ID" prompt. + +2002-06-14 David Shaw + + * keyedit.c (show_key_with_all_names): Display warning if a user + tries to show prefs on a v3 key with a v3 selfsig. + + * kbnode.c (dump_kbnode): Show if a uid is expired. + + * import.c (merge_blocks, import_revoke_cert): Show user ID + receiving a revocation certificate. + + * free-packet.c (cmp_user_ids): Properly compare attribute ids. + + * pkclist.c (expand_groups): Maintain the strlist flags while + expanding. Members of an expansion inherit their flags from the + expansion key. + + * options.h, cipher.c (write_header), g10.c (main), keygen.c + (keygen_set_std_prefs): remove the personal_mdc flag. It no + longer serves a purpose now that the personal preference lists are + split into cipher/digest/zip. + +2002-06-14 Timo Schulz + + * skclist.c (is_insecure): Implemented. + +2002-06-12 David Shaw + + * keyserver.c (keyserver_spawn): Properly handle PROGRAM responses + when they have a CRLF ending. Noted by Keith Ray. + + * keyserver.c (keyserver_spawn): Handle CRLF endings from + keyserver helpers. Also don't leak the last line worth of memory + from the keyserver response. + + * main.h, misc.c (deprecated_warning): New function to warn about + deprecated options and commands. + + * g10.c (main), keyserver-internal.h, keyserver.c + (parse_keyserver_uri): Use new deprecated function to warn about + honor-http-proxy, auto-key-retrieve, and x-broken-hkp. + +2002-06-11 David Shaw + + * Makefile.am: link gpg with NETLIBS for the built-in HKP access. + +2002-06-10 David Shaw + + * options.h, keyserver.c (keyserver_opts), g10.c (main): New + keyserver option "include-subkeys". This feature already existed, + but now can be turned off. It defaults to on. + + * options.h, keyserver.c (parse_keyserver_options, + keyserver_spawn): There are now enough options to justify making a + structure for the keyserver options rather than a page of + if-then-else-if-then-etc. + + * getkey.c (merge_keys_and_selfsig, merge_selfsigs_main): Fix bug + in calculating key expiration dates. + +2002-06-09 David Shaw + + * keydb.h, getkey.c (get_user_id_native), import.c (import_one): + Display user ID while importing a key. Note this applies to both + --import and keyserver --recv-keys. + + * exec.c (exec_finish): Log unnatural exit (core dump, killed + manually, etc) for fork/exec/pipe child processes. + +2002-06-08 Timo Schulz + + * encode.c (encode_symmetric): Disable the compat flag + when the expert mode is enabled. + +2002-06-07 David Shaw + + * options.skel, options.h, main.h, keydb.h, pkclist.c + (build_pk_list, expand_groups), g10.c (main, add_group): Add new + "group" command to allow one name to expand into multiple keys. + For simplicity, and to avoid potential loops, we only expand once + - you can't make an alias that points to an alias. + + * main.h, g10.c (main), keygen.c (build_personal_digest_list): + Simplify the default digest list - there is really no need for the + other hashes since they will never be used after SHA-1 in the + list. + + * options.skel, options.h, g10.c (main), hkp.c (hkp_ask_import, + hkp_export, hkp_search), keyserver.c (parse_keyserver_options, + parse_keyserver_uri, keyserver_work, keyserver_refresh): Make the + "x-broken-hkp" keyserver scheme into keyserver-option + "broken-http-proxy". Move honor_http_proxy into + keyserver_options. Canonicalize the three variations of "hkp", + "x-hkp", and "x-broken-hkp" into "hkp". + +2002-06-07 Stefan Bellon + + * g10.c [__riscos__]: Added --attribute-file to do the same as + --attribute-fd, but with a filename not a fd as argument. + Added magic symbol for RISC OS to use different memory management. + + * gpgv.c [__riscos__]: Added magic symbol for RISC OS to use + different memory management. + +2002-06-06 David Shaw + + * main.h, g10.c (main), keygen.c (build_personal_digest_list): Put + in a default digest preference list consisting of SHA-1, followed + by every other installed digest except MD5. Note this is the same + as having no digest preference at all except for SHA-1 being + favored. + + * options.h, g10.c (main), keygen.c (keygen_set_std_prefs), + pkclist.c (select_algo_from_prefs): Split + --personal-preference-list into three: + --personal-{cipher|digest|compress}-preferences. This allows a + user to set one without affecting another (i.e. setting only a + digest pref doesn't imply an empty cipher pref). + + * exec.c (exec_read): This is a safer way of guessing the return + value of system(). Noted by Stefan Bellon. + +2002-06-05 David Shaw + + * hkp.c (parse_hkp_index): Be more robust with keyservers + returning very unparseable responses. + + * exec.c (exec_read): Catch and display an error when the remote + process exits unnaturally (i.e. segfault) so the user knows what + happened. Also fix exec_write stub which has a different number + of arguments now. + +2002-06-05 Timo Schulz + + * encode.c (encode_simple): Ignore the new mode for RFC1991. + * mainproc.c (symkey_decrypt_sesskey): Better check for weird + keysizes. + +2002-06-05 Timo Schulz + + * encode.c (encode_sesskey): New. + (encode_simple): Use it here. But by default we use the compat + mode which supress to generate encrypted session keys. + +2002-06-05 Timo Schulz + + * mainproc.c (symkey_decrypt_sesskey): New. + (proc_symkey_enc): Support for encrypted session keys. + +2002-06-04 David Shaw + + * sign.c (hash_for, sign_file): When encrypting and signing at the + same time, consult the various hash prefs to pick a hash algorithm + to use. Pass in a 160-bit hint if any of the signing keys are + DSA. + + * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): + Pass a "hints" opaque pointer in to let the caller give hints as + to what algorithms would be acceptable. The only current hint is + for PREFTYPE_HASH to require a 160-bit hash for DSA. Change all + callers in encode.c (encode_crypt, encrypt_filter) and sign.c + (sign_file). If we settle on MD5 as the best algorithm based + solely on recepient keys and SHA1 is also a possibility, use SHA1 + unless the user intentionally chose MD5. This is as per 2440:13. + + * exec.c (make_tempdir): Fix duplicated filename problem. + +2002-06-03 David Shaw + + * packet.h, parse-packet.c (enum_sig_subpkt): Report back from + enum_sig_subpkt when a subpacket is critical and change all + callers in keylist.c (show_policy_url, show_notation), mainproc.c + (print_notation_data), and pkclist.c (do_show_revocation_reason). + + * keylist.c (show_policy_url, show_notation): Display if the + policy or notation is critical. + +2002-06-03 David Shaw + + * main.h, g10.c (main), keylist.c (dump_attribs, set_attrib_fd, + list_keyblock_print, list_keyblock_colon), status.h, status.c + (get_status_string): New --attribute-fd feature to dump the + contents of attribute subpackets for frontends. If --status-fd is + also used, then a new status tag ATTRIBUTE is provided for each + subpacket. + + * packet.h, getkey.c (fixup_uidnode, merge_selfsigs_main, + merge_selfsigs_subkey), parse-packet.c (setup_user_id): Keep track + of the expiration time of a user ID, and while we're at it, use + the expired flag from the selfsig rather than reparsing the + SIG_EXPIRE subpacket. + + * photoid.c (generate_photo_id): When adding a new photo ID, + showing the photo for confirmation is not safe when noninteractive + since the "user" may not be able to dismiss a viewer window. + Noted by Timo Schulz. + +2002-06-03 David Shaw + + * options.skel: Sample photo viewers for Win32. + + * misc.c (pct_expando): Use the seckey for %k/%K if the pubkey is + not available. + + * photoid.h, photoid.c (show_photos): Include the seckey in case a + user tries to view a photo on a secret key, and change all callers + in keyedit.c (menu_showphoto), keylist.c (list_keyblock_print), + and photoid.c (generate_photo_id). + +2002-06-02 David Shaw + + * photoid.c (show_photos): Work properly when not called with a + public key. + +2002-05-31 David Shaw + + * sign.c (mk_notation_and_policy): Free unneeded buffer. + + * hkp.c (parse_hkp_index): Properly handle the '&' character + (i.e. "&") in HKP responses. + + * getkey.c (merge_selfsigs_main): Fix reversed expiration time + check with self-sigs. + + * keyedit.c (sign_uids): When making a new self-sig on a v3 key, + make a v3 self-sig unless it is currently a v3 self-sig being + promoted to v4. + +2002-05-31 Timo Schulz + + * pkclist.c (do_show_revocation_reason): Don't use capital + letters for non-interactive output. + (show_revocation_reason): Now it is global. + * pubkey-enc.c (get_it): Show if the key has been revoked. + +2002-05-30 David Shaw + + * sign.c (write_signature_packets, sign_file, clearsign_file, + sign_symencrypt_file): Make a v4 signature if a policy URL or + notation is set, unless v3 sigs are forced via rfc1991 or + force-v3-sigs. Also remove some doubled code and clarify an error + message (we don't sign in PGP2 mode - just detach-sign). + + * parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any + size" section. + +2002-05-29 David Shaw + + * keygen.c (keygen_set_std_prefs, add_feature_mdc): Use "mdc" and + "no-mdc" in the prefs string to allow switching on and off the MDC + feature. This is needed to properly export a key from GnuPG for + use on PGP which does not support MDC - without this, MDC-capable + implementations will still try and generate MDCs which will break + PGP. + + * keygen.c (keygen_get_std_prefs): Show "[mdc]" in prefs string if + it is enabled. + + * options.h, g10.c (main), cipher.c (write_header), keygen.c + (keygen_set_std_prefs): For consistency, allow the user to specify + mdc/no-mdc in the --personal-preference-list. If disabled, it + acts just like --disable-mdc. + +2002-05-29 David Shaw + + * options.h, exec.c: Add some debugging info, using the 1024 debug + flag. + + * exec.c (win_system): New system()-like function for win32 that + does not return until the child process terminates. Of course, + this doesn't help if the process itself exits before it is + finished. + +2002-05-29 Werner Koch + + * encode.c (encode_simple): Intialize PKT when --no-literal is used. + + * keyedit.c (show_key_with_all_names_colon): Renamed the record + for revocation keys to "rvk". + +2002-05-27 Werner Koch + + * keyedit.c (show_key_with_all_names_colon): New. + (show_key_with_all_names): Divert to new function when required. + Sanitize printing of revoker name. + +2002-05-27 David Shaw + + * build-packet.c (build_sig_subpkt): Handle setting sig flags for + certain subpacket types (notation, policy url, exportable, + revocable). keyedit.c (sign_mk_attrib): Flags no longer need to + be set here. + + * packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c + (build_sig_subpkt): Call parse_one_sig_subpkt to sanity check + buffer lengths before building a sig subpacket. + +2002-05-26 David Shaw + + * sign.c (mk_notation_and_policy): Include secret key to enable %s + expandos, and pass notations through pct_expando as well. + + * main.h, misc.c (pct_expando): Add %s and %S expandos for + signer's keyid. + +2002-05-25 David Shaw + + * g10.c (strusage, build_list): Add compress algorithms to + --version list. Show algorithm numbers when --verbose --version + is done. + +2002-05-22 David Shaw + + * options.h, main.h, keygen.c (keygen_set_set_prefs, + keygen_get_std_prefs, keygen_upd_std_prefs), keyedit.c + (keyedit_menu), g10.c (main), pkclist.c (select_algo_from_prefs): + Add --personal-preference-list which allows the user to factor in + their own preferred algorithms when the preference lists are + consulted. Obviously, this does not let the user violate a + recepient's preferences (and the RFC) - this only influences the + ranking of the agreed-on (and available) algorithms from the + recepients. Suggested by David Hollenberg. + + * options.h, keygen.c (keygen_set_std_prefs), g10.c (main): Rename + --preference-list to --default-preference-list (as that is what it + really is), and make it a true default in that if the user selects + "default" they get this list and not the compiled-in list. + +2002-05-22 Werner Koch + + * g10.c (main): Add missing LF in a info printout and made it + translatable. Noted by Michael Tokarev. + +2002-05-21 Werner Koch + + * g10.c (main): Removed the undef of USE_SHM_COPROCESSING which + was erroneously introduced on 2002-01-09. + + * signal.c (got_fatal_signal): Don't write the Nul to stderr. + Reported by David Hollenberg. + +2002-05-18 David Shaw + + * main.h, g10.c (main), revoke.c (gen_desig_revoke): Generate a + designated revocation via --desig-revoke + + * keyedit.c (keyedit_menu, menu_addrevoker): New "addrevoker" + command to add a designated revoker to a key. + +2002-05-17 David Shaw + + * gpgv.c: Add stub for get_ownertrust(). + + * g10.c (main): --allow-freeform-uid should be implied by + OpenPGP. Add --no-allow-freeform-uid. + + * keyedit.c (sign_uids): Issue a warning when signing a + non-selfsigned uid. + + * getkey.c (merge_selfsigs_main): If a key has no selfsigs, and + allow-non-selfsigned-uid is not set, still try and make the key + valid by checking all uids for a signature from an ultimately + trusted key. + +2002-05-16 David Shaw + + * main.h, keygen.c (keygen_add_revkey): Add revocation key + subpackets to a signature (callable by + make_keysig_packet). (write_direct_sig): Write a 1F direct key + signature. (parse_revocation_key): Parse a string in + algo:fpr:sensitive format into a revocation + key. (get_parameter_revkey, do_generate_keypair): Call above + functions when prompted from a batch key generation file. + + * build-packet.c (build_sig_subpkt): Allow multiple revocation key + subpackets in a single sig. + + * keydb.h, getkey.c (get_seckey_byfprint): Same as + get_pubkey_byfprint, except for secret keys. We only know the + fingerprint of a revocation key, so this is needed to retrieve the + secret key needed to issue a revokation. + + * packet.h, parse-packet.c (parse_signature, parse_revkeys): Split + revkey parsing off into a new function that can be used to reparse + after manipulating the revkey list. + + * sign.c (make_keysig_packet): Ability to make 1F direct key + signatures. + +2002-05-15 David Shaw + + * options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl + as a sample LDAP server instead. + + * getkey.c (merge_selfsigs_main): Properly handle multiple + revocation keys in a single packet. Properly handle revocation + keys that are in out-of-order packets. Remove duplicates in + revocation key list. + +2002-05-14 Timo Schulz + + * exec.c (make_tempdir) [MINGW32]: Added missing '\'. + +2002-05-14 Stefan Bellon + + * exec.c (make_tempdir): Make use of EXTSEP_S instead of hardcoded + dot as extension separator. + +2002-05-13 David Shaw + + * photoid.c (show_photos): Use the long keyid as the filename for + the photo. Use the short keyid as the filename on 8.3 systems. + + * exec.h, exec.c (make_tempdir, exec_write, exec_finish): Allow + caller to specify filename. This should make things easier on + windows and macs where the file extension is required, but a whole + filename is even better. + + * keyedit.c (show_key_with_all_names, show_prefs): Show proper + prefs for a v4 key uid with no selfsig at all. + + * misc.c (check_permissions): Don't check permissions on + non-normal files (pipes, character devices, etc.) + +2002-05-11 Werner Koch + + * mainproc.c (proc_symkey_enc): Avoid segv in case the parser + encountered an invalid packet. + + * keyserver.c (keyserver_export): Get confirmation before sending + all keys. + +2002-05-10 Stefan Bellon + + * g10.c, hkp.c, keyedit.c, keyserver.c: Replaced all occurrances + of strcasecmp with ascii_strcasecmp and all occurrances of + strncasecmp with ascii_memcasecmp. + +2002-05-10 David Shaw + + * packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Show + assumed prefs for hash and compression as well as the cipher pref. + Show assumed prefs if there are no prefs at all on a v4 + self-signed key. + + * options.h, g10.c (main), sign.c (make_keysig_packet): New + --cert-digest-algo function to override the default key signing + hash algorithm. + +2002-05-09 David Shaw + + * getkey.c (merge_selfsigs_main): Make sure the revocation key + list starts clean as this function may be called more than once + (e.g. from functions in --edit). + + * g10.c, encode.c (encode_crypt), sign.c (sign_file, + sign_symencrypt_file): Make --compress-algo work like the + documentation says. It should be like --cipher-algo and + --digest-algo in that it can override the preferences calculation + and impose the setting the user wants. No --compress-algo setting + allows the usual preferences calculation to take place. + + * main.h, compress.c (compress_filter): use new + DEFAULT_COMPRESS_ALGO define, and add a sanity check for compress + algo value. + +2002-05-08 David Shaw + + * pkclist.c (select_algo_from_prefs): There is an assumed + compression preference for uncompressed data. + +2002-05-07 David Shaw + + * options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c + (algo_available): --pgp7, identical to --pgp6 except that it + permits a few algorithms that PGP 7 added: AES128, AES192, AES256, + and TWOFISH. Any more of these --pgpX flags, and it'll be time to + start looking at a generic --emulate-pgp X option. + + * export.c (do_export_stream): Warn the user when exporting a + secret key if it or any of its secret subkeys are protected with + SHA1 while simple_sk_checksum is set. + + * parse-packet.c (parse_key): Show when the SHA1 protection is + used in --list-packets. + + * options.h, build-packet.c (do_comment), g10.c (main): Rename + --no-comment as --sk-comments/--no-sk-comments (--no-comment still + works) and make the default be --no-sk-comments. + +2002-05-07 Werner Koch + + * keygen.c (get_parameter_algo): Never allow generation of the + deprecated RSA-E or RSA-S flavors of PGP RSA. + (ask_algo): Allow generation of RSA sign and encrypt in expert + mode. Don't allow ElGamal S+E unless in expert mode. + * helptext.c: Added entry keygen.algo.rsa_se. + +2002-05-07 David Shaw + + * keyedit.c (sign_uids): If --expert is set, allow re-signing a + uid to promote a v3 self-sig to a v4 one. This essentially + deletes the old v3 self-sig and replaces it with a v4 one. + + * packet.h, parse-packet.c (parse_key), getkey.c + (merge_keys_and_selfsig, merge_selfsigs_main): a v3 key with a v4 + self-sig must never let the v4 self-sig express a key expiration + time that extends beyond the original v3 expiration time. + +2002-05-06 David Shaw + + * keyedit.c (sign_uids): When making a self-signature via "sign" + don't ask about sig level or expiration, and include the usual + preferences and such for v4 self-sigs. (menu_set_preferences): + Convert uids from UTF8 to native before printing. + + * keyedit.c (sign_uids): Convert uids from UTF8 to native before + printing. (menu_set_primary_uid): Show error if the user tries to + make a uid with a v3 self-sig primary. + +2002-05-05 David Shaw + + * import.c (import_one): When merging with a key we already have, + don't let a key conflict (same keyid but different key) stop the + import: just skip the bad key and continue. + + * exec.c (make_tempdir): Under Win32, don't try environment + variables for temp directories - GetTempDir tries environment + variables internally, and it's better not to second-guess it in + case MS adds some sort of temp dir handling to Windows at some + point. + +2002-05-05 Timo Schulz + + * mainproc.c (proc_symkey_enc): Don't ask for a passphrase + in the list only mode. + +2002-05-05 David Shaw + + * keyserver.c (keyserver_refresh): --refresh-keys implies + --merge-only so as not to import keys with keyids that match the + ones being refreshed. Noted by Florian Weimer. + +2002-05-04 Stefan Bellon + + * free-packet.c (copy_public_key): Don't call m_alloc(0), therefore + added consistency check for revkey and numrefkeys. + + * getkey.c (check_revocation_keys): Added consistency check for + revkey and numrefkeys. + + * keyedit.c (show_key_with_all_names): Likewise. + +2002-05-03 David Shaw + + * photoid.c: Provide default image viewer for Win32. + + * misc.c (pct_expando): %t means extension, not name ("jpg", not + "jpeg"). + + * keyserver.c (keyserver_spawn), photoid.c (show_photos), exec.h, + exec.c: Allow the caller to determine the temp file extension when + starting an exec_write and change all callers. + + * keyedit.c (sign_uids): Nonrevocable key signatures cause an + automatic promotion to v4. + + * exec.c: Provide stubs for exec_ functions when NO_EXEC is + defined. + +2002-05-02 David Shaw + + * photoid.h, photoid.c (parse_image_header, image_type_to_string): + Useful functions to return data about an image. + + * packet.h, parse-packet.c (make_attribute_uidname, + parse_attribute_subpkts, parse_attribute), photoid.h, photoid.c + (show_photos): Handle multiple images in a single attribute + packet. + + * main.h, misc.c (pct_expando), sign.c (mk_notation_and_policy), + photoid.c (show_photos): Simpler expando code that does not + require using compile-time string sizes. Call + image_type_to_string to get image strings (i.e. "jpg", + "image/jpeg"). Change all callers. + + * keyedit.c (menu_showphoto), keylist.c (list_keyblock_print): + Allow viewing multiple images within a single attribute packet. + + * gpgv.c: Various stubs for link happiness. + +2002-05-02 David Shaw + + * build-packet.c (build_sig_subpkt), keyedit.c (sign_uids), + options.h, sign.c (mk_notation_and_policy), g10.c (main, + add_notation_data, add_policy_url (new), check_policy_url + (removed)): Allow multiple policy URLs on a given signature. + Split "--notation-data" into "--cert-notation" and + "--sig-notation" so the user can set different policies for key + and data signing. For backwards compatibility, "--notation-data" + sets both, as before. + +2002-05-02 Werner Koch + + * options.skel: Removed the comment on trusted-keys because this + option is now deprecated. + +2002-05-01 David Shaw + + * keyedit.c (menu_adduid): 2440bis04 says that multiple attribute + packets on a given key are legal. + + * keyserver.c (keyserver_refresh): the fake v3 keyid hack applies + to "mailto" URLs as well since they are also served by pksd. + +2002-04-29 Werner Koch + + Added a copyright year for files changed this year. + +2002-04-25 Werner Koch + + * g10.c, options.h: New options --display, --ttyname, --ttytype, + --lc-ctype, --lc-messages to be used with future versions of the + gpg-agent. + * passphrase.c (agent_send_option,agent_send_all_options): New. + (agent_open): Send options to the agent. + + * trustdb.c (update_ownertrust, clear_ownertrust): Do an explicit + do_sync because revalidation_mark does it only if when the + timestamp actually changes. + +2002-04-23 David Shaw + + * main.h, keygen.c (do_generate_keypair), keylist.c + (print_signature_stats, list_all, list_one, list_keyblock, + list_keyblock_print, list_keyblock_colon): After generating a new + key, show the key information (name, keyid, fingerprint, etc.) + Also do not print uncheckable signatures (missing key..) in + --check-sigs. Print statistics (N missing keys, etc.) after + --check-sigs. + + * keyedit.c (sign_uids): When signing a key with an expiration + date on it, the "Do you want your signature to expire at the same + time?" question should default to YES. + +2002-04-22 David Shaw + + * parse-packet.c (parse_plaintext), packet.h, plaintext.c + (handle_plaintext): Fix bug in handling literal packets with + zero-length data (no data was being confused with partial body + length). + + * misc.c (pct_expando), options.skel: %t means extension ("jpg"). + %T means MIME type ("image/jpeg"). + + * import.c (import_one): Only trigger trust update if the keyring + is actually changed. + + * export.c (do_export_stream): Missing a m_free. + +2002-04-22 Stefan Bellon + + * keyid.c (expirestr_from_sk, expirestr_from_sig): Added _() to + string constant. + + * exec.c (make_tempdir) [__riscos__]: Better placement of + temporary file. + +2002-04-20 David Shaw + + * keygen.c (generate_subkeypair): 2440bis04 adds that creating + subkeys on v3 keys is a MUST NOT. + + * getkey.c (finish_lookup): The --pgp6 "use the primary key" + behavior should only apply while data signing and not encryption. + Noted by Roger Sondermann. + +2002-04-19 Werner Koch + + * keygen.c (keygen_set_std_prefs): Put back 3DES because the RFC + says it is good form to do so. + +2002-04-19 David Shaw + + * keyedit.c (menu_deluid): Only cause a trust update if we delete + a non-revoked user id. + + * hkp.c (hkp_ask_import), keyserver.c (parse_keyserver_options, + keyserver_spawn), options.h: Remove fast-import keyserver option + (no longer meaningful). + + * g10.c (main), keyedit.c (sign_uids), options.h: Change + --default-check-level to --default-cert-check-level as it makes + clear what it operates on. + + * g10.c (main): --pgp6 also implies --no-ask-sig-expire. + + * delkey.c (do_delete_key): Comment. + + * keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig, + menu_expire, menu_revsig, menu_revkey): Only force a trustdb check + if we did something that changes it. + + * g10.c: add "--auto-check-trustdb" to override a + "--no-auto-check-trustdb" + +2002-04-19 Werner Koch + + * tdbio.c (tdbio_write_nextcheck): Return a status whether the + stamp was actually changed. + * trustdb.c (revalidation_mark): Sync the changes. Removed the + sync operation done by its callers. + (get_validity): Add logic for maintaining a pending_check flag. + (clear_ownertrust): New. + + * keyedit.c (sign_uids): Don't call revalidation_mark depending on + primary_pk. + (keyedit_menu): Call revalidation_mark after "trust". + (show_key_with_all_names): Print a warning on the wrong listed key + validity. + + * delkey.c (do_delete_key): Clear the owenertrust information when + deleting a public key. + +2002-04-18 Werner Koch + + * seskey.c (encode_md_value): Print an error message if a wrong + digest algorithm is used with DSA. Changed all callers to cope + with a NULL return. Problem noted by Imad R. Faiad. + +2002-04-18 David Shaw + + * trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable + signatures that can expire. In short, the only thing that can + override an unexpired nonrevocable signature is another unexpired + nonrevocable signature. + + * getkey.c (finish_lookup): Always use primary signing key for + signatures when --pgp6 is on since pgp6 and 7 do not understand + signatures made by signing subkeys. + +2002-04-18 Werner Koch + + * trustdb.c (validate_keys): Never schedule a nextcheck into the + past. + (validate_key_list): New arg curtime use it to set next_expire. + (validate_one_keyblock): Take the current time from the caller. + (clear_validity, reset_unconnected_keys): New. + (validate_keys): Reset all unconnected keys. + + * getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax + for use with secret keys. + (lookup): Advance the searchmode after a search FIRST. + + * seckey-cert.c (do_check): Always calculate the old checksum for + use after unprotection. + + * g10.c, options.skel: New option --no-escape-from. Made + --escape-from and --force-v3-sigs the default and removed them + from the options skeleton. + +2002-04-16 Werner Koch + + * parse-packet.c (parse_key): Support a SHA1 checksum as per + draft-rfc2440-bis04. + * packet.h (PKT_secret_key): Add field sha1chk. + * seckey-cert.c (do_check): Check the SHA1 checksum + (protect_secret_key): And create it. + * build-packet.c (do_secret_key): Mark it as sha-1 protected. + * g10.c, options.h: New option --simple-sk-checksum. + +2002-04-13 David Shaw + + * parse-packet.c (parse_signature): Minor fix - signatures should + expire at their expiration time and not one second later. + + * keygen.c (proc_parameter_file): Allow specifying preferences + string (i.e. "s5 s2 z1 z2", etc) in a batchmode key generation + file. + + * keyedit.c (keyedit_menu): Print standard error message when + signing a revoked key (no new translation). + + * getkey.c (merge_selfsigs): Get the default set of key prefs from + the real (not attribute) primary uid. + +2002-04-12 David Shaw + + * pkclist.c (build_pk_list): Fix bug that allowed a key to be + selected twice in batch mode if one instance was the default + recipient and the other was an encrypt-to. Noted by Stefan + Bellon. + + * parse-packet.c (dump_sig_subpkt): Show data in trust and regexp + sig subpackets. + + * keyedit.c (keyedit_menu): Use new function real_uids_left to + prevent deleting the last real (i.e. non-attribute) uid. Again, + according to the attribute draft. (menu_showphoto): Make another + string translatable. + +2002-04-11 David Shaw + + * build-packet.c (build_sig_subpkt): Delete subpackets from both + hashed and unhashed area on update. (find_subpkt): No longer + needed. + + * keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key + with a v4 signature. As usual, --expert overrides. Try to tweak + some strings to a closer match so they can all be translated in + one place. Use different helptext keys to allow different help + text for different questions. + + * keygen.c (keygen_upd_std_prefs): Remove preferences from both + hashed and unhashed areas if they are not going to be used. + +2002-04-10 David Shaw + + * misc.c (pct_expando), options.skel: Use %t to indicate type of a + photo ID (in this version, it's always "jpeg"). Also tweak string + expansion loop to minimize reallocs. + + * mainproc.c (do_check_sig): Variable type fix. + + * keyedit.c (menu_set_primary_uid): Differentiate between true + user IDs and attribute user IDs when making one of them primary. + That is, if we are making a user ID primary, we alter user IDs. + If we are making an attribute packet primary, we alter attribute + packets. This matches the language in the latest attribute packet + draft. + + * keyedit.c (sign_uids): No need for the empty string hack. + + * getkey.c (fixup_uidnode): Only accept preferences from the + hashed segment of the self-sig. + +2002-04-10 Werner Koch + + * tdbio.c (migrate_from_v2): Fixed the offset to read the old + ownertrust value and only add entries to the table if we really + have a value. + +2002-04-08 David Shaw + + * status.h, status.c (get_status_string): Add KEYEXPIRED, EXPSIG, + and EXPKEYSIG. Add "deprecated-use-keyexpired-instead" to + SIGEXPIRED. + + * sig-check.c (do_check): Start transition from SIGEXPIRED to + KEYEXPIRED, since the actual event is signature verification by an + expired key and not an expired signature. (do_signature_check, + packet.h): Rename as signature_check2, make public, and change all + callers. + + * mainproc.c (check_sig_and_print, do_check_sig): Use status + EXPSIG for an expired, but good, signature. Add the expiration + time (or 0) to the VALIDSIG status line. Use status KEYEXPSIG for + a good signature from an expired key. + + * g10.c (main): remove checks for no arguments now that argparse + does it. + +2002-04-06 Werner Koch + + * keyring.c (keyring_get_keyblock): Disable the keylist mode here. + + * encode.c (encode_simple, encode_crypt): Only test on compressed + files if a compress level was not explicity set. + + * keygen.c (keygen_set_std_prefs): Removed Blowfish and Twofish + from the list of default preferences, swapped the preferences of + RMD160 and SHA1. Don't include a preference to 3DES unless the + IDEA kludge gets used. + + * free-packet.c (free_packet): call free_encrypted also for + PKT_ENCRYPTED_MDC. + + * compress.c (release_context): New. + (handle_compressed): Allocate the context and setup a closure to + release the context. This is required because there is no + guarabntee that the filter gets popped from the chain at the end + of the function. Problem noted by Timo and probably also the + cause for a couple of other reports. + (compress_filter): Use the release function if set. + + * tdbio.c [__CYGWIN32__]: Don't rename ftruncate. Noted by + Disastry. + + * parse-packet.c (parse_signature): Put parens around a bit test. + + * exec.c (make_tempdir): Double backslash for TMP directory + creation under Windows. Better strlen the DIRSEP_S constants for + allocation measurements. + + * decrypt.c (decrypt_messages): Release the passphrase aquired + by get_last_passphrase. + +2002-04-02 Werner Koch + + * Makefile.am (EXTRA_DIST): Removed OPTIONS an pubring.asc - they + are no longer of any use. + +2002-04-03 David Shaw + + * keyserver.c (parse_keyserver_options): fix auto-key-retrieve to + actually work as a keyserver-option (noted by Roger Sondermann). + + * keylist.c (reorder_keyblock): do not reorder the primary + attribute packet - the first user ID must be a genuine one. + +2002-03-31 David Shaw + + * keylist.c (list_keyblock_colon): Fix ownertrust display with + --with-colons. + + * keygen.c (generate_user_id), photoid.c (generate_photo_id): + Properly initialize the user ID refcount. A few more "y/n" -> + "y/N" in photoid.c. + + * keyedit.c (ask_revoke_sig): Warn the user if they are about to + revoke an expired sig (not a problem, but they should know). Also + tweak a few prompts to change "y/n" to "y/N", which is how most + other prompts are written. + + * keyserver.c (keyserver_search_prompt): Control-d escapes the + keyserver search prompt. + + * pkclist.c (show_revocation_reason & callers): If a subkey is + considered revoked solely because the parent key is revoked, print + the revocation reason from the parent key. + + * trustdb.c (get_validity): Allow revocation/expiration to apply + to a uid/key with no entry in the trustdb. + +2002-03-29 David Shaw + + * keyserver.c (printunquoted): unquote backslashes from keyserver + searches + + * hkp.c (write_quoted): quote backslashes from keyserver searches + +2002-03-26 Werner Koch + + * keygen.c (ask_keysize): Removed the warning for key sizes > 1536. + +2002-03-25 Werner Koch + + * keyedit.c (sign_uids): Use 2 strings and not a %s so that + translations can be done the right way. + * helptext.c: Fixed small typo. + +2002-03-23 David Shaw + + * import.c (append_uid, merge_sigs): it is okay to import + completely non-signed uids now (with --allow-non-selfsigned-uid). + + * getkey.c (get_primary_uid, merge_selfsigs_main): do not choose + an attribute packet (i.e. photo) as primary uid. This prevents + oddities like "Good signature from [image of size 2671]". This is + still not perfect (one can still select an attribute packet as + primary in --edit), but is closer to the way the draft is going. + + * g10.c (build_list): algorithms should include 110. + + * g10.c (main): --pgp2 implies --no-ask-sig-expire and + --no-ask-cert-expire as those would cause a v4 sig/cert. + + * armor.c (is_armor_header): be more lenient in what constitutes a + valid armor header (i.e. -----BEGIN blah blah-----) as some + Windows programs seem to add spaces at the end. --openpgp makes + it strict again. + +2002-03-18 David Shaw + + * keyserver.c (keyserver_search_prompt): Properly handle a "no + keys found" case from the internal HKP code (external HKP is ok). + Also, make a COUNT -1 (i.e. streamed) keyserver response a little + more efficient. + + * g10.c (main): Add --no-allow-non-selfsigned-uid + +2002-03-17 David Shaw + + * g10.c (main): --openpgp implies --allow-non-selfsigned-uid. + + * getkey.c (merge_selfsigs_main): If none of the uids are primary + (because none are valid) then pick the first to be primary (but + still invalid). This is for cosmetics in case some display needs + to print a user ID from a non-selfsigned key. Also use + --allow-non-selfsigned-uid to make such a key valid and not + --always-trust. The key is *not* automatically trusted via + --allow-non-selfsigned-uid. + + * mainproc.c (check_sig_and_print): Make sure non-selfsigned uids + print [uncertain] on verification even though one is primary now. + + * getkey.c (merge_selfsigs): If the main key is not valid, then + neither are the subkeys. + + * import.c (import_one): Allow --allow-non-selfsigned-uid to work + on completely unsigned keys. Print the uids in UTF8. Remove + mark_non_selfsigned_uids_valid(). + + * keyedit.c (show_key_with_all_names): Show revocation key as + UTF8. + + * sign.c (clearsign_file): Allow --not-dash-escaped to work with + v3 keys. + +2002-03-14 Werner Koch + + * main.h: Changed the default algorithms to CAST5 and SHA1. + +2002-03-13 David Shaw + + * import.c (chk_self_sigs): Show which user ID a bad self-sig + (invald sig or unsupported public key algorithm) resides on. + + * import.c (chk_self_sigs): any valid self-sig should mark a user + ID or subkey as valid - otherwise, an attacker could DoS the user + by inventing a bogus invalid self-signature. + +2002-03-07 David Shaw + + * g10.c (main): make a few more strings translatable. + + * options.h, options.skel, g10.c (main), gpgv.c, mainproc.c + (check_sig_and_print), keyserver.c (parse_keyserver_options): + --auto-key-retrieve should really be a keyserver-option variable. + + * import.c (revocation_present): new function to print a warning + if a key is imported that has been revoked by designated revoker, + but the designated revoker is not present to verify the + revocation. If keyserver-options auto-key-retrieve is set, try + and fetch the designated revoker from the keyserver. + + * import.c (import_one): call revocation_present after importing a + new key. Note that this applies to --import, --recv-keys, and + --search-keys. + + * keyserver-internal.h, keyserver.c (keyserver_import_fprint): + import via fingerprint (for revocation keys). + + * keyserver.c (keyserver_import_keyid): much simpler + implementation now that we're using KEYDB_SEARCH_DESC internally. + +2002-03-04 David Shaw + + * revoke.c (gen_revoke): do not prompt for revocation reason for + v3 revocations (unless force-v4-certs is on) since they wouldn't + be used anyway. + + * keyedit.c (menu_revsig): show the status of the sigs + (exportable? revocable?) to the user before prompting for which + sig to revoke. Also, make sure that local signatures get local + revocations. + + * keyedit.c (ask_revoke_sig): remind the user which sigs are + local. + + * g10.c (main): Add "exec-path" variable to override PATH for + execing programs. + + * export.c (do_export_stream): properly check return code from + classify_user_id to catch unclassifiable keys. + +2002-03-03 David Shaw + + * parse-packet.c (parse_signature): variable type tweak for RISC + OS (from Stefan) + +2002-02-28 David Shaw + + * getkey.c (check_revocation_keys): New function to check a + revocation against a list of potential revocation keys. Note the + loop-breaking code here. This is to prevent blowing up if A is + B's revocation key, while B is also A's. Note also that this is + written so that a revoked revoker can still issue revocations: + i.e. If A revokes B, but A is revoked, B is still revoked. I'm + not completely convinced this is the proper behavior, but it + matches how PGP does it. It does at least have the advantage of + much simpler code - my first version of this had lots of loop + maintaining code so you could chain revokers many levels deep and + if D was revoked, C was not, which meant that B was, and so on. + It was sort of scary, actually. + + * getkey.c (merge_selfsigs_main): Add any revocation keys onto the + pk. This is particularly interesting since we normally only get + data from the most recent 1F signature, but you need multiple 1F + sigs to properly handle revocation keys (PGP does it this way, and + a revocation key could be marked "sensitive" and hence in a + different signature). Also, if a pk has a revocation key set, + check for revocation sigs that were not made by us - if made by a + valid revocation key, mark the pk revoked. + + * packet.h, getkey.c (cache_public_key): do not cache key if + "dont_cache" is set. This allows the revocation key code to look + up a key and return information that may be inaccurate to prevent + loops without caching the fake data. + + * packet.h, sig-check.c (do_signature_check): Record if a + signature was made by a revoked pk. + + * packet.h, parse-packet.c (parse_one_sig_subpkt, + can_handle_critical, parse_signature): Get revocation key + information out of direct sigs. + + * keylist.c (list_keyblock_print): don't assume that the presence + of a 0x20 signature means the key is revoked. With revocation + keys, this may not be true if the revocation key is not around to + verify it or if verification failed. Also, 0x1F should get listed + as "sig", and not "unexpected signature class". + + * keyedit.c (show_key_with_all_names): Add a flag for printing + revoker information and change all callers. + + * import.c (merge_blocks): merge in any new direct key (0x1F) + sigs. + + * import.c (import_revoke_cert): don't keep processing after a + revocation is rejected. + + * import.c (delete_inv_parts): Allow importing a revocation + signature even if it was not issued by the key. This allows a + revocation key to issue it. Of course, the sig still needs to be + checked before we trust it. + + * free-packet.c (copy_public_key): Include a new copy of the + revocation keys when duping a pk. + + * free-packet.c (free_seckey_enc, release_public_key_parts): Free + any revocation keys that are attached to a sig or pk. + + * export.c (do_export_stream): Do not export signatures with + "sensitive" revocation keys in them. + +2002-02-27 David Shaw + + * export.c (do_export_stream): Do not include v3 keys in a + --export-secret-subkeys export. + + * getkey.c (merge_selfsigs_main): If a key isn't valid (say, + because of no self-signature), allow --always-trust to force it + valid so it can be trusted. + +2002-02-25 David Shaw + + * hkp.c (hkp_ask_import), hkp.h, keyserver.c (all): treat key + lists internally as fingerprints when possible. All this is via + KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows + the helper program to search the keyserver by fingerprint if + desired (and the keyserver supports it). Note that automatic + fingerprint promotion during refresh only applies to v4 keys as a + v4 fingerprint can be easily changed into a long or short key id, + and a v3 cannot. + + * pubkey-enc.c, getkey.c, misc.c, main.h: Take two copies of + hextobyte() from pubkey-enc.c and getkey.c and make them into one + copy in misc.c. + +2002-02-22 David Shaw + + * keyserver.c (keyserver_search_prompt): Detect a "no keys found" + case even if the helper program does not explicitly say how many + keys were found. + + * hkp.c (parse_hkp_index): Bug fix - don't report non-revoked keys + as revoked in HKP key searches. + +2002-02-19 Werner Koch + + * parse-packet.c (parse_trust): Made parsing more robust. + +2002-02-19 David Shaw + + * hkp.c (parse_hkp_index): Catch corruption in HKP index lines + (can be caused by broken or malicious keyservers). + + * keyserver.c (keyserver_work): Add KEYSERVER_NOT_SUPPORTED for + unsupported actions (say, a keyserver that has no way to search, + or a readonly keyserver that has no way to add). Also add a + USE_EXTERNAL_HKP define to disable the internal HKP keyserver + code. + +2002-02-14 Werner Koch + + * g10.c: New option --no-use-agent. + + * pkclist.c (check_signatures_trust): Always print the warning for + unknown and undefined trust. Removed the did_add cruft. Reported + by Janusz A. Urbanowicz. + +2002-02-11 David Shaw + + * hkp.c (parse_hkp_index): Bug fix - properly handle user IDs with + colons (":") in them while HKP searching. + +2002-02-09 David Shaw + + * misc.c (pct_expando): More comments. + + * keydb.h, sign.c (mk_notation_and_policy): Clarify what is a sig + and what is a cert. A sig has sigclass 0x00, 0x01, 0x02, or 0x40, + and everything else is a cert. + + * g10.c (main), keyedit.c (keyedit_menu): Add a "nrlsign" for + nonrevocable and local key signatures. + + * g10.c (main): Add a --no-force-mdc to undo --force-mdc. + + * options.h, g10.c (main), cipher.c (write_header): Add a knob to + --disable-mdc/--no-disable-mdc. Off by default, of course, but is + used in --pgp2 and --pgp6 modes. + + * pkclist.c (build_pk_list): Allow specifying multiple users in + the "Enter the user ID" loop. Enter a blank line to stop. Show + each key+id as it is added. + + * keylist.c (show_policy_url), mainproc.c (print_notation_data): + It is not illegal (though possibly silly) to have multiple policy + URLs in a given signature, so print all that are present. + + * hkp.c (hkp_search): More efficient implementation of URL-ifying + code. + +2002-02-04 David Shaw + + * main.h, misc.c (pct_expando): New function to generalize + %-expando processing in any arbitrary string. + + * photoid.c (show_photo): Call the new pct_expando function rather + than expand strings internally. + + * sign.c (mk_notation_and_policy): Show policy URLs and notations + when making a signature if show-policy/show-notation is on. + %-expand policy URLs during generation. This lets the user have + policy URLs of the form "http://notary.jabberwocky.com/keysign/%K" + which will generate a per-signature policy URL. + + * main.h, keylist.c (show_policy_url, show_notation): Add amount + to indent so the same function can be used in key listings as well + as during sig generation. Change all callers. + +2002-02-04 David Shaw + + * keyserver.c, options.h (parse_keyserver_options, keyidlist): + Workaround for the pksd and OKS keyserver bug that calculates v4 + RSA keyids as if they were v3. The workaround/hack is to fetch + both the v4 (e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids. This + only happens for key refresh while using the HKP scheme and the + refresh-add-fake-v3-keyids keyserver option must be set. This + should stay off by default. + +2002-02-03 David Shaw + + * keyserver.c (keyserver_spawn): Bug fix - do not append keys to + each other when --sending more than one. + +2002-02-02 David Shaw + + * options.h, g10.c (main), keyedit.c (sign_uids), sign.c + (mk_notation_and_policy): Split "--set-policy-url" into + "--cert-policy-url" and "--sig-policy-url" so the user can set + different policies for key and data signing. For backwards + compatibility, "--set-policy-url" sets both, as before. + +2002-01-30 Werner Koch + + * g10.c (main): --gen-random --armor does now output a base64 + encoded string. + +2002-01-28 David Shaw + + * g10.c (main), options.h, pkclist.c (algo_available): --pgp6 + flag. This is not nearly as involved as --pgp2. In short, it + turns off force_mdc, turns on no_comment, escape_from, and + force_v3_sigs, and sets compression to 1. It also restricts the + user to IDEA (if present), 3DES, CAST5, MD5, SHA1, and RIPEMD160. + See the comments above algo_available() for lots of discussion on + why you would want to do this. + +2002-01-27 David Shaw + + * keygen.c (keygen_set_std_prefs): Comment + + * keyedit.c (sign_uids): Bug fix - when signing with multiple + secret keys at the same time, make sure each key gets the sigclass + prompt. + + * exec.c (exec_finish): Close the iobuf and FILE before trying to + waitpid, so the remote process will get a SIGPIPE and exit. This + is only a factor when using a pipe to communicate. + + * exec.c (exec_write): Disable cache-on-close of the fd iobuf (is + this right? Why is a fd iobuf cached at all?) + +2002-01-26 Werner Koch + + * g10.c, options.h: New option --gpg-agent-info + * passphrase.c (agent_open): Let it override the environment info. + * seckey-cert.c (check_secret_key): Always try 3 times when the + agent is enabled. + * options.skel: Describe --use-agent. + +2002-01-24 David Shaw + + * pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences + against keys with v4 self sigs - there is really little point in + warning for every single non-IDEA message encrypted to an old key. + + * pkclist.c (select_algo_from_prefs): Only put in the fake IDEA + preference if --pgp2 is on. + + * mainproc.c (check_sig_and_print): Print "Expired" for expired + but good signatures (this still prints "BAD" for expired but bad + signatures). + +2002-01-23 David Shaw + + * keygen.c (ask_keysize): Cosmetic: don't present a RSA signing + key as a "keypair" which can be 768 bits long (as RSA minimum is + 1024). + + * pubkey-enc.c (is_algo_in_prefs): Allow IDEA as a fake preference + for v3 keys with v3 selfsigs. + +2002-01-22 David Shaw + + * packet.h, getkey.c (merge_selfsigs_main), pkclist.c + (select_algo_from_prefs): Implement the fake IDEA preference as + per RFC2440:12.1. This doesn't mean that IDEA will be used (the + plugin may not be present), but it does mean that a v3 key with a + v3 selfsig has an implicit IDEA preference instead of 3DES. v3 + keys with v4 selfsigs use preferences as normal. + + * encode.c (encode_crypt): if select_algo_from_prefs fails, this + means that we could not find a cipher that both keys like. Since + all v4 keys have an implicit 3DES preference, this means there is + a v3 key with a v3 selfsig in the list. Use 3DES in this case as + it is the safest option (we know the v4 key can handle it, and + we'll just hope the v3 key is being used in an implementation that + can handle it). If --pgp2 is on, warn the user what we're doing + since it'll probably break PGP2 compatibility. + + * g10.c (main): Do not force using IDEA for encrypted files in + --pgp2 mode - let the fake IDEA preference choose this for us for + better compatibility when encrypting to multiple keys, only some + of which are v3. + + * keygen.c (keygen_set_std_prefs): Put 3DES on the end of the + default cipher pref list (RFC2440: "...it is good form to place it + there explicitly."). If the user has the IDEA plugin installed, + put a preference for IDEA *after* 3DES to effectively disable its + use for everything except encrypting along with v3 keys. + + * encode.c, g10.c, sign.c: Change the PGP2 warning line from + "... will not be usable ..." to "... may not be usable ..." as the + user could be using one of the enhanced PGP2 variations. + + * helptext.c: Revise the sign_uid.class help text as suggested by + Stefan. + +2002-01-20 Werner Koch + + * passphrase.c (passphrase_to_dek): Add tryagain_text arg to be + used with the agent. Changed all callers. + (agent_get_passphrase): Likewise and send it to the agent + * seckey-cert.c (do_check): New arg tryagain_text. + (check_secret_key): Pass the string to do_check. + * keygen.c (ask_passphrase): Set the error text is required. + * keyedit.c (change_passphrase): Ditto. + + * passphrase.c (agent_open): Disable opt.use_agent in case of a + problem with the agent. + (agent_get_passphrase): Ditto. + (passphrase_clear_cache): Ditto. + +2002-01-19 Werner Koch + + * passphrase.c (agent_open): Add support for the new Assuan based + gpg-agent. New arg to return the used protocol version. + (agent_get_passphrase): Implemented new protocol here. + (passphrase_clear_cache): Ditto. + (readline): New. + +2002-01-15 Timo Schulz + + * encode.c (encode_crypt_files): Fail if --output is used. + + * g10.c: New command --decrypt-files. + + * decrypt.c (decrypt_messages): New. + +2002-01-09 David Shaw + + * g10.c, misc.c, gpgv.c: move idea_cipher_warn to misc.c so gpgv.c + doesn't need a stub for it any longer. + + * g10.c (get_temp_dir), main.h: no longer used (it's in exec.c now) + + * g10.c (main), delkey.c (delete_keys), main.h : Allow + --delete-key (now --delete-keys, though --delete-key still works, + of course) to delete multiple keys in one go. This applies to + --delete-secret-key(s) and --delete-secret-and-public-key(s) as + well. + +2002-01-09 Timo Schulz + + * encode.c (encode_crypt_files): Now it behaves like verify_files. + + * g10.c (main): We don't need to check argc for encode_crypt_files + any longer. + +2002-01-09 Timo Schulz + + * exec.c: Include windows.h for dosish systems. + +2002-01-08 Timo Schulz + + * g10.c (main): New description for --encrypt-files. + +2002-01-08 Werner Koch + + * g10.c (main): Must register the secring for encryption because + it is needed to figure out the default recipient. Reported by + Roger Sondermann. + +2002-01-05 David Shaw + + * keyedit.c (menu_adduid): Require --expert before adding a photo + ID to a v3 key, and before adding a second photo ID to any key. + + * keyedit.c (keyedit_menu): Don't allow adding photo IDs in + rfc1991 or pgp2 mode. + + * getkey.c (merge_selfsigs_subkey): Permit v3 subkeys. Believe it + or not, this is allowed by rfc 2440, and both PGP 6 and PGP 7 work + fine with them. + + * g10.c, options.h, keyedit.c, sign.c: Move the "ask for + expiration" switch off of --expert, which was getting quite + overloaded, and onto ask-sig-expire and ask-cert-expire. Both + default to off. + + * g10.c (main): Change the default compression algo to 1, to be + more OpenPGP compliant (PGP also uses this, so it'll help with + interoperability problems as well). + + * encode.c (encode_crypt): Handle compression algo 2, since the + default is now 1. + + * build-packet.c (build_attribute_subpkt): Fix off-by-one error. + +2002-01-05 Werner Koch + + * g10.c (main): Do not register the secret keyrings for certain + commands. + + * keydb.c (keydb_add_resource): Use access to test for keyring + existence. This avoids cached opened files which are bad under + RISC OS. + +2002-01-04 David Shaw + + * sign.c (sign_file, sign_symencrypt_file): always use one-pass + packets unless rfc1991 is enabled. This allows a signature made + with a v3 key to work in PGP 6 and 7. Signatures made with v4 + keys are unchanged. + + * g10.c (main): Disallow non-detached signatures in PGP2 mode. + Move the "you must use files and not pipes" PGP2 warning up so all + the PGP2 stuff is together. + + * encode.c (encode_simple): Use the actual filesize instead of + partial length packets in the internal literal packet from a + symmetric message. This breaks PGP5(?), but fixes PGP2, 6, and 7. + It's a decent tradeoff. Note there was only an issue with + old-style RFC1991 symmetric messages. 2440-style messages in 6 + and 7 work with or without partial length packets. + +2002-01-03 David Shaw + + * g10.c (main): Removed --no-default-check-level option, as it is + not consistent with other "default" options. Plus, it is the same + as saying --default-check-level 0. + + * exec.c (exec_read): Disallow caching tempfile from child + process, as this keeps the file handle open and can cause unlink + problems on some platforms. + + * keyserver.c (keyserver_search_prompt): Minor tweak - don't + bother to transform keyids into textual form if they're just going + to be transformed back to numbers. + +2002-01-03 Timo Schulz + + * g10.c: New command --encrypt-files. + + * verify.c (print_file_status): Removed the static because + encode_crypt_files also uses this function. + + * main.h (print_files_status): New. + (encode_crypt_files): New. + + * encode.c (encode_crypt_files): New. + +2002-01-02 Stefan Bellon + + * keyserver.c: Moved util.h include down in order to avoid + redefinition problems on RISC OS. + + * keyring.c (keyring_lock): Only lock keyrings that are writable. + + * keyring.c (keyring_update_keyblock): Close unused iobuf. + + * hkp.c (parse_hkp_index, hkp_search) [__riscos__]: Changed + unsigned char* to char* because of compiler issues. + + * exec.c (exec_finish) [__riscos__]: Invalidate close cache so + that file can be unlinked. + +2001-12-28 David Shaw + + * g10.c (main): Use a different strlist to check extensions since + they need to be handled seperately now. + + * misc.c,main.h (check_permissions): Properly handle permission + and ownership checks on files in the lib directory + (e.g. /usr/local/lib/gnupg), which are owned by root and are + world-readable, and change all callers to specify extension or + per-user file. + + * photoid.c (show_photo), keyserver.c (keyserver_spawn): Bug fix - + don't call exec_finish if exec_write fails. + + * keyserver.c (keyserver_spawn): Look for OPTIONS from the + keyserver helper - specifically, a "OUTOFBAND" option for the + email keyserver. + + * mainproc.c (list_node), keylist.c (list_keyblock_colon), + import.c (delete_inv_parts), export.c (do_export_stream): Use + signature flags for exportability check rather than re-parsing the + subpacket. + + * keyid.c, keydb.h (get_lsign_letter): No longer needed. + +2001-12-27 David Shaw + + * exec.c (exec_finish): Show errors when temp files cannot be + deleted for whatever reason. + + * exec.c (exec_read): Don't rely on WEXITSTATUS being present. + + * exec.c (make_tempdir): Add temp file creator for win32. Don't + create an incoming temp file if the exec is write-only. + + * keyserver.c (keyserver_spawn): Clean up error handling, for when + the spawn fails. + + * photoid.c (show_photo): Clean up error handling. + + * misc.c (check_permissions): Neaten. + +2001-12-25 David Shaw + + * mkdtemp.c (mkdtemp): Add copyleft info and tweak the 'X' counter + to be a bit simpler. + + * keyserver.c, photoid.c: Remove unused headers left over from + when the exec functions lived there. + +2001-12-23 Timo Schulz + + * misc.c (check_permissions): Do not use it for W32 systems. + + * tdbio.c (migrate_from_v2): Define ftruncate as chsize() for W32. + + * mkdtemp.c: W32 support. + + * photoid.c: Ditto. + + * exec.c: Ditto. + +2001-12-22 David Shaw + + * exec.c (make_tempdir): avoid compiler warning with const + + * mkdtemp.c (mkdtemp): catch the empty ("") string case in case + someone repurposes mkdtemp at some point. + + * photoid.c (generate_photo_id, show_photo): some type changes + from Stefan Bellon. + + * exec.c (make_tempdir): handle Win32 systems, suggested by Timo + Schulz. + +2001-12-22 Werner Koch + + * encode.c (encode_simple, encode_crypt): i18n 2 strings. + +2001-12-22 Timo Schulz + + * encode.c (encode_simple, encode_crypt): Use is_file_compressed + to avoid to compress compressed files. + +2001-12-22 Werner Koch + + * keyserver.c (keyserver_spawn): Removed some variables + declaration due to shadowing warnings. + + * build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid + compiler warnig due to index(3). + + * getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value. + * keylist.c (list_one): Made resname const. + + * keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is + not used. + + * options.skel: Changed one example photo viewer to qiv. + +2001-12-21 David Shaw + + * Makefile.am: add exec.c, exec.h, photoid.c, and photoid.h + + * build-packet.c (build_attribute_subpkt): new function to build + the raw attribute subpacket. Note that attribute subpackets have + the same format as signature subpackets. + + * exec.c: new file with generic exec-a-program functionality. + Used by both photo IDs and keyserver helpers. This is pretty much + the same code that used to be keyserver specific, with some + changes to be usable generically. + + * free-packet.c (free_attributes (new)): function to free an + attribute packet. + + * gpgv.c: added stub show_photo + + * keyedit.c (keyedit_menu, menu_adduid, menu_showphoto): can add a + photo (calls generate_photo_id), or display a photo (calls + show_photo) from the --edit menu. New commands are "addphoto", + and "delphoto" (same as "deluid"). + + * keylist.c (list_keyblock_print): show photos during key list if + --show-photos enabled. + + * keyserver.c (keyserver_spawn): use the generic exec_xxx + functions to call keyserver helper. + + * g10.c, options.h: three new options - --{no-}show-photos, and + --photo-viewer to give the command line to display a picture. + + * options.skel: instructions for the photo viewer + + * parse-packet.c (parse_user_id, setup_user_id (new)): common code + for both user IDs and attribute IDs moved to setup_user_id. + + * parse-packet.c (make_attribute_uidname (new)): constructs a fake + "name" for attribute packets (e.g. "[image of size ...]") + + * parse-packet.c (parse_attribute (replaces parse_photo_id), + parse_attribute_subpkts): Builds an array of individual + attributes. Currently only handles attribute image / type jpeg + subpackets. + + * sign.c (hash_uid): Fix bug in signing attribute (formerly + photo_id) packets. + + * packet.h, and callers: globally change "photo_id" to "attribute" + and add structures for attributes. The packet format is generic + attributes, even though the only attribute type thus far defined + is jpeg. + +2001-12-21 David Shaw + + * parse-packet.c (can_handle_critical): Can handle critical + revocation subpackets now. + + * trustdb.c (mark_usable_uid_certs): Disregard revocations for + nonrevocable sigs. Note that this allows a newer revocable + signature to override an older nonrevocable signature. + + * sign.c (make_keysig_packet): add a duration field and change all + callers. This makes make_keysig_packet closer to + write_signature_packets and removes some duplicated expiration + code. + + * keyedit.c (keyedit_menu, menu_revsig, sign_uids, + sign_mk_attrib): Add nrsign command, don't allow revoking a + nonrevocable signature, + + * g10.c (main): Add --nrsign option to nonrevocably sign a key + from the command line. + + * build-packet.c (build_sig_subpkt_from_sig): Comment to explain + the use of CRITICAL. + +2001-12-21 Werner Koch + + * g10.c. options.h : New option --show-keyring + * getkey.c (get_ctx_handle): New. + * keylist.c (list_one): Implement option here. By David Champion. + +2001-12-20 David Shaw + + * keyserver.c (keyserver_spawn): Use mkdtemp() to make temp + directory. + + * mkdtemp.c: replacement function for those platforms that don't + have mkdtemp (make a temp directory securely). + +2001-12-19 David Shaw + + * misc.c (check_permissions): New function to stat() and ensure + the permissions of GNUPGHOME and the files have safe permissions. + + * keydb.c (keydb_add_resource): Check keyring permissions. + + * tdbio.c (tdbio_set_dbname): Check permissions of trustdb.gpg + + * keyserver.c (keyserver_spawn): Disable keyserver schemes that + involve running external programs if the options file has unsafe + permissions or ownership. + + * g10.c, options.h: New option --no-permission-warning to disable + the permission warning message(s). This also permits use of the + keyserver if it had been disabled (see above). Also check the + permissions/ownership of random_seed. + + * keyserver.c (keyserver_spawn): The new glibc prints a warning + when using mktemp() (the code was already secure, but the warning + was bound to cause confusion). Use a different implementation + based on get_random_bits() instead. Also try a few times to get + the temp dir before giving up. + +2001-12-19 Werner Koch + + * g10.c, passphrase.c [CYGWIN32]: Allow this as an alias for MINGW32. + +2001-12-18 David Shaw + + * g10.c (idea_cipher_warn): Add a flag to show the warning always + or once per session and change all callers (show always except for + the secret key protection and unknown cipher from an encrypted + message errors). Also make the strings translatable. + + * pubkey-enc.c (get_it): Add the IDEA cipher warning if the user + tries to decrypt an IDEA encrypted message without the IDEA + plugin. + + * keyserver.c (parse_keyserver_uri): More strict checking of the + keyserver URI. Specifically, fail if the ":port" section is + anything except a number between 1 and 65535. + +2001-12-17 David Shaw + + * keyserver.c (print_keyinfo): No need to check for + control/illegal characters, as utf8_to_native does this for us. + + * mainproc.c (proc_encrypted): Use generic IDEA warning. + + * gpgv.c: add stub for idea_cipher_warn + + * g10.c, hkp.c, keyserver.c: Fix capitalization and plural issues. + + * encode.c (encode_crypt), sign.c (sign_file, clearsign_file): + disable pgp2 mode after the message is no longer pgp2 compatible. + + * g10.c (main): Tweak the PGP2.x IDEA warning to use the generic + warning, and not merely fail if the IDEA plugin isn't there. + + * g10.c (main, idea_cipher_warn), keygen.c (set_one_pref), + seckey-cert.c (do_check): Add a generic IDEA warning for when the + IDEA plugin is not present. This pops up when the user uses + "--cipher-algo idea", when setpref is used to set a "S1" + preference, and when a secret key protected with IDEA is used. + +2001-12-15 Werner Koch + + * keyserver.c (keyserver_spawn): Assert that we have dropped privs. + +2001-12-13 Werner Koch + + * pubkey-enc.c (get_session_key): Check that the public key + algorithm is indeed usable for en/decryption. This avoid a + strange error message from pubkey_decrypt if for some reasons a + bad algorithm indentifier is passed. + +2001-12-12 David Shaw + + * Fixed some types for portability. Noted by Stefan Bellon. + +2001-12-11 Werner Koch + + * hkp.c (hkp_export): Do not print possible control characters + from a keyserver response. + (parse_hkp_index): Made uid an unsigned char* because it is passed to + isspace(). + (hkp_search): Ditto for the char* vars. + + * g10.c (main): Print the IDEA warning also for -c and -se. + + * g10.c (get_temp_dir): Assert that we have dropped privs + + * encode.c (encode_crypt): Include the first key into the --pgp2 + check. + +2001-12-07 David Shaw + + * g10.c, options.h: New option --pgp2. This is identical to + "--rfc1991 --cipher-algo idea --compress-algo 1 --digest-algo md5 + --force_v3_sigs" with the addition of an warning to advise the + user not to use a pipe (which would break pgp2 compatibility). + + * encode.c (encode_crypt): warn if the user tries to encrypt to + any key that is not RSA and <= 2048 bits when the --pgp2 option is + used. + + * sign.c (sign_file, clearsign_file): When using --pgp2, make a v3 + sig, and warn if the signature is made with a non-v3 key. + +2001-12-05 David Shaw + + * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Prompt + for sig expiration if --expert is set and --force-v3-sigs is not + set (v3 sigs cannot expire). + + * mainproc.c (check_sig_and_print): After checking a sig, print + expiration status. This causes a error return if the sig is + expired. + + * build-packet.c (build_sig_subpkt_from_sig): Include a critical + sig expiration subpacket if the sig is to expire. + + * keyedit.c (sign_uids): Do not sign an expired key unless + --expert is set, in which case prompt. Also, offer to expire a + signature when the key the user is signing expires. + + * keygen.c (ask_expire_interval): Add a value to determine whether + to prompt for a key or sig expiration and change all callers. + + * keyid.c: New functions: expirestr_from_sig and + colon_expirestr_from_sig. + + * keylist.c (list_keyblock_colon): Show sig expiration date in the + --with-colons listing. + + * sign.c (make_keysig_packet, write_signature_packets): Pass in an + optional timestamp for the signature packet, and change all + callers. + + * keyedit.c (sign_mk_attrib): Include a critical expiration + subpacket in the signature if an expiration date is given. + +2001-12-04 David Shaw + + * keyedit.c (sign_uids): If the user tries to sign a + locally-signed key, allow the cert to be promoted to a full + exportable signature. This essentially deletes the old + non-exportable sig, and replaces it with a new exportable one. + +2001-12-04 David Shaw + + * keyedit.c (keyedit_menu): Do not allow signing a revoked key + unless --expert is set, and ask even then. + + * keyedit.c (sign_uids): Do not allow signing a revoked UID unless + --expert is set, and ask even then. + + * g10.c, options.h : New option --expert + +2001-11-16 David Shaw + + * Allow the user to select no compression via "--compress-algo 0" + on the command line. + + * keyedit.c (show_prefs): Show compression preferences in the + long-form "showpref" style. + + * keygen.c (set_one_pref): Permit setting a no-compression ("Z0") + preference. + + * getkey.c (fixup_uidnode): Fix compression preference corruption + bug. + +2001-12-02 David Shaw + + * g10.c: Add advisory --for-your-eyes-only option as per section + 5.9 of 2440. + +2001-12-05 David Shaw + + * Force a V4 sig if the user has a notation or policy URL set. + +2001-12-04 David Shaw + + * g10.c: Add options --keyserver-options, --temp-directory, and + auto-key-retrieve (the opposite of no-auto-key-retrieve). + + * hkp.c (hkp_search): New function to handle searching a HKP + keyserver for a key + + * hkp.c (hkp_ask_import, hkp_export): Pretty large changes to make + them communicate via the generic functions in keyserver.c + + * keyserver.c: new file with generic keyserver routines for + getting keys from a keyserver, sending keys to a keyserver, and + searching for keys on a keyserver. Calls the internal HKP stuff + in hkp.c for HKP keyserver functions. Other calls are handled by + an external program which is spawned and written to and read from + via pipes. Platforms that don't have pipes use temp files. + +2001-11-20 David Shaw + + * options.h, g10.c: New options show-notation, no-show-notation, + default-check-level, no-default-check-level, show-policy-url, + no-show-policy-url. + + * packet.h, sign.c (make_keysig_packet), parse-packet.c + (parse_signature), free-packet.c (free_seckey_enc): Fill in + structures for notation, policy, sig class, exportability, etc. + + * keyedit.c, keylist.c (print_and_check_one_sig, + list_keyblock_print): Show flags in signature display for cert + details (class, local, notation, policy, revocable). If selected, + show the notation and policy url. + + * keyedit.c (sign_uids): Prompt for and use different key sig + classes. + + * helptext.c (helptexts): Add help text to explain different + key signature classes + +2001-11-26 David Shaw + + * trustdb.c (mark_usable_uid_certs): Fix segfault from bad + initialization and fix reversed key signature expiration check. + +2001-11-09 Werner Koch + + * export.c (do_export_stream): Put all given names into a search + description and change the loop so that all matching names are + returned. + +2001-11-08 Werner Koch + + * pubkey-enc.c (get_it): To reduce the number of questions on the + MLs print the the name of cipher algorithm 1 with the error message. + + * mainproc.c: Changed the way old rfc1991 encryption cipher is + selected. Based on a patch by W Lewis. + + * pkclist.c (do_edit_ownertrust): Allow to skip over keys, the non + working "show info" is now assigned to "i" + * trustdb.c (ask_ownertrust, validate_keys): Implement a real quit + here. Both are by David Shaw. + + * trustdb.c (validate_keys): Make sure next_exipire is initialized. + + * sign.c (make_keysig_packet): Use SHA-1 with v4 RSA keys. + + * g10.c, options.h : New option --[no-]froce-v4-certs. + * sign.c (make_keysig_packet): Create v4 sigs on v4 keys even with + a v3 key. Use that new option. By David Shaw + + * revoke.c (ask_revocation_reason): Allow to select "no reason". + By David Shaw. + + * keyid.c (fingerprint_from_sk): Calculation of an v3 fpr was + plain wrong - nearly the same code in fingerprint_from_pk is correct. + + * build-packet.c (do_secret_key): Added a few comments to the code. + +2001-11-07 Werner Koch + + * g10.c (main): Print a warning when -r is used w/o encryption. + Suggested by Pascal Scheffers. + +2001-10-23 Werner Koch + + * keyedit.c (keyedit_menu): Changed helptext for showpref + command. Suggested by Reinhard Wobst. + + * keyring.c (keyring_search): When marking the offtbl ready, take + into account that we may have more than one keyring. + +2001-10-22 Werner Koch + + * Makefile.am: Do not use OMIT_DEPENDENCIES + + * build-packet.c (build_sig_subpkt): Default is now to put all + types of subpackets into the hashed area and only list those which + should go into the unhashed area. + +2001-10-18 Werner Koch + + * keydb.c (keydb_add_resource): Rearranged the way we keep track + of the resource. There will now be an entry for each keyring here + and not in keyring.c itself. Store a token to allow creation of a + keyring handle. Changed all functions to utilize this new design. + (keydb_locate_writable): Make a real implementation. + * keyring.c (next_kr): Removed and changed all callers to set the + resource directly from the one given with the handle. + (keyring_is_writable): New. + (keyring_rebuild_cache): Add an arg to pass the token from keydb. + +2001-10-17 Werner Koch + + * keyring.c (keyring_search): Enabled word search mode but print a + warning that it is buggy. + +2001-10-11 Werner Koch + + * hkp.c (hkp_ask_import): No more need to set the port number for + the x-hkp scheme. + (hkp_export): Ditto. + +2001-10-06 Stefan Bellon + + * passphrase.c [__riscos__]: Disabled agent specific stuff. + * g10.c: New option --no-force-v3-sigs. + +2001-10-04 Werner Koch + + * export.c (do_export_stream): Do not push the compress filter + here because the context would run out of scope due to the + iobuf_close done by the caller. + (do_export): Do it here instead. + +2001-09-28 Werner Koch + + * keyedit.c (sign_uids): Always use the primary key to sign keys. + * getkey.c (finish_lookup): Hack to return only the primary key if + a certification key has been requested. + + * trustdb.c (cmp_kid_for_make_key_array): Renamed to + (validate_one_keyblock): this and changed arg for direct calling. + (make_key_array): Renamed to + (validate_one_keyblock): this and changed args for direct calling. + (mark_usable_uid_certs, validate_one_keyblock) + (validate_key_list): Add next_expire arg to keep track of + expiration times. + (validate_keys): Ditto for UTKs and write the stamp. + + * tdbio.c (migrate_from_v2): Check return code of tbdio_sync. + + * tdbdump.c (import_ownertrust): Do a tdbio_sync(). + + * keyring.c: Made the offtbl an global object. + +2001-09-27 Werner Koch + + * pkclist.c (do_edit_ownertrust): Allow settin of ultimate trust. + + * trustdb.c (mark_keyblock_seen): New. + (make_key_array): Use it to mark the subkeys too. + (validate_keys): Store validity for ultimatly trusted keys. + +2001-09-26 Werner Koch + + * pkclist.c (check_signatures_trust, do_we_trust): Removed the + invocation of add_ownertrust. Minor changes to the wording. + (add_ownertrust, add_ownertrust_cb): Removed. + + * trustdb.c (get_validity): Allow to lookup the validity using a + subkey. + + * trustdb.c (new_key_hash_table): Increased the table size to 1024 + and changed the masks accordingly. + (validate): Changed stats printing. + (mark_usable_uid_certs): New. + (cmp_kid_for_make_key_array): Does now check the signatures and + figures out a usable one. + +2001-09-25 Werner Koch + + * keyring.c (new_offset_item,release_offset_items) + (new_offset_hash_table, lookup_offset_hash_table) + (update_offset_hash_table, update_offset_hash_table_from_kb): New. + (keyring_search): Use a offset table to optimize search for + unknown keys. + (keyring_update_keyblock, keyring_insert_keyblock): Insert new + offsets. + * getkey.c (MAX_UNK_CACHE_ENTRIES): Removed the unknown keys + caching code. + + * g10.c, options.h, import.c: Removed the entire + allow-secret-key-import stuff because the validity is now + controlled by other means. + + * g10.c: New command --rebuild-keydb-caches. + * keydb.c (keydb_rebuild_caches): New. + * keyring.c (do_copy): Moved some code to + (create_tmp_file, rename_tmp_file, write_keyblock): new functions. + (keyring_rebuild_cache): New. + + * packet.h (PKT_ring_trust): Add sigcache field. + * parse-packet.c (parse_trust): Parse sigcache. + * keyring.c (do_copy): Always insert a sigcache packet. + (keyring_get_keyblock): Copy the sigcache packet to the signature. + * sig-check.c (cache_sig_result): Renamed from + cache_selfsig_result. Changed implementation to use the flag bits + and changed all callers. + (mdc_kludge_check): Removed this unused code. + (do_check): Do not set the sig flags here. + + * import.c (read_block): Make sure that ring_trust packets are + never imported. + * export.c (do_export_stream): and never export them. + + * trustdb.c (make_key_array): Skip revoked and expired keys. + +2001-09-24 Werner Koch + + * g10.c, options.h: New option --no-auto-check-trustdb. + + * keygen.c (do_generate_keypair): Set newly created keys to + ultimately trusted. + + * tdbio.h, tdbio.c: Removed all support for records DIR, KEY, UID, + PREF, SIG, SDIR and CACH. Changed migration function to work + direct on the file. + (tdbio_read_nextcheck): New. + (tdbio_write_nextcheck): New. + +2001-09-21 Werner Koch + + Revamped the entire key validation system. + * trustdb.c: Complete rewrite. No more validation on demand, + removed some functions, adjusted to all callers to use the new + and much simpler interface. Does not use the LID anymore. + * tdbio.c, tdbio.h: Add new record types trust and valid. Wrote a + migration function to convert to the new trustdb layout. + * getkey.c (classify_user_id2): Do not allow the use of the "#" + prefix. + * keydb.h: Removed the TDBIDX mode add a skipfnc to the + descriptor. + * keyring.c (keyring_search): Implemented skipfnc. + + * passphrase.c (agent_open): Add missing bracket. Include windows.h. + +2001-09-19 Werner Koch + + * keylist.c (print_fingerprint): Renamed from fingerprint, made + global available. Added new arg to control the print style. + * mainproc.c (print_fingerprint): Removed. + * pkclist.c (print_fpr, fpr_info): Removed and changed callers to + use print_fingerprint. + * keyedit.c (show_fingerprint): Ditto. + + * passphrase.c (writen, readn) + (agent_open, agent_close) + (agent_get_passphrase) + (passphrase_clear_cache): Support for W32. Contributed by Timo. + + * import.c (import_one): Release keydb handles at 2 more places. + + * keyring.c (keyring_release): Close the iobuf. + (keyring_get_keyblock): Init ret_kb to NULL and store error contidion. + + * import.c (import_new_stats_handle): New. + (import_release_stats_handle): New. + (import_print_stats): Renamed from static fnc print_stats. + (import_keys, import_keys_stream): Add an optional status handle + arg and changed all callers. + * hkp.c (hkp_ask_import): Add an stats_handle arg and changed all + callers. + + * mainproc.c (print_pkenc_list): Use print_utf8_string2(). + +2001-09-18 Werner Koch + + * g10.c: New command --refresh-keys. + * hkp.c (hkp_refresh_keys): New. Contributed by Timo Schulz. + + * parse-packet.c (parse): Stop on impossible packet lengths. + +2001-09-17 Werner Koch + + * mainproc.c (print_notation_data): Wrap notation data status lines + after 50 chars. + + * mainproc.c (proc_pubkey_enc): Make option try-all-secrets work. + By disastry@saiknes.lv. + +2001-09-14 Werner Koch + + * parse-packet.c (dump_sig_subpkt): List key server preferences + and show the revocable flag correctly. Contributed by David Shaw. + +2001-09-09 Werner Koch + + * keyedit.c (keyedit_menu): No need to define another p. + + * keylist.c (print_capabilities): s/used/use/ so that it + does not shadow a global. + * sign.c (sign_file): Renamed arg encrypt to encryptflag + * keygen.c: Replaced all "usage" by "use". + * misc.c (openpgp_pk_algo_usage): Ditto. + + * pubkey-enc.c (get_it): Renamed arg k to enc so that the later + defined k does not shadow it. + + * parse-packet.c (parse_gpg_control): No need to define another i. + + * getkey.c (get_pubkey_byfprint): Must use the enum values and not + the fprint_len. + * keyring.c (keyring_search): Removed a non-sense break. Both + bugs pointed out by Stefan. + +2001-09-07 Werner Koch + + * status.c, status.h: Added NO_RECP and ALREADY_SIGNED. + * pkclist.c (build_pk_list): Issue NO_RECP. + * keyedit.c (sign_uids): Added experimental ALREADY_SIGNED + + * hkp.c (hkp_import): Use log_error. Bug reported by Neal H + Walfield. + + * getkey.c (classify_user_id2): Change args to take the desc union + direct. It was a stupid idea to pass the individual fields of an + union to this function. Changed all callers. + (classify_user_id): Ditto and allow to pass NULL as the description. + +2001-09-06 Werner Koch + + * getkey.c (fixup_uidnode): Features flag is now a bit vector. + * keygen.c (add_feature_mdc): Ditto. + + Revamped the entire key I/O code to be prepared for other ways of + key storages and to get rid of the existing shit. GDBM support has + gone. + * keydb.c: New + * keyring.c, keyring.h: New. + * ringedit.c: Removed. Moved some stuff to keyring.c + * getkey.c: Changed everything related to the key retrieving + functions which are now using the keydb_ functions. + (prepare_search, word_match_chars, word_match) + (prepare_word_match, compare_name): Moved to keyring.c + (get_pubkey_byname): Removed ctx arg and add ret_kdbhd + arg. Changed all callers. + (key_byname): Use get_pubkey_end to release the context and take + new ret_kbdhd arg. Changed all callers. + (classify_user_id2): Fill the 16 byte fingerprint up with 4 null + bytes not with zero bytes of value 4, tsss. + * import.c (import_one): Updated to use the new keydb interface. + (import_secret_one): Ditto. + (import_revoke_cert): Ditto. + * delkey.c (do_delete_key): Ditto. + * keyedit.c (keyedit_menu): Ditto. + (get_keyblock_byname): Removed. + * revoke.c (gen_revoke): Ditto. + * export.c (do_export_stream): Ditto. + * trustdb.c (update_trustdb): Ditto. + * g10.c, gpgv.c (main): Renamed add_keyblock_resource to + keydb_add_resource. + * Makefile.am: Added and removed files. + + * keydb.h: Moved KBNODE typedef and MAX_FINGERPRINT_LEN to + * global.h: this new header. + +2001-09-03 Werner Koch + + * passphrase.c (agent_get_passphrase): Changed nread to size_t. + (passphrase_clear_cache): Ditto. + + * keyid.c (mk_datestr): Avoid trigraphs. + (fingerprint_from_pk): Cache the keyid in the pk. + + * options.h: Add opt.with_fingerprint so that we know whether the + corresponding options was used. + * g10.c (main): Set it here. + * pkclist.c (check_signatures_trust): Always print fingerprint + when this option is used. Mixed a minor memory leak. + + * status.c, status.h: New status INV_RECP. + * pkclist.c (build_pk_list): Issue this status. + +2001-08-31 Werner Koch + + * parse-packet.c (parse_key,parse_pubkeyenc) + (parse_signature): Return error on reading bad MPIs. + + * mainproc.c (check_sig_and_print): Always print the user ID even + if it is not bound by a signature. Use the primary UID in the + status messages and encode them in UTF-8 + * status.c (write_status_text_and_buffer): New. + +2001-08-30 Werner Koch + + * packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES. + (PKT_public_key, PKT_user_id): Add a flag for it. + * parse-packet.c, build-packet.c: Add support for them. + * getkey.c (fixup_uidnode, merge_selfsigs): Set the MDC flags. + * keygen.c (add_feature_mdc): New. + (keygen_upd_std_prefs): Always set the MDC feature. + * keyedit.c (show_prefs): List the MDC flag + * pkclist.c (select_mdc_from_pklist): New. + * encode.c (encode_crypt, encrypt_filter): Test whether MDC + should be used. + * cipher.c (write_header): Set MDC use depending on the above test. + Print more status info. + + * delkey.c (do_delete_key): Kludge to delete a secret key with no + public key available. + + * ringedit.c (find_secret_keyblock_direct): New. + * getkey.c (seckey_available): Simplified. + + * ringedit.c (cmp_seckey): Now compares the secret key against the + public key while ignoring all secret parts. + (keyring_search): Use a public key packet as arg. Allow to search + for subnkeys + (search): Likewise. Changed all callers. + (find_secret_keyblock_bypk): New. + (find_secret_keyblock_byname): First locate the pubkey and then + find the correponding secret key. + * parse-packet.c (parse): Renamed pkttype arg to onlykeypkts and + changed code accordingly. Changed all callers. + (search_packet): Removed pkttype arg. + * keyedit.c (keyedit_menu): First locate the public key and then + try to locate a secret key. + + * ringedit.c (locate_keyblock_by_fpr): Removed. + (locate_keyblock_by_keyid): Removed. + (find_keyblock_bysk): Removed. + + * sig-check.c (check_key_signature2): Print the keyid along with + the wrong sig class errors. + +2001-08-24 Werner Koch + + * sign.c (sign_file): Stripped the disabled comment packet code. + (sign_file, sign_symencrypt_file): Moved common code to .. + (write_onepass_sig_packets): .. this new function. + (sign_file, clearsign_file, sign_symencrypt_file): Moved common + code to + (write_signature_packets): this new function. + (write_signature_packets, make_keysig_packet) + (update_keysig_packet): Moved common code to + (hash_uid, hash_sigclass_to_magic): these new functions + (sign_file, sign_symencrypt_file): Moved common code to + (write_plaintext_packet): this new function. + +2001-08-21 Stefan Bellon + + * trustdb.c (query_trust_info): Changed trustlevel to signed int. + * g10.c [__riscos__]: Fixed handling of --use-agent --lock-multiple. + +2001-08-20 Werner Koch + + * encr-data.c (decrypt_data): Keep track on whether we already + printed information about the used algorithm. + * mainproc.c (proc_encrypted): Removed the non-working IDEA hack + and print a message about the assumed algorithm. + * passphrase.c (passphrase_to_dek): Use the same algorithm as above. + (proc_symkey_enc): Print the algorithm, so that the user knows it + before entering the passphrase. + (proc_pubkey_enc, proc_pubkey_enc): Zero the DEK out. + * encode.c (encode_crypt, encrypt_filter): Ditto. + + * g10.c: Allow for --sign --symmetric. + * sign.c (sign_and_symencrypt): New. + + Applied patches from Stefan Bellon to support + RISC OS. Nearly all of these patches are identified by the + __riscos__ macro. + * compress.c: Added a couple of casts. + * g10.c [__riscos__]: Some patches and new options foo-file similar + to all foo-fd options. + * gpgv.c, openfile.c, ringedit.c, tdbio.c: Minor fixes. Mainly + replaced hardcoded path separators with EXTSEP_S like macros. + * passprase.c [__riscos__]: Disabled agent stuff + * trustdb.c (check_trust): Changed r_trustlevel to signed int to + avoid mismatch problems in pkclist.c + * pkclist.c (add_ownertrust): Ditto. + * plaintext.c (handle_plaintext) [__riscos__]: Print a note when + file can't be created. + * options.h [__riscos__]: Use an extern unless included from the + main module. + * signal.c (got_fatal_signal) [__riscos__]: Close all files. + +2001-08-14 Werner Koch + + * keygen.c (ask_algo): New arg r_usage. Allow for RSA keys. + (gen_rsa): Enabled the code. + (do_create): Enabled RSA branch. + (parse_parameter_usage): New. + (proc_parameter_file): Handle usage parameter. + (read_parameter_file): Ditto. + (generate_keypair): Ditto. + (generate_subkeypair): Ditto. + (do_generate_keypair): Ditto. + (do_add_key_flags): New. + (keygen_add_std_prefs): Use the new function. + (keygen_add_key_flags_and_expire): New. + (write_selfsig, write_keybinding): Handle new usage arg. + * build-packet.c (build_sig_subpkt): Make sure that key flags go + into the hashed area. + + * keygen.c (write_uid): Initialize the reference cunter. + + * keyedit.c (keyedit_menu): No more need to update the trustdb for + preferences. Added calls to merge keblock. + + * kbnode.c (dump_kbnode): Print some more flags. + +2001-08-10 Werner Koch + + Revamped the preference handling. + + * packet.h (prefitem_t, preftype_t): New. + (PKT_public_key): Added a uid field. + (PKT_user_id): Added field to store preferences and a reference + counter. + * parse-packet.c (parse_user_id,parse_photo_id): Initialize them + * free-packet.c (free_user_id): Free them. + (copy_user_id): Removed. + (scopy_user_id): New. + (cmp_user_ids): Optimized for identical pointers. + (release_public_key_parts): Release the uid. + (copy_public_key_with_new_namehash): Removed. + (copy_prefs): New. + * keyedit.c (menu_adduid): Use the new shallow copy user id. + (show_prefs): Adjusted implementation. + (keyedit_menu): No more need to update the trustdb after changing + preferences. + * getkey.c (fixup_uidnode): Store preferences. + (find_by_name): Return a user id packet and remove namehash stuff. + (lookup): Removed the unused namehash stuff. + (finish_lookup): Added foundu arg. + (pk_from_block): Removed the namehash arg and changed all callers. + (merge_selfsigs): Copy prefs to all keys. + * trustdb.c (get_pref_data): Removed. + (is_algo_in_prefs): Removed. + (make_pref_record): Deleted and removed all class. + * pkclist.c (select_algo_from_prefs): Adjusted for the new + preference implementation. + * pubkey-enc.c (is_algo_in_prefs): New. + (get_it): Use that new function. + +2001-08-09 Werner Koch + + * build-packet.c (build_sig_subpkt): Fixed calculation of + newarea->size. + + * g10.c (main): New option "--preference-list" + * keyedit.c (keyedit_menu): New commands "setpref" and "updpref". + (menu_set_preferences): New. + * keygen.c (keygen_set_std_prefs): New. + (set_one_pref): New. + (check_zip_algo): New. + (keygen_get_std_prefs): New. + (keygen_upd_std_prefs): New + (keygen_add_std_prefs): Move the pref setting code into the above fnc. + * build-packet.c (build_sig_subpkt): Updated the list of allowed + to update subpackets. + +2001-08-08 Werner Koch + + * packet.h (subpktarea_t): New. + (PKT_signature): Use that type for hashed_data and unhashed_data and + removed the _data prefix from those fields. Changed all users. + * parse-packet.c (parse_signature): Changed allocation for that. + (parse_sig_subpkt): Changed declaration + (enum_sig_subpkt): Ditto and changed implementation accordingly. + * free-packet.c (cp_subpktarea): Renamed from cp_data_block and + adjusted implementation. Changed caller. + * sig-check.c (mdc_kludge_check): Adjusted the hashing. + (do_check): Ditto. + * sign.c (sign_file, clearsign_file, make_keysig_packet, + update_keysig_packet): Ditto. + * build-packet.c (build_sig_subpkt): Partial rewrite. + (find_subpkt): Adjusted and made static. + (delete_sig_subpkt): Adjusted. + (do_signature): Ditto. + + * keygen.c (ask_keysize): Do not print the notes about suggested + key sizes if just a DSA key is generated. + + * trustdb.c (add_ultimate_key): s/log_error/log_info/ for + duplicated inserted trusted keys. + +2001-08-07 Werner Koch + + * sign.c (sleep): Redefine for W32. + + * g10.c, options.h: Set new flag opt.no_homedir_creation when + --no-options is given. + * openfile.c (try_make_homedir): Don't create the homedir in that case. + +2001-08-03 Werner Koch + + * armor.c (armor_filter): Removed the default comment string + because it could get us in trouble due to translations using non + ascii characters. + +2001-08-01 Werner Koch + + * keylist.c (list_keyblock_print): Do not list revoked UIDs unless + in verbose mode and we do no signature listing. + + * getkey.c (finish_lookup): Skip subkeys which are not yet valid. + * g10.c, options.h: New option --ignore-valid-from. + + * sign.c (make_keysig_packet): Added new sigversion argument to + allow the caller to force generation of required signature + version. Changed all callers. Suggested by Thomas Roessler. + + * keyedit.c (sign_uids): Force v4 signature generation for local + sigs. Removed the check for local signature and pre-v4 keys. + +2001-07-27 Werner Koch + + * keyedit.c (sign_uids): Check that we are not trying to to a + lsign with a pre-v4 key. Bug noticed by Thomas Roessler. + +2001-07-26 Werner Koch + + * parse-packet.c (parse_photo_id): Reset all variables. + * getkey.c (merge_selfsigs_main): Removed checks on PHOTO_ID + because this is handled identically to a user ID. + +2001-07-06 Werner Koch + + * cipher.c (write_header): Don't use MDC with --rfc1991. Suggested + by disastry@saiknes.lv. + +2001-07-05 Werner Koch + + * g10.c, options.h: New option --preserve-permissions. + * ringedit.c (add_keyblock_resource): Use it here + (keyring_copy): and here. + + * trustdb.c (verify_own_keys): Be more silent on --quiet. + Suggested by Thomas Roessler. + * sig-check.c (check_key_signature2): Ditto. + * mainproc.c (proc_encrypted, proc_tree): Ditto + * getkey.c (lookup): Ditto. + +2001-07-04 Werner Koch + + * ringedit.c (add_keyblock_resource): Restore filename in case of error. + +2001-06-25 Werner Koch + + * kbnode.c (dump_kbnode): Print the signature timestamp. + + * keyedit.c (keyedit_menu): New menu point "primary". + (change_primary_uid_cb): New. + (menu_set_primary_uid): New. + * sign.c (update_keysig_packet): New. + * build-packet.c (build_sig_subpkt): Put the primary UID flag into + the hashed area. Allow update of some more packets. + +2001-06-15 Werner Koch + + * getkey.c (merge_selfsigs): Exit gracefully when a secret key is + encountered. May happen if a secret key is in public keyring. + Reported by Francesco Potorti. + +2001-06-12 Werner Koch + + * getkey.c (compare_name): Use ascii_memistr(), ascii_memcasecmp() + * keyedit.c (keyedit_menu): Use ascii_strcasecmp(). + * armor.c (radix64_read): Use ascii_toupper(). + * ringedit.c (do_bm_search): Ditto. + * keygen.c (read_parameter_file): Ditto. + * openfile.c (CMP_FILENAME): Ditto. + * g10.c (i18n_init): We can now use just LC_ALL. + +2001-05-29 Werner Koch + + * keygen.c (generate_subkeypair): Print a warning if a subkey is + created on a v3 key. Suggested by Brian M. Carlson. + +2001-05-27 Werner Koch + + * keyid.c (get_lsign_letter): New. + * keylist.c (list_keyblock_colon): Use it here. + * mainproc.c (list_node): and here. + + * getkey.c, packet.h, free-packet.c: Removed that useless key + created field; I dunno why I introducded this at all - the + creation time is always bound to the key packet and subject to + fingerprint calculation etc. + + * getkey.c (fixup_uidnode): Add keycreated arg and use this + instead of the signature timestamp to calculate the + help_key_expire. Bug reported by David R. Bergstein. + (merge_selfsigs_main): Correct key expiration time calculation. + (merge_selfsigs_subkey): Ditto. + +2001-05-25 Werner Koch + + * revoke.c (gen_revoke): Add a cast to a tty_printf arg. + * delkey.c (do_delete_key): Ditto. + * keyedit.c (print_and_check_one_sig): Ditto. + (ask_revoke_sig): Ditto. + (menu_revsig): Ditto. + (check_all_keysigs): Removed unused arg. + +2001-05-23 Werner Koch + + * g10.c (opts): Typo fix by Robert C. Ames. + +2001-05-06 Werner Koch + + * revoke.c: Small typo fix + +2001-05-04 Werner Koch + + * passphrase.c (passphrase_clear_cache): Shortcut if agent usage + is not enabled. + +2001-05-01 Werner Koch + + * passphrase.c (writen): Replaced ssize_t by int. Thanks to + to Robert Joop for reporting that SunOS 4.1.4 does not have it. + +2001-04-28 Werner Koch + + * getkey.c (merge_public_with_secret): pkttype was not set to subkey. + +2001-04-27 Werner Koch + + * skclist.c (build_sk_list): Changed one log_debug to log_info. + +2001-04-25 Werner Koch + + * keyedit.c (show_prefs): Add a verbose mode. + (show_key_with_all_names): Pass verbose flag for special value of + with_pref. + (keyedit_menu): New command "showpref" + (show_key_with_all_names): Mark revoked uids and the primary key. + +2001-04-24 Werner Koch + + * getkey.c (get_primary_uid): Return a different string in case of + error and made it translatable. + + * build-packet.c (do_secret_key): Ugly, we wrote a zero + instead of the computed ndays. Thanks to M Taylor for complaining + about a secret key import problem. + +2001-04-23 Werner Koch + + * hkp.c (hkp_ask_import): Allow to specify a port number for the + keyserver. Add a kudge to set the no_shutdown flag. + (hkp_export): Ditto. + * options.skel: Document the changes + +2001-04-20 Werner Koch + + * options.skel: Add some more comments. + +2001-04-19 Werner Koch + + * keyid.c (mk_datestr): New. Handles negative times. We must do + this because Windoze segvs on negative times passed to gmtime(). + Changed all datestr_from function to use this one. + + * keyid.c, keyid.h (colon_strtime): New. To implement the + fixed-list-mode. + (colon_datestr_from_pk): New. + (colon_datestr_from_sk): New. + (colon_datestr_from_sig): New. + * keylist.c (list_keyblock_colon): Use these functions here. + * mainproc.c (list_node): Ditto. + +2001-04-18 Werner Koch + + * openfile.c (open_sigfile): Fixed the handling of ".sign". + * mainproc.c (proc_tree): Use iobuf_get_real_fname. + Both are by Vincent Broman. + +2001-04-14 Werner Koch + + * getkey.c (fixup_uidnode): Removed check for !sig which is + pointless here. Thanks to Jan Niehusmann. + +2001-04-10 Werner Koch + + * sig-check.c (check_key_signature2): Use log_info instead of + log_error so that messed up keys do not let gpg return an error. + Suggested by Christian Kurz. + + * getkey.c (merge_selfsigs_main): Do a fixup_uidnode only if we + have both, uid and sig. Thanks to M Taylor. + +2001-04-05 Werner Koch + + * armor.c (unarmor_pump_new,unarmor_pump_release): New. + (unarmor_pump): New. + * pipemode.c (pipemode_filter): Use the unarmor_pump to handle + armored or non-armored detached signatures. We can't use the + regular armor_filter becuase this does only chack for armored + signatures the very first time. In pipemode we may have a mix of + armored and binary detached signatures. + * mainproc.c (proc_tree): Do not print the "old style" notice when + this is a pipemode processes detached signature. + (proc_plaintext): Special handling of pipemode detached sigs. + + * packet.h (CTRLPKT_PLAINTEXT_MARK): New. + * parse-packet.c (create_gpg_control): New. + * kbnode.c (dump_kbnode): Support it here. + * mainproc.c (check_sig_and_print): Fixed the check for bad + sequences of multiple signatures. + (proc_plaintext): Add the marker packet. + (proc_tree): We can now check multiple detached signatures. + +2001-04-02 Werner Koch + + The length of encrypted packets for blocksizes != 8 was not + correct encoded. I think this is a minor problem, because we + usually use partial length packets. Kudos to Kahil D. Jallad for + pointing this out. + * packet.h: Add extralen to PKT_encrypted. + * cipher.c (write_header): Set extralen. + * build-packet.c (do_encrypted): Use extralen instead of const 10. + (do_encrypted_mdc): Ditto. + * parse-packet.c (parse_encrypted): Set extralen to 0 because we + don't know it here. + +2001-03-30 Werner Koch + + * getkey.c (premerge_public_with_secret): Changed wording an add + the keyID to the info message. + +2001-03-29 Werner Koch + + * getkey.c (premerge_public_with_secret): Use log_info instead of + log_error when no secret key was found for a public one. + Fix the usage if the secret parts of a key are not available. + + * openfile.c (ask_outfile_name): Trim spaces. + (open_outfile): Allow to enter an alternate filename. Thanks to + Stefan Bellon. + * plaintext.c (handle_plaintext): Ditto. + +2001-03-28 Werner Koch + + * mainproc.c (do_check_sig): Allow direct key and subkey + revocation signature. + * sig-check.c (check_key_signature2): Check direct key signatures. + Print the signature class along with an error. + +2001-03-27 Werner Koch + + * packet.h: Add a missing typedef to an enum. Thanks to Stefan Bellon. + + * g10.c: New option --no-sig-create-check. + * sign.c (do_sign): Implement it here. + * g10.c: New option --no-sig-cache. + * sig-check.c (check_key_signature2): Implement it here. + (cache_selfsig_result): and here. + + * keylist.c (list_keyblock): Removed debugging stuff. + + * getkey.c (cache_public_key): Made global. + * keygen.c (write_selfsig, write_keybinding): Cache the new key. + + * getkey.c (key_byname): Add new arg secmode and changed all + callers to request explicitly the mode. Deriving this information + from the other supplied parameters does not work if neither pk nor + sk are supplied. + +2001-03-25 Werner Koch + + * packet.h (ctrlpkttype_t): New. + * mainproc.c (add_gpg_control,proc_plaintext,proc_tree): Use the + new enum values. + * pipemode.c (make_control): Ditto. + * armor.c (armor_filter): Ditto. + +2001-03-24 Werner Koch + + * sign.c (do_sign): Verify the signature right after creation. + +2001-03-23 Werner Koch + + * status.c, status.h (STATUS_UNEXPECTED): New. + * mainproc.c (do_proc_packets): And emit it here. + +2001-03-21 Werner Koch + + * status.c: Add sys/types.h so that it runs on Ultrix. Reported + by Georg Schwarz.x + + * build-packet.c (build_sig_subpkt): Fixed generaton of packet + length header in case where 2 bytes headers are needed. Thanks to + Piotr Krukowiecki. + +2001-03-19 Werner Koch + + * g10.c (main): the default keyring is no always used unless + --no-default-keyring is given. + + * ringedit.c (add_keyblock_resource): invalidate cache after file + creation. + +2001-03-15 Werner Koch + + * keygen.c (ask_algo): Changed the warning of the ElGamal S+E Algo. + + * keylist.c (print_capabilities): New. + (list_keyblock_colon): and use it here. + +2001-03-13 Werner Koch + + * main.c, options.h: New option --fixed_list_mode. + * keylist.c (list_keyblock_colon): use it here. + + * getkey.c (merge_keys_and_selfsig): Divert merging of public keys + to the function used in key selection.. + * keylist.c (is_uid_valid): Removed. + (list_keyblock): Splitted into .. + (list_keyblock_print, list_keyblock_colon): .. these. + functions. Changed them to use the flags set in the key lookup code. + (reorder_keyblock): New, so that primary user IDs are listed first. + + * ringedit.c (keyring_copy): flush the new iobuf chaces before + rename or remove operations. This is mainly needed for W32. + + * hkp.c [HAVE_DOSISH_SYSTEM]: Removed the disabled code because we + have now W32 socket support in ../util/http.c + + * skclist.c (key_present_in_sk_list): New. + (is_duplicated_entry): New. + (build_sk_list): Check for duplicates and do that before unlocking. + +2001-03-12 Werner Koch + + * armor.c (parse_header_line): Removed double empty line check. + (parse_header_line): Replaced trim_trailing_ws with a counting + function so that we can adjust for the next read. + + * options.skel: Fixed 3 typos. By Thomas Klausner. Replaced the + keyserver example by a better working server. + + * parse-packet.c (parse_symkeyenc): Return Invalid_Packet on error. + (parse_pubkeyenc): Ditto. + (parse_onepass_sig): Ditto. + (parse_plaintext): Ditto. + (parse_encrypted): Ditto. + (parse_signature): Return error at other places too. + (parse_key): Ditto. + * g10.c (main): Set opt.list_packets to another value when invoked + with the --list-packets command. + * mainproc.c (do_proc_packets): Don's stop processing when running + under --list-packets command. + + * signal.c (do_sigaction): Removed. + (init_one_signal): New to replace the above. Needed to support + systems without sigactions. Suggested by Dave Dykstra. + (got_fatal_signal,init_signals): Use the above here. + (do_block): Use sigset() if sigprocmask() is not available. + + * armor.c (parse_hash_header): Test on TIGER192, which is the + correct value as per rfc2440. By Edwin Woudt. + +2001-03-08 Werner Koch + + * misc.c: Include time.h. By James Troup. + + * getkey.c: Re-enabled the unknown user Id and PK caches and + increased their sizes. + + * getkey.c (merge_selfsigs_main): Set expire date and continue + processing even if we found a revoked key. + (merge_selfsigs_subkeys): Ditto. + + * packet.h: Add an is_revoked flag to the user_id packet. + * getkey.c (fixup_uidnode): Set that flag here. + (merge_selfsigs_main): Fix so that the latest signature is used to + find the self-signature for an UID. + * parse-packet.c (parse_user_id): Zero out all fields. + * mainproc.c (check_sig_and_print): Print the primary user ID + according the the node flag and then all other non-revoked user IDs. + (is_uid_revoked): Removed; it is now handled by the key selection code. + + Changed the year list of all copyright notices. + +2001-03-07 Werner Koch + + * getkey.c (finish_lookup): Print an info message only in verbose mode. + +2001-03-05 Werner Koch + + * packet.h: Replaced sigsubpkt_t value 101 by PRIV_VERIFY_CACHE. + We have never used the old value, so we can do this without any harm. + * parse-packet.c (dump_sig_subpkt): Ditto. + (parse_one_sig_subpkt): Parse that new sub packet. + * build-packet.c (build_sig_subpkt): Removed the old one from the + hashed area. + (delete_sig_subpkt): New. + (build_sig_subpkt): Allow an update of that new subpkt. + * sig-check.c (check_key_signature2): Add verification caching + (cache_selfsig_result): New. + * export.c (do_export_stream): Delete that sig subpkt before exporting. + * import.c (remove_bad_stuff): New. + (import): Apply that function to all imported data + +2001-03-03 Werner Koch + + * getkey.c: Introduced a new lookup context flag "exact" and used + it in all place where we once used primary. + (classify_user_id2): Replaced the old function and add an extra + argument to return whether an exact keyID has been requested. + (key_byname): Removed the unused ctx.primary flag + (get_seckey_byname2): Ditto. + (finish_lookup): Changed debugging output. + +2001-03-02 Werner Koch + + * keylist.c (list_one): Remove the merge key calls. + +2001-03-01 Werner Koch + + * getkey.c (finish_lookup): Don't use it if we no specific usage + has been requested. + (merge_selfsigs_main): fix UID only if we have an signature. + (lookup): Return UNU_PUBKEY etc. instead of NO_PUBKEY if we found + a key but the requested usage does not allow this key. + * import.c (import_one): Take UNU_PUBKEY into account. + * mainproc.c (list_node): Ditto. + * keylist.c (list_keyblock): Ditto. + * keyedit.c (print_and_check_one_sig): Ditto. + +2001-02-09 Werner Koch + + * delkey.c (delete_key): Removed that silly assert which rendered + the whole new stuff meaningless. + +2001-02-08 Werner Koch + + * getkey.c (key_byname): It can happen that we have both, sk and pk + NULL, fix for that. + + * parse-packet.c (parse_one_sig_subpkt): Add support for + primary_uid and key_flags. + (can_handle_critical): Ditto + + * parse-packet.c (parse_encrypted): Fixed listing of pktlen for + MDC packets. + + * getkey.c: Backported the version of this file from gpg 1.1. this + involved some changes in other files too. + * parse-packet.c (parse_key): Clear req_usage. + * skclist.c (build_sk_list): Use req_usage to pass the usage + information to the lookup function. + * pkclist.c (build_pk_list): Ditto. + * free-packet.c (copy_public_parts_to_secret_key): New. + * keydb.h: Add IS_* macros to check the sig_class. + * misc.c (openpgp_cipher_test_algo): New. + (openpgp_pk_test_algo): New. + (openpgp_pk_algo_usage): New. + (openpgp_md_test_algo): New. + * packet.h: Add a few fields to PKT_{public,secret}_key and + PKT_user_id. + * seckey-cert.c (do_check): Use the new main_keyid field. + +2001-02-04 Werner Koch + + * encr-data.c (decrypt_data): Catch error when we had problems to + parse the encrypted packet. By Timo. + +2001-01-29 Werner Koch + + * g10.c (main): --batch does now set nogreeting. + + * delkey.c (do_delete_key): Fixed delete-both functionality. + +2001-01-22 Werner Koch + + * g10.c: New command --delete-secret-and-public-key. + * delkey.c (delete_key): Add new arg allow_both. + (do_delete_key): Move most stuff from above to this new function. + +2001-01-12 Werner Koch + + * passphrase.c (passphrase_to_dek): Use MD5 when IDEA is installed + and we have no S2K. + * mainproc.c (proc_encrypted): Likewise + +2001-01-11 Werner Koch + + * sig-check.c (do_check): Print the signature key expire message + only in verbose mode and added the keyID. + +2001-01-09 Werner Koch + + * status.c, status.h: New status USERID_HINT. + (write_status_text): Replace LF and CR int text by C-escape sequence. + + * passphrase.c (passphrase_to_dek): Fixed the NEED_PASSPHRASE + output. It does now always print 2 keyIDs. Emit the new + USERID_HINT. + +2001-01-08 Werner Koch + + * g10.c, options.h: New option --no-expensive-trust-checks. + * keylist.c (list_keyblock): Act on this option. + +2001-01-04 Werner Koch + + * g10.c (main): Set homedir only in the pre-parsing phase and + replace backslashes in the W32 version. + +2001-01-03 Werner Koch + + * status.c, status.h : New status KEY_CREATED + * keygen.c (do_generate_keypair,generate_subkeypair): Emit it. + +2000-12-28 Werner Koch + + * signal.c (got_fatal_signal): Remove lockfiles here because the + atexit stuff does not work due to the use of raise. Suggested by + Peter Fales. + * gpgv.c (remove_lockfiles): New stub. + +2000-12-19 Werner Koch + + * status.c, status.h (cpr_get_no_help): New. + * keyedit.c (keyedit_menu): Use it here because we have our own + help list here. + +2000-12-18 Werner Koch + + * mainproc.c (print_failed_pkenc): Don't print the sometimes + confusing message about unavailabe secret key. Renamed ... + (print_pkenc_list): ... to this and introduced failed arg. + (proc_encrypted): Print the failed encryption keys and then + the one to be used. + (proc_pubkey_enc): Store also the key we are going to use. + + * mainproc.c (check_sig_and_print): Don't list revoked user IDs. + (is_uid_revoked): New. + +2000-12-08 Werner Koch + + * pipemode.c: Made the command work. Currently only for + non-armored detached signatures. + * mainproc.c (release_list): Reset the new pipemode vars. + (add_gpg_control): Handle the control packets for pipemode + * status.c, status.h: New stati {BEGIN,END}_STREAM. + +2000-12-07 Werner Koch + + * g10.c: New option --allow-secret-key-import. + * import.c (import_keys,import_keys_stream): Honor this option. + (import): New arg allow_secret and pass that arg down to ... + (import_secret_one): to this and print a warning if secret key + importing is not allowed. + +2000-12-05 Werner Koch + + * cipher.c (cipher_filter): Moved the end_encryption status ... + * encode.c (encode_simple,encode_crypt): to here + * sign.c (sign_file): and here. + + * status.c (mywrite): Removed. + (get_status_string): Removed the LFs from the strings. + (set_status_fd,is_status_enabed,write_status_text, + write_status_buffer): Replaced all mywrite by stdio calls and use + fdopen to create a strem. This is needed to make things smoother + in the W32 version. + +2000-12-04 Werner Koch + + * import.c (merge_blocks): Increment n_sigs for revocations. + +2000-11-30 Werner Koch + + * g10.c (main): Use iobuf_translate_file_handle for all options + with filehandles as arguments. This is function does some magic + for the W32 API. + + * verify.c (verify_signatures): Add a comment rant about the + detached signature problem. + * mainproc.c (proc_tree): Issue an error if a detached signature + is assumed but a standard one was found. + * plaintext.c (hash_datafiles): Don't fall back to read signature + from stdin. + * openfile.c (open_sigfile): Print verbose message only if the + file could be accessed. + +2000-11-24 Werner Koch + + * passphrase.c [HAVE_DOSISH_SYSTEM]: Disabled all the agent stuff. + +2000-11-16 Werner Koch + + * g10.c: New option --use-agent + * passphrase.c (agent_open,agent_close): New. + (agent_get_passphrase,agent_clear_passphrase): New. + (passphrase_clear_cache): New. + (passphrase_to_dek): Use the agent here. + * seckey-cert.c (do_check): Clear cached passphrases. + +2000-11-15 Werner Koch + + * status.c (write_status_text): Moved the big switch to ... + (get_status_string): ... new function. + (write_status_buffer): New. + + * status.c (mywrite): New and replaced all write() by this. + + * status.c, status.h: Add 3 status lcodes for notaions and policy. + * mainproc.c (print_notation_data): Do status output of notations. + +2000-11-13 Werner Koch + + * sign.c (clearsign_file): Use LF macro to print linefeed. + +2000-11-11 Paul Eggert + + Clean up the places in the code that incorrectly use "long" or + "unsigned long" for file offsets. The correct type to use is + "off_t". The difference is important on large-file hosts, + where "off_t" is longer than "long". + + * keydb.h (struct keyblock_pos_struct.offset): + Use off_t, not ulong, for file offsets. + * packet.h (dbg_search_packet, dbg_copy_some_packets, + search_packet, copy_some_packets): Likewise. + * parse-packet.c (parse, dbg_search_packet, search_packet, + dbg_copy_some_packets, copy_some_packets): Likewise. + * ringedit.c (keyring_search): Likewise. + + * parse-packet.c (parse): Do not use %lu to report file + offsets in error diagnostics; it's not portable. + * ringedit.c (keyring_search): Likewise. + +2000-11-09 Werner Koch + + * g10.c (main): New option --enable-special-filenames. + +2000-11-07 Werner Koch + + * g10.c (main): New command --pipemode. + * pipemode.c: New. + +2000-10-23 Werner Koch + + * armor.c (armor_filter): Changed output of hdrlines, so that a CR + is emitted for DOS systems. + + * keygen.c (read_parameter_file): Add a cast for isspace(). + + * status.c (myread): Use SIGINT instead of SIGHUP for DOS. + +2000-10-19 Werner Koch + + * g10.c: New option --ignore-crc-error + * armor.c (invalid_crc): New. + (radix64_read): Act on new option. + + * openfile.c (try_make_homedir): Klaus Singvogel fixed a stupid + error introduced on Sep 6th. + +2000-10-18 Werner Koch + + * misc.c (print_cipher_algo_note): Don't print the note for AES. + Changed wording. + +2000-10-16 Werner Koch + + * mainproc.c (do_proc_packets): Hack to fix the problem that + signatures are not detected when there is a MDC packet but no + compression packet. + + * g10.c (print_hashline): New. + (print_mds): Use above func with --with-colons. + + * mainproc.c (check_sig_and_print): Detect multiple signatures + and don't verify them. + +2000-10-14 Werner Koch + + * mainproc.c (add_onepass_sig): There is an easier solution to the + error fixed yesterday; just check that we only have onepass + packets. However, the other solution provides an cleaner + interface and opens the path to get access to other information + from the armore headers. + (release_list): Reset some more variables. + +2000-10-13 Werner Koch + + * mainproc.c (add_gpg_control): New. + (do_proc_packets): use it. + (proc_plaintext): Changed logic to detect clearsigns. + (proc_tree): Check the cleartext sig with some new code. + + * packet.h: New packet PKT_GPG_CONTROL. + * parse-packet.c (parse_gpg_control): New. + * misc.c (get_session_marker): New. + * armor.c (armor_filter): Replaced the faked 1-pass packet by the + new control packet. + + * keyedit.c (keyedit_menu): Allow batchmode with a command_fd. + * status.c (my_read): New. + (do_get_from_fd): use it. + +2000-10-12 Werner Koch + + * keygen.c (keygen_add_std_prefs): Add Rijndael to the prefs. + +2000-10-07 Werner Koch + + * gpgv.c: Add more stubs for ununsed code to make the binary smaller. + +Wed Oct 4 15:50:18 CEST 2000 Werner Koch + + * sign.c (hash_for): New arg to take packet version in account, changed + call callers. + + * gpgv.c: New. + * Makefile.am: Rearranged source files so that gpgv can be build with + at least files as possible. + +Mon Sep 18 12:13:52 CEST 2000 Werner Koch + + * hkp.c (not_implemented): Print a notice for W32 + +Fri Sep 15 18:40:36 CEST 2000 Werner Koch + + * keygen.c (keygen_add_std_prefs): Changed order of preferences to + twofish, cast5, blowfish. + + * pkclist.c (algo_available): Removed hack to disable Twofish. + +Thu Sep 14 17:45:11 CEST 2000 Werner Koch + + * parse-packet.c (dump_sig_subpkt): Dump key flags. Print special + warning in case of faked ARRs. + + * getkey.c (finsih_lookup): Hack so that for v4 RSA keys the subkey + is used for encryption. + +Thu Sep 14 14:20:38 CEST 2000 Werner Koch + + * g10.c (main): Default S2K algorithms are now SHA1 and CAST5 - this + should solve a lot of compatibility problems with other OpenPGP + apps because those algorithms are SHOULD and not optional. The old + way to force it was by using the --openpgp option whith the drawback + that this would disable a couple of workarounds for PGP. + + * g10.c (main): Don't set --quite along with --no-tty. By Frank Tobin. + + * misc.c (disable_core_dump): Don't display a warning here but a return + a status value and ... + * g10.c (main): ...print warnining here. Suggested by Sam Roberts. + +Wed Sep 13 18:12:34 CEST 2000 Werner Koch + + * keyedit.c (keyedit_menu): Allow to use "debug" on the secret key. + + * ringedit.c (cmp_seckey): Fix for v4 RSA keys. + * seckey-cert.c (do_check): Workaround for PGP 7 bug. + +Wed Sep 6 17:55:47 CEST 2000 Werner Koch + + * misc.c (print_pubkey_algo_note): Do not print the RSA notice. + * sig-check.c (do_signature_check): Do not emit the RSA status message. + * pubkey-enc.c (get_session_key): Ditto. + + * encode.c (encode_simple, encode_crypt): Fix for large files. + * sign.c (sign_file): Ditto. + +Wed Sep 6 14:59:09 CEST 2000 Werner Koch + + * passphrase.c (hash_passphrase): Removed funny assert. Reported by + David Mathog. + + * openfile.c (try_make_homedir): Changes for non-Posix systems. + * g10.c (main): Take the default homedir from macro. + + * g10.c: The --trusted-key option is back. + * trustdb.c (verify_own_key): Handle this option. + (add_ultimate_key): Moved stuff from verify_own_key to this new func. + (register_trusted_key): New. + +Fri Aug 25 16:05:38 CEST 2000 Werner Koch + + * parse-packet.c (dump_sig_subpkt): Print info about the ARR. + + * openfile.c (overwrite_filep): Always return okay if the file is + called /dev/null. + (make_outfile_name): Add ".sign" to the list of know extensions. + (open_sigfile): Ditto. + +Wed Aug 23 19:52:51 CEST 2000 Werner Koch + + * g10.c: New option --allow-freeform-uid. By Jeroen C. van Gelderen. + * keygen.c (ask_user_id): Implemented here. + +Fri Aug 4 14:23:05 CEST 2000 Werner Koch + + * status.c (do_get_from_fd): Ooops, we used fd instead of opt.command_fd. + Thanks to Michael Tokarev. + +Tue Aug 1 20:06:23 CEST 2000 Werner Koch + + * g10.c: New opttion --try-all-secrets on suggestion from Matthias Urlichs. + * pubkey-enc.c (get_session_key): Quite easy to implement here. + +Thu Jul 27 17:33:04 CEST 2000 Werner Koch + + * g10.c: New option --merge-only. Suggested by Brendan O'Dea. + * import.c (import_one): Implemented it here + (import_secret_one): Ditto. + (print_stats): and give some stats. + +Thu Jul 27 12:01:00 CEST 2000 Werner Koch + + * g10.c: New options --show-session-key and --override-session-key + * pubkey-enc.c (hextobyte): New. + (get_override_session_key): New. + * mainproc.c (proc_pubkey_enc): Add session-key stuff. + * status.h, status.c (STATUS_SESSION_KEY): New. + +Thu Jul 27 10:02:38 CEST 2000 Werner Koch + + * g10.c (main): Use setmode(O_BINARY) for MSDOS while generating random bytes + (print_mds): Likewise for stdin. + * plaintext.c (handle_plaintext): Likewise for stdout. + +Mon Jul 24 10:30:17 CEST 2000 Werner Koch + + * keyedit.c (menu_expire): expire date for primary key can be set again. + +Wed Jul 19 11:26:43 CEST 2000 Werner Koch + + * keylist.c (is_uid_valid): New. + (list_keyblock): Print validity information for all user IDs. Note, this + has to be done at other places too; for now we have only minimal support. + +Wed Jul 12 13:32:06 CEST 2000 Werner Koch + + * helptext.c, pkclist.c: s/superseeded/superseded/ + +Mon Jul 10 16:08:57 CEST 2000 Werner Koch + + * parse-packet.c (enum_sig_subpkt): Fixed testing on crtitical bit in case + of a NULL buffer. Reported by Peter Marschall. + +Wed Jul 5 13:28:45 CEST 2000 Werner Koch + + * keyedit.c, keyid.c: Add some _() + + * argparse.c: Changed the flag to suppress --version handling to also + suppress --help. + +Wed Jun 28 11:54:44 CEST 2000 Werner Koch + + * armor.c (armor_filter): Set sigclass to 0 in case of non-dash-escaped + clearsig. This makes this mode work again. + + * mainproc.c (proc_tree): Fixed handling of one-pass-sig packets in textmode. + Disabled the ugly workaround for PGP 5 - let's see whether thi breaks less + cases. Found by Ted Cabeen. + + * options.h (DBG_HASHING): New. All commented md_start_debug are now + controlled by this debug option. + + * sign.c (print_status_sig_created): New and called from 2 places. + + * keygen.c (gen_rsa): New, but commented. + (ask_algo): Commented support for RSA. + + * seckey-cert.c (protect_secret_key): Started to fix the code for v4 RSA + keys - it is not solved yet. However, we have time until, Sep 20th ;) + +Wed Jun 14 12:27:09 CEST 2000 Werner Koch + + * status.c (init_shm_coprocessing): Changed the sequence of the get,attach + to cope with the changes in newer Linux kernels. This bug has been found + by who also proposed this solution. Hopefully + this does not break gpg on to many systems. + + * cipher.c (write_header): Protect the IV with the MDC too. + * encr-data.c (decrypt_data): Likewise. + +Fri Jun 9 10:09:52 CEST 2000 Werner Koch + + * g10.c: New options --no-auto-key-retrieve + * options.h (auto_key_retrieve): New. + * mainproc.c (check_sig_and_print): Implemented that. + +Wed Jun 7 19:19:09 CEST 2000 Werner Koch + + * sig-check.c (do_check): Use EMULATE_MDENCODE also on v4 packets. + +Wed Jun 7 17:25:38 CEST 2000 Werner Koch + + * cipher.c (write_header): Use plain CFB mode for MDC encrypted packets. + * encr-data.c (decrypt_data): Ditto. + +Mon Jun 5 23:41:54 CEST 2000 Werner Koch + + * seskey.c (do_encode_md, encode_md_value): Add new arg v3compathack to work + around a bug in old versions. + * sig-check.c (do_check): use the aboved workaround when enabled. + * g10.c: New option --emulate-md-decode-bug + +Mon Jun 5 12:37:43 CEST 2000 Werner Koch + + * build-packet.c (do_mdc): New. + (do_encrypted_mdc): Changed for the new proposal. + * parse-packet.c (parse_mdc): New. + (parse_encrypted): Fixed for the new proposal. + * packet.h (PKT_MDC): New. + * cipher.c (cipher_filter): Build the MDC packet here. + * g10.c (main): Enable --force-mdc. + * encr-data.c (mdc_decode_filter): Fixed for new MDC method + + * options.h(rfc2440): New. + * g10.c (main): Changed the selected values for --openpgp to not include + optional algorithms. + +Thu May 18 11:38:54 CEST 2000 Werner Koch + + * keyedit.c (keyedit_menu): Add a keyword arg to the prompt. + + * status.c, status.h: Added 3 new status tokens. + * status.c (do_get_from_fd): New. + (cpr_enabled,cpr_get,cpr_get_hidden,cpr_kill_prompt, + cpr_get_answer_is_yes,cpr_get_answer_yes_no_quit): Modified to work + with the new function. + * g10.c: Add new option --command-fd. + + * status.c (progress_cb): New. + (set_status_fd): Register progress functions + +Fri May 12 14:01:20 CEST 2000 Werner Koch + + * delkey.c (delete_key): Add 2 new status messages + * status.c, status.h (STATUS_DELETE_PROBLEM): New. + + Fixed years of copyright in all source files. + +Mon May 1 17:08:14 CEST 2000 Werner Koch + + * trustdb.c (propagate_validity): Fixed the bug that only one uid + gets fully trusted even when all are signed by an ultimate key. + +Mon May 1 15:38:04 CEST 2000 Werner Koch + + * getkey.c (key_byname): Always returned a defined context. Fixed + a segv for invalid user id specifications. Reported by Walter Koch. + + * getkey.c (get_user_id): I18ned "no user id" string. By Walter. + + * pkclist.c (do_show_revocation_reason): Typo fixes. + * helptext.c: Ditto. + + * armor.c (armor_filter): Fixed some CRLF issues. By Mike McEwan. + +Fri Apr 14 19:37:08 CEST 2000 Werner Koch + + * pkclist.c (do_show_revocation_reason): New. + (show_revocation_reason): New and called at various places. + + * g10.c (main): Fixed small typo. + + * pkclist.c (do_we_trust): Act on always_trust but not for revoked + keys. Suggested by Chip Salzenberg. + + * g10.c: New option --lock-never. + + * ringedit.c (get_writable_keyblock_file): New. + * keygen.c (do_generate_keypair): Use this instead of the hardwired one. + + * keygen.c (ask_user_id): Check that the email address is in the + correct field. Suggested by Christian Kurz. + +Mon Apr 10 13:34:19 CEST 2000 Werner Koch + + * keyedit.c (show_key_with_all_names): s/sbb/ssb/ + +Tue Mar 28 14:26:58 CEST 2000 Werner Koch + + * trustdb.c (verify_own_keys): Do not print warning about unprotected + key when in quiet mode. + +Wed Mar 22 13:50:24 CET 2000 Werner Koch + + * mainproc.c (print_userid): Do UTF8 conversion before printing. + * import.c (import_one): Ditto. + (import_secret_one): Ditto. + (delete_inv_parts): Ditto. + +Thu Mar 16 16:20:23 CET 2000 Werner Koch + + * keylist.c (print_key_data): Handle a NULL pk gracefully. + + * getkey.c (merge_one_pk_and_selfsig): Fixed silly code for + getting the primary keys keyID but kept using the one from the + subkey. + * pubkey-enc.c (get_it): Print a note for expired subkeys. + + * getkey.c (has_expired): New. + (subkeys_expiretime): New. + (finish_lookup): Check for expired subkeys needed for encryption. + (merge_keys_and_selfsig): Fixed expiration date merging for subkeys. + + * keylist.c (list_keyblock): Print expiration time for "sub". + (list_one): Add missing merging for public keys. + * mainproc.c (list_node): Ditto. + +2000-03-14 13:49:38 Werner Koch (wk@habibti.openit.de) + + * keygen.c (keyedit_menu): Do not allow to use certain commands + while the secret key is selected. + +2000-03-09 12:53:09 Werner Koch (wk@habibti.openit.de) + + * keygen.c (ask_expire_interval): Movede parsig to ... + (parse_expire_string): ... this new function. And some new control + commands. + (proc_parameter_file): Add expire date parsing. + (do_generate_keypair): Allow the use of specified output files. + +2000-03-08 10:38:38 Werner Koch (wk@habibti.openit.de) + + * keygen.c (ask_algo): Removed is_v4 return value and the commented + code to create Elg keys in a v3 packet. Removed the rounding + of key sizes here. + (do_create): Likewise removed arg v4_packet. + (gen_elg): Likewise removed arg version. Now rounding keysizes here. + (gen_dsa): Rounding keysize now here. + (release_parameter_list): New + (get_parameter*): New. + (proc_parameter_file): New. + (read_parameter_file): New. + (generate_keypair): Splitted. Now uses read_parameter_file when in + batch mode. Additional argument to specify a parameter file. + (do_generate_keypair): Main bulk of above fucntion and uses the + parameter list. + (do_create): Don't print long notice in batch mode. + * g10.c (main): Allow batched key generation. + +Thu Mar 2 15:37:46 CET 2000 Werner Koch + + * pubkey-enc.c (get_it): Print a note about unknown cipher algos. + + * g10.c (opts): Add a note to the help listing about the man page + and removed some options from the help listing. + + * keyedit.c (print_and_check_one_sig): Use a new function to truncate + the output of the user ID. Suggested by Jan-Benedict Glaw. + +Wed Feb 23 10:07:57 CET 2000 Werner Koch + + * helptext.c: typo fix. + +Thu Feb 17 13:39:32 CET 2000 Werner Koch + + * revoke.c: Removed a bunch of commented code. + + * packet.h (SIGSUBPKT_REVOC_REASON): New. + * build-packet.c (build_sig_subpkt): Support new sub packet. + * parse-packet.c (parse_one_sig_subpkt): Ditto. + (dump_sig_subpkt): Ditto. + * revoke.c (ask_revocation_reason): New. + (release_revocation_reason_info): New. + (revocation_reason_build_cb): New. + (gen_revoke): Ask for reason. + * main.h (struct revocation_reason_info): Add declaration. + * keyedit.c (menu_revsig): Add support for revocation reason. + (menu_revkey): Ditto. + (sign_uid_mk_attrib): Renamed to ... + (sign_mk_attrib): ... this, made static and add support for reasons. + +Tue Feb 15 08:48:13 CET 2000 Werner Koch + + * build-packet.c (build_packet): Fixed fixing of old comment packets. + + * import.c (import_keys): Fixed importing from stdin when called with + nnames set to zero as it normally happens. + +Mon Feb 14 14:30:20 CET 2000 Werner Koch + + * sig-check.c (check_key_signature2): Add new arg r_expired. + (do_signature_check): New arg to pass it down to ... + (do_check): New arg r-expire which is set when the signature + has expired. + * trustdb.c (check_sig_record): Set SIGF_EXPIRED flag and set + the expiretime to zero so that thi signature will not be checked + anymore. + +Fri Feb 11 17:44:40 CET 2000 Werner Koch + + * g10.c (g10_exit): Update the random seed_file. + (main): Set the random seed file. New option --no-random-seed-file. + +Thu Feb 10 17:39:44 CET 2000 Werner Koch + + * keyedit.c (menu_expire): Fixed segv due to unitialized sub_pk. + By Rémi. + +Thu Feb 10 11:39:41 CET 2000 Werner Koch + + * keylist.c (list_keyblock): Don't print warnings in the middle of + regulat output lines. By Rémi. + + * sig-check.c: Include options.h + +Wed Feb 9 15:33:44 CET 2000 Werner Koch + + * gpg.c: New option --ignore-time-conflict + * sig-check.c (do_check): Implemented this option. + * trustdb.c (check_trust): Ditto. + * sign.c (do_sign): Ditto. + * keygen.c (generate_subkeypair): Ditto. + + * encode.c (encode_simple): use iobuf_cancel after open failure. + Reported by Huy Le. + +Fri Jan 14 18:32:01 CET 2000 Werner Koch + + * packet.h (STRING2KEY): Changed mode from byte to int. + * parse-packet.c (parse_key): Add the special GNU protection stuff + * build-packet.c (so_secret_key): Ditto. + * seckey-cert.c (do_check): Ditto. + * keyedit.c (change_passphrase): Ditto. + * export.c (export_secsubkeys): New. + (do_export_stream): Hack to export the primary key using mode 1001. + * g10.c: New command --export-secret-subkeys + +Thu Jan 13 19:31:58 CET 2000 Werner Koch + + * armor.c (is_armored): Check for 1-pass-sig packets. Reported by + David Hallinan . + (armor_filter): Replaced one LF by the LF macro. Reported by + Wolfgang Redtenbacher. + +Wed Jan 5 11:51:17 CET 2000 Werner Koch + + * g10.c (main): Reset new global flag opt.pgp2_workarounds + when --openpgp is used. + * mainproc.c (proc_plaintext): Do the PGP2,5 workarounds only + when the global flag is set. + (proc_tree): Ditto. + * textfilter.c (copy_clearsig_text): Ditto. + * armor.c (armor_filter): Ditto. + + * g10.c: New option --list-only + * mainproc.c (proc_tree): Don't do it if opt.list_only is active. + (proc_pubkey_enc): Implement option. + + * status.h, status.c ({BEGIN,END}_{EN,DE}CRYPTION): New. + * cipher.c (cipher_filter): New status outputs. + * mainproc.c (proc_encrypted): New status outputs. + +Fri Dec 31 14:08:15 CET 1999 Werner Koch + + * armor.c (armor_filter): Made the "Comment:" header translatable. + + * hkp.c (hkp_import): Make sure that the program does not return + success when there is a connection problem. Reported by Phillip Jones. + +Sun Dec 19 15:22:26 CET 1999 Werner Koch + + * armor.c (LF): Use this new macro at all places where a line LF + is needed. This way DOSish textfiles should be created when the + input data is also in dos mode. + * sign.c (LF): Ditto. + * textfilter.c (LF): Ditto. + (copy_clearsig_text): Disabled the forcing of CR,LF sequences + for DOS systems. + + * plaintext.c (handle_plaintext): Fixes for line endings on DOS. + and react on a LF in cleartext. + * armor.c (fake_packet): Restore the original line ending after + removing trailing spaces. + + * signal.c (got_fatal_signal): DOS fix. + +Thu Dec 16 10:07:58 CET 1999 Werner Koch + + * mainproc.c (print_failed_pkenc): Fix for unknown algorithm. + Found by fygrave@epr0.org. + +Thu Dec 9 10:31:05 CET 1999 Werner Koch + + * hkp.c: i18n the strings. + +Sat Dec 4 15:32:20 CET 1999 Werner Koch + + * trustdb.c (verify_key): Shortcut for ultimately trusted keys. + +Sat Dec 4 12:30:28 CET 1999 Werner Koch + + * pkclist.c (build_pk_list): Validate the trust using the namehash + if this one has been set by the key lookup. + + * g10.c: Add --delete-secret-key to the help page. + + * openfile.c (copy_options_file): Made static. + (try_make_homedir): New. + * ringedit.c (add_keyblock_resource): Use the try_make_hoemdir logic. + * tdbio.c (tdbio_set_dbname): Likewise. + + * keygen.c (generate_user_id): Use m_alloc_clear() here. We should + better use an allocation function specific to the user_id packet. + + * keygen.c (keygen_add_std_prefs): Changed symmetric preferences + to include Blowfish again. This is due to it's better speed compared + to CAST5. + + * g10.c (strusage): Print the home directory. + + * armor.c (armor_filter): Take action on the cancel control msg. + * filter.h (armor_filter_context_t): Add cancel flag. + +Mon Nov 29 21:52:11 CET 1999 Werner Koch + + * g10.c: New option --fast-list-mode .. + * keylist.c (list_keyblock): .. and implemented. + * mainproc.c (list_node): Ditto. + + * import.c (mark_non_selfsigned_uids_valid): Fixed the case that there + is a uid without any packet following. + +Mon Nov 22 11:14:53 CET 1999 Werner Koch + + * mainproc.c (proc_plaintext): Never enable the hash processing + when skip_verify is active. + + * armor.c (parse_header_line): Stop parsing on a WS line too. + Suggested by Aric Cyr. + + * tdbdump.c (HEXTOBIN): Changed the name of the argument, so that + traditional cpp don't mess up the macros. Suggested by Jos Backus. + + * mainproc.c (list_node): Print the PK algo in the --with-colon mode. + * keylist.c (list_keyblock): Ditto. + + * signal.c (got_fatal_signal): Found the reason why exit(8) did not + work - it is better to set the disposition back to default before + raising the signal. Print the notice on stderr always. + +Fri Nov 12 20:33:19 CET 1999 Werner Koch + + * g10.c (make_username): Swapped the logic. + * keylist.c (public_key_list): Now takes a STRLIST as arg and moved + the creation ot this list to the caller, so that he can copy with + UTF-conversion of user IDs. Changed all callers. + (secret_key_list): Likewise. + + * getkey.c (get_user_id_string_native): New and ... + * encode.c (write_pubkey_enc_from_list): ... use it here. + + * pubring.asc: Updated. + + * packet.h (PKT_PHOTO_ID): New. + * parse-packet.c (parse_photo_id): New. + * build-packet.c (do_user_id: Handle photo IDs. + (build_packet): Change CTB for photo IDs + * free-packet.c (free_user_id): Release memory used for photo IDs + * sig-check.c (hash_uid_node): Handle photo IDs too. + * trustdb.c (print_uid_from_keyblock): Hash photo ID. + (make_uid_records): Ditto. + * getkey.c (find_by_name): Ditto. + * keyedit.c (show_prefs): Ditto. + * keylist.c (list_keyblock): Ditto. + +Thu Oct 28 16:08:20 CEST 1999 Werner Koch + + * keygen.c (ask_expire_interval): Print a warning for systems + with a signed 32 time_t if the exiration time is beyoind 2038. + +Fri Oct 8 20:40:50 CEST 1999 Werner Koch + + * ringedit.c (enum_keyblocks): The last fix way really stupid; + reverted and set rt to Unknown. + +Fri Oct 8 20:32:01 CEST 1999 Werner Koch + + * ringedit.c (enum_keyblocks): Zero the entire kbpos out on open. + + * g10.c (oEntropyDLL): Removed option. + (main): Made the warning on development versions more verbose. + + * g10.c (oHonorHttpProxy): New option. + * hkp.c (hkp_ask_import,hkp_export): Implement this option. + * options.skel: Enable this option for new installations + +Mon Oct 4 21:23:04 CEST 1999 Werner Koch + + * import.c (import_keys): Changed calling interface, adjusted caller. + (import): Moved printing of stats out ... + (print_stats): New. ... to here. + (import_keys_stream): Call stats print here. + (import_keys): Print stats as totals for all files. + + * tdbio.h (DIRF_NEWKEYS): New + * tdbio.c (tdbio_dump_record): Print the new flag. + * trustdb.c (check_trust_record): New arg sigs_only. Adapted all + callers. + (do_update_trust_record): Removed recheck arg and add a new sigs_only + do we can later improve on the performance. Changed all callers too. + (check_trustdb): Evalutate the new flag and add a status output. + Do a check when the dir record has not been checked. + (build_cert_tree): Evaluate the new flag. + (check_trust): Ditto. Do a trust_record check, when the dir record + is not marked as checked. + (mark_fresh_keys): New. + (clear_lid_table): New. + (sync_trustdb): New. + * import.c (import_keys): Call sync_trustdb() after processing. + (import_keys_stream): Ditto. + * tdbdump.c (import_ownertrust): Ditto. + + * import.c (import_revoke_cert): Notify the trust DB. + (do_update_trust_record): Use |= to set the REVOKED bit and not &=; + shame on me for this bad copy+paste introduced bug. + (do_we_trust): Add trustmask to allow revoked key override to work. + Chnaged are to allow return of a mofified trustlevel. Adapted the + one caller. + + * g10.c: New options --emulate-3des-s2k-bug + * passphrase.c (hash_passphrase): Implemented above. + + * mainproc.c (proc_tree): Check for standalone signatures. + (do_check_sig): Print a notice for a standalone revocation + (check_sig_and_print): Do not print an error for unchecked standalone + revocations. + +Tue Sep 28 20:54:37 CEST 1999 Werner Koch + + * encode.c (encode_simple): Use new CTB when we don't have the + length of the file. This is somewhat strange as the comment above + indicates that this part is actually fixed for PGP 5 - maybe I simply + lost the source line, tsss. + + * armor.c (armor_filter): Set a flag if no OpenPGP data has been found. + * verify.c (verify_signatures): Add an error helptext. + +Thu Sep 23 19:24:30 CEST 1999 Werner Koch + + * openfile.c (open_outfile): Fixed the 8dot3 handling. + + * passphrase.c (passphrase_to_dek): Print uid using utf8 func. + * delkey.c (delete_key): Ditto. + * pkclist.c (show_paths,do_edit_ownertrust,do_we_trust): Ditto + (do_we_trust_pre): Ditto. + * trustdb.c (print_user_id,check_uidsigs): Ditto. + * revoke.c (gen_revoke,ask_revoke_sig): Ditto. + +Thu Sep 23 09:52:58 CEST 1999 Werner Koch + + * verify.c (print_file_status): New. + (verify_one_file): Moved status print to th new fnc. Add error status. + * status.c, status.h (STATUS_FILE_ERROR): New + +Wed Sep 22 10:14:17 CEST 1999 Werner Koch + + * openfile.c (make_outfile_name): Use case-insenstive compare for + DOS systems. Add ".pgp" to the list of know extensions. + (open_outfile): For DOS systems try to replace the suffiy instead of + appending it. + + * status.c, status.h: Add STATUS_FILE_{START,DONE}. + * verify.c (verify_one_file): Emit these new stati. + + * sign.c (clearsign_file): Avoid duplicated Entries in the "Hash:" + line. Those headers are now only _not_ printed when there are + only old-style keys _and_ all hashs are MD5. + +Mon Sep 20 12:24:41 CEST 1999 Werner Koch + + + * verify.c (verify_files, ferify_one_file): New. + * g10.c: New command --verify-files + +Fri Sep 17 12:56:42 CEST 1999 Werner Koch + + * g10.c: Add UK spelling as alias for armor options ;-) + + * import.c (append_uid): Fixed a SEGV when there is no selfsig and + no subkey. + (merge_sigs): Ditto. Removed the assertion. + +Wed Sep 15 16:22:17 CEST 1999 Werner Koch + + * g10.c: New option --entropy-dll-name + +Mon Sep 13 10:51:29 CEST 1999 Werner Koch + + * signal.c (got_fatal_signal): Print message using write(2) and + only for development versions. + +Mon Sep 6 19:59:08 CEST 1999 Werner Koch + + * tdbio.c (tdbio_set_dbname): Use mkdir macro + * ringedit.c (add_keyblock_resource): Ditto. + +Fri Sep 3 10:04:45 CEST 1999 Werner Koch + + * pkclist.c (build_pk_list): Skip keys set with --encrypt-to also + when asking for a key. + + * plaintext.c (handle_plaintext): Make sure that we don't read a + second EOF in the read loop for partial length packets. + + * mainproc.c (check_sig_and_print): print user ID as utf-8. + +Thu Sep 2 16:40:55 CEST 1999 Werner Koch + + * import.c (merge_blocks): First add new subkeys, then merge subkey + certificates. + (merge_sigs): Don't merge subkey signatures here. + +Wed Sep 1 15:30:44 CEST 1999 Werner Koch + + * keygen.c (ask_expire_interval): Fixed bug related to cpr_xx (tnx + Francis J. Lacoste). + +Tue Aug 31 17:20:44 CEST 1999 Werner Koch + + * plaintext.c (do_hash): Hash CR,LF for a single CR. + (ask_for_detached_datafile): Changed arguments to be closer to + those of hash_datafiles and cleanup the code a bit. + * mainproc.c (proc_tree): Workaround for pgp5 textmode detached + signatures. Changed behavior of asking for data file to be the same + as with provided data files. + + * keylist.c (list_keyblock): Use UTF8 print functions. + +Mon Aug 30 20:38:33 CEST 1999 Werner Koch + + * import.c (chk_self_sigs): some s/log_error/log_info/ so that gpg + does not return an error if a key has some invalid packets. + + * helptext.c: Fixed some typos and changed the way the + translation works. The english text is now the keyword for gettext + and not anymore the keyword supplied to the function. Done after + some discussion with Walter who thinks this is much easier for the + translators. + + * misc.c (disable_core_dumps): Don't do it for DOSish systems. + + * signal.c (signal_name): Bounds check on signum. + +Wed Aug 4 10:34:18 CEST 1999 Werner Koch + + * pubring.asc: Updated. + + * pkclist.c (do_we_trust_pre,check_signatures_trust): Do not print + the warning about --always_trust when --quiet is used. + + * pkclist.c (fpr_info): New and called at several places. + + * parse-packet.c (dump_sig_subpkt): List revocation key contents. + +Mon Jul 26 09:34:46 CEST 1999 Werner Koch + + * pkclist.c (build_pk_list): Fixed typo in format string. + + * trustdb.c (create_shadow_dir): Don't translate the error string. + + * g10.c (main): Fixed spelling of user-id. + * getkey.c (find_by_name_pk,find_by_name_sk, + find_by_keyid,find_by_keyid_sk): Ditto and translate it. + * import.c (mark_non_selfsigned_uids_valid,delete_inv_parts): Ditto. + + +Mon Jul 26 01:01:39 CEST 1999 Michael Roth + + * g10.c, options.h: New options --no-literal and --set-filesize + + * encode.c (encode_simple, encode_crypt): Support for the options + --no-literal and --set-filesize. + + * sign.c (sign_file): ditto. + +Fri Jul 23 13:53:03 CEST 1999 Werner Koch + + + * ringedit.c (enum_keyblocks): Removed annoying error message in cases + when we have no keyring at all to enum. + + * getkey.c (classify_user_id): Rewrote to relax the recognition of + keyIDs and fingerprints (Michael). + + * mainproc.c (check_sig_and_print): Print status NO_PUBKEY. + (print_failed_pkenc): Print status NO_SECKEY. + + * import.c (mark_non_selfsigned_uids_valid): New. + * g10.c: New option --allow-non-selfsigned-uid. + + * pkclist.c (print_fpr): New. + (do_we_trust_pre): Print the fpr before asking whether to use the key + anyway. + (do_edit_ownertrust): Likewise. + +Thu Jul 22 20:03:03 CEST 1999 Werner Koch + + + * ringedit.c (enum_keyblocks): Removed annoying error message in cases + when we have no keyring at all to enum. + + * getkey.c (classify_user_id): Rewrote to relax the recognition of + keyIDs and fingerprints (Michael). + + * mainproc.c (check_sig_and_print): Print status NO_PUBKEY. + (print_failed_pkenc): Print status NO_SECKEY. + + * import.c (mark_non_selfsigned_uids_valid): New. + * g10.c: New option --allow-non-selfsigned-uid. + +Thu Jul 15 10:15:35 CEST 1999 Werner Koch + + * g10.c: New options --disable-{cipher,pubkey}-algo. + +Wed Jul 14 19:42:08 CEST 1999 Werner Koch + + * status.h (STATUS_IMPORTED): New. + * import.c (import): Print some status information (Holger Schurig). + + * g10.c (main): Make --no-greeting work again. Add a warning when + --force-mds is used. + +Tue Jul 13 17:39:25 CEST 1999 Werner Koch + + * pkclist.c (do_edit_ownertrust): Changed the way help works. + (build_pk_list): Implemented default recipient stuff. + * g10.c: New options --default-recipient[-self] + (main): Suppress greeting in most cases, entering a passphrase or + a missing value is not considered to be interactive use. + Merged --print-md and --print-mds; the latter is now obsolete. + Changed the way --gen-random works and documented it. + Changed the way --gen-prime works and add a man entry. + * g10.c (MAINTAINER_OPTIONS): Removed. + +Mon Jul 12 18:45:57 CEST 1999 Werner Koch + + * keyedit.c (keyedit_menu): Add arg sign_mode and changed callers + * g10.c (main): New command --lsign-key. + +Mon Jul 12 14:55:34 CEST 1999 Werner Koch + + * mainproc.c (kidlist_item): New. + (release_list): Release failed pk-enc-list. + (print_failed_pkenc): New + (proc_encrypted): Print info about failed PK enc. + + * openfile.c (make_outfile_name): s/error/info/ + + * passphrase.c (passphrase_to_dek): Return an empty passphrase when + in batch mode and don't make the warning message fatal + * seckey-cert.c (check_secret_key): Try only once when in batch mode. + + * g10.c (make_username): New. + +Thu Jul 8 16:21:27 CEST 1999 Werner Koch + + + * packet.h (PKT_ring_trust): New + * parse-packet.c (parse_trust): Store trust value + * build-packet (build_packet): Ignore ring trust packets. + * mainproc.c (add_ring_trust): New. + (list_node): Print "rtv" records. + * g10.c: New option --with-fingerprint. + + * trustdb.c (verify_own_keys): Don't insert if we are dry running + (check_trust): Ditto. + +Wed Jul 7 13:08:40 CEST 1999 Werner Koch + + * Makefile.am: Support for libtool. + + * keygen.c (ask_expire_interval): Hack to allow for an expire date. + + * trustdb.c (do_update_trust_record,update_trust_record): Splitted. + (check_trust_record): New. + (check_trust,build_cert_tree): Check the dir record as needed. + (upd_pref_record): Removed. + (make_pref_record): New. + (propagate_validity): Stop as soon as we have enough validity. + + * tbdio.c (MAX_CACHE_ENTRIES_HARD): Increased the limit. + + +Fri Jul 2 11:45:54 CEST 1999 Werner Koch + + * g10.c (g10_exit): Dump random stats. + + * sig-check.c (check_key_signature,check_key_signature2): Enhanced + version and wrapper for old function. + (do_signature_check,signature_check): Ditto. + +Thu Jul 1 12:47:31 CEST 1999 Werner Koch + + + * keyedit.c (show_key_with_all_names): Print a notice for disabled keys. + (enable_disable_keys): Add functionality + * pkclist.c (edit_ownertrust): preserve disabled state. + (build_pk_list): Skip disabled keys. + * trustdb.c (upd_one_ownertrust): Ditto. + (build_cert_tree): Mask the ownertrust. + (trust_letter): Mask the value. + (do_check): Take disabled flag into account. + + * passphrase.c (passphrase_to_dek): Add a pubkey_algo arg and changed + all callers. + + * g10.c (utf8_strings): 2 new options. + + * trustdb.c (insert_trust_record_by_pk): New, replaces the next one. + (insert_trust_record): Now takes a keyblock as arg. Changed all + callers to use the appropritae function. + + * openfile.c (ask_outfile_name): New. + * plaintext.c (handle_plaintext): Ask for filename if there is + no valid syntax. Don't use fname varbatim but filter it. + +Tue Jun 29 21:44:25 CEST 1999 Werner Koch + + + * trustdb.h (TRUST_FLAG_DISABLED): New. + + * status.c (USE_CAPABILITIES): Capabilities support (Remi). + + * tdbio.c : Added new fields to the DIR record. + (tdbio_write_record): Fixed the update of the hash tables. + (tdbio_delete_record): Drop the record from the hash tables. + (drop_from_hashtbl): New. + + * status.c (cpr_get): Special online help mode. + * helptext.c ("keyedit.cmd"): Removed. + * keyedit.c (keyedit_menu): Use only help system. + (enable_disable_key): New bit doies not yet work. + +Sat Jun 26 12:15:59 CEST 1999 Werner Koch + + + * dearmor.c (enarmor_file): Fixed comment string. + * tdbdump.c (export_ownertrust): Text fix. + * tbio.c (tdbio_invalid): Ditto. + + * parse-packet.c (parse_key): Made temp buffer larger. + + * Makefile.am (install-data-local): Add missing backslashes + +Tue Jun 15 12:21:08 CEST 1999 Werner Koch + + * g10.c (main): Made iterated+salted the default S2K method. + + * Makefile.am (install-data-local): Use DESTDIR. + + * passphrase.c (passphrase_to_dek): Emit missing-passphrase while in + batchmode. + + * parse-packet.c (parse_pubkeyenc): Fixed a SEGV. + +Mon Jun 14 21:18:54 CEST 1999 Michael Roth + + * g10.c: New options --openpgp, --no-tty, --emit-version, + --default-comment and --lock-multiple + +Thu Jun 10 14:18:23 CEST 1999 Werner Koch + + * free-packet.c (free_encrypted): Fixed EOF case (Remi). + (free_plaintext): Ditto. + + * helptext.c (keyedit.delsig.unknown): New (Remi). + * keyedit.c (print_and_check_one_sig): Add arg print_without_key and + changed all callers to make use of it (Remi): + +Tue Jun 8 13:36:25 CEST 1999 Werner Koch + + * keylist.c (print_key_data): New and called elsewhere. + * g10.c: New option --with-key-data + +Wed Jun 2 14:17:19 CEST 1999 Werner Koch + + * mainproc.c (proc_tree): Yet another bad hack to cope with + broken pgp2 created detached messages in textmode. + +Tue Jun 1 16:01:46 CEST 1999 Werner Koch + + * openfile.c (make_outfile_name): New. + * plaintext.c (handle_plaintext): Outputfile is now the inputfile + without the suffix. + * g10.c: New option --use-embedded-filename + +Mon May 31 19:41:10 CEST 1999 Werner Koch + + * g10.c (main): Fix for SHM init (Michael). + + * compress.c, encr-data.c, mdfilter.c, + plaintext.c, free-packet.c: Speed patches (Rémi). + +Thu May 27 09:40:55 CEST 1999 Werner Koch + + * status.c (cpr_get_answer_yes_no_quit): New. + * keyedit.c (menu_delsig): New. + (check_all_keysigs): Splitted. + (print_and_check_one_sig): New. + +Wed May 26 14:36:29 CEST 1999 Werner Koch + + * build-packet.c (build_sig_subpkt): Support large packets. + * parse-packet.c (enum_sig_subpkt): Replaces parse_sig_subpkt. + * mainproc.c (print_notation_data): Print all notation packets. + * g10.c (add_notation_data): Add a way to specify the critical flag. + (main): Add option --set-policy-url. + (check_policy_url): Basic checks. + * sign.c (mk_notation_and_policy): Replaces mk_notation. + + * parse-packet.c (can_handle_critical): Moved decision whether we can + handle critical subpacket to an extra function. + +Tue May 25 19:50:32 CEST 1999 Werner Koch + + * sign.c (sign_file): Always use compression algo 1 for signed + onyl file becuase we can´ be sure the the verifier supports other + algorithms. + + * build-packet.c (build_sig_subpkt): Support for notation data. + * sign.c (sign_file,clearsign_file,make_keysig_packet): Ditto. + (mk_notation): New. + * g10.c (add_notation_data): New and add option -N + * mainproc.c (print_notation_data): New. + (check_sig_and_print): Print any notation data of the signed text. + +Sun May 23 14:20:22 CEST 1999 Werner Koch + + * pkclist.c (check_signatures_trust): Print a warning and return + immediateley if opt.always_trust is true. + + * g10.c (main): Corrected handling of no-default-keyring + + * pkclist.c (algo_available): Disable Twofish until we have settled + how to do the MDC. + + * hkp.c: Disable everything for mingw32 + +Sat May 22 22:47:26 CEST 1999 Werner Koch + + * mainproc.c (check_sig_and_print): Add sig creation time to the + VALIDSIG status output. Add more info to the ERRSIG output. + * sig-check.c (signature_check): Add sig time after epoch to SIG_ID. + + * import.c (import_one): Merge duplicate user IDs. + (collapse_uids): New. + * kbnode.c (move_kbnode): New. + (remove_kbnode): New. + * keyedit.c (keyedit_menu): Call collapse_uids. + + * g10.c: new option --logger-fd. + + * import.c: s/log_*_f/log_*/ + +Thu May 20 14:04:08 CEST 1999 Werner Koch + + * misc.c (pull_in_libs): do the volatile only for gcc + + * sig-check (signature_check): Emit SIG_iD only for classes 0 and 1. + + * armor.c (armor_filter): Add detection of PGP2 created clearsigs. + (fake_packet): A tab is not a WS for pgp2 - handle this. + * textfilter.c (len_without_trailing_chars): New. + (copy_clearsig_text): Add pgp2mode arg. + * sign.c (clearsign_file): pass old_style to the above fnc. + + +Wed May 19 16:04:30 CEST 1999 Werner Koch + + * g10.c: New option --interactive. + + * mainproc.c (proc_plaintext): Add workaround for pgp2 bug + (do_check_sig): Ditto. + (proc_tree): Ditto. + * plaintext.c (do_hash): Ditto. + (hash_datafiles): Ditto, add an arg, changed all callers. + * mdfilter.c (md_filter): Add support for the alternate hash context. + +Mon May 17 21:54:43 CEST 1999 Werner Koch + + * parse-packet.c (parse_encrypted): Support for PKT_ENCRYPTED_MDC. + * build-packet.c (do_encrypted_mdc): Ditto. + * cipher.c (write_header): Add mdc hashing. + (cipher_filter): write out the hash. + * mainproc.c (do_proc_packets): Add PKT_ENCRYPTED_MDC. + * encr-data.c (decrypt_data): Add mdc hashing. + (mdc_decode_filter): New. + + * parse-packet.c (parse_sig_subpkt): Fixed stupid bug for subpkt + length calculation + (parse_signature): Fixed even more stupid bug. + +Sat May 8 19:28:08 CEST 1999 Werner Koch + + * build-packet.c (do_signature): Removed MDC hack. + * encode.c (encode_crypt_mdc): Removed. + * mainproc.c (do_check_sig): Removed MDC hack. + (check_sig_and_print): Ditto. + * parse-packet.c (parse_signature): Ditto. + * sig-check.c (mdc_kludge_check): Ditto. + * free-packte.c (copy_signature, free_seckey_enc): Ditto. + + * parse-packet.c (parse_signature,parse_key): Store data of + unknown algorithms with mpi_set_opaque inseatd of the old + faked data stuff. + (read_rest): Removed. + (read_rest2): Renamed to read_rest + * build-packet.c (write_fake_data): Use mpi_get_opaque. + * free-packet.c (cp_fake_data): Removed and cahnged all callers + to use mpi_copy. + (free_pubkey_enc,free_seckey_enc,release_public_key_parts, + release_secret_key_parts): Use mpi_free for opaque data. + +Thu May 6 14:18:17 CEST 1999 Werner Koch + + * trustdb.c (check_trust): Check for revoked subkeys. + * pkclist.c (do_we_trust): Handled revoked subkeys. + (do_we_trust_pre): Ditto. + (check_signatures_trust): Ditto. + + * build-packet.c (hash_public_key): Fix for ancient g10 keys. + + * mainproc.c (do_proc_packets): Return EOF if no data has been read. + * g10.c (main): Catch errors for default operation. + +Thu Apr 29 12:29:22 CEST 1999 Werner Koch + + * sign.c (sign_file): Fixed hashing in case of no subpackets. + (clearsign_file): Ditto. + (make_keysig_packet): Ditto. + +Wed Apr 28 13:03:03 CEST 1999 Werner Koch + + * keyedit.c (keyedit_menu): Add new command revkey. + * (menu_revkey): New. + + +Mon Apr 26 17:48:15 CEST 1999 Werner Koch + + * parse-packet.c (parse_signature): Add the MDC hack. + * build-packet.c (do_signature): Ditto. + * free-packet.c (free_seckey_enc,copy_signature,cmp_signatures): Ditto. + * mainproc.c (do_check_sig): Ditto. + * sig-check.c (mdc_kludge_check): New. + * encode.c (encrypt_mdc_file): New. + + * keyedit.c (check_all_keysigs): List revocations. + * (menu_revsig): New. + * sign (make_keysig_packet): Support for class 0x30. + +Sun Apr 18 20:48:15 CEST 1999 Werner Koch + + * pkclist.c (select_algo_from_prefs): Fixed the case that one key + has no preferences (Remi Guyomarch). + + keylist.c (list_keyblock): ulti_hack to propagate trust to all uids. + +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * seckey-cert.c (do_check): Use real IV instead of a 0 one, so that + it works even if the length of the IV doesn't match the blocksize. + Removed the save_iv stuff. + (protect_secret_key): Likewise. Create the IV here. + * packet.h (PKT_secret_key): Increased size of IV field and add a + ivlen field. + * parse-packet.c (parse_key): Use the len protect.ivlen. + * build-packet.c (do_secret_key). Ditto. + + * getkey.c (key_byname): Close keyblocks. + + * Makefile.am (gpgm): Removed this + * g10.c: Merged gpg and gpgm + + * import.c (import): Utilize option quiet. + * tdbio.c (tdbio_set_dbname): Ditto. + * ringedit.c (add_keyblock_resource,keyring_copy): Ditto. + + * keyedit.c (sign_uids): Add some batch support. + + * g10.c (main): add call to tty_batchmode. + +Fri Apr 9 12:26:25 CEST 1999 Werner Koch + + * status.c (write_status_text): Some more status codes. + * passphrase_to_dek (passphrase_to_dek): add a status code. + * seckey_cert.c (check_secret_key): Likewise. + + * encr-data.c (decrypt_data): Reverse the last changes + * cipher.c (write_header): Ditto. + + * parse-packet.c (parse_key): Dropped kludge for ancient blowfish mode. + +Thu Apr 8 09:35:53 CEST 1999 Werner Koch + + * mainproc.c (proc_encrypted): Add a new status output + * passphrase.c (passphrase_to_dek): Ditto. + * status.h status.c: Add new status tokens. + +Wed Apr 7 20:51:39 CEST 1999 Werner Koch + + * encr-data.c (decrypt_data): Fixes for 128 bit blocksize + * cipher.c (write_header): Ditto. + * seckey-cert.c (do_check): Ditto. + (protect_secret_key). Ditto. + * misc.c (print_cipher_algo_note): Twofish is now a standard algo. + + * keygen.c (do_create): Fixed spelling (Gaël Quéri) + (ask_keysize): Only allow keysizes up to 4096 + + * ringedit.c (add_keyblock_resource): chmod newly created secrings. + + * import.c (delete_inv_parts): Fixed accidently deleted subkeys. + +Tue Apr 6 19:58:12 CEST 1999 Werner Koch + + * armor.c: Removed duped include (John Bley) + * mainproc.c: Ditto. + + * build-packet.c (hash_public_key): Fixed hashing of the header. + + * import.c (delete_inv_parts): Allow import of own non-exportable sigs. + +Sat Mar 20 13:59:47 CET 1999 Werner Koch + + * armor.c (fake_packet): Fix for not not-dash-escaped + +Sat Mar 20 11:44:21 CET 1999 Werner Koch + + * g10.c (main): Added command --recv-keys + * hkp.c (hkp_import): New. + +Wed Mar 17 13:09:03 CET 1999 Werner Koch + + * trustdb.c (check_trust): add new arg add_fnc and changed all callers. + (do_check): Ditto. + (verify_key): Ditto. + (propagate_validity): Use the new add_fnc arg. + (print_user_id): Add the FILE arg. + (propagate_ownertrust): New. + * pkclist.c (add_ownertrust_cb): New and changed the add_ownertrust + logic. + + * getkey.c (get_keyblock_bylid): New. + * trustdb.c (print_uid_from_keyblock): New. + (dump_tn_tree_with_colons): New. + (list_trust_path): Add colon print mode. + + * trustdb.c (insert_trust_record): Always use the primary key. + + * encode.c (encode_simple): Added text_mode filter (Rémi Guyomarch) + (encode_crypt): Ditto. + + * mainproc.c (proc_pubkey_enc): Added status ENC_TO. + * armor.c (armor_filter): Added status NODATA. + * passphrase.c (passphrase_to_dek): Always print NEED_PASSPHRASE + * seckey_cert.c (check_secret_key): Added BAD_PASS status. + + * g10.c (main): Set g10_opt_homedir. + +Sun Mar 14 19:34:36 CET 1999 Werner Koch + + * keygen.c (do_create): Changed wording of the note (Hugh Daniel) + +Thu Mar 11 16:39:46 CET 1999 Werner Koch + + * tdbdump.c: New + + * trustdb.c (walk_sigrecs,do_list_sigs,list_sigs, + list_records,list_trustdb,export_ownertrust,import_ownertrust): Moved + to tdbdump.c + (init_trustdb): renamed to setup_trustdb. Changed all callers. + (do_init_trustdb): renamed to init_trustdb(). + * trustdb.c (die_invalid_db): replaced by tdbio_invalid. + * tdbio.c (tdbio_invalid): New. + + * import.c (delete_inv_parts): Skip non exportable signatures. + * keyedit.c (sign_uid_mk_attrib): New. + (sign_uids): Add the local argument. + (keyedit_menu): New "lsign" command. + * trustdb.c (register_trusted_key): Removed this and all related stuff. + * g10.c (oTrustedKey): Removed option. + + * tdbio.h (dir.valcheck): New trustdb field. + * tdbio.c: Add support for this field + (tdbio_read_modify_stamp): New. + (tdbio_write_modify_stamp): New. + * trustdb.c (do_check): Check against this field. Removed cache update. + (verify_key): Add cache update. + (upd_uid_record): Some functional changes. + (upd_cert_record): Ditto + +Wed Mar 10 11:26:18 CET 1999 Werner Koch + + * keylist.c (list_keyblock): Fixed segv in uid. Print 'u' as + validity of sks. + +Mon Mar 8 20:47:17 CET 1999 Werner Koch + + * getkey.c (classify_user_id): Add new mode 12 (#). + + * seckey-cert.c (check_secret_key): replaced error by info. + + * trustdb.c (query_trust_info): Add another arg, changed all callers. + (check_trust): Ditto. + (do_check): Ditto. + (verify_key): Handle namehash. + * keylist.c (list_keyblock): print trust info for user ids. + + * sig-check.c (signature_check): Add sig-created to status output. + +Tue Mar 2 16:44:57 CET 1999 Werner Koch + + * textfilter.c (copy_clearsig_text): New. + (clearsign): Removed. + * sign.c (clearsign_file): does not use textfiler anymore. + + * keygen.c (ask_user_id): print a note about the used charset. + +Tue Mar 2 10:38:42 CET 1999 Werner Koch + + * sig-check.c (signature_check): sig-id now works for all algos. + + * armor.c (armor_filter): Fixed armor bypassing. + +Sun Feb 28 19:11:00 CET 1999 Werner Koch + + * keygen.c (ask_user_id): Don't change the case of email addresses. + (has_invalid_email_chars): Adjusted. + + * keylist.c (list_one): Really list serect keys (Remi Guyomarch) + + * keyedit.c (menu_select_uid): Add some braces to make egcs happy. + (menu_select_key): Ditto. + + * mainproc.c (do_proc_packets): List sym-enc packets (Remi Guyomarch) + +Fri Feb 26 17:55:41 CET 1999 Werner Koch + + * pkclist.c (build_pk_list): Return error if there are no recipients. + + * sig-check.c (signature_check): New signature id feature. + * armor.c (make_radic64_string): New. + + * mainproc.c (proc_pubkey_enc): early check for seckey availability. + + * pkclist.c (do_we_trust_pre): print user id before asking. + + * ringedit.c (add_keyblock_resource,get_keyblock_handle): Cleaner + handling of default resource. + + +Thu Feb 25 18:47:39 CET 1999 Werner Koch + + * pkclist.c (algo_available): New. + (select_algo_from_prefs): Check whether algo is available. + + * ringedit.c (keyring_copy): Take care of opt.dry_run. + (do_gdbm_store): Ditto. + * openfile.c (open_outfile). Ditto. + (copy_options_file): Ditto. + * trustdb.c (update_trustdb): Ditto. + (clear_trust_checked_flag): Ditto. + (update_trust_record): Ditto. + (insert_trust_record): Ditto. + +Wed Feb 24 11:07:27 CET 1999 Werner Koch + + * keylist.c (secret_key_list): Now really list the secret key. + + * trustdb.c (do_init_trustdb): New. Init is now deferred. + +Mon Feb 22 20:04:00 CET 1999 Werner Koch + + * getkey.c (lookup_sk): Return G10ERR_NO_SECKEY and not x_PUBKEY. + +Fri Feb 19 15:49:15 CET 1999 Werner Koch + + * pkclist.c (select_algo_from_prefs): retrieve LID if not there. + + * armor.c (fake_packet): Replaced ugly lineending handling. + + * g10.c (oNoEncryptTo): New. + * pkclist.c (build_pk_list): Implemented this option. + + * g10.c (main): Greeting is now printed to stderr and not to tty. + Use add_to_strlist() instead of direct coding. + + * import.c (import): Use iobuf_push_filter2. + + * mainproc.c (check_sig_and_print): Print all user ids + for good signatures. + * getkey.c (get_pubkeyblock): New. + + * import.c (chk_self_sigs): Fixed SEGV for unbounded class 0x18 keys. + (delete_inv_parts): Delete special marked packets. + +Tue Feb 16 14:10:02 CET 1999 Werner Koch + + * g10.c (main): New option --encrypt-to + + * pkclist.c (build_pk_list): Implemented encrypt-to. + + * parse-packet.c (parse_user_id): Removed the hack to work with + utf-8 strings. + + * g10.c (main): Install lockfile cleanup handler. + * tdbio.c (cleanup): Removed: this is now handled by dotlock. + +Sat Feb 13 14:13:04 CET 1999 Werner Koch + + * tdbio.c (tdbio_set_dbname): Init lockhandle for a new trustdb + +Wed Feb 10 17:15:39 CET 1999 Werner Koch + + * g10.c (main): check for development version now in configure + + * tdbio.c (tdbio_write_record): Add uid.validity + (tdbio_read_record) : Ditto. + (tdbio_dump_record) : Ditto. + + * keygen.c (keygen_add_std_prefs): Replaced Blowfish by Twofish, + removed MD5 and Tiger. + * pubkey-enc.c (get_it): Suppress warning about missing Blowfish + in preferences in certain cases. + + * ringedit.c (lock_rentry,unlock_rentry): New. + + * getkey.c (key_byname): Pass ret_kb down to lookup_xx. + + * armor.c (armor_filter): No output of of empty comment lines. + Add option --no-version to suppress the output of the version string. + + * getkey.c: Release the getkey context for auto context variables. + +Sun Jan 24 18:16:26 CET 1999 Werner Koch + + * getkey.c: Changed the internal design to allow simultaneous + lookup of multible user ids + (get_pubkey_bynames): New. + (get_seckey_bynames): New. + (get_seckey_next): New. + (get_seckey_end): New. + * keylist.c (list_one): Use the new functions. + + * keylist.c (list_keyblock): add a newline for normal listings. + + * g10.c (--recipient): New option name to replace --remote-user + + +Wed Jan 20 18:59:49 CET 1999 Werner Koch + + * textfilter.c: Mostly rewritten + * plaintext.c (handle_plaintext): Use now text_filter semantics. + +Tue Jan 19 19:34:58 CET 1999 Werner Koch + + * export.c (export_pubkeys_stream): New. + (do_export_stream): New. + * g10.c (aSendKeys): New command. + * hkp.c (hkp_export): New. + + * compress.c (do_uncompress): Hack for algo 1 and 1.1.3 + +Sun Jan 17 11:04:33 CET 1999 Werner Koch + + * textfilter.c (text_filter): Now uses iobuf_read_line(). + (read_line): Removed. + + * armor.c (trim_trailing_spaces): Removed and replaced + by trim_trailing_ws from libutil + +Sat Jan 16 12:03:27 CET 1999 Werner Koch + + * hkp.c (hkp_ask_import): Use only the short keyid + +Sat Jan 16 09:27:30 CET 1999 Werner Koch + + * import.c (import_key_stream): New + (import): New, moved most of import_keys here. + * g10.c: New option --keyserver + * mainproc.c (check_sig_and_print): Hook to import a pubkey. + + * pref.c pref.h : Removed + + * hkp.c hkp.h: New + +Wed Jan 13 14:10:15 CET 1999 Werner Koch + + * armor.c (radix64_read): Print an error if a bad armor was detected. + +Wed Jan 13 12:49:36 CET 1999 Werner Koch + + * armor.c (radix64_read): Now handles malformed armors produced + by some buggy MUAs. + +Tue Jan 12 11:17:18 CET 1999 Werner Koch + + * ringedit.c (find_keyblock_bysk): New. + + * skc_list.c (is_insecure): New. + (build_sk_list): usage check for insecure keys. + + * import.c (chk_self_sigs): Add handling for subkeys. + (delete_inv_parts): Skip unsigned subkeys + + * sig-check.c (do_check): Print info if the signature is older + than the key. + * keygen.c (generate_subkeypair): Fail on time warp. + * sign.c (do_sign): Ditto. + +Sun Jan 10 15:10:02 CET 1999 Werner Koch + + * armor.c (fake_packet): Fixed not-dash-escaped bug. + +Sat Jan 9 16:02:23 CET 1999 Werner Koch + + * sig-check.c (do_check): Output time diff on error + + * status.c (STATUS_VALIDSIG): New. + (is_status_enabled): New. + * mainproc.c (check_sig_and_print): Issue that status message. + + * plaintext.c (special_md_putc): Removed + + * armor.c (armor_filter): print error for truncated lines. + + * free-packet.c (free_encrypted): Revomed call to set_block_mode. + (free_plaintext): Ditto. + +Thu Jan 7 18:00:58 CET 1999 Werner Koch + + * pkclist.c (add_ownertrust): Fixed return value. + + * encr-data.c (decrypt_data): Disabled iobuf_set_limit and + iobuf_pop_filter stuff. + * compress.c (handle_compressed): Disabled iobuf_pop_filter. + + * packet.h (PKT_secret_key): Add is_primary flag. + * parse-packet.c (parse_key): Set this flag. + * passphrase.c (passphrase_to_dek): Kludge to print the primary + keyid - changed the API: keyid must now hold 2 keyids. + * getkey.c (get_primary_seckey): New. + * seckey-cert.c (do_check): pass primary keyid to passphrase query + + * tbdio.c (open_db): removed the atexit + (tdbio_set_dbname): and moved it to here. + + * armor.c: Rewrote large parts. + +Tue Dec 29 19:55:38 CET 1998 Werner Koch + + * revoke.c (gen_revoke): Removed compression. + + * pkclist.c (do_we_trust_pre): special check for revoked keys + + * trustdb.c (update_trust_record): Fixed revoke flag. + +Tue Dec 29 14:41:47 CET 1998 Werner Koch + + * misc.c (disable_core_dumps): Check for EINVAL (Atari) + + * getkey (merge_one_pk_and_selfsig): Fixed search of expiredate. + (merge_keys_and_selfsig): Ditto. + + * free-packet.c (cmp_public_keys): cmp expire only for v3 packets + (cmp_secret_keys): Ditto. + (cmp_public_secret_key): Ditto. + +Wed Dec 23 17:12:24 CET 1998 Werner Koch + + * armor.c (find_header): Reset not_dashed at every header + +Wed Dec 23 13:18:14 CET 1998 Werner Koch + + * pkclist.c (add_ownertrust): Refresh validity values. + + * trustdb.c (enum_cert_paths_print): New arg refresh. + + * ringedit.c: Fixed problems fix keyrings + * parse-packet.c (dbg_parse_packet): New debug functions. + + * getkey.c (getkey_disable_caches): New. + * import.c (import_keys): Disable caches. + +Thu Dec 17 18:31:15 CET 1998 Werner Koch + + * misc.c (trap_unaligned): Only for glibc 1 + + * sign.c (write_dash_escaped): Now escapes "From " lines + * g10.c: New option --escape-from-lines + + * trustdb.c (sort_tsl_list): New + (list_trust_path): Now prints sorted list. + (enum_cert_paths): Likewise. + (enum_cert_paths_print): New. + (print_paths): New printing format. + * pkclist.c (add_ownertrust): New arg quit. + (edit_ownertrust): New quit selection and does not query + the recipients ownertrust anymore. + (add_ownertrust): Print the ceritficate path. + + +Mon Dec 14 21:18:49 CET 1998 Werner Koch + + * parse-packet.c (parse_signature): Now checks for critical bit + (parse_sig_subpkt): Splitted. + (parse_one_sig_subpkt): New. + * sig-check.c (do_check): handle critical bit. + +Sun Dec 13 14:10:56 CET 1998 Werner Koch + + * pcklist.c (select_algo_from_prefs): Preferences should + now work (lost the != ? ) + +Thu Dec 10 20:15:36 CET 1998 Werner Koch + + * ringedit.c (gdbm_store): Fix for inserts + + * g10.c (main): New option --export-all + * export.c (export_pubkeys): New arg. + (do_export): Now may skip old keys. + + * status.c: Minor patches for Sun's cc + + * keygen.c (ask_algo): Disabled v3 ElGamal choice, rearranged + the numbers. Add a warning question when a sign+encrypt key + is selected. + + * g10.c (do_not_use_RSA): Removed. + * misc.c (print_pubkey_algo_note): New as replacement for the + do_not_use_RSA() and chnaged all callers. + (print_cipher_algo_note): New. + (print_hash_algo_note): New. + + * cipher.c (write_header): Add a call to print_cipher_algo_note. + * seckey-cert.c (protect_secret_key): Ditto + * sign.c (do_sign): Add a call to print_digest_algo_note. + + * getkey.c (get_long_user_id_string): New. + * mainproc.c (check_sig_and_print): Changed the format of the + status output. + + * encrypt.c (write_pubkey_enc_from_list): print used symmetric cipher. + + * pkclist.c (do_we_trust): Changed a message. + +Wed Dec 9 13:41:06 CET 1998 Werner Koch + + * misc.c (trap_unaligned) [ALPHA]: Only if UAC_SIGBUS is defined. + + * sign.c (write_dash_escaped): Add the forgotten patch by Brian Moore. + + * compress.c (do_uncompress): Fixed the inflating bug. + + +Tue Dec 8 13:15:16 CET 1998 Werner Koch + + * trustdb.c (upd_uid_record): Now uses the newest self-signature + (insert_trust_record): Now calls update with recheck set to true. + (register_trusted_key): New. + (verify_own_keys): Enhanced by list of trusted keys. + + * g10.c (main): Print a warning when a devel version is used. + (main): New option --trusted-key + + * import.c (merge_blocks): Fixed merging of new user ids and + added merging of subkeys. + (append_uid): Ditto. + (merge_keysig): New. + (append_key): New. + * getkey.c (merge_one_pk_and_selfsig): Get the expiration time + from the newest self-signature. + (merge_keys_and_selfsig): Ditto. + + * free-packet.c (cmp_secret_key): New. + + +Fri Nov 27 21:37:41 CET 1998 Werner Koch + + * g10.c: New option --lock-once + * tdbio.c (open_db): Add an atexit + (cleanup): New. + (tdbio_sync): Add locking. + (tdbio_end_transaction): Ditto. + (put_record_into_cache): Ditto. + * ringedit.c (keyring_copy): Ditto. + (cleanup): New. + (add_keyblock_resource): Add an atexit. + +Fri Nov 27 15:30:24 CET 1998 Werner Koch + + * armor.c (find_header): Another fix for clearsigs. + +Fri Nov 27 12:39:29 CET 1998 Werner Koch + + + * status.c (display_help): Removed. + * helptext.c: New and removed the N_() from all cpr_gets. + + +Fri Nov 20 16:54:52 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): New option --not-dash-escaped + * sign.c (write_dashed_escaped): Ditto. + * armor.c (find_header): Support for NotDashEscaped header. + + * getkey.c: print "disabled cache.." only if verbose is used. + +Thu Nov 19 07:17:31 1998 Werner Koch + + * parse-packet.c (dump_sig_subpkt): Fixed expire listing + * getkey.c (merge_keys_and_selfsig): Fixed expire calculation. + (merge_one_pk_and_selfsig): Ditto. + * keyedit.c (menu_expire). Ditto. + * keygen.c (keygen_add_key_expire): Ditto. + (ask_expire_interval): New and changed all local function to use + this instead. + (keygen_add_key_expire): Opaque should now be a public key; + changed all callers. + + * parse.packet.c (parse): use skip_rest to skip packets. + + * keyedit.c (keyedit_menu): New arg for cmdline cmds. + +Wed Nov 18 20:33:50 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (check_trustdb): Now rechecks all gived userids. + (collect_paths): Some fixes. + (upd_pref_records): Skips empty items, evaluate all items. + + * parse-packet.c (dump_sig_subpkt): Better listing of prefs. + (skip_packet): Now knows about marker packet + + * g10.c: removed cmd "--edit-sig". + + * pubring.asc: Updated. + +Sat Nov 14 14:01:29 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): Changed syntax of --list-trust-path + * trustdb.c (list_trust_path): Replaced max_depth by + opt.max_cert_depth + +Fri Nov 13 07:39:58 1998 Werner Koch + + * trustdb.c (collect_paths): Removed a warning message. + (enum_trust_web): Removed. + (enum_cert_paths): New. + * pkclist.c (add_ownertrust): Changed to use enum_cert_paths. + (edit_ownertrust): Now list ceritficates on request. + (show_paths): New. + +Wed Nov 11 18:05:44 1998 Werner Koch + + * g10.c (main): New option --max-cert-depth + * tdbio.h: add new fields to ver and dir record. + * tdbio.c: read/write/dump of these fields. + (tdbio_db_matches_options): New. + * trustdb.c: replaced MAC_CERT_DEPTH by opt.max_cert_depth. + (do_check): cache validity and changed other functions + to reset the cached value. + + * keylist.c (list_one): Now lists the ownertrust. + * mainproc.c (list_node): Ditto. + +Tue Nov 10 10:08:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (g10_exit): Now looks at the new g10_errors_seen. + * mainproc.c (check_sig_and_print): Sets g10_errors_seen. + + * *.c : i18n many more strings. + + * ringedit.c (locate_keyblock_by_keyid): Add HAVE_LIBGDBM + (locate_keyblock_by_fpr): Ditto. + + * g10.c (main): removed unsused "int errors". + (main): Add new option --charset. + + * g10.c (main): special message for the unix newbie. + +Mon Nov 9 07:17:42 1998 Werner Koch + + * getkey.c (finish_lookup): Kludge to prefere algo 16. + + * trustdb.c (new_lid_table): Clear cached item. + + * status.c (cpr_get_utf8): New. + * pkclist.c (build_pk_list): Uses this. + +Sun Nov 8 17:20:39 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mainproc.c (check_sig_and_print): Why did I use strlen()-1 + in the printf? - This truncated the TZ. + +Sat Nov 7 15:57:28 1998 me,,, (wk@tobold) + + * getkey.c (lookup): Changes to support a read_next. + (get_pubkey): Fixed a memory leak. + + * keylist.c (list_one): Now lists all matching user IDs. + +Tue Nov 3 16:19:21 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c (ask_user_id): Now converted to UTF-8 + + * g10.c (main): Kludge for pgp clearsigs and textmode. + +Fri Oct 30 16:40:39 1998 me,,, (wk@tobold) + + * signal.c (block_all_signals): New. + (unblock_all_signals): New + * tdbio.c (tdbio_end_transaction): Now blocks all signals. + + * trustdb.c (new_lid_table): Changed the representation of the + former local_lid_info stuff. + + * trustdb.c (update_trust_record): Reorganized the whole thing. + * sig-check.c (check_key_signature): Now handles class 0x28 + + +Wed Oct 28 18:56:33 1998 me,,, (wk@tobold) + + * export.c (do_export): Takes care of the exportable sig flag. + +Tue Oct 27 14:53:04 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (update_trust_record): New "fast" parameter. + +Sun Oct 25 19:32:05 1998 Werner Koch (wk@isil.d.shuttle.de) + + * openfile.c (copy_options_File): New. + * ringedit.c (add_keyblock_resource): Creates options file + * tdbio.c (tdbio_set_dbname): Ditto. + +Sat Oct 24 14:10:53 1998 brian moore + + * mainproc.c (proc_pubkey_enc): Don't release the DEK + (do_proc_packets): Ditto. + +Fri Oct 23 06:49:38 1998 me,,, (wk@tobold) + + * keyedit.c (keyedit_menu): Comments are now allowed + + * trustdb.c: Rewrote large parts. + + +Thu Oct 22 15:56:45 1998 Michael Roth (mroth@nessie.de) + + * encode.c: (encode_simple): Only the plain filename without + a given directory is stored in generated packets. + (encode_crypt): Ditto. + + * sign.c: (sign_file) Ditto. + + +Thu Oct 22 10:53:41 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (update_trust_record): Add new optional arg. + + * import.c (import_keys): Add statistics output + * trustdb.c (update_trustdb): Ditto. + (insert_trustdb): Ditto. + + * tdbio.c (tdbio_begin_transaction): New. + (tdbio_end_transaction): New. + (tdbio_cancel_transaction): New. + + * g10.c (main): New option --quit. + + * trustdb.c (check_hint_sig): No tests for user-id w/o sig. + This caused an assert while checking the sigs. + + * trustdb.c (upd_sig_record): Splitted into several functions. + + * import.c (import_keys): New arg "fast". + * g10.c (main): New command --fast-import. + +Wed Oct 21 18:19:36 1998 Michael Roth + + * ringedit.c (add_keyblock_resource): Directory is now created. + * tdbio.c (tdbio_set_dbname): New info message. + +Wed Oct 21 11:52:04 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (update_trustdb): released keyblock in loop. + + * keylist.c (list_block): New. + (list_all): Changed to use list_block. + + * trustdb.c: Completed support for GDBM + + * sign.c (only_old_style): Changed the way force_v3 is handled + (sign_file): Ditto. + (clearsign_file): Ditto. + + * keygen.c (has_invalid_email_chars): Splitted into mailbox and + host part. + + * keylist.c (list_one): Add a merge_keys_and_selfsig. + * mainproc.c (proc_tree): Ditto. + +Sun Oct 18 11:49:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * sign.c (only_old_style): Add option force_v3_sigs + (sign_file): Fixed a bug in sig->version + (clearsign_file): Ditto. + + * parse-packet.c (dump_sig_subpkt): New + + * keyedit.c (menu_expire): New. + * free-packet.c (cmp_signatures): New + + +Sat Oct 17 10:22:39 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c: changed output line length from 72 to 64. + + * keyedit.c (fix_keyblock): New. + +Fri Oct 16 10:24:47 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c: Rewrote most. + * tdbio.c: Add cache and generalized hash tables. + + * options.h (ENABLE_COMMENT_PACKETS): New but undef'ed. + * encode.c, sign.c, keygen.c: Disabled comment packets. + * export.c (do_export): Comment packets are never exported, + except for those in the secret keyring. + + * g10.c (main): Removed option do-no-export-rsa; should be + be replaced by a secpial tool. + * export.c (do_export): Removed the code for the above option. + + * armor.c (find_header): Support for new only_keyblocks. + * import.c (import_keys): Only looks for keyblock armors. + + * packet.h: replaced valid_days by expiredate and changed all users. + * build-packet.c (do_public_key): calculates valid-days + (do_secret_key): Ditto. + * parse-packet.c (parse_key): expiredate is calucated from the + valid_period in v3 packets. + * keyid.c (do_fingerprint_md): calculates valid_dates. + + * keygen.c (add_key_expire): fixed key expiration time for v4 packets. + + * armor.c (find_header): A LF in the first 28 bytes + was skipped for non-armored data. + +Thu Oct 8 11:35:51 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (is_armored): Add test on old comment packets. + + * tdbio.c (tdbio_search_dir_bypk): fixed memory leak. + + * getkey.c: Changed the caching algorithms. + +Wed Oct 7 19:33:28 1998 Werner Koch (wk@isil.d.shuttle.de) + + * kbnodes.c (unused_nodes): New. + +Wed Oct 7 11:15:36 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keyedit.c (sign_uids): Fixed a problem with SK which could caused + a save of an unprotected key. + (menu_adduid): Ditto. + + * keyedit.c (keyedit_menu): Prefs are now correctly listed for + new user ids. + + * trustdb.c (update_trust_record): New. + (insert_trust_record): Now makes use of update_trust_record. + +Tue Oct 6 16:18:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (read_record): replaces most of the tdbio_read_records. + (write_record): Ditto. + +Sat Oct 3 11:01:21 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c (ask_alogo): enable ElGamal enc-only only for addmode. + +Wed Sep 30 10:15:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * import.c (import_one): Fixed update of wrong keyblock. + +Tue Sep 29 08:32:08 1998 me,,, (wk@tobold) + + * mainproc.c (proc_plaintext): Display note for special filename. + * plaintext.c (handle_plaintext): Suppress output of special file. + +Mon Sep 28 12:57:12 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (verify_own_keys): Add warning if a key is not protected. + + * passphrase (hash_passphrase): Fixed iterated+salted mode and + setup for keysizes > hashsize. + + * g10.c (main): New options: --s2k-{cipher,digest,mode}. + +Fri Sep 25 09:34:23 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c: Chnaged some help texts. + +Tue Sep 22 19:34:39 1998 Werner Koch (wk@isil.d.shuttle.de) + + * passphrase.c (read_passphrase_from_fd): fixed bug for long + passphrases. + +Mon Sep 21 11:28:05 1998 Werner Koch (wk@(none)) + + * getkey.c (lookup): Add code to use the sub key if the primary one + does not match the usage. + + * armor.c (armor_filter): New error message: no valid data found. + (radix64_read): Changes to support multiple messages. + (i18n.h): New. + * mainproc.c (add_onepass_sig): bug fix. + +Mon Sep 21 08:03:16 1998 Werner Koch (wk@isil.d.shuttle.de) + + * pkclist.c (do_we_trust): Add keyid to most messages. + + * passphrase.c (read_passphrase_from_fd): New. + (have_static_passphrase): New + (get_passphrase_fd): Removed. + (set_passphrase_fd): Removed. + * g10.c (main): passphrase is now read here. + + * keyedit.c (keyedit_menu): "help" texts should now translate fine. + +Mon Sep 21 06:40:02 1998 Werner Koch (wk@isil.d.shuttle.de) + + * encode.c (encode_simple): Now disables compression + when --rfc1991 is used. + (encode_crypt): Ditto. + +Fri Sep 18 16:50:32 1998 Werner Koch (wk@isil.d.shuttle.de) + + * getkey.c (merge_key_and_selfsig): New. + +Fri Sep 18 10:20:11 1998 Werner Koch (wk@isil.d.shuttle.de) + + * pkclist.c (select_algo_from_prefs): Removed 3DES kludge. + + * seskey.c (make_session_key): Fixed SERIOUS bug introduced + by adding the weak key detection code. + + * sign.c (sign_file): Changed aremor header in certain cases. + +Tue Sep 15 17:52:55 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mainproc.c (check_sig_and_print): Replaced ascime by asctimestamp. + +Mon Sep 14 11:40:52 1998 Werner Koch (wk@isil.d.shuttle.de) + + * seskey.c (make_session_key): Now detects weak keys. + + * trustdb (clear_trust_checked_flag): New. + + * plaintext.c (handle_plaintext): Does no anymore suppress CR from + cleartext signed messages. + +Sun Sep 13 12:54:29 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (insert_trust_record): Fixed a stupid bug in the free + liunked list loops. + +Sat Sep 12 15:49:16 1998 Werner Koch (wk@isil.d.shuttle.de) + + * status.c (remove_shmid): New. + (init_shm_comprocess): Now sets permission to the real uid. + +Wed Sep 9 11:15:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h (PKT_pubkey_enc): New flah throw_keyid, and add logic to + implement it. + * g10.c (main): New Option --throw-keyid + + * getkey.c (enum_secret_keys): Add new ar and changed all callers. + +Tue Sep 8 20:04:09 1998 Werner Koch (wk@isil.d.shuttle.de) + + * delkey.c (delete_key): Moved from keyedit.c. + +Mon Sep 7 16:37:52 1998 Werner Koch (wk@isil.d.shuttle.de) + + * build-packet.c (calc_length_header): New arg new_ctb to correctly + calculate the length of new style packets. + + * armor.c (is_armored): Checks for symkey_enc packets. + + * pkclist.c (select_algo_from_prefs): 3DEs substitute is now CAST5. + +Tue Aug 11 17:54:50 1998 Werner Koch (wk@isil.d.shuttle.de) + + * build-packet.c (do_secret_key): Fixed handling of old keys. + + * getkey.c (compare_name): Fixed exact and email matching + + * openfile.c (open_outfile): Changed arguments and all callers. + +Tue Aug 11 09:14:35 1998 Werner Koch (wk@isil.d.shuttle.de) + + * encode.c (encode_simple): Applied option set-filename and comment. + (encode_crypt): Ditto. + * sign.c (sign_file): Ditto. + * armor.c (armor_filter): Applied option comment. + + * encode.c (encode_crypt): Moved init_packet to the begin. + (encode_simple): add an init_packet(). + + * comment (write_comment): Now enforces a hash sign as the 1st byte. + + * import.c (import_one): Add explanation for "no user ids". + + * compress.c (do_uncompress): Applied Brian Warner's patch to support + zlib 1.1.3 etc. + + * trustdb.c (check_trust): Fixed a problem after inserting new keys. + + * getkey (lookup): do not return the primary key if usage is given + (lookup_sk): Ditto and take usage into account. + + * status.c (cpr_get_answer_is_yes): add display_help. + +Mon Aug 10 10:11:28 1998 Werner Koch (wk@isil.d.shuttle.de) + + * getkey.c (lookup_sk): Now always returns the primary if arg + primary is true. + (lookup): Likewise. + (get_pubkey_byname): Now returns the primary key + (get_seckey_byname): Ditto. + + +Mon Aug 10 08:34:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keyid.c (pubkey_letter): ELG_E is now a small g. + +Sat Aug 8 17:26:12 1998 Werner Koch (wk@isil.d.shuttle.de) + + * openfile (overwrite_filep): Changed semantics and all callers. + +Sat Aug 8 12:17:07 1998 Werner Koch (wk@isil.d.shuttle.de) + + * status.c (display_help): New. + +Thu Aug 6 16:30:41 1998 Werner Koch,mobil,,, (wk@tobold) + + * seskey.c (encode_session_key): Now uses get_random_bits(). + +Thu Aug 6 07:34:56 1998 Werner Koch,mobil,,, (wk@tobold) + + * ringedit.c (keyring_copy): No more backupfiles for + secret keyrings and add additional warning in case of + a failed secret keyring operation. + +Wed Aug 5 11:54:37 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (check_opts): Moved to main. Changed def_cipher_algo + semantics and chnaged all users. + + * pubkey-enc.c (get_sssion_key): New informational output + about preferences. + + * parse-packet.c (parse_symkeyenc): Fixed salted+iterated S2K + (parse_key): Ditto. + * build-packet.c (do_secret_key): Ditto. + (do_symkey_enc): Ditto. + +Tue Aug 4 08:59:10 1998 Werner Koch (wk@isil.d.shuttle.de) + + * getkey.c (enum_secret_keys): Now returns only primary keys. + + * getkey (lookup): Now sets the new namehash field. + + * parse-packet.c (parse_sig_subpkt2): New. + + * sign.c (sign_file): one-pass sigs are now emiited reverse. + Preference data is considered when selecting the compress algo. + +Wed Jul 29 12:53:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * free-packet.c (copy_signature): New. + + * keygen.c (generate_subkeypair): rewritten + * g10.c (aKeyadd): Removed option --add-key + +Mon Jul 27 10:37:28 1998 Werner Koch (wk@isil.d.shuttle.de) + + * seckey-cert.c (do_check): Additional check on cipher blocksize. + (protect_secret_key): Ditto. + * encr-data.c: Support for other blocksizes. + * cipher.c (write_header): Ditto. + +Fri Jul 24 16:47:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * kbnode.c (insert_kbnode): Changed semantics and all callers. + * keyedit.c : More or less a complete rewrite + +Wed Jul 22 17:10:04 1998 Werner Koch (wk@isil.d.shuttle.de) + + * build-packet.c (write_sign_packet_header): New. + +Tue Jul 21 14:37:09 1998 Werner Koch (wk@isil.d.shuttle.de) + + * import.c (import_one): Now creates a trustdb record. + + * g10.c (main): New command --check-trustdb + +Mon Jul 20 11:15:07 1998 Werner Koch (wk@isil.d.shuttle.de) + + * genkey.c (generate_keypair): Default key is now DSA with + encryption only ElGamal subkey. + +Thu Jul 16 10:58:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keyid.c (keyid_from_fingerprint): New. + * getkey.c (get_pubkey_byfprint): New. + +Tue Jul 14 18:09:51 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keyid.c (fingerprint_from_pk): Add argument and changed all callers. + (fingerprint_from_sk): Ditto. + +Tue Jul 14 10:10:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * plaintext.c (handle_plaintext): Now returns create error if + the file could not be created or the user responded not to overwrite + the file. + * mainproc.c (proc_plaintext): Tries again if the file could not + be created to check the signature without output. + + * misc.c (disable_core_dumps): New. + * g10.c (main): disable coredumps for gpg + + * g10.c (MAINTAINER_OPTIONS): New to disable some options + +Mon Jul 13 16:47:54 1998 Werner Koch (wk@isil.d.shuttle.de) + + * plaintext.c (hash_datafiles): New arg for better support of + detached sigs. Changed all callers. + * mainproc.c (proc_signature_packets): Ditto. + + * g10.c (main): New option "compress-sigs" + * sig.c (sign_file): detached signatures are not anymore compressed + unless the option --compress-sigs is used. + +Thu Jul 9 19:54:54 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c: Fixes to allow zero length cleartext signatures + +Thu Jul 9 14:52:47 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (build_list): Now drops setuid. + (main): Changed the way keyrings and algorithms are registered . + +Wed Jul 8 14:17:30 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h (PKT_public_key): Add field keyid. + * parse-packet.c (parse_key): Reset the above field. + * keyid.c (keyid_from_pk): Use above field as cache. + + * tdbio.c, tdbio.h: New + * trustdb.c: Moved some functions to tdbio.c. + (print_keyid): New. + + * pkclist.c (check_signatures_trust): New. + +Wed Jul 8 10:45:28 1998 Werner Koch (wk@isil.d.shuttle.de) + + * plaintext.c (special_md_putc): New. + (handle_plaintext): add clearsig argument + * mainproc.c (proc_plaintext): detection of clearsig + * sign.c (write_dased_escaped): Changed clearsig format + +Tue Jul 7 18:56:19 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (find_header): Now makes sure that there is only one + empty line for clearsigs, as this is what OP now says. + +Mon Jul 6 13:09:07 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): New option default-secret-key + * getkey.c (get_seckey_byname): support for this option. + +Mon Jul 6 09:03:49 1998 Werner Koch (wk@isil.d.shuttle.de) + + * getkey.c (add_keyring): Keyrings are now added to end of the + list of keyrings. The first added keyringwill be created. + (add_secret_keyring): Likewise. + + * ringedit.c (add_keyblock_resource): Files are created here. + + * g10.c (aNOP): Removed + + * getkey.c (lookup): Add checking of usage for name lookups + * packet.h (pubkey_usage): Add a field which may be used to store + usage capabilities. + * pkclist.c (build_pk_list): getkey now called with usage arg. + * skclist.c (build_sk_list): Ditto. + + * sign.c (clearsign_file): Fixed "Hash:" headers + +Sat Jul 4 13:33:31 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (list_ownertrust): New. + * g10.c (aListOwnerTrust): New. + + * g10.c (def_pubkey_algo): Removed. + + * trustdb.c (verify_private_data): Removed and also the call to it. + (sign_private_data): Removed. + +Fri Jul 3 13:26:10 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (aEditKey): was aEditSig. Changed usage msg. + + * keyedit.c: Done some i18n stuff. + + * g10.c (do_not_use_RSA): New. + * sign.c (do_sign): Add call to above function. + * encode.c (write_pubkey_enc_from_list): Ditto. + +Thu Jul 2 21:01:25 1998 Werner Koch (wk@isil.d.shuttle.de) + + * parse-packet.c: Now is able sto store data of unknown + algorithms. + * free-packet.c: Support for this. + * build-packet.c: Can write data of packet with unknown algos. + +Thu Jul 2 11:46:36 1998 Werner Koch (wk@isil.d.shuttle.de) + + * parse-packet.c (parse): fixed 4 byte length header + +Wed Jul 1 12:36:55 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h (new_ctb): New field for some packets + * build-packet.c (build_packet): Support for new_ctb + * parse-packet.c (parse): Ditto. + +Mon Jun 29 12:54:45 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h: changed all "_cert" to "_key", "subcert" to "subkey". + + * free-packet.c (free_packet): Removed memory leak for subkeys. + +Sun Jun 28 18:32:27 1998 Werner Koch (wk@isil.d.shuttle.de) + + * import.c (import_keys): Renamed from import_pubkeys. + (import_secret_one): New. + + * g10.c (aExportSecret): New. + + * export.c (export_seckeys): New. + + * parse-packet.c (parse_certificate): Cleaned up. + (parse_packet): Trust packets are now considered as unknown. + (parse_pubkey_warning): New. + +Fri Jun 26 10:37:35 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c (has_invalid_email_chars): New. + +Wed Jun 24 16:40:22 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (armor_filter): Now creates valid onepass_sig packets + with all detected hash algorithms. + * mainproc.c (proc_plaintext): Now uses the hash algos as specified + in the onepass_sig packets (if there are any) + +Mon Jun 22 11:54:08 1998 Werner Koch (wk@isil.d.shuttle.de) + + * plaintext.c (handle_plaintext): add arg to disable outout + * mainproc.c (proc_plaintext): disable output when in sigs_only mode. + +Thu Jun 18 13:17:27 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c: Removed all rsa packet stuff, chnaged defaults + for key generation. + +Sun Jun 14 21:28:31 1998 Werner Koch (wk@isil.d.shuttle.de) + + * misc.c (checksum_u16): Fixed a stupid bug which caused a + wrong checksum calculation for the secret key protection and + add a backward compatibility option. + * g10.c (main): Add option --emulate-checksum-bug. + +Thu Jun 11 13:26:44 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h: Major changes to the structure of public key material + which is now stored in an array and not anaymore in a union of + algorithm specific structures. These is needed to make the system + more extendable and makes a lot of stuff much simpler. Changed + all over the system. + + * dsa.c, rsa.c, elg.c: Removed. + +Wed Jun 10 07:22:02 1998 Werner Koch,mobil,,, (wk@tobold) + + * g10.c ("load-extension"): New option. + +Mon Jun 8 22:23:37 1998 Werner Koch (wk@isil.d.shuttle.de) + + * seckey-cert.c (do_check): Removed cipher constants + (protect_secret_key): Ditto. + +Fri May 29 10:00:28 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (query_trust_info): New. + * keylist.c (list_one): Add output of trust info + * mainproc (list_node): ditto. + * g10.c (main): full trustdb init if -with-colons and any of the + key list modes. + +Thu May 28 10:34:42 1998 Werner Koch (wk@isil.d.shuttle.de) + + * status.c (STATUS_RSA_OR_IDEA): New. + * sig-check.c (check_signature): Output special status message. + * pubkey-enc.c (get_session_key): Ditto. + + * mainproc.c (check_sig_and_print): Changed format of output. + * passpharse.c (passphrase_to_dek): Likewise. + +Wed May 27 13:46:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (aListSecretKeys): New option --list-secret-keys + * keylist.c (std_key_list): Renamed to public_key_list. + (secret_key_list): New + (list_one, list_all): Add support for secret keys. + * getkey.c (get_secret_keyring): New. + * mainproc.c (list_node): Add option --with-colons for secret keys + + * sig-check.c (check_key_signature): detection of selfsigs + * mainproc.c (list_node): fixed listing. + + * g10.c (aListSecretKeys): New option --always-trust + * pkclist.c (do_we_trust): Override per option added + + * status.c (write_status_text): Add a prefix to every output line. + +Wed May 27 07:49:21 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10 (--compress-keys): New. + * options.h (compress_keys): New. + * export.c (export_pubkeys): Only compresses with the new option. + +Tue May 26 11:24:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * passphrase.c (get_last_passphrase): New + (set_next_passphrase): New. + (passphrase_to_dek): add support for the above functions. + * keyedit.c (make_keysig_packet): Add sigclass 0x18, + changed all callers due to a new argument. + * keygen.c (write_keybinding): New + (generate_subkeypair): Add functionality + (ask_algo, ask_keysize, ask_valid_days): Broke out of generate_keypair + (ask_user_id, ask_passphrase): Ditto. + +Thu May 21 11:26:13 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c,gpgd.c (main): Does now return an int, so that egcs does + not complain. + + * armor.c (fake_packet): Removed erro message and add a noticed + that this part should be fixed. + + * sign.c (sign_file): Compression now comes in front of encryption. + * encode.c (encode_simple): Ditto. + (encode_crypt): Ditto. + +Tue May 19 16:18:19 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (fake_packet): Changed assertion to log_error + +Sat May 16 16:02:06 1998 Werner Koch (wk@isil.d.shuttle.de) + + * build-packet.c (build_packet): Add SUBKEY packets. + +Fri May 15 17:57:23 1998 Werner Koch (wk@isil.d.shuttle.de) + + * sign.c (hash_for): New and used in all places here. + * main.h (DEFAULT_): new macros. + * g10.c (opt.def_digest_algo): Now set to 0 + + * compress.c (init_compress): Add support for algo 1 + * options.h (def_compress_algo): New + * g10.c (main): New option --compress-algo + +Fri May 15 13:23:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (print_mds): New feature to print only one hash, + chnaged formatting. + +Thu May 14 15:36:24 1998 Werner Koch (wk@isil.d.shuttle.de) + + * misc.c (trap_unaligned) [__alpha__]: New + * g10.c (trap_unaligned): Add call to this to track down SIGBUS + on Alphas (to avoid the slow emulation code). + +Wed May 13 11:48:27 1998 Werner Koch (wk@isil.d.shuttle.de) + + * build-packet.c (do_signature): Support for v4 pakets. + * keyedit.c (make_keysig_packet): Ditto. + * build-packet.c (build_sig_subpkt_from_sig): New. + (build_sig_subpkt): New. + + * elg.c (g10_elg_sign): removed keyid_from_skc. + * dsa.c (g10_dsa_sign): Ditto. + * rsa.c (g10_rsa_sign): Ditto. + * keyedit.c (make_keysig_packet): Add call to keyid_from_skc + + * sign.c (clearsign_file): Support for v4 signatures. + (sign_file): Ditto. + +Wed May 6 09:31:24 1998 Werner Koch (wk@isil.d.shuttle.de) + + * parse-packet.c (do_parse): add support for 5 byte length leader. + (parse_subpkt): Ditto. + * build-packet.c (write_new_header): Ditto. + + * packet.h (SIGSUBPKT_): New constants. + * parse-packet.c (parse_sig_subpkt): Changed name, made global, + and arg to return packet length, chnaged all callers + + +Tue May 5 22:11:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c (gen_dsa): New. + * build_packet.c (do_secret_cert): Support for DSA + +Mon May 4 19:01:25 1998 Werner Koch (wk@isil.d.shuttle.de) + + * compress.c: doubled buffer sizes + * parse-packet.c (do_plaintext): now uses iobuf_read/write. + +Mon May 4 09:35:53 1998 Werner Koch (wk@isil.d.shuttle.de) + + * seskey.c (encode_md_value): Add optional argument hash_algo, + changed all callers. + + * passphrase.c (make_dek_from_passphrase): Removed + * (get_passhrase_hash): Changed name to passphrase_to_dek, add arg, + changed all callers. + + * all: Introduced the new ELG identifier and added support for the + encryption only one (which is okay to use by GNUPG for signatures). + +Sun May 3 17:50:26 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h (PKT_OLD_COMMENT): New name for type 16. + * parse-packet.c (parse_comment): Now uses type 61 + +Fri May 1 12:44:39 1998 Werner Koch,mobil,,, (wk@tobold) + + * packet.h (count): Chnaged s2k count from byte to u32. + * seckey-cert.c (do_check): Changed s2k algo 3 to 4, changed + reading of count. + * build-packet.c (do_secret_cert): ditto. + * parse-packet.c (parse_certificate): ditto. + + * parse-packet.c (parse_symkeyenc): New. + * build-packet.c (do_symkey_enc): New. + +Thu Apr 30 16:33:34 1998 Werner Koch (wk@isil.d.shuttle.de) + + * sign.c (clearsign_file): Fixed "Hash: " armor line. + +Tue Apr 28 14:27:42 1998 Werner Koch (wk@isil.d.shuttle.de) + + * parse-packet.c (parse_subpkt): Some new types. + +Mon Apr 27 12:53:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): Add option --skip-verify. + * mainproc.c (check_sig_and_print): Ditto. + + * g10.c (print_mds): Add output for Tiger. + + * sign.c (sign_file): Now uses partial length headers if used + in canonical textmode (kludge to fix a bug). + + * parse-packet.c (parse_certificate): Changed BLOWFISH id. + * pubkey-enc.c (get_session_key): Ditto. + * seskey.c (make_session_key): Ditto. + * seckey-cert.c (protect_secret_key,do_check): Add BLOWFISH160. + +Fri Apr 24 17:38:48 1998 Werner Koch,mobil,,, (wk@tobold) + + * sig-check.c (check_key_signature): Add sig-class 0x14..0x17 + * keyedit.c (sign-key): Some changes to start with support of + the above new sig-classes. + +Wed Apr 22 09:01:57 1998 Werner Koch,mobil,,, (wk@tobold) + + * getkey.c (compare_name): add email matching + +Tue Apr 21 16:17:12 1998 Werner Koch,mobil,,, (wk@tobold) + + * armor.c (armor_filter): fixed missing last LF before CSUM. + +Thu Apr 9 11:35:22 1998 Werner Koch (wk@isil.d.shuttle.de) + + * seckey-cert.c (do_check): New; combines all the check functions + into one. + + * sign.c: removed all key management functions + * keyedit.c: New. + +Thu Apr 9 09:49:36 1998 Werner Koch (wk@isil.d.shuttle.de) + + * import.c (chk_self_sigs): Changed an error message. + +Wed Apr 8 16:19:39 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h: packet structs now uses structs from the pubkey, + removed all copy operations from packet to pubkey structs. + +Wed Apr 8 13:40:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (verify_own_certs): Fixed "public key not found". + + * getkey.c (key_byname): New, combines public and secret key search. + + * pkclist.c (build_pkc_list): Add new arg usage, changed all callers. + * skclist.c (build_skc_list): Likewise. + + * ringedit.c (find_keyblock, keyring_search2): Removed. + +Wed Apr 8 09:47:21 1998 Werner Koch (wk@isil.d.shuttle.de) + + * sig-check.c (do_check): Applied small fix from Ulf Möller. + +Tue Apr 7 19:28:07 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.c, encr-data.c, seckey-cert.c: Now uses cipher_xxxx + functions instead of blowfish_xxx or cast_xxx + +Tue Apr 7 11:04:02 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am (g10maint.o): Changed the way it is created. + +Mon Apr 6 11:17:08 1998 Werner Koch (wk@isil.d.shuttle.de) + + * misc.c: New. + * keygen.c (checksum,checksum_u16,checksum_mpi): Moved to misc.c + * seckey-cert.c: Kludge for wrong ELG checksum implementation. + +Sat Apr 4 20:07:01 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.c (cipher_filter): Support for CAST5 + * encr-data.c (decode_filter): Ditto. + (decrypt_data): Ditto. + * seskey.c (make_session_key): Ditto. + * seckey-cert.c (check_elg, check_dsa): Ditto, + (protect_secret_key): Ditto. + * pubkey-enc.c (get_session_key): Ditto. + * passphrase.c (hash_passphrase): Ditto. + +Thu Apr 2 20:22:35 1998 Werner Koch (wk@isil.d.shuttle.de) + + * gpgd.c: New + +Thu Apr 2 10:38:16 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c (generate_keypair): Add valid_days stuff. + * trustdb.c (check_trust): Add check for valid_days. + +Wed Apr 1 16:15:58 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c (generate_keypair): Addional question whether the + selected large keysize is really needed. + +Wed Apr 1 15:56:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * seckey-cert.c (protect_secret_key): merged protect_xxx to here. + +Wed Apr 1 10:34:46 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am (g10maint.c): Changed creation rule, so that it works + on FreeBSD (missing CFLAGS). + + * parse-packet.c (parse_subkey): Removed. + +Thu Mar 19 15:22:36 1998 Werner Koch (wk@isil.d.shuttle.de) + + * ringedit.c (keyring_enum): Fixed problem with reading too + many packets. Add support to read secret keyrings. + + * getkey.c (scan_keyring): Removed + (lookup): New to replace scan_keyring. + (scan_secret_keyring): Removed. + (lookup_skc): New. + +Wed Mar 18 11:47:34 1998 Werner Koch (wk@isil.d.shuttle.de) + + * ringedit.c (enum_keyblocks): New read mode 11. + + * keyid.c (elg_fingerprint_md): New and changed all other functions + to call this if the packet version is 4 or above. + +Tue Mar 17 20:46:16 1998 Werner Koch (wk@isil.d.shuttle.de) + + * parse-packet.c (parse_certificate): Add listing support for subkeys. + +Tue Mar 17 20:32:22 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (is_armored): Allow marker packet. + +Thu Mar 12 13:36:49 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (check_trust): Checks timestamp of pubkey. + * sig-check. (do_check): Compares timestamps. + +Tue Mar 10 17:01:56 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): Add call to init_signals. + * signal.c: New. + +Mon Mar 9 12:43:42 1998 Werner Koch (wk@isil.d.shuttle.de) + + * dsa.c: New + * packet.h, free-packet.c, parse-packet.c : Add support for DSA + * sig-check.c, getkey.c, keyid.c, ringedit.c: Ditto. + * seckey-cert.c: Ditto. + + * packet.h : Moved .digest_algo of signature packets to outer + structure. Changed all references + +Sun Mar 8 13:06:42 1998 Werner Koch (wk@isil.d.shuttle.de) + + * openfile.c : Support for stdout filename "-". + + * mainproc.c (check_sig_and_print): Enhanced status output: + * status.c (write_status_text): New. + +Fri Mar 6 16:10:54 1998 Werner Koch (wk@isil.d.shuttle.de) + + * kbnode.c (clone_kbnode): Fixed private_flag. + + * mainproc.c (list_node): Output of string "Revoked" as user-id. + +Fri Mar 6 14:26:39 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): Add userids to "-kv" and cleaned up this stuff. + +Fri Mar 6 12:45:58 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): Changed semantics of the list-... commands + and added a new one. Removed option "-d" + + * decrypt.c: New. + + * trustdb.c (init_trustdb): Autocreate directory only if it ends + in "/.gnupg". + +Thu Mar 5 12:12:11 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mainproc.c (do_proc_packets): New. Common part of proc_packet. + (proc_signature_packets): special version to handle signature data. + * verify.c: New. + * g10.c (aVerify): New. + * plaintext.c (hash_datafiles): New. + * compress.c (handle_compressed): Add callback arg, changed caller. + +Thu Mar 5 10:20:06 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c: Is nom the common source for gpg and gpgm + * g10maint.c: Removed + * Makefile.am: Add rule to build g10maint.c + +Thu Mar 5 08:43:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): Changed the way clear text sigs are faked. + +Wed Mar 4 19:47:37 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10maint.c (aMuttKeyList): New + * keylist.c: New. + +Wed Mar 4 17:20:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * getkey.c (get_pubkey_byname): Kludge to allow 0x prefix. + +Tue Mar 3 13:46:55 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10maint.c (main): New option --gen-random. + +Tue Mar 3 09:50:08 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (aDeleteSecretKey): New. + (aEditSig): Add option "--edit-key" as synonym for "--edit-sig". + (aDeleteSecretKey): New. + * getkey.c (seckey_available): New. + * sign.c (delete_key): Enhanced to delete secret keys, changed all + callers. + +Mon Mar 2 21:23:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * pkc_list.c (build_pkc_list): Add interactive input of user ID. + +Mon Mar 2 20:54:05 1998 Werner Koch (wk@isil.d.shuttle.de) + + * pkclist.c (do_we_trust_pre): New. + (add_ownertrust): Add message. + * trustdb.c (enum_trust_web): Quick fix. + +Mon Mar 2 13:50:53 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): New action aDeleteKey + * sign.c (delete_key): New. + +Sun Mar 1 16:38:58 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (do_check): No returns TRUST_UNDEFINED instead of + eof error. + +Fri Feb 27 18:14:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (find_header): Removed trailing CR on headers. + +Fri Feb 27 18:02:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * ringedit.c (keyring_search) [MINGW32]: Open and close file here + because rename does not work on open files. Chnaged callers. + +Fri Feb 27 16:43:11 1998 Werner Koch (wk@isil.d.shuttle.de) + + * sig-check.c (do_check): Add an md_enable. + * mainproc.c (do_check_sig): Use md_open in case of detached sig + (proc_tree): Take detached sigs into account. + +Fri Feb 27 15:22:46 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): Make use of GNUPGHOME envvar. + * g10main.c (main): Ditto. + +Wed Feb 25 11:40:04 1998 Werner Koch (wk@isil.d.shuttle.de) + + * plaintext.c (ask_for_detached_datafile): add opt.verbose to + info output. + + * openfile.c (open_sigfile): Try also name ending in ".asc" + +Wed Feb 25 08:41:00 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c (generate_keypair): Fixed memory overflow. + +Tue Feb 24 15:51:55 1998 Werner Koch (wk@isil.d.shuttle.de) + + * parse-packet.c (parse_certificate): Support for S2K. + * build-packet.c (do_secret_cert): Ditto. + * keygen.c (gen_elg): Ditto. + * seckey-cert.c (check_elg): Ditto + (protect_elg): Ditto. + * sign.c (chnage_passphrase): Ditto. + * passphrase.c (get_passphrase_hash): Support for a salt and + changed all callers. + (make_dek_from_passphrase): Ditto. + +Tue Feb 24 12:30:56 1998 Werner Koch (wk@isil.d.shuttle.de) + + * build-packet.c (hash_public_cert): Disabled debug output. + +Fri Feb 20 17:22:28 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (init_trustdb) [MINGW32]: Removed 2nd mkdir arg. + (keyring_copy) [MINGW32]: Add a remove prior to the renames. + +Wed Feb 18 18:39:02 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am (OMIT_DEPENDENCIES): New. + + * rsa.c: Replaced log_bug by BUG. + +Wed Feb 18 13:35:58 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mainproc.c (do_check_sig): Now uses hash_public_cert. + * parse-packet.c (parse_certificate): Removed hashing. + * packet.h (public_cert): Removed hash variable. + * free-packet.c (copy_public_cert, free_public_cert): Likewise. + + * sig-check.c (check_key_signatures): Changed semantics. + +Wed Feb 18 12:11:28 1998 Werner Koch (wk@isil.d.shuttle.de) + + * trustdb.c (do_check): Add handling for revocation certificates. + (build_sigrecs): Ditto. + (check_sigs): Ditto. + +Wed Feb 18 09:31:04 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (armor_filter): Add afx->hdrlines. + * revoke.c (gen_revoke): Add comment line. + * dearmor.c (enarmor_file): Ditto. + + * sig-check.c (check_key_signature): Add handling for class 0x20. + * mainproc.c : Ditto. + +Tue Feb 17 21:24:17 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c : Add header lines "...ARMORED FILE .." + * dearmor.c (enarmor_file): New. + * g10maint.c (main): New option "--enarmor" + +Tue Feb 17 19:03:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mainproc.c : Changed a lot, because the packets are now stored + a simple linlked list and not anymore in a complicatd tree structure. + +Tue Feb 17 10:14:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * free_packet.c (cmp_public_certs): New. + (cmp_user_ids): New. + + * kbnode.c (clone_kbnode): New. + (release_kbnode): Add clone support. + + * ringedit.c (find_keyblock_bypkc): New. + + * sign.c (remove_keysigs): Self signatures are now skipped, + changed arguments and all callers. + + * import.c : Add functionality. + +Tue Feb 17 09:31:40 1998 Werner Koch (wk@isil.d.shuttle.de) + + * options.h (homedir): New option. + * g10.c, g10maint.c, getkey.c, keygen.c, trustdb.c (opt.homedir): New. + + * trustdb.c (init_trustdb): mkdir for hoem directory + (sign_private_data): Renamed "sig" to "g10.sig" + +Mon Feb 16 20:02:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * kbnode.c (commit_kbnode): New. + (delete_kbnode): removed unused first arg. Changed all Callers. + + * ringedit.c (keyblock_resource_name): New. + (get_keyblock_handle): NULL for filename returns default resource. + +Mon Feb 16 19:38:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * sig-check.s (check_key_signature): Now uses the supplied + public key to check the signature and not any more the one + from the getkey.c + (do_check): New. + (check_signature): Most work moved to do_check. + +Mon Feb 16 14:48:57 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (find_header): Fixed another bug. + +Mon Feb 16 12:18:34 1998 Werner Koch (wk@isil.d.shuttle.de) + + * getkey.c (scan_keyring): Add handling of compressed keyrings. + +Mon Feb 16 10:44:51 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c, g10maint.c (strusage): Rewrote. + (build_list): New + +Mon Feb 16 08:58:41 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (use_armor): New. + +Sat Feb 14 14:30:57 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mainproc.c (proc_tree): Sigclass fix. + +Sat Feb 14 14:16:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * armor.c (armor_filter): Changed version and comment string. + * encode.c, sign.c, keygen.c: Changed all comment packet strings. + +Sat Feb 14 12:39:24 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (aGenRevoke): New command. + * revoke.c: New. + * sign.c (make_keysig_packet): Add support for sigclass 0x20. + +Fri Feb 13 20:18:14 1998 Werner Koch (wk@isil.d.shuttle.de) + + * ringedit.c (enum_keyblocks, keyring_enum): New. + +Fri Feb 13 19:33:40 1998 Werner Koch (wk@isil.d.shuttle.de) + + * export.c: Add functionality. + + * keygen.c (generate_keypair): Moved the leading comment behind the + key packet. + * kbnode.c (walk_kbnode): Fixed. + + * g10.c (main): listing armored keys now work. + +Fri Feb 13 16:17:43 1998 Werner Koch (wk@isil.d.shuttle.de) + + * parse-packet.c (parse_publickey, parse_signature): Fixed calls + to mpi_read used for ELG b. + +Fri Feb 13 15:13:23 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10.c (main): changed formatting of help output. + +Thu Feb 12 22:24:42 1998 Werner Koch (wk@frodo) + + * pubkey-enc.c (get_session_key): rewritten + + + Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, + 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/include/ChangeLog b/include/ChangeLog deleted file mode 100644 index 98acf86aa..000000000 --- a/include/ChangeLog +++ /dev/null @@ -1,665 +0,0 @@ -2010-09-28 Werner Koch - - * ttyio.h (ttyfp_is, init_ttyfp) [__VMS]: New. - -2009-09-03 Werner Koch - - * util.h (xtryvasprintf): New. - -2009-08-25 Werner Koch - - * compat.h: Add xstrconcat. - -2009-08-11 David Shaw - - * util.h: Add string_to_utf8() from GPA. - -2009-07-21 Werner Koch - - * estream-printf.h: New. Taken from libestream.x - -2009-07-20 Werner Koch - - * types.h (strlist_t): Add new alias for STRLIST. - - * memory.h (xtrymalloc,xtrystrdup): New. - - * util.h: Add prototypes for util/convert.c. - -2009-05-26 David Shaw - - * http.h: Pass in a STRLIST for additional headers on http_open - and http_open_document. - -2009-04-05 David Shaw - - * srv.h: Move from util/srv.h. - -2009-04-02 David Shaw - - * http.h: Allow passing srvtag to http_open and - http_open_document. - -2008-04-17 David Shaw - - * cipher.h: Add the 192-bit variant of Camellia. - -2007-11-29 David Shaw - - * cipher.h: Add the 128-bit variant of Camellia. - -2007-10-23 Werner Koch - - Switched entire package to GPLv3+. - * assuan.h, _regex.h: Just change the address notice. - -2007-08-24 Werner Koch - - * util.h (same_file_p): Add prototype. - -2007-06-13 David Shaw - - * cipher.h (CIPHER_ALGO_CAMELLIA): Add Camellia define. - -2007-04-16 David Shaw - - * util.h (ascii_toupper, ascii_tolower, ascii_strcasecmp, - ascii_strncasecmp): Move functions to compat.h. - -2006-12-11 Werner Koch - - * mpi.h (mpi_is_neg, mpi_get_nlimbs): Replaced macros by function - prototypes. - (struct gcry_mpi): Changed to a forward declaration. - (mpi_limb_t): Moved to ../mpi/mpi-internal.h. - (MPI_NULL): Removed. - (mpi_is_opaque, mpi_is_secure): Implement in terms of mpi_get_flags. - -2006-12-04 Werner Koch - - * iobuf.h (iobuf_t): New. That is the name we use in 2.0. - -2006-09-28 David Shaw - - * compat.h: Move strsep prototype and ascii_isspace macro to from - util.h. - - * compat.h: New, used for libcompat.a functions. - - * util.h: Includes compat.h. - -2006-04-20 David Shaw - - * cipher.h: Add dsa2_generate(); - -2006-04-19 David Shaw - - * cipher.h: Add SHA-224. - -2006-03-16 David Shaw - - * util.h: Handle the fixed IPGP type with fingerprint. - -2006-02-14 Werner Koch - - * errors.h (G10ERR_NO_DATA): New. - -2005-12-23 David Shaw - - * util.h: Prototype get_cert(). - -2005-07-27 Werner Koch - - * memory.h (m_free, m_alloc, m_realloc, m_strdup): Removed and - replaced all over by xfoo functions. This is to ease porting to - gnupg 1.9. - (xmalloc_secure) [M_DEBUG]: Correctly map to m_debug_alloc_secure. - -2005-06-23 David Shaw - - * http.h: Fix prototypes for http_open_document and http_open - again, to handle the new different auth for regular files and - proxies. - -2005-06-21 David Shaw - - * http.h: Fix prototypes for http_open_document and http_open to - pass in auth and proxyauth. - -2005-05-19 Werner Koch - - * util.h: Add definitions for membuf functions. - -2005-05-05 David Shaw - - * util.h: Remove add_days_to_timestamp as unused. - -2005-04-22 David Shaw - - * distfiles: Add assuan.h. - -2005-04-04 Werner Koch - - * memory.h (xcalloc, xcalloc_secure): Replaced macros by functions. - -2005-03-31 Werner Koch - - * assuan.h: New. Taken from libassuan 0.6.9. - -2005-03-18 David Shaw - - * ttyio.h: Prototype tty_enable_completion(), and - tty_disable_completion(). - -2005-02-09 David Shaw - - * cipher.h: Add a flag for a symmetric DEK. - -2004-12-16 David Shaw - - * memory.h: Return a flag to indicate whether we got the lock. - -2004-11-29 David Shaw - - * cipher.h: Add PUBKEY_USAGE_UNKNOWN. - -2004-11-03 Timo Schulz - - * errors.h: Add w32_strerror prototype. - * dynload.h: Use w32_strerror. - -2004-10-27 Werner Koch - - * dynload.h: Always use it for _WIN32. - -2004-10-21 Werner Koch - - * util.h [!HAVE_VASPRINTF]: Removed prototype. - -2004-10-15 Werner Koch - - * util.h [!HAVE_VASPRINTF]: Add asprintf prototype. - -2004-10-13 David Shaw - - * keyserver.h: Add KEYSERVER_TIMEOUT. - -2004-09-30 David Shaw - - * util.h: Prototype destroy_dotlock(). From Werner on stable - branch. - -2004-09-10 David Shaw - - * http.h: Add auth field for a parsed_uri to allow for basic auth. - -2004-09-09 Werner Koch - - * errors.h (G10ERR_NO_CARD, G10ERR_CANCELED): New error codes. - -2004-04-27 Werner Koch - - * mpi.h: Renamed prototype parameter name to avoid gcc warnings. - -2004-03-04 David Shaw - - * iobuf.h: Remove iobuf_set_block_mode() and - iobuf_in_block_mode(). - -2004-02-21 David Shaw - - * util.h: Prototype for hextobyte(). - -2004-01-16 David Shaw - - * cipher.h: Remove the old CIPHER_ALGO_RINJDAEL values. - is_ELGAMAL() now only matches type 16 and not type 20. - -2004-01-15 David Shaw - - * util.h: Add prototype for print_string2(). - -2003-12-28 David Shaw - - * http.h: Pass the http proxy from outside rather than pulling it - from the evironment. - -2003-12-28 Stefan Bellon - - * util.h [__riscos__]: Removal of unnecessary RISC OS stuff. - -2003-12-17 David Shaw - - * mpi.h (gcry_mpi, mpi_get_opaque, mpi_set_opaque): Make nbits and - the length of an opaque MPI unsigned. - - * cipher.h (pubkey_verify): Remove old unused code. - -2003-12-03 David Shaw - - * cipher.h: Make cipher list match 2440bis-09. - -2003-11-20 David Shaw - - * util.h: Add prototype for match_multistr(). - -2003-10-31 David Shaw - - * cipher.h: Add COMPRESS_ALGO_BZIP2. - -2003-10-04 Timo Schulz - - * dynload [WIN32] (dlclose): Do not use CloseHandle but FreeLibrary. - -2003-09-29 Werner Koch - - * cipher.h (PUBKEY_USAGE_AUTH): New. - -2003-09-28 Timo Schulz - - * util.h [WIN32]: Prototype for asprintf. - * dynload.h [WIN32]: Define RTLD_LAZY. - -2003-09-28 Werner Koch - - * util.h: Add the atoi_* and xtoi_* suite of macros from 1.9. - * dynload.h: New. Taken from 1.9. - -2003-09-27 Werner Koch - - * memory.h (xmalloc): Define xmalloc macros in terms of m_alloc. - -2003-09-04 David Shaw - - * cipher.h: Drop TIGER/192 support. - -2003-08-28 David Shaw - - * util.h: s/__MINGW32__/_WIN32/ to help building on native Windows - compilers. Requested by Brian Gladman. From Werner on stable - branch. - -2003-07-10 David Shaw - - * types.h: Prefer using uint64_t when creating a 64-bit unsigned - type. This avoids a warning on compilers that support but complain - about unsigned long long. - - * util.h (ascii_isspace): New variation on isspace() that is - immune from locale changes. - - * util.h: Make sure that only ascii is passed to isfoo - functions. (From Werner on stable branch). - -2003-05-24 David Shaw - - * cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: - Edit all preprocessor instructions to remove whitespace before the - '#'. This is not required by C89, but there are some compilers - out there that don't like it. - -2003-05-14 David Shaw - - * types.h: Add initializer macros for 64-bit unsigned type. - -2003-05-02 David Shaw - - * cipher.h: Add constants for compression algorithms. - -2003-03-11 David Shaw - - * http.h: Add HTTP_FLAG_TRY_SRV. - -2003-02-11 David Shaw - - * types.h: Try and use uint64_t for a 64-bit type. - -2003-02-04 David Shaw - - * cipher.h: Add constants for new SHAs. - -2002-11-13 David Shaw - - * util.h [__CYGWIN32__]: Don't need the registry prototypes. From - Werner on stable branch. - -2002-11-06 David Shaw - - * util.h: Add wipememory2() macro (same as wipememory, but can - specify the byte to wipe with). - -2002-10-31 Stefan Bellon - - * util.h [__riscos__]: Prefixed all RISC OS prototypes with - riscos_* - - * zlib-riscos.h: New. This is macro magic in order to make the - zlib library calls indeed call the RISC OS ZLib module. - -2002-10-31 David Shaw - - * util.h: Add wipememory() macro. - -2002-10-29 Stefan Bellon - - * util.h: Added parameter argument to make_basename() needed for - filetype support. - [__riscos__]: Added prototype. - -2002-10-28 Stefan Bellon - - * util.h [__riscos__]: Added prototypes for new filetype support. - -2002-10-19 David Shaw - - * distfiles, _regex.h: Add _regex.h from glibc 2.3.1. - -2002-10-14 David Shaw - - * keyserver.h: Go to KEYSERVER_PROTO_VERSION 1. - -2002-10-08 David Shaw - - * keyserver.h: Add new error code KEYSERVER_UNREACHABLE. - -2002-10-03 David Shaw - - * util.h: Add new log_warning logger command which can be switched - between log_info and log_error via log_set_strict. - -2002-09-24 David Shaw - - * keyserver.h: Add some new error codes for better GPA support. - -2002-09-10 Werner Koch - - * mpi.h (mpi_is_protected, mpi_set_protect_flag) - (mpi_clear_protect_flag): Removed. - (mpi_get_nbit_info, mpi_set_nbit_info): Removed. - -2002-08-13 David Shaw - - * cipher.h: Add AES aliases for RIJNDAEL algo numbers. - -2002-08-07 David Shaw - - * cipher.h: Add md_algo_present(). - -2002-08-06 Stefan Bellon - - * util.h [__riscos__]: Added riscos_getchar(). - -2002-06-21 Stefan Bellon - - * util.h [__riscos__]: Further moving away of RISC OS specific - stuff from general code. - -2002-06-20 Stefan Bellon - - * util.h [__riscos__]: Added riscos_set_filetype(). - -2002-06-14 David Shaw - - * util.h: Add pop_strlist() from strgutil.c. - -2002-06-07 Stefan Bellon - - * util.h [__riscos__]: RISC OS needs strings.h for strcasecmp() - and strncasecmp(). - -2002-05-22 Werner Koch - - * util.h: Add strncasecmp. Removed stricmp and memicmp. - -2002-05-10 Stefan Bellon - - * mpi.h: New function mpi_debug_alloc_like for M_DEBUG. - - * util.h [__riscos__]: Make use of __func__ that later - Norcroft compiler provides. - - * memory.h: Fixed wrong definition of m_alloc_secure_clear. - -2002-04-23 David Shaw - - * util.h: New function answer_is_yes_no_default() to give a - default answer. - -2002-04-22 Stefan Bellon - - * util.h [__riscos__]: Removed riscos_open, riscos_fopen and - riscos_fstat as those special versions aren't needed anymore. - -2002-02-19 David Shaw - - * keyserver.h: Add KEYSERVER_NOT_SUPPORTED for unsupported actions - (say, a keyserver that has no way to search, or a readonly - keyserver that has no way to add). - -2002-01-02 Stefan Bellon - - * util.h [__riscos__]: Updated prototype list. - - * types.h [__riscos__]: Changed comment wording. - -2001-12-27 David Shaw - - * KEYSERVER_SCHEME_NOT_FOUND should be 127 to match the POSIX - system() (via /bin/sh) way of signaling this. - - * Added G10ERR_KEYSERVER - -2001-12-27 Werner Koch - - * util.h [MINGW32]: Fixed name of include file. - -2001-12-22 Timo Schulz - - * util.h (is_file_compressed): New. - -2001-12-19 Werner Koch - - * util.h [CYGWIN32]: Allow this as an alias for MINGW32. Include - stdarg.h becuase we use the va_list type. By Disastry. - -2001-09-28 Werner Koch - - * cipher.h (PUBKEY_USAGE_CERT): New. - -2001-09-07 Werner Koch - - * util.h: Add strsep(). - -2001-08-30 Werner Koch - - * cipher.h (DEK): Added use_mdc. - -2001-08-24 Werner Koch - - * cipher.h (md_write): Made buf arg const. - -2001-08-20 Werner Koch - - * cipher.h (DEK): Added algo_info_printed; - - * util.h [__riscos__]: Added prototypes and made sure that we - never use __attribute__. - * cipher.h, iobuf.h, memory.h, mpi.h [__riscos__]: extern hack. - * i18n.h [__riscos__]: Use another include file - -2001-05-30 Werner Koch - - * ttyio.h (tty_printf): Add missing parenthesis for non gcc. - * http.h: Removed trailing comma to make old ccs happy. Both are - by Albert Chin. - -2001-05-25 Werner Koch - - * ttyio.h (tty_printf): Add printf attribute. - -2001-04-23 Werner Koch - - * http.h: New flag HTTP_FLAG_NO_SHUTDOWN. - -2001-04-13 Werner Koch - - * iobuf.h: Removed iobuf_fopen. - -2001-03-01 Werner Koch - - * errors.h (G10ERR_UNU_SECKEY,G10ERR_UNU_PUBKEY): New - -2000-11-30 Werner Koch - - * iobuf.h (iobuf_translate_file_handle): Add prototype. - -2000-11-11 Paul Eggert - - * iobuf.h (iobuf_get_filelength): Now returns off_t, not u32. - (struct iobuf_struct, iobuf_set_limit, - iobuf_tell, iobuf_seek): Use off_t, not ulong, for file offsets. - -2000-10-12 Werner Koch - - * mpi.h: Changed the way mpi_limb_t is defined. - -Wed Sep 6 17:55:47 CEST 2000 Werner Koch - - * iobuf.c (IOBUF_FILELENGTH_LIMIT): New. - -2000-03-14 14:03:43 Werner Koch (wk@habibti.openit.de) - - * types.h (HAVE_U64_TYPEDEF): Defined depending on configure test. - -Thu Jan 13 19:31:58 CET 2000 Werner Koch - - * types.h (HAVE_U64_TYPEDEF): Add a test for _LONGLONG which fixes - this long living SGI bug. Reported by Alec Habig. - -Sat Dec 4 12:30:28 CET 1999 Werner Koch - - * iobuf.h (IOBUFCTRL_CANCEL): Nww. - -Mon Oct 4 21:23:04 CEST 1999 Werner Koch - - * errors.h (G10ERR_NOT_PROCESSED): New. - -Wed Sep 15 16:22:17 CEST 1999 Werner Koch - - - * i18n.h: Add support for simple-gettext. - -Tue Jun 29 21:44:25 CEST 1999 Werner Koch - - - * util.h (stricmp): Use strcasecmp as replacement. - -Sat Jun 26 12:15:59 CEST 1999 Werner Koch - - - * cipher.h (MD_HANDLE): Assigned a structure name. - -Fri Apr 9 12:26:25 CEST 1999 Werner Koch - - * cipher.h (BLOWFISH160): Removed. - -Tue Apr 6 19:58:12 CEST 1999 Werner Koch - - * cipher.h (DEK): increased max. key length to 32 bytes - - -Sat Feb 20 21:40:49 CET 1999 Werner Koch - - * g10lib.h: Removed file and changed all files that includes this. - -Tue Feb 16 14:10:02 CET 1999 Werner Koch - - * types.h (STRLIST): Add field flags. - -Wed Feb 10 17:15:39 CET 1999 Werner Koch - - * cipher.h (CIPHER_ALGO_TWOFISH): Chnaged ID to 10 and renamed - the old experimenatl algorithm to xx_OLD. - -Thu Jan 7 18:00:58 CET 1999 Werner Koch - - * cipher.h (MD_BUFFER_SIZE): Removed. - -Mon Dec 14 21:18:49 CET 1998 Werner Koch - - * types.h: fix for SUNPRO_C - -Tue Dec 8 13:15:16 CET 1998 Werner Koch - - * mpi.h (MPI): Changed the structure name to gcry_mpi and - changed all users. - -Tue Oct 20 11:40:00 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.h (iobuf_get_temp_buffer): New. - -Tue Oct 13 12:40:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.h (iobuf_get): Now uses .nofast - (iobuf_get2): Removed. - -Mon Sep 14 09:17:22 1998 Werner Koch (wk@(none)) - - * util.h (HAVE_ATEXIT): New. - (HAVE_RAISE): New. - -Mon Jul 6 10:41:55 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.h (PUBKEY_USAGE_): New. - -Mon Jul 6 09:49:51 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.h (iobuf_set_error): New. - (iobuf_error): New. - -Sat Jun 13 17:31:32 1998 Werner Koch (wk@isil.d.shuttle.de) - - * g10lib.h: New as interface for the g10lib. - -Mon Jun 8 22:14:48 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.h (CIPHER_ALGO_CAST5): Changed name from .. CAST - -Thu May 21 13:25:51 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.h: removed ROT 5 and changed one id and add dummy - -Tue May 19 18:09:05 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.h (DIGEST_ALGO_TIGER): Chnaged id from 101 to 6. - -Mon May 4 16:37:17 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.h (PUBKEY_ALGO_ELGAMAL_E): New, with value of the - old one. - * (is_ELGAMAL, is_RSA): New macros - -Sun Apr 26 14:35:24 1998 Werner Koch (wk@isil.d.shuttle.de) - - * types.h: New type u64 - -Mon Mar 9 12:59:55 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.h: Included dsa.h. - -Tue Mar 3 15:11:21 1998 Werner Koch (wk@isil.d.shuttle.de) - - * cipher.h (random.h): Add new header and move all relevalt - functions to this header. - - - Copyright 1998, 1999, 2000, 2001, 2002, 2003, - 2004, 2005 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/include/ChangeLog-2011 b/include/ChangeLog-2011 new file mode 100644 index 000000000..4ad3a70ab --- /dev/null +++ b/include/ChangeLog-2011 @@ -0,0 +1,672 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2010-09-28 Werner Koch + + * ttyio.h (ttyfp_is, init_ttyfp) [__VMS]: New. + +2009-09-03 Werner Koch + + * util.h (xtryvasprintf): New. + +2009-08-25 Werner Koch + + * compat.h: Add xstrconcat. + +2009-08-11 David Shaw + + * util.h: Add string_to_utf8() from GPA. + +2009-07-21 Werner Koch + + * estream-printf.h: New. Taken from libestream.x + +2009-07-20 Werner Koch + + * types.h (strlist_t): Add new alias for STRLIST. + + * memory.h (xtrymalloc,xtrystrdup): New. + + * util.h: Add prototypes for util/convert.c. + +2009-05-26 David Shaw + + * http.h: Pass in a STRLIST for additional headers on http_open + and http_open_document. + +2009-04-05 David Shaw + + * srv.h: Move from util/srv.h. + +2009-04-02 David Shaw + + * http.h: Allow passing srvtag to http_open and + http_open_document. + +2008-04-17 David Shaw + + * cipher.h: Add the 192-bit variant of Camellia. + +2007-11-29 David Shaw + + * cipher.h: Add the 128-bit variant of Camellia. + +2007-10-23 Werner Koch + + Switched entire package to GPLv3+. + * assuan.h, _regex.h: Just change the address notice. + +2007-08-24 Werner Koch + + * util.h (same_file_p): Add prototype. + +2007-06-13 David Shaw + + * cipher.h (CIPHER_ALGO_CAMELLIA): Add Camellia define. + +2007-04-16 David Shaw + + * util.h (ascii_toupper, ascii_tolower, ascii_strcasecmp, + ascii_strncasecmp): Move functions to compat.h. + +2006-12-11 Werner Koch + + * mpi.h (mpi_is_neg, mpi_get_nlimbs): Replaced macros by function + prototypes. + (struct gcry_mpi): Changed to a forward declaration. + (mpi_limb_t): Moved to ../mpi/mpi-internal.h. + (MPI_NULL): Removed. + (mpi_is_opaque, mpi_is_secure): Implement in terms of mpi_get_flags. + +2006-12-04 Werner Koch + + * iobuf.h (iobuf_t): New. That is the name we use in 2.0. + +2006-09-28 David Shaw + + * compat.h: Move strsep prototype and ascii_isspace macro to from + util.h. + + * compat.h: New, used for libcompat.a functions. + + * util.h: Includes compat.h. + +2006-04-20 David Shaw + + * cipher.h: Add dsa2_generate(); + +2006-04-19 David Shaw + + * cipher.h: Add SHA-224. + +2006-03-16 David Shaw + + * util.h: Handle the fixed IPGP type with fingerprint. + +2006-02-14 Werner Koch + + * errors.h (G10ERR_NO_DATA): New. + +2005-12-23 David Shaw + + * util.h: Prototype get_cert(). + +2005-07-27 Werner Koch + + * memory.h (m_free, m_alloc, m_realloc, m_strdup): Removed and + replaced all over by xfoo functions. This is to ease porting to + gnupg 1.9. + (xmalloc_secure) [M_DEBUG]: Correctly map to m_debug_alloc_secure. + +2005-06-23 David Shaw + + * http.h: Fix prototypes for http_open_document and http_open + again, to handle the new different auth for regular files and + proxies. + +2005-06-21 David Shaw + + * http.h: Fix prototypes for http_open_document and http_open to + pass in auth and proxyauth. + +2005-05-19 Werner Koch + + * util.h: Add definitions for membuf functions. + +2005-05-05 David Shaw + + * util.h: Remove add_days_to_timestamp as unused. + +2005-04-22 David Shaw + + * distfiles: Add assuan.h. + +2005-04-04 Werner Koch + + * memory.h (xcalloc, xcalloc_secure): Replaced macros by functions. + +2005-03-31 Werner Koch + + * assuan.h: New. Taken from libassuan 0.6.9. + +2005-03-18 David Shaw + + * ttyio.h: Prototype tty_enable_completion(), and + tty_disable_completion(). + +2005-02-09 David Shaw + + * cipher.h: Add a flag for a symmetric DEK. + +2004-12-16 David Shaw + + * memory.h: Return a flag to indicate whether we got the lock. + +2004-11-29 David Shaw + + * cipher.h: Add PUBKEY_USAGE_UNKNOWN. + +2004-11-03 Timo Schulz + + * errors.h: Add w32_strerror prototype. + * dynload.h: Use w32_strerror. + +2004-10-27 Werner Koch + + * dynload.h: Always use it for _WIN32. + +2004-10-21 Werner Koch + + * util.h [!HAVE_VASPRINTF]: Removed prototype. + +2004-10-15 Werner Koch + + * util.h [!HAVE_VASPRINTF]: Add asprintf prototype. + +2004-10-13 David Shaw + + * keyserver.h: Add KEYSERVER_TIMEOUT. + +2004-09-30 David Shaw + + * util.h: Prototype destroy_dotlock(). From Werner on stable + branch. + +2004-09-10 David Shaw + + * http.h: Add auth field for a parsed_uri to allow for basic auth. + +2004-09-09 Werner Koch + + * errors.h (G10ERR_NO_CARD, G10ERR_CANCELED): New error codes. + +2004-04-27 Werner Koch + + * mpi.h: Renamed prototype parameter name to avoid gcc warnings. + +2004-03-04 David Shaw + + * iobuf.h: Remove iobuf_set_block_mode() and + iobuf_in_block_mode(). + +2004-02-21 David Shaw + + * util.h: Prototype for hextobyte(). + +2004-01-16 David Shaw + + * cipher.h: Remove the old CIPHER_ALGO_RINJDAEL values. + is_ELGAMAL() now only matches type 16 and not type 20. + +2004-01-15 David Shaw + + * util.h: Add prototype for print_string2(). + +2003-12-28 David Shaw + + * http.h: Pass the http proxy from outside rather than pulling it + from the evironment. + +2003-12-28 Stefan Bellon + + * util.h [__riscos__]: Removal of unnecessary RISC OS stuff. + +2003-12-17 David Shaw + + * mpi.h (gcry_mpi, mpi_get_opaque, mpi_set_opaque): Make nbits and + the length of an opaque MPI unsigned. + + * cipher.h (pubkey_verify): Remove old unused code. + +2003-12-03 David Shaw + + * cipher.h: Make cipher list match 2440bis-09. + +2003-11-20 David Shaw + + * util.h: Add prototype for match_multistr(). + +2003-10-31 David Shaw + + * cipher.h: Add COMPRESS_ALGO_BZIP2. + +2003-10-04 Timo Schulz + + * dynload [WIN32] (dlclose): Do not use CloseHandle but FreeLibrary. + +2003-09-29 Werner Koch + + * cipher.h (PUBKEY_USAGE_AUTH): New. + +2003-09-28 Timo Schulz + + * util.h [WIN32]: Prototype for asprintf. + * dynload.h [WIN32]: Define RTLD_LAZY. + +2003-09-28 Werner Koch + + * util.h: Add the atoi_* and xtoi_* suite of macros from 1.9. + * dynload.h: New. Taken from 1.9. + +2003-09-27 Werner Koch + + * memory.h (xmalloc): Define xmalloc macros in terms of m_alloc. + +2003-09-04 David Shaw + + * cipher.h: Drop TIGER/192 support. + +2003-08-28 David Shaw + + * util.h: s/__MINGW32__/_WIN32/ to help building on native Windows + compilers. Requested by Brian Gladman. From Werner on stable + branch. + +2003-07-10 David Shaw + + * types.h: Prefer using uint64_t when creating a 64-bit unsigned + type. This avoids a warning on compilers that support but complain + about unsigned long long. + + * util.h (ascii_isspace): New variation on isspace() that is + immune from locale changes. + + * util.h: Make sure that only ascii is passed to isfoo + functions. (From Werner on stable branch). + +2003-05-24 David Shaw + + * cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: + Edit all preprocessor instructions to remove whitespace before the + '#'. This is not required by C89, but there are some compilers + out there that don't like it. + +2003-05-14 David Shaw + + * types.h: Add initializer macros for 64-bit unsigned type. + +2003-05-02 David Shaw + + * cipher.h: Add constants for compression algorithms. + +2003-03-11 David Shaw + + * http.h: Add HTTP_FLAG_TRY_SRV. + +2003-02-11 David Shaw + + * types.h: Try and use uint64_t for a 64-bit type. + +2003-02-04 David Shaw + + * cipher.h: Add constants for new SHAs. + +2002-11-13 David Shaw + + * util.h [__CYGWIN32__]: Don't need the registry prototypes. From + Werner on stable branch. + +2002-11-06 David Shaw + + * util.h: Add wipememory2() macro (same as wipememory, but can + specify the byte to wipe with). + +2002-10-31 Stefan Bellon + + * util.h [__riscos__]: Prefixed all RISC OS prototypes with + riscos_* + + * zlib-riscos.h: New. This is macro magic in order to make the + zlib library calls indeed call the RISC OS ZLib module. + +2002-10-31 David Shaw + + * util.h: Add wipememory() macro. + +2002-10-29 Stefan Bellon + + * util.h: Added parameter argument to make_basename() needed for + filetype support. + [__riscos__]: Added prototype. + +2002-10-28 Stefan Bellon + + * util.h [__riscos__]: Added prototypes for new filetype support. + +2002-10-19 David Shaw + + * distfiles, _regex.h: Add _regex.h from glibc 2.3.1. + +2002-10-14 David Shaw + + * keyserver.h: Go to KEYSERVER_PROTO_VERSION 1. + +2002-10-08 David Shaw + + * keyserver.h: Add new error code KEYSERVER_UNREACHABLE. + +2002-10-03 David Shaw + + * util.h: Add new log_warning logger command which can be switched + between log_info and log_error via log_set_strict. + +2002-09-24 David Shaw + + * keyserver.h: Add some new error codes for better GPA support. + +2002-09-10 Werner Koch + + * mpi.h (mpi_is_protected, mpi_set_protect_flag) + (mpi_clear_protect_flag): Removed. + (mpi_get_nbit_info, mpi_set_nbit_info): Removed. + +2002-08-13 David Shaw + + * cipher.h: Add AES aliases for RIJNDAEL algo numbers. + +2002-08-07 David Shaw + + * cipher.h: Add md_algo_present(). + +2002-08-06 Stefan Bellon + + * util.h [__riscos__]: Added riscos_getchar(). + +2002-06-21 Stefan Bellon + + * util.h [__riscos__]: Further moving away of RISC OS specific + stuff from general code. + +2002-06-20 Stefan Bellon + + * util.h [__riscos__]: Added riscos_set_filetype(). + +2002-06-14 David Shaw + + * util.h: Add pop_strlist() from strgutil.c. + +2002-06-07 Stefan Bellon + + * util.h [__riscos__]: RISC OS needs strings.h for strcasecmp() + and strncasecmp(). + +2002-05-22 Werner Koch + + * util.h: Add strncasecmp. Removed stricmp and memicmp. + +2002-05-10 Stefan Bellon + + * mpi.h: New function mpi_debug_alloc_like for M_DEBUG. + + * util.h [__riscos__]: Make use of __func__ that later + Norcroft compiler provides. + + * memory.h: Fixed wrong definition of m_alloc_secure_clear. + +2002-04-23 David Shaw + + * util.h: New function answer_is_yes_no_default() to give a + default answer. + +2002-04-22 Stefan Bellon + + * util.h [__riscos__]: Removed riscos_open, riscos_fopen and + riscos_fstat as those special versions aren't needed anymore. + +2002-02-19 David Shaw + + * keyserver.h: Add KEYSERVER_NOT_SUPPORTED for unsupported actions + (say, a keyserver that has no way to search, or a readonly + keyserver that has no way to add). + +2002-01-02 Stefan Bellon + + * util.h [__riscos__]: Updated prototype list. + + * types.h [__riscos__]: Changed comment wording. + +2001-12-27 David Shaw + + * KEYSERVER_SCHEME_NOT_FOUND should be 127 to match the POSIX + system() (via /bin/sh) way of signaling this. + + * Added G10ERR_KEYSERVER + +2001-12-27 Werner Koch + + * util.h [MINGW32]: Fixed name of include file. + +2001-12-22 Timo Schulz + + * util.h (is_file_compressed): New. + +2001-12-19 Werner Koch + + * util.h [CYGWIN32]: Allow this as an alias for MINGW32. Include + stdarg.h becuase we use the va_list type. By Disastry. + +2001-09-28 Werner Koch + + * cipher.h (PUBKEY_USAGE_CERT): New. + +2001-09-07 Werner Koch + + * util.h: Add strsep(). + +2001-08-30 Werner Koch + + * cipher.h (DEK): Added use_mdc. + +2001-08-24 Werner Koch + + * cipher.h (md_write): Made buf arg const. + +2001-08-20 Werner Koch + + * cipher.h (DEK): Added algo_info_printed; + + * util.h [__riscos__]: Added prototypes and made sure that we + never use __attribute__. + * cipher.h, iobuf.h, memory.h, mpi.h [__riscos__]: extern hack. + * i18n.h [__riscos__]: Use another include file + +2001-05-30 Werner Koch + + * ttyio.h (tty_printf): Add missing parenthesis for non gcc. + * http.h: Removed trailing comma to make old ccs happy. Both are + by Albert Chin. + +2001-05-25 Werner Koch + + * ttyio.h (tty_printf): Add printf attribute. + +2001-04-23 Werner Koch + + * http.h: New flag HTTP_FLAG_NO_SHUTDOWN. + +2001-04-13 Werner Koch + + * iobuf.h: Removed iobuf_fopen. + +2001-03-01 Werner Koch + + * errors.h (G10ERR_UNU_SECKEY,G10ERR_UNU_PUBKEY): New + +2000-11-30 Werner Koch + + * iobuf.h (iobuf_translate_file_handle): Add prototype. + +2000-11-11 Paul Eggert + + * iobuf.h (iobuf_get_filelength): Now returns off_t, not u32. + (struct iobuf_struct, iobuf_set_limit, + iobuf_tell, iobuf_seek): Use off_t, not ulong, for file offsets. + +2000-10-12 Werner Koch + + * mpi.h: Changed the way mpi_limb_t is defined. + +Wed Sep 6 17:55:47 CEST 2000 Werner Koch + + * iobuf.c (IOBUF_FILELENGTH_LIMIT): New. + +2000-03-14 14:03:43 Werner Koch (wk@habibti.openit.de) + + * types.h (HAVE_U64_TYPEDEF): Defined depending on configure test. + +Thu Jan 13 19:31:58 CET 2000 Werner Koch + + * types.h (HAVE_U64_TYPEDEF): Add a test for _LONGLONG which fixes + this long living SGI bug. Reported by Alec Habig. + +Sat Dec 4 12:30:28 CET 1999 Werner Koch + + * iobuf.h (IOBUFCTRL_CANCEL): Nww. + +Mon Oct 4 21:23:04 CEST 1999 Werner Koch + + * errors.h (G10ERR_NOT_PROCESSED): New. + +Wed Sep 15 16:22:17 CEST 1999 Werner Koch + + + * i18n.h: Add support for simple-gettext. + +Tue Jun 29 21:44:25 CEST 1999 Werner Koch + + + * util.h (stricmp): Use strcasecmp as replacement. + +Sat Jun 26 12:15:59 CEST 1999 Werner Koch + + + * cipher.h (MD_HANDLE): Assigned a structure name. + +Fri Apr 9 12:26:25 CEST 1999 Werner Koch + + * cipher.h (BLOWFISH160): Removed. + +Tue Apr 6 19:58:12 CEST 1999 Werner Koch + + * cipher.h (DEK): increased max. key length to 32 bytes + + +Sat Feb 20 21:40:49 CET 1999 Werner Koch + + * g10lib.h: Removed file and changed all files that includes this. + +Tue Feb 16 14:10:02 CET 1999 Werner Koch + + * types.h (STRLIST): Add field flags. + +Wed Feb 10 17:15:39 CET 1999 Werner Koch + + * cipher.h (CIPHER_ALGO_TWOFISH): Chnaged ID to 10 and renamed + the old experimenatl algorithm to xx_OLD. + +Thu Jan 7 18:00:58 CET 1999 Werner Koch + + * cipher.h (MD_BUFFER_SIZE): Removed. + +Mon Dec 14 21:18:49 CET 1998 Werner Koch + + * types.h: fix for SUNPRO_C + +Tue Dec 8 13:15:16 CET 1998 Werner Koch + + * mpi.h (MPI): Changed the structure name to gcry_mpi and + changed all users. + +Tue Oct 20 11:40:00 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.h (iobuf_get_temp_buffer): New. + +Tue Oct 13 12:40:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.h (iobuf_get): Now uses .nofast + (iobuf_get2): Removed. + +Mon Sep 14 09:17:22 1998 Werner Koch (wk@(none)) + + * util.h (HAVE_ATEXIT): New. + (HAVE_RAISE): New. + +Mon Jul 6 10:41:55 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.h (PUBKEY_USAGE_): New. + +Mon Jul 6 09:49:51 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.h (iobuf_set_error): New. + (iobuf_error): New. + +Sat Jun 13 17:31:32 1998 Werner Koch (wk@isil.d.shuttle.de) + + * g10lib.h: New as interface for the g10lib. + +Mon Jun 8 22:14:48 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.h (CIPHER_ALGO_CAST5): Changed name from .. CAST + +Thu May 21 13:25:51 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.h: removed ROT 5 and changed one id and add dummy + +Tue May 19 18:09:05 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.h (DIGEST_ALGO_TIGER): Chnaged id from 101 to 6. + +Mon May 4 16:37:17 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.h (PUBKEY_ALGO_ELGAMAL_E): New, with value of the + old one. + * (is_ELGAMAL, is_RSA): New macros + +Sun Apr 26 14:35:24 1998 Werner Koch (wk@isil.d.shuttle.de) + + * types.h: New type u64 + +Mon Mar 9 12:59:55 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.h: Included dsa.h. + +Tue Mar 3 15:11:21 1998 Werner Koch (wk@isil.d.shuttle.de) + + * cipher.h (random.h): Add new header and move all relevalt + functions to this header. + + + Copyright 1998, 1999, 2000, 2001, 2002, 2003, + 2004, 2005 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/intl/ChangeLog b/intl/ChangeLog deleted file mode 100644 index a1e3707ed..000000000 --- a/intl/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2006-11-27 GNU - - * Version 0.16.1 released. - diff --git a/intl/ChangeLog-2011 b/intl/ChangeLog-2011 new file mode 100644 index 000000000..590c8eec0 --- /dev/null +++ b/intl/ChangeLog-2011 @@ -0,0 +1,10 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2006-11-27 GNU + + * Version 0.16.1 released. diff --git a/keyserver/ChangeLog b/keyserver/ChangeLog deleted file mode 100644 index 302138daa..000000000 --- a/keyserver/ChangeLog +++ /dev/null @@ -1,1307 +0,0 @@ -2011-08-09 Werner Koch - - * gpgkeys_hkp.c (srv_replace): Remove unused var. - -2009-09-02 Werner Koch - - * Makefile.am (gpgkeys_curl_SOURCES, gpgkeys_ldap_SOURCES) - (gpgkeys_finger_SOURCES): Add ksmalloc.c only with non-faked cURL. - -2009-08-25 Werner Koch - - * ksmalloc.c: New - (xtrymalloc, xfree): New. - * Makefile.am (gpgkeys_ldap_SOURCES, gpgkeys_curl_SOURCES): - (gpgkeys_hkp_SOURCES): Add ksmalloc.c. - * gpgkeys_hkp.c, gpgkeys_ldap.c: s/malloc/xtrymalloc/. - -2009-07-06 David Shaw - - * gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the - DNS-SD names ("pgpkey-http" and "pgpkey-https") in SRV lookups - instead of "hkp" and "hkps". - -2009-06-24 Werner Koch - - * gpgkeys_ldap.c (send_key): Do not loop over a NULL modlist in - fail. Reported by Fabian Keil. - -2009-06-09 David Shaw - - * Makefile.am (gpgkeys_hkp_LDADD): Need DNSLIBS for the resolver - now that we're using SRVs. - -2009-05-27 David Shaw - - * gpgkeys_hkp.c (srv_replace): Fix build warning. - -2009-05-26 David Shaw - - * curl-shim.c (curl_slist_append, curl_slist_free_all): New. - Simple wrappers around STRLIST to emulate the curl way of doing - string lists. - (curl_easy_setopt): Handle the curl HTTPHEADER option. - - * gpgkeys_curl.c, gpgkeys_hkp.c (main): Avoid caches to get the - most recent copy of the key. This is bug #1061. - -2009-05-03 David Shaw - - * gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather - than the ugly ?from= syntax. - -2009-04-20 David Shaw - - * gpgkeys_hkp.c (srv_replace): New function to transform a SRV - hostname to a real hostname. - (main): Call it from here for the HAVE_LIBCURL case (without - libcurl is handled via the curl-shim). - -2009-04-02 David Shaw - - * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): - Add a CURLOPT_SRVTAG_GPG_HACK (passed through the the http - engine). - -2009-04-01 David Shaw - - * gpgkeys_hkp.c (main): Switch default port for SSLized HKP to - 443 (i.e. the regular https port). - -2009-02-03 David Shaw - - * gpgkeys_hkp.c (send_key, get_key, get_name, search_key, main): - Add support for SSLized HKP. - -2008-11-18 David Shaw - - * curl-shim.h, gpgkeys_curl.c, gpgkeys_hkp.c (main): Always show - curl version (even for curl-shim). - -2008-11-18 Werner Koch - - * gpgkeys_curl.c (main): Print curl version according to GNU standards. - * gpgkeys_hkp.c (main): Ditto. - * curl-shim.h (curl_is_gnupg_curl_shim): New. - -2008-11-18 David Shaw - - * curl-shim.h (curl_version): No need to provide a version for - curl-shim as it always matches the GnuPG version. - - * gpgkeys_curl.c, gpgkeys_hkp.c (main): Show which version of curl - we're using as part of --version. - - * gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_hkp.c, - gpgkeys_ldap.c (show_help): Document --version. - -2008-04-14 David Shaw - - * gpgkeys_curl.c (main), gpgkeys_hkp.c (main): Make sure all - libcurl number options are passed as long. - - * curl-shim.c (curl_easy_setopt): Minor tweak to match the real - curl better - libcurl uses 'long', not 'unsigned int'. - -2008-03-25 Werner Koch - - * gpgkeys_ldap.c (build_attrs): Take care of char defaulting to - unsigned when using hextobyte. - -2007-12-17 David Shaw - - * Makefile.am: Fix compile error when libcurl is in a nonstandard - location. - -2007-07-28 David Shaw - - * gpgkeys_ldap.c (main): Fix bug in setting up whether to verify - peer SSL cert. This used to work with older OpenLDAP, but is now - more strictly handled. - -2007-07-27 David Shaw - - * gpgkeys_ldap.c: Fix build warning with mozldap. - - * gpgkeys_ldap.c (search_key, main): Fix bug where searching for - foo bar (no quotes) on the command line resulted in searching for - "foo\2Abar" due to LDAP quoting. The proper search is "foo*bar". - -2007-04-16 David Shaw - - * gpgkeys_hkp.c (main): Show curl or fake-curl version string. - - * Makefile.am: Link with libcompat.a for ascii_str(n)casecmp. - - * gpgkeys_curl.c, gpgkeys_ldap.c, gpgkeys_hkp.c, ksutil.c: Rename - all str(n)casecmp to ascii_str(n)casecmp. We want the - locale-independent ones here. - -2007-03-13 David Shaw - - * gpgkeys_curl.c (main): Use curl_version_info to verify that the - protocol we're about to use is actually available. - - * curl-shim.h, curl-shim.c (curl_free): Make into a macro. - (curl_version_info): New. Only advertises "http" for our shim, of - course. - -2007-02-10 David Shaw - - * gpgkeys_ldap.c (send_key): Missing a free(). - - * curl-shim.c (curl_easy_perform): Some debugging items that may - be handy. - -2007-01-16 David Shaw - - * curl-shim.h, curl-shim.c, gpgkeys_hkp.c: Rename curl_escape() to - curl_easy_escape() to match cURL. - -2007-01-15 David Shaw - - * gpgkeys_hkp.c (send_key): Allow GPG to send any armored key line - length without problems. Reported by Felix von Leitner. - -2006-12-03 David Shaw - - * ksutil.c (classify_ks_search): Try and recognize a key ID even - without the 0x prefix. This isn't exact (it's possible that a - user ID string happens to be 8 or 16 digits of hex), but it's - extremely unlikely. Plus GPG itself makes the same assumption. - - * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be - present when searching by keyID. - -2006-11-05 David Shaw - - * gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change. - Key-not-found still has a HTML response. - -2006-10-19 David Shaw - - * gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see - HTML coming back from a MR hkp query. - -2006-09-28 David Shaw - - * Makefile.am: Link gpgkeys_ldap to libcompat.a. - - * gpgkeys_ldap.c, ksutil.h, ksutil.c: Remove hextobyte instead of - ks_hextobyte as it is provided by libcompat now. - - * gpgkeys_ldap.c (build_attrs), ksutil.c (ks_toupper, - ks_strcasecmp), ksutil.h: Remove the need for strcasecmp as the - field tags are always lowercase. - -2006-09-26 Werner Koch - - * gpgkeys_finger.c (get_key): Cast away signed/unsigned char ptr - mismatches. - - * ksutil.c (ks_hextobyte, ks_toupper, ks_strcasecmp): New. Use - them instead of there ascii_foo counterparts. - * gpgkeys_ldap.c (main): Replaced BUG by assert. - - * gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c, ksutil.c: - * ksutil.h: Add special license exception for OpenSSL. This helps - to avoid license conflicts if OpenLDAP or cURL is linked against - OpenSSL and we would thus indirectly link to OpenSSL. This is - considered a bug fix and forgives all possible violations, - pertaining to this issue, possibly occured in the past. - -2006-07-26 David Shaw - - * Makefile.am: Fix missing include path for gpgkeys_finger (needs - the libcurl path, even though it doesn't use libcurl because of - ksutil.c:curl_err_to_gpg_err(). Noted by Gilbert Fernandes. - -2006-07-20 David Shaw - - * curl-shim.c (curl_easy_perform): Minor cleanup of proxy code. - -2006-07-16 David Shaw - - * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, - send_key_keyserver): Improved version of previous fix. Force - match on spaces in string. - -2006-07-14 David Shaw - - * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, - send_key_keyserver): Fix string matching problem when the ascii - armored form of the key happens to match "KEY" at the beginning of - the line. - -2006-07-12 David Shaw - - * gpgkeys_ldap.c (printquoted), curl-shim.c (curl_escape): Fix bad - encoding of characters > 127. Noted by Nalin Dahyabhai. - -2006-04-26 David Shaw - - * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed. - - * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any - longer as this is done via curl or fake-curl. - - * ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor - #include tweaks as FAKE_CURL is no longer meaningful. - -2006-04-10 David Shaw - - * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote - directly into place rather than mallocing temporary buffers. - - * gpgkeys_ldap.c (get_name): Build strings with strcat rather than - using sprintf which is harder to read and modify. - - * ksutil.h, ksutil.c (classify_ks_search): Add - KS_SEARCH_KEYID_SHORT and KS_SEARCH_KEYID_LONG to search for a key - ID. - - * gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID - searches to pgpKeyID or pgpCertID. - -2006-03-27 David Shaw - - * gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so - they use the regular old API that is compatible with other LDAP - libraries. - -2006-03-03 David Shaw - - * gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP - libraries that have TLS. - -2006-02-23 David Shaw - - * ksutil.c (init_ks_options): Default include-revoked and - include-subkeys to on, as gpg isn't doing this any longer. - -2006-02-22 David Shaw - - * gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut - down on odd matches. - -2006-02-21 David Shaw - - * gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't - allow duplicate attributes as OpenLDAP is now enforcing this. - - * gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass - credentials to a remote LDAP server. - - * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, - curl_easy_perform): Mingw has 'stderr' as a macro? - - * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, - curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for - easier debugging. - -2006-01-16 David Shaw - - * gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST - when uploading a key. - -2005-12-23 David Shaw - - * ksutil.h, ksutil.c (parse_ks_options): New keyserver command - "getname". - - * gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): - Use it here to do direct name (rather than key ID) fetches. - -2005-12-19 David Shaw - - * ksutil.h, ksutil.c (curl_armor_writer, curl_writer, - curl_writer_finalize): New functionality to handle binary format - keys by armoring them for input to GPG. - - * gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here. - -2005-12-07 David Shaw - - * gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better - language for the key-not-found error. - - * ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and - CURLE_COULDNT_CONNECT. - - * gpgkeys_curl.c (get_key): Give key-not-found error if no data is - found (or file itself is not found) during a fetch. - -2005-12-06 David Shaw - - * curl-shim.c (curl_easy_perform): Fix build warning (code before - declaration). - -2005-11-02 David Shaw - - * gpgkeys_hkp.c (search_key): Fix warning with typecast (though - curl should really have defined that char * as const). - -2005-08-25 David Shaw - - * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and - exact-email. - (classify_ks_search): Mimic the gpg search modes instead with *, - =, <, and @. - - * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call - them here. Suggested by Jason Harris. - -2005-08-18 David Shaw - - * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option - exact-name. The last of exact-name and exact-email overrides the - earlier. - - * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it - here to do a name-only search. - - * gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP. - - * gpgkeys_ldap.c (search_key): Use it here to escape reserved - characters in searches. - -2005-08-17 David Shaw - - * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option - exact-email. - - * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it - here to do an email-only search. - -2005-08-08 David Shaw - - * Makefile.am: Include LDAP_CPPFLAGS when building LDAP. - -2005-08-03 David Shaw - - * gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show - version of curl (or curl-shim) when debug is set. - -2005-07-20 David Shaw - - * gpgkeys_curl.c (get_key, main): Don't try and be smart about - what protocols we handle. Directly pass them to curl or fake-curl - and see if an error comes back. - - * curl-shim.h, curl-shim.c (handle_error), ksutil.c - (curl_err_to_gpg_err): Add support for CURLE_UNSUPPORTED_PROTOCOL - in fake curl. - - * Makefile.am: Don't need -DFAKE_CURL any longer since it's in - config.h. - -2005-06-23 David Shaw - - * gpgkeys_mailto.in, gpgkeys_test.in: Use @VERSION@ so version - string stays up to date. - - * gpgkeys_http.c: Don't need to define HTTP_PROXY_ENV here since - it's in ksutil.h. - - * gpgkeys_curl.c (get_key, main), gpgkeys_hkp.c (main): Pass AUTH - values to curl or curl-shim. - - * curl-shim.c (curl_easy_perform), gpgkeys_curl.c (main), - gpgkeys_hkp.c (main): Use curl-style proxy semantics. - - * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): - Add CURLOPT_USERPWD option for HTTP auth. - - * gpgkeys_http.c (get_key), gpgkeys_oldhkp (send_key, get_key, - search_key): No longer need to pass a proxyauth. - - * gpgkeys_http.c (get_key): Pass auth outside of the URL. - -2005-06-21 David Shaw - - * gpgkeys_http.c (get_key), gpgkeys_oldhkp.c (send_key, get_key, - search_key): Fix http_open/http_open_document calls to pass NULL - for auth and proxyauth since these programs pass them in the URL. - -2005-06-20 David Shaw - - * gpgkeys_hkp.c (append_path, send_key, get_key, search_key, - main), gpgkeys_oldhkp.c (main): Properly handle double slashes in - paths. - -2005-06-05 David Shaw - - * ksutil.c (init_ks_options, parse_ks_options): Provide a default - "/" path unless overridden by the config. Allow config to specify - items multiple times and take the last specified item. - -2005-06-04 David Shaw - - * gpgkeys_hkp.c, gpgkeys_oldhkp.c: Add support for HKP servers - that aren't at the root path. Suggested by Jack Bates. - -2005-06-01 David Shaw - - * ksutil.c [HAVE_DOSISH_SYSTEM]: Fix warnings on mingw32. Noted - by Joe Vender. - -2005-05-04 David Shaw - - * ksutil.h, ksutil.c: #ifdef so we can build without libcurl or - fake-curl. - -2005-05-03 David Shaw - - * gpgkeys_http.c: Need GET defined. - -2005-05-01 David Shaw - - * gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup - and comments as to the size of MAX_LINE and MAX_URL. - -2005-04-16 David Shaw - - * gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim. - - * Makefile.am: Build new gpgkeys_hkp. - - * curl-shim.c (curl_easy_perform): Cleanup. - - * ksutil.h, ksutil.c (curl_writer), gpgkeys_curl.c (get_key): Pass - a context to curl_writer so we can support multiple fetches in a - single session. - - * curl-shim.h, curl-shim.c (handle_error, curl_easy_setopt, - curl_easy_perform): Add POST functionality to the curl shim. - - * curl-shim.h, curl-shim.c (curl_escape, curl_free): Emulate - curl_escape and curl_free. - - * gpgkeys_curl.c (main): If the http-proxy option is given without - any arguments, try to get the proxy from the environment. - - * ksutil.h, ksutil.c (curl_err_to_gpg_err, curl_writer): Copy from - gpgkeys_curl.c. - - * gpgkeys_oldhkp.c: Copy from gpgkeys_hkp.c. - -2005-03-22 David Shaw - - * gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from - gpgkeys_ldap.c. Print a string, but strip out any CRs. - - * gpgkeys_finger.c (get_key), gpgkeys_hkp.c (get_key), - gpgkeys_http.c (get_key): Use it here when outputting key material - to canonicalize line endings. - -2005-03-19 David Shaw - - * gpgkeys_ldap.c (main): Fix three wrong calls to fail_all(). - Noted by Stefan Bellon. - -2005-03-17 David Shaw - - * ksutil.c (parse_ks_options): Handle verbose=nnn. - - * Makefile.am: Calculate GNUPG_LIBEXECDIR directly. Do not - redefine $libexecdir. - - * gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using - parse_ks_options and remove a lot of common code. - - * ksutil.h, ksutil.c (parse_ks_options): Parse OPAQUE, and default - debug with no arguments to 1. - -2005-03-16 David Shaw - - * gpgkeys_ldap.c: Include lber.h if configure determines we need - it. - - * ksutil.h, ksutil.c (ks_action_to_string): New. - (free_ks_options): Only free if options exist. - - * ksutil.h, ksutil.c (init_ks_options, free_ks_options, - parse_ks_options): Pull a lot of duplicated code into a single - options parser for all keyserver helpers. - -2005-02-11 David Shaw - - * curl-shim.c (curl_easy_perform): Fix compile warning. - - * curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add - ca-cert-file option, to pass in the SSL cert. - - * curl-shim.h, curl-shim.c: New. This is code to fake the curl - API in terms of the current HTTP iobuf API. - - * gpgkeys_curl.c [FAKE_CURL], Makefile.am: If FAKE_CURL is set, - link with the iobuf code rather than libcurl. - -2005-02-05 David Shaw - - * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version - output. - - * gpgkeys_curl.c (main): Make sure the curl handle is cleaned up - on failure. - -2005-02-01 David Shaw - - * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing - http_close() calls. Noted by Phil Pennock. - - * ksutil.h: Up the default timeout to two minutes. - -2005-01-24 David Shaw - - * gpgkeys_ldap.c (print_nocr): New. - (get_key): Call it here to canonicalize line endings. - - * gpgkeys_curl.c (writer): Discard everything outside the BEGIN - and END lines when retrieving keys. Canonicalize line endings. - (main): Accept FTPS. - -2005-01-21 David Shaw - - * gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL - certificate checking (which is on by default). - - * gpgkeys_curl.c (main): Add "debug" option to match the LDAP - helper. Add "check-cert" option to disable SSL certificate - checking (which is on by default). - -2005-01-18 David Shaw - - * gpgkeys_curl.c: Fix typo. - -2005-01-18 Werner Koch - - * gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with - the W32 defined macro. Removed unneeded initialization of static - variables. - * gpgkeys_http.c: Ditto. - * ksutil.h: s/MAX_PATH/URLMAX_PATH/. - -2005-01-17 David Shaw - - * gpgkeys_curl.c (main): Only allow specified protocols to use the - curl handler. - - * Makefile.am: Use LIBCURL_CPPFLAGS instead of LIBCURL_INCLUDES. - -2005-01-13 David Shaw - - * ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c, - gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup. Move all - the various defines to ksutil.h. - - * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: - Part 1 of a minor cleanup to use #defines instead of hard-coded - sizes. - - * gpgkeys_finger.c (connect_server): Use INADDR_NONE instead of - SOCKET_ERROR. Noted by Timo. - -2005-01-09 David Shaw - - * gpgkeys_curl.c (get_key): Newer versions of libcurl don't define - TRUE. - -2004-12-24 David Shaw - - * gpgkeys_curl.c (main): Use new defines for opting out of certain - transfer protocols. Allow setting HTTP proxy via "http-proxy=foo" - option (there is natural support in libcurl for the http_proxy - environment variable). - - * Makefile.am: Remove the conditional since this is all handled in - autoconf now. - -2004-12-22 David Shaw - - * gpgkeys_curl.c (main): New "follow-redirects" option. Takes an - optional numeric value for the maximum number of redirects to - allow. Defaults to 5. - - * gpgkeys_curl.c (main), gpgkeys_finger.c (main), gpgkeys_hkp.c - (main), gpgkeys_http.c (main), gpgkeys_ldap.c (main): Make sure - that a "timeout" option passed with no arguments is properly - handled. - - * gpgkeys_curl.c (get_key, writer): New function to wrap around - fwrite to avoid DLL access problem on win32. - - * gpgkeys_http.c (main, get_key): Properly pass authentication - info through to the http library. - - * Makefile.am: Build gpgkeys_http or gpgkeys_curl as needed. - - * gpgkeys_curl.c (main, get_key): Minor tweaks to work with either - FTP or HTTP. - - * gpgkeys_ftp.c: renamed to gpgkeys_curl.c. - - * gpgkeys_ftp.c (main, get_key): Use auth data as passed by gpg. - Use CURLOPT_FILE instead of CURLOPT_WRITEDATA (same option, but - backwards compatible). - -2004-12-21 David Shaw - - * gpgkeys_ftp.c: New. - - * Makefile.am: Build it if requested. - -2004-12-14 Werner Koch - - * Makefile.am (install-exec-hook, uninstall-hook): Removed. For - Windows reasons we can't use the symlink trick. - -2004-12-03 David Shaw - - * Makefile.am: The harmless "ignored error" on gpgkeys_ldap - install on top of an existing install is bound to confuse people. - Use ln -s -f to force the overwrite. - -2004-10-28 David Shaw - - * gpgkeys_finger.c [_WIN32] (connect_server): Fix typo. - -2004-10-28 Werner Koch - - * Makefile.am (other_libs): New. Also include LIBICONV. Noted by - Tim Mooney. - -2004-10-28 Werner Koch - - * Makefile.am (other_libs): - -2004-10-18 David Shaw - - * gpgkeys_hkp.c (send_key, get_key, search_key): Use "hkp" instead - of "x-hkp" so it can be used as a SRV tag. - -2004-10-16 David Shaw - - * gpgkeys_finger.c [_WIN32] (connect_server): Fix typo. - -2004-10-15 Werner Koch - - * gpgkeys_ldap.c (main, show_help): Kludge to implement standard - GNU options. Factored help printing out. - * gpgkeys_finger.c (main, show_help): Ditto. - * gpgkeys_hkp.c (main, show_help): Ditto. - * gpgkeys_http.c (main, show_help): Ditto. - * gpgkeys_test.in, gpgkeys_mailto.in: Implement --version and --help. - - * Makefile.am: Add ksutil.h. - -2004-10-14 David Shaw - - * gpgkeys_finger.c (main): We do not support relay fingering - (i.e. "finger://relayhost/user@example.com"), but finger URLs are - occasionally miswritten that way. Give an error in this case. - -2004-10-14 Werner Koch - - * gpgkeys_finger.c (get_key): s/unsigned char/byte/ due - to a strange typedef for RISC OS. Noted by Stefan. - -2004-10-13 David Shaw - - * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c - (main), gpgkeys_finger.c (main): Call timeout functions before - performing an action that could block for a long time. - - * ksutil.h, ksutil.c: New. Right now just contains timeout - functions. - -2004-10-11 David Shaw - - * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: - Fix a few occurances of "filename" to `filename'. - -2004-10-11 Werner Koch - - * gpgkeys_finger.c: New. - -2004-08-27 Stefan Bellon - - * gpgkeys_hkp.c (search_key): Fix the prior faulty fix by - introducing a cast but leaving skey unsigned. - - * gpgkeys_hkp.c (search_key): Change type of variable skey from - unsigned char* to char* to fix type incompatibility. - -2004-08-23 David Shaw - - * gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key, - search_key), gpgkeys_http.c (get_key): Do not give informational - logs since this is now done inside gpg. - - * gpgkeys_hkp.c (dehtmlize): Understand the quote character - (i.e. """) in HTML responses. - (search_key): Search key must be unsigned for url encoder to work - properly for 8-bit values. - - * gpgkeys_ldap.c (get_key): Factor out informational display into - new function build_info(). - - * gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings - that got shrunk due to encoding. - -2004-08-22 David Shaw - - * gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along - with a full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to - find the pgpServerInfo object. Some LDAP setups don't like the - search. - (main): Stop binding to the server since it seems no server really - requires it, and some require it not be there. - -2004-07-29 David Shaw - - * gpgkeys_ldap.c (main): Add "debug" option. This is only really - useful with OpenLDAP, but it's practically vital to debug SSL and - TLS setups. Add "basedn" option. This allows users to override - the autodetection for base DN. SSL overrides TLS, so TLS will not - be started on SSL connections (starting an already started car). - -2004-07-28 David Shaw - - * gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID" - attributes so we can do subkey searches. - - * gpgkeys_ldap.c (main): Under certain error conditions, we might - try and unbind twice. Don't. - - * gpgkeys_ldap.c (join_two_modlists): New. - (send_key): Use new function so we can try a modify operation - first, and fail over to an add if that fails. Add cannot cope - with the NULLs at the head of the modify request, so we jump into - the list in the middle. - -2004-07-27 David Shaw - - * gpgkeys_ldap.c (main): Don't try and error out before making a - ldaps connection to the NAI keyserver since we cannot tell if it - is a NAI keyserver until we connect. Fail if we cannot find a - base keyspace DN. Fix a false success message for TLS being - enabled. - -2004-07-20 Werner Koch - - * gpgkeys_ldap.c [_WIN32]: Include Windows specific header files. - Suggested by Brian Gladman. - -2004-05-26 David Shaw - - * gpgkeys_http.c: General polish and removal of leftover stuff - from gpgkeys_hkp.c. - -2004-05-21 David Shaw - - * gpgkeys_http.c (get_key): Cosmetic fix - make sure that URLs - with no path use a path of "/". - - * gpgkeys_ldap.c (ldap2epochtime): We can always rely on timegm() - being available now, since it's a replacement function. - -2004-05-20 David Shaw - - * gpgkeys_http.c: New program to do a simple HTTP file fetch using - the keyserver interface. - - * Makefile.am: Build it. - -2004-02-28 David Shaw - - * Makefile.am: Don't split LDADD across two lines since some make - programs can't handle blank lines after a \ continuation. Noted - by Christoph Moench-Tegeder. - -2004-02-25 David Shaw - - * gpgkeys_ldap.c (send_key): List pgpCertID as one of the deleted - attributes. This guarantees that if something goes wrong, we - won't be able to complete the transaction, thus leaving any key - already existing on the server intact. - -2004-02-23 David Shaw - - * gpgkeys_ldap.c (delete_one_attr): Removed. - (make_one_attr): Delete functionality added. Optional deduping - functionality added (currently only used for pgpSignerID). - (build_attrs): Translate sig entries into pgpSignerID. Properly - build the timestamp for pgpKeyCreateTime and pgpKeyExpireTime. - -2004-02-22 David Shaw - - * gpgkeys_ldap.c (delete_one_attr): New function to replace - attributes with NULL (a "delete" that works even for nonexistant - attributes). - (send_key): Use it here to remove attributes so a modify operation - starts with a clean playing field. Bias sends to modify before - add, since (I suspect) people update their existing keys more - often than they make and send new keys to the server. - -2004-02-21 David Shaw - - * gpgkeys_ldap.c (epoch2ldaptime): New. Converse of - ldap2epochtime. - (make_one_attr): New. Build a modification list in memory to send - to the LDAP server. - (build_attrs): New. Parse INFO lines sent over by gpg. - (free_mod_values): New. Unwinds a modification list. - (send_key_keyserver): Renamed from old send_key(). - (send_key): New function to send a key to a LDAP server. - (main): Use send_key() for real LDAP servers, send_key_keyserver() - otherwise. - -2004-02-20 David Shaw - - * gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv. - (search_key): Catch a SIZELIMIT_EXCEEDED error and show the user - whatever the server did give us. - (find_basekeyspacedn): There is no guarantee that namingContexts - will be readable. - - * Makefile.am: Link gpgkeys_ldap with libutil.a to get the - replacement functions (and eventually translations, etc). - -2004-02-19 David Shaw - - * gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do - not correct for timezones. - (main): Find the basekeyspacedn before we try to start TLS, so we - can give a better error message when a user tries to use TLS with - a LDAP keyserver. - - * Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps - to gpgkeys_ldap when needed. - - * gpgkeys_ldap.c (main): Add support for LDAPS and TLS - connections. These are only useful and usable when talking to - real LDAP keyservers. Add new "tls" option to tune TLS use from - off, to try quietly, to try loudly, or to require TLS. - - * gpgkeys_ldap.c (find_basekeyspacedn): New function to figure out - what kind of LDAP server we're talking to (either real LDAP or the - LDAP keyserver), and return the baseKeySpaceDN to find keys under. - (main): Call it from here, and remove the old code that only - handled the LDAP keyserver. - -2004-02-18 David Shaw - - * gpgkeys_ldap.c (ldap_to_gpg_err): Make sure that - LDAP_OPT_ERROR_NUMBER is defined before we use it. - - * gpgkeys_mailto.in: Fix VERSION number. - -2004-01-13 Werner Koch - - * gpgkeys_hkp.c (send_key): Add a content type. - -2004-01-11 David Shaw - - * gpgkeys_hkp.c (search_key): Catch a mangled input file (useful - if something other than GnuPG is calling the program). - (main): Avoid possible pre-string write. Noted by Christian - Biere. - - * gpgkeys_ldap.c (main): Avoid possible pre-string write. - -2003-12-28 David Shaw - - * gpgkeys_hkp.c (send_key, get_key, main): Work with new HTTP code - that passes the proxy in from the outside. If the command file - sends a proxy, use it. If it sends "http-proxy" with no - arguments, use $http_proxy from the environment. Suggested by - Christian Biere. - -2003-12-28 Stefan Bellon - - * gpgkeys_hkp.c, gpgkeys_ldap.c [__riscos__]: Removal of - unnecessary #ifdef __riscos__ sections. - -2003-11-27 Werner Koch - - * gpgkeys_hkp.c (get_key): Fixed invalid use of fprintf without - format string. - -2003-10-25 Werner Koch - - * Makefile.am (gpgkeys_hkp_LDADD): Replaced INTLLIBS by LIBINTL. - -2003-07-10 David Shaw - - * Makefile.am: Use W32LIBS where appropriate. - -2003-05-30 David Shaw - - * gpgkeys_hkp.c, gpgkeys_ldap.c: #include if it is - available. Also include extern references for optarg and optind - since there is no guarantee that any header file will include - them. Standards? We don't need no stinkin' standards. - - * Makefile.am: Use @GETOPT@ to pull in libiberty on those - platforms that need it. - -2003-04-08 David Shaw - - * gpgkeys_hkp.c (dehtmlize, parse_hkp_index): Fix memory - corruption bug on some platforms. - -2003-03-11 David Shaw - - * gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in - the armored key. - (main): Accept "try-dns-srv" option. - - * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using - capabilities. Use @SRVLIBS@ to link in the resolver if we are - using DNS SRV. - -2003-02-11 David Shaw - - * Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ - so it can be easily overridden at make time. - -2003-01-29 David Shaw - - * gpgkeys_mailto.in: Fix regexp to work properly if the "keyid" is - not a keyid, but rather a text string from the user ID. - -2003-01-06 David Shaw - - * gpgkeys_hkp.c (get_key): Use options=mr when getting a key so - keyserver doesn't attach the HTML header which we will just have - to discard. - -2002-11-17 David Shaw - - * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver - protocol version. - -2002-11-14 David Shaw - - * gpgkeys_ldap.c (get_key): The deduping code requires - "pgpcertid", but that was not available when running without - verbose on. Noted by Stefan. - -2002-11-10 David Shaw - - * gpgkeys_ldap.c (get_key): Fix typo in deduping code. - -2002-11-05 David Shaw - - * gpgkeys_ldap.c (key_in_keylist, add_key_to_keylist, - free_keylist, get_key, search_key): The LDAP keyserver doesn't - remove duplicates, so remove them locally. Do not include the key - modification time in the search response. - -2002-11-04 David Shaw - - * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly - handle an input file that does not include any key data at all. - -2002-10-24 David Shaw - - * gpgkeys_hkp.c (main), gpgkeys_ldap.c (main): Add -V flag to - output protocol and program version. - -2002-10-21 David Shaw - - * Makefile.am: Anything linking with libutil.a needs INTLLIBS as - well on platforms where INTLLIBS is set. - -2002-10-14 David Shaw - - * gpgkeys_hkp.c (write_quoted): Use %-encoding instead of - \-encoding. - (parse_hkp_index): Use new keyserver key listing format, and add - support for disabled keys via include-disabled. - - * gpgkeys_ldap.c (get_key): Don't print keysize unless it's >0. - (printquoted): Use %-encoding instead of \-encoding. - (search_key): Use new keyserver key listing format. - -2002-10-08 David Shaw - - * gpgkeys_ldap.c (search_key, main): Make sure LDAP values are - freed in case of error. - - * gpgkeys_ldap.c (fail_all): New function to unwind a keylist and - error each item. - (main): Call fail_all from here, as needed. Also add a NO_MEMORY - error in an appropriate place and fix error return code. - (ldap_err_to_gpg_err): Add KEYSERVER_UNREACHABLE. - - * gpgkeys_hkp.c (fail_all): New function to unwind a keylist and - error each item. - (main): Call fail_all from here. Also add a NO_MEMORY error in an - appropriate place. - (get_key): Use new UNREACHABLE error for network errors. - -2002-09-26 Werner Koch - - * gpgkeys_ldap.c (send_key): Removed non-constant initializers. - -2002-09-24 David Shaw - - * gpgkeys_ldap.c (ldap_err_to_gpg_err, ldap_to_gpg_err, send_key, - get_key, search_key, main): Some minor error reporting - enhancements for use with GPA (show reasons for KEY FAILED). - - * gpgkeys_hkp.c (send_key, get_key, search_key, main): Some minor - error reporting enhancements for use with GPA (show reasons for - KEY FAILED). - -2002-09-20 Werner Koch - - * gpgkeys_hkp.c (handle_old_hkp_index): s/input/inp/ to avoid - shadowing warning. - -2002-09-19 David Shaw - - * gpgkeys_hkp.c (get_key, handle_old_hkp_index, search_key): - Properly handle line truncation. - -2002-09-16 David Shaw - - * gpgkeys_mailto.in: Add quasi-RFC-2368 mailto:email@addr?from= - syntax so people can set their own email address to respond to. - - * gpgkeys_hkp.c (get_key): Properly respond with KEY FAILED (to - gpg) and "key not found" (to user) on failure. - -2002-09-13 David Shaw - - * gpgkeys_hkp.c: (search_key, handle_old_hkp_index): Try and - request a machine-readable key index. If the server supports - this, pass it through. If the server does not support it, parse - the "index" page. - -2002-09-12 Stefan Bellon - - * gpgkeys_hkp.c: Tidied up RISC OS initializations. - -2002-09-12 David Shaw - - * gpgkeys_hkp.c (main): Remove warning - this is no longer - experimental code. - -2002-09-09 Werner Koch - - * gpgkeys_hkp.c (send_key, get_key, search_key): Check return - value of malloc. - (dehtmlize): Use ascii_tolower to protect against weird locales. - Cast the argument for isspace for the sake of broken HP/UXes. - (search_key): Check return value of realloc. - -2002-09-09 David Shaw - - * gpgkeys_ldap.c (get_key): Some compilers (RISC OS, HPUX c89) - don't like using variables as array initializers. - - * gpgkeys_hkp.c (send_key): Use CRLF in headers. - -2002-08-28 David Shaw - - * gpgkeys_hkp.c (parse_hkp_index): Use same types on all - platforms. This was probably leftover from earlier code where the - typing mattered. - - * gpgkeys_hkp.c: Overall cleanup from iobuf conversion. Be - consistent in m_alloc and malloc usage. Remove include-disabled - (meaningless on HKP). RISC OS tweak. - -2002-08-27 David Shaw - - * gpgkeys_hkp.c, Makefile.am: Convert over to using iobufs. - - * gpgkeys_hkp.c (http_get, http_post): Use CRLF for line endings. - - * gpgkeys_hkp.c: Include util.h on RISC OS as per Stefan. Include - a replacement for hstrerror() for those platforms (such as RISC - OS) that don't have it. - -2002-08-26 David Shaw - - * Makefile.am: May as well include gpgkeys_hkp.c in the - distribution now. It works well enough without proxies, and isn't - built by default. It would be good to get some test experience - with it. - - * gpgkeys_hkp.c (main): Don't warn about include-subkeys - it - isn't unsupported, it's actually non-meaningful in the context of - HKP (yet). - - * gpgkeys_hkp.c (parse_hkp_index, dehtmlize): Move HTML - functionality into new "dehtmlize" function. Remove HTML before - trying to parse each line from the keyserver. If the keyserver - provides key type information in the listing, use it. (Copy over - from g10/hkp.c). - -2002-08-19 David Shaw - - * gpgkeys_hkp.c (get_key, parse_hkp_index): Bring over latest code - from g10/hkp.c. - - * gpgkeys_ldap.c (get_key): Fix cosmetic URL display problem - (extra ":" at the end). - -2002-08-03 Stefan Bellon - - * gpgkeys_ldap.c: Tidied up RISC OS initializations. - -2002-07-25 David Shaw - - * gpgkeys_hkp.c: "Warning" -> "WARNING" - -2002-07-24 David Shaw - - * Makefile.am: Install keyserver helpers in @GNUPG_LIBEXECDIR@ - -2002-07-15 David Shaw - - * gpgkeys_ldap.c (send_key, get_key, main): Consult the server - version string to determine whether to use pgpKey or pgpKeyV2. - -2002-07-09 David Shaw - - * gpgkeys_mailto.in: Use new OPAQUE tag for non net-path URIs. - Fail more elegantly if there is no email address to send to. Show - the GnuPG version in the message body. - -2002-07-04 David Shaw - - * gpgkeys_ldap.c (get_key), gpgkeys_hkp.c (get_key): Display - keyserver URI as a URI, but only if verbose. - -2002-07-01 David Shaw - - * gpgkeys_hkp.c (parse_hkp_index): Error if the keyserver returns - an unparseable HKP response. - - * gpgkeys_hkp.c (main): Warn on honor-http-proxy, - broken-http-proxy, and include-subkeys (not supported yet). - - * gpgkeys_ldap.c (main), gpgkeys_hkp.c (http_connect, main): Fix - some shadowing warnings. - -2002-06-11 David Shaw - - * Makefile.am: Don't hard-code the LDAP libraries - get them from - LDAPLIBS via configure. Also, gpgkeys_hkp is a program, not a - script. - -2002-06-10 David Shaw - - * gpgkeys_ldap.c (include_subkeys): Default "include-subkeys" to - off, since GnuPG now defaults it to on. - -2002-06-06 David Shaw - - * gpgkeys_hkp.c (parse_hkp_index): Type tweaks. - - * gpgkeys_hkp.c (main): Add experimental code warning. - -2002-06-05 David Shaw - - * Makefile.am, gpgkeys_hkp.c (new): Experimental HKP keyserver - interface. - -2002-05-08 David Shaw - - * gpgkeys_ldap.c: Include if we absolutely must. This - helps when compiling against a very old OpenLDAP. - -2002-04-29 David Shaw - - * gpgkeys_mailto.in: Properly handle key requests in full - fingerprint form. - -2002-03-29 David Shaw - - * gpgkeys_ldap.c (printquoted): Quote backslashes within keyserver - search responses. - -2002-02-25 David Shaw - - * gpgkeys_ldap (get_key): LDAP keyservers do not support v3 - fingerprints, so error out if someone tries. Actually, they don't - support any fingerprints, but at least we can calculate a keyid - from a v4 fingerprint. - -2002-02-23 David Shaw - - * gpgkeys_ldap: Clarify the notion of a partial failure. This is - possible if more than one key is being handled in a batch, and one - fails while the other succeeds. Note that a search that comes up - with no results is not a failure - that is a valid response of "no - answer". - - * gpgkeys_ldap.c (get_key): Allow GnuPG to send us full v4 - fingerprints, long key ids, or short key ids while fetching. - Since the LDAP server doesn't actually handle fingerprints, chop - them down to long key ids for actual use. - - * gpgkeys_ldap.c (main, get_key): When searching for a keyid, - search for subkeys as well as primary keys. This is mostly - significant when automatically fetching the key based on the id in - a header (i.e. "signature made by...."). "no-include-subkeys" - disables. - -2002-02-14 David Shaw - - * gpgkeys_ldap.c: Fix compiler warning. - - * gpgkeys_ldap.c: Be much more robust with mangled input files. - -2001-12-28 David Shaw - - * gpgkeys_mailto.in: Use the new OUTOFBAND indicator so gpg knows - not to try and import anything. Also turn on perl -w for - warnings. - - * gpgkeys_ldap.c (main): If we're using temp files (rather than - stdin/stdout), make sure the file is closed when we're done. - -2001-12-20 David Shaw - - * Properly free the LDAP response when we're done with it. - - * Now that we handle multiple keys, we must remove duplicates as - the LDAP keyserver returns keys with multiple user IDs multiple - times. - - * Properly handle multiple keys with the same key ID (it's really - rare, so fetch "0xDEADBEEF" to test this). - -2001-12-17 David Shaw - - * gpgkeys_ldap.c, gpgkeys_mailto.in: Fix GNU capitalization - issues. Prefix log messages with "gpgkeys" to clarify which - program is generating them. - -2001-12-14 David Shaw - - * gpgkeys_ldap.c (search_key): Use unsigned int rather than uint - for portability. - -2001-12-04 David Shaw - - * Initial version of gpgkeys_ldap (LDAP keyserver helper) and - gpgkeys_mailto (email keyserver helper) - - - Copyright 1998, 1999, 2000, 2001, 2002, 2003, - 2004 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/keyserver/ChangeLog-2011 b/keyserver/ChangeLog-2011 new file mode 100644 index 000000000..58a207d45 --- /dev/null +++ b/keyserver/ChangeLog-2011 @@ -0,0 +1,1314 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-08-09 Werner Koch + + * gpgkeys_hkp.c (srv_replace): Remove unused var. + +2009-09-02 Werner Koch + + * Makefile.am (gpgkeys_curl_SOURCES, gpgkeys_ldap_SOURCES) + (gpgkeys_finger_SOURCES): Add ksmalloc.c only with non-faked cURL. + +2009-08-25 Werner Koch + + * ksmalloc.c: New + (xtrymalloc, xfree): New. + * Makefile.am (gpgkeys_ldap_SOURCES, gpgkeys_curl_SOURCES): + (gpgkeys_hkp_SOURCES): Add ksmalloc.c. + * gpgkeys_hkp.c, gpgkeys_ldap.c: s/malloc/xtrymalloc/. + +2009-07-06 David Shaw + + * gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the + DNS-SD names ("pgpkey-http" and "pgpkey-https") in SRV lookups + instead of "hkp" and "hkps". + +2009-06-24 Werner Koch + + * gpgkeys_ldap.c (send_key): Do not loop over a NULL modlist in + fail. Reported by Fabian Keil. + +2009-06-09 David Shaw + + * Makefile.am (gpgkeys_hkp_LDADD): Need DNSLIBS for the resolver + now that we're using SRVs. + +2009-05-27 David Shaw + + * gpgkeys_hkp.c (srv_replace): Fix build warning. + +2009-05-26 David Shaw + + * curl-shim.c (curl_slist_append, curl_slist_free_all): New. + Simple wrappers around STRLIST to emulate the curl way of doing + string lists. + (curl_easy_setopt): Handle the curl HTTPHEADER option. + + * gpgkeys_curl.c, gpgkeys_hkp.c (main): Avoid caches to get the + most recent copy of the key. This is bug #1061. + +2009-05-03 David Shaw + + * gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather + than the ugly ?from= syntax. + +2009-04-20 David Shaw + + * gpgkeys_hkp.c (srv_replace): New function to transform a SRV + hostname to a real hostname. + (main): Call it from here for the HAVE_LIBCURL case (without + libcurl is handled via the curl-shim). + +2009-04-02 David Shaw + + * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): + Add a CURLOPT_SRVTAG_GPG_HACK (passed through the the http + engine). + +2009-04-01 David Shaw + + * gpgkeys_hkp.c (main): Switch default port for SSLized HKP to + 443 (i.e. the regular https port). + +2009-02-03 David Shaw + + * gpgkeys_hkp.c (send_key, get_key, get_name, search_key, main): + Add support for SSLized HKP. + +2008-11-18 David Shaw + + * curl-shim.h, gpgkeys_curl.c, gpgkeys_hkp.c (main): Always show + curl version (even for curl-shim). + +2008-11-18 Werner Koch + + * gpgkeys_curl.c (main): Print curl version according to GNU standards. + * gpgkeys_hkp.c (main): Ditto. + * curl-shim.h (curl_is_gnupg_curl_shim): New. + +2008-11-18 David Shaw + + * curl-shim.h (curl_version): No need to provide a version for + curl-shim as it always matches the GnuPG version. + + * gpgkeys_curl.c, gpgkeys_hkp.c (main): Show which version of curl + we're using as part of --version. + + * gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_hkp.c, + gpgkeys_ldap.c (show_help): Document --version. + +2008-04-14 David Shaw + + * gpgkeys_curl.c (main), gpgkeys_hkp.c (main): Make sure all + libcurl number options are passed as long. + + * curl-shim.c (curl_easy_setopt): Minor tweak to match the real + curl better - libcurl uses 'long', not 'unsigned int'. + +2008-03-25 Werner Koch + + * gpgkeys_ldap.c (build_attrs): Take care of char defaulting to + unsigned when using hextobyte. + +2007-12-17 David Shaw + + * Makefile.am: Fix compile error when libcurl is in a nonstandard + location. + +2007-07-28 David Shaw + + * gpgkeys_ldap.c (main): Fix bug in setting up whether to verify + peer SSL cert. This used to work with older OpenLDAP, but is now + more strictly handled. + +2007-07-27 David Shaw + + * gpgkeys_ldap.c: Fix build warning with mozldap. + + * gpgkeys_ldap.c (search_key, main): Fix bug where searching for + foo bar (no quotes) on the command line resulted in searching for + "foo\2Abar" due to LDAP quoting. The proper search is "foo*bar". + +2007-04-16 David Shaw + + * gpgkeys_hkp.c (main): Show curl or fake-curl version string. + + * Makefile.am: Link with libcompat.a for ascii_str(n)casecmp. + + * gpgkeys_curl.c, gpgkeys_ldap.c, gpgkeys_hkp.c, ksutil.c: Rename + all str(n)casecmp to ascii_str(n)casecmp. We want the + locale-independent ones here. + +2007-03-13 David Shaw + + * gpgkeys_curl.c (main): Use curl_version_info to verify that the + protocol we're about to use is actually available. + + * curl-shim.h, curl-shim.c (curl_free): Make into a macro. + (curl_version_info): New. Only advertises "http" for our shim, of + course. + +2007-02-10 David Shaw + + * gpgkeys_ldap.c (send_key): Missing a free(). + + * curl-shim.c (curl_easy_perform): Some debugging items that may + be handy. + +2007-01-16 David Shaw + + * curl-shim.h, curl-shim.c, gpgkeys_hkp.c: Rename curl_escape() to + curl_easy_escape() to match cURL. + +2007-01-15 David Shaw + + * gpgkeys_hkp.c (send_key): Allow GPG to send any armored key line + length without problems. Reported by Felix von Leitner. + +2006-12-03 David Shaw + + * ksutil.c (classify_ks_search): Try and recognize a key ID even + without the 0x prefix. This isn't exact (it's possible that a + user ID string happens to be 8 or 16 digits of hex), but it's + extremely unlikely. Plus GPG itself makes the same assumption. + + * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be + present when searching by keyID. + +2006-11-05 David Shaw + + * gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change. + Key-not-found still has a HTML response. + +2006-10-19 David Shaw + + * gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see + HTML coming back from a MR hkp query. + +2006-09-28 David Shaw + + * Makefile.am: Link gpgkeys_ldap to libcompat.a. + + * gpgkeys_ldap.c, ksutil.h, ksutil.c: Remove hextobyte instead of + ks_hextobyte as it is provided by libcompat now. + + * gpgkeys_ldap.c (build_attrs), ksutil.c (ks_toupper, + ks_strcasecmp), ksutil.h: Remove the need for strcasecmp as the + field tags are always lowercase. + +2006-09-26 Werner Koch + + * gpgkeys_finger.c (get_key): Cast away signed/unsigned char ptr + mismatches. + + * ksutil.c (ks_hextobyte, ks_toupper, ks_strcasecmp): New. Use + them instead of there ascii_foo counterparts. + * gpgkeys_ldap.c (main): Replaced BUG by assert. + + * gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c, ksutil.c: + * ksutil.h: Add special license exception for OpenSSL. This helps + to avoid license conflicts if OpenLDAP or cURL is linked against + OpenSSL and we would thus indirectly link to OpenSSL. This is + considered a bug fix and forgives all possible violations, + pertaining to this issue, possibly occured in the past. + +2006-07-26 David Shaw + + * Makefile.am: Fix missing include path for gpgkeys_finger (needs + the libcurl path, even though it doesn't use libcurl because of + ksutil.c:curl_err_to_gpg_err(). Noted by Gilbert Fernandes. + +2006-07-20 David Shaw + + * curl-shim.c (curl_easy_perform): Minor cleanup of proxy code. + +2006-07-16 David Shaw + + * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, + send_key_keyserver): Improved version of previous fix. Force + match on spaces in string. + +2006-07-14 David Shaw + + * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, + send_key_keyserver): Fix string matching problem when the ascii + armored form of the key happens to match "KEY" at the beginning of + the line. + +2006-07-12 David Shaw + + * gpgkeys_ldap.c (printquoted), curl-shim.c (curl_escape): Fix bad + encoding of characters > 127. Noted by Nalin Dahyabhai. + +2006-04-26 David Shaw + + * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed. + + * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any + longer as this is done via curl or fake-curl. + + * ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor + #include tweaks as FAKE_CURL is no longer meaningful. + +2006-04-10 David Shaw + + * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote + directly into place rather than mallocing temporary buffers. + + * gpgkeys_ldap.c (get_name): Build strings with strcat rather than + using sprintf which is harder to read and modify. + + * ksutil.h, ksutil.c (classify_ks_search): Add + KS_SEARCH_KEYID_SHORT and KS_SEARCH_KEYID_LONG to search for a key + ID. + + * gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID + searches to pgpKeyID or pgpCertID. + +2006-03-27 David Shaw + + * gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so + they use the regular old API that is compatible with other LDAP + libraries. + +2006-03-03 David Shaw + + * gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP + libraries that have TLS. + +2006-02-23 David Shaw + + * ksutil.c (init_ks_options): Default include-revoked and + include-subkeys to on, as gpg isn't doing this any longer. + +2006-02-22 David Shaw + + * gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut + down on odd matches. + +2006-02-21 David Shaw + + * gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't + allow duplicate attributes as OpenLDAP is now enforcing this. + + * gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass + credentials to a remote LDAP server. + + * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, + curl_easy_perform): Mingw has 'stderr' as a macro? + + * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, + curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for + easier debugging. + +2006-01-16 David Shaw + + * gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST + when uploading a key. + +2005-12-23 David Shaw + + * ksutil.h, ksutil.c (parse_ks_options): New keyserver command + "getname". + + * gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): + Use it here to do direct name (rather than key ID) fetches. + +2005-12-19 David Shaw + + * ksutil.h, ksutil.c (curl_armor_writer, curl_writer, + curl_writer_finalize): New functionality to handle binary format + keys by armoring them for input to GPG. + + * gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here. + +2005-12-07 David Shaw + + * gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better + language for the key-not-found error. + + * ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and + CURLE_COULDNT_CONNECT. + + * gpgkeys_curl.c (get_key): Give key-not-found error if no data is + found (or file itself is not found) during a fetch. + +2005-12-06 David Shaw + + * curl-shim.c (curl_easy_perform): Fix build warning (code before + declaration). + +2005-11-02 David Shaw + + * gpgkeys_hkp.c (search_key): Fix warning with typecast (though + curl should really have defined that char * as const). + +2005-08-25 David Shaw + + * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and + exact-email. + (classify_ks_search): Mimic the gpg search modes instead with *, + =, <, and @. + + * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call + them here. Suggested by Jason Harris. + +2005-08-18 David Shaw + + * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option + exact-name. The last of exact-name and exact-email overrides the + earlier. + + * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it + here to do a name-only search. + + * gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP. + + * gpgkeys_ldap.c (search_key): Use it here to escape reserved + characters in searches. + +2005-08-17 David Shaw + + * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option + exact-email. + + * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it + here to do an email-only search. + +2005-08-08 David Shaw + + * Makefile.am: Include LDAP_CPPFLAGS when building LDAP. + +2005-08-03 David Shaw + + * gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show + version of curl (or curl-shim) when debug is set. + +2005-07-20 David Shaw + + * gpgkeys_curl.c (get_key, main): Don't try and be smart about + what protocols we handle. Directly pass them to curl or fake-curl + and see if an error comes back. + + * curl-shim.h, curl-shim.c (handle_error), ksutil.c + (curl_err_to_gpg_err): Add support for CURLE_UNSUPPORTED_PROTOCOL + in fake curl. + + * Makefile.am: Don't need -DFAKE_CURL any longer since it's in + config.h. + +2005-06-23 David Shaw + + * gpgkeys_mailto.in, gpgkeys_test.in: Use @VERSION@ so version + string stays up to date. + + * gpgkeys_http.c: Don't need to define HTTP_PROXY_ENV here since + it's in ksutil.h. + + * gpgkeys_curl.c (get_key, main), gpgkeys_hkp.c (main): Pass AUTH + values to curl or curl-shim. + + * curl-shim.c (curl_easy_perform), gpgkeys_curl.c (main), + gpgkeys_hkp.c (main): Use curl-style proxy semantics. + + * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): + Add CURLOPT_USERPWD option for HTTP auth. + + * gpgkeys_http.c (get_key), gpgkeys_oldhkp (send_key, get_key, + search_key): No longer need to pass a proxyauth. + + * gpgkeys_http.c (get_key): Pass auth outside of the URL. + +2005-06-21 David Shaw + + * gpgkeys_http.c (get_key), gpgkeys_oldhkp.c (send_key, get_key, + search_key): Fix http_open/http_open_document calls to pass NULL + for auth and proxyauth since these programs pass them in the URL. + +2005-06-20 David Shaw + + * gpgkeys_hkp.c (append_path, send_key, get_key, search_key, + main), gpgkeys_oldhkp.c (main): Properly handle double slashes in + paths. + +2005-06-05 David Shaw + + * ksutil.c (init_ks_options, parse_ks_options): Provide a default + "/" path unless overridden by the config. Allow config to specify + items multiple times and take the last specified item. + +2005-06-04 David Shaw + + * gpgkeys_hkp.c, gpgkeys_oldhkp.c: Add support for HKP servers + that aren't at the root path. Suggested by Jack Bates. + +2005-06-01 David Shaw + + * ksutil.c [HAVE_DOSISH_SYSTEM]: Fix warnings on mingw32. Noted + by Joe Vender. + +2005-05-04 David Shaw + + * ksutil.h, ksutil.c: #ifdef so we can build without libcurl or + fake-curl. + +2005-05-03 David Shaw + + * gpgkeys_http.c: Need GET defined. + +2005-05-01 David Shaw + + * gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup + and comments as to the size of MAX_LINE and MAX_URL. + +2005-04-16 David Shaw + + * gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim. + + * Makefile.am: Build new gpgkeys_hkp. + + * curl-shim.c (curl_easy_perform): Cleanup. + + * ksutil.h, ksutil.c (curl_writer), gpgkeys_curl.c (get_key): Pass + a context to curl_writer so we can support multiple fetches in a + single session. + + * curl-shim.h, curl-shim.c (handle_error, curl_easy_setopt, + curl_easy_perform): Add POST functionality to the curl shim. + + * curl-shim.h, curl-shim.c (curl_escape, curl_free): Emulate + curl_escape and curl_free. + + * gpgkeys_curl.c (main): If the http-proxy option is given without + any arguments, try to get the proxy from the environment. + + * ksutil.h, ksutil.c (curl_err_to_gpg_err, curl_writer): Copy from + gpgkeys_curl.c. + + * gpgkeys_oldhkp.c: Copy from gpgkeys_hkp.c. + +2005-03-22 David Shaw + + * gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from + gpgkeys_ldap.c. Print a string, but strip out any CRs. + + * gpgkeys_finger.c (get_key), gpgkeys_hkp.c (get_key), + gpgkeys_http.c (get_key): Use it here when outputting key material + to canonicalize line endings. + +2005-03-19 David Shaw + + * gpgkeys_ldap.c (main): Fix three wrong calls to fail_all(). + Noted by Stefan Bellon. + +2005-03-17 David Shaw + + * ksutil.c (parse_ks_options): Handle verbose=nnn. + + * Makefile.am: Calculate GNUPG_LIBEXECDIR directly. Do not + redefine $libexecdir. + + * gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using + parse_ks_options and remove a lot of common code. + + * ksutil.h, ksutil.c (parse_ks_options): Parse OPAQUE, and default + debug with no arguments to 1. + +2005-03-16 David Shaw + + * gpgkeys_ldap.c: Include lber.h if configure determines we need + it. + + * ksutil.h, ksutil.c (ks_action_to_string): New. + (free_ks_options): Only free if options exist. + + * ksutil.h, ksutil.c (init_ks_options, free_ks_options, + parse_ks_options): Pull a lot of duplicated code into a single + options parser for all keyserver helpers. + +2005-02-11 David Shaw + + * curl-shim.c (curl_easy_perform): Fix compile warning. + + * curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add + ca-cert-file option, to pass in the SSL cert. + + * curl-shim.h, curl-shim.c: New. This is code to fake the curl + API in terms of the current HTTP iobuf API. + + * gpgkeys_curl.c [FAKE_CURL], Makefile.am: If FAKE_CURL is set, + link with the iobuf code rather than libcurl. + +2005-02-05 David Shaw + + * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version + output. + + * gpgkeys_curl.c (main): Make sure the curl handle is cleaned up + on failure. + +2005-02-01 David Shaw + + * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing + http_close() calls. Noted by Phil Pennock. + + * ksutil.h: Up the default timeout to two minutes. + +2005-01-24 David Shaw + + * gpgkeys_ldap.c (print_nocr): New. + (get_key): Call it here to canonicalize line endings. + + * gpgkeys_curl.c (writer): Discard everything outside the BEGIN + and END lines when retrieving keys. Canonicalize line endings. + (main): Accept FTPS. + +2005-01-21 David Shaw + + * gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL + certificate checking (which is on by default). + + * gpgkeys_curl.c (main): Add "debug" option to match the LDAP + helper. Add "check-cert" option to disable SSL certificate + checking (which is on by default). + +2005-01-18 David Shaw + + * gpgkeys_curl.c: Fix typo. + +2005-01-18 Werner Koch + + * gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with + the W32 defined macro. Removed unneeded initialization of static + variables. + * gpgkeys_http.c: Ditto. + * ksutil.h: s/MAX_PATH/URLMAX_PATH/. + +2005-01-17 David Shaw + + * gpgkeys_curl.c (main): Only allow specified protocols to use the + curl handler. + + * Makefile.am: Use LIBCURL_CPPFLAGS instead of LIBCURL_INCLUDES. + +2005-01-13 David Shaw + + * ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c, + gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup. Move all + the various defines to ksutil.h. + + * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: + Part 1 of a minor cleanup to use #defines instead of hard-coded + sizes. + + * gpgkeys_finger.c (connect_server): Use INADDR_NONE instead of + SOCKET_ERROR. Noted by Timo. + +2005-01-09 David Shaw + + * gpgkeys_curl.c (get_key): Newer versions of libcurl don't define + TRUE. + +2004-12-24 David Shaw + + * gpgkeys_curl.c (main): Use new defines for opting out of certain + transfer protocols. Allow setting HTTP proxy via "http-proxy=foo" + option (there is natural support in libcurl for the http_proxy + environment variable). + + * Makefile.am: Remove the conditional since this is all handled in + autoconf now. + +2004-12-22 David Shaw + + * gpgkeys_curl.c (main): New "follow-redirects" option. Takes an + optional numeric value for the maximum number of redirects to + allow. Defaults to 5. + + * gpgkeys_curl.c (main), gpgkeys_finger.c (main), gpgkeys_hkp.c + (main), gpgkeys_http.c (main), gpgkeys_ldap.c (main): Make sure + that a "timeout" option passed with no arguments is properly + handled. + + * gpgkeys_curl.c (get_key, writer): New function to wrap around + fwrite to avoid DLL access problem on win32. + + * gpgkeys_http.c (main, get_key): Properly pass authentication + info through to the http library. + + * Makefile.am: Build gpgkeys_http or gpgkeys_curl as needed. + + * gpgkeys_curl.c (main, get_key): Minor tweaks to work with either + FTP or HTTP. + + * gpgkeys_ftp.c: renamed to gpgkeys_curl.c. + + * gpgkeys_ftp.c (main, get_key): Use auth data as passed by gpg. + Use CURLOPT_FILE instead of CURLOPT_WRITEDATA (same option, but + backwards compatible). + +2004-12-21 David Shaw + + * gpgkeys_ftp.c: New. + + * Makefile.am: Build it if requested. + +2004-12-14 Werner Koch + + * Makefile.am (install-exec-hook, uninstall-hook): Removed. For + Windows reasons we can't use the symlink trick. + +2004-12-03 David Shaw + + * Makefile.am: The harmless "ignored error" on gpgkeys_ldap + install on top of an existing install is bound to confuse people. + Use ln -s -f to force the overwrite. + +2004-10-28 David Shaw + + * gpgkeys_finger.c [_WIN32] (connect_server): Fix typo. + +2004-10-28 Werner Koch + + * Makefile.am (other_libs): New. Also include LIBICONV. Noted by + Tim Mooney. + +2004-10-28 Werner Koch + + * Makefile.am (other_libs): + +2004-10-18 David Shaw + + * gpgkeys_hkp.c (send_key, get_key, search_key): Use "hkp" instead + of "x-hkp" so it can be used as a SRV tag. + +2004-10-16 David Shaw + + * gpgkeys_finger.c [_WIN32] (connect_server): Fix typo. + +2004-10-15 Werner Koch + + * gpgkeys_ldap.c (main, show_help): Kludge to implement standard + GNU options. Factored help printing out. + * gpgkeys_finger.c (main, show_help): Ditto. + * gpgkeys_hkp.c (main, show_help): Ditto. + * gpgkeys_http.c (main, show_help): Ditto. + * gpgkeys_test.in, gpgkeys_mailto.in: Implement --version and --help. + + * Makefile.am: Add ksutil.h. + +2004-10-14 David Shaw + + * gpgkeys_finger.c (main): We do not support relay fingering + (i.e. "finger://relayhost/user@example.com"), but finger URLs are + occasionally miswritten that way. Give an error in this case. + +2004-10-14 Werner Koch + + * gpgkeys_finger.c (get_key): s/unsigned char/byte/ due + to a strange typedef for RISC OS. Noted by Stefan. + +2004-10-13 David Shaw + + * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c + (main), gpgkeys_finger.c (main): Call timeout functions before + performing an action that could block for a long time. + + * ksutil.h, ksutil.c: New. Right now just contains timeout + functions. + +2004-10-11 David Shaw + + * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: + Fix a few occurances of "filename" to `filename'. + +2004-10-11 Werner Koch + + * gpgkeys_finger.c: New. + +2004-08-27 Stefan Bellon + + * gpgkeys_hkp.c (search_key): Fix the prior faulty fix by + introducing a cast but leaving skey unsigned. + + * gpgkeys_hkp.c (search_key): Change type of variable skey from + unsigned char* to char* to fix type incompatibility. + +2004-08-23 David Shaw + + * gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key, + search_key), gpgkeys_http.c (get_key): Do not give informational + logs since this is now done inside gpg. + + * gpgkeys_hkp.c (dehtmlize): Understand the quote character + (i.e. """) in HTML responses. + (search_key): Search key must be unsigned for url encoder to work + properly for 8-bit values. + + * gpgkeys_ldap.c (get_key): Factor out informational display into + new function build_info(). + + * gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings + that got shrunk due to encoding. + +2004-08-22 David Shaw + + * gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along + with a full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to + find the pgpServerInfo object. Some LDAP setups don't like the + search. + (main): Stop binding to the server since it seems no server really + requires it, and some require it not be there. + +2004-07-29 David Shaw + + * gpgkeys_ldap.c (main): Add "debug" option. This is only really + useful with OpenLDAP, but it's practically vital to debug SSL and + TLS setups. Add "basedn" option. This allows users to override + the autodetection for base DN. SSL overrides TLS, so TLS will not + be started on SSL connections (starting an already started car). + +2004-07-28 David Shaw + + * gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID" + attributes so we can do subkey searches. + + * gpgkeys_ldap.c (main): Under certain error conditions, we might + try and unbind twice. Don't. + + * gpgkeys_ldap.c (join_two_modlists): New. + (send_key): Use new function so we can try a modify operation + first, and fail over to an add if that fails. Add cannot cope + with the NULLs at the head of the modify request, so we jump into + the list in the middle. + +2004-07-27 David Shaw + + * gpgkeys_ldap.c (main): Don't try and error out before making a + ldaps connection to the NAI keyserver since we cannot tell if it + is a NAI keyserver until we connect. Fail if we cannot find a + base keyspace DN. Fix a false success message for TLS being + enabled. + +2004-07-20 Werner Koch + + * gpgkeys_ldap.c [_WIN32]: Include Windows specific header files. + Suggested by Brian Gladman. + +2004-05-26 David Shaw + + * gpgkeys_http.c: General polish and removal of leftover stuff + from gpgkeys_hkp.c. + +2004-05-21 David Shaw + + * gpgkeys_http.c (get_key): Cosmetic fix - make sure that URLs + with no path use a path of "/". + + * gpgkeys_ldap.c (ldap2epochtime): We can always rely on timegm() + being available now, since it's a replacement function. + +2004-05-20 David Shaw + + * gpgkeys_http.c: New program to do a simple HTTP file fetch using + the keyserver interface. + + * Makefile.am: Build it. + +2004-02-28 David Shaw + + * Makefile.am: Don't split LDADD across two lines since some make + programs can't handle blank lines after a \ continuation. Noted + by Christoph Moench-Tegeder. + +2004-02-25 David Shaw + + * gpgkeys_ldap.c (send_key): List pgpCertID as one of the deleted + attributes. This guarantees that if something goes wrong, we + won't be able to complete the transaction, thus leaving any key + already existing on the server intact. + +2004-02-23 David Shaw + + * gpgkeys_ldap.c (delete_one_attr): Removed. + (make_one_attr): Delete functionality added. Optional deduping + functionality added (currently only used for pgpSignerID). + (build_attrs): Translate sig entries into pgpSignerID. Properly + build the timestamp for pgpKeyCreateTime and pgpKeyExpireTime. + +2004-02-22 David Shaw + + * gpgkeys_ldap.c (delete_one_attr): New function to replace + attributes with NULL (a "delete" that works even for nonexistant + attributes). + (send_key): Use it here to remove attributes so a modify operation + starts with a clean playing field. Bias sends to modify before + add, since (I suspect) people update their existing keys more + often than they make and send new keys to the server. + +2004-02-21 David Shaw + + * gpgkeys_ldap.c (epoch2ldaptime): New. Converse of + ldap2epochtime. + (make_one_attr): New. Build a modification list in memory to send + to the LDAP server. + (build_attrs): New. Parse INFO lines sent over by gpg. + (free_mod_values): New. Unwinds a modification list. + (send_key_keyserver): Renamed from old send_key(). + (send_key): New function to send a key to a LDAP server. + (main): Use send_key() for real LDAP servers, send_key_keyserver() + otherwise. + +2004-02-20 David Shaw + + * gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv. + (search_key): Catch a SIZELIMIT_EXCEEDED error and show the user + whatever the server did give us. + (find_basekeyspacedn): There is no guarantee that namingContexts + will be readable. + + * Makefile.am: Link gpgkeys_ldap with libutil.a to get the + replacement functions (and eventually translations, etc). + +2004-02-19 David Shaw + + * gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do + not correct for timezones. + (main): Find the basekeyspacedn before we try to start TLS, so we + can give a better error message when a user tries to use TLS with + a LDAP keyserver. + + * Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps + to gpgkeys_ldap when needed. + + * gpgkeys_ldap.c (main): Add support for LDAPS and TLS + connections. These are only useful and usable when talking to + real LDAP keyservers. Add new "tls" option to tune TLS use from + off, to try quietly, to try loudly, or to require TLS. + + * gpgkeys_ldap.c (find_basekeyspacedn): New function to figure out + what kind of LDAP server we're talking to (either real LDAP or the + LDAP keyserver), and return the baseKeySpaceDN to find keys under. + (main): Call it from here, and remove the old code that only + handled the LDAP keyserver. + +2004-02-18 David Shaw + + * gpgkeys_ldap.c (ldap_to_gpg_err): Make sure that + LDAP_OPT_ERROR_NUMBER is defined before we use it. + + * gpgkeys_mailto.in: Fix VERSION number. + +2004-01-13 Werner Koch + + * gpgkeys_hkp.c (send_key): Add a content type. + +2004-01-11 David Shaw + + * gpgkeys_hkp.c (search_key): Catch a mangled input file (useful + if something other than GnuPG is calling the program). + (main): Avoid possible pre-string write. Noted by Christian + Biere. + + * gpgkeys_ldap.c (main): Avoid possible pre-string write. + +2003-12-28 David Shaw + + * gpgkeys_hkp.c (send_key, get_key, main): Work with new HTTP code + that passes the proxy in from the outside. If the command file + sends a proxy, use it. If it sends "http-proxy" with no + arguments, use $http_proxy from the environment. Suggested by + Christian Biere. + +2003-12-28 Stefan Bellon + + * gpgkeys_hkp.c, gpgkeys_ldap.c [__riscos__]: Removal of + unnecessary #ifdef __riscos__ sections. + +2003-11-27 Werner Koch + + * gpgkeys_hkp.c (get_key): Fixed invalid use of fprintf without + format string. + +2003-10-25 Werner Koch + + * Makefile.am (gpgkeys_hkp_LDADD): Replaced INTLLIBS by LIBINTL. + +2003-07-10 David Shaw + + * Makefile.am: Use W32LIBS where appropriate. + +2003-05-30 David Shaw + + * gpgkeys_hkp.c, gpgkeys_ldap.c: #include if it is + available. Also include extern references for optarg and optind + since there is no guarantee that any header file will include + them. Standards? We don't need no stinkin' standards. + + * Makefile.am: Use @GETOPT@ to pull in libiberty on those + platforms that need it. + +2003-04-08 David Shaw + + * gpgkeys_hkp.c (dehtmlize, parse_hkp_index): Fix memory + corruption bug on some platforms. + +2003-03-11 David Shaw + + * gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in + the armored key. + (main): Accept "try-dns-srv" option. + + * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using + capabilities. Use @SRVLIBS@ to link in the resolver if we are + using DNS SRV. + +2003-02-11 David Shaw + + * Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ + so it can be easily overridden at make time. + +2003-01-29 David Shaw + + * gpgkeys_mailto.in: Fix regexp to work properly if the "keyid" is + not a keyid, but rather a text string from the user ID. + +2003-01-06 David Shaw + + * gpgkeys_hkp.c (get_key): Use options=mr when getting a key so + keyserver doesn't attach the HTML header which we will just have + to discard. + +2002-11-17 David Shaw + + * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver + protocol version. + +2002-11-14 David Shaw + + * gpgkeys_ldap.c (get_key): The deduping code requires + "pgpcertid", but that was not available when running without + verbose on. Noted by Stefan. + +2002-11-10 David Shaw + + * gpgkeys_ldap.c (get_key): Fix typo in deduping code. + +2002-11-05 David Shaw + + * gpgkeys_ldap.c (key_in_keylist, add_key_to_keylist, + free_keylist, get_key, search_key): The LDAP keyserver doesn't + remove duplicates, so remove them locally. Do not include the key + modification time in the search response. + +2002-11-04 David Shaw + + * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly + handle an input file that does not include any key data at all. + +2002-10-24 David Shaw + + * gpgkeys_hkp.c (main), gpgkeys_ldap.c (main): Add -V flag to + output protocol and program version. + +2002-10-21 David Shaw + + * Makefile.am: Anything linking with libutil.a needs INTLLIBS as + well on platforms where INTLLIBS is set. + +2002-10-14 David Shaw + + * gpgkeys_hkp.c (write_quoted): Use %-encoding instead of + \-encoding. + (parse_hkp_index): Use new keyserver key listing format, and add + support for disabled keys via include-disabled. + + * gpgkeys_ldap.c (get_key): Don't print keysize unless it's >0. + (printquoted): Use %-encoding instead of \-encoding. + (search_key): Use new keyserver key listing format. + +2002-10-08 David Shaw + + * gpgkeys_ldap.c (search_key, main): Make sure LDAP values are + freed in case of error. + + * gpgkeys_ldap.c (fail_all): New function to unwind a keylist and + error each item. + (main): Call fail_all from here, as needed. Also add a NO_MEMORY + error in an appropriate place and fix error return code. + (ldap_err_to_gpg_err): Add KEYSERVER_UNREACHABLE. + + * gpgkeys_hkp.c (fail_all): New function to unwind a keylist and + error each item. + (main): Call fail_all from here. Also add a NO_MEMORY error in an + appropriate place. + (get_key): Use new UNREACHABLE error for network errors. + +2002-09-26 Werner Koch + + * gpgkeys_ldap.c (send_key): Removed non-constant initializers. + +2002-09-24 David Shaw + + * gpgkeys_ldap.c (ldap_err_to_gpg_err, ldap_to_gpg_err, send_key, + get_key, search_key, main): Some minor error reporting + enhancements for use with GPA (show reasons for KEY FAILED). + + * gpgkeys_hkp.c (send_key, get_key, search_key, main): Some minor + error reporting enhancements for use with GPA (show reasons for + KEY FAILED). + +2002-09-20 Werner Koch + + * gpgkeys_hkp.c (handle_old_hkp_index): s/input/inp/ to avoid + shadowing warning. + +2002-09-19 David Shaw + + * gpgkeys_hkp.c (get_key, handle_old_hkp_index, search_key): + Properly handle line truncation. + +2002-09-16 David Shaw + + * gpgkeys_mailto.in: Add quasi-RFC-2368 mailto:email@addr?from= + syntax so people can set their own email address to respond to. + + * gpgkeys_hkp.c (get_key): Properly respond with KEY FAILED (to + gpg) and "key not found" (to user) on failure. + +2002-09-13 David Shaw + + * gpgkeys_hkp.c: (search_key, handle_old_hkp_index): Try and + request a machine-readable key index. If the server supports + this, pass it through. If the server does not support it, parse + the "index" page. + +2002-09-12 Stefan Bellon + + * gpgkeys_hkp.c: Tidied up RISC OS initializations. + +2002-09-12 David Shaw + + * gpgkeys_hkp.c (main): Remove warning - this is no longer + experimental code. + +2002-09-09 Werner Koch + + * gpgkeys_hkp.c (send_key, get_key, search_key): Check return + value of malloc. + (dehtmlize): Use ascii_tolower to protect against weird locales. + Cast the argument for isspace for the sake of broken HP/UXes. + (search_key): Check return value of realloc. + +2002-09-09 David Shaw + + * gpgkeys_ldap.c (get_key): Some compilers (RISC OS, HPUX c89) + don't like using variables as array initializers. + + * gpgkeys_hkp.c (send_key): Use CRLF in headers. + +2002-08-28 David Shaw + + * gpgkeys_hkp.c (parse_hkp_index): Use same types on all + platforms. This was probably leftover from earlier code where the + typing mattered. + + * gpgkeys_hkp.c: Overall cleanup from iobuf conversion. Be + consistent in m_alloc and malloc usage. Remove include-disabled + (meaningless on HKP). RISC OS tweak. + +2002-08-27 David Shaw + + * gpgkeys_hkp.c, Makefile.am: Convert over to using iobufs. + + * gpgkeys_hkp.c (http_get, http_post): Use CRLF for line endings. + + * gpgkeys_hkp.c: Include util.h on RISC OS as per Stefan. Include + a replacement for hstrerror() for those platforms (such as RISC + OS) that don't have it. + +2002-08-26 David Shaw + + * Makefile.am: May as well include gpgkeys_hkp.c in the + distribution now. It works well enough without proxies, and isn't + built by default. It would be good to get some test experience + with it. + + * gpgkeys_hkp.c (main): Don't warn about include-subkeys - it + isn't unsupported, it's actually non-meaningful in the context of + HKP (yet). + + * gpgkeys_hkp.c (parse_hkp_index, dehtmlize): Move HTML + functionality into new "dehtmlize" function. Remove HTML before + trying to parse each line from the keyserver. If the keyserver + provides key type information in the listing, use it. (Copy over + from g10/hkp.c). + +2002-08-19 David Shaw + + * gpgkeys_hkp.c (get_key, parse_hkp_index): Bring over latest code + from g10/hkp.c. + + * gpgkeys_ldap.c (get_key): Fix cosmetic URL display problem + (extra ":" at the end). + +2002-08-03 Stefan Bellon + + * gpgkeys_ldap.c: Tidied up RISC OS initializations. + +2002-07-25 David Shaw + + * gpgkeys_hkp.c: "Warning" -> "WARNING" + +2002-07-24 David Shaw + + * Makefile.am: Install keyserver helpers in @GNUPG_LIBEXECDIR@ + +2002-07-15 David Shaw + + * gpgkeys_ldap.c (send_key, get_key, main): Consult the server + version string to determine whether to use pgpKey or pgpKeyV2. + +2002-07-09 David Shaw + + * gpgkeys_mailto.in: Use new OPAQUE tag for non net-path URIs. + Fail more elegantly if there is no email address to send to. Show + the GnuPG version in the message body. + +2002-07-04 David Shaw + + * gpgkeys_ldap.c (get_key), gpgkeys_hkp.c (get_key): Display + keyserver URI as a URI, but only if verbose. + +2002-07-01 David Shaw + + * gpgkeys_hkp.c (parse_hkp_index): Error if the keyserver returns + an unparseable HKP response. + + * gpgkeys_hkp.c (main): Warn on honor-http-proxy, + broken-http-proxy, and include-subkeys (not supported yet). + + * gpgkeys_ldap.c (main), gpgkeys_hkp.c (http_connect, main): Fix + some shadowing warnings. + +2002-06-11 David Shaw + + * Makefile.am: Don't hard-code the LDAP libraries - get them from + LDAPLIBS via configure. Also, gpgkeys_hkp is a program, not a + script. + +2002-06-10 David Shaw + + * gpgkeys_ldap.c (include_subkeys): Default "include-subkeys" to + off, since GnuPG now defaults it to on. + +2002-06-06 David Shaw + + * gpgkeys_hkp.c (parse_hkp_index): Type tweaks. + + * gpgkeys_hkp.c (main): Add experimental code warning. + +2002-06-05 David Shaw + + * Makefile.am, gpgkeys_hkp.c (new): Experimental HKP keyserver + interface. + +2002-05-08 David Shaw + + * gpgkeys_ldap.c: Include if we absolutely must. This + helps when compiling against a very old OpenLDAP. + +2002-04-29 David Shaw + + * gpgkeys_mailto.in: Properly handle key requests in full + fingerprint form. + +2002-03-29 David Shaw + + * gpgkeys_ldap.c (printquoted): Quote backslashes within keyserver + search responses. + +2002-02-25 David Shaw + + * gpgkeys_ldap (get_key): LDAP keyservers do not support v3 + fingerprints, so error out if someone tries. Actually, they don't + support any fingerprints, but at least we can calculate a keyid + from a v4 fingerprint. + +2002-02-23 David Shaw + + * gpgkeys_ldap: Clarify the notion of a partial failure. This is + possible if more than one key is being handled in a batch, and one + fails while the other succeeds. Note that a search that comes up + with no results is not a failure - that is a valid response of "no + answer". + + * gpgkeys_ldap.c (get_key): Allow GnuPG to send us full v4 + fingerprints, long key ids, or short key ids while fetching. + Since the LDAP server doesn't actually handle fingerprints, chop + them down to long key ids for actual use. + + * gpgkeys_ldap.c (main, get_key): When searching for a keyid, + search for subkeys as well as primary keys. This is mostly + significant when automatically fetching the key based on the id in + a header (i.e. "signature made by...."). "no-include-subkeys" + disables. + +2002-02-14 David Shaw + + * gpgkeys_ldap.c: Fix compiler warning. + + * gpgkeys_ldap.c: Be much more robust with mangled input files. + +2001-12-28 David Shaw + + * gpgkeys_mailto.in: Use the new OUTOFBAND indicator so gpg knows + not to try and import anything. Also turn on perl -w for + warnings. + + * gpgkeys_ldap.c (main): If we're using temp files (rather than + stdin/stdout), make sure the file is closed when we're done. + +2001-12-20 David Shaw + + * Properly free the LDAP response when we're done with it. + + * Now that we handle multiple keys, we must remove duplicates as + the LDAP keyserver returns keys with multiple user IDs multiple + times. + + * Properly handle multiple keys with the same key ID (it's really + rare, so fetch "0xDEADBEEF" to test this). + +2001-12-17 David Shaw + + * gpgkeys_ldap.c, gpgkeys_mailto.in: Fix GNU capitalization + issues. Prefix log messages with "gpgkeys" to clarify which + program is generating them. + +2001-12-14 David Shaw + + * gpgkeys_ldap.c (search_key): Use unsigned int rather than uint + for portability. + +2001-12-04 David Shaw + + * Initial version of gpgkeys_ldap (LDAP keyserver helper) and + gpgkeys_mailto (email keyserver helper) + + + Copyright 1998, 1999, 2000, 2001, 2002, 2003, + 2004 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/m4/ChangeLog b/m4/ChangeLog deleted file mode 100644 index 80447d475..000000000 --- a/m4/ChangeLog +++ /dev/null @@ -1,256 +0,0 @@ -2011-08-09 Werner Koch - - * libcurl.m4: s/ifelse/m4_if/. - -2009-07-21 Werner Koch - - * estream.m4: New. Taken from libestream. - -2007-12-17 Werner Koch - - * ldap.m4: Test for ldap_start_tls_sA. - -2007-10-23 gettextize - - * gettext.m4: Upgrade to gettext-0.16.1. - * iconv.m4: Upgrade to gettext-0.16.1. - * lib-ld.m4: Upgrade to gettext-0.16.1. - * lib-link.m4: Upgrade to gettext-0.16.1. - * lib-prefix.m4: Upgrade to gettext-0.16.1. - * nls.m4: Upgrade to gettext-0.16.1. - * po.m4: Upgrade to gettext-0.16.1. - * progtest.m4: Upgrade to gettext-0.16.1. - * codeset.m4: Upgrade to gettext-0.16.1. - * glibc2.m4: New file, from gettext-0.16.1. - * glibc21.m4: Upgrade to gettext-0.16.1. - * intdiv0.m4: Upgrade to gettext-0.16.1. - * intl.m4: New file, from gettext-0.16.1. - * intldir.m4: New file, from gettext-0.16.1. - * intmax.m4: Upgrade to gettext-0.16.1. - * inttypes_h.m4: Upgrade to gettext-0.16.1. - * inttypes-pri.m4: Upgrade to gettext-0.16.1. - * lcmessage.m4: Upgrade to gettext-0.16.1. - * lock.m4: New file, from gettext-0.16.1. - * longdouble.m4: Upgrade to gettext-0.16.1. - * longlong.m4: Upgrade to gettext-0.16.1. - * printf-posix.m4: Upgrade to gettext-0.16.1. - * size_max.m4: Upgrade to gettext-0.16.1. - * stdint_h.m4: Upgrade to gettext-0.16.1. - * uintmax_t.m4: Upgrade to gettext-0.16.1. - * ulonglong.m4: Upgrade to gettext-0.16.1. - * visibility.m4: New file, from gettext-0.16.1. - * wchar_t.m4: Upgrade to gettext-0.16.1. - * wint_t.m4: Upgrade to gettext-0.16.1. - * xsize.m4: Upgrade to gettext-0.16.1. - * Makefile.am (EXTRA_DIST): Add the new files. - -2007-08-02 David Shaw - - * ldap.m4: Revert the mozldap change: mozldap has some significant - differences around TLS compared to OpenLDAP, and will segfault (!) - if the NSS library is not initialized first. Nothing impossible - to do, but I think I'll wait until someone actually asks us for - mozldap support. - -2007-07-27 David Shaw - - * ldap.m4: If we don't find ldap or winldap, try for mozldap. - -2007-01-16 David Shaw - - * libcurl.m4: Check for curl_easy_escape() and - curl_easy_unescape(). Replace with curl_escape() and - curl_unescape() if libcurl doesn't have it. - -2006-10-02 Werner Koch - - * autobuild.m4: New. - -2006-07-12 David Shaw - - * tar-ustar.m4: Use dd instead of strings as it's more likely to - be around. Suggested by Nelson H. F. Beebe. - -2006-07-11 David Shaw - - * tar-ustar.m4: Not all greps know the -q (quiet) flag, so - redirect to /dev/null instead. - - * tar-ustar.m4: Pass tar data through strings so that greps that - don't grep in binary files (Solaris) can detect the string. Noted - by Mark Davies. - -2006-06-25 Werner Koch - - * Makefile.am: Added noexecstack.m4 and ldap.m4 - -2006-05-22 Marcus Brinkmann - - * noexecstack.m4: New file. - -2006-05-09 David Shaw - - * libcurl.m4: Fix mistaken AC_SUBST when curl is not found. - -2006-01-17 David Shaw - - * libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines. - -2006-01-16 David Shaw - - * libcurl.m4: Remove GOPHER, as that is not supported in libcurl - any longer. - -2005-11-05 David Shaw - - * libusb.m4: Check for libusb-config and if we find it, use --libs - and --cflags. This is needed for OS X since libusb brings in - dependencies to various Apple libraries. - -2005-10-21 David Shaw - - * readline.m4: Check for rl_completion_func_t and - rl_completion_matches. - -2005-08-05 David Shaw - - * ldap.m4: If a PATH is given to --with-ldap, bias directory - search towards the given path for includes and libraries. Noted - by Jason Harris. - - * Makefile.am: Distribute tar-ustar.m4. - - * libcurl.m4: If a PATH is given to --with-libcurl, look for - curl-config in that path. Bias directory search towards the given - path for includes and libraries. - -2005-08-04 David Shaw - - * tar-ustar.m4: New. Check for a tar that creates USTAR format - tar files. - -2005-07-20 David Shaw - - * libcurl.m4: Check that our libcurl has - curl_version_info(CURLINFO_NOW). - -2005-06-22 David Shaw - - * libcurl.m4: Only do the OS X linker fix on Panther. Tiger has a - clean curl-config. - -2005-04-24 David Shaw - - * libcurl.m4: Add a check for curl_free() since older versions of - libcurl don't have it. Substitute free() as an alternative. - -2005-03-21 David Shaw - - * readline.m4: Check for completion functionality. - - * ldap.m4: Comments. - -2005-03-16 David Shaw - - * ldap.m4: New. Moved from configure.ac. - -2005-02-28 David Shaw - - * libcurl.m4: Use $LIBS instead of $LDFLAGS. This should help - build problems on Mingw32. - -2005-02-03 David Shaw - - * libcurl.m4: More comments. - -2005-01-24 David Shaw - - * libcurl.m4: All versions of curl-config support --feature. - -2005-01-22 David Shaw - - * libcurl.m4: Note that FTPS existed, but wasn't fully - standards-compliant until version 7.11.0. - -2005-01-17 David Shaw - - * libcurl.m4: Use LIBCURL_CPPFLAGS and not LIBCURL_INCLUDES to - match automake syntax. - -2005-01-03 David Shaw - - * Makefile.am, libusb.m4: New libusb check macro. - -2004-12-24 David Shaw - - * libcurl.m4: Rewrite this to use the new --protocols flag I gave - to the libcurl people. - - * Makefile.am: Add readline.m4 and libcurl.m4. - -2004-12-23 David Shaw - - * libcurl.m4: OSX has a problem with their curl-config script. - - * readline.m4: Make sure that readline is modern enough to - understand rl_catch_signals. - - * libcurl.m4: Don't require curl-config to be present since it - seems some binary packages don't include it. Allow users to - specify LIBCURL and LIBCURL_INCLUDES for us. - -2004-12-22 David Shaw - - * libcurl.m4: Be much more strict with libcurl by trying to - compile and link a test program that uses the features that we - need. - -2004-12-21 David Shaw - - * libcurl.m4: New. - -2004-12-18 David Shaw - - * readline.m4: New. - -2004-07-27 gettextize - - * gettext.m4: Upgrade to gettext-0.14.1. - * intmax.m4: New file, from gettext-0.14.1. - * lib-ld.m4: Upgrade to gettext-0.14.1. - * lib-prefix.m4: Upgrade to gettext-0.14.1. - * longdouble.m4: New file, from gettext-0.14.1. - * longlong.m4: New file, from gettext-0.14.1. - * po.m4: Upgrade to gettext-0.14.1. - * printf-posix.m4: New file, from gettext-0.14.1. - * signed.m4: New file, from gettext-0.14.1. - * size_max.m4: New file, from gettext-0.14.1. - * ulonglong.m4: Upgrade to gettext-0.14.1. - * wchar_t.m4: New file, from gettext-0.14.1. - * wint_t.m4: New file, from gettext-0.14.1. - * xsize.m4: New file, from gettext-0.14.1. - * Makefile.am (EXTRA_DIST): Add the new files. - -2003-10-25 gettextize - - * codeset.m4: New file, from gettext-0.12.1. - * gettext.m4: New file, from gettext-0.12.1. - * glibc21.m4: New file, from gettext-0.12.1. - * iconv.m4: New file, from gettext-0.12.1. - * intdiv0.m4: New file, from gettext-0.12.1. - * inttypes.m4: New file, from gettext-0.12.1. - * inttypes_h.m4: New file, from gettext-0.12.1. - * inttypes-pri.m4: New file, from gettext-0.12.1. - * isc-posix.m4: New file, from gettext-0.12.1. - * lcmessage.m4: New file, from gettext-0.12.1. - * lib-ld.m4: New file, from gettext-0.12.1. - * lib-link.m4: New file, from gettext-0.12.1. - * lib-prefix.m4: New file, from gettext-0.12.1. - * nls.m4: New file, from gettext-0.12.1. - * po.m4: New file, from gettext-0.12.1. - * progtest.m4: New file, from gettext-0.12.1. - * stdint_h.m4: New file, from gettext-0.12.1. - * uintmax_t.m4: New file, from gettext-0.12.1. - * ulonglong.m4: New file, from gettext-0.12.1. - * Makefile.am: New file. - diff --git a/m4/ChangeLog-2011 b/m4/ChangeLog-2011 new file mode 100644 index 000000000..abc34ca27 --- /dev/null +++ b/m4/ChangeLog-2011 @@ -0,0 +1,262 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-08-09 Werner Koch + + * libcurl.m4: s/ifelse/m4_if/. + +2009-07-21 Werner Koch + + * estream.m4: New. Taken from libestream. + +2007-12-17 Werner Koch + + * ldap.m4: Test for ldap_start_tls_sA. + +2007-10-23 gettextize + + * gettext.m4: Upgrade to gettext-0.16.1. + * iconv.m4: Upgrade to gettext-0.16.1. + * lib-ld.m4: Upgrade to gettext-0.16.1. + * lib-link.m4: Upgrade to gettext-0.16.1. + * lib-prefix.m4: Upgrade to gettext-0.16.1. + * nls.m4: Upgrade to gettext-0.16.1. + * po.m4: Upgrade to gettext-0.16.1. + * progtest.m4: Upgrade to gettext-0.16.1. + * codeset.m4: Upgrade to gettext-0.16.1. + * glibc2.m4: New file, from gettext-0.16.1. + * glibc21.m4: Upgrade to gettext-0.16.1. + * intdiv0.m4: Upgrade to gettext-0.16.1. + * intl.m4: New file, from gettext-0.16.1. + * intldir.m4: New file, from gettext-0.16.1. + * intmax.m4: Upgrade to gettext-0.16.1. + * inttypes_h.m4: Upgrade to gettext-0.16.1. + * inttypes-pri.m4: Upgrade to gettext-0.16.1. + * lcmessage.m4: Upgrade to gettext-0.16.1. + * lock.m4: New file, from gettext-0.16.1. + * longdouble.m4: Upgrade to gettext-0.16.1. + * longlong.m4: Upgrade to gettext-0.16.1. + * printf-posix.m4: Upgrade to gettext-0.16.1. + * size_max.m4: Upgrade to gettext-0.16.1. + * stdint_h.m4: Upgrade to gettext-0.16.1. + * uintmax_t.m4: Upgrade to gettext-0.16.1. + * ulonglong.m4: Upgrade to gettext-0.16.1. + * visibility.m4: New file, from gettext-0.16.1. + * wchar_t.m4: Upgrade to gettext-0.16.1. + * wint_t.m4: Upgrade to gettext-0.16.1. + * xsize.m4: Upgrade to gettext-0.16.1. + * Makefile.am (EXTRA_DIST): Add the new files. + +2007-08-02 David Shaw + + * ldap.m4: Revert the mozldap change: mozldap has some significant + differences around TLS compared to OpenLDAP, and will segfault (!) + if the NSS library is not initialized first. Nothing impossible + to do, but I think I'll wait until someone actually asks us for + mozldap support. + +2007-07-27 David Shaw + + * ldap.m4: If we don't find ldap or winldap, try for mozldap. + +2007-01-16 David Shaw + + * libcurl.m4: Check for curl_easy_escape() and + curl_easy_unescape(). Replace with curl_escape() and + curl_unescape() if libcurl doesn't have it. + +2006-10-02 Werner Koch + + * autobuild.m4: New. + +2006-07-12 David Shaw + + * tar-ustar.m4: Use dd instead of strings as it's more likely to + be around. Suggested by Nelson H. F. Beebe. + +2006-07-11 David Shaw + + * tar-ustar.m4: Not all greps know the -q (quiet) flag, so + redirect to /dev/null instead. + + * tar-ustar.m4: Pass tar data through strings so that greps that + don't grep in binary files (Solaris) can detect the string. Noted + by Mark Davies. + +2006-06-25 Werner Koch + + * Makefile.am: Added noexecstack.m4 and ldap.m4 + +2006-05-22 Marcus Brinkmann + + * noexecstack.m4: New file. + +2006-05-09 David Shaw + + * libcurl.m4: Fix mistaken AC_SUBST when curl is not found. + +2006-01-17 David Shaw + + * libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines. + +2006-01-16 David Shaw + + * libcurl.m4: Remove GOPHER, as that is not supported in libcurl + any longer. + +2005-11-05 David Shaw + + * libusb.m4: Check for libusb-config and if we find it, use --libs + and --cflags. This is needed for OS X since libusb brings in + dependencies to various Apple libraries. + +2005-10-21 David Shaw + + * readline.m4: Check for rl_completion_func_t and + rl_completion_matches. + +2005-08-05 David Shaw + + * ldap.m4: If a PATH is given to --with-ldap, bias directory + search towards the given path for includes and libraries. Noted + by Jason Harris. + + * Makefile.am: Distribute tar-ustar.m4. + + * libcurl.m4: If a PATH is given to --with-libcurl, look for + curl-config in that path. Bias directory search towards the given + path for includes and libraries. + +2005-08-04 David Shaw + + * tar-ustar.m4: New. Check for a tar that creates USTAR format + tar files. + +2005-07-20 David Shaw + + * libcurl.m4: Check that our libcurl has + curl_version_info(CURLINFO_NOW). + +2005-06-22 David Shaw + + * libcurl.m4: Only do the OS X linker fix on Panther. Tiger has a + clean curl-config. + +2005-04-24 David Shaw + + * libcurl.m4: Add a check for curl_free() since older versions of + libcurl don't have it. Substitute free() as an alternative. + +2005-03-21 David Shaw + + * readline.m4: Check for completion functionality. + + * ldap.m4: Comments. + +2005-03-16 David Shaw + + * ldap.m4: New. Moved from configure.ac. + +2005-02-28 David Shaw + + * libcurl.m4: Use $LIBS instead of $LDFLAGS. This should help + build problems on Mingw32. + +2005-02-03 David Shaw + + * libcurl.m4: More comments. + +2005-01-24 David Shaw + + * libcurl.m4: All versions of curl-config support --feature. + +2005-01-22 David Shaw + + * libcurl.m4: Note that FTPS existed, but wasn't fully + standards-compliant until version 7.11.0. + +2005-01-17 David Shaw + + * libcurl.m4: Use LIBCURL_CPPFLAGS and not LIBCURL_INCLUDES to + match automake syntax. + +2005-01-03 David Shaw + + * Makefile.am, libusb.m4: New libusb check macro. + +2004-12-24 David Shaw + + * libcurl.m4: Rewrite this to use the new --protocols flag I gave + to the libcurl people. + + * Makefile.am: Add readline.m4 and libcurl.m4. + +2004-12-23 David Shaw + + * libcurl.m4: OSX has a problem with their curl-config script. + + * readline.m4: Make sure that readline is modern enough to + understand rl_catch_signals. + + * libcurl.m4: Don't require curl-config to be present since it + seems some binary packages don't include it. Allow users to + specify LIBCURL and LIBCURL_INCLUDES for us. + +2004-12-22 David Shaw + + * libcurl.m4: Be much more strict with libcurl by trying to + compile and link a test program that uses the features that we + need. + +2004-12-21 David Shaw + + * libcurl.m4: New. + +2004-12-18 David Shaw + + * readline.m4: New. + +2004-07-27 gettextize + + * gettext.m4: Upgrade to gettext-0.14.1. + * intmax.m4: New file, from gettext-0.14.1. + * lib-ld.m4: Upgrade to gettext-0.14.1. + * lib-prefix.m4: Upgrade to gettext-0.14.1. + * longdouble.m4: New file, from gettext-0.14.1. + * longlong.m4: New file, from gettext-0.14.1. + * po.m4: Upgrade to gettext-0.14.1. + * printf-posix.m4: New file, from gettext-0.14.1. + * signed.m4: New file, from gettext-0.14.1. + * size_max.m4: New file, from gettext-0.14.1. + * ulonglong.m4: Upgrade to gettext-0.14.1. + * wchar_t.m4: New file, from gettext-0.14.1. + * wint_t.m4: New file, from gettext-0.14.1. + * xsize.m4: New file, from gettext-0.14.1. + * Makefile.am (EXTRA_DIST): Add the new files. + +2003-10-25 gettextize + + * codeset.m4: New file, from gettext-0.12.1. + * gettext.m4: New file, from gettext-0.12.1. + * glibc21.m4: New file, from gettext-0.12.1. + * iconv.m4: New file, from gettext-0.12.1. + * intdiv0.m4: New file, from gettext-0.12.1. + * inttypes.m4: New file, from gettext-0.12.1. + * inttypes_h.m4: New file, from gettext-0.12.1. + * inttypes-pri.m4: New file, from gettext-0.12.1. + * isc-posix.m4: New file, from gettext-0.12.1. + * lcmessage.m4: New file, from gettext-0.12.1. + * lib-ld.m4: New file, from gettext-0.12.1. + * lib-link.m4: New file, from gettext-0.12.1. + * lib-prefix.m4: New file, from gettext-0.12.1. + * nls.m4: New file, from gettext-0.12.1. + * po.m4: New file, from gettext-0.12.1. + * progtest.m4: New file, from gettext-0.12.1. + * stdint_h.m4: New file, from gettext-0.12.1. + * uintmax_t.m4: New file, from gettext-0.12.1. + * ulonglong.m4: New file, from gettext-0.12.1. + * Makefile.am: New file. diff --git a/mpi/ChangeLog b/mpi/ChangeLog deleted file mode 100644 index d51e0d212..000000000 --- a/mpi/ChangeLog +++ /dev/null @@ -1,564 +0,0 @@ -2011-08-09 Werner Koch - - * mpicoder.c (mpi_fromstr): Remove unused var. - - * mpi-pow.c (mpi_powm): Remove unused var. - -2011-07-04 Werner Koch - - * longlong.h: [__arm__]: Do no use asm if thumb code generation is - enabled. Fixes bug#1202. - -2010-10-28 Werner Koch - - * longlong.h: Revert last two changes and replace by code from - libgcrypt 1.4.6. - -2010-10-22 Jason Woodward (wk) - - * longlong.h (umul_ppmm) [mips32]: Fix typo. - (umul_ppmm) [mips64]: Don't use =h with gcc >= 4.4. - -2010-06-01 Werner Koch - - * longlong.h (umul_ppmm) <__mips__>: Add code for gcc 4.4. This - fixes bug#1231. - -2009-12-09 Werner Koch - - * config.links: Remove asm modules for all sparc64. This is - related to debian#560028. - -2008-03-25 Werner Koch - - * config.links (mpi_sflags): Powerpc64 needs to come even before - the generic linux powerpc entry. - -2007-10-23 Werner Koch - - Switched entire package to GPLv3+. - * longlong.h: Change address notice but keep LGPL. - * powerpc32/*: Remove LGPL license cruft in the middle of the - files - -2007-01-15 David Shaw - - * config.links: powerpc64* needs to come before powerpc* or it - will never match. Reported by Alon Bar-Lev for libgcrypt, but - relevant here as well. - -2006-12-11 Werner Koch - - * mpi-internal.h: Include mpi-asm-defs.h. - (mpi_limb_t): Moved definition from mpi.h to here. - (struct gcry_mpi): Moved from mpi.h to here. - * mpiutil.c (mpi_get_nlimbs, mpi_is_neg): New. To replace the - macros. This helps hiding details of the MPI implementation. - (mpi_nlimb_hint_from_nbytes, mpi_nlimb_hint_from_nbits): Ditto. - (mpi_get_flags): Ditto. - * mpicoder.c (mpi_read, mpi_read_from_buffer, mpi_print): - s/MPI_NULL/NULL/. - -2005-09-01 David Shaw - - * mpicoder.c (mpi_read): Fix minor bug in reading a zero-length - MPI (was failing unnecessarily). - -2005-05-06 Werner Koch - - * mpi-scan.c (mpi_putbyte, mpi_getbyte): Removed. Not used. - -2005-04-21 Werner Koch - - * mpicoder.c (mpi_read): Changed error detection to always return - an error while maintaining the actual number of bytes read. - -2005-03-11 Werner Koch - - * Makefile.am (ASFLAGS): Renamed to AM_CCASFLAGS and added the - variable for non exectubale stack options. Adapted users. - -2004-12-20 Werner Koch - - * mpicoder.c (mpi_read_from_buffer): Don't abort in case of an - invalid MPI but print a message and return NULL. Use log_info and - not log_error. - -2004-10-26 Werner Koch - - * config.links: Use HOST instead of TARGET. - -2004-10-12 Werner Koch - - * Makefile.am (.S.o): Include MPI_SFLAGS. This is our bug 145. - -2004-09-29 David Shaw - - * mpicoder.c (mpi_read): If we must fail due to a oversize - (generally corrupt) MPI, make sure the number of bytes we read is - valid so we can skip the rest of the bad packet (in hopes the - whole stream isn't invalid). - -2004-05-20 David Shaw - - * longlong.h: Typo. - - * mpi-pow.c (mpi_powm): s/exp/exponent/ to shutup a compiler - warning. From Werner on stable branch. - -2004-01-20 David Shaw - - * hppa1.1/udiv-qrnnd.S: Alignment fix from Lamont Jones for - Debian. - -2004-01-11 David Shaw - - * config.links: OpenBSD 3.4 is now ELF, so use the proper - assembler code for that. Use the portable C MPI code for OpenBSD - before 3.4, and remove the special i386-openbsd assembly - directory. - - * Makefile.am: Add the portable C links to DISTCLEANFILES. Noted - by Nelson H. F. Beebe. - - * mpi-mpow.c (build_index): s/index/idx/ to avoid gcc warning. - From Werner on stable branch. - - * longlong.h: Added PowerPC 64 bit code from GPM-4.1.2 but didn't - enable it yet. From Werner on stable branch. - -2003-12-29 David Shaw - - * g10m.c: Dead code. Remove. - - * Makefile.am: Don't compile g10m.c. - -2003-12-17 David Shaw - - * mpiutil.c (mpi_set_opaque, mpi_get_opaque): Make the length of - an opaque MPI unsigned. - -2003-12-04 David Shaw - - * config.links: Show target in asm-syntax.h file and include - targets for K*BSD (GNU userland with BSD kernel). - -2003-11-20 David Shaw - - * config.links: sparc64 assembler doesn't work on FreeBSD or - OpenBSD either. - -2003-05-26 David Shaw - - * Makefile.am: Make use of AM_CFLAGS. (From wk on stable branch) - -2003-05-24 David Shaw - - * mpicoder.c, mpi-inline.h, mpi-inv.c, mpiutil.c, mpih-div.c, - mpi-internal.h, mpi-scan.c: Edit all preprocessor instructions to - remove whitespace before the '#'. This is not required by C89, - but there are some compilers out there that don't like it. - -2003-04-25 David Shaw - - * config.links: Re-disable assembler on Darwin. Darwin 6.5 broke - it again. - -2003-04-15 Werner Koch - - * longlong.h (umul_ppmm): Support SH3 and SH4. Thanks to - kazuya.s@jp.yokogawa.com. - -2002-11-16 David Shaw - - * config.links: Use OpenBSD/NetBSD powerpc assembler code for - Darwin. Successfully tested by Gordon Worley. - -2002-10-17 Werner Koch - - * config.links (powerpc-apple-darwin6.1): Disable assembler - due to non-working modules/as. Suggested by Gordon Worley. - -2002-10-02 David Shaw - - * longlong.h: Some whitespace changes in HPPA to fix assembler - problems on HP-UX. From David Ellement. - -2002-09-20 Werner Koch - - * mpicoder.c (do_get_buffer): Avoid zero length allocation. - Checked that all callers behave properly when NBYTES returns 0 as - the length of the allocated buffer. - -2002-09-10 Werner Koch - - * mpi-bit.c (mpi_normalize): Replaced the check for protected by - is_opaque. - (mpi_get_nbits): Removed the special case for protected MPIs. - * mpicoder.c (do_get_buffer): Likewise. - (mpi_print): Removed the nbit_info printing. - -2002-09-03 Werner Koch - - * mpicoder.c (mpi_set_buffer): Cast all left operands of a shift - to a larger type so that 16 bit CPUs don't suffer from an - overflow. Suggested by TOGAWA Satoshi. - -2002-08-24 David Shaw - - * longlong.h: Remove space between \ and newline. gcc is - complaining. - -2002-08-13 Werner Koch - - * mpicoder.c (do_get_buffer): Don't remove leading zeros if the - MPI is marked as protected. - -2002-08-02 Timo Schulz - - * mpicoder.c: Add a '\n' to all log_bug functions. - -2002-08-01 Werner Koch - - * config.links: Added case for sparc64-netbsd. Suggested by - ww@styx.org. - -2002-07-25 David Shaw - - * config.links: Add special rule for OpenBSD on x86 to use special - i386-openbsd files. OpenBSD (at least until version 3.1) has an - older assembler that won't work with the files in i386. - -2002-07-24 Stefan Bellon - - * longlong.h [__riscos__]: Removed #pragma which is not needed - anymore since the K&R multiline strings are gone. - -2002-07-24 Werner Koch - - * longlong.h: Replaced all K&R multiline strings by ISO ones for - the sake of modern compilers. Suggested by Marco Parrone. - -2002-05-10 Stefan Bellon - - * mpiutil.c (mpi_alloc_like/mpi_debug_alloc_like): Added code - for M_DEBUG. - -2002-04-18 Werner Koch - - * i386/syntax.h (ALIGN): Removed parens from definition - * i386/mpih-add1.S, i386/mpih-sub1.S, i386/mpih-rshift.S, - i386/mpih-lshift.S: Minor syntax changes suggested by Mark Pettit - after comparing the files with those for GMP 4. - -2001-11-08 Werner Koch - - * config.links (mpi_sflags): Add extra rule for sparc64-sun-solaris2. - -2001-08-20 Werner Koch - - * longlong.h [__riscos__]: Need a special pragma here. - -2001-08-09 Werner Koch - - * config.links: Added configuraton for powerpc-openbsd. By Peter - Valchev - -2001-07-09 Werner Koch - - * config.links: Changed the way the list of files to be - symlinked is returned. - -2001-05-27 Werner Koch - - * hppa/, hppa1.1/, pa7100/ : Use .label command instead of labels - because there syntax changed. By Matthew Wilcox. - -2001-05-06 Werner Koch - - * longlong.h: Fixes for ARM by Phil Blundell. - -2001-04-17 Werner Koch - - Updated copyright notices. - -2001-03-24 Werner Koch - - * mpi-mul.c (mpi_mul): Make sure that secret temporary results are - not stored in w. Suggested by Florian Weimer. - -2001-03-18 Werner Koch - - * config.links: Use i386 code for i386. According to tests by - Kevin Ryde the i586 code runs slow on i386 CPUs. Ditto for i786. - -2000-10-24 Werner Koch - - * mips3/: Changed a few comments to C-style. By Jeff Long. - -2000-10-13 Werner Koch - - * mpi.h: Removed the inclusion of mpi-asm-defs.h because this - makes some trouble when doing a VPATH build. configure now - takes care of it. - -2000-10-12 Werner Koch - - * generic/mpi-asm-defs.h: New. - * mips3/mpi-asm-defs.h: New. - * config.links: Create a link to one of the above files. - -Wed Jul 19 11:26:43 CEST 2000 Werner Koch - - * config.links: Support for powerpc--netbsd by Gabriel Rosenkoetter. - -Wed Mar 22 13:50:24 CET 2000 Werner Koch - - * config.links: Add support for FreeBSD 5 and made the case stmt - looking nicer. From Jun Kuriyama. - -Fri Mar 17 17:50:25 CET 2000 Werner Koch - - * config.links (sparc64-unknown-linux-gnu): use udic module. - From Adam Mitchell. - -2000-03-14 12:03:56 Werner Koch (wk@habibti.openit.de) - - * Makefile.am: Do not use .s and .S files but a temp names, so that - OSes with caseinsensitive filenames do work. From Frank Donahoe. - -Tue Mar 7 18:45:31 CET 2000 Werner Koch - - * mpih-mul.c (mpihelp_mul_karatsuba_case): It seems that the - untested part works fine. Removed the debugging message. - - * longlong.h (umul_ppmm): Fixes for ARM-4. By Sean MacLennan. - - * config.links: Add support for NetBSD. - -Thu Jan 13 19:31:58 CET 2000 Werner Koch - - * mpi-internal.h (karatsuba_ctx): New. - * mpih-mul.c (mpihelp_release_karatsuba_ctx): New. - (mpihelp_mul_karatsuba_case): New. - (mpihelp_mul): Splitted to make use of the new functions. - * mpi-pow.c (mpi_powm): Make use of the new splitted function - to avoid multiple allocation of temporary memory during the - karatsuba operations. - - * mpi_mpow.c: Removed the unused Barrett code. - -Sun Dec 19 15:22:26 CET 1999 Werner Koch - - * power/ : Converted more comments to C comments because some AS - complain about ' in comments. - -Thu Dec 16 10:07:58 CET 1999 Werner Koch - - * Makefile.am: c/SFLAGS/ASFLAGS/. This has only been used by the - powerpc and actually never passed the -Wa,foo to the cc. - -Thu Dec 9 10:31:05 CET 1999 Werner Koch - - * power/: Add all files from GMP for this CPU. - - * config.links: Support for BSDI 4.x. By Wayne Chapeskie. - (sparc8): Made the search path the same as sparc9 - - * mpih-div.c (mpihelp_divrem): The MPN_COPY_DECR copied one - elemnat too many. This is gmp2.0.2p9.txt patch. - -Sat Oct 9 20:34:41 CEST 1999 Werner Koch - - * Makefile.am: Removed libtool. - -Mon Aug 30 20:38:33 CEST 1999 Werner Koch - - * config.links: Add case label for DJGPP - -Wed Jul 14 19:42:08 CEST 1999 Werner Koch - - - * Makefile.am: Use .s files as temporaries, disabled other .S rules. - -Wed Jul 7 13:08:40 CEST 1999 Werner Koch - - - * mpicoder.c (g10_log_mpidump): New. - - * Makefile.am: Support for libtool. - -Fri Jul 2 11:45:54 CEST 1999 Werner Koch - - - * mpi-bit.c (mpi_lshift_limbs,mpi_rshift_limbs): New. - * mpi-mpow.c (barrett_mulm): New but diabled. - -Tue Jun 1 16:01:46 CEST 1999 Werner Koch - - * config.links (i[56]86*-*-freebsdelf*): New. - -Sun May 23 14:20:22 CEST 1999 Werner Koch - - * config.links (sysdep.h): Not any more conditionally created. - -Tue May 4 15:47:53 CEST 1999 Werner Koch - - * mpiutil.c (mpi_alloc_like): New. - -Mon Apr 26 17:48:15 CEST 1999 Werner Koch - - * mpih-add.c, mpih-sub.c: Removed - * mpi-inline.c: New. - * mpi-inline.h: Make it usable by mpi-inline.c. - -Sun Apr 18 10:11:28 CEST 1999 Werner Koch - - * mpih-mul.c (mpihelp_mul_n): Fixed use of memory region. - (mpihelp_mul): Ditto. - -Wed Apr 7 20:51:39 CEST 1999 Werner Koch - - * Makefile.am: Explicit rules to invoke cpp on *.S - -Mon Mar 8 20:47:17 CET 1999 Werner Koch - - * config.links: Take advantage of the with_symbol_underscore macro. - Add support for freebsd 4. - -Wed Feb 24 11:07:27 CET 1999 Werner Koch - - * mips3/mpih-sub1.S: Removed left over junk in last line. (Should I - blame me or my editor?). - -Sat Feb 13 12:04:43 CET 1999 Werner Koch - - * Makefile.am: Removed the +=. Add MPI_OPT_FLAGS. - -Sat Jan 9 16:02:23 CET 1999 Werner Koch - - * mpi-cmp.c (mpi_cmp_ui): Normalized the arg. - -Thu Jan 7 18:00:58 CET 1999 Werner Koch - - * mpi-bit.c (mpi_normalize): New. - (mpi_get_nbits): Normalize the MPI. - * mpi-bit.c (mpi_cmp): Normalize the MPI before the compare. - - -Tue Dec 8 13:15:16 CET 1998 Werner Koch - - * config.links: Moved the case for powerpc*linux - * powerpcp32/*.S: Removed some underscores. - -Thu Nov 26 07:27:52 1998 Werner Koch - - * config.links: Support for ppc with ELF - * powerpc32/syntax.h: New. - * powerpc32/*.S: Applied ELF patches (glibc patches) - -Tue Nov 10 19:31:37 1998 Werner Koch (wk@isil.d.shuttle.de) - - * power*/ : Started with stuff for PPC - * config.links: Some stuff for PPC. - * generic/udiv-w-sdiv.c: New but disabled. - -Tue Oct 27 12:37:46 1998 Werner Koch (wk@isil.d.shuttle.de) - - * config.links (freebsd): Fixes for FreeBSD 3.0 - -Wed Oct 14 09:59:30 1998 Werner Koch (wk@isil.d.shuttle.de) - - * config.links (freebsd): ELF patches from Jun Kuriyama. - -Thu Oct 8 13:28:17 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mpi-mpow.c (mpi_mulpowm): Fixed mem leak (m_free/mpi_free). - -Thu Sep 17 18:08:50 1998 Werner Koch (wk@(none)) - - * hppa1.1/udiv-qrnnd.S: Fix from Steffen Zahn for HPUX 10.20 - -Thu Aug 6 16:39:28 1998 Werner Koch,mobil,,, (wk@tobold) - - * mpi-bit.c (mpi_set_bytes): Removed. - -Wed Aug 5 15:11:12 1998 Werner Koch (wk@(none)) - - * mpicoder.c (mpi_read_from_buffer): New. - - * mpiutil.c (mpi_set_opaque): New. - (mpi_get_opaque): New. - (mpi_copy): Changed to support opauqe flag - (mpi_free): Ditto. - -Sat Jul 4 10:11:11 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mpiutil.c (mpi_clear): Reset flags. - (mpi_set): Ditto. - (mpi_alloc_secure): Set flag to 1 and not ored the 1 in, tsss.. - -Fri Jun 26 11:19:06 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mpiutil.c (mpi_alloc): set nbits to 0. - (mpi_alloc_secure): Ditto. - (mpi_clear): Ditto. - -Thu Jun 25 11:50:01 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mips3/*.S: New - -Mon May 18 13:47:06 1998 Werner Koch (wk@isil.d.shuttle.de) - - * config.links: split mpih-shift into mpih-[lr]shift and - changed all implementations. - * mpi/alpha: add some new assembler stuff. - -Wed May 13 11:04:29 1998 Werner Koch (wk@isil.d.shuttle.de) - - * config.links: Add support for MIPS - -Thu Apr 9 11:31:36 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mpicoder.c (mpi_get_secure_buffer): New. - -Wed Apr 8 09:44:33 1998 Werner Koch (wk@isil.d.shuttle.de) - - * config.links: Applied small fix from Ulf Möller. - -Mon Apr 6 12:38:52 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mpicoder.c (mpi_get_buffer): Removed returned leading zeroes - and changed all callers. - -Tue Mar 10 13:40:34 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mpi-bit.c (mpi_clear_highbit): New. - -Mon Mar 2 19:29:00 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.am (DISTCLEANFILES): New - -Thu Feb 26 06:48:54 1998 Werner Koch (wk@isil.d.shuttle.de) - - * config.links (X86_BROKEN_ALIGN): Added for some systems. - -Mon Feb 23 12:21:40 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mpi/m68k/mpih-shift.S (Lspecial): Changed duplicate symbol. - -Mon Feb 16 13:00:27 1998 Werner Koch (wk@isil.d.shuttle.de) - - * config.links : Add detection of m68k cpus - - - - Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/mpi/ChangeLog-2011 b/mpi/ChangeLog-2011 new file mode 100644 index 000000000..73f69cabb --- /dev/null +++ b/mpi/ChangeLog-2011 @@ -0,0 +1,571 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-08-09 Werner Koch + + * mpicoder.c (mpi_fromstr): Remove unused var. + + * mpi-pow.c (mpi_powm): Remove unused var. + +2011-07-04 Werner Koch + + * longlong.h: [__arm__]: Do no use asm if thumb code generation is + enabled. Fixes bug#1202. + +2010-10-28 Werner Koch + + * longlong.h: Revert last two changes and replace by code from + libgcrypt 1.4.6. + +2010-10-22 Jason Woodward (wk) + + * longlong.h (umul_ppmm) [mips32]: Fix typo. + (umul_ppmm) [mips64]: Don't use =h with gcc >= 4.4. + +2010-06-01 Werner Koch + + * longlong.h (umul_ppmm) <__mips__>: Add code for gcc 4.4. This + fixes bug#1231. + +2009-12-09 Werner Koch + + * config.links: Remove asm modules for all sparc64. This is + related to debian#560028. + +2008-03-25 Werner Koch + + * config.links (mpi_sflags): Powerpc64 needs to come even before + the generic linux powerpc entry. + +2007-10-23 Werner Koch + + Switched entire package to GPLv3+. + * longlong.h: Change address notice but keep LGPL. + * powerpc32/*: Remove LGPL license cruft in the middle of the + files + +2007-01-15 David Shaw + + * config.links: powerpc64* needs to come before powerpc* or it + will never match. Reported by Alon Bar-Lev for libgcrypt, but + relevant here as well. + +2006-12-11 Werner Koch + + * mpi-internal.h: Include mpi-asm-defs.h. + (mpi_limb_t): Moved definition from mpi.h to here. + (struct gcry_mpi): Moved from mpi.h to here. + * mpiutil.c (mpi_get_nlimbs, mpi_is_neg): New. To replace the + macros. This helps hiding details of the MPI implementation. + (mpi_nlimb_hint_from_nbytes, mpi_nlimb_hint_from_nbits): Ditto. + (mpi_get_flags): Ditto. + * mpicoder.c (mpi_read, mpi_read_from_buffer, mpi_print): + s/MPI_NULL/NULL/. + +2005-09-01 David Shaw + + * mpicoder.c (mpi_read): Fix minor bug in reading a zero-length + MPI (was failing unnecessarily). + +2005-05-06 Werner Koch + + * mpi-scan.c (mpi_putbyte, mpi_getbyte): Removed. Not used. + +2005-04-21 Werner Koch + + * mpicoder.c (mpi_read): Changed error detection to always return + an error while maintaining the actual number of bytes read. + +2005-03-11 Werner Koch + + * Makefile.am (ASFLAGS): Renamed to AM_CCASFLAGS and added the + variable for non exectubale stack options. Adapted users. + +2004-12-20 Werner Koch + + * mpicoder.c (mpi_read_from_buffer): Don't abort in case of an + invalid MPI but print a message and return NULL. Use log_info and + not log_error. + +2004-10-26 Werner Koch + + * config.links: Use HOST instead of TARGET. + +2004-10-12 Werner Koch + + * Makefile.am (.S.o): Include MPI_SFLAGS. This is our bug 145. + +2004-09-29 David Shaw + + * mpicoder.c (mpi_read): If we must fail due to a oversize + (generally corrupt) MPI, make sure the number of bytes we read is + valid so we can skip the rest of the bad packet (in hopes the + whole stream isn't invalid). + +2004-05-20 David Shaw + + * longlong.h: Typo. + + * mpi-pow.c (mpi_powm): s/exp/exponent/ to shutup a compiler + warning. From Werner on stable branch. + +2004-01-20 David Shaw + + * hppa1.1/udiv-qrnnd.S: Alignment fix from Lamont Jones for + Debian. + +2004-01-11 David Shaw + + * config.links: OpenBSD 3.4 is now ELF, so use the proper + assembler code for that. Use the portable C MPI code for OpenBSD + before 3.4, and remove the special i386-openbsd assembly + directory. + + * Makefile.am: Add the portable C links to DISTCLEANFILES. Noted + by Nelson H. F. Beebe. + + * mpi-mpow.c (build_index): s/index/idx/ to avoid gcc warning. + From Werner on stable branch. + + * longlong.h: Added PowerPC 64 bit code from GPM-4.1.2 but didn't + enable it yet. From Werner on stable branch. + +2003-12-29 David Shaw + + * g10m.c: Dead code. Remove. + + * Makefile.am: Don't compile g10m.c. + +2003-12-17 David Shaw + + * mpiutil.c (mpi_set_opaque, mpi_get_opaque): Make the length of + an opaque MPI unsigned. + +2003-12-04 David Shaw + + * config.links: Show target in asm-syntax.h file and include + targets for K*BSD (GNU userland with BSD kernel). + +2003-11-20 David Shaw + + * config.links: sparc64 assembler doesn't work on FreeBSD or + OpenBSD either. + +2003-05-26 David Shaw + + * Makefile.am: Make use of AM_CFLAGS. (From wk on stable branch) + +2003-05-24 David Shaw + + * mpicoder.c, mpi-inline.h, mpi-inv.c, mpiutil.c, mpih-div.c, + mpi-internal.h, mpi-scan.c: Edit all preprocessor instructions to + remove whitespace before the '#'. This is not required by C89, + but there are some compilers out there that don't like it. + +2003-04-25 David Shaw + + * config.links: Re-disable assembler on Darwin. Darwin 6.5 broke + it again. + +2003-04-15 Werner Koch + + * longlong.h (umul_ppmm): Support SH3 and SH4. Thanks to + kazuya.s@jp.yokogawa.com. + +2002-11-16 David Shaw + + * config.links: Use OpenBSD/NetBSD powerpc assembler code for + Darwin. Successfully tested by Gordon Worley. + +2002-10-17 Werner Koch + + * config.links (powerpc-apple-darwin6.1): Disable assembler + due to non-working modules/as. Suggested by Gordon Worley. + +2002-10-02 David Shaw + + * longlong.h: Some whitespace changes in HPPA to fix assembler + problems on HP-UX. From David Ellement. + +2002-09-20 Werner Koch + + * mpicoder.c (do_get_buffer): Avoid zero length allocation. + Checked that all callers behave properly when NBYTES returns 0 as + the length of the allocated buffer. + +2002-09-10 Werner Koch + + * mpi-bit.c (mpi_normalize): Replaced the check for protected by + is_opaque. + (mpi_get_nbits): Removed the special case for protected MPIs. + * mpicoder.c (do_get_buffer): Likewise. + (mpi_print): Removed the nbit_info printing. + +2002-09-03 Werner Koch + + * mpicoder.c (mpi_set_buffer): Cast all left operands of a shift + to a larger type so that 16 bit CPUs don't suffer from an + overflow. Suggested by TOGAWA Satoshi. + +2002-08-24 David Shaw + + * longlong.h: Remove space between \ and newline. gcc is + complaining. + +2002-08-13 Werner Koch + + * mpicoder.c (do_get_buffer): Don't remove leading zeros if the + MPI is marked as protected. + +2002-08-02 Timo Schulz + + * mpicoder.c: Add a '\n' to all log_bug functions. + +2002-08-01 Werner Koch + + * config.links: Added case for sparc64-netbsd. Suggested by + ww@styx.org. + +2002-07-25 David Shaw + + * config.links: Add special rule for OpenBSD on x86 to use special + i386-openbsd files. OpenBSD (at least until version 3.1) has an + older assembler that won't work with the files in i386. + +2002-07-24 Stefan Bellon + + * longlong.h [__riscos__]: Removed #pragma which is not needed + anymore since the K&R multiline strings are gone. + +2002-07-24 Werner Koch + + * longlong.h: Replaced all K&R multiline strings by ISO ones for + the sake of modern compilers. Suggested by Marco Parrone. + +2002-05-10 Stefan Bellon + + * mpiutil.c (mpi_alloc_like/mpi_debug_alloc_like): Added code + for M_DEBUG. + +2002-04-18 Werner Koch + + * i386/syntax.h (ALIGN): Removed parens from definition + * i386/mpih-add1.S, i386/mpih-sub1.S, i386/mpih-rshift.S, + i386/mpih-lshift.S: Minor syntax changes suggested by Mark Pettit + after comparing the files with those for GMP 4. + +2001-11-08 Werner Koch + + * config.links (mpi_sflags): Add extra rule for sparc64-sun-solaris2. + +2001-08-20 Werner Koch + + * longlong.h [__riscos__]: Need a special pragma here. + +2001-08-09 Werner Koch + + * config.links: Added configuraton for powerpc-openbsd. By Peter + Valchev + +2001-07-09 Werner Koch + + * config.links: Changed the way the list of files to be + symlinked is returned. + +2001-05-27 Werner Koch + + * hppa/, hppa1.1/, pa7100/ : Use .label command instead of labels + because there syntax changed. By Matthew Wilcox. + +2001-05-06 Werner Koch + + * longlong.h: Fixes for ARM by Phil Blundell. + +2001-04-17 Werner Koch + + Updated copyright notices. + +2001-03-24 Werner Koch + + * mpi-mul.c (mpi_mul): Make sure that secret temporary results are + not stored in w. Suggested by Florian Weimer. + +2001-03-18 Werner Koch + + * config.links: Use i386 code for i386. According to tests by + Kevin Ryde the i586 code runs slow on i386 CPUs. Ditto for i786. + +2000-10-24 Werner Koch + + * mips3/: Changed a few comments to C-style. By Jeff Long. + +2000-10-13 Werner Koch + + * mpi.h: Removed the inclusion of mpi-asm-defs.h because this + makes some trouble when doing a VPATH build. configure now + takes care of it. + +2000-10-12 Werner Koch + + * generic/mpi-asm-defs.h: New. + * mips3/mpi-asm-defs.h: New. + * config.links: Create a link to one of the above files. + +Wed Jul 19 11:26:43 CEST 2000 Werner Koch + + * config.links: Support for powerpc--netbsd by Gabriel Rosenkoetter. + +Wed Mar 22 13:50:24 CET 2000 Werner Koch + + * config.links: Add support for FreeBSD 5 and made the case stmt + looking nicer. From Jun Kuriyama. + +Fri Mar 17 17:50:25 CET 2000 Werner Koch + + * config.links (sparc64-unknown-linux-gnu): use udic module. + From Adam Mitchell. + +2000-03-14 12:03:56 Werner Koch (wk@habibti.openit.de) + + * Makefile.am: Do not use .s and .S files but a temp names, so that + OSes with caseinsensitive filenames do work. From Frank Donahoe. + +Tue Mar 7 18:45:31 CET 2000 Werner Koch + + * mpih-mul.c (mpihelp_mul_karatsuba_case): It seems that the + untested part works fine. Removed the debugging message. + + * longlong.h (umul_ppmm): Fixes for ARM-4. By Sean MacLennan. + + * config.links: Add support for NetBSD. + +Thu Jan 13 19:31:58 CET 2000 Werner Koch + + * mpi-internal.h (karatsuba_ctx): New. + * mpih-mul.c (mpihelp_release_karatsuba_ctx): New. + (mpihelp_mul_karatsuba_case): New. + (mpihelp_mul): Splitted to make use of the new functions. + * mpi-pow.c (mpi_powm): Make use of the new splitted function + to avoid multiple allocation of temporary memory during the + karatsuba operations. + + * mpi_mpow.c: Removed the unused Barrett code. + +Sun Dec 19 15:22:26 CET 1999 Werner Koch + + * power/ : Converted more comments to C comments because some AS + complain about ' in comments. + +Thu Dec 16 10:07:58 CET 1999 Werner Koch + + * Makefile.am: c/SFLAGS/ASFLAGS/. This has only been used by the + powerpc and actually never passed the -Wa,foo to the cc. + +Thu Dec 9 10:31:05 CET 1999 Werner Koch + + * power/: Add all files from GMP for this CPU. + + * config.links: Support for BSDI 4.x. By Wayne Chapeskie. + (sparc8): Made the search path the same as sparc9 + + * mpih-div.c (mpihelp_divrem): The MPN_COPY_DECR copied one + elemnat too many. This is gmp2.0.2p9.txt patch. + +Sat Oct 9 20:34:41 CEST 1999 Werner Koch + + * Makefile.am: Removed libtool. + +Mon Aug 30 20:38:33 CEST 1999 Werner Koch + + * config.links: Add case label for DJGPP + +Wed Jul 14 19:42:08 CEST 1999 Werner Koch + + + * Makefile.am: Use .s files as temporaries, disabled other .S rules. + +Wed Jul 7 13:08:40 CEST 1999 Werner Koch + + + * mpicoder.c (g10_log_mpidump): New. + + * Makefile.am: Support for libtool. + +Fri Jul 2 11:45:54 CEST 1999 Werner Koch + + + * mpi-bit.c (mpi_lshift_limbs,mpi_rshift_limbs): New. + * mpi-mpow.c (barrett_mulm): New but diabled. + +Tue Jun 1 16:01:46 CEST 1999 Werner Koch + + * config.links (i[56]86*-*-freebsdelf*): New. + +Sun May 23 14:20:22 CEST 1999 Werner Koch + + * config.links (sysdep.h): Not any more conditionally created. + +Tue May 4 15:47:53 CEST 1999 Werner Koch + + * mpiutil.c (mpi_alloc_like): New. + +Mon Apr 26 17:48:15 CEST 1999 Werner Koch + + * mpih-add.c, mpih-sub.c: Removed + * mpi-inline.c: New. + * mpi-inline.h: Make it usable by mpi-inline.c. + +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * mpih-mul.c (mpihelp_mul_n): Fixed use of memory region. + (mpihelp_mul): Ditto. + +Wed Apr 7 20:51:39 CEST 1999 Werner Koch + + * Makefile.am: Explicit rules to invoke cpp on *.S + +Mon Mar 8 20:47:17 CET 1999 Werner Koch + + * config.links: Take advantage of the with_symbol_underscore macro. + Add support for freebsd 4. + +Wed Feb 24 11:07:27 CET 1999 Werner Koch + + * mips3/mpih-sub1.S: Removed left over junk in last line. (Should I + blame me or my editor?). + +Sat Feb 13 12:04:43 CET 1999 Werner Koch + + * Makefile.am: Removed the +=. Add MPI_OPT_FLAGS. + +Sat Jan 9 16:02:23 CET 1999 Werner Koch + + * mpi-cmp.c (mpi_cmp_ui): Normalized the arg. + +Thu Jan 7 18:00:58 CET 1999 Werner Koch + + * mpi-bit.c (mpi_normalize): New. + (mpi_get_nbits): Normalize the MPI. + * mpi-bit.c (mpi_cmp): Normalize the MPI before the compare. + + +Tue Dec 8 13:15:16 CET 1998 Werner Koch + + * config.links: Moved the case for powerpc*linux + * powerpcp32/*.S: Removed some underscores. + +Thu Nov 26 07:27:52 1998 Werner Koch + + * config.links: Support for ppc with ELF + * powerpc32/syntax.h: New. + * powerpc32/*.S: Applied ELF patches (glibc patches) + +Tue Nov 10 19:31:37 1998 Werner Koch (wk@isil.d.shuttle.de) + + * power*/ : Started with stuff for PPC + * config.links: Some stuff for PPC. + * generic/udiv-w-sdiv.c: New but disabled. + +Tue Oct 27 12:37:46 1998 Werner Koch (wk@isil.d.shuttle.de) + + * config.links (freebsd): Fixes for FreeBSD 3.0 + +Wed Oct 14 09:59:30 1998 Werner Koch (wk@isil.d.shuttle.de) + + * config.links (freebsd): ELF patches from Jun Kuriyama. + +Thu Oct 8 13:28:17 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mpi-mpow.c (mpi_mulpowm): Fixed mem leak (m_free/mpi_free). + +Thu Sep 17 18:08:50 1998 Werner Koch (wk@(none)) + + * hppa1.1/udiv-qrnnd.S: Fix from Steffen Zahn for HPUX 10.20 + +Thu Aug 6 16:39:28 1998 Werner Koch,mobil,,, (wk@tobold) + + * mpi-bit.c (mpi_set_bytes): Removed. + +Wed Aug 5 15:11:12 1998 Werner Koch (wk@(none)) + + * mpicoder.c (mpi_read_from_buffer): New. + + * mpiutil.c (mpi_set_opaque): New. + (mpi_get_opaque): New. + (mpi_copy): Changed to support opauqe flag + (mpi_free): Ditto. + +Sat Jul 4 10:11:11 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mpiutil.c (mpi_clear): Reset flags. + (mpi_set): Ditto. + (mpi_alloc_secure): Set flag to 1 and not ored the 1 in, tsss.. + +Fri Jun 26 11:19:06 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mpiutil.c (mpi_alloc): set nbits to 0. + (mpi_alloc_secure): Ditto. + (mpi_clear): Ditto. + +Thu Jun 25 11:50:01 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mips3/*.S: New + +Mon May 18 13:47:06 1998 Werner Koch (wk@isil.d.shuttle.de) + + * config.links: split mpih-shift into mpih-[lr]shift and + changed all implementations. + * mpi/alpha: add some new assembler stuff. + +Wed May 13 11:04:29 1998 Werner Koch (wk@isil.d.shuttle.de) + + * config.links: Add support for MIPS + +Thu Apr 9 11:31:36 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mpicoder.c (mpi_get_secure_buffer): New. + +Wed Apr 8 09:44:33 1998 Werner Koch (wk@isil.d.shuttle.de) + + * config.links: Applied small fix from Ulf Möller. + +Mon Apr 6 12:38:52 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mpicoder.c (mpi_get_buffer): Removed returned leading zeroes + and changed all callers. + +Tue Mar 10 13:40:34 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mpi-bit.c (mpi_clear_highbit): New. + +Mon Mar 2 19:29:00 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am (DISTCLEANFILES): New + +Thu Feb 26 06:48:54 1998 Werner Koch (wk@isil.d.shuttle.de) + + * config.links (X86_BROKEN_ALIGN): Added for some systems. + +Mon Feb 23 12:21:40 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mpi/m68k/mpih-shift.S (Lspecial): Changed duplicate symbol. + +Mon Feb 16 13:00:27 1998 Werner Koch (wk@isil.d.shuttle.de) + + * config.links : Add detection of m68k cpus + + + + Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/po/ChangeLog b/po/ChangeLog deleted file mode 100644 index 6afccd945..000000000 --- a/po/ChangeLog +++ /dev/null @@ -1,734 +0,0 @@ -2010-10-18 Jedi Lin (wk) - - * zh_TW.po: Update [not in 1.4.11] - -2010-10-18 Werner Koch - - * de.po: Two updates. - -2010-10-18 LaurenÈ›iu Buzdugan (wk) - - * ro.po: Update. - -2010-10-18 Jakub Bogusz (wk) - - * pl.po: Update. - -2010-09-02 Werner Koch - - * de.po: Insert missing spaces. Fixes Debian-Bug#594489. - -2009-09-03 Jedi Lin (wk) - - * zh_TW.po: Update. - -2009-08-18 Werner Koch - - * fr.po: Fix regression. See bug#922. - - * it.po: Translation fix by Sythos. Fixes bug#920. - -2009-08-13 Werner Koch - - * de.po: Update. - -2009-07-14 Werner Koch - - * de.po: s/nicht-exportfähig/unwiderrufbar/. Reported by Simon - Richter. - -2009-07-13 Werner Koch - - * nl.po: Applied a small fix by Jeroen Leeuwestein. Fixes bug#1085. - -2009-06-17 Gaël Quéri (up) - - * fr.po: Updated. - -2009-06-02 Werner Koch - - * de.po: Applied a patch from Daniel Leidert to fix a bunch of - small typos. See also Debian bug report 314068. Fixes bug#1069. - -2008-09-30 David Ammouial (wk) - - * fr.po: Fix bug #922. - -2008-07-21 Daniel Nylander (wk) - - * sv.po: Update. - -2008-06-23 Ludwig Hügelschäfer (wk) - - * de.po: 3 typo fixes. - -2008-05-26 Werner Koch - - * de.po: Minor fixes submitted by Jan Seidel. Fixes bug#916. - -2008-03-27 Jedi (wk) - - * zh_TW.po: Minor update. - -2008-01-02 Jedi (wk) - - * zh_TW.po: Update. - -2007-12-19 Walter Koch (wk) - - * de.po, de.glo: Update. - -2007-12-12 Janusz A. Urbanowicz (wk) - - * pl.po: Update. - -2007-12-12 Meng Jie (wk) - - * zh_CN.po: Update. - -2007-10-23 gettextize - - * Makefile.in.in: Upgrade to gettext-0.16.1. - -2007-03-05 Werner Koch - - * LINGUAS: Add nl. - * nl.po: Revised translation by Ivar Snaaijer. - -2007-02-26 Werner Koch - - * sv.po: Update fron Daniel. - - * de.po: Converted to UTF-8 - -2006-12-22 Werner Koch - - * sv.po: Revised translation by Daniel Nylander. - -2006-07-27 Werner Koch - - * nb.po: New. - -2006-07-03 Werner Koch - - * zh_TW.po: Updated, albeit a copy from last year. - - * zh_CN.po: Updated. - -2006-06-27 Werner Koch - - * de.po: Fixed misleading translation. Thanks to Olav Seyfarth. - -2005-10-06 Werner Koch - - * POTFILES.in: s/g10.c/gpg.c/. - -2005-07-26 Werner Koch - - * zh_TW.po, fr.po, cs.po: Updated. - -2005-07-19 Werner Koch - - * ru.po: Updated. - -2005-06-21 Werner Koch - - * zh_TW.po: Updated. - - * ro.po: Updated. - -2005-06-15 Werner Koch - - * de.po: Some Typo fixes. - -2005-05-31 Werner Koch - - * zh_TW.po, zh_CN.po, es.po, ro.po: Updated. - - * tr.po: Updated from TP. Note: this is an exception in general - translations from the Robot are not anymore accepted. - -2005-03-30 Werner Koch - - * de.po: Fixed typo in "|AN|New Admin PIN"; the leading bar was - missing. - -2005-03-07 Werner Koch - - * de.po: Updated. Translation is still in the works, though. - -2005-02-15 Werner Koch - - * ca.po: Updated using a patch provided by Jordi Mallach. - -2005-02-03 Werner Koch - - * zh_TW.po, ro.po: Updated. - -2004-12-10 Werner Koch - - * sv.po: Take the update done for 1.2.6. - - * zh_CN.po, fr.po, cs.po, ja.po: Updated. - -2004-10-27 Werner Koch - - * LINGUAS: Better don't have comments in this file. - -2004-10-15 Werner Koch - - * POTFILES.in: Updated. - - * sv.po: Updated. - -2004-10-12 Werner Koch - - * es.po: s/intgridad/integridad/. This is bug 275. - -2004-07-27 Werner Koch - - * LINGUAS: Added all languages we supported in 1.2.5. - Copied all po files from 1.2.5. - -2004-07-27 gettextize - - * Makefile.in.in: Upgrade to gettext-0.14.1. - * Rules-quot: Upgrade to gettext-0.14.1. - -2003-11-27 Werner Koch - - * de.po: Updated some fuzzys. - -2003-10-25 Werner Koch - - * Makevars: New. - -2003-10-25 gettextize - - * Makefile.in.in: New file, from gettext-0.12.1. - * Rules-quot: New file, from gettext-0.12.1. - * boldquot.sed: New file, from gettext-0.12.1. - * en@boldquot.header: New file, from gettext-0.12.1. - * en@quot.header: New file, from gettext-0.12.1. - * insert-header.sin: New file, from gettext-0.12.1. - * quot.sed: New file, from gettext-0.12.1. - * remove-potcdate.sin: New file, from gettext-0.12.1. - -2003-10-10 Werner Koch - - * POTFILES.in (cipher/primegen.c): Added. - -2003-05-26 David Shaw - - * POTFILES.in: Added a couple of missing source files. Noted by - Pascal Hartig and Walter Koch. (From wk on stable branch) - -2002-10-18 Werner Koch - - * POTFILES.in (hkp.c): Removed. - -2002-09-12 Werner Koch - - * tr.po, el.po: Updated. - -2002-08-23 gettextize - - * Makefile.in.in: Upgrade to gettext-0.10.40. - -2002-08-04 Werner Koch - - * de.po: Fixed fuzzys and translated new strings. - * es.po, et.po, fr.po, gl.po, id.po, it.po, ja.po, tr.po: Updated - from TP site. - * ca.po: New from TP site. - -2002-04-30 Werner Koch - - * ja.po: Updated, also a bit too late for the release. - -2002-04-29 Werner Koch - - * pl.po: Update. - * el.po: Updated, removed one entry due to non-matching printf and - one removed one printf specifier. - - Fixed fuzzy entries due to the change of (y/N) to (Y/n) in most files. - -2002-04-25 gettextize - - * Makefile.in.in: Upgrade to gettext-0.10.40. - -2002-04-22 Werner Koch - - * et.po, tr.po, cs.po, it.po, id.po: Updated. - -2002-04-19 Werner Koch - - * de.po: Fixed fuzzies and added a few translations. - -2002-04-18 Werner Koch - - * eo.po: Updated. - -2002-04-10 Werner Koch - - * pl.po: Updated. - -2002-04-09 Werner Koch - - * pt_BR.po: Updated the info entry - - * es.po: Fixed a c-format problem; for unknown reasons msgfmt -c - can't cope with swapped arguments. - - * de.po: Fuzzy fixes and a few new translations. - - * id.po: Fixed a format string mismatch. - - * eo.po, it.po, ja.po, sv.po: Updated with a somewhat newer - version from the TP. - - * es_ES.po: Removed - * es.po: and replaced with this updated version from the TP. - - * cs.po: New. Fixed for format string mismatches. - - * el.po, gl.po: New from TP. - -2002-04-06 Werner Koch - - * fr.po: Updated. - -2002-04-02 Werner Koch - - * de.po, de.glo: Updated. - -2002-03-08 Werner Koch - - * et.po: Updated. - -2002-03-06 Werner Koch - - * pt_PT.po: Removed. - * pt.po: and replaced by this updated one. My machine voted 30 to - 2 for just pt. So we go with the crowd. Thanks for Pedro Morais - for suggesting this. - -2002-03-05 Werner Koch - - * tr.po, id.po: Updated. - -2002-03-03 gettextize - - * Makefile.in.in: Upgrade to gettext-0.10.40. - -2002-03-03 gettextize - - * Makefile.in.in: Upgrade to gettext-0.10.40. - -2001-10-23 gettextize - - * Makefile.in.in: Upgrade to gettext-0.10.40. - -2001-09-07 Werner Koch - - * POTFILES.in: Added new files. - -2001-07-26 gettextize - - * Makefile.in.in: Upgrade to gettext-0.10.38. - -2001-07-05 Werner Koch - - * id.po: Updated - -2001-05-28 Werner Koch - - * ru.po: Removed - too many format string bugs. - -2001-05-27 gettextize - - * Makefile.in.in: Upgrade to gettext-0.10.38. - * cat-id-tbl.c: Remove file. - * stamp-cat-id: Remove file. - -2001-05-27 Werner Koch - - * tr.po: New copy from the TP Robot. - * da.po, de.po, eo.po, es_ES.po, et.po, id.po, ja.po, nl.po, - pt_BR.po, sv.po: Fixes to format string errors by Kurt Garloff. - It is not cleare whether they are all correct but at least they - won't give segv and minimize the risk of format string exploits. - * ru.po: Fixed the header entry. - - Fixed some fuzzy entries in all files. - -2001-05-06 Werner Koch - - * id.po: Updated - -2001-04-27 Werner Koch - - * de.po: Removed an extra "%s". - -2001-04-25 Werner Koch - - * fr.po: Updated. - -2001-04-23 Werner Koch - - * eo.po: Updated. - - * it.po: Updated. - -2001-04-22 Werner Koch - - * pl.po: Updated. - -2001-04-17 Werner Koch - - * et.po: New. - - * de.po: Updated. - -2001-04-16 Werner Koch - - * pt_PT.po: Updated. - -2001-04-06 Werner Koch - - * tr.po: New. - -2001-03-18 Werner Koch - - * de.po, de.glo: Updated. - -2001-02-22 Werner Koch - - * de.po, de.glo: Updated. - -2001-01-23 Werner Koch - - * de.po: Removed superfluous \r. - -2001-01-14 Werner Koch - - * de.po, de.glo: Updated. - -2000-12-19 Werner Koch - - * pl.po: Updated. - - * ja.po: Justified one message. - -2000-10-23 Werner Koch - - * ja.po: Updated. - -2000-10-19 Werner Koch - - Fixed a typo in all files. - -2000-10-16 Werner Koch - - * de.po, de.glo: Updated. - -Thu Sep 14 17:45:11 CEST 2000 Werner Koch - - * eo.po: Updated. - -Wed Jul 12 13:32:06 CEST 2000 Werner Koch - - * da.po: New from the TP server - * eo.po: Updated from the TP server - * pl.po: Ditto. - * sv.po: Ditto. - - Small English spelling correction in all files. - -Wed Jul 5 13:28:45 CEST 2000 Werner Koch - - * fr.po: Minor changes by Gael - -Wed Jun 14 12:27:09 CEST 2000 Werner Koch - - * de.po, de.glo: Updated. - -2000-06-07 18:26:58 Werner Koch (wk@habibti.openit.de) - - * fr.po: New version from Gaël - -2000-05-02 10:44:42 Werner Koch (wk@habibti.openit.de) - - * fr.po: New version from the TP Robot. - -2000-05-01 14:19:52 Werner Koch (wk@habibti.openit.de) - - * de.po: Updated. - * de.glo: Ditto. - -2000-03-15 15:37:08 Werner Koch (wk@habibti.openit.de) - - * de.po: Updated. - -Wed Feb 23 10:07:57 CET 2000 Werner Koch - - * nl.po: New. By Ivo Timmermans. - -Wed Feb 16 16:25:09 CET 2000 Werner Koch - - * eo.po : New. By Edmund. - -Wed Feb 16 14:09:00 CET 2000 Werner Koch - - * ja.po: New. By Yosiaki - - * sv.po: New. By Daniel. - -Fri Feb 11 17:44:40 CET 2000 Werner Koch - - * id.po: Updated. - -Thu Jan 6 16:56:18 CET 2000 Werner Koch - - * Makefile.in.in: Is not longer maintained as a symlink because we - have a patch to work around a bug in non-gnu Make. - Fixed by Dave Dykstra. - -Thu Dec 16 10:07:58 CET 1999 Werner Koch - - * pt_PT.po: Updated. - * de.po: Updated. - * it.po: Updated. - -Thu Dec 9 10:31:05 CET 1999 Werner Koch - - * de.po: Updated. - * pt_BR.po: Updated. - -Fri Nov 12 20:33:19 CET 1999 Werner Koch - - * es_ES.po: Fixed 3 \n mismatches. - - * de.po: Updated. - -Thu Oct 28 16:08:20 CEST 1999 Werner Koch - - * es_ES.po: Updated. - - * pt_BR.po: Updated. - -Fri Oct 8 20:32:01 CEST 1999 Werner Koch - - * fr.po: Updated for 1.0.0d. - -Mon Oct 4 21:23:04 CEST 1999 Werner Koch - - * pl.po: New version by Alex. - -Thu Sep 23 06:26:28 1999 Werner Koch (wk@gnupg.org) - - * fr.po: Updated by Gaël. - -Sat Sep 18 11:49:51 1999 Werner Koch (wk@gnupg.org) - - * id.po: New. Done by Tedi Heriyanto. - -Wed Sep 15 16:22:17 CEST 1999 Werner Koch - - * pt_PT.po: New. Done by Pedro Morais. - - * it.po: Updated by Marco. - -Tue Sep 7 16:23:36 CEST 1999 Werner Koch - - * pl.po: Updated. - -Mon Sep 6 19:59:08 CEST 1999 Werner Koch - - * fr.po: Imported and fixed a msgid. - * de.po: Ditto. - * pt_BR.po: Ditto. - - * POTFILES.in (delkey.c): New. - - * fr.po: Gaël was the first to update it again. - -Wed Sep 1 15:30:44 CEST 1999 Werner Koch - - * de.po: Updated. - -Mon Aug 30 20:38:33 CEST 1999 Werner Koch - - * it.po: Updated (Marco). - * de.po: Updated (Walter). - * pt_BR-po: Update (Thiago). - * fr.po: Updated (Gaël). - -Wed Aug 4 10:34:18 CEST 1999 Werner Koch - - * de.po: Updated (Walter). - -Mon Jul 26 09:34:46 CEST 1999 Werner Koch - - * it.po: Updated (Marco). - -Tue Jul 13 17:39:25 CEST 1999 Werner Koch - - * de.po: Updated (Walter) - -Tue Jun 29 21:44:25 CEST 1999 Werner Koch - - * it.po: Updated (Marco). - -Sat Jun 26 12:15:59 CEST 1999 Werner Koch - - * pt_BR.po: Updated (Thiago). - -Thu Jun 10 14:18:23 CEST 1999 Werner Koch - - * it.po: Updated (Marco). - - * es_ES.po: Updated (Urko). - -Wed Jun 2 14:17:19 CEST 1999 Werner Koch - - * es_ES.po: Some patches (Urko Lusa). - -Mon May 31 19:41:10 CEST 1999 Werner Koch - - * de.po: New version (Walter). - - * pl.po: New version (Alex). - -Tue May 25 19:50:32 CEST 1999 Werner Koch - - * fr.po: Imported new version. - -Mon May 17 21:54:43 CEST 1999 Werner Koch - - * de.po, de.glo: New version from Walter. - -Wed Apr 7 20:51:39 CEST 1999 Werner Koch - - * fr.po: Imported new version. - -Wed Feb 24 11:07:27 CET 1999 Werner Koch - - * de.po: Imported update for 0.9.3 - -Wed Feb 10 17:15:39 CET 1999 Werner Koch - - * pl.po: New version. - -Wed Jan 20 21:40:21 CET 1999 Werner Koch - - * es_ES.po: Import of new version. - -Wed Jan 13 12:49:36 CET 1999 Werner Koch - - * de.po de.glo: New version imported. - -Tue Jan 12 11:17:18 CET 1999 Werner Koch - - * fr.po: Imported new version - -Tue Dec 29 14:41:47 CET 1998 Werner Koch - - * pl.po: Janusz A. Urbanowicz contributed this one - -Thu Dec 17 18:31:15 CET 1998 Werner Koch - - * fr.po: Imported new version - -Mon Dec 14 21:18:49 CET 1998 Werner Koch - - * de.po: Imported new version. - -Thu Dec 10 20:15:36 CET 1998 Werner Koch - - * *.po: Changed some english strings. - -Tue Dec 8 15:09:29 CET 1998 Werner Koch - - * pt_BR.po: Add translation by Thiago Jung Bauermann. -Fri Nov 27 12:39:29 CET 1998 Werner Koch - - * en.po: Removed - -Fri Nov 20 11:46:22 1998 Werner Koch (wk@isil.d.shuttle.de) - - * de.po: Imported new version - * de.glo: Glossary used for de.po. - -Sat Nov 14 10:16:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * es_ES.po: New translation by Urko Lusa. - -Tue Nov 10 10:48:02 1998 Werner Koch (wk@isil.d.shuttle.de) - - * it.po: Imported new version. - -Fri Oct 30 20:03:17 1998 Werner Koch (wk@isil.d.shuttle.de) - - * fr.po: Imported new version - -Mon Oct 12 09:08:09 1998 Werner Koch (wk@isil.d.shuttle.de) - - * it.po: Imported new version. - * de.po: Imported new version. - -Sun Oct 11 16:24:27 1998 Werner Koch (wk@isil.d.shuttle.de) - - * fr.po: Imported new version - -Wed Oct 7 13:12:00 1998 Werner Koch (wk@isil.d.shuttle.de) - - * Makefile.in.in: Fixed mkinstalldirs problems - -Mon Sep 21 15:03:44 1998 Werner Koch (wk@(none)) - - * it.po: New version from Marco d'Itri - -Mon Sep 21 09:28:54 1998 Werner Koch (wk@(none)) - - * fr.po: New version from Gaël Quéri - -Tue Aug 11 12:28:11 1998 Werner Koch (wk@(none)) - - * it.po: New file from Marco. - -Thu Jul 9 21:14:51 1998 Werner Koch (wk@isil.d.shuttle.de) - - * de.po: Fixed typos and added new translations. - -Fri Jun 26 11:44:24 1998 Werner Koch (wk@isil.d.shuttle.de) - - * it.po: New file from Marco. - -Thu May 28 10:44:25 1998 Werner Koch (wk@isil.d.shuttle.de) - - * it.po: Add small corrections from Marco - -Thu Apr 9 10:03:14 1998 Werner Koch (wk@isil.d.shuttle.de) - - * it.po: New version from Marco - -Fri Mar 13 09:43:19 1998 Werner Koch (wk@isil.d.shuttle.de) - - * it.po: New - - - - Copyright 1998, 1999, 2000, 2001, 2004, - 2005, 2007, 2010 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - diff --git a/po/ChangeLog-2011 b/po/ChangeLog-2011 new file mode 100644 index 000000000..63aa57288 --- /dev/null +++ b/po/ChangeLog-2011 @@ -0,0 +1,739 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2010-10-18 Jedi Lin (wk) + + * zh_TW.po: Update [not in 1.4.11] + +2010-10-18 Werner Koch + + * de.po: Two updates. + +2010-10-18 LaurenÈ›iu Buzdugan (wk) + + * ro.po: Update. + +2010-10-18 Jakub Bogusz (wk) + + * pl.po: Update. + +2010-09-02 Werner Koch + + * de.po: Insert missing spaces. Fixes Debian-Bug#594489. + +2009-09-03 Jedi Lin (wk) + + * zh_TW.po: Update. + +2009-08-18 Werner Koch + + * fr.po: Fix regression. See bug#922. + + * it.po: Translation fix by Sythos. Fixes bug#920. + +2009-08-13 Werner Koch + + * de.po: Update. + +2009-07-14 Werner Koch + + * de.po: s/nicht-exportfähig/unwiderrufbar/. Reported by Simon + Richter. + +2009-07-13 Werner Koch + + * nl.po: Applied a small fix by Jeroen Leeuwestein. Fixes bug#1085. + +2009-06-17 Gaël Quéri (up) + + * fr.po: Updated. + +2009-06-02 Werner Koch + + * de.po: Applied a patch from Daniel Leidert to fix a bunch of + small typos. See also Debian bug report 314068. Fixes bug#1069. + +2008-09-30 David Ammouial (wk) + + * fr.po: Fix bug #922. + +2008-07-21 Daniel Nylander (wk) + + * sv.po: Update. + +2008-06-23 Ludwig Hügelschäfer (wk) + + * de.po: 3 typo fixes. + +2008-05-26 Werner Koch + + * de.po: Minor fixes submitted by Jan Seidel. Fixes bug#916. + +2008-03-27 Jedi (wk) + + * zh_TW.po: Minor update. + +2008-01-02 Jedi (wk) + + * zh_TW.po: Update. + +2007-12-19 Walter Koch (wk) + + * de.po, de.glo: Update. + +2007-12-12 Janusz A. Urbanowicz (wk) + + * pl.po: Update. + +2007-12-12 Meng Jie (wk) + + * zh_CN.po: Update. + +2007-10-23 gettextize + + * Makefile.in.in: Upgrade to gettext-0.16.1. + +2007-03-05 Werner Koch + + * LINGUAS: Add nl. + * nl.po: Revised translation by Ivar Snaaijer. + +2007-02-26 Werner Koch + + * sv.po: Update fron Daniel. + + * de.po: Converted to UTF-8 + +2006-12-22 Werner Koch + + * sv.po: Revised translation by Daniel Nylander. + +2006-07-27 Werner Koch + + * nb.po: New. + +2006-07-03 Werner Koch + + * zh_TW.po: Updated, albeit a copy from last year. + + * zh_CN.po: Updated. + +2006-06-27 Werner Koch + + * de.po: Fixed misleading translation. Thanks to Olav Seyfarth. + +2005-10-06 Werner Koch + + * POTFILES.in: s/g10.c/gpg.c/. + +2005-07-26 Werner Koch + + * zh_TW.po, fr.po, cs.po: Updated. + +2005-07-19 Werner Koch + + * ru.po: Updated. + +2005-06-21 Werner Koch + + * zh_TW.po: Updated. + + * ro.po: Updated. + +2005-06-15 Werner Koch + + * de.po: Some Typo fixes. + +2005-05-31 Werner Koch + + * zh_TW.po, zh_CN.po, es.po, ro.po: Updated. + + * tr.po: Updated from TP. Note: this is an exception in general + translations from the Robot are not anymore accepted. + +2005-03-30 Werner Koch + + * de.po: Fixed typo in "|AN|New Admin PIN"; the leading bar was + missing. + +2005-03-07 Werner Koch + + * de.po: Updated. Translation is still in the works, though. + +2005-02-15 Werner Koch + + * ca.po: Updated using a patch provided by Jordi Mallach. + +2005-02-03 Werner Koch + + * zh_TW.po, ro.po: Updated. + +2004-12-10 Werner Koch + + * sv.po: Take the update done for 1.2.6. + + * zh_CN.po, fr.po, cs.po, ja.po: Updated. + +2004-10-27 Werner Koch + + * LINGUAS: Better don't have comments in this file. + +2004-10-15 Werner Koch + + * POTFILES.in: Updated. + + * sv.po: Updated. + +2004-10-12 Werner Koch + + * es.po: s/intgridad/integridad/. This is bug 275. + +2004-07-27 Werner Koch + + * LINGUAS: Added all languages we supported in 1.2.5. + Copied all po files from 1.2.5. + +2004-07-27 gettextize + + * Makefile.in.in: Upgrade to gettext-0.14.1. + * Rules-quot: Upgrade to gettext-0.14.1. + +2003-11-27 Werner Koch + + * de.po: Updated some fuzzys. + +2003-10-25 Werner Koch + + * Makevars: New. + +2003-10-25 gettextize + + * Makefile.in.in: New file, from gettext-0.12.1. + * Rules-quot: New file, from gettext-0.12.1. + * boldquot.sed: New file, from gettext-0.12.1. + * en@boldquot.header: New file, from gettext-0.12.1. + * en@quot.header: New file, from gettext-0.12.1. + * insert-header.sin: New file, from gettext-0.12.1. + * quot.sed: New file, from gettext-0.12.1. + * remove-potcdate.sin: New file, from gettext-0.12.1. + +2003-10-10 Werner Koch + + * POTFILES.in (cipher/primegen.c): Added. + +2003-05-26 David Shaw + + * POTFILES.in: Added a couple of missing source files. Noted by + Pascal Hartig and Walter Koch. (From wk on stable branch) + +2002-10-18 Werner Koch + + * POTFILES.in (hkp.c): Removed. + +2002-09-12 Werner Koch + + * tr.po, el.po: Updated. + +2002-08-23 gettextize + + * Makefile.in.in: Upgrade to gettext-0.10.40. + +2002-08-04 Werner Koch + + * de.po: Fixed fuzzys and translated new strings. + * es.po, et.po, fr.po, gl.po, id.po, it.po, ja.po, tr.po: Updated + from TP site. + * ca.po: New from TP site. + +2002-04-30 Werner Koch + + * ja.po: Updated, also a bit too late for the release. + +2002-04-29 Werner Koch + + * pl.po: Update. + * el.po: Updated, removed one entry due to non-matching printf and + one removed one printf specifier. + + Fixed fuzzy entries due to the change of (y/N) to (Y/n) in most files. + +2002-04-25 gettextize + + * Makefile.in.in: Upgrade to gettext-0.10.40. + +2002-04-22 Werner Koch + + * et.po, tr.po, cs.po, it.po, id.po: Updated. + +2002-04-19 Werner Koch + + * de.po: Fixed fuzzies and added a few translations. + +2002-04-18 Werner Koch + + * eo.po: Updated. + +2002-04-10 Werner Koch + + * pl.po: Updated. + +2002-04-09 Werner Koch + + * pt_BR.po: Updated the info entry + + * es.po: Fixed a c-format problem; for unknown reasons msgfmt -c + can't cope with swapped arguments. + + * de.po: Fuzzy fixes and a few new translations. + + * id.po: Fixed a format string mismatch. + + * eo.po, it.po, ja.po, sv.po: Updated with a somewhat newer + version from the TP. + + * es_ES.po: Removed + * es.po: and replaced with this updated version from the TP. + + * cs.po: New. Fixed for format string mismatches. + + * el.po, gl.po: New from TP. + +2002-04-06 Werner Koch + + * fr.po: Updated. + +2002-04-02 Werner Koch + + * de.po, de.glo: Updated. + +2002-03-08 Werner Koch + + * et.po: Updated. + +2002-03-06 Werner Koch + + * pt_PT.po: Removed. + * pt.po: and replaced by this updated one. My machine voted 30 to + 2 for just pt. So we go with the crowd. Thanks for Pedro Morais + for suggesting this. + +2002-03-05 Werner Koch + + * tr.po, id.po: Updated. + +2002-03-03 gettextize + + * Makefile.in.in: Upgrade to gettext-0.10.40. + +2002-03-03 gettextize + + * Makefile.in.in: Upgrade to gettext-0.10.40. + +2001-10-23 gettextize + + * Makefile.in.in: Upgrade to gettext-0.10.40. + +2001-09-07 Werner Koch + + * POTFILES.in: Added new files. + +2001-07-26 gettextize + + * Makefile.in.in: Upgrade to gettext-0.10.38. + +2001-07-05 Werner Koch + + * id.po: Updated + +2001-05-28 Werner Koch + + * ru.po: Removed - too many format string bugs. + +2001-05-27 gettextize + + * Makefile.in.in: Upgrade to gettext-0.10.38. + * cat-id-tbl.c: Remove file. + * stamp-cat-id: Remove file. + +2001-05-27 Werner Koch + + * tr.po: New copy from the TP Robot. + * da.po, de.po, eo.po, es_ES.po, et.po, id.po, ja.po, nl.po, + pt_BR.po, sv.po: Fixes to format string errors by Kurt Garloff. + It is not cleare whether they are all correct but at least they + won't give segv and minimize the risk of format string exploits. + * ru.po: Fixed the header entry. + + Fixed some fuzzy entries in all files. + +2001-05-06 Werner Koch + + * id.po: Updated + +2001-04-27 Werner Koch + + * de.po: Removed an extra "%s". + +2001-04-25 Werner Koch + + * fr.po: Updated. + +2001-04-23 Werner Koch + + * eo.po: Updated. + + * it.po: Updated. + +2001-04-22 Werner Koch + + * pl.po: Updated. + +2001-04-17 Werner Koch + + * et.po: New. + + * de.po: Updated. + +2001-04-16 Werner Koch + + * pt_PT.po: Updated. + +2001-04-06 Werner Koch + + * tr.po: New. + +2001-03-18 Werner Koch + + * de.po, de.glo: Updated. + +2001-02-22 Werner Koch + + * de.po, de.glo: Updated. + +2001-01-23 Werner Koch + + * de.po: Removed superfluous \r. + +2001-01-14 Werner Koch + + * de.po, de.glo: Updated. + +2000-12-19 Werner Koch + + * pl.po: Updated. + + * ja.po: Justified one message. + +2000-10-23 Werner Koch + + * ja.po: Updated. + +2000-10-19 Werner Koch + + Fixed a typo in all files. + +2000-10-16 Werner Koch + + * de.po, de.glo: Updated. + +Thu Sep 14 17:45:11 CEST 2000 Werner Koch + + * eo.po: Updated. + +Wed Jul 12 13:32:06 CEST 2000 Werner Koch + + * da.po: New from the TP server + * eo.po: Updated from the TP server + * pl.po: Ditto. + * sv.po: Ditto. + + Small English spelling correction in all files. + +Wed Jul 5 13:28:45 CEST 2000 Werner Koch + + * fr.po: Minor changes by Gael + +Wed Jun 14 12:27:09 CEST 2000 Werner Koch + + * de.po, de.glo: Updated. + +2000-06-07 18:26:58 Werner Koch (wk@habibti.openit.de) + + * fr.po: New version from Gaël + +2000-05-02 10:44:42 Werner Koch (wk@habibti.openit.de) + + * fr.po: New version from the TP Robot. + +2000-05-01 14:19:52 Werner Koch (wk@habibti.openit.de) + + * de.po: Updated. + * de.glo: Ditto. + +2000-03-15 15:37:08 Werner Koch (wk@habibti.openit.de) + + * de.po: Updated. + +Wed Feb 23 10:07:57 CET 2000 Werner Koch + + * nl.po: New. By Ivo Timmermans. + +Wed Feb 16 16:25:09 CET 2000 Werner Koch + + * eo.po : New. By Edmund. + +Wed Feb 16 14:09:00 CET 2000 Werner Koch + + * ja.po: New. By Yosiaki + + * sv.po: New. By Daniel. + +Fri Feb 11 17:44:40 CET 2000 Werner Koch + + * id.po: Updated. + +Thu Jan 6 16:56:18 CET 2000 Werner Koch + + * Makefile.in.in: Is not longer maintained as a symlink because we + have a patch to work around a bug in non-gnu Make. + Fixed by Dave Dykstra. + +Thu Dec 16 10:07:58 CET 1999 Werner Koch + + * pt_PT.po: Updated. + * de.po: Updated. + * it.po: Updated. + +Thu Dec 9 10:31:05 CET 1999 Werner Koch + + * de.po: Updated. + * pt_BR.po: Updated. + +Fri Nov 12 20:33:19 CET 1999 Werner Koch + + * es_ES.po: Fixed 3 \n mismatches. + + * de.po: Updated. + +Thu Oct 28 16:08:20 CEST 1999 Werner Koch + + * es_ES.po: Updated. + + * pt_BR.po: Updated. + +Fri Oct 8 20:32:01 CEST 1999 Werner Koch + + * fr.po: Updated for 1.0.0d. + +Mon Oct 4 21:23:04 CEST 1999 Werner Koch + + * pl.po: New version by Alex. + +Thu Sep 23 06:26:28 1999 Werner Koch (wk@gnupg.org) + + * fr.po: Updated by Gaël. + +Sat Sep 18 11:49:51 1999 Werner Koch (wk@gnupg.org) + + * id.po: New. Done by Tedi Heriyanto. + +Wed Sep 15 16:22:17 CEST 1999 Werner Koch + + * pt_PT.po: New. Done by Pedro Morais. + + * it.po: Updated by Marco. + +Tue Sep 7 16:23:36 CEST 1999 Werner Koch + + * pl.po: Updated. + +Mon Sep 6 19:59:08 CEST 1999 Werner Koch + + * fr.po: Imported and fixed a msgid. + * de.po: Ditto. + * pt_BR.po: Ditto. + + * POTFILES.in (delkey.c): New. + + * fr.po: Gaël was the first to update it again. + +Wed Sep 1 15:30:44 CEST 1999 Werner Koch + + * de.po: Updated. + +Mon Aug 30 20:38:33 CEST 1999 Werner Koch + + * it.po: Updated (Marco). + * de.po: Updated (Walter). + * pt_BR-po: Update (Thiago). + * fr.po: Updated (Gaël). + +Wed Aug 4 10:34:18 CEST 1999 Werner Koch + + * de.po: Updated (Walter). + +Mon Jul 26 09:34:46 CEST 1999 Werner Koch + + * it.po: Updated (Marco). + +Tue Jul 13 17:39:25 CEST 1999 Werner Koch + + * de.po: Updated (Walter) + +Tue Jun 29 21:44:25 CEST 1999 Werner Koch + + * it.po: Updated (Marco). + +Sat Jun 26 12:15:59 CEST 1999 Werner Koch + + * pt_BR.po: Updated (Thiago). + +Thu Jun 10 14:18:23 CEST 1999 Werner Koch + + * it.po: Updated (Marco). + + * es_ES.po: Updated (Urko). + +Wed Jun 2 14:17:19 CEST 1999 Werner Koch + + * es_ES.po: Some patches (Urko Lusa). + +Mon May 31 19:41:10 CEST 1999 Werner Koch + + * de.po: New version (Walter). + + * pl.po: New version (Alex). + +Tue May 25 19:50:32 CEST 1999 Werner Koch + + * fr.po: Imported new version. + +Mon May 17 21:54:43 CEST 1999 Werner Koch + + * de.po, de.glo: New version from Walter. + +Wed Apr 7 20:51:39 CEST 1999 Werner Koch + + * fr.po: Imported new version. + +Wed Feb 24 11:07:27 CET 1999 Werner Koch + + * de.po: Imported update for 0.9.3 + +Wed Feb 10 17:15:39 CET 1999 Werner Koch + + * pl.po: New version. + +Wed Jan 20 21:40:21 CET 1999 Werner Koch + + * es_ES.po: Import of new version. + +Wed Jan 13 12:49:36 CET 1999 Werner Koch + + * de.po de.glo: New version imported. + +Tue Jan 12 11:17:18 CET 1999 Werner Koch + + * fr.po: Imported new version + +Tue Dec 29 14:41:47 CET 1998 Werner Koch + + * pl.po: Janusz A. Urbanowicz contributed this one + +Thu Dec 17 18:31:15 CET 1998 Werner Koch + + * fr.po: Imported new version + +Mon Dec 14 21:18:49 CET 1998 Werner Koch + + * de.po: Imported new version. + +Thu Dec 10 20:15:36 CET 1998 Werner Koch + + * *.po: Changed some english strings. + +Tue Dec 8 15:09:29 CET 1998 Werner Koch + + * pt_BR.po: Add translation by Thiago Jung Bauermann. +Fri Nov 27 12:39:29 CET 1998 Werner Koch + + * en.po: Removed + +Fri Nov 20 11:46:22 1998 Werner Koch (wk@isil.d.shuttle.de) + + * de.po: Imported new version + * de.glo: Glossary used for de.po. + +Sat Nov 14 10:16:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * es_ES.po: New translation by Urko Lusa. + +Tue Nov 10 10:48:02 1998 Werner Koch (wk@isil.d.shuttle.de) + + * it.po: Imported new version. + +Fri Oct 30 20:03:17 1998 Werner Koch (wk@isil.d.shuttle.de) + + * fr.po: Imported new version + +Mon Oct 12 09:08:09 1998 Werner Koch (wk@isil.d.shuttle.de) + + * it.po: Imported new version. + * de.po: Imported new version. + +Sun Oct 11 16:24:27 1998 Werner Koch (wk@isil.d.shuttle.de) + + * fr.po: Imported new version + +Wed Oct 7 13:12:00 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.in.in: Fixed mkinstalldirs problems + +Mon Sep 21 15:03:44 1998 Werner Koch (wk@(none)) + + * it.po: New version from Marco d'Itri + +Mon Sep 21 09:28:54 1998 Werner Koch (wk@(none)) + + * fr.po: New version from Gaël Quéri + +Tue Aug 11 12:28:11 1998 Werner Koch (wk@(none)) + + * it.po: New file from Marco. + +Thu Jul 9 21:14:51 1998 Werner Koch (wk@isil.d.shuttle.de) + + * de.po: Fixed typos and added new translations. + +Fri Jun 26 11:44:24 1998 Werner Koch (wk@isil.d.shuttle.de) + + * it.po: New file from Marco. + +Thu May 28 10:44:25 1998 Werner Koch (wk@isil.d.shuttle.de) + + * it.po: Add small corrections from Marco + +Thu Apr 9 10:03:14 1998 Werner Koch (wk@isil.d.shuttle.de) + + * it.po: New version from Marco + +Fri Mar 13 09:43:19 1998 Werner Koch (wk@isil.d.shuttle.de) + + * it.po: New + + + + Copyright 1998, 1999, 2000, 2001, 2004, + 2005, 2007, 2010 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/scripts/ChangeLog b/scripts/ChangeLog deleted file mode 100644 index f28255870..000000000 --- a/scripts/ChangeLog +++ /dev/null @@ -1,547 +0,0 @@ -2011-02-23 Werner Koch - - * autogen.sh: Add git setup checking. - -2010-10-18 Werner Koch - - * config.guess: Update to version 2010-09-24. - * config.sub: Update to version 2010-09-11. - -2009-09-05 Werner Koch - - * autogen.sh <--build-w32>: Pass --with-bzip2. - -2009-09-03 Werner Koch - - * w32installer.nsi: Set the final OutPath to Doc/. - -2008-01-30 Werner Koch - - * w32installer.nsi: Set the OutPath back. - -2007-12-12 Werner Koch - - * config.sub, config.guess: Update to version 2007-11-19. - -2007-11-15 Werner Koch - - * gnupg.spec.in: Converted to utf-8. Changed polish description. - This is bug#676. - -2007-06-22 Werner Koch - - * mk-w32-dist: Remove underline markup from man pages. Reported - by Dirk Traulsen. - -2007-05-03 Werner Koch - - * autogen.sh: Modernized. Removed autopoint invocation. This - should be done by the maintainer and the put into the SVN. - -2006-12-13 Werner Koch - - * gnupg.spec.in: Distribute gnupg1.info. - -2006-12-04 Werner Koch - - * mk-gpg-texi: Removed. - -2006-10-02 Werner Koch - - * w32installer.nsi: Don't uninstall winpt if the installer comes - without it. I fixed it despite of what I said in bug 521. - -2006-09-13 Werner Koch - - * autogen.sh: Better detection of the cross compiler. - -2006-04-03 Werner Koch - - * w32installer.nsi: Install curl and not http keyserver helper. - -2006-04-03 Werner Koch - - * autogen.sh: Unsupport mingw32/cpd. - -2006-03-09 Werner Koch - - * config.sub, config.guess: Updated. - -2006-02-14 Werner Koch - - * w32installer.nsi: Don't use System.dll. - - * autogen.sh (DIE): Add lost exit for --build-w32. - -2005-10-02 Marcus Brinkmann - - * autogen.sh (DIE): Remove ugly hack for po dir suppression. - -2005-08-21 David Shaw - - * gnupg.spec.in: Distribute gpg-zip. - -2005-05-31 Werner Koch - - * config.guess, config.sub, config.rpath: Updated from todays - gnulib CVS. - -2005-04-22 David Shaw - - * gnupg.spec.in: No longer any need to override libexecdir. The - makefiles now calculate this correctly internally. - -2005-03-30 Werner Koch - - * w32installer.nsi: Allow including of WINPT source. Include - libiconv source. - * mk-w32-dist: Add code to detect presence of source. Calculate a - build number; add option --build-number to overide. - -2005-03-14 Werner Koch - - * mk-w32-dist: Check for patch files. - * w32installer.nsi: Translated a few more strings. Print a - warning if permssions are not suitable for the installation. - Add Uninstaller entries. - -2005-02-16 David Shaw - - * gnupg.spec.in: Fix problem with storing the gpgkeys helpers in - libexec, but calling them in libexec/gnupg. - -2005-02-16 Werner Koch - - * w32installer.nsi: Added page to select the language. - * mk-w32-dist: Create the opt.ini using the available languages. - -2005-02-03 Werner Koch - - * w32installer.nsi: Display README.W32 at the end of the - installation. - * mk-w32-dist: Append .txt to README.W32. - -2005-01-26 Werner Koch - - * w32installer.nsi: Create a start menu entry and enhanced the - build environment. - * mk-w32-dist: Add more support for above. - -2005-01-11 Werner Koch - - * w32installer.nsi: New. - * mk-w32-dist: Append ".txt" to some files. Call makensis if - available. - -2004-12-21 David Shaw - - * autogen.sh: automake needs --add-missing for conditional - CPPFLAGS build in keyserver/Makefile.am. - -2004-11-26 Werner Koch - - * autogen.sh (gettext_vers_num): Fix aclocal test. - -2004-10-27 Werner Koch - - * mk-w32-dist: Use utf-8 encoding for all MO files. - -2004-10-26 Werner Koch - - * autogen.sh: Detect the Debian mingw32 package. - -2004-10-18 Werner Koch - - * mk-gpg-texi: More fixups to help Debian's install-info. - -2004-10-15 Werner Koch - - * mk-gpg-texi: Fix up the @setfilename lines. - -2004-10-01 Werner Koch - - * mk-w32-dist: Updated from stable branch. - - * mk-gpg-texi: Changed to use the newer docbook2x-texi utility. - - * config.guess, config.sub, mkinstalldirs, missing - * depcomp, install-sh: Upgraded. - -2004-07-27 Werner Koch - - * autogen.sh: Updated to the moder version, grepping the required - tool versions from configure.ac. - -2004-06-14 Werner Koch - - * mk-w32-dist: Do not include the en@* po files. - - * autogen.sh <--build-w32>: Build keyserver helpers again. - -2004-04-02 Thomas Schwinge - - * autogen.sh: Added ACLOCAL_FLAGS. - -2003-12-28 Stefan Bellon - - * build-riscos, conf-riscos/*: Updated to reflect latest changes. - -2003-10-25 Werner Koch - - * autogen.sh: Updated required versions and add -I m4 to aclocal. - -2003-08-28 David Shaw - - * autogen.sh: Touch po/all for --build-w32. From Werner on stable - branch. - -2003-08-25 David Shaw - - * gnupg.spec.in: Rework much of the spec to use %-macros - throughout. Fix to work properly with RPM 4.1 (all files in - buildroot must be packaged). Package and install info files. Tweak - the English description. Do not install gpgv and gpgsplit setuid - root. Make sure that install-info is called in such a way that - doesn't bork the RPM install if it cannot complete (necessary for - some upgrade scenarios). - -2003-05-26 David Shaw - - * mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable - branch) - -2003-04-08 Werner Koch - - * autogen.sh: Add options to build for coldfire and uClinux. - -2003-02-22 David Shaw - - * distfiles, gnupg.spec.in: convert-from-106 is in the tools - directory now. - - * convert-from-106: Move to the tools directory. - -2002-12-01 David Shaw - - * distfiles, gnupg.spec.in: Include convert-from-106. - - * convert-from-106: Script to automate the 1.0.6->later - conversion. It marks all secret keys as ultimately trusted, adds - the signature caches, and checks the trustdb. - -2002-11-13 David Shaw - - * mk-w32-dist: Don't use iconv for pl.po. From Werner on stable - branch. - - * mk-w32-dist: Include gpgkeys_ldap and gpgkeys_hkp. - -2002-11-12 Werner Koch - - * config.sub, config.guess: Updated from ftp.gnu.org/gnu/config - to version 2002-11-08. - -2002-10-31 David Shaw - - * gnupg.spec.in: Update source ftp path. - -2002-10-31 Stefan Bellon - - * conf-riscos/Makefile: Updated to reflect latest changes. - -2002-10-28 Stefan Bellon - - * conf-riscos/include/config.h: Updated to reflect latest changes. - -2002-10-26 David Shaw - - * gnupg.spec.in: Use new path for keyserver helpers, /usr/lib is - no longer used for cipher/hash plugins, and include gpgv, - gpgsplit, and the new gnupg.7 man page. - -2002-10-17 Werner Koch - - * autogen.sh: Allow env variables to override the auto* tool - names. Suggested by Simon Josefsson. - -2002-09-11 Werner Koch - - * distfiles: Include mk-w32-dist. - - * mk-w32-dist: Convert the character sets on a per language base. - -2002-09-02 Werner Koch - - * mk-w32-dist: Include more man pages and gpg split. Changed name - of ZIP file to better indicate that this is a command line version. - -2002-08-23 Werner Koch - - * autogen.sh : Don't run gettextize. - -2002-08-06 Stefan Bellon - - * conf-riscos/include/config.h: Changed #define FOO to - #define FOO 1. - * conf-riscos/include/g10defs.h: Likewise. - -2002-08-03 Stefan Bellon - - * conf-riscos/include/g10defs.h: Added GNUPG_LIBEXECDIR. - * conf-riscos/include/config.h: Changes due to dynload removal and - minor changes to avoid some warnings. - * conf-riscos/Makefile: Changes due to dynload removal. - * conf-riscos/cipher/*: Not needed anymore due to dynload removal. - -2002-07-25 David Shaw - - * gnupgbug: "Warning" -> "WARNING" - -2002-07-01 Werner Koch - - * mk-gpg-texi: New. - -2002-06-30 Werner Koch - - * mk-w32-dist (bindir): Fixes vor VPATH builds in a subdir, - include gpgv. - -2002-06-21 Stefan Bellon - - * conf-riscos/Makefile: Changes due to moving around RISC OS - specific stuff in the code. - -2002-06-07 Stefan Bellon - - * conf-riscos/include/config.h [__riscos__]: Fixed macro bug. - -2002-05-10 Stefan Bellon - - * conf-riscos/include/config.h [__riscos__]: Changes for later - Norcroft compilers. - - * conf-riscos/Makefile [__riscos__]: Updated. - -2002-04-22 Stefan Bellon - - * conf-riscos/include/config.h [__riscos__]: Development - versions automatically define DEBUG from now on. - - * conf-riscos/Makefile [__riscos__]: Updated for LDAP keyserver - code. - -2002-04-19 David Shaw - - * gnupg.spec.in: Removed pubring.asc and OPTIONS. Added - samplekeys.asc. - -2002-03-31 David Shaw - - * gnupg.spec.in: Added the gpgkeys_xxx keyserver helpers. Added a - * to catch variations on the basic gpg man page (gpg, gpgv). Mark - options.skel as a config file. Do not include the FAQ/faq.html - twice (in /doc/ and /share/). - -2002-01-02 Stefan Bellon - - * build-riscos [__riscos__]: Set filetype of Makefile correctly. - - * conf-riscos/include/g10defs.h [__riscos__]: Added GNU GPL - header and exec code defines. - - * conf-riscos/include/config.h [__riscos__]: Moved parts to - include/util.h where they really belong to. - - * conf-riscos/Makefile [__riscos__]: Updated for new keyserver, - exec and photo id code. - -2001-12-22 Werner Koch - - * autogen.sh: Fixed last change. - -2001-12-21 Werner Koch - - * distfiles: Removed those files which which automake installs by - default. - - * autogen.sh: Replaced $() by backticks for system without a posix - shell. Removed gawk specific quoting. By David Champion. - -2001-10-22 Werner Koch - - * autogen.sh (aclocal_vers): Require automalke 1.5. - -2001-08-21 Stefan Bellon - - * build-riscos [__riscos__]: New. - * conf-riscos [__riscos__]: Ditto. - -2001-08-13 Werner Koch - - * autogen.sh: Test on gettext 0.10.38. By Michael Engels. - -2001-08-07 Werner Koch - - * autogen.sh: Adjusted --build-w32 for autoconf 2.52 - -2001-07-09 Werner Koch - - * autogen.sh (autoconf_vers): Require autoconf 2.50 - -2001-05-06 Werner Koch - - * config.guess, config.sub: Add updates from subversions.gnu.org. - -2001-04-19 Werner Koch - - * autogen.sh: Add VPATH build support for option --build-w32. - -2001-03-12 Werner Koch - - * config.guess, config.sub: Replaced with the current GNU CVS ones. - -2001-01-18 Werner Koch - - * autogen.sh: New options --build-w32 - * build-w32: Does now call autogen.sh - -2000-11-24 Werner Koch - - * build-w32: New script to build the W32 version. - * distfiles: And put it into the distribution - -Thu Sep 14 17:45:11 CEST 2000 Werner Koch - - * gnupg.spec.in: Updated. - -Wed Sep 6 17:55:47 CEST 2000 Werner Koch - - * config.guess, config.sub: Replaced with the latest version from the - CVS archive. Hope that does not break too much. - -Fri May 12 14:01:20 CEST 2000 Werner Koch - - * gnupg.spec.in: New version from Fabio with some updated descriptions. - -Mon May 1 15:38:04 CEST 2000 Werner Koch - - * gnupg.spec.in: New version from Fabio. - -Fri Mar 17 16:26:05 CET 2000 Werner Koch - - * config.gues, config.sub: Support for s390-ibm-linux-gnu. Thanks - to Holger Smolinski. - -Thu Mar 2 15:37:46 CET 2000 Werner Koch - - * config.guess: Add support for QNX. By Sam Roberts. - * config.sub: Ditto. - -Thu Sep 23 09:49:25 1999 Werner Koch (wk@gnupg.org) - - * commit: Remove leading and trailing empty lines when copying - Changes to Changelog - -Wed Sep 15 16:22:17 CEST 1999 Werner Koch - - * gnupg.spec: Add Portuguese description - -Thu Sep 2 16:40:55 CEST 1999 Werner Koch - - * mkdiff: changed format of diff file name and made script more - general. - -Wed Aug 4 10:34:18 CEST 1999 Werner Koch - - * config.guess: Updated from gnu/common and applied my emx patch again. - * config.sub: Updated from gnu/common. - -Wed Jul 14 19:42:08 CEST 1999 Werner Koch - - * ltmain.sh, ltconfig.sh : Updated to libtool 1.3.3 - -Mon Jul 12 14:55:34 CEST 1999 Werner Koch - - * autogen.sh: Run libtoolize - -Sat May 22 22:47:26 CEST 1999 Werner Koch - - * autogen.sh: Fixed the error message for a missing libtool. - -Sat May 8 19:28:08 CEST 1999 Werner Koch - - * mkinstalldirs, install-sh: New from GNU repository - * config.sub, config.guess: Merged with rep version. - -Sun Mar 14 19:34:36 CET 1999 Werner Koch - - * autogen.sh: Add a check for libtool because some autoconf macros - are needed. - -Mon Feb 22 20:04:00 CET 1999 Werner Koch - - * autogen.sh: Enhanced the version testing code (Philippe Laliberte) - - * mkwebpage: Edits the buglist. - -Sat Feb 13 12:04:43 CET 1999 Werner Koch - - * autogen.sh: Now uses gettextize - -Wed Feb 10 17:15:39 CET 1999 Werner Koch - - * config.sub, config.guess: Support i386-emx-os2 - -Sun Jan 17 11:04:33 CET 1999 Werner Koch - - * autogen.sh: Now checks for installed gettext - -Sat Jan 16 09:27:30 CET 1999 Werner Koch - - * config.guess (m68k-atari-mint): New. - * config.sub: Add support for atarist-MiNT - -Wed Jan 13 12:49:36 CET 1999 Werner Koch - - * gnupg.spec.in: New - * gnupg.spec: Removed - -Wed Dec 23 13:18:14 CET 1998 Werner Koch - - * gnupg.spec: Updated version by Fabio Coatti - -Thu Dec 17 18:31:15 CET 1998 Werner Koch - - * gnupg.spec: New version by Reuben Sumner and did some more - changes. - -Fri Nov 27 12:39:29 CET 1998 Werner Koch - - - * commit: New - - -Fri Nov 20 12:01:57 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mkdiff: signs the patch file - -Sat Oct 17 16:10:16 1998 Werner Koch (wk@isil.d.shuttle.de) - - * autogen.sh: New. - -Wed Oct 14 09:55:25 1998 Werner Koch (wk@isil.d.shuttle.de) - - * config.guess (FreeBSD): Changes from Jun Kuriyama to support ELF - * config.sub: (freebsd): Add to maybe_os - - - Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, - 2005 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/scripts/ChangeLog-2011 b/scripts/ChangeLog-2011 new file mode 100644 index 000000000..4e09bbe72 --- /dev/null +++ b/scripts/ChangeLog-2011 @@ -0,0 +1,554 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-02-23 Werner Koch + + * autogen.sh: Add git setup checking. + +2010-10-18 Werner Koch + + * config.guess: Update to version 2010-09-24. + * config.sub: Update to version 2010-09-11. + +2009-09-05 Werner Koch + + * autogen.sh <--build-w32>: Pass --with-bzip2. + +2009-09-03 Werner Koch + + * w32installer.nsi: Set the final OutPath to Doc/. + +2008-01-30 Werner Koch + + * w32installer.nsi: Set the OutPath back. + +2007-12-12 Werner Koch + + * config.sub, config.guess: Update to version 2007-11-19. + +2007-11-15 Werner Koch + + * gnupg.spec.in: Converted to utf-8. Changed polish description. + This is bug#676. + +2007-06-22 Werner Koch + + * mk-w32-dist: Remove underline markup from man pages. Reported + by Dirk Traulsen. + +2007-05-03 Werner Koch + + * autogen.sh: Modernized. Removed autopoint invocation. This + should be done by the maintainer and the put into the SVN. + +2006-12-13 Werner Koch + + * gnupg.spec.in: Distribute gnupg1.info. + +2006-12-04 Werner Koch + + * mk-gpg-texi: Removed. + +2006-10-02 Werner Koch + + * w32installer.nsi: Don't uninstall winpt if the installer comes + without it. I fixed it despite of what I said in bug 521. + +2006-09-13 Werner Koch + + * autogen.sh: Better detection of the cross compiler. + +2006-04-03 Werner Koch + + * w32installer.nsi: Install curl and not http keyserver helper. + +2006-04-03 Werner Koch + + * autogen.sh: Unsupport mingw32/cpd. + +2006-03-09 Werner Koch + + * config.sub, config.guess: Updated. + +2006-02-14 Werner Koch + + * w32installer.nsi: Don't use System.dll. + + * autogen.sh (DIE): Add lost exit for --build-w32. + +2005-10-02 Marcus Brinkmann + + * autogen.sh (DIE): Remove ugly hack for po dir suppression. + +2005-08-21 David Shaw + + * gnupg.spec.in: Distribute gpg-zip. + +2005-05-31 Werner Koch + + * config.guess, config.sub, config.rpath: Updated from todays + gnulib CVS. + +2005-04-22 David Shaw + + * gnupg.spec.in: No longer any need to override libexecdir. The + makefiles now calculate this correctly internally. + +2005-03-30 Werner Koch + + * w32installer.nsi: Allow including of WINPT source. Include + libiconv source. + * mk-w32-dist: Add code to detect presence of source. Calculate a + build number; add option --build-number to overide. + +2005-03-14 Werner Koch + + * mk-w32-dist: Check for patch files. + * w32installer.nsi: Translated a few more strings. Print a + warning if permssions are not suitable for the installation. + Add Uninstaller entries. + +2005-02-16 David Shaw + + * gnupg.spec.in: Fix problem with storing the gpgkeys helpers in + libexec, but calling them in libexec/gnupg. + +2005-02-16 Werner Koch + + * w32installer.nsi: Added page to select the language. + * mk-w32-dist: Create the opt.ini using the available languages. + +2005-02-03 Werner Koch + + * w32installer.nsi: Display README.W32 at the end of the + installation. + * mk-w32-dist: Append .txt to README.W32. + +2005-01-26 Werner Koch + + * w32installer.nsi: Create a start menu entry and enhanced the + build environment. + * mk-w32-dist: Add more support for above. + +2005-01-11 Werner Koch + + * w32installer.nsi: New. + * mk-w32-dist: Append ".txt" to some files. Call makensis if + available. + +2004-12-21 David Shaw + + * autogen.sh: automake needs --add-missing for conditional + CPPFLAGS build in keyserver/Makefile.am. + +2004-11-26 Werner Koch + + * autogen.sh (gettext_vers_num): Fix aclocal test. + +2004-10-27 Werner Koch + + * mk-w32-dist: Use utf-8 encoding for all MO files. + +2004-10-26 Werner Koch + + * autogen.sh: Detect the Debian mingw32 package. + +2004-10-18 Werner Koch + + * mk-gpg-texi: More fixups to help Debian's install-info. + +2004-10-15 Werner Koch + + * mk-gpg-texi: Fix up the @setfilename lines. + +2004-10-01 Werner Koch + + * mk-w32-dist: Updated from stable branch. + + * mk-gpg-texi: Changed to use the newer docbook2x-texi utility. + + * config.guess, config.sub, mkinstalldirs, missing + * depcomp, install-sh: Upgraded. + +2004-07-27 Werner Koch + + * autogen.sh: Updated to the moder version, grepping the required + tool versions from configure.ac. + +2004-06-14 Werner Koch + + * mk-w32-dist: Do not include the en@* po files. + + * autogen.sh <--build-w32>: Build keyserver helpers again. + +2004-04-02 Thomas Schwinge + + * autogen.sh: Added ACLOCAL_FLAGS. + +2003-12-28 Stefan Bellon + + * build-riscos, conf-riscos/*: Updated to reflect latest changes. + +2003-10-25 Werner Koch + + * autogen.sh: Updated required versions and add -I m4 to aclocal. + +2003-08-28 David Shaw + + * autogen.sh: Touch po/all for --build-w32. From Werner on stable + branch. + +2003-08-25 David Shaw + + * gnupg.spec.in: Rework much of the spec to use %-macros + throughout. Fix to work properly with RPM 4.1 (all files in + buildroot must be packaged). Package and install info files. Tweak + the English description. Do not install gpgv and gpgsplit setuid + root. Make sure that install-info is called in such a way that + doesn't bork the RPM install if it cannot complete (necessary for + some upgrade scenarios). + +2003-05-26 David Shaw + + * mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable + branch) + +2003-04-08 Werner Koch + + * autogen.sh: Add options to build for coldfire and uClinux. + +2003-02-22 David Shaw + + * distfiles, gnupg.spec.in: convert-from-106 is in the tools + directory now. + + * convert-from-106: Move to the tools directory. + +2002-12-01 David Shaw + + * distfiles, gnupg.spec.in: Include convert-from-106. + + * convert-from-106: Script to automate the 1.0.6->later + conversion. It marks all secret keys as ultimately trusted, adds + the signature caches, and checks the trustdb. + +2002-11-13 David Shaw + + * mk-w32-dist: Don't use iconv for pl.po. From Werner on stable + branch. + + * mk-w32-dist: Include gpgkeys_ldap and gpgkeys_hkp. + +2002-11-12 Werner Koch + + * config.sub, config.guess: Updated from ftp.gnu.org/gnu/config + to version 2002-11-08. + +2002-10-31 David Shaw + + * gnupg.spec.in: Update source ftp path. + +2002-10-31 Stefan Bellon + + * conf-riscos/Makefile: Updated to reflect latest changes. + +2002-10-28 Stefan Bellon + + * conf-riscos/include/config.h: Updated to reflect latest changes. + +2002-10-26 David Shaw + + * gnupg.spec.in: Use new path for keyserver helpers, /usr/lib is + no longer used for cipher/hash plugins, and include gpgv, + gpgsplit, and the new gnupg.7 man page. + +2002-10-17 Werner Koch + + * autogen.sh: Allow env variables to override the auto* tool + names. Suggested by Simon Josefsson. + +2002-09-11 Werner Koch + + * distfiles: Include mk-w32-dist. + + * mk-w32-dist: Convert the character sets on a per language base. + +2002-09-02 Werner Koch + + * mk-w32-dist: Include more man pages and gpg split. Changed name + of ZIP file to better indicate that this is a command line version. + +2002-08-23 Werner Koch + + * autogen.sh : Don't run gettextize. + +2002-08-06 Stefan Bellon + + * conf-riscos/include/config.h: Changed #define FOO to + #define FOO 1. + * conf-riscos/include/g10defs.h: Likewise. + +2002-08-03 Stefan Bellon + + * conf-riscos/include/g10defs.h: Added GNUPG_LIBEXECDIR. + * conf-riscos/include/config.h: Changes due to dynload removal and + minor changes to avoid some warnings. + * conf-riscos/Makefile: Changes due to dynload removal. + * conf-riscos/cipher/*: Not needed anymore due to dynload removal. + +2002-07-25 David Shaw + + * gnupgbug: "Warning" -> "WARNING" + +2002-07-01 Werner Koch + + * mk-gpg-texi: New. + +2002-06-30 Werner Koch + + * mk-w32-dist (bindir): Fixes vor VPATH builds in a subdir, + include gpgv. + +2002-06-21 Stefan Bellon + + * conf-riscos/Makefile: Changes due to moving around RISC OS + specific stuff in the code. + +2002-06-07 Stefan Bellon + + * conf-riscos/include/config.h [__riscos__]: Fixed macro bug. + +2002-05-10 Stefan Bellon + + * conf-riscos/include/config.h [__riscos__]: Changes for later + Norcroft compilers. + + * conf-riscos/Makefile [__riscos__]: Updated. + +2002-04-22 Stefan Bellon + + * conf-riscos/include/config.h [__riscos__]: Development + versions automatically define DEBUG from now on. + + * conf-riscos/Makefile [__riscos__]: Updated for LDAP keyserver + code. + +2002-04-19 David Shaw + + * gnupg.spec.in: Removed pubring.asc and OPTIONS. Added + samplekeys.asc. + +2002-03-31 David Shaw + + * gnupg.spec.in: Added the gpgkeys_xxx keyserver helpers. Added a + * to catch variations on the basic gpg man page (gpg, gpgv). Mark + options.skel as a config file. Do not include the FAQ/faq.html + twice (in /doc/ and /share/). + +2002-01-02 Stefan Bellon + + * build-riscos [__riscos__]: Set filetype of Makefile correctly. + + * conf-riscos/include/g10defs.h [__riscos__]: Added GNU GPL + header and exec code defines. + + * conf-riscos/include/config.h [__riscos__]: Moved parts to + include/util.h where they really belong to. + + * conf-riscos/Makefile [__riscos__]: Updated for new keyserver, + exec and photo id code. + +2001-12-22 Werner Koch + + * autogen.sh: Fixed last change. + +2001-12-21 Werner Koch + + * distfiles: Removed those files which which automake installs by + default. + + * autogen.sh: Replaced $() by backticks for system without a posix + shell. Removed gawk specific quoting. By David Champion. + +2001-10-22 Werner Koch + + * autogen.sh (aclocal_vers): Require automalke 1.5. + +2001-08-21 Stefan Bellon + + * build-riscos [__riscos__]: New. + * conf-riscos [__riscos__]: Ditto. + +2001-08-13 Werner Koch + + * autogen.sh: Test on gettext 0.10.38. By Michael Engels. + +2001-08-07 Werner Koch + + * autogen.sh: Adjusted --build-w32 for autoconf 2.52 + +2001-07-09 Werner Koch + + * autogen.sh (autoconf_vers): Require autoconf 2.50 + +2001-05-06 Werner Koch + + * config.guess, config.sub: Add updates from subversions.gnu.org. + +2001-04-19 Werner Koch + + * autogen.sh: Add VPATH build support for option --build-w32. + +2001-03-12 Werner Koch + + * config.guess, config.sub: Replaced with the current GNU CVS ones. + +2001-01-18 Werner Koch + + * autogen.sh: New options --build-w32 + * build-w32: Does now call autogen.sh + +2000-11-24 Werner Koch + + * build-w32: New script to build the W32 version. + * distfiles: And put it into the distribution + +Thu Sep 14 17:45:11 CEST 2000 Werner Koch + + * gnupg.spec.in: Updated. + +Wed Sep 6 17:55:47 CEST 2000 Werner Koch + + * config.guess, config.sub: Replaced with the latest version from the + CVS archive. Hope that does not break too much. + +Fri May 12 14:01:20 CEST 2000 Werner Koch + + * gnupg.spec.in: New version from Fabio with some updated descriptions. + +Mon May 1 15:38:04 CEST 2000 Werner Koch + + * gnupg.spec.in: New version from Fabio. + +Fri Mar 17 16:26:05 CET 2000 Werner Koch + + * config.gues, config.sub: Support for s390-ibm-linux-gnu. Thanks + to Holger Smolinski. + +Thu Mar 2 15:37:46 CET 2000 Werner Koch + + * config.guess: Add support for QNX. By Sam Roberts. + * config.sub: Ditto. + +Thu Sep 23 09:49:25 1999 Werner Koch (wk@gnupg.org) + + * commit: Remove leading and trailing empty lines when copying + Changes to Changelog + +Wed Sep 15 16:22:17 CEST 1999 Werner Koch + + * gnupg.spec: Add Portuguese description + +Thu Sep 2 16:40:55 CEST 1999 Werner Koch + + * mkdiff: changed format of diff file name and made script more + general. + +Wed Aug 4 10:34:18 CEST 1999 Werner Koch + + * config.guess: Updated from gnu/common and applied my emx patch again. + * config.sub: Updated from gnu/common. + +Wed Jul 14 19:42:08 CEST 1999 Werner Koch + + * ltmain.sh, ltconfig.sh : Updated to libtool 1.3.3 + +Mon Jul 12 14:55:34 CEST 1999 Werner Koch + + * autogen.sh: Run libtoolize + +Sat May 22 22:47:26 CEST 1999 Werner Koch + + * autogen.sh: Fixed the error message for a missing libtool. + +Sat May 8 19:28:08 CEST 1999 Werner Koch + + * mkinstalldirs, install-sh: New from GNU repository + * config.sub, config.guess: Merged with rep version. + +Sun Mar 14 19:34:36 CET 1999 Werner Koch + + * autogen.sh: Add a check for libtool because some autoconf macros + are needed. + +Mon Feb 22 20:04:00 CET 1999 Werner Koch + + * autogen.sh: Enhanced the version testing code (Philippe Laliberte) + + * mkwebpage: Edits the buglist. + +Sat Feb 13 12:04:43 CET 1999 Werner Koch + + * autogen.sh: Now uses gettextize + +Wed Feb 10 17:15:39 CET 1999 Werner Koch + + * config.sub, config.guess: Support i386-emx-os2 + +Sun Jan 17 11:04:33 CET 1999 Werner Koch + + * autogen.sh: Now checks for installed gettext + +Sat Jan 16 09:27:30 CET 1999 Werner Koch + + * config.guess (m68k-atari-mint): New. + * config.sub: Add support for atarist-MiNT + +Wed Jan 13 12:49:36 CET 1999 Werner Koch + + * gnupg.spec.in: New + * gnupg.spec: Removed + +Wed Dec 23 13:18:14 CET 1998 Werner Koch + + * gnupg.spec: Updated version by Fabio Coatti + +Thu Dec 17 18:31:15 CET 1998 Werner Koch + + * gnupg.spec: New version by Reuben Sumner and did some more + changes. + +Fri Nov 27 12:39:29 CET 1998 Werner Koch + + + * commit: New + + +Fri Nov 20 12:01:57 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mkdiff: signs the patch file + +Sat Oct 17 16:10:16 1998 Werner Koch (wk@isil.d.shuttle.de) + + * autogen.sh: New. + +Wed Oct 14 09:55:25 1998 Werner Koch (wk@isil.d.shuttle.de) + + * config.guess (FreeBSD): Changes from Jun Kuriyama to support ELF + * config.sub: (freebsd): Add to maybe_os + + + Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, + 2005 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/tests/ChangeLog b/tests/ChangeLog deleted file mode 100644 index c6b3b9af1..000000000 --- a/tests/ChangeLog +++ /dev/null @@ -1,68 +0,0 @@ -2002-12-04 Werner Koch - - * inittests (gpgsm.conf): Fake system time. - -2002-10-31 Neal H. Walfield - - * Makefile.am (inittests.stamp): Do not set LD_LIBRARY_PATH here. - (TESTS_ENVIRONMENT): Do it here. And also frob $(LIBGCRYPT_LIBS) - and $(PTH_LIBS). - -2002-10-31 Neal H. Walfield - - * asschk.c (die): New macro. - (read_assuan): If in verbose mode, dump the string that was read. - (write_assuan): Be more verbose on failure. - -2002-09-04 Neal H. Walfield - - * Makefile.am (inittests.stamp): Do not set LD_LIBRARY_PATH, but - rather prepend it. Be more robust and prefer printf over echo -n. - -2002-09-04 Marcus Brinkmann - - * asschk.c (start_server): Close the parent's file descriptors in - the child. - (read_assuan): Variable NREAD removed. Cut off the received line - currectly if more than one line was read. - -2002-09-03 Neal H. Walfield - - * Makefile.am (inittests.stamp): Construct an LD_LIBRARY_PATH from - LDFLAGS. - -2002-08-09 Werner Koch - - * asschk.c (cmd_getenv): New. - (expand_line): Allow / as variable name delimiter. - * sm-sign+verify, sm-verify: Use $srcdir so that a VPATH build works. - - * Makefile.am: Fixes for make dist. - * samplekets/Makefile.am: New. - -2002-08-08 Werner Koch - - * asschk.c: Added some new features. - * runtest, inittests: New. - * text-1.txt, text-2.txt, text-3.txt: New. - * text-1.osig.pem, text-1.dsig.pem, text-1.osig-bad.pem: New. - * text-2.osig.pem, text-2.osig-bad.pem: New. - * samplekeys : New directory - * sm-verify, sm-sign+verify: The first test scripts. - -2002-08-06 Werner Koch - - * Makefile.am, asschk.c: New. - - - Copyright 2002 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - diff --git a/tests/ChangeLog-2011 b/tests/ChangeLog-2011 new file mode 100644 index 000000000..d034ebe37 --- /dev/null +++ b/tests/ChangeLog-2011 @@ -0,0 +1,73 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2002-12-04 Werner Koch + + * inittests (gpgsm.conf): Fake system time. + +2002-10-31 Neal H. Walfield + + * Makefile.am (inittests.stamp): Do not set LD_LIBRARY_PATH here. + (TESTS_ENVIRONMENT): Do it here. And also frob $(LIBGCRYPT_LIBS) + and $(PTH_LIBS). + +2002-10-31 Neal H. Walfield + + * asschk.c (die): New macro. + (read_assuan): If in verbose mode, dump the string that was read. + (write_assuan): Be more verbose on failure. + +2002-09-04 Neal H. Walfield + + * Makefile.am (inittests.stamp): Do not set LD_LIBRARY_PATH, but + rather prepend it. Be more robust and prefer printf over echo -n. + +2002-09-04 Marcus Brinkmann + + * asschk.c (start_server): Close the parent's file descriptors in + the child. + (read_assuan): Variable NREAD removed. Cut off the received line + currectly if more than one line was read. + +2002-09-03 Neal H. Walfield + + * Makefile.am (inittests.stamp): Construct an LD_LIBRARY_PATH from + LDFLAGS. + +2002-08-09 Werner Koch + + * asschk.c (cmd_getenv): New. + (expand_line): Allow / as variable name delimiter. + * sm-sign+verify, sm-verify: Use $srcdir so that a VPATH build works. + + * Makefile.am: Fixes for make dist. + * samplekets/Makefile.am: New. + +2002-08-08 Werner Koch + + * asschk.c: Added some new features. + * runtest, inittests: New. + * text-1.txt, text-2.txt, text-3.txt: New. + * text-1.osig.pem, text-1.dsig.pem, text-1.osig-bad.pem: New. + * text-2.osig.pem, text-2.osig-bad.pem: New. + * samplekeys : New directory + * sm-verify, sm-sign+verify: The first test scripts. + +2002-08-06 Werner Koch + + * Makefile.am, asschk.c: New. + + + Copyright 2002 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/tools/ChangeLog b/tools/ChangeLog deleted file mode 100644 index 2992258ac..000000000 --- a/tools/ChangeLog +++ /dev/null @@ -1,246 +0,0 @@ -2010-05-12 Werner Koch - - * mk-tdata.c (main): Add option --seq. - -2007-10-23 Werner Koch - - Switched entire package to GPLv3+. - -2007-04-16 David Shaw - - * Makefile.am (noinst_PROGRAMS): Don't build shmtest unless we - have shm. - -2006-12-11 Werner Koch - - * Makefile.am (AM_CPPFLAGS): Use in place of INCLUDES. Define - LOCALEDIR. - * shmtest.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/. - * mpicalc.c (i18n_init): Ditto. - -2006-04-20 David Shaw - - * make-dns-cert.c (main): Small exit code tweak from Peter - Palfrader. - -2006-04-05 David Shaw - - * make-dns-cert.c: Some changes from Peter Palfrader to send - errors to stderr and allow spaces in a fingerprint. Also warn - when a key is over 16k (as that is the default max-cert-size) and - fail when a key is over 64k as that is the DNS limit in many - places. - -2006-04-04 David Shaw - - * make-dns-cert.c: New program to generate properly formatted CERT - records so people don't have to do it manually. - -2006-02-14 Werner Koch - - * mk-tdata.c (main): Implement option --char. - -2005-08-05 David Shaw - - * gpg-zip.in: Add --decrypt functionality. Fix quoting so - filenames with spaces work properly. - -2005-08-04 David Shaw - - * gpg-zip.in: New. Script wrapper to work with encrypted tar - files, a la PGP Zip. - - * Makefile.am: Use it if we have a USTAR compatible tar. - -2004-12-18 David Shaw - - * Makefile.am: Link with readline where needed. - -2004-10-28 Werner Koch - - * Makefile.am (other_libs): New. Also include LIBICONV. Noted by - Tim Mooney. - -2004-10-01 Werner Koch - - * bftest.c (i18n_init): Always use LC_ALL. - * shmtest.c (i18n_init): Ditto. - * mpicalc.c (i18n_init): Ditto. - -2004-09-13 David Shaw - - * pgpgroup-to-gpggroup: New perl script to take groups from PGP - command line and write out GnuPG 'group' config lines. - -2004-07-04 David Shaw - - * ring-a-party: ElGamal -> Elgamal - -2004-01-11 David Shaw - - * convert-from-106, lspgpot: Check for gpg binary before - proceeding. Don't hardcode the path to gpg. - - * gpgsplit.c (handle_bzip2): Remove two cut and paste typecast - errors. Noted by Stefan Bellon. - -2003-12-28 Stefan Bellon - - * gpgsplit.c [__riscos__]: Removal of unnecessary #ifdef - __riscos__ sections. - -2003-12-06 David Shaw - - * gpgsplit.c (write_part): Split off decompression code. - (handle_zlib): Move it here. - (handle_bzip2): Add this to handle BZIP2 compressed messages. - -2003-10-25 Werner Koch - - * Makefile.am: Replaced INTLLIBS by LIBINTL. - -2003-08-24 David Shaw - - * Makefile.am: Use NETLIBS instead of EGDLIBS. - -2003-07-10 David Shaw - - * Makefile.am: Use W32LIBS where appropriate. - -2003-05-30 David Shaw - - * Makefile.am: Some cleanup, and use DLLIBS for -ldl. - -2003-05-24 David Shaw - - * bftest.c, crlf.c, mk-tdata.c, mpicalc.c, shmtest.c: Edit all - preprocessor instructions to remove whitespace before the - '#'. This is not required by C89, but there are some compilers out - there that don't like it. - -2003-03-11 David Shaw - - * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using - capabilities. - -2003-02-22 David Shaw - - * Makefile.am: Distribute convert-from-106. - - * convert-from-106: Script to automate the 1.0.6->later - conversion. It marks all secret keys as ultimately trusted, adds - the signature caches, and checks the trustdb. Moved from the - scripts directory. - -2002-10-31 Stefan Bellon - - * gpgsplit.c (write_part) [__riscos__]: Use riscos_load_module() - to load ZLib module. - -2002-10-23 Werner Koch - - * gpgsplit.c: New options --secret-to-public and --no-split. - GNUified the indentation style. - -2002-09-25 David Shaw - - * Makefile.am: Link bftest with EGDLIBS (i.e. NETLIBS) as EGD uses - sockets. - -2002-05-07 Stefan Bellon - - * gpgsplit.c (create_filename): Use EXTSEP_S instead of ".". - -2002-04-23 David Shaw - - * Makefile.am: Do not list libraries in -lxxx format in a - dependency line. - -2002-01-02 Stefan Bellon - - * gpgsplit.c [__riscos__]: Added RISC OS specific file name - code. - - * gpgsplit.c (write_part): Introduced two explicit casts. - -2001-12-21 David Shaw - - * gpgsplit.c (pkttype_to_string): PKT_PHOTO_ID -> PKT_ATTRIBUTE - -2001-10-23 Werner Koch - - * Makefile.am (gpgsplit_LDADD): Add ZLIBS. - -2001-09-18 Werner Koch - - * gpgsplit.c: New option --uncompress. - (write_part): Handle old style uncompressing. - -2001-06-20 Werner Koch - - * gpgsplit.c: New. - * Makefile.am (bin_PROGRAMS): Install gpgsplit. - -2001-03-27 Werner Koch - - * mail-signed-keys: Add option --dry-run. - -2001-03-21 Werner Koch - - * shmtest.c: Add sys/types.h - -Fri Sep 15 18:40:36 CEST 2000 Werner Koch - - * ring-a-party: An array start at offset 1 no 0. Many thanks to Mike - for finding this bug. - -Thu Sep 14 14:20:38 CEST 2000 Werner Koch - - * ring-a-party: Flush the last key. - -Wed Jul 5 13:28:45 CEST 2000 Werner Koch - - * mail-signed-keys: New. - -Tue May 23 09:19:00 CEST 2000 Werner Koch - - * ring-a-party: New. - -Thu Jul 8 16:21:27 CEST 1999 Werner Koch - - * lspgpot: New - -Wed Jul 7 13:08:40 CEST 1999 Werner Koch - - * Makefile.am: Support for libtool. - -Tue Jun 8 13:36:25 CEST 1999 Werner Koch - - * mpicalc.c (main): hex digits may now be lowercase - (do_mulm): new. - -Thu Dec 10 20:15:36 CET 1998 Werner Koch - - * mpicalc.c (main): Moved initialization out of definition. - -Mon May 18 15:39:22 1998 Werner Koch (wk@isil.d.shuttle.de) - - * mk-tdata.c: New. - -Tue Apr 7 19:50:41 1998 Werner Koch (wk@isil.d.shuttle.de) - - * bftest.c: Now supports all availabe ciphers. - - - - Copyright 1998, 1999, 2000, 2001, 2007 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - diff --git a/tools/ChangeLog-2011 b/tools/ChangeLog-2011 new file mode 100644 index 000000000..309c8dcc2 --- /dev/null +++ b/tools/ChangeLog-2011 @@ -0,0 +1,251 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2010-05-12 Werner Koch + + * mk-tdata.c (main): Add option --seq. + +2007-10-23 Werner Koch + + Switched entire package to GPLv3+. + +2007-04-16 David Shaw + + * Makefile.am (noinst_PROGRAMS): Don't build shmtest unless we + have shm. + +2006-12-11 Werner Koch + + * Makefile.am (AM_CPPFLAGS): Use in place of INCLUDES. Define + LOCALEDIR. + * shmtest.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/. + * mpicalc.c (i18n_init): Ditto. + +2006-04-20 David Shaw + + * make-dns-cert.c (main): Small exit code tweak from Peter + Palfrader. + +2006-04-05 David Shaw + + * make-dns-cert.c: Some changes from Peter Palfrader to send + errors to stderr and allow spaces in a fingerprint. Also warn + when a key is over 16k (as that is the default max-cert-size) and + fail when a key is over 64k as that is the DNS limit in many + places. + +2006-04-04 David Shaw + + * make-dns-cert.c: New program to generate properly formatted CERT + records so people don't have to do it manually. + +2006-02-14 Werner Koch + + * mk-tdata.c (main): Implement option --char. + +2005-08-05 David Shaw + + * gpg-zip.in: Add --decrypt functionality. Fix quoting so + filenames with spaces work properly. + +2005-08-04 David Shaw + + * gpg-zip.in: New. Script wrapper to work with encrypted tar + files, a la PGP Zip. + + * Makefile.am: Use it if we have a USTAR compatible tar. + +2004-12-18 David Shaw + + * Makefile.am: Link with readline where needed. + +2004-10-28 Werner Koch + + * Makefile.am (other_libs): New. Also include LIBICONV. Noted by + Tim Mooney. + +2004-10-01 Werner Koch + + * bftest.c (i18n_init): Always use LC_ALL. + * shmtest.c (i18n_init): Ditto. + * mpicalc.c (i18n_init): Ditto. + +2004-09-13 David Shaw + + * pgpgroup-to-gpggroup: New perl script to take groups from PGP + command line and write out GnuPG 'group' config lines. + +2004-07-04 David Shaw + + * ring-a-party: ElGamal -> Elgamal + +2004-01-11 David Shaw + + * convert-from-106, lspgpot: Check for gpg binary before + proceeding. Don't hardcode the path to gpg. + + * gpgsplit.c (handle_bzip2): Remove two cut and paste typecast + errors. Noted by Stefan Bellon. + +2003-12-28 Stefan Bellon + + * gpgsplit.c [__riscos__]: Removal of unnecessary #ifdef + __riscos__ sections. + +2003-12-06 David Shaw + + * gpgsplit.c (write_part): Split off decompression code. + (handle_zlib): Move it here. + (handle_bzip2): Add this to handle BZIP2 compressed messages. + +2003-10-25 Werner Koch + + * Makefile.am: Replaced INTLLIBS by LIBINTL. + +2003-08-24 David Shaw + + * Makefile.am: Use NETLIBS instead of EGDLIBS. + +2003-07-10 David Shaw + + * Makefile.am: Use W32LIBS where appropriate. + +2003-05-30 David Shaw + + * Makefile.am: Some cleanup, and use DLLIBS for -ldl. + +2003-05-24 David Shaw + + * bftest.c, crlf.c, mk-tdata.c, mpicalc.c, shmtest.c: Edit all + preprocessor instructions to remove whitespace before the + '#'. This is not required by C89, but there are some compilers out + there that don't like it. + +2003-03-11 David Shaw + + * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using + capabilities. + +2003-02-22 David Shaw + + * Makefile.am: Distribute convert-from-106. + + * convert-from-106: Script to automate the 1.0.6->later + conversion. It marks all secret keys as ultimately trusted, adds + the signature caches, and checks the trustdb. Moved from the + scripts directory. + +2002-10-31 Stefan Bellon + + * gpgsplit.c (write_part) [__riscos__]: Use riscos_load_module() + to load ZLib module. + +2002-10-23 Werner Koch + + * gpgsplit.c: New options --secret-to-public and --no-split. + GNUified the indentation style. + +2002-09-25 David Shaw + + * Makefile.am: Link bftest with EGDLIBS (i.e. NETLIBS) as EGD uses + sockets. + +2002-05-07 Stefan Bellon + + * gpgsplit.c (create_filename): Use EXTSEP_S instead of ".". + +2002-04-23 David Shaw + + * Makefile.am: Do not list libraries in -lxxx format in a + dependency line. + +2002-01-02 Stefan Bellon + + * gpgsplit.c [__riscos__]: Added RISC OS specific file name + code. + + * gpgsplit.c (write_part): Introduced two explicit casts. + +2001-12-21 David Shaw + + * gpgsplit.c (pkttype_to_string): PKT_PHOTO_ID -> PKT_ATTRIBUTE + +2001-10-23 Werner Koch + + * Makefile.am (gpgsplit_LDADD): Add ZLIBS. + +2001-09-18 Werner Koch + + * gpgsplit.c: New option --uncompress. + (write_part): Handle old style uncompressing. + +2001-06-20 Werner Koch + + * gpgsplit.c: New. + * Makefile.am (bin_PROGRAMS): Install gpgsplit. + +2001-03-27 Werner Koch + + * mail-signed-keys: Add option --dry-run. + +2001-03-21 Werner Koch + + * shmtest.c: Add sys/types.h + +Fri Sep 15 18:40:36 CEST 2000 Werner Koch + + * ring-a-party: An array start at offset 1 no 0. Many thanks to Mike + for finding this bug. + +Thu Sep 14 14:20:38 CEST 2000 Werner Koch + + * ring-a-party: Flush the last key. + +Wed Jul 5 13:28:45 CEST 2000 Werner Koch + + * mail-signed-keys: New. + +Tue May 23 09:19:00 CEST 2000 Werner Koch + + * ring-a-party: New. + +Thu Jul 8 16:21:27 CEST 1999 Werner Koch + + * lspgpot: New + +Wed Jul 7 13:08:40 CEST 1999 Werner Koch + + * Makefile.am: Support for libtool. + +Tue Jun 8 13:36:25 CEST 1999 Werner Koch + + * mpicalc.c (main): hex digits may now be lowercase + (do_mulm): new. + +Thu Dec 10 20:15:36 CET 1998 Werner Koch + + * mpicalc.c (main): Moved initialization out of definition. + +Mon May 18 15:39:22 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mk-tdata.c: New. + +Tue Apr 7 19:50:41 1998 Werner Koch (wk@isil.d.shuttle.de) + + * bftest.c: Now supports all availabe ciphers. + + + + Copyright 1998, 1999, 2000, 2001, 2007 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/util/ChangeLog b/util/ChangeLog deleted file mode 100644 index d4caac385..000000000 --- a/util/ChangeLog +++ /dev/null @@ -1,1928 +0,0 @@ -2011-09-12 Werner Koch - - * ttyio.c (init_ttyfp): Avoid endless loop due to a failed opening - of the tty. Suggested by Steven M. Schweda. - -2011-08-09 Werner Koch - - * pka.c (get_pka_info): Turn ANSWER into a union to avoid aliasing - problems with modern compilers. See bug#1307. Reported by Steve - Grubb. - (get_pka_info): Remove unused vars. - -2010-10-27 Werner Koch - - * miscutil.c (INVALID_TIME_CHECK): New. - (strtimestamp, isotimestamp, asctimestamp): Use it. - -2010-09-28 Steven M. Schweda (wk) - - Changes to help the VMS port. See - http://antinode.info/dec/sw/gnupg.html . - - * cert.c [__VMS]: Include cert_vms.h. - * ttyio.c [__VMS]: Include vms.h. - (init_ttyfp) [__VMS]: Make global. - (ttyfp_is) [__VMS]: New. - (do_get) [__VMS]: Disable terminal echo. - * srv.c [__VMS]: Include cert_vms.h. - * secmem.c (lock_pool) [__VMS]: Use log_warning. - * pka.c [USE_DNS_PKA]: Define T_CERT. - * logger.c [__VMS]: Include unistd.h and ttyio.h. - (g10_log_print_prefix) [__VMS]: Init logfp. - * iobuf.c [__VMS]: Include vms.h. - (iobuf_get_filelength) [__VMS]: Use VMS specific method. - -2009-09-03 Werner Koch - - * ttyio.c (tty_printf) [_WIN32]: s/xtryasprintf/xtryvasprint/ - * strgutil.c (xtryvasprintf): New. - - * estream-printf.c: Include stdint.h only if HAVE_STDINT_H is - defined. Problem reported by Nelson H. F. Beebe. - * estream.m4: Check for stdint.h. - - * estream-printf.c: Remove all test code. Use macro DEBUG instead - of TEST for debugging. - -2009-08-25 Werner Koch - - * compat.c: Change license to all-permissive. The GPL and the - exception does no make sense here. - (do_strconcat, xstrconcat): New. - -2009-08-18 Werner Koch - - * iobuf.c (fd_cache_close): Change debug printf format assuming - that FILEP_OR_FD is today always an int. - - * miscutil.c (print_string2): Loose check for control characters - to better cope with utf-8. The range 0x80..0x9f is nowadays not - anymore accidently used for control charaters. Fixes bug#1103. - -2009-08-11 David Shaw - - * strgutil.c (string_to_utf8): New function to convert a Latin-1 - string to UTF8. From GPA. - -2009-07-23 David Shaw - - * srv.c (getsrv): Fix type-punning warning. - (main): Allow testing any SRV. - -2009-07-21 Werner Koch - - * ttyio.c (tty_printf): Replace vasprintf by xtryasprintf. - (tty_fprintf): Ditto. - - * strgutil.c: Include estream-printf.h. - (xasprintf, xtryasprintf): New. - (vasprintf, asprintf): Remove. - - * estream-printf.c: New. Taken from libestream. - * Makefile.am (libutil_a_SOURCES): Add it. - - * memory.c (trymalloc,trystrdup): New. - - * convert.c: New. Taken from GnuPG 2.0 SVN. - * Makefile.am (libutil_a_SOURCES): Add it. - -2009-05-26 David Shaw - - * http.c (send_request): Pass in a STRLIST for additional headers. - Change all callers. - -2009-05-22 Werner Koch - - * ttyio.c (tty_cleanup_after_signal): New. - -2009-05-05 Werner Koch - - * dotlock.c: Merged changes from GnuPG-2. Better detection of - stale lockfiles and actual locking support on W32. Fixes bug#1028. - - * miscutil.c (isotime2seconds): New. - -2009-04-05 David Shaw - - * srv.h: Move to include/srv.h. - - * http.c (send_request): Pass in srvtag... - (http_open): ...from here. - -2009-04-02 David Shaw - - * http.c (connect_server): free (rather than xfree) the result of - getsrv(). - (http_open, http_open_document): Allow passing srvtag to http_open - and http_open_document. - - * Makefile.am: Make srv.c part of libcompat instead of libutil. - - * srv.c (getsrv): Raise maximum packet size to 2048, as PACKETSZ - is too small these days. Use libc malloc and free as we're part - of libcompat now which may not be linked to memory.c. - -2009-03-20 David Shaw - - * iobuf.c (fd_cache_synchronize): New. fsync() a file in cache. - (iobuf_ioctl): Called here, for ioctl 4. - (fd_cache_invalidate): Pass return code from close() back to - iobuf_ioctl(). - -2009-03-13 David Shaw - - * http.c (do_parse_uri): Properly handle IPv6 literal addresses as - per RFC-2732. Adapted from patch by Phil Pennock. - - * Makefile.am, http.c (start_server): Minor tweaks to get - http-test compiling again. - -2008-09-05 David Shaw - - * Makefile.am: Use $(CC) instead of "cc" to compile, as the user - might be overriding the compiler. - -2008-08-19 Werner Koch - - * iobuf.c: Avoid passing a NULL (iobuf_t)->desc to the log - function. Should in general never be NULL, but well. Reported by - M. Heneka. - -2008-03-06 David Shaw - - * argparse.c (default_strusage): Update copyright date. - -2007-10-23 Werner Koch - - Switched entire package to GPLv3+. The parts taken from libassuan - and glibc are kept at LGPLv2+; only the address as been chnaged. - - * argparse.c (strusage): Use id 10 for the license string; - defaults to GPL3+. Change long note to version 3 or later. - (show_version): Print the license info. - -2007-08-24 Werner Koch - - * fileutil.c (same_file_p): New. Taken from SVN trunk. - (compare_filenames) [HAVE_DRIVE_LETTERS]: Take drive letters and - backslashes in account. - -2007-04-16 David Shaw - - * strgutil.c (ascii_toupper, ascii_tolower, ascii_strcasecmp, - ascii_strncasecmp): Move functions to compat.c. - -2007-04-16 Werner Koch - - * secmem.c (init_pool): Avoid assigning a negative value to a - size_t. - -2007-04-16 David Shaw - - * secmem.c (init_pool): Use sysconf() if available to determine - page size. - -2007-04-15 David Shaw - - * argparse.c (default_strusage): Copyright 2007. - - * cert.c, srv.c, pka.c: Need arpa/inet.h for ntohs(). - -2007-02-26 Werner Koch - - * simple-gettext.c (set_gettext_file): Make use of the envvar - LANGUAGE to allow overriding of the registry setting. - -2007-02-12 Werner Koch - - * secmem.c (ptr_into_pool_p): New. - (m_is_secure): Implement in terms of above. Also check that the - pool has been initialized. - -2007-02-10 David Shaw - - * http.c (do_parse_uri): Remove the hkp port 11371 detection. We - implement hkp in the keyserver handler, and the support here makes - it appear like a bad hkp request actually succeeded. - -2007-01-31 David Shaw - - * ttyio.c (do_get): Assume that anything read from the user - without echoing to the screen is sensitive and put it in secure - memory. Suggested by Benjamin Bennett. - -2006-12-14 Werner Koch - - * http.c (http_wait_response): No more shutdown. Fixes bug#739. - -2006-10-02 David Shaw - - * strsep.c (strsep): It's strsep, not strsep2 from testing. (If I - had a dollar for every time I've done that...) - -2006-09-28 David Shaw - - * strgutil.c (strsep): Move to strsep.c for AC_REPLACE_FUNCS. - - * Makefile.am: Build libcompat.a for keyserver helpers. libutil.a - always contains everything in libcompat.a, so we only need to link - to one or the other. - - * miscutil.c: Move hextobyte to new file compat.c. - -2006-07-31 Werner Koch - - * iobuf.c (iobuf_ioctl, fd_cache_invalidate): Allow closing all - open files. - -2006-07-29 Marcus Brinkmann - - * secmem.c (init_pool): Close FD after establishing the mapping. - -2006-07-20 David Shaw - - * http.c (send_request): A zero-length proxy is the same as no - proxy at all. Suggested by J. Scott Berg. - -2006-04-17 David Shaw - - * miscutil.c (make_printable_string): Fix bug where some control - characters lose part of their ASCII representation. - -2006-04-11 David Shaw - - * memory.c (realloc): Revert m_guard fix and stick an #error in - there to inform people not to use it. - -2006-04-11 Werner Koch - - * iobuf.c (IOBUF_BUFFER_SIZE): New to replace hardwired 8192. - -2006-04-06 David Shaw - - * memory.c (realloc): Fix compile problem with --enable-m-guard. - -2006-03-30 David Shaw - - * cert.c (main): Fix test program build warning on OSX. - -2006-03-16 David Shaw - - * cert.c (get_cert): Handle the fixed IPGP type with fingerprint. - -2006-03-08 David Shaw - - * argparse.c (default_strusage): Update copyright year to 2006. - -2006-02-19 David Shaw - - * http.c (send_request): A zero length proxy is the same as no - proxy. - -2006-02-14 Werner Koch - - * errors.c (g10_errstr): Add NO_DATA. - -2006-01-26 David Shaw - - * cert.c (get_cert): Disable IPGP types for now until the format - questions in the draft are settled. - - * srv.c (getsrv): Error on oversize SRV responses. - -2005-12-24 David Shaw - - * cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs. - -2005-12-23 David Shaw - - * cert.c, Makefile.am: New code to do DNS CERT queries. - -2005-12-22 David Shaw - - * srv.c, Makefile.am: Only build srv.c if we need to. - -2005-12-10 Ryan Lortie (dshaw) - - * ttyio.c (tty_enable_completion, tty_disable_completion): Add - checks for no_terminal so we don't try to open("/dev/tty") when - invoked with --no-tty. - -2005-12-06 David Shaw - - * Makefile.am: Some cleanup so we don't build files that are - completely ifdeffed out. This causes a warning on Sun's cc. Do - the internal regex code as well for consistency. - - * mkdtemp.c (mkdtemp): Fix warning. - - * secmem.c, assuan-buffer.c, dotlock.c: Fix a few warnings from - printf-ing %p where the arg wasn't void *. - -2005-11-02 David Shaw - - * util.c [!HAVE_DECL_GETPAGESIZE]: Prototype getpagesize() if - unistd.h doesn't have it (for MinGW). - -2005-09-22 Werner Koch - - * iobuf.c (iobuf_get_filelength): New arg OVERFLOW. - (iobuf_get_filelength) [W32]: Use GetFileSizeEx if available. - * fileutil.c (is_file_compressed): Take care of the OVERFLOW - -2005-08-31 David Shaw - - * fileutil.c (untilde): New. Expand ~/foo and ~username/foo - filenames into full paths using $HOME if possible, or - getpwuid/getpwnam if necessary. - (make_filename): Use it here. - -2005-07-28 Werner Koch - - * pka.c: New. - (parse_txt_record): Changed from v=1 to v=pka1. - - * Makefile.am (pka-test): new. - -2005-07-27 Werner Koch - - * memory.c (FNAMEX, FNAMEXM): New macros to cope with the now used - names xmalloc style names. - -2005-07-18 Werner Koch - - * ttyio.c (do_get): Move printing of the prompt after disabling - echo. Suggested by Scott Worley. - -2005-06-23 David Shaw - - * http.c (make_radix64_string): Add '=' padding as per standard. - (send_request, http_open, http_open_document): Clean up auth code. - Can now support different auth for a proxy and the file being - requested via that proxy. Unescape auth strings. - -2005-06-22 David Shaw - - * memrchr.c (memrchr): Not all compilers allow initializing based - on a variable that is also being initialized. Noted by Nelson - H. F. Beebe. - -2005-06-21 David Shaw - - * http.c (send_request, http_open, http_open_document): Pass in - auth and proxyauth that can override the in-url auth. - - * http.c (send_request): Need == after the radix64-encoded basic - auth string. - -2005-06-08 David Shaw - - * dotlock.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on - mingw32. Noted by Joe Vender. - -2005-05-31 Werner Koch - - * regcomp.c (MB_CUR_MAX) [_WIN32]: Define it only if not defined. - -2005-05-29 David Shaw - - * strgutil.c (set_native_charset) [_WIN32]: Add alias for codepage - CP65001 to utf-8. - -2005-05-19 Werner Koch - - * membuf.c: New. Taken from gnupg 1.9. - -2005-05-05 David Shaw - - * miscutil.c (add_days_to_timestamp): Remove as unused. - -2005-04-12 David Shaw - - * assuan-client.c: Fix warning on OSX. - - * memrchr.c: New replacement function. - - * assuan-buffer.c: Use it here. - -2005-04-04 Werner Koch - - * memory.c (xcalloc, xcalloc_secure): New wrappers. - - * assuan-client.c (assuan_transact): Factored all code out to .. - (assuan_transact2): .. new. Add arg OKAY_CB. Wipe the memory - processed though that callback. - -2005-03-31 Werner Koch - - * isascii.c: New. This is an autoconf replacement function. - - * Makefile.am (assuan_source): New. Only used when agent support - has been requested. - * assuan-buffer.c, assuan-client.c, assuan-defs.h, - * assuan-errors.c, assuan-logging.c, assuan-socket-connect.c, - * assuan-socket.c, assuan-util.c, assuan-connect.c: New. Taken - from libassuan 0.6.9 and adjusted for our limited use of Assuan. - -2005-03-18 David Shaw - - * ttyio.c (tty_enable_completion, tty_disable_completion): Enable - and disable readline completion. - (init_ttyfp): Completion is disabled by default. - -2005-03-14 Werner Koch - - * miscutil.c (isotimestamp): New. - -2005-03-10 Werner Koch - - * secmem.c (secmem_realloc): Take control information into account - when checking whether a resize is needed. - -2005-03-08 Werner Koch - - * miscutil.c (asctimestamp) [W32]: Don't use %Z. - -2005-02-03 Werner Koch - - * w32reg.c (read_w32_registry_string): Fallback to HKLM also for a - missing name. - - * http.c (connect_server): Define ERR outside of the !W32 block. - -2005-02-01 David Shaw - - * http.c (connect_server): Fix fd leak when connecting to a - round-robin server set that has some down servers. Noted by Phil - Pennock. - -2005-01-20 Werner Koch - - * simple-gettext.c (set_gettext_file): Use MO files depending on - the installation directory. Add new arg REGKEY. - -2005-01-18 Werner Koch - - * argparse.c (default_strusage): Changed default copyright year to - 2005. - - * strgutil.c (handle_iconv_error): Print error messages only once. - (native_to_utf8, utf8_to_native): Ditto. - -2005-01-11 Werner Koch - - * strgutil.c (set_native_charset) [W32]: Use the alias table from - libiconv 1.9.2. - -2005-01-13 David Shaw - - * http.c (connect_server): Use INADDR_NONE instead of - SOCKET_ERROR. Noted by Timo. - -2005-01-06 Werner Koch - - * strgutil.c (set_native_charset): Assume that ASCII, - ANSI_X3.4-1968 and 646 are actually meant as Latin-1. If - nl_langinfo is not available get the charset from environment - variables. For W32 use GetACP as error fallback. Removed Latin-15 - to Latin-1 aliasing. - -2004-12-28 David Shaw - - * srv.h: Better implementation for the SRV check. We don't need - to actually check all the header files individually since the SRV - test compile uses them together. - -2004-12-20 Werner Koch - - * strgutil.c (handle_iconv_error): Turn diagnostics into warnings - so that gpg does not return with failure. - (native_to_utf8, utf8_to_native): Ditto. - -2004-12-16 Werner Koch - - * iobuf.c (fd_cache_strcmp) [W32]: Casting is a Bad Thing. Cast to - an unsigned char pointer and to an unsigned integer. - -2004-12-18 David Shaw - - * ttyio.c: Use only HAVE_LIBREADLINE to detect readline - availability. - -2004-12-16 David Shaw - - * srv.h: Don't include arpa/nameser.h unless we have it. Include - "types.h" for u16. - - * secmem.c (secmem_init): Return a flag to indicate whether we got - the lock. - -2004-12-06 Werner Koch - - * iobuf.c (fd_cache_strcmp): New. Use whenever we compare - filenames for the fd_cache. This is needed because the backslash - is an alias for a slash under W32. Reported by Tobias Winkler. - -2004-12-03 David Shaw - - * http.c (send_request): Include the port if non-80 in the Host: - header. Noted by Jason Harris. - -2004-11-03 Timo Schulz - - * strgutil.c (w32_strerror): New. - * ttyio.c (init_ttyfp, tty_printf, do_get): Use it here. - * iobuf.c (fd_cache_open, file_filter): Likewise. - (iobuf_seek, translate_file_handle): Likewise. - -2004-11-02 Werner Koch - - * strgutil.c (load_libiconv): Use log_info to avoid failures when - iconv.dll is not installed. - -2004-10-31 Werner Koch - - * simple-gettext.c (get_string): Removed debugging hack. - -2004-10-27 Werner Koch - - * simple-gettext.c: Removed windows.h. - (get_string): On the fly translation from utf-8 to active - character set. - - * strgutil.c (load_libiconv) [_WIN32]: new. - (set_native_charset) [_WIN32]: Call it here and autodetect the - used code page. - (native_to_utf8, utf8_to_native): Reverted arguments for - iconv_open. - (handle_iconv_error): Made this function match iconv_open argumnet - ordering. - (utf8_to_native): Disable all quoting for DELIM == -1. - -2004-10-26 Werner Koch - - * strgutil.c (mem2str): Translated comment to English. - (handle_iconv_error) [USE_GNUPG_ICONV]: New. - (set_native_charset) [USE_GNUPG_ICONV]: Added iconv based - conversion checks. - (native_to_utf8, utf8_to_native): Added iconv based conversion. - -2004-10-21 Werner Koch - - * vasprintf.c: Removed. It was used only at one place and I don't - want to get into build problems in 1.4. - -2004-10-18 David Shaw - - * http.c (connect_server, send_request): Use the URI scheme as the - SRV tag rather than hard-coding _hkp. - -2004-10-16 David Shaw - - * http.c (connect_server): [_WIN32] actually fill in the sin_addr - so we aren't always talking to localhost. Add some general sanity - checking of parameters learned from gethostbyname(). - -2004-10-15 Werner Koch - - * vasprintf.c: New. Taken from gnupg 1.9. - -2004-10-14 Werner Koch - - * iobuf.c (iobuf_get_fd): Removed double check on directfp and - cats it to FILEP becuase directfp is actually a void *. Notes by - Stefan. - -2004-10-13 Werner Koch - - * logger.c (g10_log_error_f, g10_log_fatal_f, g10_log_info_f) - (g10_log_debug_f, print_prefix_f): Removed. - - * iobuf.c (iobuf_is_pipe_filename): New. - (iobuf_get_fd): New. - - * fileutil.c (is_file_compressed): Use it here. - -2004-09-30 David Shaw - - * iobuf.c (pop_filter): Make static. - - * dotlock.c (destroy_dotlock): New. Remove the handle from the - list of locks. - (release_dotlock): Don't act if we don't have any locks at all. - From Werner on stable branch. - -2004-09-10 David Shaw - - * http.c (make_radix64_string, do_parse_uri, send_request): Add - basic auth for proxies and direct requests. Suggested by Florent - Thoumie. - - * http.c (main): Fix test code for http-test. - -2004-09-09 Werner Koch - - * errors.c (g10_errstr): New error codes G10ERR_NO_CARD, - G10ERR_CANCELED. - - * ttyio.c (tty_get): Add readline support. - - * iobuf.c (iobuf_skip_rest): New. Orginal patch by Florian - Weimer. Added new argument PARTIAL. - -2004-08-19 David Shaw - - * http.c (insert_escapes): Fix encoding problem for non-URI-safe - characters. Noted by Vladimir Novak. - -2004-05-21 David Shaw - - * timegm.c: New replacement function. Removes the need for - setenv.c and unsetenv.c. - - * setenv.c: Removed. - - * unsetenv.c: Removed. - -2004-03-04 David Shaw - - * iobuf.c (block_filter): Remove the old gpg indeterminate length - mode. - (iobuf_set_block_mode, iobuf_in_block_mode): Removed as - superfluous. - -2004-03-01 David Shaw - - * iobuf.c (block_filter): Properly handle a partial body stream - that ends with a 5-byte length that happens to be zero. - -2004-02-28 David Shaw - - * unsetenv.c: Fixed debugging typo. - -2004-02-24 Werner Koch - - * secmem.c (lock_pool) [_AIX]: Also set errno. - -2004-02-21 David Shaw - - * miscutil.c (hextobyte): Moved here from g10/misc.c so I can use - it in the keyserver helpers. - -2004-02-20 David Shaw - - * mkdtemp.c: New (moved from g10/), setenv.c: New, unsetenv.c: - New. - - * Makefile.am: Include @LIBOBJS@ for replacement functions. - -2004-01-15 David Shaw - - * argparse.c (default_strusage): Update copyright date. - (initialize): Avoid a number of -Wformat-nonliteral warnings. - These aren't actual problems, but the warnings bothered me. - - * miscutil.c (print_string2): New variation on print_string that - allows two delimiters. - (print_string): Call print_string2 to do work. - -2003-12-29 David Shaw - - * g10u.c: Dead code. Remove. - - * Makefile.am: Don't compile g10u.c. - - * iobuf.c (block_filter): Properly handle a partial body stream - that ends with a 5-byte length. - -2003-12-28 David Shaw - - * http.c (send_request, http_open_document, http_open): Pass the - http proxy from outside rather than pulling it from the - evironment. - -2003-12-28 Stefan Bellon - - * riscos.c [__riscos__]: Better filetype handling (use a - different SWI) and removal of unnecessary function. - - * memory.c (out_of_core) [__riscos__]: Produce stack backtrace on - RISC OS if out_of_core() is called and M_GUARD is compiled in. - -2003-12-06 David Shaw - - * http.c (send_request): Add a Host: header for virtual hosts. - -2003-12-04 David Shaw - - * miscutil.c (answer_is_yes_no_default, answer_is_yes_no_quit): - Don't use alternate strings when not needed so we don't have to - re-translate them. Hopefully the comment will be enough to - indicate multiple match strings. - -2003-11-20 David Shaw - - * miscutil.c (match_multistr): New. Match against each segment in - a string with tokens separated by |. - (answer_is_yes_no_default, answer_is_yes_no_quit, - answer_is_okay_cancel): Use it here to enable alternate - translations. - -2003-11-01 David Shaw - - * http.c (connect_server): Differentiate between generic "can't - connect" errors and the more specific "host not found". Suggested - by Samuel Tardieu. - -2003-10-29 Werner Koch - - * miscutil.c (answer_is_okay_cancel): New. - -2003-10-25 Werner Koch - - * Makefile.am: Replaced INTLLIBS by LIBINTL. - -2003-10-23 Werner Koch - - * secmem.c (lock_pool) [_AIX]: Don't use plock. - -2003-10-12 David Shaw - - * srv.c: OSX 10.2.8/Darwin 6.8 seems to have some #include - ordering issues? Move sys/types.h up higher to work around. - -2003-10-08 Werner Koch - - * ttyio.c (tty_print_string, tty_print_utf8_string2) - (tty_print_utf8_string): Made string arg const. - -2003-09-28 Timo Schulz - - * strgutil.c [WIN32] (asprintf): New. - -2003-09-28 Werner Koch - - * ttyio.c (tty_fprintf): New. - -2003-09-21 Timo Schulz - - * http.c [WIN32]: Define MB_CUR_MAX. - (connect_server): use unsigned long since W32 does not have in_addr_t. - -2003-08-28 David Shaw - - * dotlock.c, http.c, iobuf.c, simple-gettext.c, srv.c, srv.h, - strgutil.c, ttyio.c, w32reg.c: s/__MINGW32__/_WIN32/ to help - building on native Windows compilers. Requested by Brian Gladman. - From Werner on stable branch. - - * http.c (connect_server): Oops - forgot to freeaddrinfo(). - -2003-08-24 David Shaw - - * http.c (connect_server): Try and use getaddrinfo if it is - available. Try for IPv6 via getaddrinfo() or a IPv6-ized - gethostbyname(). Suggested by Jun-ichiro itojun Hagino. - -2003-07-10 David Shaw (from Werner on stable branch) - - * iobuf.c (check_special_filename): Replaced is isdigit by digitp - to avoid passing negative values and potential locale problems. - Problem noted by Christian Biere. - * strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't - pass a negative value. - * miscutil.c (scan_isodatestr): Ditto. - -2003-05-30 David Shaw - - * srv.h, srv.c: Include windows.h with MINGW32. - -2003-05-24 David Shaw - - * argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c, - simple-gettext.c, errors.c, http.c, memory.c, secmem.c, ttyio.c: - Edit all preprocessor instructions to remove whitespace before the - '#'. This is not required by C89, but there are some compilers - out there that don't like it. - -2003-05-21 Werner Koch - - * fileutil.c (is_file_compressed): Fixed checking for "-" filename. - -2003-04-13 David Shaw - - * srv.c (main): Test against wwwkeys.pgp.net. - - * srv.h: Grr. The RH7.3 Linux man page defines the fourth arg of - dn_expand as unsigned char*, but it is really char* according to - resolv.h. - -2003-03-23 David Shaw - - * argparse.c (default_strusage): Change copyright date. - -2003-03-14 David Shaw - - * srv.h, srv.c (getsrv): Use unsigned char rather than char. - Noted by Stefan Bellon. - -2003-03-11 David Shaw - - * http.c (connect_server): Use DNS SRV to get a server list. Fail - over to A records if necessary. - - * Makefile.am, srv.h, srv.c: New DNS SRV handling code. - -2003-02-22 David Shaw - - * ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 - to indicate a string with no maximum size. This prevents early - truncation of strings that contain control chars which are - expanded into \xXX form. - -2002-12-26 David Shaw - - * iobuf.c (iobuf_flush): Only print debug info if debugging is on. - -2002-11-13 David Shaw - - * secmem.c (lock_pool) [__CYGWIN__]: Don't print secmem warning. - From Werner on stable branch. - -2002-11-09 Werner Koch - - * ttyio.c (TERMDEVICE): Removed. - (tty_get_ttyname): New. - (init_ttyfp): Use it here instead of the TERMDEVICE macro. - -2002-11-06 David Shaw - - * w32reg.c (read_w32_registry_string): Fixed expanding of the - environment buffer; didn't worked at all. Reported by Thijmen - Klok. From Werner on stable branch. - - * secmem.c (secmem_free, secmem_term): Use wipememory2() instead - of memset() to overwrite secure memory - - * iobuf.c (direct_open): Handle mode 'b' if O_BINARY is available. - From Werner on stable branch. - - * fileutil.c: Comment from stable branch. - -2002-10-31 Stefan Bellon - - * riscos.c (riscos_load_module, riscos_check_regexp): New. - (riscos_set_filetype_by_mimetype, riscos_dump_fdlist) - (riscos_fdopenfile, riscos_close_fds, riscos_renamefile) - (riscos_gstrans, riscos_list_openfiles, riscos_not_implemented): - Renamed functions to contain riscos prefix. - * dotlock.c [__riscos__]: Renames due to changes in riscos.c. - * fileutil.c [__riscos__]: Likewise. - -2002-10-29 Stefan Bellon - - * fileutil.c: Removed unnecessary left-over includes for RISC OS. - (make_filename): Tidied up RISC OS stuff. - (compare_filenames) [__riscos__]: Compare with ascii_strcasecmp(). - (make_basename) [__riscos__]: Branch to own RISC OS routine from - here. - - * riscos.c (riscos_make_basename): New. - -2002-10-28 Stefan Bellon - - * fileutil.c (make_basename) [__riscos__]: Cut off RISC OS' filing - systems from filepath. - - * riscos.c (riscos_get_filetype_from_string, riscos_get_filetype): - Added. - (riscos_set_filetype_by_number): Made public. - -2002-10-19 David Shaw - - * Makefile.am, regcomp.c, regex.c, regex_internal.c, - regex_internal.h, regexec.c: Add new regex files from glibc 2.3.1. - -2002-10-17 David Shaw - - * http.c (connect_server): Try all A records for names with - multiple addresses until one answers for both MINGW32 and not - MINGW32. - -2002-10-10 David Shaw - - * http.c (connect_server): Properly handle a single A record that - fails connect(). - -2002-10-03 David Shaw - - * logger.c (g10_log_warning, log_set_strict): Add new log_warning - logger command which can be switched between log_info and - log_error via log_set_strict. - -2002-09-24 David Shaw - - * http.c (connect_server): Try all A records for names with - multiple addresses until one answers (not MINGW32). - -2002-09-16 Werner Koch - - * w32reg.c (read_w32_registry_string): Fallback to HLM. - -2002-09-12 Stefan Bellon - - * fileutil.c (make_filename): Removed variable for RISC OS to - avoid compiler warning. - - * secmem.c: Removed static variable for RISC OS to avoid - compiler warning. - -2002-09-11 Werner Koch - - * simple-gettext.c: Disable charset mappings. We do it now when - installing the files. - -2002-09-09 Werner Koch - - * w32reg.c (read_w32_registry_string): Handle REG_EXPAND_SZ. - Suggested by Ryan Malayter. - - * strgutil.c (ascii_strcasecmp): Replaced by code from gnulib. - (ascii_strncasecmp): New. - -2002-09-02 Werner Koch - - * simple-gettext.c (set_gettext_file): Make sure that we only use - backslashes. - - * strgutil.c (set_native_charset): Allow NULL as argument to use - nl_langinfo for selection. Mapped latin-15 to latin-1. - -2002-08-30 Werner Koch - - * iobuf.c (block_filter): Removed the assert, so that one can pass - the first character of a message and use the block filter for - non partial length encoded packets. - -2002-08-06 Stefan Bellon - - * ttyio.c [__riscos__]: Moved low-level RISC OS stuff to riscos.c. - * riscos.c: Use new SWI calling mechanism of UnixLib. - -2002-08-03 Stefan Bellon - - * secmem.c (init_pool, secmem_term): Changed #if to #ifdef in - order to avoid warning with RISC OS' Norcroft C. - -2002-07-25 David Shaw - - * secmem.c: "Warning" -> "WARNING" - -2002-07-05 Werner Koch - - * argparse.c (initialize): We better exit after a read error so - that we don't run into an endless loop when reading a directory. - Noted by Andrew Suffield. - -2002-07-01 David Shaw - - * argparse.c (optfile_parse): Fix variable typo - 'p2' should be - 'p' :) - -2002-06-29 Werner Koch - - * argparse.c (optfile_parse): Renamed an auto I to P2 to avoid - shadowing warning. - -2002-06-21 Stefan Bellon - - * riscos.c (riscos_global_defaults): New. - -2002-06-20 Stefan Bellon - - * riscos.c (riscos_set_filetype_by_number, riscos_set_filetype): - New. Set RISC OS filetype according to MIME type. - -2002-06-14 David Shaw - - * strgutil.c (pop_strlist): New function to pop the head off of a - strlist. - -2002-06-05 Timo Schulz - - * fileutil.c (is_file_compressed): Corrected the magic values - for bzip2 and gzip. Noted by David. - -2002-05-22 Werner Koch - - * fileutil.c (compare_filenames): Replaced stricmp by strcasecmp. - * miscutil.c (answer_is_yes_no_quit,answer_is_yes_no_default): Ditto. - - * strgutil.c (strncasecmp): New. - (memicmp): Removed. - -2002-05-10 Stefan Bellon - - * memory.c (add_entry) [M_DEBUG]: Added some missing EXTRA_ALIGN. - (free_entry) [M_DEBUG]: Free secure memory via secmem_free. - (alloc_secure): Malloc at least 1 byte. - (realloc) [M_GUARD]: Added missing FNAMEARG to function call. - - * logger.c (g10_log_bug0) [__riscos__]: Make use of first - g10_log_bug0 function for later Norcroft compiler. - - * riscos.c: Added stdlib.h include. - -2002-05-04 Werner Koch - - * http.c (write_server) [__MINGW32__]: Replaced WriteFile by send - because sockets don't work with WriteFile under NT anymore. - -2002-05-03 David Shaw - - * argparse.c (optfile_parse): Remove quotes only if they totally - enclose the string, and do not occur within the string. This - makes specifying a program under Win32 easier when you need quotes - around part of a string, but not around the whole string. - -2002-05-02 Werner Koch - - * memory.c (alloc): Malloc at least 1 byte. Noted by Winona Brown. - -2002-04-23 David Shaw - - * miscutil.c: New function answer_is_yes_no_default() to give a - default answer. - -2002-04-22 Stefan Bellon - - * riscos.c (riscos_open, riscos_fopen, riscos_fstat, set_filetype): - Removed as they're not needed anymore. - - * iobuf.c (direct_open) [__riscos__]: Don't allow opening of - directories. - -2002-04-08 Werner Koch - - Fixed filename of last entry. - -2002-03-29 David Shaw - - * miscutil.c (print_string, utf8_to_native): If a delimiter is - used, then quote the backslash character as well. Problem noted - by Rainer Perske. - -2002-03-15 Werner Koch - - * argparse.c (optfile_parse): Fixed missing argument handling. - -2002-02-28 Timo Schulz - - * http.c (write_server): Convert integer to a HANDLE for W32. - -2002-01-27 David Shaw - - * iobuf.c (iobuf_fdopen, iobuf_sockopen): Do not cache fdopened - fds on close. - -2002-01-08 Werner Koch - - * secmem.c (print_warn): Print a pointer to the FAQ. - -2002-01-05 Werner Koch - - * argparse.c (default_strusage): Set default copyright date to 2002. - -2002-01-02 Stefan Bellon - - * iobuf.c [__riscos__]: Updated include file name. - - * fileutil.c [__riscos__]: Ditto. - - * ttyio.d [__riscos__]: Ditto. - - * riscos.c [__riscos__]: Ditto. Added debugging code and - unified error messages. - -2001-12-27 David Shaw - - * errors.c (g10_errstr): Added G10ERR_KEYSERVER - -2001-12-27 Werner Koch - - * simple-gettext.c [MINGW32]: Fixed last changed. - -2001-12-22 Stefan Bellon - - * memory.c (realloc): Fixed realloc not working when M_GUARD is - defined and first parameter is NULL. - -2001-12-22 Timo Schulz - - * fileutil.c (is_file_compressed): New. - -2001-12-19 Werner Koch - - * simple-gettext.c, w32reg.c [CYGWIN32]: Allow to use this file - -2001-10-11 Werner Koch - - * http.c (do_parse_uri): Changed initialization of the port number - so that it does also work with x-hkp. By David Shaw. - -2001-09-19 Werner Koch - - * w32reg.c (get_root_key): New. - (read_w32_registry_string): Use it here. - (write_w32_registry_string): New. Contributed by Timo. - - * iobuf.c (iobuf_ioctl): New command to disable fd - caching. Implemented no_cache flag where needed. - (iobuf_sockopen): Always set no_cache flag. - - * strgutil.c (utf8_to_native): Add a delim arg and changed all - callers. Make sure that quoting is done when translation is - disabled. - * miscutil.c (print_utf8_string2): New. - -2001-09-17 Werner Koch - - * miscutil.c (print_string): Use explicit ranges and not iscntrl(). - (make_printable_string): Ditto. - -2001-09-07 Werner Koch - - * strgutil.c (strsep): New, taken from glibc 2.2.1. - -2001-09-03 Werner Koch - - * miscutil.c (strtimestamp,asctimestamp): Avoid trigraphs. - -2001-08-21 Stefan Bellon - - * riscos.c [__riscos__] (close_fds): Fixed possible endless loop. - -2001-08-20 Werner Koch - - Applied patches from Stefan Bellon to support - RISC OS. Nearly all of these patches are identified by the - __riscos__ macro. - * secmem.c [__riscos__]: Disabled secure memory stuff. - * dotlock.c, ttyio.c [__riscos__]: Adapted for RISC OS - * fileutil.c, iobuf.c: Adapted for RISC OS; mainly replaced - hardcoded path separators with EXTSEP_S like macros. - * http.c (send_request): Use macros for the env-var name. - * logger.c [__riscos__]: Do an fflush at the end of each log - function. - * memory.c [__riscos__]: Minor patches - * riscos.c (set_filetype): New. - - * secmem.c (lock_pool): Under HPUX mlock is broken but we might - have plock, so we use this to lock the entire process. By Albert - Chin. - -2001-07-03 Werner Koch - - * strgutil.c (utf8_to_native): Fixed printing of invalid utf-8 - characters. Thomas Roessler reported that the escaping didn't work - correct. - -2001-06-12 Werner Koch - - * strgutil.c (ascii_memistr,ascii_isupper,ascii_islower, - ascii_toupper,ascii_tolower, ascii_strcasecmp, ascii_memcasecmp): New. - (set_native_charset): Use ascii_strcasecmp() - * fileutil.c (compare_filenames): Ditto - * miscutil.c (answer_is_yes): Ditto. - (answer_is_yes_no_quit): Ditto. - -2001-06-06 Werner Koch - - * strgutil.c (vasprintf) [__MINGW32__]: New. Taken from libiberty. - * ttyio.c (tty_printf) [__MINGW32__]: Replaced the sprintf with - the new vasprintf. - -2001-06-05 Werner Koch - - * dotlock.c (make_dotlock): Typo fixes. - -2001-05-25 Werner Koch - - * ttyio.c (do_get): Fixed a serious format string bug. Thanks to - fish stiqz. - -2001-05-23 Werner Koch - - * secmem.c (EPERM): Try to work around a Slackware problem. - -2001-05-05 Werner Koch - - * http.c (http_start_data): Flush before writing. - (http_wait_response): No need to flush here. - -2001-04-27 Werner Koch - - * memory.c (out_of_core): Print an explanation on reasons why - secret memory can get exhausted. - -2001-04-23 Werner Koch - - * http.c (http_wait_response): Implement new flag to inhibit the - TCP shutdown. - -2001-04-20 Werner Koch - - * http.c (http_start_data): Use write_server and not the iobuf - stuff. I wonder why we are at all using write_server - shouldn't - it be handled by iobuf? - - * strgutil.c (set_native_charset): Allow utf-8 by introducing the - new no_translation variable. - (native_to_utf8): Handle no_translation. - (utf8_to_native): Ditto. - -2001-04-19 Werner Koch - - * miscutil.c (asctimestamp): Handle negative times. We must do - this because Windoze segvs on negative times passed to gmtime(). - (strtimestamp): Ditto. - -2001-04-14 Werner Koch - - * strgutil.c (utf8_to_native): Fixed a segv. Thanks to Keith Clayton. - -2001-04-13 Werner Koch - - * iobuf.c (iobuf_fopen): Removed because it is not used and - furthermore mode is ignored for an fname of "-". Suggested by - Florian Weimer. - -2001-04-02 Werner Koch - - * iobuf.c (translate_file_handle): New. Use this function - everywhere in this file. - (iobuf_translate_file_handle): Always use the osfhandle stuff here - because callers don't know the implementation details of iobuf and - they expect that the handles are translated. - -2001-03-29 Werner Koch - - * miscutil.c (answer_is_yes): An empty string does now return no. - (answer_is_yes_no_quit): Likewise. - - * iobuf.c (iobuf_close): Burn the buffers. - -2001-03-26 Werner Koch - - * ttyio.c: Define TERMDEVICE depending on OS. - - * http.c (http_start_data): send a CRLF and not just a LF. - Pointed out by Steven Murdoch. - -2001-03-13 Werner Koch - - * iobuf.c (iobuf_sockopen): New. - (sock_filter) [__MINGW32__]: New. - (iobuf_ioctl): New. - (file_filter): Implemented keep_open mode. - * http.c (http_open, http_wait_response): Replaced iobuf_fdopen by - iobuf_sockopen and use an iobuf_ioctl to avoid the dup(). - (deinit_sockets, init_sockets) [__MINGW32__]: New. - (connect_server, write_server): Add code to work with W32 sockets. - -2001-03-12 Werner Koch - - * strgutil.c (check_trailing_chars,check_trailing_ws): New. - -2001-03-08 Werner Koch - - * argparse.c (default_strusage): Changed year of printed copyright - to 2001. - - * iobuf.c (fd_cache_invalidate, fd_cache_close, fd_cache_open): New. - (direct_open): Invalidate the fd_cache for read access. - (file_filter): Cache the close here. - (iobuf_open): Use new my_fopen_ro macro to try the cache first. - -2001-03-07 Werner Koch - - * iobuf.c: Made the old stdio file handling cpp conditional - controlled by FILE_FILTER_USES_STDIO and added a new - open/read/close based one. We don't need the stdio buffering - becuase we are doing our own buffering anyway. And it is a - prerequesite to allow the use of ReadFile et al for W32 which in - turn is needed to make the http stuff work there. The new W32 - stuff has also been implemented. Minor changes to all open functions. - (direct_open): New. - (file_filter): Core of the new read/write handling. - (iobuf_get_filelength): Use W32 API function here. But it is - currently limited to 2GB files. - (iobuf_seek): Ditto. - -2001-03-01 Werner Koch - - * errors.c (g10_errstr): New codes UNU_SECKEY and UNU_PUBKEY. - -2000-12-28 Werner Koch - - * dotlock.c: Made all_lockfiles volatile. - (remove_lockfiles): Made public. - -2000-11-30 Werner Koch - - * iobuf.c (iobuf_translate_file_handle): New. - (iobuf_open, iobuf_create): Use it for special filenames - -2000-11-11 Paul Eggert - - * iobuf.c (iobuf_get_filelength): Now returns off_t, not u32. - Remove kludges to worry about large files; the callers check - for files that are too large, and they should already be doing - the right thing in an implementation-independent way. - (fopen, fstat): Remove macros. - - * iobuf.c (iobuf_set_limit, iobuf_tell, iobuf_seek): - Use off_t, not ulong, for file offsets. - (): Include if needed. - (LONG_MAX, LONG_MIN): Define a substitute if needed. - (fseeko): Define a substitute if needed. - - * iobuf.c (iobuf_seek): Do not use %lu to report file - -2000-11-09 Werner Koch - - * iobuf.c (iobuf_enable_special_filenames): New. - (check_special_filename): New. - (iobuf_open): check for special filenames. - (iobuf_create): Ditto. - -2000-10-23 Werner Koch - - * secmem.c (lock_pool): Don't print warning for Windows. - -2000-10-16 Werner Koch - - * secmem.c (lock_pool): Fixed error checking for Linux. - By James Troup. - -Thu Sep 14 14:20:38 CEST 2000 Werner Koch - - * miscutil.c (answer_is_yes_no_quit): Swapped order of yes/no test - so that no is returned for an empty input. By David Champion. - -Wed Sep 6 17:55:47 CEST 2000 Werner Koch - - * iobuf.c: Use fopen64 insead of fopen when available. - (iobuf_get_filelength): Use fstat64 when available but return - 2^32-1 if the file is larger than this value. - -Wed Sep 6 14:59:09 CEST 2000 Werner Koch - - * secmem.c (secmem_realloc): check for failed secmem_malloc. By - Matt Kraai. - - * strgutil.c (utf8_to_native): Fixed null ptr problem. By - Giampaolo Tomassoni. - -Thu Jul 27 10:02:38 CEST 2000 Werner Koch - - * iobuf.c: Use setmode() at several places to set stdin and stdout - to binary mode for MSDOS based systems - - * iobuf.c (underflow): Initialize dummy_len to keep memory checker happy. - -Fri Jun 9 10:09:52 CEST 2000 Werner Koch - - * ttyio.c: Simulate termios with termios. By Dave Dykstra. - -Thu Jun 8 20:22:00 CEST 2000 Werner Koch - - * secmem.c (lock_pool,secmem_init): Additional check for dropped privs. - -Tue May 30 16:37:55 CEST 2000 Werner Koch - - * iobuf.c (iobuf_cancel): Fix for MSDOS. - -Fri Apr 14 19:37:08 CEST 2000 Werner Koch - - * dotlock.c (disable_dotlock): New. Implmented this in the module. - -2000-03-09 14:04:22 Werner Koch (wk@habibti.openit.de) - - * argparse.c (default_strusage): Changed year of default copyright. - -Tue Mar 7 18:45:31 CET 2000 Werner Koch - - * secmem.c (lock_pool): No more warning for QNX. By Sam Roberts. - -2000-03-02 15:51:04 Werner Koch (wk@habibti.gnupg.de) - - * ttyio.c (tty_print_utf8_string): Oops. - -Thu Mar 2 15:37:46 CET 2000 Werner Koch - - * ttyio.c (tty_print_utf8_string2): New to allow a max output size. - -Wed Feb 23 10:07:57 CET 2000 Werner Koch - - * miscutil.c (asctimestamp): Fix for possible buffer overflow by - large system returned date format string. - -Fri Dec 31 14:08:15 CET 1999 Werner Koch - - * logger.c (log_inc_errorcount): New. - -Sat Dec 4 12:30:28 CET 1999 Werner Koch - - * iobuf.c (iobuf_cancel): Broadcast the new Cancel mesaage to all - filters. - -Mon Nov 22 11:14:53 CET 1999 Werner Koch - - * strgutil.c (strcasecmp): New. - - * secmem.c (pool_is_mmapped): Made volatile. - -Sat Oct 9 20:34:41 CEST 1999 Werner Koch - - * Makefile.am: Removed libtool. - -Fri Oct 8 20:32:01 CEST 1999 Werner Koch - - * w32reg.c: New. - * simple-gettext.c: Use the Registry to locate the mo file. - - * http.c (send_request): Add support for proxys; suggested by - Walter Hofmann. - (http_open_document): Pass flags to http_open. - -Fri Sep 17 12:56:42 CEST 1999 Werner Koch - - - * secmem.c (lock_pool): Check for ENOSYS return my mlock() on - old SCOs. - - * ttyio.c (do_get): Replaced #if __MINGW32__ by #ifdef becuase - gcc 2.95.1 assigns a floating point value (0.2) to this macro, - which in turn can't be used in an expression. - -Wed Sep 15 16:22:17 CEST 1999 Werner Koch - - - * simple-gettext.c: New. - -Wed Sep 1 15:30:44 CEST 1999 Werner Koch - - - * argparse.c (arg_parse): Add standard options to the dump-options - output. - -Tue Aug 31 17:20:44 CEST 1999 Werner Koch - - - * strgutil (utf8_to_native): Implemented. - (check_utf8_string): Removed. - - * miscutil.c (make_printable_string): Fixed possible buffer overflow. - (print_utf8_string): New. - - * ttyio.c (tty_print_utf8_string): New. - -Mon Aug 30 20:38:33 CEST 1999 Werner Koch - - - * secmem.c (pool_okay): declared volatile. - - * miscutil.c (answer_is_yes): Always check for plain "yes". - (answer_is_yes_no_quit): Likewise. - - * dotlock.c (create_dotlock): Fixed segv during cleanup. - -Mon Jul 12 14:55:34 CEST 1999 Werner Koch - - - * argparse.c (initialize): Init ret_xxx. - (optfile_parse): Remove quotes from arguments. - -Wed Jul 7 13:08:40 CEST 1999 Werner Koch - - - * memory.c (membug): Use if either M_DEBUG or M_GUARD is used. - - * miscutil.c (scan_isodatestr): New. - - * logger.c (g10_log_mpidump): Moved to ../mpi/mpicoder.c - (g10_log_print_prefix): Renamed from print_prefix and made global. - - * Makefile.am: Support for libtool. - -Thu Jul 1 12:47:31 CEST 1999 Werner Koch - - - * miscutil.c (make_printable_string): New. - - * strgutil.c (add_to_strlist2,append_to_strlist2): New. - -Tue Jun 29 21:44:25 CEST 1999 Werner Koch - - - * secmem.c (USE_CAPABILITIES): Capabilities support (Remi). - -Sat Jun 26 12:15:59 CEST 1999 Werner Koch - - - * dotlock.c (create_dotlock): s/uts/utsbuf/ cause there an Amdahl - system with the name UTS (Dave Dykstra). - - * secmem.c (DEFAULT_POOLSIZE): Doubled the size. - -Fri Jun 18 00:18:02 CEST 1999 Michael Roth - - * iobuf.c: file_filter() Detection of EOF on terminals - improved/fixed (see Bug #21). - -Mon Jun 14 21:18:54 CEST 1999 Michael Roth - - * ttyio.c: tty_no_terminal() new. - -Sat Jun 5 15:30:33 CEST 1999 Werner Koch - - * strgutil.c (set_native_charset): Support Latin-2 - -Tue Jun 1 16:01:46 CEST 1999 Werner Koch - - * iobuf.c (iobuf_get_real_fname): Made global and now keep a - copy of the name in the iobuf struct. - -Mon May 31 19:41:10 CEST 1999 Werner Koch - - * iobuf.c (file_filter,block_filter): Speed patches (Rémi). - -Thu May 27 09:40:55 CEST 1999 Werner Koch - - * miscutil.c (answer_is_yes_no_quit): New. - -Sun May 23 14:20:22 CEST 1999 Werner Koch - - * dotlock.c: Tweaked to make it compile under mingw32 - * http.c: Disabled for mingw32. - -Sat May 22 22:47:26 CEST 1999 Werner Koch - - * logger.c (log_set_logfile): New. - -Thu May 20 14:04:08 CEST 1999 Werner Koch - - * memory.c (membug): Nanu, there was a const instead of a static. - - * strgutil.c (trim_trailing_chars): New. - -Mon May 17 21:54:43 CEST 1999 Werner Koch - - * logger.c (g10_log_hexdump): Made 2nd arg a const. - -Wed Apr 28 13:03:03 CEST 1999 Werner Koch - - * miscutil.c (asctimestamp): Use nl_langinfo (Gaël Quéri). - -Sun Apr 18 10:11:28 CEST 1999 Werner Koch - - * argparse.c (store_alias): Disabled becuase it is not used. - - * ttyio.c (tty_batchmode): New - -Sat Mar 20 11:44:21 CET 1999 Werner Koch - - * http.c: Swapped to includes. - -Tue Mar 2 16:44:57 CET 1999 Werner Koch - - * strgutil.c (get_native_charset): New. - -Fri Feb 26 17:55:41 CET 1999 Werner Koch - - * secmem.c (memblock_struct): Force align (Rémi Guyomarch) - -Wed Feb 24 11:07:27 CET 1999 Werner Koch - - * iobuf.c (block_filter): Fixed the oscillating partial packet chunks. - -Fri Feb 19 15:49:15 CET 1999 Werner Koch - - * iobuf.c (iobuf_push_filter2): New to allow transer of context - ownership to the iobuf. Released the context where needed. - -Tue Feb 16 14:10:02 CET 1999 Werner Koch - - * strgutil.c (add_to_strglist): Clear the new flags field - (append_to_strglist): Ditto. - - * dotlock.c (read_lockfile): terminate pidstr (Michael). - -Wed Feb 10 17:15:39 CET 1999 Werner Koch - - * dotlock.c (remove_lockfiles): Add cleanup function. - (make_dotlock): Add deadlock check. - - * secmem.c (secmem_malloc): Changed error message. - -Wed Jan 20 21:40:21 CET 1999 Werner Koch - - * http.c (http_wait_response): Moved the shutdown behind the dup - -Wed Jan 20 18:59:49 CET 1999 Werner Koch - - * http.c (send_request): Removed double LF - -Tue Jan 19 19:34:58 CET 1999 Werner Koch - - * * iobuf.c (iobuf_push_filter): Allow filters for temp streams - - (iobuf_write_temp): Ditto. - (iobuf_flush_temp): New. - (iobuf_unget_and_close_temp): Removed. - - * http.c (close_http_document): Renamed to http_close(). - (open_http_document): Renamed to http_open_document(). - (http_open): New. - (http_start_data): New. - (http_wait_response): New. - - -Sun Jan 17 11:04:33 CET 1999 Werner Koch - - * strgutil.c (trim_trailing_ws): New. - -Sat Jan 16 12:03:27 CET 1999 Werner Koch - - * http.c (connect_server): Fixed stupid bug. - -Sat Jan 16 09:27:30 CET 1999 Werner Koch - - * http.c: New - - -Wed Jan 13 14:10:15 CET 1999 Werner Koch - - * iobuf.c (iobuf_fdopen): New. - -Sat Jan 9 16:02:23 CET 1999 Werner Koch - - * secmem.c (lock_pool): add another check that setuid() worked. - (secmem_init): Ditto. - -Thu Jan 7 18:00:58 CET 1999 Werner Koch - - * iobuf.c (iobuf_clear_eof): Removed. - (underflow): Changed the eof handling. - (iobuf_pop_filter): Made static and renamed to pop_filter. - - * iobuf.c (iobuf_read_line): New. - -Sun Jan 3 15:28:44 CET 1999 Werner Koch - - * dotlock.c (make_dotlock): print another informal message. - - (make_dotlock): Removed the cpp checks. - - -Tue Dec 29 14:41:47 CET 1998 Werner Koch - - * secmem.c: Moved unistd.h out of the #ifdef - - * dotlock.c (make_dotlock): Sun has no SYS_NMLN - - * iobuf.c (iobuf_unget_and_close_temp): Reset .start - -Sat Dec 12 18:40:32 CET 1998 Werner Koch - - * argparse.c (arg_pars): fixed opts[i] with negative index. - -Fri Nov 27 21:37:41 CET 1998 Werner Koch - - * dotlock.c: Implemented - -Wed Nov 25 11:30:07 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.c (iobuf_pop_filter): Fixed sigsegv after error. - -Thu Nov 19 07:09:55 1998 Werner Koch - - * miscutil.c (strtimevalue): New. - -Tue Nov 10 10:01:53 1998 Werner Koch (wk@isil.d.shuttle.de) - - * strgutil.c (set_native_charset): New. - (native_to_utf8): Now handles koi8-r. - -Tue Nov 3 16:17:56 1998 Werner Koch (wk@isil.d.shuttle.de) - - * strgutil.c (native_to_utf8): New. - (utf8_to_native): New, but only as a stub. - - * argparse.c (optfile_parse): Trimmed spaces from args. - - -Wed Oct 28 08:01:49 1998 me,,, (wk@tobold) - - * argparse.c (find_long_option): New. - (arg_parse): option=value is now allowed. Add a new internal - option "--dump-options". - -Thu Oct 22 16:25:49 1998 Michael Roth (mroth@nessie.de) - - * fileutil.c (make_basename): New. - (make_dirname): New. - -Wed Oct 21 12:20:29 1998 Werner Koch (wk@isil.d.shuttle.de) - - * util.c (iobuf_flush): autoincreasing of a temp. iobuf - (iobuf_temp_with_content): New. - -Tue Oct 13 12:40:13 1998 Werner Koch (wk@isil.d.shuttle.de) - - * util.c (.nofast): set this variable - -Wed Oct 7 19:27:50 1998 Werner Koch (wk@isil.d.shuttle.de) - - * memory.c (m_print_stats): New. - -Tue Oct 6 09:53:56 1998 Werner Koch (wk@isil.d.shuttle.de) - - * strgutil.c (memicmp): Add HAVE_MEMICMP. - -Mon Sep 21 19:45:01 1998 Werner Koch (wk@(none)) - - * secmem.c: New flags to allow suspend/resume of warnings. - -Fri Sep 18 16:25:47 1998 Werner Koch (wk@(none)) - - * secmem.c (lock_pool): Kludge for broken mlock on HPUX 10.20 - -Tue Sep 15 17:52:21 1998 Werner Koch (wk@(none)) - - * miscutil.c (asctimestamp): New. - -Mon Sep 14 09:38:18 1998 Werner Koch (wk@(none)) - - * secmem.c (init_pool): Now mmaps /dev/zero if we do not have MAP_ANON. - -Wed Sep 9 13:52:28 1998 Werner Koch (wk@(none)) - - * ttyio.c (do_get): Ctrl-D is now a valid but special character - -Mon Sep 7 13:52:41 1998 Werner Koch (wk@(none)) - - * iobuf.c (get_real_fname): New and changed file_filter datastructures - and their initialization. - -Tue Aug 11 15:12:35 1998 Werner Koch (wk@(none)) - - * miscutil.c (answer_is_yes): i18ned - -Sat Aug 8 18:35:00 1998 Werner Koch (wk@(none)) - - * ttyio.c (cleanup): New. - -Mon Aug 3 17:06:00 1998 Werner Koch (wk@(none)) - - * secmem.c (MAP_ANON): Add a macro test - -Wed Jul 29 14:53:34 1998 Werner Koch (wk@(none)) - - * ttyio.c (tty_get_answer_is_yes): New. - -Tue Jul 21 10:35:48 1998 Werner Koch (wk@(none)) - - * argparse.c: New option flag to distinguish options and commands. - -Sat Jul 18 19:49:30 1998 Werner Koch (wk@(none)) - - * argparse.c (arg_parse): Added -? as alias for -h - -Thu Jul 9 14:47:20 1998 Werner Koch (wk@isil.d.shuttle.de) - - * secmem.c (secmem_init): Drops setuid if called with 0. - -Tue Jul 7 11:49:25 1998 Werner Koch (wk@isil.d.shuttle.de) - - * logger.c (log_set_filename): New. - -Mon Jul 6 09:03:49 1998 Werner Koch (wk@isil.d.shuttle.de) - - * strgutil.c (append_to_strlist): New. - -Thu Jul 2 15:55:44 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.c (block_filter): Add writing of OP partial length headers. - -Fri Jun 26 10:38:35 1998 Werner Koch (wk@isil.d.shuttle.de) - - * ttyio.c (do_get): all iso8859-1 characters are now allowed. - -Thu Jun 25 15:57:21 1998 Werner Koch (wk@isil.d.shuttle.de) - - * secmem.c (lock_pool): Removed left over test code. - -Wed Jun 10 07:39:41 1998 Werner Koch,mobil,,, (wk@tobold) - - * fileutil.c (compare_filenames): New. - - * argparse.c (arg_parse): New flag bit 6 to ignore --version - -Thu May 14 16:45:13 1998 Werner Koch (wk@isil.d.shuttle.de) - - * argparse.c (show_help): Add some formatting stuff - -Fri May 8 17:06:49 1998 Werner Koch (wk@isil.d.shuttle.de) - - * errors.c (strerror): New if !HAVE_STRERROR - -Mon May 4 19:48:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.c (iobuf_read): Code is now faster. - * (iobuf_write): ditto. - -Mon Apr 27 11:01:32 1998 Werner Koch (wk@isil.d.shuttle.de) - - * strgutil.c (memicmp): New. - -Thu Mar 19 11:29:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * strgutil.c (memistr): Add const to return and first arg. - -Sat Mar 7 11:54:35 1998 Werner Koch (wk@isil.d.shuttle.de) - - * miscutil.c (print_string): New arg delim; changed all callers. - -Thu Mar 5 12:19:30 1998 Werner Koch (wk@isil.d.shuttle.de) - - * errors.c: New strings. - -Thu Mar 5 12:06:31 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.c (iobuf_open): A name of "-" now opens stdin. - * fileutil.c (print_fname_stdout, print_fname_stdin): New. - -Fri Feb 27 10:20:03 1998 Werner Koch (wk@isil.d.shuttle.de) - - * memory.c (m_is_secure): Removed. - * secmem.c (m_is_secure): Moved to here. - - * secmem.c (secmem_realloc): New. - * memory.c (M_GUARD,EXTRA_ALIGN): New (all functions). - -Thu Feb 26 14:36:51 1998 Werner Koch (wk@isil.d.shuttle.de) - - * secmem.c (lock_pool): No error if EAGAIN is returned instead - of EPERM. - -Fri Feb 20 17:43:05 1998 Werner Koch (wk@isil.d.shuttle.de) - - * ttyio.c [MINGW32]: Add support for mingw32. - -Tue Feb 17 19:43:44 1998 Werner Koch (wk@isil.d.shuttle.de) - - * memory.c (dump_table_at_exit): New. - -Mon Feb 16 10:07:28 1998 Werner Koch (wk@isil.d.shuttle.de) - - * argparse.c (show_version, show_help, default_strusage): Changed - according to GNU standards. - -Mon Feb 16 08:58:25 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.c (iobuf_peek): New - -Fri Feb 13 19:34:59 1998 Werner Koch (wk@isil.d.shuttle.de) - - * iobuf.c (iobuf_seek): Set counters to new offset. - -Fri Feb 13 17:13:04 1998 Werner Koch (wk@isil.d.shuttle.de) - - * logger.c (log_set_name, log_get_name): New. - (print_prefix, pgm_name): New, changed all function to make use it. - (log_mpidump): Removed the "DBG" prefix. - (log_hexdump): Ditto. - - * logger.c (printstr): Removed. - -Fri Feb 13 15:14:13 1998 Werner Koch (wk@isil.d.shuttle.de) - - * argparse.c (show_help): New '\v' kludge. - - - - Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, - 2005 Free Software Foundation, Inc. - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - diff --git a/util/ChangeLog-2011 b/util/ChangeLog-2011 new file mode 100644 index 000000000..d101de648 --- /dev/null +++ b/util/ChangeLog-2011 @@ -0,0 +1,1933 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-09-12 Werner Koch + + * ttyio.c (init_ttyfp): Avoid endless loop due to a failed opening + of the tty. Suggested by Steven M. Schweda. + +2011-08-09 Werner Koch + + * pka.c (get_pka_info): Turn ANSWER into a union to avoid aliasing + problems with modern compilers. See bug#1307. Reported by Steve + Grubb. + (get_pka_info): Remove unused vars. + +2010-10-27 Werner Koch + + * miscutil.c (INVALID_TIME_CHECK): New. + (strtimestamp, isotimestamp, asctimestamp): Use it. + +2010-09-28 Steven M. Schweda (wk) + + Changes to help the VMS port. See + http://antinode.info/dec/sw/gnupg.html . + + * cert.c [__VMS]: Include cert_vms.h. + * ttyio.c [__VMS]: Include vms.h. + (init_ttyfp) [__VMS]: Make global. + (ttyfp_is) [__VMS]: New. + (do_get) [__VMS]: Disable terminal echo. + * srv.c [__VMS]: Include cert_vms.h. + * secmem.c (lock_pool) [__VMS]: Use log_warning. + * pka.c [USE_DNS_PKA]: Define T_CERT. + * logger.c [__VMS]: Include unistd.h and ttyio.h. + (g10_log_print_prefix) [__VMS]: Init logfp. + * iobuf.c [__VMS]: Include vms.h. + (iobuf_get_filelength) [__VMS]: Use VMS specific method. + +2009-09-03 Werner Koch + + * ttyio.c (tty_printf) [_WIN32]: s/xtryasprintf/xtryvasprint/ + * strgutil.c (xtryvasprintf): New. + + * estream-printf.c: Include stdint.h only if HAVE_STDINT_H is + defined. Problem reported by Nelson H. F. Beebe. + * estream.m4: Check for stdint.h. + + * estream-printf.c: Remove all test code. Use macro DEBUG instead + of TEST for debugging. + +2009-08-25 Werner Koch + + * compat.c: Change license to all-permissive. The GPL and the + exception does no make sense here. + (do_strconcat, xstrconcat): New. + +2009-08-18 Werner Koch + + * iobuf.c (fd_cache_close): Change debug printf format assuming + that FILEP_OR_FD is today always an int. + + * miscutil.c (print_string2): Loose check for control characters + to better cope with utf-8. The range 0x80..0x9f is nowadays not + anymore accidently used for control charaters. Fixes bug#1103. + +2009-08-11 David Shaw + + * strgutil.c (string_to_utf8): New function to convert a Latin-1 + string to UTF8. From GPA. + +2009-07-23 David Shaw + + * srv.c (getsrv): Fix type-punning warning. + (main): Allow testing any SRV. + +2009-07-21 Werner Koch + + * ttyio.c (tty_printf): Replace vasprintf by xtryasprintf. + (tty_fprintf): Ditto. + + * strgutil.c: Include estream-printf.h. + (xasprintf, xtryasprintf): New. + (vasprintf, asprintf): Remove. + + * estream-printf.c: New. Taken from libestream. + * Makefile.am (libutil_a_SOURCES): Add it. + + * memory.c (trymalloc,trystrdup): New. + + * convert.c: New. Taken from GnuPG 2.0 SVN. + * Makefile.am (libutil_a_SOURCES): Add it. + +2009-05-26 David Shaw + + * http.c (send_request): Pass in a STRLIST for additional headers. + Change all callers. + +2009-05-22 Werner Koch + + * ttyio.c (tty_cleanup_after_signal): New. + +2009-05-05 Werner Koch + + * dotlock.c: Merged changes from GnuPG-2. Better detection of + stale lockfiles and actual locking support on W32. Fixes bug#1028. + + * miscutil.c (isotime2seconds): New. + +2009-04-05 David Shaw + + * srv.h: Move to include/srv.h. + + * http.c (send_request): Pass in srvtag... + (http_open): ...from here. + +2009-04-02 David Shaw + + * http.c (connect_server): free (rather than xfree) the result of + getsrv(). + (http_open, http_open_document): Allow passing srvtag to http_open + and http_open_document. + + * Makefile.am: Make srv.c part of libcompat instead of libutil. + + * srv.c (getsrv): Raise maximum packet size to 2048, as PACKETSZ + is too small these days. Use libc malloc and free as we're part + of libcompat now which may not be linked to memory.c. + +2009-03-20 David Shaw + + * iobuf.c (fd_cache_synchronize): New. fsync() a file in cache. + (iobuf_ioctl): Called here, for ioctl 4. + (fd_cache_invalidate): Pass return code from close() back to + iobuf_ioctl(). + +2009-03-13 David Shaw + + * http.c (do_parse_uri): Properly handle IPv6 literal addresses as + per RFC-2732. Adapted from patch by Phil Pennock. + + * Makefile.am, http.c (start_server): Minor tweaks to get + http-test compiling again. + +2008-09-05 David Shaw + + * Makefile.am: Use $(CC) instead of "cc" to compile, as the user + might be overriding the compiler. + +2008-08-19 Werner Koch + + * iobuf.c: Avoid passing a NULL (iobuf_t)->desc to the log + function. Should in general never be NULL, but well. Reported by + M. Heneka. + +2008-03-06 David Shaw + + * argparse.c (default_strusage): Update copyright date. + +2007-10-23 Werner Koch + + Switched entire package to GPLv3+. The parts taken from libassuan + and glibc are kept at LGPLv2+; only the address as been chnaged. + + * argparse.c (strusage): Use id 10 for the license string; + defaults to GPL3+. Change long note to version 3 or later. + (show_version): Print the license info. + +2007-08-24 Werner Koch + + * fileutil.c (same_file_p): New. Taken from SVN trunk. + (compare_filenames) [HAVE_DRIVE_LETTERS]: Take drive letters and + backslashes in account. + +2007-04-16 David Shaw + + * strgutil.c (ascii_toupper, ascii_tolower, ascii_strcasecmp, + ascii_strncasecmp): Move functions to compat.c. + +2007-04-16 Werner Koch + + * secmem.c (init_pool): Avoid assigning a negative value to a + size_t. + +2007-04-16 David Shaw + + * secmem.c (init_pool): Use sysconf() if available to determine + page size. + +2007-04-15 David Shaw + + * argparse.c (default_strusage): Copyright 2007. + + * cert.c, srv.c, pka.c: Need arpa/inet.h for ntohs(). + +2007-02-26 Werner Koch + + * simple-gettext.c (set_gettext_file): Make use of the envvar + LANGUAGE to allow overriding of the registry setting. + +2007-02-12 Werner Koch + + * secmem.c (ptr_into_pool_p): New. + (m_is_secure): Implement in terms of above. Also check that the + pool has been initialized. + +2007-02-10 David Shaw + + * http.c (do_parse_uri): Remove the hkp port 11371 detection. We + implement hkp in the keyserver handler, and the support here makes + it appear like a bad hkp request actually succeeded. + +2007-01-31 David Shaw + + * ttyio.c (do_get): Assume that anything read from the user + without echoing to the screen is sensitive and put it in secure + memory. Suggested by Benjamin Bennett. + +2006-12-14 Werner Koch + + * http.c (http_wait_response): No more shutdown. Fixes bug#739. + +2006-10-02 David Shaw + + * strsep.c (strsep): It's strsep, not strsep2 from testing. (If I + had a dollar for every time I've done that...) + +2006-09-28 David Shaw + + * strgutil.c (strsep): Move to strsep.c for AC_REPLACE_FUNCS. + + * Makefile.am: Build libcompat.a for keyserver helpers. libutil.a + always contains everything in libcompat.a, so we only need to link + to one or the other. + + * miscutil.c: Move hextobyte to new file compat.c. + +2006-07-31 Werner Koch + + * iobuf.c (iobuf_ioctl, fd_cache_invalidate): Allow closing all + open files. + +2006-07-29 Marcus Brinkmann + + * secmem.c (init_pool): Close FD after establishing the mapping. + +2006-07-20 David Shaw + + * http.c (send_request): A zero-length proxy is the same as no + proxy at all. Suggested by J. Scott Berg. + +2006-04-17 David Shaw + + * miscutil.c (make_printable_string): Fix bug where some control + characters lose part of their ASCII representation. + +2006-04-11 David Shaw + + * memory.c (realloc): Revert m_guard fix and stick an #error in + there to inform people not to use it. + +2006-04-11 Werner Koch + + * iobuf.c (IOBUF_BUFFER_SIZE): New to replace hardwired 8192. + +2006-04-06 David Shaw + + * memory.c (realloc): Fix compile problem with --enable-m-guard. + +2006-03-30 David Shaw + + * cert.c (main): Fix test program build warning on OSX. + +2006-03-16 David Shaw + + * cert.c (get_cert): Handle the fixed IPGP type with fingerprint. + +2006-03-08 David Shaw + + * argparse.c (default_strusage): Update copyright year to 2006. + +2006-02-19 David Shaw + + * http.c (send_request): A zero length proxy is the same as no + proxy. + +2006-02-14 Werner Koch + + * errors.c (g10_errstr): Add NO_DATA. + +2006-01-26 David Shaw + + * cert.c (get_cert): Disable IPGP types for now until the format + questions in the draft are settled. + + * srv.c (getsrv): Error on oversize SRV responses. + +2005-12-24 David Shaw + + * cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs. + +2005-12-23 David Shaw + + * cert.c, Makefile.am: New code to do DNS CERT queries. + +2005-12-22 David Shaw + + * srv.c, Makefile.am: Only build srv.c if we need to. + +2005-12-10 Ryan Lortie (dshaw) + + * ttyio.c (tty_enable_completion, tty_disable_completion): Add + checks for no_terminal so we don't try to open("/dev/tty") when + invoked with --no-tty. + +2005-12-06 David Shaw + + * Makefile.am: Some cleanup so we don't build files that are + completely ifdeffed out. This causes a warning on Sun's cc. Do + the internal regex code as well for consistency. + + * mkdtemp.c (mkdtemp): Fix warning. + + * secmem.c, assuan-buffer.c, dotlock.c: Fix a few warnings from + printf-ing %p where the arg wasn't void *. + +2005-11-02 David Shaw + + * util.c [!HAVE_DECL_GETPAGESIZE]: Prototype getpagesize() if + unistd.h doesn't have it (for MinGW). + +2005-09-22 Werner Koch + + * iobuf.c (iobuf_get_filelength): New arg OVERFLOW. + (iobuf_get_filelength) [W32]: Use GetFileSizeEx if available. + * fileutil.c (is_file_compressed): Take care of the OVERFLOW + +2005-08-31 David Shaw + + * fileutil.c (untilde): New. Expand ~/foo and ~username/foo + filenames into full paths using $HOME if possible, or + getpwuid/getpwnam if necessary. + (make_filename): Use it here. + +2005-07-28 Werner Koch + + * pka.c: New. + (parse_txt_record): Changed from v=1 to v=pka1. + + * Makefile.am (pka-test): new. + +2005-07-27 Werner Koch + + * memory.c (FNAMEX, FNAMEXM): New macros to cope with the now used + names xmalloc style names. + +2005-07-18 Werner Koch + + * ttyio.c (do_get): Move printing of the prompt after disabling + echo. Suggested by Scott Worley. + +2005-06-23 David Shaw + + * http.c (make_radix64_string): Add '=' padding as per standard. + (send_request, http_open, http_open_document): Clean up auth code. + Can now support different auth for a proxy and the file being + requested via that proxy. Unescape auth strings. + +2005-06-22 David Shaw + + * memrchr.c (memrchr): Not all compilers allow initializing based + on a variable that is also being initialized. Noted by Nelson + H. F. Beebe. + +2005-06-21 David Shaw + + * http.c (send_request, http_open, http_open_document): Pass in + auth and proxyauth that can override the in-url auth. + + * http.c (send_request): Need == after the radix64-encoded basic + auth string. + +2005-06-08 David Shaw + + * dotlock.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on + mingw32. Noted by Joe Vender. + +2005-05-31 Werner Koch + + * regcomp.c (MB_CUR_MAX) [_WIN32]: Define it only if not defined. + +2005-05-29 David Shaw + + * strgutil.c (set_native_charset) [_WIN32]: Add alias for codepage + CP65001 to utf-8. + +2005-05-19 Werner Koch + + * membuf.c: New. Taken from gnupg 1.9. + +2005-05-05 David Shaw + + * miscutil.c (add_days_to_timestamp): Remove as unused. + +2005-04-12 David Shaw + + * assuan-client.c: Fix warning on OSX. + + * memrchr.c: New replacement function. + + * assuan-buffer.c: Use it here. + +2005-04-04 Werner Koch + + * memory.c (xcalloc, xcalloc_secure): New wrappers. + + * assuan-client.c (assuan_transact): Factored all code out to .. + (assuan_transact2): .. new. Add arg OKAY_CB. Wipe the memory + processed though that callback. + +2005-03-31 Werner Koch + + * isascii.c: New. This is an autoconf replacement function. + + * Makefile.am (assuan_source): New. Only used when agent support + has been requested. + * assuan-buffer.c, assuan-client.c, assuan-defs.h, + * assuan-errors.c, assuan-logging.c, assuan-socket-connect.c, + * assuan-socket.c, assuan-util.c, assuan-connect.c: New. Taken + from libassuan 0.6.9 and adjusted for our limited use of Assuan. + +2005-03-18 David Shaw + + * ttyio.c (tty_enable_completion, tty_disable_completion): Enable + and disable readline completion. + (init_ttyfp): Completion is disabled by default. + +2005-03-14 Werner Koch + + * miscutil.c (isotimestamp): New. + +2005-03-10 Werner Koch + + * secmem.c (secmem_realloc): Take control information into account + when checking whether a resize is needed. + +2005-03-08 Werner Koch + + * miscutil.c (asctimestamp) [W32]: Don't use %Z. + +2005-02-03 Werner Koch + + * w32reg.c (read_w32_registry_string): Fallback to HKLM also for a + missing name. + + * http.c (connect_server): Define ERR outside of the !W32 block. + +2005-02-01 David Shaw + + * http.c (connect_server): Fix fd leak when connecting to a + round-robin server set that has some down servers. Noted by Phil + Pennock. + +2005-01-20 Werner Koch + + * simple-gettext.c (set_gettext_file): Use MO files depending on + the installation directory. Add new arg REGKEY. + +2005-01-18 Werner Koch + + * argparse.c (default_strusage): Changed default copyright year to + 2005. + + * strgutil.c (handle_iconv_error): Print error messages only once. + (native_to_utf8, utf8_to_native): Ditto. + +2005-01-11 Werner Koch + + * strgutil.c (set_native_charset) [W32]: Use the alias table from + libiconv 1.9.2. + +2005-01-13 David Shaw + + * http.c (connect_server): Use INADDR_NONE instead of + SOCKET_ERROR. Noted by Timo. + +2005-01-06 Werner Koch + + * strgutil.c (set_native_charset): Assume that ASCII, + ANSI_X3.4-1968 and 646 are actually meant as Latin-1. If + nl_langinfo is not available get the charset from environment + variables. For W32 use GetACP as error fallback. Removed Latin-15 + to Latin-1 aliasing. + +2004-12-28 David Shaw + + * srv.h: Better implementation for the SRV check. We don't need + to actually check all the header files individually since the SRV + test compile uses them together. + +2004-12-20 Werner Koch + + * strgutil.c (handle_iconv_error): Turn diagnostics into warnings + so that gpg does not return with failure. + (native_to_utf8, utf8_to_native): Ditto. + +2004-12-16 Werner Koch + + * iobuf.c (fd_cache_strcmp) [W32]: Casting is a Bad Thing. Cast to + an unsigned char pointer and to an unsigned integer. + +2004-12-18 David Shaw + + * ttyio.c: Use only HAVE_LIBREADLINE to detect readline + availability. + +2004-12-16 David Shaw + + * srv.h: Don't include arpa/nameser.h unless we have it. Include + "types.h" for u16. + + * secmem.c (secmem_init): Return a flag to indicate whether we got + the lock. + +2004-12-06 Werner Koch + + * iobuf.c (fd_cache_strcmp): New. Use whenever we compare + filenames for the fd_cache. This is needed because the backslash + is an alias for a slash under W32. Reported by Tobias Winkler. + +2004-12-03 David Shaw + + * http.c (send_request): Include the port if non-80 in the Host: + header. Noted by Jason Harris. + +2004-11-03 Timo Schulz + + * strgutil.c (w32_strerror): New. + * ttyio.c (init_ttyfp, tty_printf, do_get): Use it here. + * iobuf.c (fd_cache_open, file_filter): Likewise. + (iobuf_seek, translate_file_handle): Likewise. + +2004-11-02 Werner Koch + + * strgutil.c (load_libiconv): Use log_info to avoid failures when + iconv.dll is not installed. + +2004-10-31 Werner Koch + + * simple-gettext.c (get_string): Removed debugging hack. + +2004-10-27 Werner Koch + + * simple-gettext.c: Removed windows.h. + (get_string): On the fly translation from utf-8 to active + character set. + + * strgutil.c (load_libiconv) [_WIN32]: new. + (set_native_charset) [_WIN32]: Call it here and autodetect the + used code page. + (native_to_utf8, utf8_to_native): Reverted arguments for + iconv_open. + (handle_iconv_error): Made this function match iconv_open argumnet + ordering. + (utf8_to_native): Disable all quoting for DELIM == -1. + +2004-10-26 Werner Koch + + * strgutil.c (mem2str): Translated comment to English. + (handle_iconv_error) [USE_GNUPG_ICONV]: New. + (set_native_charset) [USE_GNUPG_ICONV]: Added iconv based + conversion checks. + (native_to_utf8, utf8_to_native): Added iconv based conversion. + +2004-10-21 Werner Koch + + * vasprintf.c: Removed. It was used only at one place and I don't + want to get into build problems in 1.4. + +2004-10-18 David Shaw + + * http.c (connect_server, send_request): Use the URI scheme as the + SRV tag rather than hard-coding _hkp. + +2004-10-16 David Shaw + + * http.c (connect_server): [_WIN32] actually fill in the sin_addr + so we aren't always talking to localhost. Add some general sanity + checking of parameters learned from gethostbyname(). + +2004-10-15 Werner Koch + + * vasprintf.c: New. Taken from gnupg 1.9. + +2004-10-14 Werner Koch + + * iobuf.c (iobuf_get_fd): Removed double check on directfp and + cats it to FILEP becuase directfp is actually a void *. Notes by + Stefan. + +2004-10-13 Werner Koch + + * logger.c (g10_log_error_f, g10_log_fatal_f, g10_log_info_f) + (g10_log_debug_f, print_prefix_f): Removed. + + * iobuf.c (iobuf_is_pipe_filename): New. + (iobuf_get_fd): New. + + * fileutil.c (is_file_compressed): Use it here. + +2004-09-30 David Shaw + + * iobuf.c (pop_filter): Make static. + + * dotlock.c (destroy_dotlock): New. Remove the handle from the + list of locks. + (release_dotlock): Don't act if we don't have any locks at all. + From Werner on stable branch. + +2004-09-10 David Shaw + + * http.c (make_radix64_string, do_parse_uri, send_request): Add + basic auth for proxies and direct requests. Suggested by Florent + Thoumie. + + * http.c (main): Fix test code for http-test. + +2004-09-09 Werner Koch + + * errors.c (g10_errstr): New error codes G10ERR_NO_CARD, + G10ERR_CANCELED. + + * ttyio.c (tty_get): Add readline support. + + * iobuf.c (iobuf_skip_rest): New. Orginal patch by Florian + Weimer. Added new argument PARTIAL. + +2004-08-19 David Shaw + + * http.c (insert_escapes): Fix encoding problem for non-URI-safe + characters. Noted by Vladimir Novak. + +2004-05-21 David Shaw + + * timegm.c: New replacement function. Removes the need for + setenv.c and unsetenv.c. + + * setenv.c: Removed. + + * unsetenv.c: Removed. + +2004-03-04 David Shaw + + * iobuf.c (block_filter): Remove the old gpg indeterminate length + mode. + (iobuf_set_block_mode, iobuf_in_block_mode): Removed as + superfluous. + +2004-03-01 David Shaw + + * iobuf.c (block_filter): Properly handle a partial body stream + that ends with a 5-byte length that happens to be zero. + +2004-02-28 David Shaw + + * unsetenv.c: Fixed debugging typo. + +2004-02-24 Werner Koch + + * secmem.c (lock_pool) [_AIX]: Also set errno. + +2004-02-21 David Shaw + + * miscutil.c (hextobyte): Moved here from g10/misc.c so I can use + it in the keyserver helpers. + +2004-02-20 David Shaw + + * mkdtemp.c: New (moved from g10/), setenv.c: New, unsetenv.c: + New. + + * Makefile.am: Include @LIBOBJS@ for replacement functions. + +2004-01-15 David Shaw + + * argparse.c (default_strusage): Update copyright date. + (initialize): Avoid a number of -Wformat-nonliteral warnings. + These aren't actual problems, but the warnings bothered me. + + * miscutil.c (print_string2): New variation on print_string that + allows two delimiters. + (print_string): Call print_string2 to do work. + +2003-12-29 David Shaw + + * g10u.c: Dead code. Remove. + + * Makefile.am: Don't compile g10u.c. + + * iobuf.c (block_filter): Properly handle a partial body stream + that ends with a 5-byte length. + +2003-12-28 David Shaw + + * http.c (send_request, http_open_document, http_open): Pass the + http proxy from outside rather than pulling it from the + evironment. + +2003-12-28 Stefan Bellon + + * riscos.c [__riscos__]: Better filetype handling (use a + different SWI) and removal of unnecessary function. + + * memory.c (out_of_core) [__riscos__]: Produce stack backtrace on + RISC OS if out_of_core() is called and M_GUARD is compiled in. + +2003-12-06 David Shaw + + * http.c (send_request): Add a Host: header for virtual hosts. + +2003-12-04 David Shaw + + * miscutil.c (answer_is_yes_no_default, answer_is_yes_no_quit): + Don't use alternate strings when not needed so we don't have to + re-translate them. Hopefully the comment will be enough to + indicate multiple match strings. + +2003-11-20 David Shaw + + * miscutil.c (match_multistr): New. Match against each segment in + a string with tokens separated by |. + (answer_is_yes_no_default, answer_is_yes_no_quit, + answer_is_okay_cancel): Use it here to enable alternate + translations. + +2003-11-01 David Shaw + + * http.c (connect_server): Differentiate between generic "can't + connect" errors and the more specific "host not found". Suggested + by Samuel Tardieu. + +2003-10-29 Werner Koch + + * miscutil.c (answer_is_okay_cancel): New. + +2003-10-25 Werner Koch + + * Makefile.am: Replaced INTLLIBS by LIBINTL. + +2003-10-23 Werner Koch + + * secmem.c (lock_pool) [_AIX]: Don't use plock. + +2003-10-12 David Shaw + + * srv.c: OSX 10.2.8/Darwin 6.8 seems to have some #include + ordering issues? Move sys/types.h up higher to work around. + +2003-10-08 Werner Koch + + * ttyio.c (tty_print_string, tty_print_utf8_string2) + (tty_print_utf8_string): Made string arg const. + +2003-09-28 Timo Schulz + + * strgutil.c [WIN32] (asprintf): New. + +2003-09-28 Werner Koch + + * ttyio.c (tty_fprintf): New. + +2003-09-21 Timo Schulz + + * http.c [WIN32]: Define MB_CUR_MAX. + (connect_server): use unsigned long since W32 does not have in_addr_t. + +2003-08-28 David Shaw + + * dotlock.c, http.c, iobuf.c, simple-gettext.c, srv.c, srv.h, + strgutil.c, ttyio.c, w32reg.c: s/__MINGW32__/_WIN32/ to help + building on native Windows compilers. Requested by Brian Gladman. + From Werner on stable branch. + + * http.c (connect_server): Oops - forgot to freeaddrinfo(). + +2003-08-24 David Shaw + + * http.c (connect_server): Try and use getaddrinfo if it is + available. Try for IPv6 via getaddrinfo() or a IPv6-ized + gethostbyname(). Suggested by Jun-ichiro itojun Hagino. + +2003-07-10 David Shaw (from Werner on stable branch) + + * iobuf.c (check_special_filename): Replaced is isdigit by digitp + to avoid passing negative values and potential locale problems. + Problem noted by Christian Biere. + * strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't + pass a negative value. + * miscutil.c (scan_isodatestr): Ditto. + +2003-05-30 David Shaw + + * srv.h, srv.c: Include windows.h with MINGW32. + +2003-05-24 David Shaw + + * argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c, + simple-gettext.c, errors.c, http.c, memory.c, secmem.c, ttyio.c: + Edit all preprocessor instructions to remove whitespace before the + '#'. This is not required by C89, but there are some compilers + out there that don't like it. + +2003-05-21 Werner Koch + + * fileutil.c (is_file_compressed): Fixed checking for "-" filename. + +2003-04-13 David Shaw + + * srv.c (main): Test against wwwkeys.pgp.net. + + * srv.h: Grr. The RH7.3 Linux man page defines the fourth arg of + dn_expand as unsigned char*, but it is really char* according to + resolv.h. + +2003-03-23 David Shaw + + * argparse.c (default_strusage): Change copyright date. + +2003-03-14 David Shaw + + * srv.h, srv.c (getsrv): Use unsigned char rather than char. + Noted by Stefan Bellon. + +2003-03-11 David Shaw + + * http.c (connect_server): Use DNS SRV to get a server list. Fail + over to A records if necessary. + + * Makefile.am, srv.h, srv.c: New DNS SRV handling code. + +2003-02-22 David Shaw + + * ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 + to indicate a string with no maximum size. This prevents early + truncation of strings that contain control chars which are + expanded into \xXX form. + +2002-12-26 David Shaw + + * iobuf.c (iobuf_flush): Only print debug info if debugging is on. + +2002-11-13 David Shaw + + * secmem.c (lock_pool) [__CYGWIN__]: Don't print secmem warning. + From Werner on stable branch. + +2002-11-09 Werner Koch + + * ttyio.c (TERMDEVICE): Removed. + (tty_get_ttyname): New. + (init_ttyfp): Use it here instead of the TERMDEVICE macro. + +2002-11-06 David Shaw + + * w32reg.c (read_w32_registry_string): Fixed expanding of the + environment buffer; didn't worked at all. Reported by Thijmen + Klok. From Werner on stable branch. + + * secmem.c (secmem_free, secmem_term): Use wipememory2() instead + of memset() to overwrite secure memory + + * iobuf.c (direct_open): Handle mode 'b' if O_BINARY is available. + From Werner on stable branch. + + * fileutil.c: Comment from stable branch. + +2002-10-31 Stefan Bellon + + * riscos.c (riscos_load_module, riscos_check_regexp): New. + (riscos_set_filetype_by_mimetype, riscos_dump_fdlist) + (riscos_fdopenfile, riscos_close_fds, riscos_renamefile) + (riscos_gstrans, riscos_list_openfiles, riscos_not_implemented): + Renamed functions to contain riscos prefix. + * dotlock.c [__riscos__]: Renames due to changes in riscos.c. + * fileutil.c [__riscos__]: Likewise. + +2002-10-29 Stefan Bellon + + * fileutil.c: Removed unnecessary left-over includes for RISC OS. + (make_filename): Tidied up RISC OS stuff. + (compare_filenames) [__riscos__]: Compare with ascii_strcasecmp(). + (make_basename) [__riscos__]: Branch to own RISC OS routine from + here. + + * riscos.c (riscos_make_basename): New. + +2002-10-28 Stefan Bellon + + * fileutil.c (make_basename) [__riscos__]: Cut off RISC OS' filing + systems from filepath. + + * riscos.c (riscos_get_filetype_from_string, riscos_get_filetype): + Added. + (riscos_set_filetype_by_number): Made public. + +2002-10-19 David Shaw + + * Makefile.am, regcomp.c, regex.c, regex_internal.c, + regex_internal.h, regexec.c: Add new regex files from glibc 2.3.1. + +2002-10-17 David Shaw + + * http.c (connect_server): Try all A records for names with + multiple addresses until one answers for both MINGW32 and not + MINGW32. + +2002-10-10 David Shaw + + * http.c (connect_server): Properly handle a single A record that + fails connect(). + +2002-10-03 David Shaw + + * logger.c (g10_log_warning, log_set_strict): Add new log_warning + logger command which can be switched between log_info and + log_error via log_set_strict. + +2002-09-24 David Shaw + + * http.c (connect_server): Try all A records for names with + multiple addresses until one answers (not MINGW32). + +2002-09-16 Werner Koch + + * w32reg.c (read_w32_registry_string): Fallback to HLM. + +2002-09-12 Stefan Bellon + + * fileutil.c (make_filename): Removed variable for RISC OS to + avoid compiler warning. + + * secmem.c: Removed static variable for RISC OS to avoid + compiler warning. + +2002-09-11 Werner Koch + + * simple-gettext.c: Disable charset mappings. We do it now when + installing the files. + +2002-09-09 Werner Koch + + * w32reg.c (read_w32_registry_string): Handle REG_EXPAND_SZ. + Suggested by Ryan Malayter. + + * strgutil.c (ascii_strcasecmp): Replaced by code from gnulib. + (ascii_strncasecmp): New. + +2002-09-02 Werner Koch + + * simple-gettext.c (set_gettext_file): Make sure that we only use + backslashes. + + * strgutil.c (set_native_charset): Allow NULL as argument to use + nl_langinfo for selection. Mapped latin-15 to latin-1. + +2002-08-30 Werner Koch + + * iobuf.c (block_filter): Removed the assert, so that one can pass + the first character of a message and use the block filter for + non partial length encoded packets. + +2002-08-06 Stefan Bellon + + * ttyio.c [__riscos__]: Moved low-level RISC OS stuff to riscos.c. + * riscos.c: Use new SWI calling mechanism of UnixLib. + +2002-08-03 Stefan Bellon + + * secmem.c (init_pool, secmem_term): Changed #if to #ifdef in + order to avoid warning with RISC OS' Norcroft C. + +2002-07-25 David Shaw + + * secmem.c: "Warning" -> "WARNING" + +2002-07-05 Werner Koch + + * argparse.c (initialize): We better exit after a read error so + that we don't run into an endless loop when reading a directory. + Noted by Andrew Suffield. + +2002-07-01 David Shaw + + * argparse.c (optfile_parse): Fix variable typo - 'p2' should be + 'p' :) + +2002-06-29 Werner Koch + + * argparse.c (optfile_parse): Renamed an auto I to P2 to avoid + shadowing warning. + +2002-06-21 Stefan Bellon + + * riscos.c (riscos_global_defaults): New. + +2002-06-20 Stefan Bellon + + * riscos.c (riscos_set_filetype_by_number, riscos_set_filetype): + New. Set RISC OS filetype according to MIME type. + +2002-06-14 David Shaw + + * strgutil.c (pop_strlist): New function to pop the head off of a + strlist. + +2002-06-05 Timo Schulz + + * fileutil.c (is_file_compressed): Corrected the magic values + for bzip2 and gzip. Noted by David. + +2002-05-22 Werner Koch + + * fileutil.c (compare_filenames): Replaced stricmp by strcasecmp. + * miscutil.c (answer_is_yes_no_quit,answer_is_yes_no_default): Ditto. + + * strgutil.c (strncasecmp): New. + (memicmp): Removed. + +2002-05-10 Stefan Bellon + + * memory.c (add_entry) [M_DEBUG]: Added some missing EXTRA_ALIGN. + (free_entry) [M_DEBUG]: Free secure memory via secmem_free. + (alloc_secure): Malloc at least 1 byte. + (realloc) [M_GUARD]: Added missing FNAMEARG to function call. + + * logger.c (g10_log_bug0) [__riscos__]: Make use of first + g10_log_bug0 function for later Norcroft compiler. + + * riscos.c: Added stdlib.h include. + +2002-05-04 Werner Koch + + * http.c (write_server) [__MINGW32__]: Replaced WriteFile by send + because sockets don't work with WriteFile under NT anymore. + +2002-05-03 David Shaw + + * argparse.c (optfile_parse): Remove quotes only if they totally + enclose the string, and do not occur within the string. This + makes specifying a program under Win32 easier when you need quotes + around part of a string, but not around the whole string. + +2002-05-02 Werner Koch + + * memory.c (alloc): Malloc at least 1 byte. Noted by Winona Brown. + +2002-04-23 David Shaw + + * miscutil.c: New function answer_is_yes_no_default() to give a + default answer. + +2002-04-22 Stefan Bellon + + * riscos.c (riscos_open, riscos_fopen, riscos_fstat, set_filetype): + Removed as they're not needed anymore. + + * iobuf.c (direct_open) [__riscos__]: Don't allow opening of + directories. + +2002-04-08 Werner Koch + + Fixed filename of last entry. + +2002-03-29 David Shaw + + * miscutil.c (print_string, utf8_to_native): If a delimiter is + used, then quote the backslash character as well. Problem noted + by Rainer Perske. + +2002-03-15 Werner Koch + + * argparse.c (optfile_parse): Fixed missing argument handling. + +2002-02-28 Timo Schulz + + * http.c (write_server): Convert integer to a HANDLE for W32. + +2002-01-27 David Shaw + + * iobuf.c (iobuf_fdopen, iobuf_sockopen): Do not cache fdopened + fds on close. + +2002-01-08 Werner Koch + + * secmem.c (print_warn): Print a pointer to the FAQ. + +2002-01-05 Werner Koch + + * argparse.c (default_strusage): Set default copyright date to 2002. + +2002-01-02 Stefan Bellon + + * iobuf.c [__riscos__]: Updated include file name. + + * fileutil.c [__riscos__]: Ditto. + + * ttyio.d [__riscos__]: Ditto. + + * riscos.c [__riscos__]: Ditto. Added debugging code and + unified error messages. + +2001-12-27 David Shaw + + * errors.c (g10_errstr): Added G10ERR_KEYSERVER + +2001-12-27 Werner Koch + + * simple-gettext.c [MINGW32]: Fixed last changed. + +2001-12-22 Stefan Bellon + + * memory.c (realloc): Fixed realloc not working when M_GUARD is + defined and first parameter is NULL. + +2001-12-22 Timo Schulz + + * fileutil.c (is_file_compressed): New. + +2001-12-19 Werner Koch + + * simple-gettext.c, w32reg.c [CYGWIN32]: Allow to use this file + +2001-10-11 Werner Koch + + * http.c (do_parse_uri): Changed initialization of the port number + so that it does also work with x-hkp. By David Shaw. + +2001-09-19 Werner Koch + + * w32reg.c (get_root_key): New. + (read_w32_registry_string): Use it here. + (write_w32_registry_string): New. Contributed by Timo. + + * iobuf.c (iobuf_ioctl): New command to disable fd + caching. Implemented no_cache flag where needed. + (iobuf_sockopen): Always set no_cache flag. + + * strgutil.c (utf8_to_native): Add a delim arg and changed all + callers. Make sure that quoting is done when translation is + disabled. + * miscutil.c (print_utf8_string2): New. + +2001-09-17 Werner Koch + + * miscutil.c (print_string): Use explicit ranges and not iscntrl(). + (make_printable_string): Ditto. + +2001-09-07 Werner Koch + + * strgutil.c (strsep): New, taken from glibc 2.2.1. + +2001-09-03 Werner Koch + + * miscutil.c (strtimestamp,asctimestamp): Avoid trigraphs. + +2001-08-21 Stefan Bellon + + * riscos.c [__riscos__] (close_fds): Fixed possible endless loop. + +2001-08-20 Werner Koch + + Applied patches from Stefan Bellon to support + RISC OS. Nearly all of these patches are identified by the + __riscos__ macro. + * secmem.c [__riscos__]: Disabled secure memory stuff. + * dotlock.c, ttyio.c [__riscos__]: Adapted for RISC OS + * fileutil.c, iobuf.c: Adapted for RISC OS; mainly replaced + hardcoded path separators with EXTSEP_S like macros. + * http.c (send_request): Use macros for the env-var name. + * logger.c [__riscos__]: Do an fflush at the end of each log + function. + * memory.c [__riscos__]: Minor patches + * riscos.c (set_filetype): New. + + * secmem.c (lock_pool): Under HPUX mlock is broken but we might + have plock, so we use this to lock the entire process. By Albert + Chin. + +2001-07-03 Werner Koch + + * strgutil.c (utf8_to_native): Fixed printing of invalid utf-8 + characters. Thomas Roessler reported that the escaping didn't work + correct. + +2001-06-12 Werner Koch + + * strgutil.c (ascii_memistr,ascii_isupper,ascii_islower, + ascii_toupper,ascii_tolower, ascii_strcasecmp, ascii_memcasecmp): New. + (set_native_charset): Use ascii_strcasecmp() + * fileutil.c (compare_filenames): Ditto + * miscutil.c (answer_is_yes): Ditto. + (answer_is_yes_no_quit): Ditto. + +2001-06-06 Werner Koch + + * strgutil.c (vasprintf) [__MINGW32__]: New. Taken from libiberty. + * ttyio.c (tty_printf) [__MINGW32__]: Replaced the sprintf with + the new vasprintf. + +2001-06-05 Werner Koch + + * dotlock.c (make_dotlock): Typo fixes. + +2001-05-25 Werner Koch + + * ttyio.c (do_get): Fixed a serious format string bug. Thanks to + fish stiqz. + +2001-05-23 Werner Koch + + * secmem.c (EPERM): Try to work around a Slackware problem. + +2001-05-05 Werner Koch + + * http.c (http_start_data): Flush before writing. + (http_wait_response): No need to flush here. + +2001-04-27 Werner Koch + + * memory.c (out_of_core): Print an explanation on reasons why + secret memory can get exhausted. + +2001-04-23 Werner Koch + + * http.c (http_wait_response): Implement new flag to inhibit the + TCP shutdown. + +2001-04-20 Werner Koch + + * http.c (http_start_data): Use write_server and not the iobuf + stuff. I wonder why we are at all using write_server - shouldn't + it be handled by iobuf? + + * strgutil.c (set_native_charset): Allow utf-8 by introducing the + new no_translation variable. + (native_to_utf8): Handle no_translation. + (utf8_to_native): Ditto. + +2001-04-19 Werner Koch + + * miscutil.c (asctimestamp): Handle negative times. We must do + this because Windoze segvs on negative times passed to gmtime(). + (strtimestamp): Ditto. + +2001-04-14 Werner Koch + + * strgutil.c (utf8_to_native): Fixed a segv. Thanks to Keith Clayton. + +2001-04-13 Werner Koch + + * iobuf.c (iobuf_fopen): Removed because it is not used and + furthermore mode is ignored for an fname of "-". Suggested by + Florian Weimer. + +2001-04-02 Werner Koch + + * iobuf.c (translate_file_handle): New. Use this function + everywhere in this file. + (iobuf_translate_file_handle): Always use the osfhandle stuff here + because callers don't know the implementation details of iobuf and + they expect that the handles are translated. + +2001-03-29 Werner Koch + + * miscutil.c (answer_is_yes): An empty string does now return no. + (answer_is_yes_no_quit): Likewise. + + * iobuf.c (iobuf_close): Burn the buffers. + +2001-03-26 Werner Koch + + * ttyio.c: Define TERMDEVICE depending on OS. + + * http.c (http_start_data): send a CRLF and not just a LF. + Pointed out by Steven Murdoch. + +2001-03-13 Werner Koch + + * iobuf.c (iobuf_sockopen): New. + (sock_filter) [__MINGW32__]: New. + (iobuf_ioctl): New. + (file_filter): Implemented keep_open mode. + * http.c (http_open, http_wait_response): Replaced iobuf_fdopen by + iobuf_sockopen and use an iobuf_ioctl to avoid the dup(). + (deinit_sockets, init_sockets) [__MINGW32__]: New. + (connect_server, write_server): Add code to work with W32 sockets. + +2001-03-12 Werner Koch + + * strgutil.c (check_trailing_chars,check_trailing_ws): New. + +2001-03-08 Werner Koch + + * argparse.c (default_strusage): Changed year of printed copyright + to 2001. + + * iobuf.c (fd_cache_invalidate, fd_cache_close, fd_cache_open): New. + (direct_open): Invalidate the fd_cache for read access. + (file_filter): Cache the close here. + (iobuf_open): Use new my_fopen_ro macro to try the cache first. + +2001-03-07 Werner Koch + + * iobuf.c: Made the old stdio file handling cpp conditional + controlled by FILE_FILTER_USES_STDIO and added a new + open/read/close based one. We don't need the stdio buffering + becuase we are doing our own buffering anyway. And it is a + prerequesite to allow the use of ReadFile et al for W32 which in + turn is needed to make the http stuff work there. The new W32 + stuff has also been implemented. Minor changes to all open functions. + (direct_open): New. + (file_filter): Core of the new read/write handling. + (iobuf_get_filelength): Use W32 API function here. But it is + currently limited to 2GB files. + (iobuf_seek): Ditto. + +2001-03-01 Werner Koch + + * errors.c (g10_errstr): New codes UNU_SECKEY and UNU_PUBKEY. + +2000-12-28 Werner Koch + + * dotlock.c: Made all_lockfiles volatile. + (remove_lockfiles): Made public. + +2000-11-30 Werner Koch + + * iobuf.c (iobuf_translate_file_handle): New. + (iobuf_open, iobuf_create): Use it for special filenames + +2000-11-11 Paul Eggert + + * iobuf.c (iobuf_get_filelength): Now returns off_t, not u32. + Remove kludges to worry about large files; the callers check + for files that are too large, and they should already be doing + the right thing in an implementation-independent way. + (fopen, fstat): Remove macros. + + * iobuf.c (iobuf_set_limit, iobuf_tell, iobuf_seek): + Use off_t, not ulong, for file offsets. + (): Include if needed. + (LONG_MAX, LONG_MIN): Define a substitute if needed. + (fseeko): Define a substitute if needed. + + * iobuf.c (iobuf_seek): Do not use %lu to report file + +2000-11-09 Werner Koch + + * iobuf.c (iobuf_enable_special_filenames): New. + (check_special_filename): New. + (iobuf_open): check for special filenames. + (iobuf_create): Ditto. + +2000-10-23 Werner Koch + + * secmem.c (lock_pool): Don't print warning for Windows. + +2000-10-16 Werner Koch + + * secmem.c (lock_pool): Fixed error checking for Linux. + By James Troup. + +Thu Sep 14 14:20:38 CEST 2000 Werner Koch + + * miscutil.c (answer_is_yes_no_quit): Swapped order of yes/no test + so that no is returned for an empty input. By David Champion. + +Wed Sep 6 17:55:47 CEST 2000 Werner Koch + + * iobuf.c: Use fopen64 insead of fopen when available. + (iobuf_get_filelength): Use fstat64 when available but return + 2^32-1 if the file is larger than this value. + +Wed Sep 6 14:59:09 CEST 2000 Werner Koch + + * secmem.c (secmem_realloc): check for failed secmem_malloc. By + Matt Kraai. + + * strgutil.c (utf8_to_native): Fixed null ptr problem. By + Giampaolo Tomassoni. + +Thu Jul 27 10:02:38 CEST 2000 Werner Koch + + * iobuf.c: Use setmode() at several places to set stdin and stdout + to binary mode for MSDOS based systems + + * iobuf.c (underflow): Initialize dummy_len to keep memory checker happy. + +Fri Jun 9 10:09:52 CEST 2000 Werner Koch + + * ttyio.c: Simulate termios with termios. By Dave Dykstra. + +Thu Jun 8 20:22:00 CEST 2000 Werner Koch + + * secmem.c (lock_pool,secmem_init): Additional check for dropped privs. + +Tue May 30 16:37:55 CEST 2000 Werner Koch + + * iobuf.c (iobuf_cancel): Fix for MSDOS. + +Fri Apr 14 19:37:08 CEST 2000 Werner Koch + + * dotlock.c (disable_dotlock): New. Implmented this in the module. + +2000-03-09 14:04:22 Werner Koch (wk@habibti.openit.de) + + * argparse.c (default_strusage): Changed year of default copyright. + +Tue Mar 7 18:45:31 CET 2000 Werner Koch + + * secmem.c (lock_pool): No more warning for QNX. By Sam Roberts. + +2000-03-02 15:51:04 Werner Koch (wk@habibti.gnupg.de) + + * ttyio.c (tty_print_utf8_string): Oops. + +Thu Mar 2 15:37:46 CET 2000 Werner Koch + + * ttyio.c (tty_print_utf8_string2): New to allow a max output size. + +Wed Feb 23 10:07:57 CET 2000 Werner Koch + + * miscutil.c (asctimestamp): Fix for possible buffer overflow by + large system returned date format string. + +Fri Dec 31 14:08:15 CET 1999 Werner Koch + + * logger.c (log_inc_errorcount): New. + +Sat Dec 4 12:30:28 CET 1999 Werner Koch + + * iobuf.c (iobuf_cancel): Broadcast the new Cancel mesaage to all + filters. + +Mon Nov 22 11:14:53 CET 1999 Werner Koch + + * strgutil.c (strcasecmp): New. + + * secmem.c (pool_is_mmapped): Made volatile. + +Sat Oct 9 20:34:41 CEST 1999 Werner Koch + + * Makefile.am: Removed libtool. + +Fri Oct 8 20:32:01 CEST 1999 Werner Koch + + * w32reg.c: New. + * simple-gettext.c: Use the Registry to locate the mo file. + + * http.c (send_request): Add support for proxys; suggested by + Walter Hofmann. + (http_open_document): Pass flags to http_open. + +Fri Sep 17 12:56:42 CEST 1999 Werner Koch + + + * secmem.c (lock_pool): Check for ENOSYS return my mlock() on + old SCOs. + + * ttyio.c (do_get): Replaced #if __MINGW32__ by #ifdef becuase + gcc 2.95.1 assigns a floating point value (0.2) to this macro, + which in turn can't be used in an expression. + +Wed Sep 15 16:22:17 CEST 1999 Werner Koch + + + * simple-gettext.c: New. + +Wed Sep 1 15:30:44 CEST 1999 Werner Koch + + + * argparse.c (arg_parse): Add standard options to the dump-options + output. + +Tue Aug 31 17:20:44 CEST 1999 Werner Koch + + + * strgutil (utf8_to_native): Implemented. + (check_utf8_string): Removed. + + * miscutil.c (make_printable_string): Fixed possible buffer overflow. + (print_utf8_string): New. + + * ttyio.c (tty_print_utf8_string): New. + +Mon Aug 30 20:38:33 CEST 1999 Werner Koch + + + * secmem.c (pool_okay): declared volatile. + + * miscutil.c (answer_is_yes): Always check for plain "yes". + (answer_is_yes_no_quit): Likewise. + + * dotlock.c (create_dotlock): Fixed segv during cleanup. + +Mon Jul 12 14:55:34 CEST 1999 Werner Koch + + + * argparse.c (initialize): Init ret_xxx. + (optfile_parse): Remove quotes from arguments. + +Wed Jul 7 13:08:40 CEST 1999 Werner Koch + + + * memory.c (membug): Use if either M_DEBUG or M_GUARD is used. + + * miscutil.c (scan_isodatestr): New. + + * logger.c (g10_log_mpidump): Moved to ../mpi/mpicoder.c + (g10_log_print_prefix): Renamed from print_prefix and made global. + + * Makefile.am: Support for libtool. + +Thu Jul 1 12:47:31 CEST 1999 Werner Koch + + + * miscutil.c (make_printable_string): New. + + * strgutil.c (add_to_strlist2,append_to_strlist2): New. + +Tue Jun 29 21:44:25 CEST 1999 Werner Koch + + + * secmem.c (USE_CAPABILITIES): Capabilities support (Remi). + +Sat Jun 26 12:15:59 CEST 1999 Werner Koch + + + * dotlock.c (create_dotlock): s/uts/utsbuf/ cause there an Amdahl + system with the name UTS (Dave Dykstra). + + * secmem.c (DEFAULT_POOLSIZE): Doubled the size. + +Fri Jun 18 00:18:02 CEST 1999 Michael Roth + + * iobuf.c: file_filter() Detection of EOF on terminals + improved/fixed (see Bug #21). + +Mon Jun 14 21:18:54 CEST 1999 Michael Roth + + * ttyio.c: tty_no_terminal() new. + +Sat Jun 5 15:30:33 CEST 1999 Werner Koch + + * strgutil.c (set_native_charset): Support Latin-2 + +Tue Jun 1 16:01:46 CEST 1999 Werner Koch + + * iobuf.c (iobuf_get_real_fname): Made global and now keep a + copy of the name in the iobuf struct. + +Mon May 31 19:41:10 CEST 1999 Werner Koch + + * iobuf.c (file_filter,block_filter): Speed patches (Rémi). + +Thu May 27 09:40:55 CEST 1999 Werner Koch + + * miscutil.c (answer_is_yes_no_quit): New. + +Sun May 23 14:20:22 CEST 1999 Werner Koch + + * dotlock.c: Tweaked to make it compile under mingw32 + * http.c: Disabled for mingw32. + +Sat May 22 22:47:26 CEST 1999 Werner Koch + + * logger.c (log_set_logfile): New. + +Thu May 20 14:04:08 CEST 1999 Werner Koch + + * memory.c (membug): Nanu, there was a const instead of a static. + + * strgutil.c (trim_trailing_chars): New. + +Mon May 17 21:54:43 CEST 1999 Werner Koch + + * logger.c (g10_log_hexdump): Made 2nd arg a const. + +Wed Apr 28 13:03:03 CEST 1999 Werner Koch + + * miscutil.c (asctimestamp): Use nl_langinfo (Gaël Quéri). + +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * argparse.c (store_alias): Disabled becuase it is not used. + + * ttyio.c (tty_batchmode): New + +Sat Mar 20 11:44:21 CET 1999 Werner Koch + + * http.c: Swapped to includes. + +Tue Mar 2 16:44:57 CET 1999 Werner Koch + + * strgutil.c (get_native_charset): New. + +Fri Feb 26 17:55:41 CET 1999 Werner Koch + + * secmem.c (memblock_struct): Force align (Rémi Guyomarch) + +Wed Feb 24 11:07:27 CET 1999 Werner Koch + + * iobuf.c (block_filter): Fixed the oscillating partial packet chunks. + +Fri Feb 19 15:49:15 CET 1999 Werner Koch + + * iobuf.c (iobuf_push_filter2): New to allow transer of context + ownership to the iobuf. Released the context where needed. + +Tue Feb 16 14:10:02 CET 1999 Werner Koch + + * strgutil.c (add_to_strglist): Clear the new flags field + (append_to_strglist): Ditto. + + * dotlock.c (read_lockfile): terminate pidstr (Michael). + +Wed Feb 10 17:15:39 CET 1999 Werner Koch + + * dotlock.c (remove_lockfiles): Add cleanup function. + (make_dotlock): Add deadlock check. + + * secmem.c (secmem_malloc): Changed error message. + +Wed Jan 20 21:40:21 CET 1999 Werner Koch + + * http.c (http_wait_response): Moved the shutdown behind the dup + +Wed Jan 20 18:59:49 CET 1999 Werner Koch + + * http.c (send_request): Removed double LF + +Tue Jan 19 19:34:58 CET 1999 Werner Koch + + * * iobuf.c (iobuf_push_filter): Allow filters for temp streams + + (iobuf_write_temp): Ditto. + (iobuf_flush_temp): New. + (iobuf_unget_and_close_temp): Removed. + + * http.c (close_http_document): Renamed to http_close(). + (open_http_document): Renamed to http_open_document(). + (http_open): New. + (http_start_data): New. + (http_wait_response): New. + + +Sun Jan 17 11:04:33 CET 1999 Werner Koch + + * strgutil.c (trim_trailing_ws): New. + +Sat Jan 16 12:03:27 CET 1999 Werner Koch + + * http.c (connect_server): Fixed stupid bug. + +Sat Jan 16 09:27:30 CET 1999 Werner Koch + + * http.c: New + + +Wed Jan 13 14:10:15 CET 1999 Werner Koch + + * iobuf.c (iobuf_fdopen): New. + +Sat Jan 9 16:02:23 CET 1999 Werner Koch + + * secmem.c (lock_pool): add another check that setuid() worked. + (secmem_init): Ditto. + +Thu Jan 7 18:00:58 CET 1999 Werner Koch + + * iobuf.c (iobuf_clear_eof): Removed. + (underflow): Changed the eof handling. + (iobuf_pop_filter): Made static and renamed to pop_filter. + + * iobuf.c (iobuf_read_line): New. + +Sun Jan 3 15:28:44 CET 1999 Werner Koch + + * dotlock.c (make_dotlock): print another informal message. + + (make_dotlock): Removed the cpp checks. + + +Tue Dec 29 14:41:47 CET 1998 Werner Koch + + * secmem.c: Moved unistd.h out of the #ifdef + + * dotlock.c (make_dotlock): Sun has no SYS_NMLN + + * iobuf.c (iobuf_unget_and_close_temp): Reset .start + +Sat Dec 12 18:40:32 CET 1998 Werner Koch + + * argparse.c (arg_pars): fixed opts[i] with negative index. + +Fri Nov 27 21:37:41 CET 1998 Werner Koch + + * dotlock.c: Implemented + +Wed Nov 25 11:30:07 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.c (iobuf_pop_filter): Fixed sigsegv after error. + +Thu Nov 19 07:09:55 1998 Werner Koch + + * miscutil.c (strtimevalue): New. + +Tue Nov 10 10:01:53 1998 Werner Koch (wk@isil.d.shuttle.de) + + * strgutil.c (set_native_charset): New. + (native_to_utf8): Now handles koi8-r. + +Tue Nov 3 16:17:56 1998 Werner Koch (wk@isil.d.shuttle.de) + + * strgutil.c (native_to_utf8): New. + (utf8_to_native): New, but only as a stub. + + * argparse.c (optfile_parse): Trimmed spaces from args. + + +Wed Oct 28 08:01:49 1998 me,,, (wk@tobold) + + * argparse.c (find_long_option): New. + (arg_parse): option=value is now allowed. Add a new internal + option "--dump-options". + +Thu Oct 22 16:25:49 1998 Michael Roth (mroth@nessie.de) + + * fileutil.c (make_basename): New. + (make_dirname): New. + +Wed Oct 21 12:20:29 1998 Werner Koch (wk@isil.d.shuttle.de) + + * util.c (iobuf_flush): autoincreasing of a temp. iobuf + (iobuf_temp_with_content): New. + +Tue Oct 13 12:40:13 1998 Werner Koch (wk@isil.d.shuttle.de) + + * util.c (.nofast): set this variable + +Wed Oct 7 19:27:50 1998 Werner Koch (wk@isil.d.shuttle.de) + + * memory.c (m_print_stats): New. + +Tue Oct 6 09:53:56 1998 Werner Koch (wk@isil.d.shuttle.de) + + * strgutil.c (memicmp): Add HAVE_MEMICMP. + +Mon Sep 21 19:45:01 1998 Werner Koch (wk@(none)) + + * secmem.c: New flags to allow suspend/resume of warnings. + +Fri Sep 18 16:25:47 1998 Werner Koch (wk@(none)) + + * secmem.c (lock_pool): Kludge for broken mlock on HPUX 10.20 + +Tue Sep 15 17:52:21 1998 Werner Koch (wk@(none)) + + * miscutil.c (asctimestamp): New. + +Mon Sep 14 09:38:18 1998 Werner Koch (wk@(none)) + + * secmem.c (init_pool): Now mmaps /dev/zero if we do not have MAP_ANON. + +Wed Sep 9 13:52:28 1998 Werner Koch (wk@(none)) + + * ttyio.c (do_get): Ctrl-D is now a valid but special character + +Mon Sep 7 13:52:41 1998 Werner Koch (wk@(none)) + + * iobuf.c (get_real_fname): New and changed file_filter datastructures + and their initialization. + +Tue Aug 11 15:12:35 1998 Werner Koch (wk@(none)) + + * miscutil.c (answer_is_yes): i18ned + +Sat Aug 8 18:35:00 1998 Werner Koch (wk@(none)) + + * ttyio.c (cleanup): New. + +Mon Aug 3 17:06:00 1998 Werner Koch (wk@(none)) + + * secmem.c (MAP_ANON): Add a macro test + +Wed Jul 29 14:53:34 1998 Werner Koch (wk@(none)) + + * ttyio.c (tty_get_answer_is_yes): New. + +Tue Jul 21 10:35:48 1998 Werner Koch (wk@(none)) + + * argparse.c: New option flag to distinguish options and commands. + +Sat Jul 18 19:49:30 1998 Werner Koch (wk@(none)) + + * argparse.c (arg_parse): Added -? as alias for -h + +Thu Jul 9 14:47:20 1998 Werner Koch (wk@isil.d.shuttle.de) + + * secmem.c (secmem_init): Drops setuid if called with 0. + +Tue Jul 7 11:49:25 1998 Werner Koch (wk@isil.d.shuttle.de) + + * logger.c (log_set_filename): New. + +Mon Jul 6 09:03:49 1998 Werner Koch (wk@isil.d.shuttle.de) + + * strgutil.c (append_to_strlist): New. + +Thu Jul 2 15:55:44 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.c (block_filter): Add writing of OP partial length headers. + +Fri Jun 26 10:38:35 1998 Werner Koch (wk@isil.d.shuttle.de) + + * ttyio.c (do_get): all iso8859-1 characters are now allowed. + +Thu Jun 25 15:57:21 1998 Werner Koch (wk@isil.d.shuttle.de) + + * secmem.c (lock_pool): Removed left over test code. + +Wed Jun 10 07:39:41 1998 Werner Koch,mobil,,, (wk@tobold) + + * fileutil.c (compare_filenames): New. + + * argparse.c (arg_parse): New flag bit 6 to ignore --version + +Thu May 14 16:45:13 1998 Werner Koch (wk@isil.d.shuttle.de) + + * argparse.c (show_help): Add some formatting stuff + +Fri May 8 17:06:49 1998 Werner Koch (wk@isil.d.shuttle.de) + + * errors.c (strerror): New if !HAVE_STRERROR + +Mon May 4 19:48:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.c (iobuf_read): Code is now faster. + * (iobuf_write): ditto. + +Mon Apr 27 11:01:32 1998 Werner Koch (wk@isil.d.shuttle.de) + + * strgutil.c (memicmp): New. + +Thu Mar 19 11:29:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * strgutil.c (memistr): Add const to return and first arg. + +Sat Mar 7 11:54:35 1998 Werner Koch (wk@isil.d.shuttle.de) + + * miscutil.c (print_string): New arg delim; changed all callers. + +Thu Mar 5 12:19:30 1998 Werner Koch (wk@isil.d.shuttle.de) + + * errors.c: New strings. + +Thu Mar 5 12:06:31 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.c (iobuf_open): A name of "-" now opens stdin. + * fileutil.c (print_fname_stdout, print_fname_stdin): New. + +Fri Feb 27 10:20:03 1998 Werner Koch (wk@isil.d.shuttle.de) + + * memory.c (m_is_secure): Removed. + * secmem.c (m_is_secure): Moved to here. + + * secmem.c (secmem_realloc): New. + * memory.c (M_GUARD,EXTRA_ALIGN): New (all functions). + +Thu Feb 26 14:36:51 1998 Werner Koch (wk@isil.d.shuttle.de) + + * secmem.c (lock_pool): No error if EAGAIN is returned instead + of EPERM. + +Fri Feb 20 17:43:05 1998 Werner Koch (wk@isil.d.shuttle.de) + + * ttyio.c [MINGW32]: Add support for mingw32. + +Tue Feb 17 19:43:44 1998 Werner Koch (wk@isil.d.shuttle.de) + + * memory.c (dump_table_at_exit): New. + +Mon Feb 16 10:07:28 1998 Werner Koch (wk@isil.d.shuttle.de) + + * argparse.c (show_version, show_help, default_strusage): Changed + according to GNU standards. + +Mon Feb 16 08:58:25 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.c (iobuf_peek): New + +Fri Feb 13 19:34:59 1998 Werner Koch (wk@isil.d.shuttle.de) + + * iobuf.c (iobuf_seek): Set counters to new offset. + +Fri Feb 13 17:13:04 1998 Werner Koch (wk@isil.d.shuttle.de) + + * logger.c (log_set_name, log_get_name): New. + (print_prefix, pgm_name): New, changed all function to make use it. + (log_mpidump): Removed the "DBG" prefix. + (log_hexdump): Ditto. + + * logger.c (printstr): Removed. + +Fri Feb 13 15:14:13 1998 Werner Koch (wk@isil.d.shuttle.de) + + * argparse.c (show_help): New '\v' kludge. + + + + Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, + 2005 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/zlib/ChangeLog b/zlib/ChangeLog deleted file mode 100644 index 5f06bcc7b..000000000 --- a/zlib/ChangeLog +++ /dev/null @@ -1,505 +0,0 @@ -2002-03-12 Werner Koch - - Merged changes from zlib 1.1.4. - -Sat Feb 13 12:04:43 CET 1999 Werner Koch - - * Makefile.am: Removed -Wall - -Wed Jan 20 21:40:21 CET 1999 Werner Koch - - * Makefile.am: Corrected the list of sources - -Wed Jan 13 14:10:15 CET 1999 Werner Koch - - Merged version 1.1.3 with the previousy used 1.0.4 - -Thu Feb 12 12:20:45 1998 Werner Koch (wk@frodo) - - Removed a couple of files, as this is only used if zlib is - missing on a system. Added automake stuff - - - ChangeLog file for zlib - - -Changes in 1.1.4 (11 March 2002) -- ZFREE was repeated on same allocation on some error conditions. - This creates a security problem described in - http://www.zlib.org/advisory-2002-03-11.txt -- Returned incorrect error (Z_MEM_ERROR) on some invalid data -- Avoid accesses before window for invalid distances with inflate window - less than 32K. -- force windowBits > 8 to avoid a bug in the encoder for a window size - of 256 bytes. (A complete fix will be available in 1.1.5). - -Changes in 1.1.3 (9 July 1998) -- fix "an inflate input buffer bug that shows up on rare but persistent - occasions" (Mark) -- fix gzread and gztell for concatenated .gz files (Didier Le Botlan) -- fix gzseek(..., SEEK_SET) in write mode -- fix crc check after a gzeek (Frank Faubert) -- fix miniunzip when the last entry in a zip file is itself a zip file - (J Lillge) -- add contrib/asm586 and contrib/asm686 (Brian Raiter) - See http://www.muppetlabs.com/~breadbox/software/assembly.html -- add support for Delphi 3 in contrib/delphi (Bob Dellaca) -- add support for C++Builder 3 and Delphi 3 in contrib/delphi2 (Davide Moretti) -- do not exit prematurely in untgz if 0 at start of block (Magnus Holmgren) -- use macro EXTERN instead of extern to support DLL for BeOS (Sander Stoks) -- added a FAQ file - -- Support gzdopen on Mac with Metrowerks (Jason Linhart) -- Do not redefine Byte on Mac (Brad Pettit & Jason Linhart) -- define SEEK_END too if SEEK_SET is not defined (Albert Chin-A-Young) -- avoid some warnings with Borland C (Tom Tanner) -- fix a problem in contrib/minizip/zip.c for 16-bit MSDOS (Gilles Vollant) -- emulate utime() for WIN32 in contrib/untgz (Gilles Vollant) -- allow several arguments to configure (Tim Mooney, Frodo Looijaard) -- use libdir and includedir in Makefile.in (Tim Mooney) -- support shared libraries on OSF1 V4 (Tim Mooney) -- remove so_locations in "make clean" (Tim Mooney) -- fix maketree.c compilation error (Glenn, Mark) -- Python interface to zlib now in Python 1.5 (Jeremy Hylton) -- new Makefile.riscos (Rich Walker) -- initialize static descriptors in trees.c for embedded targets (Nick Smith) -- use "foo-gz" in example.c for RISCOS and VMS (Nick Smith) -- add the OS/2 files in Makefile.in too (Andrew Zabolotny) -- fix fdopen and halloc macros for Microsoft C 6.0 (Tom Lane) -- fix maketree.c to allow clean compilation of inffixed.h (Mark) -- fix parameter check in deflateCopy (Gunther Nikl) -- cleanup trees.c, use compressed_len only in debug mode (Christian Spieler) -- Many portability patches by Christian Spieler: - . zutil.c, zutil.h: added "const" for zmem* - . Make_vms.com: fixed some typos - . Make_vms.com: msdos/Makefile.*: removed zutil.h from some dependency lists - . msdos/Makefile.msc: remove "default rtl link library" info from obj files - . msdos/Makefile.*: use model-dependent name for the built zlib library - . msdos/Makefile.emx, nt/Makefile.emx, nt/Makefile.gcc: - new makefiles, for emx (DOS/OS2), emx&rsxnt and mingw32 (Windows 9x / NT) -- use define instead of typedef for Bytef also for MSC small/medium (Tom Lane) -- replace __far with _far for better portability (Christian Spieler, Tom Lane) -- fix test for errno.h in configure (Tim Newsham) - -Changes in 1.1.2 (19 March 98) -- added contrib/minzip, mini zip and unzip based on zlib (Gilles Vollant) - See http://www.winimage.com/zLibDll/unzip.html -- preinitialize the inflate tables for fixed codes, to make the code - completely thread safe (Mark) -- some simplifications and slight speed-up to the inflate code (Mark) -- fix gzeof on non-compressed files (Allan Schrum) -- add -std1 option in configure for OSF1 to fix gzprintf (Martin Mokrejs) -- use default value of 4K for Z_BUFSIZE for 16-bit MSDOS (Tim Wegner + Glenn) -- added os2/Makefile.def and os2/zlib.def (Andrew Zabolotny) -- add shared lib support for UNIX_SV4.2MP (MATSUURA Takanori) -- do not wrap extern "C" around system includes (Tom Lane) -- mention zlib binding for TCL in README (Andreas Kupries) -- added amiga/Makefile.pup for Amiga powerUP SAS/C PPC (Andreas Kleinert) -- allow "make install prefix=..." even after configure (Glenn Randers-Pehrson) -- allow "configure --prefix $HOME" (Tim Mooney) -- remove warnings in example.c and gzio.c (Glenn Randers-Pehrson) -- move Makefile.sas to amiga/Makefile.sas - -Changes in 1.1.1 (27 Feb 98) -- fix macros _tr_tally_* in deflate.h for debug mode (Glenn Randers-Pehrson) -- remove block truncation heuristic which had very marginal effect for zlib - (smaller lit_bufsize than in gzip 1.2.4) and degraded a little the - compression ratio on some files. This also allows inlining _tr_tally for - matches in deflate_slow. -- added msdos/Makefile.w32 for WIN32 Microsoft Visual C++ (Bob Frazier) - -Changes in 1.1.0 (24 Feb 98) -- do not return STREAM_END prematurely in inflate (John Bowler) -- revert to the zlib 1.0.8 inflate to avoid the gcc 2.8.0 bug (Jeremy Buhler) -- compile with -DFASTEST to get compression code optimized for speed only -- in minigzip, try mmap'ing the input file first (Miguel Albrecht) -- increase size of I/O buffers in minigzip.c and gzio.c (not a big gain - on Sun but significant on HP) - -- add a pointer to experimental unzip library in README (Gilles Vollant) -- initialize variable gcc in configure (Chris Herborth) - -Changes in 1.0.9 (17 Feb 1998) -- added gzputs and gzgets functions -- do not clear eof flag in gzseek (Mark Diekhans) -- fix gzseek for files in transparent mode (Mark Diekhans) -- do not assume that vsprintf returns the number of bytes written (Jens Krinke) -- replace EXPORT with ZEXPORT to avoid conflict with other programs -- added compress2 in zconf.h, zlib.def, zlib.dnt -- new asm code from Gilles Vollant in contrib/asm386 -- simplify the inflate code (Mark): - . Replace ZALLOC's in huft_build() with single ZALLOC in inflate_blocks_new() - . ZALLOC the length list in inflate_trees_fixed() instead of using stack - . ZALLOC the value area for huft_build() instead of using stack - . Simplify Z_FINISH check in inflate() - -- Avoid gcc 2.8.0 comparison bug a little differently than zlib 1.0.8 -- in inftrees.c, avoid cc -O bug on HP (Farshid Elahi) -- in zconf.h move the ZLIB_DLL stuff earlier to avoid problems with - the declaration of FAR (Gilles VOllant) -- install libz.so* with mode 755 (executable) instead of 644 (Marc Lehmann) -- read_buf buf parameter of type Bytef* instead of charf* -- zmemcpy parameters are of type Bytef*, not charf* (Joseph Strout) -- do not redeclare unlink in minigzip.c for WIN32 (John Bowler) -- fix check for presence of directories in "make install" (Ian Willis) - -Changes in 1.0.8 (27 Jan 1998) -- fixed offsets in contrib/asm386/gvmat32.asm (Gilles Vollant) -- fix gzgetc and gzputc for big endian systems (Markus Oberhumer) -- added compress2() to allow setting the compression level -- include sys/types.h to get off_t on some systems (Marc Lehmann & QingLong) -- use constant arrays for the static trees in trees.c instead of computing - them at run time (thanks to Ken Raeburn for this suggestion). To create - trees.h, compile with GEN_TREES_H and run "make test". -- check return code of example in "make test" and display result -- pass minigzip command line options to file_compress -- simplifying code of inflateSync to avoid gcc 2.8 bug - -- support CC="gcc -Wall" in configure -s (QingLong) -- avoid a flush caused by ftell in gzopen for write mode (Ken Raeburn) -- fix test for shared library support to avoid compiler warnings -- zlib.lib -> zlib.dll in msdos/zlib.rc (Gilles Vollant) -- check for TARGET_OS_MAC in addition to MACOS (Brad Pettit) -- do not use fdopen for Metrowerks on Mac (Brad Pettit)) -- add checks for gzputc and gzputc in example.c -- avoid warnings in gzio.c and deflate.c (Andreas Kleinert) -- use const for the CRC table (Ken Raeburn) -- fixed "make uninstall" for shared libraries -- use Tracev instead of Trace in infblock.c -- in example.c use correct compressed length for test_sync -- suppress +vnocompatwarnings in configure for HPUX (not always supported) - -Changes in 1.0.7 (20 Jan 1998) -- fix gzseek which was broken in write mode -- return error for gzseek to negative absolute position -- fix configure for Linux (Chun-Chung Chen) -- increase stack space for MSC (Tim Wegner) -- get_crc_table and inflateSyncPoint are EXPORTed (Gilles Vollant) -- define EXPORTVA for gzprintf (Gilles Vollant) -- added man page zlib.3 (Rick Rodgers) -- for contrib/untgz, fix makedir() and improve Makefile - -- check gzseek in write mode in example.c -- allocate extra buffer for seeks only if gzseek is actually called -- avoid signed/unsigned comparisons (Tim Wegner, Gilles Vollant) -- add inflateSyncPoint in zconf.h -- fix list of exported functions in nt/zlib.dnt and mdsos/zlib.def - -Changes in 1.0.6 (19 Jan 1998) -- add functions gzprintf, gzputc, gzgetc, gztell, gzeof, gzseek, gzrewind and - gzsetparams (thanks to Roland Giersig and Kevin Ruland for some of this code) -- Fix a deflate bug occuring only with compression level 0 (thanks to - Andy Buckler for finding this one). -- In minigzip, pass transparently also the first byte for .Z files. -- return Z_BUF_ERROR instead of Z_OK if output buffer full in uncompress() -- check Z_FINISH in inflate (thanks to Marc Schluper) -- Implement deflateCopy (thanks to Adam Costello) -- make static libraries by default in configure, add --shared option. -- move MSDOS or Windows specific files to directory msdos -- suppress the notion of partial flush to simplify the interface - (but the symbol Z_PARTIAL_FLUSH is kept for compatibility with 1.0.4) -- suppress history buffer provided by application to simplify the interface - (this feature was not implemented anyway in 1.0.4) -- next_in and avail_in must be initialized before calling inflateInit or - inflateInit2 -- add EXPORT in all exported functions (for Windows DLL) -- added Makefile.nt (thanks to Stephen Williams) -- added the unsupported "contrib" directory: - contrib/asm386/ by Gilles Vollant - 386 asm code replacing longest_match(). - contrib/iostream/ by Kevin Ruland - A C++ I/O streams interface to the zlib gz* functions - contrib/iostream2/ by Tyge Løvset - Another C++ I/O streams interface - contrib/untgz/ by "Pedro A. Aranda Guti\irrez" - A very simple tar.gz file extractor using zlib - contrib/visual-basic.txt by Carlos Rios - How to use compress(), uncompress() and the gz* functions from VB. -- pass params -f (filtered data), -h (huffman only), -1 to -9 (compression - level) in minigzip (thanks to Tom Lane) - -- use const for rommable constants in deflate -- added test for gzseek and gztell in example.c -- add undocumented function inflateSyncPoint() (hack for Paul Mackerras) -- add undocumented function zError to convert error code to string - (for Tim Smithers) -- Allow compilation of gzio with -DNO_DEFLATE to avoid the compression code. -- Use default memcpy for Symantec MSDOS compiler. -- Add EXPORT keyword for check_func (needed for Windows DLL) -- add current directory to LD_LIBRARY_PATH for "make test" -- create also a link for libz.so.1 -- added support for FUJITSU UXP/DS (thanks to Toshiaki Nomura) -- use $(SHAREDLIB) instead of libz.so in Makefile.in (for HPUX) -- added -soname for Linux in configure (Chun-Chung Chen, -- assign numbers to the exported functions in zlib.def (for Windows DLL) -- add advice in zlib.h for best usage of deflateSetDictionary -- work around compiler bug on Atari (cast Z_NULL in call of s->checkfn) -- allow compilation with ANSI keywords only enabled for TurboC in large model -- avoid "versionString"[0] (Borland bug) -- add NEED_DUMMY_RETURN for Borland -- use variable z_verbose for tracing in debug mode (L. Peter Deutsch). -- allow compilation with CC -- defined STDC for OS/2 (David Charlap) -- limit external names to 8 chars for MVS (Thomas Lund) -- in minigzip.c, use static buffers only for 16-bit systems -- fix suffix check for "minigzip -d foo.gz" -- do not return an error for the 2nd of two consecutive gzflush() (Felix Lee) -- use _fdopen instead of fdopen for MSC >= 6.0 (Thomas Fanslau) -- added makelcc.bat for lcc-win32 (Tom St Denis) -- in Makefile.dj2, use copy and del instead of install and rm (Frank Donahoe) -- Avoid expanded $Id$. Use "rcs -kb" or "cvs admin -kb" to avoid Id expansion. -- check for unistd.h in configure (for off_t) -- remove useless check parameter in inflate_blocks_free -- avoid useless assignment of s->check to itself in inflate_blocks_new -- do not flush twice in gzclose (thanks to Ken Raeburn) -- rename FOPEN as F_OPEN to avoid clash with /usr/include/sys/file.h -- use NO_ERRNO_H instead of enumeration of operating systems with errno.h -- work around buggy fclose on pipes for HP/UX -- support zlib DLL with BORLAND C++ 5.0 (thanks to Glenn Randers-Pehrson) -- fix configure if CC is already equal to gcc - -Changes in 1.0.5 (3 Jan 98) -- Fix inflate to terminate gracefully when fed corrupted or invalid data -- Use const for rommable constants in inflate -- Eliminate memory leaks on error conditions in inflate -- Removed some vestigial code in inflate -- Update web address in README - -Changes in 1.0.4 (24 Jul 96) -- In very rare conditions, deflate(s, Z_FINISH) could fail to produce an EOF - bit, so the decompressor could decompress all the correct data but went - on to attempt decompressing extra garbage data. This affected minigzip too. -- zlibVersion and gzerror return const char* (needed for DLL) -- port to RISCOS (no fdopen, no multiple dots, no unlink, no fileno) -- use z_error only for DEBUG (avoid problem with DLLs) - -Changes in 1.0.3 (2 Jul 96) -- use z_streamp instead of z_stream *, which is now a far pointer in MSDOS - small and medium models; this makes the library incompatible with previous - versions for these models. (No effect in large model or on other systems.) -- return OK instead of BUF_ERROR if previous deflate call returned with - avail_out as zero but there is nothing to do -- added memcmp for non STDC compilers -- define NO_DUMMY_DECL for more Mac compilers (.h files merged incorrectly) -- define __32BIT__ if __386__ or i386 is defined (pb. with Watcom and SCO) -- better check for 16-bit mode MSC (avoids problem with Symantec) - -Changes in 1.0.2 (23 May 96) -- added Windows DLL support -- added a function zlibVersion (for the DLL support) -- fixed declarations using Bytef in infutil.c (pb with MSDOS medium model) -- Bytef is define's instead of typedef'd only for Borland C -- avoid reading uninitialized memory in example.c -- mention in README that the zlib format is now RFC1950 -- updated Makefile.dj2 -- added algorithm.doc - -Changes in 1.0.1 (20 May 96) [1.0 skipped to avoid confusion] -- fix array overlay in deflate.c which sometimes caused bad compressed data -- fix inflate bug with empty stored block -- fix MSDOS medium model which was broken in 0.99 -- fix deflateParams() which could generated bad compressed data. -- Bytef is define'd instead of typedef'ed (work around Borland bug) -- added an INDEX file -- new makefiles for DJGPP (Makefile.dj2), 32-bit Borland (Makefile.b32), - Watcom (Makefile.wat), Amiga SAS/C (Makefile.sas) -- speed up adler32 for modern machines without auto-increment -- added -ansi for IRIX in configure -- static_init_done in trees.c is an int -- define unlink as delete for VMS -- fix configure for QNX -- add configure branch for SCO and HPUX -- avoid many warnings (unused variables, dead assignments, etc...) -- no fdopen for BeOS -- fix the Watcom fix for 32 bit mode (define FAR as empty) -- removed redefinition of Byte for MKWERKS -- work around an MWKERKS bug (incorrect merge of all .h files) - -Changes in 0.99 (27 Jan 96) -- allow preset dictionary shared between compressor and decompressor -- allow compression level 0 (no compression) -- add deflateParams in zlib.h: allow dynamic change of compression level - and compression strategy. -- test large buffers and deflateParams in example.c -- add optional "configure" to build zlib as a shared library -- suppress Makefile.qnx, use configure instead -- fixed deflate for 64-bit systems (detected on Cray) -- fixed inflate_blocks for 64-bit systems (detected on Alpha) -- declare Z_DEFLATED in zlib.h (possible parameter for deflateInit2) -- always return Z_BUF_ERROR when deflate() has nothing to do -- deflateInit and inflateInit are now macros to allow version checking -- prefix all global functions and types with z_ with -DZ_PREFIX -- make falloc completely reentrant (inftrees.c) -- fixed very unlikely race condition in ct_static_init -- free in reverse order of allocation to help memory manager -- use zlib-1.0/* instead of zlib/* inside the tar.gz -- make zlib warning-free with "gcc -O3 -Wall -Wwrite-strings -Wpointer-arith - -Wconversion -Wstrict-prototypes -Wmissing-prototypes" -- allow gzread on concatenated .gz files -- deflateEnd now returns Z_DATA_ERROR if it was premature -- deflate is finally (?) fully deterministic (no matches beyond end of input) -- Document Z_SYNC_FLUSH -- add uninstall in Makefile -- Check for __cpluplus in zlib.h -- Better test in ct_align for partial flush -- avoid harmless warnings for Borland C++ -- initialize hash_head in deflate.c -- avoid warning on fdopen (gzio.c) for HP cc -Aa -- include stdlib.h for STDC compilers -- include errno.h for Cray -- ignore error if ranlib doesn't exist -- call ranlib twice for NeXTSTEP -- use exec_prefix instead of prefix for libz.a -- renamed ct_* as _tr_* to avoid conflict with applications -- clear z->msg in inflateInit2 before any error return -- initialize opaque in example.c, gzio.c, deflate.c and inflate.c -- fixed typo in zconf.h (_GNUC__ => __GNUC__) -- check for WIN32 in zconf.h and zutil.c (avoid farmalloc in 32-bit mode) -- fix typo in Make_vms.com (f$trnlnm -> f$getsyi) -- in fcalloc, normalize pointer if size > 65520 bytes -- don't use special fcalloc for 32 bit Borland C++ -- use STDC instead of __GO32__ to avoid redeclaring exit, calloc, etc... -- use Z_BINARY instead of BINARY -- document that gzclose after gzdopen will close the file -- allow "a" as mode in gzopen. -- fix error checking in gzread -- allow skipping .gz extra-field on pipes -- added reference to Perl interface in README -- put the crc table in FAR data (I dislike more and more the medium model :) -- added get_crc_table -- added a dimension to all arrays (Borland C can't count). -- workaround Borland C bug in declaration of inflate_codes_new & inflate_fast -- guard against multiple inclusion of *.h (for precompiled header on Mac) -- Watcom C pretends to be Microsoft C small model even in 32 bit mode. -- don't use unsized arrays to avoid silly warnings by Visual C++: - warning C4746: 'inflate_mask' : unsized array treated as '__far' - (what's wrong with far data in far model?). -- define enum out of inflate_blocks_state to allow compilation with C++ - -Changes in 0.95 (16 Aug 95) -- fix MSDOS small and medium model (now easier to adapt to any compiler) -- inlined send_bits -- fix the final (:-) bug for deflate with flush (output was correct but - not completely flushed in rare occasions). -- default window size is same for compression and decompression - (it's now sufficient to set MAX_WBITS in zconf.h). -- voidp -> voidpf and voidnp -> voidp (for consistency with other - typedefs and because voidnp was not near in large model). - -Changes in 0.94 (13 Aug 95) -- support MSDOS medium model -- fix deflate with flush (could sometimes generate bad output) -- fix deflateReset (zlib header was incorrectly suppressed) -- added support for VMS -- allow a compression level in gzopen() -- gzflush now calls fflush -- For deflate with flush, flush even if no more input is provided. -- rename libgz.a as libz.a -- avoid complex expression in infcodes.c triggering Turbo C bug -- work around a problem with gcc on Alpha (in INSERT_STRING) -- don't use inline functions (problem with some gcc versions) -- allow renaming of Byte, uInt, etc... with #define. -- avoid warning about (unused) pointer before start of array in deflate.c -- avoid various warnings in gzio.c, example.c, infblock.c, adler32.c, zutil.c -- avoid reserved word 'new' in trees.c - -Changes in 0.93 (25 June 95) -- temporarily disable inline functions -- make deflate deterministic -- give enough lookahead for PARTIAL_FLUSH -- Set binary mode for stdin/stdout in minigzip.c for OS/2 -- don't even use signed char in inflate (not portable enough) -- fix inflate memory leak for segmented architectures - -Changes in 0.92 (3 May 95) -- don't assume that char is signed (problem on SGI) -- Clear bit buffer when starting a stored block -- no memcpy on Pyramid -- suppressed inftest.c -- optimized fill_window, put longest_match inline for gcc -- optimized inflate on stored blocks. -- untabify all sources to simplify patches - -Changes in 0.91 (2 May 95) -- Default MEM_LEVEL is 8 (not 9 for Unix) as documented in zlib.h -- Document the memory requirements in zconf.h -- added "make install" -- fix sync search logic in inflateSync -- deflate(Z_FULL_FLUSH) now works even if output buffer too short -- after inflateSync, don't scare people with just "lo world" -- added support for DJGPP - -Changes in 0.9 (1 May 95) -- don't assume that zalloc clears the allocated memory (the TurboC bug - was Mark's bug after all :) -- let again gzread copy uncompressed data unchanged (was working in 0.71) -- deflate(Z_FULL_FLUSH), inflateReset and inflateSync are now fully implemented -- added a test of inflateSync in example.c -- moved MAX_WBITS to zconf.h because users might want to change that. -- document explicitly that zalloc(64K) on MSDOS must return a normalized - pointer (zero offset) -- added Makefiles for Microsoft C, Turbo C, Borland C++ -- faster crc32() - -Changes in 0.8 (29 April 95) -- added fast inflate (inffast.c) -- deflate(Z_FINISH) now returns Z_STREAM_END when done. Warning: this - is incompatible with previous versions of zlib which returned Z_OK. -- work around a TurboC compiler bug (bad code for b << 0, see infutil.h) - (actually that was not a compiler bug, see 0.81 above) -- gzread no longer reads one extra byte in certain cases -- In gzio destroy(), don't reference a freed structure -- avoid many warnings for MSDOS -- avoid the ERROR symbol which is used by MS Windows - -Changes in 0.71 (14 April 95) -- Fixed more MSDOS compilation problems :( There is still a bug with - TurboC large model. - -Changes in 0.7 (14 April 95) -- Added full inflate support. -- Simplified the crc32() interface. The pre- and post-conditioning - (one's complement) is now done inside crc32(). WARNING: this is - incompatible with previous versions; see zlib.h for the new usage. - -Changes in 0.61 (12 April 95) -- workaround for a bug in TurboC. example and minigzip now work on MSDOS. - -Changes in 0.6 (11 April 95) -- added minigzip.c -- added gzdopen to reopen a file descriptor as gzFile -- added transparent reading of non-gziped files in gzread. -- fixed bug in gzread (don't read crc as data) -- fixed bug in destroy (gzio.c) (don't return Z_STREAM_END for gzclose). -- don't allocate big arrays in the stack (for MSDOS) -- fix some MSDOS compilation problems - -Changes in 0.5: -- do real compression in deflate.c. Z_PARTIAL_FLUSH is supported but - not yet Z_FULL_FLUSH. -- support decompression but only in a single step (forced Z_FINISH) -- added opaque object for zalloc and zfree. -- added deflateReset and inflateReset -- added a variable zlib_version for consistency checking. -- renamed the 'filter' parameter of deflateInit2 as 'strategy'. - Added Z_FILTERED and Z_HUFFMAN_ONLY constants. - -Changes in 0.4: -- avoid "zip" everywhere, use zlib instead of ziplib. -- suppress Z_BLOCK_FLUSH, interpret Z_PARTIAL_FLUSH as block flush - if compression method == 8. -- added adler32 and crc32 -- renamed deflateOptions as deflateInit2, call one or the other but not both -- added the method parameter for deflateInit2. -- added inflateInit2 -- simplied considerably deflateInit and inflateInit by not supporting - user-provided history buffer. This is supported only in deflateInit2 - and inflateInit2. - -Changes in 0.3: -- prefix all macro names with Z_ -- use Z_FINISH instead of deflateEnd to finish compression. -- added Z_HUFFMAN_ONLY -- added gzerror() - - diff --git a/zlib/ChangeLog-2011 b/zlib/ChangeLog-2011 new file mode 100644 index 000000000..677ce5824 --- /dev/null +++ b/zlib/ChangeLog-2011 @@ -0,0 +1,510 @@ +2011-12-02 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2002-03-12 Werner Koch + + Merged changes from zlib 1.1.4. + +Sat Feb 13 12:04:43 CET 1999 Werner Koch + + * Makefile.am: Removed -Wall + +Wed Jan 20 21:40:21 CET 1999 Werner Koch + + * Makefile.am: Corrected the list of sources + +Wed Jan 13 14:10:15 CET 1999 Werner Koch + + Merged version 1.1.3 with the previousy used 1.0.4 + +Thu Feb 12 12:20:45 1998 Werner Koch (wk@frodo) + + Removed a couple of files, as this is only used if zlib is + missing on a system. Added automake stuff + + + ChangeLog file for zlib + + +Changes in 1.1.4 (11 March 2002) +- ZFREE was repeated on same allocation on some error conditions. + This creates a security problem described in + http://www.zlib.org/advisory-2002-03-11.txt +- Returned incorrect error (Z_MEM_ERROR) on some invalid data +- Avoid accesses before window for invalid distances with inflate window + less than 32K. +- force windowBits > 8 to avoid a bug in the encoder for a window size + of 256 bytes. (A complete fix will be available in 1.1.5). + +Changes in 1.1.3 (9 July 1998) +- fix "an inflate input buffer bug that shows up on rare but persistent + occasions" (Mark) +- fix gzread and gztell for concatenated .gz files (Didier Le Botlan) +- fix gzseek(..., SEEK_SET) in write mode +- fix crc check after a gzeek (Frank Faubert) +- fix miniunzip when the last entry in a zip file is itself a zip file + (J Lillge) +- add contrib/asm586 and contrib/asm686 (Brian Raiter) + See http://www.muppetlabs.com/~breadbox/software/assembly.html +- add support for Delphi 3 in contrib/delphi (Bob Dellaca) +- add support for C++Builder 3 and Delphi 3 in contrib/delphi2 (Davide Moretti) +- do not exit prematurely in untgz if 0 at start of block (Magnus Holmgren) +- use macro EXTERN instead of extern to support DLL for BeOS (Sander Stoks) +- added a FAQ file + +- Support gzdopen on Mac with Metrowerks (Jason Linhart) +- Do not redefine Byte on Mac (Brad Pettit & Jason Linhart) +- define SEEK_END too if SEEK_SET is not defined (Albert Chin-A-Young) +- avoid some warnings with Borland C (Tom Tanner) +- fix a problem in contrib/minizip/zip.c for 16-bit MSDOS (Gilles Vollant) +- emulate utime() for WIN32 in contrib/untgz (Gilles Vollant) +- allow several arguments to configure (Tim Mooney, Frodo Looijaard) +- use libdir and includedir in Makefile.in (Tim Mooney) +- support shared libraries on OSF1 V4 (Tim Mooney) +- remove so_locations in "make clean" (Tim Mooney) +- fix maketree.c compilation error (Glenn, Mark) +- Python interface to zlib now in Python 1.5 (Jeremy Hylton) +- new Makefile.riscos (Rich Walker) +- initialize static descriptors in trees.c for embedded targets (Nick Smith) +- use "foo-gz" in example.c for RISCOS and VMS (Nick Smith) +- add the OS/2 files in Makefile.in too (Andrew Zabolotny) +- fix fdopen and halloc macros for Microsoft C 6.0 (Tom Lane) +- fix maketree.c to allow clean compilation of inffixed.h (Mark) +- fix parameter check in deflateCopy (Gunther Nikl) +- cleanup trees.c, use compressed_len only in debug mode (Christian Spieler) +- Many portability patches by Christian Spieler: + . zutil.c, zutil.h: added "const" for zmem* + . Make_vms.com: fixed some typos + . Make_vms.com: msdos/Makefile.*: removed zutil.h from some dependency lists + . msdos/Makefile.msc: remove "default rtl link library" info from obj files + . msdos/Makefile.*: use model-dependent name for the built zlib library + . msdos/Makefile.emx, nt/Makefile.emx, nt/Makefile.gcc: + new makefiles, for emx (DOS/OS2), emx&rsxnt and mingw32 (Windows 9x / NT) +- use define instead of typedef for Bytef also for MSC small/medium (Tom Lane) +- replace __far with _far for better portability (Christian Spieler, Tom Lane) +- fix test for errno.h in configure (Tim Newsham) + +Changes in 1.1.2 (19 March 98) +- added contrib/minzip, mini zip and unzip based on zlib (Gilles Vollant) + See http://www.winimage.com/zLibDll/unzip.html +- preinitialize the inflate tables for fixed codes, to make the code + completely thread safe (Mark) +- some simplifications and slight speed-up to the inflate code (Mark) +- fix gzeof on non-compressed files (Allan Schrum) +- add -std1 option in configure for OSF1 to fix gzprintf (Martin Mokrejs) +- use default value of 4K for Z_BUFSIZE for 16-bit MSDOS (Tim Wegner + Glenn) +- added os2/Makefile.def and os2/zlib.def (Andrew Zabolotny) +- add shared lib support for UNIX_SV4.2MP (MATSUURA Takanori) +- do not wrap extern "C" around system includes (Tom Lane) +- mention zlib binding for TCL in README (Andreas Kupries) +- added amiga/Makefile.pup for Amiga powerUP SAS/C PPC (Andreas Kleinert) +- allow "make install prefix=..." even after configure (Glenn Randers-Pehrson) +- allow "configure --prefix $HOME" (Tim Mooney) +- remove warnings in example.c and gzio.c (Glenn Randers-Pehrson) +- move Makefile.sas to amiga/Makefile.sas + +Changes in 1.1.1 (27 Feb 98) +- fix macros _tr_tally_* in deflate.h for debug mode (Glenn Randers-Pehrson) +- remove block truncation heuristic which had very marginal effect for zlib + (smaller lit_bufsize than in gzip 1.2.4) and degraded a little the + compression ratio on some files. This also allows inlining _tr_tally for + matches in deflate_slow. +- added msdos/Makefile.w32 for WIN32 Microsoft Visual C++ (Bob Frazier) + +Changes in 1.1.0 (24 Feb 98) +- do not return STREAM_END prematurely in inflate (John Bowler) +- revert to the zlib 1.0.8 inflate to avoid the gcc 2.8.0 bug (Jeremy Buhler) +- compile with -DFASTEST to get compression code optimized for speed only +- in minigzip, try mmap'ing the input file first (Miguel Albrecht) +- increase size of I/O buffers in minigzip.c and gzio.c (not a big gain + on Sun but significant on HP) + +- add a pointer to experimental unzip library in README (Gilles Vollant) +- initialize variable gcc in configure (Chris Herborth) + +Changes in 1.0.9 (17 Feb 1998) +- added gzputs and gzgets functions +- do not clear eof flag in gzseek (Mark Diekhans) +- fix gzseek for files in transparent mode (Mark Diekhans) +- do not assume that vsprintf returns the number of bytes written (Jens Krinke) +- replace EXPORT with ZEXPORT to avoid conflict with other programs +- added compress2 in zconf.h, zlib.def, zlib.dnt +- new asm code from Gilles Vollant in contrib/asm386 +- simplify the inflate code (Mark): + . Replace ZALLOC's in huft_build() with single ZALLOC in inflate_blocks_new() + . ZALLOC the length list in inflate_trees_fixed() instead of using stack + . ZALLOC the value area for huft_build() instead of using stack + . Simplify Z_FINISH check in inflate() + +- Avoid gcc 2.8.0 comparison bug a little differently than zlib 1.0.8 +- in inftrees.c, avoid cc -O bug on HP (Farshid Elahi) +- in zconf.h move the ZLIB_DLL stuff earlier to avoid problems with + the declaration of FAR (Gilles VOllant) +- install libz.so* with mode 755 (executable) instead of 644 (Marc Lehmann) +- read_buf buf parameter of type Bytef* instead of charf* +- zmemcpy parameters are of type Bytef*, not charf* (Joseph Strout) +- do not redeclare unlink in minigzip.c for WIN32 (John Bowler) +- fix check for presence of directories in "make install" (Ian Willis) + +Changes in 1.0.8 (27 Jan 1998) +- fixed offsets in contrib/asm386/gvmat32.asm (Gilles Vollant) +- fix gzgetc and gzputc for big endian systems (Markus Oberhumer) +- added compress2() to allow setting the compression level +- include sys/types.h to get off_t on some systems (Marc Lehmann & QingLong) +- use constant arrays for the static trees in trees.c instead of computing + them at run time (thanks to Ken Raeburn for this suggestion). To create + trees.h, compile with GEN_TREES_H and run "make test". +- check return code of example in "make test" and display result +- pass minigzip command line options to file_compress +- simplifying code of inflateSync to avoid gcc 2.8 bug + +- support CC="gcc -Wall" in configure -s (QingLong) +- avoid a flush caused by ftell in gzopen for write mode (Ken Raeburn) +- fix test for shared library support to avoid compiler warnings +- zlib.lib -> zlib.dll in msdos/zlib.rc (Gilles Vollant) +- check for TARGET_OS_MAC in addition to MACOS (Brad Pettit) +- do not use fdopen for Metrowerks on Mac (Brad Pettit)) +- add checks for gzputc and gzputc in example.c +- avoid warnings in gzio.c and deflate.c (Andreas Kleinert) +- use const for the CRC table (Ken Raeburn) +- fixed "make uninstall" for shared libraries +- use Tracev instead of Trace in infblock.c +- in example.c use correct compressed length for test_sync +- suppress +vnocompatwarnings in configure for HPUX (not always supported) + +Changes in 1.0.7 (20 Jan 1998) +- fix gzseek which was broken in write mode +- return error for gzseek to negative absolute position +- fix configure for Linux (Chun-Chung Chen) +- increase stack space for MSC (Tim Wegner) +- get_crc_table and inflateSyncPoint are EXPORTed (Gilles Vollant) +- define EXPORTVA for gzprintf (Gilles Vollant) +- added man page zlib.3 (Rick Rodgers) +- for contrib/untgz, fix makedir() and improve Makefile + +- check gzseek in write mode in example.c +- allocate extra buffer for seeks only if gzseek is actually called +- avoid signed/unsigned comparisons (Tim Wegner, Gilles Vollant) +- add inflateSyncPoint in zconf.h +- fix list of exported functions in nt/zlib.dnt and mdsos/zlib.def + +Changes in 1.0.6 (19 Jan 1998) +- add functions gzprintf, gzputc, gzgetc, gztell, gzeof, gzseek, gzrewind and + gzsetparams (thanks to Roland Giersig and Kevin Ruland for some of this code) +- Fix a deflate bug occuring only with compression level 0 (thanks to + Andy Buckler for finding this one). +- In minigzip, pass transparently also the first byte for .Z files. +- return Z_BUF_ERROR instead of Z_OK if output buffer full in uncompress() +- check Z_FINISH in inflate (thanks to Marc Schluper) +- Implement deflateCopy (thanks to Adam Costello) +- make static libraries by default in configure, add --shared option. +- move MSDOS or Windows specific files to directory msdos +- suppress the notion of partial flush to simplify the interface + (but the symbol Z_PARTIAL_FLUSH is kept for compatibility with 1.0.4) +- suppress history buffer provided by application to simplify the interface + (this feature was not implemented anyway in 1.0.4) +- next_in and avail_in must be initialized before calling inflateInit or + inflateInit2 +- add EXPORT in all exported functions (for Windows DLL) +- added Makefile.nt (thanks to Stephen Williams) +- added the unsupported "contrib" directory: + contrib/asm386/ by Gilles Vollant + 386 asm code replacing longest_match(). + contrib/iostream/ by Kevin Ruland + A C++ I/O streams interface to the zlib gz* functions + contrib/iostream2/ by Tyge Løvset + Another C++ I/O streams interface + contrib/untgz/ by "Pedro A. Aranda Guti\irrez" + A very simple tar.gz file extractor using zlib + contrib/visual-basic.txt by Carlos Rios + How to use compress(), uncompress() and the gz* functions from VB. +- pass params -f (filtered data), -h (huffman only), -1 to -9 (compression + level) in minigzip (thanks to Tom Lane) + +- use const for rommable constants in deflate +- added test for gzseek and gztell in example.c +- add undocumented function inflateSyncPoint() (hack for Paul Mackerras) +- add undocumented function zError to convert error code to string + (for Tim Smithers) +- Allow compilation of gzio with -DNO_DEFLATE to avoid the compression code. +- Use default memcpy for Symantec MSDOS compiler. +- Add EXPORT keyword for check_func (needed for Windows DLL) +- add current directory to LD_LIBRARY_PATH for "make test" +- create also a link for libz.so.1 +- added support for FUJITSU UXP/DS (thanks to Toshiaki Nomura) +- use $(SHAREDLIB) instead of libz.so in Makefile.in (for HPUX) +- added -soname for Linux in configure (Chun-Chung Chen, +- assign numbers to the exported functions in zlib.def (for Windows DLL) +- add advice in zlib.h for best usage of deflateSetDictionary +- work around compiler bug on Atari (cast Z_NULL in call of s->checkfn) +- allow compilation with ANSI keywords only enabled for TurboC in large model +- avoid "versionString"[0] (Borland bug) +- add NEED_DUMMY_RETURN for Borland +- use variable z_verbose for tracing in debug mode (L. Peter Deutsch). +- allow compilation with CC +- defined STDC for OS/2 (David Charlap) +- limit external names to 8 chars for MVS (Thomas Lund) +- in minigzip.c, use static buffers only for 16-bit systems +- fix suffix check for "minigzip -d foo.gz" +- do not return an error for the 2nd of two consecutive gzflush() (Felix Lee) +- use _fdopen instead of fdopen for MSC >= 6.0 (Thomas Fanslau) +- added makelcc.bat for lcc-win32 (Tom St Denis) +- in Makefile.dj2, use copy and del instead of install and rm (Frank Donahoe) +- Avoid expanded $Id$. Use "rcs -kb" or "cvs admin -kb" to avoid Id expansion. +- check for unistd.h in configure (for off_t) +- remove useless check parameter in inflate_blocks_free +- avoid useless assignment of s->check to itself in inflate_blocks_new +- do not flush twice in gzclose (thanks to Ken Raeburn) +- rename FOPEN as F_OPEN to avoid clash with /usr/include/sys/file.h +- use NO_ERRNO_H instead of enumeration of operating systems with errno.h +- work around buggy fclose on pipes for HP/UX +- support zlib DLL with BORLAND C++ 5.0 (thanks to Glenn Randers-Pehrson) +- fix configure if CC is already equal to gcc + +Changes in 1.0.5 (3 Jan 98) +- Fix inflate to terminate gracefully when fed corrupted or invalid data +- Use const for rommable constants in inflate +- Eliminate memory leaks on error conditions in inflate +- Removed some vestigial code in inflate +- Update web address in README + +Changes in 1.0.4 (24 Jul 96) +- In very rare conditions, deflate(s, Z_FINISH) could fail to produce an EOF + bit, so the decompressor could decompress all the correct data but went + on to attempt decompressing extra garbage data. This affected minigzip too. +- zlibVersion and gzerror return const char* (needed for DLL) +- port to RISCOS (no fdopen, no multiple dots, no unlink, no fileno) +- use z_error only for DEBUG (avoid problem with DLLs) + +Changes in 1.0.3 (2 Jul 96) +- use z_streamp instead of z_stream *, which is now a far pointer in MSDOS + small and medium models; this makes the library incompatible with previous + versions for these models. (No effect in large model or on other systems.) +- return OK instead of BUF_ERROR if previous deflate call returned with + avail_out as zero but there is nothing to do +- added memcmp for non STDC compilers +- define NO_DUMMY_DECL for more Mac compilers (.h files merged incorrectly) +- define __32BIT__ if __386__ or i386 is defined (pb. with Watcom and SCO) +- better check for 16-bit mode MSC (avoids problem with Symantec) + +Changes in 1.0.2 (23 May 96) +- added Windows DLL support +- added a function zlibVersion (for the DLL support) +- fixed declarations using Bytef in infutil.c (pb with MSDOS medium model) +- Bytef is define's instead of typedef'd only for Borland C +- avoid reading uninitialized memory in example.c +- mention in README that the zlib format is now RFC1950 +- updated Makefile.dj2 +- added algorithm.doc + +Changes in 1.0.1 (20 May 96) [1.0 skipped to avoid confusion] +- fix array overlay in deflate.c which sometimes caused bad compressed data +- fix inflate bug with empty stored block +- fix MSDOS medium model which was broken in 0.99 +- fix deflateParams() which could generated bad compressed data. +- Bytef is define'd instead of typedef'ed (work around Borland bug) +- added an INDEX file +- new makefiles for DJGPP (Makefile.dj2), 32-bit Borland (Makefile.b32), + Watcom (Makefile.wat), Amiga SAS/C (Makefile.sas) +- speed up adler32 for modern machines without auto-increment +- added -ansi for IRIX in configure +- static_init_done in trees.c is an int +- define unlink as delete for VMS +- fix configure for QNX +- add configure branch for SCO and HPUX +- avoid many warnings (unused variables, dead assignments, etc...) +- no fdopen for BeOS +- fix the Watcom fix for 32 bit mode (define FAR as empty) +- removed redefinition of Byte for MKWERKS +- work around an MWKERKS bug (incorrect merge of all .h files) + +Changes in 0.99 (27 Jan 96) +- allow preset dictionary shared between compressor and decompressor +- allow compression level 0 (no compression) +- add deflateParams in zlib.h: allow dynamic change of compression level + and compression strategy. +- test large buffers and deflateParams in example.c +- add optional "configure" to build zlib as a shared library +- suppress Makefile.qnx, use configure instead +- fixed deflate for 64-bit systems (detected on Cray) +- fixed inflate_blocks for 64-bit systems (detected on Alpha) +- declare Z_DEFLATED in zlib.h (possible parameter for deflateInit2) +- always return Z_BUF_ERROR when deflate() has nothing to do +- deflateInit and inflateInit are now macros to allow version checking +- prefix all global functions and types with z_ with -DZ_PREFIX +- make falloc completely reentrant (inftrees.c) +- fixed very unlikely race condition in ct_static_init +- free in reverse order of allocation to help memory manager +- use zlib-1.0/* instead of zlib/* inside the tar.gz +- make zlib warning-free with "gcc -O3 -Wall -Wwrite-strings -Wpointer-arith + -Wconversion -Wstrict-prototypes -Wmissing-prototypes" +- allow gzread on concatenated .gz files +- deflateEnd now returns Z_DATA_ERROR if it was premature +- deflate is finally (?) fully deterministic (no matches beyond end of input) +- Document Z_SYNC_FLUSH +- add uninstall in Makefile +- Check for __cpluplus in zlib.h +- Better test in ct_align for partial flush +- avoid harmless warnings for Borland C++ +- initialize hash_head in deflate.c +- avoid warning on fdopen (gzio.c) for HP cc -Aa +- include stdlib.h for STDC compilers +- include errno.h for Cray +- ignore error if ranlib doesn't exist +- call ranlib twice for NeXTSTEP +- use exec_prefix instead of prefix for libz.a +- renamed ct_* as _tr_* to avoid conflict with applications +- clear z->msg in inflateInit2 before any error return +- initialize opaque in example.c, gzio.c, deflate.c and inflate.c +- fixed typo in zconf.h (_GNUC__ => __GNUC__) +- check for WIN32 in zconf.h and zutil.c (avoid farmalloc in 32-bit mode) +- fix typo in Make_vms.com (f$trnlnm -> f$getsyi) +- in fcalloc, normalize pointer if size > 65520 bytes +- don't use special fcalloc for 32 bit Borland C++ +- use STDC instead of __GO32__ to avoid redeclaring exit, calloc, etc... +- use Z_BINARY instead of BINARY +- document that gzclose after gzdopen will close the file +- allow "a" as mode in gzopen. +- fix error checking in gzread +- allow skipping .gz extra-field on pipes +- added reference to Perl interface in README +- put the crc table in FAR data (I dislike more and more the medium model :) +- added get_crc_table +- added a dimension to all arrays (Borland C can't count). +- workaround Borland C bug in declaration of inflate_codes_new & inflate_fast +- guard against multiple inclusion of *.h (for precompiled header on Mac) +- Watcom C pretends to be Microsoft C small model even in 32 bit mode. +- don't use unsized arrays to avoid silly warnings by Visual C++: + warning C4746: 'inflate_mask' : unsized array treated as '__far' + (what's wrong with far data in far model?). +- define enum out of inflate_blocks_state to allow compilation with C++ + +Changes in 0.95 (16 Aug 95) +- fix MSDOS small and medium model (now easier to adapt to any compiler) +- inlined send_bits +- fix the final (:-) bug for deflate with flush (output was correct but + not completely flushed in rare occasions). +- default window size is same for compression and decompression + (it's now sufficient to set MAX_WBITS in zconf.h). +- voidp -> voidpf and voidnp -> voidp (for consistency with other + typedefs and because voidnp was not near in large model). + +Changes in 0.94 (13 Aug 95) +- support MSDOS medium model +- fix deflate with flush (could sometimes generate bad output) +- fix deflateReset (zlib header was incorrectly suppressed) +- added support for VMS +- allow a compression level in gzopen() +- gzflush now calls fflush +- For deflate with flush, flush even if no more input is provided. +- rename libgz.a as libz.a +- avoid complex expression in infcodes.c triggering Turbo C bug +- work around a problem with gcc on Alpha (in INSERT_STRING) +- don't use inline functions (problem with some gcc versions) +- allow renaming of Byte, uInt, etc... with #define. +- avoid warning about (unused) pointer before start of array in deflate.c +- avoid various warnings in gzio.c, example.c, infblock.c, adler32.c, zutil.c +- avoid reserved word 'new' in trees.c + +Changes in 0.93 (25 June 95) +- temporarily disable inline functions +- make deflate deterministic +- give enough lookahead for PARTIAL_FLUSH +- Set binary mode for stdin/stdout in minigzip.c for OS/2 +- don't even use signed char in inflate (not portable enough) +- fix inflate memory leak for segmented architectures + +Changes in 0.92 (3 May 95) +- don't assume that char is signed (problem on SGI) +- Clear bit buffer when starting a stored block +- no memcpy on Pyramid +- suppressed inftest.c +- optimized fill_window, put longest_match inline for gcc +- optimized inflate on stored blocks. +- untabify all sources to simplify patches + +Changes in 0.91 (2 May 95) +- Default MEM_LEVEL is 8 (not 9 for Unix) as documented in zlib.h +- Document the memory requirements in zconf.h +- added "make install" +- fix sync search logic in inflateSync +- deflate(Z_FULL_FLUSH) now works even if output buffer too short +- after inflateSync, don't scare people with just "lo world" +- added support for DJGPP + +Changes in 0.9 (1 May 95) +- don't assume that zalloc clears the allocated memory (the TurboC bug + was Mark's bug after all :) +- let again gzread copy uncompressed data unchanged (was working in 0.71) +- deflate(Z_FULL_FLUSH), inflateReset and inflateSync are now fully implemented +- added a test of inflateSync in example.c +- moved MAX_WBITS to zconf.h because users might want to change that. +- document explicitly that zalloc(64K) on MSDOS must return a normalized + pointer (zero offset) +- added Makefiles for Microsoft C, Turbo C, Borland C++ +- faster crc32() + +Changes in 0.8 (29 April 95) +- added fast inflate (inffast.c) +- deflate(Z_FINISH) now returns Z_STREAM_END when done. Warning: this + is incompatible with previous versions of zlib which returned Z_OK. +- work around a TurboC compiler bug (bad code for b << 0, see infutil.h) + (actually that was not a compiler bug, see 0.81 above) +- gzread no longer reads one extra byte in certain cases +- In gzio destroy(), don't reference a freed structure +- avoid many warnings for MSDOS +- avoid the ERROR symbol which is used by MS Windows + +Changes in 0.71 (14 April 95) +- Fixed more MSDOS compilation problems :( There is still a bug with + TurboC large model. + +Changes in 0.7 (14 April 95) +- Added full inflate support. +- Simplified the crc32() interface. The pre- and post-conditioning + (one's complement) is now done inside crc32(). WARNING: this is + incompatible with previous versions; see zlib.h for the new usage. + +Changes in 0.61 (12 April 95) +- workaround for a bug in TurboC. example and minigzip now work on MSDOS. + +Changes in 0.6 (11 April 95) +- added minigzip.c +- added gzdopen to reopen a file descriptor as gzFile +- added transparent reading of non-gziped files in gzread. +- fixed bug in gzread (don't read crc as data) +- fixed bug in destroy (gzio.c) (don't return Z_STREAM_END for gzclose). +- don't allocate big arrays in the stack (for MSDOS) +- fix some MSDOS compilation problems + +Changes in 0.5: +- do real compression in deflate.c. Z_PARTIAL_FLUSH is supported but + not yet Z_FULL_FLUSH. +- support decompression but only in a single step (forced Z_FINISH) +- added opaque object for zalloc and zfree. +- added deflateReset and inflateReset +- added a variable zlib_version for consistency checking. +- renamed the 'filter' parameter of deflateInit2 as 'strategy'. + Added Z_FILTERED and Z_HUFFMAN_ONLY constants. + +Changes in 0.4: +- avoid "zip" everywhere, use zlib instead of ziplib. +- suppress Z_BLOCK_FLUSH, interpret Z_PARTIAL_FLUSH as block flush + if compression method == 8. +- added adler32 and crc32 +- renamed deflateOptions as deflateInit2, call one or the other but not both +- added the method parameter for deflateInit2. +- added inflateInit2 +- simplied considerably deflateInit and inflateInit by not supporting + user-provided history buffer. This is supported only in deflateInit2 + and inflateInit2. + +Changes in 0.3: +- prefix all macro names with Z_ +- use Z_FINISH instead of deflateEnd to finish compression. +- added Z_HUFFMAN_ONLY +- added gzerror() -- cgit v1.2.3