1
2006-07-31 Werner Koch <wk@g10code.com>
3
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Search backwards for
4
the dot. Fixes bug 654.
6
* passphrase.c (agent_open): Use log_info instead of log_error to
7
allow a fallback without having gpg return an error code. Fixes
10
* encode.c (encode_crypt_files): Invalidate the whole fd cache.
11
This is a workaround for problems in iobuf's stupid fd cache.
12
* decrypt.c (decrypt_messages): Ditto.
13
* verify.c (verify_files): Ditto.
15
2006-07-26 Werner Koch <wk@g10code.com>
17
* keygen.c (gen_card_key_with_backup): Initialize sk_{un}protected.
19
* import.c (import): Initialize KEYBLOCK.
21
* pkclist.c (edit_ownertrust): Intialize trust to avoid gcc
24
* parse-packet.c (parse_comment): Cap comments at 65k.
25
(parse_gpg_control): Skip too large control packets.
27
2006-06-28 David Shaw <dshaw@jabberwocky.com>
29
* keydb.h, pkclist.c (select_algo_from_prefs, algo_available):
30
Pass a union for preference hints rather than doing void * games.
32
* sign.c (sign_file): Use it here.
34
* sign.c (sign_file): When signing with multiple DSA keys, one
35
being DSA1 and one being DSA2 and encrypting at the same time, if
36
the recipient preferences give a hash that can work with the DSA2
37
key, then allow the DSA1 key to be promoted rather than giving up
40
* pkclist.c (algo_available): Automatically enable DSA2 mode when
41
handling a key that clearly isn't DSA1 (i.e. q!=160).
43
2006-06-28 Werner Koch <wk@g10code.com>
45
* import.c (check_prefs_warning): Fix change for better
48
* app-openpgp.c (do_writekey): Fixed computation of memmove
49
length. This led to garbled keys if E was larger than one byte.
50
Thanks to Achim Pietig for hinting at the garbled E.
52
2006-06-27 Werner Koch <wk@g10code.com>
54
* gpg.c (reopen_std) [HAVE_W32_SYSTEM]: Do not use it.
56
2006-06-22 David Shaw <dshaw@jabberwocky.com>
58
* options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs,
59
keygen_add_std_prefs, proc_parameter_file): Add
60
--default-keyserver-url to specify a keyserver URL at key
61
generation time, and "Keyserver:" keyword for doing the same
64
* sign.c (do_sign): Accept a truncated hash even for DSA1 keys (be
65
liberal in what you accept, etc).
67
2006-06-12 David Shaw <dshaw@jabberwocky.com>
69
* import.c (import_one): Add a flag (from_sk) so we don't check
70
prefs on an autoconverted public key. The check should only
71
happen on the sk side. Noted by Dirk Traulsen.
73
2006-06-09 David Shaw <dshaw@jabberwocky.com>
75
* keygen.c (gen_card_key): Add optional argument to return a
76
pointer (not a copy) of the stub secret key for the secret key we
77
just generated on the card.
78
(generate_card_subkeypair): Use it here so that the signing key on
79
the card can use the card to generate the 0x19 backsig on the
80
primary key. Noted by Janko Heilgeist and Jonas Oberg.
82
* parse-packet.c (parse_user_id): Cap the user ID size at 2048
83
bytes. This prevents a memory allocation attack with a very large
84
user ID. A very large packet length could even cause the
85
allocation (a u32) to wrap around to a small number. Noted by
86
Evgeny Legerov on full-disclosure.
88
2006-05-25 David Shaw <dshaw@jabberwocky.com>
90
* keygen.c (gen_dsa): Allow generating DSA2 keys
91
(allow specifying sizes > 1024 when --enable-dsa2 is set). The
92
size of q is set automatically based on the key size.
93
(ask_keysize, generate_keypair): Ask for DSA size when
96
2006-05-24 David Shaw <dshaw@jabberwocky.com>
98
* exec.c (make_tempdir): Fix bug with a temporary directory on
99
Win32 that is over 256 bytes long. Noted by Israel G. Lugo.
101
2006-05-23 David Shaw <dshaw@jabberwocky.com>
103
* gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we
104
are called with them closed. This is to protect our
105
keyring/trustdb files from corruption if they get attached to one
106
of the standard fds. Print a warning if possible that this has
107
happened, and fail completely if we cannot reopen (should never
109
(main): Call it here.
111
2006-05-22 David Shaw <dshaw@jabberwocky.com>
113
* parse-packet.c (dump_sig_subpkt, parse_signature),
114
build-packet.c (build_sig_subpkt_from_sig), getkey.c
115
(fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey),
116
keygen.c (keygen_add_key_expire): Fix meaning of key expiration
117
and sig expiration subpackets - zero means "never expire"
118
according to 2440, not "expire instantly".
120
* getkey.c (get_pubkey_byname), import.c (import_one): Fix key
121
selection problem when auto-key-locate returns a list of keys, not
122
all of which are usable (revoked, expired, etc). Noted by Simon
125
2006-04-26 David Shaw <dshaw@jabberwocky.com>
127
* keyserver.c (direct_uri_map): New.
128
(keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx
129
helpers when the meaning is different if a path is provided
131
(keyserver_import_cert): Show warning if there is a CERT
132
fingerprint, but no --keyserver set.
134
2006-04-22 David Shaw <dshaw@jabberwocky.com>
136
* keyserver.c: Fix build problem with platforms that stick libcurl
137
in a place not in the regular include search path.
139
2006-04-20 David Shaw <dshaw@jabberwocky.com>
141
* options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2.
144
* pkclist.c (algo_available): If --enable-dsa2 is set, we're
145
allowed to truncate hashes to fit DSA keys.
147
* sign.c (match_dsa_hash): New. Return the best match hash for a
149
(do_sign, hash_for, sign_file): When signing with a DSA key, if it
150
has q==160, assume it is an old DSA key and don't allow truncation
151
unless --enable-dsa2 is also set. q!=160 always allows truncation
152
since they must be DSA2 keys.
153
(make_keysig_packet): If the user doesn't specify a
154
--cert-digest-algo, use match_dsa_hash to pick the best hash for
157
2006-04-19 David Shaw <dshaw@jabberwocky.com>
159
* gpg.c (print_mds), armor.c (armor_filter, parse_hash_header):
162
* sign.c (write_plaintext_packet), encode.c (encode_simple):
163
Factor common literal packet setup code from here, to...
165
* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure
166
the literal packet filename field is UTF-8 encoded.
168
* options.h, gpg.c (main): Make sure --set-filename is UTF-8
169
encoded and note when filenames are already UTF-8.
171
2006-04-18 David Shaw <dshaw@jabberwocky.com>
173
* keyedit.c (menu_backsign): Give some more verbose errors when we
174
have no need to backsign.
176
2006-04-11 David Shaw <dshaw@jabberwocky.com>
178
* options.skel, photoid.c (get_default_photo_command): Find an
179
image viewer at runtime. Seems FC5 doesn't have xloadimage.
181
2006-04-08 David Shaw <dshaw@jabberwocky.com>
183
* getkey.c (parse_auto_key_locate): Fix dupe-removal code.
185
* keyedit.c (menu_backsign): Allow backsigning even if the secret
186
subkey doesn't have a binding signature.
188
* armor.c (radix64_read): Don't report EOF when reading only a pad
189
(=) character. The EOF actually starts after the pad.
191
* gpg.c (main): Make --export, --send-keys, --recv-keys,
192
--refresh-keys, and --fetch-keys follow their arguments from left
193
to right. Suggested by Peter Palfrader.
195
2006-04-08 Werner Koch <wk@g10code.com>
197
* mainproc.c (list_node): Print ring trust value only if not empty
198
and --with-colons has been given.
200
2006-04-05 Werner Koch <wk@g10code.com>
202
* getkey.c (user_id_not_found_utf8): New.
203
(get_primary_uid, get_user_id): Use it. Fixes Debian bug #205028
1
206
2006-04-03 Werner Koch <wk@g10code.com>
3
208
* import.c (check_prefs_warning): Merged strings for better