« back to all changes in this revision
Viewing changes to g10/ChangeLog
- browse files at revision 20
- compare with another revision
- download diff
- download tarball
- view history from revision 20
- Committer: Package Import Robot
- Author(s): Sebastien Bacher
- Date: 2012-11-06 11:25:58 UTC
- mfrom: (1.1.16) (7.1.8 raring-proposed)
- Revision ID: package-import@ubuntu.com-20121106112558-lkpndvv4gqthgrn4
Tags: 2.0.19-1ubuntu1
* Resynchronize on Debian, remaining changes:
- Add udev rules to give gpg access to some smartcard readers;
Debian #543217.
. debian/gnupg2.dev: udev rules to set ACLs on SCM smartcard readers.
- Add udev rules to give gpg access to some smartcard readers;
Debian #543217.
. debian/gnupg2.dev: udev rules to set ACLs on SCM smartcard readers.
- files added:
- ChangeLog-2011
- files removed:
- .pc/gnupg2-fix-libgcrypt.diff
- .pc/gnupg2-fix-libgcrypt.diff/g10
- .pc/long-keyids.diff
- .pc/long-keyids.diff/keyserver
- files modified:
- .pc/01-gnupg2-rename.diff/configure.ac
added
removed
g10/ChangeLog
1
2011-01-10 Werner Koch <wk@g10code.com>
2
3
* keygen.c (ask_user_id): Fix duplicate test for AMAIL by correct
4
ANAME. See bug#1307. Reported by Steve Grubb.
5
6
* import.c (import_keys_internal): Make loop code a bit more
7
readable. See bug#1307. Reported by Steve Grubb.
8
9
* sign.c (sign_file): Fix TEMP_HASHLEN computation. See bug#1307.
10
Reported by Steve Grubb.
11
12
2010-10-29 David Shaw <dshaw@jabberwocky.com>
13
14
* pkclist.c (select_algo_from_prefs): Make sure the scores can't
15
overflow when picking an algorithm (not a security issue since we
16
can't pick something not present in all preference lists, but we
17
might pick something that isn't scored first choice).
18
19
* pkclist.c (select_algo_from_prefs): Slightly improve the
20
handling of MD5 in preference lists. Instead of replacing MD5
21
with SHA-1, just remove MD5 from the list altogether, and let the
22
next-highest ranked algorithm be chosen.
23
24
2010-09-29 Werner Koch <wk@g10code.com>
25
26
* keygen.c (key_from_sexp): Fix memory leak in the error case.
27
28
* call-agent.c (agent_scd_pksign): Add missing space.
29
30
2010-09-28 David Shaw <dshaw@jabberwocky.com> (wk)
31
32
* options.skel: Make the example for force-v3-sigs match
33
reality (it has defaulted to off since 2007-10-25).
34
35
2010-09-28 Werner Koch <wk@g10code.com>
36
37
* keyedit.c (show_key_with_all_names): Make revocation hint
38
more clear. Fixes bug#1234.
39
40
* call-agent.c (hash_algo_option): New.
41
(agent_scd_pksign): Use it.
42
43
2010-07-20 Werner Koch <wk@g10code.com>
44
45
* mainproc.c (print_pkenc_list): Print a STATUS_ERROR. Fixes
46
bug#1255.
47
48
2010-06-18 Werner Koch <wk@g10code.com>
49
50
* parse-packet.c (skip_packet, parse_gpg_control): Take care of
51
premature EOFs. Backport from trunk.
52
53
2010-06-17 Werner Koch <wk@g10code.com>
54
55
* gpg.c (main): Use CAST5 as default s2k algo. The macro
56
USE_CAST5 was only used with GnuPG 1.x.
57
58
2010-05-12 Werner Koch <wk@g10code.com>
59
60
* armor.c (radix64_read): Change fix 2006-04-28 to fix bug#1179.
61
62
* plaintext.c (handle_plaintext): Check return code of fflush.
63
Fixes bug#1207.
64
65
2010-05-07 Werner Koch <wk@g10code.com>
66
67
* import.c (chk_self_sigs): Check direct key signatures. Fixes
68
bug#1223.
69
(fix_bad_direct_key_sigs): New.
70
(import_one): Use it here.
71
72
* import.c (chk_self_sigs): Re-indent and slighly re-arrange code.
73
Use test macros for the sig class.
74
75
2010-03-12 Werner Koch <wk@g10code.com>
76
77
* plaintext.c (setup_plaintext_name): Do not encode pipe like
78
filenames. This helps with bug#1201.
79
80
* seckey-cert.c (do_check): Return GPG_ERR_CANCELED.
81
* keyedit.c (change_passphrase): Add arg R_ERR.
82
(keyedit_passwd): Return the correct error or emit a success
83
status message.
84
85
2010-02-25 Werner Koch <wk@g10code.com>
86
87
* sign.c (hash_for): Force SHA1 only for v1 OpenPGP cards. Fixes
88
bug#1194.
89
90
2010-02-17 Werner Koch <wk@g10code.com>
91
92
* keygen.c (ask_user_id): Avoid infinite loop in case of invalid
93
data. Fixes bug#1186.
94
95
2010-02-11 Marcus Brinkmann <marcus@g10code.de>
96
97
From trunk 2009-09-23, 2009-11-02, 2009-11-25:
98
99
* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
100
GPG_ERR_SOURCE_DEFAULT check.
101
(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
102
(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
103
(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
104
int.
105
* gpg.c: Include "scdaemon.h" before <assuan.h> because of
106
GPG_ERR_SOURCE_DEFAULT check.
107
(main): Update to new Assuan API.
108
* server.c: Include "scdaemon.h" before <assuan.h> because of
109
GPG_ERR_SOURCE_DEFAULT check.
110
(reset_notify, input_notify, output_notify): Update to
111
new assuan interface.
112
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
113
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
114
(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
115
(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
116
instead of int.
117
(register_commands): Allocate assuan context before starting
118
server. Use assuan_handler_t. Add NULL arg to
119
assuan_register_command.
120
(gpg_server): Allocate assuan_context before starting server.
121
Use assuan_fd_t and assuan_fdopen on fds.
122
123
2010-02-02 Werner Koch <wk@g10code.com>
124
125
* card-util.c (card_edit): Change prompt to "gpg/card".
126
* keyedit.c (keyedit_menu): Change prompt to "gpg".
127
128
2010-01-11 Werner Koch <wk@g10code.com>
129
130
* gpg.c: Add option --passwd.
131
(aPasswd): New.
132
(main): Implement.
133
* keyedit.c (keyedit_passwd): New.
134
135
* gpg.c (oPasswd, oPasswdFD, oPasswdFile, oPasswdRepeat): Change
136
to oPassphrase, oPassphraseFD, oPassphraseFile, oPassphraseRepeat.
137
* options.h (struct): s/passwd_repeat/passphrase_repeat/.
138
* gpg.c (main): Ditto.
139
* passphrase.c (passphrase_to_dek_ext): Ditto.
140
141
2009-12-21 Werner Koch <wk@g10code.com>
142
143
* gpg.c (main): Add dummy options --skip-hidden-recipients and no
144
variant.
145
146
* call-agent.c (agent_get_s2k_count): New.
147
* gpg.c (main): Set s2k_count to 0.
148
* (encode_s2k_iterations): Move ...
149
* passphrase.c (encode_s2k_iterations): ... here. Call
150
agent_get_s2k_count if called with a 0 arg.
151
(passphrase_to_dek_ext): Set S2K_COUNT via encode_s2k_iterations.
152
153
2009-12-17 Werner Koch <wk@g10code.com>
154
155
* sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag.
156
Fixes bug#1059.
157
158
2009-12-15 Werner Koch <wk@g10code.com>
159
160
* tdbio.c (tdbio_set_dbname): Do not call log_fatal after creating
161
the directory. Fixes bug#1169. Reported by Daniel Leidert.
162
163
2009-12-04 Werner Koch <wk@g10code.com>
164
165
* keygen.c (DEFAULT_STD_ALGO, DEFAULT_STD_KEYSIZE): New.
166
(ask_keysize): Use new macro.
167
(gen_rsa): Set default size if NBITS is 0.
168
(get_parameter_algo): Add algo name "default". Add arg R_DEFAULT.
169
(proc_parameter_file): Process default flag.
170
171
2009-12-03 Werner Koch <wk@g10code.com>
172
173
* gpg.c (set_debug): Allow for numerical debug levels. Print
174
active debug flags.
175
176
* gpg.c (gpgconf_list): Add key "default_pubkey_algo".
177
178
2009-09-28 Werner Koch <wk@g10code.com>
179
180
* trustdb.c (get_validity_info): Take care of a NULL PK. Fixes
181
bug#1138.
182
(get_validity_string): Ditto.
183
184
2009-09-25 Werner Koch <wk@g10code.com>
185
186
* pkglue.c (pk_sign, pk_verify, pk_encrypt, pk_decrypt)
187
(pk_check_secret_key): Allow deprecated RSA identifiers 2 and 3.
188
Fixes bug#1139.
189
190
2009-09-04 Werner Koch <wk@g10code.com>
191
192
* keyedit.c (menu_select_uid): Use IDX ==-1 t select all.
193
(menu_select_key): Ditto.
194
(keyedit_menu) <cmdSELKEY, cmdSELUID>: Allow '*' to select all.
195
196
2009-09-03 Werner Koch <wk@g10code.com>
197
198
* keyedit.c (menu_adduid): Pass keyblock to generate_user_id.
199
* keygen.c (generate_user_id): Add arg KEYBLOCK. Factor code out
200
to ...
201
(uid_from_string): ... new.
202
(ask_user_id): Add arg KEYBLOCK and check for duplicates. Fix
203
bug#1122.
204
205
* Makefile.am (uninstall-local): New.
206
207
* compress-bz2.c (do_uncompress): Detect unexpected EOF. Fix
208
bug#1011.
209
210
2009-08-26 Werner Koch <wk@g10code.com>
211
212
* keyedit.c (menu_revsig): Check for signature right away. Fix
213
Debian-bug#543530.
214
215
2009-08-20 Daiki Ueno <ueno@unixuser.org>
216
217
* mainproc.c (proc_encrypted): Clear passphrase cached with S2K
218
cache ID if decryption failed.
219
* passphrase.c (passphrase_to_dek_ext): Set dek->s2k_cacheid.
220
* gpgv.c (passphrase_clear_cache): New stub.
221
222
2009-08-11 Werner Koch <wk@g10code.com>
223
224
* call-agent.c (get_serialno_cb): New. From ../agent/call-scd.c.
225
(gpg_agent_get_confirmation): New.
226
(select_openpgp): New.
227
(agent_scd_pkdecrypt, agent_scd_pksign): Use it here.
228
229
2009-08-06 Werner Koch <wk@g10code.com>
230
231
* skclist.c (build_sk_list): Print INV_SGNR status line.
232
* seckey-cert.c (do_check): Return G10ERR_UNU_SECKEY instead of
233
general error.
234
235
2009-08-05 Werner Koch <wk@g10code.com>
236
237
* card-util.c: Enable readline support also in GnuPG-2.
238
239
* call-agent.c (agent_learn): Always select the card first.
240
241
* gpg.c: Add --key-edit alias.
242
243
* call-agent.c (scd_genkey_cb): Forward progress status lines.
244
245
* card-util.c (generate_card_keys): Remove special case for
246
GnuPG-2. Ask for the keysize and change it.
247
(card_generate_subkey): Ask for the keysize and change it.
248
(get_info_for_key_operation): Read KEY-ATTR.
249
(show_keysize_warning, ask_card_keysize): New.
250
(do_change_keysize): New.
251
252
2009-07-31 David Shaw <dshaw@jabberwocky.com>
253
254
* gpg.c (main): --pgp6 includes --disable-mdc.
255
256
2009-07-23 David Shaw <dshaw@jabberwocky.com>
257
258
* keyserver.c (keyserver_import_ldap): Try a DNS-SD lookup to find
259
a domain-specific LDAP server before resorting to keys.{domain}.
260
261
2009-07-22 Werner Koch <wk@g10code.com>
262
263
* card-util.c (generate_card_keys): Ask for off-card keys only if
264
the card supports it.
265
(get_info_for_key_operation): Read EXTCAP.
266
(card_store_subkey): Check for non matching sizes.
267
268
* call-agent.h (struct agent_card_info_s): Add field EXTCAP.
269
* call-agent.c (agent_learn): Use a direct SCD command.
270
(did_early_card_test): New.
271
(start_agent): Perform an early test for the card. Add arg FOR_CARD.
272
(status_sc_op_failure): New.
273
(agent_scd_setattr, agent_scd_writekey, agent_scd_genkey)
274
(agent_scd_pksign, agent_scd_pkdecrypt, agent_scd_change_pin)
275
(agent_scd_checkpin): Call new function.
276
(learn_status_cb): Parse KEY_TIME and EXTCAP.
277
278
* gpg.c (main) <aFixTrustDB>: Show commands to run.
279
* trustdb.c (how_to_fix_the_trustdb): New.
280
* tdbio.c (tdbio_invalid): Show commands to re-create the trustdb.
281
Fixes bug#929.
282
283
2009-07-20 Werner Koch <wk@g10code.com>
284
285
* keygen.c (generate_keypair): Allow Elgamal > 3072 in BOTH mode.
286
Reported by Jeroen Schot. Fixes bug#1091.
287
288
2009-07-17 Werner Koch <wk@g10code.com>
289
290
* keyring.c (keyring_rebuild_cache): Replace the assert by a
291
proper error message and allow to delete a bad keyblock.
292
293
2009-07-13 Werner Koch <wk@g10code.com>
294
295
* exec.c: Fix function name indentation.
296
(expand_args): Simplify by using membuf functions.
297
(exec_write): Fix memory leak on error.
298
(w32_system): Use DETACHED_PROCESS so that a new console is not
299
created.
300
301
2009-07-09 Werner Koch <wk@g10code.com>
302
303
* card-util.c (card_store_subkey): Do not restrict to 1024 bit keys.
304
Print an error message on write errors.
305
306
* gpg.c (main): Remove the SHA-1 default from the personal digest
307
list. This was used in the past as a hack to avoid preferring
308
RMD-160.
309
310
* keygen.c (keygen_set_std_prefs): Remove RMD-160 from the list.
311
Change order to SHA-256, SHA-1, SHA-384, SHA-512, SHA-224.
312
(gen_dsa): Use a 256 bit Q for 2048 bit P. Round to FIPS allowed
313
values in non-expert mode.
314
315
2009-07-07 Werner Koch <wk@g10code.com>
316
317
* gpg.c (set_opt_session_env): New.
318
(main): Allocate opt.session_env. Use it for oDisplay, oTTYname,
319
oTTYtype and oXauthority.
320
321
* options.h: Include session_env.h.
322
(opt): Add field SESSION_ENV, remove obsolete fields.
323
324
* call-agent.c (start_agent): Adjust start_new_gpg_agent for
325
changed args.
326
327
2009-06-24 Werner Koch <wk@g10code.com>
328
329
* keyedit.c (menu_select_key): Remove dead assign to I.
330
(menu_select_uid): Ditto.
331
* keyring.c (keyring_search): Remove dead assign to NAME.
332
* card-util.c (card_edit): Remove useless DID_CHECKPIN.
333
* call-agent.c (unhexify_fpr): Remove dead op on N.
334
* passphrase.c (passphrase_to_dek_ext): Do not deref a NULL PW.
335
* revoke.c (gen_revoke): Remove unused malloc of PK.
336
* parse-packet.c (mpi_read): Init NREAD.
337
Reported by Fabian Keil.
338
339
2009-06-17 Werner Koch <wk@g10code.com>
340
341
* parse-packet.c (parse): Use a casted -1 instead of a 32 bit
342
constant to check for a garbled package. Fixes bug#1040.
343
344
* card-util.c (put_data_to_file, read_cert): New.
345
(card_edit): Add command "readcert".
346
(fetch_url): Allow code also for this gnupg major version 2.
347
* call-agent.c (agent_scd_readcert): New.
348
349
2009-06-15 Werner Koch <wk@g10code.com>
350
351
* keyserver.c (keyserver_search_prompt): No prompt in batch+colons
352
mode.
353
354
2009-06-09 Werner Koch <wk@g10code.com>
355
356
* card-util.c (write_sc_op_status): New.
357
(change_pin): Use it.
358
(change_url, change_login, change_private_do, change_cert)
359
(change_lang, change_sex, change_cafpr, toggle_forcesig)
360
(check_pin_for_key_operation): Ditto.
361
362
2009-06-05 David Shaw <dshaw@jabberwocky.com>
363
364
* gpg.c (main), misc.c (openpgp_cipher_test_algo): Remove Camellia
365
restriction.
366
367
* misc.c (map_cipher_openpgp_to_gcry), main.h: Add macros for
368
openpgp_cipher_open, openpgp_cipher_get_algo_keylen, and
369
openpgp_cipher_get_algo_blklen to wrap around the corresponding
370
gcry_* functions, but pass the algorithm number through
371
map_cipher_openpgp_to_gcry. This is needed in case the gcry
372
algorithm number doesn't match the OpenPGP number (c.f. Camellia).
373
374
* encr-data.c, pubkey-enc.c, mainproc.c, cipher.c, encode.c,
375
seskey.c, passphrase.c, seckey-cert.c: Use new openpgp_cipher_*
376
macros here.
377
378
2009-06-02 Werner Koch <wk@g10code.com>
379
380
* card-util.c (get_manufacturer): Add new manufacturer.
381
382
2009-05-26 Werner Koch <wk@g10code.com>
383
384
* parse-packet.c (mpi_read): Workaround for zero-length MPI bug in
385
libgcrypt<1.5.0.
386
387
2009-05-22 Werner Koch <wk@g10code.com>
388
389
* signal.c (got_fatal_signal): Call new function
390
tty_cleanup_after_signal.
391
392
2009-05-20 Werner Koch <wk@g10code.com>
393
394
* gpg.c (main): Fix --fingerprint/--with-fingerprint command
395
detection. Fixes bug#1044.
396
397
* keygen.c (ask_keysize): Allow selection of DSA key size even
398
without --enable-dsa2.
399
(gen_dsa): Remove size check.
400
401
* keygen.c (ask_key_flags): Fix bug in the translation check.
402
Fixes bug#1056.
403
404
2009-05-18 Daiki Ueno <ueno@unixuser.org> (wk)
405
406
* encode.c (encode_simple): Tell passphrase_to_dek to cache
407
the passphrase.
408
(setup_symkey): Ditto.
409
* mainproc.c (proc_symkey_enc): Tell passphrase_to_dek to cache
410
the passphrase.
411
(proc_encrypted): Ditto.
412
* passphrase.c (hash_passphrase): Remove arg CREATE.
413
(passphrase_to_dek): New mode 3 and 4 for caching passphrase for
414
symmetric encryption.
415
416
2009-05-17 Werner Koch <wk@g10code.com>
417
418
* keygen.c (ask_algo): Add arg R_SUBKEY_ALGO. Change return value
419
semantics. Change presented order of algorithms. Make RSA+RSA
420
the default.
421
(generate_keypair): Adjust for change.
422
(ask_keysize): Add arg PRIMARY_KEYSIZE for subkey creation.
423
Change callers.
424
425
2009-05-15 Werner Koch <wk@g10code.com>
426
427
* keygen.c (gen_card_key_with_backup): Get the size of the key
428
from the card.
429
* call-agent.h (struct agent_card_info_s): Add field KEY_ATTR.
430
* call-agent.c (learn_status_cb): Support KEY-ATTR.
431
* card-util.c (card_status): Print key attributes.
432
433
2009-05-15 Marcus Brinkmann <marcus@g10code.de>
434
435
* gpg.c (gpgconf_list): Remove dead entry "allow-pka-lookup" (a
436
verify option for a couple of years now).
437
438
2009-05-14 Werner Koch <wk@g10code.com>
439
440
* call-agent.c (agent_get_passphrase): Add arg CHECK.
441
* passphrase.c (passphrase_get): Pass new arg.
442
443
* keygen.c (gen_card_key_with_backup): Print a status error.
444
(do_generate_keypair): Ditto.
445
(do_ask_passphrase): Add arg MODE.
446
(generate_raw_key): Call with mode 1.
447
* passphrase.c (ask_passphrase): Remove becuase it is not used.
448
(passphrase_to_dek): Factor code out to ...
449
(passphrase_to_dek_ext): .. New. Add args CUSTDESC and CUSTPROMPT.
450
451
2009-05-13 Werner Koch <wk@g10code.com>
452
453
* keygen.c (parse_expire_string): Base ISO date string at noon.
454
Also allow full ISO timestamp.
455
456
2009-05-11 Werner Koch <wk@g10code.com>
457
458
* parse-packet.c (parse_key): Print the key id in list mode.
459
460
* skclist.c (build_sk_list): Use log_info for "duplicated entry".
461
Fixes bug#1045.
462
463
* encode.c (encode_simple): Print empty file warning only in
464
verbose mode. Closes bug#1039.
465
(encode_crypt): Ditto.
466
* sign.c (write_plaintext_packet): Ditto.
467
468
2009-05-10 David Shaw <dshaw@jabberwocky.com>
469
470
* keyserver.c (keyserver_typemap): gpgkeys_hkp handles hkps as
471
well. From 1.4.
472
473
2009-05-06 Werner Koch <wk@g10code.com>
474
475
* getkey.c (finish_lookup): Remove dead code.
476
477
* keyring.c (keyring_get_keyblock): Fix memory leak due to ring
478
trust packets. Fixes bug#1034.
479
480
2009-04-03 Werner Koch <wk@g10code.com>
481
482
* gpgv.c (main): Open keyrings readonly.
483
* keydb.c (keydb_add_resource): Add readonly flag bit.
484
(keydb_rebuild_caches): Don't act on readonly resources.
485
486
* keyring.c (keyring_register_filename): Add arg READONLY.
487
(struct keyring_name): Add field READONLY.
488
(keyring_is_writable): Implement readonly feature.
489
(keyring_update_keyblock): Return GPG_ERR_EACCES for readonly
490
keyrings.
491
(keyring_insert_keyblock, keyring_delete_keyblock):
492
493
2009-04-01 Werner Koch <wk@g10code.com>
494
495
* gpg.c (main): Properly handle UTF8 usernames with --sign-key and
496
--lsign-key. From 1.4, David 2008-12-21.
497
498
2009-03-20 David Shaw <dshaw@jabberwocky.com> (wk)
499
500
* keyring.c (rename_tmp_file): Force a fsync (via iobuf_ioctl) on
501
secret keyring files to be extra safe on filesystems that may not
502
sync data and metadata together (ext4). Also check return code
503
from the cache invalidation to make sure we're safe over NFS and
504
similar.
505
506
2009-03-31 Werner Koch <wk@g10code.com>
507
508
* passphrase.c (ask_passphrase): Use percent_plus_unescape.
509
* misc.c (unescape_percent_string): Remove.
510
511
* call-agent.c (unescape_status_string): Chnage to use
512
percent_plus_unescape.
513
514
2009-03-25 Werner Koch <wk@g10code.com>
515
516
* mainproc.c (print_pkenc_list): Use snprintf.
517
518
2009-03-17 Werner Koch <wk@g10code.com>
519
520
* call-agent.c (my_percent_plus_escape): Remove.
521
(agent_get_passphrase): Rewrite using percent_plus_escape.
522
523
2009-03-17 Daiki Ueno <ueno@unixuser.org>
524
525
* passphrase.c (passphrase_get): Add extra arg REPEAT and adjust
526
callers; remove special treatment for MODE==2.
527
(passphrase_to_dek): Move --passphrase-repeat handling to
528
gpg-agent.
529
530
* call-agent.c (agent_get_passphrase): Add extra arg REPEAT.
531
* call-agent.h: Ditto.
532
533
2009-03-16 Werner Koch <wk@g10code.com>
534
535
* gpg.c (my_strusage): Revert last change. Systems w/o a gpg1 may,
536
and actually do, install gpg2 as gpg.
537
* gpgv.c (my_strusage): Ditto.
538
539
2009-03-14 David Shaw <dshaw@jabberwocky.com>
540
541
* gpg.c (my_strusage): gpg2 and gpgv2 (not gpg and gpgv).
542
* gpgv.c (my_strusage): Same.
543
544
* gpgv.c (my_strusage): Fix name of program in "Syntax" line.
545
546
2009-02-27 Werner Koch <wk@g10code.com>
547
548
* call-agent.c (agent_scd_pksign, agent_scd_pkdecrypt): First send
549
the SERIALNO command.
550
551
2009-02-24 Werner Koch <wk@g10code.com>
552
553
* pkglue.c (pk_verify): Return an error for improper DATA instead
554
of calling BUG().
555
556
2009-02-09 Werner Koch <wk@g10code.com>
557
558
* keylist.c (print_capabilities): Take care of cert-only keys.
559
Fixes bug#998.
560
* keyedit.c (show_key_with_all_names_colon): Print the capabilities.
561
562
2009-01-26 Werner Koch <wk@g10code.com>
563
564
* card-util.c (card_status): Detect a Geldkarte.
565
566
2009-01-13 Werner Koch <wk@g10code.com>
567
568
* call-agent.c (dummy_data_cb): New.
569
(agent_learn): Use it.
570
* card-util.c (card_status): Print type of non-OpenPGP card.
571
* call-agent.h (agent_card_info_s): Add field APPTYPE.
572
573
2009-01-12 Werner Koch <wk@g10code.com>
574
575
* getkey.c (finish_lookup): Take care of keys with a zero
576
timestamp. Reported by Peter Gutmann.
577
578
2009-01-08 Werner Koch <wk@g10code.com>
579
580
* misc.c (has_invalid_email_chars): Let non-ascii pass through.
581
582
* cpr.c [USE_SHM_COPROCESSING]: Remove this code.
583
584
2008-12-12 Werner Koch <wk@g10code.com>
585
586
* passphrase.c (passphrase_get): Write a STATUS_ERROR.
587
* cpr.c (write_status_error): New.
588
589
* Makefile.am (common_source): Add rmd160.h.
590
591
2008-12-11 Werner Koch <wk@g10code.com>
592
593
* sig-check.c (signature_check2): Change algorithm used to compute
594
the SIG_ID.
595
(check_revocation_keys): Close message digest.
596
597
* rmd160.c, rmd160.h: New. Based on code from GnuPG-1.4.
598
* t-rmd160.c: New.
599
* Makefile.am: Add support to run tests.
600
* keyid.c (namehash_from_uid): Use rmd160_hash_buffer.
601
602
2008-12-10 Werner Koch <wk@g10code.com>
603
604
* trustdb.h (NAMEHASH_HASH): Remove unsued constant.
605
606
* gpg.c (print_mds): Print RMD160 only is enabled.
607
608
* keygen.c (keygen_set_std_prefs): Include RMD160 only if
609
available.
610
611
2008-12-09 Werner Koch <wk@g10code.com>
612
613
* gpg.c (main) [IS_DEVELOPMENT_VERSION]: Fix strusage use.
614
615
2008-12-09 Werner Koch <wk@g10code.com>
616
617
* keygen.c (proc_parameter_file): Check that key and subkey usages
618
are allowed.
619
620
2008-12-09 David Shaw <dshaw@jabberwocky.com> (wk)
621
622
* trustdb.c (validate_one_keyblock): Fix the trust signature
623
calculations so that we lower the trust depth of signatures to fit
624
within the current chain, rather than discarding any signature
625
that does not fit within the trust depth.
626
627
2008-12-09 Werner Koch <wk@g10code.com>
628
629
* keyserver.c (show_prompt): Flush stdout.
630
631
* gpg.c (open_info_file): Add arg BINARY and adjust callers.
632
633
* gpg.c (main): Call i18n_init before init_common_subsystems.
634
* gpgv.c (main): Ditto.
635
636
* keylist.c (set_attrib_fd): Do not close ATTRIB_FP if it is the
637
log stream.
638
(set_attrib_fd) [W32]: Set to binary mode.
639
(dump_attribs): Flush the stream after writing.
640
641
2008-12-05 Werner Koch <wk@g10code.com>
642
643
* call-agent.c (percent_plus_escape): Rename to
644
my_percent_plus_escape and also escape the percent character.
645
Change all callers.
646
647
2008-11-18 Werner Koch <wk@g10code.com>
648
649
* gpg.c (build_lib_list): Remove.
650
(make_libversion): New.
651
(my_strusage): Use it.
652
* gpgv.c (make_libversion): New.
653
(my_strusage): Print libgcrypt version.
654
655
2008-11-13 Werner Koch <wk@g10code.com>
656
657
* gpgv.c: Use new ARGPARSE macros and re-indent.
658
659
2008-11-11 Werner Koch <wk@g10code.com>
660
661
* gpg.c (opts): Use new ARGPARSE macros for clarity.
662
663
2008-10-24 Werner Koch <wk@g10code.com>
664
665
* keyedit.c (change_passphrase): Clear passphrase cache.
666
667
2008-10-20 Werner Koch <wk@g10code.com>
668
669
* gpgv.c: Mark all args of the stub fucntions as unused.
670
671
* card-util.c (generate_card_keys): Remove unused arg SERIALNO and
672
adjust caller.
673
674
* build-packet.c (write_sign_packet_header): Mark unused arg.
675
* gpg.c (gpg_init_default_ctrl, gpg_deinit_default_ctrl): Ditto.
676
* getkey.c (skip_unusable): Ditto.
677
(write_version): Ditto.
678
* keydb.c (keydb_locate_writable): Ditto.
679
* keyring.c (update_offset_hash_table): Ditto.
680
(keyring_lock): Ditto.
681
* misc.c (register_secured_file): Ditto.
682
(unregister_secured_file): Ditto.
683
(is_secured_file): Ditto.
684
(is_secured_filename): Ditto.
685
* parse-packet.c (parse_marker): Ditto.
686
(parse_key, parse_attribute): Ditto.
687
(parse_trust, parse_compressed, parse_mdc, parse_gpg_control): Ditto.
688
* cpr.c (progress_cb): Ditto.
689
* passphrase.c (passphrase_clear_cache): Ditto.
690
(ask_passphrase): Ditto.
691
* keyedit.c (keyedit_completion): Ditto.
692
* import.c (import_revoke_cert): Ditto.
693
(chk_self_sigs, delete_inv_parts, append_uid): Ditto.
694
(merge_sigs, merge_keysigs, append_key): Ditto.
695
* trustdb.c (list_trust_path): Ditto.
696
(enum_cert_paths, enum_cert_paths_print): Ditto.
697
* tdbdump.c (list_trustdb): Ditto.
698
* keygen.c (keygen_upd_std_prefs): Ditto.
699
(genhelp_factors): Ditto.
700
* call-agent.c (agent_scd_setattr): Ditto.
701
(agent_scd_writekey, agent_scd_change_pin, agent_scd_genkey): Ditto.
702
(agent_clear_pin_cache): Ditto.
703
704
* server.c (option_handler): Mark non yet used arg.
705
(input_notify, output_notify): Ditto.
706
(cmd_recipient, cmd_signer, cmd_encrypt, cmd_decrypt, cmd_verify)
707
(cmd_sign, cmd_import, cmd_export, cmd_delkeys, do_listkeys)
708
(cmd_genkey): Ditto.
709
* verify.c (gpg_verify): Ditto.
710
711
2008-10-17 Werner Koch <wk@g10code.com>
712
713
* main.h (idea_cipher_warn): Use do while construct in place of an
714
empty definition.
715
716
2008-10-03 David Shaw <dshaw@jabberwocky.com>
717
718
* main.h, mainproc.c (check_sig_and_print)
719
* keylist.c (list_keyblock_print)
720
* pkclist.c (do_edit_ownertrust)
721
* keyedit.c (menu_showphoto)
722
* photoid.c (generate_photo_id, show_photos)
723
* misc.c (pct_expando): Add %v and %V expandos so
724
that displaying photo IDs can show the attribute validity
725
tag (%v) and string (%V). Originally by Daniel Gillmor.
726
727
2008-09-29 Werner Koch <wk@g10code.com>
728
729
* gpg.c (main): Remove -sat kludge. Note that we printed a
730
warning for two years.
731
732
* seskey.c (encode_md_value): Remove extra gcry_md_test_algo since
733
it is not needed with Libgcrypt 1.4.
734
* skclist.c (random_is_faked): Simplify.
735
* sign.c (match_dsa_hash): Remove runtime check for SHA224.
736
* gpg.c (print_mds): Use GCRY_MD_SHA224 constant.
737
738
2008-09-25 David Shaw <dshaw@jabberwocky.com>
739
740
* keyedit.c (keyedit_menu): Fix bug where a modified keyring loses
741
its modified status after a "clean" or "minimize" that doesn't
742
need to do anything.
743
744
2008-09-25 Werner Koch <wk@g10code.com>
745
746
* parse-packet.c (parse): Remove special treatment for compressed
747
new style packets. Fixes bug#931.
748
749
* card-util.c (change_pin): Support setting of the reset code.
750
751
2008-09-24 Werner Koch <wk@g10code.com>
752
753
* call-agent.h (struct agent_card_info_s): Add field IS_V2.
754
* call-agent.c (learn_status_cb): That that field.
755
756
* card-util.c (change_pin): Rename first arg to UNBLOCK_v2 and use
757
it this way.
758
(card_edit): Add new command UNBLOCK.
759
760
2008-09-23 David Shaw <dshaw@jabberwocky.com>
761
762
* pkclist.c (select_algo_from_prefs): Redo function to rank prefs
763
and pick a consensus winner across all keys.
764
765
2008-09-16 Werner Koch <wk@g10code.com>
766
767
* card-util.c (fpr_is_ff): New.
768
(card_status): Do not print general key info for an all-ff fpr.
769
(change_login, change_private_do): Factor common code out to ...
770
(get_data_from_file): .. new.
771
(change_cert): New.
772
(card_edit): Add command "writecert".
773
* call-agent.c (writecert_parm_s): New.
774
(inq_writecert_parms, agent_scd_writecert): New.
775
776
2008-09-04 David Shaw <dshaw@jabberwocky.com>
777
778
* keyserver.c (keyserver_import_cert): Allow keyserver URLs in
779
addition to full URLs in CERT records.
780
781
2008-08-11 Werner Koch <wk@g10code.com>
782
783
* keygen.c (ask_expire_interval): Check for time overflow of an
784
u32. Fixes bug #947.
785
786
2008-08-01 Werner Koch <wk@g10code.com>
787
788
* tdbio.c (open_db) [!EROFS]: Move closing parens out of the
789
ifdef. Reported by Ken Takusagawa.
790
791
2008-06-25 Marcus Brinkmann <marcus@g10code.de>
792
793
* gpg.c (enum cmd_and_opt_values): Remove option
794
oEnableW32HandleTranslation.
795
(opts): Remove option --enable-w32-handle-translation.
796
(main): Remove variable w32_handle_translation.
797
798
2008-06-19 Werner Koch <wk@g10code.com>
799
800
* gpg.c (gpgconf_list): Add "group".
801
802
2008-06-18 Marcus Brinkmann <marcus@g10code.de>
803
804
* gpg.c (enum cmd_and_opt_values): New option
805
oEnableW32HandleTranslation.
806
(opts): New option --enable-w32-handle-translation.
807
(main): New variable w32_handle_translation to keep track of
808
option.
809
810
2008-06-16 Werner Koch <wk@g10code.com>
811
812
* keygen.c (output_control_s): Add ASK_PASSPHRASE.
813
(read_parameter_file): Add commands %ask-passphrase and
814
%no-ask-passphrase.
815
816
2008-06-11 Werner Koch <wk@g10code.com>
817
818
* gpg.c: Make --fixed-list-mode a dummy.
819
* options.h (struct): Removed FIXED_LIST_MODE.
820
* keyid.c (colon_strtime, colon_datestr_from_pk)
821
(colon_datestr_from_sk, colon_datestr_from_sig)
822
(colon_expirestr_from_sig): Remove fixed_list_mode case.
823
* keylist.c (list_keyblock_colon): Ditto. Remove all now unsed
824
code and reindent.
825
826
2008-05-31 Werner Koch <wk@g10code.com>
827
828
* keygen.c (ask_user_id): Change the string printed as header of
829
the user ID generation. Use code to not break existing
830
translations. Suggested by Eric Tetz.
831
832
2008-05-08 Werner Koch <wk@g10code.com>
833
834
* sig-check.c (do_check_messages): Print a revocation diagnostic
835
in verbose mode.
836
837
2008-05-07 Werner Koch <wk@g10code.com>
838
839
* gpg.c: New command --locate-keys. New options --with-sig-list
840
and --with-sig-check.
841
* keylist.c (locate_one): New.
842
(public_key_list): Add arg LOCATE_MODE and use locate_one.
843
* getkey.c (get_pubkey_byname): Fix nodefault case. Add option
844
RETCTX, change all callers.
845
(struct getkey_ctx_s): Add field extra_ptr;
846
(get_pubkey_end): Free it.
847
848
2008-04-18 Werner Koch <wk@g10code.com>
849
850
* misc.c (map_cipher_openpgp_to_gcry, map_cipher_gcry_to_openpgp)
851
(openpgp_cipher_test_algo): Add camellia-192.
852
(openpgp_cipher_blocklen): New.
853
* parse-packet.c (parse_key): Use new function here.
854
855
2008-04-15 David Shaw <dshaw@jabberwocky.com>
856
857
* getkey.c (merge_selfsigs_subkey): If there are multiple 0x19
858
backsigs, take the most recent one.
859
860
2008-04-08 Werner Koch <wk@g10code.com>
861
862
* options.h (opt): Add AKL_NODEFAULT and AKL_LOCAL.
863
* getkey.c (parse_auto_key_locate): Parse them.
864
(get_pubkey_byname): Implement them. Add arg NO_AKL and use that
865
in all cases where a local key is expected.
866
* import.c (import_one): Fill in the fingerprint in all cases.
867
Use log_get_stream.
868
* keyserver.c (keyserver_import_pka): Set FPR to NULL on error.
869
Return G10ERR_NO_PUBKEY if no PKA info is available or no key URI
870
is given in the PKA record..
871
(keyserver_import_cert): Return G10ERR_NO_PUBKEY if a CERT record
872
was not found.
873
874
* getkey.c (get_pubkey_byname): Release FPR in the error case.
875
Continue with next mechanism on error. Better diagnostics.
876
877
2008-04-07 Werner Koch <wk@g10code.com>
878
879
* keyserver.c (parse_keyserver_uri): Allow a default host name.
880
881
* getkey.c (get_pubkey_byname): Replace sprintf by bin2hex.
882
883
2008-04-02 Werner Koch <wk@g10code.com>
884
885
* gpg.c (main): Do not allow DSA2 with a too old Libgcrypt.
886
887
2008-03-26 Werner Koch <wk@g10code.com>
888
889
* tdbio.c (lookup_hashtable): Make cmp args const.
890
(cmp_trec_fpr): Make FPR const.
891
(tdbio_search_trust_byfpr): Remove cast.
892
893
2008-03-25 Werner Koch <wk@g10code.com>
894
895
* keyserver.c (parse_keyrec): Take care of char defaulting to
896
unsigned when using hextobyte.
897
898
2008-03-25 David Shaw <dshaw@jabberwocky.com> (wk)
899
900
* import.c (collapse_uids): Fix bug 894: possible memory
901
corruption around deduplication of user IDs.
902
903
2008-03-25 Werner Koch <wk@g10code.com>
904
905
* parse-packet.c (parse_key): Parse a secret key encrypted with
906
Camellia.
907
908
* options.skel: Make the default keyserver keys.gnupg.net.
909
910
2008-03-18 Werner Koch <wk@g10code.com>
911
912
* seckey-cert.c (do_check): Use GCRYMPI_FMT_PGP for v3 keys.
913
Reported by Petr Cerny.
914
915
2008-03-13 Werner Koch <wk@g10code.com>
916
917
* passphrase.c (PROMPTSTRING): Change string to me more similar to
918
the X.509 prompt.
919
920
2008-02-26 Werner Koch <wk@g10code.com>
921
922
* getkey.c (get_pubkey_byname): Fix comment.
923
924
2008-02-14 Werner Koch <wk@g10code.com>
925
926
* call-agent.c (default_inq_cb): New.
927
(agent_learn, agent_scd_getattr, agent_scd_pksign)
928
(agent_scd_pkdecrypt, agent_scd_change_pin, agent_scd_checkpin)
929
(agent_get_passphrase, agent_clear_passphrase): Use new callback.
930
(inq_writekey_parms): Fall back to the new callback for other
931
inquiries.
932
(start_agent): Tell agent that we accept pinentry notifications.
933
934
2008-02-11 Werner Koch <wk@g10code.com>
935
936
* server.c (cmd_getinfo): New.
937
(register_commands): Register GETINFO.
938
939
2008-02-09 Marcus Brinkmann <marcus@g10code.de>
940
941
* gpg.c (main): New variable default_configname. Use it if
942
save_configname is NULL (can happen if default configfile does
943
not exist). Move default configname determination to ...
944
(get_default_configname): ... this new function.
945
946
2008-01-30 Werner Koch <wk@g10code.com>
947
948
* keydb.c (maybe_create_keyring): Fixed last change.
949
* tdbio.c (tdbio_set_dbname): Also test for forward slash.
950
951
2008-01-29 Werner Koch <wk@g10code.com>
952
953
* keydb.c (maybe_create_keyring): Take care of a missing slash.
954
(maybe_create_keyring) [W32]: Also test for forward slash.
955
956
2008-01-26 Werner Koch <wk@g10code.com>
957
958
* card-util.c (get_manufacturer): Add vendor 0004.
959
960
2008-01-02 Werner Koch <wk@g10code.com>
961
962
* gpg.c: Add --logger-file as an alias for log-file.
963
964
2007-12-14 Werner Koch <wk@g10code.com>
965
966
* gpg.c (main): Set opt.no_homedir_creation during the first option
967
parsing pass.
968
969
2007-12-12 Werner Koch <wk@g10code.com>
970
971
* misc.c (print_pubkey_algo_note): Print a warning if a type 20
972
key is used.
973
(openpgp_pk_test_algo, openpgp_pk_test_algo2)
974
(openpgp_pk_algo_usage): Allow type 20 keys only in rfc2440 mode.
975
976
2007-12-12 David Shaw <dshaw@jabberwocky.com> (wk)
977
978
* trustdb.c (sanitize_regexp): New. Protect against dangerous
979
regexps (malloc bombs) by force-commenting any characters aside
980
from the ones we explicitly want.
981
(check_regexp): Use it here before passing the regexp to
982
regcomp().
983
984
2007-12-12 Werner Koch <wk@g10code.com>
985
986
* misc.c (map_cipher_openpgp_to_gcry): New. Used to map Camellia
987
algorithms to Gcrypt.
988
(openpgp_cipher_test_algo): Call new map function. Replace
989
all remaining calls to gcry_cipher_test_algo by a call to this.
990
(openpgp_cipher_algo_name): New. Replace all remaining calls to
991
gcry_cipher_algo_name by a call to this.
992
(map_cipher_gcry_to_openpgp): New.
993
(string_to_cipher_algo): Use it.
994
* gpg.c (main): Print a warning if Camellia support is build in.
995
996
* gpg.c (print_algo_names): New. From the 1.4 branch by David.
997
(list_config): Use it here for the "ciphername" and "digestname"
998
config items so we can get a script-parseable list of the names.
999
1000
* parse-packet.c (parse_onepass_sig): Sigclass is hex, so include
1001
the 0x.
1002
1003
* sign.c (match_dsa_hash): Remove conditional builds dending on
1004
USE_SHAxxx. We don't need this becuase it can be expected that
1005
libgcrypt provides it. However we need to runtime test for SHA244
1006
becuase that is only available with libgcrypt 2.4.
1007
1008
2007-12-11 Werner Koch <wk@g10code.com>
1009
1010
* mainproc.c (proc_pubkey_enc): Allow type 20 Elgamal key for
1011
decryption.
1012
1013
2007-12-10 Werner Koch <wk@g10code.com>
1014
1015
* import.c (auto_create_card_key_stub): Do not clear the entire
1016
fingerprint. This finally makes the stub creation work. My past
1017
tests seemed to work because there was a key with a all zero
1018
fingerprint available (Elgamal signing keys).
1019
1020
2007-12-08 Werner Koch <wk@g10code.com>
1021
1022
* misc.c (openpgp_pk_algo_usage): Allow Elgamal type 20 for
1023
encryption.
1024
1025
2007-12-04 Werner Koch <wk@g10code.com>
1026
1027
* helptext.c (get_help_from_file): New.
1028
(display_online_help): Use it to geting the help through a file.
1029
(helptexts): Remove.
1030
1031
2007-12-03 Werner Koch <wk@g10code.com>
1032
1033
* keygen.c (ask_key_flags): Add a translation remark and implement
1034
a workaround.
1035
1036
* gpg.c (reopen_std): Moved to ../common and renamed to
1037
gnupg_reopen_std.
1038
1039
* gpg.c: Remove second inclusion of fcntl.h.
1040
1041
2007-11-19 Werner Koch <wk@g10code.com>
1042
1043
* keyedit.c (keyedit_menu): String grammar fix.
1044
1045
2007-11-15 Werner Koch <wk@g10code.com>
1046
1047
* gpg.c (main): New option --xauthority.
1048
* call-agent.c (start_agent): Adjust changed start_new_gpg_agent.
1049
1050
2007-11-12 Werner Koch <wk@g10code.com>
1051
1052
* cpr.c (do_get_from_fd): s/bool/getbool/ to overcome problems
1053
with Mac OS 10.5 which seems to include stdbool.h silently.
1054
1055
2007-11-07 Werner Koch <wk@g10code.com>
1056
1057
Replace all includes of errors.h by status.h (found in common/).
1058
1059
* status.h: Remove.
1060
* status.h: Move prototypes to main.h.
1061
* status.c: Rename to ..
1062
* cpr.c: .. this.
1063
(get_status_string): Remove. We take this now from common/.
1064
1065
2007-10-25 David Shaw <dshaw@jabberwocky.com> (wk)
1066
1067
From 1.4 (October):
1068
1069
* gpg.c (main): Add --require-cross-certification to
1070
--openpgp/--rfc4880 mode.
1071
1072
* gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by
1073
default. Enable --require-cross-certification by default.
1074
--openpgp (--rfc4880) is the same as --rfc2440 except with
1075
"--enable-dsa2 --no-rfc2440-text --escape-from-lines".
1076
1077
* misc.c (compliance_option_string, compliance_failure): Minor
1078
cleanup.
1079
1080
* armor.c (is_armor_header): Comment about 4880.
1081
1082
* options.h, gpg.c (main): Add --rfc4880, and make --openpgp an
1083
alias to it. --rfc2440 now stands alone. For now, use the old
1084
2440 defaults for 4880.
1085
* misc.c (compliance_option_string): Ditto.
1086
1087
* keyedit.c (keyedit_menu): Use compliance_option_string() instead
1088
of printing the compliance modes here.
1089
1090
2007-10-25 David Shaw <dshaw@jabberwocky.com> (wk)
1091
1092
From 1.4 (September):
1093
1094
* import.c (collapse_uids): Significant speedup for de-duping user
1095
IDs.
1096
1097
2007-10-25 David Shaw <dshaw@jabberwocky.com> (wk)
1098
1099
From 1.4 (July):
1100
1101
* armor.c (parse_header_line): Improve test so that the header
1102
test only allows "Hash" in the signed data section.
1103
1104
* armor.c (is_armor_tag): New. Detect if an armor header matches
1105
2440bis-21.
1106
(parse_header_line): Call it here, as bis-21 requires warning the
1107
user (but continuing to process the message) when seeing an
1108
unknown header.
1109
1110
* encode.c (encode_crypt): Missed one call to
1111
setup_plaintext_name(). This is bug#809.
1112
1113
* sign.c (mk_notation_policy_etc): Expect all sigs that this is
1114
called for are >=v4.
1115
(write_signature_packets, make_keysig_packet): Only call it for
1116
>=v4 sigs. This allows --force-v3-sigs and --force-v4-certs to
1117
enable or disable notations, policies, and keyserver URLs. This
1118
is bug#800.
1119
1120
2007-10-19 Werner Koch <wk@g10code.com>
1121
1122
* passphrase.c (passphrase_get): Use new utf8 switching fucntions.
1123
1124
2007-09-14 Werner Koch <wk@g10code.com>
1125
1126
* gpg.c (build_lib_list): New.
1127
(my_strusage): Print lib info.
1128
1129
2007-08-27 Werner Koch <wk@g10code.com>
1130
1131
* trustdb.c (USE_INTERNAL_REGEX): Remove support.
1132
1133
2007-08-24 Werner Koch <wk@g10code.com>
1134
1135
* keyring.c (keyring_register_filename): Use same_file_p().
1136
1137
2007-08-21 Werner Koch <wk@g10code.com>
1138
1139
* misc.c (openpgp_md_test_algo): Remove rfc2440bis hash algorithms.
1140
(openpgp_cipher_test_algo): Likewise for algos 5 and 6.
1141
1142
2007-08-02 Werner Koch <wk@g10code.com>
1143
1144
* gpg.c: Include gc-opt-flags.h and remove their definition here.
1145
1146
2007-07-17 Werner Koch <wk@g10code.com>
1147
1148
* gpg.c (gpgconf_list): Declare --encrypt-to and --default-key.
1149
1150
* card-util.c (get_manufacturer): Add the unmanaged S/N range.
1151
1152
2007-07-12 Werner Koch <wk@g10code.com>
1153
1154
* gpg.c (main): Use translate_sys2libc_fd_int when passing an int
1155
value.
1156
* gpgv.c (main): Ditto.
1157
1158
2007-07-05 Werner Koch <wk@g10code.com>
1159
1160
* card-util.c (card_generate_subkey, card_store_subkey): Enable
1161
the code also for GnuPG-2.
1162
1163
* keygen.c (make_backsig): Add arg TIMESTAMP.
1164
(write_keybinding): Add arg TIMESTAMP, pass it to make_backsig.
1165
(write_direct_sig, write_selfsigs): Add arg TIMESTAMP.
1166
(gen_elg, gen_dsa, gen_rsa): Add arg TIMESTAMP.
1167
(do_create): Ditto.
1168
(do_generate_keypair): Use the same timestamp for key creation
1169
time and all key signatures. Return an error if write_direct_sig
1170
for the secret key fails.
1171
(generate_subkeypair): Ditto.
1172
(gen_card_key): New arg TIMESTAMP.
1173
(generate_card_subkeypair): Pass current time to gen_card_key.
1174
(gen_card_key_with_backup): New arg TIMESTAMP.
1175
(read_parameter_file): Add option Creation-Date.
1176
(parse_creation_string): New.
1177
(do_generate_keypair): Use the Creation-Date if available.
1178
(save_unprotected_key_to_card): Use P for P and not D.
1179
* call-agent.c (agent_scd_genkey): Add arg CREATETIME.
1180
* keyedit.c (menu_backsign): Use the same timestamp for all backsigs.
1181
1182
2007-06-26 Werner Koch <wk@g10code.com>
1183
1184
* openfile.c (try_make_homedir): Support W32; use standard_homedir.
1185
1186
2007-06-25 Werner Koch <wk@g10code.com>
1187
1188
* gpg.c, gpgv.c: Include sysutils.h.
1189
(main): Replace iobuf_translate_file_handle by
1190
translate_sys2libc_fd.
1191
1192
2007-06-21 Werner Koch <wk@g10code.com>
1193
1194
* main.h: Include util.h.
1195
1196
* call-agent.c (start_agent): Factored almost all code out to
1197
../common/asshelp.c.
1198
1199
* gpg.h (ctrl_t): Remove. It is now declared in ../common/util.h.
1200
1201
2007-06-20 Werner Koch <wk@g10code.com>
1202
1203
* misc.c (setsysinfo, trap_unaligned): Remove. It is also in
1204
common/sysutils.c.
1205
(disable_core_dumps, get_session_marker):
1206
1207
* sign.c (sleep): Remove sleep wrapper.
1208
1209
2007-06-18 Marcus Brinkmann <marcus@g10code.de>
1210
1211
* gpg.c (gpgconf_list): Percent escape output of --gpgconf-list.
1212
1213
2007-06-14 Werner Koch <wk@g10code.com>
1214
1215
* call-agent.c (start_agent): Use gnupg_module_name.
1216
1217
2007-06-12 Werner Koch <wk@g10code.com>
1218
1219
* openfile.c (copy_options_file): Use gnupg_datadir.
1220
* misc.c (get_libexecdir): Remove. Changed all callers to use
1221
gnupg_libexecdir.
1222
* gpg.c (check_permissions): Use gnupg_libdir.
1223
1224
* gpg.c (main): Replace some calls by init_common_subsystems.
1225
* gpgv.c (main): Ditto.
1226
1227
2007-06-11 Werner Koch <wk@g10code.com>
1228
1229
* Makefile.am (needed_libs): Use libcommonstd macro.
1230
1231
* gpgv.c (main) [W32]: Call pth_init.
1232
* gpg.c (main) [W32]: Call pth_init.
1233
1234
2007-06-08 Werner Koch <wk@g10code.com>
1235
1236
* Makefile.am (gpg2_LDADD): Syntax fix.
1237
1238
2007-06-06 Werner Koch <wk@g10code.com>
1239
1240
* passphrase.c (passphrase_get) [!ENABLE_NLS]: Do not define
1241
orig_codeset.
1242
1243
* Makefile.am (gpgv2_LDADD, gpg2_LDADD): Include LDADD before
1244
libgcrypt.
1245
1246
* plaintext.c (handle_plaintext): Replace eof by eof_seen as W32's
1247
io.h has a symbol with that name.
1248
1249
* misc.c: Do not include dynload.h.
1250
(w32_shgetfolderpath): Remove. It is now in common/homedir.c.
1251
1252
* gpgv.c (i18n_init): Remove.
1253
* gpg.c (i18n_init): Remove.
1254
(main): Make --load-extension a dummy
1255
1256
2007-05-19 Marcus Brinkmann <marcus@g10code.de>
1257
1258
* passphrase.c (passphrase_get): Use PACKAGE_GT, not PACKAGE.
1259
1260
* passphrase.c (passphrase_get): Free ORIG_CODESET on error.
1261
1262
2007-05-16 Werner Koch <wk@g10code.com>
1263
1264
* sig-check.c (check_backsig): Check the digest algorithm before
1265
using it. Fixed bug 797.
1266
1267
2007-05-09 Werner Koch <wk@g10code.com>
1268
1269
* openfile.c (overwrite_filep, open_outfile) [W32]: Need to use
1270
just "nul". Though, I am pretty sure that some MSDOS versions
1271
grok the extra /dev/.
1272
1273
2007-05-07 Werner Koch <wk@g10code.com>
1274
1275
* openfile.c (open_outfile, overwrite_filep) [W32]: Use "/dev/nul".
1276
1277
2007-05-02 David Shaw <dshaw@jabberwocky.com>
1278
1279
* packet.h, mainproc.c (reset_literals_seen): New function to
1280
reset the literals count.
1281
1282
* verify.c (verify_one_file), decrypt.c (decrypt_messages): Call
1283
it here so we allow multiple literals in --multifile mode (in
1284
different files - not concatenated together).
1285
1286
2007-04-26 Marcus Brinkmann <marcus@g10code.de>
1287
1288
* passphrase.c (passphrase_to_dek): Write missing passphrase
1289
status message in case of cancellation.
1290
1291
2007-04-16 Werner Koch <wk@g10code.com>
1292
1293
* build-packet.c (mpi_write): Made buffer a bit larger. Reported
1294
by Alexander Feigl.
1295
1296
2007-04-13 Werner Koch <wk@g10code.com>
1297
1298
* call-agent.c (start_agent): Don't use log_error when using the
1299
fallback hack to start the agent. This is bug 782.
1300
1301
2007-04-05 David Shaw <dshaw@jabberwocky.com>
1302
1303
From STABLE-BRANCH-1-4
1304
1305
* parse-packet.c (parse_marker): New. Enforce that the marker
1306
contains 'P', 'G', 'P', and nothing but.
1307
(parse): Call it here.
1308
(skip_packet): No longer need to handle marker packets here.
1309
1310
2007-03-14 David Shaw <dshaw@jabberwocky.com>
1311
1312
From STABLE-BRANCH-1-4
1313
1314
* keyserver.c: Windows Vista doesn't grok X_OK and so fails
1315
access() tests. Previous versions interpreted X_OK as F_OK
1316
anyway, so we'll just use F_OK directly.
1317
1318
2007-03-09 David Shaw <dshaw@jabberwocky.com>
1319
1320
From STABLE-BRANCH-1-4
1321
1322
* parse-packet.c (parse_signature): It's hex.
1323
1324
* getkey.c (merge_selfsigs_subkey): Avoid listing the contents of
1325
a backsig when list mode is on. Noted by Timo Schulz.
1326
1327
2007-03-08 Werner Koch <wk@g10code.com>
1328
1329
* plaintext.c (handle_plaintext): Add two extra fflush for stdout.
1330
1331
2007-03-08 David Shaw <dshaw@jabberwocky.com> (wk)
1332
1333
* keyedit.c (keyedit_menu): If we modify the keyblock (via
1334
fix_keyblock() or collapse_uids()) make sure we reprocess the
1335
keyblock so the flags are correct. Noted by Robin H. Johnson.
1336
1337
* getkey.c (fixup_uidnode): Properly clear flags that don't apply
1338
to us (revoked, expired) so that we can reprocess a uid.
1339
1340
2007-03-05 Werner Koch <wk@g10code.com>
1341
1342
Converted this file to UTF-8.
1343
1344
Ported David and my multiple messages changes from 1.4.7.
1345
1346
* options.h, gpg.c (main), mainproc.c (check_sig_and_print): Allow
1347
multiple sig verification again as this is protected via the
1348
multiple-messages code. New option --allow-multiple-messages and
1349
--no variant.
1350
* status.h (STATUS_ERROR): New status code.
1351
* status.c (get_status_string): Ditto.
1352
* mainproc.c (proc_plaintext): Emit it if multiple messages are
1353
detected. Error out if more than one plaintext packet is
1354
encountered.
1355
* mainproc.c (literals_seen): New.
1356
1357
2007-02-26 Werner Koch <wk@g10code.com>
1358
1359
* gpg.c (main): Add verify option show-primary-uid-only.
1360
* options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New.
1361
* mainproc.c (check_sig_and_print): Implement it.
1362
1363
2007-02-22 Werner Koch <wk@g10code.com>
1364
1365
* encr-data.c (decrypt_data): Correctly test for unknown algorithm.
1366
* import.c (check_prefs): Ditto.
1367
* keyedit.c (show_prefs): Ditto.
1368
* mainproc.c (proc_symkey_enc): Ditto.
1369
1370
2007-02-06 Werner Koch <wk@g10code.com>
1371
1372
* export.c (do_export_stream): Allow reset-subkey-passwd along
1373
with sexp-format.
1374
1375
2007-02-04 Werner Koch <wk@g10code.com>
1376
1377
* parse-packet.c (parse_signature): Limit bytes read for an
1378
unknown alogorithm. Fixes Debian bug#402592.
1379
1380
2007-01-31 Werner Koch <wk@g10code.com>
1381
1382
* verify.c (verify_signatures): Do no dereference a NULL afx.
1383
1384
* passphrase.c (passphrase_get): Set the cancel flag on all error
1385
from the agent. Fixes a bug reported by Tom Duerbusch.
1386
1387
2007-01-30 Werner Koch <wk@g10code.com>
1388
1389
* status.c (write_status_begin_signing): New.
1390
* sign.c (sign_file, sign_symencrypt_file): Call it.
1391
* textfilter.c (copy_clearsig_text): Call it.
1392
1393
* call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if
1394
required.
1395
1396
* gpg.c (main): Let --no-use-agent and --gpg-agent-info print a
1397
warning.
1398
* misc.c (obsolete_option): New.
1399
1400
2007-01-29 Werner Koch <wk@g10code.com>
1401
1402
* pkclist.c (do_we_trust_pre): Issue a user-id-hint status code.
1403
1404
2007-01-15 Werner Koch <wk@g10code.com>
1405
1406
* parse-packet.c (read_protected_v3_mpi): Make sure to stop
1407
reading even for corrupted packets.
1408
* keygen.c (generate_user_id): Need to allocate one byte more.
1409
Reported by Felix von Leitner.
1410
1411
2006-12-21 Werner Koch <wk@g10code.com>
1412
1413
* gpg.c (main): New command --server.
1414
* gpg.h (struct server_control_s, ctrl_t): New.
1415
* server.c: New.
1416
* verify.c (gpg_verify): New.
1417
* mainproc.c (mainproc_context): Made SIGNED_DATA a structure.
1418
(proc_signature_packets_by_fd): New.
1419
(proc_compressed_cb): Divert depending on SIGNED_DATA.
1420
* plaintext.c (hash_datafile_by_fd): New.
1421
* mainproc.c (proc_tree): Use it here.
1422
1423
* verify.c (verify_signatures): Init AFX only when needed.
1424
Don't leak a context on error.
1425
(verify_one_file): Don't leak a context on error.
1426
1427
2006-12-07 Werner Koch <wk@g10code.com>
1428
1429
* openfile.c (copy_options_file): Use log_info instead of
1430
log_error to avoid an error return of gpg due to a missing
1431
skeleton file.
1432
1433
2006-12-07 David Shaw <dshaw@jabberwocky.com>
1434
1435
* Makefile.am: Link to iconv for jnlib dependency.
1436
1437
2006-12-05 Werner Koch <wk@g10code.com>
1438
1439
* passphrase.c (passphrase_to_dek): Handle a Cancel request
1440
correctly. [Bug#737]
1441
* mainproc.c (proc_symkey_enc): Removed workaround for bogus cancel
1442
processing.
1443
* encode.c (encode_simple): Distinguish error message between
1444
cancel and invalid passphrase.
1445
(setup_symkey): Ditto.
1446
* sign.c (sign_symencrypt_file): Ditto
1447
* keyedit.c (change_passphrase): Allow cancellation.
1448
* keygen.c (do_ask_passphrase): New arg R_CANCELED.
1449
(generate_keypair): Handle a passphrase cancellation.
1450
(generate_raw_key): Ditto.
1451
(generate_subkeypair): Ditto.
1452
1453
2006-12-04 Werner Koch <wk@g10code.com>
1454
1455
* filter.h (armor_filter_context_t): New element REFCOUNT.
1456
* armor.c (armor_filter): Made static.
1457
(push_armor_filter, release_armor_context, new_armor_context): New.
1458
(armor_filter): Release the context.
1459
* gpg.c (main): Use new armor context functions and
1460
push_armor_filter.
1461
* export.c (do_export): Ditto.
1462
* encode.c (encode_simple, encode_crypt): Ditto.
1463
* decrypt.c (decrypt_message, decrypt_messages): Ditto.
1464
* dearmor.c (dearmor_file, enarmor_file): Ditto.
1465
* verify.c (verify_signatures, verify_one_file): Ditto.
1466
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Ditto.
1467
* revoke.c (gen_desig_revoke, gen_revoke): Ditto.
1468
* keyserver.c (keyserver_spawn): Ditto.
1469
* keygen.c (output_control_s): Turn AFX fields into pointers.
1470
(read_parameter_file): Allocate and release AFX fields.
1471
(do_generate_keypair): Use push_armor_filter.
1472
* import.c (import): Replace iobuf_push_filter2 hack by the new
1473
armor context stuff.
1474
1475
2006-12-03 Werner Koch <wk@g10code.com>
1476
1477
* filter.h: New element REFCOUNT.
1478
(handle_progress): Remove prototype.
1479
* progress.c (new_progress_context, release_progress_context): New.
1480
(progress_filter): Use new function to release context. Made static.
1481
(handle_progress): Bumb reference counter. No more check for
1482
enabled progress as this is handled by new_progress_context.
1483
* verify.c (verify_signatures, verify_one_file): Replace stack
1484
based progress context by a heap based one.
1485
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Ditto.
1486
* plaintext.c (ask_for_detached_datafile, hash_datafiles): Ditto.
1487
* encode.c (encode_simple, encode_crypt): Ditto.
1488
* decrypt.c (decrypt_message, decrypt_messages): Ditto.
1489
1490
* keyedit.c (menu_clean): Made strings translatable.
1491
1492
2006-12-03 David Shaw <dshaw@jabberwocky.com>
1493
1494
* keyedit.c (menu_clean): Show "already minimized" rather than
1495
"already clean" when a minimized key is minimized again. From
1496
Dirk Traulsen.
1497
1498
2006-12-02 David Shaw <dshaw@jabberwocky.com>
1499
1500
* options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add
1501
--passphrase-repeat option to control how many times gpg will
1502
re-prompt for a passphrase to ensure the user has typed it
1503
correctly. Defaults to 1.
1504
1505
2006-12-02 Werner Koch <wk@g10code.com>
1506
1507
* encr-data.c: Allocate DFX context on the heap and not on the
1508
stack. Changes at several places. Fixes CVE-2006-6235.
1509
1510
2006-11-27 Werner Koch <wk@g10code.com>
1511
1512
* openfile.c (ask_outfile_name): Fixed buffer overflow occurring
1513
if make_printable_string returns a longer string. Fixes bug 728.
1514
1515
2006-11-21 Werner Koch <wk@g10code.com>
1516
1517
* Makefile.am (needed_libs): libgnu needs to come after libcommon.
1518
1519
* keygen.c (ask_expire_interval): Print y2038 warning only for 32
1520
bit time_t.
1521
(save_unprotected_key_to_card): Made RSA_N_LEN et al a size_t.
1522
Cast printf args.
1523
(get_parameter_algo): Allow "ELG" as alias for "ELG-E".
1524
1525
* seckey-cert.c (do_check): Made NBYTES a size_t.
1526
(do_check): Made NDATA a size_t.
1527
(protect_secret_key): Made NARR a size_t.
1528
(protect_secret_key): Made NVYES a size_t.
1529
* pubkey-enc.c (get_it): Made INDATALEN a size_t.
1530
(get_it): Made NFRAME a size_t.
1531
* keyid.c (hash_public_key): Made NBITS an unsigned int.
1532
* misc.c (checksum_mpi): Made NBYTES a size_t.
1533
(openpgp_pk_test_algo2): Made USE_BUF a size_t.
1534
* seskey.c (encode_session_key): Made NFRAME a size_t.
1535
(do_encode_md): Ditto.
1536
(encode_md_value): Cast size_t argument of printf.
1537
(encode_md_value): Ditto.
1538
1539
2006-11-10 Werner Koch <wk@g10code.com>
1540
1541
* parse-packet.c (mpi_read): Changed NREAD to size_t to match the
1542
gcry_mpi-scan prototype.
1543
(mpi_read): Fixed double increment of bytes read to correctly
1544
detect overlong MPIs.
1545
1546
2006-11-05 Werner Koch <wk@g10code.com>
1547
1548
* gpg.c (main): Remove the default --require-cross-certification.
1549
* options.skel: Enable require-cross-certification.
1550
1551
2006-10-31 Werner Koch <wk@g10code.com>
1552
1553
* pkclist.c (warn_missing_aes_from_pklist): New.
1554
* encode.c (encrypt_filter, encode_crypt): Use it here.
1555
1556
2006-10-27 Werner Koch <wk@g10code.com>
1557
1558
* pkclist.c (warn_missing_mdc_from_pklist): New.
1559
* encode.c (use_mdc): Use it here.
1560
1561
2006-10-24 Marcus Brinkmann <marcus@g10code.de>
1562
1563
* Makefile.am (AM_CFLAGS): Add $(LIBASSUAN_CFLAGS).
1564
1565
2006-10-23 Werner Koch <wk@g10code.com>
1566
1567
* gpg.c (main): New command --gpgconf-test.
1568
1569
* Makefile.am (bzip2_source): New.
1570
1571
2006-10-20 Werner Koch <wk@g10code.com>
1572
1573
* getkey.c (classify_user_id): Reserve '&' for search by keygrip.
1574
1575
2006-10-19 Werner Koch <wk@g10code.com>
1576
1577
* keygen.c (get_parameter_algo): Add special case for ELG_E which
1578
is not supported by libgcrypt's mapping function.
1579
1580
2006-10-18 Werner Koch <wk@g10code.com>
1581
1582
* keyid.c (v3_keyid): Don't use mempcy as we need to hold the
1583
keyids in the native endian format.
1584
1585
* import.c (import_print_stats): Use log_printf.
1586
1587
* build-packet.c (do_public_key): Care about mpi_write errors.
1588
(do_secret_key, do_pubkey_enc, do_signature): Ditto.
1589
(mpi_write): Print an extra warning on error.
1590
1591
2006-10-17 Werner Koch <wk@g10code.com>
1592
1593
* Makefile.am (LDADD): Replaced W32LIBS by NETLIBS.
1594
1595
2006-10-12 David Shaw <dshaw@jabberwocky.com>
1596
1597
* parse-packet.c (parse_symkeyenc): Show the unpacked as well as
1598
the packed s2k iteration count.
1599
1600
* main.h, options.h, gpg.c (encode_s2k_iterations, main),
1601
passphrase.c (hash_passphrase): Add --s2k-count option to specify
1602
the number of s2k hash iterations.
1603
1604
2006-10-08 Werner Koch <wk@g10code.com>
1605
1606
* gpgv.c: Remove the tty stubs as we are now required to link to
1607
tty anyway (it is included in libcommand and has dependencies to
1608
other modules as well).
1609
1610
* keyedit.c (keyedit_menu): Use keyedit_completion only if
1611
readline is available. It would be better to move this code into
1612
gpgrlhelp.c
1613
1614
2006-10-06 Werner Koch <wk@g10code.com>
1615
1616
* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.
1617
1618
2006-10-06 David Shaw <dshaw@jabberwocky.com>
1619
1620
* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather
1621
than whatever key selector the user used on the command line.
1622
1623
2006-10-05 Werner Koch <wk@g10code.com>
1624
1625
* status.c (progress_cb): Changed to libgcrypt API.
1626
(set_status_fd): Register the progress cb.
1627
1628
* seskey.c (encode_md_value): Check that the hash algo is valid
1629
before getting the OID.
1630
1631
2006-10-04 Werner Koch <wk@g10code.com>
1632
1633
* passphrase.c: Allow for a static passphrase in batch mode.
1634
1635
* call-agent.c (agent_havekey): Removed.
1636
(percent_plus_escape): New.
1637
(agent_get_passphrase): New.
1638
(agent_clear_passphrase): New.
1639
1640
* passphrase.c: Changed so that we always require the agent.
1641
(agent_send_option, agent_send_all_options, agent_open): Removed.
1642
(agent_get_passphrase): Cleaned up. Does now use the call-agent
1643
functions. Renamed to
1644
(passphrase_get): .. this. Changed all callers.
1645
(passphrase_clear_cache): Rewritten.
1646
(passphrase_to_dek, hash_passphrase): Re-indented.
1647
1648
* gpg.c (main): Made --use-agent a dummy option.
1649
* seckey-cert.c (check_secret_key): We require the agent, so always
1650
allow for 3 tries.
1651
1652
* gpg.c (main): Print a warning if -sat has been used.
1653
(main): Removed the special treatment of the -k option. -k is now
1654
an alias for --list-keys.
1655
(main): Removed --list-ownertrust.
1656
1657
2006-10-02 Werner Koch <wk@g10code.com>
1658
1659
* encr-data.c (decrypt_data, mdc_decode_filter): Check the MDC
1660
right here and don't let parse-packet handle the MDC.
1661
1662
2006-09-29 Werner Koch <wk@g10code.com>
1663
1664
* compress.c (do_uncompress): Removed use of Z_PARTIAL_FLUSH.
1665
This is outdated and old zlib versions which still require it have
1666
security problems.
1667
1668
2006-09-27 Werner Koch <wk@g10code.com>
1669
1670
Replaced all STRLIST by strlist_t.
1671
1672
2006-09-21 Werner Koch <wk@g10code.com>
1673
1674
* signal.c (got_fatal_signal): Replaced readline stuff by a tty
1675
function.
1676
1677
* Makefile.am (LDADD): Include libgpgrl.a.
1678
1679
* gpg.c (main): Call gpg_rl_initialize.
1680
1681
* keyedit.c: Removed double inclusion of stdio.h.
1682
1683
2006-09-20 Werner Koch <wk@g10code.com>
1684
1685
* call-agent.c: Include asshelp.h.
1686
(start_agent): Use send_pinentry_environment.
1687
1688
2006-09-14 Werner Koch <wk@g10code.com>
1689
1690
Replaced all call gpg_error_from_errno(errno) by
1691
gpg_error_from_syserror().
1692
1693
2006-09-13 Werner Koch <wk@g10code.com>
1694
1695
* gpg.c (main): Made --require-cross-certification the default.
1696
1697
2006-09-06 Marcus Brinkmann <marcus@g10code.de>
1698
1699
* Makefile.am (gpg2_LDADD, gpgv2_LDADD): Replace -lassuan and
1700
-lgpg-error with $(LIBASSUAN_LIBS) and $(GPG_ERROR_LIBS).
1701
(AM_CFLAGS): Add $(LIBASSUAN_CFLAGS) and $(GPG_ERROR_CFLAGS).
1702
1703
2006-09-06 Werner Koch <wk@g10code.com>
1704
1705
* gpg.c (main): Enable new assuan API.
1706
* call-agent.c: Changed to new Assuan API.
1707
1708
2006-09-01 Werner Koch <wk@g10code.com>
1709
1710
* call-agent.c: Do not force using the pipe server.
1711
1712
* gpg.c (main): Enable card related commands.
1713
1714
2006-08-22 Werner Koch <wk@g10code.com>
1715
1716
* mainproc.c (proc_plaintext): Fixed a #warning
1717
1718
2006-08-21 Werner Koch <wk@g10code.com>
1719
1720
* skclist.c (random_is_faked): Implemented.
1721
(is_insecure): Also test for the old uppercase version of the
1722
insecure string.
1723
* gpg.c (main): Renamed --quick-random to debug-quick-quick-random.
1724
1725
* gpg.c (print_mds): Do not use the USE_SHA macros.
1726
1727
* mainproc.c (proc_encrypted): Remove assign inside condition for
1728
better readibility.
1729
1730
* packet.h: Moved consts to new header ../common/openpgpdefs.h.
1731
1732
2006-08-16 Werner Koch <wk@g10code.com>
1733
1734
* keyserver.c (GPGKEYS_PREFIX): Rename to gpg2keys_. This is so
1735
that we can install helpers from 1.4 and 2 without conflicts and
1736
first of all don't get lost with weird bug reports.
1737
1738
* keyid.c (serialno_and_fpr_from_sk): New. Actually lost during
1739
the last 1.4 to 1.9 merge.
1740
1741
* gpg.c (list_config): Output ccid-reader-id only for gnupg 1.
1742
1743
* call-agent.c (agent_scd_writekey): New.
1744
(inq_writekey_parms): New.
1745
1746
* gpgv.c: Include call-agent.h for use by stubs.
1747
1748
* misc.c: Include call-agent.h for use by get_signature_count.
1749
1750
2006-07-27 Werner Koch <wk@g10code.com>
1751
1752
* parse-packet.c (parse_comment): Cap comments at 65k.
1753
(parse_gpg_control): Skip too large control packets.
1754
1755
2006-07-24 David Shaw <dshaw@jabberwocky.com> (wk)
1756
1757
* keydb.h, pkclist.c (select_algo_from_prefs, algo_available):
1758
Pass a union for preference hints rather than doing void * games.
1759
1760
* sign.c (sign_file): Use it here.
1761
1762
* sign.c (sign_file): When signing with multiple DSA keys, one
1763
being DSA1 and one being DSA2 and encrypting at the same time, if
1764
the recipient preferences give a hash that can work with the DSA2
1765
key, then allow the DSA1 key to be promoted rather than giving up
1766
and using hash_for().
1767
1768
* pkclist.c (algo_available): Automatically enable DSA2 mode when
1769
handling a key that clearly isn't DSA1 (i.e. q!=160).
1770
1771
2006-06-30 Werner Koch <wk@g10code.com>
1772
1773
* misc.c (checksum_mpi): No need for nbits as they are alredy
1774
included in the buffer.
1775
1776
2006-06-29 Werner Koch <wk@g10code.com>
1777
1778
* parse-packet.c (parse_signature, parse_key): Need store the
1779
length of opaque data as number of bits.
1780
* card-util.c (card_store_subkey): Ditto.
1781
1782
* mainproc.c (print_pkenc_list, check_sig_and_print): Replaced
1783
log_get_stream by calls to log_printf. This avoids the extra LFs
1784
inserted by the logging function. They are a bit too smart
1785
sometimes.
1786
* pkclist.c (do_show_revocation_reason): Print final LF through
1787
log_printf to avoid extra LFs.
1788
* pubkey-enc.c (get_it): Ditto.
1789
1790
* seskey.c (encode_md_value): Fix call to gcry.
1791
1792
2006-06-27 Werner Koch <wk@g10code.com>
1793
1794
Applied patches from 1.4.x (2006-05-22 to 2006-06-23) from David:
1795
1796
* keygen.c (keygen_upd_std_prefs, keygen_add_std_prefs)
1797
(proc_parameter_file): Add --default-keyserver-url to specify a
1798
keyserver URL at key generation time, and "Keyserver:" keyword for
1799
doing the same through a batch file.
1800
* options.h, gpg.c (main): Ditto.
1801
1802
* sign.c (do_sign): For now don't accept a truncated hash even
1803
for DSA1 keys (be liberal in what you accept, etc).
1804
1805
* import.c (import_one): Add a flag (from_sk) so we don't check
1806
prefs on an autoconverted public key. The check should only
1807
happen on the sk side. Noted by Dirk Traulsen.
1808
1809
* keygen.c (gen_card_key): Add optional argument to return a
1810
pointer (not a copy) of the stub secret key for the secret key we
1811
just generated on the card.
1812
(generate_card_subkeypair): Use it here so that the signing key on
1813
the card can use the card to generate the 0x19 backsig on the
1814
primary key. Noted by Janko Heilgeist and Jonas Oberg.
1815
1816
* parse-packet.c (parse_user_id): Cap the user ID size at 2048
1817
bytes. This prevents a memory allocation attack with a very large
1818
user ID. A very large packet length could even cause the
1819
allocation (a u32) to wrap around to a small number. Noted by
1820
Evgeny Legerov on full-disclosure.
1821
1822
* keygen.c (gen_dsa): Allow generating DSA2 keys. Allow
1823
specifying sizes > 1024 when --enable-dsa2 is set. The size of q
1824
is set automatically based on the key size.
1825
(ask_keysize, generate_keypair): Ask for DSA size when
1826
--enable-dsa2 is set.
1827
1828
* exec.c (make_tempdir) [W32]: Fix bug with a temporary directory
1829
on W32 that is over 256 bytes long. Noted by Israel G. Lugo.
1830
1831
* gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we
1832
are called with them closed. This is to protect our
1833
keyring/trustdb files from corruption if they get attached to one
1834
of the standard fds. Print a warning if possible that this has
1835
happened, and fail completely if we cannot reopen (should never
1836
happen).
1837
(main): Call it here.
1838
1839
* parse-packet.c (dump_sig_subpkt, parse_signature): Fix meaning
1840
of key expiration and sig expiration subpackets - zero means
1841
"never expire" according to 2440, not "expire instantly".
1842
* build-packet.c (build_sig_subpkt_from_sig): Ditto.
1843
* getkey.c (fixup_uidnode, merge_selfsigs_main)
1844
(merge_selfsigs_subkey): Ditto.
1845
* keygen.c (keygen_add_key_expire): Ditto.
1846
1847
* getkey.c (get_pubkey_byname)
1848
* import.c (import_one): Fix key selection problem when
1849
auto-key-locate returns a list of keys, not all of which are
1850
usable (revoked, expired, etc). Noted by Simon Josefsson.
1851
1852
2006-05-24 Werner Koch <wk@g10code.com>
1853
1854
* keyid.c (hash_public_key): Do not double hash the length bytes,
1855
they are already included by mpi_print.
1856
1857
* misc.c (openpgp_pk_test_algo2): Get test call right.
1858
1859
* misc.c (string_to_cipher_algo, string_to_digest_algo): New.
1860
* keygen.c (keygen_set_std_prefs): use them here.
1861
* gpg.c (main): and here.
1862
1863
2006-05-23 Werner Koch <wk@g10code.com>
1864
1865
* card-util.c (generate_card_keys): Removed temporary kludge for
1866
generate_keypair.
1867
1868
* call-agent.c (agent_scd_setattr): Add arg SERIALNO.
1869
(agent_scd_genkey): Ditto.
1870
(agent_scd_change_pin): Ditto.
1871
1872
* call-agent.h (struct agent_card_info_s): Updated to match the
1873
one of 1.4.3.
1874
1875
* Makefile.am (LDADD): Include ZLIBS.
1876
1877
* gpgv.c: Removed stubs not anymore useful due to libgcrypt.
1878
1879
2006-05-22 Werner Koch <wk@g10code.com>
1880
1881
* keyserver.c (keyidlist): Replaced mpi_get_keyid by v3_keyid.
1882
* keydb.h (v3_keyid): Added.
1883
1884
* import.c (import): Better initialize KEYBLOCK as to quiet
1885
compiler warning.
1886
1887
* skclist.c (random_is_faked): New.
1888
1889
* mainproc.c: Include pka.h.
1890
1891
2006-05-19 Werner Koch <wk@g10code.com>
1892
1893
* misc.c (openpgp_pk_test_algo2): Need to use gcry_pk_algo_info
1894
directly.
1895
(string_count_chr): New.
1896
1897
* armor.c (parse_header_line): Use renamed function
1898
length_sans_trailing_ws.
1899
1900
* options.h, gpg.c: Option --strict is not used thus removed code
1901
but kept option.
1902
1903
2006-04-28 David Shaw <dshaw@jabberwocky.com> (wk)
1904
1905
* keyserver.c (direct_uri_map): New.
1906
(keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx
1907
helpers when the meaning is different if a path is provided (i.e.
1908
ldap).
1909
(keyserver_import_cert): Show warning if there is a CERT
1910
fingerprint, but no --keyserver set.
1911
1912
* keyserver.c: Fix build problem with platforms that stick libcurl
1913
in a place not in the regular include search path.
1914
1915
* options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2.
1916
Defaults to disable.
1917
1918
* pkclist.c (algo_available): If --enable-dsa2 is set, we're
1919
allowed to truncate hashes to fit DSA keys.
1920
1921
* sign.c (match_dsa_hash): New. Return the best match hash for a
1922
given q size.
1923
(do_sign, hash_for, sign_file): When signing with a DSA key, if it
1924
has q==160, assume it is an old DSA key and don't allow truncation
1925
unless --enable-dsa2 is also set. q!=160 always allows truncation
1926
since they must be DSA2 keys.
1927
(make_keysig_packet): If the user doesn't specify a
1928
--cert-digest-algo, use match_dsa_hash to pick the best hash for
1929
key signatures.
1930
1931
* gpg.c (print_mds): Add SHA-224.
1932
* armor.c (armor_filter, parse_hash_header): Add SHA-224.
1933
1934
* sign.c (write_plaintext_packet):
1935
Factor common literal packet setup code from here, to...
1936
* encode.c (encode_simple): .. there.
1937
1938
* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure
1939
the literal packet filename field is UTF-8 encoded.
1940
1941
* options.h, gpg.c (main): Make sure --set-filename is UTF-8
1942
encoded and note when filenames are already UTF-8.
1943
1944
* keyedit.c (menu_backsign): Give some more verbose errors when we
1945
have no need to backsign.
1946
1947
* getkey.c (parse_auto_key_locate): Fix dupe-removal code.
1948
1949
* keyedit.c (menu_backsign): Allow backsigning even if the secret
1950
subkey doesn't have a binding signature.
1951
1952
* armor.c (radix64_read): Don't report EOF when reading only a pad
1953
(=) character. The EOF actually starts after the pad.
1954
1955
* gpg.c (main): Make --export, --send-keys, --recv-keys,
1956
--refresh-keys, and --fetch-keys follow their arguments from left
1957
to right. Suggested by Peter Palfrader.
1958
1959
2006-04-18 Werner Koch <wk@g10code.com>
1960
1961
* tdbio.c (open_db, migrate_from_v2): Removed feature to migration
1962
from old trustdb version 2.
1963
1964
* gpg.c, mainproc.c: Removed pipemode feature.
1965
1966
* status.c: Removed shared memory coprocess stuff
1967
1968
Merged with current gpg 1.4.3 code.
1969
1970
* keygen.c, keyid.c, misc.c, openfile.c, verify.c, trustdb.c
1971
* textfilter.c, tdbio.c, tdbdump.c, status.c, skclist.c, signal.c
1972
* sign.c, sig-check.c, seskey.c, seckey-cert.c, revoke.c
1973
* pubkey-enc.c, progress.c, plaintext.c, pkclist.c, photoid.c
1974
* passphrase.c, parse-packet.c, mdfilter.c, mainproc.c
1975
* keyserver.c, keyring.c, keylist.c, keyedit.c, keydb.c, kbnode.c
1976
* import.c, getkey.c, gpgv.c, helptext.c, free-packet.c
1977
* build-packet.c, cipher.c, compress.c, dearmor.c, decrypt.c
1978
* delkey.c, encr-data.c, encode.c, exec.c, export.c
1979
* gpg.c, armor.c: Updated from gnupg-1.4.3 and merged back gcry and
1980
gnupg-1.9 related changes.
1981
* trustdb.h, tdbio.h, status.h, photoid.h, packet.h, options.h
1982
* main.h, keyserver-internal.h, keyring.h, keydb.h, filter.h
1983
* exec.h: Ditto.
1984
* global.h: Removed after merging constants with gpg.h.
1985
* comment.c, pipemode.c: Removed.
1986
* card-util.c: Updated from gnupg-1.4.3.
1987
* compress-bz2.c: New.
1988
1989
2005-06-15 Werner Koch <wk@g10code.com>
1990
1991
* g10.c (print_hashline, add_group): Fixes for signed/unsigned
1992
pointer mismatch warnings.
1993
1994
2005-06-01 Werner Koch <wk@g10code.com>
1995
1996
* mkdtemp.c: Removed.
1997
* exec.c: Include mkdtemp.h
1998
1999
2004-12-21 Werner Koch <wk@g10code.com>
2000
2001
* gpgv.c, g10.c (main): Use default_hoemdir ().
2002
2003
2004-12-18 Werner Koch <wk@g10code.com>
2004
2005
* gpg.h (map_assuan_err): Define in terms of
2006
map_assuan_err_with_source.
2007
2008
2004-12-15 Werner Koch <wk@g10code.com>
2009
2010
* Makefile.am (LDADD): Remove ZLIBS.
2011
2012
2004-10-22 Werner Koch <wk@g10code.com>
2013
2014
* g10.c (main): Display a bit fat warning that this gpg should not
2015
be used.
2016
2017
* card-util.c (fetch_url): Disable for gnupg 1.9
2018
(card_generate_subkey): Ditto.
2019
(card_store_subkey): Ditto.
2020
2021
2004-09-30 Werner Koch <wk@g10code.com>
2022
2023
* gpgv.c (i18n_init): Always use LC_ALL.
2024
2025
* Makefile.am (LDADD): Adjusted for gettext 0.14.
2026
2027
2004-09-20 Werner Koch <wk@g10code.com>
2028
2029
* keyedit.c (show_key_with_all_names): Print the card S/N.
2030
2031
2004-09-11 Moritz Schulte <moritz@g10code.com>
2032
2033
* openfile.c (copy_options_file): Fixed last commit (added a `+').
2034
2035
2004-08-31 Werner Koch <wk@g10code.de>
2036
2037
* openfile.c (copy_options_file): Use gpg-conf.skel. Better take
2038
the length of SKELEXT into account, someone might make it larger.
2039
* Makefile.am: Install options.skel as gpg-conf.skel.
2040
2041
2004-08-18 Marcus Brinkmann <marcus@g10code.de>
2042
2043
* passphrase.c (agent_get_passphrase): Fix detection of gpg-agent
2044
cancellation.
2045
2046
2004-07-01 Werner Koch <wk@gnupg.org>
2047
2048
* card-util.c (change_login): Kludge to allow reading data from a
2049
file.
2050
(card_edit): Pass ARG_STRING to change_login.
2051
(card_status): Print CA fingerprints.
2052
(change_cafpr): New.
2053
(card_edit): New command CAFPR.
2054
2055
* call-agent.h: Add members for CA fingerprints.
2056
* call-agent.c (agent_release_card_info): Invalid them.
2057
(learn_status_cb): Store them.
2058
2059
2004-04-30 Werner Koch <wk@gnupg.org>
2060
2061
* g10.c (main) <gpgconf>: Use gpg.conf and not /dev/null as
2062
default filename.
2063
2064
2004-04-28 Werner Koch <wk@gnupg.org>
2065
2066
* card-util.c (card_edit): Remove PIN verification.
2067
(generate_card_keys): New arg SERIALNO. Do PIN verification here
2068
after resetting forced_chv1.
2069
2070
2004-04-26 Werner Koch <wk@gnupg.org>
2071
2072
* card-util.c (change_name): Check that the NAME is not too long.
2073
(change_url): Likewise.
2074
(change_login): Likewise.
2075
2076
2004-03-23 Werner Koch <wk@gnupg.org>
2077
2078
* g10.c: New options --gpgconf-list, --debug-level and --log-file
2079
(set_debug): Add arg DEBUG_LEVEL.
2080
(main): Look at less and less version specific config files. From
2081
gnupg 1.3.
2082
2083
2004-02-17 Werner Koch <wk@gnupg.org>
2084
2085
* call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO.
2086
* passphrase.c (agent_open): Ditto.
2087
2088
2004-02-12 Werner Koch <wk@gnupg.org>
2089
2090
* gpgv.c: Removed g10defs.h.
2091
2092
* Makefile.am: Include cmacros.am for common flags.
2093
2094
2004-02-11 Werner Koch <wk@gnupg.org>
2095
2096
* openfile.c (try_make_homedir): Use GNUPG_DEFAULT_HOMEDIR.
2097
* gpgv.c (main): Ditto.
2098
* g10.c (main): Ditto.
2099
2100
2004-01-19 Moritz Schulte <mo@g10code.com>
2101
2102
* keygen.c (do_generate_keypair): Print member fname, instead of
2103
newfname, again.
2104
(do_generate_keypair): Don't try to execute certain pieces of code
2105
in case an error occured.
2106
(gen_card_key): Don't print out a message, which is already
2107
printed by do_generate_keypair().
2108
2109
2004-01-18 Moritz Schulte <mo@g10code.com>
2110
2111
* keygen.c (do_generate_keypair): Print member fname, instead of
2112
newfname.
2113
2114
2003-12-17 Werner Koch <wk@gnupg.org>
2115
2116
* card-util.c (print_name): Fixed bad format string usage.
2117
(print_isoname): Ditto.
2118
2119
* trustdb.c (check_regexp): s/exp/expr/.
2120
2121
* keyedit.c (trustsig_prompt): Removed a "> 255" term; it is
2122
always false due to the data type.
2123
2124
* passphrase.c (agent_get_passphrase): Use xasprintf and avoid
2125
non-literal format strings.
2126
2127
* tdbio.c (upd_hashtable, drop_from_hashtable, lookup_hashtable):
2128
Fixed log_error format string bugs. Kudos to the now working
2129
gcc-3.3 -Wformat-nonliteral and Florian Weimer's investigations in
2130
gnupg 1.2.3.
2131
2132
2003-12-15 Werner Koch <wk@gnupg.org>
2133
2134
* seckey-cert.c (protect_secret_key): Use gry_create_nonce for the
2135
IV; there is not need for real strong random here and it even
2136
better protect the random bits used for the key.
2137
2138
2003-11-16 Moritz Schulte <mo@g10code.com>
2139
2140
* signal.c: Removed unused file.
2141
2142
2003-11-10 Moritz Schulte <mo@g10code.com>
2143
2144
* Makefile.am (INCLUDES): Added: @LIBGCRYPT_CFLAGS@.
2145
2146
2003-10-25 Werner Koch <wk@gnupg.org>
2147
2148
* call-agent.c (learn_status_cb, scd_genkey_cb): Fixed faulty use
2149
of !spacep().
2150
2151
2003-10-20 Werner Koch <wk@gnupg.org>
2152
2153
* card-util.c (card_edit): New command "passwd". Add logic to
2154
check the PIN in advance.
2155
(card_status): Add new args to return the serial number. Changed
2156
all callers.
2157
* call-agent.c (agent_scd_checkpin): New.
2158
2159
2003-10-08 Werner Koch <wk@gnupg.org>
2160
2161
* call-agent.c (agent_scd_getattr): Don't clear the passed info
2162
structure, so that it can indeed be updated.
2163
2164
* card-util.c (fpr_is_zero): New.
2165
(generate_card_keys): New.
2166
(card_edit): New command "generate".
2167
* keygen.c (generate_keypair): New arg CARD_SERIALNO, removed call
2168
to check_smartcard.
2169
(check_smartcard,show_smartcard): Removed.
2170
(show_sha1_fpr,fpr_is_zero): Removed.
2171
2172
2003-10-01 Werner Koch <wk@gnupg.org>
2173
2174
* card-util.c: Tweaked to use this source also under 1.3.
2175
2176
2003-09-30 Werner Koch <wk@gnupg.org>
2177
2178
* keylist.c (print_card_serialno): New.
2179
(list_keyblock_print): Use it here.
2180
2181
* card-util.c (toggle_forcesig): New.
2182
(card_edit): New command "forcesig".
2183
2184
* card-util.c (print_name, print_isoname): Use 0 and not LF fro
2185
the max_n arg of tty_print_utf8_string2.
2186
2187
* call-agent.c (agent_scd_getattr): New.
2188
(learn_status_cb): Release values before assignment so that it can
2189
be used by getattr to update the structure.
2190
2191
* card-util.c (change_pin): Simplified. We now have only a PIN
2192
and an Admin PIN.
2193
2194
2003-09-27 Werner Koch <wk@gnupg.org>
2195
2196
* sign.c (do_sign): Removed disabled testcode.
2197
2198
2003-09-26 Timo Schulz <twoaday@freakmail.de>
2199
2200
* card_status (card_status): Do not use fputs since the fp
2201
parameter can be NULL. This fixes a segv.
2202
2203
2003-09-24 Werner Koch <wk@gnupg.org>
2204
2205
* card-util.c (print_isoname,card_status): Handle opt.with_colons.
2206
(print_sha1_fpr_colon): New.
2207
2208
2003-09-23 Werner Koch <wk@gnupg.org>
2209
2210
Merged most of David Shaw's changes in 1.3 since 2003-06-03.
2211
2212
* Makefile.am: Include W32LIBS where appropriate.
2213
2214
* armor.c (parse_hash_header,armor_filter): Drop TIGER/192 support.
2215
* g10.c (print_hex,print_mds): Ditto.
2216
* pkclist.c (algo_available): Ditto.
2217
2218
* armor.c (armor_filter): Allow using --comment multiple times to
2219
get multiple Comment header lines. --no-comments resets list.
2220
* options.h, g10.c (main): Ditto. Deprecate --default-comment in
2221
favor of --no-comments.
2222
2223
* g10.c (main): Trim --help to commonly used options. Remove -f.
2224
2225
* g10.c (main): Add --multifile as an alias to turn --encrypt into
2226
--encrypt-files (plus --verify-files, --decrypt-files). Error out
2227
if --multifile is used with the commands that don't support it yet.
2228
2229
* encode.c (use_mdc), g10.c (main): Use RFC1991 and RFC2440
2230
directly to check for MDC usability. Do not set the force_mdc or
2231
disable_mdc flags since there is no point any longer.
2232
2233
* g10.c (main): Use "keyserver-url" instead of
2234
"preferred-keyserver" for the sake of short and simple commands.
2235
(add_keyserver_url): Clarify a few strings. It's a
2236
"preferred keyserver URL".
2237
* keyedit.c (keyedit_menu): Ditto.
2238
* sign.c (mk_notation_policy_etc): Ditto.
2239
2240
* main.h, keygen.c (keygen_add_keyserver_url): Signature callback
2241
for adding a keyserver URL.
2242
* keyedit.c (keyedit_menu, menu_set_keyserver_url): New command to
2243
set preferred keyserver to specified (or all) user IDs.
2244
* build-packet.c (build_sig_subpkt): Set preferred keyserver flag
2245
while building a preferred keyserver subpacket.
2246
2247
* keylist.c (show_policy_url, show_keyserver_url): URLs might be
2248
UTF8.
2249
2250
* keyedit.c (menu_addrevoker): Fix leaking a few bytes.
2251
2252
* keyedit.c (show_key_with_all_names): Use list-option
2253
show-long-keyid in main --edit-key display.
2254
2255
* keyedit.c (print_and_check_one_sig): Use list-option
2256
show-long-keyid in --edit-key "check" function.
2257
2258
* passphrase.c (agent_send_all_options): Make use of $GPG_TTY.
2259
2260
* g10.c (main): Disable use-agent if passphrase-fd is given
2261
later. Suggested by Kurt Garloff.
2262
2263
* exec.c, g10.c, gpgv.c, passphrase.c, photoid.c:
2264
s/__MINGW32__/_WIN32/ to help building on native Windows
2265
compilers. Requested by Brian Gladman. From Werner on stable
2266
branch.
2267
2268
* options.h, g10.c (main): Add list-option
2269
list-preferred-keyserver.
2270
2271
* keyedit.c (change_passphrase): When responding 'no' to the blank
2272
passphrase question, re-prompt for a new passphrase. This is bug
2273
#202.
2274
2275
* mainproc.c (check_sig_and_print): Use two different preferred
2276
keyserver displays - one if the key is not present (to tell the
2277
user where to get the key), the other if it is present (to tell
2278
the user where the key can be refreshed).
2279
2280
* packet.h, parse-packet.c (parse_signature): Set flag if a
2281
preferred keyserver is present.
2282
2283
* keylist.c (list_keyblock_print): Show keyserver url in listings
2284
with list-option show-keyserver-url.
2285
2286
* mainproc.c (check_sig_and_print): Get the uid validity before
2287
printing any sig results to avoid munging the output with trustdb
2288
warnings.
2289
2290
* g10.c (main): Don't include --show-keyring in --help as it is
2291
deprecated.
2292
2293
* options.skel: Note that keyserver.pgp.com isn't synchronized,
2294
and explain the roundrobin a bit better.
2295
2296
* sig-check.c (check_key_signature2), import.c (import_one,
2297
import_revoke_cert, chk_self_sigs, delete_inv_parts,
2298
collapse_uids, merge_blocks): Make much quieter during import of
2299
slightly munged, but recoverable, keys. Use log_error for
2300
unrecoverable import failures.
2301
2302
* keyring.c (keyring_rebuild_cache): Comment.
2303
2304
* sign.c (mk_notation_and_policy): Making a v3 signature with
2305
notations or policy urls is an error, not an info (i.e. increment
2306
the errorcount). Don't print the notation or policy url to stdout
2307
since it can be mixed into the output stream when piping and munge
2308
the stream.
2309
2310
* packet.h, sig-check.c (signature_check2, do_check,
2311
do_check_messages): Provide a signing-key-is-revoked flag. Change
2312
all callers.
2313
2314
* status.h, status.c (get_status_string): New REVKEYSIG status tag
2315
for a good signature from a revoked key.
2316
2317
* mainproc.c (do_check_sig, check_sig_and_print): Use it here.
2318
2319
* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare
2320
actual signatures on import rather than using keyid or class
2321
matching. This does not change actual behavior with a key, but
2322
does mean that all sigs are imported whether they will be used or
2323
not.
2324
2325
* parse-packet.c (parse_signature): Don't give "signature packet
2326
without xxxx" warnings for experimental pk algorithms. An
2327
experimental algorithm may not have a notion of (for example) a
2328
keyid (i.e. PGP's x.509 stuff).
2329
2330
* options.h, g10.c (main), keylist.c (list_keyblock_print),
2331
keyedit.c (print_and_check_one_sig): New "show-sig-expire"
2332
list-option to show signature expiration dates (if any).
2333
2334
* options.h, g10.c (main, add_keyserver_url): Add
2335
--sig-preferred-keyserver to implant a "where to get my key"
2336
subpacket into a signature.
2337
2338
* sign.c (mk_notation_and_policy): Rename to
2339
mk_notation_policy_etc and add preferred keyserver support for
2340
signatures.
2341
2342
* keygen.c (do_add_key_flags): Don't set the certify flag for
2343
subkeys.
2344
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal
2345
subkeys.
2346
(generate_keypair): Provide key flags for the default DSA/Elgamal
2347
keys.
2348
2349
* sig-check.c (signature_check, signature_check2,
2350
check_key_signature, check_key_signature2): Allow passing NULLs
2351
for unused parameters in the x2 form of each function to avoid the
2352
need for dummy variables. getkey.c, mainproc.c: Change all
2353
callers.
2354
2355
* trustdb.h, trustdb.c (read_trust_options): New. Returns items
2356
from the trustdb version record.
2357
* keylist.c (public_key_list): Use it here for the new "tru"
2358
record.
2359
* gpgv.c (read_trust_options): Stub.
2360
2361
* keyedit.c (show_key_with_all_names): Use list-option
2362
show-validity in --edit-key interface as well.
2363
2364
* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
2365
verify-options "show-validity" and "show-long-keyid" to show
2366
trustdb validity and long keyids during (file) signature
2367
verification.
2368
2369
* packet.h, main.h, sig-check.c (signature_check2)
2370
(check_key_signature2, do_check): If ret_pk is set, fill in the pk
2371
used to verify the signature. Change all callers in getkey.c,
2372
mainproc.c, and sig-check.c.
2373
2374
* keylist.c (list_keyblock_colon): Use the ret_pk from above to
2375
put the fingerprint of the signing key in "sig" records during a
2376
--with-colons --check-sigs. This requires --no-sig-cache as well
2377
since we don't cache fingerprints.
2378
2379
* parse-packet.c (parse_signature): No need to reserve 8 bytes for
2380
the unhashed signature cache any longer.
2381
2382
* misc.c (pct_expando): Add two new expandos - signer's
2383
fingerprint (%g), and signer's primary fingerprint (%p).
2384
2385
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few
2386
months, they won't be the same thing.
2387
2388
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for
2389
"hkp", since it is occasionally written that way.
2390
(keyserver_spawn): Use ascii_isspace to avoid locale issues.
2391
2392
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the
2393
email field as well as the name field, and allow mixing fields
2394
when it is set.
2395
2396
* trustdb.c (validate_one_keyblock): Certifications on revoked or
2397
expired uids do not count in the web of trust.
2398
2399
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
2400
sigprocmask() if we have sigset_t, and only use sigaction() if we
2401
have struct sigaction. This is for Forte c89 on Solaris which
2402
seems to define only the function call half of the two pairs by
2403
default.
2404
(pause_on_sigusr): Typo.
2405
(do_block): If we can't use sigprocmask() and sigset_t, try to get
2406
the number of signals from NSIG as well as MAXSIG, and if we
2407
can't, fail with an explanation.
2408
2409
* signal.c, tdbio.c: Comment out the transaction code. It was not
2410
used in this version, and was causing some build problems on
2411
quasi-posix platforms (Solaris and Forte c89).
2412
2413
* keylist.c (list_keyblock_colon): Don't include validity values
2414
when listing secret keys since they can be incorrect and/or
2415
misleading. This is a temporary kludge, and will be handled
2416
properly in 1.9/2.0.
2417
2418
* mainproc.c (check_sig_and_print): Only show the "key available
2419
from" preferred keyserver line if the key is not currently
2420
present.
2421
2422
* keyedit.c (sign_uids): Do not sign expired uids without --expert
2423
(same behavior as revoked uids). Do not allow signing a user ID
2424
without a self-signature. --expert overrides. Add additional
2425
prompt to the signature level question.
2426
(menu_expire): When changing expiration dates, don't replace
2427
selfsigs on revoked uids since this would effectively unrevoke
2428
them. There is also no point in replacing expired selfsigs. This
2429
is bug #181
2430
2431
* g10.c (add_notation_data): Make sure that only ascii is passed
2432
to iscntrl. Noted by Christian Biere.
2433
* getkey.c (classify_user_id2): Replaced isspace by spacep
2434
* keygen.c (ask_user_id): Ditto.
2435
(get_parameter_algo): Ditto.
2436
* keyedit.c (keyedit_menu): Ditto.
2437
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
2438
* revoke.c (ask_revocation_reason):
2439
* keyserver.c (keyserver_spawn): Dito.
2440
2441
* parse-packet.c (parse): Disallow old style partial length for
2442
all key material packets to avoid possible corruption of keyrings.
2443
2444
* import.c (import_keys_internal): Invalidate the cache so that
2445
the file descriptor gets closed. Fixes bug reported by Juan
2446
F. Codagnone.
2447
2448
* options.h, g10.c (main), main.h, keylist.c (show_keyserver_url),
2449
mainproc.c (check_sig_and_print), parse-packet.c (dump_sig_subpkt,
2450
parse_one_sig_subpkt, can_handle_critical): Add read-only support
2451
for preferred keyserver subpackets. They're basically policy URLs
2452
with a different name. Add a verify-option
2453
"show-preferred-keyserver" to turn them on and off (on by default,
2454
as per stable branch).
2455
2456
* g10.c (main): Add "--set-notation" as alias to "--notation-data"
2457
this is to make things consistent with --set-policy-url meaning
2458
both sigs and certs.
2459
2460
* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
2461
"show-validity" and "show-long-keyid" list-options.
2462
2463
* gpgv.c (get_validity, trust_value_to_string): Stubs.
2464
2465
* g10.c (main): Use SAFE_VERSION instead of VERSION in the
2466
version-specific gpg.conf file so it can be overridden on RISCOS.
2467
2468
* keyedit.c (show_key_with_all_names): Fix assertion failure when
2469
using toggle to see a secret key. Reported by Maxim Britov.
2470
2471
2472
2003-09-22 Timo Schulz <twoaday@freakmail.de>
2473
2474
* card-util.c (card_status): Free pk in case of an error
2475
and return if the card is no OpenPGP card.
2476
2477
2003-09-18 Werner Koch <wk@gnupg.org>
2478
2479
* g10.c: New command --card-edit.
2480
* card-util.c (card_status): Use tty_fprintf for all output.
2481
(print_sha1_fpr, print_isoname): Ditto.
2482
(get_one_name,change_name, change_url, change_login,change_lang)
2483
(change_sex): New; taken from keygen.c.
2484
* keygen.c (smartcard_get_one_name, smartcard_change_name)
2485
(smartcard_change_url, smartcard_change_login_data)
2486
(smartcard_change_lang, smartcard_change_sex): Removed.
2487
(check_smartcard): Removed most menu items.
2488
2489
2003-09-06 Werner Koch <wk@gnupg.org>
2490
2491
* misc.c (openpgp_pk_algo_usage): Allow AUTH where SIGN is allowed.
2492
2493
* keygen.c (ask_passphrase): No need to allocated S2K in secure
2494
memory.
2495
2496
2003-09-04 Werner Koch <wk@gnupg.org>
2497
2498
* keygen.c (do_add_key_flags, parse_parameter_usage)
2499
(do_generate_keypair): Add support the proposed AUTH key flag.
2500
* getkey.c (fixup_uidnode, merge_selfsigs_main)
2501
(merge_selfsigs_subkey, premerge_public_with_secret): Ditto.
2502
* keylist.c (print_capabilities): Ditto.
2503
2504
2003-08-25 Timo Schulz <twoaday@freakmail.de>
2505
2506
* pkglue.c (mpi_from_sexp): New. Used to factor out
2507
some common code.
2508
2509
2003-08-24 Werner Koch <wk@gnupg.org>
2510
2511
* keygen.c (do_generate_keypair): Print a reminder to use --gen-revoke.
2512
2513
2003-08-18 Timo Schulz <twoaday@freakmail.de>
2514
2515
* encode.c (encode_sesskey): Checked the code and removed
2516
the warning since all compatibility checks with PGP succeeded.
2517
* mainproc.c (symkey_decrypt_sesskey): Better check for the
2518
algorithm and check the return values of some functions.
2519
* mdc.c (use_mdc): Simplified.
2520
2521
2003-08-07 Werner Koch <wk@gnupg.org>
2522
2523
* pkglue.c (pk_sign): Fix last change.
2524
(pk_verify): Check for valid DATA array so that we don't segv in
2525
Libgcrypt.
2526
(pk_verify): Ditto.
2527
2528
2003-08-06 Werner Koch <wk@gnupg.org>
2529
2530
* pkglue.c (pk_sign): Allow signing using RSA.
2531
2532
2003-08-05 Werner Koch <wk@gnupg.org>
2533
2534
* Makefile.am (install-data-local): Dropped check for the ancient
2535
gpgm tool.
2536
(bin_PROGRAMS): Renamed gpg to gpg2 and gpgv to gpgv2. This is so
2537
that it won't conflict with the current stable version of gpg.
2538
2539
* pkglue.c (pk_check_secret_key): New.
2540
* seckey-cert.c (do_check): Reenable this test here again.
2541
2542
* g10.c (main): Add command -K as an alias for
2543
--list-secret-keys. Command "-k" is now an alias to --list-keys.
2544
Remove special treatment of -kv and -kvv.
2545
(set_cmd): Ditto.
2546
(main): Strip a "-cvs" suffix when testing for a version specific
2547
config file.
2548
2549
* status.h, status.c, g10.c [USE_SHM_COPROCESSING]: Removed. This
2550
is not any longer available.
2551
2552
2003-07-29 Werner Koch <wk@gnupg.org>
2553
2554
* g10.c (main): Add secmem features and set the random seed file.
2555
(g10_exit): Update the random seed file.
2556
2557
* parse-packet.c (parse_signature,read_protected_v3_mpi)
2558
(parse_key): Fixed use of mpi_set_opaque.
2559
* keygen.c (gen_card_key): Ditto.
2560
2561
2003-07-28 Werner Koch <wk@gnupg.org>
2562
2563
* status.c (progress_cb): Adjusted for use with Libcgrypt.
2564
(set_status_fd): Register that callback.
2565
2566
* keygen.c (smartcard_change_login_data): New.
2567
(smartcard_change_lang): New.
2568
(smartcard_change_sex): New.
2569
(check_smartcard): Add menu entries to edit the above.
2570
(gen_elg,gen_dsa,gen_rsa): Reimplemented in terms of Libgcrypt.
2571
(genhelp_protect, genhelp_factors, key_from_sexp): New.
2572
* comment.c (make_comment_node_from_buffer): New.
2573
(make_comment_node): Reimplemented in terms of above.
2574
2575
2003-07-27 Werner Koch <wk@gnupg.org>
2576
2577
Adjusted for gcry_mpi_print and gcry_mpi_scan API change.
2578
2579
2003-07-24 Werner Koch <wk@gnupg.org>
2580
2581
* g10.c: New command --card-status.
2582
* card-util.c (card_status): New.
2583
* call-agent.c (learn_status_cb): Parse more information.
2584
2585
* keylist.c (print_pubkey_info): Add FP arg for optional printing
2586
to a stream. Changed all callers.
2587
2588
2003-07-23 Werner Koch <wk@gnupg.org>
2589
2590
* keygen.c (generate_keypair): Create an AUTHKEYTYPE entry for cards.
2591
(do_generate_keypair): Abd generate the authkey.
2592
(check_smartcard): Changed menu accordingly.
2593
2594
2003-07-22 Werner Koch <wk@gnupg.org>
2595
2596
* g10.c: New command --change-pin.
2597
* card-util.c: New.
2598
* call-agent.c (agent_scd_change_pin): New.
2599
(agent_release_card_info): New.
2600
* keygen.c (check_smartcard): Use it here.
2601
2602
2003-07-16 Werner Koch <wk@gnupg.org>
2603
2604
* export.c (parse_export_options): New option sexp-format.
2605
(export_seckeys,export_secsubkeys): Check sexp-format option.
2606
(do_export): Ignore armor for sexp format.
2607
(do_export_stream): Handle sexp-format.
2608
(write_sexp_line,write_sexp_keyparm, build_sexp_seckey): New.
2609
(build_sexp): New.
2610
2611
2003-07-03 Werner Koch <wk@gnupg.org>
2612
2613
* options.h (DBG_CIPHER): Reintroduced it.
2614
* seskey.c (encode_session_key): Debug output of the session key.
2615
2616
* pubkey-enc.c (get_it): Handle card case.
2617
* call-agent.c (agent_scd_pkdecrypt): New.
2618
* pkglue.c (pk_encrypt): Add RSA support.
2619
2620
* g10.c (main): Default to --use-agent.
2621
2622
* keygen.c (show_smartcard): Print info about the public key.
2623
(check_smartcard): Check for existing key here.
2624
(gen_card_key): And not anymore here.
2625
(fpr_is_zero): New.
2626
(generate_keypair): Generate both keys for a card.
2627
(smartcard_change_url): Nw.
2628
2629
2003-07-02 Werner Koch <wk@gnupg.org>
2630
2631
* seckey-cert.c (is_secret_key_protected): Let it handle mode 1002.
2632
2633
2003-07-01 Werner Koch <wk@gnupg.org>
2634
2635
* keygen.c (gen_card_key): Obviously we should use the creation
2636
date received from SCDAEMON, so that the fingerprints will match.
2637
* sign.c (do_sign): Pass the serialno to the sign code.
2638
* keyid.c (serialno_and_fpr_from_sk): New.
2639
2640
2003-06-30 Werner Koch <wk@gnupg.org>
2641
2642
* call-agent.h (agent_card_info_s): Add field serialno.
2643
* call-agent.c (store_serialno): New.
2644
(learn_status_cb): Store the serial number.
2645
* keygen.c (gen_card_key): Store the serial number
2646
(check_smartcard): New argument to return the serial number.
2647
(generate_keypair): Get the serial number from check_smartcard and
2648
store it as a parameter.
2649
* parse-packet.c (parse_key): Use the protect.iv field to store the
2650
serial number.
2651
* build-packet.c (do_secret_key): Write the serial number.
2652
2653
2003-06-27 Werner Koch <wk@gnupg.org>
2654
2655
* seckey-cert.c (check_secret_key): Bypass the unprotection for
2656
mode 1002.
2657
* sign.c (do_sign): Handle card case (i.e. mode 1002).
2658
2659
2003-06-26 Werner Koch <wk@gnupg.org>
2660
2661
* build-packet.c (do_secret_key): Implement special protection
2662
mode 1002.
2663
* parse-packet.c (parse_key): Likewise.
2664
2665
* keygen.c (smartcard_gen_key): New.
2666
* call-agent.c (agent_scd_setattr): New.
2667
2668
2003-06-24 Werner Koch <wk@gnupg.org>
2669
2670
* Makefile.am: Removed signal.c
2671
2672
* g10.c (emergency_cleanup): New.
2673
(main): Use gnupg_init_signals and register malloc for assuan.
2674
2675
2003-06-23 Werner Koch <wk@gnupg.org>
2676
2677
* keyid.c (do_fingerprint_md): Made it work again.
2678
2679
2003-06-19 Werner Koch <wk@gnupg.org>
2680
2681
Fixed all "==" comparisons against error code constants to use
2682
gpg_err_code().
2683
2684
* import.c (import_secret_one):
2685
(import_revoke_cert):
2686
(chk_self_sigs):
2687
2688
* misc.c (openpgp_md_map_name): Check also for the Hx format.
2689
(openpgp_cipher_map_name): Check also for the Sx format.
2690
(pubkey_get_npkey): Adjusted for changed gcrypt API.
2691
(pubkey_get_nskey): Ditto.
2692
(pubkey_get_nsig): Ditto.
2693
(pubkey_get_nenc): Ditto.
2694
2695
2003-06-18 Werner Koch <wk@gnupg.org>
2696
2697
Finished the bulk of changes for gnupg 1.9. This included
2698
switching to libgcrypt functions, using shared error codes from
2699
libgpg-error, replacing the old functions we used to have in
2700
../util by those in ../jnlib and ../common, renaming the malloc
2701
functions and a couple of types. Note, that not all changes are
2702
listed below becuause they are too similar and done at far too
2703
many places. As of today the code builds using the current
2704
libgcrypt from CVS but it is very unlikely that it actually works.
2705
2706
* sig-check.c (cmp_help): Removed. Was never used.
2707
2708
* pkglue.c: New. Most stuff taken from gnupg 1.1.2.
2709
* pkglue.h: New.
2710
2711
* misc.c (pull_in_libs): Removed.
2712
2713
* keygen.c (count_chr): New.
2714
(ask_user_id): Removed faked RNG support.
2715
2716
* misc.c (openpgp_md_map_name,openpgp_cipher_map_name)
2717
(openpgp_pk_map_name): New.
2718
2719
* skclist.c (build_sk_list): Removed faked RNG support.
2720
(is_insecure): Removed.
2721
2722
* comment.c (make_mpi_comment_node): Use gcry MPI print function.
2723
2724
* keyid.c (v3_keyid): New.
2725
2726
* misc.c (mpi_write,mpi_write_opaque,mpi_read,mpi_read_opaque)
2727
(mpi_print): New. Taken from gnupg 1.1.2.
2728
(checksum_mpi): Replaced by implementation from 1.1.2.
2729
2730
* g10.c (my_strusage): Renamed from strusage and return NULL
2731
instead calling a default function.
2732
(add_to_strlist2): New. Taken from ../util/strgutil.c of gnupg 1.2.
2733
2734
* plaintext.c (handle_plaintext): New arg CREATE_FILE to cope with
2735
the fact that gpg-error does not have this error code anymore.
2736
2737
* mainproc.c (symkey_decrypt_sesskey): Ditto.
2738
2739
* seskey.c (make_session_key): Adjusted for use with libgcrypt.
2740
(encode_session_key): Ditto.
2741
(do_encode_md): Ditto.
2742
(encode_md_value): Ditto.
2743
2744
* keyring.c: Use libgpg-error instead of READ_ERROR etc.
2745
2746
* g10.c: Adjusted all algorithm name/id mapping functions.
2747
(set_debug): Pass MPI and CRYPTO debug values to libgcrypt.
2748
2749
* Makefile.am (INCLUDES): Define LOCALEDIR and the default error
2750
source.
2751
2752
* g10.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/.
2753
2754
Renamed m_alloc et al to xmalloc et al.
2755
s/g10_errstr/gpg_strerror/
2756
s/MPI/gcry_mpi_t/
2757
Adjusted all md_open calls to the libgcrypt API.
2758
2759
* build-packet.c (do_comment): Return error code from iobuf write
2760
function.
2761
(do_user_id): Ditto.
2762
(do_public_key): Ditto.
2763
2764
* Makefile.am: Add new files, link gpg with libgpg-error.
2765
* g10.c, options.h: New option --agent-program.
2766
* call-agent.c: New.
2767
* gpg.h, call-agent.h: New.
2768
2769
2003-06-03 David Shaw <dshaw@jabberwocky.com>
2770
2771
* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
2772
"show-validity" and "show-long-keyid" list-options.
2773
2774
* gpgv.c (get_validity, trust_value_to_string): Stubs.
2775
2776
* g10.c (main): Use SAFE_VERSION instead of VERSION in the
2777
version-specific gpg.conf file so it can be overridden on RISCOS.
2778
2779
2003-06-01 David Shaw <dshaw@jabberwocky.com>
2780
2781
* g10.c (main), keylist.c (show_policy_url, show_notation),
2782
mainproc.c (check_sig_and_print): Emulate the old policy and
2783
notation behavior (display by default). Send to status-fd whether
2784
it is displayed on the screen or not.
2785
2786
* g10.c (main): Since we now have some options in devel that won't
2787
work in a stable branch gpg.conf file, try for a version-specific
2788
gpg.conf-VERSION file before falling back to gpg.conf.
2789
2790
* main.h, options.h: Move various option flags to options.h.
2791
2792
2003-05-31 David Shaw <dshaw@jabberwocky.com>
2793
2794
* mainproc.c (check_sig_and_print), main.h, keylist.c
2795
(show_policy, show_notation): Collapse the old print_notation_data
2796
into show_policy() and show_notation() so there is only one
2797
function to print notations and policy URLs.
2798
2799
* options.h, main.h, g10.c (main), keyedit.c
2800
(print_and_check_one_sig), keylist.c (list_one,
2801
list_keyblock_print), pkclist.c (do_edit_ownertrust), sign.c
2802
(mk_notation_and_policy): New "list-options" and "verify-options"
2803
commands. These replace the existing
2804
--show-photos/--no-show-photos,
2805
--show-notation/--no-show-notation,
2806
--show-policy-url/--no-show-policy-url, and --show-keyring
2807
options. The new method is more flexible since a user can specify
2808
(for example) showing photos during sig verification, but not in
2809
key listings. The old options are emulated.
2810
2811
* main.h, misc.c (parse_options): New general option line
2812
parser. Fix the bug in the old version that did not handle report
2813
syntax errors after a valid entry.
2814
2815
* import.c (parse_import_options), export.c
2816
(parse_export_options): Call it here instead of duplicating the
2817
code.
2818
2819
2003-05-30 David Shaw <dshaw@jabberwocky.com>
2820
2821
* keylist.c (list_one): Don't show the keyring filename when in
2822
--with-colons mode. Actually translate "Keyring" string.
2823
2824
* mainproc.c (proc_tree): We can't currently handle multiple
2825
signatures of different classes or digests (we'd pretty much have
2826
to run a different hash context for each), but if they are all the
2827
same, make an exception. This is Debian bug #194292.
2828
2829
* sig-check.c (check_key_signature2): Make string translatable.
2830
2831
* packet.h, getkey.c (fixup_uidnode): Mark real primary uids
2832
differently than assumed primaries.
2833
2834
* keyedit.c (no_primary_warning): Use the differently marked
2835
primaries here in a new function to warn when an --edit-key
2836
command might rearrange the self-sig dates enough to change which
2837
uid is primary.
2838
(menu_expire, menu_set_preferences): Use no_primary_warning()
2839
here.
2840
2841
* Makefile.am: Use @DLLIBS@ for -ldl.
2842
2843
2003-05-26 David Shaw <dshaw@jabberwocky.com>
2844
2845
* getkey.c (premerge_public_with_secret): Made "no secret subkey
2846
for" warning a verbose item and translatable. (From wk on stable
2847
branch)
2848
2849
* sig-check.c (check_key_signature2): Made "no subkey for subkey
2850
binding packet" a verbose item instead of a !quiet one. There are
2851
too many garbled keys out in the wild. (From wk on stable branch)
2852
2853
* filter.h: Remove const from WHAT. (From wk on stable branch)
2854
2855
* progress.c (handle_progress): Store a copy of
2856
NAME. (progress_filter): Release WHAT, make sure not to print a
2857
NULL WHAT. (From wk on stable branch)
2858
2859
* openfile.c (open_sigfile): Adjust free for new progress
2860
semantics. (From wk on stable branch)
2861
2862
* plaintext.c (ask_for_detached_datafile): Don't dealloc
2863
pfx->WHAT. (From wk on stable branch)
2864
2865
* seckey-cert.c (do_check): Issue the RSA_OR_IDEA status when the
2866
cipher algo is IDEA to make it easier to track down the
2867
problem. (From twoaday on stable branch)
2868
2869
2003-05-24 David Shaw <dshaw@jabberwocky.com>
2870
2871
* armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c,
2872
build-packet.c, getkey.c, keydb.c, openfile.c, plaintext.c,
2873
status.c, gpgv.c, keygen.c, options.h, sig-check.c, tdbio.h,
2874
encode.c, mainproc.c, parse-packet.c, signal.c, textfilter.c: Edit
2875
all preprocessor instructions to remove whitespace before the '#'.
2876
This is not required by C89, but there are some compilers out
2877
there that don't like it.
2878
2879
2003-05-21 David Shaw <dshaw@jabberwocky.com>
2880
2881
* trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename
2882
is_disabled to cache_disabled_value, which now takes a pk and not
2883
just the keyid. This is for speed since there is no need to
2884
re-fetch a key when we already have that key handy. Cache the
2885
result of the check so we don't need to hit the trustdb more than
2886
once.
2887
2888
* getkey.c (skip_disabled): New function to get a pk and call
2889
is_disabled on it. (key_byname): Use it here.
2890
2891
* packet.h, getkey.c (skip_disabled), keylist.c
2892
(print_capabilities): New "pk_is_disabled" macro to retrieve the
2893
cached disabled value if available, and fill it in via
2894
cache_disabled_value if not available.
2895
2896
* trustdb.c (get_validity): Cache the disabled value since we have
2897
it handy and it might be useful later.
2898
2899
* parse-packet.c (parse_key): Clear disabled flag when parsing a
2900
new key. Just in case someone forgets to clear the whole key.
2901
2902
* getkey.c (merge_selfsigs_main): Add an "if all else fails" path
2903
for setting a single user ID primary when there are multiple set
2904
primaries all at the same second, or no primaries set and the most
2905
recent user IDs are at the same second, or no signed user IDs at
2906
all. This is arbitrary, but deterministic.
2907
2908
* exec.h, photoid.h: Add copyright message.
2909
2910
* keylist.c (list_keyblock_print): Don't dump attribs for
2911
revoked/expired/etc uids for non-colon key listings. This is for
2912
consistency with --show-photos.
2913
2914
* main.h, keylist.c (dump_attribs), mainproc.c
2915
(check_sig_and_print): Dump attribs if --attrib-fd is set when
2916
verifying signatures.
2917
2918
* g10.c (main): New --gnupg option to disable the various
2919
--openpgp, --pgpX, etc. options. This is the same as --no-XXXX
2920
for those options.
2921
2922
* revoke.c (ask_revocation_reason): Clear old reason if user
2923
elects to repeat question. This is bug 153.
2924
2925
* keyedit.c (sign_uids): Show keyid of the key making the
2926
signature.
2927
2928
2003-05-21 Werner Koch <wk@gnupg.org>
2929
2930
* progress.c (handle_progress)
2931
* sign.c (write_plaintext_packet)
2932
* encode.c (encode_simple,encode_crypt): Make sure that a filename
2933
of "-" is considered to be stdin so that iobuf_get_filelength
2934
won't get called. This fixes bug 156 reported by Gregery Barton.
2935
2936
2003-05-02 David Shaw <dshaw@jabberwocky.com>
2937
2938
* packet.h, build-packet.c (build_sig_subpkt), export.c
2939
(do_export_stream), import.c (remove_bad_stuff, import),
2940
parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt): Remove
2941
vestigal code for the old sig cache subpacket. This wasn't
2942
completely harmless as it caused subpacket 101 to disappear on
2943
import and export.
2944
2945
* options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c,
2946
sign.c, encode.c, getkey.c, revoke.c: The current flags for
2947
different levels of PGP-ness are massively complex. This is step
2948
one in simplifying them. No functional change yet, just use a
2949
macro to check for compliance level.
2950
2951
* sign.c (sign_file): Fix bug that causes spurious compression
2952
preference warning.
2953
2954
* sign.c (clearsign_file): Fix bug that prevents proper warning
2955
message from appearing when clearsigning in --pgp2 mode with a
2956
non-v3 RSA key.
2957
2958
* main.h, misc.c (compliance_option_string, compliance_string,
2959
compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file,
2960
clearsign_file), encode.c (encode_crypt,
2961
write_pubkey_enc_from_list): New functions to put the "this
2962
message may not be usable...." warning in one place.
2963
2964
* options.h, g10.c (main): Part two of the simplification. Use a
2965
single enum to indicate what we are compliant to (1991, 2440,
2966
PGPx, etc.)
2967
2968
* g10.c (main): Show errors for failure in export, send-keys,
2969
recv-keys, and refresh-keys.
2970
2971
* options.h, g10.c (main): Give algorithm warnings for algorithms
2972
chosen against the --pgpX and --openpgp rules.
2973
2974
* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in
2975
--openpgp mode.
2976
2977
* sign.c (sign_file), pkclist.c (algo_available): Allow passing a
2978
hint of 0.
2979
2980
2003-05-01 David Shaw <dshaw@jabberwocky.com>
2981
2982
* tdbio.c (create_version_record): Only create new trustdbs with
2983
TM_CLASSIC or TM_PGP.
2984
2985
* trustdb.h, trustdb.c (trust_string, get_ownertrust_string,
2986
get_validity_string, ask_ownertrust, validate_keys), pkclist.c
2987
(do_edit_ownertrust): Rename trust_string to trust_value_to_string
2988
for naming consistency.
2989
2990
* trustdb.h, trustdb.c (string_to_trust_value): New function to
2991
translate a string to a trust value.
2992
2993
* g10.c (main): Use string_to_trust_value here for
2994
--force-ownertrust.
2995
2996
* options.h, g10.c (main), trustdb.c (trust_model_string,
2997
init_trustdb, check_trustdb, update_trustdb, get_validity,
2998
validate_one_keyblock): An "OpenPGP" trust model is misleading
2999
since there is no official OpenPGP trust model. Use "PGP"
3000
instead.
3001
3002
2003-04-30 David Shaw <dshaw@jabberwocky.com>
3003
3004
* build-packet.c (build_sig_subpkt): Comments.
3005
3006
* exec.c (exec_write): Cast NULL to void* to properly terminate
3007
varargs list.
3008
3009
* keyedit.c (show_key_with_all_names): Just for safety, catch an
3010
invalid pk algorithm.
3011
3012
* sign.c (make_keysig_packet): Crucial that the call to mksubpkt
3013
comes LAST before the calls to finalize the sig as that makes it
3014
possible for the mksubpkt function to get a reliable pointer to
3015
the subpacket area.
3016
3017
* pkclist.c (do_we_trust_pre): If an untrusted key was chosen by a
3018
particular user ID, use that ID as the one to ask about when
3019
prompting whether to use the key anyway.
3020
(build_pk_list): Similar change here when adding keys to the
3021
recipient list.
3022
3023
* trustdb.c (update_validity): Fix bug that prevented more than
3024
one validity record per trust record.
3025
(get_validity): When retrieving validity for a (user) supplied
3026
user ID, return the validity for that user ID only, and do not
3027
fall back to the general key validity.
3028
(validate_one_keyblock): Some commentary on whether
3029
non-self-signed user IDs belong in the web of trust (arguably,
3030
they do).
3031
3032
2003-04-27 David Shaw <dshaw@jabberwocky.com>
3033
3034
* g10.c (main): Add --no-textmode.
3035
3036
* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
3037
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
3038
(show_photos), sign.c (mk_notation_and_policy), trustdb.c
3039
(get_validity, reset_trust_records, validate_keys): Make some
3040
strings translatable.
3041
3042
* mainproc.c (check_sig_and_print): Show digest algorithm and sig
3043
class when verifying a sig with --verbose on, and add version, pk
3044
and hash algorithms and sig class to VALIDSIG.
3045
3046
* parse-packet.c (enum_sig_subpkt): Make a warning message a
3047
--verbose warning message since we don't need to warn every time
3048
we see an unknown critical (we only need to invalidate the
3049
signature).
3050
3051
* trustdb.c (init_trustdb): Check the trustdb options even with
3052
TM_AUTO since the auto may become TM_CLASSIC or TM_OPENPGP.
3053
3054
2003-04-26 David Shaw <dshaw@jabberwocky.com>
3055
3056
* sign.c (do_sign): Show the hash used when making a signature in
3057
verbose mode.
3058
3059
* tdbio.h, tdbio.c (tdbio_read_model): New function to return the
3060
trust model used in a given trustdb.
3061
3062
* options.h, g10.c (main), trustdb.c (init_trustdb, check_trustdb,
3063
update_trustdb): Use tdbio_read_model to implement an "auto" trust
3064
model which is set via the trustdb.
3065
3066
2003-04-23 David Shaw <dshaw@jabberwocky.com>
3067
3068
* import.c (import_revoke_cert): Remove ultimate trust when
3069
revoking an ultimately trusted key.
3070
3071
* keyedit.c (sign_uids): Allow replacing expired signatures.
3072
Allow duplicate signatures with --expert.
3073
3074
* pkclist.c (check_signatures_trust): Don't display a null
3075
fingerprint when checking a signature with --always-trust enabled.
3076
3077
* filter.h (progress_filter_context_t), progress.c
3078
(handle_progress), plaintext.c (ask_for_detached_datafile,
3079
hash_datafiles): Fix compiler warnings. Make "what" constant.
3080
3081
* build-packet.c (do_plaintext): Do not create invalid literal
3082
packets with >255-byte names.
3083
3084
2003-04-15 Werner Koch <wk@gnupg.org>
3085
3086
* Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
3087
3088
* g10.c, options.h: New option --enable-progress-filter.
3089
* progress.c (handle_progress): Make use of it.
3090
3091
2003-04-15 Marcus Brinkmann <marcus@g10code.de>
3092
3093
* progress.c: New file.
3094
* Makefile.am (common_source): Add progress.c.
3095
* filter.h (progress_filter_context_t): New type.
3096
(progress_filter, handle_progress): New prototypes.
3097
* main.h (open_sigfile): New argument for prototype.
3098
* openfile.c (open_sigfile): New argument to install progress
3099
filter.
3100
* encode.c (encode_simple): New variable PFX. Register
3101
progress filter. Install text_filter after that.
3102
(encode_crypt): Likewise.
3103
* sign.c (sign_file): Likewise.
3104
(clearsign_file): Likewise.
3105
* decrypt.c (decrypt_message): Likewise.
3106
(decrypt_messages): Likewise.
3107
* verify.c (verify_signatures): Likewise.
3108
(verify_one_file): Likewise.
3109
* plaintext.c (hash_datafiles): Likewise.
3110
(ask_for_detached_datafile): Likewise.
3111
3112
2003-04-10 Werner Koch <wk@gnupg.org>
3113
3114
* passphrase.c (read_passphrase_from_fd): Do a dummy read if the
3115
agent is to be used. Noted by Ingo Klöcker.
3116
(agent_get_passphrase): Inhibit caching when we have no
3117
fingerprint. This is required for key generation as well as for
3118
symmetric only encryption.
3119
3120
* passphrase .c (agent_get_passphrase): New arg CANCELED.
3121
(passphrase_to_dek): Ditto. Passed to above. Changed all
3122
callers to pass NULL.
3123
* seckey-cert.c (do_check): New arg CANCELED.
3124
(check_secret_key): Terminate loop when canceled.
3125
3126
* keyedit.c (change_passphrase): Pass ERRTEXT untranslated to
3127
passphrase_to_dek and translate where appropriate.
3128
* seckey-cert.c (check_secret_key): Ditto.
3129
* keygen.c (ask_passphrase): Ditto.
3130
* passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT.
3131
Switch the codeset to utf-8.
3132
3133
2003-04-09 Werner Koch <wk@gnupg.org>
3134
3135
* decrypt.c (decrypt_messages): Fixed error handling; the function
3136
used to re-loop with same file after an error. Reported by Joseph
3137
Walton.
3138
3139
2003-04-08 David Shaw <dshaw@jabberwocky.com>
3140
3141
* main.h, g10.c (main), import.c (parse_import_options,
3142
fix_pks_corruption): It's really PKS corruption, not HKP
3143
corruption. Keep the old repair-hkp-subkey-bug command as an
3144
alias.
3145
3146
* g10.c (main): Rename --no-version to --no-emit-version for
3147
consistency. Keep --no-version as an alias.
3148
3149
2003-04-04 David Shaw <dshaw@jabberwocky.com>
3150
3151
* pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.
3152
3153
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Remove
3154
unused code.
3155
3156
2003-04-01 Werner Koch <wk@gnupg.org>
3157
3158
* mainproc.c (check_sig_and_print): Add primary key fpr to VALIDSIG
3159
status.
3160
3161
2003-03-24 David Shaw <dshaw@jabberwocky.com>
3162
3163
* keydb.h: Err on the side of making an unknown signature a SIG
3164
rather than a CERT.
3165
3166
* import.c (delete_inv_parts): Discard any key signatures that
3167
aren't key types (i.e. 0x00, 0x01, etc.)
3168
3169
* g10.c (main): Add deprecated option warning for
3170
--list-ownertrust. Add --compression-algo alias for
3171
--compress-algo. Change --version output strings to match
3172
"showpref" strings, and make translatable.
3173
3174
* status.c (do_get_from_fd): Accept 'y' as well as 'Y' for
3175
--command-fd boolean input.
3176
3177
* trustdb.c: Fix typo (DISABLE_REGEXP -> DISABLE_REGEX)
3178
3179
* keyedit.c (show_key_with_all_names_colon): Show no-ks-modify
3180
flag.
3181
3182
2003-03-11 David Shaw <dshaw@jabberwocky.com>
3183
3184
* options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv"
3185
keyserver option. Defaults to on.
3186
3187
* passphrase.c (agent_get_passphrase): Fix memory leak with
3188
symmetric messages. Fix segfault with symmetric messages. Fix
3189
incorrect prompt with symmetric messages.
3190
3191
2003-03-10 Werner Koch <wk@gnupg.org>
3192
3193
* compress.c (init_uncompress): Use a 15 bit window size so that
3194
the output of implementations which don't run for PGP 2
3195
compatibility won't get garbled.
3196
3197
2003-03-04 David Shaw <dshaw@jabberwocky.com>
3198
3199
* trustdb.c (validate_keys): Mask the ownertrust when building the
3200
list of fully valid keys so that disabled keys are still counted
3201
in the web of trust.
3202
(get_ownertrust_with_min): Do the same for the minimum ownertrust
3203
calculation.
3204
3205
* parse-packet.c (dump_sig_subpkt): Show the notation names for
3206
not-human-readable notations. Fix cosmetic off-by-one length
3207
counter.
3208
3209
* options.skel: Add explantion and commented-out
3210
"no-mangle-dos-filenames".
3211
3212
* mainproc.c (proc_encrypted): Make string translatable.
3213
3214
* keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit
3215
characters in the uid strings sent to the keyserver helper.
3216
3217
* keyring.c (keyring_rebuild_cache): Lock the keyring while
3218
rebuilding the signature caches to prevent another gpg from
3219
tampering with the temporary copy.
3220
3221
* keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in
3222
default prefs.
3223
3224
* keyedit.c (show_prefs): Make strings translatable.
3225
3226
* keydb.c: Double the maximum number of keyrings to 40.
3227
3228
* gpgv.c (main): Fix bug #113 - gpgv should accept the
3229
--ignore-time-conflict option.
3230
3231
* g10.c (main): --openpgp disables --pgpX. Double the amount of
3232
secure memory to 32k (keys are getting bigger these days).
3233
3234
* Makefile.am: Makefile.am: Use @CAPLIBS@ to link in -lcap if we
3235
are using capabilities.
3236
3237
2003-02-26 David Shaw <dshaw@jabberwocky.com>
3238
3239
* keyserver.c (keyserver_spawn): Include various pieces of
3240
information about the key in the data sent to the keyserver
3241
helper. This allows the helper to use it in instructing a remote
3242
server which may not have any actual OpenPGP smarts in parsing
3243
keys.
3244
3245
* main.h, export.c (export_pubkeys_stream, do_export_stream): Add
3246
ability to return only the first match in an exported keyblock for
3247
keyserver usage. This should be replaced at some point with a
3248
more flexible solution where each key can be armored seperately.
3249
3250
2003-02-22 David Shaw <dshaw@jabberwocky.com>
3251
3252
* sign.c (sign_file): Do not push textmode filter onto an unopened
3253
IOBUF (segfault). Noted by Marcus Brinkmann. Push and
3254
reinitialize textmode filter for each file in a multiple file
3255
list.
3256
3257
* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Set
3258
and show the keyserver no-modify flag.
3259
3260
* keygen.c (add_keyserver_modify): New.
3261
(keygen_upd_std_prefs): Call it here.
3262
(keygen_set_std_prefs): Accept "ks-modify" and "no-ks-modify" as
3263
prefs to set and unset keyserver modify flag.
3264
3265
* g10.c (main): Accept "s1" in addition to "idea" to match the
3266
other ciphers.
3267
3268
* main.h, misc.c (idea_cipher_warn): We don't need this if IDEA
3269
has been disabled.
3270
3271
2003-02-21 David Shaw <dshaw@jabberwocky.com>
3272
3273
* keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in
3274
default prefs if they are disabled.
3275
3276
* g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5
3277
support. Use 3DES for the s2k cipher in --openpgp mode.
3278
(print_mds): #ifdef all of the optional digest algorithms.
3279
3280
2003-02-12 David Shaw <dshaw@jabberwocky.com>
3281
3282
* keydb.h, getkey.c (classify_user_id, classify_user_id2): Make
3283
'exact' a per-desc item. Merge into one function since
3284
'force_exact' is no longer needed.
3285
(key_byname): Use new classify_user_id function, and new exact
3286
flag in KEYDB_SEARCH_DESC.
3287
3288
* keyring.h, keyring.c (keyring_search): Return an optional index
3289
to show which KEYDB_SEARCH_DESC was the matching one.
3290
3291
* keydb.h, keydb.c (keydb_search): Rename to keydb_search2, and
3292
pass the optional index to keyring_search. Add a macro version of
3293
keydb_search that calls this new function.
3294
3295
* export.c (do_export_stream): If the keyid! syntax is used,
3296
export only that specified key. If the key in question is a
3297
subkey, export the primary plus that subkey only.
3298
3299
2003-02-11 David Shaw <dshaw@jabberwocky.com>
3300
3301
* exec.c (set_exec_path): Add debugging line.
3302
3303
* g10.c (print_hex, print_mds): Print long hash strings a lot
3304
neater. This assumes at least an 80-character display, as there
3305
are a few other similar assumptions here and there. Users who
3306
need unformatted hashes can still use with-colons. Check that
3307
SHA384 and 512 are available before using them as they are no
3308
longer always available.
3309
3310
* Makefile.am: Use a local copy of libexecdir along with @PACKAGE@
3311
as GNUPG_LIBEXECDIR so it can be easily overridden at make time.
3312
3313
2003-02-04 David Shaw <dshaw@jabberwocky.com>
3314
3315
* armor.c (parse_hash_header, armor_filter): Accept the new SHAs
3316
in the armor Hash: header.
3317
3318
* g10.c (print_hex): Print long hash strings a little neater.
3319
(print_mds): Add the new SHAs to the hash list.
3320
3321
2003-02-02 David Shaw <dshaw@jabberwocky.com>
3322
3323
* keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on
3324
a v4 key (treat as a v4 revocation).
3325
3326
* import.c (print_import_check): Do not re-utf8 convert user IDs.
3327
3328
2003-01-27 David Shaw <dshaw@jabberwocky.com>
3329
3330
* mainproc.c (list_node): Show signature expiration date in
3331
with-colons sig records.
3332
3333
* keylist.c (list_keyblock_colon), mainproc.c (list_node): Show
3334
trust sig information in with-colons sig records.
3335
3336
2003-01-16 David Shaw <dshaw@jabberwocky.com>
3337
3338
* g10.c (add_group): Trim whitespace after a group name so it does
3339
not matter where the user puts the = sign.
3340
3341
* options.skel: Comment out the first three lines in case someone
3342
manually copies the skel file to their homedir.
3343
3344
* sign.c (clearsign_file): Only use pgp2mode with v3 keys and
3345
MD5. This matches what we do when decoding such messages and
3346
prevents creating a message (v3+RIPEMD/160) that we can't verify.
3347
3348
* sig-check.c (signature_check2): Use G10ERR_GENERAL as the error
3349
for signature digest conflict. BAD_SIGN implies that a signature
3350
was checked and we may try and print out a user ID for a key that
3351
doesn't exist.
3352
3353
2003-01-15 David Shaw <dshaw@jabberwocky.com>
3354
3355
* trustdb.c (init_trustdb, get_validity): Don't use a changed
3356
trust model to indicate a dirty trustdb, and never auto-rebuild a
3357
dirty trustdb with the "always" trust model.
3358
3359
* g10.c (add_group): Last commit missed the \t ;)
3360
3361
2003-01-14 David Shaw <dshaw@jabberwocky.com>
3362
3363
* packet.h, parse-packet.c (setup_user_id), free-packet.c
3364
(free_user_id), keydb.h, keyid.c (namehash_from_uid): New function
3365
to rmd160-hash the contents of a user ID packet and cache it in
3366
the uid object.
3367
3368
* keylist.c (list_keyblock_colon): Use namehash in field 8 of
3369
uids. Show dates for creation (selfsig date), and expiration in
3370
fields 6 and 7.
3371
3372
* trustdb.c (get_validity, get_validity_counts, update_validity):
3373
Use new namehash function rather than hashing it locally.
3374
3375
2003-01-14 Werner Koch <wk@gnupg.org>
3376
3377
* g10.c (add_group): Fixed group parsing to allow more than one
3378
delimiter in a row and also allow tab as delimiter.
3379
3380
2003-01-12 David Shaw <dshaw@jabberwocky.com>
3381
3382
* tdbio.c (tdbio_set_dbname): Fix assertion failure with
3383
non-fully-qualified trustdb names.
3384
3385
2003-01-11 David Shaw <dshaw@jabberwocky.com>
3386
3387
* trustdb.c (get_validity_info, get_ownertrust_info,
3388
trust_letter): Simplify by returning a ? for error directly.
3389
3390
* keyedit.c (show_key_with_all_names): Use get_validity_string and
3391
get_ownertrust_string to show full word versions of trust
3392
(i.e. "full" instead of 'f').
3393
3394
* trustdb.h, trustdb.c (get_ownertrust_string,
3395
get_validity_string): Same as get_ownertrust_info, and
3396
get_validity_info, except returns a full string.
3397
3398
* trustdb.c (get_ownertrust_with_min): New. Same as
3399
'get_ownertrust' but takes the min_ownertrust value into account.
3400
3401
2003-01-10 David Shaw <dshaw@jabberwocky.com>
3402
3403
* armor.c (armor_filter): Comment about PGP's end of line tab
3404
problem.
3405
3406
* trustdb.h, trustdb.c (trust_letter): Make
3407
static. (get_ownertrust_info, get_validity_info): Don't mask the
3408
trust level twice.
3409
3410
* trustdb.h, gpgv.c, trustdb.c (get_validity, get_validity_info),
3411
keylist.c (list_keyblock_colon), keyedit.c
3412
(show_key_with_all_names_colon, menu_revuid): Pass a user ID in
3413
rather than a namehash, so we only have to do the hashing in one
3414
place.
3415
3416
* packet.h, pkclist.c (build_pk_list), free-packet.c
3417
(release_public_key_parts): Remove unused namehash element for
3418
public keys.
3419
3420
2003-01-07 David Shaw <dshaw@jabberwocky.com>
3421
3422
* keygen.c (keygen_set_std_prefs): Warn when setting an IDEA
3423
preference when IDEA is not available.
3424
3425
2003-01-06 David Shaw <dshaw@jabberwocky.com>
3426
3427
* trustdb.c (get_validity_info): 'd' for disabled is not a
3428
validity value any more.
3429
3430
* packet.h, tdbio.h, tdbio.c (tdbio_read_record,
3431
tdbio_write_record), trustdb.c (update_validity): Store temporary
3432
full & marginal counts in the trustdb.
3433
(clear_validity, get_validity_counts): Return and clear temp
3434
counts.
3435
(store_validation_status): Keep track of which keyids have been
3436
stored.
3437
(validate_one_keyblock, validate_key_list): Use per-uid copies of
3438
the full & marginal counts so they can be recalled for multiple
3439
levels.
3440
(validate_keys): Only use unused keys for each new round.
3441
(reset_unconnected_keys): Rename to reset_trust_records, and only
3442
skip specifically excluded records.
3443
3444
* keylist.c (print_capabilities): Show 'D' for disabled keys in
3445
capabilities section.
3446
3447
* trustdb.c (is_disabled): Remove incorrect comment.
3448
3449
2003-01-03 David Shaw <dshaw@jabberwocky.com>
3450
3451
* import.c (import_one): Only do the work to create the status
3452
display for interactive import if status is enabled.
3453
3454
* keyring.c (keyring_search): skipfnc didn't work properly with
3455
non-keyid searches. Noted by Stefan Bellon.
3456
3457
* getkey.c (merge_selfsigs_main): Remove some unused code and make
3458
sure that the pk selfsigversion member accounts for 1F direct
3459
sigs.
3460
3461
2003-01-02 Werner Koch <wk@gnupg.org>
3462
3463
* keydb.c (keydb_add_resource): Don't assume that try_make_homedir
3464
terminates but check again for the existence of the directory and
3465
continue then.
3466
* openfile.c (copy_options_file): Print a warning if the skeleton
3467
file has active options.
3468
3469
2002-12-29 David Shaw <dshaw@jabberwocky.com>
3470
3471
* getkey.c (merge_selfsigs_main), main.h, sig-check.c
3472
(check_key_signature2): Pass the ultimately trusted pk directly to
3473
check_key_signature2 to avoid going through the key selection
3474
mechanism. This prevents a deadly embrace when two keys without
3475
selfsigs each sign the other.
3476
3477
2002-12-27 David Shaw <dshaw@jabberwocky.com>
3478
3479
* keyserver.c (keyserver_refresh): Don't print the "refreshing..."
3480
line if there are no keys to refresh or if there is no keyserver
3481
set.
3482
3483
* getkey.c (merge_selfsigs_main): Any valid user ID should make a
3484
key valid, not just the last one. This also fixes Debian bug
3485
#174276.
3486
3487
2002-12-27 Stefan Bellon <sbellon@sbellon.de>
3488
3489
* import.c (print_import_check): Changed int to size_t.
3490
3491
2002-12-27 David Shaw <dshaw@jabberwocky.com>
3492
3493
* keyedit.c (keyedit_menu, menu_revuid): Add "revuid" feature to
3494
revoke a user ID. This is the same as issuing a revocation for
3495
the self-signature, but a much simpler interface to do it.
3496
3497
2002-12-26 David Shaw <dshaw@jabberwocky.com>
3498
3499
* keydb.h, getkey.c (key_byname): Flag to enable or disable
3500
including disabled keys. Keys specified via keyid (i.e. 0x...)
3501
are always included.
3502
3503
* getkey.c (get_pubkey_byname, get_seckey_byname2,
3504
get_seckey_bynames), keyedit.c (keyedit_menu, menu_addrevoker):
3505
Include disabled keys in these functions.
3506
3507
* pkclist.c (build_pk_list): Do not include disabled keys for -r
3508
or the key prompt. Do include disabled keys for the default key
3509
and --encrypt-to.
3510
3511
* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping
3512
disabled keys.
3513
3514
* gpgv.c (is_disabled): Stub.
3515
3516
* keygen.c (keygen_add_key_expire): Properly handle updating a key
3517
expiration to a no-expiration value.
3518
3519
* keyedit.c (enable_disable_key): Comment.
3520
3521
* import.c (import_one): When in interactive mode and --verbose,
3522
don't repeat some key information twice.
3523
3524
2002-12-22 Timo Schulz <ts@winpt.org>
3525
3526
* import.c (print_import_check): New.
3527
(import_one): Use it here.
3528
Use merge_keys_and_selfsig in the interactive mode to avoid
3529
wrong key information.
3530
* status.h: Add new status code.
3531
* status.c: Ditto.
3532
3533
2002-12-13 David Shaw <dshaw@jabberwocky.com>
3534
3535
* pkclist.c (do_we_trust): Tweak language to refer to the "named
3536
user" rather than "owner". Noted by Stefan Bellon.
3537
3538
* trustdb.h, trustdb.c (trustdb_pending_check): New function to
3539
check if the trustdb needs a check.
3540
3541
* import.c (import_keys_internal): Used here so we don't rebuild
3542
the trustdb if it is still clean.
3543
(import_one, chk_self_sigs): Only mark trustdb dirty if the key
3544
that is being imported has any sigs other than self-sigs.
3545
Suggested by Adrian von Bidder.
3546
3547
* options.skel: Include the required '=' sign in the sample
3548
'group' option. Noted by Stefan Bellon.
3549
3550
* import.c (chk_self_sigs): Don't try and check a subkey as if it
3551
was a signature.
3552
3553
2002-12-11 David Shaw <dshaw@jabberwocky.com>
3554
3555
* tdbio.c (tdbio_read_record, tdbio_write_record): Compact the
3556
RECTYPE_TRUST records a bit.
3557
3558
* g10.c (main): Comment out --list-trust-path until it can be
3559
implemented.
3560
3561
* import.c (import_one): Warn when importing an Elgamal primary
3562
that this may take some time (to verify self-sigs).
3563
(chk_self_sigs): Try and cache all self-sigs so the keyblock is
3564
written to the keyring with a good rich cache.
3565
3566
* keygen.c (ask_algo): Make the Elgamal sign+encrypt warning
3567
stronger, and remove the RSA sign+encrypt warning.
3568
3569
2002-12-06 Stefan Bellon <sbellon@sbellon.de>
3570
3571
* options.h: Fixed typo (mangle_dos_names instead of
3572
mangle_dos_filenames).
3573
3574
2002-12-05 Werner Koch <wk@gnupg.org>
3575
3576
* g10.c: New options --[no-]mangle-dos-filenames.
3577
* options.h (opt): Added mangle-dos-filenames.
3578
* openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the
3579
filename only when this option is set; this is the default.
3580
3581
2002-12-04 David Shaw <dshaw@jabberwocky.com>
3582
3583
* main.h, keyedit.c, keygen.c: Back out previous (2002-12-01)
3584
change. Minimal isn't always best.
3585
3586
* sign.c (update_keysig_packet): Use the current time rather then
3587
a modification of the original signature time. Make sure that
3588
this doesn't cause a time warp.
3589
3590
* keygen.c (keygen_add_key_expire): Properly handle a key
3591
expiration date in the past (use a duration of 0).
3592
3593
* keyedit.c (menu_expire): Use update_keysig_packet so any sig
3594
subpackets are maintained during the update.
3595
3596
* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired
3597
when the sig expiration subpacket is added.
3598
(build_sig_subpkt_from_sig): Handle making an expiration subpacket
3599
from a sig that has already expired (use a duration of 0).
3600
3601
* packet.h, sign.c (update_keysig_packet), keyedit.c
3602
(menu_set_primary_uid, menu_set_preferences): Add ability to issue
3603
0x18 subkey binding sigs to update_keysig_packet and change all
3604
callers.
3605
3606
* trustdb.c (validate_keys): Show trust parameters when building
3607
the trustdb, and make sure that the version record update was
3608
successful.
3609
(init_trustdb): If the current parameters aren't what was used for
3610
building the trustdb, the trustdb is invalid.
3611
3612
* tbio.c (tdbio_db_matches_options): Update to work with new
3613
trustdbs.
3614
3615
2002-12-03 David Shaw <dshaw@jabberwocky.com>
3616
3617
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store
3618
trust model in the trustdb version record.
3619
(tdbio_update_version_record): New function to update version
3620
record values during a trustdb check or update.
3621
(tdbio_dump_record): Show trust model in dump.
3622
3623
* trustdb.c (validate_keys): Call tdbio_update_version_record on
3624
success so that the correct options are stored in the trustdb.
3625
3626
* options.h: rearrange trust models so that CLASSIC is 0 and
3627
OPENPGP is 1.
3628
3629
* options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
3630
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8
3631
mode. This is basically identical to --pgp7 in all ways except
3632
that signing subkeys, v4 data sigs (including expiration), and SK
3633
comments are allowed.
3634
3635
* getkey.c (finish_lookup): Comment.
3636
3637
* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu):
3638
Reorder user ID display in the --edit-key menu to match that of
3639
the --list-keys display.
3640
3641
* g10.c (add_notation_data): Fix initialization.
3642
3643
2002-12-01 David Shaw <dshaw@jabberwocky.com>
3644
3645
* keyedit.c (menu_expire): Don't lose key flags when changing the
3646
expiration date of a subkey. This is not the most optimal
3647
solution, but it is minimal change on the stable branch.
3648
3649
* main.h, keygen.c (do_copy_key_flags): New function to copy key
3650
flags, if any, from one sig to another.
3651
(do_add_key_expire): New function to add key expiration to a sig.
3652
(keygen_copy_flags_add_expire): New version of
3653
keygen_add_key_expire that also copies key flags.
3654
(keygen_add_key_flags_and_expire): Use do_add_key_expire.
3655
3656
* import.c (fix_hkp_corruption): Comment.
3657
3658
2002-11-25 Stefan Bellon <sbellon@sbellon.de>
3659
3660
* plaintext.c (handle_plaintext) [__riscos__]: If nooutput is set,
3661
no filetype is needed obviously.
3662
3663
2002-11-24 David Shaw <dshaw@jabberwocky.com>
3664
3665
* main.h, misc.c (default_cipher_algo, default_compress_algo):
3666
New. Return the default algorithm by trying
3667
--cipher-algo/--compress-algo, then the first item in the pref
3668
list, then s2k-cipher-algo or ZIP.
3669
3670
* sign.c (sign_file, sign_symencrypt_file), encode.c
3671
(encode_simple, encode_crypt): Call default_cipher_algo and
3672
default_compress_algo to get algorithms.
3673
3674
* g10.c (main): Allow pref selection for compress algo with
3675
--openpgp.
3676
3677
* mainproc.c (proc_encrypted): Use --s2k-digest-algo for
3678
passphrase mangling rather than --digest-algo.
3679
3680
* sign.c (hash_for): If --digest-algo is not set, but
3681
--personal-digest-preferences is, then use the first hash
3682
algorithm in the personal list. If the signing algorithm is DSA,
3683
then use the first 160-bit hash algorithm in the personal list.
3684
If --pgp2 is set and it's a v3 RSA key, use MD5.
3685
3686
* g10.c (main), keydb.c (keydb_add_resource,
3687
keydb_locate_writable): Rename --default-keyring as
3688
--primary-keyring. Stefan wins the naming contest.
3689
3690
2002-11-23 David Shaw <dshaw@jabberwocky.com>
3691
3692
* g10.c (add_notation_data): Disallow notation names that do not
3693
contain a '@', unless --expert is set. This is to help prevent
3694
people from polluting the (as yet unused) IETF namespace.
3695
3696
* main.h: Comments about default algorithms.
3697
3698
* photoid.c (image_type_to_string): Comments about 3-letter file
3699
extensions.
3700
3701
* encode.c (encode_simple), passphrase.c (passphrase_to_dek),
3702
sign.c (sign_symencrypt_file): Use --s2k-digest-algo for
3703
passphrase mangling rather than --digest-algo.
3704
3705
2002-11-21 David Shaw <dshaw@jabberwocky.com>
3706
3707
* keygen.c (keygen_set_std_prefs): Properly handle an empty
3708
preference string.
3709
3710
* misc.c (string_to_compress_algo): "none" is a bad choice since
3711
it conflicts with the "none" in setpref.
3712
3713
2002-11-14 David Shaw <dshaw@jabberwocky.com>
3714
3715
* g10.c (main): Allow compression algorithm names as the argument
3716
to --compress-algo. The old algorithm names still work for
3717
backwards compatibility.
3718
3719
* misc.c (string_to_compress_algo): Allow "none" as an alias for
3720
"uncompressed".
3721
3722
2002-11-13 Stefan Bellon <sbellon@sbellon.de>
3723
3724
* getkey.c (get_pubkey_byfprint_fast): Fixed type incompatibility,
3725
was unsigned char instead of byte.
3726
3727
2002-11-13 David Shaw <dshaw@jabberwocky.com>
3728
3729
* encode.c (encode_simple): Make sure that files larger than about
3730
4G use partial length encoding. This is required because OpenPGP
3731
allows only for 32 bit length fields. From Werner on stable
3732
branch.
3733
3734
* getkey.c (get_pubkey_direct): Renamed to...
3735
(get_pubkey_fast): this and made extern.
3736
(get_pubkey_byfprint_fast): New. From Werner on stable branch.
3737
3738
* keydb.h, import.c (import_one): Use get_pubkey_fast instead of
3739
get_pubkey. We don't need a merged key and actually this might
3740
lead to recursions.
3741
(revocation_present): Likewise for search by fingerprint. From
3742
Werner on stable branch.
3743
3744
* g10.c (main): Try to create the trustdb even for non-colon-mode
3745
list-key operations. This is required because getkey needs to
3746
know whether a a key is ultimately trusted. From Werner on stable
3747
branch.
3748
3749
* exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32;
3750
we don't need it here as it behaves more like a Posix system.
3751
From Werner on stable branch.
3752
3753
* passphrase.c (agent_get_passphrase): Ditto. From Werner on
3754
stable branch.
3755
3756
* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin. From
3757
Werner on stable branch.
3758
3759
* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from
3760
the registry. From Werner on stable branch.
3761
3762
* keyedit.c (show_key_with_all_names_colon): Make --with-colons
3763
--edit display match the validity and trust of --with-colons
3764
--list-keys.
3765
3766
* passphrase.c (agent_send_all_options): Fix compile warning.
3767
3768
* keylist.c (list_keyblock_colon): Validity for subkeys should
3769
match that of the primary key, and not that of the last user ID.
3770
3771
* getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys
3772
carry these facts onto all their subkeys, but only after the
3773
subkey has a chance to be marked valid. This is to fix an
3774
incorrect "invalid public key" error verifying a signature made by
3775
a revoked signing subkey, with a valid unrevoked primary key.
3776
3777
2002-11-09 Werner Koch <wk@gnupg.org>
3778
3779
* passphrase.c (agent_send_all_options): Use tty_get_ttyname to
3780
get the default ttyname.
3781
3782
2002-11-07 David Shaw <dshaw@jabberwocky.com>
3783
3784
* keyring.h, keyring.c (keyring_register_filename): Return the
3785
pointer if a given keyring is registered twice.
3786
3787
* keydb.h, keydb.c (keydb_add_resource): Use flags to indicate a
3788
default keyring.
3789
(keydb_locate_writable): Prefer the default keyring if possible.
3790
3791
* g10.c (main): Add --default-keyring option.
3792
3793
2002-11-06 David Shaw <dshaw@jabberwocky.com>
3794
3795
* options.h, g10.c (main), trustdb.c (ask_ownertrust): Add
3796
--force-ownertrust option for debugging purposes. This allows
3797
setting a whole keyring to a given trust during an
3798
--update-trustdb. Not for normal use - it's just easier than
3799
hitting "4" all the time to test a large trustdb.
3800
3801
* pubkey-enc.c (get_session_key): With hidden recipients or try a
3802
given passphrase against all secret keys rather than trying all
3803
secret keys in turn. Don't if --try-all-secrets or --status-fd is
3804
enabled.
3805
3806
* passphrase.c (passphrase_to_dek): Mode 1 means do a regular
3807
passphrase query, but don't prompt with the key info.
3808
3809
* seckey-cert.c (do_check, check_secret_key): A negative ask count
3810
means to enable passphrase mode 1.
3811
3812
* keydb.h, getkey.c (enum_secret_keys): Add flag to include
3813
secret-parts-missing keys (or not) in the list.
3814
3815
2002-11-05 David Shaw <dshaw@jabberwocky.com>
3816
3817
* keyserver.c (keyserver_search_prompt): When --with-colons is
3818
enabled, don't try and fit the search output to the screen size -
3819
just dump the whole list.
3820
3821
2002-11-04 David Shaw <dshaw@jabberwocky.com>
3822
3823
* keyserver.c (keyserver_search_prompt): When --with-colons is
3824
enabled, just dump the raw keyserver protocol to stdout and don't
3825
print the menu.
3826
3827
* keyserver.c (show_prompt): Don't show a prompt when command-fd
3828
is being used.
3829
3830
* trustdb.c (trust_model_string, check_trustdb, update_trustdb,
3831
validate_one_keyblock): It's not clear what a trustdb rebuild or
3832
check means with a trust model other than "classic" or "openpgp",
3833
so disallow this.
3834
3835
2002-11-03 David Shaw <dshaw@jabberwocky.com>
3836
3837
* options.h, g10.c (main): Add --trust-model option. Current
3838
models are "openpgp" which is classic+trustsigs, "classic" which
3839
is classic only, and "always" which is the same as the current
3840
option --always-trust (which still works). Default is "openpgp".
3841
3842
* trustdb.c (validate_one_keyblock): Use "openpgp" trust model to
3843
enable trust sigs.
3844
3845
* gpgv.c (main), mainproc.c (check_sig_and_print), pkclist.c
3846
(do_we_trust, do_we_trust_pre, check_signatures_trust): Use new
3847
--trust-model option in place of --always-trust.
3848
3849
* keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids,
3850
keyedit_menu): Prompt for and create a trust signature with
3851
"tsign". This is functional, but needs better UI text.
3852
3853
* build-packet.c (build_sig_subpkt): Able to build trust and
3854
regexp subpackets.
3855
3856
* pkclist.c (do_edit_ownertrust): Comment.
3857
3858
2002-11-02 David Shaw <dshaw@jabberwocky.com>
3859
3860
* keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the
3861
full algorithm name (CAST5, SHA1) rather than the short form (S3,
3862
H2).
3863
3864
* main.h, keygen.c (keygen_get_std_prefs), keyedit.c
3865
(keyedit_menu): Return and use a fake uid packet rather than a
3866
string since we already have a nice parser/printer in
3867
keyedit.c:show_prefs.
3868
3869
* main.h, misc.c (string_to_compress_algo): New.
3870
3871
2002-11-01 David Shaw <dshaw@jabberwocky.com>
3872
3873
* g10.c (main): Add --no-throw-keyid.
3874
3875
* keydb.h, encode.c (write_pubkey_enc_from_list), g10.c (main),
3876
pkclist.c (build_pk_list): Add --hidden-recipient (-R) and
3877
--hidden-encrypt-to, which do a single-user variation on
3878
--throw-keyid. The "hide this key" flag is carried in bit 0 of
3879
the pk_list flags field.
3880
3881
* keyserver.c (parse_keyrec): Fix shadowing warning.
3882
3883
2002-10-31 Stefan Bellon <sbellon@sbellon.de>
3884
3885
* compress.c (init_compress) [__riscos__]: Use
3886
riscos_load_module() to load ZLib module.
3887
3888
* g10.c (main) [__riscos__]: Renames due to changes in riscos.c
3889
(e.g. prefixes all RISC OS specific functions with riscos_*).
3890
* photoid.c (show_photos) [__riscos__]: Likewise.
3891
* signal.c (got_fatal_signal) [__riscos__]: Likewise.
3892
3893
* trustdb.c (check_regexp) [__riscos__]: Branch to RISC OS RegEx
3894
handling.
3895
3896
2002-10-31 David Shaw <dshaw@jabberwocky.com>
3897
3898
* build-packet.c (do_plaintext), encode.c (encode_sesskey,
3899
encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use
3900
wipememory() instead of memset() to wipe sensitive memory as the
3901
memset() might be optimized away.
3902
3903
2002-10-30 David Shaw <dshaw@jabberwocky.com>
3904
3905
* trustdb.c (check_regexp): Modern regexps require REG_EXTENDED.
3906
3907
2002-10-29 David Shaw <dshaw@jabberwocky.com>
3908
3909
* packet.h, trustdb.h, trustdb.c (trust_string): New. Return a
3910
string like "fully trusted", "marginally trusted", etc.
3911
(get_min_ownertrust): New. Return minimum ownertrust.
3912
(update_min_ownertrust): New. Set minimum ownertrust.
3913
(check_regexp): New. Check a regular epression against a user ID.
3914
(ask_ownertrust): Allow specifying a minimum value.
3915
(get_ownertrust_info): Follow the minimum ownertrust when
3916
returning a letter.
3917
(clear_validity): Remove minimum ownertrust when a key becomes
3918
invalid.
3919
(release_key_items): Release regexp along with the rest of the
3920
info.
3921
(validate_one_keyblock, validate_keys): Build a trust sig chain
3922
while validating. Call check_regexp for regexps. Use the minimum
3923
ownertrust if the user does not specify a genuine ownertrust.
3924
3925
* pkclist.c (do_edit_ownertrust): Only allow user to select a
3926
trust level greater than the minimum value.
3927
3928
* parse-packet.c (can_handle_critical): Can handle critical trust
3929
and regexp subpackets.
3930
3931
* trustdb.h, trustdb.c (clear_ownertrusts), delkey.c
3932
(do_delete_key), import.c (import_one): Rename clear_ownertrust to
3933
clear_ownertrusts and have it clear the min_ownertrust value as
3934
well.
3935
3936
* keylist.c (list_keyblock_print): Indent uid to match pub and
3937
sig.
3938
3939
* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
3940
menu_addrevoker), keylist.c (list_keyblock_print,
3941
print_fingerprint): Show "T" or the trust depth for trust
3942
signatures, and add spaces to some strings to make room for it.
3943
3944
* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
3945
parse_signature): Parse trust signature values.
3946
3947
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record):
3948
Reserve a byte for the minimum ownertrust value (for use with
3949
trust signatures).
3950
3951
2002-10-29 Stefan Bellon <sbellon@sbellon.de>
3952
3953
* build-packet.c (calc_plaintext, do_plaintext): Removed RISC OS
3954
specific filetype parts (it's now done in make_basename()).
3955
3956
* plaintext.c (handle_plaintext): Tidied up RISC OS specific
3957
filetype parts.
3958
3959
* encode.c (encode_simple, encode_crypt): Added argument to
3960
make_basename() call.
3961
3962
* sign.c (write_plaintext_packet): Added argument to
3963
make_basename() call.
3964
3965
2002-10-28 Stefan Bellon <sbellon@sbellon.de>
3966
3967
* build-packet.c (calc_plaintext, do_plaintext): Added filetype
3968
handling for RISC OS' file types.
3969
3970
* plaintext.c (handle_plaintext) [__riscos__]: Added filetype
3971
handling for RISC OS' file types.
3972
3973
2002-10-23 David Shaw <dshaw@jabberwocky.com>
3974
3975
* main.h, import.c (sec_to_pub_keyblock, import_secret_one,
3976
parse_import_options), g10.c (main): New import-option
3977
"convert-sk-to-pk" to convert a secret key into a public key
3978
during import. It is on by default.
3979
3980
2002-10-23 Werner Koch <wk@gnupg.org>
3981
3982
* pubkey-enc.c (get_it): Fix segv, test for revoked only when PK
3983
has been assigned.
3984
3985
2002-10-18 Timo Schulz <ts@winpt.org>
3986
3987
* keylist.c: (print_pubkey_info): New.
3988
(print_seckey_info): New.
3989
* main.h: Prototypes for the new functions.
3990
* delkey.c (do_delete_key): Use it here.
3991
* revoke.c (gen_desig_revoke): Ditto.
3992
3993
2002-10-17 Werner Koch <wk@gnupg.org>
3994
3995
* pkclist.c (do_edit_ownertrust): Show all user IDs. This should
3996
be enhanced to also show the current trust level. Suggested by
3997
Florian Weimer.
3998
3999
2002-10-17 David Shaw <dshaw@jabberwocky.com>
4000
4001
* g10.c (main): Handle --strict and --no-strict from the command
4002
line before the options file is loaded.
4003
4004
2002-10-15 David Shaw <dshaw@jabberwocky.com>
4005
4006
* g10.c (main): Disable --textmode when encrypting (symmetric or
4007
pk) in --pgp2 mode as PGP 2 can't handle the unknown length
4008
literal packet. Reported by Michael Richardson.
4009
4010
2002-10-14 David Shaw <dshaw@jabberwocky.com>
4011
4012
* keyserver-internal.h, keyserver.c (print_keyrec, parse_keyrec,
4013
show_prompt, keyserver_search_prompt, keyserver_spawn): Go to
4014
version 1 of the keyserver protocol. This is a better design,
4015
similar to --with-colons, that allows for keys with multiple user
4016
IDs rather than using multiple keys. It also matches the machine
4017
readable pksd format. Also use a prettier --search-keys listing
4018
format that can fill different size windows (currently set at 24
4019
lines).
4020
4021
2002-10-12 Werner Koch <wk@gnupg.org>
4022
4023
* keygen.c (print_status_key_created): New.
4024
(do_generate_keypair): Use it to print the fingerprint.
4025
(generate_subkeypair): Likewise.
4026
4027
2002-10-11 David Shaw <dshaw@jabberwocky.com>
4028
4029
* keyedit.c (menu_addrevoker): Properly back out if the signature
4030
fails. Also, do not allow appointing the same revoker twice, and
4031
report ALREADY_SIGNED if the user tries it.
4032
4033
2002-10-07 David Shaw <dshaw@jabberwocky.com>
4034
4035
* import.c (import_keys_internal): Missed one s/inp/inp2/.
4036
4037
* keylist.c (print_capabilities): Properly indicate per-key
4038
capabilities of sign&encrypt primary keys that have
4039
secret-parts-missing (i.e. no capabilities at all)
4040
4041
* mainproc.c (symkey_decrypt_sesskey): Fix compiler warning.
4042
4043
2002-10-04 David Shaw <dshaw@jabberwocky.com>
4044
4045
* getkey.c (get_pubkey_direct): Don't cache keys retrieved via
4046
this function as they may not have all their fields filled in.
4047
4048
* sig-check.c (signature_check2): Use new is_primary flag to check
4049
rather than comparing main_keyid with keyid as this still works in
4050
the case of a not fully filled in pk.
4051
4052
2002-10-04 Werner Koch <wk@gnupg.org>
4053
4054
* import.c (import_keys_internal): s/inp/inp2/ to avoid shadowing
4055
warning.
4056
4057
* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
4058
problem in %-escaping. Noted by Ingo Klöcker.
4059
4060
2002-10-03 David Shaw <dshaw@jabberwocky.com>
4061
4062
* options.h, g10.c (main): Add --strict and --no-strict to switch
4063
the log_warning severity level from info to error.
4064
4065
* keylist.c (print_capabilities): Secret-parts-missing keys should
4066
show that fact in the capabilities, and only primary signing keys
4067
can certify other keys.
4068
4069
* packet.h, parse_packet.c (parse_key): Add is_primary flag for
4070
public keys (it already exists for secret keys).
4071
4072
2002-10-02 David Shaw <dshaw@jabberwocky.com>
4073
4074
* import.c (import_secret_one): Check for an illegal (>110)
4075
protection cipher when importing a secret key.
4076
4077
* keylist.c (list_keyblock_print): Show a '#' for a
4078
secret-parts-missing key.
4079
4080
* parse_packet.c (parse_key): Some comments.
4081
4082
* revoke.c (gen_revoke): Remove some debugging code.
4083
4084
* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated
4085
option again.
4086
4087
* seckey-cert.c (do_check): Don't give the IDEA warning unless the
4088
cipher in question is in fact IDEA.
4089
4090
2002-10-01 David Shaw <dshaw@jabberwocky.com>
4091
4092
* import.c (import_one): Make sure that a newly imported key
4093
starts with a clean ownertrust.
4094
4095
2002-10-01 Werner Koch <wk@gnupg.org>
4096
4097
* getkey.c (get_pubkey_direct): New.
4098
(merge_selfsigs_main): Use it here to look for an ultimately
4099
trusted key. Using the full get_pubkey might lead to an
4100
infinitive recursion.
4101
4102
2002-09-29 David Shaw <dshaw@jabberwocky.com>
4103
4104
* keyserver.c (parse_keyserver_uri): Force the keyserver URI
4105
scheme to lowercase to be case-insensitive.
4106
4107
2002-09-28 David Shaw <dshaw@jabberwocky.com>
4108
4109
* export.c (do_export_stream): Comment.
4110
4111
* sig-check.c (check_key_signature2): Properly handle a
4112
non-designated revocation import.
4113
4114
2002-09-26 Werner Koch <wk@gnupg.org>
4115
4116
* g10.c (set_homedir): New. Changed all direct assignments to use
4117
this.
4118
* gpgv.c (set_homedir): Ditto.
4119
4120
2002-09-25 David Shaw <dshaw@jabberwocky.com>
4121
4122
* Makefile.am: Link gpg with EGDLIBS (i.e. NETLIBS) as EGD uses
4123
sockets. Remove the old NETLIBS variable since the keyserver
4124
stuff is no longer internal.
4125
4126
2002-09-24 David Shaw <dshaw@jabberwocky.com>
4127
4128
* import.c (import_keys_stream): Fix compiler type warning.
4129
4130
* keyring.c (keyring_rebuild_cache), sig-check.c
4131
(check_key_signature2), import.c (import, chk_self_sigs): Minor
4132
language cleanups.
4133
4134
2002-09-23 Stefan Bellon <sbellon@sbellon.de>
4135
4136
* main.h: Introduced fast-import as import option. Removed
4137
fast as separate option from prototypes.
4138
* import.c (parse_import_options): Added fast-import option.
4139
(import_*): Removed fast as separate option.
4140
* g10.c (main): Added option fast-import, removed old fast
4141
as separate argument.
4142
* keyserver.c (keyserver_spawn): Removed old fast as separate
4143
argument.
4144
4145
2002-09-22 Stefan Bellon <sbellon@sbellon.de>
4146
4147
* import.c (import_keys, import_keys_stream,
4148
import_keys_internal): Added trustdb update/check to key import if
4149
not fast-import and interactive set/no-auto-check-trustdb unset.
4150
Avoided function clone by introducing import_keys_internal.
4151
4152
2002-09-19 David Shaw <dshaw@jabberwocky.com>
4153
4154
* keyserver.c (keyserver_spawn): Properly handle line truncation.
4155
Don't leak memory (~10-20 bytes) on searches.
4156
(keyserver_search_prompt): Cleanup.
4157
4158
* keylist.c (list_keyblock_colon): Show 1F direct key signatures
4159
in --with-colons listing.
4160
4161
2002-09-16 David Shaw <dshaw@jabberwocky.com>
4162
4163
* keyedit.c (menu_addrevoker): The direct key signature for
4164
revocation keys must be at least v4 to carry the revocation key
4165
subpacket. Add a PGP 2.x warning for revocation keys.
4166
4167
2002-09-14 David Shaw <dshaw@jabberwocky.com>
4168
4169
* g10.c (check_permissions): Rearrange strings to make translating
4170
easier (don't incorporate string parts).
4171
4172
* keyedit.c (sign_uids): Make strings translatable.
4173
4174
* sig-check.c (check_key_signature2): Make string translatable.
4175
4176
2002-09-13 David Shaw <dshaw@jabberwocky.com>
4177
4178
* getkey.c (check_revocation_keys): Move....
4179
* main.h, sig-check.c (check_revocation_keys): to here. Also
4180
return the signature_check error code rather than 0/1 and cache
4181
the sig result.
4182
4183
* sig-check.c (check_key_signature2): Divert to
4184
check_revocation_keys if a revocation sig is made by someone other
4185
than the pk owner.
4186
4187
* getkey.c (merge_selfsigs_main): Tidy.
4188
4189
2002-09-13 Werner Koch <wk@gnupg.org>
4190
4191
* g10.c (main) [__MINGW32__]: Activate oLoadExtension.
4192
4193
2002-09-12 David Shaw <dshaw@jabberwocky.com>
4194
4195
* Makefile.am, hkp.c, hkp.h, keyserver.c (keyserver_work): Remove
4196
internal HKP support.
4197
4198
* keyserver.c (keyserver_spawn): Remove whitespace after keyserver
4199
commands.
4200
4201
2002-09-10 David Shaw <dshaw@jabberwocky.com>
4202
4203
* exec.c (expand_args): Remove loop left over from earlier
4204
implementation.
4205
(exec_write): Missed one tick.
4206
4207
2002-09-10 Werner Koch <wk@gnupg.org>
4208
4209
* g10.c, options.h: Removed option --emulate-checksum-bug.
4210
* misc.c (checksum_u16_nobug): Removed.
4211
(checksum_u16): Removed the bug emulation.
4212
(checksum_mpi): Ditto.
4213
(checksum_mpi_counted_nbits): Removed and replaced all calls
4214
with checksum_mpi.
4215
4216
* parse-packet.c (read_protected_v3_mpi): New.
4217
(parse_key): Use it here to store it as an opaque MPI.
4218
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
4219
why to store these keys.
4220
(protect_secret_key): Likewise.
4221
* build-packet.c (do_secret_key): And changed the writing.
4222
4223
* tdbio.c (tdbio_set_dbname, open_db): Use new macro MY_O_BINARY
4224
to avoid silly ifdefs.
4225
(open_db): Fallback to RDONLY so that gpg may be used from a
4226
RO-medium.
4227
4228
* encode.c (encode_simple): Make sure we don't use an ESK packet
4229
when we don't have a salt in the S2K.
4230
4231
* misc.c (pct_expando) <case f>: Make sure that LEN is initialized.
4232
4233
* exec.c (exec_finish): Use ticks to denote filenames in messages.
4234
(make_tempdir, exec_write): Changed format of messages.
4235
4236
* keyserver.c (print_keyinfo): Release USERID in on error.
4237
(keyserver_work) [!DISABLE_KEYSERVER_HELPERS]: Exclude the unused
4238
code.
4239
4240
2002-09-09 Werner Koch <wk@gnupg.org>
4241
4242
* parse-packet.c (make_attribute_uidname): Add new ar MAX_NAMELEN
4243
for sanity checks. Changed both callers. Limit the size of an %s.
4244
4245
* options.skel: Comment lock-once out, so that this file does not
4246
change anything when copied to a new home directory.
4247
* openfile.c (try_make_homedir): Don't exit after copying the
4248
option skeleton.
4249
4250
* options.h: Don't use a comma when declaring variables over more
4251
than one line.
4252
4253
* mainproc.c (symkey_decrypt_sesskey): Check length of the session
4254
key.
4255
4256
* hkp.c (dehtmlize): Use ascii_tolower to protect against weird
4257
locales. Cast the argument for isspace for the sake of broken
4258
HP/UXes.
4259
(parse_hkp_index): s/ascii_memcasecmp/ascii_strncasecmp/.
4260
4261
* g10.c: Removed option --emulate-3des-s2k-bug.
4262
4263
* passphrase.c (hash_passphrase): Was used here.
4264
4265
* export.c (parse_export_options)
4266
* keyserver.c (parse_keyserver_options)
4267
* import.c (parse_import_options)
4268
* g10.c (check_permissions): s/ascii_memcasecmp/ascii_strncasecmp/.
4269
4270
2002-09-09 David Shaw <dshaw@jabberwocky.com>
4271
4272
* g10.c (add_group): Use '=' to separate group name from group
4273
members. Use a better error message for when no = is found.
4274
4275
* hkp.c (hkp_export): Use CRLF in headers.
4276
4277
2002-09-03 David Shaw <dshaw@jabberwocky.com>
4278
4279
* mainproc.c (print_pkenc_list): Don't increment the error counter
4280
when printing the list of keys a message was encrypted to. This
4281
would make gpg give a non-zero exit code even for completely valid
4282
messages if the message was encrypted to more than one key that
4283
the user owned.
4284
4285
2002-09-02 Werner Koch <wk@gnupg.org>
4286
4287
* g10.c (main): Try to set a default character set. Print the
4288
used one in verbosity level 3.
4289
* gpgv.c (main): Try to set a default character set.
4290
4291
* status.c, status.h (STATUS_IMPORT_OK): New.
4292
* import.c (import_one,import_secret_one): Print new status.
4293
4294
2002-08-30 David Shaw <dshaw@jabberwocky.com>
4295
4296
* pkclist.c (build_pk_list): Add new status code to indicate an
4297
untrusted user. This (or a disabled key) fail with "unavailable
4298
pubkey" (G10ERR_UNU_PUBKEY).
4299
4300
* pkclist.c (build_pk_list): Fail if any recipient keys are
4301
unusable.
4302
4303
* options.skel: The PGP LDAP keyserver is back. Use MIT keyserver
4304
as a sample rather than cryptnet as cryptnet does not support
4305
searching yet.
4306
4307
* keyedit.c (show_key_with_all_names): Fix error message
4308
(preferences are userid/selfsig and not key specific).
4309
4310
2002-08-30 Werner Koch <wk@gnupg.org>
4311
4312
* pkclist.c (do_we_trust_pre): Changed the wording of a warning.
4313
4314
* encode.c (encode_simple,encode_crypt): Use new style CTB for
4315
compressssed packets when using MDC. We need to do this so that
4316
concatenated messages are properly decrypted. Old style
4317
compression assumes that it is the last packet; given that we
4318
can't determine the length in advance, the uncompressor does not
4319
know where to start. Actually we should use the new CTB always
4320
but this would break PGP 2 compatibility.
4321
4322
* parse-packet.c (parse): Special treatment for new style CTB
4323
compressed packets.
4324
4325
* build-packet.c (do_mdc): Removed. Was not used.
4326
(do_encrypted_mdc): Count in the version number and the MDC packet.
4327
4328
2002-08-28 David Shaw <dshaw@jabberwocky.com>
4329
4330
* sig-check.c (do_check_messages, do_check): Show keyid in error
4331
messages.
4332
4333
* keyserver.c (print_keyinfo): More readable key listings for
4334
--search-keys responses.
4335
4336
2002-08-26 David Shaw <dshaw@jabberwocky.com>
4337
4338
* hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into
4339
new "dehtmlize" function. Remove HTML before trying to parse each
4340
line from the keyserver. If the keyserver provides key type
4341
information in the listing, use it.
4342
4343
2002-08-23 David Shaw <dshaw@jabberwocky.com>
4344
4345
* sig-check.c (do_check, do_check_messages): Emit the usual sig
4346
warnings even for cached sigs. This also serves to protect
4347
against missing a sig expiring while cached.
4348
4349
* getkey.c (merge_selfsigs_main): Don't check UID self-sigs twice.
4350
4351
2002-08-22 David Shaw <dshaw@jabberwocky.com>
4352
4353
* import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys
4354
into chk_self_sigs. This improves efficiency as the same
4355
signatures are not checked multiple times. Clarify when a subkey
4356
is revoked (any revocation signature, even if it is dated before
4357
the binding signature).
4358
4359
* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.
4360
4361
* keylist.c (list_one): Stats are only for public key listings.
4362
4363
* g10.c (main), options.skel: Default should be include-revoked
4364
for keyserver operations.
4365
4366
2002-08-21 Werner Koch <wk@gnupg.org>
4367
4368
* import.c (import_print_stats): Print new non_imported counter
4369
which is currently not used because we terminate on errors.
4370
4371
2002-08-20 David Shaw <dshaw@jabberwocky.com>
4372
4373
* options.skel: Document no-include-attributes for
4374
keyserver-options.
4375
4376
* keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and
4377
comments.
4378
4379
* export.c (do_export_stream): Fix noop bug in exporting sensitive
4380
revocation keys.
4381
4382
* pkclist.c (do_edit_ownertrust): Comment out the option for
4383
showing trust paths until it can be implemented.
4384
4385
2002-08-19 Werner Koch <wk@gnupg.org>
4386
4387
* getkey.c (get_user_id_native): Renamed to ..
4388
(get_user_id_printable): this. Filter out all dangerous
4389
characters. Checked all usages.
4390
(get_user_id_string_native): Renamed to..
4391
(get_user_id_string_printable): this. Filter out all dangerous
4392
characters. Checked all usages.
4393
* keyedit.c (show_basic_key_info): New.
4394
* keylist.c (print_fingerprint): New mode 3.
4395
* import.c (import_one): Use new function to display the user ID.
4396
4397
2002-08-16 Timo Schulz <ts@winpt.org>
4398
4399
* g10.c (main): Enable opt.interactive.
4400
4401
* import.c (import_one): Ask the user if the key shall be
4402
imported when the interactive mode is used. Useful to extract
4403
selected keys from a file.
4404
4405
2002-08-16 Werner Koch <wk@gnupg.org>
4406
4407
* seckey-cert.c: Workaround to allow decryption of v3 keys created
4408
with a bug in the mpi_get_secure_buffer.
4409
4410
2002-08-14 David Shaw <dshaw@jabberwocky.com>
4411
4412
* hkp.c (parse_hkp_index): Properly handle really large keys
4413
(5 digit key length) in HKP searches.
4414
4415
2002-08-13 David Shaw <dshaw@jabberwocky.com>
4416
4417
* encode.c (encode_simple): Fix problem with using compression
4418
algo 2 and symmetric compressed files.
4419
4420
* encode.c (encode_simple, encode_crypt): If we are not using a
4421
MDC, compress even if a file is already compressed. This is to
4422
help against the chosen ciphertext attack.
4423
4424
* pkclist.c (select_algo_from_prefs): Fix requested algorithm bug
4425
so the request succeeds even if the requested algorithm is not the
4426
first found.
4427
4428
* cipher.c (write_header), encode.c (use_mdc, encode_simple,
4429
encode_crypt, encrypt_filter), g10.c (main): Be more eager to use
4430
a MDC. We use a MDC if the keys directly support it, if the keys
4431
list AES (any) or TWOFISH anywhere in the prefs, or if the cipher
4432
chosen does not have a 64 bit blocksize.
4433
4434
2002-08-08 David Shaw <dshaw@jabberwocky.com>
4435
4436
* options.skel: Some language tweaks, and remove the
4437
load-extension section for random gatherers.
4438
4439
* keyring.c (create_tmp_file, rename_tmp_file): Create tmp files
4440
with user-only permissions, but restore the original permissions
4441
if the user has something special set.
4442
4443
* openfile.c (copy_options_file): Create new options file
4444
(gpg.conf) with user-only permissions.
4445
4446
* keydb.c (keydb_add_resource): Create new keyrings with user-only
4447
permissions.
4448
4449
* tdbio.c (tdbio_set_dbname): Create new trustdbs with user-only
4450
permissions.
4451
4452
2002-08-07 David Shaw <dshaw@jabberwocky.com>
4453
4454
* sig-check.c (signature_check2): Sanity check that the md has a
4455
context for the hash that the sig is expecting. This can happen
4456
if a onepass sig header does not match the actual sig, and also if
4457
the clearsign "Hash:" header is missing or does not match the
4458
actual sig.
4459
4460
* keyedit.c (menu_revsig): Properly show a uid is revoked without
4461
restarting gpg. This is Debian bug 124219, though their supplied
4462
patch will not do the right thing.
4463
4464
* main.h, tdbio.c (tdbio_set_dbname), misc.c (removed
4465
check_permissions), keydb.c (keydb_add_resource), g10.c (main,
4466
check_permissions): Significant reworking of the permission check
4467
mechanism. The new behavior is to check everything in the homedir
4468
by checking the homedir itself. If the user wants to put
4469
(possibly shared) keyrings outside the homedir, they are not
4470
checked. The options file and any extension files are checked
4471
wherever they are, as well as their enclosing directories. This
4472
is Debian bug 147760.
4473
4474
2002-08-06 Stefan Bellon <sbellon@sbellon.de>
4475
4476
* g10.c (main): Use of EXTSEP_S in new gpg.conf string.
4477
* openfile.c (copy_options_file): Ditto.
4478
4479
2002-08-06 David Shaw <dshaw@jabberwocky.com>
4480
4481
* options.h, g10.c (main), mainproc.c (proc_encrypted):
4482
--ignore-mdc-error option to turn a MDC check error into a
4483
warning.
4484
4485
* encode.c (encode_crypt), g10.c (main), sign.c (sign_file,
4486
clearsign_file): Use the same --pgpX warning string everywhere to
4487
ease translations.
4488
4489
* encode.c (write_pubkey_enc_from_list): Warn when using
4490
--throw-keyid with --pgpX. Noted by Vedaal Nistar.
4491
4492
* revoke.c (export_minimal_pk, gen_desig_revoke, gen_revoke):
4493
Export a minimal pk along with the revocation cert when in --pgpX
4494
mode so that PGP can import it.
4495
4496
2002-08-06 Werner Koch <wk@gnupg.org>
4497
4498
* options.skel: Changed comments.
4499
4500
* g10.c (main): Try to use "gpg.conf" as default option file.
4501
* openfile.c (copy_options_file): Changed name of created file.
4502
4503
2002-08-02 Werner Koch <wk@gnupg.org>
4504
4505
* Makefile.am (LDFLAGS): Removed DYNLINK_LDFLAGS.
4506
4507
2002-07-30 David Shaw <dshaw@jabberwocky.com>
4508
4509
* options.h, g10.c (main), mainproc.c (proc_encrypted): Return a
4510
decryption failed error if a MDC does not verify. Warn if a MDC
4511
is not present (can disable via --no-mdc-warning).
4512
4513
* exec.c (exec_write), g10.c (main), keyserver.c
4514
(keyserver_spawn): Use new DISABLE_KEYSERVER_PATH rather than
4515
FIXED_EXEC_PATH.
4516
4517
2002-07-28 David Shaw <dshaw@jabberwocky.com>
4518
4519
* sig-check.c (do_check): Properly validate v4 sigs with no hashed
4520
section at all.
4521
4522
2002-07-25 Werner Koch <wk@gnupg.org>
4523
4524
* delkey.c (do_delete_key): Always allow to delete a key in batch mode
4525
when specified by fingerprint. Suggested by Enzo Michelangeli.
4526
4527
2002-07-25 David Shaw <dshaw@jabberwocky.com>
4528
4529
* keyedit.c (menu_revsig): Change "revsig" to honor selected uids
4530
so the user can revoke sigs from particular uids only.
4531
4532
* keylist.c (list_keyblock_print): Don't display expired uids in
4533
--list-keys unless -v and not --list-sigs (just like revoked
4534
uids).
4535
4536
* exec.c, export.c, import.c, keyedit.c, keyserver.c, misc.c:
4537
"Warning" -> "WARNING"
4538
4539
2002-07-24 David Shaw <dshaw@jabberwocky.com>
4540
4541
* main.h, import.c (parse_import_options, fix_hkp_corruption,
4542
import_one, delete_inv_parts), g10.c (main): New import-option
4543
"repair-hkp-subkey-bug", which repairs as much as possible the HKP
4544
mangling multiple subkeys bug. It is on by default for keyserver
4545
receives, and off by default for regular --import.
4546
4547
* main.h, import.c (import, import_one, delete_inv_parts), hkp.c
4548
(hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver
4549
import options when doing keyserver receives.
4550
4551
* options.h, exec.h, exec.c (set_exec_path, exec_write), g10.c
4552
(main), keyserver.c (keyserver_spawn): If the user does not use
4553
"exec-path", completely replace $PATH with GNUPG_LIBEXECDIR before
4554
calling the keyserver helper. If the user does use "exec-path",
4555
append GNUPG_LIBEXECDIR after the specified path.
4556
4557
2002-07-23 David Shaw <dshaw@jabberwocky.com>
4558
4559
* import.c (parse_import_options), export.c
4560
(parse_export_options): Fix offset problem with reversed ("no-")
4561
meanings.
4562
4563
* import.c (delete_inv_parts): Discard subkey signatures (0x18 and
4564
0x28) if found in the userid section of the key.
4565
4566
* sig-check.c (signature_check2): Signatures made by invalid
4567
subkeys (bad/missing binding sig) are also invalid.
4568
4569
* keylist.c (print_fingerprint): Show the primary as well as the
4570
secondary key fingerprint in modes 1 & 2.
4571
4572
2002-07-22 David Shaw <dshaw@jabberwocky.com>
4573
4574
* options.h, main.h, g10.c (main), import.c
4575
(parse_import_options, delete_inv_parts), keyserver.c
4576
(parse_keyserver_options): add new --import-options option. The
4577
only current flag is "allow-local-sigs".
4578
4579
* g10.c (main): Don't disable MDC in pgp7 mode.
4580
4581
* options.h, g10.c (main), keyserver.c (parse_keyserver_options):
4582
Remove old keyserver-option include-attributes now that there is
4583
an export-option for the same thing.
4584
4585
* options.h, main.h, export.c (parse_export_options,
4586
do_export_stream), g10.c (main): add new --export-options option.
4587
Current flags are "include-non-rfc", "include-local-sigs",
4588
"include-attributes", and "include-sensitive-revkeys".
4589
4590
* options.h, hkp.c (hkp_export), keyserver.c
4591
(parse_keyserver_options, keyserver_spawn): try passing unknown
4592
keyserver options to export options, and if successful, use them
4593
when doing a keyserver --send-key.
4594
4595
* build-packet.c (build_sig_subpkt): We do not generate
4596
SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
4597
4598
* revoke.c (gen_desig_revoke): Lots more comments about including
4599
sensitive revkeys along with the revocation sig itself.
4600
4601
* keyserver.c (parse_keyserver_options): Simpler implementation
4602
that can skip one pass over the options.
4603
4604
2002-07-18 David Shaw <dshaw@jabberwocky.com>
4605
4606
* keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying
4607
"sensitive" as an argument to an addrevoker command. This sets
4608
the 0x40 sensitive revoker flag.
4609
4610
* revoke.c (gen_desig_revoke): When generating a designated
4611
revocation, include the direct key sig that contains the
4612
designated revoker subpacket. This allows sensitive designated
4613
revocation subpackets to be exported. Also indicate which
4614
revokers are sensitive in the first place.
4615
4616
2002-07-17 David Shaw <dshaw@jabberwocky.com>
4617
4618
* keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in
4619
a designated revoker means "sensitive", not "local". It's
4620
exportable under the right circumstances.
4621
4622
* main.h, options.h, export.c (do_export_stream), g10.c (main),
4623
hkp.c (hkp_export), keyserver.c (keyserver_spawn: Add a flag to
4624
skip attribute packets and their signatures while exporting. This
4625
is to accomodate keyservers (pksd again) that choke on attributes.
4626
Use keyserver-option "include-attributes" to control it. This
4627
defaults to ON (i.e. don't skip).
4628
4629
2002-07-09 David Shaw <dshaw@jabberwocky.com>
4630
4631
* options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn,
4632
keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search):
4633
Use a much more strict reading of RFC-2396 for the keyserver URIs.
4634
Specifically, don't try and be smart about checking the value of
4635
":port" so long as it is all digits, and properly handle opaque
4636
data (those scheme specific parts that do not start with "//").
4637
4638
2002-07-04 David Shaw <dshaw@jabberwocky.com>
4639
4640
* photoid.c (get_default_photo_command, show_photos): Honor
4641
FIXED_PHOTO_VIEWER and DISABLE_PHOTO_VIEWER.
4642
4643
* mainproc.c (check_sig_and_print): Use --show-photos to show
4644
photos when verifying a sig made by a key with a photo.
4645
4646
* keyserver.c (parse_keyserver_uri): Properly parse a URI with no
4647
:port section and an empty file path, but with a terminating '/'.
4648
(keyserver_work): Honor DISABLE_KEYSERVER_HELPERS.
4649
4650
* hkp.c (hkp_ask_import): Display keyserver URI as a URI, but only
4651
if verbose.
4652
4653
* exec.c, g10.c: USE_EXEC_PATH -> FIXED_EXEC_PATH
4654
4655
2002-07-03 David Shaw <dshaw@jabberwocky.com>
4656
4657
* exec.h, exec.c (set_exec_path, exec_write), g10.c (main): If
4658
USE_EXEC_PATH is defined at compile time, use it to lock the
4659
exec-path and not allow the user to change it.
4660
4661
2002-07-02 David Shaw <dshaw@jabberwocky.com>
4662
4663
* options.h, g10.c (main), keyserver.c (keyserver_refresh):
4664
Maintain and use the original keyserver URI for cosmetics rather
4665
than trying to recreate it when needed.
4666
4667
* mainproc.c (check_sig_and_print): Properly disregard expired
4668
uids. Make sure that the first uid listed is a real uid and not
4669
an attribute (attributes should only be listed in the "aka"
4670
section). When there are no valid textual userids, try for an
4671
invalid textual userid before using any attribute uid.
4672
4673
2002-07-01 David Shaw <dshaw@jabberwocky.com>
4674
4675
* options.skel: Fix a few typos, clarify "group", and remove
4676
sample photo viewers for Win32 since they are the defaults now.
4677
4678
* parse-packet.c (make_attribute_uidname), keylist.c
4679
(dump_attribs): Fix two typecast warnings.
4680
4681
* packet.h, build-packet.c (build_attribute_subpkt), exec.c
4682
(expand_args), mkdtemp.c (mkdtemp), photoid.c
4683
(parse_image_header): Fix some signedness compiler warnings.
4684
4685
2002-07-01 Werner Koch <wk@gnupg.org>
4686
4687
* photoid.c (get_default_photo_command): Also use __MINGW32__
4688
instead of HAVE_DOSISH_SYSTEM.
4689
4690
* encode.c (encode_symmetric): Do not use the new encryption code.
4691
4692
2002-06-30 Werner Koch <wk@gnupg.org>
4693
4694
* photoid.c: Use __MINGW32__ to include windows because
4695
HAVE_DOSISH_SYSTEM is also set for OS/2 and plain DOS. Provide
4696
constant missing in older mingw installations.
4697
4698
2002-06-21 Stefan Bellon <sbellon@sbellon.de>
4699
4700
* g10.c [__riscos__]: Moved RISC OS specific stuff to util/riscos.c
4701
and include/util.h.
4702
4703
* gpgv.c [__riscos__]: Likewise.
4704
4705
2002-06-20 David Shaw <dshaw@jabberwocky.com>
4706
4707
* keydb.h, pkclist.c (select_algo_from_prefs): Allow passing a
4708
suggested algorithm which will be used if available.
4709
4710
* encode.c (encode_crypt, encrypt_filter), sign.c (sign_file): Use
4711
new select_algo_from_prefs feature to check if forcing an
4712
algorithm would violate the recipient preferences.
4713
4714
* photoid.c (get_default_photo_command, show_photos): Use
4715
different default viewers on different platforms. Currently we
4716
have Win 9x, Win NT (2k, xp), Mac OSX, RISC OS, and "everybody
4717
else". These are #ifdefs as much as possible to avoid clutter.
4718
4719
* g10.c (strusage, build_list), keyedit.c (show_prefs), main.h,
4720
misc.c (compress_algo_to_string, check_compress_algo), pkclist.c
4721
(algo_available), keygen.c (keygen_set_std_prefs): New
4722
algo_to_string and check functions for compress algorithms.
4723
4724
2002-06-20 Werner Koch <wk@gnupg.org>
4725
4726
* misc.c (setsysinfo): Removed a #warning for Alpha's uniligedn
4727
trap disabling - it is quite possible that this is a debug relict.
4728
4729
2002-06-20 Stefan Bellon <sbellon@sbellon.de>
4730
4731
* g10.c [__riscos__]: Added image file system feature.
4732
4733
* gpgv.c [__riscos__]: Added image file system feature.
4734
4735
* photoid.c (show_photos) [__riscos__]: Set RISC OS filetype of
4736
photo id according to MIME type.
4737
4738
2002-06-19 David Shaw <dshaw@jabberwocky.com>
4739
4740
* hkp.c (parse_hkp_index): Don't leak memory when failing out of a
4741
bad HKP keyserver.
4742
4743
* g10.c (add_notation_data): Relax slightly the rules as to what
4744
can go into a notation name - 2440 allows "@", for example.
4745
4746
2002-06-17 David Shaw <dshaw@jabberwocky.com>
4747
4748
* import.c (clean_subkeys, import_one): Only allow at most 1
4749
binding sig and at most 1 revocation sig on a subkey, as per
4750
2440:11.1.
4751
4752
* hkp.c (parse_hkp_index, hkp_search): Error if the keyserver
4753
returns an unparseable HKP response.
4754
4755
2002-06-15 David Shaw <dshaw@jabberwocky.com>
4756
4757
* keyedit.c (show_key_with_all_names), keylist.c
4758
(list_keyblock_print): Show "[expired]" before expired uids.
4759
4760
* keyedit.c (show_key_with_all_names_colon), mainproc.c
4761
(list_node), keylist.c (list_keyblock_colon): Show flag 'e' for
4762
expired user ids. Use "uat" for user attribute packets instead of
4763
"uid". Also use '<count> <length>' rather than the fake user id
4764
string on attributes.
4765
4766
* keygen.c (keygen_add_revkey): Remove unused code.
4767
4768
* misc.c (check_permissions): Check directory permissions
4769
properly - they are not special files.
4770
4771
* pkclist.c (expand_id, expand_group, build_pk_list): When
4772
expanding groups before building a pk list, inherit flags from the
4773
original pre-expanded string.
4774
4775
* pubkey-enc.c (is_algo_in_prefs): Don't use prefs from expired
4776
uids.
4777
4778
2002-06-14 David Shaw <dshaw@jabberwocky.com>
4779
4780
* free-packet.c (copy_signature): Properly copy a signature that
4781
carries a revocation key on it.
4782
4783
* pkclist.c (expand_id, expand_group, build_pk_list): Groups now
4784
work properly when used in the "Enter the user ID" prompt.
4785
4786
2002-06-14 David Shaw <dshaw@jabberwocky.com>
4787
4788
* keyedit.c (show_key_with_all_names): Display warning if a user
4789
tries to show prefs on a v3 key with a v3 selfsig.
4790
4791
* kbnode.c (dump_kbnode): Show if a uid is expired.
4792
4793
* import.c (merge_blocks, import_revoke_cert): Show user ID
4794
receiving a revocation certificate.
4795
4796
* free-packet.c (cmp_user_ids): Properly compare attribute ids.
4797
4798
* pkclist.c (expand_groups): Maintain the strlist flags while
4799
expanding. Members of an expansion inherit their flags from the
4800
expansion key.
4801
4802
* options.h, cipher.c (write_header), g10.c (main), keygen.c
4803
(keygen_set_std_prefs): remove the personal_mdc flag. It no
4804
longer serves a purpose now that the personal preference lists are
4805
split into cipher/digest/zip.
4806
4807
2002-06-14 Timo Schulz <ts@winpt.org>
4808
4809
* skclist.c (is_insecure): Implemented.
4810
4811
2002-06-12 David Shaw <dshaw@jabberwocky.com>
4812
4813
* keyserver.c (keyserver_spawn): Properly handle PROGRAM responses
4814
when they have a CRLF ending. Noted by Keith Ray.
4815
4816
* keyserver.c (keyserver_spawn): Handle CRLF endings from
4817
keyserver helpers. Also don't leak the last line worth of memory
4818
from the keyserver response.
4819
4820
* main.h, misc.c (deprecated_warning): New function to warn about
4821
deprecated options and commands.
4822
4823
* g10.c (main), keyserver-internal.h, keyserver.c
4824
(parse_keyserver_uri): Use new deprecated function to warn about
4825
honor-http-proxy, auto-key-retrieve, and x-broken-hkp.
4826
4827
2002-06-11 David Shaw <dshaw@jabberwocky.com>
4828
4829
* Makefile.am: link gpg with NETLIBS for the built-in HKP access.
4830
4831
2002-06-10 David Shaw <dshaw@jabberwocky.com>
4832
4833
* options.h, keyserver.c (keyserver_opts), g10.c (main): New
4834
keyserver option "include-subkeys". This feature already existed,
4835
but now can be turned off. It defaults to on.
4836
4837
* options.h, keyserver.c (parse_keyserver_options,
4838
keyserver_spawn): There are now enough options to justify making a
4839
structure for the keyserver options rather than a page of
4840
if-then-else-if-then-etc.
4841
4842
* getkey.c (merge_keys_and_selfsig, merge_selfsigs_main): Fix bug
4843
in calculating key expiration dates.
4844
4845
2002-06-09 David Shaw <dshaw@jabberwocky.com>
4846
4847
* keydb.h, getkey.c (get_user_id_native), import.c (import_one):
4848
Display user ID while importing a key. Note this applies to both
4849
--import and keyserver --recv-keys.
4850
4851
* exec.c (exec_finish): Log unnatural exit (core dump, killed
4852
manually, etc) for fork/exec/pipe child processes.
4853
4854
2002-06-08 Timo Schulz <ts@winpt.org>
4855
4856
* encode.c (encode_symmetric): Disable the compat flag
4857
when the expert mode is enabled.
4858
4859
2002-06-07 David Shaw <dshaw@jabberwocky.com>
4860
4861
* options.skel, options.h, main.h, keydb.h, pkclist.c
4862
(build_pk_list, expand_groups), g10.c (main, add_group): Add new
4863
"group" command to allow one name to expand into multiple keys.
4864
For simplicity, and to avoid potential loops, we only expand once
4865
- you can't make an alias that points to an alias.
4866
4867
* main.h, g10.c (main), keygen.c (build_personal_digest_list):
4868
Simplify the default digest list - there is really no need for the
4869
other hashes since they will never be used after SHA-1 in the
4870
list.
4871
4872
* options.skel, options.h, g10.c (main), hkp.c (hkp_ask_import,
4873
hkp_export, hkp_search), keyserver.c (parse_keyserver_options,
4874
parse_keyserver_uri, keyserver_work, keyserver_refresh): Make the
4875
"x-broken-hkp" keyserver scheme into keyserver-option
4876
"broken-http-proxy". Move honor_http_proxy into
4877
keyserver_options. Canonicalize the three variations of "hkp",
4878
"x-hkp", and "x-broken-hkp" into "hkp".
4879
4880
2002-06-07 Stefan Bellon <sbellon@sbellon.de>
4881
4882
* g10.c [__riscos__]: Added --attribute-file to do the same as
4883
--attribute-fd, but with a filename not a fd as argument.
4884
Added magic symbol for RISC OS to use different memory management.
4885
4886
* gpgv.c [__riscos__]: Added magic symbol for RISC OS to use
4887
different memory management.
4888
4889
2002-06-06 David Shaw <dshaw@jabberwocky.com>
4890
4891
* main.h, g10.c (main), keygen.c (build_personal_digest_list): Put
4892
in a default digest preference list consisting of SHA-1, followed
4893
by every other installed digest except MD5. Note this is the same
4894
as having no digest preference at all except for SHA-1 being
4895
favored.
4896
4897
* options.h, g10.c (main), keygen.c (keygen_set_std_prefs),
4898
pkclist.c (select_algo_from_prefs): Split
4899
--personal-preference-list into three:
4900
--personal-{cipher|digest|compress}-preferences. This allows a
4901
user to set one without affecting another (i.e. setting only a
4902
digest pref doesn't imply an empty cipher pref).
4903
4904
* exec.c (exec_read): This is a safer way of guessing the return
4905
value of system(). Noted by Stefan Bellon.
4906
4907
2002-06-05 David Shaw <dshaw@jabberwocky.com>
4908
4909
* hkp.c (parse_hkp_index): Be more robust with keyservers
4910
returning very unparseable responses.
4911
4912
* exec.c (exec_read): Catch and display an error when the remote
4913
process exits unnaturally (i.e. segfault) so the user knows what
4914
happened. Also fix exec_write stub which has a different number
4915
of arguments now.
4916
4917
2002-06-05 Timo Schulz <ts@winpt.org>
4918
4919
* encode.c (encode_simple): Ignore the new mode for RFC1991.
4920
* mainproc.c (symkey_decrypt_sesskey): Better check for weird
4921
keysizes.
4922
4923
2002-06-05 Timo Schulz <ts@winpt.org>
4924
4925
* encode.c (encode_sesskey): New.
4926
(encode_simple): Use it here. But by default we use the compat
4927
mode which supress to generate encrypted session keys.
4928
4929
2002-06-05 Timo Schulz <ts@winpt.org>
4930
4931
* mainproc.c (symkey_decrypt_sesskey): New.
4932
(proc_symkey_enc): Support for encrypted session keys.
4933
4934
2002-06-04 David Shaw <dshaw@jabberwocky.com>
4935
4936
* sign.c (hash_for, sign_file): When encrypting and signing at the
4937
same time, consult the various hash prefs to pick a hash algorithm
4938
to use. Pass in a 160-bit hint if any of the signing keys are
4939
DSA.
4940
4941
* keydb.h, pkclist.c (select_algo_from_prefs, algo_available):
4942
Pass a "hints" opaque pointer in to let the caller give hints as
4943
to what algorithms would be acceptable. The only current hint is
4944
for PREFTYPE_HASH to require a 160-bit hash for DSA. Change all
4945
callers in encode.c (encode_crypt, encrypt_filter) and sign.c
4946
(sign_file). If we settle on MD5 as the best algorithm based
4947
solely on recepient keys and SHA1 is also a possibility, use SHA1
4948
unless the user intentionally chose MD5. This is as per 2440:13.
4949
4950
* exec.c (make_tempdir): Fix duplicated filename problem.
4951
4952
2002-06-03 David Shaw <dshaw@jabberwocky.com>
4953
4954
* packet.h, parse-packet.c (enum_sig_subpkt): Report back from
4955
enum_sig_subpkt when a subpacket is critical and change all
4956
callers in keylist.c (show_policy_url, show_notation), mainproc.c
4957
(print_notation_data), and pkclist.c (do_show_revocation_reason).
4958
4959
* keylist.c (show_policy_url, show_notation): Display if the
4960
policy or notation is critical.
4961
4962
2002-06-03 David Shaw <dshaw@jabberwocky.com>
4963
4964
* main.h, g10.c (main), keylist.c (dump_attribs, set_attrib_fd,
4965
list_keyblock_print, list_keyblock_colon), status.h, status.c
4966
(get_status_string): New --attribute-fd feature to dump the
4967
contents of attribute subpackets for frontends. If --status-fd is
4968
also used, then a new status tag ATTRIBUTE is provided for each
4969
subpacket.
4970
4971
* packet.h, getkey.c (fixup_uidnode, merge_selfsigs_main,
4972
merge_selfsigs_subkey), parse-packet.c (setup_user_id): Keep track
4973
of the expiration time of a user ID, and while we're at it, use
4974
the expired flag from the selfsig rather than reparsing the
4975
SIG_EXPIRE subpacket.
4976
4977
* photoid.c (generate_photo_id): When adding a new photo ID,
4978
showing the photo for confirmation is not safe when noninteractive
4979
since the "user" may not be able to dismiss a viewer window.
4980
Noted by Timo Schulz.
4981
4982
2002-06-03 David Shaw <dshaw@jabberwocky.com>
4983
4984
* options.skel: Sample photo viewers for Win32.
4985
4986
* misc.c (pct_expando): Use the seckey for %k/%K if the pubkey is
4987
not available.
4988
4989
* photoid.h, photoid.c (show_photos): Include the seckey in case a
4990
user tries to view a photo on a secret key, and change all callers
4991
in keyedit.c (menu_showphoto), keylist.c (list_keyblock_print),
4992
and photoid.c (generate_photo_id).
4993
4994
2002-06-02 David Shaw <dshaw@jabberwocky.com>
4995
4996
* photoid.c (show_photos): Work properly when not called with a
4997
public key.
4998
4999
2002-05-31 David Shaw <dshaw@jabberwocky.com>
5000
5001
* sign.c (mk_notation_and_policy): Free unneeded buffer.
5002
5003
* hkp.c (parse_hkp_index): Properly handle the '&' character
5004
(i.e. "&") in HKP responses.
5005
5006
* getkey.c (merge_selfsigs_main): Fix reversed expiration time
5007
check with self-sigs.
5008
5009
* keyedit.c (sign_uids): When making a new self-sig on a v3 key,
5010
make a v3 self-sig unless it is currently a v3 self-sig being
5011
promoted to v4.
5012
5013
2002-05-31 Timo Schulz <ts@winpt.org>
5014
5015
* pkclist.c (do_show_revocation_reason): Don't use capital
5016
letters for non-interactive output.
5017
(show_revocation_reason): Now it is global.
5018
* pubkey-enc.c (get_it): Show if the key has been revoked.
5019
5020
2002-05-30 David Shaw <dshaw@jabberwocky.com>
5021
5022
* sign.c (write_signature_packets, sign_file, clearsign_file,
5023
sign_symencrypt_file): Make a v4 signature if a policy URL or
5024
notation is set, unless v3 sigs are forced via rfc1991 or
5025
force-v3-sigs. Also remove some doubled code and clarify an error
5026
message (we don't sign in PGP2 mode - just detach-sign).
5027
5028
* parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any
5029
size" section.
5030
5031
2002-05-29 David Shaw <dshaw@jabberwocky.com>
5032
5033
* keygen.c (keygen_set_std_prefs, add_feature_mdc): Use "mdc" and
5034
"no-mdc" in the prefs string to allow switching on and off the MDC
5035
feature. This is needed to properly export a key from GnuPG for
5036
use on PGP which does not support MDC - without this, MDC-capable
5037
implementations will still try and generate MDCs which will break
5038
PGP.
5039
5040
* keygen.c (keygen_get_std_prefs): Show "[mdc]" in prefs string if
5041
it is enabled.
5042
5043
* options.h, g10.c (main), cipher.c (write_header), keygen.c
5044
(keygen_set_std_prefs): For consistency, allow the user to specify
5045
mdc/no-mdc in the --personal-preference-list. If disabled, it
5046
acts just like --disable-mdc.
5047
5048
2002-05-29 David Shaw <dshaw@jabberwocky.com>
5049
5050
* options.h, exec.c: Add some debugging info, using the 1024 debug
5051
flag.
5052
5053
* exec.c (win_system): New system()-like function for win32 that
5054
does not return until the child process terminates. Of course,
5055
this doesn't help if the process itself exits before it is
5056
finished.
5057
5058
2002-05-29 Werner Koch <wk@gnupg.org>
5059
5060
* encode.c (encode_simple): Intialize PKT when --no-literal is used.
5061
5062
* keyedit.c (show_key_with_all_names_colon): Renamed the record
5063
for revocation keys to "rvk".
5064
5065
2002-05-27 Werner Koch <wk@gnupg.org>
5066
5067
* keyedit.c (show_key_with_all_names_colon): New.
5068
(show_key_with_all_names): Divert to new function when required.
5069
Sanitize printing of revoker name.
5070
5071
2002-05-27 David Shaw <dshaw@jabberwocky.com>
5072
5073
* build-packet.c (build_sig_subpkt): Handle setting sig flags for
5074
certain subpacket types (notation, policy url, exportable,
5075
revocable). keyedit.c (sign_mk_attrib): Flags no longer need to
5076
be set here.
5077
5078
* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
5079
(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check
5080
buffer lengths before building a sig subpacket.
5081
5082
2002-05-26 David Shaw <dshaw@jabberwocky.com>
5083
5084
* sign.c (mk_notation_and_policy): Include secret key to enable %s
5085
expandos, and pass notations through pct_expando as well.
5086
5087
* main.h, misc.c (pct_expando): Add %s and %S expandos for
5088
signer's keyid.
5089
5090
2002-05-25 David Shaw <dshaw@jabberwocky.com>
5091
5092
* g10.c (strusage, build_list): Add compress algorithms to
5093
--version list. Show algorithm numbers when --verbose --version
5094
is done.
5095
5096
2002-05-22 David Shaw <dshaw@jabberwocky.com>
5097
5098
* options.h, main.h, keygen.c (keygen_set_set_prefs,
5099
keygen_get_std_prefs, keygen_upd_std_prefs), keyedit.c
5100
(keyedit_menu), g10.c (main), pkclist.c (select_algo_from_prefs):
5101
Add --personal-preference-list which allows the user to factor in
5102
their own preferred algorithms when the preference lists are
5103
consulted. Obviously, this does not let the user violate a
5104
recepient's preferences (and the RFC) - this only influences the
5105
ranking of the agreed-on (and available) algorithms from the
5106
recepients. Suggested by David Hollenberg.
5107
5108
* options.h, keygen.c (keygen_set_std_prefs), g10.c (main): Rename
5109
--preference-list to --default-preference-list (as that is what it
5110
really is), and make it a true default in that if the user selects
5111
"default" they get this list and not the compiled-in list.
5112
5113
2002-05-22 Werner Koch <wk@gnupg.org>
5114
5115
* g10.c (main): Add missing LF in a info printout and made it
5116
translatable. Noted by Michael Tokarev.
5117
5118
2002-05-21 Werner Koch <wk@gnupg.org>
5119
5120
* g10.c (main): Removed the undef of USE_SHM_COPROCESSING which
5121
was erroneously introduced on 2002-01-09.
5122
5123
* signal.c (got_fatal_signal): Don't write the Nul to stderr.
5124
Reported by David Hollenberg.
5125
5126
2002-05-18 David Shaw <dshaw@jabberwocky.com>
5127
5128
* main.h, g10.c (main), revoke.c (gen_desig_revoke): Generate a
5129
designated revocation via --desig-revoke
5130
5131
* keyedit.c (keyedit_menu, menu_addrevoker): New "addrevoker"
5132
command to add a designated revoker to a key.
5133
5134
2002-05-17 David Shaw <dshaw@jabberwocky.com>
5135
5136
* gpgv.c: Add stub for get_ownertrust().
5137
5138
* g10.c (main): --allow-freeform-uid should be implied by
5139
OpenPGP. Add --no-allow-freeform-uid.
5140
5141
* keyedit.c (sign_uids): Issue a warning when signing a
5142
non-selfsigned uid.
5143
5144
* getkey.c (merge_selfsigs_main): If a key has no selfsigs, and
5145
allow-non-selfsigned-uid is not set, still try and make the key
5146
valid by checking all uids for a signature from an ultimately
5147
trusted key.
5148
5149
2002-05-16 David Shaw <dshaw@jabberwocky.com>
5150
5151
* main.h, keygen.c (keygen_add_revkey): Add revocation key
5152
subpackets to a signature (callable by
5153
make_keysig_packet). (write_direct_sig): Write a 1F direct key
5154
signature. (parse_revocation_key): Parse a string in
5155
algo:fpr:sensitive format into a revocation
5156
key. (get_parameter_revkey, do_generate_keypair): Call above
5157
functions when prompted from a batch key generation file.
5158
5159
* build-packet.c (build_sig_subpkt): Allow multiple revocation key
5160
subpackets in a single sig.
5161
5162
* keydb.h, getkey.c (get_seckey_byfprint): Same as
5163
get_pubkey_byfprint, except for secret keys. We only know the
5164
fingerprint of a revocation key, so this is needed to retrieve the
5165
secret key needed to issue a revokation.
5166
5167
* packet.h, parse-packet.c (parse_signature, parse_revkeys): Split
5168
revkey parsing off into a new function that can be used to reparse
5169
after manipulating the revkey list.
5170
5171
* sign.c (make_keysig_packet): Ability to make 1F direct key
5172
signatures.
5173
5174
2002-05-15 David Shaw <dshaw@jabberwocky.com>
5175
5176
* options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl
5177
as a sample LDAP server instead.
5178
5179
* getkey.c (merge_selfsigs_main): Properly handle multiple
5180
revocation keys in a single packet. Properly handle revocation
5181
keys that are in out-of-order packets. Remove duplicates in
5182
revocation key list.
5183
5184
2002-05-14 Timo Schulz <ts@winpt.org>
5185
5186
* exec.c (make_tempdir) [MINGW32]: Added missing '\'.
5187
5188
2002-05-14 Stefan Bellon <sbellon@sbellon.de>
5189
5190
* exec.c (make_tempdir): Make use of EXTSEP_S instead of hardcoded
5191
dot as extension separator.
5192
5193
2002-05-13 David Shaw <dshaw@jabberwocky.com>
5194
5195
* photoid.c (show_photos): Use the long keyid as the filename for
5196
the photo. Use the short keyid as the filename on 8.3 systems.
5197
5198
* exec.h, exec.c (make_tempdir, exec_write, exec_finish): Allow
5199
caller to specify filename. This should make things easier on
5200
windows and macs where the file extension is required, but a whole
5201
filename is even better.
5202
5203
* keyedit.c (show_key_with_all_names, show_prefs): Show proper
5204
prefs for a v4 key uid with no selfsig at all.
5205
5206
* misc.c (check_permissions): Don't check permissions on
5207
non-normal files (pipes, character devices, etc.)
5208
5209
2002-05-11 Werner Koch <wk@gnupg.org>
5210
5211
* mainproc.c (proc_symkey_enc): Avoid segv in case the parser
5212
encountered an invalid packet.
5213
5214
* keyserver.c (keyserver_export): Get confirmation before sending
5215
all keys.
5216
5217
2002-05-10 Stefan Bellon <sbellon@sbellon.de>
5218
5219
* g10.c, hkp.c, keyedit.c, keyserver.c: Replaced all occurrances
5220
of strcasecmp with ascii_strcasecmp and all occurrances of
5221
strncasecmp with ascii_memcasecmp.
5222
5223
2002-05-10 David Shaw <dshaw@jabberwocky.com>
5224
5225
* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Show
5226
assumed prefs for hash and compression as well as the cipher pref.
5227
Show assumed prefs if there are no prefs at all on a v4
5228
self-signed key.
5229
5230
* options.h, g10.c (main), sign.c (make_keysig_packet): New
5231
--cert-digest-algo function to override the default key signing
5232
hash algorithm.
5233
5234
2002-05-09 David Shaw <dshaw@jabberwocky.com>
5235
5236
* getkey.c (merge_selfsigs_main): Make sure the revocation key
5237
list starts clean as this function may be called more than once
5238
(e.g. from functions in --edit).
5239
5240
* g10.c, encode.c (encode_crypt), sign.c (sign_file,
5241
sign_symencrypt_file): Make --compress-algo work like the
5242
documentation says. It should be like --cipher-algo and
5243
--digest-algo in that it can override the preferences calculation
5244
and impose the setting the user wants. No --compress-algo setting
5245
allows the usual preferences calculation to take place.
5246
5247
* main.h, compress.c (compress_filter): use new
5248
DEFAULT_COMPRESS_ALGO define, and add a sanity check for compress
5249
algo value.
5250
5251
2002-05-08 David Shaw <dshaw@jabberwocky.com>
5252
5253
* pkclist.c (select_algo_from_prefs): There is an assumed
5254
compression preference for uncompressed data.
5255
5256
2002-05-07 David Shaw <dshaw@jabberwocky.com>
5257
5258
* options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c
5259
(algo_available): --pgp7, identical to --pgp6 except that it
5260
permits a few algorithms that PGP 7 added: AES128, AES192, AES256,
5261
and TWOFISH. Any more of these --pgpX flags, and it'll be time to
5262
start looking at a generic --emulate-pgp X option.
5263
5264
* export.c (do_export_stream): Warn the user when exporting a
5265
secret key if it or any of its secret subkeys are protected with
5266
SHA1 while simple_sk_checksum is set.
5267
5268
* parse-packet.c (parse_key): Show when the SHA1 protection is
5269
used in --list-packets.
5270
5271
* options.h, build-packet.c (do_comment), g10.c (main): Rename
5272
--no-comment as --sk-comments/--no-sk-comments (--no-comment still
5273
works) and make the default be --no-sk-comments.
5274
5275
2002-05-07 Werner Koch <wk@gnupg.org>
5276
5277
* keygen.c (get_parameter_algo): Never allow generation of the
5278
deprecated RSA-E or RSA-S flavors of PGP RSA.
5279
(ask_algo): Allow generation of RSA sign and encrypt in expert
5280
mode. Don't allow ElGamal S+E unless in expert mode.
5281
* helptext.c: Added entry keygen.algo.rsa_se.
5282
5283
2002-05-07 David Shaw <dshaw@jabberwocky.com>
5284
5285
* keyedit.c (sign_uids): If --expert is set, allow re-signing a
5286
uid to promote a v3 self-sig to a v4 one. This essentially
5287
deletes the old v3 self-sig and replaces it with a v4 one.
5288
5289
* packet.h, parse-packet.c (parse_key), getkey.c
5290
(merge_keys_and_selfsig, merge_selfsigs_main): a v3 key with a v4
5291
self-sig must never let the v4 self-sig express a key expiration
5292
time that extends beyond the original v3 expiration time.
5293
5294
2002-05-06 David Shaw <dshaw@jabberwocky.com>
5295
5296
* keyedit.c (sign_uids): When making a self-signature via "sign"
5297
don't ask about sig level or expiration, and include the usual
5298
preferences and such for v4 self-sigs. (menu_set_preferences):
5299
Convert uids from UTF8 to native before printing.
5300
5301
* keyedit.c (sign_uids): Convert uids from UTF8 to native before
5302
printing. (menu_set_primary_uid): Show error if the user tries to
5303
make a uid with a v3 self-sig primary.
5304
5305
2002-05-05 David Shaw <dshaw@jabberwocky.com>
5306
5307
* import.c (import_one): When merging with a key we already have,
5308
don't let a key conflict (same keyid but different key) stop the
5309
import: just skip the bad key and continue.
5310
5311
* exec.c (make_tempdir): Under Win32, don't try environment
5312
variables for temp directories - GetTempDir tries environment
5313
variables internally, and it's better not to second-guess it in
5314
case MS adds some sort of temp dir handling to Windows at some
5315
point.
5316
5317
2002-05-05 Timo Schulz <ts@winpt.org>
5318
5319
* mainproc.c (proc_symkey_enc): Don't ask for a passphrase
5320
in the list only mode.
5321
5322
2002-05-05 David Shaw <dshaw@jabberwocky.com>
5323
5324
* keyserver.c (keyserver_refresh): --refresh-keys implies
5325
--merge-only so as not to import keys with keyids that match the
5326
ones being refreshed. Noted by Florian Weimer.
5327
5328
2002-05-04 Stefan Bellon <sbellon@sbellon.de>
5329
5330
* free-packet.c (copy_public_key): Don't call m_alloc(0), therefore
5331
added consistency check for revkey and numrefkeys.
5332
5333
* getkey.c (check_revocation_keys): Added consistency check for
5334
revkey and numrefkeys.
5335
5336
* keyedit.c (show_key_with_all_names): Likewise.
5337
5338
2002-05-03 David Shaw <dshaw@jabberwocky.com>
5339
5340
* photoid.c: Provide default image viewer for Win32.
5341
5342
* misc.c (pct_expando): %t means extension, not name ("jpg", not
5343
"jpeg").
5344
5345
* keyserver.c (keyserver_spawn), photoid.c (show_photos), exec.h,
5346
exec.c: Allow the caller to determine the temp file extension when
5347
starting an exec_write and change all callers.
5348
5349
* keyedit.c (sign_uids): Nonrevocable key signatures cause an
5350
automatic promotion to v4.
5351
5352
* exec.c: Provide stubs for exec_ functions when NO_EXEC is
5353
defined.
5354
5355
2002-05-02 David Shaw <dshaw@jabberwocky.com>
5356
5357
* photoid.h, photoid.c (parse_image_header, image_type_to_string):
5358
Useful functions to return data about an image.
5359
5360
* packet.h, parse-packet.c (make_attribute_uidname,
5361
parse_attribute_subpkts, parse_attribute), photoid.h, photoid.c
5362
(show_photos): Handle multiple images in a single attribute
5363
packet.
5364
5365
* main.h, misc.c (pct_expando), sign.c (mk_notation_and_policy),
5366
photoid.c (show_photos): Simpler expando code that does not
5367
require using compile-time string sizes. Call
5368
image_type_to_string to get image strings (i.e. "jpg",
5369
"image/jpeg"). Change all callers.
5370
5371
* keyedit.c (menu_showphoto), keylist.c (list_keyblock_print):
5372
Allow viewing multiple images within a single attribute packet.
5373
5374
* gpgv.c: Various stubs for link happiness.
5375
5376
2002-05-02 David Shaw <dshaw@jabberwocky.com>
5377
5378
* build-packet.c (build_sig_subpkt), keyedit.c (sign_uids),
5379
options.h, sign.c (mk_notation_and_policy), g10.c (main,
5380
add_notation_data, add_policy_url (new), check_policy_url
5381
(removed)): Allow multiple policy URLs on a given signature.
5382
Split "--notation-data" into "--cert-notation" and
5383
"--sig-notation" so the user can set different policies for key
5384
and data signing. For backwards compatibility, "--notation-data"
5385
sets both, as before.
5386
5387
2002-05-02 Werner Koch <wk@gnupg.org>
5388
5389
* options.skel: Removed the comment on trusted-keys because this
5390
option is now deprecated.
5391
5392
2002-05-01 David Shaw <dshaw@jabberwocky.com>
5393
5394
* keyedit.c (menu_adduid): 2440bis04 says that multiple attribute
5395
packets on a given key are legal.
5396
5397
* keyserver.c (keyserver_refresh): the fake v3 keyid hack applies
5398
to "mailto" URLs as well since they are also served by pksd.
5399
5400
2002-04-29 Werner Koch <wk@gnupg.org>
5401
5402
Added a copyright year for files changed this year.
5403
5404
2002-04-25 Werner Koch <wk@gnupg.org>
5405
5406
* g10.c, options.h: New options --display, --ttyname, --ttytype,
5407
--lc-ctype, --lc-messages to be used with future versions of the
5408
gpg-agent.
5409
* passphrase.c (agent_send_option,agent_send_all_options): New.
5410
(agent_open): Send options to the agent.
5411
5412
* trustdb.c (update_ownertrust, clear_ownertrust): Do an explicit
5413
do_sync because revalidation_mark does it only if when the
5414
timestamp actually changes.
5415
5416
2002-04-23 David Shaw <dshaw@jabberwocky.com>
5417
5418
* main.h, keygen.c (do_generate_keypair), keylist.c
5419
(print_signature_stats, list_all, list_one, list_keyblock,
5420
list_keyblock_print, list_keyblock_colon): After generating a new
5421
key, show the key information (name, keyid, fingerprint, etc.)
5422
Also do not print uncheckable signatures (missing key..) in
5423
--check-sigs. Print statistics (N missing keys, etc.) after
5424
--check-sigs.
5425
5426
* keyedit.c (sign_uids): When signing a key with an expiration
5427
date on it, the "Do you want your signature to expire at the same
5428
time?" question should default to YES.
5429
5430
2002-04-22 David Shaw <dshaw@jabberwocky.com>
5431
5432
* parse-packet.c (parse_plaintext), packet.h, plaintext.c
5433
(handle_plaintext): Fix bug in handling literal packets with
5434
zero-length data (no data was being confused with partial body
5435
length).
5436
5437
* misc.c (pct_expando), options.skel: %t means extension ("jpg").
5438
%T means MIME type ("image/jpeg").
5439
5440
* import.c (import_one): Only trigger trust update if the keyring
5441
is actually changed.
5442
5443
* export.c (do_export_stream): Missing a m_free.
5444
5445
2002-04-22 Stefan Bellon <sbellon@sbellon.de>
5446
5447
* keyid.c (expirestr_from_sk, expirestr_from_sig): Added _() to
5448
string constant.
5449
5450
* exec.c (make_tempdir) [__riscos__]: Better placement of
5451
temporary file.
5452
5453
2002-04-20 David Shaw <dshaw@jabberwocky.com>
5454
5455
* keygen.c (generate_subkeypair): 2440bis04 adds that creating
5456
subkeys on v3 keys is a MUST NOT.
5457
5458
* getkey.c (finish_lookup): The --pgp6 "use the primary key"
5459
behavior should only apply while data signing and not encryption.
5460
Noted by Roger Sondermann.
5461
5462
2002-04-19 Werner Koch <wk@gnupg.org>
5463
5464
* keygen.c (keygen_set_std_prefs): Put back 3DES because the RFC
5465
says it is good form to do so.
5466
5467
2002-04-19 David Shaw <dshaw@jabberwocky.com>
5468
5469
* keyedit.c (menu_deluid): Only cause a trust update if we delete
5470
a non-revoked user id.
5471
5472
* hkp.c (hkp_ask_import), keyserver.c (parse_keyserver_options,
5473
keyserver_spawn), options.h: Remove fast-import keyserver option
5474
(no longer meaningful).
5475
5476
* g10.c (main), keyedit.c (sign_uids), options.h: Change
5477
--default-check-level to --default-cert-check-level as it makes
5478
clear what it operates on.
5479
5480
* g10.c (main): --pgp6 also implies --no-ask-sig-expire.
5481
5482
* delkey.c (do_delete_key): Comment.
5483
5484
* keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,
5485
menu_expire, menu_revsig, menu_revkey): Only force a trustdb check
5486
if we did something that changes it.
5487
5488
* g10.c: add "--auto-check-trustdb" to override a
5489
"--no-auto-check-trustdb"
5490
5491
2002-04-19 Werner Koch <wk@gnupg.org>
5492
5493
* tdbio.c (tdbio_write_nextcheck): Return a status whether the
5494
stamp was actually changed.
5495
* trustdb.c (revalidation_mark): Sync the changes. Removed the
5496
sync operation done by its callers.
5497
(get_validity): Add logic for maintaining a pending_check flag.
5498
(clear_ownertrust): New.
5499
5500
* keyedit.c (sign_uids): Don't call revalidation_mark depending on
5501
primary_pk.
5502
(keyedit_menu): Call revalidation_mark after "trust".
5503
(show_key_with_all_names): Print a warning on the wrong listed key
5504
validity.
5505
5506
* delkey.c (do_delete_key): Clear the owenertrust information when
5507
deleting a public key.
5508
5509
2002-04-18 Werner Koch <wk@gnupg.org>
5510
5511
* seskey.c (encode_md_value): Print an error message if a wrong
5512
digest algorithm is used with DSA. Changed all callers to cope
5513
with a NULL return. Problem noted by Imad R. Faiad.
5514
5515
2002-04-18 David Shaw <dshaw@jabberwocky.com>
5516
5517
* trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable
5518
signatures that can expire. In short, the only thing that can
5519
override an unexpired nonrevocable signature is another unexpired
5520
nonrevocable signature.
5521
5522
* getkey.c (finish_lookup): Always use primary signing key for
5523
signatures when --pgp6 is on since pgp6 and 7 do not understand
5524
signatures made by signing subkeys.
5525
5526
2002-04-18 Werner Koch <wk@gnupg.org>
5527
5528
* trustdb.c (validate_keys): Never schedule a nextcheck into the
5529
past.
5530
(validate_key_list): New arg curtime use it to set next_expire.
5531
(validate_one_keyblock): Take the current time from the caller.
5532
(clear_validity, reset_unconnected_keys): New.
5533
(validate_keys): Reset all unconnected keys.
5534
5535
* getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
5536
for use with secret keys.
5537
(lookup): Advance the searchmode after a search FIRST.
5538
5539
* seckey-cert.c (do_check): Always calculate the old checksum for
5540
use after unprotection.
5541
5542
* g10.c, options.skel: New option --no-escape-from. Made
5543
--escape-from and --force-v3-sigs the default and removed them
5544
from the options skeleton.
5545
5546
2002-04-16 Werner Koch <wk@gnupg.org>
5547
5548
* parse-packet.c (parse_key): Support a SHA1 checksum as per
5549
draft-rfc2440-bis04.
5550
* packet.h (PKT_secret_key): Add field sha1chk.
5551
* seckey-cert.c (do_check): Check the SHA1 checksum
5552
(protect_secret_key): And create it.
5553
* build-packet.c (do_secret_key): Mark it as sha-1 protected.
5554
* g10.c, options.h: New option --simple-sk-checksum.
5555
5556
2002-04-13 David Shaw <dshaw@jabberwocky.com>
5557
5558
* parse-packet.c (parse_signature): Minor fix - signatures should
5559
expire at their expiration time and not one second later.
5560
5561
* keygen.c (proc_parameter_file): Allow specifying preferences
5562
string (i.e. "s5 s2 z1 z2", etc) in a batchmode key generation
5563
file.
5564
5565
* keyedit.c (keyedit_menu): Print standard error message when
5566
signing a revoked key (no new translation).
5567
5568
* getkey.c (merge_selfsigs): Get the default set of key prefs from
5569
the real (not attribute) primary uid.
5570
5571
2002-04-12 David Shaw <dshaw@jabberwocky.com>
5572
5573
* pkclist.c (build_pk_list): Fix bug that allowed a key to be
5574
selected twice in batch mode if one instance was the default
5575
recipient and the other was an encrypt-to. Noted by Stefan
5576
Bellon.
5577
5578
* parse-packet.c (dump_sig_subpkt): Show data in trust and regexp
5579
sig subpackets.
5580
5581
* keyedit.c (keyedit_menu): Use new function real_uids_left to
5582
prevent deleting the last real (i.e. non-attribute) uid. Again,
5583
according to the attribute draft. (menu_showphoto): Make another
5584
string translatable.
5585
5586
2002-04-11 David Shaw <dshaw@jabberwocky.com>
5587
5588
* build-packet.c (build_sig_subpkt): Delete subpackets from both
5589
hashed and unhashed area on update. (find_subpkt): No longer
5590
needed.
5591
5592
* keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key
5593
with a v4 signature. As usual, --expert overrides. Try to tweak
5594
some strings to a closer match so they can all be translated in
5595
one place. Use different helptext keys to allow different help
5596
text for different questions.
5597
5598
* keygen.c (keygen_upd_std_prefs): Remove preferences from both
5599
hashed and unhashed areas if they are not going to be used.
5600
5601
2002-04-10 David Shaw <dshaw@jabberwocky.com>
5602
5603
* misc.c (pct_expando), options.skel: Use %t to indicate type of a
5604
photo ID (in this version, it's always "jpeg"). Also tweak string
5605
expansion loop to minimize reallocs.
5606
5607
* mainproc.c (do_check_sig): Variable type fix.
5608
5609
* keyedit.c (menu_set_primary_uid): Differentiate between true
5610
user IDs and attribute user IDs when making one of them primary.
5611
That is, if we are making a user ID primary, we alter user IDs.
5612
If we are making an attribute packet primary, we alter attribute
5613
packets. This matches the language in the latest attribute packet
5614
draft.
5615
5616
* keyedit.c (sign_uids): No need for the empty string hack.
5617
5618
* getkey.c (fixup_uidnode): Only accept preferences from the
5619
hashed segment of the self-sig.
5620
5621
2002-04-10 Werner Koch <wk@gnupg.org>
5622
5623
* tdbio.c (migrate_from_v2): Fixed the offset to read the old
5624
ownertrust value and only add entries to the table if we really
5625
have a value.
5626
5627
2002-04-08 David Shaw <dshaw@jabberwocky.com>
5628
5629
* status.h, status.c (get_status_string): Add KEYEXPIRED, EXPSIG,
5630
and EXPKEYSIG. Add "deprecated-use-keyexpired-instead" to
5631
SIGEXPIRED.
5632
5633
* sig-check.c (do_check): Start transition from SIGEXPIRED to
5634
KEYEXPIRED, since the actual event is signature verification by an
5635
expired key and not an expired signature. (do_signature_check,
5636
packet.h): Rename as signature_check2, make public, and change all
5637
callers.
5638
5639
* mainproc.c (check_sig_and_print, do_check_sig): Use status
5640
EXPSIG for an expired, but good, signature. Add the expiration
5641
time (or 0) to the VALIDSIG status line. Use status KEYEXPSIG for
5642
a good signature from an expired key.
5643
5644
* g10.c (main): remove checks for no arguments now that argparse
5645
does it.
5646
5647
2002-04-06 Werner Koch <wk@gnupg.org>
5648
5649
* keyring.c (keyring_get_keyblock): Disable the keylist mode here.
5650
5651
* encode.c (encode_simple, encode_crypt): Only test on compressed
5652
files if a compress level was not explicity set.
5653
5654
* keygen.c (keygen_set_std_prefs): Removed Blowfish and Twofish
5655
from the list of default preferences, swapped the preferences of
5656
RMD160 and SHA1. Don't include a preference to 3DES unless the
5657
IDEA kludge gets used.
5658
5659
* free-packet.c (free_packet): call free_encrypted also for
5660
PKT_ENCRYPTED_MDC.
5661
5662
* compress.c (release_context): New.
5663
(handle_compressed): Allocate the context and setup a closure to
5664
release the context. This is required because there is no
5665
guarantee that the filter gets popped from the chain at the end
5666
of the function. Problem noted by Timo and probably also the
5667
cause for a couple of other reports.
5668
(compress_filter): Use the release function if set.
5669
5670
* tdbio.c [__CYGWIN32__]: Don't rename ftruncate. Noted by
5671
Disastry.
5672
5673
* parse-packet.c (parse_signature): Put parens around a bit test.
5674
5675
* exec.c (make_tempdir): Double backslash for TMP directory
5676
creation under Windows. Better strlen the DIRSEP_S constants for
5677
allocation measurements.
5678
5679
* decrypt.c (decrypt_messages): Release the passphrase aquired
5680
by get_last_passphrase.
5681
5682
2002-04-02 Werner Koch <wk@gnupg.org>
5683
5684
* Makefile.am (EXTRA_DIST): Removed OPTIONS an pubring.asc - they
5685
are no longer of any use.
5686
5687
2002-04-03 David Shaw <dshaw@jabberwocky.com>
5688
5689
* keyserver.c (parse_keyserver_options): fix auto-key-retrieve to
5690
actually work as a keyserver-option (noted by Roger Sondermann).
5691
5692
* keylist.c (reorder_keyblock): do not reorder the primary
5693
attribute packet - the first user ID must be a genuine one.
5694
5695
2002-03-31 David Shaw <dshaw@jabberwocky.com>
5696
5697
* keylist.c (list_keyblock_colon): Fix ownertrust display with
5698
--with-colons.
5699
5700
* keygen.c (generate_user_id), photoid.c (generate_photo_id):
5701
Properly initialize the user ID refcount. A few more "y/n" ->
5702
"y/N" in photoid.c.
5703
5704
* keyedit.c (ask_revoke_sig): Warn the user if they are about to
5705
revoke an expired sig (not a problem, but they should know). Also
5706
tweak a few prompts to change "y/n" to "y/N", which is how most
5707
other prompts are written.
5708
5709
* keyserver.c (keyserver_search_prompt): Control-d escapes the
5710
keyserver search prompt.
5711
5712
* pkclist.c (show_revocation_reason & callers): If a subkey is
5713
considered revoked solely because the parent key is revoked, print
5714
the revocation reason from the parent key.
5715
5716
* trustdb.c (get_validity): Allow revocation/expiration to apply
5717
to a uid/key with no entry in the trustdb.
5718
5719
2002-03-29 David Shaw <dshaw@jabberwocky.com>
5720
5721
* keyserver.c (printunquoted): unquote backslashes from keyserver
5722
searches
5723
5724
* hkp.c (write_quoted): quote backslashes from keyserver searches
5725
5726
2002-03-26 Werner Koch <wk@gnupg.org>
5727
5728
* keygen.c (ask_keysize): Removed the warning for key sizes > 1536.
5729
5730
2002-03-25 Werner Koch <wk@gnupg.org>
5731
5732
* keyedit.c (sign_uids): Use 2 strings and not a %s so that
5733
translations can be done the right way.
5734
* helptext.c: Fixed small typo.
5735
5736
2002-03-23 David Shaw <dshaw@jabberwocky.com>
5737
5738
* import.c (append_uid, merge_sigs): it is okay to import
5739
completely non-signed uids now (with --allow-non-selfsigned-uid).
5740
5741
* getkey.c (get_primary_uid, merge_selfsigs_main): do not choose
5742
an attribute packet (i.e. photo) as primary uid. This prevents
5743
oddities like "Good signature from [image of size 2671]". This is
5744
still not perfect (one can still select an attribute packet as
5745
primary in --edit), but is closer to the way the draft is going.
5746
5747
* g10.c (build_list): algorithms should include 110.
5748
5749
* g10.c (main): --pgp2 implies --no-ask-sig-expire and
5750
--no-ask-cert-expire as those would cause a v4 sig/cert.
5751
5752
* armor.c (is_armor_header): be more lenient in what constitutes a
5753
valid armor header (i.e. -----BEGIN blah blah-----) as some
5754
Windows programs seem to add spaces at the end. --openpgp makes
5755
it strict again.
5756
5757
2002-03-18 David Shaw <dshaw@jabberwocky.com>
5758
5759
* keyserver.c (keyserver_search_prompt): Properly handle a "no
5760
keys found" case from the internal HKP code (external HKP is ok).
5761
Also, make a COUNT -1 (i.e. streamed) keyserver response a little
5762
more efficient.
5763
5764
* g10.c (main): Add --no-allow-non-selfsigned-uid
5765
5766
2002-03-17 David Shaw <dshaw@jabberwocky.com>
5767
5768
* g10.c (main): --openpgp implies --allow-non-selfsigned-uid.
5769
5770
* getkey.c (merge_selfsigs_main): If none of the uids are primary
5771
(because none are valid) then pick the first to be primary (but
5772
still invalid). This is for cosmetics in case some display needs
5773
to print a user ID from a non-selfsigned key. Also use
5774
--allow-non-selfsigned-uid to make such a key valid and not
5775
--always-trust. The key is *not* automatically trusted via
5776
--allow-non-selfsigned-uid.
5777
5778
* mainproc.c (check_sig_and_print): Make sure non-selfsigned uids
5779
print [uncertain] on verification even though one is primary now.
5780
5781
* getkey.c (merge_selfsigs): If the main key is not valid, then
5782
neither are the subkeys.
5783
5784
* import.c (import_one): Allow --allow-non-selfsigned-uid to work
5785
on completely unsigned keys. Print the uids in UTF8. Remove
5786
mark_non_selfsigned_uids_valid().
5787
5788
* keyedit.c (show_key_with_all_names): Show revocation key as
5789
UTF8.
5790
5791
* sign.c (clearsign_file): Allow --not-dash-escaped to work with
5792
v3 keys.
5793
5794
2002-03-14 Werner Koch <wk@gnupg.org>
5795
5796
* main.h: Changed the default algorithms to CAST5 and SHA1.
5797
5798
2002-03-13 David Shaw <dshaw@jabberwocky.com>
5799
5800
* import.c (chk_self_sigs): Show which user ID a bad self-sig
5801
(invald sig or unsupported public key algorithm) resides on.
5802
5803
* import.c (chk_self_sigs): any valid self-sig should mark a user
5804
ID or subkey as valid - otherwise, an attacker could DoS the user
5805
by inventing a bogus invalid self-signature.
5806
5807
2002-03-07 David Shaw <dshaw@jabberwocky.com>
5808
5809
* g10.c (main): make a few more strings translatable.
5810
5811
* options.h, options.skel, g10.c (main), gpgv.c, mainproc.c
5812
(check_sig_and_print), keyserver.c (parse_keyserver_options):
5813
--auto-key-retrieve should really be a keyserver-option variable.
5814
5815
* import.c (revocation_present): new function to print a warning
5816
if a key is imported that has been revoked by designated revoker,
5817
but the designated revoker is not present to verify the
5818
revocation. If keyserver-options auto-key-retrieve is set, try
5819
and fetch the designated revoker from the keyserver.
5820
5821
* import.c (import_one): call revocation_present after importing a
5822
new key. Note that this applies to --import, --recv-keys, and
5823
--search-keys.
5824
5825
* keyserver-internal.h, keyserver.c (keyserver_import_fprint):
5826
import via fingerprint (for revocation keys).
5827
5828
* keyserver.c (keyserver_import_keyid): much simpler
5829
implementation now that we're using KEYDB_SEARCH_DESC internally.
5830
5831
2002-03-04 David Shaw <dshaw@jabberwocky.com>
5832
5833
* revoke.c (gen_revoke): do not prompt for revocation reason for
5834
v3 revocations (unless force-v4-certs is on) since they wouldn't
5835
be used anyway.
5836
5837
* keyedit.c (menu_revsig): show the status of the sigs
5838
(exportable? revocable?) to the user before prompting for which
5839
sig to revoke. Also, make sure that local signatures get local
5840
revocations.
5841
5842
* keyedit.c (ask_revoke_sig): remind the user which sigs are
5843
local.
5844
5845
* g10.c (main): Add "exec-path" variable to override PATH for
5846
execing programs.
5847
5848
* export.c (do_export_stream): properly check return code from
5849
classify_user_id to catch unclassifiable keys.
5850
5851
2002-03-03 David Shaw <dshaw@jabberwocky.com>
5852
5853
* parse-packet.c (parse_signature): variable type tweak for RISC
5854
OS (from Stefan)
5855
5856
2002-02-28 David Shaw <dshaw@jabberwocky.com>
5857
5858
* getkey.c (check_revocation_keys): New function to check a
5859
revocation against a list of potential revocation keys. Note the
5860
loop-breaking code here. This is to prevent blowing up if A is
5861
B's revocation key, while B is also A's. Note also that this is
5862
written so that a revoked revoker can still issue revocations:
5863
i.e. If A revokes B, but A is revoked, B is still revoked. I'm
5864
not completely convinced this is the proper behavior, but it
5865
matches how PGP does it. It does at least have the advantage of
5866
much simpler code - my first version of this had lots of loop
5867
maintaining code so you could chain revokers many levels deep and
5868
if D was revoked, C was not, which meant that B was, and so on.
5869
It was sort of scary, actually.
5870
5871
* getkey.c (merge_selfsigs_main): Add any revocation keys onto the
5872
pk. This is particularly interesting since we normally only get
5873
data from the most recent 1F signature, but you need multiple 1F
5874
sigs to properly handle revocation keys (PGP does it this way, and
5875
a revocation key could be marked "sensitive" and hence in a
5876
different signature). Also, if a pk has a revocation key set,
5877
check for revocation sigs that were not made by us - if made by a
5878
valid revocation key, mark the pk revoked.
5879
5880
* packet.h, getkey.c (cache_public_key): do not cache key if
5881
"dont_cache" is set. This allows the revocation key code to look
5882
up a key and return information that may be inaccurate to prevent
5883
loops without caching the fake data.
5884
5885
* packet.h, sig-check.c (do_signature_check): Record if a
5886
signature was made by a revoked pk.
5887
5888
* packet.h, parse-packet.c (parse_one_sig_subpkt,
5889
can_handle_critical, parse_signature): Get revocation key
5890
information out of direct sigs.
5891
5892
* keylist.c (list_keyblock_print): don't assume that the presence
5893
of a 0x20 signature means the key is revoked. With revocation
5894
keys, this may not be true if the revocation key is not around to
5895
verify it or if verification failed. Also, 0x1F should get listed
5896
as "sig", and not "unexpected signature class".
5897
5898
* keyedit.c (show_key_with_all_names): Add a flag for printing
5899
revoker information and change all callers.
5900
5901
* import.c (merge_blocks): merge in any new direct key (0x1F)
5902
sigs.
5903
5904
* import.c (import_revoke_cert): don't keep processing after a
5905
revocation is rejected.
5906
5907
* import.c (delete_inv_parts): Allow importing a revocation
5908
signature even if it was not issued by the key. This allows a
5909
revocation key to issue it. Of course, the sig still needs to be
5910
checked before we trust it.
5911
5912
* free-packet.c (copy_public_key): Include a new copy of the
5913
revocation keys when duping a pk.
5914
5915
* free-packet.c (free_seckey_enc, release_public_key_parts): Free
5916
any revocation keys that are attached to a sig or pk.
5917
5918
* export.c (do_export_stream): Do not export signatures with
5919
"sensitive" revocation keys in them.
5920
5921
2002-02-27 David Shaw <dshaw@jabberwocky.com>
5922
5923
* export.c (do_export_stream): Do not include v3 keys in a
5924
--export-secret-subkeys export.
5925
5926
* getkey.c (merge_selfsigs_main): If a key isn't valid (say,
5927
because of no self-signature), allow --always-trust to force it
5928
valid so it can be trusted.
5929
5930
2002-02-25 David Shaw <dshaw@jabberwocky.com>
5931
5932
* hkp.c (hkp_ask_import), hkp.h, keyserver.c (all): treat key
5933
lists internally as fingerprints when possible. All this is via
5934
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows
5935
the helper program to search the keyserver by fingerprint if
5936
desired (and the keyserver supports it). Note that automatic
5937
fingerprint promotion during refresh only applies to v4 keys as a
5938
v4 fingerprint can be easily changed into a long or short key id,
5939
and a v3 cannot.
5940
5941
* pubkey-enc.c, getkey.c, misc.c, main.h: Take two copies of
5942
hextobyte() from pubkey-enc.c and getkey.c and make them into one
5943
copy in misc.c.
5944
5945
2002-02-22 David Shaw <dshaw@jabberwocky.com>
5946
5947
* keyserver.c (keyserver_search_prompt): Detect a "no keys found"
5948
case even if the helper program does not explicitly say how many
5949
keys were found.
5950
5951
* hkp.c (parse_hkp_index): Bug fix - don't report non-revoked keys
5952
as revoked in HKP key searches.
5953
5954
2002-02-19 Werner Koch <wk@gnupg.org>
5955
5956
* parse-packet.c (parse_trust): Made parsing more robust.
5957
5958
2002-02-19 David Shaw <dshaw@jabberwocky.com>
5959
5960
* hkp.c (parse_hkp_index): Catch corruption in HKP index lines
5961
(can be caused by broken or malicious keyservers).
5962
5963
* keyserver.c (keyserver_work): Add KEYSERVER_NOT_SUPPORTED for
5964
unsupported actions (say, a keyserver that has no way to search,
5965
or a readonly keyserver that has no way to add). Also add a
5966
USE_EXTERNAL_HKP define to disable the internal HKP keyserver
5967
code.
5968
5969
2002-02-14 Werner Koch <wk@gnupg.org>
5970
5971
* g10.c: New option --no-use-agent.
5972
5973
* pkclist.c (check_signatures_trust): Always print the warning for
5974
unknown and undefined trust. Removed the did_add cruft. Reported
5975
by Janusz A. Urbanowicz.
5976
5977
2002-02-11 David Shaw <dshaw@jabberwocky.com>
5978
5979
* hkp.c (parse_hkp_index): Bug fix - properly handle user IDs with
5980
colons (":") in them while HKP searching.
5981
5982
2002-02-09 David Shaw <dshaw@jabberwocky.com>
5983
5984
* misc.c (pct_expando): More comments.
5985
5986
* keydb.h, sign.c (mk_notation_and_policy): Clarify what is a sig
5987
and what is a cert. A sig has sigclass 0x00, 0x01, 0x02, or 0x40,
5988
and everything else is a cert.
5989
5990
* g10.c (main), keyedit.c (keyedit_menu): Add a "nrlsign" for
5991
nonrevocable and local key signatures.
5992
5993
* g10.c (main): Add a --no-force-mdc to undo --force-mdc.
5994
5995
* options.h, g10.c (main), cipher.c (write_header): Add a knob to
5996
--disable-mdc/--no-disable-mdc. Off by default, of course, but is
5997
used in --pgp2 and --pgp6 modes.
5998
5999
* pkclist.c (build_pk_list): Allow specifying multiple users in
6000
the "Enter the user ID" loop. Enter a blank line to stop. Show
6001
each key+id as it is added.
6002
6003
* keylist.c (show_policy_url), mainproc.c (print_notation_data):
6004
It is not illegal (though possibly silly) to have multiple policy
6005
URLs in a given signature, so print all that are present.
6006
6007
* hkp.c (hkp_search): More efficient implementation of URL-ifying
6008
code.
6009
6010
2002-02-04 David Shaw <dshaw@jabberwocky.com>
6011
6012
* main.h, misc.c (pct_expando): New function to generalize
6013
%-expando processing in any arbitrary string.
6014
6015
* photoid.c (show_photo): Call the new pct_expando function rather
6016
than expand strings internally.
6017
6018
* sign.c (mk_notation_and_policy): Show policy URLs and notations
6019
when making a signature if show-policy/show-notation is on.
6020
%-expand policy URLs during generation. This lets the user have
6021
policy URLs of the form "http://notary.jabberwocky.com/keysign/%K"
6022
which will generate a per-signature policy URL.
6023
6024
* main.h, keylist.c (show_policy_url, show_notation): Add amount
6025
to indent so the same function can be used in key listings as well
6026
as during sig generation. Change all callers.
6027
6028
2002-02-04 David Shaw <dshaw@jabberwocky.com>
6029
6030
* keyserver.c, options.h (parse_keyserver_options, keyidlist):
6031
Workaround for the pksd and OKS keyserver bug that calculates v4
6032
RSA keyids as if they were v3. The workaround/hack is to fetch
6033
both the v4 (e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids. This
6034
only happens for key refresh while using the HKP scheme and the
6035
refresh-add-fake-v3-keyids keyserver option must be set. This
6036
should stay off by default.
6037
6038
2002-02-03 David Shaw <dshaw@jabberwocky.com>
6039
6040
* keyserver.c (keyserver_spawn): Bug fix - do not append keys to
6041
each other when --sending more than one.
6042
6043
2002-02-02 David Shaw <dshaw@jabberwocky.com>
6044
6045
* options.h, g10.c (main), keyedit.c (sign_uids), sign.c
6046
(mk_notation_and_policy): Split "--set-policy-url" into
6047
"--cert-policy-url" and "--sig-policy-url" so the user can set
6048
different policies for key and data signing. For backwards
6049
compatibility, "--set-policy-url" sets both, as before.
6050
6051
2002-01-30 Werner Koch <wk@gnupg.org>
6052
6053
* g10.c (main): --gen-random --armor does now output a base64
6054
encoded string.
6055
6056
2002-01-28 David Shaw <dshaw@jabberwocky.com>
6057
6058
* g10.c (main), options.h, pkclist.c (algo_available): --pgp6
6059
flag. This is not nearly as involved as --pgp2. In short, it
6060
turns off force_mdc, turns on no_comment, escape_from, and
6061
force_v3_sigs, and sets compression to 1. It also restricts the
6062
user to IDEA (if present), 3DES, CAST5, MD5, SHA1, and RIPEMD160.
6063
See the comments above algo_available() for lots of discussion on
6064
why you would want to do this.
6065
6066
2002-01-27 David Shaw <dshaw@jabberwocky.com>
6067
6068
* keygen.c (keygen_set_std_prefs): Comment
6069
6070
* keyedit.c (sign_uids): Bug fix - when signing with multiple
6071
secret keys at the same time, make sure each key gets the sigclass
6072
prompt.
6073
6074
* exec.c (exec_finish): Close the iobuf and FILE before trying to
6075
waitpid, so the remote process will get a SIGPIPE and exit. This
6076
is only a factor when using a pipe to communicate.
6077
6078
* exec.c (exec_write): Disable cache-on-close of the fd iobuf (is
6079
this right? Why is a fd iobuf cached at all?)
6080
6081
2002-01-26 Werner Koch <wk@gnupg.org>
6082
6083
* g10.c, options.h: New option --gpg-agent-info
6084
* passphrase.c (agent_open): Let it override the environment info.
6085
* seckey-cert.c (check_secret_key): Always try 3 times when the
6086
agent is enabled.
6087
* options.skel: Describe --use-agent.
6088
6089
2002-01-24 David Shaw <dshaw@jabberwocky.com>
6090
6091
* pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences
6092
against keys with v4 self sigs - there is really little point in
6093
warning for every single non-IDEA message encrypted to an old key.
6094
6095
* pkclist.c (select_algo_from_prefs): Only put in the fake IDEA
6096
preference if --pgp2 is on.
6097
6098
* mainproc.c (check_sig_and_print): Print "Expired" for expired
6099
but good signatures (this still prints "BAD" for expired but bad
6100
signatures).
6101
6102
2002-01-23 David Shaw <dshaw@jabberwocky.com>
6103
6104
* keygen.c (ask_keysize): Cosmetic: don't present a RSA signing
6105
key as a "keypair" which can be 768 bits long (as RSA minimum is
6106
1024).
6107
6108
* pubkey-enc.c (is_algo_in_prefs): Allow IDEA as a fake preference
6109
for v3 keys with v3 selfsigs.
6110
6111
2002-01-22 David Shaw <dshaw@jabberwocky.com>
6112
6113
* packet.h, getkey.c (merge_selfsigs_main), pkclist.c
6114
(select_algo_from_prefs): Implement the fake IDEA preference as
6115
per RFC2440:12.1. This doesn't mean that IDEA will be used (the
6116
plugin may not be present), but it does mean that a v3 key with a
6117
v3 selfsig has an implicit IDEA preference instead of 3DES. v3
6118
keys with v4 selfsigs use preferences as normal.
6119
6120
* encode.c (encode_crypt): if select_algo_from_prefs fails, this
6121
means that we could not find a cipher that both keys like. Since
6122
all v4 keys have an implicit 3DES preference, this means there is
6123
a v3 key with a v3 selfsig in the list. Use 3DES in this case as
6124
it is the safest option (we know the v4 key can handle it, and
6125
we'll just hope the v3 key is being used in an implementation that
6126
can handle it). If --pgp2 is on, warn the user what we're doing
6127
since it'll probably break PGP2 compatibility.
6128
6129
* g10.c (main): Do not force using IDEA for encrypted files in
6130
--pgp2 mode - let the fake IDEA preference choose this for us for
6131
better compatibility when encrypting to multiple keys, only some
6132
of which are v3.
6133
6134
* keygen.c (keygen_set_std_prefs): Put 3DES on the end of the
6135
default cipher pref list (RFC2440: "...it is good form to place it
6136
there explicitly."). If the user has the IDEA plugin installed,
6137
put a preference for IDEA *after* 3DES to effectively disable its
6138
use for everything except encrypting along with v3 keys.
6139
6140
* encode.c, g10.c, sign.c: Change the PGP2 warning line from
6141
"... will not be usable ..." to "... may not be usable ..." as the
6142
user could be using one of the enhanced PGP2 variations.
6143
6144
* helptext.c: Revise the sign_uid.class help text as suggested by
6145
Stefan.
6146
6147
2002-01-20 Werner Koch <wk@gnupg.org>
6148
6149
* passphrase.c (passphrase_to_dek): Add tryagain_text arg to be
6150
used with the agent. Changed all callers.
6151
(agent_get_passphrase): Likewise and send it to the agent
6152
* seckey-cert.c (do_check): New arg tryagain_text.
6153
(check_secret_key): Pass the string to do_check.
6154
* keygen.c (ask_passphrase): Set the error text is required.
6155
* keyedit.c (change_passphrase): Ditto.
6156
6157
* passphrase.c (agent_open): Disable opt.use_agent in case of a
6158
problem with the agent.
6159
(agent_get_passphrase): Ditto.
6160
(passphrase_clear_cache): Ditto.
6161
6162
2002-01-19 Werner Koch <wk@gnupg.org>
6163
6164
* passphrase.c (agent_open): Add support for the new Assuan based
6165
gpg-agent. New arg to return the used protocol version.
6166
(agent_get_passphrase): Implemented new protocol here.
6167
(passphrase_clear_cache): Ditto.
6168
(readline): New.
6169
6170
2002-01-15 Timo Schulz <ts@winpt.org>
6171
6172
* encode.c (encode_crypt_files): Fail if --output is used.
6173
6174
* g10.c: New command --decrypt-files.
6175
6176
* decrypt.c (decrypt_messages): New.
6177
6178
2002-01-09 David Shaw <dshaw@jabberwocky.com>
6179
6180
* g10.c, misc.c, gpgv.c: move idea_cipher_warn to misc.c so gpgv.c
6181
doesn't need a stub for it any longer.
6182
6183
* g10.c (get_temp_dir), main.h: no longer used (it's in exec.c now)
6184
6185
* g10.c (main), delkey.c (delete_keys), main.h : Allow
6186
--delete-key (now --delete-keys, though --delete-key still works,
6187
of course) to delete multiple keys in one go. This applies to
6188
--delete-secret-key(s) and --delete-secret-and-public-key(s) as
6189
well.
6190
6191
2002-01-09 Timo Schulz <ts@winpt.org>
6192
6193
* encode.c (encode_crypt_files): Now it behaves like verify_files.
6194
6195
* g10.c (main): We don't need to check argc for encode_crypt_files
6196
any longer.
6197
6198
2002-01-09 Timo Schulz <ts@winpt.org>
6199
6200
* exec.c: Include windows.h for dosish systems.
6201
6202
2002-01-08 Timo Schulz <ts@winpt.org>
6203
6204
* g10.c (main): New description for --encrypt-files.
6205
6206
2002-01-08 Werner Koch <wk@gnupg.org>
6207
6208
* g10.c (main): Must register the secring for encryption because
6209
it is needed to figure out the default recipient. Reported by
6210
Roger Sondermann.
6211
6212
2002-01-05 David Shaw <dshaw@jabberwocky.com>
6213
6214
* keyedit.c (menu_adduid): Require --expert before adding a photo
6215
ID to a v3 key, and before adding a second photo ID to any key.
6216
6217
* keyedit.c (keyedit_menu): Don't allow adding photo IDs in
6218
rfc1991 or pgp2 mode.
6219
6220
* getkey.c (merge_selfsigs_subkey): Permit v3 subkeys. Believe it
6221
or not, this is allowed by rfc 2440, and both PGP 6 and PGP 7 work
6222
fine with them.
6223
6224
* g10.c, options.h, keyedit.c, sign.c: Move the "ask for
6225
expiration" switch off of --expert, which was getting quite
6226
overloaded, and onto ask-sig-expire and ask-cert-expire. Both
6227
default to off.
6228
6229
* g10.c (main): Change the default compression algo to 1, to be
6230
more OpenPGP compliant (PGP also uses this, so it'll help with
6231
interoperability problems as well).
6232
6233
* encode.c (encode_crypt): Handle compression algo 2, since the
6234
default is now 1.
6235
6236
* build-packet.c (build_attribute_subpkt): Fix off-by-one error.
6237
6238
2002-01-05 Werner Koch <wk@gnupg.org>
6239
6240
* g10.c (main): Do not register the secret keyrings for certain
6241
commands.
6242
6243
* keydb.c (keydb_add_resource): Use access to test for keyring
6244
existence. This avoids cached opened files which are bad under
6245
RISC OS.
6246
6247
2002-01-04 David Shaw <dshaw@jabberwocky.com>
6248
6249
* sign.c (sign_file, sign_symencrypt_file): always use one-pass
6250
packets unless rfc1991 is enabled. This allows a signature made
6251
with a v3 key to work in PGP 6 and 7. Signatures made with v4
6252
keys are unchanged.
6253
6254
* g10.c (main): Disallow non-detached signatures in PGP2 mode.
6255
Move the "you must use files and not pipes" PGP2 warning up so all
6256
the PGP2 stuff is together.
6257
6258
* encode.c (encode_simple): Use the actual filesize instead of
6259
partial length packets in the internal literal packet from a
6260
symmetric message. This breaks PGP5(?), but fixes PGP2, 6, and 7.
6261
It's a decent tradeoff. Note there was only an issue with
6262
old-style RFC1991 symmetric messages. 2440-style messages in 6
6263
and 7 work with or without partial length packets.
6264
6265
2002-01-03 David Shaw <dshaw@jabberwocky.com>
6266
6267
* g10.c (main): Removed --no-default-check-level option, as it is
6268
not consistent with other "default" options. Plus, it is the same
6269
as saying --default-check-level 0.
6270
6271
* exec.c (exec_read): Disallow caching tempfile from child
6272
process, as this keeps the file handle open and can cause unlink
6273
problems on some platforms.
6274
6275
* keyserver.c (keyserver_search_prompt): Minor tweak - don't
6276
bother to transform keyids into textual form if they're just going
6277
to be transformed back to numbers.
6278
6279
2002-01-03 Timo Schulz <ts@winpt.org>
6280
6281
* g10.c: New command --encrypt-files.
6282
6283
* verify.c (print_file_status): Removed the static because
6284
encode_crypt_files also uses this function.
6285
6286
* main.h (print_files_status): New.
6287
(encode_crypt_files): New.
6288
6289
* encode.c (encode_crypt_files): New.
6290
6291
2002-01-02 Stefan Bellon <sbellon@sbellon.de>
6292
6293
* keyserver.c: Moved util.h include down in order to avoid
6294
redefinition problems on RISC OS.
6295
6296
* keyring.c (keyring_lock): Only lock keyrings that are writable.
6297
6298
* keyring.c (keyring_update_keyblock): Close unused iobuf.
6299
6300
* hkp.c (parse_hkp_index, hkp_search) [__riscos__]: Changed
6301
unsigned char* to char* because of compiler issues.
6302
6303
* exec.c (exec_finish) [__riscos__]: Invalidate close cache so
6304
that file can be unlinked.
6305
6306
2001-12-28 David Shaw <dshaw@jabberwocky.com>
6307
6308
* g10.c (main): Use a different strlist to check extensions since
6309
they need to be handled seperately now.
6310
6311
* misc.c,main.h (check_permissions): Properly handle permission
6312
and ownership checks on files in the lib directory
6313
(e.g. /usr/local/lib/gnupg), which are owned by root and are
6314
world-readable, and change all callers to specify extension or
6315
per-user file.
6316
6317
* photoid.c (show_photo), keyserver.c (keyserver_spawn): Bug fix -
6318
don't call exec_finish if exec_write fails.
6319
6320
* keyserver.c (keyserver_spawn): Look for OPTIONS from the
6321
keyserver helper - specifically, a "OUTOFBAND" option for the
6322
email keyserver.
6323
6324
* mainproc.c (list_node), keylist.c (list_keyblock_colon),
6325
import.c (delete_inv_parts), export.c (do_export_stream): Use
6326
signature flags for exportability check rather than re-parsing the
6327
subpacket.
6328
6329
* keyid.c, keydb.h (get_lsign_letter): No longer needed.
6330
6331
2001-12-27 David Shaw <dshaw@jabberwocky.com>
6332
6333
* exec.c (exec_finish): Show errors when temp files cannot be
6334
deleted for whatever reason.
6335
6336
* exec.c (exec_read): Don't rely on WEXITSTATUS being present.
6337
6338
* exec.c (make_tempdir): Add temp file creator for win32. Don't
6339
create an incoming temp file if the exec is write-only.
6340
6341
* keyserver.c (keyserver_spawn): Clean up error handling, for when
6342
the spawn fails.
6343
6344
* photoid.c (show_photo): Clean up error handling.
6345
6346
* misc.c (check_permissions): Neaten.
6347
6348
2001-12-25 David Shaw <dshaw@jabberwocky.com>
6349
6350
* mkdtemp.c (mkdtemp): Add copyleft info and tweak the 'X' counter
6351
to be a bit simpler.
6352
6353
* keyserver.c, photoid.c: Remove unused headers left over from
6354
when the exec functions lived there.
6355
6356
2001-12-23 Timo Schulz <ts@winpt.org>
6357
6358
* misc.c (check_permissions): Do not use it for W32 systems.
6359
6360
* tdbio.c (migrate_from_v2): Define ftruncate as chsize() for W32.
6361
6362
* mkdtemp.c: W32 support.
6363
6364
* photoid.c: Ditto.
6365
6366
* exec.c: Ditto.
6367
6368
2001-12-22 David Shaw <dshaw@jabberwocky.com>
6369
6370
* exec.c (make_tempdir): avoid compiler warning with const
6371
6372
* mkdtemp.c (mkdtemp): catch the empty ("") string case in case
6373
someone repurposes mkdtemp at some point.
6374
6375
* photoid.c (generate_photo_id, show_photo): some type changes
6376
from Stefan Bellon.
6377
6378
* exec.c (make_tempdir): handle Win32 systems, suggested by Timo
6379
Schulz.
6380
6381
2001-12-22 Werner Koch <wk@gnupg.org>
6382
6383
* encode.c (encode_simple, encode_crypt): i18n 2 strings.
6384
6385
2001-12-22 Timo Schulz <ts@winpt.org>
6386
6387
* encode.c (encode_simple, encode_crypt): Use is_file_compressed
6388
to avoid to compress compressed files.
6389
6390
2001-12-22 Werner Koch <wk@gnupg.org>
6391
6392
* keyserver.c (keyserver_spawn): Removed some variables
6393
declaration due to shadowing warnings.
6394
6395
* build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid
6396
compiler warnig due to index(3).
6397
6398
* getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value.
6399
* keylist.c (list_one): Made resname const.
6400
6401
* keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is
6402
not used.
6403
6404
* options.skel: Changed one example photo viewer to qiv.
6405
6406
2001-12-21 David Shaw <dshaw@jabberwocky.com>
6407
6408
* Makefile.am: add exec.c, exec.h, photoid.c, and photoid.h
6409
6410
* build-packet.c (build_attribute_subpkt): new function to build
6411
the raw attribute subpacket. Note that attribute subpackets have
6412
the same format as signature subpackets.
6413
6414
* exec.c: new file with generic exec-a-program functionality.
6415
Used by both photo IDs and keyserver helpers. This is pretty much
6416
the same code that used to be keyserver specific, with some
6417
changes to be usable generically.
6418
6419
* free-packet.c (free_attributes (new)): function to free an
6420
attribute packet.
6421
6422
* gpgv.c: added stub show_photo
6423
6424
* keyedit.c (keyedit_menu, menu_adduid, menu_showphoto): can add a
6425
photo (calls generate_photo_id), or display a photo (calls
6426
show_photo) from the --edit menu. New commands are "addphoto",
6427
and "delphoto" (same as "deluid").
6428
6429
* keylist.c (list_keyblock_print): show photos during key list if
6430
--show-photos enabled.
6431
6432
* keyserver.c (keyserver_spawn): use the generic exec_xxx
6433
functions to call keyserver helper.
6434
6435
* g10.c, options.h: three new options - --{no-}show-photos, and
6436
--photo-viewer to give the command line to display a picture.
6437
6438
* options.skel: instructions for the photo viewer
6439
6440
* parse-packet.c (parse_user_id, setup_user_id (new)): common code
6441
for both user IDs and attribute IDs moved to setup_user_id.
6442
6443
* parse-packet.c (make_attribute_uidname (new)): constructs a fake
6444
"name" for attribute packets (e.g. "[image of size ...]")
6445
6446
* parse-packet.c (parse_attribute (replaces parse_photo_id),
6447
parse_attribute_subpkts): Builds an array of individual
6448
attributes. Currently only handles attribute image / type jpeg
6449
subpackets.
6450
6451
* sign.c (hash_uid): Fix bug in signing attribute (formerly
6452
photo_id) packets.
6453
6454
* packet.h, and callers: globally change "photo_id" to "attribute"
6455
and add structures for attributes. The packet format is generic
6456
attributes, even though the only attribute type thus far defined
6457
is jpeg.
6458
6459
2001-12-21 David Shaw <dshaw@jabberwocky.com>
6460
6461
* parse-packet.c (can_handle_critical): Can handle critical
6462
revocation subpackets now.
6463
6464
* trustdb.c (mark_usable_uid_certs): Disregard revocations for
6465
nonrevocable sigs. Note that this allows a newer revocable
6466
signature to override an older nonrevocable signature.
6467
6468
* sign.c (make_keysig_packet): add a duration field and change all
6469
callers. This makes make_keysig_packet closer to
6470
write_signature_packets and removes some duplicated expiration
6471
code.
6472
6473
* keyedit.c (keyedit_menu, menu_revsig, sign_uids,
6474
sign_mk_attrib): Add nrsign command, don't allow revoking a
6475
nonrevocable signature,
6476
6477
* g10.c (main): Add --nrsign option to nonrevocably sign a key
6478
from the command line.
6479
6480
* build-packet.c (build_sig_subpkt_from_sig): Comment to explain
6481
the use of CRITICAL.
6482
6483
2001-12-21 Werner Koch <wk@gnupg.org>
6484
6485
* g10.c. options.h : New option --show-keyring
6486
* getkey.c (get_ctx_handle): New.
6487
* keylist.c (list_one): Implement option here. By David Champion.
6488
6489
2001-12-20 David Shaw <dshaw@jabberwocky.com>
6490
6491
* keyserver.c (keyserver_spawn): Use mkdtemp() to make temp
6492
directory.
6493
6494
* mkdtemp.c: replacement function for those platforms that don't
6495
have mkdtemp (make a temp directory securely).
6496
6497
2001-12-19 David Shaw <dshaw@jabberwocky.com>
6498
6499
* misc.c (check_permissions): New function to stat() and ensure
6500
the permissions of GNUPGHOME and the files have safe permissions.
6501
6502
* keydb.c (keydb_add_resource): Check keyring permissions.
6503
6504
* tdbio.c (tdbio_set_dbname): Check permissions of trustdb.gpg
6505
6506
* keyserver.c (keyserver_spawn): Disable keyserver schemes that
6507
involve running external programs if the options file has unsafe
6508
permissions or ownership.
6509
6510
* g10.c, options.h: New option --no-permission-warning to disable
6511
the permission warning message(s). This also permits use of the
6512
keyserver if it had been disabled (see above). Also check the
6513
permissions/ownership of random_seed.
6514
6515
* keyserver.c (keyserver_spawn): The new glibc prints a warning
6516
when using mktemp() (the code was already secure, but the warning
6517
was bound to cause confusion). Use a different implementation
6518
based on get_random_bits() instead. Also try a few times to get
6519
the temp dir before giving up.
6520
6521
2001-12-19 Werner Koch <wk@gnupg.org>
6522
6523
* g10.c, passphrase.c [CYGWIN32]: Allow this as an alias for MINGW32.
6524
6525
2001-12-18 David Shaw <dshaw@jabberwocky.com>
6526
6527
* g10.c (idea_cipher_warn): Add a flag to show the warning always
6528
or once per session and change all callers (show always except for
6529
the secret key protection and unknown cipher from an encrypted
6530
message errors). Also make the strings translatable.
6531
6532
* pubkey-enc.c (get_it): Add the IDEA cipher warning if the user
6533
tries to decrypt an IDEA encrypted message without the IDEA
6534
plugin.
6535
6536
* keyserver.c (parse_keyserver_uri): More strict checking of the
6537
keyserver URI. Specifically, fail if the ":port" section is
6538
anything except a number between 1 and 65535.
6539
6540
2001-12-17 David Shaw <dshaw@jabberwocky.com>
6541
6542
* keyserver.c (print_keyinfo): No need to check for
6543
control/illegal characters, as utf8_to_native does this for us.
6544
6545
* mainproc.c (proc_encrypted): Use generic IDEA warning.
6546
6547
* gpgv.c: add stub for idea_cipher_warn
6548
6549
* g10.c, hkp.c, keyserver.c: Fix capitalization and plural issues.
6550
6551
* encode.c (encode_crypt), sign.c (sign_file, clearsign_file):
6552
disable pgp2 mode after the message is no longer pgp2 compatible.
6553
6554
* g10.c (main): Tweak the PGP2.x IDEA warning to use the generic
6555
warning, and not merely fail if the IDEA plugin isn't there.
6556
6557
* g10.c (main, idea_cipher_warn), keygen.c (set_one_pref),
6558
seckey-cert.c (do_check): Add a generic IDEA warning for when the
6559
IDEA plugin is not present. This pops up when the user uses
6560
"--cipher-algo idea", when setpref is used to set a "S1"
6561
preference, and when a secret key protected with IDEA is used.
6562
6563
2001-12-15 Werner Koch <wk@gnupg.org>
6564
6565
* keyserver.c (keyserver_spawn): Assert that we have dropped privs.
6566
6567
2001-12-13 Werner Koch <wk@gnupg.org>
6568
6569
* pubkey-enc.c (get_session_key): Check that the public key
6570
algorithm is indeed usable for en/decryption. This avoid a
6571
strange error message from pubkey_decrypt if for some reasons a
6572
bad algorithm indentifier is passed.
6573
6574
2001-12-12 David Shaw <dshaw@jabberwocky.com>
6575
6576
* Fixed some types for portability. Noted by Stefan Bellon.
6577
6578
2001-12-11 Werner Koch <wk@gnupg.org>
6579
6580
* hkp.c (hkp_export): Do not print possible control characters
6581
from a keyserver response.
6582
(parse_hkp_index): Made uid an unsigned char* because it is passed to
6583
isspace().
6584
(hkp_search): Ditto for the char* vars.
6585
6586
* g10.c (main): Print the IDEA warning also for -c and -se.
6587
6588
* g10.c (get_temp_dir): Assert that we have dropped privs
6589
6590
* encode.c (encode_crypt): Include the first key into the --pgp2
6591
check.
6592
6593
2001-12-07 David Shaw <dshaw@jabberwocky.com>
6594
6595
* g10.c, options.h: New option --pgp2. This is identical to
6596
"--rfc1991 --cipher-algo idea --compress-algo 1 --digest-algo md5
6597
--force_v3_sigs" with the addition of an warning to advise the
6598
user not to use a pipe (which would break pgp2 compatibility).
6599
6600
* encode.c (encode_crypt): warn if the user tries to encrypt to
6601
any key that is not RSA and <= 2048 bits when the --pgp2 option is
6602
used.
6603
6604
* sign.c (sign_file, clearsign_file): When using --pgp2, make a v3
6605
sig, and warn if the signature is made with a non-v3 key.
6606
6607
2001-12-05 David Shaw <dshaw@jabberwocky.com>
6608
6609
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Prompt
6610
for sig expiration if --expert is set and --force-v3-sigs is not
6611
set (v3 sigs cannot expire).
6612
6613
* mainproc.c (check_sig_and_print): After checking a sig, print
6614
expiration status. This causes a error return if the sig is
6615
expired.
6616
6617
* build-packet.c (build_sig_subpkt_from_sig): Include a critical
6618
sig expiration subpacket if the sig is to expire.
6619
6620
* keyedit.c (sign_uids): Do not sign an expired key unless
6621
--expert is set, in which case prompt. Also, offer to expire a
6622
signature when the key the user is signing expires.
6623
6624
* keygen.c (ask_expire_interval): Add a value to determine whether
6625
to prompt for a key or sig expiration and change all callers.
6626
6627
* keyid.c: New functions: expirestr_from_sig and
6628
colon_expirestr_from_sig.
6629
6630
* keylist.c (list_keyblock_colon): Show sig expiration date in the
6631
--with-colons listing.
6632
6633
* sign.c (make_keysig_packet, write_signature_packets): Pass in an
6634
optional timestamp for the signature packet, and change all
6635
callers.
6636
6637
* keyedit.c (sign_mk_attrib): Include a critical expiration
6638
subpacket in the signature if an expiration date is given.
6639
6640
2001-12-04 David Shaw <dshaw@jabberwocky.com>
6641
6642
* keyedit.c (sign_uids): If the user tries to sign a
6643
locally-signed key, allow the cert to be promoted to a full
6644
exportable signature. This essentially deletes the old
6645
non-exportable sig, and replaces it with a new exportable one.
6646
6647
2001-12-04 David Shaw <dshaw@jabberwocky.com>
6648
6649
* keyedit.c (keyedit_menu): Do not allow signing a revoked key
6650
unless --expert is set, and ask even then.
6651
6652
* keyedit.c (sign_uids): Do not allow signing a revoked UID unless
6653
--expert is set, and ask even then.
6654
6655
* g10.c, options.h : New option --expert
6656
6657
2001-11-16 David Shaw <dshaw@jabberwocky.com>
6658
6659
* Allow the user to select no compression via "--compress-algo 0"
6660
on the command line.
6661
6662
* keyedit.c (show_prefs): Show compression preferences in the
6663
long-form "showpref" style.
6664
6665
* keygen.c (set_one_pref): Permit setting a no-compression ("Z0")
6666
preference.
6667
6668
* getkey.c (fixup_uidnode): Fix compression preference corruption
6669
bug.
6670
6671
2001-12-02 David Shaw <dshaw@jabberwocky.com>
6672
6673
* g10.c: Add advisory --for-your-eyes-only option as per section
6674
5.9 of 2440.
6675
6676
2001-12-05 David Shaw <dshaw@jabberwocky.com>
6677
6678
* Force a V4 sig if the user has a notation or policy URL set.
6679
6680
2001-12-04 David Shaw <dshaw@jabberwocky.com>
6681
6682
* g10.c: Add options --keyserver-options, --temp-directory, and
6683
auto-key-retrieve (the opposite of no-auto-key-retrieve).
6684
6685
* hkp.c (hkp_search): New function to handle searching a HKP
6686
keyserver for a key
6687
6688
* hkp.c (hkp_ask_import, hkp_export): Pretty large changes to make
6689
them communicate via the generic functions in keyserver.c
6690
6691
* keyserver.c: new file with generic keyserver routines for
6692
getting keys from a keyserver, sending keys to a keyserver, and
6693
searching for keys on a keyserver. Calls the internal HKP stuff
6694
in hkp.c for HKP keyserver functions. Other calls are handled by
6695
an external program which is spawned and written to and read from
6696
via pipes. Platforms that don't have pipes use temp files.
6697
6698
2001-11-20 David Shaw <dshaw@jabberwocky.com>
6699
6700
* options.h, g10.c: New options show-notation, no-show-notation,
6701
default-check-level, no-default-check-level, show-policy-url,
6702
no-show-policy-url.
6703
6704
* packet.h, sign.c (make_keysig_packet), parse-packet.c
6705
(parse_signature), free-packet.c (free_seckey_enc): Fill in
6706
structures for notation, policy, sig class, exportability, etc.
6707
6708
* keyedit.c, keylist.c (print_and_check_one_sig,
6709
list_keyblock_print): Show flags in signature display for cert
6710
details (class, local, notation, policy, revocable). If selected,
6711
show the notation and policy url.
6712
6713
* keyedit.c (sign_uids): Prompt for and use different key sig
6714
classes.
6715
6716
* helptext.c (helptexts): Add help text to explain different
6717
key signature classes
6718
6719
2001-11-26 David Shaw <dshaw@jabberwocky.com>
6720
6721
* trustdb.c (mark_usable_uid_certs): Fix segfault from bad
6722
initialization and fix reversed key signature expiration check.
6723
6724
2001-11-09 Werner Koch <wk@gnupg.org>
6725
6726
* export.c (do_export_stream): Put all given names into a search
6727
description and change the loop so that all matching names are
6728
returned.
6729
6730
2001-11-08 Werner Koch <wk@gnupg.org>
6731
6732
* pubkey-enc.c (get_it): To reduce the number of questions on the
6733
MLs print the the name of cipher algorithm 1 with the error message.
6734
6735
* mainproc.c: Changed the way old rfc1991 encryption cipher is
6736
selected. Based on a patch by W Lewis.
6737
6738
* pkclist.c (do_edit_ownertrust): Allow to skip over keys, the non
6739
working "show info" is now assigned to "i"
6740
* trustdb.c (ask_ownertrust, validate_keys): Implement a real quit
6741
here. Both are by David Shaw.
6742
6743
* trustdb.c (validate_keys): Make sure next_exipire is initialized.
6744
6745
* sign.c (make_keysig_packet): Use SHA-1 with v4 RSA keys.
6746
6747
* g10.c, options.h : New option --[no-]froce-v4-certs.
6748
* sign.c (make_keysig_packet): Create v4 sigs on v4 keys even with
6749
a v3 key. Use that new option. By David Shaw
6750
6751
* revoke.c (ask_revocation_reason): Allow to select "no reason".
6752
By David Shaw.
6753
6754
* keyid.c (fingerprint_from_sk): Calculation of an v3 fpr was
6755
plain wrong - nearly the same code in fingerprint_from_pk is correct.
6756
6757
* build-packet.c (do_secret_key): Added a few comments to the code.
6758
6759
2001-11-07 Werner Koch <wk@gnupg.org>
6760
6761
* g10.c (main): Print a warning when -r is used w/o encryption.
6762
Suggested by Pascal Scheffers.
6763
6764
2001-10-23 Werner Koch <wk@gnupg.org>
6765
6766
* keyedit.c (keyedit_menu): Changed helptext for showpref
6767
command. Suggested by Reinhard Wobst.
6768
6769
* keyring.c (keyring_search): When marking the offtbl ready, take
6770
into account that we may have more than one keyring.
6771
6772
2001-10-22 Werner Koch <wk@gnupg.org>
6773
6774
* Makefile.am: Do not use OMIT_DEPENDENCIES
6775
6776
* build-packet.c (build_sig_subpkt): Default is now to put all
6777
types of subpackets into the hashed area and only list those which
6778
should go into the unhashed area.
6779
6780
2001-10-18 Werner Koch <wk@gnupg.org>
6781
6782
* keydb.c (keydb_add_resource): Rearranged the way we keep track
6783
of the resource. There will now be an entry for each keyring here
6784
and not in keyring.c itself. Store a token to allow creation of a
6785
keyring handle. Changed all functions to utilize this new design.
6786
(keydb_locate_writable): Make a real implementation.
6787
* keyring.c (next_kr): Removed and changed all callers to set the
6788
resource directly from the one given with the handle.
6789
(keyring_is_writable): New.
6790
(keyring_rebuild_cache): Add an arg to pass the token from keydb.
6791
6792
2001-10-17 Werner Koch <wk@gnupg.org>
6793
6794
* keyring.c (keyring_search): Enabled word search mode but print a
6795
warning that it is buggy.
6796
6797
2001-10-11 Werner Koch <wk@gnupg.org>
6798
6799
* hkp.c (hkp_ask_import): No more need to set the port number for
6800
the x-hkp scheme.
6801
(hkp_export): Ditto.
6802
6803
2001-10-06 Stefan Bellon <sbellon@sbellon.de>
6804
6805
* passphrase.c [__riscos__]: Disabled agent specific stuff.
6806
* g10.c: New option --no-force-v3-sigs.
6807
6808
2001-10-04 Werner Koch <wk@gnupg.org>
6809
6810
* export.c (do_export_stream): Do not push the compress filter
6811
here because the context would run out of scope due to the
6812
iobuf_close done by the caller.
6813
(do_export): Do it here instead.
6814
6815
2001-09-28 Werner Koch <wk@gnupg.org>
6816
6817
* keyedit.c (sign_uids): Always use the primary key to sign keys.
6818
* getkey.c (finish_lookup): Hack to return only the primary key if
6819
a certification key has been requested.
6820
6821
* trustdb.c (cmp_kid_for_make_key_array): Renamed to
6822
(validate_one_keyblock): this and changed arg for direct calling.
6823
(make_key_array): Renamed to
6824
(validate_one_keyblock): this and changed args for direct calling.
6825
(mark_usable_uid_certs, validate_one_keyblock)
6826
(validate_key_list): Add next_expire arg to keep track of
6827
expiration times.
6828
(validate_keys): Ditto for UTKs and write the stamp.
6829
6830
* tdbio.c (migrate_from_v2): Check return code of tbdio_sync.
6831
6832
* tdbdump.c (import_ownertrust): Do a tdbio_sync().
6833
6834
* keyring.c: Made the offtbl an global object.
6835
6836
2001-09-27 Werner Koch <wk@gnupg.org>
6837
6838
* pkclist.c (do_edit_ownertrust): Allow settin of ultimate trust.
6839
6840
* trustdb.c (mark_keyblock_seen): New.
6841
(make_key_array): Use it to mark the subkeys too.
6842
(validate_keys): Store validity for ultimatly trusted keys.
6843
6844
2001-09-26 Werner Koch <wk@gnupg.org>
6845
6846
* pkclist.c (check_signatures_trust, do_we_trust): Removed the
6847
invocation of add_ownertrust. Minor changes to the wording.
6848
(add_ownertrust, add_ownertrust_cb): Removed.
6849
6850
* trustdb.c (get_validity): Allow to lookup the validity using a
6851
subkey.
6852
6853
* trustdb.c (new_key_hash_table): Increased the table size to 1024
6854
and changed the masks accordingly.
6855
(validate): Changed stats printing.
6856
(mark_usable_uid_certs): New.
6857
(cmp_kid_for_make_key_array): Does now check the signatures and
6858
figures out a usable one.
6859
6860
2001-09-25 Werner Koch <wk@gnupg.org>
6861
6862
* keyring.c (new_offset_item,release_offset_items)
6863
(new_offset_hash_table, lookup_offset_hash_table)
6864
(update_offset_hash_table, update_offset_hash_table_from_kb): New.
6865
(keyring_search): Use a offset table to optimize search for
6866
unknown keys.
6867
(keyring_update_keyblock, keyring_insert_keyblock): Insert new
6868
offsets.
6869
* getkey.c (MAX_UNK_CACHE_ENTRIES): Removed the unknown keys
6870
caching code.
6871
6872
* g10.c, options.h, import.c: Removed the entire
6873
allow-secret-key-import stuff because the validity is now
6874
controlled by other means.
6875
6876
* g10.c: New command --rebuild-keydb-caches.
6877
* keydb.c (keydb_rebuild_caches): New.
6878
* keyring.c (do_copy): Moved some code to
6879
(create_tmp_file, rename_tmp_file, write_keyblock): new functions.
6880
(keyring_rebuild_cache): New.
6881
6882
* packet.h (PKT_ring_trust): Add sigcache field.
6883
* parse-packet.c (parse_trust): Parse sigcache.
6884
* keyring.c (do_copy): Always insert a sigcache packet.
6885
(keyring_get_keyblock): Copy the sigcache packet to the signature.
6886
* sig-check.c (cache_sig_result): Renamed from
6887
cache_selfsig_result. Changed implementation to use the flag bits
6888
and changed all callers.
6889
(mdc_kludge_check): Removed this unused code.
6890
(do_check): Do not set the sig flags here.
6891
6892
* import.c (read_block): Make sure that ring_trust packets are
6893
never imported.
6894
* export.c (do_export_stream): and never export them.
6895
6896
* trustdb.c (make_key_array): Skip revoked and expired keys.
6897
6898
2001-09-24 Werner Koch <wk@gnupg.org>
6899
6900
* g10.c, options.h: New option --no-auto-check-trustdb.
6901
6902
* keygen.c (do_generate_keypair): Set newly created keys to
6903
ultimately trusted.
6904
6905
* tdbio.h, tdbio.c: Removed all support for records DIR, KEY, UID,
6906
PREF, SIG, SDIR and CACH. Changed migration function to work
6907
direct on the file.
6908
(tdbio_read_nextcheck): New.
6909
(tdbio_write_nextcheck): New.
6910
6911
2001-09-21 Werner Koch <wk@gnupg.org>
6912
6913
Revamped the entire key validation system.
6914
* trustdb.c: Complete rewrite. No more validation on demand,
6915
removed some functions, adjusted to all callers to use the new
6916
and much simpler interface. Does not use the LID anymore.
6917
* tdbio.c, tdbio.h: Add new record types trust and valid. Wrote a
6918
migration function to convert to the new trustdb layout.
6919
* getkey.c (classify_user_id2): Do not allow the use of the "#"
6920
prefix.
6921
* keydb.h: Removed the TDBIDX mode add a skipfnc to the
6922
descriptor.
6923
* keyring.c (keyring_search): Implemented skipfnc.
6924
6925
* passphrase.c (agent_open): Add missing bracket. Include windows.h.
6926
6927
2001-09-19 Werner Koch <wk@gnupg.org>
6928
6929
* keylist.c (print_fingerprint): Renamed from fingerprint, made
6930
global available. Added new arg to control the print style.
6931
* mainproc.c (print_fingerprint): Removed.
6932
* pkclist.c (print_fpr, fpr_info): Removed and changed callers to
6933
use print_fingerprint.
6934
* keyedit.c (show_fingerprint): Ditto.
6935
6936
* passphrase.c (writen, readn)
6937
(agent_open, agent_close)
6938
(agent_get_passphrase)
6939
(passphrase_clear_cache): Support for W32. Contributed by Timo.
6940
6941
* import.c (import_one): Release keydb handles at 2 more places.
6942
6943
* keyring.c (keyring_release): Close the iobuf.
6944
(keyring_get_keyblock): Init ret_kb to NULL and store error contidion.
6945
6946
* import.c (import_new_stats_handle): New.
6947
(import_release_stats_handle): New.
6948
(import_print_stats): Renamed from static fnc print_stats.
6949
(import_keys, import_keys_stream): Add an optional status handle
6950
arg and changed all callers.
6951
* hkp.c (hkp_ask_import): Add an stats_handle arg and changed all
6952
callers.
6953
6954
* mainproc.c (print_pkenc_list): Use print_utf8_string2().
6955
6956
2001-09-18 Werner Koch <wk@gnupg.org>
6957
6958
* g10.c: New command --refresh-keys.
6959
* hkp.c (hkp_refresh_keys): New. Contributed by Timo Schulz.
6960
6961
* parse-packet.c (parse): Stop on impossible packet lengths.
6962
6963
2001-09-17 Werner Koch <wk@gnupg.org>
6964
6965
* mainproc.c (print_notation_data): Wrap notation data status lines
6966
after 50 chars.
6967
6968
* mainproc.c (proc_pubkey_enc): Make option try-all-secrets work.
6969
By disastry@saiknes.lv.
6970
6971
2001-09-14 Werner Koch <wk@gnupg.org>
6972
6973
* parse-packet.c (dump_sig_subpkt): List key server preferences
6974
and show the revocable flag correctly. Contributed by David Shaw.
6975
6976
2001-09-09 Werner Koch <wk@gnupg.org>
6977
6978
* keyedit.c (keyedit_menu): No need to define another p.
6979
6980
* keylist.c (print_capabilities): s/used/use/ so that it
6981
does not shadow a global.
6982
* sign.c (sign_file): Renamed arg encrypt to encryptflag
6983
* keygen.c: Replaced all "usage" by "use".
6984
* misc.c (openpgp_pk_algo_usage): Ditto.
6985
6986
* pubkey-enc.c (get_it): Renamed arg k to enc so that the later
6987
defined k does not shadow it.
6988
6989
* parse-packet.c (parse_gpg_control): No need to define another i.
6990
6991
* getkey.c (get_pubkey_byfprint): Must use the enum values and not
6992
the fprint_len.
6993
* keyring.c (keyring_search): Removed a non-sense break. Both
6994
bugs pointed out by Stefan.
6995
6996
2001-09-07 Werner Koch <wk@gnupg.org>
6997
6998
* status.c, status.h: Added NO_RECP and ALREADY_SIGNED.
6999
* pkclist.c (build_pk_list): Issue NO_RECP.
7000
* keyedit.c (sign_uids): Added experimental ALREADY_SIGNED
7001
7002
* hkp.c (hkp_import): Use log_error. Bug reported by Neal H
7003
Walfield.
7004
7005
* getkey.c (classify_user_id2): Change args to take the desc union
7006
direct. It was a stupid idea to pass the individual fields of an
7007
union to this function. Changed all callers.
7008
(classify_user_id): Ditto and allow to pass NULL as the description.
7009
7010
2001-09-06 Werner Koch <wk@gnupg.org>
7011
7012
* getkey.c (fixup_uidnode): Features flag is now a bit vector.
7013
* keygen.c (add_feature_mdc): Ditto.
7014
7015
Revamped the entire key I/O code to be prepared for other ways of
7016
key storages and to get rid of the existing shit. GDBM support has
7017
gone.
7018
* keydb.c: New
7019
* keyring.c, keyring.h: New.
7020
* ringedit.c: Removed. Moved some stuff to keyring.c
7021
* getkey.c: Changed everything related to the key retrieving
7022
functions which are now using the keydb_ functions.
7023
(prepare_search, word_match_chars, word_match)
7024
(prepare_word_match, compare_name): Moved to keyring.c
7025
(get_pubkey_byname): Removed ctx arg and add ret_kdbhd
7026
arg. Changed all callers.
7027
(key_byname): Use get_pubkey_end to release the context and take
7028
new ret_kbdhd arg. Changed all callers.
7029
(classify_user_id2): Fill the 16 byte fingerprint up with 4 null
7030
bytes not with zero bytes of value 4, tsss.
7031
* import.c (import_one): Updated to use the new keydb interface.
7032
(import_secret_one): Ditto.
7033
(import_revoke_cert): Ditto.
7034
* delkey.c (do_delete_key): Ditto.
7035
* keyedit.c (keyedit_menu): Ditto.
7036
(get_keyblock_byname): Removed.
7037
* revoke.c (gen_revoke): Ditto.
7038
* export.c (do_export_stream): Ditto.
7039
* trustdb.c (update_trustdb): Ditto.
7040
* g10.c, gpgv.c (main): Renamed add_keyblock_resource to
7041
keydb_add_resource.
7042
* Makefile.am: Added and removed files.
7043
7044
* keydb.h: Moved KBNODE typedef and MAX_FINGERPRINT_LEN to
7045
* global.h: this new header.
7046
7047
2001-09-03 Werner Koch <wk@gnupg.org>
7048
7049
* passphrase.c (agent_get_passphrase): Changed nread to size_t.
7050
(passphrase_clear_cache): Ditto.
7051
7052
* keyid.c (mk_datestr): Avoid trigraphs.
7053
(fingerprint_from_pk): Cache the keyid in the pk.
7054
7055
* options.h: Add opt.with_fingerprint so that we know whether the
7056
corresponding options was used.
7057
* g10.c (main): Set it here.
7058
* pkclist.c (check_signatures_trust): Always print fingerprint
7059
when this option is used. Mixed a minor memory leak.
7060
7061
* status.c, status.h: New status INV_RECP.
7062
* pkclist.c (build_pk_list): Issue this status.
7063
7064
2001-08-31 Werner Koch <wk@gnupg.org>
7065
7066
* parse-packet.c (parse_key,parse_pubkeyenc)
7067
(parse_signature): Return error on reading bad MPIs.
7068
7069
* mainproc.c (check_sig_and_print): Always print the user ID even
7070
if it is not bound by a signature. Use the primary UID in the
7071
status messages and encode them in UTF-8
7072
* status.c (write_status_text_and_buffer): New.
7073
7074
2001-08-30 Werner Koch <wk@gnupg.org>
7075
7076
* packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES.
7077
(PKT_public_key, PKT_user_id): Add a flag for it.
7078
* parse-packet.c, build-packet.c: Add support for them.
7079
* getkey.c (fixup_uidnode, merge_selfsigs): Set the MDC flags.
7080
* keygen.c (add_feature_mdc): New.
7081
(keygen_upd_std_prefs): Always set the MDC feature.
7082
* keyedit.c (show_prefs): List the MDC flag
7083
* pkclist.c (select_mdc_from_pklist): New.
7084
* encode.c (encode_crypt, encrypt_filter): Test whether MDC
7085
should be used.
7086
* cipher.c (write_header): Set MDC use depending on the above test.
7087
Print more status info.
7088
7089
* delkey.c (do_delete_key): Kludge to delete a secret key with no
7090
public key available.
7091
7092
* ringedit.c (find_secret_keyblock_direct): New.
7093
* getkey.c (seckey_available): Simplified.
7094
7095
* ringedit.c (cmp_seckey): Now compares the secret key against the
7096
public key while ignoring all secret parts.
7097
(keyring_search): Use a public key packet as arg. Allow to search
7098
for subnkeys
7099
(search): Likewise. Changed all callers.
7100
(find_secret_keyblock_bypk): New.
7101
(find_secret_keyblock_byname): First locate the pubkey and then
7102
find the correponding secret key.
7103
* parse-packet.c (parse): Renamed pkttype arg to onlykeypkts and
7104
changed code accordingly. Changed all callers.
7105
(search_packet): Removed pkttype arg.
7106
* keyedit.c (keyedit_menu): First locate the public key and then
7107
try to locate a secret key.
7108
7109
* ringedit.c (locate_keyblock_by_fpr): Removed.
7110
(locate_keyblock_by_keyid): Removed.
7111
(find_keyblock_bysk): Removed.
7112
7113
* sig-check.c (check_key_signature2): Print the keyid along with
7114
the wrong sig class errors.
7115
7116
2001-08-24 Werner Koch <wk@gnupg.org>
7117
7118
* sign.c (sign_file): Stripped the disabled comment packet code.
7119
(sign_file, sign_symencrypt_file): Moved common code to ..
7120
(write_onepass_sig_packets): .. this new function.
7121
(sign_file, clearsign_file, sign_symencrypt_file): Moved common
7122
code to
7123
(write_signature_packets): this new function.
7124
(write_signature_packets, make_keysig_packet)
7125
(update_keysig_packet): Moved common code to
7126
(hash_uid, hash_sigclass_to_magic): these new functions
7127
(sign_file, sign_symencrypt_file): Moved common code to
7128
(write_plaintext_packet): this new function.
7129
7130
2001-08-21 Stefan Bellon <sbellon@sbellon.de>
7131
7132
* trustdb.c (query_trust_info): Changed trustlevel to signed int.
7133
* g10.c [__riscos__]: Fixed handling of --use-agent --lock-multiple.
7134
7135
2001-08-20 Werner Koch <wk@gnupg.org>
7136
7137
* encr-data.c (decrypt_data): Keep track on whether we already
7138
printed information about the used algorithm.
7139
* mainproc.c (proc_encrypted): Removed the non-working IDEA hack
7140
and print a message about the assumed algorithm.
7141
* passphrase.c (passphrase_to_dek): Use the same algorithm as above.
7142
(proc_symkey_enc): Print the algorithm, so that the user knows it
7143
before entering the passphrase.
7144
(proc_pubkey_enc, proc_pubkey_enc): Zero the DEK out.
7145
* encode.c (encode_crypt, encrypt_filter): Ditto.
7146
7147
* g10.c: Allow for --sign --symmetric.
7148
* sign.c (sign_and_symencrypt): New.
7149
7150
Applied patches from Stefan Bellon <sbellon@sbellon.de> to support
7151
RISC OS. Nearly all of these patches are identified by the
7152
__riscos__ macro.
7153
* compress.c: Added a couple of casts.
7154
* g10.c [__riscos__]: Some patches and new options foo-file similar
7155
to all foo-fd options.
7156
* gpgv.c, openfile.c, ringedit.c, tdbio.c: Minor fixes. Mainly
7157
replaced hardcoded path separators with EXTSEP_S like macros.
7158
* passprase.c [__riscos__]: Disabled agent stuff
7159
* trustdb.c (check_trust): Changed r_trustlevel to signed int to
7160
avoid mismatch problems in pkclist.c
7161
* pkclist.c (add_ownertrust): Ditto.
7162
* plaintext.c (handle_plaintext) [__riscos__]: Print a note when
7163
file can't be created.
7164
* options.h [__riscos__]: Use an extern unless included from the
7165
main module.
7166
* signal.c (got_fatal_signal) [__riscos__]: Close all files.
7167
7168
2001-08-14 Werner Koch <wk@gnupg.org>
7169
7170
* keygen.c (ask_algo): New arg r_usage. Allow for RSA keys.
7171
(gen_rsa): Enabled the code.
7172
(do_create): Enabled RSA branch.
7173
(parse_parameter_usage): New.
7174
(proc_parameter_file): Handle usage parameter.
7175
(read_parameter_file): Ditto.
7176
(generate_keypair): Ditto.
7177
(generate_subkeypair): Ditto.
7178
(do_generate_keypair): Ditto.
7179
(do_add_key_flags): New.
7180
(keygen_add_std_prefs): Use the new function.
7181
(keygen_add_key_flags_and_expire): New.
7182
(write_selfsig, write_keybinding): Handle new usage arg.
7183
* build-packet.c (build_sig_subpkt): Make sure that key flags go
7184
into the hashed area.
7185
7186
* keygen.c (write_uid): Initialize the reference cunter.
7187
7188
* keyedit.c (keyedit_menu): No more need to update the trustdb for
7189
preferences. Added calls to merge keblock.
7190
7191
* kbnode.c (dump_kbnode): Print some more flags.
7192
7193
2001-08-10 Werner Koch <wk@gnupg.org>
7194
7195
Revamped the preference handling.
7196
7197
* packet.h (prefitem_t, preftype_t): New.
7198
(PKT_public_key): Added a uid field.
7199
(PKT_user_id): Added field to store preferences and a reference
7200
counter.
7201
* parse-packet.c (parse_user_id,parse_photo_id): Initialize them
7202
* free-packet.c (free_user_id): Free them.
7203
(copy_user_id): Removed.
7204
(scopy_user_id): New.
7205
(cmp_user_ids): Optimized for identical pointers.
7206
(release_public_key_parts): Release the uid.
7207
(copy_public_key_with_new_namehash): Removed.
7208
(copy_prefs): New.
7209
* keyedit.c (menu_adduid): Use the new shallow copy user id.
7210
(show_prefs): Adjusted implementation.
7211
(keyedit_menu): No more need to update the trustdb after changing
7212
preferences.
7213
* getkey.c (fixup_uidnode): Store preferences.
7214
(find_by_name): Return a user id packet and remove namehash stuff.
7215
(lookup): Removed the unused namehash stuff.
7216
(finish_lookup): Added foundu arg.
7217
(pk_from_block): Removed the namehash arg and changed all callers.
7218
(merge_selfsigs): Copy prefs to all keys.
7219
* trustdb.c (get_pref_data): Removed.
7220
(is_algo_in_prefs): Removed.
7221
(make_pref_record): Deleted and removed all class.
7222
* pkclist.c (select_algo_from_prefs): Adjusted for the new
7223
preference implementation.
7224
* pubkey-enc.c (is_algo_in_prefs): New.
7225
(get_it): Use that new function.
7226
7227
2001-08-09 Werner Koch <wk@gnupg.org>
7228
7229
* build-packet.c (build_sig_subpkt): Fixed calculation of
7230
newarea->size.
7231
7232
* g10.c (main): New option "--preference-list"
7233
* keyedit.c (keyedit_menu): New commands "setpref" and "updpref".
7234
(menu_set_preferences): New.
7235
* keygen.c (keygen_set_std_prefs): New.
7236
(set_one_pref): New.
7237
(check_zip_algo): New.
7238
(keygen_get_std_prefs): New.
7239
(keygen_upd_std_prefs): New
7240
(keygen_add_std_prefs): Move the pref setting code into the above fnc.
7241
* build-packet.c (build_sig_subpkt): Updated the list of allowed
7242
to update subpackets.
7243
7244
2001-08-08 Werner Koch <wk@gnupg.org>
7245
7246
* packet.h (subpktarea_t): New.
7247
(PKT_signature): Use that type for hashed_data and unhashed_data and
7248
removed the _data prefix from those fields. Changed all users.
7249
* parse-packet.c (parse_signature): Changed allocation for that.
7250
(parse_sig_subpkt): Changed declaration
7251
(enum_sig_subpkt): Ditto and changed implementation accordingly.
7252
* free-packet.c (cp_subpktarea): Renamed from cp_data_block and
7253
adjusted implementation. Changed caller.
7254
* sig-check.c (mdc_kludge_check): Adjusted the hashing.
7255
(do_check): Ditto.
7256
* sign.c (sign_file, clearsign_file, make_keysig_packet,
7257
update_keysig_packet): Ditto.
7258
* build-packet.c (build_sig_subpkt): Partial rewrite.
7259
(find_subpkt): Adjusted and made static.
7260
(delete_sig_subpkt): Adjusted.
7261
(do_signature): Ditto.
7262
7263
* keygen.c (ask_keysize): Do not print the notes about suggested
7264
key sizes if just a DSA key is generated.
7265
7266
* trustdb.c (add_ultimate_key): s/log_error/log_info/ for
7267
duplicated inserted trusted keys.
7268
7269
2001-08-07 Werner Koch <wk@gnupg.org>
7270
7271
* sign.c (sleep): Redefine for W32.
7272
7273
* g10.c, options.h: Set new flag opt.no_homedir_creation when
7274
--no-options is given.
7275
* openfile.c (try_make_homedir): Don't create the homedir in that case.
7276
7277
2001-08-03 Werner Koch <wk@gnupg.org>
7278
7279
* armor.c (armor_filter): Removed the default comment string
7280
because it could get us in trouble due to translations using non
7281
ascii characters.
7282
7283
2001-08-01 Werner Koch <wk@gnupg.org>
7284
7285
* keylist.c (list_keyblock_print): Do not list revoked UIDs unless
7286
in verbose mode and we do no signature listing.
7287
7288
* getkey.c (finish_lookup): Skip subkeys which are not yet valid.
7289
* g10.c, options.h: New option --ignore-valid-from.
7290
7291
* sign.c (make_keysig_packet): Added new sigversion argument to
7292
allow the caller to force generation of required signature
7293
version. Changed all callers. Suggested by Thomas Roessler.
7294
7295
* keyedit.c (sign_uids): Force v4 signature generation for local
7296
sigs. Removed the check for local signature and pre-v4 keys.
7297
7298
2001-07-27 Werner Koch <wk@gnupg.org>
7299
7300
* keyedit.c (sign_uids): Check that we are not trying to to a
7301
lsign with a pre-v4 key. Bug noticed by Thomas Roessler.
7302
7303
2001-07-26 Werner Koch <wk@gnupg.org>
7304
7305
* parse-packet.c (parse_photo_id): Reset all variables.
7306
* getkey.c (merge_selfsigs_main): Removed checks on PHOTO_ID
7307
because this is handled identically to a user ID.
7308
7309
2001-07-06 Werner Koch <wk@gnupg.org>
7310
7311
* cipher.c (write_header): Don't use MDC with --rfc1991. Suggested
7312
by disastry@saiknes.lv.
7313
7314
2001-07-05 Werner Koch <wk@gnupg.org>
7315
7316
* g10.c, options.h: New option --preserve-permissions.
7317
* ringedit.c (add_keyblock_resource): Use it here
7318
(keyring_copy): and here.
7319
7320
* trustdb.c (verify_own_keys): Be more silent on --quiet.
7321
Suggested by Thomas Roessler.
7322
* sig-check.c (check_key_signature2): Ditto.
7323
* mainproc.c (proc_encrypted, proc_tree): Ditto
7324
* getkey.c (lookup): Ditto.
7325
7326
2001-07-04 Werner Koch <wk@gnupg.org>
7327
7328
* ringedit.c (add_keyblock_resource): Restore filename in case of error.
7329
7330
2001-06-25 Werner Koch <wk@gnupg.org>
7331
7332
* kbnode.c (dump_kbnode): Print the signature timestamp.
7333
7334
* keyedit.c (keyedit_menu): New menu point "primary".
7335
(change_primary_uid_cb): New.
7336
(menu_set_primary_uid): New.
7337
* sign.c (update_keysig_packet): New.
7338
* build-packet.c (build_sig_subpkt): Put the primary UID flag into
7339
the hashed area. Allow update of some more packets.
7340
7341
2001-06-15 Werner Koch <wk@gnupg.org>
7342
7343
* getkey.c (merge_selfsigs): Exit gracefully when a secret key is
7344
encountered. May happen if a secret key is in public keyring.
7345
Reported by Francesco Potorti.
7346
7347
2001-06-12 Werner Koch <wk@gnupg.org>
7348
7349
* getkey.c (compare_name): Use ascii_memistr(), ascii_memcasecmp()
7350
* keyedit.c (keyedit_menu): Use ascii_strcasecmp().
7351
* armor.c (radix64_read): Use ascii_toupper().
7352
* ringedit.c (do_bm_search): Ditto.
7353
* keygen.c (read_parameter_file): Ditto.
7354
* openfile.c (CMP_FILENAME): Ditto.
7355
* g10.c (i18n_init): We can now use just LC_ALL.
7356
7357
2001-05-29 Werner Koch <wk@gnupg.org>
7358
7359
* keygen.c (generate_subkeypair): Print a warning if a subkey is
7360
created on a v3 key. Suggested by Brian M. Carlson.
7361
7362
2001-05-27 Werner Koch <wk@gnupg.org>
7363
7364
* keyid.c (get_lsign_letter): New.
7365
* keylist.c (list_keyblock_colon): Use it here.
7366
* mainproc.c (list_node): and here.
7367
7368
* getkey.c, packet.h, free-packet.c: Removed that useless key
7369
created field; I dunno why I introducded this at all - the
7370
creation time is always bound to the key packet and subject to
7371
fingerprint calculation etc.
7372
7373
* getkey.c (fixup_uidnode): Add keycreated arg and use this
7374
instead of the signature timestamp to calculate the
7375
help_key_expire. Bug reported by David R. Bergstein.
7376
(merge_selfsigs_main): Correct key expiration time calculation.
7377
(merge_selfsigs_subkey): Ditto.
7378
7379
2001-05-25 Werner Koch <wk@gnupg.org>
7380
7381
* revoke.c (gen_revoke): Add a cast to a tty_printf arg.
7382
* delkey.c (do_delete_key): Ditto.
7383
* keyedit.c (print_and_check_one_sig): Ditto.
7384
(ask_revoke_sig): Ditto.
7385
(menu_revsig): Ditto.
7386
(check_all_keysigs): Removed unused arg.
7387
7388
2001-05-23 Werner Koch <wk@gnupg.org>
7389
7390
* g10.c (opts): Typo fix by Robert C. Ames.
7391
7392
2001-05-06 Werner Koch <wk@gnupg.org>
7393
7394
* revoke.c: Small typo fix
7395
7396
2001-05-04 Werner Koch <wk@gnupg.org>
7397
7398
* passphrase.c (passphrase_clear_cache): Shortcut if agent usage
7399
is not enabled.
7400
7401
2001-05-01 Werner Koch <wk@gnupg.org>
7402
7403
* passphrase.c (writen): Replaced ssize_t by int. Thanks to
7404
to Robert Joop for reporting that SunOS 4.1.4 does not have it.
7405
7406
2001-04-28 Werner Koch <wk@gnupg.org>
7407
7408
* getkey.c (merge_public_with_secret): pkttype was not set to subkey.
7409
7410
2001-04-27 Werner Koch <wk@gnupg.org>
7411
7412
* skclist.c (build_sk_list): Changed one log_debug to log_info.
7413
7414
2001-04-25 Werner Koch <wk@gnupg.org>
7415
7416
* keyedit.c (show_prefs): Add a verbose mode.
7417
(show_key_with_all_names): Pass verbose flag for special value of
7418
with_pref.
7419
(keyedit_menu): New command "showpref"
7420
(show_key_with_all_names): Mark revoked uids and the primary key.
7421
7422
2001-04-24 Werner Koch <wk@gnupg.org>
7423
7424
* getkey.c (get_primary_uid): Return a different string in case of
7425
error and made it translatable.
7426
7427
* build-packet.c (do_secret_key): Ugly, we wrote a zero
7428
instead of the computed ndays. Thanks to M Taylor for complaining
7429
about a secret key import problem.
7430
7431
2001-04-23 Werner Koch <wk@gnupg.org>
7432
7433
* hkp.c (hkp_ask_import): Allow to specify a port number for the
7434
keyserver. Add a kudge to set the no_shutdown flag.
7435
(hkp_export): Ditto.
7436
* options.skel: Document the changes
7437
7438
2001-04-20 Werner Koch <wk@gnupg.org>
7439
7440
* options.skel: Add some more comments.
7441
7442
2001-04-19 Werner Koch <wk@gnupg.org>
7443
7444
* keyid.c (mk_datestr): New. Handles negative times. We must do
7445
this because Windoze segvs on negative times passed to gmtime().
7446
Changed all datestr_from function to use this one.
7447
7448
* keyid.c, keyid.h (colon_strtime): New. To implement the
7449
fixed-list-mode.
7450
(colon_datestr_from_pk): New.
7451
(colon_datestr_from_sk): New.
7452
(colon_datestr_from_sig): New.
7453
* keylist.c (list_keyblock_colon): Use these functions here.
7454
* mainproc.c (list_node): Ditto.
7455
7456
2001-04-18 Werner Koch <wk@gnupg.org>
7457
7458
* openfile.c (open_sigfile): Fixed the handling of ".sign".
7459
* mainproc.c (proc_tree): Use iobuf_get_real_fname.
7460
Both are by Vincent Broman.
7461
7462
2001-04-14 Werner Koch <wk@gnupg.org>
7463
7464
* getkey.c (fixup_uidnode): Removed check for !sig which is
7465
pointless here. Thanks to Jan Niehusmann.
7466
7467
2001-04-10 Werner Koch <wk@gnupg.org>
7468
7469
* sig-check.c (check_key_signature2): Use log_info instead of
7470
log_error so that messed up keys do not let gpg return an error.
7471
Suggested by Christian Kurz.
7472
7473
* getkey.c (merge_selfsigs_main): Do a fixup_uidnode only if we
7474
have both, uid and sig. Thanks to M Taylor.
7475
7476
2001-04-05 Werner Koch <wk@gnupg.org>
7477
7478
* armor.c (unarmor_pump_new,unarmor_pump_release): New.
7479
(unarmor_pump): New.
7480
* pipemode.c (pipemode_filter): Use the unarmor_pump to handle
7481
armored or non-armored detached signatures. We can't use the
7482
regular armor_filter because this does only check for armored
7483
signatures the very first time. In pipemode we may have a mix of
7484
armored and binary detached signatures.
7485
* mainproc.c (proc_tree): Do not print the "old style" notice when
7486
this is a pipemode processes detached signature.
7487
(proc_plaintext): Special handling of pipemode detached sigs.
7488
7489
* packet.h (CTRLPKT_PLAINTEXT_MARK): New.
7490
* parse-packet.c (create_gpg_control): New.
7491
* kbnode.c (dump_kbnode): Support it here.
7492
* mainproc.c (check_sig_and_print): Fixed the check for bad
7493
sequences of multiple signatures.
7494
(proc_plaintext): Add the marker packet.
7495
(proc_tree): We can now check multiple detached signatures.
7496
7497
2001-04-02 Werner Koch <wk@gnupg.org>
7498
7499
The length of encrypted packets for blocksizes != 8 was not
7500
correct encoded. I think this is a minor problem, because we
7501
usually use partial length packets. Kudos to Kahil D. Jallad for
7502
pointing this out.
7503
* packet.h: Add extralen to PKT_encrypted.
7504
* cipher.c (write_header): Set extralen.
7505
* build-packet.c (do_encrypted): Use extralen instead of const 10.
7506
(do_encrypted_mdc): Ditto.
7507
* parse-packet.c (parse_encrypted): Set extralen to 0 because we
7508
don't know it here.
7509
7510
2001-03-30 Werner Koch <wk@gnupg.org>
7511
7512
* getkey.c (premerge_public_with_secret): Changed wording an add
7513
the keyID to the info message.
7514
7515
2001-03-29 Werner Koch <wk@gnupg.org>
7516
7517
* getkey.c (premerge_public_with_secret): Use log_info instead of
7518
log_error when no secret key was found for a public one.
7519
Fix the usage if the secret parts of a key are not available.
7520
7521
* openfile.c (ask_outfile_name): Trim spaces.
7522
(open_outfile): Allow to enter an alternate filename. Thanks to
7523
Stefan Bellon.
7524
* plaintext.c (handle_plaintext): Ditto.
7525
7526
2001-03-28 Werner Koch <wk@gnupg.org>
7527
7528
* mainproc.c (do_check_sig): Allow direct key and subkey
7529
revocation signature.
7530
* sig-check.c (check_key_signature2): Check direct key signatures.
7531
Print the signature class along with an error.
7532
7533
2001-03-27 Werner Koch <wk@gnupg.org>
7534
7535
* packet.h: Add a missing typedef to an enum. Thanks to Stefan Bellon.
7536
7537
* g10.c: New option --no-sig-create-check.
7538
* sign.c (do_sign): Implement it here.
7539
* g10.c: New option --no-sig-cache.
7540
* sig-check.c (check_key_signature2): Implement it here.
7541
(cache_selfsig_result): and here.
7542
7543
* keylist.c (list_keyblock): Removed debugging stuff.
7544
7545
* getkey.c (cache_public_key): Made global.
7546
* keygen.c (write_selfsig, write_keybinding): Cache the new key.
7547
7548
* getkey.c (key_byname): Add new arg secmode and changed all
7549
callers to request explicitly the mode. Deriving this information
7550
from the other supplied parameters does not work if neither pk nor
7551
sk are supplied.
7552
7553
2001-03-25 Werner Koch <wk@gnupg.org>
7554
7555
* packet.h (ctrlpkttype_t): New.
7556
* mainproc.c (add_gpg_control,proc_plaintext,proc_tree): Use the
7557
new enum values.
7558
* pipemode.c (make_control): Ditto.
7559
* armor.c (armor_filter): Ditto.
7560
7561
2001-03-24 Werner Koch <wk@gnupg.org>
7562
7563
* sign.c (do_sign): Verify the signature right after creation.
7564
7565
2001-03-23 Werner Koch <wk@gnupg.org>
7566
7567
* status.c, status.h (STATUS_UNEXPECTED): New.
7568
* mainproc.c (do_proc_packets): And emit it here.
7569
7570
2001-03-21 Werner Koch <wk@gnupg.org>
7571
7572
* status.c: Add sys/types.h so that it runs on Ultrix. Reported
7573
by Georg Schwarz.x
7574
7575
* build-packet.c (build_sig_subpkt): Fixed generaton of packet
7576
length header in case where 2 bytes headers are needed. Thanks to
7577
Piotr Krukowiecki.
7578
7579
2001-03-19 Werner Koch <wk@gnupg.org>
7580
7581
* g10.c (main): the default keyring is no always used unless
7582
--no-default-keyring is given.
7583
7584
* ringedit.c (add_keyblock_resource): invalidate cache after file
7585
creation.
7586
7587
2001-03-15 Werner Koch <wk@gnupg.org>
7588
7589
* keygen.c (ask_algo): Changed the warning of the ElGamal S+E Algo.
7590
7591
* keylist.c (print_capabilities): New.
7592
(list_keyblock_colon): and use it here.
7593
7594
2001-03-13 Werner Koch <wk@gnupg.org>
7595
7596
* main.c, options.h: New option --fixed_list_mode.
7597
* keylist.c (list_keyblock_colon): use it here.
7598
7599
* getkey.c (merge_keys_and_selfsig): Divert merging of public keys
7600
to the function used in key selection..
7601
* keylist.c (is_uid_valid): Removed.
7602
(list_keyblock): Splitted into ..
7603
(list_keyblock_print, list_keyblock_colon): .. these.
7604
functions. Changed them to use the flags set in the key lookup code.
7605
(reorder_keyblock): New, so that primary user IDs are listed first.
7606
7607
* ringedit.c (keyring_copy): flush the new iobuf chaces before
7608
rename or remove operations. This is mainly needed for W32.
7609
7610
* hkp.c [HAVE_DOSISH_SYSTEM]: Removed the disabled code because we
7611
have now W32 socket support in ../util/http.c
7612
7613
* skclist.c (key_present_in_sk_list): New.
7614
(is_duplicated_entry): New.
7615
(build_sk_list): Check for duplicates and do that before unlocking.
7616
7617
2001-03-12 Werner Koch <wk@gnupg.org>
7618
7619
* armor.c (parse_header_line): Removed double empty line check.
7620
(parse_header_line): Replaced trim_trailing_ws with a counting
7621
function so that we can adjust for the next read.
7622
7623
* options.skel: Fixed 3 typos. By Thomas Klausner. Replaced the
7624
keyserver example by a better working server.
7625
7626
* parse-packet.c (parse_symkeyenc): Return Invalid_Packet on error.
7627
(parse_pubkeyenc): Ditto.
7628
(parse_onepass_sig): Ditto.
7629
(parse_plaintext): Ditto.
7630
(parse_encrypted): Ditto.
7631
(parse_signature): Return error at other places too.
7632
(parse_key): Ditto.
7633
* g10.c (main): Set opt.list_packets to another value when invoked
7634
with the --list-packets command.
7635
* mainproc.c (do_proc_packets): Don's stop processing when running
7636
under --list-packets command.
7637
7638
* signal.c (do_sigaction): Removed.
7639
(init_one_signal): New to replace the above. Needed to support
7640
systems without sigactions. Suggested by Dave Dykstra.
7641
(got_fatal_signal,init_signals): Use the above here.
7642
(do_block): Use sigset() if sigprocmask() is not available.
7643
7644
* armor.c (parse_hash_header): Test on TIGER192, which is the
7645
correct value as per rfc2440. By Edwin Woudt.
7646
7647
2001-03-08 Werner Koch <wk@gnupg.org>
7648
7649
* misc.c: Include time.h. By James Troup.
7650
7651
* getkey.c: Re-enabled the unknown user Id and PK caches and
7652
increased their sizes.
7653
7654
* getkey.c (merge_selfsigs_main): Set expire date and continue
7655
processing even if we found a revoked key.
7656
(merge_selfsigs_subkeys): Ditto.
7657
7658
* packet.h: Add an is_revoked flag to the user_id packet.
7659
* getkey.c (fixup_uidnode): Set that flag here.
7660
(merge_selfsigs_main): Fix so that the latest signature is used to
7661
find the self-signature for an UID.
7662
* parse-packet.c (parse_user_id): Zero out all fields.
7663
* mainproc.c (check_sig_and_print): Print the primary user ID
7664
according the the node flag and then all other non-revoked user IDs.
7665
(is_uid_revoked): Removed; it is now handled by the key selection code.
7666
7667
Changed the year list of all copyright notices.
7668
7669
2001-03-07 Werner Koch <wk@gnupg.org>
7670
7671
* getkey.c (finish_lookup): Print an info message only in verbose mode.
7672
7673
2001-03-05 Werner Koch <wk@gnupg.org>
7674
7675
* packet.h: Replaced sigsubpkt_t value 101 by PRIV_VERIFY_CACHE.
7676
We have never used the old value, so we can do this without any harm.
7677
* parse-packet.c (dump_sig_subpkt): Ditto.
7678
(parse_one_sig_subpkt): Parse that new sub packet.
7679
* build-packet.c (build_sig_subpkt): Removed the old one from the
7680
hashed area.
7681
(delete_sig_subpkt): New.
7682
(build_sig_subpkt): Allow an update of that new subpkt.
7683
* sig-check.c (check_key_signature2): Add verification caching
7684
(cache_selfsig_result): New.
7685
* export.c (do_export_stream): Delete that sig subpkt before exporting.
7686
* import.c (remove_bad_stuff): New.
7687
(import): Apply that function to all imported data
7688
7689
2001-03-03 Werner Koch <wk@gnupg.org>
7690
7691
* getkey.c: Introduced a new lookup context flag "exact" and used
7692
it in all place where we once used primary.
7693
(classify_user_id2): Replaced the old function and add an extra
7694
argument to return whether an exact keyID has been requested.
7695
(key_byname): Removed the unused ctx.primary flag
7696
(get_seckey_byname2): Ditto.
7697
(finish_lookup): Changed debugging output.
7698
7699
2001-03-02 Werner Koch <wk@gnupg.org>
7700
7701
* keylist.c (list_one): Remove the merge key calls.
7702
7703
2001-03-01 Werner Koch <wk@gnupg.org>
7704
7705
* getkey.c (finish_lookup): Don't use it if we no specific usage
7706
has been requested.
7707
(merge_selfsigs_main): fix UID only if we have an signature.
7708
(lookup): Return UNU_PUBKEY etc. instead of NO_PUBKEY if we found
7709
a key but the requested usage does not allow this key.
7710
* import.c (import_one): Take UNU_PUBKEY into account.
7711
* mainproc.c (list_node): Ditto.
7712
* keylist.c (list_keyblock): Ditto.
7713
* keyedit.c (print_and_check_one_sig): Ditto.
7714
7715
2001-02-09 Werner Koch <wk@gnupg.org>
7716
7717
* delkey.c (delete_key): Removed that silly assert which rendered
7718
the whole new stuff meaningless.
7719
7720
2001-02-08 Werner Koch <wk@gnupg.org>
7721
7722
* getkey.c (key_byname): It can happen that we have both, sk and pk
7723
NULL, fix for that.
7724
7725
* parse-packet.c (parse_one_sig_subpkt): Add support for
7726
primary_uid and key_flags.
7727
(can_handle_critical): Ditto
7728
7729
* parse-packet.c (parse_encrypted): Fixed listing of pktlen for
7730
MDC packets.
7731
7732
* getkey.c: Backported the version of this file from gpg 1.1. this
7733
involved some changes in other files too.
7734
* parse-packet.c (parse_key): Clear req_usage.
7735
* skclist.c (build_sk_list): Use req_usage to pass the usage
7736
information to the lookup function.
7737
* pkclist.c (build_pk_list): Ditto.
7738
* free-packet.c (copy_public_parts_to_secret_key): New.
7739
* keydb.h: Add IS_* macros to check the sig_class.
7740
* misc.c (openpgp_cipher_test_algo): New.
7741
(openpgp_pk_test_algo): New.
7742
(openpgp_pk_algo_usage): New.
7743
(openpgp_md_test_algo): New.
7744
* packet.h: Add a few fields to PKT_{public,secret}_key and
7745
PKT_user_id.
7746
* seckey-cert.c (do_check): Use the new main_keyid field.
7747
7748
2001-02-04 Werner Koch <wk@gnupg.org>
7749
7750
* encr-data.c (decrypt_data): Catch error when we had problems to
7751
parse the encrypted packet. By Timo.
7752
7753
2001-01-29 Werner Koch <wk@gnupg.org>
7754
7755
* g10.c (main): --batch does now set nogreeting.
7756
7757
* delkey.c (do_delete_key): Fixed delete-both functionality.
7758
7759
2001-01-22 Werner Koch <wk@gnupg.org>
7760
7761
* g10.c: New command --delete-secret-and-public-key.
7762
* delkey.c (delete_key): Add new arg allow_both.
7763
(do_delete_key): Move most stuff from above to this new function.
7764
7765
2001-01-12 Werner Koch <wk@gnupg.org>
7766
7767
* passphrase.c (passphrase_to_dek): Use MD5 when IDEA is installed
7768
and we have no S2K.
7769
* mainproc.c (proc_encrypted): Likewise
7770
7771
2001-01-11 Werner Koch <wk@gnupg.org>
7772
7773
* sig-check.c (do_check): Print the signature key expire message
7774
only in verbose mode and added the keyID.
7775
7776
2001-01-09 Werner Koch <wk@gnupg.org>
7777
7778
* status.c, status.h: New status USERID_HINT.
7779
(write_status_text): Replace LF and CR int text by C-escape sequence.
7780
7781
* passphrase.c (passphrase_to_dek): Fixed the NEED_PASSPHRASE
7782
output. It does now always print 2 keyIDs. Emit the new
7783
USERID_HINT.
7784
7785
2001-01-08 Werner Koch <wk@gnupg.org>
7786
7787
* g10.c, options.h: New option --no-expensive-trust-checks.
7788
* keylist.c (list_keyblock): Act on this option.
7789
7790
2001-01-04 Werner Koch <wk@gnupg.org>
7791
7792
* g10.c (main): Set homedir only in the pre-parsing phase and
7793
replace backslashes in the W32 version.
7794
7795
2001-01-03 Werner Koch <wk@gnupg.org>
7796
7797
* status.c, status.h : New status KEY_CREATED
7798
* keygen.c (do_generate_keypair,generate_subkeypair): Emit it.
7799
7800
2000-12-28 Werner Koch <wk@gnupg.org>
7801
7802
* signal.c (got_fatal_signal): Remove lockfiles here because the
7803
atexit stuff does not work due to the use of raise. Suggested by
7804
Peter Fales.
7805
* gpgv.c (remove_lockfiles): New stub.
7806
7807
2000-12-19 Werner Koch <wk@gnupg.org>
7808
7809
* status.c, status.h (cpr_get_no_help): New.
7810
* keyedit.c (keyedit_menu): Use it here because we have our own
7811
help list here.
7812
7813
2000-12-18 Werner Koch <wk@gnupg.org>
7814
7815
* mainproc.c (print_failed_pkenc): Don't print the sometimes
7816
confusing message about unavailabe secret key. Renamed ...
7817
(print_pkenc_list): ... to this and introduced failed arg.
7818
(proc_encrypted): Print the failed encryption keys and then
7819
the one to be used.
7820
(proc_pubkey_enc): Store also the key we are going to use.
7821
7822
* mainproc.c (check_sig_and_print): Don't list revoked user IDs.
7823
(is_uid_revoked): New.
7824
7825
2000-12-08 Werner Koch <wk@gnupg.org>
7826
7827
* pipemode.c: Made the command work. Currently only for
7828
non-armored detached signatures.
7829
* mainproc.c (release_list): Reset the new pipemode vars.
7830
(add_gpg_control): Handle the control packets for pipemode
7831
* status.c, status.h: New stati {BEGIN,END}_STREAM.
7832
7833
2000-12-07 Werner Koch <wk@gnupg.org>
7834
7835
* g10.c: New option --allow-secret-key-import.
7836
* import.c (import_keys,import_keys_stream): Honor this option.
7837
(import): New arg allow_secret and pass that arg down to ...
7838
(import_secret_one): to this and print a warning if secret key
7839
importing is not allowed.
7840
7841
2000-12-05 Werner Koch <wk@gnupg.org>
7842
7843
* cipher.c (cipher_filter): Moved the end_encryption status ...
7844
* encode.c (encode_simple,encode_crypt): to here
7845
* sign.c (sign_file): and here.
7846
7847
* status.c (mywrite): Removed.
7848
(get_status_string): Removed the LFs from the strings.
7849
(set_status_fd,is_status_enabed,write_status_text,
7850
write_status_buffer): Replaced all mywrite by stdio calls and use
7851
fdopen to create a strem. This is needed to make things smoother
7852
in the W32 version.
7853
7854
2000-12-04 Werner Koch <wk@gnupg.org>
7855
7856
* import.c (merge_blocks): Increment n_sigs for revocations.
7857
7858
2000-11-30 Werner Koch <wk@gnupg.org>
7859
7860
* g10.c (main): Use iobuf_translate_file_handle for all options
7861
with filehandles as arguments. This is function does some magic
7862
for the W32 API.
7863
7864
* verify.c (verify_signatures): Add a comment rant about the
7865
detached signature problem.
7866
* mainproc.c (proc_tree): Issue an error if a detached signature
7867
is assumed but a standard one was found.
7868
* plaintext.c (hash_datafiles): Don't fall back to read signature
7869
from stdin.
7870
* openfile.c (open_sigfile): Print verbose message only if the
7871
file could be accessed.
7872
7873
2000-11-24 Werner Koch <wk@gnupg.org>
7874
7875
* passphrase.c [HAVE_DOSISH_SYSTEM]: Disabled all the agent stuff.
7876
7877
2000-11-16 Werner Koch <wk@gnupg.org>
7878
7879
* g10.c: New option --use-agent
7880
* passphrase.c (agent_open,agent_close): New.
7881
(agent_get_passphrase,agent_clear_passphrase): New.
7882
(passphrase_clear_cache): New.
7883
(passphrase_to_dek): Use the agent here.
7884
* seckey-cert.c (do_check): Clear cached passphrases.
7885
7886
2000-11-15 Werner Koch <wk@gnupg.org>
7887
7888
* status.c (write_status_text): Moved the big switch to ...
7889
(get_status_string): ... new function.
7890
(write_status_buffer): New.
7891
7892
* status.c (mywrite): New and replaced all write() by this.
7893
7894
* status.c, status.h: Add 3 status lcodes for notaions and policy.
7895
* mainproc.c (print_notation_data): Do status output of notations.
7896
7897
2000-11-13 Werner Koch <wk@gnupg.org>
7898
7899
* sign.c (clearsign_file): Use LF macro to print linefeed.
7900
7901
2000-11-11 Paul Eggert <eggert@twinsun.com>
7902
7903
Clean up the places in the code that incorrectly use "long" or
7904
"unsigned long" for file offsets. The correct type to use is
7905
"off_t". The difference is important on large-file hosts,
7906
where "off_t" is longer than "long".
7907
7908
* keydb.h (struct keyblock_pos_struct.offset):
7909
Use off_t, not ulong, for file offsets.
7910
* packet.h (dbg_search_packet, dbg_copy_some_packets,
7911
search_packet, copy_some_packets): Likewise.
7912
* parse-packet.c (parse, dbg_search_packet, search_packet,
7913
dbg_copy_some_packets, copy_some_packets): Likewise.
7914
* ringedit.c (keyring_search): Likewise.
7915
7916
* parse-packet.c (parse): Do not use %lu to report file
7917
offsets in error diagnostics; it's not portable.
7918
* ringedit.c (keyring_search): Likewise.
7919
7920
2000-11-09 Werner Koch <wk@gnupg.org>
7921
7922
* g10.c (main): New option --enable-special-filenames.
7923
7924
2000-11-07 Werner Koch <wk@gnupg.org>
7925
7926
* g10.c (main): New command --pipemode.
7927
* pipemode.c: New.
7928
7929
2000-10-23 Werner Koch <wk@gnupg.org>
7930
7931
* armor.c (armor_filter): Changed output of hdrlines, so that a CR
7932
is emitted for DOS systems.
7933
7934
* keygen.c (read_parameter_file): Add a cast for isspace().
7935
7936
* status.c (myread): Use SIGINT instead of SIGHUP for DOS.
7937
7938
2000-10-19 Werner Koch <wk@gnupg.org>
7939
7940
* g10.c: New option --ignore-crc-error
7941
* armor.c (invalid_crc): New.
7942
(radix64_read): Act on new option.
7943
7944
* openfile.c (try_make_homedir): Klaus Singvogel fixed a stupid
7945
error introduced on Sep 6th.
7946
7947
2000-10-18 Werner Koch <wk@gnupg.org>
7948
7949
* misc.c (print_cipher_algo_note): Don't print the note for AES.
7950
Changed wording.
7951
7952
2000-10-16 Werner Koch <wk@gnupg.org>
7953
7954
* mainproc.c (do_proc_packets): Hack to fix the problem that
7955
signatures are not detected when there is a MDC packet but no
7956
compression packet.
7957
7958
* g10.c (print_hashline): New.
7959
(print_mds): Use above func with --with-colons.
7960
7961
* mainproc.c (check_sig_and_print): Detect multiple signatures
7962
and don't verify them.
7963
7964
2000-10-14 Werner Koch <wk@gnupg.org>
7965
7966
* mainproc.c (add_onepass_sig): There is an easier solution to the
7967
error fixed yesterday; just check that we only have onepass
7968
packets. However, the other solution provides an cleaner
7969
interface and opens the path to get access to other information
7970
from the armore headers.
7971
(release_list): Reset some more variables.
7972
7973
2000-10-13 Werner Koch <wk@gnupg.org>
7974
7975
* mainproc.c (add_gpg_control): New.
7976
(do_proc_packets): use it.
7977
(proc_plaintext): Changed logic to detect clearsigns.
7978
(proc_tree): Check the cleartext sig with some new code.
7979
7980
* packet.h: New packet PKT_GPG_CONTROL.
7981
* parse-packet.c (parse_gpg_control): New.
7982
* misc.c (get_session_marker): New.
7983
* armor.c (armor_filter): Replaced the faked 1-pass packet by the
7984
new control packet.
7985
7986
* keyedit.c (keyedit_menu): Allow batchmode with a command_fd.
7987
* status.c (my_read): New.
7988
(do_get_from_fd): use it.
7989
7990
2000-10-12 Werner Koch <wk@gnupg.org>
7991
7992
* keygen.c (keygen_add_std_prefs): Add Rijndael to the prefs.
7993
7994
2000-10-07 Werner Koch <wk@gnupg.org>
7995
7996
* gpgv.c: Add more stubs for ununsed code to make the binary smaller.
7997
7998
Wed Oct 4 15:50:18 CEST 2000 Werner Koch <wk@openit.de>
7999
8000
* sign.c (hash_for): New arg to take packet version in account, changed
8001
call callers.
8002
8003
* gpgv.c: New.
8004
* Makefile.am: Rearranged source files so that gpgv can be build with
8005
at least files as possible.
8006
8007
Mon Sep 18 12:13:52 CEST 2000 Werner Koch <wk@openit.de>
8008
8009
* hkp.c (not_implemented): Print a notice for W32
8010
8011
Fri Sep 15 18:40:36 CEST 2000 Werner Koch <wk@openit.de>
8012
8013
* keygen.c (keygen_add_std_prefs): Changed order of preferences to
8014
twofish, cast5, blowfish.
8015
8016
* pkclist.c (algo_available): Removed hack to disable Twofish.
8017
8018
Thu Sep 14 17:45:11 CEST 2000 Werner Koch <wk@openit.de>
8019
8020
* parse-packet.c (dump_sig_subpkt): Dump key flags. Print special
8021
warning in case of faked ARRs.
8022
8023
* getkey.c (finsih_lookup): Hack so that for v4 RSA keys the subkey
8024
is used for encryption.
8025
8026
Thu Sep 14 14:20:38 CEST 2000 Werner Koch <wk@openit.de>
8027
8028
* g10.c (main): Default S2K algorithms are now SHA1 and CAST5 - this
8029
should solve a lot of compatibility problems with other OpenPGP
8030
apps because those algorithms are SHOULD and not optional. The old
8031
way to force it was by using the --openpgp option whith the drawback
8032
that this would disable a couple of workarounds for PGP.
8033
8034
* g10.c (main): Don't set --quite along with --no-tty. By Frank Tobin.
8035
8036
* misc.c (disable_core_dump): Don't display a warning here but a return
8037
a status value and ...
8038
* g10.c (main): ...print warnining here. Suggested by Sam Roberts.
8039
8040
Wed Sep 13 18:12:34 CEST 2000 Werner Koch <wk@openit.de>
8041
8042
* keyedit.c (keyedit_menu): Allow to use "debug" on the secret key.
8043
8044
* ringedit.c (cmp_seckey): Fix for v4 RSA keys.
8045
* seckey-cert.c (do_check): Workaround for PGP 7 bug.
8046
8047
Wed Sep 6 17:55:47 CEST 2000 Werner Koch <wk@openit.de>
8048
8049
* misc.c (print_pubkey_algo_note): Do not print the RSA notice.
8050
* sig-check.c (do_signature_check): Do not emit the RSA status message.
8051
* pubkey-enc.c (get_session_key): Ditto.
8052
8053
* encode.c (encode_simple, encode_crypt): Fix for large files.
8054
* sign.c (sign_file): Ditto.
8055
8056
Wed Sep 6 14:59:09 CEST 2000 Werner Koch <wk@openit.de>
8057
8058
* passphrase.c (hash_passphrase): Removed funny assert. Reported by
8059
David Mathog.
8060
8061
* openfile.c (try_make_homedir): Changes for non-Posix systems.
8062
* g10.c (main): Take the default homedir from macro.
8063
8064
* g10.c: The --trusted-key option is back.
8065
* trustdb.c (verify_own_key): Handle this option.
8066
(add_ultimate_key): Moved stuff from verify_own_key to this new func.
8067
(register_trusted_key): New.
8068
8069
Fri Aug 25 16:05:38 CEST 2000 Werner Koch <wk@openit.de>
8070
8071
* parse-packet.c (dump_sig_subpkt): Print info about the ARR.
8072
8073
* openfile.c (overwrite_filep): Always return okay if the file is
8074
called /dev/null.
8075
(make_outfile_name): Add ".sign" to the list of know extensions.
8076
(open_sigfile): Ditto.
8077
8078
Wed Aug 23 19:52:51 CEST 2000 Werner Koch <wk@openit.de>
8079
8080
* g10.c: New option --allow-freeform-uid. By Jeroen C. van Gelderen.
8081
* keygen.c (ask_user_id): Implemented here.
8082
8083
Fri Aug 4 14:23:05 CEST 2000 Werner Koch <wk@openit.de>
8084
8085
* status.c (do_get_from_fd): Ooops, we used fd instead of opt.command_fd.
8086
Thanks to Michael Tokarev.
8087
8088
Tue Aug 1 20:06:23 CEST 2000 Werner Koch <wk@openit.de>
8089
8090
* g10.c: New opttion --try-all-secrets on suggestion from Matthias Urlichs.
8091
* pubkey-enc.c (get_session_key): Quite easy to implement here.
8092
8093
Thu Jul 27 17:33:04 CEST 2000 Werner Koch <wk@openit.de>
8094
8095
* g10.c: New option --merge-only. Suggested by Brendan O'Dea.
8096
* import.c (import_one): Implemented it here
8097
(import_secret_one): Ditto.
8098
(print_stats): and give some stats.
8099
8100
Thu Jul 27 12:01:00 CEST 2000 Werner Koch <wk@openit.de>
8101
8102
* g10.c: New options --show-session-key and --override-session-key
8103
* pubkey-enc.c (hextobyte): New.
8104
(get_override_session_key): New.
8105
* mainproc.c (proc_pubkey_enc): Add session-key stuff.
8106
* status.h, status.c (STATUS_SESSION_KEY): New.
8107
8108
Thu Jul 27 10:02:38 CEST 2000 Werner Koch <wk@openit.de>
8109
8110
* g10.c (main): Use setmode(O_BINARY) for MSDOS while generating random bytes
8111
(print_mds): Likewise for stdin.
8112
* plaintext.c (handle_plaintext): Likewise for stdout.
8113
8114
Mon Jul 24 10:30:17 CEST 2000 Werner Koch <wk@openit.de>
8115
8116
* keyedit.c (menu_expire): expire date for primary key can be set again.
8117
8118
Wed Jul 19 11:26:43 CEST 2000 Werner Koch <wk@openit.de>
8119
8120
* keylist.c (is_uid_valid): New.
8121
(list_keyblock): Print validity information for all user IDs. Note, this
8122
has to be done at other places too; for now we have only minimal support.
8123
8124
Wed Jul 12 13:32:06 CEST 2000 Werner Koch <wk@openit.de>
8125
8126
* helptext.c, pkclist.c: s/superseeded/superseded/
8127
8128
Mon Jul 10 16:08:57 CEST 2000 Werner Koch <wk@openit.de>
8129
8130
* parse-packet.c (enum_sig_subpkt): Fixed testing on crtitical bit in case
8131
of a NULL buffer. Reported by Peter Marschall.
8132
8133
Wed Jul 5 13:28:45 CEST 2000 Werner Koch <wk@openit.de>
8134
8135
* keyedit.c, keyid.c: Add some _()
8136
8137
* argparse.c: Changed the flag to suppress --version handling to also
8138
suppress --help.
8139
8140
Wed Jun 28 11:54:44 CEST 2000 Werner Koch <wk@openit.de>
8141
8142
* armor.c (armor_filter): Set sigclass to 0 in case of non-dash-escaped
8143
clearsig. This makes this mode work again.
8144
8145
* mainproc.c (proc_tree): Fixed handling of one-pass-sig packets in textmode.
8146
Disabled the ugly workaround for PGP 5 - let's see whether thi breaks less
8147
cases. Found by Ted Cabeen.
8148
8149
* options.h (DBG_HASHING): New. All commented md_start_debug are now
8150
controlled by this debug option.
8151
8152
* sign.c (print_status_sig_created): New and called from 2 places.
8153
8154
* keygen.c (gen_rsa): New, but commented.
8155
(ask_algo): Commented support for RSA.
8156
8157
* seckey-cert.c (protect_secret_key): Started to fix the code for v4 RSA
8158
keys - it is not solved yet. However, we have time until, Sep 20th ;)
8159
8160
Wed Jun 14 12:27:09 CEST 2000 Werner Koch <wk@openit.de>
8161
8162
* status.c (init_shm_coprocessing): Changed the sequence of the get,attach
8163
to cope with the changes in newer Linux kernels. This bug has been found
8164
by <dmitri@advantrix.com> who also proposed this solution. Hopefully
8165
this does not break gpg on to many systems.
8166
8167
* cipher.c (write_header): Protect the IV with the MDC too.
8168
* encr-data.c (decrypt_data): Likewise.
8169
8170
Fri Jun 9 10:09:52 CEST 2000 Werner Koch <wk@openit.de>
8171
8172
* g10.c: New options --no-auto-key-retrieve
8173
* options.h (auto_key_retrieve): New.
8174
* mainproc.c (check_sig_and_print): Implemented that.
8175
8176
Wed Jun 7 19:19:09 CEST 2000 Werner Koch <wk@openit.de>
8177
8178
* sig-check.c (do_check): Use EMULATE_MDENCODE also on v4 packets.
8179
8180
Wed Jun 7 17:25:38 CEST 2000 Werner Koch <wk@openit.de>
8181
8182
* cipher.c (write_header): Use plain CFB mode for MDC encrypted packets.
8183
* encr-data.c (decrypt_data): Ditto.
8184
8185
Mon Jun 5 23:41:54 CEST 2000 Werner Koch <wk@openit.de>
8186
8187
* seskey.c (do_encode_md, encode_md_value): Add new arg v3compathack to work
8188
around a bug in old versions.
8189
* sig-check.c (do_check): use the aboved workaround when enabled.
8190
* g10.c: New option --emulate-md-decode-bug
8191
8192
Mon Jun 5 12:37:43 CEST 2000 Werner Koch <wk@openit.de>
8193
8194
* build-packet.c (do_mdc): New.
8195
(do_encrypted_mdc): Changed for the new proposal.
8196
* parse-packet.c (parse_mdc): New.
8197
(parse_encrypted): Fixed for the new proposal.
8198
* packet.h (PKT_MDC): New.
8199
* cipher.c (cipher_filter): Build the MDC packet here.
8200
* g10.c (main): Enable --force-mdc.
8201
* encr-data.c (mdc_decode_filter): Fixed for new MDC method
8202
8203
* options.h(rfc2440): New.
8204
* g10.c (main): Changed the selected values for --openpgp to not include
8205
optional algorithms.
8206
8207
Thu May 18 11:38:54 CEST 2000 Werner Koch <wk@openit.de>
8208
8209
* keyedit.c (keyedit_menu): Add a keyword arg to the prompt.
8210
8211
* status.c, status.h: Added 3 new status tokens.
8212
* status.c (do_get_from_fd): New.
8213
(cpr_enabled,cpr_get,cpr_get_hidden,cpr_kill_prompt,
8214
cpr_get_answer_is_yes,cpr_get_answer_yes_no_quit): Modified to work
8215
with the new function.
8216
* g10.c: Add new option --command-fd.
8217
8218
* status.c (progress_cb): New.
8219
(set_status_fd): Register progress functions
8220
8221
Fri May 12 14:01:20 CEST 2000 Werner Koch <wk@openit.de>
8222
8223
* delkey.c (delete_key): Add 2 new status messages
8224
* status.c, status.h (STATUS_DELETE_PROBLEM): New.
8225
8226
Fixed years of copyright in all source files.
8227
8228
Mon May 1 17:08:14 CEST 2000 Werner Koch <wk@openit.de>
8229
8230
* trustdb.c (propagate_validity): Fixed the bug that only one uid
8231
gets fully trusted even when all are signed by an ultimate key.
8232
8233
Mon May 1 15:38:04 CEST 2000 Werner Koch <wk@openit.de>
8234
8235
* getkey.c (key_byname): Always returned a defined context. Fixed
8236
a segv for invalid user id specifications. Reported by Walter Koch.
8237
8238
* getkey.c (get_user_id): I18ned "no user id" string. By Walter.
8239
8240
* pkclist.c (do_show_revocation_reason): Typo fixes.
8241
* helptext.c: Ditto.
8242
8243
* armor.c (armor_filter): Fixed some CRLF issues. By Mike McEwan.
8244
8245
Fri Apr 14 19:37:08 CEST 2000 Werner Koch <wk@openit.de>
8246
8247
* pkclist.c (do_show_revocation_reason): New.
8248
(show_revocation_reason): New and called at various places.
8249
8250
* g10.c (main): Fixed small typo.
8251
8252
* pkclist.c (do_we_trust): Act on always_trust but not for revoked
8253
keys. Suggested by Chip Salzenberg.
8254
8255
* g10.c: New option --lock-never.
8256
8257
* ringedit.c (get_writable_keyblock_file): New.
8258
* keygen.c (do_generate_keypair): Use this instead of the hardwired one.
8259
8260
* keygen.c (ask_user_id): Check that the email address is in the
8261
correct field. Suggested by Christian Kurz.
8262
8263
Mon Apr 10 13:34:19 CEST 2000 Werner Koch <wk@openit.de>
8264
8265
* keyedit.c (show_key_with_all_names): s/sbb/ssb/
8266
8267
Tue Mar 28 14:26:58 CEST 2000 Werner Koch <wk@openit.de>
8268
8269
* trustdb.c (verify_own_keys): Do not print warning about unprotected
8270
key when in quiet mode.
8271
8272
Wed Mar 22 13:50:24 CET 2000 Werner Koch <wk@openit.de>
8273
8274
* mainproc.c (print_userid): Do UTF8 conversion before printing.
8275
* import.c (import_one): Ditto.
8276
(import_secret_one): Ditto.
8277
(delete_inv_parts): Ditto.
8278
8279
Thu Mar 16 16:20:23 CET 2000 Werner Koch <wk@openit.de>
8280
8281
* keylist.c (print_key_data): Handle a NULL pk gracefully.
8282
8283
* getkey.c (merge_one_pk_and_selfsig): Fixed silly code for
8284
getting the primary keys keyID but kept using the one from the
8285
subkey.
8286
* pubkey-enc.c (get_it): Print a note for expired subkeys.
8287
8288
* getkey.c (has_expired): New.
8289
(subkeys_expiretime): New.
8290
(finish_lookup): Check for expired subkeys needed for encryption.
8291
(merge_keys_and_selfsig): Fixed expiration date merging for subkeys.
8292
8293
* keylist.c (list_keyblock): Print expiration time for "sub".
8294
(list_one): Add missing merging for public keys.
8295
* mainproc.c (list_node): Ditto.
8296
8297
2000-03-14 13:49:38 Werner Koch (wk@habibti.openit.de)
8298
8299
* keygen.c (keyedit_menu): Do not allow to use certain commands
8300
while the secret key is selected.
8301
8302
2000-03-09 12:53:09 Werner Koch (wk@habibti.openit.de)
8303
8304
* keygen.c (ask_expire_interval): Movede parsig to ...
8305
(parse_expire_string): ... this new function. And some new control
8306
commands.
8307
(proc_parameter_file): Add expire date parsing.
8308
(do_generate_keypair): Allow the use of specified output files.
8309
8310
2000-03-08 10:38:38 Werner Koch (wk@habibti.openit.de)
8311
8312
* keygen.c (ask_algo): Removed is_v4 return value and the commented
8313
code to create Elg keys in a v3 packet. Removed the rounding
8314
of key sizes here.
8315
(do_create): Likewise removed arg v4_packet.
8316
(gen_elg): Likewise removed arg version. Now rounding keysizes here.
8317
(gen_dsa): Rounding keysize now here.
8318
(release_parameter_list): New
8319
(get_parameter*): New.
8320
(proc_parameter_file): New.
8321
(read_parameter_file): New.
8322
(generate_keypair): Splitted. Now uses read_parameter_file when in
8323
batch mode. Additional argument to specify a parameter file.
8324
(do_generate_keypair): Main bulk of above fucntion and uses the
8325
parameter list.
8326
(do_create): Don't print long notice in batch mode.
8327
* g10.c (main): Allow batched key generation.
8328
8329
Thu Mar 2 15:37:46 CET 2000 Werner Koch <wk@gnupg.de>
8330
8331
* pubkey-enc.c (get_it): Print a note about unknown cipher algos.
8332
8333
* g10.c (opts): Add a note to the help listing about the man page
8334
and removed some options from the help listing.
8335
8336
* keyedit.c (print_and_check_one_sig): Use a new function to truncate
8337
the output of the user ID. Suggested by Jan-Benedict Glaw.
8338
8339
Wed Feb 23 10:07:57 CET 2000 Werner Koch <wk@gnupg.de>
8340
8341
* helptext.c: typo fix.
8342
8343
Thu Feb 17 13:39:32 CET 2000 Werner Koch <wk@gnupg.de>
8344
8345
* revoke.c: Removed a bunch of commented code.
8346
8347
* packet.h (SIGSUBPKT_REVOC_REASON): New.
8348
* build-packet.c (build_sig_subpkt): Support new sub packet.
8349
* parse-packet.c (parse_one_sig_subpkt): Ditto.
8350
(dump_sig_subpkt): Ditto.
8351
* revoke.c (ask_revocation_reason): New.
8352
(release_revocation_reason_info): New.
8353
(revocation_reason_build_cb): New.
8354
(gen_revoke): Ask for reason.
8355
* main.h (struct revocation_reason_info): Add declaration.
8356
* keyedit.c (menu_revsig): Add support for revocation reason.
8357
(menu_revkey): Ditto.
8358
(sign_uid_mk_attrib): Renamed to ...
8359
(sign_mk_attrib): ... this, made static and add support for reasons.
8360
8361
Tue Feb 15 08:48:13 CET 2000 Werner Koch <wk@gnupg.de>
8362
8363
* build-packet.c (build_packet): Fixed fixing of old comment packets.
8364
8365
* import.c (import_keys): Fixed importing from stdin when called with
8366
nnames set to zero as it normally happens.
8367
8368
Mon Feb 14 14:30:20 CET 2000 Werner Koch <wk@gnupg.de>
8369
8370
* sig-check.c (check_key_signature2): Add new arg r_expired.
8371
(do_signature_check): New arg to pass it down to ...
8372
(do_check): New arg r-expire which is set when the signature
8373
has expired.
8374
* trustdb.c (check_sig_record): Set SIGF_EXPIRED flag and set
8375
the expiretime to zero so that thi signature will not be checked
8376
anymore.
8377
8378
Fri Feb 11 17:44:40 CET 2000 Werner Koch <wk@gnupg.de>
8379
8380
* g10.c (g10_exit): Update the random seed_file.
8381
(main): Set the random seed file. New option --no-random-seed-file.
8382
8383
Thu Feb 10 17:39:44 CET 2000 Werner Koch <wk@gnupg.de>
8384
8385
* keyedit.c (menu_expire): Fixed segv due to unitialized sub_pk.
8386
By Rémi.
8387
8388
Thu Feb 10 11:39:41 CET 2000 Werner Koch <wk@gnupg.de>
8389
8390
* keylist.c (list_keyblock): Don't print warnings in the middle of
8391
regulat output lines. By Rémi.
8392
8393
* sig-check.c: Include options.h
8394
8395
Wed Feb 9 15:33:44 CET 2000 Werner Koch <wk@gnupg.de>
8396
8397
* gpg.c: New option --ignore-time-conflict
8398
* sig-check.c (do_check): Implemented this option.
8399
* trustdb.c (check_trust): Ditto.
8400
* sign.c (do_sign): Ditto.
8401
* keygen.c (generate_subkeypair): Ditto.
8402
8403
* encode.c (encode_simple): use iobuf_cancel after open failure.
8404
Reported by Huy Le.
8405
8406
Fri Jan 14 18:32:01 CET 2000 Werner Koch <wk@gnupg.de>
8407
8408
* packet.h (STRING2KEY): Changed mode from byte to int.
8409
* parse-packet.c (parse_key): Add the special GNU protection stuff
8410
* build-packet.c (so_secret_key): Ditto.
8411
* seckey-cert.c (do_check): Ditto.
8412
* keyedit.c (change_passphrase): Ditto.
8413
* export.c (export_secsubkeys): New.
8414
(do_export_stream): Hack to export the primary key using mode 1001.
8415
* g10.c: New command --export-secret-subkeys
8416
8417
Thu Jan 13 19:31:58 CET 2000 Werner Koch <wk@gnupg.de>
8418
8419
* armor.c (is_armored): Check for 1-pass-sig packets. Reported by
8420
David Hallinan <hallinan@rtd.com>.
8421
(armor_filter): Replaced one LF by the LF macro. Reported by
8422
Wolfgang Redtenbacher.
8423
8424
Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de>
8425
8426
* g10.c (main): Reset new global flag opt.pgp2_workarounds
8427
when --openpgp is used.
8428
* mainproc.c (proc_plaintext): Do the PGP2,5 workarounds only
8429
when the global flag is set.
8430
(proc_tree): Ditto.
8431
* textfilter.c (copy_clearsig_text): Ditto.
8432
* armor.c (armor_filter): Ditto.
8433
8434
* g10.c: New option --list-only
8435
* mainproc.c (proc_tree): Don't do it if opt.list_only is active.
8436
(proc_pubkey_enc): Implement option.
8437
8438
* status.h, status.c ({BEGIN,END}_{EN,DE}CRYPTION): New.
8439
* cipher.c (cipher_filter): New status outputs.
8440
* mainproc.c (proc_encrypted): New status outputs.
8441
8442
Fri Dec 31 14:08:15 CET 1999 Werner Koch <wk@gnupg.de>
8443
8444
* armor.c (armor_filter): Made the "Comment:" header translatable.
8445
8446
* hkp.c (hkp_import): Make sure that the program does not return
8447
success when there is a connection problem. Reported by Phillip Jones.
8448
8449
Sun Dec 19 15:22:26 CET 1999 Werner Koch <wk@gnupg.de>
8450
8451
* armor.c (LF): Use this new macro at all places where a line LF
8452
is needed. This way DOSish textfiles should be created when the
8453
input data is also in dos mode.
8454
* sign.c (LF): Ditto.
8455
* textfilter.c (LF): Ditto.
8456
(copy_clearsig_text): Disabled the forcing of CR,LF sequences
8457
for DOS systems.
8458
8459
* plaintext.c (handle_plaintext): Fixes for line endings on DOS.
8460
and react on a LF in cleartext.
8461
* armor.c (fake_packet): Restore the original line ending after
8462
removing trailing spaces.
8463
8464
* signal.c (got_fatal_signal): DOS fix.
8465
8466
Thu Dec 16 10:07:58 CET 1999 Werner Koch <wk@gnupg.de>
8467
8468
* mainproc.c (print_failed_pkenc): Fix for unknown algorithm.
8469
Found by fygrave@epr0.org.
8470
8471
Thu Dec 9 10:31:05 CET 1999 Werner Koch <wk@gnupg.de>
8472
8473
* hkp.c: i18n the strings.
8474
8475
Sat Dec 4 15:32:20 CET 1999 Werner Koch <wk@gnupg.de>
8476
8477
* trustdb.c (verify_key): Shortcut for ultimately trusted keys.
8478
8479
Sat Dec 4 12:30:28 CET 1999 Werner Koch <wk@gnupg.de>
8480
8481
* pkclist.c (build_pk_list): Validate the trust using the namehash
8482
if this one has been set by the key lookup.
8483
8484
* g10.c: Add --delete-secret-key to the help page.
8485
8486
* openfile.c (copy_options_file): Made static.
8487
(try_make_homedir): New.
8488
* ringedit.c (add_keyblock_resource): Use the try_make_hoemdir logic.
8489
* tdbio.c (tdbio_set_dbname): Likewise.
8490
8491
* keygen.c (generate_user_id): Use m_alloc_clear() here. We should
8492
better use an allocation function specific to the user_id packet.
8493
8494
* keygen.c (keygen_add_std_prefs): Changed symmetric preferences
8495
to include Blowfish again. This is due to it's better speed compared
8496
to CAST5.
8497
8498
* g10.c (strusage): Print the home directory.
8499
8500
* armor.c (armor_filter): Take action on the cancel control msg.
8501
* filter.h (armor_filter_context_t): Add cancel flag.
8502
8503
Mon Nov 29 21:52:11 CET 1999 Werner Koch <wk@gnupg.de>
8504
8505
* g10.c: New option --fast-list-mode ..
8506
* keylist.c (list_keyblock): .. and implemented.
8507
* mainproc.c (list_node): Ditto.
8508
8509
* import.c (mark_non_selfsigned_uids_valid): Fixed the case that there
8510
is a uid without any packet following.
8511
8512
Mon Nov 22 11:14:53 CET 1999 Werner Koch <wk@gnupg.de>
8513
8514
* mainproc.c (proc_plaintext): Never enable the hash processing
8515
when skip_verify is active.
8516
8517
* armor.c (parse_header_line): Stop parsing on a WS line too.
8518
Suggested by Aric Cyr.
8519
8520
* tdbdump.c (HEXTOBIN): Changed the name of the argument, so that
8521
traditional cpp don't mess up the macros. Suggested by Jos Backus.
8522
8523
* mainproc.c (list_node): Print the PK algo in the --with-colon mode.
8524
* keylist.c (list_keyblock): Ditto.
8525
8526
* signal.c (got_fatal_signal): Found the reason why exit(8) did not
8527
work - it is better to set the disposition back to default before
8528
raising the signal. Print the notice on stderr always.
8529
8530
Fri Nov 12 20:33:19 CET 1999 Werner Koch <wk@gnupg.de>
8531
8532
* g10.c (make_username): Swapped the logic.
8533
* keylist.c (public_key_list): Now takes a STRLIST as arg and moved
8534
the creation ot this list to the caller, so that he can copy with
8535
UTF-conversion of user IDs. Changed all callers.
8536
(secret_key_list): Likewise.
8537
8538
* getkey.c (get_user_id_string_native): New and ...
8539
* encode.c (write_pubkey_enc_from_list): ... use it here.
8540
8541
* pubring.asc: Updated.
8542
8543
* packet.h (PKT_PHOTO_ID): New.
8544
* parse-packet.c (parse_photo_id): New.
8545
* build-packet.c (do_user_id: Handle photo IDs.
8546
(build_packet): Change CTB for photo IDs
8547
* free-packet.c (free_user_id): Release memory used for photo IDs
8548
* sig-check.c (hash_uid_node): Handle photo IDs too.
8549
* trustdb.c (print_uid_from_keyblock): Hash photo ID.
8550
(make_uid_records): Ditto.
8551
* getkey.c (find_by_name): Ditto.
8552
* keyedit.c (show_prefs): Ditto.
8553
* keylist.c (list_keyblock): Ditto.
8554
8555
Thu Oct 28 16:08:20 CEST 1999 Werner Koch <wk@gnupg.de>
8556
8557
* keygen.c (ask_expire_interval): Print a warning for systems
8558
with a signed 32 time_t if the exiration time is beyoind 2038.
8559
8560
Fri Oct 8 20:40:50 CEST 1999 Werner Koch <wk@gnupg.de>
8561
8562
* ringedit.c (enum_keyblocks): The last fix way really stupid;
8563
reverted and set rt to Unknown.
8564
8565
Fri Oct 8 20:32:01 CEST 1999 Werner Koch <wk@gnupg.de>
8566
8567
* ringedit.c (enum_keyblocks): Zero the entire kbpos out on open.
8568
8569
* g10.c (oEntropyDLL): Removed option.
8570
(main): Made the warning on development versions more verbose.
8571
8572
* g10.c (oHonorHttpProxy): New option.
8573
* hkp.c (hkp_ask_import,hkp_export): Implement this option.
8574
* options.skel: Enable this option for new installations
8575
8576
Mon Oct 4 21:23:04 CEST 1999 Werner Koch <wk@gnupg.de>
8577
8578
* import.c (import_keys): Changed calling interface, adjusted caller.
8579
(import): Moved printing of stats out ...
8580
(print_stats): New. ... to here.
8581
(import_keys_stream): Call stats print here.
8582
(import_keys): Print stats as totals for all files.
8583
8584
* tdbio.h (DIRF_NEWKEYS): New
8585
* tdbio.c (tdbio_dump_record): Print the new flag.
8586
* trustdb.c (check_trust_record): New arg sigs_only. Adapted all
8587
callers.
8588
(do_update_trust_record): Removed recheck arg and add a new sigs_only
8589
do we can later improve on the performance. Changed all callers too.
8590
(check_trustdb): Evalutate the new flag and add a status output.
8591
Do a check when the dir record has not been checked.
8592
(build_cert_tree): Evaluate the new flag.
8593
(check_trust): Ditto. Do a trust_record check, when the dir record
8594
is not marked as checked.
8595
(mark_fresh_keys): New.
8596
(clear_lid_table): New.
8597
(sync_trustdb): New.
8598
* import.c (import_keys): Call sync_trustdb() after processing.
8599
(import_keys_stream): Ditto.
8600
* tdbdump.c (import_ownertrust): Ditto.
8601
8602
* import.c (import_revoke_cert): Notify the trust DB.
8603
(do_update_trust_record): Use |= to set the REVOKED bit and not &=;
8604
shame on me for this bad copy+paste introduced bug.
8605
(do_we_trust): Add trustmask to allow revoked key override to work.
8606
Chnaged are to allow return of a mofified trustlevel. Adapted the
8607
one caller.
8608
8609
* g10.c: New options --emulate-3des-s2k-bug
8610
* passphrase.c (hash_passphrase): Implemented above.
8611
8612
* mainproc.c (proc_tree): Check for standalone signatures.
8613
(do_check_sig): Print a notice for a standalone revocation
8614
(check_sig_and_print): Do not print an error for unchecked standalone
8615
revocations.
8616
8617
Tue Sep 28 20:54:37 CEST 1999 Werner Koch <wk@gnupg.de>
8618
8619
* encode.c (encode_simple): Use new CTB when we don't have the
8620
length of the file. This is somewhat strange as the comment above
8621
indicates that this part is actually fixed for PGP 5 - maybe I simply
8622
lost the source line, tsss.
8623
8624
* armor.c (armor_filter): Set a flag if no OpenPGP data has been found.
8625
* verify.c (verify_signatures): Add an error helptext.
8626
8627
Thu Sep 23 19:24:30 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8628
8629
* openfile.c (open_outfile): Fixed the 8dot3 handling.
8630
8631
* passphrase.c (passphrase_to_dek): Print uid using utf8 func.
8632
* delkey.c (delete_key): Ditto.
8633
* pkclist.c (show_paths,do_edit_ownertrust,do_we_trust): Ditto
8634
(do_we_trust_pre): Ditto.
8635
* trustdb.c (print_user_id,check_uidsigs): Ditto.
8636
* revoke.c (gen_revoke,ask_revoke_sig): Ditto.
8637
8638
Thu Sep 23 09:52:58 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8639
8640
* verify.c (print_file_status): New.
8641
(verify_one_file): Moved status print to th new fnc. Add error status.
8642
* status.c, status.h (STATUS_FILE_ERROR): New
8643
8644
Wed Sep 22 10:14:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8645
8646
* openfile.c (make_outfile_name): Use case-insenstive compare for
8647
DOS systems. Add ".pgp" to the list of know extensions.
8648
(open_outfile): For DOS systems try to replace the suffiy instead of
8649
appending it.
8650
8651
* status.c, status.h: Add STATUS_FILE_{START,DONE}.
8652
* verify.c (verify_one_file): Emit these new stati.
8653
8654
* sign.c (clearsign_file): Avoid duplicated Entries in the "Hash:"
8655
line. Those headers are now only _not_ printed when there are
8656
only old-style keys _and_ all hashs are MD5.
8657
8658
Mon Sep 20 12:24:41 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8659
8660
8661
* verify.c (verify_files, ferify_one_file): New.
8662
* g10.c: New command --verify-files
8663
8664
Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8665
8666
* g10.c: Add UK spelling as alias for armor options ;-)
8667
8668
* import.c (append_uid): Fixed a SEGV when there is no selfsig and
8669
no subkey.
8670
(merge_sigs): Ditto. Removed the assertion.
8671
8672
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8673
8674
* g10.c: New option --entropy-dll-name
8675
8676
Mon Sep 13 10:51:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8677
8678
* signal.c (got_fatal_signal): Print message using write(2) and
8679
only for development versions.
8680
8681
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8682
8683
* tdbio.c (tdbio_set_dbname): Use mkdir macro
8684
* ringedit.c (add_keyblock_resource): Ditto.
8685
8686
Fri Sep 3 10:04:45 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8687
8688
* pkclist.c (build_pk_list): Skip keys set with --encrypt-to also
8689
when asking for a key.
8690
8691
* plaintext.c (handle_plaintext): Make sure that we don't read a
8692
second EOF in the read loop for partial length packets.
8693
8694
* mainproc.c (check_sig_and_print): print user ID as utf-8.
8695
8696
Thu Sep 2 16:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8697
8698
* import.c (merge_blocks): First add new subkeys, then merge subkey
8699
certificates.
8700
(merge_sigs): Don't merge subkey signatures here.
8701
8702
Wed Sep 1 15:30:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8703
8704
* keygen.c (ask_expire_interval): Fixed bug related to cpr_xx (tnx
8705
Francis J. Lacoste).
8706
8707
Tue Aug 31 17:20:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8708
8709
* plaintext.c (do_hash): Hash CR,LF for a single CR.
8710
(ask_for_detached_datafile): Changed arguments to be closer to
8711
those of hash_datafiles and cleanup the code a bit.
8712
* mainproc.c (proc_tree): Workaround for pgp5 textmode detached
8713
signatures. Changed behavior of asking for data file to be the same
8714
as with provided data files.
8715
8716
* keylist.c (list_keyblock): Use UTF8 print functions.
8717
8718
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8719
8720
* import.c (chk_self_sigs): some s/log_error/log_info/ so that gpg
8721
does not return an error if a key has some invalid packets.
8722
8723
* helptext.c: Fixed some typos and changed the way the
8724
translation works. The english text is now the keyword for gettext
8725
and not anymore the keyword supplied to the function. Done after
8726
some discussion with Walter who thinks this is much easier for the
8727
translators.
8728
8729
* misc.c (disable_core_dumps): Don't do it for DOSish systems.
8730
8731
* signal.c (signal_name): Bounds check on signum.
8732
8733
Wed Aug 4 10:34:18 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8734
8735
* pubring.asc: Updated.
8736
8737
* pkclist.c (do_we_trust_pre,check_signatures_trust): Do not print
8738
the warning about --always_trust when --quiet is used.
8739
8740
* pkclist.c (fpr_info): New and called at several places.
8741
8742
* parse-packet.c (dump_sig_subpkt): List revocation key contents.
8743
8744
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8745
8746
* pkclist.c (build_pk_list): Fixed typo in format string.
8747
8748
* trustdb.c (create_shadow_dir): Don't translate the error string.
8749
8750
* g10.c (main): Fixed spelling of user-id.
8751
* getkey.c (find_by_name_pk,find_by_name_sk,
8752
find_by_keyid,find_by_keyid_sk): Ditto and translate it.
8753
* import.c (mark_non_selfsigned_uids_valid,delete_inv_parts): Ditto.
8754
8755
8756
Mon Jul 26 01:01:39 CEST 1999 Michael Roth <mroth@nessie.de>
8757
8758
* g10.c, options.h: New options --no-literal and --set-filesize
8759
8760
* encode.c (encode_simple, encode_crypt): Support for the options
8761
--no-literal and --set-filesize.
8762
8763
* sign.c (sign_file): ditto.
8764
8765
Fri Jul 23 13:53:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8766
8767
8768
* ringedit.c (enum_keyblocks): Removed annoying error message in cases
8769
when we have no keyring at all to enum.
8770
8771
* getkey.c (classify_user_id): Rewrote to relax the recognition of
8772
keyIDs and fingerprints (Michael).
8773
8774
* mainproc.c (check_sig_and_print): Print status NO_PUBKEY.
8775
(print_failed_pkenc): Print status NO_SECKEY.
8776
8777
* import.c (mark_non_selfsigned_uids_valid): New.
8778
* g10.c: New option --allow-non-selfsigned-uid.
8779
8780
* pkclist.c (print_fpr): New.
8781
(do_we_trust_pre): Print the fpr before asking whether to use the key
8782
anyway.
8783
(do_edit_ownertrust): Likewise.
8784
8785
Thu Jul 22 20:03:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8786
8787
8788
* ringedit.c (enum_keyblocks): Removed annoying error message in cases
8789
when we have no keyring at all to enum.
8790
8791
* getkey.c (classify_user_id): Rewrote to relax the recognition of
8792
keyIDs and fingerprints (Michael).
8793
8794
* mainproc.c (check_sig_and_print): Print status NO_PUBKEY.
8795
(print_failed_pkenc): Print status NO_SECKEY.
8796
8797
* import.c (mark_non_selfsigned_uids_valid): New.
8798
* g10.c: New option --allow-non-selfsigned-uid.
8799
8800
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8801
8802
* g10.c: New options --disable-{cipher,pubkey}-algo.
8803
8804
Wed Jul 14 19:42:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8805
8806
* status.h (STATUS_IMPORTED): New.
8807
* import.c (import): Print some status information (Holger Schurig).
8808
8809
* g10.c (main): Make --no-greeting work again. Add a warning when
8810
--force-mds is used.
8811
8812
Tue Jul 13 17:39:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8813
8814
* pkclist.c (do_edit_ownertrust): Changed the way help works.
8815
(build_pk_list): Implemented default recipient stuff.
8816
* g10.c: New options --default-recipient[-self]
8817
(main): Suppress greeting in most cases, entering a passphrase or
8818
a missing value is not considered to be interactive use.
8819
Merged --print-md and --print-mds; the latter is now obsolete.
8820
Changed the way --gen-random works and documented it.
8821
Changed the way --gen-prime works and add a man entry.
8822
* g10.c (MAINTAINER_OPTIONS): Removed.
8823
8824
Mon Jul 12 18:45:57 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8825
8826
* keyedit.c (keyedit_menu): Add arg sign_mode and changed callers
8827
* g10.c (main): New command --lsign-key.
8828
8829
Mon Jul 12 14:55:34 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8830
8831
* mainproc.c (kidlist_item): New.
8832
(release_list): Release failed pk-enc-list.
8833
(print_failed_pkenc): New
8834
(proc_encrypted): Print info about failed PK enc.
8835
8836
* openfile.c (make_outfile_name): s/error/info/
8837
8838
* passphrase.c (passphrase_to_dek): Return an empty passphrase when
8839
in batch mode and don't make the warning message fatal
8840
* seckey-cert.c (check_secret_key): Try only once when in batch mode.
8841
8842
* g10.c (make_username): New.
8843
8844
Thu Jul 8 16:21:27 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8845
8846
8847
* packet.h (PKT_ring_trust): New
8848
* parse-packet.c (parse_trust): Store trust value
8849
* build-packet (build_packet): Ignore ring trust packets.
8850
* mainproc.c (add_ring_trust): New.
8851
(list_node): Print "rtv" records.
8852
* g10.c: New option --with-fingerprint.
8853
8854
* trustdb.c (verify_own_keys): Don't insert if we are dry running
8855
(check_trust): Ditto.
8856
8857
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8858
8859
* Makefile.am: Support for libtool.
8860
8861
* keygen.c (ask_expire_interval): Hack to allow for an expire date.
8862
8863
* trustdb.c (do_update_trust_record,update_trust_record): Splitted.
8864
(check_trust_record): New.
8865
(check_trust,build_cert_tree): Check the dir record as needed.
8866
(upd_pref_record): Removed.
8867
(make_pref_record): New.
8868
(propagate_validity): Stop as soon as we have enough validity.
8869
8870
* tbdio.c (MAX_CACHE_ENTRIES_HARD): Increased the limit.
8871
8872
8873
Fri Jul 2 11:45:54 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8874
8875
* g10.c (g10_exit): Dump random stats.
8876
8877
* sig-check.c (check_key_signature,check_key_signature2): Enhanced
8878
version and wrapper for old function.
8879
(do_signature_check,signature_check): Ditto.
8880
8881
Thu Jul 1 12:47:31 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8882
8883
8884
* keyedit.c (show_key_with_all_names): Print a notice for disabled keys.
8885
(enable_disable_keys): Add functionality
8886
* pkclist.c (edit_ownertrust): preserve disabled state.
8887
(build_pk_list): Skip disabled keys.
8888
* trustdb.c (upd_one_ownertrust): Ditto.
8889
(build_cert_tree): Mask the ownertrust.
8890
(trust_letter): Mask the value.
8891
(do_check): Take disabled flag into account.
8892
8893
* passphrase.c (passphrase_to_dek): Add a pubkey_algo arg and changed
8894
all callers.
8895
8896
* g10.c (utf8_strings): 2 new options.
8897
8898
* trustdb.c (insert_trust_record_by_pk): New, replaces the next one.
8899
(insert_trust_record): Now takes a keyblock as arg. Changed all
8900
callers to use the appropritae function.
8901
8902
* openfile.c (ask_outfile_name): New.
8903
* plaintext.c (handle_plaintext): Ask for filename if there is
8904
no valid syntax. Don't use fname varbatim but filter it.
8905
8906
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8907
8908
8909
* trustdb.h (TRUST_FLAG_DISABLED): New.
8910
8911
* status.c (USE_CAPABILITIES): Capabilities support (Remi).
8912
8913
* tdbio.c : Added new fields to the DIR record.
8914
(tdbio_write_record): Fixed the update of the hash tables.
8915
(tdbio_delete_record): Drop the record from the hash tables.
8916
(drop_from_hashtbl): New.
8917
8918
* status.c (cpr_get): Special online help mode.
8919
* helptext.c ("keyedit.cmd"): Removed.
8920
* keyedit.c (keyedit_menu): Use only help system.
8921
(enable_disable_key): New bit doies not yet work.
8922
8923
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8924
8925
8926
* dearmor.c (enarmor_file): Fixed comment string.
8927
* tdbdump.c (export_ownertrust): Text fix.
8928
* tbio.c (tdbio_invalid): Ditto.
8929
8930
* parse-packet.c (parse_key): Made temp buffer larger.
8931
8932
* Makefile.am (install-data-local): Add missing backslashes
8933
8934
Tue Jun 15 12:21:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8935
8936
* g10.c (main): Made iterated+salted the default S2K method.
8937
8938
* Makefile.am (install-data-local): Use DESTDIR.
8939
8940
* passphrase.c (passphrase_to_dek): Emit missing-passphrase while in
8941
batchmode.
8942
8943
* parse-packet.c (parse_pubkeyenc): Fixed a SEGV.
8944
8945
Mon Jun 14 21:18:54 CEST 1999 Michael Roth <mroth@nessie.de>
8946
8947
* g10.c: New options --openpgp, --no-tty, --emit-version,
8948
--default-comment and --lock-multiple
8949
8950
Thu Jun 10 14:18:23 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8951
8952
* free-packet.c (free_encrypted): Fixed EOF case (Remi).
8953
(free_plaintext): Ditto.
8954
8955
* helptext.c (keyedit.delsig.unknown): New (Remi).
8956
* keyedit.c (print_and_check_one_sig): Add arg print_without_key and
8957
changed all callers to make use of it (Remi):
8958
8959
Tue Jun 8 13:36:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8960
8961
* keylist.c (print_key_data): New and called elsewhere.
8962
* g10.c: New option --with-key-data
8963
8964
Wed Jun 2 14:17:19 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8965
8966
* mainproc.c (proc_tree): Yet another bad hack to cope with
8967
broken pgp2 created detached messages in textmode.
8968
8969
Tue Jun 1 16:01:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8970
8971
* openfile.c (make_outfile_name): New.
8972
* plaintext.c (handle_plaintext): Outputfile is now the inputfile
8973
without the suffix.
8974
* g10.c: New option --use-embedded-filename
8975
8976
Mon May 31 19:41:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8977
8978
* g10.c (main): Fix for SHM init (Michael).
8979
8980
* compress.c, encr-data.c, mdfilter.c,
8981
plaintext.c, free-packet.c: Speed patches (Rémi).
8982
8983
Thu May 27 09:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8984
8985
* status.c (cpr_get_answer_yes_no_quit): New.
8986
* keyedit.c (menu_delsig): New.
8987
(check_all_keysigs): Splitted.
8988
(print_and_check_one_sig): New.
8989
8990
Wed May 26 14:36:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
8991
8992
* build-packet.c (build_sig_subpkt): Support large packets.
8993
* parse-packet.c (enum_sig_subpkt): Replaces parse_sig_subpkt.
8994
* mainproc.c (print_notation_data): Print all notation packets.
8995
* g10.c (add_notation_data): Add a way to specify the critical flag.
8996
(main): Add option --set-policy-url.
8997
(check_policy_url): Basic checks.
8998
* sign.c (mk_notation_and_policy): Replaces mk_notation.
8999
9000
* parse-packet.c (can_handle_critical): Moved decision whether we can
9001
handle critical subpacket to an extra function.
9002
9003
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9004
9005
* sign.c (sign_file): Always use compression algo 1 for signed
9006
onyl file becuase we can´ be sure the the verifier supports other
9007
algorithms.
9008
9009
* build-packet.c (build_sig_subpkt): Support for notation data.
9010
* sign.c (sign_file,clearsign_file,make_keysig_packet): Ditto.
9011
(mk_notation): New.
9012
* g10.c (add_notation_data): New and add option -N
9013
* mainproc.c (print_notation_data): New.
9014
(check_sig_and_print): Print any notation data of the signed text.
9015
9016
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9017
9018
* pkclist.c (check_signatures_trust): Print a warning and return
9019
immediateley if opt.always_trust is true.
9020
9021
* g10.c (main): Corrected handling of no-default-keyring
9022
9023
* pkclist.c (algo_available): Disable Twofish until we have settled
9024
how to do the MDC.
9025
9026
* hkp.c: Disable everything for mingw32
9027
9028
Sat May 22 22:47:26 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9029
9030
* mainproc.c (check_sig_and_print): Add sig creation time to the
9031
VALIDSIG status output. Add more info to the ERRSIG output.
9032
* sig-check.c (signature_check): Add sig time after epoch to SIG_ID.
9033
9034
* import.c (import_one): Merge duplicate user IDs.
9035
(collapse_uids): New.
9036
* kbnode.c (move_kbnode): New.
9037
(remove_kbnode): New.
9038
* keyedit.c (keyedit_menu): Call collapse_uids.
9039
9040
* g10.c: new option --logger-fd.
9041
9042
* import.c: s/log_*_f/log_*/
9043
9044
Thu May 20 14:04:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9045
9046
* misc.c (pull_in_libs): do the volatile only for gcc
9047
9048
* sig-check (signature_check): Emit SIG_iD only for classes 0 and 1.
9049
9050
* armor.c (armor_filter): Add detection of PGP2 created clearsigs.
9051
(fake_packet): A tab is not a WS for pgp2 - handle this.
9052
* textfilter.c (len_without_trailing_chars): New.
9053
(copy_clearsig_text): Add pgp2mode arg.
9054
* sign.c (clearsign_file): pass old_style to the above fnc.
9055
9056
9057
Wed May 19 16:04:30 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9058
9059
* g10.c: New option --interactive.
9060
9061
* mainproc.c (proc_plaintext): Add workaround for pgp2 bug
9062
(do_check_sig): Ditto.
9063
(proc_tree): Ditto.
9064
* plaintext.c (do_hash): Ditto.
9065
(hash_datafiles): Ditto, add an arg, changed all callers.
9066
* mdfilter.c (md_filter): Add support for the alternate hash context.
9067
9068
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9069
9070
* parse-packet.c (parse_encrypted): Support for PKT_ENCRYPTED_MDC.
9071
* build-packet.c (do_encrypted_mdc): Ditto.
9072
* cipher.c (write_header): Add mdc hashing.
9073
(cipher_filter): write out the hash.
9074
* mainproc.c (do_proc_packets): Add PKT_ENCRYPTED_MDC.
9075
* encr-data.c (decrypt_data): Add mdc hashing.
9076
(mdc_decode_filter): New.
9077
9078
* parse-packet.c (parse_sig_subpkt): Fixed stupid bug for subpkt
9079
length calculation
9080
(parse_signature): Fixed even more stupid bug.
9081
9082
Sat May 8 19:28:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9083
9084
* build-packet.c (do_signature): Removed MDC hack.
9085
* encode.c (encode_crypt_mdc): Removed.
9086
* mainproc.c (do_check_sig): Removed MDC hack.
9087
(check_sig_and_print): Ditto.
9088
* parse-packet.c (parse_signature): Ditto.
9089
* sig-check.c (mdc_kludge_check): Ditto.
9090
* free-packte.c (copy_signature, free_seckey_enc): Ditto.
9091
9092
* parse-packet.c (parse_signature,parse_key): Store data of
9093
unknown algorithms with mpi_set_opaque inseatd of the old
9094
faked data stuff.
9095
(read_rest): Removed.
9096
(read_rest2): Renamed to read_rest
9097
* build-packet.c (write_fake_data): Use mpi_get_opaque.
9098
* free-packet.c (cp_fake_data): Removed and cahnged all callers
9099
to use mpi_copy.
9100
(free_pubkey_enc,free_seckey_enc,release_public_key_parts,
9101
release_secret_key_parts): Use mpi_free for opaque data.
9102
9103
Thu May 6 14:18:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9104
9105
* trustdb.c (check_trust): Check for revoked subkeys.
9106
* pkclist.c (do_we_trust): Handled revoked subkeys.
9107
(do_we_trust_pre): Ditto.
9108
(check_signatures_trust): Ditto.
9109
9110
* build-packet.c (hash_public_key): Fix for ancient g10 keys.
9111
9112
* mainproc.c (do_proc_packets): Return EOF if no data has been read.
9113
* g10.c (main): Catch errors for default operation.
9114
9115
Thu Apr 29 12:29:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9116
9117
* sign.c (sign_file): Fixed hashing in case of no subpackets.
9118
(clearsign_file): Ditto.
9119
(make_keysig_packet): Ditto.
9120
9121
Wed Apr 28 13:03:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9122
9123
* keyedit.c (keyedit_menu): Add new command revkey.
9124
* (menu_revkey): New.
9125
9126
9127
Mon Apr 26 17:48:15 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9128
9129
* parse-packet.c (parse_signature): Add the MDC hack.
9130
* build-packet.c (do_signature): Ditto.
9131
* free-packet.c (free_seckey_enc,copy_signature,cmp_signatures): Ditto.
9132
* mainproc.c (do_check_sig): Ditto.
9133
* sig-check.c (mdc_kludge_check): New.
9134
* encode.c (encrypt_mdc_file): New.
9135
9136
* keyedit.c (check_all_keysigs): List revocations.
9137
* (menu_revsig): New.
9138
* sign (make_keysig_packet): Support for class 0x30.
9139
9140
Sun Apr 18 20:48:15 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9141
9142
* pkclist.c (select_algo_from_prefs): Fixed the case that one key
9143
has no preferences (Remi Guyomarch).
9144
9145
keylist.c (list_keyblock): ulti_hack to propagate trust to all uids.
9146
9147
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9148
9149
* seckey-cert.c (do_check): Use real IV instead of a 0 one, so that
9150
it works even if the length of the IV doesn't match the blocksize.
9151
Removed the save_iv stuff.
9152
(protect_secret_key): Likewise. Create the IV here.
9153
* packet.h (PKT_secret_key): Increased size of IV field and add a
9154
ivlen field.
9155
* parse-packet.c (parse_key): Use the len protect.ivlen.
9156
* build-packet.c (do_secret_key). Ditto.
9157
9158
* getkey.c (key_byname): Close keyblocks.
9159
9160
* Makefile.am (gpgm): Removed this
9161
* g10.c: Merged gpg and gpgm
9162
9163
* import.c (import): Utilize option quiet.
9164
* tdbio.c (tdbio_set_dbname): Ditto.
9165
* ringedit.c (add_keyblock_resource,keyring_copy): Ditto.
9166
9167
* keyedit.c (sign_uids): Add some batch support.
9168
9169
* g10.c (main): add call to tty_batchmode.
9170
9171
Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9172
9173
* status.c (write_status_text): Some more status codes.
9174
* passphrase_to_dek (passphrase_to_dek): add a status code.
9175
* seckey_cert.c (check_secret_key): Likewise.
9176
9177
* encr-data.c (decrypt_data): Reverse the last changes
9178
* cipher.c (write_header): Ditto.
9179
9180
* parse-packet.c (parse_key): Dropped kludge for ancient blowfish mode.
9181
9182
Thu Apr 8 09:35:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9183
9184
* mainproc.c (proc_encrypted): Add a new status output
9185
* passphrase.c (passphrase_to_dek): Ditto.
9186
* status.h status.c: Add new status tokens.
9187
9188
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9189
9190
* encr-data.c (decrypt_data): Fixes for 128 bit blocksize
9191
* cipher.c (write_header): Ditto.
9192
* seckey-cert.c (do_check): Ditto.
9193
(protect_secret_key). Ditto.
9194
* misc.c (print_cipher_algo_note): Twofish is now a standard algo.
9195
9196
* keygen.c (do_create): Fixed spelling (Gaël Quéri)
9197
(ask_keysize): Only allow keysizes up to 4096
9198
9199
* ringedit.c (add_keyblock_resource): chmod newly created secrings.
9200
9201
* import.c (delete_inv_parts): Fixed accidently deleted subkeys.
9202
9203
Tue Apr 6 19:58:12 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
9204
9205
* armor.c: Removed duped include (John Bley)
9206
* mainproc.c: Ditto.
9207
9208
* build-packet.c (hash_public_key): Fixed hashing of the header.
9209
9210
* import.c (delete_inv_parts): Allow import of own non-exportable sigs.
9211
9212
Sat Mar 20 13:59:47 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9213
9214
* armor.c (fake_packet): Fix for not not-dash-escaped
9215
9216
Sat Mar 20 11:44:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9217
9218
* g10.c (main): Added command --recv-keys
9219
* hkp.c (hkp_import): New.
9220
9221
Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9222
9223
* trustdb.c (check_trust): add new arg add_fnc and changed all callers.
9224
(do_check): Ditto.
9225
(verify_key): Ditto.
9226
(propagate_validity): Use the new add_fnc arg.
9227
(print_user_id): Add the FILE arg.
9228
(propagate_ownertrust): New.
9229
* pkclist.c (add_ownertrust_cb): New and changed the add_ownertrust
9230
logic.
9231
9232
* getkey.c (get_keyblock_bylid): New.
9233
* trustdb.c (print_uid_from_keyblock): New.
9234
(dump_tn_tree_with_colons): New.
9235
(list_trust_path): Add colon print mode.
9236
9237
* trustdb.c (insert_trust_record): Always use the primary key.
9238
9239
* encode.c (encode_simple): Added text_mode filter (Rémi Guyomarch)
9240
(encode_crypt): Ditto.
9241
9242
* mainproc.c (proc_pubkey_enc): Added status ENC_TO.
9243
* armor.c (armor_filter): Added status NODATA.
9244
* passphrase.c (passphrase_to_dek): Always print NEED_PASSPHRASE
9245
* seckey_cert.c (check_secret_key): Added BAD_PASS status.
9246
9247
* g10.c (main): Set g10_opt_homedir.
9248
9249
Sun Mar 14 19:34:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9250
9251
* keygen.c (do_create): Changed wording of the note (Hugh Daniel)
9252
9253
Thu Mar 11 16:39:46 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9254
9255
* tdbdump.c: New
9256
9257
* trustdb.c (walk_sigrecs,do_list_sigs,list_sigs,
9258
list_records,list_trustdb,export_ownertrust,import_ownertrust): Moved
9259
to tdbdump.c
9260
(init_trustdb): renamed to setup_trustdb. Changed all callers.
9261
(do_init_trustdb): renamed to init_trustdb().
9262
* trustdb.c (die_invalid_db): replaced by tdbio_invalid.
9263
* tdbio.c (tdbio_invalid): New.
9264
9265
* import.c (delete_inv_parts): Skip non exportable signatures.
9266
* keyedit.c (sign_uid_mk_attrib): New.
9267
(sign_uids): Add the local argument.
9268
(keyedit_menu): New "lsign" command.
9269
* trustdb.c (register_trusted_key): Removed this and all related stuff.
9270
* g10.c (oTrustedKey): Removed option.
9271
9272
* tdbio.h (dir.valcheck): New trustdb field.
9273
* tdbio.c: Add support for this field
9274
(tdbio_read_modify_stamp): New.
9275
(tdbio_write_modify_stamp): New.
9276
* trustdb.c (do_check): Check against this field. Removed cache update.
9277
(verify_key): Add cache update.
9278
(upd_uid_record): Some functional changes.
9279
(upd_cert_record): Ditto
9280
9281
Wed Mar 10 11:26:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9282
9283
* keylist.c (list_keyblock): Fixed segv in uid. Print 'u' as
9284
validity of sks.
9285
9286
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9287
9288
* getkey.c (classify_user_id): Add new mode 12 (#<lid>).
9289
9290
* seckey-cert.c (check_secret_key): replaced error by info.
9291
9292
* trustdb.c (query_trust_info): Add another arg, changed all callers.
9293
(check_trust): Ditto.
9294
(do_check): Ditto.
9295
(verify_key): Handle namehash.
9296
* keylist.c (list_keyblock): print trust info for user ids.
9297
9298
* sig-check.c (signature_check): Add sig-created to status output.
9299
9300
Tue Mar 2 16:44:57 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9301
9302
* textfilter.c (copy_clearsig_text): New.
9303
(clearsign): Removed.
9304
* sign.c (clearsign_file): does not use textfiler anymore.
9305
9306
* keygen.c (ask_user_id): print a note about the used charset.
9307
9308
Tue Mar 2 10:38:42 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9309
9310
* sig-check.c (signature_check): sig-id now works for all algos.
9311
9312
* armor.c (armor_filter): Fixed armor bypassing.
9313
9314
Sun Feb 28 19:11:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9315
9316
* keygen.c (ask_user_id): Don't change the case of email addresses.
9317
(has_invalid_email_chars): Adjusted.
9318
9319
* keylist.c (list_one): Really list serect keys (Remi Guyomarch)
9320
9321
* keyedit.c (menu_select_uid): Add some braces to make egcs happy.
9322
(menu_select_key): Ditto.
9323
9324
* mainproc.c (do_proc_packets): List sym-enc packets (Remi Guyomarch)
9325
9326
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9327
9328
* pkclist.c (build_pk_list): Return error if there are no recipients.
9329
9330
* sig-check.c (signature_check): New signature id feature.
9331
* armor.c (make_radic64_string): New.
9332
9333
* mainproc.c (proc_pubkey_enc): early check for seckey availability.
9334
9335
* pkclist.c (do_we_trust_pre): print user id before asking.
9336
9337
* ringedit.c (add_keyblock_resource,get_keyblock_handle): Cleaner
9338
handling of default resource.
9339
9340
9341
Thu Feb 25 18:47:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9342
9343
* pkclist.c (algo_available): New.
9344
(select_algo_from_prefs): Check whether algo is available.
9345
9346
* ringedit.c (keyring_copy): Take care of opt.dry_run.
9347
(do_gdbm_store): Ditto.
9348
* openfile.c (open_outfile). Ditto.
9349
(copy_options_file): Ditto.
9350
* trustdb.c (update_trustdb): Ditto.
9351
(clear_trust_checked_flag): Ditto.
9352
(update_trust_record): Ditto.
9353
(insert_trust_record): Ditto.
9354
9355
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9356
9357
* keylist.c (secret_key_list): Now really list the secret key.
9358
9359
* trustdb.c (do_init_trustdb): New. Init is now deferred.
9360
9361
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9362
9363
* getkey.c (lookup_sk): Return G10ERR_NO_SECKEY and not x_PUBKEY.
9364
9365
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9366
9367
* pkclist.c (select_algo_from_prefs): retrieve LID if not there.
9368
9369
* armor.c (fake_packet): Replaced ugly lineending handling.
9370
9371
* g10.c (oNoEncryptTo): New.
9372
* pkclist.c (build_pk_list): Implemented this option.
9373
9374
* g10.c (main): Greeting is now printed to stderr and not to tty.
9375
Use add_to_strlist() instead of direct coding.
9376
9377
* import.c (import): Use iobuf_push_filter2.
9378
9379
* mainproc.c (check_sig_and_print): Print all user ids
9380
for good signatures.
9381
* getkey.c (get_pubkeyblock): New.
9382
9383
* import.c (chk_self_sigs): Fixed SEGV for unbounded class 0x18 keys.
9384
(delete_inv_parts): Delete special marked packets.
9385
9386
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9387
9388
* g10.c (main): New option --encrypt-to
9389
9390
* pkclist.c (build_pk_list): Implemented encrypt-to.
9391
9392
* parse-packet.c (parse_user_id): Removed the hack to work with
9393
utf-8 strings.
9394
9395
* g10.c (main): Install lockfile cleanup handler.
9396
* tdbio.c (cleanup): Removed: this is now handled by dotlock.
9397
9398
Sat Feb 13 14:13:04 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9399
9400
* tdbio.c (tdbio_set_dbname): Init lockhandle for a new trustdb
9401
9402
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9403
9404
* g10.c (main): check for development version now in configure
9405
9406
* tdbio.c (tdbio_write_record): Add uid.validity
9407
(tdbio_read_record) : Ditto.
9408
(tdbio_dump_record) : Ditto.
9409
9410
* keygen.c (keygen_add_std_prefs): Replaced Blowfish by Twofish,
9411
removed MD5 and Tiger.
9412
* pubkey-enc.c (get_it): Suppress warning about missing Blowfish
9413
in preferences in certain cases.
9414
9415
* ringedit.c (lock_rentry,unlock_rentry): New.
9416
9417
* getkey.c (key_byname): Pass ret_kb down to lookup_xx.
9418
9419
* armor.c (armor_filter): No output of of empty comment lines.
9420
Add option --no-version to suppress the output of the version string.
9421
9422
* getkey.c: Release the getkey context for auto context variables.
9423
9424
Sun Jan 24 18:16:26 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9425
9426
* getkey.c: Changed the internal design to allow simultaneous
9427
lookup of multible user ids
9428
(get_pubkey_bynames): New.
9429
(get_seckey_bynames): New.
9430
(get_seckey_next): New.
9431
(get_seckey_end): New.
9432
* keylist.c (list_one): Use the new functions.
9433
9434
* keylist.c (list_keyblock): add a newline for normal listings.
9435
9436
* g10.c (--recipient): New option name to replace --remote-user
9437
9438
9439
Wed Jan 20 18:59:49 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9440
9441
* textfilter.c: Mostly rewritten
9442
* plaintext.c (handle_plaintext): Use now text_filter semantics.
9443
9444
Tue Jan 19 19:34:58 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9445
9446
* export.c (export_pubkeys_stream): New.
9447
(do_export_stream): New.
9448
* g10.c (aSendKeys): New command.
9449
* hkp.c (hkp_export): New.
9450
9451
* compress.c (do_uncompress): Hack for algo 1 and 1.1.3
9452
9453
Sun Jan 17 11:04:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9454
9455
* textfilter.c (text_filter): Now uses iobuf_read_line().
9456
(read_line): Removed.
9457
9458
* armor.c (trim_trailing_spaces): Removed and replaced
9459
by trim_trailing_ws from libutil
9460
9461
Sat Jan 16 12:03:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9462
9463
* hkp.c (hkp_ask_import): Use only the short keyid
9464
9465
Sat Jan 16 09:27:30 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9466
9467
* import.c (import_key_stream): New
9468
(import): New, moved most of import_keys here.
9469
* g10.c: New option --keyserver
9470
* mainproc.c (check_sig_and_print): Hook to import a pubkey.
9471
9472
* pref.c pref.h : Removed
9473
9474
* hkp.c hkp.h: New
9475
9476
Wed Jan 13 14:10:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9477
9478
* armor.c (radix64_read): Print an error if a bad armor was detected.
9479
9480
Wed Jan 13 12:49:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9481
9482
* armor.c (radix64_read): Now handles malformed armors produced
9483
by some buggy MUAs.
9484
9485
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9486
9487
* ringedit.c (find_keyblock_bysk): New.
9488
9489
* skc_list.c (is_insecure): New.
9490
(build_sk_list): usage check for insecure keys.
9491
9492
* import.c (chk_self_sigs): Add handling for subkeys.
9493
(delete_inv_parts): Skip unsigned subkeys
9494
9495
* sig-check.c (do_check): Print info if the signature is older
9496
than the key.
9497
* keygen.c (generate_subkeypair): Fail on time warp.
9498
* sign.c (do_sign): Ditto.
9499
9500
Sun Jan 10 15:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9501
9502
* armor.c (fake_packet): Fixed not-dash-escaped bug.
9503
9504
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9505
9506
* sig-check.c (do_check): Output time diff on error
9507
9508
* status.c (STATUS_VALIDSIG): New.
9509
(is_status_enabled): New.
9510
* mainproc.c (check_sig_and_print): Issue that status message.
9511
9512
* plaintext.c (special_md_putc): Removed
9513
9514
* armor.c (armor_filter): print error for truncated lines.
9515
9516
* free-packet.c (free_encrypted): Revomed call to set_block_mode.
9517
(free_plaintext): Ditto.
9518
9519
Thu Jan 7 18:00:58 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
9520
9521
* pkclist.c (add_ownertrust): Fixed return value.
9522
9523
* encr-data.c (decrypt_data): Disabled iobuf_set_limit and
9524
iobuf_pop_filter stuff.
9525
* compress.c (handle_compressed): Disabled iobuf_pop_filter.
9526
9527
* packet.h (PKT_secret_key): Add is_primary flag.
9528
* parse-packet.c (parse_key): Set this flag.
9529
* passphrase.c (passphrase_to_dek): Kludge to print the primary
9530
keyid - changed the API: keyid must now hold 2 keyids.
9531
* getkey.c (get_primary_seckey): New.
9532
* seckey-cert.c (do_check): pass primary keyid to passphrase query
9533
9534
* tbdio.c (open_db): removed the atexit
9535
(tdbio_set_dbname): and moved it to here.
9536
9537
* armor.c: Rewrote large parts.
9538
9539
Tue Dec 29 19:55:38 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9540
9541
* revoke.c (gen_revoke): Removed compression.
9542
9543
* pkclist.c (do_we_trust_pre): special check for revoked keys
9544
9545
* trustdb.c (update_trust_record): Fixed revoke flag.
9546
9547
Tue Dec 29 14:41:47 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9548
9549
* misc.c (disable_core_dumps): Check for EINVAL (Atari)
9550
9551
* getkey (merge_one_pk_and_selfsig): Fixed search of expiredate.
9552
(merge_keys_and_selfsig): Ditto.
9553
9554
* free-packet.c (cmp_public_keys): cmp expire only for v3 packets
9555
(cmp_secret_keys): Ditto.
9556
(cmp_public_secret_key): Ditto.
9557
9558
Wed Dec 23 17:12:24 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9559
9560
* armor.c (find_header): Reset not_dashed at every header
9561
9562
Wed Dec 23 13:18:14 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9563
9564
* pkclist.c (add_ownertrust): Refresh validity values.
9565
9566
* trustdb.c (enum_cert_paths_print): New arg refresh.
9567
9568
* ringedit.c: Fixed problems fix keyrings
9569
* parse-packet.c (dbg_parse_packet): New debug functions.
9570
9571
* getkey.c (getkey_disable_caches): New.
9572
* import.c (import_keys): Disable caches.
9573
9574
Thu Dec 17 18:31:15 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9575
9576
* misc.c (trap_unaligned): Only for glibc 1
9577
9578
* sign.c (write_dash_escaped): Now escapes "From " lines
9579
* g10.c: New option --escape-from-lines
9580
9581
* trustdb.c (sort_tsl_list): New
9582
(list_trust_path): Now prints sorted list.
9583
(enum_cert_paths): Likewise.
9584
(enum_cert_paths_print): New.
9585
(print_paths): New printing format.
9586
* pkclist.c (add_ownertrust): New arg quit.
9587
(edit_ownertrust): New quit selection and does not query
9588
the recipients ownertrust anymore.
9589
(add_ownertrust): Print the ceritficate path.
9590
9591
9592
Mon Dec 14 21:18:49 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9593
9594
* parse-packet.c (parse_signature): Now checks for critical bit
9595
(parse_sig_subpkt): Splitted.
9596
(parse_one_sig_subpkt): New.
9597
* sig-check.c (do_check): handle critical bit.
9598
9599
Sun Dec 13 14:10:56 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9600
9601
* pcklist.c (select_algo_from_prefs): Preferences should
9602
now work (lost the != ? )
9603
9604
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9605
9606
* ringedit.c (gdbm_store): Fix for inserts
9607
9608
* g10.c (main): New option --export-all
9609
* export.c (export_pubkeys): New arg.
9610
(do_export): Now may skip old keys.
9611
9612
* status.c: Minor patches for Sun's cc
9613
9614
* keygen.c (ask_algo): Disabled v3 ElGamal choice, rearranged
9615
the numbers. Add a warning question when a sign+encrypt key
9616
is selected.
9617
9618
* g10.c (do_not_use_RSA): Removed.
9619
* misc.c (print_pubkey_algo_note): New as replacement for the
9620
do_not_use_RSA() and chnaged all callers.
9621
(print_cipher_algo_note): New.
9622
(print_hash_algo_note): New.
9623
9624
* cipher.c (write_header): Add a call to print_cipher_algo_note.
9625
* seckey-cert.c (protect_secret_key): Ditto
9626
* sign.c (do_sign): Add a call to print_digest_algo_note.
9627
9628
* getkey.c (get_long_user_id_string): New.
9629
* mainproc.c (check_sig_and_print): Changed the format of the
9630
status output.
9631
9632
* encrypt.c (write_pubkey_enc_from_list): print used symmetric cipher.
9633
9634
* pkclist.c (do_we_trust): Changed a message.
9635
9636
Wed Dec 9 13:41:06 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9637
9638
* misc.c (trap_unaligned) [ALPHA]: Only if UAC_SIGBUS is defined.
9639
9640
* sign.c (write_dash_escaped): Add the forgotten patch by Brian Moore.
9641
9642
* compress.c (do_uncompress): Fixed the inflating bug.
9643
9644
9645
Tue Dec 8 13:15:16 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9646
9647
* trustdb.c (upd_uid_record): Now uses the newest self-signature
9648
(insert_trust_record): Now calls update with recheck set to true.
9649
(register_trusted_key): New.
9650
(verify_own_keys): Enhanced by list of trusted keys.
9651
9652
* g10.c (main): Print a warning when a devel version is used.
9653
(main): New option --trusted-key
9654
9655
* import.c (merge_blocks): Fixed merging of new user ids and
9656
added merging of subkeys.
9657
(append_uid): Ditto.
9658
(merge_keysig): New.
9659
(append_key): New.
9660
* getkey.c (merge_one_pk_and_selfsig): Get the expiration time
9661
from the newest self-signature.
9662
(merge_keys_and_selfsig): Ditto.
9663
9664
* free-packet.c (cmp_secret_key): New.
9665
9666
9667
Fri Nov 27 21:37:41 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9668
9669
* g10.c: New option --lock-once
9670
* tdbio.c (open_db): Add an atexit
9671
(cleanup): New.
9672
(tdbio_sync): Add locking.
9673
(tdbio_end_transaction): Ditto.
9674
(put_record_into_cache): Ditto.
9675
* ringedit.c (keyring_copy): Ditto.
9676
(cleanup): New.
9677
(add_keyblock_resource): Add an atexit.
9678
9679
Fri Nov 27 15:30:24 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9680
9681
* armor.c (find_header): Another fix for clearsigs.
9682
9683
Fri Nov 27 12:39:29 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
9684
9685
9686
* status.c (display_help): Removed.
9687
* helptext.c: New and removed the N_() from all cpr_gets.
9688
9689
9690
Fri Nov 20 16:54:52 1998 Werner Koch (wk@isil.d.shuttle.de)
9691
9692
* g10.c (main): New option --not-dash-escaped
9693
* sign.c (write_dashed_escaped): Ditto.
9694
* armor.c (find_header): Support for NotDashEscaped header.
9695
9696
* getkey.c: print "disabled cache.." only if verbose is used.
9697
9698
Thu Nov 19 07:17:31 1998 Werner Koch <werner.koch@guug.de>
9699
9700
* parse-packet.c (dump_sig_subpkt): Fixed expire listing
9701
* getkey.c (merge_keys_and_selfsig): Fixed expire calculation.
9702
(merge_one_pk_and_selfsig): Ditto.
9703
* keyedit.c (menu_expire). Ditto.
9704
* keygen.c (keygen_add_key_expire): Ditto.
9705
(ask_expire_interval): New and changed all local function to use
9706
this instead.
9707
(keygen_add_key_expire): Opaque should now be a public key;
9708
changed all callers.
9709
9710
* parse.packet.c (parse): use skip_rest to skip packets.
9711
9712
* keyedit.c (keyedit_menu): New arg for cmdline cmds.
9713
9714
Wed Nov 18 20:33:50 1998 Werner Koch (wk@isil.d.shuttle.de)
9715
9716
* trustdb.c (check_trustdb): Now rechecks all gived userids.
9717
(collect_paths): Some fixes.
9718
(upd_pref_records): Skips empty items, evaluate all items.
9719
9720
* parse-packet.c (dump_sig_subpkt): Better listing of prefs.
9721
(skip_packet): Now knows about marker packet
9722
9723
* g10.c: removed cmd "--edit-sig".
9724
9725
* pubring.asc: Updated.
9726
9727
Sat Nov 14 14:01:29 1998 Werner Koch (wk@isil.d.shuttle.de)
9728
9729
* g10.c (main): Changed syntax of --list-trust-path
9730
* trustdb.c (list_trust_path): Replaced max_depth by
9731
opt.max_cert_depth
9732
9733
Fri Nov 13 07:39:58 1998 Werner Koch <werner.koch@guug.de>
9734
9735
* trustdb.c (collect_paths): Removed a warning message.
9736
(enum_trust_web): Removed.
9737
(enum_cert_paths): New.
9738
* pkclist.c (add_ownertrust): Changed to use enum_cert_paths.
9739
(edit_ownertrust): Now list ceritficates on request.
9740
(show_paths): New.
9741
9742
Wed Nov 11 18:05:44 1998 Werner Koch <werner.koch@guug.de>
9743
9744
* g10.c (main): New option --max-cert-depth
9745
* tdbio.h: add new fields to ver and dir record.
9746
* tdbio.c: read/write/dump of these fields.
9747
(tdbio_db_matches_options): New.
9748
* trustdb.c: replaced MAC_CERT_DEPTH by opt.max_cert_depth.
9749
(do_check): cache validity and changed other functions
9750
to reset the cached value.
9751
9752
* keylist.c (list_one): Now lists the ownertrust.
9753
* mainproc.c (list_node): Ditto.
9754
9755
Tue Nov 10 10:08:59 1998 Werner Koch (wk@isil.d.shuttle.de)
9756
9757
* g10.c (g10_exit): Now looks at the new g10_errors_seen.
9758
* mainproc.c (check_sig_and_print): Sets g10_errors_seen.
9759
9760
* *.c : i18n many more strings.
9761
9762
* ringedit.c (locate_keyblock_by_keyid): Add HAVE_LIBGDBM
9763
(locate_keyblock_by_fpr): Ditto.
9764
9765
* g10.c (main): removed unsused "int errors".
9766
(main): Add new option --charset.
9767
9768
* g10.c (main): special message for the unix newbie.
9769
9770
Mon Nov 9 07:17:42 1998 Werner Koch <werner.koch@guug.de>
9771
9772
* getkey.c (finish_lookup): Kludge to prefere algo 16.
9773
9774
* trustdb.c (new_lid_table): Clear cached item.
9775
9776
* status.c (cpr_get_utf8): New.
9777
* pkclist.c (build_pk_list): Uses this.
9778
9779
Sun Nov 8 17:20:39 1998 Werner Koch (wk@isil.d.shuttle.de)
9780
9781
* mainproc.c (check_sig_and_print): Why did I use strlen()-1
9782
in the printf? - This truncated the TZ.
9783
9784
Sat Nov 7 15:57:28 1998 me,,, (wk@tobold)
9785
9786
* getkey.c (lookup): Changes to support a read_next.
9787
(get_pubkey): Fixed a memory leak.
9788
9789
* keylist.c (list_one): Now lists all matching user IDs.
9790
9791
Tue Nov 3 16:19:21 1998 Werner Koch (wk@isil.d.shuttle.de)
9792
9793
* keygen.c (ask_user_id): Now converted to UTF-8
9794
9795
* g10.c (main): Kludge for pgp clearsigs and textmode.
9796
9797
Fri Oct 30 16:40:39 1998 me,,, (wk@tobold)
9798
9799
* signal.c (block_all_signals): New.
9800
(unblock_all_signals): New
9801
* tdbio.c (tdbio_end_transaction): Now blocks all signals.
9802
9803
* trustdb.c (new_lid_table): Changed the representation of the
9804
former local_lid_info stuff.
9805
9806
* trustdb.c (update_trust_record): Reorganized the whole thing.
9807
* sig-check.c (check_key_signature): Now handles class 0x28
9808
9809
9810
Wed Oct 28 18:56:33 1998 me,,, (wk@tobold)
9811
9812
* export.c (do_export): Takes care of the exportable sig flag.
9813
9814
Tue Oct 27 14:53:04 1998 Werner Koch (wk@isil.d.shuttle.de)
9815
9816
* trustdb.c (update_trust_record): New "fast" parameter.
9817
9818
Sun Oct 25 19:32:05 1998 Werner Koch (wk@isil.d.shuttle.de)
9819
9820
* openfile.c (copy_options_File): New.
9821
* ringedit.c (add_keyblock_resource): Creates options file
9822
* tdbio.c (tdbio_set_dbname): Ditto.
9823
9824
Sat Oct 24 14:10:53 1998 brian moore <bem@cmc.net>
9825
9826
* mainproc.c (proc_pubkey_enc): Don't release the DEK
9827
(do_proc_packets): Ditto.
9828
9829
Fri Oct 23 06:49:38 1998 me,,, (wk@tobold)
9830
9831
* keyedit.c (keyedit_menu): Comments are now allowed
9832
9833
* trustdb.c: Rewrote large parts.
9834
9835
9836
Thu Oct 22 15:56:45 1998 Michael Roth (mroth@nessie.de)
9837
9838
* encode.c: (encode_simple): Only the plain filename without
9839
a given directory is stored in generated packets.
9840
(encode_crypt): Ditto.
9841
9842
* sign.c: (sign_file) Ditto.
9843
9844
9845
Thu Oct 22 10:53:41 1998 Werner Koch (wk@isil.d.shuttle.de)
9846
9847
* trustdb.c (update_trust_record): Add new optional arg.
9848
9849
* import.c (import_keys): Add statistics output
9850
* trustdb.c (update_trustdb): Ditto.
9851
(insert_trustdb): Ditto.
9852
9853
* tdbio.c (tdbio_begin_transaction): New.
9854
(tdbio_end_transaction): New.
9855
(tdbio_cancel_transaction): New.
9856
9857
* g10.c (main): New option --quit.
9858
9859
* trustdb.c (check_hint_sig): No tests for user-id w/o sig.
9860
This caused an assert while checking the sigs.
9861
9862
* trustdb.c (upd_sig_record): Splitted into several functions.
9863
9864
* import.c (import_keys): New arg "fast".
9865
* g10.c (main): New command --fast-import.
9866
9867
Wed Oct 21 18:19:36 1998 Michael Roth <mroth@nessie.de>
9868
9869
* ringedit.c (add_keyblock_resource): Directory is now created.
9870
* tdbio.c (tdbio_set_dbname): New info message.
9871
9872
Wed Oct 21 11:52:04 1998 Werner Koch (wk@isil.d.shuttle.de)
9873
9874
* trustdb.c (update_trustdb): released keyblock in loop.
9875
9876
* keylist.c (list_block): New.
9877
(list_all): Changed to use list_block.
9878
9879
* trustdb.c: Completed support for GDBM
9880
9881
* sign.c (only_old_style): Changed the way force_v3 is handled
9882
(sign_file): Ditto.
9883
(clearsign_file): Ditto.
9884
9885
* keygen.c (has_invalid_email_chars): Splitted into mailbox and
9886
host part.
9887
9888
* keylist.c (list_one): Add a merge_keys_and_selfsig.
9889
* mainproc.c (proc_tree): Ditto.
9890
9891
Sun Oct 18 11:49:03 1998 Werner Koch (wk@isil.d.shuttle.de)
9892
9893
* sign.c (only_old_style): Add option force_v3_sigs
9894
(sign_file): Fixed a bug in sig->version
9895
(clearsign_file): Ditto.
9896
9897
* parse-packet.c (dump_sig_subpkt): New
9898
9899
* keyedit.c (menu_expire): New.
9900
* free-packet.c (cmp_signatures): New
9901
9902
9903
Sat Oct 17 10:22:39 1998 Werner Koch (wk@isil.d.shuttle.de)
9904
9905
* armor.c: changed output line length from 72 to 64.
9906
9907
* keyedit.c (fix_keyblock): New.
9908
9909
Fri Oct 16 10:24:47 1998 Werner Koch (wk@isil.d.shuttle.de)
9910
9911
* trustdb.c: Rewrote most.
9912
* tdbio.c: Add cache and generalized hash tables.
9913
9914
* options.h (ENABLE_COMMENT_PACKETS): New but undef'ed.
9915
* encode.c, sign.c, keygen.c: Disabled comment packets.
9916
* export.c (do_export): Comment packets are never exported,
9917
except for those in the secret keyring.
9918
9919
* g10.c (main): Removed option do-no-export-rsa; should be
9920
be replaced by a secpial tool.
9921
* export.c (do_export): Removed the code for the above option.
9922
9923
* armor.c (find_header): Support for new only_keyblocks.
9924
* import.c (import_keys): Only looks for keyblock armors.
9925
9926
* packet.h: replaced valid_days by expiredate and changed all users.
9927
* build-packet.c (do_public_key): calculates valid-days
9928
(do_secret_key): Ditto.
9929
* parse-packet.c (parse_key): expiredate is calucated from the
9930
valid_period in v3 packets.
9931
* keyid.c (do_fingerprint_md): calculates valid_dates.
9932
9933
* keygen.c (add_key_expire): fixed key expiration time for v4 packets.
9934
9935
* armor.c (find_header): A LF in the first 28 bytes
9936
was skipped for non-armored data.
9937
9938
Thu Oct 8 11:35:51 1998 Werner Koch (wk@isil.d.shuttle.de)
9939
9940
* armor.c (is_armored): Add test on old comment packets.
9941
9942
* tdbio.c (tdbio_search_dir_bypk): fixed memory leak.
9943
9944
* getkey.c: Changed the caching algorithms.
9945
9946
Wed Oct 7 19:33:28 1998 Werner Koch (wk@isil.d.shuttle.de)
9947
9948
* kbnodes.c (unused_nodes): New.
9949
9950
Wed Oct 7 11:15:36 1998 Werner Koch (wk@isil.d.shuttle.de)
9951
9952
* keyedit.c (sign_uids): Fixed a problem with SK which could caused
9953
a save of an unprotected key.
9954
(menu_adduid): Ditto.
9955
9956
* keyedit.c (keyedit_menu): Prefs are now correctly listed for
9957
new user ids.
9958
9959
* trustdb.c (update_trust_record): New.
9960
(insert_trust_record): Now makes use of update_trust_record.
9961
9962
Tue Oct 6 16:18:03 1998 Werner Koch (wk@isil.d.shuttle.de)
9963
9964
* trustdb.c (read_record): replaces most of the tdbio_read_records.
9965
(write_record): Ditto.
9966
9967
Sat Oct 3 11:01:21 1998 Werner Koch (wk@isil.d.shuttle.de)
9968
9969
* keygen.c (ask_alogo): enable ElGamal enc-only only for addmode.
9970
9971
Wed Sep 30 10:15:33 1998 Werner Koch (wk@isil.d.shuttle.de)
9972
9973
* import.c (import_one): Fixed update of wrong keyblock.
9974
9975
Tue Sep 29 08:32:08 1998 me,,, (wk@tobold)
9976
9977
* mainproc.c (proc_plaintext): Display note for special filename.
9978
* plaintext.c (handle_plaintext): Suppress output of special file.
9979
9980
Mon Sep 28 12:57:12 1998 Werner Koch (wk@isil.d.shuttle.de)
9981
9982
* g10.c (verify_own_keys): Add warning if a key is not protected.
9983
9984
* passphrase (hash_passphrase): Fixed iterated+salted mode and
9985
setup for keysizes > hashsize.
9986
9987
* g10.c (main): New options: --s2k-{cipher,digest,mode}.
9988
9989
Fri Sep 25 09:34:23 1998 Werner Koch (wk@isil.d.shuttle.de)
9990
9991
* g10.c: Chnaged some help texts.
9992
9993
Tue Sep 22 19:34:39 1998 Werner Koch (wk@isil.d.shuttle.de)
9994
9995
* passphrase.c (read_passphrase_from_fd): fixed bug for long
9996
passphrases.
9997
9998
Mon Sep 21 11:28:05 1998 Werner Koch (wk@(none))
9999
10000
* getkey.c (lookup): Add code to use the sub key if the primary one
10001
does not match the usage.
10002
10003
* armor.c (armor_filter): New error message: no valid data found.
10004
(radix64_read): Changes to support multiple messages.
10005
(i18n.h): New.
10006
* mainproc.c (add_onepass_sig): bug fix.
10007
10008
Mon Sep 21 08:03:16 1998 Werner Koch (wk@isil.d.shuttle.de)
10009
10010
* pkclist.c (do_we_trust): Add keyid to most messages.
10011
10012
* passphrase.c (read_passphrase_from_fd): New.
10013
(have_static_passphrase): New
10014
(get_passphrase_fd): Removed.
10015
(set_passphrase_fd): Removed.
10016
* g10.c (main): passphrase is now read here.
10017
10018
* keyedit.c (keyedit_menu): "help" texts should now translate fine.
10019
10020
Mon Sep 21 06:40:02 1998 Werner Koch (wk@isil.d.shuttle.de)
10021
10022
* encode.c (encode_simple): Now disables compression
10023
when --rfc1991 is used.
10024
(encode_crypt): Ditto.
10025
10026
Fri Sep 18 16:50:32 1998 Werner Koch (wk@isil.d.shuttle.de)
10027
10028
* getkey.c (merge_key_and_selfsig): New.
10029
10030
Fri Sep 18 10:20:11 1998 Werner Koch (wk@isil.d.shuttle.de)
10031
10032
* pkclist.c (select_algo_from_prefs): Removed 3DES kludge.
10033
10034
* seskey.c (make_session_key): Fixed SERIOUS bug introduced
10035
by adding the weak key detection code.
10036
10037
* sign.c (sign_file): Changed aremor header in certain cases.
10038
10039
Tue Sep 15 17:52:55 1998 Werner Koch (wk@isil.d.shuttle.de)
10040
10041
* mainproc.c (check_sig_and_print): Replaced ascime by asctimestamp.
10042
10043
Mon Sep 14 11:40:52 1998 Werner Koch (wk@isil.d.shuttle.de)
10044
10045
* seskey.c (make_session_key): Now detects weak keys.
10046
10047
* trustdb (clear_trust_checked_flag): New.
10048
10049
* plaintext.c (handle_plaintext): Does no anymore suppress CR from
10050
cleartext signed messages.
10051
10052
Sun Sep 13 12:54:29 1998 Werner Koch (wk@isil.d.shuttle.de)
10053
10054
* trustdb.c (insert_trust_record): Fixed a stupid bug in the free
10055
liunked list loops.
10056
10057
Sat Sep 12 15:49:16 1998 Werner Koch (wk@isil.d.shuttle.de)
10058
10059
* status.c (remove_shmid): New.
10060
(init_shm_comprocess): Now sets permission to the real uid.
10061
10062
Wed Sep 9 11:15:03 1998 Werner Koch (wk@isil.d.shuttle.de)
10063
10064
* packet.h (PKT_pubkey_enc): New flah throw_keyid, and add logic to
10065
implement it.
10066
* g10.c (main): New Option --throw-keyid
10067
10068
* getkey.c (enum_secret_keys): Add new ar and changed all callers.
10069
10070
Tue Sep 8 20:04:09 1998 Werner Koch (wk@isil.d.shuttle.de)
10071
10072
* delkey.c (delete_key): Moved from keyedit.c.
10073
10074
Mon Sep 7 16:37:52 1998 Werner Koch (wk@isil.d.shuttle.de)
10075
10076
* build-packet.c (calc_length_header): New arg new_ctb to correctly
10077
calculate the length of new style packets.
10078
10079
* armor.c (is_armored): Checks for symkey_enc packets.
10080
10081
* pkclist.c (select_algo_from_prefs): 3DEs substitute is now CAST5.
10082
10083
Tue Aug 11 17:54:50 1998 Werner Koch (wk@isil.d.shuttle.de)
10084
10085
* build-packet.c (do_secret_key): Fixed handling of old keys.
10086
10087
* getkey.c (compare_name): Fixed exact and email matching
10088
10089
* openfile.c (open_outfile): Changed arguments and all callers.
10090
10091
Tue Aug 11 09:14:35 1998 Werner Koch (wk@isil.d.shuttle.de)
10092
10093
* encode.c (encode_simple): Applied option set-filename and comment.
10094
(encode_crypt): Ditto.
10095
* sign.c (sign_file): Ditto.
10096
* armor.c (armor_filter): Applied option comment.
10097
10098
* encode.c (encode_crypt): Moved init_packet to the begin.
10099
(encode_simple): add an init_packet().
10100
10101
* comment (write_comment): Now enforces a hash sign as the 1st byte.
10102
10103
* import.c (import_one): Add explanation for "no user ids".
10104
10105
* compress.c (do_uncompress): Applied Brian Warner's patch to support
10106
zlib 1.1.3 etc.
10107
10108
* trustdb.c (check_trust): Fixed a problem after inserting new keys.
10109
10110
* getkey (lookup): do not return the primary key if usage is given
10111
(lookup_sk): Ditto and take usage into account.
10112
10113
* status.c (cpr_get_answer_is_yes): add display_help.
10114
10115
Mon Aug 10 10:11:28 1998 Werner Koch (wk@isil.d.shuttle.de)
10116
10117
* getkey.c (lookup_sk): Now always returns the primary if arg
10118
primary is true.
10119
(lookup): Likewise.
10120
(get_pubkey_byname): Now returns the primary key
10121
(get_seckey_byname): Ditto.
10122
10123
10124
Mon Aug 10 08:34:03 1998 Werner Koch (wk@isil.d.shuttle.de)
10125
10126
* keyid.c (pubkey_letter): ELG_E is now a small g.
10127
10128
Sat Aug 8 17:26:12 1998 Werner Koch (wk@isil.d.shuttle.de)
10129
10130
* openfile (overwrite_filep): Changed semantics and all callers.
10131
10132
Sat Aug 8 12:17:07 1998 Werner Koch (wk@isil.d.shuttle.de)
10133
10134
* status.c (display_help): New.
10135
10136
Thu Aug 6 16:30:41 1998 Werner Koch,mobil,,, (wk@tobold)
10137
10138
* seskey.c (encode_session_key): Now uses get_random_bits().
10139
10140
Thu Aug 6 07:34:56 1998 Werner Koch,mobil,,, (wk@tobold)
10141
10142
* ringedit.c (keyring_copy): No more backupfiles for
10143
secret keyrings and add additional warning in case of
10144
a failed secret keyring operation.
10145
10146
Wed Aug 5 11:54:37 1998 Werner Koch (wk@isil.d.shuttle.de)
10147
10148
* g10.c (check_opts): Moved to main. Changed def_cipher_algo
10149
semantics and chnaged all users.
10150
10151
* pubkey-enc.c (get_sssion_key): New informational output
10152
about preferences.
10153
10154
* parse-packet.c (parse_symkeyenc): Fixed salted+iterated S2K
10155
(parse_key): Ditto.
10156
* build-packet.c (do_secret_key): Ditto.
10157
(do_symkey_enc): Ditto.
10158
10159
Tue Aug 4 08:59:10 1998 Werner Koch (wk@isil.d.shuttle.de)
10160
10161
* getkey.c (enum_secret_keys): Now returns only primary keys.
10162
10163
* getkey (lookup): Now sets the new namehash field.
10164
10165
* parse-packet.c (parse_sig_subpkt2): New.
10166
10167
* sign.c (sign_file): one-pass sigs are now emiited reverse.
10168
Preference data is considered when selecting the compress algo.
10169
10170
Wed Jul 29 12:53:03 1998 Werner Koch (wk@isil.d.shuttle.de)
10171
10172
* free-packet.c (copy_signature): New.
10173
10174
* keygen.c (generate_subkeypair): rewritten
10175
* g10.c (aKeyadd): Removed option --add-key
10176
10177
Mon Jul 27 10:37:28 1998 Werner Koch (wk@isil.d.shuttle.de)
10178
10179
* seckey-cert.c (do_check): Additional check on cipher blocksize.
10180
(protect_secret_key): Ditto.
10181
* encr-data.c: Support for other blocksizes.
10182
* cipher.c (write_header): Ditto.
10183
10184
Fri Jul 24 16:47:59 1998 Werner Koch (wk@isil.d.shuttle.de)
10185
10186
* kbnode.c (insert_kbnode): Changed semantics and all callers.
10187
* keyedit.c : More or less a complete rewrite
10188
10189
Wed Jul 22 17:10:04 1998 Werner Koch (wk@isil.d.shuttle.de)
10190
10191
* build-packet.c (write_sign_packet_header): New.
10192
10193
Tue Jul 21 14:37:09 1998 Werner Koch (wk@isil.d.shuttle.de)
10194
10195
* import.c (import_one): Now creates a trustdb record.
10196
10197
* g10.c (main): New command --check-trustdb
10198
10199
Mon Jul 20 11:15:07 1998 Werner Koch (wk@isil.d.shuttle.de)
10200
10201
* genkey.c (generate_keypair): Default key is now DSA with
10202
encryption only ElGamal subkey.
10203
10204
Thu Jul 16 10:58:33 1998 Werner Koch (wk@isil.d.shuttle.de)
10205
10206
* keyid.c (keyid_from_fingerprint): New.
10207
* getkey.c (get_pubkey_byfprint): New.
10208
10209
Tue Jul 14 18:09:51 1998 Werner Koch (wk@isil.d.shuttle.de)
10210
10211
* keyid.c (fingerprint_from_pk): Add argument and changed all callers.
10212
(fingerprint_from_sk): Ditto.
10213
10214
Tue Jul 14 10:10:03 1998 Werner Koch (wk@isil.d.shuttle.de)
10215
10216
* plaintext.c (handle_plaintext): Now returns create error if
10217
the file could not be created or the user responded not to overwrite
10218
the file.
10219
* mainproc.c (proc_plaintext): Tries again if the file could not
10220
be created to check the signature without output.
10221
10222
* misc.c (disable_core_dumps): New.
10223
* g10.c (main): disable coredumps for gpg
10224
10225
* g10.c (MAINTAINER_OPTIONS): New to disable some options
10226
10227
Mon Jul 13 16:47:54 1998 Werner Koch (wk@isil.d.shuttle.de)
10228
10229
* plaintext.c (hash_datafiles): New arg for better support of
10230
detached sigs. Changed all callers.
10231
* mainproc.c (proc_signature_packets): Ditto.
10232
10233
* g10.c (main): New option "compress-sigs"
10234
* sig.c (sign_file): detached signatures are not anymore compressed
10235
unless the option --compress-sigs is used.
10236
10237
Thu Jul 9 19:54:54 1998 Werner Koch (wk@isil.d.shuttle.de)
10238
10239
* armor.c: Fixes to allow zero length cleartext signatures
10240
10241
Thu Jul 9 14:52:47 1998 Werner Koch (wk@isil.d.shuttle.de)
10242
10243
* g10.c (build_list): Now drops setuid.
10244
(main): Changed the way keyrings and algorithms are registered .
10245
10246
Wed Jul 8 14:17:30 1998 Werner Koch (wk@isil.d.shuttle.de)
10247
10248
* packet.h (PKT_public_key): Add field keyid.
10249
* parse-packet.c (parse_key): Reset the above field.
10250
* keyid.c (keyid_from_pk): Use above field as cache.
10251
10252
* tdbio.c, tdbio.h: New
10253
* trustdb.c: Moved some functions to tdbio.c.
10254
(print_keyid): New.
10255
10256
* pkclist.c (check_signatures_trust): New.
10257
10258
Wed Jul 8 10:45:28 1998 Werner Koch (wk@isil.d.shuttle.de)
10259
10260
* plaintext.c (special_md_putc): New.
10261
(handle_plaintext): add clearsig argument
10262
* mainproc.c (proc_plaintext): detection of clearsig
10263
* sign.c (write_dased_escaped): Changed clearsig format
10264
10265
Tue Jul 7 18:56:19 1998 Werner Koch (wk@isil.d.shuttle.de)
10266
10267
* armor.c (find_header): Now makes sure that there is only one
10268
empty line for clearsigs, as this is what OP now says.
10269
10270
Mon Jul 6 13:09:07 1998 Werner Koch (wk@isil.d.shuttle.de)
10271
10272
* g10.c (main): New option default-secret-key
10273
* getkey.c (get_seckey_byname): support for this option.
10274
10275
Mon Jul 6 09:03:49 1998 Werner Koch (wk@isil.d.shuttle.de)
10276
10277
* getkey.c (add_keyring): Keyrings are now added to end of the
10278
list of keyrings. The first added keyringwill be created.
10279
(add_secret_keyring): Likewise.
10280
10281
* ringedit.c (add_keyblock_resource): Files are created here.
10282
10283
* g10.c (aNOP): Removed
10284
10285
* getkey.c (lookup): Add checking of usage for name lookups
10286
* packet.h (pubkey_usage): Add a field which may be used to store
10287
usage capabilities.
10288
* pkclist.c (build_pk_list): getkey now called with usage arg.
10289
* skclist.c (build_sk_list): Ditto.
10290
10291
* sign.c (clearsign_file): Fixed "Hash:" headers
10292
10293
Sat Jul 4 13:33:31 1998 Werner Koch (wk@isil.d.shuttle.de)
10294
10295
* trustdb.c (list_ownertrust): New.
10296
* g10.c (aListOwnerTrust): New.
10297
10298
* g10.c (def_pubkey_algo): Removed.
10299
10300
* trustdb.c (verify_private_data): Removed and also the call to it.
10301
(sign_private_data): Removed.
10302
10303
Fri Jul 3 13:26:10 1998 Werner Koch (wk@isil.d.shuttle.de)
10304
10305
* g10.c (aEditKey): was aEditSig. Changed usage msg.
10306
10307
* keyedit.c: Done some i18n stuff.
10308
10309
* g10.c (do_not_use_RSA): New.
10310
* sign.c (do_sign): Add call to above function.
10311
* encode.c (write_pubkey_enc_from_list): Ditto.
10312
10313
Thu Jul 2 21:01:25 1998 Werner Koch (wk@isil.d.shuttle.de)
10314
10315
* parse-packet.c: Now is able sto store data of unknown
10316
algorithms.
10317
* free-packet.c: Support for this.
10318
* build-packet.c: Can write data of packet with unknown algos.
10319
10320
Thu Jul 2 11:46:36 1998 Werner Koch (wk@isil.d.shuttle.de)
10321
10322
* parse-packet.c (parse): fixed 4 byte length header
10323
10324
Wed Jul 1 12:36:55 1998 Werner Koch (wk@isil.d.shuttle.de)
10325
10326
* packet.h (new_ctb): New field for some packets
10327
* build-packet.c (build_packet): Support for new_ctb
10328
* parse-packet.c (parse): Ditto.
10329
10330
Mon Jun 29 12:54:45 1998 Werner Koch (wk@isil.d.shuttle.de)
10331
10332
* packet.h: changed all "_cert" to "_key", "subcert" to "subkey".
10333
10334
* free-packet.c (free_packet): Removed memory leak for subkeys.
10335
10336
Sun Jun 28 18:32:27 1998 Werner Koch (wk@isil.d.shuttle.de)
10337
10338
* import.c (import_keys): Renamed from import_pubkeys.
10339
(import_secret_one): New.
10340
10341
* g10.c (aExportSecret): New.
10342
10343
* export.c (export_seckeys): New.
10344
10345
* parse-packet.c (parse_certificate): Cleaned up.
10346
(parse_packet): Trust packets are now considered as unknown.
10347
(parse_pubkey_warning): New.
10348
10349
Fri Jun 26 10:37:35 1998 Werner Koch (wk@isil.d.shuttle.de)
10350
10351
* keygen.c (has_invalid_email_chars): New.
10352
10353
Wed Jun 24 16:40:22 1998 Werner Koch (wk@isil.d.shuttle.de)
10354
10355
* armor.c (armor_filter): Now creates valid onepass_sig packets
10356
with all detected hash algorithms.
10357
* mainproc.c (proc_plaintext): Now uses the hash algos as specified
10358
in the onepass_sig packets (if there are any)
10359
10360
Mon Jun 22 11:54:08 1998 Werner Koch (wk@isil.d.shuttle.de)
10361
10362
* plaintext.c (handle_plaintext): add arg to disable outout
10363
* mainproc.c (proc_plaintext): disable output when in sigs_only mode.
10364
10365
Thu Jun 18 13:17:27 1998 Werner Koch (wk@isil.d.shuttle.de)
10366
10367
* keygen.c: Removed all rsa packet stuff, chnaged defaults
10368
for key generation.
10369
10370
Sun Jun 14 21:28:31 1998 Werner Koch (wk@isil.d.shuttle.de)
10371
10372
* misc.c (checksum_u16): Fixed a stupid bug which caused a
10373
wrong checksum calculation for the secret key protection and
10374
add a backward compatibility option.
10375
* g10.c (main): Add option --emulate-checksum-bug.
10376
10377
Thu Jun 11 13:26:44 1998 Werner Koch (wk@isil.d.shuttle.de)
10378
10379
* packet.h: Major changes to the structure of public key material
10380
which is now stored in an array and not anaymore in a union of
10381
algorithm specific structures. These is needed to make the system
10382
more extendable and makes a lot of stuff much simpler. Changed
10383
all over the system.
10384
10385
* dsa.c, rsa.c, elg.c: Removed.
10386
10387
Wed Jun 10 07:22:02 1998 Werner Koch,mobil,,, (wk@tobold)
10388
10389
* g10.c ("load-extension"): New option.
10390
10391
Mon Jun 8 22:23:37 1998 Werner Koch (wk@isil.d.shuttle.de)
10392
10393
* seckey-cert.c (do_check): Removed cipher constants
10394
(protect_secret_key): Ditto.
10395
10396
Fri May 29 10:00:28 1998 Werner Koch (wk@isil.d.shuttle.de)
10397
10398
* trustdb.c (query_trust_info): New.
10399
* keylist.c (list_one): Add output of trust info
10400
* mainproc (list_node): ditto.
10401
* g10.c (main): full trustdb init if -with-colons and any of the
10402
key list modes.
10403
10404
Thu May 28 10:34:42 1998 Werner Koch (wk@isil.d.shuttle.de)
10405
10406
* status.c (STATUS_RSA_OR_IDEA): New.
10407
* sig-check.c (check_signature): Output special status message.
10408
* pubkey-enc.c (get_session_key): Ditto.
10409
10410
* mainproc.c (check_sig_and_print): Changed format of output.
10411
* passpharse.c (passphrase_to_dek): Likewise.
10412
10413
Wed May 27 13:46:48 1998 Werner Koch (wk@isil.d.shuttle.de)
10414
10415
* g10.c (aListSecretKeys): New option --list-secret-keys
10416
* keylist.c (std_key_list): Renamed to public_key_list.
10417
(secret_key_list): New
10418
(list_one, list_all): Add support for secret keys.
10419
* getkey.c (get_secret_keyring): New.
10420
* mainproc.c (list_node): Add option --with-colons for secret keys
10421
10422
* sig-check.c (check_key_signature): detection of selfsigs
10423
* mainproc.c (list_node): fixed listing.
10424
10425
* g10.c (aListSecretKeys): New option --always-trust
10426
* pkclist.c (do_we_trust): Override per option added
10427
10428
* status.c (write_status_text): Add a prefix to every output line.
10429
10430
Wed May 27 07:49:21 1998 Werner Koch (wk@isil.d.shuttle.de)
10431
10432
* g10 (--compress-keys): New.
10433
* options.h (compress_keys): New.
10434
* export.c (export_pubkeys): Only compresses with the new option.
10435
10436
Tue May 26 11:24:33 1998 Werner Koch (wk@isil.d.shuttle.de)
10437
10438
* passphrase.c (get_last_passphrase): New
10439
(set_next_passphrase): New.
10440
(passphrase_to_dek): add support for the above functions.
10441
* keyedit.c (make_keysig_packet): Add sigclass 0x18,
10442
changed all callers due to a new argument.
10443
* keygen.c (write_keybinding): New
10444
(generate_subkeypair): Add functionality
10445
(ask_algo, ask_keysize, ask_valid_days): Broke out of generate_keypair
10446
(ask_user_id, ask_passphrase): Ditto.
10447
10448
Thu May 21 11:26:13 1998 Werner Koch (wk@isil.d.shuttle.de)
10449
10450
* g10.c,gpgd.c (main): Does now return an int, so that egcs does
10451
not complain.
10452
10453
* armor.c (fake_packet): Removed erro message and add a noticed
10454
that this part should be fixed.
10455
10456
* sign.c (sign_file): Compression now comes in front of encryption.
10457
* encode.c (encode_simple): Ditto.
10458
(encode_crypt): Ditto.
10459
10460
Tue May 19 16:18:19 1998 Werner Koch (wk@isil.d.shuttle.de)
10461
10462
* armor.c (fake_packet): Changed assertion to log_error
10463
10464
Sat May 16 16:02:06 1998 Werner Koch (wk@isil.d.shuttle.de)
10465
10466
* build-packet.c (build_packet): Add SUBKEY packets.
10467
10468
Fri May 15 17:57:23 1998 Werner Koch (wk@isil.d.shuttle.de)
10469
10470
* sign.c (hash_for): New and used in all places here.
10471
* main.h (DEFAULT_): new macros.
10472
* g10.c (opt.def_digest_algo): Now set to 0
10473
10474
* compress.c (init_compress): Add support for algo 1
10475
* options.h (def_compress_algo): New
10476
* g10.c (main): New option --compress-algo
10477
10478
Fri May 15 13:23:59 1998 Werner Koch (wk@isil.d.shuttle.de)
10479
10480
* g10.c (print_mds): New feature to print only one hash,
10481
chnaged formatting.
10482
10483
Thu May 14 15:36:24 1998 Werner Koch (wk@isil.d.shuttle.de)
10484
10485
* misc.c (trap_unaligned) [__alpha__]: New
10486
* g10.c (trap_unaligned): Add call to this to track down SIGBUS
10487
on Alphas (to avoid the slow emulation code).
10488
10489
Wed May 13 11:48:27 1998 Werner Koch (wk@isil.d.shuttle.de)
10490
10491
* build-packet.c (do_signature): Support for v4 pakets.
10492
* keyedit.c (make_keysig_packet): Ditto.
10493
* build-packet.c (build_sig_subpkt_from_sig): New.
10494
(build_sig_subpkt): New.
10495
10496
* elg.c (g10_elg_sign): removed keyid_from_skc.
10497
* dsa.c (g10_dsa_sign): Ditto.
10498
* rsa.c (g10_rsa_sign): Ditto.
10499
* keyedit.c (make_keysig_packet): Add call to keyid_from_skc
10500
10501
* sign.c (clearsign_file): Support for v4 signatures.
10502
(sign_file): Ditto.
10503
10504
Wed May 6 09:31:24 1998 Werner Koch (wk@isil.d.shuttle.de)
10505
10506
* parse-packet.c (do_parse): add support for 5 byte length leader.
10507
(parse_subpkt): Ditto.
10508
* build-packet.c (write_new_header): Ditto.
10509
10510
* packet.h (SIGSUBPKT_): New constants.
10511
* parse-packet.c (parse_sig_subpkt): Changed name, made global,
10512
and arg to return packet length, chnaged all callers
10513
10514
10515
Tue May 5 22:11:59 1998 Werner Koch (wk@isil.d.shuttle.de)
10516
10517
* keygen.c (gen_dsa): New.
10518
* build_packet.c (do_secret_cert): Support for DSA
10519
10520
Mon May 4 19:01:25 1998 Werner Koch (wk@isil.d.shuttle.de)
10521
10522
* compress.c: doubled buffer sizes
10523
* parse-packet.c (do_plaintext): now uses iobuf_read/write.
10524
10525
Mon May 4 09:35:53 1998 Werner Koch (wk@isil.d.shuttle.de)
10526
10527
* seskey.c (encode_md_value): Add optional argument hash_algo,
10528
changed all callers.
10529
10530
* passphrase.c (make_dek_from_passphrase): Removed
10531
* (get_passhrase_hash): Changed name to passphrase_to_dek, add arg,
10532
changed all callers.
10533
10534
* all: Introduced the new ELG identifier and added support for the
10535
encryption only one (which is okay to use by GNUPG for signatures).
10536
10537
Sun May 3 17:50:26 1998 Werner Koch (wk@isil.d.shuttle.de)
10538
10539
* packet.h (PKT_OLD_COMMENT): New name for type 16.
10540
* parse-packet.c (parse_comment): Now uses type 61
10541
10542
Fri May 1 12:44:39 1998 Werner Koch,mobil,,, (wk@tobold)
10543
10544
* packet.h (count): Chnaged s2k count from byte to u32.
10545
* seckey-cert.c (do_check): Changed s2k algo 3 to 4, changed
10546
reading of count.
10547
* build-packet.c (do_secret_cert): ditto.
10548
* parse-packet.c (parse_certificate): ditto.
10549
10550
* parse-packet.c (parse_symkeyenc): New.
10551
* build-packet.c (do_symkey_enc): New.
10552
10553
Thu Apr 30 16:33:34 1998 Werner Koch (wk@isil.d.shuttle.de)
10554
10555
* sign.c (clearsign_file): Fixed "Hash: " armor line.
10556
10557
Tue Apr 28 14:27:42 1998 Werner Koch (wk@isil.d.shuttle.de)
10558
10559
* parse-packet.c (parse_subpkt): Some new types.
10560
10561
Mon Apr 27 12:53:59 1998 Werner Koch (wk@isil.d.shuttle.de)
10562
10563
* g10.c (main): Add option --skip-verify.
10564
* mainproc.c (check_sig_and_print): Ditto.
10565
10566
* g10.c (print_mds): Add output for Tiger.
10567
10568
* sign.c (sign_file): Now uses partial length headers if used
10569
in canonical textmode (kludge to fix a bug).
10570
10571
* parse-packet.c (parse_certificate): Changed BLOWFISH id.
10572
* pubkey-enc.c (get_session_key): Ditto.
10573
* seskey.c (make_session_key): Ditto.
10574
* seckey-cert.c (protect_secret_key,do_check): Add BLOWFISH160.
10575
10576
Fri Apr 24 17:38:48 1998 Werner Koch,mobil,,, (wk@tobold)
10577
10578
* sig-check.c (check_key_signature): Add sig-class 0x14..0x17
10579
* keyedit.c (sign-key): Some changes to start with support of
10580
the above new sig-classes.
10581
10582
Wed Apr 22 09:01:57 1998 Werner Koch,mobil,,, (wk@tobold)
10583
10584
* getkey.c (compare_name): add email matching
10585
10586
Tue Apr 21 16:17:12 1998 Werner Koch,mobil,,, (wk@tobold)
10587
10588
* armor.c (armor_filter): fixed missing last LF before CSUM.
10589
10590
Thu Apr 9 11:35:22 1998 Werner Koch (wk@isil.d.shuttle.de)
10591
10592
* seckey-cert.c (do_check): New; combines all the check functions
10593
into one.
10594
10595
* sign.c: removed all key management functions
10596
* keyedit.c: New.
10597
10598
Thu Apr 9 09:49:36 1998 Werner Koch (wk@isil.d.shuttle.de)
10599
10600
* import.c (chk_self_sigs): Changed an error message.
10601
10602
Wed Apr 8 16:19:39 1998 Werner Koch (wk@isil.d.shuttle.de)
10603
10604
* packet.h: packet structs now uses structs from the pubkey,
10605
removed all copy operations from packet to pubkey structs.
10606
10607
Wed Apr 8 13:40:33 1998 Werner Koch (wk@isil.d.shuttle.de)
10608
10609
* trustdb.c (verify_own_certs): Fixed "public key not found".
10610
10611
* getkey.c (key_byname): New, combines public and secret key search.
10612
10613
* pkclist.c (build_pkc_list): Add new arg usage, changed all callers.
10614
* skclist.c (build_skc_list): Likewise.
10615
10616
* ringedit.c (find_keyblock, keyring_search2): Removed.
10617
10618
Wed Apr 8 09:47:21 1998 Werner Koch (wk@isil.d.shuttle.de)
10619
10620
* sig-check.c (do_check): Applied small fix from Ulf Möller.
10621
10622
Tue Apr 7 19:28:07 1998 Werner Koch (wk@isil.d.shuttle.de)
10623
10624
* cipher.c, encr-data.c, seckey-cert.c: Now uses cipher_xxxx
10625
functions instead of blowfish_xxx or cast_xxx
10626
10627
Tue Apr 7 11:04:02 1998 Werner Koch (wk@isil.d.shuttle.de)
10628
10629
* Makefile.am (g10maint.o): Changed the way it is created.
10630
10631
Mon Apr 6 11:17:08 1998 Werner Koch (wk@isil.d.shuttle.de)
10632
10633
* misc.c: New.
10634
* keygen.c (checksum,checksum_u16,checksum_mpi): Moved to misc.c
10635
* seckey-cert.c: Kludge for wrong ELG checksum implementation.
10636
10637
Sat Apr 4 20:07:01 1998 Werner Koch (wk@isil.d.shuttle.de)
10638
10639
* cipher.c (cipher_filter): Support for CAST5
10640
* encr-data.c (decode_filter): Ditto.
10641
(decrypt_data): Ditto.
10642
* seskey.c (make_session_key): Ditto.
10643
* seckey-cert.c (check_elg, check_dsa): Ditto,
10644
(protect_secret_key): Ditto.
10645
* pubkey-enc.c (get_session_key): Ditto.
10646
* passphrase.c (hash_passphrase): Ditto.
10647
10648
Thu Apr 2 20:22:35 1998 Werner Koch (wk@isil.d.shuttle.de)
10649
10650
* gpgd.c: New
10651
10652
Thu Apr 2 10:38:16 1998 Werner Koch (wk@isil.d.shuttle.de)
10653
10654
* keygen.c (generate_keypair): Add valid_days stuff.
10655
* trustdb.c (check_trust): Add check for valid_days.
10656
10657
Wed Apr 1 16:15:58 1998 Werner Koch (wk@isil.d.shuttle.de)
10658
10659
* keygen.c (generate_keypair): Addional question whether the
10660
selected large keysize is really needed.
10661
10662
Wed Apr 1 15:56:33 1998 Werner Koch (wk@isil.d.shuttle.de)
10663
10664
* seckey-cert.c (protect_secret_key): merged protect_xxx to here.
10665
10666
Wed Apr 1 10:34:46 1998 Werner Koch (wk@isil.d.shuttle.de)
10667
10668
* Makefile.am (g10maint.c): Changed creation rule, so that it works
10669
on FreeBSD (missing CFLAGS).
10670
10671
* parse-packet.c (parse_subkey): Removed.
10672
10673
Thu Mar 19 15:22:36 1998 Werner Koch (wk@isil.d.shuttle.de)
10674
10675
* ringedit.c (keyring_enum): Fixed problem with reading too
10676
many packets. Add support to read secret keyrings.
10677
10678
* getkey.c (scan_keyring): Removed
10679
(lookup): New to replace scan_keyring.
10680
(scan_secret_keyring): Removed.
10681
(lookup_skc): New.
10682
10683
Wed Mar 18 11:47:34 1998 Werner Koch (wk@isil.d.shuttle.de)
10684
10685
* ringedit.c (enum_keyblocks): New read mode 11.
10686
10687
* keyid.c (elg_fingerprint_md): New and changed all other functions
10688
to call this if the packet version is 4 or above.
10689
10690
Tue Mar 17 20:46:16 1998 Werner Koch (wk@isil.d.shuttle.de)
10691
10692
* parse-packet.c (parse_certificate): Add listing support for subkeys.
10693
10694
Tue Mar 17 20:32:22 1998 Werner Koch (wk@isil.d.shuttle.de)
10695
10696
* armor.c (is_armored): Allow marker packet.
10697
10698
Thu Mar 12 13:36:49 1998 Werner Koch (wk@isil.d.shuttle.de)
10699
10700
* trustdb.c (check_trust): Checks timestamp of pubkey.
10701
* sig-check. (do_check): Compares timestamps.
10702
10703
Tue Mar 10 17:01:56 1998 Werner Koch (wk@isil.d.shuttle.de)
10704
10705
* g10.c (main): Add call to init_signals.
10706
* signal.c: New.
10707
10708
Mon Mar 9 12:43:42 1998 Werner Koch (wk@isil.d.shuttle.de)
10709
10710
* dsa.c: New
10711
* packet.h, free-packet.c, parse-packet.c : Add support for DSA
10712
* sig-check.c, getkey.c, keyid.c, ringedit.c: Ditto.
10713
* seckey-cert.c: Ditto.
10714
10715
* packet.h : Moved .digest_algo of signature packets to outer
10716
structure. Changed all references
10717
10718
Sun Mar 8 13:06:42 1998 Werner Koch (wk@isil.d.shuttle.de)
10719
10720
* openfile.c : Support for stdout filename "-".
10721
10722
* mainproc.c (check_sig_and_print): Enhanced status output:
10723
* status.c (write_status_text): New.
10724
10725
Fri Mar 6 16:10:54 1998 Werner Koch (wk@isil.d.shuttle.de)
10726
10727
* kbnode.c (clone_kbnode): Fixed private_flag.
10728
10729
* mainproc.c (list_node): Output of string "Revoked" as user-id.
10730
10731
Fri Mar 6 14:26:39 1998 Werner Koch (wk@isil.d.shuttle.de)
10732
10733
* g10.c (main): Add userids to "-kv" and cleaned up this stuff.
10734
10735
Fri Mar 6 12:45:58 1998 Werner Koch (wk@isil.d.shuttle.de)
10736
10737
* g10.c (main): Changed semantics of the list-... commands
10738
and added a new one. Removed option "-d"
10739
10740
* decrypt.c: New.
10741
10742
* trustdb.c (init_trustdb): Autocreate directory only if it ends
10743
in "/.gnupg".
10744
10745
Thu Mar 5 12:12:11 1998 Werner Koch (wk@isil.d.shuttle.de)
10746
10747
* mainproc.c (do_proc_packets): New. Common part of proc_packet.
10748
(proc_signature_packets): special version to handle signature data.
10749
* verify.c: New.
10750
* g10.c (aVerify): New.
10751
* plaintext.c (hash_datafiles): New.
10752
* compress.c (handle_compressed): Add callback arg, changed caller.
10753
10754
Thu Mar 5 10:20:06 1998 Werner Koch (wk@isil.d.shuttle.de)
10755
10756
* g10.c: Is nom the common source for gpg and gpgm
10757
* g10maint.c: Removed
10758
* Makefile.am: Add rule to build g10maint.c
10759
10760
Thu Mar 5 08:43:59 1998 Werner Koch (wk@isil.d.shuttle.de)
10761
10762
* g10.c (main): Changed the way clear text sigs are faked.
10763
10764
Wed Mar 4 19:47:37 1998 Werner Koch (wk@isil.d.shuttle.de)
10765
10766
* g10maint.c (aMuttKeyList): New
10767
* keylist.c: New.
10768
10769
Wed Mar 4 17:20:33 1998 Werner Koch (wk@isil.d.shuttle.de)
10770
10771
* getkey.c (get_pubkey_byname): Kludge to allow 0x prefix.
10772
10773
Tue Mar 3 13:46:55 1998 Werner Koch (wk@isil.d.shuttle.de)
10774
10775
* g10maint.c (main): New option --gen-random.
10776
10777
Tue Mar 3 09:50:08 1998 Werner Koch (wk@isil.d.shuttle.de)
10778
10779
* g10.c (aDeleteSecretKey): New.
10780
(aEditSig): Add option "--edit-key" as synonym for "--edit-sig".
10781
(aDeleteSecretKey): New.
10782
* getkey.c (seckey_available): New.
10783
* sign.c (delete_key): Enhanced to delete secret keys, changed all
10784
callers.
10785
10786
Mon Mar 2 21:23:48 1998 Werner Koch (wk@isil.d.shuttle.de)
10787
10788
* pkc_list.c (build_pkc_list): Add interactive input of user ID.
10789
10790
Mon Mar 2 20:54:05 1998 Werner Koch (wk@isil.d.shuttle.de)
10791
10792
* pkclist.c (do_we_trust_pre): New.
10793
(add_ownertrust): Add message.
10794
* trustdb.c (enum_trust_web): Quick fix.
10795
10796
Mon Mar 2 13:50:53 1998 Werner Koch (wk@isil.d.shuttle.de)
10797
10798
* g10.c (main): New action aDeleteKey
10799
* sign.c (delete_key): New.
10800
10801
Sun Mar 1 16:38:58 1998 Werner Koch (wk@isil.d.shuttle.de)
10802
10803
* trustdb.c (do_check): No returns TRUST_UNDEFINED instead of
10804
eof error.
10805
10806
Fri Feb 27 18:14:03 1998 Werner Koch (wk@isil.d.shuttle.de)
10807
10808
* armor.c (find_header): Removed trailing CR on headers.
10809
10810
Fri Feb 27 18:02:48 1998 Werner Koch (wk@isil.d.shuttle.de)
10811
10812
* ringedit.c (keyring_search) [MINGW32]: Open and close file here
10813
because rename does not work on open files. Chnaged callers.
10814
10815
Fri Feb 27 16:43:11 1998 Werner Koch (wk@isil.d.shuttle.de)
10816
10817
* sig-check.c (do_check): Add an md_enable.
10818
* mainproc.c (do_check_sig): Use md_open in case of detached sig
10819
(proc_tree): Take detached sigs into account.
10820
10821
Fri Feb 27 15:22:46 1998 Werner Koch (wk@isil.d.shuttle.de)
10822
10823
* g10.c (main): Make use of GNUPGHOME envvar.
10824
* g10main.c (main): Ditto.
10825
10826
Wed Feb 25 11:40:04 1998 Werner Koch (wk@isil.d.shuttle.de)
10827
10828
* plaintext.c (ask_for_detached_datafile): add opt.verbose to
10829
info output.
10830
10831
* openfile.c (open_sigfile): Try also name ending in ".asc"
10832
10833
Wed Feb 25 08:41:00 1998 Werner Koch (wk@isil.d.shuttle.de)
10834
10835
* keygen.c (generate_keypair): Fixed memory overflow.
10836
10837
Tue Feb 24 15:51:55 1998 Werner Koch (wk@isil.d.shuttle.de)
10838
10839
* parse-packet.c (parse_certificate): Support for S2K.
10840
* build-packet.c (do_secret_cert): Ditto.
10841
* keygen.c (gen_elg): Ditto.
10842
* seckey-cert.c (check_elg): Ditto
10843
(protect_elg): Ditto.
10844
* sign.c (chnage_passphrase): Ditto.
10845
* passphrase.c (get_passphrase_hash): Support for a salt and
10846
changed all callers.
10847
(make_dek_from_passphrase): Ditto.
10848
10849
Tue Feb 24 12:30:56 1998 Werner Koch (wk@isil.d.shuttle.de)
10850
10851
* build-packet.c (hash_public_cert): Disabled debug output.
10852
10853
Fri Feb 20 17:22:28 1998 Werner Koch (wk@isil.d.shuttle.de)
10854
10855
* trustdb.c (init_trustdb) [MINGW32]: Removed 2nd mkdir arg.
10856
(keyring_copy) [MINGW32]: Add a remove prior to the renames.
10857
10858
Wed Feb 18 18:39:02 1998 Werner Koch (wk@isil.d.shuttle.de)
10859
10860
* Makefile.am (OMIT_DEPENDENCIES): New.
10861
10862
* rsa.c: Replaced log_bug by BUG.
10863
10864
Wed Feb 18 13:35:58 1998 Werner Koch (wk@isil.d.shuttle.de)
10865
10866
* mainproc.c (do_check_sig): Now uses hash_public_cert.
10867
* parse-packet.c (parse_certificate): Removed hashing.
10868
* packet.h (public_cert): Removed hash variable.
10869
* free-packet.c (copy_public_cert, free_public_cert): Likewise.
10870
10871
* sig-check.c (check_key_signatures): Changed semantics.
10872
10873
Wed Feb 18 12:11:28 1998 Werner Koch (wk@isil.d.shuttle.de)
10874
10875
* trustdb.c (do_check): Add handling for revocation certificates.
10876
(build_sigrecs): Ditto.
10877
(check_sigs): Ditto.
10878
10879
Wed Feb 18 09:31:04 1998 Werner Koch (wk@isil.d.shuttle.de)
10880
10881
* armor.c (armor_filter): Add afx->hdrlines.
10882
* revoke.c (gen_revoke): Add comment line.
10883
* dearmor.c (enarmor_file): Ditto.
10884
10885
* sig-check.c (check_key_signature): Add handling for class 0x20.
10886
* mainproc.c : Ditto.
10887
10888
Tue Feb 17 21:24:17 1998 Werner Koch (wk@isil.d.shuttle.de)
10889
10890
* armor.c : Add header lines "...ARMORED FILE .."
10891
* dearmor.c (enarmor_file): New.
10892
* g10maint.c (main): New option "--enarmor"
10893
10894
Tue Feb 17 19:03:33 1998 Werner Koch (wk@isil.d.shuttle.de)
10895
10896
* mainproc.c : Changed a lot, because the packets are now stored
10897
a simple linlked list and not anymore in a complicatd tree structure.
10898
10899
Tue Feb 17 10:14:48 1998 Werner Koch (wk@isil.d.shuttle.de)
10900
10901
* free_packet.c (cmp_public_certs): New.
10902
(cmp_user_ids): New.
10903
10904
* kbnode.c (clone_kbnode): New.
10905
(release_kbnode): Add clone support.
10906
10907
* ringedit.c (find_keyblock_bypkc): New.
10908
10909
* sign.c (remove_keysigs): Self signatures are now skipped,
10910
changed arguments and all callers.
10911
10912
* import.c : Add functionality.
10913
10914
Tue Feb 17 09:31:40 1998 Werner Koch (wk@isil.d.shuttle.de)
10915
10916
* options.h (homedir): New option.
10917
* g10.c, g10maint.c, getkey.c, keygen.c, trustdb.c (opt.homedir): New.
10918
10919
* trustdb.c (init_trustdb): mkdir for hoem directory
10920
(sign_private_data): Renamed "sig" to "g10.sig"
10921
10922
Mon Feb 16 20:02:03 1998 Werner Koch (wk@isil.d.shuttle.de)
10923
10924
* kbnode.c (commit_kbnode): New.
10925
(delete_kbnode): removed unused first arg. Changed all Callers.
10926
10927
* ringedit.c (keyblock_resource_name): New.
10928
(get_keyblock_handle): NULL for filename returns default resource.
10929
10930
Mon Feb 16 19:38:48 1998 Werner Koch (wk@isil.d.shuttle.de)
10931
10932
* sig-check.s (check_key_signature): Now uses the supplied
10933
public key to check the signature and not any more the one
10934
from the getkey.c
10935
(do_check): New.
10936
(check_signature): Most work moved to do_check.
10937
10938
Mon Feb 16 14:48:57 1998 Werner Koch (wk@isil.d.shuttle.de)
10939
10940
* armor.c (find_header): Fixed another bug.
10941
10942
Mon Feb 16 12:18:34 1998 Werner Koch (wk@isil.d.shuttle.de)
10943
10944
* getkey.c (scan_keyring): Add handling of compressed keyrings.
10945
10946
Mon Feb 16 10:44:51 1998 Werner Koch (wk@isil.d.shuttle.de)
10947
10948
* g10.c, g10maint.c (strusage): Rewrote.
10949
(build_list): New
10950
10951
Mon Feb 16 08:58:41 1998 Werner Koch (wk@isil.d.shuttle.de)
10952
10953
* armor.c (use_armor): New.
10954
10955
Sat Feb 14 14:30:57 1998 Werner Koch (wk@isil.d.shuttle.de)
10956
10957
* mainproc.c (proc_tree): Sigclass fix.
10958
10959
Sat Feb 14 14:16:33 1998 Werner Koch (wk@isil.d.shuttle.de)
10960
10961
* armor.c (armor_filter): Changed version and comment string.
10962
* encode.c, sign.c, keygen.c: Changed all comment packet strings.
10963
10964
Sat Feb 14 12:39:24 1998 Werner Koch (wk@isil.d.shuttle.de)
10965
10966
* g10.c (aGenRevoke): New command.
10967
* revoke.c: New.
10968
* sign.c (make_keysig_packet): Add support for sigclass 0x20.
10969
10970
Fri Feb 13 20:18:14 1998 Werner Koch (wk@isil.d.shuttle.de)
10971
10972
* ringedit.c (enum_keyblocks, keyring_enum): New.
10973
10974
Fri Feb 13 19:33:40 1998 Werner Koch (wk@isil.d.shuttle.de)
10975
10976
* export.c: Add functionality.
10977
10978
* keygen.c (generate_keypair): Moved the leading comment behind the
10979
key packet.
10980
* kbnode.c (walk_kbnode): Fixed.
10981
10982
* g10.c (main): listing armored keys now work.
10983
10984
Fri Feb 13 16:17:43 1998 Werner Koch (wk@isil.d.shuttle.de)
10985
10986
* parse-packet.c (parse_publickey, parse_signature): Fixed calls
10987
to mpi_read used for ELG b.
10988
10989
Fri Feb 13 15:13:23 1998 Werner Koch (wk@isil.d.shuttle.de)
10990
10991
* g10.c (main): changed formatting of help output.
10992
10993
Thu Feb 12 22:24:42 1998 Werner Koch (wk@frodo)
10994
10995
* pubkey-enc.c (get_session_key): rewritten
10996
10997
10998
Copyright 1998,1999,2000,2001,2002,2003,2004,2005,
10999
2006,2007,2008,2009,2010 Free Software Foundation, Inc.
11000
11001
This file is free software; as a special exception the author gives
11002
unlimited permission to copy and/or distribute it, with or without
11003
modifications, as long as this notice is preserved.
11004
11005
This file is distributed in the hope that it will be useful, but
11006
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
11007
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Loggerhead is a web-based interface for Breezy
Version: 2.0.1