[Pkg-gnupg-commit] [gnupg] branch master updated (287a7b9 -> 9f86d65)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Dec 22 07:09:15 UTC 2015
This is an automated email from the git hooks/post-receive script.
dkg pushed a change to branch master
in repository gnupg.
from 287a7b9 make gpg signature verification work under GCC 5 (Closes: #800641)
new 2a1b1f4 added key for NIIBE Yutaka to upstream/signing-key.asc
new ada086d New repository initialized by cvs2svn.
new 5393dd5 initially checkin
new 25c8f1a Output armor works, RSA keygen works.
new 2f3cb7e Armor works now
new db19a27 compress stuff implemented
new a51cca9 IDEA removed, signing works
new 46900fb ElGamal funktioniert und ist default
new e655f8d changed the dir layout
new a0196df added assembler modules
new 9479cf7 How with some assembly support
new 649eae8 Improved prime number test
new 5c1cca0 List and check sigs works
new cccf1ef Sicherung
new 3b1b6f9 detached signatures are working
new 9359650 fingerprints and self signatures added
new 68ea0f4 added option file handling
new 15426c6 added some stuff for signing keys
new ee8d92f better prime number generator. improved ELG key generation
new cb5459a very first release
new a112009 Now created by config.links
new c351df1 changed configuration stuff, replaced some Makefile.am by distfiles.
new 4d2636e Sylvester Version
new b7bdef0 added more stuff
new e1117ae NT version compiles
new b83f687 NT version compiles
new 6e0fd3d distributed version 0.1.0
new 0d9ffec Bug in blowfish behoben
new cf783fe patch release 0.1.1
new 762d3d7 patchlevel 2
new ed36092 started with trust stuff
new 922e57d *** empty log message ***
new 1ce26aa *** empty log message ***
new 4ec1775 added some trust model stuff
new ea4b6f9 backup
new d71f8bc Trust stuff works partly.
new 3234442 Ready to test version 0.2.0
new c3e6320 rel 0.2.0
new b113394 added initial i18n stuff
new 57caafa Rewritten
new 129dbca Utility to make a pacth file
new 3d63732 moved stuff to aclocal.m4
new 9bf8ce2 version 0.2.1
new 4539178 *** empty log message ***
new 399a7a2 VPATH stuff works
new 42b2a06 tenp (does not work)
new 27c30e6 added
new 1764c9b *** empty log message ***
new 3bcd3cd auf tobold
new c8f12e2 changed structure of trustdb
new 899b837 Fixed a few bugs
new 9886ad8 armor rewritten, but still buggy
new e6f72aa I believe clearsig works
new b18d110 removed aclocal
new d6fa02a release 0.2.3
new 4c0c155 a couple of changes; but some parts are now broken
new bc57896 bug fixes
new fec9490 added zlib and reorgnaized some stuff
new b9fccd6 added assembler stuff for hppa
new f477447 added option export
new 8246436 some import functionality
new 404a6c8 revomoved subdir .g10
new 485b4ab new files
new 78c49af removed password from key two
new c8bb57d import works
new b758180 added revcation stuff and fixed a couple of bugs
new 9119f2b rel 0.2.7 mit kleines Korrekturen
new 5a05af2 Renamed to GNUPG
new 4e8c379 release 0.2.9
new b13e238 bug fixes
new 0eb5aa6 v0.2.11
new 1b1a6d7 removed g10maint.c
new a6a8f1e partial DSA support
new 38608ec Rewrote the transform function
new 98211af NEw test keyrings
new 6b91e77 some cleanups
new 303b108 release 0.2.14
new aa713cb started with keyserver
new 53a5787 cast5 does now work
new 86f261d cipher reorganisiert
new 0841678 *** empty log message ***
new 232547e test file
new 8ab0adb New tests
new 8b10a87 test release
new 3c7368a new release
new 700c438 applied Mathews typo and grammar fixes
new a350041 vor muenchen
new 1696bd1 *** empty log message ***
new a20037b missing
new edca720 changes from laptop
new 8341f5b New keys
new b27503e NEw
new 448f8e5 *** empty log message ***
new ef10991 *** empty log message ***
new 08fc68a x
new 45f1328 xxx
new 823d39f Aenderungen in der Eifel
new 1d4718a fixed passphrase bug from 0.2.16
new 2cd12c5 fixed last passphrase bug
new 42b03f6 new release
new 69cf10f add DSA key generation
new 0e5a31d can create v4 signatures
new f9a7043 new release
new eed2faa add-key works
new e284277 *** empty log message ***
new ef75fa1 add a challenge
new 1ece02a Sicherung
new c279427 .
new d9b3dc0 update from tobold
new d42ad47 .
new 37d2adf a whole bunch of internal cleanups
new e662bf7 gnupg extension are now working
new 6e1ca6b extensions are now working and fixed a lot of bugs
new e6ac5ac some more internall structure changes
new 06fd61d nearly ready for 0.3.0
new 248f46c 0.3 ready
new 5911e30 bug fixes
new 77a6af7 textual changes
new 97090f1 partly added creation of OP partial length headers
new a9ec668 intermediate release
new c036c11 Chnaged version
new 5a6682a *** empty log message ***
new ccb3140 Added new key infos
new 5aed77d fixed clearsig stuff
new e143f23 fixed severe exploit
new c5b6f97 fixed types, added new translations.
new 0a76a44 sync
new 3c53ea7 sync
new 1a80de4 changed trustdb design
new 5ae562b edit-key is now complete
new 0300d6a started with shm coprocesses
new 6fbee8a add coprocess facility
new 9b60909 intermediate check in
new 454192d *** empty log message ***
new 48a0412 add salted and iterated mode
new 6d21f28 chnages done at the train
new a43709e new
new 6ccf4e0 ready for a new release
new 62f550b rel 0.3.3
new 3e0e8f8 bug fix release
new 6a06b24 new
new 1b36884 Chnages.
new 48da5f9 *** empty log message ***
new 94bf396 .
new 02922b7 .
new bae6629 Updates
new c07a88d New release
new d8b888e version 0.3.5
new 8c80bcf .
new 17c023b Michael Roth has released is des impl.
new b4aeef4 .
new 0e3d05f .
new 41fa8a3 *** empty log message ***
new 9a854f1 *** empty log message ***
new 6f73ec9 *** empty log message ***
new f04db56 windoze version works again
new 786a287 a new release
new 8477407 backup
new e81e097 last local commit
new e8684e7 test
new 0c1540a test 2
new 1cd8e3a Removed some trash
new 1f46004 .
new 6e16296 Snapshot release 0.4.2
new e309a87 Epxerimenta support for GDBM keyings.
new 5ccb925 some random changes
new b9dd2eb (Does not compile yet)
new aad7f1a overhauled the trustdb stuff
new 35c1054 ready to release 0.4.3
new b076ce3 Some bug fixes of the last release
new 95217d4 Not yet completed changes to support PPC
new 17ea875 See ChangeLog ;-). Key validation should now be faster
new 4cad562 Spanish laguage support (es_ES)
new f9d2bd8 some bug fixes
new 47c61ba Expiration time works (I hope so)
new 710d2e3 Ready for version 0.4.4
new 2e49468 Restructured the RNG source and add support for loadable random modules.
new 7113401 Some experimental support for other random gatheres
new 558baed *** empty log message ***
new a7d13c0 See ChangeLog: Fri Nov 27 12:39:29 CET 1998 Werner Koch
new d87a3c1 See ChangeLog: Fri Nov 27 15:30:24 CET 1998 Werner Koch
new df1326e See ChangeLog: Fri Nov 27 21:37:41 CET 1998 Werner Koch
new ab98697 See ChangeLog: Tue Dec 8 13:15:16 CET 1998 Werner Koch
new 918c684 See ChangeLog: Tue Dec 8 15:09:29 CET 1998 Werner Koch
new a45f824 See ChangeLog: Wed Dec 9 13:41:06 CET 1998 Werner Koch
new af6e96e See ChangeLog: Thu Dec 10 20:15:36 CET 1998 Werner Koch
new e5666c8 See ChangeLog: Sat Dec 12 18:40:32 CET 1998 Werner Koch
new c6be02d See ChangeLog: Sun Dec 13 14:10:56 CET 1998 Werner Koch
new 7a7a563 See ChangeLog: Mon Dec 14 21:18:49 CET 1998 Werner Koch
new b1e5c79 See ChangeLog: Thu Dec 17 18:31:15 CET 1998 Werner Koch
new 750d743 See ChangeLog: Wed Dec 23 13:34:22 CET 1998 Werner Koch
new 1df0e15 See ChangeLog: Wed Dec 23 17:12:24 CET 1998 Werner Koch
new 6e08b23 See ChangeLog: Tue Dec 29 14:41:47 CET 1998 Werner Koch
new d6fa538 See ChangeLog: Tue Dec 29 19:55:38 CET 1998 Werner Koch
new e3e8d9b See ChangeLog: Sun Jan 3 15:28:44 CET 1999 Werner Koch
new 7d0efec See ChangeLog: Thu Jan 7 18:00:58 CET 1999 Werner Koch
new 002b1a8 See ChangeLog: Sat Jan 9 16:02:23 CET 1999 Werner Koch
new 11c3781 See ChangeLog: Sat Jan 9 18:54:57 CET 1999 Werner Koch
new 1988467 See ChangeLog: Sat Jan 9 20:00:11 CET 1999 Werner Koch
new 0ec9401 See ChangeLog: Sun Jan 10 15:10:02 CET 1999 Werner Koch
new 8ddca5a See ChangeLog: Sun Jan 10 19:36:42 CET 1999 Werner Koch
new 62957ff See ChangeLog: Tue Jan 12 11:17:18 CET 1999 Werner Koch
new 615e15d See ChangeLog: Wed Jan 13 12:49:36 CET 1999 Werner Koch
new e99e43c See ChangeLog: Wed Jan 13 14:10:15 CET 1999 Werner Koch
new 29c0841 See ChangeLog: Sat Jan 16 09:27:30 CET 1999 Werner Koch
new 05af468 See ChangeLog: Sat Jan 16 12:03:27 CET 1999 Werner Koch
new 38008c1 See ChangeLog: Sat Jan 16 21:25:17 CET 1999 Werner Koch
new befacf7 See ChangeLog: Sun Jan 17 11:04:33 CET 1999 Werner Koch
new ce650ac See ChangeLog: Tue Jan 19 19:34:58 CET 1999 Werner Koch
new 7debff3 See ChangeLog: Wed Jan 20 18:59:49 CET 1999 Werner Koch
new 9ef0f26 See ChangeLog: Thu Jan 21 06:22:10 CET 1999 Werner Koch
new a16e152 See ChangeLog: Sun Jan 24 18:16:26 CET 1999 Werner Koch
new 9a4f506 See ChangeLog: Wed Feb 10 17:15:39 CET 1999 Werner Koch
new dc5ce11 removed gettext
new 54629f7 See ChangeLog: Sat Feb 13 12:14:42 CET 1999 Werner Koch
new 6e5bc13 See ChangeLog: Sat Feb 13 14:13:04 CET 1999 Werner Koch
new e1a1b3f See ChangeLog: Tue Feb 16 14:10:02 CET 1999 Werner Koch
new a4ff45f See ChangeLog: Fri Feb 19 15:49:15 CET 1999 Werner Koch
new 6ed3099 See ChangeLog: Fri Feb 19 18:01:54 CET 1999 Werner Koch
new 5d5dc4b See ChangeLog: Sat Feb 20 21:40:49 CET 1999 Werner Koch
new 9f09967 See ChangeLog: Mon Feb 22 20:04:00 CET 1999 Werner Koch
new 0d85ec3 *** empty log message ***
new c1fe486 *** empty log message ***
new d1b9b35 See ChangeLog: Wed Feb 24 11:07:27 CET 1999 Werner Koch
new cbe6d2f *** empty log message ***
new 946916a See ChangeLog: Thu Feb 25 18:47:39 CET 1999 Werner Koch
new 694099b See ChangeLog: Fri Feb 26 17:55:41 CET 1999 Werner Koch
new 0f5bb38 See ChangeLog: Sun Feb 28 19:11:00 CET 1999 Werner Koch
new c27c741 See ChangeLog: Tue Mar 2 10:38:42 CET 1999 Werner Koch
new 20bb42b See ChangeLog: Tue Mar 2 16:44:57 CET 1999 Werner Koch
new 12b5d34 *** empty log message ***
new 6d5eecb add some demo keys
new b31145f See ChangeLog: Mon Mar 8 20:47:17 CET 1999 Werner Koch
new 285cf30 See ChangeLog: Mon Mar 8 21:28:42 CET 1999 Werner Koch
new 45ac2a6 See ChangeLog: Mon Mar 8 21:53:47 CET 1999 Werner Koch
new 42ff4d5 See ChangeLog: Wed Mar 10 11:26:18 CET 1999 Werner Koch
new e95a22a See ChangeLog: Thu Mar 11 16:39:46 CET 1999 Werner Koch
new dafcce0 See ChangeLog: Sun Mar 14 19:34:36 CET 1999 Werner Koch
new 8d255ff See ChangeLog: Wed Mar 17 13:09:03 CET 1999 Werner Koch
new fb8dbdb See ChangeLog: Sat Mar 20 11:53:40 CET 1999 Werner Koch
new 5561297 See ChangeLog: Sat Mar 20 12:55:33 CET 1999 Werner Koch
new e552124 See ChangeLog: Sat Mar 20 13:59:47 CET 1999 Werner Koch
new 5907a78 See ChangeLog: Sat Mar 20 18:03:17 CET 1999 Werner Koch
new 88d44ed ./BUGS
new 1b9a820 See ChangeLog: Tue Apr 6 19:58:12 CEST 1999 Werner Koch
new 9f40263 See ChangeLog: Wed Apr 7 20:51:39 CEST 1999 Werner Koch
new 97efca0 See ChangeLog: Thu Apr 8 09:35:53 CEST 1999 Werner Koch
new 02d018f See ChangeLog: Fri Apr 9 12:26:25 CEST 1999 Werner Koch
new 1feae20 See ChangeLog: Sun Apr 18 10:11:28 CEST 1999 Werner Koch
new ebb0ed5 See ChangeLog: Sun Apr 18 20:48:15 CEST 1999 Werner Koch
new bbf86c6 See ChangeLog: Mon Apr 26 17:48:15 CEST 1999 Werner Koch
new dbb6174 See ChangeLog: Wed Apr 28 13:03:03 CEST 1999 Werner Koch
new 88374b2 See ChangeLog: Thu Apr 29 12:29:22 CEST 1999 Werner Koch
new e5a79b2 See ChangeLog: Tue May 4 15:49:29 CEST 1999 Werner Koch
new 7cb8838 See ChangeLog: Thu May 6 14:18:17 CEST 1999 Werner Koch
new 5d6d50c .
new a1dcec7 See ChangeLog: Sat May 8 19:28:33 CEST 1999 Werner Koch
new 3983f30 See ChangeLog: Mon May 17 21:54:43 CEST 1999 Werner Koch
new bfb3213 See ChangeLog: Wed May 19 16:04:30 CEST 1999 Werner Koch
new 77d6309 See ChangeLog: Thu May 20 14:04:08 CEST 1999 Werner Koch
new 9131432 See ChangeLog: Sat May 22 22:47:26 CEST 1999 Werner Koch
new c7447e7 See ChangeLog: Sun May 23 14:20:22 CEST 1999 Werner Koch
new 3e2c46a *** empty log message ***
new e8191d3 *** empty log message ***
new dbae7a7 *** empty log message ***
new 56f50c4 mkwebpage
new b690510 mkwebpage
new 0a43b97 See ChangeLog: Sun May 23 20:25:57 CEST 1999 Werner Koch
new 9a2ce9b See ChangeLog: Tue May 25 19:50:32 CEST 1999 Werner Koch
new d5fd04e See ChangeLog: Wed May 26 14:36:29 CEST 1999 Werner Koch
new a6a548a See ChangeLog: Thu May 27 09:40:55 CEST 1999 Werner Koch
new c34c676 See ChangeLog: Mon May 31 19:41:10 CEST 1999 Werner Koch
new 3dddf60 See ChangeLog: Tue Jun 1 16:01:46 CEST 1999 Werner Koch
new 04a0e61 See ChangeLog: Wed Jun 2 14:17:19 CEST 1999 Werner Koch
new 717bce3 See ChangeLog: Sat Jun 5 15:30:33 CEST 1999 Werner Koch
new 40238d4 See ChangeLog: Tue Jun 8 13:36:25 CEST 1999 Werner Koch
new b5f36dd See ChangeLog: Thu Jun 10 14:18:23 CEST 1999 Werner Koch
new 9da1694 See ChangeLog: Tue Jun 15 14:23:10 CEST 1999 Werner Koch
new 1423b42 See ChangeLog: Wed Jun 16 20:16:21 CEST 1999 Werner Koch
new 080c9ca See ChangeLog: Sat Jun 26 12:15:59 CEST 1999 Werner Koch
new 38c4764 See ChangeLog: Sat Jun 26 13:54:43 CEST 1999 Werner Koch
new 75ed03c See ChangeLog: Tue Jun 29 21:44:25 CEST 1999 Werner Koch
new 28eb86c See ChangeLog: Thu Jul 1 12:47:31 CEST 1999 Werner Koch
new 86abac7 See ChangeLog: Fri Jul 2 11:45:54 CEST 1999 Werner Koch
new bd7298c See ChangeLog: Wed Jul 7 13:23:40 CEST 1999 Werner Koch
new c5ca275 See ChangeLog: Thu Jul 8 16:21:27 CEST 1999 Werner Koch
new 8be0d60 See ChangeLog: Mon Jul 12 14:55:34 CEST 1999 Werner Koch
new 8caf2f7 See ChangeLog: Mon Jul 12 18:45:57 CEST 1999 Werner Koch
new 6851241 See ChangeLog: Tue Jul 13 17:39:25 CEST 1999 Werner Koch
new 40f2d9f See ChangeLog: Wed Jul 14 19:42:08 CEST 1999 Werner Koch
new a316550 See ChangeLog: Thu Jul 15 10:15:35 CEST 1999 Werner Koch
new 541bb01 See ChangeLog: Thu Jul 22 20:03:03 CEST 1999 Werner Koch
new 843742c See ChangeLog: Fri Jul 23 13:53:03 CEST 1999 Werner Koch
new a06bc6f .
new 4dbfb24 See ChangeLog: Mon Jul 26 09:34:46 CEST 1999 Werner Koch
new a5a8312 See ChangeLog: Mon Jul 26 15:46:23 CEST 1999 Werner Koch
new 28c8612 See ChangeLog: Wed Aug 4 10:34:46 CEST 1999 Werner Koch
new c2c397b See ChangeLog: Mon Aug 30 20:38:33 CEST 1999 Werner Koch
new 88a916c See ChangeLog: Tue Aug 31 17:20:44 CEST 1999 Werner Koch
new 0428ca6 See ChangeLog: Wed Sep 1 15:30:44 CEST 1999 Werner Koch
new 175c9d8 See ChangeLog: Thu Sep 2 16:40:55 CEST 1999 Werner Koch
new c7678c6 oops, found two serious problems after setting version to .11; make clear that it is still a development one.
new 39fe1cb See ChangeLog: Fri Sep 3 10:06:06 CEST 1999 Werner Koch
new d49d30d *** empty log message ***
new 4a3291c See ChangeLog: Mon Sep 6 19:59:08 CEST 1999 Werner Koch
new 1fb1323 Sorry, I broke des.c
new 7afedfd See ChangeLog: Tue Sep 7 16:23:36 CEST 1999 Werner Koch
new 119cbf0 See ChangeLog: Tue Sep 7 17:08:10 CEST 1999 Werner Koch
new d92e4db See ChangeLog: Tue Sep 7 18:44:05 CEST 1999 Werner Koch
new 52139a6 See ChangeLog: Mon Sep 13 10:55:14 CEST 1999 Werner Koch
new dcaaa92 See ChangeLog: Wed Sep 15 16:22:17 CEST 1999 Werner Koch
new 49f0fe5 See ChangeLog: Wed Sep 15 17:57:13 CEST 1999 Werner Koch
new 9caad6d See ChangeLog: Fri Sep 17 12:56:42 CEST 1999 Werner Koch
new a3ee7c4 Setup development branch
new 24ae980 See ChangeLog: Sat Sep 18 12:16:08 CEST 1999 Werner Koch
new df4ecbb Changed the way it works - now needs an extra program to to most tasks.
new cf70ca8 See ChangeLog: Tue Oct 26 14:10:21 CEST 1999 Werner Koch
new 5614645 See ChangeLog: Tue Oct 26 20:03:44 CEST 1999 Werner Koch
new a10fe4e See ChangeLog: Thu Oct 28 16:17:46 CEST 1999 Werner Koch
new 881e513 See ChangeLog: Sat Nov 13 17:44:23 CET 1999 Werner Koch
new 37f3c09 See ChangeLog: Mon Nov 15 21:36:02 CET 1999 Werner Koch
new 2694bce See ChangeLog: Fri Nov 19 17:15:20 CET 1999 Werner Koch
new 4555c0b See ChangeLog: Wed Dec 8 21:58:32 CET 1999 Werner Koch
new f8848d9 See ChangeLog: Thu Dec 9 17:22:27 CET 1999 Werner Koch
new ed0b0e0 See ChangeLog: Fri Dec 31 12:48:31 CET 1999 Werner Koch
new 704eb73 See ChangeLog: Fri Dec 31 14:06:56 CET 1999 Werner Koch
new 0070faa See ChangeLog: Mon Jan 24 13:04:28 CET 2000 Werner Koch
new 54b141f Add files to new directory. This is mainly stuff moved from ../util to here.
new db43afc See ChangeLog: Mon Jan 24 22:24:38 CET 2000 Werner Koch
new baa30ad See ChangeLog: Thu Jan 27 18:00:44 CET 2000 Werner Koch
new 100fc8d See ChangeLog: Mon Jan 31 16:37:34 CET 2000 Werner Koch
new f00d949 See ChangeLog: Mon Jan 31 17:48:10 CET 2000 Werner Koch
new e8e6125 Started with gcrypt manual
new d8199e3 Add some libgcrypt dox
new d1b6e0c See ChangeLog: Mon Feb 21 22:43:01 CET 2000 Werner Koch
new 14a2e00 See ChangeLog: Mon Mar 13 19:22:46 CET 2000 Werner Koch
new da129a5 See ChangeLog: Fri Mar 24 11:25:45 CET 2000 Werner Koch
new d1648b4 See ChangeLog: Thu May 25 18:39:11 CEST 2000 Werner Koch
new 92cd255 See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner Koch
new 0bf44b0 See ChangeLog: Mon Jul 17 16:35:47 CEST 2000 Werner Koch
new b872ea2 See ChangeLog: Tue Jul 25 17:44:15 CEST 2000 Werner Koch
new d81c3f7 See ChangeLog: Fri Jul 28 18:19:11 CEST 2000 Werner Koch
new 7a8c8b4 See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch
new c9c7095 See ChangeLog: Fri Aug 18 14:27:14 CEST 2000 Werner Koch
new 9fc2d24 See ChangeLog: Mon Aug 21 17:59:17 CEST 2000 Werner Koch
new c2fff8f See ChangeLog: Tue Aug 22 14:31:15 CEST 2000 Werner Koch
new 986d928 See ChangeLog: Mon Sep 18 16:35:45 CEST 2000 Werner Koch
new 9c20f65 See ChangeLog: Wed Oct 4 13:16:18 CEST 2000 Werner Koch
new 14974bc See ChangeLog: Fri Oct 6 14:29:16 CEST 2000 Werner Koch
new b75f734 Added the arcfour cipher which is of use for GNUTLS. According to the selftest, it does not yet work :-((.
new 5a9ea8f Changed keyring handling - saving still does not work. Added new cipher mode and updated cipher test program.
new 7c18f2c configuraton changes, make dist should work now.
new 709d3a7 Ooops, forgot to add this one.
new 93fe596 This was missing in HEAD.
new c287a8d Add features packet and fixes MIPS3.
new 986649b Some configuration changes
new edb4015 About to release 1.1.2
new 07ca4ea Removed files from the HEAD revision, because they are now in another repository
new c58fdc9 Removed libgcrypt doc files
new 613c15b Removed the libgcrypt stuff and started to modify the source to work with that external library.
new a1c48ae Does now work with libgcrypt
new e4a1c76 Add more warnings
new a1b39ba Created configuration files
new 1f79656 First chunk of code for the Assuan library
new 4fcb72b gpgsm does now build and a dummy server can be started.
new 7166bd6 Assuan server mode is now basically usable
new 7c70829 Implemented server main loop and started with import command.
new fcfec25 Started with keybox implementation by basing it on code from the GnuPG devel branch.
new a014d87 we are now able to check self-signed certificates
new 82f2ebc We now need a way to store keys
new 6dec384 A Makefile is a pretty useful thing
new 90d060c We have reached a state where we are able to import certs and check the certification path.
new 0f26760 Base code for gpgsm --verify does work
new 2b99de5 gpgsm --verify does now work like gpg including the --enable-special-filenames option.
new 2b2a800 * assuan-connect.c (assuan_pipe_connect): New function. (assuan_pipe_disconnect): Likewise. * assuan-defs.h (struct assuan_context_s): New member PID.
new f375790 Allow to store an arbitrary pointer in the context. Added assuan_write_status().
new 0b17666 Write status output, make verify work in server mode.
new ff1ba2f Added code for data lines. For ease of implementation we need glibc (custom streams).
new a413066 Added basic code for keylisting. New Assuan command LISTKEYS.
new d6f1a79 Added new file to please Jan
new 6470013 * assuan-connect.c (assuan_pipe_connect): Require NAME to be set. Using ARGV[0] automatically is bad mojo.
new 6e41d49 * assuan.h: Prototype assuan_pipe_connect and assuan_pipe_disconnect.
new aa4f78a Map Libksba's OIDs to Libgcrypt digest algo numbers. The latest Libgcrypt CVS version is needed.
new 757c13a Just a Backup. We can now write out a basic signature which in turn exhibits a bug in --verify.
new 8e58435 Signing does now work. There is no secret key management yet, so you should set GPGSM_FAKE_KEY=1 before you try to verify a signature created by gpgsm --sign or the SIGN server command.
new bab7fa0 Added new directory common to enable sharing of some code and error numbers between gpg, gpgsm and gpg-agent. Move some files and code to there.
new f917085 Mpfrh
new 1e443ad Friedman is setting up his desk
new d3a626b * assuan-buffer.c (_assuan_read_line): Deal with reads of more than a line. * assuan-defs.h: Add space in the context for this.
new 2be29a3 * assuan-connect.c (assuan_get_pid): New - actually done by Marcus in gpgme. Set the line length back to the old value.
new 5a4cbaf Add a copyright note to the bottom
new f60dc50 Introduced the keygrip
new 922cedf As promised a agent which already does some things. Not very useful yet but may be of help for using it in ther contexts.
new c0d12ef * assuan-handler.c (assuan_register_bye_notify) (assuan_register_reset_notify) (assuan_register_cancel_notify): New and call them from the standard handlers.
new 8cf3678 (assuan_process): Moved bulk of function to .. (process_request): .. new. (assuan_process_next): One shot version of above. (assuan_get_active_fds): New. NOTE - this has not been tested yet.
new 0e36c4c The agent does now work and read the secret keys from the directory ~/.gnupg-test/private-keys-v1.d/<keygrip-as-20-byte-hex-number>. I will post a sample key to gpa-dev.
new dd797e3 * assuan.h: Added more status codes.
new ce8a236 More error codes
new 99829ef * keydb.c (keydb_add_resource): Create keybox * keylist.c (gpgsm_list_keys): Fixed non-server keylisting. * server.c (rc_to_assuan_status): New. Use it for all commands.
new d9aecd9 * gpgsm.c: New option --agent-program * call-agent.c (start_agent): Allow to override the default path to the agent.
new 5a6a2ca * assuan-handler.c (assuan_register_input_notify): New. (assuan_register_output_notify): New.
new 944fee7 * base64.c: New. Changed all other functions to use this instead of direct creation of ksba_reader/writer. * gpgsm.c (main): Set ctrl.auto_encoding unless --no-armor is used. This way we can feed PEM encoded stuff to --verify.
new 95e6da1 --armor does now produce PEM format.
new ac88a4e assuan-connect.c (assuan_pipe_connect): Add more error reporting. assuan-client.c: New. assuan-inquire.c: New. assuan-handler.c (process_request): Check for nested invocations.
new 64c3605 New error codes and another mapping fnc.
new e8676a0 Started with decryption stuff
new 37be272 Added decryption, some code cleanup
new f8c249a added test certificate and secret key
new e4a7242 More error codes
new ce32f6b Decryption does now work
new 79956a0 The Agent does now call the pin entry program; however because we have not yet implemeted secret key protection, its purpose is somewhat limited. Well, the PIN entry modules can now be tested.
new f312047 --encrypt does now work for a hardwired key.
new 0d2ea28 new error codes
new f463880 New searchmode and hack to allow a hex encoded serial number
new 6a8c47b Implemented encryption in server mode. Allow to specify a recipient on the commandline There is still a default hardwired recipient if none has been set.
new d0eb9ad * assuan-connect.c (assuan_pipe_connect): Implemented the inital handshake. * assuan-client.c (read_from_server): Renamed to (_assuan_read_from_server): this and made external.
new bc11060 * gpgsm.c (main): New options --assume-{armor,base64,binary}. * base64.c (base64_reader_cb): Fixed non-autodetection mode.
new 717bc63 Fixed INPUT/OUTPUT command
new 9e24187 Made decryption work in --server mode, allow output of plain base64, allow --armor and --base64 arguments for INPUT and OUTPUT, new global option --base64, cleaned up the help page.
new c3567c4 Now that the DN encoding works more correct, we have to update the default key.
new e4f9871 * keybox-search.c (blob_cmp_name): Kludge to allow searching for more than one name. (has_subject_or_alt): New. (blob_cmp_mail): New. (has_mail): New. (keybox_search): Implemented exact search and exact mail search.
new dda2440 * keylist.c (list_cert_colon): Print alternative names of subject and a few other values.
new d7db073 2001-12-13 Marcus Brinkmann <marcus at gnu.org>
new e6336cb assuan/ 2001-12-14 Marcus Brinkmann <marcus at g10code.de>
new 788a9bc 2001-12-14 Marcus Brinkmann <marcus at g10code.de>
new 0cc8790 Change history, doubleplusgood.
new 595c2cb * keylist.c (list_cert_colon): Print alternative names of subject and a few other values.
new e8cc8e4 Fixed test key
new 601e412 Fixed test key
new b020999 * sign.c (get_default_signer): Use keydb_classify_name here.
new 317bccd * util.h (digitp, hexdigitp): New ctype like macros. (atoi_1,atoi_2,atoi_4,xtoi_1,xtoi_2): New.
new 7606e3b * util.h (digitp, hexdigitp): New ctype like macros. (atoi_1,atoi_2,atoi_4,xtoi_1,xtoi_2): New.
new 61ba223 * gpg-agent.c (main): New option --batch. New option --debug-wait n, so that it is possible to attach gdb when used in server mode. * query.c (agent_askpin): Don't ask in batch mode.
new b47b62b * gpgsm.c (main): New option --debug-wait n, so that it is possible to attach gdb when used in server mode.
new 8cd7e2a * assuan-listen.c (assuan_close_input_fd): New. (assuan_close_output_fd): New. * assuan-handler.c (std_handler_reset): Always close them after a reset command. (std_handler_bye): Likewise.
new 6d27c94 * verify.c (gpgsm_verify): Add hash debug helpers * sign.c (gpgsm_sign): Ditto.
new 134d401 * keybox-blob.c (x509_email_kludge): New. (_keybox_create_x509_blob): Insert an extra email address if the subject's DN has an email part. * keybox-defs.h: Added the xtoi_2 and digitp macros.
new fb446a5 * keylist.c (list_cert_colon): Kludge to show an email address encoded in the subject's DN.
new 1301c0b * decrypt.c (gpgsm_decrypt): Write STATUS_DECRYPTION_*. * sign.c (gpgsm_sign): Write a STATUS_SIG_CREATED.
new f82bdf6 * keybox-search.c (blob_cmp_name): There is no terminating 0 stored for the uid; fixed length compare.
new 73d2214 * gpgsm.c (main): Renamed the default key database to "keyring.kbx".
new 56172ce Changes to be used with the new libksba interface. libgcrypt-1.1.5 is required (cvs or tarball)
new 8652177 * Makefile.am (AM_CPPFLAGS): Add flags for libksba * Makefile.am (AM_CPPFLAGS): Include flags for gcrypt and ksba * Makefile.am: Use LIBGCRYPT macros
new 84b6169 assuan/ 2001-12-14 Marcus Brinkmann <marcus at g10code.de>
new 22cf286 The last log had an incorrect changelog entry, and was missing a fix.
new 41eeb31 * keyformat.txt: New.
new 3341f8a * keybox-blob.c (_keybox_create_x509_blob): Skip the leading parenthesis of the serial number's S-exp.
new 5f116e9 * base64.c (base64_reader_cb): Try to detect an S/MIME body part.
new ee1b7e4 * maperror.c (map_gcry_err): Add some mappings.
new b65e1cf * keybox-blob.c (_keybox_create_x509_blob): Skip the leading parenthesis of the serial number's S-exp. (_keybox_create_x509_blob): And fixed length calculation. (create_blob_header): Don't add an offset when writing the serial.
new 3b8cf6e * verify.c (gpgsm_verify): Implemented non-detached signature verification. Add OUT_FP arg, initialize a writer and changed all callers. * server.c (cmd_verify): Pass an out_fp if one has been set.
new 6fd5b6d * genkey.c: Store the secret part and return the public part.
new 489207d * assuan-handler.c (assuan_set_okay_line): New. (process_request): And use it here.
new 8bad9e3 *** empty log message ***
new dc37fe1 * base64.c (gpgsm_create_writer): Allow to set the object name * server.c (cmd_genkey): New. * certreqgen.c: New. The parameter handling code has been taken from gnupg/g10/keygen.c version 1.0.6. * call-agent.c (gpgsm_agent_genkey): New.
new bc37e6d new error codes
new 98b2622 * maperror.c (map_assuan_err): Codes for CRL
new 6af7631 * call-dirmngr.c: New. * certpath.c (gpgsm_validate_path): Check the CRL here. * fingerprint.c (gpgsm_get_certid): New. * gpgsm.c: New options --dirmngr-program and --disable-crl-checks.
new ae439af * fingerprint.c (gpgsm_get_certid): Print the serialand not the hash after the dot.
new 9b3370d * assuan-client.c (_assuan_read_from_server): Skip spaces after the keyword.
new 438b2bc * call-dirmngr.c (inq_certificate): Changed for new interface semantic. * certlist.c (gpgsm_find_cert): New.
new 148aa6e * trustlist.c: New. * command.c (cmd_istrusted, cmd_listtrusted, cmd_marktrusted): New.
new a6a2595 * maperror.c: Add mapping for Not_Trusted.
new 9dd0040 * keybox-search.c (blob_cmp_fpr): New. (has_fingerprint): Implemented;
new a9979e2 * import.c (gpgsm_import): Just do a basic cert check before storing it. * certpath.c (gpgsm_basic_cert_check): New.
new 6af684c * gpg-agent.c: Removed unused cruft and implement the socket based server. (my_strusage): Take bug report address from configure.ac. * command.c (start_command_handler): Add an argument to start as regular server. (start_command_handler): Enable Assuan logging.
new f58da18 * assuan-buffer.c (_assuan_read_line): Add output logging. (assuan_write_line): Ditto. (_assuan_cookie_write_data): Ditto. (_assuan_cookie_write_flush): Ditto. * assuan-util.c (_assuan_log_print_buffer): New. (assuan_set_log_stream): New. (assuan_begin_confidential): New. (assuan_end_confidential): New.
new 08e10cd More error codes and mappings
new 88bacd2 * server.c (gpgsm_server): Use assuan_deinit_server and setup assuan logging if enabled. * call-agent.c (inq_ciphertext_cb): Don't show the session key in an Assuan log file.
new 0e06a31 * sysutils.c: New. This is the misc.c file from gnupg 1.0.6 with the OpenPGP stuff removed. * sysutils.h: New.
new eac306f * gpg-agent.c (main): Disable core dumps.
new 6aae660 * command.c (cmd_get_passphrase): Remove the plus signs. * query.c (start_pinentry): Send no-grab option to pinentry * gpg-agent.c (main): Move variable grab as no_grab to agent.h.
new a2fd247 * assuan.h: Added Invalid Option error code.
new c3885e0 * server.c (option_handler): New. (gpgsm_server): Register it with assuan.
new 416c0b7 * assuan-connect.c: Move all except assuan_get_pid to... * assuan-pipe-connect.c: this. (assuan_pipe_disconnect): Removed. (do_finish, do_deinit): New (assuan_pipe_connect): and set them into the context. * assuan-socket-connect.c: New.
new e610a0a * keybox-search.c (keybox_search): Allow KEYDB_SEARCH_MODE_FPR20.
new 1146232 * gpgsm.c: Add option --enable-crl-checks.
new 4f39f92 * certpath.c (unknown_criticals): New. (allowed_ca): New. (gpgsm_validate_path): Check validity, CA attribute, path length and unknown critical extensions.
new e92ad49 2002-01-22 Marcus Brinkmann <marcus at g10code.de>
new d9a4ccf * certpath.c (gpgsm_validate_path): Print the DN of a missing issuer. * certdump.c (gpgsm_dump_string): New. (print_dn): Replaced by above.
new 1280f16 * mkdtemp.c: Copied from gnupg-1.0.6c and changed to use libgcrypt.
new ecb785a * assuan-socket-connect.c (LOGERRORX): and removed typo.
new 151deac * gpgsm.c (main): Disable core dumps. * sign.c (add_certificate_list): New. (gpgsm_sign): Add the certificates to the CMS object. * certpath.c (gpgsm_walk_cert_chain): New. * gpgsm.h (server_control_s): Add included_certs. * gpgsm.c: Add option --include-certs. (gpgsm_init_default_ctrl): New. (main): Call it. * server.c (gpgsm_server): Ditto. (option_handler): Support --include-certs.
new 108f62e * scdaemon.c scdaemon.h, command.c: New. Based on the code from the gpg-agent.
new 8536088 Updated copyright notices
new fc8d8e9 * certreqgen.c (create_request): Store the email address in the req. Note, that I have not yet achieved to generate a cert with the subjectAltName using OpenSSL. It seems that openssl requires the email address to be part of the subject DN (subjectAltName=email:copy) but this is something we don't want to do.
new 2d1d9d9 * findkey.c (agent_key_available): New. * command.c (cmd_havekey): New. (register_commands): And register new command.
new cd30fea * call-agent.c (gpgsm_agent_havekey): New. * keylist.c (list_cert_colon): New arg HAVE_SECRET, print "crs" when we know that the secret key is available. (gpgsm_list_keys): New arg MODE, check whether a secret key is available. Changed all callers. * gpgsm.c (main): New command --list-secret-keys. * server.c (cmd_listsecretkeys): New. (cmd_listkeys): Return secret keys with "crs" record.
new a09c4d0 A few test certificates
new 7d9ed16 * genkey.c (store_key): Protect the key. (agent_genkey): Ask for the passphrase. * findkey.c (unprotect): Actually unprotect the key. * query.c (agent_askpin): Add an optional start_err_text.
new 400938f Added a few more error codes
new 30f1b02 * cache.c: Add a few debug outputs.
new a34a03d 2002-02-01 Marcus Brinkmann <marcus at g10code.de>
new a3839b5 2002-02-01 Marcus Brinkmann <marcus at g10code.de>
new 0c4c0f2 * cache.c (housekeeping): Fixed linking in the remove case.
new 6aa7267 * decrypt.c (gpgsm_decrypt): Bail out after an decryption error.
new 2a28f5d * certlist.c (gpgsm_add_to_certlist): Check that the specified name identifies a certificate unambiguously. (gpgsm_find_cert): Ditto. * server.c (cmd_listkeys): Check that the data stream is available. (cmd_listsecretkeys): Ditto. (has_option): New. (cmd_sign): Fix ambiguousity in option recognition. * gpgsm.c (main): Enable --logger-fd. * encrypt.c (gpgsm_encrypt): Increased buffer size for better performance. * call-agent.c (gpgsm_agent_pksign): Check the S-Exp rec [...]
new eeb5cdb Set version numbers add a comment
new ebb00fa * assuan-buffer.c (writen,readline) [USE_GNU_PT]: Use pth_read/write. * assuan-socket-server.c (accept_connection) [USE_GNU_PTH]: Ditto.
new 85d9e2e * fopencookie.c: Dummy function.
new 822e682 * command.c (cmd_marktrusted): Implemented. * trustlist.c (agent_marktrusted): New. (open_list): Add APPEND arg.
new a46e786 A bunch of new features. Allow empty responses on an inquiry.
new 1df3841 More error codes
new 49b3340 Some experimental code - don't use it.
new 5dac471 * certpath.c (gpgsm_validate_path): Ask the agent to add the certificate into the trusted list. * call-agent.c (gpgsm_agent_marktrusted): New.
new 2585114 * findkey.c (unprotect): Show an error message for a bad passphrase.
new 488243f * certpath.c (check_cert_policy): New. (gpgsm_validate_path): And call it from here. * gpgsm.c (main): New options --policy-file, --disable-policy-checks and --enable-policy-checks. * gpgsm.h (opt): Added policy_file, no_policy_checks.
new 2a2d713 * keybox-search.c (blob_cmp_mail): Use case-insensitive compare because mail addresses are in general case insensitive (well RFC2822 allows for case sensitive mailbox parts, but this is in general considired a Bad Thing). Add additional substr parameter to allow for substring matches within the mail address. Change all callers to pass this along. (blob_cmp_name): Likewise but do the case-insensitive search only in sub string mode. (keybox_search): Implement MAILSUB [...]
new 04f49d9 * server.c (option_handler): Allow to use -2 for "send all certs except the root cert". * sign.c (add_certificate_list): Implement it here. * certpath.c (gpgsm_is_root_cert): New.
new f8c8ca2 * assuan-client.c (assuan_transact): Add 2 more arguments to support status lines. Passing NULL yields the old behaviour. * assuan-handler.c (process_request): Flush data lines send without using the data fp.
new 56341c2 Changes needed to support smartcards. Well, only _support_. There is no real code yet.
new f8efc7c Added more code fragments.
new 9301f1c * pksign.c (agent_pksign): Detect whether a Smartcard is to be used and divert the operation in this case. * pkdecrypt.c (agent_pkdecrypt): Likewise * findkey.c (agent_key_from_file): Add optional arg shadow_info and have it return information about a shadowed key. * protect.c (agent_get_shadow_info): New. * protect.c (snext,sskip,smatch): Moved to * sexp-parse.h: new file. * divert-scd.c: New.
new dfda938 Minor fixes; about to release 0.3.1
new c8454f7 * gpgsm.c, gpgsm.h: Add local_user. * sign.c (gpgsm_get_default_cert): New. (get_default_signer): Use the new function if local_user is not set otherwise used that value. * encrypt.c (get_default_recipient): Removed. (gpgsm_encrypt): Use gpgsm_get_default_cert. * verify.c (gpgsm_verify): Better error text for a bad signature found by comparing the hashs.
new 2fa73e7 Signing using a PKCS15 smartcard does work. How to create such a card is of course a different thing. Note, that you need to create the shadowed-private-key file manually.
new d8538d8 This file was missing.
new 2b5dca4 Well and some stuff to access the SC will be helpful. Note, that the code requires the latest OpenSC CVS code.
new 914e77c We got more error codes than actual code ;-)
new 303b4bd Decryption using a Cryptoflex card does now work.
new 7a5d778 * assuan-client.c (_assuan_read_from_server): Detect END. (assuan_transact): Pass it to the data callback.
new 4e637f2 sm/ * gpgsm.c: New command --learn-card * call-agent.c (learn_cb,gpgsm_agent_learn): New. * gpgsm.c (main): Print error messages for non-implemented commands. agent/ * learncard.c: New. * divert-scd.c (ask_for_card): The serial number is binary so convert it to hex here. * findkey.c (agent_write_private_key): New. * genkey.c (store_key): And use it here. scd/ * pkdecrypt.c (agent_pkdecrypt): Changed the way the diversion is done. * divert-scd.c (divert_pkdecrypt): Ch [...]
new c1791a8 * server.c (cmd_listkeys, cmd_listsecretkeys): Divert to (do_listkeys): new. Add pattern parsing. * keylist.c (gpgsm_list_keys): Handle selection pattern.
new 8337455 * verify.c (gpgsm_verify): Detect certs-only message.
new 1f6d901 More error codes
new c6736b6 * decrypt.c (gpgsm_decrypt): Allow multiple recipients.
new c39b866 Doc fixes, moved some fizmes to TODO, fixed minor bugs.
new 2e553c1 More stuff for SCs - don't expect them to work.
new a59fcae Added missing file
new 208b08a * export.c: New. * gpgsm.c: Add command --export. * server.c (cmd_export): New.
new 90bc40a * divert-scd.c (encode_md_for_card): Don't do the pkcs-1 padding, the scdaemon should take care of it. (ask_for_card): Hack to not display the trailing zero.
new 0e44b06 * card.c (card_open, card_close): Adjusted for changes in OpenSC.
new f63676f * keylist.c (list_cert_colon): Fixed listing of crt record; the issuer is not at the right place. Print a chainingID.
new d5a95ff * certpath.c (gpgsm_walk_cert_chain): Be a bit more silent on common errors.
new 81a4a25 yet another test certificate
new 1943ed5 * protect-tool.c (show_file): New. Used as default action.
new 18c85a7 * assuan-buffer.c (my_log_prefix): New. Use it for all i/o debug output.
new face637 * card.c (card_open): Return immediately when no reader is available.
new 7e07a39 * certlist.c (cert_usable_p): New. (gpgsm_cert_use_sign_p,gpgsm_cert_use_encrypt_p): New. (gpgsm_cert_use_verify_p,gpgsm_cert_use_decrypt_p): New. (gpgsm_add_to_certlist): Check the key usage. * sign.c (gpgsm_sign): Ditto. * verify.c (gpgsm_verify): Print a message wehn an unsuitable certificate was used. * decrypt.c (gpgsm_decrypt): Ditto * keylist.c (print_capabilities): Determine values from the cert.
new 7db1615 * scdaemon.c: New option --debug-sc N. * card.c (card_open): set it here.
new 3719aa5 * cryptmiss.c: New.
new 4e5bda7 * command.c (cmd_pksign, cmd_pkdecrypt): Use a copy of the key ID.
new 73e7383 * certpath.c (find_up): New to use the authorithKeyIdentifier. Use it in all other functions to locate the signing cert..
new 8992de3 * gpgsm.c (main): Check ksba version.
new f2183cf released 0.3.5
new 7cadd7c * certreqgen.c (gpgsm_genkey): Write status output on success.
new ee6bb32 2002-04-24 Marcus Brinkmann <marcus at g10code.de>
new 898dda0 2002-04-25 Marcus Brinkmann <marcus at g10code.de>
new b107b6d 2002-04-25 Marcus Brinkmann <marcus at g10code.de>
new b4f8fcb 2002-04-25 Marcus Brinkmann <marcus at g10code.de>
new a217663 * call-agent.c (start_agent): Make copies of old locales and check for setlocale.
new 8460fb4 Debug message cleanups. Fixed passphrase caching.
new 0ec648b Debug message cleanups.
new a64b368 * certpath.c (gpgsm_validate_path): Added EXPTIME arg and changed all callers. * verify.c (gpgsm_verify): Tweaked usage of log_debug and log_error. Return EXPSIG status and add expiretime to VALIDSIG.
new 11d568a * errors.h: Added STARUS_EXPSIG and STATUS_EXPKEYSIG.
new c7ceb87 sm/ * gpgsm.c: New option --faked-system-time * sign.c (gpgsm_sign): And use it here. * certpath.c (gpgsm_validate_path): Ditto. common/ * gettime.c: New. agent/ * cache.c (housekeeping, agent_put_cache): Use our time() wrapper. / * doc/: New * configure.ac, Makefile.am: Added doc/
new 4f7330e * import.c (gpgsm_import): Try to identify the type of input and handle certs-only messages.
new ad6abe7 * keylist.c (list_internal_keys): Renamed from gpgsm_list_keys. (list_external_keys): New. (gpgsm_list_keys): Dispatcher for above. * call-dirmngr.c (lookup_cb,pattern_from_strlist) (gpgsm_dirmngr_lookup): New. * server.c (option_handler): Handle new option --list-mode. (do_listkeys): Handle options and actually use the mode argument. (get_status_string): New code TRUNCATED.
new 3910c0f * mkdtemp.c: Replaced byte by unsigned char because it is no longer defined in gcrypt.h.
new 72f48d9 * assuan-util.c (assuan_set_io_func): New. * assuan-buffer.c (writen, readline): Use the new functions instead of pth. * assuan-socket-server.c (accept_connection): Don't use the pth_accept - using the assuan included accept code would be a bad idea within Pth so we don't need a replacement function.
new b209c17 * no-pth.c, Makefile.am: Removed.
new 8bb265d * import.c (gpgsm_import): Add error messages.
new a3aa9e3 * gpgsm.c (main): Don't print the "go ahead" message for an invalid command.
new c641608 * gpgsm.c (main): New command --list-sigs * keylist.c (list_cert_std): New. Use it whenever colon mode is not used. (list_cert_chain): New.
new 0dec11f * sign.c (hash_and_copy_data): New. (gpgsm_sign): Implemented normal (non-detached) signatures. * gpgsm.c (main): Ditto.
new f393e0d * protect-tool.c: Add command --show-keygrip (show_keygrip): New.
new 3221ef0 Various changes.
new 7ca4df0 * gpgsm.c (open_fwrite): New. (main): Allow --output for --verify.
new 312ee41 * call-dirmngr.c (lookup_status_cb): New. (gpgsm_dirmngr_lookup): Use the status CB. Add new arg CTRL and changed caller to pass it.
new 4e13426 * gpgsm.c (main): New option --log-file.
new 82575bf Fixed last fix.
new ccb0bb1 * card-dinsig.c: Documented some stuff from the DIN norm.
new 469dc10 * agent.h: Add a callback function to the pin_entry_info structure. * query.c (agent_askpin): Use the callback to check for a correct PIN. Removed the start_err_text argument becuase it is not anymore needed; changed callers. * findkey.c (unprotect): Replace our own check loop by a callback. (try_unprotect_cb): New. * genkey.c (reenter_compare_cb): New. (agent_genkey): Use this callback here. Fixed setting of the pi2 variable and a segv in case of an empty PIN.
new dfcdec0 * certreqgen.c (read_parameters): Improved error handling. (gpgsm_genkey): Print error message.
new 031a856 * keybox-init.c (keybox_set_ephemeral): New. * keybox-blob.c (create_blob_header): Store epheermal flag. (_keybox_create_x509_blob): Pass epheermal flag on. * keybox-update.c (keybox_insert_cert): Ditto. * keybox-search.c (blob_get_blob_flags): New. (keybox_search): Ignore ephemeral blobs when not in ephemeral mode.
new 5214694 * call-agent.c (learn_cb): Use log_info instead of log_error on successful import.
new 42cf865 * certlist.c (gpgsm_add_to_certlist): Fixed locating of a certificate with the required key usage.
new 640688c * gpgsm.c, gpgsm.h: New option --debug-no-path-validation. * certpath.c (gpgsm_validate_path): Use it here instead of the debug flag hack.
new 5c5a3f6 * certdump.c (print_dn_part): Always print a leading slash, removed NEED_DELIM arg and changed caller.
new c65009a * protect-tool.c (rsa_key_check): New. (import_p12_file): New. (main): New command --p12-import. * minip12.c, minip12.h: New.
new f60b29f * assuan-buffer.c (assuan_write_line): Make sure we never accidently print an extra LF.
new d905375 * maperror.c (map_to_assuan_status): Map EOF to No_Data_Available.
new 738e6d8 * import.c (gpgsm_import): Print an STATUS_IMPORTED.
new 56b0496 * Makefile.am (pkglib_PROGRAMS): Put protect-tool there.
new ad4d81f * gpgsm.c (main): Use GNUPG_DEFAULT_HOMEDIR constant.
new 3672606 * protect-tool.c (export_p12_file): New. (main): New command --p12-export. * minip12.c (create_final,p12_build,compute_tag_length): New. (store_tag_length): New.
new 9c70a2e * server.c (cmd_recipient): Add more reason codes.
new 0c0b0f5 * maperror.c (map_to_assuan_status): Map more errorcodes to Bad Certificate.
new 98a05e4 Removed files for CVS reorganization
new 151ee2f Update head to match stable 1.0
new 3f51f7d Update head to match stable 1.0
new 2082905 * query.c (start_pinentry): Use GNUPG_DERAULT_PINENTRY. * call-scd.c (start_scd): Use GNUPG_DEFAULT_SCDAEMON.
new df58e02 * gpgsm.c: New option --auto-issuer-key-retrieve. * certpath.c (find_up): Try to retrieve an issuer key from an external source and from the ephemeral key DB. (find_up_store_certs_cb): New.
new 0ed6228 Update head to match stable 1.0
new bc46bac * argparse.c (optfile_parse): Renamed an auto I to P2 to avoid shadowing warning.
new db1e07b * rndlinux.c: Removed HAVE_LINUX_RANDOM_H conditional because it was never used and the configure test did set the wrong macro anyway.
new 8e3a526 * configure.ac (development_version): New. (HAVE_DEV_RANDOM_IOCTL): Removed test for it; it was never used.
new 73cf2b4 automake updated.
new 9103e5b msgmerge'd.
new a7489d6 * mk-w32-dist (bindir): Fixes vor VPATH builds in a subdir, include gpgv.
new ac49ead * photoid.c: Use __MINGW32__ to include windows because HAVE_DOSISH_SYSTEM is also set for OS/2 and plain DOS. Provide constant missing in older mingw installations.
new 76f8e65 * configure.ac: Link W32 version against libwsock32.
new 3c7ba12 * README.W32: Adjusted some descriptions. Fixed the regsitry entry descriptions.
new 4cbc79e * Makefile.am: Due to problems with VPATH builds we don't try to build the texi vesions of the manual pages anymore automatically.
new abcd9ea Better keep it in the CVS
new ced5736 * mk-gpg-texi: New.
new 31d019f typo fix
new 096cfcc * encode.c (encode_symmetric): Do not use the new encryption code.
new 2082801 * INSTALL: Replaced by generic install file. * README: Marked as development version and moved most stuff of the old INSTALL file to here.
new 05e61e4 * configure.ac: Set version number to 1.1.91.
new f7bf66d typo fix.
new b672df8 * packet.h, build-packet.c (build_attribute_subpkt), exec.c (expand_args), mkdtemp.c (mkdtemp), photoid.c (parse_image_header): Fix some signedness compiler warnings.
new db765c9 * options.skel: Fix a few typos, clarify "group", and remove sample photo viewers for Win32 since they are the defaults now.
new 2b0bb77 * gpgkeys_hkp.c (parse_hkp_index): Error if the keyserver returns an unparseable HKP response.
new fe1495e * argparse.c (optfile_parse): Fix variable typo - 'p2' should be 'p' :)
new d208cd7 * gpg.sgml: Clarify "group".
new 4b0497a Removed old keyserver (daemon) code.
new 5faca75 * call-dirmngr.c (gpgsm_dirmngr_isvalid): print status of dirmngr call in very verbose mode.
new 5795c02 * keydb.c (keydb_store_cert): Add optional ar EXISTED and changed all callers. * call-agent.c (learn_cb): Print info message only for real imports.
new 6041ae6 * certpath.c (check_cert_policy): Don't use log_error to print a warning.
new 6aaa480 * verify.c (gpgsm_verify): Extend the STATUS_BADSIG line with the fingerprint.
new c6feade * options.h, g10.c (main), keyserver.c (keyserver_refresh): Maintain and use the original keyserver URI for cosmetics rather than trying to recreate it when needed.
new bccb780 * exec.h, exec.c (set_exec_path, exec_write), g10.c (main): If USE_EXEC_PATH is defined at compile time, use it to lock the exec-path and not allow the user to change it.
new 985b36a * configure.ac: Allow setting USE_EXEC_PATH to lock the exec-path to a fixed value.
new f48b285 * server.c (gpgsm_status2): Insert a blank between all optional arguments when using assuan. * server.c (cmd_recipient): No more need for extra blank in constants. * import.c (print_imported_status): Ditto. * gpgsm.c (main): Ditto.
new 107e4a3 * README: Document --disable-exec, --disable-photo-viewers, --disable-keyserver-helpers, --enable-exec-path, and --with-photo-viewer.
new 1c3fae0 Fix previous ChangeLog commit
new a811246 * gpgkeys_ldap.c (get_key), gpgkeys_hkp.c (get_key): Display keyserver URI as a URI, but only if verbose.
new 5d74fb3 * configure.ac: --enable-exec-path should be a 'with'. Fix 'no' cases of --with-exec-path and --with-photo-viewer.
new 32b11e4 * photoid.c (get_default_photo_command, show_photos): Honor FIXED_PHOTO_VIEWER and DISABLE_PHOTO_VIEWER.
new f07463b * argparse.c (initialize): We better exit after a read error so that we don't run into an endless loop when reading a directory. Noted by Andrew Suffield.
new b67d342 * configure.ac: Add --with-mailprog to override the use of sendmail with another MTA. We can use anything that follows the "$MAILPROG -t" convention.
new fd415ba * gpgkeys_mailto.in: Use new OPAQUE tag for non net-path URIs. Fail more elegantly if there is no email address to send to. Show the GnuPG version in the message body.
new 9ffea0d * options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn, keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search): Use a much more strict reading of RFC-2396 for the keyserver URIs. Specifically, don't try and be smart about checking the value of ":port" so long as it is all digits, and properly handle opaque data (those scheme specific parts that do not start with "//").
new 2921721 * gpgkeys_ldap.c (send_key, get_key, main): Consult the server version string to determine whether to use pgpKey or pgpKeyV2.
new 75ad300 * keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in a designated revoker means "sensitive", not "local". It's exportable under the right circumstances.
new fc8d9e4 * keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying "sensitive" as an argument to an addrevoker command. This sets the 0x40 sensitive revoker flag.
new bbf580e * fseeko.c, ftello.c: New.
new 508ce10 * keybox-defs.h: New BLOBTYPTE_EMPTY. * keybox-dump.c (_keybox_dump_blob): Handle new type. * keybox-file.c (_keybox_read_blob): Skip over empty blobs. Store the file offset. * keybox-blob.c (_keybox_new_blob): Add new arg OFF. (_keybox_get_blob_fileoffset): New. * keybox-update.c (keybox_delete): Implemented.
new 9f8fef6 * delete.c: New. * gpgsm.c: Made --delete-key work. * server.c (cmd_delkeys): New. (register_commands): New command DELKEYS.
new 5190d70 * keydb.c (keydb_add_resource): Register a lock file. (lock_all, unlock_all): Implemented.
new b65aced * revoke.c (gen_desig_revoke): Lots more comments about including sensitive revkeys along with the revocation sig itself.
new 002f085 * options.h, main.h, export.c (parse_export_options, do_export_stream), g10.c (main): add new --export-options option. Current flags are "include-non-rfc", "include-local-sigs", "include-attributes", and "include-sensitive-revkeys".
new 1256137 * options.h, main.h, g10.c (main), import.c (parse_import_options, delete_inv_parts), keyserver.c (parse_keyserver_options): add new --import-options option. The only current flag is "allow-local-sigs".
new d83e649 2002-07-22 Timo Schulz <ts at winpt.org>
new 4623605 * sig-check.c (signature_check2): Signatures made by invalid subkeys (bad/missing binding sig) are also invalid.
new eb5c026 * import.c (delete_inv_parts): Discard subkey signatures (0x18 and 0x28) if found in the userid section of the key.
new 72a3fd4 * import.c (parse_import_options), export.c (parse_export_options): Fix offset problem with reversed ("no-") meanings.
new 35bf53d Forgot to commit this: * photoid.c (get_default_photo_command): Also use __MINGW32__ instead of HAVE_DOSISH_SYSTEM.
new 160895b Add a new readon code for delet key.
new 6b50533 * rndw32.c (slow_gatherer_windowsNT): Use a simple array for the disk performance structure and increase it to the size required by W2000.
new 9a4e2a4 * longlong.h: Replaced all K&R multiline strings by ISO ones for the sake of modern compilers. Suggested by Marco Parrone.
new 0967b40 removed pragma for RISC OS
new 58cfd8e * configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h
new 89b42e1 * configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h, as well as a SUBST for Makefiles.
new 0ecc209 * Makefile.am: Install keyserver helpers in @GNUPG_LIBEXECDIR@
new d0c643a * options.h, exec.h, exec.c (set_exec_path, exec_write), g10.c (main), keyserver.c (keyserver_spawn): If the user does not use "exec-path", completely replace $PATH with GNUPG_LIBEXECDIR before calling the keyserver helper. If the user does use "exec-path", append GNUPG_LIBEXECDIR after the specified path.
new 553ac3f * main.h, import.c (parse_import_options, fix_hkp_corruption, import_one, delete_inv_parts), g10.c (main): New import-option "repair-hkp-subkey-bug", which repairs as much as possible the HKP mangling multiple subkeys bug. It is on by default for keyserver receives, and off by default for regular --import.
new 78f3138 These are special i386 files for use on OpenBSD, which (at least until version 3.1) has an older assembler that won't work with the files in i386.
new cead1f2 * config.links: Add special rule for OpenBSD on x86 to use special i386-openbsd files. OpenBSD (at least until version 3.1) has an older assembler that won't work with the files in i386.
new 2610f0e * secmem.c: "Warning" -> "WARNING"
new ceb76da * gpgkeys_hkp.c: "Warning" -> "WARNING"
new a4427b0 * gnupgbug: "Warning" -> "WARNING"
new 36d5779 * random.c: "warning" -> "WARNING"
new 9ac6821 * exec.c, export.c, import.c, keyedit.c, keyserver.c, misc.c: "Warning" -> "WARNING"
new 52b1efa * gpg.sgml: Clarify the differences between "pref" and "showpref". Note in "setpref" that a list of available algorithms can be printed with "gpg -v --version". Note in "updpref" that we don't select keys via attribute uids, so preferences there will be ignored.
new bb99f6c * keyedit.c (menu_revsig): Change "revsig" to honor selected uids so the user can revoke sigs from particular uids only.
new 33ef3cf * sig-check.c (do_check): Properly validate v4 sigs with no hashed section at all.
new 623ca88 * NEWS: changes since 1.1.90.
new 1f703da * README, configure.ac: --with-exec-path is now clarified into --disable-keyserver-path
new 928dba9 * options.h, g10.c (main), mainproc.c (proc_encrypted): Return a decryption failed error if a MDC does not verify. Warn if a MDC is not present (can disable via --no-mdc-warning).
new 7de95ff Changed the lincese for Assuan to LGPL.
new 46e07da * gpg.sgml: Clarify --edit/addrevoker (sensitive), and --keyserver-options (--import/export-options may be used as well). Document --import-options and --export-options with their various options. --show-photos now works during signature verification as well. Document --exec-path. Note in --simple-sk-checksum that the passphrase must be changed for this to take effect. Note that --pgp7 does not disable MDC. Document --no-mdc-warning.
new 1558e29 Add another item to the NEWS file.
new 3b2ac8a * config.links: Added case for sparc64-netbsd. Suggested by ww at styx.org.
new 4493a96 * delkey.c (do_delete_key): Always allow to delete a key in batch mode when specified by fingerprint. Suggested by Enzo Michelangeli.
new 557e7cc * gpg.sgml: Document new --delete behaviour.
new 14d050a 2002-08-02 Timo Schulz <ts at winpt.org>
new 85aa3e1 The big extension module removal.
new 582f0d5 RISC OS changes due to dynload removal
new 5631db0 RISC OS changes because of dynload removal
new 4e4c392 * de.po: Fixed fuzzys and translated new strings. * es.po, et.po, fr.po, gl.po, id.po, it.po, ja.po, tr.po: Updated from TP site. * ca.po: New from TP site.
new 5030987 msgfmt updated.
new 872ba01 * configure.ac (ALL_LINGUAS): Added Catalan.
new 705873c Removed some obsolete header files.
new 8298145 * configure.ac: Bumbed version number.
new 181dcc6 tidying up RISC OS stuff
new a1259ac * g10.c (main): Try to use "gpg.conf" as default option file. * openfile.c (copy_options_file): Changed name of created file.
new 67faf23 minor doc fixes.
new e028b77 * options.skel: Changed comments.
new 111f78b * revoke.c (export_minimal_pk, gen_desig_revoke, gen_revoke): Export a minimal pk along with the revocation cert when in --pgpX mode so that PGP can import it.
new f486508 * gpg.sgml: Clarify that only long-form options can go in the config file.
new 58b0a36 * encode.c (encode_crypt), g10.c (main), sign.c (sign_file, clearsign_file): Use the same --pgpX warning string everywhere to ease translations.
new 63a71c1 * options.h, g10.c (main), mainproc.c (proc_encrypted): --ignore-mdc-error option to turn a MDC check error into a warning.
new 7dec321 use of EXTSEP_S
new ce42e64 New Assuan testing tool.
new df50c10 * configure.ac: If the static IDEA cipher is present, disable dynamic loading. Also fix backwards grammar of keyserver exec-path CHECKING message.
new fee7e35 * keyedit.c (menu_revsig): Properly show a uid is revoked without restarting gpg. This is Debian bug 124219, though their supplied patch will not do the right thing.
new c8b8326 First test script. Still missing the environment setup.
new faed12a * md.c (md_algo_present): New function to check if a given algo is in use for a given MD_HANDLE.
new bed4e0d * cipher.h: Add md_algo_present().
new e703540 * sig-check.c (signature_check2): Sanity check that the md has a context for the hash that the sig is expecting. This can happen if a onepass sig header does not match the actual sig, and also if the clearsign "Hash:" header is missing or does not match the actual sig.
new 0b01b9c * asschk.c: Added some new features. * runtest, inittests: New. * text-1.txt, text-2.txt, text-3.txt: New. * text-1.osig.pem, text-1.dsig.pem, text-1.osig-bad.pem: New. * text-2.osig.pem, text-2.osig-bad.pem: New. * samplekeys : New directory * sm-verify, sm-sign+verify: The first test scripts.
new c3f1100 * tdbio.c (tdbio_set_dbname): Create new trustdbs with user-only permissions.
new fcdd2ec * configure.ac: Add an --enable-tiger.
new 3d85ad8 * Makefile.am, md.c (load_digest_module): Allow switching TIGER on and off via configure.
new 74a84ca * options.skel: Some language tweaks, and remove the load-extension section for random gatherers.
new 0e43a57 Added distfiles kludge to distribute the content of the samplekeys directory.
new 1d81b99 * card.c (card_get_serial_and_stamp): Use the tokeinfo serial number as a fallback. Add a special prefix for serial numbers.
new 850a4d5 * gpgsm.c (emergency_cleanup): New. (main): Initialize the signal handler.
new ebaf7d6 Minor fixes
new 5b0ccaf * signal.c: New. Taken from GnuPG 1.1.91.
new beb0fef Tweaked the build system so that make distcheck finanly said Well Done.
new dc8f3ee * decrypt.c (prepare_decryption): Hack to detected already unpkcsedone keys.
new 69f3890 * keybox-search.c (blob_cmp_fpr_part): New. (has_short_kid, has_long_kid): Implemented.
new 9382b62 * keylist.c (list_cert_colon): Print the short fingerprint in the key ID field. * fingerprint.c (gpgsm_get_short_fingerprint): New. * verify.c (gpgsm_verify): Print more verbose info for a good signature.
new 9c86904 Minor changes for gettext
new 29e3108 * cipher.c: Include the DUMMY cipher only when the new ALLOW_DUMMY is defined. It should only be defined for hard core debugging.
new a4750ea * mpicoder.c (do_get_buffer): Don't remove leading zeros if the MPI is marked as protected.
new d1f6ccd * cipher.h: Add AES aliases for RIJNDAEL algo numbers.
new 1111da1 * encode.c (encode_simple): Fix problem with using compression algo 2 and symmetric compressed files.
new 9ad0a65 * hkp.c (parse_hkp_index): Properly handle really large keys (5 digit key length) in HKP searches.
new 0996f7d * seckey-cert.c: Workaround to allow decryption of v3 keys created with a bug in the mpi_get_secure_buffer.
new e78e69f Removed a leftover conflict indicator.
new fd2f1c8 * card-common.h (struct p15_private_s): Forward declaration. Add it to card_ctx_s. * card.c (card_close): Make sure private data is released. * card-p15.c (p15_release_private_data): New. (init_private_data): New to work around an OpenSC weirdness. (p15_enum_keypairs): Do an OpenSC get_objects only once.
new a8e9b35 * call-agent.c (learn_cb): Special treatment when the issuer certificate is missing.
new 5776c03 * certpath.c: Renamed to .. * certchain.c: this. Renamed all all other usages of "path" in the context of certificates to "chain".
new 1299c13 *** empty log message ***
new 2f4b415 Renamed some configure flags.
new 8ed2348 * scdaemon.c: Include i18n.h.
new a55d4d1 Renamed an error code.
new 346b6a3 * assuan.h: Renamed Bad_Certificate_Path to Bad_Certificate_Chain.
new ca7ed72 * call-scd.c (learn_status_cb): Handle CERTINFO status. (agent_card_learn): Add args for certinfo cb. * learncard.c (release_certinfo,certinfo_cb): New. (send_cert_back): New. With factored out code from .. (agent_handle_learn): here. Return certinfo stuff.
new 47fc9f8 Made it compile.
new 5201d1e 2002-08-16 Timo Schulz <ts at winpt.org>
new 89f8e7e * getkey.c (get_user_id_native): Renamed to .. (get_user_id_printable): this. Filter out all dangerous characters. Checked all usages. (get_user_id_string_native): Renamed to.. (get_user_id_string_printable): this. Filter out all dangerous characters. Checked all usages. * keyedit.c (show_basic_key_info): New. * keylist.c (print_fingerprint): New mode 3. * import.c (import_one): Use new function to display the user ID.
new aa7b601 Short note about interactive and import.
new 8993435 * NEWS: Document new ways to enable MDC, and change in automatic compression disabling.
new 0d80064 * gpgkeys_hkp.c (get_key, parse_hkp_index): Bring over latest code from g10/hkp.c.
new fa88fe9 * keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and comments.
new 12fb1e6 * DETAILS: Clarify that trust letters 'q' and '-' can be treated identically.
new e18e387 * gpgsm.c (main): Use the log file only in server mode.
new 1cc0480 * options.skel: Document no-include-attributes for keyserver-options.
new a71981b * divert-scd.c (getpin_cb): Pass a more descritive text to the pinentry.
new bc8364e * vasprintf.c: Hack to handle NULL for %s.
new ba0de8e * scdaemon.c (main): New option --daemon so that the program is not accidently started in the background.
new afc4093 use setlocale().
new cda3b91 * query.c (agent_askpin): Hack to show the right default prompt. (agent_get_passphrase): Ditto.
new c7dfa3a * import.c (import_print_stats): Print new non_imported counter which is currently not used becuase we terminate on errors.
new 0401164 * errors.h: Added STATUS_IMPORT_PROBLEM.
new b8a7c19 * import.c (print_imported_summary): Cleaned up. Print new not_imported value. (check_and_store): Update non_imported counter. (print_import_problem): New. (check_and_store): Print error status message. * server.c (get_status_string): Added STATUS_IMPORT_PROBLEM.
new 26f4dbc * query.c (agent_askpin): Provide the default desc text depending on the pininfo. Do the basic PIN verification only when min_digist is set.
new 8609693 * import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys into chk_self_sigs. This improves efficiency as the same signatures are not checked multiple times. Clarify when a subkey is revoked (any revocation signature, even if it is dated before the binding signature).
new b6bbc5f * gpg.sgml: Clarify meaning of keyserver option include-revoked.
new 277a9a3 Include intl/ in the CVS again; otherwise we are not able to re-recreate a distribution from CVS. Some minor other fixes.
new d55b7e1 * faq.raw: Updated. New Maintainer is David D. Scribner.
new 7e3e9bf * sig-check.c (do_check, do_check_messages): Emit the usual sig warnings even for cached sigs. This also serves to protect against missing a sig expiring while cached.
new 22de00d * longlong.h: Remove space between \ and newline. gcc is complaining.
new da488f0 * hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into new "dehtmlize" function. Remove HTML before trying to parse each line from the keyserver. If the keyserver provides key type information in the listing, use it.
new 1f5bed1 * gpgkeys_hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into new "dehtmlize" function. Remove HTML before trying to parse each line from the keyserver. If the keyserver provides key type information in the listing, use it. (Copy over from g10/hkp.c).
new 8d4602d * gpgkeys_hkp.c (main): Don't warn about include-subkeys - it isn't unsupported, it's actually non-meaningful in the context of HKP (yet).
new b37812c * Makefile.am: May as well include gpgkeys_hkp.c in the distribution now. It works well enough without proxies, and isn't built by default. It would be good to get some test experience with it.
new 6cb18a8 * gpgkeys_hkp.c: Include util.h on RISC OS as per Stefan. Include a replacement for hstrerror() for those platforms (such as RISC OS) that don't have it.
new 4567d77 * NEWS: Clarify that --libexecdir is a configure option.
new ce13db5 * gpgkeys_hkp.c (http_get, http_post): Use CRLF for line endings.
new fd79d4e * configure.ac: Check type of mode_t.
new 813fa3f * gpgkeys_hkp.c, Makefile.am: Convert over to using iobufs.
new 43ba6d4 * gpgkeys_hkp.c: Overall cleanup from iobuf conversion. Be consistent in m_alloc and malloc usage. Remove include-disabled (meaningless on HKP). RISC OS tweak.
new a119391 * sig-check.c (do_check_messages, do_check): Show keyid in error messages.
new 262a871 * gpgkeys_hkp.c: (parse_hkp_index): Use same types on all platforms. This was probably leftover from earlier code where the typing mattered.
new 0073d68 * random.c: Automagically detect the entrop gatherer when configure so. * rndegd.c (rndegd_connect_socket): New. Factored out from .. (rndegd_gather_random): here and call it. (do_read): Update the counter variables correctly. This was not a problem due to the way EGD works. Bug found by Christian Biere.
new 5dfd5a6 * pkclist.c (do_we_trust_pre): Changed the wording of a warning.
new 2b95cb7 * configure.ac (random_modules): Reworked the code to select the random module. Define USE_ALL_RANDOM_MODULES for value all.
new c6178bd * iobuf.c (block_filter): Removed the assert, so that one can pass the first character of a message and use the block filter for non partial length encoded packets.
new c721e11 * pkclist.c (build_pk_list): Fail if any recipient keys are unusable.
new 46a58a0 * pkclist.c (build_pk_list): Add new status code to indicate an untrusted user. This (or a disabled key) fail with "unavailable pubkey" (G10ERR_UNU_PUBKEY).
new a30375e * gpg.sgml: Document keyserver-option include-subkeys. Note that honor-http-proxy is a keyserver-option now.
new 51ec578 * gnupg.7: New mini man page.
new f3484f7 * strgutil.c (set_native_charset): Allow NULL as argument to use nl_langinfo for selection. Mapped latin-15 to latin-1.
new bcedc5d * gpg.sgml: Updated the charset option.
new 5819b1e * g10.c (main): Try to set a default character set. Print the used one in verbosity level 3. * gpgv.c (main): Try to set a default character set.
new 5e141b3 Moved some items from TODO to NEWS.
new 6ff4d21 * mk-w32-dist: Include more man pages and gpg split. Changed name of ZIP file to better indicate that this is a command line version.
new 59e61f1 * gnupg.7: New mini man page.
new 94a9173 * gpgsm.c (main): Disable the internal libgcrypt locking.
new dc4b9ab new test certs and messages
new 8dccf88 * mainproc.c (print_pkenc_list): Don't increment the error counter when printing the list of keys a message was encrypted to. This would make gpg give a non-zero exit code even for completely valid messages if the message was encrypted to more than one key that the user owned.
new 836d63c 2002-09-03 Neal H. Walfield <neal at cs.uml.edu>
new cfca45d 2002-09-04 Marcus Brinkmann <marcus at g10code.de>
new f27e05f 2002-09-04 Neal H. Walfield <neal at g10code.de>
new 712af9e 2002-09-03 Neal H. Walfield <neal at g10code.de>
new cab9991 2002-09-04 Neal H. Walfield <neal at g10code.de>
new 32abeed 2002-09-04 Neal H. Walfield <neal at g10code.de>
new d044a90 * gpg-agent.c (create_private_keys_directory) (create_directories): New. (main): Try to create a home directory.
new b20b90d * NEWS: typo.
new d8eda8d * g10.c (add_group): Use '=' to separate group name from group members. Use a better error message for when no = is found.
new b32a1d9 * gpgkeys_hkp.c (send_key): Use CRLF in headers.
new e892058 * gpgkeys_ldap.c (get_key): Some compilers (RISC OS, HPUX c89) don't like using variables as array initializers.
new 075f862 * w32reg.c (read_w32_registry_string): Handle REG_EXPAND_SZ. Suggested by Ryan Malayter. * strgutil.c (ascii_strcasecmp): Replaced by code from gnulib. (ascii_strncasecmp): New.
new d6a87e6 * mpicoder.c (mpi_set_buffer): Cast all left operands of a shift to a larger type so that 16 bit CPUs don't suffer from an overflow. Suggested by TOGAWA Satoshi.
new 92f8a5d * gpgkeys_hkp.c (send_key, get_key, search_key): Check return value of malloc. (dehtmlize): Use ascii_tolower to protect against weird locales. Cast the argument for isspace for the sake of broken HP/UXes. (search_key): Check return value of realloc.
new 1405471 Added prototype.
new b324a5d Cleanups and minor fixes.
new 20c7357 typo fixes and disabled dummy cipher
new be5f6f7 typo fixes and new credits.
new c30d7e8 * exec.c (expand_args): Remove loop left over from earlier implementation. (exec_write): Missed one tick.
new c5445cc * g10.c, options.h: Removed option --emulate-checksum-bug. * misc.c (checksum_u16_nobug): Removed. (checksum_u16): Removed the bug emulation. (checksum_mpi): Ditto. (checksum_mpi_counted_nbits): Removed and replaced all calls with checksum_mpi. * parse-packet.c (read_protected_v3_mpi): New. (parse_key): Use it here to store it as an opaque MPI. * seckey-cert.c (do_check): Changed the v3 unprotection to the new why to store these keys. (protect_secret_key): Likewise. [...]
new 7a71a26 * mpi-bit.c (mpi_normalize): Replaced the check for protected by is_opaque. (mpi_get_nbits): Removed the special case for protected MPIs. * mpicoder.c (do_get_buffer): Likewise. (mpi_print): Removed the nbit_info printing.
new 3605051 * configure.ac (random_modules): The default random module for system lacking a /dev/random is now auto selected at runtime.
new 96396ff Updated texi files
new 0bdb353 * mk-w32-dist: Convert the character sets on a per language base.
new b4bb5fc * simple-gettext.c: Disable charset mappings. We do it now when installing the files.
new d33f08a About to release 1.1.92
new 86bc1e5 Argh, msgfmt reformatted some entries during the make distcheck
new d0824bb Bumped version number
new 2351709 * distfiles: Include mk-w32-dist.
new 75e055f fixed the test for a missing mail address
new 72cd3ef * keyserver.c (keyserver_spawn): Remove whitespace after keyserver commands.
new 811b782 * DETAILS: Fix batch key generation example.
new 6a5f132 * configure.ac: Remove --enable-external-hkp as this is always on now. Add --disable-hkp to match the other --disable-{keyservertype} options.
new 07991aa * gpgkeys_hkp.c (main): Remove warning - this is no longer experimental code.
new b45a2d0 * Makefile.am, hkp.c, hkp.h, keyserver.c (keyserver_work): Remove internal HKP support.
new 5656059 * Makefile.am (EXTRA_DIST): Include gnupg-32.reg
new 3dcb3ed * tr.po, el.po: Updated.
new da2cb39 Added tr and el rule.
new 3782e15 updated RISC OS stuff
new baffeca Import from stable branch.
new 5c7c9fd * gpgkeys_hkp.c: (search_key, handle_old_hkp_index): Try and request a machine-readable key index. If the server supports this, pass it through. If the server does not support it, parse the "index" page.
new fcbf191 * gpg.sgml: Add rebuild-keydb-caches.
new 81c8f7d * gpgkeys_mailto.in: Add quasi-RFC-2368 mailto:email at addr?from= syntax so people can set their own email address to respond to.
new 6794524 * w32reg.c (read_w32_registry_string): Fallback to HLM.
new 299e2bf From stable branch
new 1ad05d5 * rndw32.c (SIZEOF_DISK_PERFORMANCE_STRUCT): Increased to 256.
new fb33293 From stable branch
new 8bd507e * certcheck.c (gpgsm_check_cert_sig): Add cert hash debugging.
new 2761544 From stable branch
new 5e802a7 * gpgkeys_hkp.c (get_key, handle_old_hkp_index, search_key): Properly handle line truncation.
new c4c0b1d From stable branch
new 18306f4 * DETAILS: s/XORed/ORed/.
new c9f2aac comment type fix
new 0b180a7 * gpgkeys_hkp.c (handle_old_hkp_index): s/input/inp/ to avoid shadowing warning.
new 4948f99 * mpicoder.c (do_get_buffer): Avoid zero length allocation. Checked that all callers behave properly when NBYTES returns 0 as the length of the allocated buffer.
new 10e83fb * gpg.sgml: Some minor language cleanup.
new b9c091b trustdb checks/updates after import
new 78c754c added trustdb update/check for stream import as well
new 77ffe35 avoid function clone
new bbf5ea7 added fast-import to import-options
new 1b8d4b2 * THANKS: Remove duplicate.
new 5835a80 * keyserver.h: Add some new error codes for better GPA support.
new e0512b1 * gpgkeys_hkp.c (send_key, get_key, search_key, main): Some minor error reporting enhancements for use with GPA.
new 76846b7 * gpgkeys_ldap.c (ldap_err_to_gpg_err, ldap_to_gpg_err, send_key, get_key, search_key, main): Some minor error reporting enhancements for use with GPA (show reasons for KEY FAILED).
new c5faf22 * http.c (connect_server): Try all A records for names with multiple addresses until one answers (not MINGW32).
new 7ad7f45 * import.c (import_keys_stream): Fix compiler type warning.
new c6f8520 * configure.ac: Add NETLIBS to EGDLIBS when using EGD as EGD uses sockets.
new d04fd65 * Makefile.am: Link bftest with EGDLIBS (i.e. NETLIBS) as EGD uses sockets.
new 48d5502 * Makefile.am: Link gpg with EGDLIBS (i.e. NETLIBS) as EGD uses sockets. Remove the old NETLIBS variable since the keyserver stuff is no longer internal.
new 2d432af * gpg-agent.c (handle_signal): Flush cache on SIGHUP. * cache.c (agent_flush_cache): New. * gpg-agent.c, agent.h: Add --keep-display and --keep-tty. * query.c (start_pinentry): Implement them. The option passing needs more thoughts.
new 2536273 * tiger.c (tiger_get_info): Use a regular OID. Note that this breaks all TIGER generated signatures; if we want to do something about it we have to do it in ../g10/sig-check.c .
new ddf90c4 * configure.ac: Remove --enable-tiger, as TIGER is now always enabled.
new 37f29e8 * Makefile.am, md.c (load_digest_module): TIGER is now always enabled.
new e18ddb6 From stable branch * gpgkeys_ldap.c (send_key): Removed non-constant initializers.
new 9380f80 2002-09-28 David Shaw <dshaw at jabberwocky.com>
new 383ff96 * keyserver.c (parse_keyserver_uri): Force the keyserver URI scheme to lowercase to be case-insensitive.
new e85fd72 * getkey.c (get_pubkey_direct): New. (merge_selfsigs_main): Use it here to look for an ultimately trusted key. Using the full get_pubkey might lead to an infinitive recursion.
new 05691b1 * import.c (import_one): Make sure that a newly imported key starts with a clean ownertrust.
new e8b0b63 * tiger.c (tiger_get_info): Select the OID to use for TIGER at compile time.
new 05e8945 * configure.ac: Add an --enable-old-tiger, to revert back to the old OID.
new b959d78 * longlong.h: Some whitespace changes in HPPA to fix assembler problems on HP-UX. From David Ellement.
new 58972f2 * import.c (import_secret_one): Check for an illegal (>110) protection cipher when importing a secret key.
new fcefffc * keylist.c (print_capabilities): Secret-parts-missing keys should show that fact in the capabilities, and only primary signing keys can certify other keys.
new 0bb65a8 * gpg.sgml: Note that '#' means secret-key-unavailable, and that keyserver schemes are case-insensitive.
new c518031 * logger.c (g10_log_warning, log_set_strict): Add new log_warning logger command which can be switched between log_info and log_error via log_set_strict.
new 35cc8cf * util.h: Add new log_warning logger command which can be switched between log_info and log_error via log_set_strict.
new 8c48fbd * options.h, g10.c (main): Add --strict and --no-strict to switch the log_warning severity level from info to error.
new d68fe4f * import.c (import_keys_internal): s/inp/inp2/ to avoid shadowing warning.
new 1fed5c8 * getkey.c (get_pubkey_direct): Don't cache keys retrieved via this function as they may not have all their fields filled in.
new 60dff3c * configure.ac: OpenLDAP 2.0.27 changed the dependencies again. Add a "LDAPLIBS" variable so users can try and suggest the right dependencies for their platform.
new e4f5b9b * import.c (import_keys_internal): Missed one s/inp/inp2/.
new 9e86063 And changelog :)
new 9c011f8 * keyserver.h: Add new error code KEYSERVER_UNREACHABLE.
new 7a3e940 * gpgkeys_ldap.c (fail_all): New function to unwind a keylist and error each item. (main): Call fail_all from here, as needed. Also add a NO_MEMORY error in an appropriate place and fix error return code. (ldap_err_to_gpg_err): Add KEYSERVER_UNREACHABLE.
new 071966c * gpgkeys_ldap.c (search_key, main): Make sure LDAP values are freed in case of error.
new 4849c0a * http.c (connect_server): Properly handle a single A record that fails connect().
new 9fafaa7 * keyedit.c (menu_addrevoker): Properly back out if the signature fails. Also, do not allow appointing the same revoker twice, and report ALREADY_SIGNED if the user tries it.
new 10128a5 * DETAILS (KEY_CREATED): Enhanced by fingerprint.
new e5f14f1 * keygen.c (print_status_key_created): New. (do_generate_keypair): Use it to print the fingerprint. (generate_subkeypair): Likewise.
new 42b93f4 * rndunix.c (my_popen): Make sure that stdin and stderr are connected to a file. This is to avoid NetBSD to complain about set{u,g}id programs invoked with fd 0, 2 closed. Reported by Cristian Biere. (start_gatherer): Likewise. Reordered code.
new 09bac13 * configure.ac (NAME_OF_DEV_URANDOM): Use /dev/urandom for NetBSD. Reported by Christian Biere.
new a940538 Add simple tool to sign all keys in a keyring
new da1c9e8 * keyserver-internal.h, keyserver.c (print_keyrec, parse_keyrec, show_prompt, keyserver_search_prompt, keyserver_spawn): Go to version 1 of the keyserver protocol. This is a better design, similar to --with-colons, that allows for keys with multiple user IDs rather than using multiple keys. It also matches the machine readable pksd format. Also use a prettier --search-keys listing format that can fill different size windows (currently set at 24 lines).
new a158c89 * keyserver.h: Go to KEYSERVER_PROTO_VERSION 1.
new 943566f * gpgkeys_ldap.c (get_key): Don't print keysize unless it's >0. (printquoted): Use %-encoding instead of \-encoding. (search_key): Use new keyserver key listing format.
new 3ee825e * gpgkeys_hkp.c (write_quoted): Use %-encoding instead of \-encoding. (parse_hkp_index): Use new keyserver key listing format, and add support for disabled keys via include-disabled.
new 69cd49b * NEWS: Some 1.3 notes.
new 73ccfeb * g10.c (main): Disable --textmode when encrypting (symmetric or pk) in --pgp2 mode as PGP 2 can't handle the unknown length literal packet. Reported by Michael Richardson.
new bc75f90 * README: Some typo fixes from Florian Weimer, and bump version number.
new 53dca7b Florian Weimer reminded me about that
new e613304 * g10.c (main): Handle --strict and --no-strict from the command line before the options file is loaded.
new 9d32f6f * http.c (connect_server): Try all A records for names with multiple addresses until one answers for both MINGW32 and not MINGW32.
new b8c842d * README: Multiple A record rotation works with MINGW32 now, and clarify how it works with LDAP.
new be9b626 * pkclist.c (do_edit_ownertrust): Show all user IDs. This should be enhanced to also show the current trust level. Suggested by Florian Weimer.
new 36bf36b * autogen.sh: Allow env variables to override the auto* tool names. Suggested by Simon Josefsson.
new 74d460a * config.links (powerpc-apple-darwin6.1): Disable assembler due to non-working modules/as. Suggested by Gordon Worley.
new 61fbbd0 * configure.ac: Changed version number comments. (ALL_LINGUAS): Removed all except for de. During development it might not be a good idea to keep all of them - they get outdated too soon and diff files will be far too large.
new 53255c3 * POTFILES.in (hkp.c): Removed.
new 8d76177 Bumped version number for cvs version
new aa853f1 2002-10-18 Timo Schulz <ts at winpt.org>
new 5cc82fc * Makefile.am, regcomp.c, regex.c, regex_internal.c, regex_internal.h, regexec.c: Add new regex files from glibc 2.3.1.
new 586c6fe * configure.ac: Regex tests adapted from mutt to decide whether to use the internal regex code or not.
new 9e00f68 * distfiles, _regex.h: Add _regex.h from glibc 2.3.1.
new 45a8594 * Makefile.am: Anything linking with libutil.a needs INTLLIBS as well on platforms where INTLLIBS is set.
new 7e5f954 * pubkey-enc.c (get_it): Fix segv, test for revoked only when PK has been assigned.
new fc9aa1e * gpgsplit.c: New options --secret-to-public and --no-split. GNUified the indentation style.
new 64291d8 * main.h, import.c (sec_to_pub_keyblock, import_secret_one, parse_import_options), g10.c (main): New import-option "convert-sk-to-pk" to convert a secret key into a public key during import. It is on by default.
new c42c5f9 * gpg.sgml: Document --refresh-keys.
new be1d2a4 * gpgkeys_hkp.c (main), gpgkeys_ldap.c (main): Add -V flag to output protocol and program version.
new f33df26 * gnupg.spec.in: Use new path for keyserver helpers, /usr/lib is no longer used for cipher/hash plugins, and include gpgv, gpgsplit, and the new gnupg.7 man page.
new 557f658 filetype support for RISC OS
new e4021a4 tidied RISC OS filetype support
new 809b8b0 * keyedit.c (print_and_check_one_sig, show_key_and_fingerprint, menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show "T" or the trust depth for trust signatures, and add spaces to some strings to make room for it.
new de9c6b3 * configure.ac: Add --disable-regex in case some platform just can't handle the regex stuff. This means they can't fully handle trust sigs with an attached regex either.
new 09158d1 * packet.h, trustdb.h, trustdb.c (trust_string): New. Return a string like "fully trusted", "marginally trusted", etc. (get_min_ownertrust): New. Return minimum ownertrust. (update_min_ownertrust): New. Set minimum ownertrust. (check_regexp): New. Check a regular epression against a user ID. (ask_ownertrust): Allow specifying a minimum value. (get_ownertrust_info): Follow the minimum ownertrust when returning a letter. (clear_validity): Remove minimum ownertrust [...]
new 179b857 * trustdb.c (check_regexp): Modern regexps require REG_EXTENDED.
new b9d7219 * configure.ac: Add a check for volatile.
new d284a4d * util.h: Add wipememory() macro.
new 20c99d1 * build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead of memset() to wipe sensitive memory as the memset() might be optimized away.
new 7dac918 added RISC OS module loading support
new 61a15d3 * gnupg.spec.in: Update source ftp path.
new 7b4ad0f * Makefile.am: Put gnupg.spec in the root directory so rpm -ta works.
new bdf0e30 * g10.c (main): Add --no-throw-keyid.
new d6693c1 * cipher.c (string_to_cipher_algo), md.c (string_to_digest_algo): Allow the Sxxx and Hxxx format for cipher and digest names.
new 39e6593 * keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the full algorithm name (CAST5, SHA1) rather than the short form (S3, H2).
new ae1d128 * keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids, keyedit_menu): Prompt for and create a trust signature with "tsign". This is functional, but needs better UI text.
new 06285e3 * NEWS: Note trust signature support, --hidden-encrypt-to/--hidden-recipient, and long algorithm name support everywhere.
new 1b593c0 * gpg.sgml: Document "tsign", clarify "setpref", clarify --recipient, document --hidden-recipient, document --hidden-encrypt-to, clarify --no-encrypt-to, clarify --throw-keyid, document --no-throw-keyid.
new 91a8e4a * options.h, g10.c (main): Add --trust-model option. Current models are "openpgp" which is classic+trustsigs, "classic" which is classic only, and "always" which is the same as the current option --always-trust (which still works). Default is "openpgp".
new f7b357e * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly handle an input file that does not include any key data at all.
new 731ab59 * trustdb.c (trust_model_string, check_trustdb, update_trustdb, validate_one_keyblock): It's not clear what a trustdb rebuild or check means with a trust model other than "classic" or "openpgp", so disallow this.
new c773df7 * KEYSERVER: New. Documents the --with-colons format for keyserver listings.
new 47b4b7f * keyserver.c (keyserver_search_prompt): When --with-colons is enabled, just dump the raw keyserver protocol to stdout and don't print the menu.
new 6920513 * keyserver.c (keyserver_search_prompt): When --with-colons is enabled, don't try and fit the search output to the screen size - just dump the whole list.
new ec0d9a4 * gpgkeys_ldap.c (key_in_keylist, add_key_to_keylist, free_keylist, get_key, search_key): The LDAP keyserver doesn't remove duplicates, so remove them locally. Do not include the key modification time in the search response.
new 3cb4118 * pubkey-enc.c (get_session_key): With hidden recipients or try a given passphrase against all secret keys rather than trying all secret keys in turn. Don't if --try-all-secrets or --status-fd is enabled.
new c4d58f1 * rndw32.c [__CYGWIN32__]: Don't include winioctl.h - it is not required anymore. (From Werner)
new d941240 * util.h: Add wipememory2() macro (same as wipememory, but can specify the byte to wipe with).
new d771dd2 * w32reg.c (read_w32_registry_string): Fixed expanding of the environment buffer; didn't worked at all. Reported by Thijmen Klok. From Werner on stable branch.
new bf4a893 * options.h, g10.c (main), trustdb.c (ask_ownertrust): Add --force-ownertrust option for debugging purposes. This allows setting a whole keyring to a given trust during an --update-trustdb. Not for normal use - it's just easier than hitting "4" all the time to test a large trustdb.
new 7911a5e * keyring.h, keyring.c (keyring_register_filename): Return the pointer if a given keyring is registered twice.
new fa9b94a Fixed copyright year
new d219b06 * passphrase.c (agent_send_all_options): Use tty_get_ttyname to get the default ttyname.
new 41fb1ac * ttyio.c (TERMDEVICE): Removed. (tty_get_ttyname): New. (init_ttyfp): Use it here instead of the TERMDEVICE macro.
new 659e1e9 * gpgkeys_ldap.c (get_key): Fix typo in deduping code.
new d121958 Preparing 1.3.1 release.
new a33b72d Post release version number bump.
new 3817bf6 * config.sub, config.guess: Updated from ftp.gnu.org/gnu/config to version 2002-11-08.
new 365011c * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit display match the validity and trust of --with-colons --list-keys.
new 116bef5 * secmem.c (lock_pool) [__CYGWIN__]: Don't print secmem warning. From Werner on stable branch.
new 453c471 * THANKS: Changes from stable branch.
new 12a1bde * util.h [__CYGWIN32__]: Don't need the registry prototypes. From Werner on stable branch.
new c0eab15 * mk-w32-dist: Don't use iconv for pl.po. From Werner on stable branch.
new 7c3eee8 * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; we don't need it here as it behaves more like a Posix system. From Werner on stable branch.
new fbffa82 * encode.c (encode_simple): Make sure that files larger than about 4G use partial length encoding. This is required because OpenPGP allows only for 32 bit length fields. From Werner on stable branch.
new 0907db4 fixed type incompatibility
new d06a95a * gpgkeys_ldap.c (get_key): The deduping code requires "pgpcertid", but that was not available when running without verbose on. Noted by Stefan.
new cf163db * g10.c (main): Allow compression algorithm names as the argument to --compress-algo. The old algorithm names still work for backwards compatibility.
new 2058395 * gpg.sgml: --compress-algo now allows algorithm names.
new 6b48375 * config.links: Use OpenBSD/NetBSD powerpc assembler code for Darwin. Successfully tested by Gordon Worley.
new 1c2bf62 * gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode. Noted by Haakon Riiser.
new 2e4e257 * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver protocol version.
new 1c6bcef * keygen.c (keygen_set_std_prefs): Properly handle an empty preference string.
new 2bb2976 * gpg.sgml: Add an interoperability section.
new 0cd879c * encode.c (encode_simple), passphrase.c (passphrase_to_dek), sign.c (sign_symencrypt_file): Use --s2k-digest-algo for passphrase mangling rather than --digest-algo.
new a5b9770 * g10.c (add_notation_data): Disallow notation names that do not contain a '@', unless --expert is set. This is to help prevent people from polluting the (as yet unused) IETF namespace.
new ce4ddd1 * g10.c (main), keydb.c (keydb_add_resource, keydb_locate_writable): Rename --default-keyring as --primary-keyring. Stefan wins the naming contest.
new 8b9e9d3 * sign.c (hash_for): If --digest-algo is not set, but --personal-digest-preferences is, then use the first hash algorithm in the personal list. If the signing algorithm is DSA, then use the first 160-bit hash algorithm in the personal list. If --pgp2 is set and it's a v3 RSA key, use MD5.
new bd23076 * mainproc.c (proc_encrypted): Use --s2k-digest-algo for passphrase mangling rather than --digest-algo.
new 0819797 * main.h, misc.c (default_cipher_algo, default_compress_algo): New. Return the default algorithm by trying --cipher-algo/--compress-algo, then the first item in the pref list, then s2k-cipher-algo or ZIP.
new 1289ab7 no RISC OS filetype needed for nooutput
new 6122c65 * gpg.sgml: Document --sig-policy-url, --cert-policy-url, --sig-notation, --cert-notation. Clarify --show-notation and --show-policy-url that policy URLs and notations can be used in data signatures as well. Add note about '@' being a required character in notation names.
new 29c83f1 * gpg.sgml: Document --primary-keyring. Clarify --s2k-cipher-algo, --s2k-digest-algo, --personal-cipher-preferences, --personal-digest-preferences, and --personal-compress-preferences.
new 98708e1 * NEWS: Add notes about notation names and '@', the --trust-model option, default algorithms from --personal-xxxx, --primary-keyring, changes with --s2k-digest-algo, the new anonymous recipient improvements, and non-optimized memory wiping.
new db9195c * keyedit.c (menu_expire): Don't lose key flags when changing the expiration date of a subkey. This is not the most optimal solution, but it is minimal change on the stable branch.
new 8dfe1d4 * distfiles, gnupg.spec.in: Include convert-from-106.
new d37aad4 * gpg.sgml: Point out that if the user absolutely must, it's better to use --pgpX than forcing an algorithm manually. Better still not to use anything, of course. CVS: ---------------------------------------------------------------------- gpg.sgml CVS: ----------------------------------------------------------------------
new 768ded7 Marked unused slots in the trustdb.
new e357092 * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list), pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode. This is basically identical to --pgp7 in all ways except that signing subkeys, v4 data sigs (including expiration), and SK comments are allowed.
new 3b7ca1f * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store trust model in the trustdb version record. (tdbio_update_version_record): New function to update version record values during a trustdb check or update. (tdbio_dump_record): Show trust model in dump.
new 60fce37 * trustdb.c (validate_keys): Show trust parameters when building trustdb, and make sure that the version record update was successful. (init_trustdb): If the current parameters aren't what was used for building the trustdb, the trustdb is invalid.
new 1aec207 * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change. Minimal isn't always best.
new 036fbb2 * g10.c: New options --[no-]mangle-dos-filenames. * options.h (opt): Added mangle-dos-filenames. * openfile.c (open_outfile) [USE_ONLY_8DOT3]: Truncate the filename only when this option is set; this is the default.
new fce148a * gpg.sgml: Document --no-mangle-dos-filenames.
new ea86ca6 fixed typo
new 488b8da * gpg.sgml: Clarify include-revoked and include-disabled so they match what the program actually does. Noted by Dick Gevers.
new eb96077 * tdbio.c (tdbio_read_record, tdbio_write_record): Compact the RECTYPE_TRUST records a bit.
new 6a4bd94 * pkclist.c (do_we_trust): Tweak language to refer to the "named user" rather than "owner". Noted by Stefan Bellon.
new 15a2a3c 2002-12-22 Timo Schulz <ts at winpt.org>
new 5356c28 * samplekeys.asc: Updated.
new 005ac4d Simple script to create samplekeys.asc. CVS only.
new 7282f79 * iobuf.c (iobuf_flush): Only print debug info if debugging is on.
new f3f1015 * keydb.h, getkey.c (key_byname): Flag to enable or disable including disabled keys. Keys specified via keyid (i.e. 0x...) are always included.
new eff3b56 * keyedit.c (keyedit_menu, menu_revuid): Add "revuid" feature to revoke a user ID. This is the same as issuing a revocation for the self-signature, but a much simpler interface to do it.
new 54a7e71 fixed type problem
new 61db74e * NEWS: Add note about convert-from-106 script.
new 98ef439 * gpg.sgml: Clarify --no-permission-warning to note that the permission warnings are not intended to be the be-all and end-all in security checks. Add note to --group that when used on the command line, it may be necessary to quote the argument so it is not treated as multiple arguments. Noted by Stefan Bellon.
new 55eda4b * keyserver.c (keyserver_refresh): Don't print the "refreshing..." line if there are no keys to refresh or if there is no keyserver set.
new 0bb73ee * getkey.c (merge_selfsigs_main), main.h, sig-check.c (check_key_signature2): Pass the ultimately trusted pk directly to check_key_signature2 to avoid going through the key selection mechanism. This prevents a deadly embrace when two keys without selfsigs each sign the other.
new 842e690 * keydb.c (keydb_add_resource): Don't assume that try_make_homedir terminates but check again for the existence of the directory and continue then. * openfile.c (copy_options_file): Print a warning if the skeleton file has active options.
new e247a0b * import.c (import_one): Only do the work to create the status display for interactive import if status is enabled.
new c974390 * keylist.c (print_capabilities): Show 'D' for disabled keys in capabilities section.
new fd6d6fd * DETAILS: Document disabled flag in capabilities field.
new af6e3ef * packet.h, tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record), trustdb.c (update_validity): Store temporary full & marginal counts in the trustdb. (clear_validity, get_validity_counts): Return and clear temp counts. (store_validation_status): Keep track of which keyids have been stored. (validate_one_keyblock, validate_key_list): Use per-uid copies of the full & marginal counts so they can be recalled for multiple levels. (validate_keys): Only use unused keys [...]
new 39dd4d2 * gpgkeys_hkp.c (get_key): Use options=mr when getting a key so keyserver doesn't attach the HTML header which we will just have to discard.
new 7b27853 * trustdb.c (get_validity_info): 'd' for disabled is not a validity value any more.
new 254225a * keygen.c (keygen_set_std_prefs): Warn when setting an IDEA preference when IDEA is not available.
new c13b76c Updated from latest NewPG project
new 29ef9bd Updated from latest NewPG project
new 8b3b704 * armor.c (armor_filter): Comment about PGP's end of line tab problem.
new 7a5c4d2 * trustdb.c (get_validity_info, get_ownertrust_info, trust_letter): Simplify by returning a ? for error directly.
new 33d6f71 * tdbio.c (tdbio_set_dbname): Fix assertion failure with non-fully-qualified trustdb names.
new 2a9bd94 * g10.c (add_group): Fixed group parsing to allow more than one delimiter in a row and also allow tab as delimiter.
new 773513c * packet.h, parse-packet.c (setup_user_id), free-packet.c (free_user_id), keydb.h, keyid.c (namehash_from_uid): New function to rmd160-hash the contents of a user ID packet and cache it in the uid object.
new 06ef613 * gpg.sgml: Minor language tweaks, spell check, copyright date, etc.
new b7ea66e * trustdb.c (init_trustdb, get_validity): Don't use a changed trust model to indicate a dirty trustdb, and never auto-rebuild a dirty trustdb with the "always" trust model.
new 8220f3f * g10.c (add_group): Trim whitespace after a group name so it does not matter where the user puts the = sign.
new 2659e53 * mainproc.c (list_node): Show signature expiration date in with-colons sig records.
new e20701b * DETAILS: Document trust depth, value, and regexp.
new 169f436 * gpgkeys_mailto.in: Fix regexp to work properly if the "keyid" is not a keyid, but rather a text string from the user ID.
new 6291f18 * keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on a v4 key (treat as a v4 revocation).
new 47f3a5c * NEWS: Add notes about disabled keys, trustdb tweaks, and "revuid".
new a93eb3a * cipher.h: Add constants for new SHAs.
new cef8bbd * sha256.c, sha512.c: New.
new f523e53 * armor.c (parse_hash_header, armor_filter): Accept the new SHAs in the armor Hash: header.
new a338c1d * Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ so it can be easily overridden at make time.
new 911cc7e * types.h: Try and use uint64_t for a 64-bit type.
new fa9600d * Makefile.am, md.c (load_digest_module): Only build in SHA384/512 and TIGER if specifically enabled by the 64-bit type check in configure.
new a8e139c * configure.ac: Do not set GNUPG_LIBEXECDIR in ./configure, so that makefiles can override it. Verify that we have a 64-bit type before building tiger.c or sha512.c. Add uint64_t as a possible 64-bit type.
new 257956b * Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ as GNUPG_LIBEXECDIR so it can be easily overridden at make time.
new 48ac112 * exec.c (set_exec_path): Add debugging line.
new d691cf8 * keydb.h, getkey.c (classify_user_id, classify_user_id2): Make 'exact' a per-desc item. Merge into one function since 'force_exact' is no longer needed. (key_byname): Use new classify_user_id function, and new exact flag in KEYDB_SEARCH_DESC.
new 5511e38 * g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5 support. Use 3DES for the s2k cipher in --openpgp mode. (print_mds): #ifdef all of the optional digest algorithms.
new 5e9d144 * cipher.c (setup_cipher_table): #ifdef all optional ciphers.
new 4ee2d23 * keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in default prefs if they are disabled.
new 874fc78 * configure.ac: Add --disable-xxx options for CAST5, BLOWFISH, AES (all), TWOFISH, TIGER192, SHA256, and SHA384/512. Add a --enable-minimal that disables all of them as well as --disable-exec.
new 6f41d06 * g10.c (main): Accept "s1" in addition to "idea" to match the other ciphers.
new d3b1813 * configure.ac: Add --disable-idea for IDEA. Note that disabling IDEA disables both the real IDEA and the possibility of using the IDEA loadable module. Remove the --disable-dynload option since it is no longer meaningful (it is only used if idea-stub is used).
new 2c1e7af * ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 to indicate a string with no maximum size. This prevents early truncation of strings that contain control chars which are expanded into \xXX form.
new 30d0fc5 * sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF (segfault). Noted by Marcus Brinkmann. Push and reinitialize textmode filter for each file in a multiple file list.
new c65d9f4 * convert-from-106: Move to the tools directory.
new c848b89 * convert-from-106: Script to automate the 1.0.6->later conversion. It marks all secret keys as ultimately trusted, adds the signature caches, and checks the trustdb. Moved from the scripts directory.
new bef6e1a * Makefile.am: Distribute convert-from-106.
new 2bed531 * distfiles, gnupg.spec.in: convert-from-106 is in the tools directory now.
new cb2167a * keyserver.c (keyserver_spawn): Include various pieces of information about the key in the data sent to the keyserver helper. This allows the helper to use it in instructing a remote server which may not have any actual OpenPGP smarts in parsing keys.
new 909f6a0 * trustdb.c (validate_keys): Mask the ownertrust when building the list of fully valid keys so that disabled keys are still counted in the web of trust. (get_ownertrust_with_min): Do the same for the minimum ownertrust calculation.
new e84c4ca * configure.ac: Define @CAPLIBS@ to link in -lcap if we are using capabilities.
new 230d871 * compress.c (init_uncompress): Use a 15 bit window size so that the output of implementations which don't run for PGP 2 compatibility won't get garbled.
new d804867 * configure.ac: Look for res_query so we can use DNS SRV, and add --disable-dns-srv to disable it.
new a07c1bc * http.h: Add HTTP_FLAG_TRY_SRV.
new bbd986f * gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in the armored key. (main): Accept "try-dns-srv" option.
new 48b5593 * Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using capabilities.
new 81844d2 * http.c (connect_server): Use DNS SRV to get a server list. Fail over to A records if necessary.
new 2c717d9 * options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv" keyserver option. Defaults to on.
new 1995efc * srv.h, srv.c (getsrv): Use unsigned char rather than char. Noted by Stefan Bellon.
new 9302906 * argparse.c (default_strusage): Change copyright date.
new 62df762 * acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume little only for Intel CPUs.
new d2548b3 * keydb.h: Err on the side of making an unknown signature a SIG rather than a CERT.
new 5eba958 * pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.
new c88bc35 * configure.ac: Use much more accurate method to determine whether DNS SRV is usable.
new fe5e3e5 * dcigettext.c (plural_lookup): Name conflict on some platforms with "index". Local fix for GnuPG.
new cf6fcc0 * DETAILS: Don't specify which hash is used to make up the namehash since it may change in the future.
new 26fabc3 Add primary key fingerprint to VALIDSIG status.
new 0a5ec42 * Makefile.am (EXTRA_DIST): Add autogen.sh wrapper.
new 55fc1bb * autogen.sh: Add options to build for coldfire and uClinux.
new 11fc63b * gpgkeys_hkp.c (dehtmlize, parse_hkp_index): Fix memory corruption bug on some platforms.
new 3cf45b3 * main.h, g10.c (main), import.c (parse_import_options, fix_pks_corruption): It's really PKS corruption, not HKP corruption. Keep the old repair-hkp-subkey-bug command as an alias.
new 6b55878 * passphrase.c (read_passphrase_from_fd): Do a dummy read if the agent is to be used. Noted by Ingo Kl�cker. (agent_get_passphrase): Inhibit caching when we have no fingerprint. This is required for key generation as well as for symmetric only encryption.
new 01d6a55 * srv.c (main): Test against wwwkeys.pgp.net.
new 9830346 * acinclude.m4 (GNUPG_CHECK_ENDIAN): Fix quoting of r.e. using quadrigraphs.
new 297e879 * md.c (md_start_debug): Need to open the file in binary mode.
new 6878858 * longlong.h (umul_ppmm): Support SH3 and SH4. Thanks to kazuya.s at jp.yokogawa.com.
new e5ffcab * configure.ac (HAVE_DOSISH_SYSTEM): New automake conditional.
new fc3cc2c * gpg.sgml: Document --enable-progress-filter.
new b394776 * Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
new 4e472d0 * Makefile.am, options.in: Rename options.in to options since it no longer needs to be a generated file.
new 874214d * import.c (import_revoke_cert): Remove ultimate trust when revoking an ultimately trusted key.
new 8bb4628 * configure.ac: Big warning that TIGER/192 is being removed from the standard, and make it disabled by default.
new e0373e8 * config.links: Re-disable assembler on Darwin. Darwin 6.5 broke it again.
new a01bda6 * sign.c (do_sign): Show the hash used when making a signature in verbose mode.
new 9f6fa94 * g10.c (main): Add --no-textmode.
new ed7467a * BUGS: Fix bug reporting URL.
new 7fe578c * DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig class, and a reserved field for flags in a future version.
new fd959cd Removed assuan because we now use libassuan
new ca4df4b * command.c (register_commands): Adjusted for new Assuan semantics.
new 84a9ac9 * util.h (fopencokokie): Removed prototype and struct.
new ff272a6 * Makefile.am (LDFLAGS): Removed.
new 735c284 * Makefile.am: Use libassuan. Don't override LDFLAGS anymore. * server.c (register_commands): Adjust for new Assuan semantics.
new 9e6c5f9 * scdaemon.c: New options --print-atr and --reader-port * apdu.c, apdu.h: New
new 82334b3 * gettextP.h: Add comment for HP/UX users. Local fix for GnuPG.
new 1fc1d26 * build-packet.c (build_sig_subpkt): Comments.
new f861b64 * tdbio.c (create_version_record): Only create new trustdbs with TM_CLASSIC or TM_PGP.
new 7c3aa4a * cipher.h: Add constants for compression algorithms.
new 3afe991 * packet.h, build-packet.c (build_sig_subpkt), export.c (do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old sig cache subpacket. This wasn't completely harmless as it caused subpacket 101 to disappear on import and export.
new 4b256be * gpg.sgml: Some general language tweaks. Note default algo for --symmetric. --export-ownertrust takes no args. Document --no-escape-from-lines. Fix escaped "<From" to be ">From". Make "openpgp" trust model into "pgp".
new 59c5b52 * configure.ac: Remove some stuff no longer needed with newer autoconf. Use AC_GNU_SOURCE instead of defining _GNU_SOURCE manually. Add check for strchr() for gettext. Add "ngettext" check for gettext, since that check supposedly implies a check for bind_textdomain_codeset. Add check for times() for random.c. Fix URL for EGD. Make --enable-old-tiger match the stable branch as a separate item.
new 1e65929 * types.h: Add initializer macros for 64-bit unsigned type.
new 0048ebc * cipher.c (setup_cipher_table): #ifdef IDEA.
new d0573d3 * progress.c (handle_progress) * sign.c (write_plaintext_packet) * encode.c (encode_simple,encode_crypt): Make sure that a filename of "-" is considered to be stdin so that iobuf_get_filelength won't get called. This fixes bug 156 reported by Gregery Barton.
new 67a6cd7 * fileutil.c (is_file_compressed): Fixed checking for "-" filename.
new 2e821d7 * trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename is_disabled to cache_disabled_value, which now takes a pk and not just the keyid. This is for speed since there is no need to re-fetch a key when we already have that key handy. Cache the result of the check so we don't need to hit the trustdb more than once.
new 96c8bae * gpg.sgml: Document --trustdb-name. Document --gnupg in a new compliance section, and remove the various --no-PGPX options. Deprecate --no-comment in favor of --no-sk-comments.
new e1517d9 * configure.ac: Edit preprocessor instructions in g10defs.h to remove whitespace before the '#'. This is not required by C89, but there are some compilers out there that don't like it.
new 702dfdf * cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: Edit all preprocessor instructions to remove whitespace before the '#'. This is not required by C89, but there are some compilers out there that don't like it.
new c84fdfb * argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c, simple-gettext.c, errors.c, http.c, memory.c, secmem.c, ttyio.c: Edit all preprocessor instructions to remove whitespace before the '#'. This is not required by C89, but there are some compilers out there that don't like it.
new e152598 * mpicoder.c, mpi-inline.h, mpi-inv.c, mpiutil.c, mpih-div.c, mpi-internal.h, mpi-scan.c: Edit all preprocessor instructions to remove whitespace before the '#'. This is not required by C89, but there are some compilers out there that don't like it.
new 29e6411 * bithelp.h, des.c, random.c, rndlinux.c, sha1.c, blowfish.c, elgamal.c, rijndael.c, rndunix.c, sha256.c, cast5.c, idea-stub.c, rmd160.c, rndw32.c, sha512.c, md5.c, rmd160test.c, rsa.c, tiger.c: Edit all preprocessor instructions to remove whitespace before the '#'. This is not required by C89, but there are some compilers out there that don't like it.
new ea35e3b * bftest.c, crlf.c, mk-tdata.c, mpicalc.c, shmtest.c: Edit all preprocessor instructions to remove whitespace before the '#'. This is not required by C89, but there are some compilers out there that don't like it.
new 3a23c42 * armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c, getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c, options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c, signal.c, textfilter.c: Edit all preprocessor instructions to remove whitespace before the '#'. This is not required by C89, but there are some compilers out there that don't like it.
new dd9d2ca * POTFILES.in: Added a couple of missing source files. Noted by Pascal Hartig and Walter Koch. (From wk on stable branch)
new 951f7d9 * Makefile.am: Make use of AM_CFLAGS. (From wk on stable branch)
new ad9f6ae * getkey.c (premerge_public_with_secret): Made "no secret subkey for" warning a verbose item and translatable. (From wk on stable branch)
new f536ccc * gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable branch)
new aca5806 * mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable branch)
new d61c869 * defs.inc (pgmname): Make sure there is a valid options file. (From wk on stable branch)
new 8388bc0 * NEWS: Document --gnupg and the deprecation of --no-openpgp and --no-pgpX.
new 41bfaa5 About to release 1.3.2
new 6389386 Bumbed version number after release
new 630ed74 * configure.ac: Put wsock32 in NETLIBS. Put zlib in ZLIBS. Put dl in DLLIBS. Check for getopt.h if available. Look for getopt() in libiberty if libc doesn't have it. Enable GPGKEYS_HKP after AC_PROG_CC so that any needed extension (i.e. ".exe") is defined.
new 4d297a7 * srv.h, srv.c: Include windows.h with MINGW32.
new 5d3b948 * Makefile.am: Some cleanup, and use DLLIBS for -ldl.
new 0a86b45 * gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available. Also include extern references for optarg and optind since there is no guarantee that any header file will include them. Standards? We don't need no stinkin' standards
new 9390fe6 * keylist.c (list_one): Don't show the keyring filename when in --with-colons mode. Actually translate "Keyring" string.
new ff43d07 * main.h, misc.c (parse_options): New general option line parser. Fix the bug in the old version that did not handle report syntax errors after a valid entry.
new b173589 * mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy, show_notation): Collapse the old print_notation_data into show_policy() and show_notation() so there is only one function to print notations and policy URLs.
new 27ec3d9 * g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c (check_sig_and_print): Emulate the old policy and notation behavior (display by default). Send to status-fd whether it is displayed on the screen or not.
new 0afffb0 * configure.ac: Define SAFE_VERSION so that RISCOS can override it and remove invalid chars.
new 7c9855a * options.h, g10.c (main), keylist.c (list_keyblock_print): Add "show-validity" and "show-long-keyid" list-options.
new c3cdaee Make use of libgpg-error
new fa08328 * scdaemon.h: Include gpg-error.h and errno.h * card.c (map_sc_err): Use unknown for the error source. * Makefile.am: Link with libgpg-error
new d79ea5d Fix small typo in comment.
new 39e6e16 Inadvertently left out of the 2003-06-01 checkin
new a58ce94 Update error handling to match gpg-error in CVS.
new 4d3fece * options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since they at least handle subkeys correctly.
new bd820ba A small step for GnuPG but a huge leap for error codes. (Sorry, it does not build currently - I need to check it in to avoid duplicate work.)
new 5880657 * import.c (import_keys_internal): Invalidate the cache so that the file descriptor gets closed. Fixes bug reported by Juan F. Codagnone.
new 1c24b13 * import.c (import_keys_internal): Invalidate the cache so that the file descriptor gets closed. Fixes bug reported by Juan F. Codagnone.
new 66a7843 * parse-packet.c (parse): Disallow old style partial length for all key material packets to avoid possible corruption of keyrings.
new ed0d33f Finished the bulk of changes for gnupg 1.9. This included switching to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very u [...]
new f5db59f Key generation and signing using the OpenPGP card does rudimentary work.
new d1165b2 * app-openpgp.c (store_fpr): Fixed fingerprint calculation.
new 8b9f0bd * app-openpgp.c (do_setattr): Add setting of the URL. (app_select_openpgp): Dump card data only in very verbose mode. (do_decipher): New.
new 274e121 Minor changes to make make dist work correctly.
new adab7b0 * THANKS: Updates from stable.
new d8a6bd3 * types.h: Prefer using uint64_t when creating a 64-bit unsigned type. This avoids a warning on compilers that support but complain about unsigned long long.
new 6542761 * iobuf.c (check_special_filename): Replaced is isdigit by digitp to avoid passing negative values and potential locale problems. Problem noted by Christian Biere. * strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't pass a negative value. * miscutil.c (scan_isodatestr): Ditto.
new df79db5 * Makefile.am: Use W32LIBS where appropriate.
new 3bc9e79 * DETAILS: Document the --attribute-fd data.
new f4617d9 * parse-packet.c (parse_signature): No need to reserve 8 bytes for the unhashed signature cache any longer.
new a88cb47 * configure.ac: configure.ac: Check for sigset_t and struct sigaction. This is for Forte c89 on Solaris which seems to define only the function call half of the two pairs by default.
new f0fddbd * Makefile.am: Add --no-permission-warning to avoid spurious warning when importing demo keys.
new 59e5fb1 * simple-pwquery.c, simple-pwquery.h: Moved to ../common. * Makefile.am (gpg_protect_tool_LDADD): Add simple-pwquery.o. Removed it from xx_SOURCES.
new 270ba1b * simple-pwquery.c, simple-pwquery.h: New; moved from ../agent. * Makefile.am (libsimple_pwquery_a_LIBADD): New.
new fa2faef * Makefile.am: Add sc-copykeys program. * sc-copykeys.c: New. * app-openpgp.c (app_openpgp_storekey): New. (app_openpgp_cardinfo): New. (count_bits): New. (store_fpr): And use it here to get the actual length in bit.
new 06442ab * packet.h, main.h, sig-check.c (signature_check2, check_key_signature2, do_check): If ret_pk is set, fill in the pk used to verify the signature. Change all callers in getkey.c, mainproc.c, and sig-check.c.
new 726b36b * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add verify-options "show-validity" and "show-long-keyid" to show trustdb validity and long keyids during (file) signature verification.
new fa0cc66 * keyedit.c (show_key_with_all_names): Use list-option show-validity in --edit-key interface as well.
new fbdee01 * keygen.c (do_add_key_flags): Don't set the certify flag for subkeys. (ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys. (generate_keypair): Provide key flags for the default DSA/Elgamal keys.
new b8becef * command.c (cmd_pkauth): New. (cmd_setdata): Check whether data was given at all to avoid passing 0 to malloc.
new ba18809 * app-openpgp.c (do_learn_status): Print more status information. (app_select_openpgp): Store the card version. (store_fpr): Add argument card_version and fix DOs for old cards. (app_openpgp_storekey): Likewise.
new e4a9d14 * options.h, g10.c (main, add_keyserver_url): Add --sig-preferred-keyserver to implant a "where to get my key" subpacket into a signature.
new 860f56b Adjusted for use with current libgcrypt (1.1.42).
new 97d3ea8 * gpgsm.c (main): Add secmem features and set the random seed file. (gpgsm_exit): Update the random seed file and enable debug output.
new 2d7d9dc *** empty log message ***
new 2100b5d Remove leftover cruft
new 7921516 minor changes to make make distcheck happy
new 752e345 * options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c (print_and_check_one_sig): New "show-sig-expire" list-option to show signature expiration dates (if any).
new f2c38b8 Cleanups, fixes and PC/SC support
new 7500f07 About to release the first 1.9 version.
new a2cf3ca * packet.h, sig-check.c (signature_check2, do_check, do_check_messages): Provide a signing-key-is-revoked flag. Change all callers.
new d827354 * gpgv.c: Remove extra semicolon (typo).
new 5ad7dd7 * random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM twice. Use NAME_OF_DEV_URANDOM.
new 03c12b5 * mainproc.c (check_sig_and_print): Get the uid validity before printing any sig results to avoid munging the output with trustdb warnings.
new 68c8983 * http.c (connect_server): Try and use getaddrinfo if it is available. Try for IPv6 via getaddrinfo() or a IPv6-ized gethostbyname(). Suggested by Jun-ichiro itojun Hagino.
new cce2bf2 * configure.ac: Check for getaddrinfo. Don't bother to check for EGD libs since we need to have the netlibs regardless because of the agent socket.
new 5707b80 * Makefile.am: Use NETLIBS instead of EGDLIBS.
new a01a08f * gpg.sgml: Document --list-options (show-photos, show-policy-url, show-notation, show-keyring) and --verify-options (show-photos, show-policy-url, show-notation). Deprecate --show-photos, --show-policy-url, --show-notation, and --show-keyring.
new 40eed2b * gnupg.spec.in: Rework much of the spec to use %-macros throughout. Fix to work properly with RPM 4.1 (all files in buildroot must be packaged). Package and install info files. Tweak the English description. Do not install gpgv and gpgsplit setuid root. Make sure that install-info is called in such a way that doesn't bork the RPM install if it cannot complete (necessary for some upgrade scenarios).
new 002972f * NEWS: Note %g and %p, the "tru" --with-colons record, and the REVKEYSIG --status-fd tag.
new 68aa60e * mainproc.c (check_sig_and_print): Use two different preferred keyserver displays - one if the key is not present (to tell the user where to get the key), the other if it is present (to tell the user where the key can be refreshed).
new 2d682dd * options.h, g10.c (main): Add list-option list-preferred-keyserver.
new cd06705 * dotlock.c, http.c, iobuf.c, simple-gettext.c, srv.c, srv.h, strgutil.c, ttyio.c, w32reg.c: s/__MINGW32__/_WIN32/ to help building on native Windows compilers. Requested by Brian Gladman. From Werner on stable branch.
new 1814e2d * util.h: s/__MINGW32__/_WIN32/ to help building on native Windows compilers. Requested by Brian Gladman. From Werner on stable branch.
new 6eb9d62 * idea-stub.c, random.c; s/__MINGW32__/_WIN32/ to help building on native Windows compilers. Requested by Brian Gladman. From Werner on stable branch.
new 17e67cd * passphrase.c (agent_send_all_options): Make use of $GPG_TTY.
new 2fb83fe * AUTHORS, THANKS: Updates from stable.
new 8f03511 * autogen.sh: Touch po/all for --build-w32. From Werner on stable branch.
new 8ca2c7a * samplekeys.asc: Updated.
new 934b165 Credits from stable
new b9c223f * keyedit.c (print_and_check_one_sig): Use list-option show-long-keyid in --edit-key "check" function.
new 7c352dc * keyedit.c (show_key_with_all_names): Use list-option show-long-keyid in main --edit-key display.
new 7fb081a * gpg.sgml: Document list-options (show-preferred-keyserver, show-validity, show-long-keyid, and show-sig-expire), and verify-options (show-preferred-keyserver, show-validity, show-long-keyid).
new 653da12 * main.h, keygen.c (keygen_add_keyserver_url): Signature callback for adding a keyserver URL.
new 858a0a5 * g10.c (add_keyserver_url), keyedit.c (keyedit_menu), sign.c (mk_notation_policy_etc): Clarify a few strings. It's a "preferred keyserver URL".
new 4916c23 * gpg.sgml: Use "keyserver-url" instead of "preferred-keyserver" for the sake of short and simple commands.
new 6f47219 * DETAILS: Note fingerprint of signing key in sig records.
new 12bcf6d * NEWS: Note --list-options, --verify-options, the deprecation of --show-photos, --show-policy-url, --show-notation, and --show-keyring, and getting the signer's fingerprint in sig records.
new ff4b661 * keyedit.c (show_key_with_all_names): Fix assertion failure when using toggle to see a secret key. Reported by Maxim Britov.
new 142ef9b * md.c (string_to_digest_algo): Enable read-write SHA-256 support.
new fe0de7b * armor.c (parse_hash_header, armor_filter), g10.c (print_hex, print_mds), pkclist.c (algo_available): Drop TIGER/192 support.
new 50fb4a2 * mds.test, sigs.test: Remove TIGER/192 and make SHA-256 optional (since it might not be compiled in).
new 192520a * configure.ac: Drop TIGER/192 support. Check for UINT64_C to go along with uint64_t.
new 1d76c4a * cipher.h: Drop TIGER/192 support.
new ed79601 Missed one.
new 405d9df * g10.c (main): Error out if --multifile is used with the commands that don't support it yet (--sign, --clearsign, --detach-sign, --symmetric, and --store).
new eb18893 * g10.c (main): Trim --help to commonly used options. Remove -f.
new 046493f 2003-09-21 Timo Schulz <twoaday at freakmail.de>
new b224756 * g10.c (main): Deprecate --default-comment in favor of --no-comments.
new 4ccd51c * keydb.h, keyring.c (keyring_search), trustdb.c (search_skipfnc): Expand the skipfnc to include a pointer to the user ID that matched.
new 97dcb84 * sign.c (mk_notation_policy_etc): Capitalize "URL".
new 0d8bd2e * keyedit.c (show_key_with_all_names): Show names a little neater by putting the [revoked] or [expired] in the space used for the [validity]. There is also no point in showing "[unknown] [revoked]".
new e70e416 * options.h, g10.c (main), keylist.c (list_keyblock_print): Add "show-unusable-uids" list-option to show revoked and/or expired user IDs.
new 20ed539 First bits of a card support backport from 1.9. It is not enabled by default and tehre is not yet much more than a new configure option.
new e369270 * g10.c (main): New commands --card-edit, --card-status and --change-pin. New options --ctapi-driver, --pcsc-driver and --disable-ccid * options.h (DBG_CARD_IO): New. * cardglue.c, cardclue.h: Enhanced. * card-util.c: New. Taken from current the gnupg 1.9 branch. * app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c * apdu.h, ccid-driver.c, ccid-driver.h: New. Takem from the current gnupg 1.9 branch withy minor changes to include directives. * Makefile.am: Ad [...]
new edb5762 * util.h: Add the atoi_* and xtoi_* suite of macros from 1.9. * dynload.h: New. Taken from 1.9.
new 7c637a0 (tty_fprintf): New.
new 024bc22 2003-09-28 Timo Schulz <twoaday at freakmail.de>
new 4b929ff 2003-09-28 Timo Schulz <twoaday at freakmail.de>
new 8062cb4 * keygen.c (do_add_key_flags, parse_parameter_usage): Add support the proposed AUTH key flag. * getkey.c (fixup_uidnode, merge_selfsigs_main) (merge_selfsigs_subkey, premerge_public_with_secret): Ditto. * keylist.c (print_capabilities): Ditto.
new 52100b4 * gpgv.c (check_trustdb_stale): Stub.
new 05a991a * NEWS: Note that SHA-256 is read-write now, that TIGER/192 is no more, that revoked and expired uids are skipped in -r, and that --no-mangle-dos-filenames is now the default.
new 3901d48 * gpg.sgml: Clarify --mangle-dos-filenames, document list-option show-unusable-uids, remove --no-comment (which is now --no-sk-comments), add --no-comments (to remove --comment), remove --default-comment, and document --sig-keyserver-url.
new cb772de * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add --verify-option show-unusable-uids.
new 156774e * gpg.sgml: Note web bug behavior of auto-key-retrieve. Note that big photos mean big keys. Document --rfc2440. Document verify-option show-unusable-uids.
new e398ea2 * samplekeys.asc: Update 99242560.
new b0fe35f * g10.c (main): Add --no-groups to zero --group list.
new 99cabff * cardglue.c (learn_status_cb): Release values before assignment so that it can be used by getattr to update the structure. (agent_scd_getattr): New.
new 25bf32a 2003-10-04 Timo Schulz <twoaday at freakmail.de>
new b7bd594 * primegen.c (gen_prime): Bail out if NBITS is zero. This is Debian bug #213989 reported by Max <rusmir at tula.net>.
new fcbd46e (tty_print_string, tty_print_utf8_string2) (tty_print_utf8_string): Made string arg const.
new 72c648c * cardglue.c (pin_cb): Detect whether an admin or regular PIN is requested. (genkey_status_cb): New. (agent_scd_genkey): Implemented.
new f633ef1 * ccid-driver.c (ccid_transceive): Add T=1 chaining for sending.
new 40db05f * g10.c (main): Give a deprecated option warning for --show-keyring, --show-photos, --show-policy-url, --show-notation, and their respective no- forms.
new 7724105 * NEWS: Note multiple Comment: support and --sig-keyserver-url.
new 3cfffa8 * primegen.c (gen_prime): Bail out if we try to generate a prime with less than 16 bits. Include i18n.h.
new 547b00c Add news about OpenPGP card support.
new 5a0fbad * cardglue.c (card_close): New. * ccid-driver.c (ccid_close_reader): New. * apdu.c (close_ccid_reader, close_ct_reader, close_csc_reader) (close_osc_reader, apdu_close_reader): New. Not all are properly implemented yet. * g10.c (g10_exit): Use close_card.
new 9d424d1 Updated texinfo files
new 6f6511f About to release 1.3.3
new 8b36b03 (card_close): New. (agent_scd_change_pin): Implemented.
new 187e94f Prepared for next development cycle
new bc14a87 Always enable the gen_card_key prototype.
new 90bd542 * srv.c: OSX 10.2.8/Darwin 6.8 seems to have some #include ordering issues? Move sys/types.h up higher to work around.
new 837df30 * keyedit.c (show_key_with_all_names): Ownertrust is only meaningful for the PGP or classic trust models. Both validity and ownertrust are not meaningful for the always trust model.
new 6ad91b2 * import.c (import_one): Show the keyid when giving the Elgamal slow import warning.
new b194ed0 * configure.ac: Include -ldl when card support is used.
new 441aeb8 * passphrase.c (ask_passphrase): Add optional promptid arg. Changed all callers. * cardglue.c (pin_cb): Use it here, so the machine interface can tell whether the Admin PIN is requested.
new 9e048bc (DLLIBS): Do not include -ldl in the mingw32 case.
new 00ec058 (lock_pool) [_AIX]: Don't use plock.
new 0683586 (DLLIBS): Fixed last change.
new 624612b (apdu_open_reader): Hacks for PC/SC under Windows.
new 8fbf5b8 * configure.ac (DLLIBS): Work properly on platforms where dlopen and friends are in libc instead of libdl.
new bc45e6e * g10.c (main) [ENABLE_CARD_SUPPORT]: Add a default for --pcsc-driver.
new ea5d88c * Makefile.am (SUBDIRS): Add intl. (ACLOCAL_AMFLAGS): New variable. (EXTRA_DIST): Add scripts/config.rpath. * configure.ac (AC_CONFIG_FILES): Add po/Makefile.in, (AL_LINGUAS): Removed.
new e62874f * ccid-driver.c (ccid_open_reader): Return an error if no USB devices are found.
new e6c0369 (gpgkeys_hkp_LDADD): Replaced INTLLIBS by LIBINTL.
new b6e60be New.
new 3a498fc Updated required versions and add -I m4 to aclocal.
new 2370425 Replaced INTLLIBS by LIBINTL.
new 8ed48ad Gettexized
new d30da9e Updated to 0.12.1
new bb7986e * g10.c (main): Add --symmetric --encrypt command. This generates a message that can be decrypted via a passphrase or public key system.
new ce4c9b6 * g10.c (main): Enhance the version-specific config file code to try for more specific matches before giving up (e.g. 1.3.3-cvs, 1.3.3, 1.3, 1).
new c43bc4f * NEWS: Note --symmetric --encrypt and the improved config file search.
new be239a0 * DETAILS: Add the 'a' value for field 12 and the new field 15.
new fcc72f9 * cardglue.c (open_card): Ask for card insertion. (check_card_serialno): New. (agent_scd_pksign, agent_scd_pkdecrypt): Use it here. * cardglue.c (open_card): Issue insertion status message. * status.h, status.c (STATUS_CARDCTRL): New.
new 06865e7 (close_ct_reader, close_pcsc_reader): Implemented. (get_ccid_error_string): New. Not very useful messages, though.
new 8d82e1a * cipher.h: Add COMPRESS_ALGO_BZIP2.
new 869c6bb * misc.c (compress_algo_to_string, string_to_compress_algo, check_compress_algo): Add bzip2.
new d3cd27c * configure.ac: Locate libbz2 for bzip2 compression support.
new 5c37fd9 * trustdb.h, trustdb.c (register_trusted_keyid): New. Adds a keyid to the list of ultimately trusted keys.
new 9a69b07 * http.c (connect_server): Differentiate between generic "can't connect" errors and the more specific "host not found". Suggested by Samuel Tardieu.
new ebe6f49 * pkclist.c (build_pk_list): When adding recipients interactively, allow the user to stop at any point.
new 5028edd * mainproc.c (proc_symkey_enc): Don't show algorithm information when --quiet is set. Suggested by Duncan Harris. Also don't fail with BUG() when processing a --symmetric message with a cipher we don't have.
new fef77d9 * configure.ac: Make sure that the resolver API actually compiles, and not just that the right functions exist.
new bc1e435 * g10.c (main): Add --symmetric --sign --encrypt.
new fbadc93 * NEWS: Note BZIP2.
new 80caf99 * options.h, g10.c, keyedit.c, keylist.c, mainproc.c: Clarify the plurarility (or not) of various list and verify options.
new c47ec46 * options.h, trustdb.c (trust_model_string, init_trustdb): Add support for "external" trust model, where the user can provide a pregenerated trustdb.
new 3257edd * encode.c (encode_simple), sign.c (sign_symencrypt_file): Properly use default_compress_algo (--compress-algo, followed by the highest --personal-compress-preference, followed by ZIP) to get the algorithm.
new 995d712 * options.h, g10.c (main), compress.c (init_compress), compress-bz2.c (init_compress): Add --compress-level and --bzip2-compress-level. -z sets them both. Change various callers.
new 2e4ab6c * compress.c (init_compress): Remove compress level 10 trick, since it is no longer needed.
new dcf747d * options.h, g10.c (main), compress-bz2.c (init_uncompress): Add --bz2-compress-lowmem to set bzlib "small" flag for low memory (but slow) decompression.
new baf4e3b * miscutil.c (match_multistr): New. Match against each segment in a string with tokens separated by |. (answer_is_yes_no_default, answer_is_yes_no_quit, answer_is_okay_cancel): Use it here to enable alternate translations.
new e81943f * util.h: Add prototype for match_multistr().
new 85a8026 * seskey.c (do_encode_md): Comment about earlier (pre-PGP 2.3) encodings.
new 3330dbd * config.links: sparc64 assembler doesn't work on FreeBSD or OpenBSD either.
new cdf871f * gpg.sgml: Document --compress-level. Some minor tweaks to other entries.
new 4b6f005 * gpg.sgml: Note the new combinations with --symmetric and --encrypt. Document --bzip2-compress-level, and --bzip2-compress-lowmem. Clarify the plurarility (or not) of various list and verify options. Document BZIP2 in the --compress-algo section. Warn about compatibility issues with ZLIB and BZIP2.
new ee3f955 (get_key): Fixed invalid use of fprintf without format string.
new d3e5200 * configure.ac: Use MSG_NOTICE instead of MSG_WARN for less serious notifications.
new 973c868 * keygen.c (ask_algo): Remove ability to generate Elgamal sign+encrypt keys.
new c257783 Auto-updates
new 20d83b2 Solved cvs conflict
new 5473ac9 * pkclist.c (build_pk_list): Do not allow an empty PK list in interactive mode.
new 996d61b * pubkey.c (pubkey_sign): Return an error if an ElGamal key is used.
new fb5270e Minor additions
new 18575c7 * NEWS: Note that we won't encrypt to an Elgamal sign+encrypt key any longer.
new a278127 about to release 1.3.4
new c58f068 (TESTS): Temporary remove tests using ElG signatures.
new 11859fc post release version number bumb
new 3c0eb77 * trustdb.c (validate_keys): Reset the trustdb before checking if we have any ultimately trusted keys. This ensures that if we lose all our ultimately trusted keys, we don't leave behind the old validity calculations. Noted by Peter Palfrader.
new 03b04db * mainproc.c (proc_symkey_enc, proc_encrypted): Add ability to use --override-session-key on --symmetric messages (new-style or old-style). (proc_pubkey_enc): Move code to show session key from here to proc_encrypted() so it can work with any type of message. Suggested by Michael Young.
new 1f1da8c * README: Update version number. Add BZIP2. Remove Elgamal sign+encrypt.
new 6048620 * pubkey.c (setup_pubkey_table): Only include RSA if USE_RSA is defined. (pubkey_get_npkey): Return 2 for RSA even if it isn't available so we can at least handle RSA keys.
new a32a3a8 * NEWS: Note --disable-rsa.
new 3c40fd6 * options.h, g10.c (main), main.h, seskey.c (do_encode_md, encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove --emulate-md-encode-bug as it only applied to Elgamal signatures, which are going away.
new ad71703 * options: Remove emulate-md-encode-bug.
new 189dea7 * g10.c (strusage, main): Show development version warning in --version output. (main): Set --bzip2-compress-level to the default value at startup. Remove --emulate-checksum-bug noop.
new b5fe8d3 * pubkey.c (setup_pubkey_table): Don't allow signatures to and from encrypt-only Elgamal keys. (pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig, pubkey_get_nenc, pubkey_nbits): Wrap the RSA cheats in !USE_RSA. Add cheats for sign+encrypt Elgamal.
new 32c1983 * cipher.h: Make cipher list match 2440bis-09.
new 10e596d * config.links: Show target in asm-syntax.h file and include targets for K*BSD (GNU userland with BSD kernel).
new 7c01f15 * miscutil.c (answer_is_yes_no_default, answer_is_yes_no_quit): Don't use alternate strings when not needed so we don't have to re-translate them. Hopefully the comment will be enough to indicate multiple match strings.
new d1b08da * Makefile.am: Reenable tests now that the Elgamal signature keys are gone.
new acdcbd6 * http.c (send_request): Add a Host: header for virtual hosts.
new c4ecc7b * gpgsplit.c (write_part): Split off decompression code. (handle_zlib): Move it here. (handle_bzip2): Add this to handle BZIP2 compressed messages.
new d143a9e * gpg.sgml: Fix a few missing semicolons in & entities. Noted by Christian Biere. Some minor grammar fixes. Remove the "host -l pgp.net | grep wwwkeys" advice since the nameserver no longer all allow zone transfers. Replace it with a mention of hkp://subkeys.pgp.net. Note that BZIP2 defaults to compression level 6.
new 4c2e0e6 * configure.ac: Add a min_automake_version. * README.CVS: New. * autogen.sh: Revamped except for the --build-w32 hack. * Makefile.am: Add README.CVS
new 5f8ec65 Removed accidential added file
new 4830eb7 * keyid.c (do_fingerprint_md): Properly handle hashing of keys that we don't know the structure of by using the opaque MPI. (do_fingerprint_md_sk): We cannot calculate the fingerprint from a secret key unless we know the structure (since we can't leave off the secret key parts), so fail early..... (keyid_from_sk, fingerprint_from_sk): .... and return all zeroes.
new 08967eb * keyid.c (keyid_from_sk, keyid_from_pk, fingerprint_from_pk, fingerprint_from_sk): Enforce the v3-is-only-RSA rule. Anything that isn't RSA gets a zero keyid and fingerprint.
new 888a6c2 * keyid.c (do_fingerprint_md): Remove the rules to hash the old v3 Elgamal keys. They are no longer needed.
new db5ab5e * packet.h, build-packet.c (hash_public_key): Remove function ...
new f5d4b8d * sig-check.c (do_check): Move the signing algo and hash checks from here... (signature_check2): ... to here. (check_key_signature2): ... and here. This is a minor optimization to avoid fetching a key (which can be expensive, especially if it is not self-signed, and there are many key signatures on it which need to be checked for ultimate trust) if the signature would have failed anyway because of algorithm or hash problems.
new 64dd0c4 * cipher.h (pubkey_verify): Remove old unused code.
new 68b3e41 * dsa.h, dsa.c (dsa_verify), elgamal.h, elgamal.c (elg_verify), rsa.h, rsa.c (rsa_verify), pubkey.c (dummy_verify, pubkey_verify): Remove old unused code.
new 84401d1 * sig-check.c (cmp_help, do_check), sign.c (do_sign): Remove old unused code.
new 5c09a56 * mpi.h (gcry_mpi, mpi_get_opaque, mpi_set_opaque): Make nbits and the length of an opaque MPI unsigned.
new e49672d * mpiutil.c (mpi_set_opaque, mpi_get_opaque): Make the length of an opaque MPI unsigned.
new 7847eae * build-packet.c (write_fake_data, do_secret_key), seckey-cert.c (do_check): Use an unsigned length for mpi_get_opaque.
new 392e6da * main.h, misc.c (parse_options): Add a "noisy" flag to enable and disable the messages about which option didn't match or matched ambiguously. Change all callers (g10.c, keyserver.c).
new 0f346cf * keyserver.c (strip_leading_space, get_arg): New. (parse_keyserver_options): Use them here to allow arguments to keyserver-options. Since none of our options need arguments yet, just pass them through whole to the keyserver helper.
new 02ae08d cleaned up RISC OS code and removed lots of unnecessary stuff
new 4cf0123 * keyserver.c (argsep): New variation on strsep that knows about optional arguments. (parse_keyserver_options): Use it here for optional arguments.
new eea75c0 * http.c (send_request, http_open_document, http_open): Pass the http proxy from outside rather than pulling it from the evironment.
new a847d49 * http.h: Pass the http proxy from outside rather than pulling it from the evironment.
new 4823880 * options.h, g10.c (main), keyserver.c (keyserver_opts, parse_keyserver_uri): honor-http-proxy is no longer an option since we can do the same thing with http-proxy with no arguments. Also remove broken-http-proxy since it can be better handled in the HTTP helper.
new f13f772 * gpgkeys_hkp.c (send_key, get_key, main): Work with new HTTP code that passes the proxy in from the outside. If the command file sends a proxy, use it. If it sends "http-proxy" with no arguments, use $http_proxy from the environment.
new d537d54 * misc.c (pull_in_libs): Dead code. Removed.
new 330f042 * g10u.c: Dead code. Remove.
new d7a28c7 * rijndael.c, rndunix.c, twofish.c: Remove dead IS_MODULE code.
new 8f7b947 * idea-stub.c (load_module, idea_get_info): Return the proper type for idea_get_info from inside load_module. From Stefan Bellon.
new 1228a48 * g10m.c: Dead code. Remove.
new 2a78514 * options.h, g10.c (main), import.c (parse_import_options, import_one, import_secret_one), keyserver.c (keyserver_refresh): Change --merge-only to --import-option merge-only. Deprecate --merge-only.
new e7abe7e * clearsig.test, conventional-mdc.test, conventional.test, defs.inc, encrypt-dsa.test, encrypt.test, genkey1024.test, plain-1.asc, plain-1-pgp.asc, plain-2.asc, plain-3.asc, pubring.asc, secring.asc, sigs.test: Rework tests to work properly with a gpg binary that doesn't have all ciphers and all pk algos. Basically, we test for the ciphers we have, only test signing with non-160-bit hashes with RSA (we test all hashes as hashes). Test all key lengths of AES.
new ed3f4da Only use ZLib module on RISC OS when configured
new d38c4b2 * gpg.sgml: Fix a few minor typos. Clarify what --textmode is useful for.
new 5a57e36 Use the portable C MPI code for OpenBSD before 3.4, and remove the special i386-openbsd assembly directory.
new 666c582 * config.links: OpenBSD 3.4 is now ELF, so use the proper assembler code for that. Use the portable C MPI code for OpenBSD before 3.4, and remove the special i386-openbsd assembly directory.
new 967a61c * convert-from-106, lspgpot: Check for gpg binary before proceeding. Don't hardcode the path to gpg.
new f7bcce8 * configure.ac: Include stdio.h when checking for bzlib.h. Solaris 9 has a very old bzip2 library and we can at least guarantee that it won't fail because of the lack of stdio.h.
new 580faa8 * gpgkeys_hkp.c (search_key): Catch a mangled input file (useful if something other than GnuPG is calling the program). (main): Avoid possible pre-string write. Noted by Christian Biere.
new 2d14620 * configure.ac: Use -Wformat-nonliteral in maintainer-mode.
new ef3f2d8 (send_key): Add a content type.
new 7bd05d1 * util.h: Add prototype for print_string2().
new 2f3c2f4 * argparse.c (default_strusage): Update copyright date. (initialize): Avoid a number of -Wformat-nonliteral warnings. These aren't actual problems, but the warnings bothered me.
new 65f759a * pubkey.c (setup_pubkey_table), elgamal.c (sign, verify, test_keys, elg_sign, elg_verify, elg_get_info): Remove the last bits of Elgamal type 20 support.
new 99f6f81 * cipher.c (setup_cipher_table): May as well call Rijndael AES at this point.
new 57c585b * cipher.h: Remove the old CIPHER_ALGO_RINJDAEL values. is_ELGAMAL() now only matches type 16 and not type 20.
new 1d12c12 * misc.c (print_cipher_algo_note): May as well call Rijndael AES at this point.
new 9915f6e * sig-check.c (check_key_signature2): Comments.
new 0fb284a * g10.c (main), keydb.h, keydb.c (keydb_rebuild_caches), keyring.h, keyring.c (keyring_rebuild_cache): Add "noisy" flag so cache rebuilds can remain noisy when called for itself, and quiet when called as part of the trustdb rebuild.
new c8ab1bd * trustdb.c (reset_trust_records): New, faster, implementation that doesn't involve a keyring scan. (clear_validity): Removed.
new a18110a hppa1.1/udiv-qrnnd.S: Alignment fix from Lamont Jones for Debian.
new 97efb85 * keylist.c (set_attrib_fd): Open attribute fd in binary mode. This isn't meaningful on POSIX systems, but the Mingw builds aren't exactly POSIX.
new 01d0c54 * keyedit.c (print_and_check_one_sig, keyedit_menu): Use the COLUMNS environment variable (if any) to hint how wide the terminal is. Disabled on _WIN32. Suggested by Janusz A. Urbanowicz.
new cceda5c * packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), pkclist.c (check_signatures_trust): Indicate who has revoked a key (the owner or a designated revoker). If a key was revoked by both, prefer the owner.
new f7447ea * g10.c (list_config): New function to dump config options to stdout. Currently requires --with-colons. (collapse_args): New function to turn argc/argv into a single string. (main): Use it here to pass list_config() more than one argument as a single string. (print_algo_numbers): Helper to print algorithm number for --list-config "pubkey", "cipher", "hash"/"digest", and "compress" config options.
new 385a19b * mainproc.c (list_node): Show sigs with --verbose.
new 45bbdcc * NEWS: Note --enable-key-cache, the OpenBSD/i386 and HPPA fixes, and Elgamal removal.
new 654ba16 * getkey.c: Set MAX_PK_CACHE_ENTRIES and MAX_UID_CACHE_ENTRIES to PK_UID_CACHE_SIZE (set in ./configure).
new 0030198 * g10.c (main, rm_group): Add --ungroup command to remove a particular group. (add_group): When adding a group with the same name as an already existing group, merge the two groups. (list_config): Show an error message when listing a config item that doesn't exist. (main): Replace -z0 trick for no compression.
new bbd5cda * DETAILS: Details for --list-config.
new 74eadbf * clearsig.test, sigs.test: Properly detect RSA being missing, and use the proper key for doing an RSA test.
new 9842d84 * keygen.c (keygen_set_std_prefs): Build the default preferences list at runtime as it properly handles algorithms disabled at build or run time.
new 7198879 * keyedit.c (keyedit_menu): Prompt for subkey removal for both secret and public subkeys.
new aa5f194 * options.h, g10.c (main), keylist.c (list_keyblock_print): Add "show-unusable-subkeys" list-option to show revoked and/or expired subkeys.
new 8765757 * import.c (import_one): Do the revocation check even in the case when a key, a revocation key set in a direct key signature, and a revocation from that revocation key, all arrive piecemeal. Needless to say, this is pretty obscure.
new 76f579b * main.h, keyedit.c (keyedit_menu): Remove sign_mode and enhance the more general command list functionality to replace it.
new cefe95d * import.c (check_prefs): New function to check preferences on a public key to ensure that it does not advertise any that we cannot fulfill. Use the keyedit command list function to optionally rewrite the prefs. (import_one, import_secret_one): Use it here when importing a public key that we have the secret half of, or when importing a secret key that we have the public half of.
new 35482c5 * gnupg.7: Clarify that 'gpgv' doesn't encrypt, and that's not a bug.
new f407bb6 * import.c (check_prefs): Some language fixes. (sec_to_pub_keyblock, import_secret_one): Without knowing the number of MPIs there are, we cannot try and sk-to-pk-ize a key.
new c9aa500 * keyserver.c (argsep): Move to misc.c.
new 95d0521 * build-packet.c (write_header2): If a suggested header length is provided along with a zero length, interpret this as an actual zero length packet and not as an indeterminate length packet. (do_comment, do_user_id): Use it here as these packets might be naturally zero length.
new 2ecb28c * build-packet.c (do_user_id): Do not force a header for attribute packets as they require a new CTB, and we don't support forced headers for new CTBs yet.
new f3de3a5 * gpgkeys_ldap.c (ldap_to_gpg_err): Make sure that LDAP_OPT_ERROR_NUMBER is defined before we use it.
new 6c13b96 * options.h, g10.c (main), plaintext.c (handle_plaintext): Add --max-output option to help people deal with decompression bombs.
new 7e73649 * gpgkeys_ldap.c (find_basekeyspacedn): New function to figure out what kind of LDAP server we're talking to (either real LDAP or the LDAP keyserver), and return the baseKeySpaceDN to find keys under. (main): Call it from here, and remove the old code that only handled the LDAP keyserver.
new ce1e817 * configure.ac: Simplify the LDAP checking code since OpenLDAP is far more mature these days and dependencies are cleaner. Add checks for ldap_set_option and ldap_start_tls_s.
new 2130102 * Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps to gpgkeys_ldap when needed.
new 06d21d8 * configure.ac: Check for ln -s and add GPGKEYS_LDAP conditional, both for making gpgkeys_ldaps symlink to gpgkeys_ldap.
new 7f14801 * gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do not correct for timezones. (main): Find the basekeyspacedn before we try to start TLS, so we can give a better error message when a user tries to use TLS with a LDAP keyserver.
new 925b982 * gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv. (search_key): Catch a SIZELIMIT_EXCEEDED error and show the user whatever the server did give us. (find_basekeyspacedn): There is no guarantee that namingContexts will be readable.
new e867829 * mkdtemp.c: Removed.
new a3ba17e * mkdtemp.c: New (moved from g10/), setenv.c: New, unsetenv.c: New.
new 9fe66c8 * configure.ac: Check for timegm(). Replacement functions for setenv() and unsetenv().
new 34ccced * keyserver.c (keyserver_export): Disallow user strings that aren't key IDs. (keyserver_import): Clarify error message. (keyserver_spawn): Properly handle 8 bit characters in user IDs in the info lines during SEND.
new 93b5a81 * main.h, misc.c (hextobyte): Removed. It's in libutil.a now.
new fcc02ac * miscutil.c (hextobyte): Moved here from g10/misc.c so I can use it in the keyserver helpers.
new 9afea90 * util.h: Prototype for hextobyte().
new 3b9d7a6 * gpgkeys_ldap.c (epoch2ldaptime): New. Converse of ldap2epochtime. (make_one_attr): New. Build a modification list in memory to send to the LDAP server. (build_attrs): New. Parse INFO lines sent over by gpg. (free_mod_values): New. Unwinds a modification list. (send_key_keyserver): Renamed from old send_key(). (send_key): New function to send a key to a LDAP server. (main): Use send_key() for real LDAP servers, send_key_keyserver() otherwise.
new 3ddd441 * keyserver.c (keyserver_spawn): Use the full 64-bit keyid in the INFO header lines, and include "sig:" records for the benefit of people who store their keys in LDAP servers. It makes it easy to do queries for things like "all keys signed by Isabella".
new d859047 * plaintext.c (handle_plaintext): Properly handle a --max-output of zero (do not limit output at all).
new 07a10b4 * gpgkeys_ldap.c (delete_one_attr): New function to replace attributes with NULL (a "delete" that works even for nonexistant attributes). (send_key): Use it here to remove attributes so a modify operation starts with a clean playing field. Bias sends to modify before add, since (I suspect) people update their existing keys more often than they make and send new keys to the server.
new 643665c * options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add --min-cert-check-level option to specify minimum cert check level. Defaults to 2 (so 0x11 sigs are ignored). 0x10 sigs cannot be ignored.
new 17ce0c5 * gpgkeys_ldap.c (delete_one_attr): Removed. (make_one_attr): Delete functionality added. Optional deduping functionality added (currently only used for pgpSignerID). (build_attrs): Translate sig entries into pgpSignerID. Properly build the timestamp for pgpKeyCreateTime and pgpKeyExpireTime.
new be94975 (lock_pool) [_AIX]: Also set errno.
new a84fe54 * plaintext.c: Copyright.
new 0d7cae4 * gpgkeys_ldap.c (send_key): List pgpCertID as one of the deleted attributes. This guarantees that if something goes wrong, we won't be able to complete the transaction, thus leaving any key already existing on the server intact.
new f2148f0 * delkey.c (do_delete_key): Allow deleting a public key with a secret present if --expert is set.
new 4c4f29d * README: Update copyright.
new 1c5b33a * gpg.sgml: Document keyserver-option http-proxy, import-option merge-only, remove old honor-http-proxy, --merge-only, and --emulate-md-encode-bug. Document COLUMNS and LINES.
new 0c17789 * gpg.sgml: Document --ask-cert-level, --max-output, and --default-cert-level.
new 9a31df2 Preparing for 1.3.5
new 25344bd Post release version number change
new 1f5ef59 * Makefile.am: Don't split LDADD across two lines since some make programs can't handle blank lines after a \ continuation. Noted by Christoph Moench-Tegeder.
new e38ea66 * unsetenv.c: Fixed debugging typo.
new 0a05d98 * iobuf.c (block_filter): Properly handle a partial body stream that ends with a 5-byte length that happens to be zero.
new 9eb128e * parse-packet.c (parse): Only data-type packets are allowed to use OpenPGP partial length encoding.
new c57262f * packet.h, free-packet.c (free_encrypted, free_plaintext), parse-packet.c (copy_packet, skip_packet, skip_rest, read_rest, parse_plaintext, parse_encrypted, parse_gpg_control): Use a flag to indicate partial or indeterminate encoding. This is the first step in some minor surgery to remove the old gpg partial length encoding.
new 2d7fe1d * options.h, g10.c (main): Add a more flexible --keyid-format option to replace the list-option (and eventually verify-option) show-long-keyids. The format can be short, long, 0xshort, and 0xlong.
new 56a6945 * build-packet.c (write_header2): Remove call to start old gpg partial length mode and change all callers. (do_plaintext): Turn off partial length encoding now that we're done writing the packet. (do_comment, do_user_id): Try for a headerlen of 2 since that's the smallest and most likely encoding for these packets.
new c562c9e * options.h, g10.c (main), mainproc.c (check_sig_and_print): Remove verify-option show-long-keyids and replace with the more general keyid-format.
new 64e3f5a * armor.c (fake_packet, armor_filter): Use the 2440 partial length encoding for the faked plaintext packet.
new f29639d * iobuf.h: Remove iobuf_set_block_mode() and iobuf_in_block_mode().
new 6d4cc84 * iobuf.c (block_filter): Remove the old gpg indeterminate length mode. (iobuf_set_block_mode, iobuf_in_block_mode): Removed as superfluous.
new 1e01514 * revoke.c (export_minimal_pk), export.c (do_export_stream), passphrase.c (passphrase_to_dek), keyserver.c (print_keyrec): A few more places to use --keyid-format.
new ea73c94 * getkey.c (merge_selfsigs_subkey): Do not mark subkeys valid if we do not support their pk algorithm. This allows for early (during get_*) rejection of a subkey, and selection of another.
new efec599 * keyid.c (keyid_from_sk): Minor performance boost by caching secret key keyids so we don't have to calculate them each time.
new b8cd312 * keydb.h, keyid.c (keystr_from_pk, keystr_from_sk): New functions to pull a key string from a key in one step. This isn't faster than before, but makes for neater code.
new a5208f2 * keylist.c (print_seckey_info, print_pubkey_info): --keyid-format conversion. (list_keyblock_print): 0xshort should not push us into the new list format since it is not much longer than regular 8-character short keyids.
new 309273f * import.c (check_prefs_warning, check_prefs): --keyid-format conversion and a little better text. (import_one, import_secret_one, import_revoke_cert, chk_self_sigs, delete_inv_parts, merge_blocks): Still more --keyid-format conversions.
new f16d78e * trustdb.c (add_utk, verify_own_keys, update_min_ownertrust, get_validity, ask_ownertrust, validate_keys): --keyid-format conversion.
new f0e0c30 * getkey.c (skip_unusable, merge_selfsigs_main, premerge_public_with_secret, lookup, get_user_id_string): --keyid-format conversion.
new ba3f904 * mainproc.c (proc_pubkey_enc, print_pkenc_list, list_node): --keyid-format conversion.
new 36a5e54 * trustdb.c (update_min_ownertrust, validate_keys): Do not use keystr functions in log_debug.
new 618779f * keyedit.c (sign_uids, show_key_and_fingerprint, ask_revoke_sig, menu_revsig, menu_showphoto): --keyid-format conversion. (menu_addrevoker): Use print_pubkey_info() rather than duplicating code.
new 80c8b0c * options.h, g10.c (main), compress-bz2.c (init_uncompress): Rename --bzip2-compress-lowmem to --bzip2-decompress-lowmem since it applies to decompression, not compression.
new cabb6cd * keyedit.c (keyedit_menu): Request a trustdb update when adding a new user ID so the new ID gets validity set. Reported by Owen Taylor.
new 975b83d * gpg.sgml: Document delsig. Clarify that --refresh-keys arguments are optional. Document --bzip2-decompress-lowmem.
new 2286674 * options.h: Encapsulate keyserver details. Change all callers.
new a9b00b0 * options.h, import.c, keyserver-internal.h, g10.c, mainproc.c, keyserver.c (parse_keyserver_uri): Parse keyserver URI into a structure. Cleanup for new "guess my keyserver" functionality, as well as refreshing via a preferred keyserver subpacket.
new 8c46075 * packet.h, getkey.c (fixup_uidnode, merge_selfsigs_subkey): Keep track of which self-sig we actually chose.
new d20a79d * options.h, keyserver.c (parse_keyserver_options): Remove duplicate code from parse_keyserver_options by calling the generic parse_options.
new 2936e53 * main.h, misc.c (argsplit): Refactor argsep into argsplit and argsep so they can be called separately.
new 0a17966 * main.h, misc.c (optsep, argsplit, optlen, parse_options): Simplify code and properly handle a partial match against an option with an argument.
new 4420275 * keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair, generate_subkeypair): New is_subkey argument to set whether a generated key is a subkey. Do not overload the ret_sk. This is some early cleanup to do backsigs for signing subkeys.
new d49a7e1 * plaintext.c (handle_plaintext): Accept 'u' as a plaintext mode that requires end of line conversion. This is being considered for a UTF8 text packet. If this doesn't take place, no major harm done. If it does take place, we'll get a jump on starting the changeover.
new 992708e 2004-04-02 Thomas Schwinge <schwinge at nic-nac-project.de>
new 3ec6fec * options.h, g10.c (main): Add keyserver-option honor-keyserver-url. parse_keyserver_options now returns a success code.
new 36e6975 * keyserver.c (parse_keyserver_uri): Do not accept "http" as an alias for "hkp". They are not the same thing.
new 2bdb01e * parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt, can_handle_critical): Parse and display 0x19 signatures.
new 732f049 * keygen.c (make_backsig): If DO_BACKSIGS is not defined, do not create backsigs.
new 7d74743 * getkey.c (key_byname): If namelist is NULL, return the first key in the keyring.
new 0c67c75 * getkey.c (get_seckey_byname2): Significantly simplify this function by using key_byname to do the heavy lifting. Note that this also fixes an old problem when the first key on the secret keyring has an unusable stub primary, but is still chosen.
new 577d9c2 A bunch of changes for the openpgp card.
new e0e5aa2 * DETAILS (NEWSIG): Documented.
new 6b3a008 Renamed prototype parameter name to avoid gcc warnings.
new 2900ffb (keyserver_spawn) [EXEC_TEMPFILE_ONLY]: Removed setting use_temp_file because this option has been removed.
new 75f14e8 * card-util.c (card_edit): Require PIN only for generate.
new 0842905 * main.h, keylist.c (show_notation): Add argument to show only user notations, only standard notations, or both. Change all callers.
new 80343d5 (ac_pipe_works): Fixed BRE syntax \? -> \{0,1\}. Reported by Todd Vierling.
new 0bfa710 Removed reference to non-available option --no-default-keyring.
new f106448 * keylist.c (show_notation): Use bits to select which sort of notation to show. Don't allow a not-shown notation to prevent us from issuing the proper --status-fd message.
new 135946b (write_plaintext_packet): Fixed the detection of too large files in the same way as in encode.c.
new 614304a * keyedit.c (keyedit_menu, menu_set_keyserver_url): Allow passing preferred keyserver on "keyserver" command line. Sanity check keyserver URL before accepting it.
new bffd021 * DETAILS, credits-1.0, credits-1.2: ElGamal -> Elgamal.
new 69df506 * options.h, mainproc.c (symkey_decrypt_seskey), keyserver.c (struct keyrec, parse_keyrec, keyserver_search_prompt), keyedit.c (keyedit_menu), g10.c (add_keyserver_url, add_policy_url): Fix some compiler warnings.
new 536841e * keylist.c (show_policy_url, show_keyserver_url, show_notation) (list_one): Use const char* for i18n string helpers.
new 0aba5ff * options.h, keyserver-internal.h, keyserver.c (parse_keyserver_uri): Improved URI parser that keeps track of the path information and doesn't modify the input string. (keyserver_spawn): Tell keyserver plugins about the path.
new ef13cef * sign.c (update_keysig_packet): Policies and notations should be stripped out when remaking a self-signature. Noted by Atom Smasher.
new 3cef407 * pubkey-enc.c (get_session_key, get_it), keyedit.c (show_key_with_all_names, show_basic_key_info): --keyid-format conversion.
new e2e267e * gpg.sgml: Clarify that --charset applies to informational strings and does not recode messages themselves. Remove include-non-rfc export-option.
new 4eec3c1 * NEWS: Note the addition of preferred keyserver support, --ask-cert-level, --keyid-format, and the removal of show-long-keyids, the quasi-1991 partial length encoding, --export-all, and include-non-rfc.
new d201b2a * g10.c: New command --gpgconf-list. (gpgconf_list): New. From Werner on stable branch.
new 2815f9f * dsa.c (verify): s/exp/exponent/ to fix a compiler warning. From Werner on stable branch.
new c19c728 * longlong.h: Typo.
new cc383b6 * options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE.
new e934977 * gpgkeys_http.c: New program to do a simple HTTP file fetch using the keyserver interface.
new 72fdfac * NEWS: Note HTTP key fetching.
new 18e96cb * keyserver.c (keyserver_work): Allow --refresh-keys with a preferred keyserver to happen even if there is no global keyserver set.
new 228e1a5 * keyserver.c (keyserver_spawn): Fix keyserver options on tempfile only platforms. Noted by Roger Sondermann.
new be6dd2e * timegm.c: New replacement function. Removes the need for setenv.c and unsetenv.c.
new f8d4768 * configure.ac: Replacement function for timegm(). No need to check for setenv() any longer.
new d8aa22f * gpgkeys_ldap.c (ldap2epochtime): We can always rely on timegm() being available now, since it's a replacement function.
new 086e589 * keyserver.c (keyidlist): Go back to the old fast keyid lister. Only merge selfsigs if we have to for honor-keyserver-url. (keyserver_refresh): Keyserver URL handler moved here. (calculate_keyid_fpr): Removed.
new 15b2c18 * gpg.sgml: Document --edit-key "keyserver" command, --keyid-format, --keyserver-option honor-keyserver-url, and --list and --verify option show-std/user-notations.
new 50f4fae * gpgkeys_http.c (get_key): Cosmetic fix - make sure that URLs with no path use a path of "/".
new bc3f1a1 * mainproc.c (check_sig_and_print): If we're honoring preferred keyservers, and auto-key-retrieve is set, try and get a missing key from the preferred keyserver subpacket when we verify the sig.
new 5f0a6c4 * NEWS: Note --sig-keyserver-url and the ability to use a preferred keyserver in a regular data sig to fetch the signing key.
new 4694f81 About to release 1.3.6
new 3624da0 some late minor fixes.
new 79bb56a * verify.c (verify_signatures): Verify multiple files in the same order in which we hashed them when issuing the signature. Noted by Nicholas Cole.
new f44d489 * configure.ac: Try for wldap32 on Win32 platforms.
new c88d037 * keyserver.c (keyserver_refresh): Keep track of keys already fetched so we don't do a regular keyserver fetch if the preferred keyserver fetch has exhausted the list.
new d9f1eed * gpgkeys_http.c: General polish and removal of leftover stuff from gpgkeys_hkp.c.
new 7e165d9 * mk-w32-dist: Do not include the en@* po files.
new 5c9cc2e * free-packet.c (copy_secret_key): Fixed memory leak when D is not NULL.
new 6bbcda7 s/1/i/
new e9c4c8a (copy_secret_key): Get last fix right.
new 0989ce2 * DETAILS: Document PLAINTEXT and PLAINTEXT_LENGTH.
new d60d73a * ring-a-party: ElGamal -> Elgamal
new 2cba999 * g10.c (main): Alias --charset as --display-charset to help avoid the continuing confusion and make room for possible changes in devel.
new 673894e * keyedit.c (sign_uids): Properly handle remaking a self-sig on revoked or expired user IDs. Also, once we've established that a given uid cannot or will not be signed, don't continue to ask about each sig.
new 0aad410 * keylist.c (list_keyblock_print): Always use the new listing format where uids are always on a line for themselves. Mark expired secret keys as expired.
new 5d4fb57 * configure.ac (AM_GNU_GETTEXT_VERSION): New. (min_automake_version): New.
new 25ac110 Updated po files from 1.2.5
new a322978 * gpgkeys_ldap.c (main): Don't try and error out before making a ldaps connection to the NAI keyserver since we cannot tell if it is a NAI keyserver until we connect. Fail if we cannot find a base keyspace DN. Fix a false success message for TLS being enabled.
new a2e332c * misc.c (optsep): Add the ability to understand keyword="quoted arg with spaces" type options.
new 0d7aca8 * misc.c (argsplit): Properly split quoted args from the keyword and trim whitespace afterwards.
new 4552115 * gpgkeys_ldap.c (join_two_modlists): New. (send_key): Use new function so we can try a modify operation first, and fail over to an add if that fails. Add cannot cope with the NULLs at the head of the modify request, so we jump into the list in the middle.
new a2914a1 * gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID" attributes so we can do subkey searches.
new f7a793a * gpgkeys_ldap.c (main): Add "debug" option. This is only really useful with OpenLDAP, but it's practically vital to debug SSL and TLS setups. Add "basedn" option. This allows users to override the autodetection for base DN. SSL overrides TLS, so TLS will not be started on SSL connections (starting an already started car).
new 52a8302 * armor.c (radix64_read): No armor CRC is legal according to the spec (the CRC is a MAY).
new 84bd068 * gpg.sgml: Remove show-long-keyids since it is replaced by --keyid-format. Rename show-validity as show-uid-validity. --ask-cert-level defaults to no.
new 5d98f7a * plaintext.c (handle_plaintext): Bigger buffer for extra safety.
new 75ac082 2004-08-18 Marcus Brinkmann <marcus at g10code.de>
new bf256b9 (encode_session_key): Changed the zero random byte substituting code to actually do clever things. Thanks to Matthias Urlichs for noting the implementation problem.
new b9167cb * http.c (insert_escapes): Fix encoding problem for non-URI-safe characters. Noted by Vladimir Novak.
new 4615a53 * gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along with a full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to find the pgpServerInfo object. Some LDAP setups don't like the search. (main): Stop binding to the server since it seems no server really requires it, and some require it not be there.
new b27b7ae * gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings that got shrunk due to encoding.
new ba0ba64 * keyserver.c (keyserver_search_prompt): Make sure the search string is converted from UTF-8 before display.
new 357afb5 * gpgkeys_ldap.c (get_key): Factor out informational display into new function build_info().
new d612492 * gpgkeys_hkp.c (dehtmlize): Understand the quote character (i.e. """) in HTML responses. (search_key): Search key must be unsigned for url encoder to work properly for 8-bit values.
new 9d4327b * keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native and remove the printable stuff since we're print-ifying valid utf8 characters. Change all callers in import.c, sign.c, keylist.c, and encode.c.
new 10eb272 * keyserver.c (keyserver_spawn): Show log line for what keyserver action we are taking.
new 6c5507f * gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key, search_key), gpgkeys_http.c (get_key): Do not give informational logs since this is now done inside gpg.
new ea279f1 * encode.c, exec.c, g10.c, sign.c: Some translatable string cleanup. Change some "this" to `this'.
new 9355045 fix type incompatibility
new 159352d change back skey to unsigned and cast instead
new d4ca1e8 * keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon as we know the key is definitely expired. Some translatable string cleanup.
new eda1b80 (generate_photo_id): Use tty_printf and not just printf. Put _() around one string.
new 87e3264 * photoid.c: Include ttyio.h.
new bfc45cc * configure.ac: Check for readline.
new 06853bb * README: Doc --disable-card-support and --without-readline.
new 5494eb1 * http.c (main): Fix test code for http-test.
new 440e9a9 * http.c (make_radix64_string, do_parse_uri, send_request): Add basic auth for proxies and direct requests. Suggested by Florent Thoumie.
new f9a057a * http.h: Add auth field for a parsed_uri to allow for basic auth.
new 0f48ec7 * ccid-driver.c (read_device_info): Fix segfault when usb device is not accessible. (ccid_open_reader): Allow working with an even older version of libusb (usb_busses global instead of usb_get_busses()).
new b700d3c * NEWS: Note HTTP basic auth.
new dccd0d9 * app-openpgp.c (get_cached_data): Avoid mallocing zero since it breaks us when using --enable-m-guard.
new 45f99c5 * card-util.c (fetch_url, card_edit): Use the pubkey URL stored on the card to fetch an updated copy. Works with either straight URLs or HKP or LDAP keyservers.
new e7c9412 * options.h, keylist.c (print_one_subpacket, print_subpackets_colon): Print a spk record for each request subpacket. (list_keyblock_colon): Call them here.
new b7be7d5 * main.h, keylist.c (print_subpackets_colon): Make a public function.
new 3e47f2e * pgpgroup-to-gpggroup: New perl script to take groups from PGP command line and write out GnuPG 'group' config lines.
new 1d8e256 * getkey.c (premerge_public_with_secret): Fix subkey<->binding sig mismatch when some secret subkeys are missing. Discovered by Michael Roth.
new 0e96463 * gpg.sgml: Note that --throw-keyid is --throw-keyids. Note changes in --pgp8. Rephrase the "don't play algorithm games" warning now that PGP has blowfish, zlib, and bzip2.
new cffee05 Document "--debug-ccid-driver".
new 58cf955 * g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver.
new e991fb5 * configure.ac: Give warning when using capabilities. Check for usb_get_string_simple for old libusb reasons.
new a46e83b * gpgv.c (agent_scd_getattr): Stub.
new 81e2410 * DETAILS: Document the 'spk' signature subpacket record. Add more detail on "tru" records.
new 617a5a9 * keyedit.c (menu_set_keyserver_url): Confirm replacement of a keyserver URL before overwriting the old one.
new 0862ee6 * keygen.c (keygen_add_keyserver_url), keyedit.c (menu_set_keyserver_url): Allow setting a keyserver URL of "none" to remove an existing keyserver URL.
new 4accf02 * keyedit.c (show_key_with_all_names, show_prefs): Show preferred keyserver(s) in "showpref" output.
new f08c422 * configure.ac: Don't check for usb_create_match or use_get_string_simple anymore.
new ca26884 (apdu_open_reader): No fallback if a full CCID reader id has been
new 5576f6e * cardglue.c (open_card): Use shutdown code if possible. (check_card_serialno): Ditto.
new 9d17a63 * gpg.sgml: Document -K.
new f0279fc * keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if we do not have card support.
new d937ace * mainproc.c (check_sig_and_print), keyedit.c (show_prefs, menu_set_keyserver_url): Make sure that keyserver URLs with control characters inside are printed properly. In fact, handle them as UTF8.
new 42c18de * gpg.sgml: Document "addcardkey" and "keytocard".
new f361545 Note: I have not fully tested the new key creation due to a pc/sc error. However the backupfile has been created successfully.
new 680be9b * keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), keygen.c (copy_mpi, generate_raw_key): Fix a compile problem and a few warnings when building without card support.
new 4d26ab9 * main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set opt.s2k_digest_algo. This helps fix a problem with PGP 2.x encrypted symmetric messages. Change all callers (encode.c, g10.c, keyedit.c, keygen.c, passphrase.c, sign.c).
new 2ff6607 * main.h, g10.c (main), card-util.c (change_pin): If "admin" has not been issued, skip right to the CHV1/CHV2 PIN change. No need to show the unblock or admin PIN change option. (card_edit): Add "admin" command to add admin commands to the menu. Do not allow admin commands until "admin" is given.
new cb3c6f8 We need to take care that several files are also used in gnupg 1.9 and there by the scdaemon which is a bit different to the direct integration in gpg 1.3. In general they should all be maintained in 1.9 but while preparing 1.4 its okay to do it in 1.3. We just need to take some care not to break 1.9 to heavily.
new a259993 * card-util.c (card_edit): Take admin only status from the table.
new 793f8d8 * signal.c (got_fatal_signal): HAVE_DECL_SYS_SIGLIST is defined, but zero if not found. Noted by John Clizbe.
new c48d5eb * keyedit.c (print_and_check_one_sig): Account for the extra space that show-sig-expire takes up so we do not wrap lines. (show_key_with_all_names): No need to show subkey revocations as a seperate line since we now show revocation date in the main subkey line.
new 742682b * keyedit.c, keylist.c, keyserver.c, mainproc.c: Reduce the many variations of "revoked" ("revoked", "[revoked]", " [revoked]", "[revoked] ") "and" expired down to two to simplify translation.
new ec0cc1f * mpicoder.c (mpi_read): If we must fail due to a oversize (generally corrupt) MPI, make sure the number of bytes we read is valid so we can skip the rest of the bad packet (in hopes the whole stream isn't invalid).
new d0a1816 * iobuf.c (pop_filter): Make static.
new 0728847 * util.h: Prototype destroy_dotlock(). From Werner on stable branch.
new 85f9755 * gpgv.c, keydb.c (keydb_add_resource): Factored keyring creation out to .. (maybe_create_keyring): .. new. Make sure that we do the checks in a locked state. Problem reported by Stefan Haller. Try to create the home directory before acquiring a lock for the keyring. From Werner on stable branch.
new 1d315be * mk-w32-dist: Updated from stable branch.
new 7caab37 * gpgv.c (i18n_init): Always use LC_ALL.
new 61a2afe post release preparations
new 56fbde0 * keyedit.c (print_and_check_one_sig_colon): Fix bad keyids in colon delsig output. Noted by Peter Palfrader. (show_prefs): Do not reference missing selfsig. Noted by Alex Moroz.
new eb02f5b 2004-10-03 Timo Schulz <twoaday at g10code.de>
new 8c72ff9 * passphrase.c (agent_get_passphrase): Use keystrs for agent strings, and fix sprintf warnings.
new 8da1dfe * keyedit.c, keylist.c, keyserver.c, mainproc.c: The revoked/expired/expires string change of 2004-09-29 was too simple. Use two styles for each tag.
new 27b2c93 * keyedit.c (sign_uids, ask_revoke_sig): Improve translatability of user ID prompts. (ask_revoke_sig, menu_revsig): Try and use common strings for these two functions so they don't need to be translated twice.
new b1e2c53 * helptext.c, pkclist.c (do_we_trust): It is not possible to get here with a revoked or expired key, so BUG() that case. Remove question about overriding revoked/expired. Also --keyid-format-ify. (do_we_trust_pre): Use print_pubkey_info() instead of printing the info ourselves.
new 4737923 * pkclist.c (build_pk_list): Keystrify.
new fa01292 * encr-data.c (decrypt_data): Give a warning with a weak key, but still allow to decrypt the message.
new 65ec977 * keygen.c (generate_keypair): Fix generating keys with the auth flag.
new aa50dcf * keygen.c (do_add_key_flags): The spec says that all primary keys MUST be able to certify. Force the certify flag on for primaries (and off for subkeys).
new d41e645 * keygen.c (ask_key_flags): New. (ask_algo): Call it here in --expert mode so we don't need to specify each possible variation of RSA capabilities.
new f3687f6 * card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, keygen.c, photoid.c, revoke.c: Some yes-or-no prompts end in "(y/n)". Some don't. Consistently use y/n everywhere.
new 5bdb171 * configure.ac: New option --disable-finger.
new b15e268 Oops commited binary instead of source.
new e3fd0f0 * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Fix a few occurances of "filename" to `filename'.
new bf07961 * pkclist.c (do_edit_ownertrust): Use the same translated string for showing the user ID as mainproc.c:print_pkenc_list.
new ca6dcb7 (read_parameter_file): Changed to use iobuf based file reading to allow the special file name feature to work.
new b15cc68 * algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, blowfish.c, des.c, rijndael.c: Consistently use const for input buffers.
new 690aa95 * keygen.c (read_parameter_file): New keyword "Handle". This is bug 287. (print_status_key_not_created): New. (print_status_key_created): Add new arg HANDLE. (do_generate_keypair): Print not created status. * status.c, tatus.h (STATUS_KEY_NOT_CREATED): New.
new c44e66f * Makefile.am (.S.o): Include MPI_SFLAGS. This is our bug 145.
new 620ac79 * configure.ac: Actually name the option --disable-finger and not http.
new 9a4dc13 * pkclist.c (do_edit_ownertrust): Different prompt when we're using direct trust since the meaning is different.
new 1612866 * configure.ac: Actually name the option --disable-finger and not http. Add option --enable-selinux-support.
new d44906a Add dearmor.c
new 151ca81 Added SELInux hacks and did some cleanups.
new d603b7c * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c (main), gpgkeys_finger.c (main): Call timeout functions before performing an action that could block for a long time.
new ac51d6d * keyserver.h: Add KEYSERVER_TIMEOUT.
new 5887f2f * keyserver.c (keyserver_work): Handle keyserver timeouts.
new 0d6defc * armor.c (fake_packet): Allow arbitrary dash-escaped lines as per 2440bis-10. This is bug #158.
new 35774ec * misc.c (is_secured_filename): New. * keydb.c (maybe_create_keyring) * tdbio.c (tdbio_set_dbname) * plaintext.c (handle_plaintext) * openfile.c (copy_options_file, open_outfile) * exec.c (exec_write) * keygen.c (do_generate_keypair, gen_card_key_with_backup) * sign.c (sign_file, clearsign_file) * keyring.c (create_tmp_file, do_copy): Check for secured files before creating them.
new 299ab4e (iobuf_get_fd): Removed double check on directfp and cats it to FILEP becuase directfp is actually a void *. Notes by Stefan.
new 8f70a69 * rndunix.c (start_gatherer) [ENABLE_SELINUX_HACKS]: Don't allow logging.
new f294ce2 * export.c (do_export_stream) [ENABLE_SELINUX_HACKS]: Don't allow secret key export. * import.c (import_secret_one) [ENABLE_SELINUX_HACKS]: Likewise
new f13bba1 * keylist.c (list_keyblock_print): Show the fingerprint after the key, not after the first user ID.
new e6a212a * gpgkeys_finger.c (main): We do not support relay fingering (i.e. "finger://relayhost/user@example.com"), but finger URLs are occasionally miswritten that way. Give an error in this case.
new 8b7cb60 another s/unsigned char*/byte*/
new 7a8ebe3 * gpg.sgml: Document using "none" to remove preferred keyservers, the keyserver timeout parameter, and the direct trust model.
new 15baf5c Fix up the @setfilename lines.
new 7b01988 * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): New. (AUTOMAKE_OPTIONS): New.
new f81ad50 New. Taken from gnupg 1.9.
new e4b885e Rebuilt
new 450f0d7 * pkclist.c (do_edit_ownertrust): Add a note to translators. * keygen.c (ask_user_id): Ditto.
new 5cbeda8 Add asprintf prototype.
new 200bd9a * POTFILES.in: Updated. * sv.po: Updated. Merged other files.
new 5db236f * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): New. (AUTOMAKE_OPTIONS): New.
new c12b9b1 * NEWS: Note gpgkeys_finger, keyserver timeouts, and the direct trust model.
new e170c54 * gpgkeys_ldap.c (main, show_help): Kludge to implement standard GNU options. Factored help printing out. * gpgkeys_finger.c (main, show_help): Ditto. * gpgkeys_hkp.c (main, show_help): Ditto. * gpgkeys_http.c (main, show_help): Ditto. * gpgkeys_test.in, gpgkeys_mailto.in: Implement --version and --help.
new c3a51cd * README: Mentioned --enable-selinux-support.
new 8391534 Updated.
new 56f06f1 post release preparations
new 856ce66 Removed these generated files.
new 752d534 Add a note
new 3a387c2 test
new 36667c3 Document IMPORT_CHECK.
new a2cd03f * gpgkeys_finger.c [_WIN32] (connect_server): Fix typo.
new 4d79b13 * http.c (connect_server): [_WIN32] actually fill in the sin_addr so we aren't always talking to localhost. Add some general sanity checking of parameters learned from gethostbyname().
new b03a7a6 * parse-packet.c (parse_one_sig_subpkt, enum_sig_subpkt): Don't BUG() on unknown subpackets. Rather, just return them silently.
new ad3382b (agent_get_passphrase): Cast UIDLEN to int. Noted by Christian Cornelssen.
new 901f13a More fixups to help Debian's install-info.
new 83d3914 * http.c (connect_server, send_request): Use the URI scheme as the SRV tag rather than hard-coding _hkp.
new 7e9a93d * gpgkeys_hkp.c (send_key, get_key, search_key): Use "hkp" instead of "x-hkp" so it can be used as a SRV tag.
new 3f769cb * gpg.sgml: Minor language tweaks.
new 27d0616 * apdu.c (apdu_open_reader): Load pcsc_get_status_change fucntion. (pcsc_get_status): Implemented. (reset_pcsc_reader): Implemented. (open_pcsc_reader): Succeed even with no card inserted. (open_ccid_reader): Set LAST_STATUS.
new 107e515 * g10.c (parse_list_options): Fix non-constant initializer so we can build with C89.
new 0ebf79c * configure.ac: Remove the check for asprintf
new 73b4b2c * acinclude.m4: aclocal 1.9 wants quoting on AC_DEFUN arguments.
new 65077ad * options.h, g10.c (main), mainproc.c (check_sig_and_print): Rename verify-option show-validity to show-uid-validity to match the similar list-option.
new 3060984 (agent_send_all_options): Try to deduce the ttyname from stdin.
new e939eb2 (verify_chv3): The minimum length for CHV3 is 8. Changed string to match the other ones.
new a3d48b3 (mem2str): Translated comment to English. (handle_iconv_error) [USE_GNUPG_ICONV]: New. (set_native_charset) [USE_GNUPG_ICONV]: Added iconv based conversion checks. (native_to_utf8, utf8_to_native): Added iconv based conversion.
new f690c16 * configure.ac: New option --disable-gnupg-iconv, define USE_GNUPG_ICONV.
new 4268192 Detect the Debian mingw32 package.
new d7fd471 * configure.ac: New option --disable-gnupg-iconv, define USE_GNUPG_ICONV. (AC_CANONICAL_TARGET): Replaced by AC_CANONICAL_HOST. Changed all reference to TARGET to HOST. Made sure that i586-mingw32msvc gets detected as mingw32. (UNIT64_C): Don't include inttype.h uncoditional but use a test to ensure that it gets into conftest.h. (AH_TOP): New. Prevent double inclusion of config.h.
new 625a3f0 We don't want this file in the CVS
new ea62673 (load_libiconv) [_WIN32]: new. (set_native_charset) [_WIN32]: Call it here and autodetect the used code page. (native_to_utf8, utf8_to_native): Reverted arguments for iconv_open. (handle_iconv_error): Made this function match iconv_open argumnet ordering.
new e216c20 * dynload.h: Always use it for _WIN32.
new 1976afc * delkey.c, export.c, keyedit.c, pkclist.c, revoke.c, skclist.c: Fix a few missed possible \"username\" quotes.
new d89c701 * keyring.c: Make some strings translatable.
new f5b7a72 * keylist.c (status_one_subpacket): New. Send the subpacket data to the --status interface.
new f15e944 * card-util.c, delkey.c, keygen.c, plaintext.c, keyedit.c, passphrase.c, revoke.c: Collapse the two different "can't do that in batch mode" strings into one.
new 66e627b About to release 1.3.92
new 6fda7a4 Added gpg.ru.1 to EXTRA_DIST
new 3e18832 Does not belong into the CVS
new 0ebe469 post release preparations
new 41f46fb Inlcude LIBICONV
new deffa62 * gpgkeys_finger.c [_WIN32] (connect_server): Fix typo.
new 0934d10 * DETAILS: Document SIG_SUBPACKET status tag.
new 6ab8378 * skclist.c (build_sk_list): Don't need to warn about PGP-generated Elgamal signing keys since we no longer support any Elgamal signing keys.
new 36ca112 (get_string): Removed debugging hack.
new b467558 * strgutil.c (load_libiconv): Use log_info to avoid failures when iconv.dll is not installed.
new 37ecd72 2004-11-03 Timo Schulz <twoaday at g10code.com>
new c09b34f * misc.c (print_digest_algo_note): The latest 2440bis drafts deprecates MD5, so give a warning. (print_pubkey_algo_note, print_cipher_algo_note, print_digest_algo_note): Give the algorithm name in the experimental algo warning.
new 69ef25f * plaintext.c (handle_plaintext): Don't try and create a zero-length filename when using --use-embedded-filename with input that has no filename (clearsigned or message generated from a pipe).
new 4509cb7 * README, configure.ac: Add --enable-backsigs to enable the experimental backsigs code.
new 42dfeca * configure.ac: Autodetect wldap32 on Windoze.
new 3220faf (open_info_file): New. (main): Unconditionally implement --status-file, --logger-file, --attribute-file, --passphrase-file, --command-file. This is not generally useful but easy to support and might make scripting under Windows easier.
new 44289a4 (S_IRGRP) [HAVE_DOSISH_SYSTEM]: Define to 0.
new 04b715e * trustdb.h, trustdb.c (uid_trust_string_fixed): New. Return a fixed-size translatable string similar to trust_value_to_string. This allows for easier lining up of displays.
new 3d165c4 * trustdb.c (uid_trust_string_fixed): Use a string that can be atoi-ed, but also has a comment for the translator.
new 9a70afe * options.h, export.c (parse_export_options, do_export_stream): Add "export-minimal" option to disregard any sigs except selfsigs.
new 6dedf7a * options.h, export.c (parse_export_options, do_export_stream), import.c (parse_import_options, import_keys_internal): Make the import-options and export-options distinct since they can be mixed together as part of keyserver-options.
new dae9086 * gpg.sgml: Document export-minimal.
new 3ea642d * export.c (do_export_stream): Allow export-minimal to work with secret keys, even though a non-selfsig secret key signature is rare.
new 0f8db18 * cipher.h: Add PUBKEY_USAGE_UNKNOWN.
new 5dcc3dc * getkey.c (parse_key_usage): New function to parse out key usage flags. Set PUBKEY_USAGE_UNKNOWN to handle flags that we don't understand. (fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey): Call it from here to remove duplicate code.
new 93ec34c * md.c (string_to_digest_algo): Allow read/write SHA384 and SHA512.
new 62d19cb * Makefile.am: The harmless "ignored error" on gpgkeys_ldap install on top of an existing install is bound to confuse people. Use ln -s -f to force the overwrite.
new 9cc9a79 * http.c (send_request): Include the port if non-80 in the Host: header. Noted by Jason Harris.
new 5bc5baf (fd_cache_strcmp): New. Use whenever we compare filenames for the fd_cache. This is needed because the backslash is an alias for a slash under W32. Reported by Tobias Winkler.
new ea4d80b * keygen.c (ask_keysize): Change strings to always use %u instead of hardcoding key sizes. Bump default to 2048. Bump minimum down to 512, where possible, but require --expert to get there. DSA is always 1024 unless --expert is given.
new 9a799a1 *** empty log message ***
new 467ac82 * highlights-1.4.txt: New.
new 53ae360 * keygen.c (ask_algo): Add a choose-your-own-capabilities option for DSA.
new 9e52cf2 * passphrase.c (agent_get_passphrase): New args CUSTOM_PROMPT and CUSTOM_DESCRIPTION. Changed all callers.
new 1c33457 * options.h, g10.c (main), textfilter.c (len_without_trailing_ws): Removed (not used). (standard): 2440 says that textmode hashes should canonicalize line endings to CRLF and remove spaces and tabs. 2440bis-12 says to just canonicalize to CRLF. So, we default to the 2440bis-12 behavior, but revert to the strict 2440 behavior if the user specifies --rfc2440. In practical terms this makes no difference to any signatures in the real world except for a textmode detach [...]
new 5a37f0d * app-openpgp.c (send_fprtime_if_not_null): New. (do_getattr): Add KEY_TIME. (do_learn_status): Print KEY_TIME. * cardglue.c (learn_status_cb): Parse KEY-TIME. * card-util.c (card_status): Print creation time if available.
new 396f72d * sv.po: Take the update done for 1.2.6.
new bf5d013 * options.h, g10.c (main), textfilter.c (standard): Use --rfc2440 or --openpgp directly to determine the end of line hashing rule.
new 4c2baca * keyserver.c (parse_preferred_keyserver): Force preferred keyserver subpackets to have a URI scheme specified.
new e428002 (keys): Removed my old 621CC013 key which expires at the end of this year. Add g10 Code's source code signing key 37D92FFB.
new 1037420 (read_passphrase_from_fd): Fixed memory leak. Noted by Andrei Darashenka.
new d0b9eff Prepared for last 1.4 release candidate
new 160eaf1 automake updates, removed one debug output
new 3a6e319 post release updates
new 7dd3fe2 * trustdb.c (uid_trust_string_fixed): Show uids as revoked if the key is revoked.
new b120400 * keyedit.c (keyedit_menu): Re-remove the N_() markers.
new 7a38852 * apdu.c (apdu_send_le, apdu_send_direct), keylist.c (status_one_subpacket, print_one_subpacket): Fix some compiler warnings.
new e79f2db * g10.c (main): Add --require-secmem/--no-require-secmem to cause gpg to exit if it cannot lock memory. Also remove --nrsign-key and --nrlsign-key since this can better be done via --edit-key.
new 60d1c12 * gpg.sgml: Document --require-secmem/--no-require-secmem. Note that the sign flags (l, t, nr) can be mixed. Remove --nrsign-key.
new d171615 About to release 1.4.0
new 774b52f Add a note on how to send translations.
new ec59e8a Minor fixes
new 97587c6 post release updates
new 2b9e678 * configure.ac: Check for arpa/nameser.h.
new 4ec9365 * configure.ac: Check for arpa/nameser.h.
new 74330a4 * passphrase.c (agent_get_passphrase): Define NREAD locally as size_t or int.
new 39b0f6e * configure.ac: Add a --with-ldap=DIR so people can add to the search path.
new 005b1d7 Readline fix to be robust against platforms where readline has its own dependencies. We play guess-the-depedency for a while, and try termcap, curses, and ncurses.
new f3baa06 Oddly commit missed this one.
new 06c27b8 * keyedit.c (menu_revkey): Rename to menu_revsubkey. (menu_revkey): New. Revoke a whole key. (keyedit_menu): Call it here for when 'revkey' is used without any subkeys selected. This is to be consistent with the other functions which are "selected part if selected, whole key if not".
new 1e487ab * keygen.c (keygen_get_std_prefs): Set reference count when creating the temporary user ID.
new 0725027 * keyedit.c (keyedit_menu): Invisible alias "passwd" as "password".
new be4bb5a (handle_iconv_error): Turn diagnostics into warnings so that gpg does not return with failure. (native_to_utf8, utf8_to_native): Ditto.
new 9e3526f * seckey-cert.c (do_check): Handle case when checksum was okay but passphrase still wrong. Roman Pavlik found such a case.
new 29dd149 (ask_expire_interval): For better translations chnage 2 strings.
new 8dcbbf9 * keylist.c (list_keyblock_print): Secret key listings should always show everything (expired UIDs, revoked subkeys, etc, etc).
new b883e96 * keyedit.c (menu_set_keyserver_url): Make sure we only operate on the chosen selfsig so we don't accidentally promote an older selfsig to chosen. Discovered by Simon Josefsson and 'Todd'.
new 95b8456 FTP keyserver support via gpgkeys_ftp. This is currently off by default.
new 06c5da8 As always, CVS leaves out the local directory?
new ab4b98c * autogen.sh: automake needs --add-missing for conditional CPPFLAGS build in keyserver/Makefile.am.
new f150d44 * gpgkeys_ftp.c (main, get_key): Use auth data as passed by gpg. Use CURLOPT_FILE instead of CURLOPT_WRITEDATA (same option, but backwards compatible).
new e3821bf * libcurl.m4: Be much more strict with libcurl by trying to compile and link a test program that uses the features that we need.
new 034b095 * configure.ac: --enable-ftp is on by default, --with-libcurl is off by default. If we have neither of --enable-ftp or --enable-http, don't even check for curl.
new 52595e0 * Makefile.am: Build gpgkeys_http or gpgkeys_curl as needed.
new b960383 * keyserver.c (keyserver_typemap): New. Map certain keyserver types to a common type (e.g. ldaps -> ldap). If we are building with curl, map both http and ftp to curl.
new 0361c6f * gpgkeys_curl.c (get_key, writer): New function to wrap around fwrite to avoid DLL access problem on win32.
new f3c33b8 * options.h, keyserver.c (parse_keyserver_uri): Properly parse auth data from URLs and pass to keyserver helpers.
new 97b8f41 * gpgkeys_curl.c (main): New "follow-redirects" option. Takes an optional numeric value for the maximum number of redirects to allow. Defaults to 5.
new 7c67985 * readline.m4: Make sure that readline is modern enough to understand rl_catch_signals.
new 9756b0f * libcurl.m4: OSX has a problem with their curl-config script.
new 957ed45 * libcurl.m4: Rewrite this to use the new --protocols flag I gave to the libcurl people.
new f5b59b1 * configure.ac: Use new LIBCURL_CHECK_CONFIG macro for all libcurl stuff. This simplifies, and we don't need the automake conditional stuff any longer.
new d341143 * gpgkeys_curl.c (main): Use new defines for opting out of certain transfer protocols. Allow setting HTTP proxy via "http-proxy=foo" option (there is natural support in libcurl for the http_proxy environment variable).
new 783ec6d * keyserver.c (keyserver_typemap): Only map HTTP and FTP if libcurl has specifically been selected to handle them.
new afe8ca4 (find_endpoint): New. (scan_or_find_devices): Add new args to return endpoint info and interface number. (ccid_open_reader, ccid_shutdown_reader): Take care of these new args. (bulk_in, bulk_out): Use the correct endpoints. (ccid_transceive_apdu_level): New. (ccid_transceive): Divert to above. (parse_ccid_descriptor): Allow APDU level exchange mode. (do_close_reader): Pass the interface number to usb_release_interface.
new f539f3d Better implementation for the SRV check. We don't need to actually check all the header files individually since the SRV test compile uses them together.
new b37facc * packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info), keyid.c (revokestr_from_pk), keyedit.c (show_key_with_all_names): Show who revoked a key (either the same key or a designated revoker) and when.
new 2193ab9 * configure.ac: Better implementation for the SRV check. We don't need to actually check all the header files individually since the SRV test compile uses them together.
new fbee22a * options.h, import.c (parse_import_options, delete_inv_parts): Add import-unusable-sigs flag to enable importing unusable (currently: expired) sigs.
new 14ce455 * Makefile.am: Use @LIBUSB@ instead of @LIBUSB_LIBS@
new 8d3e819 * Makefile.am, libusb.m4: New libusb check macro.
new 61197de * configure.ac: Use new GNUPG_CHECK_LIBUSB macro.
new 299a250 * g10.c (main): Typo.
new 9dc1bcc (set_native_charset): Assume that ASCII, ANSI_X3.4-1968 and 646 are actually meant as Latin-1. If nl_langinfo is not available get the charset from environment variables. For W32 use GetACP as error fallback. Removed Latin-15 to Latin-1 aliasing.
new f464dce * filter.h, armor.c (armor_filter): Use the eol string from the armor filter context instead of hardcoding '\n' or '\r\n'. If no eol string is provided, default to '\n' or '\r\n' as appropriate. (is_armor_header): Trim tabs in armor header lines as well.
new 1f91ed7 * gpgkeys_curl.c (get_key): Newer versions of libcurl don't define TRUE.
new 74ca58e * passphrase.c (readline, agent_send_option, agent_open, agent_get_passphrase, passphrase_clear_cache): Rename readline() to readaline() to keep readline library namespace clear.
new 96a3982 * keyedit.c (keyedit_menu): Move command strings outside the function to get ready for the readline completion code.
new d8ec7c9 * w32installer.nsi: New. * mk-w32-dist: Append ".txt" to some files. Call makensis if available.
new 3fe489d * gpgkeys_finger.c (connect_server): Use INADDR_NONE instead of SOCKET_ERROR. Noted by Timo.
new 522fd5b * http.c (connect_server): Use INADDR_NONE instead of SOCKET_ERROR. Noted by Timo.
new 0a42f97 * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Part 1 of a minor cleanup to use #defines instead of hard-coded sizes.
new 996c82f * ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c, gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup. Move all the various defines to ksutil.h.
new 3a71b7f Make --without-included-zlib work as expected. Reported by Norihiko Murase.
new 4440af4 Make --without-included-zlib work as expected. Reported by Norihiko Murase.
new cc19a07 Same for --without-included-regex.
new 586be67 * libcurl.m4: Use LIBCURL_CPPFLAGS and not LIBCURL_INCLUDES to match automake syntax.
new 8220c9e * gpgkeys_curl.c (main): Only allow specified protocols to use the curl handler.
new 79161ef (public_key_list): Do a trustdb staleness check before opening the keyring. (secret_key_list): Ditto.
new 02a85a9 * gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with the W32 defined macro. Removed unneeded initialization of static variables. * gpgkeys_http.c: Ditto. * ksutil.h: s/MAX_PATH/URLMAX_PATH/.
new 115ebcf * gpgkeys_curl.c: Fix typo.
new b2d67e8 * NEWS: Note --rfc2440-text import/export-unusable-sigs and gpgkeys_curl.
new 5bda87b * g10.c (i18n_init) [W32]: Pass registry key to gettext initialization. * gpgv.c (i18n_init) [W32]: Ditto.
new fa284ba Minor changes
new b2b2786 * gpgv.c (tty_fprintf): New stub.
new 6a0fda8 (open_card): Issue new CARDCTRL(4) status.
new 2b10681 * gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL certificate checking (which is on by default).
new 625806b * keyserver.c (free_keyserver_spec): Fix small leak. (keyserver_typemap): Map https if we are supporting it.
new db89c15 * libcurl.m4: Note that FTPS existed, but wasn't fully standards-compliant until version 7.11.0.
new 1f057ff * configure.ac: Define FTPS flag if we're using curl, and FTPS is available.
new 5d257ee * gpgkeys_ldap.c (print_nocr): New. (get_key): Call it here to canonicalize line endings.
new 9198b9d * libcurl.m4: All versions of curl-config support --feature.
new aa87314 (get_cached_data): New arg GET_IMMEDIATE to bypass the cache. Changed all callers. (get_one_do): Bypass the cache if the value would have been read directly for v1.1 cards.It makes things a bit slower but obnly for 1.0 cards and there are not that many cards out in the wild. This is required to fix a caching bug when generating new keys; as a side effect of the retrieval of the the C4 DO from the 6E DO the chaced fingerprint will get updated to the old value and la [...]
new aa62bf5 (do_generate_keypair): Don't continue after an error; fixed at two places. Why at all didn't I used a goto to cleanup, tsss?
new eb0ee0b * w32installer.nsi: Create a start menu entry and enhanced the build environment. * mk-w32-dist: Add more support for above.
new e6cbb88 * keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal address] syntax in keyserver URLs. (keyserver_typemap): Map ftps if we are supporting it.
new 963748d Updated to the version from 1.2.7.
new d96f816 * keygen.c (generate_subkeypair): Detect primary key on-card and ask for the passphrase. Return an error if the primary key is a plain stub.
new df42d33 * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF instead of 0x0000000000000000 for the invalid key ID since all-zeroes is reserved for the anonymous recipient.
new c49620a * keygen.c (do_generate_keypair): Write the auth key to the card before the encryption key. This is a partial workaround for a PGP bug (as of this writing, all versions including 8.1), that causes it to try and encrypt to the most recent subkey regardless of whether that subkey is actually an encryption type. In this case, the auth key is an RSA key so it succeeds.
new 9af66d4 * ksutil.h: Up the default timeout to two minutes.
new f7a0254 * http.c (connect_server): Fix fd leak when connecting to a round-robin server set that has some down servers. Noted by Phil Pennock.
new b663f3f * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing http_close() calls. Noted by Phil Pennock.
new 334e3e9 Updated to match the switch to the NSIS installer.
new 907353e About to do a release candidate
new 57ec15c Last changes for W32
new dd64906 * NEWS: Fix typo.
new 7954a24 * libcurl.m4: More comments.
new e011ee0 (GNUPG_CHECK_GNUMAKE): Removed. Not needed for decent automakes.
new 01f0036 * getkey.c (merge_selfsigs_subkey): Merged away definition from the backsigs code.
new 203e483 * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
new e040113 * gpg.sgml: Note that level 0 signatures are always accepted regardless of --min-cert-level.
new 2dbfc70 * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb is dirty and --interactive is set, do an --update-trustdb. If not interactive, do a --check_trustdb unless --no-auto-check-trustdb is set.
new a3ea962 Disable the "quick check" bytes for PK decryptions. This is in regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
new 8ba44ec * configure.ac: Add --enable-fake-curl option to help test no-curl HTTP.
new 2500183 * curl-shim.h, curl-shim.c: New. This is code to fake the curl API in terms of the current HTTP iobuf API.
new 2833a0e * curl-shim.c (curl_easy_perform): Fix compile warning.
new bb71180 * gpg.sgml: Add bkuptocard command for --edit-key.
new ca24b4e * w32installer.nsi: Added page to select the language. * mk-w32-dist: Create the opt.ini using the available languages.
new 00ef568 * card-util.c (fetch_url): Fetch the key from the default keyserver if no URL is available.
new b7491aa about to release 1.4.1rc2
new 05ae122 * gnupg.spec.in: Fix problem with storing the gpgkeys helpers in libexec, but calling them in libexec/gnupg.
new 522ca12 * keyedit.c (keyedit_menu): Only print the key signing hint when signing from a place where it is useful (i.e. --edit-key and not --sign-key).
new db82cdd * libcurl.m4: Use $LIBS instead of $LDFLAGS. This should help build problems on Mingw32.
new c91e30f * primegen.c (is_prime): Free A2. Noted by pmike2001 at mail.ru. Fixes #423.
new 1ccebd1 (secmem_realloc): Take control information into account when checking whether a resize is needed.
new e27aa93 (keyedit_menu) [W32]: Run the trustdb stale check earlier.
new 04f0217 * delkey.c (do_delete_key, delete_keys): Fix problem with --expert preventing --delete-secret-and-public-keys from deleting secret keys.
new 9bf9389 * keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an alias for http-proxy.
new f0e9a1f * configure.ac: New option --enable-noexecstack.
new a043c14 * cardglue.c (pin_cb): Disable debug output.
new a177090 * card-util.c (card_status): Use isotimestamp and not the localized asctimestamp to match the timezone used in the key information.
new 49ffa9a Preparing a release
new a659989 Post release preparations
new a906375 * ksutil.h, ksutil.c (init_ks_options, free_ks_options, parse_ks_options): Pull a lot of duplicated code into a single options parser for all keyserver helpers.
new 8ba895c (parse_ccid_descriptor): Make SCM workaround reader type specific. (scan_or_find_devices): Do not check the interface subclass in the SPR532 kludge, as this depends on the firmware version. (ccid_get_atr): Get the Slot status first. This solves the problem with readers hanging on recent Linux 2.6.x. (bulk_in): Add argument TIMEOUT and changed all callers to pass an appropriate one. Change the standard timeout from 10 to 5 seconds. (ccid_slot_status): Add a retry co [...]
new 4f34728 * ksutil.h, ksutil.c (ks_action_to_string): New. (free_ks_options): Only free if options exist.
new dee66f5 * gpgkeys_ldap.c: Include lber.h if configure determines we need it.
new 0914bbf * ldap.m4: New. Moved from configure.ac.
new 166876a * configure.ac: Move the LDAP detecting code to m4/ldap.m4.
new efa0dd2 * gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using parse_ks_options and remove a lot of common code.
new ff93f35 * options.h, keyserver.c (parse_keyserver_options, keyserver_spawn): Don't treat 'verbose' and 'include-disabled' as special. Just pass them through silently to the keyserver helper.
new e19aa2e * Makefile.am: Calculate GNUPG_LIBEXECDIR directly. Do not redefine $libexecdir.
new 24a34ee * ksutil.c (parse_ks_options): Handle verbose=nnn.
new 5f7720e * getkey.c (get_seckey_byname2): If no explicit default key is set, don't pick a disabled default. Noted by David Crick.
new 9c34849 * ttyio.c (tty_enable_completion, tty_disable_completion): Enable and disable readline completion. (init_ttyfp): Completion is disabled by default.
new c249809 * keyedit.c (command_generator, keyedit_completion) [HAVE_LIBREADLINE]: New functions to enable command completion in the --edit-key menu. (keyedit_menu): Call them here.
new 8885f0b * gpgkeys_ldap.c (main): Fix three wrong calls to fail_all(). Noted by Stefan Bellon.
new f30b25e * card-util.c (command_generator, card_edit_completion) [GNUPG_MAJOR_VERSION==1 && HAVE_LIBREADLINE]: New functions to enable command completion in the --card-edit menu. (card_edit): Call them here.
new f58ccc8 * readline.m4: Check for completion functionality.
new 31135af * keyedit.c (command_generator, keyedit_completion): Changed indentation. * card-util.c (command_generator, card_edit_completion): Ditto.
new 57b9ba5 * gpgv.c: Stubs for tty_enable_completion() & tty_disable_completion().
new 1517f0e * gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from gpgkeys_ldap.c. Print a string, but strip out any CRs.
new 4d5285e (rndw32_gather_random_fast): While adding data use the size of the object and not the one of its address. Bug reported by Sascha Kiefer.
new 1985805 (pin_cb): Print a warning if the info string hack is not there. This may happen due to typos in the translation.
new 0fae3c3 * w32installer.nsi: Allow including of WINPT source. Include libiconv source. * mk-w32-dist: Add code to detect presence of source. Calculate a build number; add option --build-number to overide.
new 14fdbdc * keyserver.c (keyserver_spawn): Don't mess about with the $PATH. Rather, call keyserver helpers with the full path. This fixes some PATH-inspired DLL problems on W32. Noted by Carlo Luciano Bianco.
new fe01cbc * keydb.c (keydb_add_resource): Clarify meaning of flags. Add new flag 4. Use log_info for errors registering the default secret key. * g10.c (main): Flag the default keyrings.
new c336e34 * exec.h, exec.c (set_exec_path): Remove some dead code and change all callers. We no longer need to append to $PATH.
new c43423f (keygen_set_std_prefs): Explain the chosen order of AES key sizes.
new 727cda9 * mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP) signatures that use hashes other than SHA-1, RIPEMD160, or MD5.
new 80f4424 Changes to make use of code taken from libassuan. This replaces the old ad-hoc connection code to gpg-agent. We do need this for the forthcoming diversion of card code to an already running gpg-agent with card-support.
new 4e1a0ea Typo fixes
new f8a3345 * ccid-driver.c (ccid_slot_status): Fixed debug messages.
new 73fb1c5 * g10.c (main, add_notation_data, add_policy_url) (add_keyserver_url): Use isascii() to protect the isfoo macros and to replace direct tests. Possible problems noted by Christian Biere. * keyserver.c (parse_keyserver_uri): Ditto.
new 4f996cc Fix minor build problem on OSX (need a replacement for memrchr)
new 40a9c99 Check for memrchr()
new 799f97c * configure.ac: Add --disable-old-hkp option that can be used along with --with-libcurl to build the curl version of HKP.
new 5748f59 * gpgkeys_curl.c (main): If the http-proxy option is given without any arguments, try to get the proxy from the environment.
new d8e1f76 * curl-shim.h, curl-shim.c (curl_escape, curl_free): Emulate curl_escape and curl_free.
new 352db25 * configure.ac: Remove --disable-old-hkp - use new HKP handler for --with-libcurl or --enable-fake-curl.
new f50e99e * curl-shim.h, curl-shim.c (handle_error, curl_easy_setopt, curl_easy_perform): Add POST functionality to the curl shim.
new 5609f5e * ksutil.h, ksutil.c (curl_writer), gpgkeys_curl.c (get_key): Pass a context to curl_writer so we can support multiple fetches in a single session.
new 0884653 * gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.
new b7c3018 * keyserver.c (keyserver_spawn): Free some memory.
new edc0862 * mainproc.c (symkey_decrypt_seskey): There is no need to have an extra check for a bad passphrase and/or unknown cipher algorithm here. We'll fail quite happily later, and usually with a better error message to boot.
new 5bfd119 * keyedit.c (sign_uids, keyedit_menu): When the user requests to sign a key without specifying which user IDs to sign, and declines to sign all user IDs, walk through the set of user IDs and prompt for which to sign.
new b4b228b * distfiles: Add assuan.h.
new 7e9b6d2 * gnupg.spec.in: No longer any need to override libexecdir. The makefiles now calculate this correctly internally.
new 6d72a1c * trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): Allow specifying user ID via the namehash from --with-colons --fixed-list-mode --list-keys. Suggested by Peter Palfrader.
new be90f3c * libcurl.m4: Add a check for curl_free() since older versions of libcurl don't have it. Substitute free() as an alternative.
new f02fe1d * trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the no-pubkey and chosen revocation cases. (clean_uid): New function to clean a user ID of unusable (as defined by mark_usable_uid_certs) certs.
new 5e6d360 * gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup and comments as to the size of MAX_LINE and MAX_URL.
new 6639bbf * passphrase.c (agent_get_passphrase): Add new arg CACHEID. Changed all callers. (ask_passphrase): Add new arg CACHEID and use it in agent mode. Changed all callers. (passphrase_clear_cache): New arg CACHEID. Changed all callers. * cardglue.c (format_cacheid): New. (pin_cb): Compute a cache ID. (agent_scd_pksign, agent_scd_pkdecrypt): Use it. (agent_clear_pin_cache): New. * card-util.c (change_pin): Clear the PIN cache. (check_pin_for_key_operation): Ditto.
new 049195f * gpgkeys_http.c: Need GET defined.
new d9d902d * ksutil.h, ksutil.c: #ifdef so we can build without libcurl or fake-curl.
new cf7c0fe * gpg.sgml: Clarify --min-cert-level a bit.
new c71639c * options.h, g10.c (main): Add new --default-sig-expire and --default-cert-expire options. Suggested by Florian Weimer.
new 08bd93f * keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default preferences.
new da0c60a * keygen.c (start_tree): New function to "prime" a KBNODE list. (do_generate_keypair): Use it here rather than creating and deleting a comment packet.
new ef92ff6 Remove add_days_to_timestamp (unused)
new 89055cc * Makefile.am, packet.h, main.h, comment.c: Remove comment.c. We don't use any of these functions any longer.
new 10f51e0 * sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use the default sig expire value when signing in batchmode.
new 89c844b * main.h, keygen.c (parse_expire_string, ask_expire_interval), sign.c (sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c (sign_uids): Use seconds rather than days internally to calculate expiration. We no longer need the day-based code as we don't generate v3 keys.
new 0ab0148 (do_close_reader): Don't do a reset before close. Some folks reported that it makes the SCR335 hang less often. Look at the source on how to re-enable it.
new e81d88b * keygen.c (write_selfsigs): Rename from write_selfsig. Write the same selfsig into both the pk and sk, so that someone importing their sk (which will get an autoconvert to the pk) won't end up with two selfsigs. (do_generate_keypair): Call it from here.
new c5fa20d * build-packet.c (do_comment): Removed. (build_packet): Ignore comment packets.
new 780331c * gpg.sgml: Document --default-sig-expire and --default-cert-expire, remove --sk-comments and --no-sk-comments, and clarify the form of a non-IETF notation for --sig-notation and --cert-notation.
new bd644c8 (ccid_transceive): Arghhh. The seqno is another bit in the R-block than in the I block, this was wrong at one place. Fixes bug #419 and hopefully several others.
new be2aa37 * cardglue.c (send_status_info): Make CTRL optional. (agent_scd_writekey, inq_writekey_parms): New. (agent_openpgp_storekey): Removed. * cardglue.h: Add a few more error code mappings. * keygen.c (copy_mpi): Removed. (save_unprotected_key_to_card): Changed to use agent_scd_writekey. * app-common.h, app-openpgp.c, tlv.c, tlv.h: Updated from newer version in gnupg 1.9 CVS.
new 7567533 * cardglue.c (open_card): Check USE_AGENT.
new 2f63b52 * app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS.
new d8bd3a3 (add_notation_data): Check number of at-signs.
new 2ab2a87 (add_notation_data): Check number of at-signs.
new d0f5655 * passphrase.c (ask_passphrase): Unescape the description string. * cardglue.c (unescape_status_string): Removed. Changed all caller to use ... * misc.c (unescape_percent_string): New.
new 167c23b * NEWS: Note command completion and the new curl-based HKP helper.
new 0bad13c * g10.c (main): Default {export|import}-unusable-sigs to off until the "clean" UI can be finished.
new acac94a * trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through the user IDs on a key, and mark any that aren't valid for deletion.
new e5a100c * strgutil.c (set_native_charset) [_WIN32]: Add alias for codepage CP65001 to utf-8.
new 0a9827c * trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk through the subkeys on a key, and mark any that aren't usable for deletion. Note that a signing subkey is never marked for deletion since these keys are still useful after expiration or revocation.
new 7d4043c Updated FSF street address and preparations for a release candidate.
new a6a93ac * keydb.h [!ENABLE_AGENT_SUPPORT]: Define dummy types.
new df5f65e *** empty log message ***
new 8639e97 .
new db8adc2 * keyedit.c (menu_clean_uids_from_key, menu_clean_subkeys_from_key), trustdb.c (clean_uids_from_key, clean_subkeys_from_key): Fix mingw32 build warnings. Noted by Joe Vender.
new a644a1d * ksutil.c [HAVE_DOSISH_SYSTEM]: Fix warnings on mingw32. Noted by Joe Vender.
new 7bf9354 * signal.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on mingw32. Noted by Joe Vender.
new c347404 * gpgkeys_hkp.c, gpgkeys_oldhkp.c: Add support for HKP servers that aren't at the root path. Suggested by Jack Bates.
new 34ff103 * ksutil.c (init_ks_options, parse_ks_options): Provide a default "/" path unless overridden by the config. Allow config to specify items multiple times and take the last specified item.
new 33f81c5 * random.c: Fix prototype of the fast random gatherer. Noted by Joe Vender.
new 2c9948c * options.h, g10.c (main), export.c (parse_export_options, do_export_stream): Add export-options export-clean-sigs, export-clean-uids, export-clean-subkeys, and export-clean which is all of the above. Export-minimal is the same except it also removes all non-selfsigs. export-unusable-sigs is now a noop.
new 1b07e37 * getkey.c (fixup_uidnode, merge_selfsigs_main): Handle both expired and revoked uids in fixup_uidnode(). No need to special case in merge_selfsigs_main(). This also means that an expired uid will have its selfsig tagged with chosen_selfsig.
new dddcb6d * dotlock.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on mingw32. Noted by Joe Vender.
new 475107d * trustdb.c (clean_uids_from_key), keyedit.c (menu_clean_uids_from_key): Tweak algorithm to preserve the last selfsig which helps prevent uid resurrections.
new 31522ba * keydb.h, kbnode.c (undelete_kbnode): New function to undelete a kbnode.
new 045433e * options.h, export.c (do_export_stream), keyedit.c (keyedit_menu, menu_clean_subkeys_from_key), trustdb.h, trustdb.c (clean_subkeys_from_key): Remove subkey cleaning function. It is of very limited usefulness since it cannot be used on any subkey that can sign, and can only affect multiple selfsigs on encryption-only subkeys.
new 1594883 * options.h, import.c (parse_import_options, delete_inv_parts): import-unusable-sigs is now a noop.
new 6e9b751 * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure that even after keys may be merged together, we only have one chosen selfsig.
new f3c4b07 * options.h, import.c (parse_import_options, clean_sigs_from_all_uids, import_one): Add import-clean-sigs option to automatically clean a key when importing. Note that when importing a key that is already on the local keyring, the clean applies to the merged key - i.e. existing superceded or invalid signatures are removed.
new 1067c01 * configure.ac: Add check for no-pointer-sign warning keyword, and disable. This is gcc4 specific.
new 07e9d53 * keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.
new 059d159 (parse_signature): Use log_info for messages about missing timestamp or keyid. In case we don't use that key there won't be no further error and thus gpg does not need to return with an error.
new 2d2e2e7 * gpg.sgml: Document smartcard related options.
new c66eeec * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 warning.
new 730dbae * gpg.sgml: Document --edit-key/clean, import-clean, and export-clean.
new d010af0 * NEWS: Note key cleaning commands.
new 4e97970 * gpgkeys_hkp.c (append_path, send_key, get_key, search_key, main), gpgkeys_oldhkp.c (main): Properly handle double slashes in paths.
new 167d957 Preparing a release candidate
new 8bda8f7 .
new fa21ccc * conventional.test (algos): Uhh ohh, cut+paste error and not tested.
new a63f5e5 Post release version number update
new b967d27 * http.c (send_request): Need == after the radix64-encoded basic auth string.
new c8d1036 * http.c (send_request, http_open, http_open_document): Pass in auth and proxyauth that can override the in-url auth.
new 1684bda * http.h: Fix prototypes for http_open_document and http_open to pass in auth and proxyauth.
new 7f4d49b * gpgkeys_http.c (get_key), gpgkeys_oldhkp.c (send_key, get_key, search_key): Fix http_open/http_open_document calls to pass NULL for auth and proxyauth since these programs pass them in the URL.
new b0ba0c6 * libcurl.m4: Only do the OS X linker fix on Panther. Tiger has a clean curl-config.
new 825d126 * memrchr.c (memrchr): Not all compilers allow initializing based on a variable that is also being initialized. Noted by Nelson H. F. Beebe.
new c5a94d2 * http.c (make_radix64_string): Add '=' padding as per standard. (send_request, http_open, http_open_document): Clean up auth code. Can now support different auth for a proxy and the file being requested via that proxy. Unescape auth strings.
new b7a7551 * http.h: Fix prototypes for http_open_document and http_open again, to handle the new different auth for regular files and proxies.
new ffa6854 * gpgkeys_http.c (get_key), gpgkeys_oldhkp (send_key, get_key, search_key): No longer need to pass a proxyauth.
new d65763e * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): Add CURLOPT_USERPWD option for HTTP auth.
new ccab129 * gpgkeys_mailto.in, gpgkeys_test.in: Use @VERSION@ so version string stays up to date.
new 8238e76 * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around when compacting a uid. There is no reason to make an attacker's job easier - this way they only have a revocation which is useless in bringing the uid back.
new 6dc5a11 * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols.
new eae1f4b * samplekeys.asc: Update 99242560.
new 730247b * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
new a0b4f40 * g10.c, options.h: New option --limit-card-insert-tries. * cardglue.c (open_card): Use it.
new 52527dc Document --limit-card-insert-tries.
new f23b945 * libcurl.m4: Check that our libcurl has curl_version_info(CURLINFO_NOW).
new 826999a Typo.
new eb1db23 CURLINFO_NOW -> CURLVERSION_NOW
new 431de51 * configure.ac: Add a define for FAKE_CURL.
new a918d63 * keyserver.c (curl_can_handle): New. Do a runtime check against libcurl to see if it can handle a particular protocol. (keyserver_typemap): Call it here.
new 6f0ed85 * gpgkeys_curl.c (get_key, main): Don't try and be smart about what protocols we handle. Directly pass them to curl or fake-curl and see if an error comes back.
new 04b9cec * options.h, g10.c (main), keyedit.c (keyedit_menu): Use --interactive to enable the uid walking when signing a key with no uids specified to sign.
new a486501 * gpg.sgml (http):
new 45bacc5 *** empty log message ***
new 99c80f8 * keyedit.c (sign_uids): Don't prompt for setting signature expiry to match key expiry unless --ask-cert-expire is set. Suggested by Peter Palfrader.
new 862652e Preparing a release
new a7ea40e * passphrase.c (agent_get_passphrase): Make sure to release the saved codeset. (agent_open): Add arg ORIG_CODESET and switch back to it in case of error. Changed all callers.
new a5a5acb Updated.
new 5fe762d post release version number updates
new 9df2dbd * NEWS, configure.ac: Switch over to using curl or fake-curl by default. Add --enable-old-keyserver-helpers to not use curl.
new efea9c3 * keyserver.c (keyserver_typemap): Special-case LDAP since curl will report that it can handle it, and we don't want it to.
new 0e6d1bb First commit to Subversion.
new fe3d294 Add a note that CVS is beeing migrated to Subversion
new cd57062 Removed directories which are only used by the 1.9 branch
new a1cdf3c Converted all m_free to xfree etc.
new 986a137 Implemented PKA trust model
new 1d139c8 Implemented PKA trust model
new 3244978 Removed silly old file
new 1990aac * gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show version of curl (or curl-shim) when debug is set.
new cd4c621 Fixes pertaining to revocation creation with subkey-only exported card keys
new c058bd6 Add gpg-zip, a la PGP Zip.
new bf47289 * keygen.c (start_tree): Need to use an actual packet type (which we can then delete) to start the tree.
new 5ce7563 Revert bad patch.
new a4563ec * keygen.c (write_keyblock): Don't try and build deleted kbnodes since we start our tree with one.
new c765d1e * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0. Noted by Michael Schierl.
new 533bc3e * keygen.c (proc_parameter_file): Sanity check items in keygen batch file. Noted by Michael Schierl.
new 433038b * gpg-zip.in: Add --decrypt functionality. Fix quoting so filenames with spaces work properly.
new 2ce542a auto retrieve keys from PKA. Thsi allows to specify an email address so that gpg can get the key from DNS. This helps with opportunistic encryption. No integration with the trust modell yet.
new 6ce02d4 * ldap.m4: If a PATH is given to --with-ldap, bias directory search towards the given path for includes and libraries. Noted by Jason Harris.
new 82bee9c * g10.c (main), passphrase.c (set_passphrase_from_string): New --passphrase command line option. Only useful in very special circumstances.
new 9536012 Missed keydb.h entry for set_passphrase_from_string
new f02c0f6 * Makefile.am: Include LDAP_CPPFLAGS when building LDAP.
new 2e38eab * configure.ac: Remove hardcoded -I and -L for /usr/local on FreeBSD.
new 0a3eda2 Experimental code to improve AES performance. Got about 25% on ia32.
new e9b444a * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-email.
new 2d353af * gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP.
new 70bf6d9 * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-name. The last of exact-name and exact-email overrides the earlier.
new bd146d5 * options.skel: Remove the surfnet LDAP keyserver from the list of samples since it is being shut down.
new 5cb5142 * g10.c (main): Add aliases sign-with->local-user and user->recipient to make switching from PGP command line to GPG easier.
new 2e8c02b * exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read): Minor cleanup to use bitfield flags instead of a bunch of integers.
new 24adfe6 * Makefile.am: No need to link with curl any longer.
new 55e38d7 * gnupg.spec.in: Distribute gpg-zip.
new a21fedf * gpg.sgml: Fix documentation for setpref/updpref, document import-clean, --status-file, --logger-file, --attribute-file, --passphrase-file, --passphrase, and --command-file. Comment out the "+word match" selection syntax since it isn't supported.
new aec65a9 * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and exact-email. (classify_ks_search): Mimic the gpg search modes instead with *, =, <, and @.
new 752d64b * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode. Suggested by Michael Schierl.
new f74282b * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing algorithms.
new cb00951 * fileutil.c (untilde): New. Expand ~/foo and ~username/foo filenames into full paths using $HOME if possible, or getpwuid/getpwnam if necessary. (make_filename): Use it here.
new 187eaf0 * photoid.c (generate_photo_id): Enable readline completion and tilde expansion for the JPEG prompt.
new 516ec53 * mpicoder.c (mpi_read): Fix minor bug in reading a zero-length MPI (was failing unnecessarily).
new be85438 * photoid.h, photoid.c (generate_photo_id): Allow passing in a suggested filename.
new 039c27f * parse-packet.c (enum_sig_subpkt, parse_signature, parse_attribute_subpkts): Make a number of warnings verbose items. These fire on many slightly mangled keys in the field, so the warning is becoming burdensome.
new 9a2a290 Add "help" sub option to --*-options.
new b4b9f89 Updated card stuff to support T=0 cards.
new 65566b5 * keyedit.c (show_names): Moved name display code out from show_key_with_all_names. (keyedit_menu): Call it here for pref and showpref so they can show only the selected user ID. Suggested by Timo Schulz.
new 4afa18b * main.h, misc.c (parse_options): Add the ability to have help strings in xxx-options commands.
new 8e17d64 * keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute IDs as well as regular text IDs.
new d0b9ff1 * mainproc.c (proc_symkey_enc): Take care of a canceled passphrase prompt.
new 8db0dc2 * gpg.sgml: Note that --display-charset is just for display and doesn't recode data. Note that --search-keys can use the standard search syntax now (<, =, *, @). Document the @-address mode.
new 98dc484 2005-10-02 Marcus Brinkmann <marcus at g10code.de>
new bd1df01 Renamed g10.c to gpg.c Filelength fixes for W32.
new 3470697 Fixes for the g10.c -> gpg.c renamed
new 02aefe3 Yet another fix for the gpg.c rename
new 47433ad * getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2), keygen.c (make_backsig): Did some backsig interop testing with the PGP folks. All is well, so I'm turning generation of backsigs on for new keys. Checking for backsigs on verification is still off.
new 094a7ab * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c (signature_check2): Add --require-backsigs and --no-require-backsigs. Currently defaults to --no-require-backsigs.
new 6c4e740 * keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to add 0x19 backsigs to old keys that don't have them.
new 21eea5b * NEWS: Clarify the cURL keyserver changes, and add a note about gpg-zip.
new 9b7f1f6 exported subkeys are now merged into one output keyblock
new c857197 Fixed minor card related bugs and enhanced status messages
new 4a58bbb * readline.m4: Check for rl_completion_func_t and rl_completion_matches.
new b9f1815 * keygen.c (proc_parameter_file): Default key and subkey usage flags to algo capabilities if parameter file doesn't specify them. Noted by Timo Schulz.
new 2b50f31 cygwin fixes
new b3ea683 * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with adding a cert-only designated revoker. Code was looking for a key with sign ability, and not cert ability. Noted by Timo Schulz.
new 74ee007 * gpg.sgml: Document backsign, --require-backsigs, and --no-require-backsigs.
new 19de046 * import.c (import_one): Do collapse_uids() before we do any cleaning so keyserver mangled keys with doubled user IDs can be properly cleaned - possibly sigs on the different user IDs cancel each other out.
new 4e27a9f * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in the sigs that are cleaned. Suggested by Dirk Traulsen and many others.
new b82202f * gpg.sgml: Clarify what is and isn't included in a "clean sigs".
new 2a662f7 Fix various build warnings reported by Joe Vender on MinGW.
new db90be2 * libusb.m4: Check for libusb-config and if we find it, use --libs and --cflags. This is needed for OS X since libusb brings in dependencies to various Apple libraries.
new f48ef0f * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. Strictly speaking this should be only in gpg_CPPFLAGS, but then we have to compile everything twice for gpg and gpgv.
new 11c7699 * options.skel: Add a section for --encrypt-to. This is Debian bug 336211 by Javier Fernández-Sanguino Peña.
new debc169 * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all non-selfsigs from key during cleaning. Change all callers.
new 477ded8 * options.h, import.c (parse_import_options, clean_sigs_from_all_uids, import_one): Add import-minimal option. Similar to export-minimal, except it works on the way in.
new ce1ce89 * packet.h: Move some flags to a bitfield. Change all callers.
new 843d571 * packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c (clean_uids_from_key): Fix display bug where sigs cleaned for other reasons caused a uid to appear as if it had been compacted.
new a81633c * keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize" command.
new fe30a11 * trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly simpler implementation.
new 40b9d56 * trustdb.h, trustdb.c (clean_key): New function to handle key cleaning from one convenient place.
new 9d49768 * armor.c (parse_header_line): A fussy bit of 2440: header lines are delimited with a colon-space pair. Therefore a line such as "Comment: " is actually legal, albeit not particularly useful.
new eac8dbc * keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just "clean", and add "minimize".
new 3349715 * NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal options.
new 092bae8 * gpg.sgml: Clarify "xxxxx-clean" and "clean". Document "xxxxx-minimal", and "minimize".
new f7c138d * free-packet.c (copy_secret_key): Copy secret key into secure memory since we may unprotect it.
new 28c1250 * main.h, keylist.c (print_revokers): New. Print the "rvk" designated revoker record. Moved from keyedit.c:show_key_with_all_names_colon.
new c0d7fa3 * Makefile.am: Some cleanup so we don't build files that are completely ifdeffed out. This causes a warning on Sun's cc. Do sha512.c as well for consistency.
new a635daa * mkdtemp.c (mkdtemp): Fix warning.
new d6e918e * curl-shim.c (curl_easy_perform): Fix build warning (code before declaration).
new 8a0cf1d * idea-stub.c (load_module): Not legal to return a void * as a function pointer.
new bc1c4af Some cleanup so we don't build files that are completely ifdeffed out. This causes a warning on Sun's cc. Do the internal regex code as well for consistency.
new 990097b Missed file.
new c826ccd * ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.
new 05193a2 * keyserver.c (keyserver_spawn): Don't print "searching for key 00000000" when fetching a URI.
new a4fae95 * gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language for the key-not-found error.
new 4ba9fd4 * gpg.sgml: Document -d. Add [file] to a few options.
new 1d051e8 * options.h, keyserver.c (curl_cant_handle, keyserver_spawn, keyserver_fetch): Set a flag to indicate that we're doing a direct URI fetch so we can differentiate between a keyserver operation and a URI fetch for protocols like LDAP that can do either.
new 0edfbba Made strings translatable. Minor fixes.
new 735257e * keyserver.c (keyserver_fetch): Switch on fast-import before we --fetch-keys so we don't rebuild the trustdb after each fetch.
new f8c4263 * gpg.sgml: Document --fetch-keys.
new 81f6425 * NEWS: Note --fetch-keys.
new b12d50d * ttyio.c (tty_enable_completion, tty_disable_completion): Add checks for no_terminal so we don't try to open("/dev/tty") when invoked with --no-tty.
new 26eeebf * gpg.c (main): Don't default to import-options convert-sk-to-pk. It causes confusing warning messages when importing a PGP-exported key that contains a secret key without selfsigs followed by the public key.
new aebd3a0 * gpg.c (main): Restore convert-sk-to-pk as programs rely on it.
new 5432755 * ksutil.h, ksutil.c (curl_armor_writer, curl_writer, curl_writer_finalize): New functionality to handle binary format keys by armoring them for input to GPG.
new 64fa7ea * getkey.c (merge_selfsigs_main): All primary keys can certify.
new f1482aa Finished PKA feature
new f3c99c6 * configure.ac: Split PKA checking off from DNS SRV checking. Currently PKA is only enabled if HTTP or HKP is enabled which is not necessary.
new 5e08b08 * srv.c, Makefile.am: Only build srv.c if we need to.
new 7f13d48 New code to do DNS CERT queries.
new da9a10d * ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
new 8b9c16e * gpgv.c: Stub.
new 846eefa * keyserver.c (keyserver_import_pka): New. Moved from getkey.c:get_pubkey_byname which was getting crowded.
new 74117cf * cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.
new cbc5c94 * sign.c (hash_for): Add code to detect if the sk lives on a smart card. If it does, only allow 160-bit hashes, a la DSA. This involves passing the *sk in, so change all callers. This is correct for today, given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160 support in the openpgp card. It will almost certainly need changing down the road.
new 5bce704 * sign.c (write_signature_packets): Lost a digest_algo line.
new 1315171 * mainproc.c (check_sig_and_print), keyserver.c (keyserver_import_pka), card-util.c (fetch_url): Always require a scheme:// for keyserver URLs except when used as part of the --keyserver command for backwards compatibility.
new 7b978ef * keyserver.c (keyserver_refresh): Fix problem when more than one key in a refresh batch has a preferred keyserver set. Noted by Nicolas Rachinsky.
new 2c4b5d5 * gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when uploading a key.
new fa4b604 * libcurl.m4: Remove GOPHER, as that is not supported in libcurl any longer.
new 10d917a * libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.
new dbe415e * keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a passphrase as if it was used (move from next_pw to last_pw).
new d232175 * configure.ac: Add define for EXEEXT so we can find keyserver helpers on systems that use extensions.
new 4ff7d09 * keyserver.c (keyserver_spawn): Include the EXEEXT so we can find keyserver helpers on systems that use extensions.
new 214a3a6 * keyserver.c (parse_keyserver_uri): If there is a path present, set the direct_uri flag so the right keyserver helper is run.
new 23cfe01 * cert.c (get_cert): Disable IPGP types for now until the format questions in the draft are settled.
new 4f34366 Add support fro CardMan 4040
new af67c98 Fixed a couple of problems
new 2410941 Lock random seed file
new 966cd80 Fixed a wrong return code with gpg --verify
new b121d02 about to release 1.4.3rc1
new 5b209e3 * configure.ac: Try linking the UINT64_C test program (rather than just compiling it) as UINT64_C looks like a (missing) function, causing a false positive. Noted by Claus Assmann.
new ca6c57b * http.c (send_request): A zero length proxy is the same as no proxy.
new 8a1bd08 * keyserver.c (parse_keyserver_uri): Include the scheme in the uri even when we've assumed "hkp" when there was no scheme.
new 0eb4e93 * gpgv.c: Stub keyserver_import_ldap.
new e4206de * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for easier debugging.
new d038b36 * getkey.c (get_pubkey_byname): Fix minor security problem with PKA when importing at -r time. The URL in the PKA record may point to a key put in by an attacker. Fix is to use the fingerprint from the PKA record as the recipient. This ensures that the PKA record is followed.
new 79ec50f * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, curl_easy_perform): Mingw has 'stderr' as a macro?
new c68649e * gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass credentials to a remote LDAP server.
new e396cd2 * gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allow duplicate attributes as OpenLDAP is now enforcing this.
new 7eab184 * options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate): Parse a list of key access methods. (get_pubkey_byname): Walk the list here to try and retrieve keys we don't have locally.
new 477defd * options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c (keyserver_opts): Rename auto-pka-retrieve to honor-pka-record to be consistent with honor-keyserver-url.
new 305288b * options.h, keyserver.c (parse_keyserver_options): Remove auto-cert-retrieve as it is no longer meaningful. Add max-cert-size to allow users to pick a max key size retrieved via CERT.
new 482a3a0 * gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on odd matches.
new 1ae024e * options.h, keyserver-internal.h, keyserver.c (keyserver_import_name), getkey.c (free_akl, parse_auto_key_locate, get_pubkey_byname): The obvious next step: allow arbitrary keyservers in the auto-key-locate list.
new c374532 * options.h, keyserver.c (add_canonical_option): New. (parse_keyserver_options): Moved from here. (parse_keyserver_uri): Use it here so each keyserver can have some private options in addition to the main keyserver-options (e.g. per-keyserver auth).
new 1736866 * gpg.c (add_notation_data): Fix reversed logic for isascii check when adding notations. Noted by Christian Biere.
new 09e3b78 * keyserver.c (parse_keyserver_uri, add_canonical_option): Always append options to the list, as ordering may be significant to the user.
new 0302c7e * ksutil.c (init_ks_options): Default include-revoked and include-subkeys to on, as gpg isn't doing this any longer.
new 624f358 * options.c, gpg.c (main), keyserver.c (keyserver_spawn): No special treatment of include-revoked, include-subkeys, and try-dns-srv. These are keyserver features, and GPG shouldn't get involved here.
new 4139587 * keyserver.c (parse_keyserver_options): Only change max_cert if it is used.
new f4f5ea4 * keydb.h, getkey.c (release_akl), gpg.c (main): Add --no-auto-key-locate.
new 837a6f0 * gpg.sgml: Document new --keyserver syntax.
new 4b67eca * options.skel: Document auto-key-locate and give a pointer to Simon Josefsson's page for CERT.
new 2385935 * configure.ac: Fix accidental enabling of SHA-384/512. Noted by Nelson H. F. Beebe.
new 78904c6 * getkey.c (parse_auto_key_locate): Error if the user selects "cert" or "pka" when those features are disabled.
new 9523139 * gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP libraries that have TLS.
new 09203be Replaced an assert and fixed batch mode issue in cardglue.
new a200f76 Fixed problem with PGP2 style signatures and mutilple plaintext data
new 3e08d87 Stricter test of allowed signature packet compositions. There is still one problem to solve.
new 5d2060e * mainproc.c (proc_compressed): "Uncompressed" is not a valid compression algorithm.
new 764b3f9 * sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that is not a PGP 2.x algorithm.
new 199f4bd * gpg.sgml: Document --auto-key-locate.
new 4aeb4d4 More tests added; make distcheck works
new 81e2591 * NEWS: Note --auto-key-locate and that keyservers can handle binary data now.
new 4f9efb7 * options.h, gpg.c (main, parse_trust_model), pkclist.c (check_signatures_trust), mainproc.c (check_sig_and_print, pka_uri_from_sig), trustdb.c (init_trustdb): Some tweaks to PKA so that it is a verify-option now.
new ee3379a * gpg.sgml: Document new way of enabling the PKA functions. Some minor other cleanups.
new b62ca46 * gpg.sgml: Rename backsigs to cross-certification (backsigs is just shorthand). Document max-cert-size.
new 07c48cf * NEWS: Note CERT retrieval. Tweak PKA and backsig language to match current code.
new 90d8377 * options.h, mainproc.c (check_sig_and_print), gpg.c (main): pka-lookups, not pka-lookup.
new 4fea8fd * options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data): Use it here for the various notation commands.
new 889c4af * packet.h, build-packet.c (sig_to_notation), keygen.c (keygen_add_notations): Tweak to handle non-human-readable notation values.
new 0f7b437 * packet.h, build-packet.c (sig_to_notation), keygen.c (keygen_add_notations): Provide printable text for non-human-readable notation values.
new cc9a71c * argparse.c (default_strusage): Update copyright year to 2006.
new 5460153 * mainproc.c (get_pka_address), keylist.c (show_notation): Remove duplicate code by using notation functions.
new d810409 * keyedit.c (menu_set_notation): New function to set notations on self-signatures. (keyedit_menu): Call it here. (tty_print_notations): Helper. (show_prefs): Show notations in "showpref".
new 0317ae6 * gpg.sgml: Document "notation".
new cf10c31 Preparing for an RC23
new 3ea8fc3 Updated
new a917165 keep on walking towards rc3
new e914311 * build-packet.c (string_to_notation): Add ability to indicate a notation to be deleted with a '-' prefix.
new 5784a43 * gpg.sgml: Clarify new notation delete feature.
new 48773e4 * samplekeys.asc: Update 99242560 to have a signing subkey backsig.
new 7e3ba27 * sig-check.c (signature_check2): Print the backsig warning when there is no backsig present. Give a URL for more information.
new 671ec45 * main.h, import.c (import_one): Optionally return the fingerprint of the key being imported. (import_keys_internal, import_keys_stream, import): Change all callers.
new b478ce7 * keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work, keyserver_import_cert, keyserver_import_name, keyserver_import_ldap): Pass fingerprint info through.
new 9f524c4 * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the same API as the other auto-key-locate fetchers.
new e0ad2bd * cert.c (get_cert): Handle the fixed IPGP type with fingerprint.
new 3cfc770 * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for both the fingerprint alone, and fingerprint+URL cases.
new f454792 * configure.ac: Allow the DNS stuff to work on OSX by trying the Apple-specific BIND_8_COMPAT.
new 0f4f660 * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if' rather than '#ifdef' BIG_ENDIAN_HOST. Harmless as we explicitly define BIG_ENDIAN_HOST to 1 when we need it, but needed for OSX fat builds when we define BIG_ENDIAN_HOST to another macro.
new 7fcba08 * configure.ac: Add --disable-endian-check for building fat binaries on OSX.
new ca76672 * configure.ac: Improved --disable-endian-check that doesn't involve changing #ifdefs in the rest of the code.
new 70f1c32 * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previous change. It's now all done in configure.
new 7f99c71 Allow for rmd160 signatures when using gpg-agent.
new 5531da1 * mainproc.c (get_pka_address): Fix bug introduced as part of sig_to_notation conversion. Noted by Peter Palfradrer.
new ac46433 Changed URLs
new 97b0606 * getkey.c (parse_auto_key_locate): Silently strip out duplicates rather than causing an error.
new 025aabf * README: Missing some instructions on building a fat binary.
new 0ea95fd * gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they use the regular old API that is compatible with other LDAP libraries.
new f99dec9 * cert.c (main): Fix test program build warning on OSX.
new a43c1bc * README: Some more notes about building fat binaries.
new 92e1528 * main.h, seskey.c (encode_md_value): Modify to allow a q size greater than 160 bits as per DSA2. This will allow us to verify and issue DSA2 signatures for some backwards compatibility once we start generating DSA2 keys. * sign.c (do_sign), sig-check.c (do_check): Change all callers.
new 66965cc Update copyright
new 4afa4eb * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock. Fix strings to not start with a capital letter as per convention.
new 256f676 About to release 1.4.3
new 9149748 post release updates
new d855bd3 * make-dns-cert.c: New program to generate properly formatted CERT records so people don't have to do it manually.
new 1f6fba7 * make-dns-cert.c: Some changes from Peter Palfrader to send errors to stderr and allow spaces in a fingerprint. Also warn when a key is over 16k (as that is the default max-cert-size) and fail when a key is over 64k as that is the DNS limit in many places.
new 4af2725 * memory.c (realloc): Fix compile problem with --enable-m-guard.
new e5a03c8 See ChangeLog
new 4fdc638 Fixed segv
new 51e88a5 * getkey.c (parse_auto_key_locate): Fix dupe-removal code.
new 1bf0266 * gpg.sgml: Some typo fixes. This is Debian 361324.
new 3011a39 * ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT and KS_SEARCH_KEYID_LONG to search for a key ID.
new af0a0ae * gpgkeys_ldap.c (get_name): Build strings with strcat rather than using sprintf which is harder to read and modify.
new ed776a9 * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote directly into place rather than mallocing temporary buffers.
new 168583e Add new regression test
new 2830e83 .
new 27bb89d * options.skel, photoid.c (get_default_photo_command): Find an image viewer at runtime. Seems FC5 doesn't have xloadimage.
new 8df71cf * memory.c (realloc): Revert m_guard fix and stick an #error in there to inform people not to use it.
new b2f4b15 use minimal posix sed
new 45c1414 * miscutil.c (make_printable_string): Fix bug where some control characters lose part of their ASCII representation.
new 0b33740 * gpg.sgml: Reminders that --cipher-algo, --digest-algo, and --compress-algo should be avoided.
new 36ce455 * keyedit.c (menu_backsign): Give some more verbose errors when we have no need to backsign.
new f0902a6 Add SHA-224 support
new ebdd458 * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512.
new 99b1f3e * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add SHA-224.
new 2f94329 The plumbing necessary to create DSA keys with variable sized q. Not yet used (q==160).
new b625a6d (generate): Tweak to allow keys larger than 1024 bits. Enforce that the q size doesn't end between byte boundaries.
new 0f1c0a9 * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults to disable.
new fcb3150 * make-dns-cert.c (main): Small exit code tweak from Peter Palfrader.
new 19c3532 * keyserver.c: Fix build problem with platforms that stick libcurl in a place not in the regular include search path.
new e87d36c * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as this is done via curl or fake-curl.
new f37dac8 * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.
new 034937c * keyserver.c (path_makes_direct): New. (keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx helpers when the meaning is different if a path is provided (i.e. ldap).
new bc81ce6 (keyserver_import_cert): Show warning if there is a CERT fingerprint, but no --keyserver set.
new 76d69cd * NEWS: Note SHA-224 and DSA2.
new eda3d78 * libcurl.m4: Fix mistaken AC_SUBST when curl is not found.
new e09aa70 Fixed OSF5 warning suppression.
new 1918e6a Forgot to save the actual fix
new 6089d7f Updated keys
new 7596ae1 * getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection problem when auto-key-locate returns a list of keys, not all of which are usable (revoked, expired, etc). Noted by Simon Josefsson.
new a26d0ff 2006-05-22 Marcus Brinkmann <marcus at g10code.de>
new 3bee120 * import.c (import_one): Fix bug when importing a new key from a file.
new 197c7a3 * parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c (build_sig_subpkt_from_sig), getkey.c (fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey), keygen.c (keygen_add_key_expire): Fix meaning of key expiration and sig expiration subpackets - zero means "never expire" according to 2440, not "expire instantly".
new 8fa55e2 * configure.ac: Add --disable-optimization. This is handy for debugging so the compiler doesn't rearrange things and eliminate variables.
new 782a70e * gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are called with them closed. This is to protect our keyring/trustdb files from corruption if they get attached to one of the standard fds. Print a warning if possible that this has happened, and fail completely if we cannot reopen (should never happen). (main): Call it here.
new 071d362 * mksamplekeys: Incorporate new package signature key and minimize keys when generating samplekeys.asc.
new 5cef0ca * exec.c (make_tempdir): Fix bug with a temporary directory on Win32 that is over 256 bytes long. Noted by Israel G. Lugo.
new e9bbf25 Added backsig to my key
new 05a2a2f * keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes > 1024 when --enable-dsa2 is set). The size of q is set automatically based on the key size. (ask_keysize, generate_keypair): Ask for DSA size when --enable-dsa2 is set.
new b9c2f44 * exec.c (make_tempdir) [_WIN32]: Modified to properly handle arbitrarily long temporary directory paths.
new 49c3195 Revert last. It is still wrong.
new 91dbfce * parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes. This prevents a memory allocation attack with a very large user ID. A very large packet length could even cause the allocation (a u32) to wrap around to a small number. Noted by Evgeny Legerov on full-disclosure.
new 7211ee5 * keygen.c (gen_card_key): Add optional argument to return a pointer (not a copy) of the stub secret key for the secret key we just generated on the card. (generate_card_subkeypair): Use it here so that the signing key on the card can use the card to generate the 0x19 backsig on the primary key. Noted by Janko Heilgeist and Jonas Oberg.
new 4f7b459 * import.c (import_one): Add a flag (from_sk) so we don't check prefs on an autoconverted public key. The check should only happen on the sk size. Noted by Dirk Traulsen.
new acbac61 * gpg.sgml: Note that --pgp8 does not include SHA224. Clarify that clearsigned messages are not reversible.
new 059c67c * sign.c (do_sign): Accept a truncated hash even for DSA1 keys (be liberal in what you accept, etc).
new 00db922 * options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs, keygen_add_std_prefs, proc_parameter_file): Add --default-keyserver-url to specify a keyserver URL at key generation time, and "Keyserver:" keyword for doing the same through a batch file.
new bb97576 * gpg.sgml: Document --enable-dsa2, --disable-dsa2, and --default-keyserver-url.
new a3883eb About to do a new release
new 44e22e1 Typo fix
new 74315bb Ready for a release
new 826ffd8 Post release version update
new e0af7eb do no use reopen_std under W32.
new 2338011 Fixed uploading of keays.
new 7c457fa * pkclist.c (algo_available): Automatically enable DSA2 mode when handling a key that clearly isn't DSA1 (i.e. q!=160).
new 2a31983 * sign.c (sign_file): When signing with multiple DSA keys, one being DSA1 and one being DSA2 and encrypting at the same time, if the recipient preferences give a hash that can work with the DSA2 key, then allow the DSA1 key to be promoted rather than giving up and using hash_for().
new cb117d7 * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): Pass a union for preference hints rather than doing void * games.
new d91c7a0 i18n fix
new 0437662 * rsa.c (generate): Use e=65537 for new RSA keys.
new 5c82303 Updated.
new 975da08 * configure.ac: Fix resolver autoconf code so it works (fails) properly with uClibc.
new b196836 * tar-ustar.m4: Pass tar data through strings so that greps that don't grep in binary files (Solaris) can detect the string. Noted by Mark Davies.
new ce5ed75 * tar-ustar.m4: Not all greps know the -q (quiet) flag, so redirect to /dev/null instead.
new 0b5bc30 * tar-ustar.m4: Use dd instead of strings as it's more likely to be around. Suggested by Nelson H. F. Beebe.
new 5476afe * gpgkeys_ldap.c (printquoted), curl-shim.c (curl_escape): Fix bad encoding of characters > 127. Noted by Nalin Dahyabhai.
new 2dc880a * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, send_key_keyserver): Fix string matching problem when the ascii armored form of the key happens to match "KEY" at the beginning of the line.
new b8b482b * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, send_key_keyserver): Improved version of previous fix. Force match on spaces in string.
new 4fbf91a * http.c (send_request): A zero-length proxy is the same as no proxy at all. Suggested by J. Scott Berg.
new c45f737 * curl-shim.c (curl_easy_perform): Minor cleanup of proxy code.
new ccd5fc4 Fixed memory allocation bug and typos.
new 519435f * Makefile.am: Fix missing include path for gpgkeys_finger (needs the libcurl path, even though it doesn't use libcurl because of ksutil.c:curl_err_to_gpg_err(). Noted by Gilbert Fernandes.
new f19e889 Preparing a release candidate
new bd5aa48 2006-07-29 Marcus Brinkmann <marcus at g10code.de>
new 064a4a6 Fixed bug 479. Not a real good fix but a reliable one which limits possible breakage of other partys of the code.
new fede32e Fix bug 655
new ab1d0ca Preparing 1.4.5
new 21de807 Forgot this one.
new 4053ced MOves trunk to a new branch.
new 39600e7 Post release updates.
new 29f6872 Allow to build w/o curl.
new 61765b2 * gpgkeys_ldap.c (build_attrs), ksutil.c (ks_toupper, ks_strcasecmp), ksutil.h: Remove the need for strcasecmp as the field tags are always lowercase.
new b17fcc5 Put in the basic wiring (just hextobyte for now) for a libcompat.a that can contain replacement files that can be linked to keyserver helpers without bringing in the whole libutil.a. libutil.a contains a complete copy of libcompat.a so we only need to link to one of them.
new 6f32b4e Move strsep() and ascii_isspace() to libcompat.
new da5efeb Add compat.h to distfiles
new 7925e74 fix for bug 537 and documentation fixes.
new 598787a Fixed bug 518
new 4739851 * strsep.c (strsep): It's strsep, not strsep2 from testing. (If I had a dollar for every time I've done that...)
new 6174275 * keyserver.c (keyserver_spawn): Write the 16-digit keyid rather than whatever key selector the user used on the command line.
new 4e07a84 * parse-packet.c (parse_symkeyenc): Show the unpacked as well as the packed s2k iteration count.
new 9e9214b * gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see HTML coming back from a MR hkp query.
new 31cf397 New command --gpgconf-test.
new 1b41117 * gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change. Key-not-found still has a HTML response.
new d46be5e * configure.ac: --enable-minimal leaves out gettext and all resolver functions (SRV, PKA, & CERT).
new 55df654 Missing changelog entry
new e1829a3 * openfile.c (ask_outfile_name): Fixed buffer overflow occurring if make_printable_string returns a longer string. Fixes bug 728.
new 29f48b5 Preparing an RC
new e0cd2d3 * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add --passphrase-repeat option to control how many times gpg will re-prompt for a passphrase to ensure the user has typed it correctly. Defaults to 1.
new 69f73dd * NEWS: Note the CVE for bug#728, --s2k-count, --passphrase-repeat, and the OpenSSL exception.
new 928db7d * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be present when searching by keyID.
new cfa0b50 * keyedit.c (menu_clean): Show "already minimized" rather than "already clean" when a minimized key is minimized again. From Dirk Traulsen.
new ede66f6 * ksutil.c (classify_ks_search): Try and recognize a key ID even without the 0x prefix. This isn't exact (it's possible that a user ID string happens to be 8 or 16 digits of hex), but it's extremely unlikely. Plus GPG itself makes the same assumption.
new 6862964 Changing the way man pages are build.
new d8ff670 Preparing a release
new 818f65f Post release updates
new abfdbea / * configure.ac: Remove GNUPG_DATADIR for non-W32 systems. g10/ * Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR. * openfile.c (copy_options_file): Use log_info and not log_error to avoid error returns in case of a missing skeleton file.
new d382fec * configure.ac: AM_CONDITIONAL must not be used inside an if/then.
new 9f433cc Removed the use of g10defs.h. This required some code cleanups and the introduction of a few accessor ducntions in mpi.
new e810efc Removed references to removed g10defs.h file.
new db8b112 distribute gnupg1.info. Fixes bug#740.
new ea53979 * Makefile.am: Install options.skel via dist_pkgdata_DATA so that "make uninstall" works properly.
new 60044dd Fix bug#739 (proxy/shutdown)
new 68ea16c * options.skel: Tweak some examples to match reality and update the RFC for CERT now that it is out of draft.
new 6a0d191 * configure.ac: Only check for libusb if we're building with card support. Noted by Gilles Espinasse.
new 9a1d79f Installed revised translation.
new 9e4a507 * parse-packet.c (read_protected_v3_mpi): Make sure to stop reading even for corrupted packets. * keygen.c (generate_user_id): Need to allocate one byte more. Reported by Felix von Leitner.
new a15b16a * gpgkeys_hkp.c (send_key): Allow GPG to send any armored key line length without problems. Reported by Felix von Leitner.
new e5f521d * config.links: powerpc64* needs to come before powerpc* or it will never match. Reported by Alon Bar-Lev for libgcrypt, but relevant here as well.
new 5af8d68 * libcurl.m4: Check for curl_easy_escape() and curl_easy_unescape(). Replace with curl_escape() and curl_unescape() if libcurl doesn't have it.
new b8bd7b6 * curl-shim.h, curl-shim.c, gpgkeys_hkp.c: Rename curl_escape() to curl_easy_escape() to match cURL.
new e2fdff5 * keygen.c (make_backsig, write_direct_sig, write_selfsigs) (write_keybinding): Have the various selfsigs created during key generation use the timestamp of their parent key. This helps avoid leaking information about the performance of the machine where the keys were generated. Noted by Christian Danner.
new efef00a * main.h, keygen.c (ask_expiredate), keyedit.c (menu_expire): Remove the need for ask_expiredate().
new 5b34e02 * sign.c (write_plaintext_packet): Take timestamp from outside. Change all callers. (sign_file, clearsign_file, sign_symencrypt_file): Calculate one timestamp for the whole transaction. Different timestamps for each step can leak performance information.
new 9f3af9e * keyedit.c (sign_uids): Another multiple to single timestamp operation.
new ef9e1b5 * keygen.c (do_generate_keypair, proc_parameter_file, generate_keypair, generate_subkeypair): Pass a timestamp through to all the gen_xxx functions.
new 67c18b8 * ttyio.c (do_get): Assume that anything read from the user without echoing to the screen is sensitive and put it in secure memory. Suggested by Benjamin Bennett.
new ef8f2e2 * main.h, keygen.c (ask_expire_interval, parse_expire_string): Pass in the time to use to calculate the expiration offset, rather than querying it internally. Change all callers.
new e0dbc52 Missed one caller.
new b4f553c Fix for Debian bug 402592
new f6e12f4 * http.c (do_parse_uri): Remove the hkp port 11371 detection. We implement hkp in the keyserver handler, and the support here makes it appear like a bad hkp request actually succeeded.
new 1475939 * gpgkeys_ldap.c (send_key): Missing a free().
new 22be39d * secmem.c (ptr_into_pool_p): New. (m_is_secure): Implement in terms of above. Also check that the pool has been initialized.
new 6b086c1 * parse-packet.c (parse_signature): It's hex.
new 958c2a6 [W32] Make use of the LANGUAGE envvar.
new b87b1c9 Updated
new 7cb81bb Preparing 1.4.7
new 2a3946e Post release update
new 57591eb * keyedit.c (keyedit_menu): If we modify the keyblock (via fix_keyblock() or collapse_uids()) make sure we reprocess the keyblock so the flags are correct. Noted by Robin H. Johnson.
new 7b3e35a Add extra fflush (stdout)
new 7a81947 * gpgkeys_curl.c (main): Use curl_version_info to verify that the protocol we're about to use is actually available.
new 994ab24 * keyserver.c: Windows Vista doesn't grok X_OK and so fails access() tests. Previous versions interpreted X_OK as F_OK anyway, so we'll just use F_OK directly.
new 28c7223 * parse-packet.c (parse_marker): New. Enforce that the marker contains 'P', 'G', 'P', and nothing but. (parse): Call it here. (skip_packet): No longer need to handle marker packets here.
new c472952 * configure.ac: QNX puts resolver functions in libsocket. From Sean Boudreau.
new 0b677ba * argparse.c (default_strusage): Copyright 2007.
new 3a2e31f Use sysconf() when possible as not all platforms have getpagesize().
new eec94ac Don't build shmtest unless we have shm.
new d54ee32 util/ * secmem.c (init_pool): Avoid assigning a negative value to a size_t. ./ * acinclude.m4: Fix last change. Make test self-conatined by checking for sysconf and getpagesize. Remove indentation for the sake of broken C-89 cpps.
new ebdcac8 * gpg.c, pkclist.c: #include <strings.h> for strcasecmp if it is present. Note that autoconf protects us against a strings.h that cannot be used together with string.h.
new 20af3fe Move some ascii_foo functions to libcompat
new e7c72cc * gpgkeys_curl.c, gpgkeys_ldap.c, gpgkeys_hkp.c, ksutil.c: Rename all str(n)casecmp to ascii_str(n)casecmp. We want the locale-independent ones here.
new 1fc3e4a * gpgkeys_hkp.c (main): Show curl or fake-curl version string.
new 2e81dd1 * packet.h, mainproc.c (reset_literals_seen): New function to reset the literals count.
new ddfaad2 * conventional.test, encrypt.test, encrypt-dsa.test, conventional-mdc.test: Fix some broken tests that were only testing 3DES instead of all available ciphers.
new 1b48876 * defs.inc (all_cipher_algos): New function to return all ciphers we support. This is safer than the previous setup which could hide that some ciphers weren't being tested. Plus, this automatically tests any new ciphers we may add.
new 15e9a73 * sign.c (mk_notation_policy_etc): expect all sigs that this is called for are >=v4. (write_signature_packets, make_keysig_packet): Only call it for >=v4 sigs. This allows --force-v3-sigs and --force-v4-certs to enable or disable notations, policies, and keyserver URLs. This is bug#800.
new 7cf79c1 Add Camellia. Do not enable this if you are not doing interop testing. It is not (yet) legal OpenPGP, is not interop tested yet (obviously), and it's a great way to lose your data. Just don't do it.
new 0a42be5 * mk-w32-dist: Remove underline markup from man pages. Reported by Dirk Traulsen.
new de50a5a * encode.c (encode_crypt): Missed one call to setup_plaintext_name(). This is bug#809.
new 3be2eb4 * configure.ac: AM_PROG_CC_C_O is desired by automake 1.10 to do per-target builds (like we do in the keyserver dir), but exists in the currently-used 1.9.3 as well.
new 66c5c46 Add an extra warning for Camellia. Minor W32 fix Address change.
new d26739a * armor.c (is_armor_tag): New. Detect if an armor header matches 2440bis-21. (parse_header_line): Call it here, as bis-21 requires warning the user (but continuing to process the message) when seeing an unknown header.
new ab20b58 * defs.inc (all_hash_algos): See "all_cipher_algos", below.
new 2aa4975 * configure.ac: It seems that AM_GNU_GETTEXT doesn't like being run conditionally and it confuses the includes when doing later type checks. This is bug#810.
new 14d6d2c * armor.c (parse_header_line): Improve test so that the header test only allows "Hash" in the signed data section.
new 3b9eca6 * gpg.c (main): Fix typo. Noted by John Clizbe.
new 73f9238 * ldap.m4: If we don't find ldap or winldap, try for mozldap.
new 8898e86 * gpgkeys_ldap.c (search_key, main): Fix bug where searching for foo bar (no quotes) on the command line resulted in searching for "foo\2Abar" due to LDAP quoting. The proper search is "foo*bar".
new 3349267 * gpgkeys_ldap.c: Fix build warning with mozldap.
new 43f18c4 * gpgkeys_ldap.c (main): Fix bug in setting up whether to verify peer SSL cert. This used to work with older OpenLDAP, but is now more strictly handled.
new 587104a * ldap.m4: Revert the mozldap change: mozldap has some significant differences around TLS compared to OpenLDAP, and will segfault (!) if the NSS library is not initialized first. Nothing impossible to do, but I think I'll wait until someone actually asks us for mozldap support.
new d1a1331 Improved detection of ketrings specified several times.
new 8bc8b9d * import.c (collapse_uids): Significant speedup for de-duping user IDs.
new a5ca9e6 * configure.ac: Change various help messages to use AC_HELP_STRING.
new 1ce1322 * options.h, gpg.c (main), misc.c (compliance_option_string): Add --rfc4880, and make --openpgp an alias to it. --rfc2440 now stands alone. For now, use the old 2440 defaults for 4880.
new f3abec2 * misc.c (compliance_option_string, compliance_failure): Minor cleanup.
new b550330 * gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by default. Enable --require-cross-certification by default. --openpgp (--rfc4880) is the same as --rfc2440 except with "--enable-dsa2 --no-rfc2440-text --escape-from-lines".
new 960ac80 * gpg.c (main): Add --require-cross-certification to --openpgp/--rfc4880 mode.
new 9a2a818 Switched to GPLv3. Updated gettext.
new e5a8a24 * gpg.texi: Update from gnupg-2.
new bf06de9 * README: Update notes about OSX Leopard.
new 05c32b9 * keyserver.c (keyserver_spawn): Cosmetic, but looks cleaner.
new a426c89 * parse-packet.c (parse_onepass_sig): Sigclass is hex, so include the 0x.
new 14296f3 * status.c (do_get_from_fd, do_shm_get): s/bool/getbool/ to overcome problems with Mac OS 10.5 which seems to include stdbool.h silently.
new ba966ac Preparing a release candidate
new c567b2b Post release update
new d9bf929 * NEWS: Say a bit more about RFC-4880. Note some defaults changing.
new e60684e Grammar fix
new c756a49 * gpg.c (print_algo_names): New. (list_config): Use it here for the "ciphername" and "digestname" config items so we can get a script-parseable list of the names.
new ccf5233 * defs.inc: Use new --list-config method to get cipher and digest names.
new 154407f * sha256.c (sha224_get_info): 4880 has an error in the SHA-224 OID and we inherited it. Fixing.
new a92fa61 * sig-check.c (do_check): Code to try both the incorrect and correct SHA-224 DER prefixes when verifying a signature. See the change itself for more discussion.
new bc15e25 Add 128-bit variant of Camellia.
new aa9aec7 Comment typ fixes. Workaround for bad translations of the capability menu.
new 0e927e3 Fixed auto generation of the key stub. Fixed bug 851. Allow decryption using type 20 Elgamal keys.
new 7d67e4a Allow decryption using type 20 Elgamal keys.
new a45ad0e Allow decryption using type 20 key.
new 2e7eadb * trustdb.c (sanitize_regexp): New. Protect against dangerous regexps (malloc bombs) by force-commenting any characters aside from the ones we explicitly want. (check_regexp): Use it here before passing the regexp to regcomp().
new 81685cc Updated ZH po file. Allow de/encryption using legacy type 20 keys. Updated config.{sub,guess}
new 556cb2d Type fixes and @samp{} fix. From gnupg-2.
new 69bdef8 * NEWS: Note SHA-224 typo.
new 3a90027 Preparing a release candidate
new 6e8bb4d Fixed a regression in gpg_dermor.
new f717f96 Fixd a W32 problems with ldaps.
new 4c39fb5 * Makefile.am: Fix compile error when libcurl is in a nonstandard location.
new 064d364 Preparing a release
new e008f81 Typo fix
new 6313f3d Update
new 8003935 Add card vendor 004.
new 36ffb72 2008-02-09 Marcus Brinkmann <marcus at g10code.de>
new dbc73b3 * configure.ac: Post-release update.
new 3f4fb20 * argparse.c (default_strusage): Update copyright date.
new fc41626 * configure.ac: Darwin's /bin/sh has a builtin echo that doesn't understand '-n'. Use tr to trim the carriage return instead.
new a614eab * parse-packet.c (parse_key): Parse a secret key encrypted with Camellia.
new 537cada Improved AES performance.
new 766cc26 * import.c (collapse_uids): Fix bug 894: possible memory corruption around deduplication of user IDs.
new 3886468 Change default keyserver.
new 2c045c4 Powerpc64 fix.
new 5125969 Fix email address
new d5d895a Fixed URL.
new 46e98d9 prepare a release.
new c01847c Post release version number bump.
new caac36c add comment. Minor update of zh_TW.
new 7a8c24a * configure.ac: Require curl 7.10 (Oct 1 2002) or later as we use curl_version_info().
new 6760519 Fix rendering of @samp.
new ec9309b Yet another minor yat2m fix.
new 9fbb6f4 * getkey.c (merge_selfsigs_subkey): If there are multiple 0x19 backsigs, take the most recent one.
new b9cbb0a * curl-shim.c (curl_easy_setopt): Minor tweak to match the real curl better - libcurl uses 'long', not 'unsigned int'.
new 0627876 * gpgkeys_curl.c (main), gpgkeys_hkp.c (main): Make sure all libcurl number options are passed as long.
new 18f6e7e Add Camellia-192.
new e850b7f Ignore gpg2 introduced keywords for --auto-key-locate. Minor W32 installer fix.
new 0eceba4 * gpg-zip.1: Add man page thanks to Colin Tuckley and Daniel Leidert.
new a4d40e6 Translation fixes.
new 96e1c57 Typo fix by Ludwig Hügelschäfer.
new d952705 Revert that last stupid setuid detection fix.
new ecff4d3 Update.
new 99fb609 Fix !EROFS bug
new 64a47d5 Fix bug #947 (expire time overflow)
new 6ae5af5 Fix possible NULL argument to printf
new 42d887c * configure.ac: Use printf for the most portable SVN version detection.
new 9855a6b * keyserver.c (keyserver_import_cert): Allow keyserver URLs in addition to full URLs in CERT records.
new 564436a * Makefile.am: Use $(CC) instead of "cc" to compile, as the user might be overriding the compiler.
new d6c59f3 * pkclist.c (select_algo_from_prefs): Redo function to rank prefs and pick a consensus winner across all keys.
new 85a3b11 * keyedit.c (keyedit_menu): Fix bug where a modified keyring loses its modified status after a "clean" or "minimize" that doesn't need to do anything.
new a9c2808 fix bug #922
new 0042cda * main.h, mainproc.c (check_sig_and_print), keylist.c (list_keyblock_print), pkclist.c (do_edit_ownertrust), keyedit.c (menu_showphoto), photoid.c (generate_photo_id, show_photos), misc.c (pct_expando): Add %v and %V expandos so that displaying photo IDs can show the attribute validity tag (%v) and string (%V). Originally by Daniel Gillmor.
new 5671409 * configure.ac, acinclude.m4: Remove GNUPG_CHECK_DOCBOOK_TO_TEXI as we no longer use it. Noted by John Clizbe.
new 9e0919f * curl-shim.h (curl_version): No need to provide a version for curl-shim as it always matches the GnuPG version.
new 9d76ee5 * trustdb.c (validate_one_keyblock): Fix the trust signature calculations so that we lower the trust depth of signatures to fit within the current chain, rather than discarding any signature that does not fit within the trust depth.
new 5452f53 Make --version close to GNU standards.
new b3ac834 * curl-shim.h, gpgkeys_curl.c, gpgkeys_hkp.c (main): Always show curl version (even for curl-shim).
new 0ad3411 Check algo usage.
new 09176a7 Close message digest; fixes memory leak.
new 7fd2425 Change SIG_ID computation to m
new 3bd834c Change the SIG_ID computation to match 2.0.10.
new 3aa63ab * gpg.c (main): Properly handle UTF8 usernames with --sign-key and --lsign-key.
new fe57cdc * gpgkeys_hkp.c (send_key, get_key, get_name, search_key, main): Add support for SSLized HKP.
new e532a4e * keyserver.c (keyserver_typemap): gpgkeys_hkp handles hkps as well.
new c092f02 Fix bug 998.
new 81723b3 * Makefile.am, http.c (start_server): Minor tweaks to get http-test compiling again.
new f801e0f * http.c (do_parse_uri): Properly handle IPv6 literal addresses as per RFC-2732. Adapted from patch by Phil Pennock.
new a2fc01a * gpgv.c (strusage): Fix name of program in "Syntax" line.
new da66b1d * iobuf.c (fd_cache_synchronize): New. fsync() a file in cache. (iobuf_ioctl): Called here, for ioctl 4. (fd_cache_invalidate): Pass return code from close() back to iobuf_ioctl().
new 79f31e8 * keyring.c (rename_tmp_file): Force a fsync (via iobuf_ioctl) on secret keyring files to be extra safe on filesystems that may not sync data and metadata together (ext4). Also check return code from the cache invalidation to make sure we're safe over NFS and similar.
new c641585 * gpgkeys_hkp.c (main): Switch default port for SSLized HKP to 443 (i.e. the regular https port).
new 0f8b0fc * Makefile.am: Make srv.c part of libcompat instead of libutil.
new a5b708b * http.c (connect_server): free (rather than xfree) the result of getsrv().
new a929f4c * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): Add a CURLOPT_SRVTAG_GPG_HACK (passed through the the http engine).
new 9b6deed Better error message for a missing keyring. Fixes Debian#494040.
new 2933e3d * srv.h: Move to include/srv.h.
new a1ec716 Distribute srv.h
new ee9edfe * gpgkeys_hkp.c (srv_replace): New function to transform a SRV hostname to a real hostname. (main): Call it from here for the HAVE_LIBCURL case (without libcurl is handled via the curl-shim).
new 7c57091 * gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather than the ugly ?from= syntax.
new a4fd679 Fix bug#931. Silent a compiler warning.
new 631a0de Backport of Creation-Date parameter for unattended key generation.
new 418e61a Improve dotlocking. Implement locking for W32.
new 23ad4bd Fix for bug#1034.
new 7509904 Print 'empty file' warning only with --verbose.
new bc0202a Fix bug 1045.
new 4694c1a Fix bug 1045
new d72349b Fix bug#1044.
new 0bbe6ed Fixed bug1058.
new e8436d5 Avoid caches to get the most recent copy of the key. This is bug #1061
new 0f993bb * gpgkeys_hkp.c (srv_replace): Fix build warning.
new 851ecc6 Fix bug#1069.
new 58a0c9e Add stub function. Noted by Daniel Leidert.
new 4843e6c Remove Camellia restriction.
new e9a1d6d * Makefile.am (gpgkeys_hkp_LDADD): Need DNSLIBS for the resolver now that we're using SRVs.
new 275ad3f Fix bug#1040.
new 9c5313a Update
new 64f24da Fix a couple of minor bugs.
new 4401184 * gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the DNS-SD names ("pgpkey-http" and "pgpkey-https") in SRV lookups instead of "hkp" and "hkps".
new bdc004b fix bug#1085.
new 81d7fbc Fix bug#1087.
new b478389 Repalce an assert by a proper error message.
new 3459c6b First set of changes to backport the new card code from 2.0. For compatibility reasons a few new files had to be added. Also added estream-printf as this is now used in app-openpgp.c and provides a better and generic asprintf implementation than the hack we used for the W32 code in ttyio.c. Card code is not yet finished.
new 6d755a8 Parse EXTCAP lines from the card. Change messages for a corrupt trustdb.
new 63fb9d2 * srv.c (getsrv): Fix type-punning warning. (main): Allow testing any SRV.
new 91df5cb * keyserver.c (keyserver_import_ldap): Try a DNS-SD lookup to find a domain-specific LDAP server before resorting to keys.{domain}.
new 930e910 Update key generation menu to match gnupg 2.0. Changes default preferences and key algorithms.
new 3f95e31 * gpg.c (main): --pgp6 includes --disable-mdc.
new b8805ca
new 00310b1 Try and detect mis-coded Latin1 and convert it to UTF8. Whether the heuristics succeed or not, the resulting string must be valid UTF8 as LDAP requires that. This is bug 1055.
new 1e1b57a Preparing for a release candidate
new 22039bf * NEWS: Note Camellia and hkps.
new 8bab24e Updated the German translation. Minor doc changes.
new f099e41 Makefile tweak and de.po line number update
new 47d1314 Update doc. This time also the included files.
new e5a5b81 Fix two bugs
new f52ef6d * miscutil.c (print_string2): Loose check for control characters to better cope with utf-8. The range 0x80..0x9f is nowadays not anymore accidently used for control charaters. Fixes bug#1103.
new f5f0171 Fix compiler size warning for debug output
new 20fe42d Restructured the compat functions and changed its license. New fucntion xstrconcat for future use.
new 4fcae65 Fix debian bug#543530
new d890215 Preparing 1.4.10.
new 5f9caad Last minute fixes
new 1373552 Update line numbers - arghhh
new fb69c59 Post release version number bump
new 2136c45 Update from Jedi
new 91272a5 Update zH_TW and check for stdint.h
new 7956620 Fix a W32 problem
new 999f8a3 Make it easier to distribute bzip2
new 378b313 Fix bug#1138.
new 6cb6c76 Remove sparc64 asm modules
new 03c414b fix bug#1162.
new a929b77 minor changes for VMS
new 18392e8 Fix bug#1059 (missing status line signature verification done with a subkey while on the main key has expired).
new 4ac7cb0 Fix some spelling errors. Fixes bug#1127.
new eced7d3 Fix bug#1183
new 0f91985 Change menu prompts.
new f0ba580 Fix bug reporting address.
new 9529d72 Fix bug 1186
new 5bcd4f6 * plaintext.c (handle_plaintext): Make sure that the stdout flush succeeded, so we can't lose data when using gpg in a pipeline. Fixes bug #1207.
new b0a357a Force SHA1 only for v1 cards
new 57528d3 Fix for bug 1223
new 198c5c5 Fix bug 1179
new 9017b84 Ignore some GnuPG-2 only options.
new c253383 Fix bug 1231. Minor doc improvement.
new 5474061 Backport bug fix. Fixes bug#1240.
new b8d2740 support more hash algorithms to support the v2 card
new 690dc98 Minor fixes
new e56269e .
new a1fc3a5 Preparing a release candidate
new 9921fb3 "make distcheck" fix
new aa29ba1 Minor changes to help the VMS port
new 6764837 The rest of the VMS changes.
new 7f07a1b * options.skel: Make the example for force-v3-sigs match reality (it has defaulted to off since 2007-10-22).
new 5b99bbc Remove FAQ stuff
new 41f5b0a VMS fixes
new 27193bb Prepare for 1.4.11
new 05febd5 Add a minor feature for w32.
new 3106aff Post release updates
new 012e7ce Two little updates
new 72ef16b * armor.test: Tweak the bug 1179 test to only run if Twofish is included in the program. The sample message requires Twofish.
new 397f9cd Remove warnings on VMS
new f7ab9d6 mips fixes
new a6b4750 Detect unsigned time_t and adjust y2038 detection.
new d89e59b * pkclist.c (select_algo_from_prefs): Make sure the scores can't overflow when picking an algorithm (not a security issue since we can't pick something not present in all preference lists, but we might pick something that isn't scored first choice).
new 79019ee * pkclist.c (select_algo_from_prefs): Slightly improve the handling of MD5 in preference lists. Instead of replacing MD5 with SHA-1, just remove MD5 from the list altogether, and let the next-highest ranked algorithm be chosen.
new 933adc0 * gpg.c (main): Do not provide a default for --personal-digest-preferences. This allows the usual digest selection algorithm to pick a digest based on recipient keys.
new 36366da Revert last two changes and replace by code from libgcrypt 1.4.6.
new 3d668e0 Support a git revision number
new 75d62be Update gpg-zip.1 (bug#1317)
new d0a9b8a Don't link gpgv with libreadline
new fc1680a * photoid.c (generate_photo_id): Check for the JPEG magic numbers instead of JFIF since some programs generate an EXIF header first. This is issue 1331.
new 04b0b05 Add pubkey letters e and E for ECC.
new 6daa9db Allow building for ARM thumb. Fixes bug#1202.
new 4fb59b1 Print the decoded iteration count witn --list-packets.
new c156a63 Fix bug#1307
new cc6ddd1 Fixed some autoconf bit rot.
new 0ad1458 Fix aliasing problem.
new a95143e Removed some set but unused vars.
new 43c7d1c On VMS use --batch by default if in batch mode.
new 76b73ca Rename all ChangeLog files to ChangeLog-2011.
new 120b0ce Generate the ChangeLog from commit logs.
new 6fe25e5 Use the longest key ID available when talking to a HKP server.
new b5b6cb5 Update gitlog-to-changelog.
new 667ba59 Use gcc pragmas to suppress some warnings.
new dccdcef Update copyright years.
new b9333cd Replace file locking by the new portable dotlock code.
new 9b2a98e Allow use of a standard space separated fingerprint.
new 174d2f8 Refresh sample keys
new cb8ebf7 Distribute dotlock.h
new f310735 Changes to --min-cert-level should cause a trustdb rebuild (issue 1366)
new 16c90b2 Typo fixes and comment re-formatting.
new 02f2823 gpg: Remove unused fields from a trust data structure.
new 3a22b62 Allow building with the 32 bit mingw-w64 toolchain.
new 1575678 Include bzip2 code to ease building for W32.
new cfb193a Add a DECRYPTION_INFO status.
new 81839d2 Automate W32 installer building.
new 9b16cd0 w32: Allow passing a relative name for the tarball
new eb1c9a4 w32: Always build with -fno-omit-frame-pointer.
new 561d898 Merge branch 'STABLE-BRANCH-1-4' of git+ssh://playfair.gnupg.org/git/gnupg into STABLE-BRANCH-1-4
new 51c1e84 Do not copy default merge commit log entries into the ChangeLog.
new 86a32a4 Fix typos in comments.
new b99e77d Require gitlog-to-changelog to be installed.
new 422774a Update documentation.
new a698eab Update sample keys.
new e792d82 Update GNU helper files.
new 88d8ca2 Add Ukrainian translation.
new 674e42d Auto update of uk.po
new 3165b5c Fix ChangeLog creation rule.
new 75b347a Release 1.4.12
new 509fe4c Honor --cert-digest-algo when recreating a cert.
new 7a852fb With --quiet do not print reading passphrase from fd message.
new bc317df Keep previous msgids of translated messages
new e393ae3 Actually show translators comments in PO files
new a76efe1 Fix typos spotted during translations
new fadb3ca Update French translation.
new a1856e7 Update translations to adjust for typo fixes
new bb4df02 autogen.sh: Do not use -c with chmod.
new 5093bed Fix extern inline use for gcc > 4.3 in c99 mode
new 6209066 Indent nested cpp directives for better readability.
new 6a41f38 Handle systems which have uint64_t but not the UINT64_C macro.
new a74f05c Remove trailing white space from one file
new b1abc01 Improve handling of random_seed read errors.
new c3a5448 Fix usage of dlerror to conform to POSIX.
new b1eac93 Support the not anymore patented IDEA cipher algorithm.
new 64e7c23 Create off-line card encryption key with the right size.
new e3e5406 de.po: Grammar fix
new 95347cf tests: Skip secret key import check in SELinux mode
new d42dcbf The keyserver search menu should honor --keyid-format
new 3ab2720 Refresh sample keys
new e71dbf2 Fix mksamplekeys awk to not leave out the whitespace altogether
new 09dd073 Card: Fix the process of writing key or generating key.
new 0fee571 Support NetBSD m68K ELF targets
new 4032aa8 gettext: Upgrade to version 0.18
new e9385a6 Workaround for a gettext problem during "make distcheck".
new eb541e3 Update README and po files for a release
new e33e74e Fix potential heap corruption in "gpg -v --version"
new 8044a5a Add meta option ignore-invalid-option.
new 80cd8f1 State that disclaimers are not anymore needed for translations.
new 3a51d50 .gitignore: Add cruft from other branches.
new f2f12f4 Fix issue 1446: honor ports given in SRV responses.
new 5800434 Fix last commit
new 550983f Adjust to GNU coding standards
new 3d56d48 Remove trailing white space from some files
new 6c3a76c Part of issue 1447: Pass proper Host header when SRV is used.
new 5c557a5 Issue 1447: Pass proper Host header and SNI when SRV is used with curl.
new f795a0d Import only packets which are allowed in a keyblock.
new 3a4b96e gpg: Suppress "public key already present" in quiet mode.
new 3cccf09 po: Update zh_TW.po.
new f464a3d po: Update Danish translation.
new cb5f640 Update config.{guess,sub} to version 2012-07-31.
new 65d6da8 Update manuals from master
new 2812ab7 Last fix for the SRV record patches.
new 0bd168b Release 1.4.13.
new faf2174 Post release updates
new ff5cfad Fix honoring --cert-digest-algo when recreating a cert
new 37f1a42 Fix idea.c for big endian CPUs.
new b4d4acf Automake 1.13 compatibility fix.
new 1edc1b3 Fix DNS check for recent OS X releases
new ca0b94d Emulate curl_easy_getinfo and CURLINFO_RESPONSE_CODE in curl-shim.
new 6f0ec6a Differentiate between success (full or partial), not-found, and failure.
new 212a325 gpg: signal handling fix
new f61d8fa gpg: fix previous change
new fd86f30 Fix git revision parsing.
new 3564668 Mitigate a flush+reload cache attack on RSA secret exponents.
new 801803a Prepare for a forthcoming new algorithm id.
new 439999d Update to modern beta release numbering scheme.
new beb6a51 Update Chinese translation.
new a0ee4fc Autoupdate a translation.
new fb5c9de Release 1.4.14.
new 6f634b0 Post release updates.
new a1a59e6 gpg: No need to create a trustdb when encrypting with --always-trust.
new 6ed7056 gpg: Use 2048 as the default keysize in batch mode.
new 45efde9 mpicalc: Change copyright notice.
new 9dc6dd0 Fix bug in mpi_tdiv_q_2exp.
new d90a1d2 gpg: Fix bug with deeply nested compressed packets.
new f10b184 gpg: Limit the nesting level of I/O filters.
new 69088ac keyserver: Allow use of cURL's default CA store.
new 27d0f32 gpg: Distinguish between missing and cleared key flags.
new fe0fb5e gpg: Allow setting of all zero key flags
new d74dd36 gpg: Protect against rogue keyservers sending secret keys.
new 4a06d9a gpg: Print a "not found" message for an unknown key in --key-edit.
new f5c32bd doc: Update from master.
new ffa1ef4 po: Autoupdate due to changed order of strings.
new 8707657 Release 1.4.15
new 0a10f1f Post release updates.
new 2528178 gpg: Do not require a trustdb with --always-trust.
new 9d89564 mpi: Fix syntax error for mips64 and gcc < 4.4
new 0bdf121 Print the keyid for key packets with --list-packets.
new cad8216 mpi: mpi-pow improvements
new b135372 gpg: Change armor Version header to emit only the major version.
new 93a96e3 Use blinding for the RSA secret operation.
new d0d72d9 Normalize the MPIs used as input to secret key functions.
new 9b51632 Prepare for newer automakes which default to parallel tests.
new 4466fdb Update config.{guess,sub} and some copyright notices.
new fa3f555 Change --show-session-key to print the session key earlier.
new 7cdb86e Release 1.4.16
new 9df639b Post release version number bump.
new 24ba0ce Support building using the latest mingw-w64 toolchain.
new 23191d7 gpg: Need to init the trustdb for import.
new 11fdfcf gpg: Avoid infinite loop in uncompressing garbled packets.
new e28cbdc doc: Remove outdated Russian man page.
new 4239780 gpg: Use more specific reason codes for INV_RECP.
new 60bd648 PC/SC cleanup.
new bb4d5c2 intl: Fix for uClibc.
new ab644b1 w32: Fix typo in README.W32.
new 01bd055 Remove useless diagnostic in MDC verification.
new 8eab483 Print hash algorithm in sig records
new 5230304 Screen keyserver responses.
new 0d0961c Fix syntax error introduced with 60bd6488
new bfc7893 doc: Update from master.
new 8d5f493 po: Auto-update
new 297f2ac Release 1.4.17
new ba50a00 Post release changes.
new 574b9ed Add CVE number
new 955524f Make screening of keyserver result work with multi-key commands.
new aae7ec5 Limit keysize for unattended key generation to useful values.
new 6a7b763 Release 1.4.18
new c05918c Post release updates
new dcf58b3 Add kbnode_t for easier backporting.
new d585527 gpg: Fix regression due to the keyserver import filter.
new 45e3b81 gpg: Allow compressed data with algorithm 0.
new ecf2728 Fix strict-alias warnings for rijndael.c
new b89f57f mpi: Suppress set-but-unused-variables warnings.
new cd53cdb mpi: Improve mpi_invm to detect bad input.
new ad30b2a Allow use of --debug-level=LEVEL without '='.
new 3209f27 doc: Final update from master (gnupg 2.1)
new 2889a70 doc: Cleanup gpg.texi.
new 534e287 gpg: Add build and runtime support for larger RSA keys
new f681235 mpi: Fix compiler warning.
new 65c05f5 doc: Minor fix
new 42d2474 gpg: Add import option "keep-ownertrust".
new fbb5086 gpg: Make the use of "--verify FILE" for detached sigs harder.
new 69767cc gpg: Fix a NULL-deref for invalid input data.
new 2b48094 gpg: Fix off-by-one read in the attribute subpacket parser.
new 2d35968 gpg: Fix use of uninit.value in listing sig subpkts.
new c935c73 doc: Do not install gnupg.7
new da66ad5 gpg: release DEK soon after its use.
new 3ca1f40 scd: fix get_public_key for OpenPGPcard v1.0.
new c83e250 scd: Fix possibly inhibited checkpin of the admin pin.
new aab2828 gpg: Fix possible read of unallocated memory
new e2e822d doc: Fix memory leak in yat2m.
new e7cbce8 avoid future chance of using uninitialized memory
new ed6287d doc: Formatting fixes.
new 8adb5ff Fix a problem with select and high fds.
new 592e1aa Modernize to automake 1.14.
new 397987c Update automake helper files.
new ff53cf0 Use ciphertext blinding for Elgamal decryption.
new 8baf452 gpg: Print a warning if the subkey expiration may not be what you want.
new 20e14e3 gpg: Allow predefined names as answer to the keygen.algo prompt.
new 27d7add gpg: Limit the size of key packets to a sensible value.
new 2e8db53 gpg: Fix a NULL-deref due to empty ring trust packets.
new 68f260f gpg: Fix a NULL-deref in export due to invalid packet lengths.
new 81d3e54 gpg: Prevent an invalid memory read using a garbled keyring.
new 7106165 doc: Change remaining http links to gnupg.org to https
new 57af33d Use inline functions to convert buffer data to scalars.
new cf8d89b gpg: Print better diagnostics for keyserver operations.
new 2b2f276 curl-shim: clean up varargs
new a35ed8a gpg: Remove an unused variable.
new 6f03218 gpg: Fix segv due to NULL value stored as opaque MPI
new e0c13ad Protect against NULL return of mpi_get_opaque.
new 6186637 doc: Add warning note about not acting as an oracle to --batch.
new 6cbc75e mpi: Avoid data-dependent timing variations in mpi_powm.
new 0d286a1 doc: Fix name of keep-ownertrust.
new d2323ce Allow requesting only an IPGP certtype with dns_cert().
new 2e7a3ed Add convenience function to hash a buffer.
new 484d073 Add new function strconcat.
new 240451a Move two functions from g10/ to util/.
new 52c6c30 Switch to a hash and CERT record based PKA system.
new 8adbf74 po,intl: Update to 0.19.3.
new c43391f Fix for building without DNS support.
new 4986edd Update Chinese (traditional) translation
new d252043 po: Update Italian translation.
new e5b5f50 po: Update Ukrainian translation
new 054b2c1 po: Update Russian translation
new 17a2356 po: Update Polish translation
new d27a477 po: Update Spanish translation
new 0e4a82c po: Update Dutch translation
new bcccd89 po: Update Czech translation
new 9dbfca0 po: Update French translation
new 47c2369 po: Update German translation
new 7b3ed1a po: Auto-update
new bcf44e2 Release 1.4.19.
new 2cb21b2 Merge tag 'gnupg-1.4.19' into upstream
new eb645a5 Post release updates
new f34d883 gpg: Remove left-over debug message.
new 506eb6f gpg: Fix DoS while parsing mangled secret key packets.
new 04667ca g10: fix cmp_public_key and cmp_secret_keys.
new b3fd304 g10: Improve handling of no corresponding public key.
new f3b00d8 g10: detects public key encryption packet error properly.
new 6f992d9 g10: Fix a race condition initially creating trustdb.
new ae38cbb g10: Fix a race condition initially creating trustdb.
new ae61f01 Obsolete option --no-sig-create-check.
new bd6f800 po: Fix Spanish translation
new 9232df2 po: Update Japanese translation.
new 6db18e2 gpg: Silence a compiler warning.
new 8b5cb54 gpg: Avoid cluttering stdout with trustdb info in verbose mode.
new 751b287 Pass DBUS_SESSION_BUS_ADDRESS for gnome3
new fc30a41 gpg: Change default cipher for --symmetric from CAST5 to AES-128.
new 43e5d28 gpg: Reject signatures made with MD5.
new 924518b gpg: Add option --weak-digest to gpg and gpgv.
new 2561aae po: Update Russian translation
new 84fe2e5 po: Update German translation
new 2ef92bb po: Auto-update
new 56daf9b w32: Avoid warning when using newer mingw versions.
new 19549ae Release 1.4.20
new 46141f9 Imported Upstream version 1.4.20
new 09d44bd Merge tag 'upstream/1.4.20'
new 65736d6 fix whitespace and timestamping
new 2f57e2f dropped patches already upstream.
new 9f86d65 new upstream release
The 2779 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
ChangeLog | 112 +
NEWS | 33 +
README | 21 +-
VERSION | 2 +-
checks/options | 1 +
cipher/rsa.c | 13 +-
configure | 20 +-
configure.ac | 2 +-
debian/changelog | 6 +
.../patches/0001-Update-Danish-translation.patch | 16 -
.../0002-gpg-Remove-left-over-debug-message.patch | 23 -
...-while-parsing-mangled-secret-key-packets.patch | 143 -
...10-fix-cmp_public_key-and-cmp_secret_keys.patch | 94 -
...e-handling-of-no-corresponding-public-key.patch | 44 -
...-public-key-encryption-packet-error-prope.patch | 31 -
...-Pass-DBUS_SESSION_BUS_ADDRESS-for-gnome3.patch | 40 -
.../0008-gpg-Silence-a-compiler-warning.patch | 34 -
.../patches/0009-po-Fix-Spanish-translation.patch | 21 -
debian/patches/series | 8 -
debian/upstream/signing-key.asc | 32 +-
doc/gnupg1.info | 164 +-
doc/gpg.texi | 31 +-
doc/gpgv.texi | 8 +
doc/stamp-vti | 8 +-
doc/version.texi | 8 +-
g10/armor.c | 3 -
g10/free-packet.c | 22 +-
g10/getkey.c | 12 +
g10/gpg.c | 24 +-
g10/gpgv.c | 5 +
g10/main.h | 20 +-
g10/mainproc.c | 6 +-
g10/misc.c | 38 +-
g10/options.h | 3 +-
g10/parse-packet.c | 58 +-
g10/passphrase.c | 9 +
g10/sig-check.c | 15 +
g10/sign.c | 9 +-
g10/tdbio.c | 123 +-
g10/trustdb.c | 2 +-
gnupg.spec | 2 +-
mpi/mpi-cmp.c | 16 +
po/be.gmo | Bin 12247 -> 12247 bytes
po/be.po | 588 +--
po/ca.gmo | Bin 74422 -> 74422 bytes
po/ca.po | 589 +--
po/cs.gmo | Bin 145929 -> 145929 bytes
po/cs.po | 590 +--
po/da.gmo | Bin 140894 -> 140894 bytes
po/da.po | 590 +--
po/de.gmo | Bin 150821 -> 151053 bytes
po/de.po | 593 +--
po/el.gmo | Bin 74129 -> 74129 bytes
po/el.po | 589 +--
po/en at boldquot.gmo | Bin 136491 -> 136695 bytes
po/en at boldquot.po | 592 +--
po/en at quot.gmo | Bin 134847 -> 135043 bytes
po/en at quot.po | 592 +--
po/eo.gmo | Bin 53202 -> 53202 bytes
po/eo.po | 588 +--
po/es.gmo | Bin 144853 -> 144849 bytes
po/es.po | 592 +--
po/et.gmo | Bin 69810 -> 69810 bytes
po/et.po | 589 +--
po/fi.gmo | Bin 73436 -> 73436 bytes
po/fi.po | 594 +--
po/fr.gmo | Bin 152742 -> 152742 bytes
po/fr.po | 590 +--
po/gl.gmo | Bin 72589 -> 72589 bytes
po/gl.po | 589 +--
po/gnupg.pot | 590 +--
po/hu.gmo | Bin 72725 -> 72725 bytes
po/hu.po | 589 +--
po/id.gmo | Bin 70883 -> 70883 bytes
po/id.po | 589 +--
po/it.gmo | Bin 144891 -> 144891 bytes
po/it.po | 590 +--
po/ja.gmo | Bin 108597 -> 152946 bytes
po/ja.po | 4017 +++++++++-----------
po/nb.gmo | Bin 89940 -> 89940 bytes
po/nb.po | 590 +--
po/nl.gmo | Bin 151715 -> 151715 bytes
po/nl.po | 590 +--
po/pl.gmo | Bin 146345 -> 146345 bytes
po/pl.po | 590 +--
po/pt.gmo | Bin 64153 -> 64153 bytes
po/pt.po | 588 +--
po/pt_BR.gmo | Bin 37353 -> 37353 bytes
po/pt_BR.po | 588 +--
po/ro.gmo | Bin 144523 -> 144523 bytes
po/ro.po | 590 +--
po/ru.gmo | Bin 182708 -> 183040 bytes
po/ru.po | 600 +--
po/sk.gmo | Bin 71774 -> 71774 bytes
po/sk.po | 589 +--
po/sv.gmo | Bin 139378 -> 139378 bytes
po/sv.po | 592 +--
po/tr.gmo | Bin 129318 -> 129318 bytes
po/tr.po | 590 +--
po/uk.gmo | Bin 192371 -> 192371 bytes
po/uk.po | 590 +--
po/zh_CN.gmo | Bin 131135 -> 131135 bytes
po/zh_CN.po | 590 +--
po/zh_TW.gmo | Bin 135000 -> 135000 bytes
po/zh_TW.po | 590 +--
util/Makefile.in | 4 +-
106 files changed, 11713 insertions(+), 11890 deletions(-)
delete mode 100644 debian/patches/0002-gpg-Remove-left-over-debug-message.patch
delete mode 100644 debian/patches/0003-gpg-Fix-DoS-while-parsing-mangled-secret-key-packets.patch
delete mode 100644 debian/patches/0004-g10-fix-cmp_public_key-and-cmp_secret_keys.patch
delete mode 100644 debian/patches/0005-g10-Improve-handling-of-no-corresponding-public-key.patch
delete mode 100644 debian/patches/0006-g10-detects-public-key-encryption-packet-error-prope.patch
delete mode 100644 debian/patches/0007-Pass-DBUS_SESSION_BUS_ADDRESS-for-gnome3.patch
delete mode 100644 debian/patches/0008-gpg-Silence-a-compiler-warning.patch
delete mode 100644 debian/patches/0009-po-Fix-Spanish-translation.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg.git
More information about the Pkg-gnupg-commit
mailing list