[Pkg-gnupg-commit] [gnupg] annotated tag debian/1.4.20-1 created (now 8524884)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Feb 5 20:45:43 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a change to annotated tag debian/1.4.20-1
in repository gnupg.
at 8524884 (tag)
tagging 9f86d65f6f2c4fd04ac3e76a07dfb214ee47d793 (commit)
replaces debian/1.4.19-6
tagged by Daniel Kahn Gillmor
on Fri Feb 5 15:44:57 2016 -0500
- Log -----------------------------------------------------------------
gnupg Debian release 1.4.20-1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQJ8BAABCgBmBQJWtQnJXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFREIyRTc0RjU2RkNGMkI2NzI5N0I3MzUy
NEVDRkY1QUZGNjgzNzBBAAoJECTs/1r/aDcK518P/1oaF2X2GngubNR/HWavvMVX
50JqKPCLQ1hNfAnfWqf3AzwGQMWV57evCk54aduxa27aa5h3x88g+qIH1vQQkqTp
XZRPc0pnTIQtoLYUiu6vfmGUShGuGxLioO6zL36k+ArmVZcXm0G4M+0jvzzBj7tR
s75OHBS2Ch3m+NvXzEIn9TZNMgqBTuCBjAUhXbiJ4a65G6x3OW6StUOTXMiRwAQI
YlMjEhbPdo8vE4PE9lqxXSjFHsEMzEmmGJ5L05XLe33KNaZZNqXp9qUFb4z8ZyUt
u8BQX4zTTAZY0+VGVP3oEwJolKpfnvxeSdSMoR0coknwa5MLox3m2EVipFHr/Kgw
2b+c1zDSiFmIFF1nphK1vZ89XEfdXI2Dh6VM7tTkyqH3gfIAM8ifkUrWmiPTzbG9
qvKj2x3cE0dnzfmEtfjNGYQcbmLJxaqx6wrYvlLV8X1iYB8YR56IRX5FpJSkGL4q
HAglsjEuOhEX8aHYZOzzaWJibjL/vb+7TA+AO/xSMDbQ9uVSNTvl2wR99XAiwOBG
hlC/RiuBB0kvKTGVCddGEojezbf+XCLW66q3FfQB5hf7VTB1iYr3Iw1HntDVh2Vt
19KBxMGun7h/hc1kbUmXTHdSTk9lnN5GfSZdjTU7gC62Xez4IFP3kuNcXXok0IyO
rPzmudO4p80qMgic3VeF
=TkOk
-----END PGP SIGNATURE-----
Christian Aistleitner (1):
Fix honoring --cert-digest-algo when recreating a cert
Daniel Kahn Gillmor (14):
gpg: Allow setting of all zero key flags
gpg: Add build and runtime support for larger RSA keys
avoid future chance of using uninitialized memory
curl-shim: clean up varargs
gpg: Fix segv due to NULL value stored as opaque MPI
Pass DBUS_SESSION_BUS_ADDRESS for gnome3
gpg: Add option --weak-digest to gpg and gpgv.
added key for NIIBE Yutaka to upstream/signing-key.asc
Merge tag 'gnupg-1.4.19' into upstream
Imported Upstream version 1.4.20
Merge tag 'upstream/1.4.20'
fix whitespace and timestamping
dropped patches already upstream.
new upstream release
David Prévot (4):
Keep previous msgids of translated messages
Actually show translators comments in PO files
Update French translation.
po: Update French translation
David Shaw (1277):
Removed files for CVS reorganization
Update head to match stable 1.0
Update head to match stable 1.0
Update head to match stable 1.0
* packet.h, build-packet.c (build_attribute_subpkt), exec.c (expand_args),
* options.skel: Fix a few typos, clarify "group", and remove sample photo
* gpgkeys_hkp.c (parse_hkp_index): Error if the keyserver returns an
* argparse.c (optfile_parse): Fix variable typo - 'p2' should be 'p' :)
* gpg.sgml: Clarify "group".
* options.h, g10.c (main), keyserver.c (keyserver_refresh): Maintain and
* exec.h, exec.c (set_exec_path, exec_write), g10.c (main): If
* configure.ac: Allow setting USE_EXEC_PATH to lock the exec-path to a
* README: Document --disable-exec, --disable-photo-viewers,
Fix previous ChangeLog commit
* gpgkeys_ldap.c (get_key), gpgkeys_hkp.c (get_key): Display keyserver URI
* configure.ac: --enable-exec-path should be a 'with'. Fix 'no' cases of
* photoid.c (get_default_photo_command, show_photos): Honor
* configure.ac: Add --with-mailprog to override the use of sendmail with
* gpgkeys_mailto.in: Use new OPAQUE tag for non net-path URIs. Fail more
* options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn,
* gpgkeys_ldap.c (send_key, get_key, main): Consult the server version
* keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in a
* keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying "sensitive"
* revoke.c (gen_desig_revoke): Lots more comments about including
* options.h, main.h, export.c (parse_export_options, do_export_stream),
* options.h, main.h, g10.c (main), import.c (parse_import_options,
* sig-check.c (signature_check2): Signatures made by invalid subkeys
* import.c (delete_inv_parts): Discard subkey signatures (0x18 and 0x28)
* import.c (parse_import_options), export.c (parse_export_options): Fix
* configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h
* configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h, as well as a
* Makefile.am: Install keyserver helpers in @GNUPG_LIBEXECDIR@
* options.h, exec.h, exec.c (set_exec_path, exec_write), g10.c (main),
* main.h, import.c (parse_import_options, fix_hkp_corruption, import_one,
These are special i386 files for use on OpenBSD, which (at least until
* config.links: Add special rule for OpenBSD on x86 to use special
* secmem.c: "Warning" -> "WARNING"
* gpgkeys_hkp.c: "Warning" -> "WARNING"
* gnupgbug: "Warning" -> "WARNING"
* random.c: "warning" -> "WARNING"
* exec.c, export.c, import.c, keyedit.c, keyserver.c, misc.c: "Warning" ->
* gpg.sgml: Clarify the differences between "pref" and "showpref". Note in
* keyedit.c (menu_revsig): Change "revsig" to honor selected uids so the
* sig-check.c (do_check): Properly validate v4 sigs with no hashed section
* NEWS: changes since 1.1.90.
* README, configure.ac: --with-exec-path is now clarified into
* options.h, g10.c (main), mainproc.c (proc_encrypted): Return a
* gpg.sgml: Clarify --edit/addrevoker (sensitive), and --keyserver-options
* revoke.c (export_minimal_pk, gen_desig_revoke, gen_revoke): Export a
* gpg.sgml: Clarify that only long-form options can go in the config file.
* encode.c (encode_crypt), g10.c (main), sign.c (sign_file,
* options.h, g10.c (main), mainproc.c (proc_encrypted): --ignore-mdc-error
* configure.ac: If the static IDEA cipher is present, disable dynamic
* keyedit.c (menu_revsig): Properly show a uid is revoked without
* md.c (md_algo_present): New function to check if a given algo is in use
* cipher.h: Add md_algo_present().
* sig-check.c (signature_check2): Sanity check that the md has a context
* tdbio.c (tdbio_set_dbname): Create new trustdbs with user-only
* configure.ac: Add an --enable-tiger.
* Makefile.am, md.c (load_digest_module): Allow switching TIGER on and off
* options.skel: Some language tweaks, and remove the load-extension
* cipher.h: Add AES aliases for RIJNDAEL algo numbers.
* encode.c (encode_simple): Fix problem with using compression algo 2 and
* hkp.c (parse_hkp_index): Properly handle really large keys (5 digit key
* NEWS: Document new ways to enable MDC, and change in automatic
* gpgkeys_hkp.c (get_key, parse_hkp_index): Bring over latest code from
* keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and comments.
* DETAILS: Clarify that trust letters 'q' and '-' can be treated
* options.skel: Document no-include-attributes for keyserver-options.
* import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys into
* gpg.sgml: Clarify meaning of keyserver option include-revoked.
* sig-check.c (do_check, do_check_messages): Emit the usual sig warnings
* longlong.h: Remove space between \ and newline. gcc is complaining.
* hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into new
* gpgkeys_hkp.c (parse_hkp_index, dehtmlize): Move HTML functionality into
* gpgkeys_hkp.c (main): Don't warn about include-subkeys - it isn't
* Makefile.am: May as well include gpgkeys_hkp.c in the distribution now.
* gpgkeys_hkp.c: Include util.h on RISC OS as per Stefan. Include a
* NEWS: Clarify that --libexecdir is a configure option.
* gpgkeys_hkp.c (http_get, http_post): Use CRLF for line endings.
* configure.ac: Check type of mode_t.
* gpgkeys_hkp.c, Makefile.am: Convert over to using iobufs.
* gpgkeys_hkp.c: Overall cleanup from iobuf conversion. Be consistent in
* sig-check.c (do_check_messages, do_check): Show keyid in error messages.
* gpgkeys_hkp.c: (parse_hkp_index): Use same types on all platforms.
* pkclist.c (build_pk_list): Fail if any recipient keys are unusable.
* pkclist.c (build_pk_list): Add new status code to indicate an untrusted
* gpg.sgml: Document keyserver-option include-subkeys. Note that
* mainproc.c (print_pkenc_list): Don't increment the error counter when
* NEWS: typo.
* g10.c (add_group): Use '=' to separate group name from group members.
* gpgkeys_hkp.c (send_key): Use CRLF in headers.
* gpgkeys_ldap.c (get_key): Some compilers (RISC OS, HPUX c89) don't like
* exec.c (expand_args): Remove loop left over from earlier implementation.
* keyserver.c (keyserver_spawn): Remove whitespace after keyserver
* DETAILS: Fix batch key generation example.
* configure.ac: Remove --enable-external-hkp as this is always on now.
* gpgkeys_hkp.c (main): Remove warning - this is no longer experimental
* Makefile.am, hkp.c, hkp.h, keyserver.c (keyserver_work): Remove internal
Import from stable branch.
* gpgkeys_hkp.c: (search_key, handle_old_hkp_index): Try and request a
* gpgkeys_mailto.in: Add quasi-RFC-2368 mailto:email at addr?from= syntax so
From stable branch
From stable branch
From stable branch
* gpgkeys_hkp.c (get_key, handle_old_hkp_index, search_key): Properly
From stable branch
* gpg.sgml: Some minor language cleanup.
* THANKS: Remove duplicate.
* keyserver.h: Add some new error codes for better GPA support.
* gpgkeys_hkp.c (send_key, get_key, search_key, main): Some minor error
* gpgkeys_ldap.c (ldap_err_to_gpg_err, ldap_to_gpg_err, send_key, get_key,
* http.c (connect_server): Try all A records for names with multiple
* import.c (import_keys_stream): Fix compiler type warning.
* configure.ac: Add NETLIBS to EGDLIBS when using EGD as EGD uses sockets.
* Makefile.am: Link bftest with EGDLIBS (i.e. NETLIBS) as EGD uses
* Makefile.am: Link gpg with EGDLIBS (i.e. NETLIBS) as EGD uses sockets.
* configure.ac: Remove --enable-tiger, as TIGER is now always enabled.
* Makefile.am, md.c (load_digest_module): TIGER is now always enabled.
From stable branch
2002-09-28 David Shaw <dshaw at jabberwocky.com>
* keyserver.c (parse_keyserver_uri): Force the keyserver URI scheme to
* import.c (import_one): Make sure that a newly imported key starts with a
* tiger.c (tiger_get_info): Select the OID to use for TIGER at compile
* configure.ac: Add an --enable-old-tiger, to revert back to the
* longlong.h: Some whitespace changes in HPPA to fix assembler problems on
* import.c (import_secret_one): Check for an illegal (>110) protection
* keylist.c (print_capabilities): Secret-parts-missing keys should show
* gpg.sgml: Note that '#' means secret-key-unavailable, and that keyserver
* logger.c (g10_log_warning, log_set_strict): Add new log_warning logger
* util.h: Add new log_warning logger command which can be switched between
* options.h, g10.c (main): Add --strict and --no-strict to switch the
* getkey.c (get_pubkey_direct): Don't cache keys retrieved via this
* configure.ac: OpenLDAP 2.0.27 changed the dependencies again. Add a
* import.c (import_keys_internal): Missed one s/inp/inp2/.
And changelog :)
* keyserver.h: Add new error code KEYSERVER_UNREACHABLE.
* gpgkeys_ldap.c (fail_all): New function to unwind a keylist and error
* gpgkeys_ldap.c (search_key, main): Make sure LDAP values are freed in
* http.c (connect_server): Properly handle a single A record that fails
* keyedit.c (menu_addrevoker): Properly back out if the signature fails.
* keyserver-internal.h, keyserver.c (print_keyrec, parse_keyrec,
* keyserver.h: Go to KEYSERVER_PROTO_VERSION 1.
* gpgkeys_ldap.c (get_key): Don't print keysize unless it's >0.
* gpgkeys_hkp.c (write_quoted): Use %-encoding instead of \-encoding.
* NEWS: Some 1.3 notes.
* g10.c (main): Disable --textmode when encrypting (symmetric or pk) in
* README: Some typo fixes from Florian Weimer, and bump version number.
* g10.c (main): Handle --strict and --no-strict from the command line
* http.c (connect_server): Try all A records for names with multiple
* README: Multiple A record rotation works with MINGW32 now, and clarify
* Makefile.am, regcomp.c, regex.c, regex_internal.c, regex_internal.h,
* configure.ac: Regex tests adapted from mutt to decide whether to use the
* distfiles, _regex.h: Add _regex.h from glibc 2.3.1.
* Makefile.am: Anything linking with libutil.a needs INTLLIBS as well on
* main.h, import.c (sec_to_pub_keyblock, import_secret_one,
* gpg.sgml: Document --refresh-keys.
* gpgkeys_hkp.c (main), gpgkeys_ldap.c (main): Add -V flag to output
* gnupg.spec.in: Use new path for keyserver helpers, /usr/lib is no longer
* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
* configure.ac: Add --disable-regex in case some platform just can't
* packet.h, trustdb.h, trustdb.c (trust_string): New. Return a string
* trustdb.c (check_regexp): Modern regexps require REG_EXTENDED.
* configure.ac: Add a check for volatile.
* util.h: Add wipememory() macro.
* build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
* gnupg.spec.in: Update source ftp path.
* Makefile.am: Put gnupg.spec in the root directory so rpm -ta works.
* g10.c (main): Add --no-throw-keyid.
* cipher.c (string_to_cipher_algo), md.c (string_to_digest_algo): Allow
* keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the full
* keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids, keyedit_menu):
* NEWS: Note trust signature support,
* gpg.sgml: Document "tsign", clarify "setpref", clarify --recipient,
* options.h, g10.c (main): Add --trust-model option. Current models are
* gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly handle an
* trustdb.c (trust_model_string, check_trustdb, update_trustdb,
* KEYSERVER: New. Documents the --with-colons format for keyserver
* keyserver.c (keyserver_search_prompt): When --with-colons is enabled,
* keyserver.c (keyserver_search_prompt): When --with-colons is enabled,
* gpgkeys_ldap.c (key_in_keylist, add_key_to_keylist, free_keylist,
* pubkey-enc.c (get_session_key): With hidden recipients or try a given
* rndw32.c [__CYGWIN32__]: Don't include winioctl.h - it is not required
* util.h: Add wipememory2() macro (same as wipememory, but can specify the
* w32reg.c (read_w32_registry_string): Fixed expanding of the environment
* options.h, g10.c (main), trustdb.c (ask_ownertrust): Add
* keyring.h, keyring.c (keyring_register_filename): Return the pointer if
* gpgkeys_ldap.c (get_key): Fix typo in deduping code.
* keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
* secmem.c (lock_pool) [__CYGWIN__]: Don't print secmem warning. From
* THANKS: Changes from stable branch.
* util.h [__CYGWIN32__]: Don't need the registry prototypes. From Werner
* mk-w32-dist: Don't use iconv for pl.po. From Werner on stable branch.
* exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; we don't need
* encode.c (encode_simple): Make sure that files larger than about 4G use
* gpgkeys_ldap.c (get_key): The deduping code requires "pgpcertid", but
* g10.c (main): Allow compression algorithm names as the argument to
* gpg.sgml: --compress-algo now allows algorithm names.
* config.links: Use OpenBSD/NetBSD powerpc assembler code for Darwin.
* gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode. Noted
* gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver protocol
* keygen.c (keygen_set_std_prefs): Properly handle an empty preference
* gpg.sgml: Add an interoperability section.
* encode.c (encode_simple), passphrase.c (passphrase_to_dek), sign.c
* g10.c (add_notation_data): Disallow notation names that do not contain a
* g10.c (main), keydb.c (keydb_add_resource, keydb_locate_writable):
* sign.c (hash_for): If --digest-algo is not set, but
* mainproc.c (proc_encrypted): Use --s2k-digest-algo for passphrase
* main.h, misc.c (default_cipher_algo, default_compress_algo): New.
* gpg.sgml: Document --sig-policy-url, --cert-policy-url, --sig-notation,
* gpg.sgml: Document --primary-keyring. Clarify --s2k-cipher-algo,
* NEWS: Add notes about notation names and '@', the --trust-model option,
* keyedit.c (menu_expire): Don't lose key flags when changing the
* distfiles, gnupg.spec.in: Include convert-from-106.
* gpg.sgml: Point out that if the user absolutely must, it's better to use
* options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store trust
* trustdb.c (validate_keys): Show trust parameters when building trustdb,
* main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
* gpg.sgml: Clarify include-revoked and include-disabled so they match
* tdbio.c (tdbio_read_record, tdbio_write_record): Compact the
* pkclist.c (do_we_trust): Tweak language to refer to the "named
* iobuf.c (iobuf_flush): Only print debug info if debugging is on.
* keydb.h, getkey.c (key_byname): Flag to enable or disable including
* keyedit.c (keyedit_menu, menu_revuid): Add "revuid" feature to revoke a
* NEWS: Add note about convert-from-106 script.
* gpg.sgml: Clarify --no-permission-warning to note that the permission
* keyserver.c (keyserver_refresh): Don't print the "refreshing..." line if
* getkey.c (merge_selfsigs_main), main.h, sig-check.c
* import.c (import_one): Only do the work to create the status display for
* keylist.c (print_capabilities): Show 'D' for disabled keys in
* DETAILS: Document disabled flag in capabilities field.
* packet.h, tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record),
* gpgkeys_hkp.c (get_key): Use options=mr when getting a key so keyserver
* trustdb.c (get_validity_info): 'd' for disabled is not a validity value
* keygen.c (keygen_set_std_prefs): Warn when setting an IDEA preference
* armor.c (armor_filter): Comment about PGP's end of line tab problem.
* trustdb.c (get_validity_info, get_ownertrust_info, trust_letter):
* tdbio.c (tdbio_set_dbname): Fix assertion failure with
* packet.h, parse-packet.c (setup_user_id), free-packet.c (free_user_id),
* gpg.sgml: Minor language tweaks, spell check, copyright date,
* trustdb.c (init_trustdb, get_validity): Don't use a changed trust model
* g10.c (add_group): Trim whitespace after a group name so it does not
* mainproc.c (list_node): Show signature expiration date in with-colons
* DETAILS: Document trust depth, value, and regexp.
* gpgkeys_mailto.in: Fix regexp to work properly if the "keyid" is not a
* keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on a v4 key
* NEWS: Add notes about disabled keys, trustdb tweaks, and "revuid".
* cipher.h: Add constants for new SHAs.
* sha256.c, sha512.c: New.
* armor.c (parse_hash_header, armor_filter): Accept the new SHAs in the
* Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ so it
* types.h: Try and use uint64_t for a 64-bit type.
* Makefile.am, md.c (load_digest_module): Only build in SHA384/512 and
* configure.ac: Do not set GNUPG_LIBEXECDIR in ./configure, so that
* Makefile.am: Use a local copy of libexecdir along with @PACKAGE@ as
* exec.c (set_exec_path): Add debugging line.
* keydb.h, getkey.c (classify_user_id, classify_user_id2): Make 'exact' a
* g10.c (main): Use 3DES instead of CAST5 if we don't have CAST5 support.
* cipher.c (setup_cipher_table): #ifdef all optional ciphers.
* keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in default prefs
* configure.ac: Add --disable-xxx options for CAST5, BLOWFISH, AES (all),
* g10.c (main): Accept "s1" in addition to "idea" to match the other
* configure.ac: Add --disable-idea for IDEA. Note that disabling IDEA
* ttyio.c (tty_print_utf8_string, tty_print_utf8_string2): Use 0 to
* sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF
* convert-from-106: Move to the tools directory.
* convert-from-106: Script to automate the 1.0.6->later conversion. It
* Makefile.am: Distribute convert-from-106.
* distfiles, gnupg.spec.in: convert-from-106 is in the tools directory
* keyserver.c (keyserver_spawn): Include various pieces of information
* trustdb.c (validate_keys): Mask the ownertrust when building the list of
* configure.ac: Define @CAPLIBS@ to link in -lcap if we are using
* configure.ac: Look for res_query so we can use DNS SRV, and add
* http.h: Add HTTP_FLAG_TRY_SRV.
* gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in the
* Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
* http.c (connect_server): Use DNS SRV to get a server list. Fail over to
* options.h, g10.c (main), keyserver.c (kopts): Add "try-dns-srv"
* srv.h, srv.c (getsrv): Use unsigned char rather than char. Noted by
* argparse.c (default_strusage): Change copyright date.
* keydb.h: Err on the side of making an unknown signature a SIG rather
* pkclist.c (algo_available): PGP 8 can use the SHA-256 hash.
* configure.ac: Use much more accurate method to determine whether
* dcigettext.c (plural_lookup): Name conflict on some platforms with
* DETAILS: Don't specify which hash is used to make up the namehash since
* gpgkeys_hkp.c (dehtmlize, parse_hkp_index): Fix memory corruption bug on
* main.h, g10.c (main), import.c (parse_import_options,
* srv.c (main): Test against wwwkeys.pgp.net.
* Makefile.am, options.in: Rename options.in to options since it no longer
* import.c (import_revoke_cert): Remove ultimate trust when revoking an
* configure.ac: Big warning that TIGER/192 is being removed from the
* config.links: Re-disable assembler on Darwin. Darwin 6.5 broke it
* sign.c (do_sign): Show the hash used when making a signature in verbose
* g10.c (main): Add --no-textmode.
* BUGS: Fix bug reporting URL.
* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig class, and a
* gettextP.h: Add comment for HP/UX users. Local fix for GnuPG.
* build-packet.c (build_sig_subpkt): Comments.
* tdbio.c (create_version_record): Only create new trustdbs with
* cipher.h: Add constants for compression algorithms.
* packet.h, build-packet.c (build_sig_subpkt), export.c
* gpg.sgml: Some general language tweaks. Note default algo for
* configure.ac: Remove some stuff no longer needed with newer autoconf.
* types.h: Add initializer macros for 64-bit unsigned type.
* cipher.c (setup_cipher_table): #ifdef IDEA.
* trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename
* gpg.sgml: Document --trustdb-name. Document --gnupg in a new compliance
* configure.ac: Edit preprocessor instructions in g10defs.h to remove
* cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: Edit all
* argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c,
* mpicoder.c, mpi-inline.h, mpi-inv.c, mpiutil.c, mpih-div.c,
* bithelp.h, des.c, random.c, rndlinux.c, sha1.c, blowfish.c, elgamal.c,
* bftest.c, crlf.c, mk-tdata.c, mpicalc.c, shmtest.c: Edit all
* armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
* POTFILES.in: Added a couple of missing source files. Noted by Pascal
* Makefile.am: Make use of AM_CFLAGS. (From wk on stable branch)
* getkey.c (premerge_public_with_secret): Made "no secret subkey for"
* gpg.sgml, gpgv.sgml: Small SGML fixes. (From wk on stable branch)
* mk-w32-dist: Don't iconv {hu,sk,zh_TW}.po. (From wk on stable branch)
* defs.inc (pgmname): Make sure there is a valid options file. (From wk on
* NEWS: Document --gnupg and the deprecation of --no-openpgp and
* configure.ac: Put wsock32 in NETLIBS. Put zlib in ZLIBS. Put dl in
* srv.h, srv.c: Include windows.h with MINGW32.
* Makefile.am: Some cleanup, and use DLLIBS for -ldl.
* gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available.
* keylist.c (list_one): Don't show the keyring filename when in
* main.h, misc.c (parse_options): New general option line parser. Fix the
* mainproc.c (check_sig_and_print), main.h, keylist.c (show_policy,
* g10.c (main), keylist.c (show_policy_url, show_notation), mainproc.c
* configure.ac: Define SAFE_VERSION so that RISCOS can override it and
* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
Inadvertently left out of the 2003-06-01 checkin
* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver since
* THANKS: Updates from stable.
* types.h: Prefer using uint64_t when creating a 64-bit unsigned type.
* iobuf.c (check_special_filename): Replaced is isdigit by digitp
* Makefile.am: Use W32LIBS where appropriate.
* DETAILS: Document the --attribute-fd data.
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
* configure.ac: configure.ac: Check for sigset_t and struct sigaction.
* Makefile.am: Add --no-permission-warning to avoid spurious warning when
* packet.h, main.h, sig-check.c (signature_check2, check_key_signature2,
* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
* keyedit.c (show_key_with_all_names): Use list-option show-validity in
* keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
* options.h, g10.c (main, add_keyserver_url): Add
* options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
* packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
* gpgv.c: Remove extra semicolon (typo).
* random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM twice.
* mainproc.c (check_sig_and_print): Get the uid validity before printing
* http.c (connect_server): Try and use getaddrinfo if it is available.
* configure.ac: Check for getaddrinfo. Don't bother to check for EGD libs
* Makefile.am: Use NETLIBS instead of EGDLIBS.
* gpg.sgml: Document --list-options (show-photos, show-policy-url,
* gnupg.spec.in: Rework much of the spec to use %-macros throughout. Fix
* NEWS: Note %g and %p, the "tru" --with-colons record, and the REVKEYSIG
* mainproc.c (check_sig_and_print): Use two different preferred keyserver
* options.h, g10.c (main): Add list-option list-preferred-keyserver.
* dotlock.c, http.c, iobuf.c, simple-gettext.c, srv.c, srv.h, strgutil.c,
* util.h: s/__MINGW32__/_WIN32/ to help building on native Windows
* idea-stub.c, random.c; s/__MINGW32__/_WIN32/ to help building on native
* passphrase.c (agent_send_all_options): Make use of $GPG_TTY.
* AUTHORS, THANKS: Updates from stable.
* autogen.sh: Touch po/all for --build-w32. From Werner on stable branch.
* samplekeys.asc: Updated.
Credits from stable
* keyedit.c (print_and_check_one_sig): Use list-option show-long-keyid in
* keyedit.c (show_key_with_all_names): Use list-option show-long-keyid in
* gpg.sgml: Document list-options (show-preferred-keyserver,
* main.h, keygen.c (keygen_add_keyserver_url): Signature callback for
* g10.c (add_keyserver_url), keyedit.c (keyedit_menu), sign.c
* gpg.sgml: Use "keyserver-url" instead of "preferred-keyserver" for the
* DETAILS: Note fingerprint of signing key in sig records.
* NEWS: Note --list-options, --verify-options, the deprecation of
* keyedit.c (show_key_with_all_names): Fix assertion failure when using
* md.c (string_to_digest_algo): Enable read-write SHA-256 support.
* armor.c (parse_hash_header, armor_filter), g10.c (print_hex, print_mds),
* mds.test, sigs.test: Remove TIGER/192 and make SHA-256 optional (since
* configure.ac: Drop TIGER/192 support. Check for UINT64_C to go along
* cipher.h: Drop TIGER/192 support.
Missed one.
* g10.c (main): Error out if --multifile is used with the commands that
* g10.c (main): Trim --help to commonly used options. Remove -f.
* g10.c (main): Deprecate --default-comment in favor of --no-comments.
* keydb.h, keyring.c (keyring_search), trustdb.c (search_skipfnc): Expand
* sign.c (mk_notation_policy_etc): Capitalize "URL".
* keyedit.c (show_key_with_all_names): Show names a little neater by
* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
* gpgv.c (check_trustdb_stale): Stub.
* NEWS: Note that SHA-256 is read-write now, that TIGER/192 is no more,
* gpg.sgml: Clarify --mangle-dos-filenames, document list-option
* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
* gpg.sgml: Note web bug behavior of auto-key-retrieve. Note that big
* samplekeys.asc: Update 99242560.
* g10.c (main): Add --no-groups to zero --group list.
* g10.c (main): Give a deprecated option warning for --show-keyring,
* NEWS: Note multiple Comment: support and --sig-keyserver-url.
* srv.c: OSX 10.2.8/Darwin 6.8 seems to have some #include ordering
* keyedit.c (show_key_with_all_names): Ownertrust is only meaningful for
* import.c (import_one): Show the keyid when giving the Elgamal slow
* configure.ac: Include -ldl when card support is used.
* configure.ac (DLLIBS): Work properly on platforms where dlopen and
* g10.c (main): Add --symmetric --encrypt command. This generates a
* g10.c (main): Enhance the version-specific config file code to try for
* NEWS: Note --symmetric --encrypt and the improved config file search.
* cipher.h: Add COMPRESS_ALGO_BZIP2.
* misc.c (compress_algo_to_string, string_to_compress_algo,
* configure.ac: Locate libbz2 for bzip2 compression support.
* trustdb.h, trustdb.c (register_trusted_keyid): New. Adds a keyid to the
* http.c (connect_server): Differentiate between generic "can't connect"
* pkclist.c (build_pk_list): When adding recipients interactively, allow
* mainproc.c (proc_symkey_enc): Don't show algorithm information when
* configure.ac: Make sure that the resolver API actually compiles, and not
* g10.c (main): Add --symmetric --sign --encrypt.
* NEWS: Note BZIP2.
* options.h, g10.c, keyedit.c, keylist.c, mainproc.c: Clarify the
* options.h, trustdb.c (trust_model_string, init_trustdb): Add support for
* encode.c (encode_simple), sign.c (sign_symencrypt_file): Properly use
* options.h, g10.c (main), compress.c (init_compress), compress-bz2.c
* compress.c (init_compress): Remove compress level 10 trick, since it is
* options.h, g10.c (main), compress-bz2.c (init_uncompress): Add
* miscutil.c (match_multistr): New. Match against each segment in a
* util.h: Add prototype for match_multistr().
* seskey.c (do_encode_md): Comment about earlier (pre-PGP 2.3) encodings.
* config.links: sparc64 assembler doesn't work on FreeBSD or OpenBSD
* gpg.sgml: Document --compress-level. Some minor tweaks to other
* gpg.sgml: Note the new combinations with --symmetric and --encrypt.
* configure.ac: Use MSG_NOTICE instead of MSG_WARN for less serious
* keygen.c (ask_algo): Remove ability to generate Elgamal sign+encrypt
* pkclist.c (build_pk_list): Do not allow an empty PK list in interactive
* NEWS: Note that we won't encrypt to an Elgamal sign+encrypt key any
* trustdb.c (validate_keys): Reset the trustdb before checking if we have
* mainproc.c (proc_symkey_enc, proc_encrypted): Add ability to use
* README: Update version number. Add BZIP2. Remove Elgamal sign+encrypt.
* pubkey.c (setup_pubkey_table): Only include RSA if USE_RSA is defined.
* NEWS: Note --disable-rsa.
* options.h, g10.c (main), main.h, seskey.c (do_encode_md,
* options: Remove emulate-md-encode-bug.
* g10.c (strusage, main): Show development version warning in --version
* pubkey.c (setup_pubkey_table): Don't allow signatures to and from
* cipher.h: Make cipher list match 2440bis-09.
* config.links: Show target in asm-syntax.h file and include targets for
* miscutil.c (answer_is_yes_no_default, answer_is_yes_no_quit): Don't use
* Makefile.am: Reenable tests now that the Elgamal signature keys are
* http.c (send_request): Add a Host: header for virtual hosts.
* gpgsplit.c (write_part): Split off decompression code. (handle_zlib):
* gpg.sgml: Fix a few missing semicolons in & entities. Noted by
* keyid.c (do_fingerprint_md): Properly handle hashing of keys that we
* keyid.c (keyid_from_sk, keyid_from_pk, fingerprint_from_pk,
* keyid.c (do_fingerprint_md): Remove the rules to hash the old v3 Elgamal
* packet.h, build-packet.c (hash_public_key): Remove function ...
* sig-check.c (do_check): Move the signing algo and hash checks from
* cipher.h (pubkey_verify): Remove old unused code.
* dsa.h, dsa.c (dsa_verify), elgamal.h, elgamal.c (elg_verify), rsa.h,
* sig-check.c (cmp_help, do_check), sign.c (do_sign): Remove old unused
* mpi.h (gcry_mpi, mpi_get_opaque, mpi_set_opaque): Make nbits and the
* mpiutil.c (mpi_set_opaque, mpi_get_opaque): Make the length of an opaque
* build-packet.c (write_fake_data, do_secret_key), seckey-cert.c
* main.h, misc.c (parse_options): Add a "noisy" flag to enable and disable
* keyserver.c (strip_leading_space, get_arg): New.
* keyserver.c (argsep): New variation on strsep that knows about optional
* http.c (send_request, http_open_document, http_open): Pass the http
* http.h: Pass the http proxy from outside rather than pulling it from the
* options.h, g10.c (main), keyserver.c (keyserver_opts,
* gpgkeys_hkp.c (send_key, get_key, main): Work with new HTTP code that
* misc.c (pull_in_libs): Dead code. Removed.
* g10u.c: Dead code. Remove.
* rijndael.c, rndunix.c, twofish.c: Remove dead IS_MODULE code.
* idea-stub.c (load_module, idea_get_info): Return the proper type for
* g10m.c: Dead code. Remove.
* options.h, g10.c (main), import.c (parse_import_options, import_one,
* clearsig.test, conventional-mdc.test, conventional.test, defs.inc,
* gpg.sgml: Fix a few minor typos. Clarify what --textmode is useful for.
Use the portable C MPI code for OpenBSD before 3.4, and remove the special
* config.links: OpenBSD 3.4 is now ELF, so use the proper assembler code
* convert-from-106, lspgpot: Check for gpg binary before proceeding.
* configure.ac: Include stdio.h when checking for bzlib.h. Solaris 9 has a
* gpgkeys_hkp.c (search_key): Catch a mangled input file (useful if
* util.h: Add prototype for print_string2().
* argparse.c (default_strusage): Update copyright date. (initialize):
* pubkey.c (setup_pubkey_table), elgamal.c (sign, verify, test_keys,
* cipher.c (setup_cipher_table): May as well call Rijndael AES at this
* cipher.h: Remove the old CIPHER_ALGO_RINJDAEL values. is_ELGAMAL() now
* misc.c (print_cipher_algo_note): May as well call Rijndael AES
* sig-check.c (check_key_signature2): Comments.
* g10.c (main), keydb.h, keydb.c (keydb_rebuild_caches), keyring.h,
* trustdb.c (reset_trust_records): New, faster, implementation that
hppa1.1/udiv-qrnnd.S: Alignment fix from Lamont Jones for Debian.
* keylist.c (set_attrib_fd): Open attribute fd in binary mode. This isn't
* keyedit.c (print_and_check_one_sig, keyedit_menu): Use the COLUMNS
* packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), pkclist.c
* g10.c (list_config): New function to dump config options to stdout.
* mainproc.c (list_node): Show sigs with --verbose.
* NEWS: Note --enable-key-cache, the OpenBSD/i386 and HPPA fixes, and
* getkey.c: Set MAX_PK_CACHE_ENTRIES and MAX_UID_CACHE_ENTRIES to
* g10.c (main, rm_group): Add --ungroup command to remove a particular
* DETAILS: Details for --list-config.
* clearsig.test, sigs.test: Properly detect RSA being missing, and use the
* keygen.c (keygen_set_std_prefs): Build the default preferences list at
* keyedit.c (keyedit_menu): Prompt for subkey removal for both secret and
* options.h, g10.c (main), keylist.c (list_keyblock_print): Add
* import.c (import_one): Do the revocation check even in the case when a
* main.h, keyedit.c (keyedit_menu): Remove sign_mode and enhance the more
* import.c (check_prefs): New function to check preferences on a public
* gnupg.7: Clarify that 'gpgv' doesn't encrypt, and that's not a bug.
* import.c (check_prefs): Some language fixes. (sec_to_pub_keyblock,
* keyserver.c (argsep): Move to misc.c.
* build-packet.c (write_header2): If a suggested header length is provided
* build-packet.c (do_user_id): Do not force a header for attribute packets
* gpgkeys_ldap.c (ldap_to_gpg_err): Make sure that LDAP_OPT_ERROR_NUMBER
* options.h, g10.c (main), plaintext.c (handle_plaintext): Add
* gpgkeys_ldap.c (find_basekeyspacedn): New function to figure out what
* configure.ac: Simplify the LDAP checking code since OpenLDAP is far more
* Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps to
* configure.ac: Check for ln -s and add GPGKEYS_LDAP conditional, both for
* gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do not
* gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv.
* mkdtemp.c: Removed.
* mkdtemp.c: New (moved from g10/), setenv.c: New, unsetenv.c: New.
* configure.ac: Check for timegm(). Replacement functions for setenv()
* keyserver.c (keyserver_export): Disallow user strings that aren't key
* main.h, misc.c (hextobyte): Removed. It's in libutil.a now.
* miscutil.c (hextobyte): Moved here from g10/misc.c so I can use it in
* util.h: Prototype for hextobyte().
* gpgkeys_ldap.c (epoch2ldaptime): New. Converse of ldap2epochtime.
* keyserver.c (keyserver_spawn): Use the full 64-bit keyid in the INFO
* plaintext.c (handle_plaintext): Properly handle a --max-output of zero
* gpgkeys_ldap.c (delete_one_attr): New function to replace attributes
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add
* gpgkeys_ldap.c (delete_one_attr): Removed. (make_one_attr): Delete
* plaintext.c: Copyright.
* gpgkeys_ldap.c (send_key): List pgpCertID as one of the deleted
* delkey.c (do_delete_key): Allow deleting a public key with a secret
* README: Update copyright.
* gpg.sgml: Document keyserver-option http-proxy, import-option
* gpg.sgml: Document --ask-cert-level, --max-output, and
* Makefile.am: Don't split LDADD across two lines since some make programs
* unsetenv.c: Fixed debugging typo.
* iobuf.c (block_filter): Properly handle a partial body stream that ends
* parse-packet.c (parse): Only data-type packets are allowed to use
* packet.h, free-packet.c (free_encrypted, free_plaintext), parse-packet.c
* options.h, g10.c (main): Add a more flexible --keyid-format option to
* build-packet.c (write_header2): Remove call to start old gpg partial
* options.h, g10.c (main), mainproc.c (check_sig_and_print): Remove
* armor.c (fake_packet, armor_filter): Use the 2440 partial length
* iobuf.h: Remove iobuf_set_block_mode() and iobuf_in_block_mode().
* iobuf.c (block_filter): Remove the old gpg indeterminate length mode.
* revoke.c (export_minimal_pk), export.c (do_export_stream), passphrase.c
* getkey.c (merge_selfsigs_subkey): Do not mark subkeys valid if we do not
* keyid.c (keyid_from_sk): Minor performance boost by caching secret key
* keydb.h, keyid.c (keystr_from_pk, keystr_from_sk): New functions to pull
* keylist.c (print_seckey_info, print_pubkey_info): --keyid-format
* import.c (check_prefs_warning, check_prefs): --keyid-format conversion
* trustdb.c (add_utk, verify_own_keys, update_min_ownertrust,
* getkey.c (skip_unusable, merge_selfsigs_main,
* mainproc.c (proc_pubkey_enc, print_pkenc_list, list_node):
* trustdb.c (update_min_ownertrust, validate_keys): Do not use keystr
* keyedit.c (sign_uids, show_key_and_fingerprint, ask_revoke_sig,
* options.h, g10.c (main), compress-bz2.c (init_uncompress): Rename
* keyedit.c (keyedit_menu): Request a trustdb update when adding a new
* gpg.sgml: Document delsig. Clarify that --refresh-keys arguments are
* options.h: Encapsulate keyserver details. Change all callers.
* options.h, import.c, keyserver-internal.h, g10.c, mainproc.c,
* packet.h, getkey.c (fixup_uidnode, merge_selfsigs_subkey): Keep track of
* options.h, keyserver.c (parse_keyserver_options): Remove duplicate code
* main.h, misc.c (argsplit): Refactor argsep into argsplit and argsep so
* main.h, misc.c (optsep, argsplit, optlen, parse_options): Simplify code
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
* plaintext.c (handle_plaintext): Accept 'u' as a plaintext mode that
* options.h, g10.c (main): Add keyserver-option honor-keyserver-url.
* keyserver.c (parse_keyserver_uri): Do not accept "http" as an alias for
* parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
* keygen.c (make_backsig): If DO_BACKSIGS is not defined, do not create
* getkey.c (key_byname): If namelist is NULL, return the first key in the
* getkey.c (get_seckey_byname2): Significantly simplify this function by
* main.h, keylist.c (show_notation): Add argument to show only user
* keylist.c (show_notation): Use bits to select which sort of notation to
* keyedit.c (keyedit_menu, menu_set_keyserver_url): Allow passing
* DETAILS, credits-1.0, credits-1.2: ElGamal -> Elgamal.
* options.h, mainproc.c (symkey_decrypt_seskey), keyserver.c (struct
* options.h, keyserver-internal.h, keyserver.c (parse_keyserver_uri):
* sign.c (update_keysig_packet): Policies and notations should be stripped
* pubkey-enc.c (get_session_key, get_it), keyedit.c
* gpg.sgml: Clarify that --charset applies to informational strings and
* NEWS: Note the addition of preferred keyserver support,
* g10.c: New command --gpgconf-list. (gpgconf_list): New. From Werner on
* dsa.c (verify): s/exp/exponent/ to fix a compiler warning. From Werner
* longlong.h: Typo.
* options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE.
* gpgkeys_http.c: New program to do a simple HTTP file fetch using the
* NEWS: Note HTTP key fetching.
* keyserver.c (keyserver_work): Allow --refresh-keys with a preferred
* keyserver.c (keyserver_spawn): Fix keyserver options on tempfile only
* timegm.c: New replacement function. Removes the need for setenv.c and
* configure.ac: Replacement function for timegm(). No need to check for
* gpgkeys_ldap.c (ldap2epochtime): We can always rely on timegm() being
* keyserver.c (keyidlist): Go back to the old fast keyid lister. Only
* gpg.sgml: Document --edit-key "keyserver" command, --keyid-format,
* gpgkeys_http.c (get_key): Cosmetic fix - make sure that URLs with no
* mainproc.c (check_sig_and_print): If we're honoring preferred
* NEWS: Note --sig-keyserver-url and the ability to use a preferred
* verify.c (verify_signatures): Verify multiple files in the same order in
* configure.ac: Try for wldap32 on Win32 platforms.
* keyserver.c (keyserver_refresh): Keep track of keys already fetched so
* gpgkeys_http.c: General polish and removal of leftover stuff from
* DETAILS: Document PLAINTEXT and PLAINTEXT_LENGTH.
* ring-a-party: ElGamal -> Elgamal
* g10.c (main): Alias --charset as --display-charset to help avoid the
* keyedit.c (sign_uids): Properly handle remaking a self-sig on revoked or
* keylist.c (list_keyblock_print): Always use the new listing format where
* gpgkeys_ldap.c (main): Don't try and error out before making a ldaps
* misc.c (optsep): Add the ability to understand keyword="quoted arg with
* misc.c (argsplit): Properly split quoted args from the keyword and trim
* gpgkeys_ldap.c (join_two_modlists): New. (send_key): Use new function so
* gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID"
* gpgkeys_ldap.c (main): Add "debug" option. This is only really useful
* armor.c (radix64_read): No armor CRC is legal according to the spec (the
* gpg.sgml: Remove show-long-keyids since it is replaced by
* plaintext.c (handle_plaintext): Bigger buffer for extra safety.
* http.c (insert_escapes): Fix encoding problem for non-URI-safe
* gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along with a
* gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings that
* keyserver.c (keyserver_search_prompt): Make sure the search string is
* gpgkeys_ldap.c (get_key): Factor out informational display into new
* gpgkeys_hkp.c (dehtmlize): Understand the quote character (i.e.
* keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
* keyserver.c (keyserver_spawn): Show log line for what keyserver action
* gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key,
* encode.c, exec.c, g10.c, sign.c: Some translatable string cleanup.
* keyserver.c (parse_keyrec): Force the 'e'xpired flag on as soon as we
* http.c (main): Fix test code for http-test.
* http.c (make_radix64_string, do_parse_uri, send_request): Add basic auth
* http.h: Add auth field for a parsed_uri to allow for basic auth.
* ccid-driver.c (read_device_info): Fix segfault when usb device is not
* NEWS: Note HTTP basic auth.
* app-openpgp.c (get_cached_data): Avoid mallocing zero since it breaks us
* card-util.c (fetch_url, card_edit): Use the pubkey URL stored on the
* options.h, keylist.c (print_one_subpacket, print_subpackets_colon):
* main.h, keylist.c (print_subpackets_colon): Make a public function.
* pgpgroup-to-gpggroup: New perl script to take groups from PGP command
* getkey.c (premerge_public_with_secret): Fix subkey<->binding sig
* gpg.sgml: Note that --throw-keyid is --throw-keyids. Note changes in
* configure.ac: Give warning when using capabilities. Check for
* gpgv.c (agent_scd_getattr): Stub.
* DETAILS: Document the 'spk' signature subpacket record. Add more detail
* keyedit.c (menu_set_keyserver_url): Confirm replacement of a keyserver
* keygen.c (keygen_add_keyserver_url), keyedit.c (menu_set_keyserver_url):
* keyedit.c (show_key_with_all_names, show_prefs): Show preferred
* keyedit.c (keyedit_menu): Don't show "addcardkey" in the menu if we do
* mainproc.c (check_sig_and_print), keyedit.c (show_prefs,
* keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), keygen.c
* main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
* main.h, g10.c (main), card-util.c (change_pin): If "admin" has not been
* signal.c (got_fatal_signal): HAVE_DECL_SYS_SIGLIST is defined, but zero
* keyedit.c (print_and_check_one_sig): Account for the extra space that
* keyedit.c, keylist.c, keyserver.c, mainproc.c: Reduce the many
* mpicoder.c (mpi_read): If we must fail due to a oversize (generally
* iobuf.c (pop_filter): Make static.
* util.h: Prototype destroy_dotlock(). From Werner on stable branch.
* gpgv.c, keydb.c (keydb_add_resource): Factored keyring creation out to
* keyedit.c (print_and_check_one_sig_colon): Fix bad keyids in colon
* passphrase.c (agent_get_passphrase): Use keystrs for agent strings, and
* keyedit.c, keylist.c, keyserver.c, mainproc.c: The
* keyedit.c (sign_uids, ask_revoke_sig): Improve translatability of user
* helptext.c, pkclist.c (do_we_trust): It is not possible to get here with
* pkclist.c (build_pk_list): Keystrify.
* encr-data.c (decrypt_data): Give a warning with a weak key, but still
* keygen.c (generate_keypair): Fix generating keys with the auth flag.
* keygen.c (do_add_key_flags): The spec says that all primary keys MUST be
* keygen.c (ask_key_flags): New. (ask_algo): Call it here in --expert mode
* card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, keygen.c,
* gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Fix a
* pkclist.c (do_edit_ownertrust): Use the same translated string for
* algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, blowfish.c,
* pkclist.c (do_edit_ownertrust): Different prompt when we're using direct
* gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c (main),
* keyserver.h: Add KEYSERVER_TIMEOUT.
* keyserver.c (keyserver_work): Handle keyserver timeouts.
* armor.c (fake_packet): Allow arbitrary dash-escaped lines as per
* keylist.c (list_keyblock_print): Show the fingerprint after the key, not
* gpgkeys_finger.c (main): We do not support relay fingering (i.e.
* gpg.sgml: Document using "none" to remove preferred keyservers, the
* NEWS: Note gpgkeys_finger, keyserver timeouts, and the direct trust
* gpgkeys_finger.c [_WIN32] (connect_server): Fix typo.
* http.c (connect_server): [_WIN32] actually fill in the sin_addr so we
* parse-packet.c (parse_one_sig_subpkt, enum_sig_subpkt): Don't BUG() on
* http.c (connect_server, send_request): Use the URI scheme as the SRV tag
* gpgkeys_hkp.c (send_key, get_key, search_key): Use "hkp" instead of
* gpg.sgml: Minor language tweaks.
* g10.c (parse_list_options): Fix non-constant initializer so we can build
* acinclude.m4: aclocal 1.9 wants quoting on AC_DEFUN arguments.
* options.h, g10.c (main), mainproc.c (check_sig_and_print): Rename
* delkey.c, export.c, keyedit.c, pkclist.c, revoke.c, skclist.c: Fix a few
* keyring.c: Make some strings translatable.
* keylist.c (status_one_subpacket): New. Send the subpacket data to the
* card-util.c, delkey.c, keygen.c, plaintext.c, keyedit.c, passphrase.c,
* gpgkeys_finger.c [_WIN32] (connect_server): Fix typo.
* DETAILS: Document SIG_SUBPACKET status tag.
* skclist.c (build_sk_list): Don't need to warn about PGP-generated
* misc.c (print_digest_algo_note): The latest 2440bis drafts deprecates
* plaintext.c (handle_plaintext): Don't try and create a zero-length
* README, configure.ac: Add --enable-backsigs to enable the experimental
* configure.ac: Autodetect wldap32 on Windoze.
* trustdb.h, trustdb.c (uid_trust_string_fixed): New. Return a fixed-size
* trustdb.c (uid_trust_string_fixed): Use a string that can be atoi-ed,
* options.h, export.c (parse_export_options, do_export_stream): Add
* options.h, export.c (parse_export_options, do_export_stream), import.c
* gpg.sgml: Document export-minimal.
* export.c (do_export_stream): Allow export-minimal to work with secret
* cipher.h: Add PUBKEY_USAGE_UNKNOWN.
* getkey.c (parse_key_usage): New function to parse out key usage flags.
* md.c (string_to_digest_algo): Allow read/write SHA384 and SHA512.
* Makefile.am: The harmless "ignored error" on gpgkeys_ldap install on top
* http.c (send_request): Include the port if non-80 in the Host: header.
* keygen.c (ask_keysize): Change strings to always use %u instead of
* highlights-1.4.txt: New.
* keygen.c (ask_algo): Add a choose-your-own-capabilities option for DSA.
* options.h, g10.c (main), textfilter.c (len_without_trailing_ws): Removed
* options.h, g10.c (main), textfilter.c (standard): Use --rfc2440 or
* keyserver.c (parse_preferred_keyserver): Force preferred keyserver
* trustdb.c (uid_trust_string_fixed): Show uids as revoked if the key is
* keyedit.c (keyedit_menu): Re-remove the N_() markers.
* apdu.c (apdu_send_le, apdu_send_direct), keylist.c
* g10.c (main): Add --require-secmem/--no-require-secmem to cause gpg to
* gpg.sgml: Document --require-secmem/--no-require-secmem. Note that the
* configure.ac: Check for arpa/nameser.h.
* configure.ac: Check for arpa/nameser.h.
* configure.ac: Add a --with-ldap=DIR so people can add to the search
Readline fix to be robust against platforms where readline has its own
Oddly commit missed this one.
* keyedit.c (menu_revkey): Rename to menu_revsubkey. (menu_revkey): New.
* keygen.c (keygen_get_std_prefs): Set reference count when creating the
* keyedit.c (keyedit_menu): Invisible alias "passwd" as "password".
* keylist.c (list_keyblock_print): Secret key listings should always show
* keyedit.c (menu_set_keyserver_url): Make sure we only operate on the
FTP keyserver support via gpgkeys_ftp. This is currently off by default.
As always, CVS leaves out the local directory?
* autogen.sh: automake needs --add-missing for conditional CPPFLAGS build
* gpgkeys_ftp.c (main, get_key): Use auth data as passed by gpg. Use
* libcurl.m4: Be much more strict with libcurl by trying to compile and
* configure.ac: --enable-ftp is on by default, --with-libcurl is off by
* Makefile.am: Build gpgkeys_http or gpgkeys_curl as needed.
* keyserver.c (keyserver_typemap): New. Map certain keyserver types to a
* gpgkeys_curl.c (get_key, writer): New function to wrap around fwrite to
* options.h, keyserver.c (parse_keyserver_uri): Properly parse auth data
* gpgkeys_curl.c (main): New "follow-redirects" option. Takes an optional
* readline.m4: Make sure that readline is modern enough to understand
* libcurl.m4: OSX has a problem with their curl-config script.
* libcurl.m4: Rewrite this to use the new --protocols flag I gave to the
* configure.ac: Use new LIBCURL_CHECK_CONFIG macro for all libcurl stuff.
* gpgkeys_curl.c (main): Use new defines for opting out of certain
* keyserver.c (keyserver_typemap): Only map HTTP and FTP if libcurl has
Better implementation for the SRV check. We don't need to actually check
* packet.h, getkey.c (merge_selfsigs_main, sig_to_revoke_info), keyid.c
* configure.ac: Better implementation for the SRV check. We don't need to
* options.h, import.c (parse_import_options, delete_inv_parts): Add
* Makefile.am: Use @LIBUSB@ instead of @LIBUSB_LIBS@
* Makefile.am, libusb.m4: New libusb check macro.
* configure.ac: Use new GNUPG_CHECK_LIBUSB macro.
* g10.c (main): Typo.
* filter.h, armor.c (armor_filter): Use the eol string from the armor
* gpgkeys_curl.c (get_key): Newer versions of libcurl don't define TRUE.
* passphrase.c (readline, agent_send_option, agent_open,
* keyedit.c (keyedit_menu): Move command strings outside the function to
* gpgkeys_finger.c (connect_server): Use INADDR_NONE instead of
* http.c (connect_server): Use INADDR_NONE instead of SOCKET_ERROR.
* gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Part 1
* ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c,
* libcurl.m4: Use LIBCURL_CPPFLAGS and not LIBCURL_INCLUDES to match
* gpgkeys_curl.c (main): Only allow specified protocols to use the
* gpgkeys_curl.c: Fix typo.
* NEWS: Note --rfc2440-text import/export-unusable-sigs and
* gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL
* keyserver.c (free_keyserver_spec): Fix small leak.
* libcurl.m4: Note that FTPS existed, but wasn't fully
* configure.ac: Define FTPS flag if we're using curl, and FTPS is
* gpgkeys_ldap.c (print_nocr): New. (get_key): Call it here to
* libcurl.m4: All versions of curl-config support --feature.
* keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal
* keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
* keygen.c (do_generate_keypair): Write the auth key to the card
* ksutil.h: Up the default timeout to two minutes.
* http.c (connect_server): Fix fd leak when connecting to a round-robin
* gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
* NEWS: Fix typo.
* libcurl.m4: More comments.
* getkey.c (merge_selfsigs_subkey): Merged away definition from the
* gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
* gpg.sgml: Note that level 0 signatures are always accepted
* trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
Disable the "quick check" bytes for PK decryptions. This is in
* configure.ac: Add --enable-fake-curl option to help test no-curl HTTP.
* curl-shim.h, curl-shim.c: New. This is code to fake the curl API in
* curl-shim.c (curl_easy_perform): Fix compile warning.
* gnupg.spec.in: Fix problem with storing the gpgkeys helpers in
* keyedit.c (keyedit_menu): Only print the key signing hint when signing
* libcurl.m4: Use $LIBS instead of $LDFLAGS. This should help build
* delkey.c (do_delete_key, delete_keys): Fix problem with --expert
* keyserver.c (parse_keyserver_options): Accept honor-http-proxy as an
* ksutil.h, ksutil.c (init_ks_options, free_ks_options,
* ksutil.h, ksutil.c (ks_action_to_string): New. (free_ks_options): Only
* gpgkeys_ldap.c: Include lber.h if configure determines we need it.
* ldap.m4: New. Moved from configure.ac.
* configure.ac: Move the LDAP detecting code to m4/ldap.m4.
* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using
* options.h, keyserver.c (parse_keyserver_options, keyserver_spawn): Don't
* Makefile.am: Calculate GNUPG_LIBEXECDIR directly. Do not redefine
* ksutil.c (parse_ks_options): Handle verbose=nnn.
* getkey.c (get_seckey_byname2): If no explicit default key is set, don't
* ttyio.c (tty_enable_completion, tty_disable_completion): Enable and
* keyedit.c (command_generator, keyedit_completion) [HAVE_LIBREADLINE]:
* gpgkeys_ldap.c (main): Fix three wrong calls to fail_all(). Noted
* card-util.c (command_generator, card_edit_completion)
* readline.m4: Check for completion functionality.
* gpgv.c: Stubs for tty_enable_completion() & tty_disable_completion().
* gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from
* keyserver.c (keyserver_spawn): Don't mess about with the $PATH.
* exec.h, exec.c (set_exec_path): Remove some dead code and change all
* mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP)
Fix minor build problem on OSX (need a replacement for memrchr)
Check for memrchr()
* configure.ac: Add --disable-old-hkp option that can be used along
* gpgkeys_curl.c (main): If the http-proxy option is given without any
* curl-shim.h, curl-shim.c (curl_escape, curl_free): Emulate
* configure.ac: Remove --disable-old-hkp - use new HKP handler for
* curl-shim.h, curl-shim.c (handle_error, curl_easy_setopt,
* ksutil.h, ksutil.c (curl_writer), gpgkeys_curl.c (get_key): Pass a
* gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.
* keyserver.c (keyserver_spawn): Free some memory.
* mainproc.c (symkey_decrypt_seskey): There is no need to have an
* keyedit.c (sign_uids, keyedit_menu): When the user requests to sign
* distfiles: Add assuan.h.
* gnupg.spec.in: No longer any need to override libexecdir. The
* trustdb.h, keyedit.c (keyedit_menu, menu_select_uid_namehash): Allow
* libcurl.m4: Add a check for curl_free() since older versions of
* trustdb.h, trustdb.c (mark_usable_uid_certs): Add flags for the
* gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup and
* gpgkeys_http.c: Need GET defined.
* ksutil.h, ksutil.c: #ifdef so we can build without libcurl or
* gpg.sgml: Clarify --min-cert-level a bit.
* options.h, g10.c (main): Add new --default-sig-expire and
* keygen.c (keygen_set_std_prefs): Add SHA256 and BZip2 to default
* keygen.c (start_tree): New function to "prime" a KBNODE list.
Remove add_days_to_timestamp (unused)
* Makefile.am, packet.h, main.h, comment.c: Remove comment.c. We don't
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use the
* main.h, keygen.c (parse_expire_string, ask_expire_interval), sign.c
* keygen.c (write_selfsigs): Rename from write_selfsig. Write the same
* build-packet.c (do_comment): Removed. (build_packet): Ignore
* gpg.sgml: Document --default-sig-expire and --default-cert-expire,
* NEWS: Note command completion and the new curl-based HKP helper.
* g10.c (main): Default {export|import}-unusable-sigs to off until the
* trustdb.h, trustdb.c (clean_uids_from_key): New. Walk through the
* strgutil.c (set_native_charset) [_WIN32]: Add alias for codepage
* trustdb.h, trustdb.c (clean_subkeys_from_key): New. Walk through
* keyedit.c (menu_clean_uids_from_key, menu_clean_subkeys_from_key),
* ksutil.c [HAVE_DOSISH_SYSTEM]: Fix warnings on mingw32. Noted by Joe
* signal.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on mingw32.
* gpgkeys_hkp.c, gpgkeys_oldhkp.c: Add support for HKP servers that
* ksutil.c (init_ks_options, parse_ks_options): Provide a default "/"
* random.c: Fix prototype of the fast random gatherer. Noted by Joe
* options.h, g10.c (main), export.c (parse_export_options,
* getkey.c (fixup_uidnode, merge_selfsigs_main): Handle both expired
* dotlock.c [HAVE_DOSISH_SYSTEM]: Fix unused function warnings on mingw32.
* trustdb.c (clean_uids_from_key), keyedit.c
* keydb.h, kbnode.c (undelete_kbnode): New function to undelete a
* options.h, export.c (do_export_stream), keyedit.c (keyedit_menu,
* options.h, import.c (parse_import_options, delete_inv_parts):
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
* configure.ac: Add check for no-pointer-sign warning keyword, and
* keygen.c (save_unprotected_key_to_card): Fix gcc4 warning.
* keygen.c (save_unprotected_key_to_card): Better fix for gcc4 warning.
* gpg.sgml: Document --edit-key/clean, import-clean, and export-clean.
* NEWS: Note key cleaning commands.
* gpgkeys_hkp.c (append_path, send_key, get_key, search_key, main),
* http.c (send_request): Need == after the radix64-encoded basic auth
* http.c (send_request, http_open, http_open_document): Pass in auth
* http.h: Fix prototypes for http_open_document and http_open to pass
* gpgkeys_http.c (get_key), gpgkeys_oldhkp.c (send_key, get_key,
* libcurl.m4: Only do the OS X linker fix on Panther. Tiger has a
* memrchr.c (memrchr): Not all compilers allow initializing based on a
* http.c (make_radix64_string): Add '=' padding as per standard.
* http.h: Fix prototypes for http_open_document and http_open again,
* gpgkeys_http.c (get_key), gpgkeys_oldhkp (send_key, get_key,
* curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): Add
* gpgkeys_mailto.in, gpgkeys_test.in: Use @VERSION@ so version string
* trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around
* samplekeys.asc: Update 99242560.
* libcurl.m4: Check that our libcurl has curl_version_info(CURLINFO_NOW).
Typo.
CURLINFO_NOW -> CURLVERSION_NOW
* configure.ac: Add a define for FAKE_CURL.
* keyserver.c (curl_can_handle): New. Do a runtime check against libcurl
* gpgkeys_curl.c (get_key, main): Don't try and be smart about what
* options.h, g10.c (main), keyedit.c (keyedit_menu): Use --interactive
* keyedit.c (sign_uids): Don't prompt for setting signature expiry to
* NEWS, configure.ac: Switch over to using curl or fake-curl by
* keyserver.c (keyserver_typemap): Special-case LDAP since curl will
* gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show
Add gpg-zip, a la PGP Zip.
* keygen.c (start_tree): Need to use an actual packet type (which we
Revert bad patch.
* keygen.c (write_keyblock): Don't try and build deleted kbnodes since
* pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0.
* keygen.c (proc_parameter_file): Sanity check items in keygen batch
* gpg-zip.in: Add --decrypt functionality. Fix quoting so filenames
* ldap.m4: If a PATH is given to --with-ldap, bias directory
* g10.c (main), passphrase.c (set_passphrase_from_string): New
Missed keydb.h entry for set_passphrase_from_string
* Makefile.am: Include LDAP_CPPFLAGS when building LDAP.
* configure.ac: Remove hardcoded -I and -L for /usr/local on FreeBSD.
* ksutil.h, ksutil.c (parse_ks_options): New keyserver-option
* gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP.
* ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-name.
* options.skel: Remove the surfnet LDAP keyserver from the list of
* g10.c (main): Add aliases sign-with->local-user and user->recipient
* exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read):
* Makefile.am: No need to link with curl any longer.
* gnupg.spec.in: Distribute gpg-zip.
* gpg.sgml: Fix documentation for setpref/updpref, document
* ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and
* keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.
* misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing
* fileutil.c (untilde): New. Expand ~/foo and ~username/foo filenames
* photoid.c (generate_photo_id): Enable readline completion and tilde
* mpicoder.c (mpi_read): Fix minor bug in reading a zero-length MPI
* photoid.h, photoid.c (generate_photo_id): Allow passing in a
* parse-packet.c (enum_sig_subpkt, parse_signature,
* keyedit.c (show_names): Moved name display code out from
* main.h, misc.c (parse_options): Add the ability to have help
* keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attribute
* gpg.sgml: Note that --display-charset is just for display and
* getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),
* options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
* keyedit.c (keyedit_menu, menu_backsign): New "backsign" command to
* NEWS: Clarify the cURL keyserver changes, and add a note about gpg-zip.
* readline.m4: Check for rl_completion_func_t and rl_completion_matches.
* keygen.c (proc_parameter_file): Default key and subkey usage flags to
* keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
* gpg.sgml: Document backsign, --require-backsigs, and
* import.c (import_one): Do collapse_uids() before we do any cleaning
* trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in
* gpg.sgml: Clarify what is and isn't included in a "clean sigs".
Fix various build warnings reported by Joe Vender on MinGW.
* libusb.m4: Check for libusb-config and if we find it, use --libs and
* Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. Strictly
* options.skel: Add a section for --encrypt-to. This is Debian bug
* trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all
* options.h, import.c (parse_import_options, clean_sigs_from_all_uids,
* packet.h: Move some flags to a bitfield. Change all callers.
* packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c
* keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize"
* trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly
* trustdb.h, trustdb.c (clean_key): New function to handle key
* armor.c (parse_header_line): A fussy bit of 2440: header lines are
* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just
* NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal
* gpg.sgml: Clarify "xxxxx-clean" and "clean". Document
* free-packet.c (copy_secret_key): Copy secret key into secure memory
* main.h, keylist.c (print_revokers): New. Print the "rvk" designated
* Makefile.am: Some cleanup so we don't build files that are completely
* mkdtemp.c (mkdtemp): Fix warning.
* curl-shim.c (curl_easy_perform): Fix build warning (code before
* idea-stub.c (load_module): Not legal to return a void * as a function
Some cleanup so we don't build files that are completely ifdeffed out.
Missed file.
* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and CURLE_COULDNT_CONNECT.
* keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"
* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better language
* gpg.sgml: Document -d. Add [file] to a few options.
* options.h, keyserver.c (curl_cant_handle, keyserver_spawn,
* keyserver.c (keyserver_fetch): Switch on fast-import before we
* gpg.sgml: Document --fetch-keys.
* NEWS: Note --fetch-keys.
* ttyio.c (tty_enable_completion, tty_disable_completion): Add checks
* gpg.c (main): Don't default to import-options convert-sk-to-pk. It
* gpg.c (main): Restore convert-sk-to-pk as programs rely on it.
* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
* getkey.c (merge_selfsigs_main): All primary keys can certify.
* configure.ac: Split PKA checking off from DNS SRV checking.
* srv.c, Makefile.am: Only build srv.c if we need to.
New code to do DNS CERT queries.
* ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
* gpgv.c: Stub.
* keyserver.c (keyserver_import_pka): New. Moved from
* cert.c (get_cert): Properly chase down CNAMEs pointing to CERTs.
* sign.c (hash_for): Add code to detect if the sk lives on a smart
* sign.c (write_signature_packets): Lost a digest_algo line.
* mainproc.c (check_sig_and_print), keyserver.c
* keyserver.c (keyserver_refresh): Fix problem when more than one key
* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
* libcurl.m4: Remove GOPHER, as that is not supported in libcurl any
* libcurl.m4: Add IDN, SSPI, NTLM, and TFTP defines.
* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
* configure.ac: Add define for EXEEXT so we can find keyserver helpers
* keyserver.c (keyserver_spawn): Include the EXEEXT so we can find
* keyserver.c (parse_keyserver_uri): If there is a path present, set the
* cert.c (get_cert): Disable IPGP types for now until the format questions
* configure.ac: Try linking the UINT64_C test program (rather than
* http.c (send_request): A zero length proxy is the same as no proxy.
* keyserver.c (parse_keyserver_uri): Include the scheme in the uri
* gpgv.c: Stub keyserver_import_ldap.
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
* getkey.c (get_pubkey_byname): Fix minor security problem with PKA when
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
* gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allow
* options.h, keydb.h, g10.c (main), getkey.c (parse_auto_key_locate):
* options.h, gpg.c (main), mainproc.c (check_sig_and_print), keyserver.c
* options.h, keyserver.c (parse_keyserver_options): Remove
* gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on
* options.h, keyserver-internal.h, keyserver.c (keyserver_import_name),
* options.h, keyserver.c (add_canonical_option): New.
* gpg.c (add_notation_data): Fix reversed logic for isascii check when
* keyserver.c (parse_keyserver_uri, add_canonical_option): Always append
* ksutil.c (init_ks_options): Default include-revoked and include-subkeys
* options.c, gpg.c (main), keyserver.c (keyserver_spawn): No special
* keyserver.c (parse_keyserver_options): Only change max_cert if it is
* keydb.h, getkey.c (release_akl), gpg.c (main): Add
* gpg.sgml: Document new --keyserver syntax.
* options.skel: Document auto-key-locate and give a pointer to Simon
* configure.ac: Fix accidental enabling of SHA-384/512. Noted by Nelson
* getkey.c (parse_auto_key_locate): Error if the user selects "cert" or
* gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP
* mainproc.c (proc_compressed): "Uncompressed" is not a valid compression
* sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as that
* gpg.sgml: Document --auto-key-locate.
* NEWS: Note --auto-key-locate and that keyservers can handle binary data
* options.h, gpg.c (main, parse_trust_model), pkclist.c
* gpg.sgml: Document new way of enabling the PKA functions. Some minor
* gpg.sgml: Rename backsigs to cross-certification (backsigs is just
* NEWS: Note CERT retrieval. Tweak PKA and backsig language to match
* options.h, mainproc.c (check_sig_and_print), gpg.c (main):
* options.h, sign.c (mk_notation_policy_etc), gpg.c (add_notation_data):
* packet.h, build-packet.c (sig_to_notation), keygen.c
* packet.h, build-packet.c (sig_to_notation), keygen.c
* argparse.c (default_strusage): Update copyright year to 2006.
* mainproc.c (get_pka_address), keylist.c (show_notation): Remove
* keyedit.c (menu_set_notation): New function to set notations on
* gpg.sgml: Document "notation".
* build-packet.c (string_to_notation): Add ability to indicate a notation
* gpg.sgml: Clarify new notation delete feature.
* samplekeys.asc: Update 99242560 to have a signing subkey backsig.
* sig-check.c (signature_check2): Print the backsig warning when there
* main.h, import.c (import_one): Optionally return the fingerprint of
* keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work,
* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
* cert.c (get_cert): Handle the fixed IPGP type with fingerprint.
* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
* configure.ac: Allow the DNS stuff to work on OSX by trying the
* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if'
* configure.ac: Add --disable-endian-check for building fat binaries
* configure.ac: Improved --disable-endian-check that doesn't involve
* blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previous
* mainproc.c (get_pka_address): Fix bug introduced as part of
* getkey.c (parse_auto_key_locate): Silently strip out duplicates rather
* README: Missing some instructions on building a fat binary.
* gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they use
* cert.c (main): Fix test program build warning on OSX.
* README: Some more notes about building fat binaries.
* main.h, seskey.c (encode_md_value): Modify to allow a q size greater
Update copyright
* getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.
* make-dns-cert.c: New program to generate properly formatted CERT records
* make-dns-cert.c: Some changes from Peter Palfrader to send errors to
* memory.c (realloc): Fix compile problem with --enable-m-guard.
* getkey.c (parse_auto_key_locate): Fix dupe-removal code.
* gpg.sgml: Some typo fixes. This is Debian 361324.
* ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT
* gpgkeys_ldap.c (get_name): Build strings with strcat rather than
* gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote
* options.skel, photoid.c (get_default_photo_command): Find an image
* memory.c (realloc): Revert m_guard fix and stick an #error in there to
* miscutil.c (make_printable_string): Fix bug where some control
* gpg.sgml: Reminders that --cipher-algo, --digest-algo, and
* keyedit.c (menu_backsign): Give some more verbose errors when we
Add SHA-224 support
* sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512.
* gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
The plumbing necessary to create DSA keys with variable sized q.
(generate): Tweak to allow keys larger than 1024 bits. Enforce that the q
* options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
* make-dns-cert.c (main): Small exit code tweak from Peter Palfrader.
* keyserver.c: Fix build problem with platforms that stick libcurl in
* Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as
* gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.
* keyserver.c (path_makes_direct): New. (keyserver_spawn): Used here
(keyserver_import_cert): Show warning if there is a CERT fingerprint,
* NEWS: Note SHA-224 and DSA2.
* libcurl.m4: Fix mistaken AC_SUBST when curl is not found.
* getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
* import.c (import_one): Fix bug when importing a new key from a file.
* parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
* configure.ac: Add --disable-optimization. This is handy for debugging
* gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
* mksamplekeys: Incorporate new package signature key and minimize keys
* exec.c (make_tempdir): Fix bug with a temporary directory on Win32
* keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
* exec.c (make_tempdir) [_WIN32]: Modified to properly handle
Revert last. It is still wrong.
* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
* keygen.c (gen_card_key): Add optional argument to return a pointer
* import.c (import_one): Add a flag (from_sk) so we don't check prefs
* gpg.sgml: Note that --pgp8 does not include SHA224. Clarify that
* sign.c (do_sign): Accept a truncated hash even for DSA1 keys (be liberal
* options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs,
* gpg.sgml: Document --enable-dsa2, --disable-dsa2, and
* pkclist.c (algo_available): Automatically enable DSA2 mode when handling
* sign.c (sign_file): When signing with multiple DSA keys, one being DSA1
* keydb.h, pkclist.c (select_algo_from_prefs, algo_available): Pass a
* rsa.c (generate): Use e=65537 for new RSA keys.
* configure.ac: Fix resolver autoconf code so it works (fails)
* tar-ustar.m4: Pass tar data through strings so that greps that don't
* tar-ustar.m4: Not all greps know the -q (quiet) flag, so redirect to
* tar-ustar.m4: Use dd instead of strings as it's more likely to be
* gpgkeys_ldap.c (printquoted), curl-shim.c (curl_escape): Fix bad
* gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, send_key_keyserver):
* gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key,
* http.c (send_request): A zero-length proxy is the same as no proxy at
* curl-shim.c (curl_easy_perform): Minor cleanup of proxy code.
* Makefile.am: Fix missing include path for gpgkeys_finger (needs the
* gpgkeys_ldap.c (build_attrs), ksutil.c (ks_toupper, ks_strcasecmp),
Put in the basic wiring (just hextobyte for now) for a libcompat.a that
Move strsep() and ascii_isspace() to libcompat.
Add compat.h to distfiles
* strsep.c (strsep): It's strsep, not strsep2 from testing. (If I had
* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather than
* parse-packet.c (parse_symkeyenc): Show the unpacked as well as the
* gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see HTML
* gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change.
* configure.ac: --enable-minimal leaves out gettext and all resolver
Missing changelog entry
* options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add
* NEWS: Note the CVE for bug#728, --s2k-count, --passphrase-repeat,
* gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be present
* keyedit.c (menu_clean): Show "already minimized" rather than
* ksutil.c (classify_ks_search): Try and recognize a key ID even
* configure.ac: AM_CONDITIONAL must not be used inside an if/then.
* Makefile.am: Install options.skel via dist_pkgdata_DATA so that
* options.skel: Tweak some examples to match reality and update the
* configure.ac: Only check for libusb if we're building with card
* gpgkeys_hkp.c (send_key): Allow GPG to send any armored key line
* config.links: powerpc64* needs to come before powerpc* or it will
* libcurl.m4: Check for curl_easy_escape() and curl_easy_unescape().
* curl-shim.h, curl-shim.c, gpgkeys_hkp.c: Rename curl_escape() to
* keygen.c (make_backsig, write_direct_sig, write_selfsigs)
* main.h, keygen.c (ask_expiredate), keyedit.c (menu_expire): Remove
* sign.c (write_plaintext_packet): Take timestamp from outside.
* keyedit.c (sign_uids): Another multiple to single timestamp
* keygen.c (do_generate_keypair, proc_parameter_file,
* ttyio.c (do_get): Assume that anything read from the user without
* main.h, keygen.c (ask_expire_interval, parse_expire_string): Pass in
Missed one caller.
* http.c (do_parse_uri): Remove the hkp port 11371 detection. We
* gpgkeys_ldap.c (send_key): Missing a free().
* parse-packet.c (parse_signature): It's hex.
* keyedit.c (keyedit_menu): If we modify the keyblock (via
* gpgkeys_curl.c (main): Use curl_version_info to verify that the
* keyserver.c: Windows Vista doesn't grok X_OK and so fails access()
* parse-packet.c (parse_marker): New. Enforce that the marker
* configure.ac: QNX puts resolver functions in libsocket. From Sean
* argparse.c (default_strusage): Copyright 2007.
Use sysconf() when possible as not all platforms have getpagesize().
Don't build shmtest unless we have shm.
* gpg.c, pkclist.c: #include <strings.h> for strcasecmp if it is
Move some ascii_foo functions to libcompat
* gpgkeys_curl.c, gpgkeys_ldap.c, gpgkeys_hkp.c, ksutil.c: Rename all
* gpgkeys_hkp.c (main): Show curl or fake-curl version string.
* packet.h, mainproc.c (reset_literals_seen): New function to reset
* conventional.test, encrypt.test, encrypt-dsa.test,
* defs.inc (all_cipher_algos): New function to return all ciphers we
* sign.c (mk_notation_policy_etc): expect all sigs that this is called
Add Camellia. Do not enable this if you are not doing interop
* encode.c (encode_crypt): Missed one call to setup_plaintext_name().
* configure.ac: AM_PROG_CC_C_O is desired by automake 1.10 to do
* armor.c (is_armor_tag): New. Detect if an armor header matches
* defs.inc (all_hash_algos): See "all_cipher_algos", below.
* configure.ac: It seems that AM_GNU_GETTEXT doesn't like being run
* armor.c (parse_header_line): Improve test so that the header test
* gpg.c (main): Fix typo. Noted by John Clizbe.
* ldap.m4: If we don't find ldap or winldap, try for mozldap.
* gpgkeys_ldap.c (search_key, main): Fix bug where searching for foo
* gpgkeys_ldap.c: Fix build warning with mozldap.
* gpgkeys_ldap.c (main): Fix bug in setting up whether to verify peer
* ldap.m4: Revert the mozldap change: mozldap has some significant
* import.c (collapse_uids): Significant speedup for de-duping user
* configure.ac: Change various help messages to use AC_HELP_STRING.
* options.h, gpg.c (main), misc.c (compliance_option_string): Add
* misc.c (compliance_option_string, compliance_failure): Minor
* gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by default.
* gpg.c (main): Add --require-cross-certification to
* gpg.texi: Update from gnupg-2.
* README: Update notes about OSX Leopard.
* keyserver.c (keyserver_spawn): Cosmetic, but looks cleaner.
* parse-packet.c (parse_onepass_sig): Sigclass is hex, so include the
* NEWS: Say a bit more about RFC-4880. Note some defaults changing.
* gpg.c (print_algo_names): New. (list_config): Use it here for the
* defs.inc: Use new --list-config method to get cipher and digest
* sha256.c (sha224_get_info): 4880 has an error in the SHA-224 OID and
* sig-check.c (do_check): Code to try both the incorrect and correct
Add 128-bit variant of Camellia.
* trustdb.c (sanitize_regexp): New. Protect against dangerous regexps
* NEWS: Note SHA-224 typo.
* Makefile.am: Fix compile error when libcurl is in a nonstandard
* configure.ac: Post-release update.
* argparse.c (default_strusage): Update copyright date.
* configure.ac: Darwin's /bin/sh has a builtin echo that doesn't
* parse-packet.c (parse_key): Parse a secret key encrypted with
* import.c (collapse_uids): Fix bug 894: possible memory corruption
Fix email address
* configure.ac: Require curl 7.10 (Oct 1 2002) or later as we use
* getkey.c (merge_selfsigs_subkey): If there are multiple 0x19
* curl-shim.c (curl_easy_setopt): Minor tweak to match the real curl
* gpgkeys_curl.c (main), gpgkeys_hkp.c (main): Make sure all libcurl
Add Camellia-192.
* gpg-zip.1: Add man page thanks to Colin Tuckley and Daniel Leidert.
* configure.ac: Use printf for the most portable SVN version
* keyserver.c (keyserver_import_cert): Allow keyserver URLs in
* Makefile.am: Use $(CC) instead of "cc" to compile, as the user might
* pkclist.c (select_algo_from_prefs): Redo function to rank prefs and
* keyedit.c (keyedit_menu): Fix bug where a modified keyring loses its
* main.h, mainproc.c (check_sig_and_print), keylist.c
* configure.ac, acinclude.m4: Remove GNUPG_CHECK_DOCBOOK_TO_TEXI as we
* curl-shim.h (curl_version): No need to provide a version for
* trustdb.c (validate_one_keyblock): Fix the trust signature
* curl-shim.h, gpgkeys_curl.c, gpgkeys_hkp.c (main): Always show curl
* gpg.c (main): Properly handle UTF8 usernames with --sign-key and --lsign-key.
* gpgkeys_hkp.c (send_key, get_key, get_name, search_key, main): Add
* keyserver.c (keyserver_typemap): gpgkeys_hkp handles hkps as well.
* Makefile.am, http.c (start_server): Minor tweaks to get http-test
* http.c (do_parse_uri): Properly handle IPv6 literal addresses as per
* gpgv.c (strusage): Fix name of program in "Syntax" line.
* iobuf.c (fd_cache_synchronize): New. fsync() a file in cache.
* keyring.c (rename_tmp_file): Force a fsync (via iobuf_ioctl) on
* gpgkeys_hkp.c (main): Switch default port for SSLized HKP to 443
* Makefile.am: Make srv.c part of libcompat instead of libutil.
* http.c (connect_server): free (rather than xfree) the result of
* curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): Add
* srv.h: Move to include/srv.h.
Distribute srv.h
* gpgkeys_hkp.c (srv_replace): New function to transform a SRV
* gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather
Avoid caches to get the most recent copy of the key. This is bug
* gpgkeys_hkp.c (srv_replace): Fix build warning.
Remove Camellia restriction.
* Makefile.am (gpgkeys_hkp_LDADD): Need DNSLIBS for the resolver now
* gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the DNS-SD
* srv.c (getsrv): Fix type-punning warning. (main): Allow testing any
* keyserver.c (keyserver_import_ldap): Try a DNS-SD lookup to find a
* gpg.c (main): --pgp6 includes --disable-mdc.
Try and detect mis-coded Latin1 and convert it to UTF8. Whether the
* NEWS: Note Camellia and hkps.
* plaintext.c (handle_plaintext): Make sure that the stdout flush
* options.skel: Make the example for force-v3-sigs match reality (it
* armor.test: Tweak the bug 1179 test to only run if Twofish is
* pkclist.c (select_algo_from_prefs): Make sure the scores can't
* pkclist.c (select_algo_from_prefs): Slightly improve the handling of
* gpg.c (main): Do not provide a default for
* photoid.c (generate_photo_id): Check for the JPEG magic numbers
Use the longest key ID available when talking to a HKP server.
Refresh sample keys
Distribute dotlock.h
Changes to --min-cert-level should cause a trustdb rebuild (issue 1366)
Merge branch 'STABLE-BRANCH-1-4' of git+ssh://playfair.gnupg.org/git/gnupg into STABLE-BRANCH-1-4
Honor --cert-digest-algo when recreating a cert.
The keyserver search menu should honor --keyid-format
Refresh sample keys
Fix mksamplekeys awk to not leave out the whitespace altogether
Fix issue 1446: honor ports given in SRV responses.
Part of issue 1447: Pass proper Host header when SRV is used.
Issue 1447: Pass proper Host header and SNI when SRV is used with curl.
Fix DNS check for recent OS X releases
Emulate curl_easy_getinfo and CURLINFO_RESPONSE_CODE in curl-shim.
Differentiate between success (full or partial), not-found, and failure.
Frans Spiesschaert (1):
po: Update Dutch translation
Ineiev (2):
po: Update Russian translation
po: Update Russian translation
Jakub Bogusz (1):
po: Update Polish translation
Jedi Lin (2):
Update Chinese translation.
Update Chinese (traditional) translation
Joe Hansen (1):
po: Update Danish translation.
Joshua Rogers (1):
scd: fix get_public_key for OpenPGPcard v1.0.
Manuel \"Venturi\" Porras Peralta (1):
po: Update Spanish translation
Marcus Brinkmann (25):
* assuan-connect.c (assuan_pipe_connect): New function.
* assuan-connect.c (assuan_pipe_connect): Require NAME to be set.
* assuan.h: Prototype assuan_pipe_connect and assuan_pipe_disconnect.
2001-12-13 Marcus Brinkmann <marcus at gnu.org>
assuan/
2001-12-14 Marcus Brinkmann <marcus at g10code.de>
Change history, doubleplusgood.
assuan/
The last log had an incorrect changelog entry, and was missing a fix.
2002-01-22 Marcus Brinkmann <marcus at g10code.de>
2002-02-01 Marcus Brinkmann <marcus at g10code.de>
2002-02-01 Marcus Brinkmann <marcus at g10code.de>
2002-04-24 Marcus Brinkmann <marcus at g10code.de>
2002-04-25 Marcus Brinkmann <marcus at g10code.de>
2002-04-25 Marcus Brinkmann <marcus at g10code.de>
2002-04-25 Marcus Brinkmann <marcus at g10code.de>
2002-09-04 Marcus Brinkmann <marcus at g10code.de>
Fix small typo in comment.
Update error handling to match gpg-error in CVS.
2004-04-02 Thomas Schwinge <schwinge at nic-nac-project.de>
2004-08-18 Marcus Brinkmann <marcus at g10code.de>
2005-10-02 Marcus Brinkmann <marcus at g10code.de>
2006-05-22 Marcus Brinkmann <marcus at g10code.de>
2006-07-29 Marcus Brinkmann <marcus at g10code.de>
2008-02-09 Marcus Brinkmann <marcus at g10code.de>
Milo Casagrande (1):
po: Update Italian translation.
NIIBE Yutaka (12):
Card: Fix the process of writing key or generating key.
gpg: signal handling fix
gpg: fix previous change
gpg: release DEK soon after its use.
mpi: Avoid data-dependent timing variations in mpi_powm.
g10: fix cmp_public_key and cmp_secret_keys.
g10: Improve handling of no corresponding public key.
g10: detects public key encryption packet error properly.
g10: Fix a race condition initially creating trustdb.
g10: Fix a race condition initially creating trustdb.
po: Fix Spanish translation
po: Update Japanese translation.
Neal Walfield (5):
2002-09-03 Neal H. Walfield <neal at cs.uml.edu>
2002-09-04 Neal H. Walfield <neal at g10code.de>
2002-09-03 Neal H. Walfield <neal at g10code.de>
2002-09-04 Neal H. Walfield <neal at g10code.de>
2002-09-04 Neal H. Walfield <neal at g10code.de>
Repo Admin (1):
New repository initialized by cvs2svn.
Roman Pavlik (1):
po: Update Czech translation
Stefan Bellon (21):
removed pragma for RISC OS
RISC OS changes due to dynload removal
RISC OS changes because of dynload removal
tidying up RISC OS stuff
use of EXTSEP_S
updated RISC OS stuff
trustdb checks/updates after import
added trustdb update/check for stream import as well
avoid function clone
added fast-import to import-options
filetype support for RISC OS
tidied RISC OS filetype support
added RISC OS module loading support
fixed type incompatibility
no RISC OS filetype needed for nooutput
fixed typo
fixed type problem
cleaned up RISC OS code and removed lots of unnecessary stuff
Only use ZLib module on RISC OS when configured
fix type incompatibility
change back skey to unsigned and cast instead
Stefan Tomanek (1):
Screen keyserver responses.
Thomas Klausner (1):
Handle systems which have uint64_t but not the UINT64_C macro.
Timo Schulz (12):
Removed old keyserver (daemon) code.
2002-07-22 Timo Schulz <ts at winpt.org>
2002-08-02 Timo Schulz <ts at winpt.org>
2002-08-16 Timo Schulz <ts at winpt.org>
2002-10-18 Timo Schulz <ts at winpt.org>
2002-12-22 Timo Schulz <ts at winpt.org>
2003-09-21 Timo Schulz <twoaday at freakmail.de>
2003-09-28 Timo Schulz <twoaday at freakmail.de>
2003-09-28 Timo Schulz <twoaday at freakmail.de>
2003-10-04 Timo Schulz <twoaday at freakmail.de>
2004-10-03 Timo Schulz <twoaday at g10code.de>
2004-11-03 Timo Schulz <twoaday at g10code.com>
Werner Koch (1393):
initially checkin
Output armor works, RSA keygen works.
Armor works now
compress stuff implemented
IDEA removed, signing works
ElGamal funktioniert und ist default
changed the dir layout
added assembler modules
How with some assembly support
Improved prime number test
List and check sigs works
Sicherung
detached signatures are working
fingerprints and self signatures added
added option file handling
added some stuff for signing keys
better prime number generator. improved ELG key generation
very first release
Now created by config.links
changed configuration stuff, replaced some Makefile.am by distfiles.
Sylvester Version
added more stuff
NT version compiles
NT version compiles
distributed version 0.1.0
Bug in blowfish behoben
patch release 0.1.1
patchlevel 2
started with trust stuff
*** empty log message ***
*** empty log message ***
added some trust model stuff
backup
Trust stuff works partly.
Ready to test version 0.2.0
rel 0.2.0
added initial i18n stuff
Rewritten
Utility to make a pacth file
moved stuff to aclocal.m4
version 0.2.1
*** empty log message ***
VPATH stuff works
tenp (does not work)
added
*** empty log message ***
auf tobold
changed structure of trustdb
Fixed a few bugs
armor rewritten, but still buggy
I believe clearsig works
removed aclocal
release 0.2.3
a couple of changes; but some parts are now broken
bug fixes
added zlib and reorgnaized some stuff
added assembler stuff for hppa
added option export
some import functionality
revomoved subdir .g10
new files
removed password from key two
import works
added revcation stuff and fixed a couple of bugs
rel 0.2.7 mit kleines Korrekturen
Renamed to GNUPG
release 0.2.9
bug fixes
v0.2.11
removed g10maint.c
partial DSA support
Rewrote the transform function
NEw test keyrings
some cleanups
release 0.2.14
started with keyserver
cast5 does now work
cipher reorganisiert
*** empty log message ***
test file
New tests
test release
new release
applied Mathews typo and grammar fixes
vor muenchen
*** empty log message ***
missing
changes from laptop
New keys
NEw
*** empty log message ***
*** empty log message ***
x
xxx
Aenderungen in der Eifel
fixed passphrase bug from 0.2.16
fixed last passphrase bug
new release
add DSA key generation
can create v4 signatures
new release
add-key works
*** empty log message ***
add a challenge
Sicherung
.
update from tobold
.
a whole bunch of internal cleanups
gnupg extension are now working
extensions are now working and fixed a lot of bugs
some more internall structure changes
nearly ready for 0.3.0
0.3 ready
bug fixes
textual changes
partly added creation of OP partial length headers
intermediate release
Chnaged version
*** empty log message ***
Added new key infos
fixed clearsig stuff
fixed severe exploit
fixed types, added new translations.
sync
sync
changed trustdb design
edit-key is now complete
started with shm coprocesses
add coprocess facility
intermediate check in
*** empty log message ***
add salted and iterated mode
chnages done at the train
new
ready for a new release
rel 0.3.3
bug fix release
new
Chnages.
*** empty log message ***
.
.
Updates
New release
version 0.3.5
.
Michael Roth has released is des impl.
.
.
*** empty log message ***
*** empty log message ***
*** empty log message ***
windoze version works again
a new release
backup
last local commit
test
test 2
Removed some trash
.
Snapshot release 0.4.2
Epxerimenta support for GDBM keyings.
some random changes
(Does not compile yet)
overhauled the trustdb stuff
ready to release 0.4.3
Some bug fixes of the last release
Not yet completed changes to support PPC
See ChangeLog ;-). Key validation should now be faster
Spanish laguage support (es_ES)
some bug fixes
Expiration time works (I hope so)
Ready for version 0.4.4
Restructured the RNG source and add support for loadable
Some experimental support for other random gatheres
*** empty log message ***
See ChangeLog: Fri Nov 27 12:39:29 CET 1998 Werner Koch
See ChangeLog: Fri Nov 27 15:30:24 CET 1998 Werner Koch
See ChangeLog: Fri Nov 27 21:37:41 CET 1998 Werner Koch
See ChangeLog: Tue Dec 8 13:15:16 CET 1998 Werner Koch
See ChangeLog: Tue Dec 8 15:09:29 CET 1998 Werner Koch
See ChangeLog: Wed Dec 9 13:41:06 CET 1998 Werner Koch
See ChangeLog: Thu Dec 10 20:15:36 CET 1998 Werner Koch
See ChangeLog: Sat Dec 12 18:40:32 CET 1998 Werner Koch
See ChangeLog: Sun Dec 13 14:10:56 CET 1998 Werner Koch
See ChangeLog: Mon Dec 14 21:18:49 CET 1998 Werner Koch
See ChangeLog: Thu Dec 17 18:31:15 CET 1998 Werner Koch
See ChangeLog: Wed Dec 23 13:34:22 CET 1998 Werner Koch
See ChangeLog: Wed Dec 23 17:12:24 CET 1998 Werner Koch
See ChangeLog: Tue Dec 29 14:41:47 CET 1998 Werner Koch
See ChangeLog: Tue Dec 29 19:55:38 CET 1998 Werner Koch
See ChangeLog: Sun Jan 3 15:28:44 CET 1999 Werner Koch
See ChangeLog: Thu Jan 7 18:00:58 CET 1999 Werner Koch
See ChangeLog: Sat Jan 9 16:02:23 CET 1999 Werner Koch
See ChangeLog: Sat Jan 9 18:54:57 CET 1999 Werner Koch
See ChangeLog: Sat Jan 9 20:00:11 CET 1999 Werner Koch
See ChangeLog: Sun Jan 10 15:10:02 CET 1999 Werner Koch
See ChangeLog: Sun Jan 10 19:36:42 CET 1999 Werner Koch
See ChangeLog: Tue Jan 12 11:17:18 CET 1999 Werner Koch
See ChangeLog: Wed Jan 13 12:49:36 CET 1999 Werner Koch
See ChangeLog: Wed Jan 13 14:10:15 CET 1999 Werner Koch
See ChangeLog: Sat Jan 16 09:27:30 CET 1999 Werner Koch
See ChangeLog: Sat Jan 16 12:03:27 CET 1999 Werner Koch
See ChangeLog: Sat Jan 16 21:25:17 CET 1999 Werner Koch
See ChangeLog: Sun Jan 17 11:04:33 CET 1999 Werner Koch
See ChangeLog: Tue Jan 19 19:34:58 CET 1999 Werner Koch
See ChangeLog: Wed Jan 20 18:59:49 CET 1999 Werner Koch
See ChangeLog: Thu Jan 21 06:22:10 CET 1999 Werner Koch
See ChangeLog: Sun Jan 24 18:16:26 CET 1999 Werner Koch
See ChangeLog: Wed Feb 10 17:15:39 CET 1999 Werner Koch
removed gettext
See ChangeLog: Sat Feb 13 12:14:42 CET 1999 Werner Koch
See ChangeLog: Sat Feb 13 14:13:04 CET 1999 Werner Koch
See ChangeLog: Tue Feb 16 14:10:02 CET 1999 Werner Koch
See ChangeLog: Fri Feb 19 15:49:15 CET 1999 Werner Koch
See ChangeLog: Fri Feb 19 18:01:54 CET 1999 Werner Koch
See ChangeLog: Sat Feb 20 21:40:49 CET 1999 Werner Koch
See ChangeLog: Mon Feb 22 20:04:00 CET 1999 Werner Koch
*** empty log message ***
*** empty log message ***
See ChangeLog: Wed Feb 24 11:07:27 CET 1999 Werner Koch
*** empty log message ***
See ChangeLog: Thu Feb 25 18:47:39 CET 1999 Werner Koch
See ChangeLog: Fri Feb 26 17:55:41 CET 1999 Werner Koch
See ChangeLog: Sun Feb 28 19:11:00 CET 1999 Werner Koch
See ChangeLog: Tue Mar 2 10:38:42 CET 1999 Werner Koch
See ChangeLog: Tue Mar 2 16:44:57 CET 1999 Werner Koch
*** empty log message ***
add some demo keys
See ChangeLog: Mon Mar 8 20:47:17 CET 1999 Werner Koch
See ChangeLog: Mon Mar 8 21:28:42 CET 1999 Werner Koch
See ChangeLog: Mon Mar 8 21:53:47 CET 1999 Werner Koch
See ChangeLog: Wed Mar 10 11:26:18 CET 1999 Werner Koch
See ChangeLog: Thu Mar 11 16:39:46 CET 1999 Werner Koch
See ChangeLog: Sun Mar 14 19:34:36 CET 1999 Werner Koch
See ChangeLog: Wed Mar 17 13:09:03 CET 1999 Werner Koch
See ChangeLog: Sat Mar 20 11:53:40 CET 1999 Werner Koch
See ChangeLog: Sat Mar 20 12:55:33 CET 1999 Werner Koch
See ChangeLog: Sat Mar 20 13:59:47 CET 1999 Werner Koch
See ChangeLog: Sat Mar 20 18:03:17 CET 1999 Werner Koch
./BUGS
See ChangeLog: Tue Apr 6 19:58:12 CEST 1999 Werner Koch
See ChangeLog: Wed Apr 7 20:51:39 CEST 1999 Werner Koch
See ChangeLog: Thu Apr 8 09:35:53 CEST 1999 Werner Koch
See ChangeLog: Fri Apr 9 12:26:25 CEST 1999 Werner Koch
See ChangeLog: Sun Apr 18 10:11:28 CEST 1999 Werner Koch
See ChangeLog: Sun Apr 18 20:48:15 CEST 1999 Werner Koch
See ChangeLog: Mon Apr 26 17:48:15 CEST 1999 Werner Koch
See ChangeLog: Wed Apr 28 13:03:03 CEST 1999 Werner Koch
See ChangeLog: Thu Apr 29 12:29:22 CEST 1999 Werner Koch
See ChangeLog: Tue May 4 15:49:29 CEST 1999 Werner Koch
See ChangeLog: Thu May 6 14:18:17 CEST 1999 Werner Koch
.
See ChangeLog: Sat May 8 19:28:33 CEST 1999 Werner Koch
See ChangeLog: Mon May 17 21:54:43 CEST 1999 Werner Koch
See ChangeLog: Wed May 19 16:04:30 CEST 1999 Werner Koch
See ChangeLog: Thu May 20 14:04:08 CEST 1999 Werner Koch
See ChangeLog: Sat May 22 22:47:26 CEST 1999 Werner Koch
See ChangeLog: Sun May 23 14:20:22 CEST 1999 Werner Koch
*** empty log message ***
*** empty log message ***
*** empty log message ***
mkwebpage
mkwebpage
See ChangeLog: Sun May 23 20:25:57 CEST 1999 Werner Koch
See ChangeLog: Tue May 25 19:50:32 CEST 1999 Werner Koch
See ChangeLog: Wed May 26 14:36:29 CEST 1999 Werner Koch
See ChangeLog: Thu May 27 09:40:55 CEST 1999 Werner Koch
See ChangeLog: Mon May 31 19:41:10 CEST 1999 Werner Koch
See ChangeLog: Tue Jun 1 16:01:46 CEST 1999 Werner Koch
See ChangeLog: Wed Jun 2 14:17:19 CEST 1999 Werner Koch
See ChangeLog: Sat Jun 5 15:30:33 CEST 1999 Werner Koch
See ChangeLog: Tue Jun 8 13:36:25 CEST 1999 Werner Koch
See ChangeLog: Thu Jun 10 14:18:23 CEST 1999 Werner Koch
See ChangeLog: Tue Jun 15 14:23:10 CEST 1999 Werner Koch
See ChangeLog: Wed Jun 16 20:16:21 CEST 1999 Werner Koch
See ChangeLog: Sat Jun 26 12:15:59 CEST 1999 Werner Koch
See ChangeLog: Sat Jun 26 13:54:43 CEST 1999 Werner Koch
See ChangeLog: Tue Jun 29 21:44:25 CEST 1999 Werner Koch
See ChangeLog: Thu Jul 1 12:47:31 CEST 1999 Werner Koch
See ChangeLog: Fri Jul 2 11:45:54 CEST 1999 Werner Koch
See ChangeLog: Wed Jul 7 13:23:40 CEST 1999 Werner Koch
See ChangeLog: Thu Jul 8 16:21:27 CEST 1999 Werner Koch
See ChangeLog: Mon Jul 12 14:55:34 CEST 1999 Werner Koch
See ChangeLog: Mon Jul 12 18:45:57 CEST 1999 Werner Koch
See ChangeLog: Tue Jul 13 17:39:25 CEST 1999 Werner Koch
See ChangeLog: Wed Jul 14 19:42:08 CEST 1999 Werner Koch
See ChangeLog: Thu Jul 15 10:15:35 CEST 1999 Werner Koch
See ChangeLog: Thu Jul 22 20:03:03 CEST 1999 Werner Koch
See ChangeLog: Fri Jul 23 13:53:03 CEST 1999 Werner Koch
.
See ChangeLog: Mon Jul 26 09:34:46 CEST 1999 Werner Koch
See ChangeLog: Mon Jul 26 15:46:23 CEST 1999 Werner Koch
See ChangeLog: Wed Aug 4 10:34:46 CEST 1999 Werner Koch
See ChangeLog: Mon Aug 30 20:38:33 CEST 1999 Werner Koch
See ChangeLog: Tue Aug 31 17:20:44 CEST 1999 Werner Koch
See ChangeLog: Wed Sep 1 15:30:44 CEST 1999 Werner Koch
See ChangeLog: Thu Sep 2 16:40:55 CEST 1999 Werner Koch
oops, found two serious problems after setting version to .11;
See ChangeLog: Fri Sep 3 10:06:06 CEST 1999 Werner Koch
*** empty log message ***
See ChangeLog: Mon Sep 6 19:59:08 CEST 1999 Werner Koch
Sorry, I broke des.c
See ChangeLog: Tue Sep 7 16:23:36 CEST 1999 Werner Koch
See ChangeLog: Tue Sep 7 17:08:10 CEST 1999 Werner Koch
See ChangeLog: Tue Sep 7 18:44:05 CEST 1999 Werner Koch
See ChangeLog: Mon Sep 13 10:55:14 CEST 1999 Werner Koch
See ChangeLog: Wed Sep 15 16:22:17 CEST 1999 Werner Koch
See ChangeLog: Wed Sep 15 17:57:13 CEST 1999 Werner Koch
See ChangeLog: Fri Sep 17 12:56:42 CEST 1999 Werner Koch
Setup development branch
See ChangeLog: Sat Sep 18 12:16:08 CEST 1999 Werner Koch
Changed the way it works - now needs an extra program to to most tasks.
See ChangeLog: Tue Oct 26 14:10:21 CEST 1999 Werner Koch
See ChangeLog: Tue Oct 26 20:03:44 CEST 1999 Werner Koch
See ChangeLog: Thu Oct 28 16:17:46 CEST 1999 Werner Koch
See ChangeLog: Sat Nov 13 17:44:23 CET 1999 Werner Koch
See ChangeLog: Mon Nov 15 21:36:02 CET 1999 Werner Koch
See ChangeLog: Fri Nov 19 17:15:20 CET 1999 Werner Koch
See ChangeLog: Wed Dec 8 21:58:32 CET 1999 Werner Koch
See ChangeLog: Thu Dec 9 17:22:27 CET 1999 Werner Koch
See ChangeLog: Fri Dec 31 12:48:31 CET 1999 Werner Koch
See ChangeLog: Fri Dec 31 14:06:56 CET 1999 Werner Koch
See ChangeLog: Mon Jan 24 13:04:28 CET 2000 Werner Koch
Add files to new directory.
See ChangeLog: Mon Jan 24 22:24:38 CET 2000 Werner Koch
See ChangeLog: Thu Jan 27 18:00:44 CET 2000 Werner Koch
See ChangeLog: Mon Jan 31 16:37:34 CET 2000 Werner Koch
See ChangeLog: Mon Jan 31 17:48:10 CET 2000 Werner Koch
Started with gcrypt manual
Add some libgcrypt dox
See ChangeLog: Mon Feb 21 22:43:01 CET 2000 Werner Koch
See ChangeLog: Mon Mar 13 19:22:46 CET 2000 Werner Koch
See ChangeLog: Fri Mar 24 11:25:45 CET 2000 Werner Koch
See ChangeLog: Thu May 25 18:39:11 CEST 2000 Werner Koch
See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner Koch
See ChangeLog: Mon Jul 17 16:35:47 CEST 2000 Werner Koch
See ChangeLog: Tue Jul 25 17:44:15 CEST 2000 Werner Koch
See ChangeLog: Fri Jul 28 18:19:11 CEST 2000 Werner Koch
See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch
See ChangeLog: Fri Aug 18 14:27:14 CEST 2000 Werner Koch
See ChangeLog: Mon Aug 21 17:59:17 CEST 2000 Werner Koch
See ChangeLog: Tue Aug 22 14:31:15 CEST 2000 Werner Koch
See ChangeLog: Mon Sep 18 16:35:45 CEST 2000 Werner Koch
See ChangeLog: Wed Oct 4 13:16:18 CEST 2000 Werner Koch
See ChangeLog: Fri Oct 6 14:29:16 CEST 2000 Werner Koch
Added the arcfour cipher which is of use for GNUTLS.
Changed keyring handling - saving still does not work.
configuraton changes, make dist should work now.
Ooops, forgot to add this one.
This was missing in HEAD.
Add features packet and fixes MIPS3.
Some configuration changes
About to release 1.1.2
Removed files from the HEAD revision, because they are now in another
Removed libgcrypt doc files
Removed the libgcrypt stuff and started to modify the source to work with
Does now work with libgcrypt
Add more warnings
Created configuration files
First chunk of code for the Assuan library
gpgsm does now build and a dummy server can be started.
Assuan server mode is now basically usable
Implemented server main loop and started with import command.
Started with keybox implementation by basing it on code from the GnuPG
we are now able to check self-signed certificates
We now need a way to store keys
A Makefile is a pretty useful thing
We have reached a state where we are able to import certs and
Base code for gpgsm --verify does work
gpgsm --verify does now work like gpg including the
Allow to store an arbitrary pointer in the context.
Write status output, make verify work in server mode.
Added code for data lines. For ease of implementation we need glibc
Added basic code for keylisting.
Added new file to please Jan
Map Libksba's OIDs to Libgcrypt digest algo numbers.
Just a Backup. We can now write out a basic signature which in turn
Signing does now work. There is no secret key management yet, so you
Added new directory common to enable sharing of some code and error
Mpfrh
Friedman is setting up his desk
* assuan-buffer.c (_assuan_read_line): Deal with reads of more
* assuan-connect.c (assuan_get_pid): New - actually done by Marcus in gpgme.
Add a copyright note to the bottom
Introduced the keygrip
As promised a agent which already does some things. Not very useful
* assuan-handler.c (assuan_register_bye_notify)
(assuan_process): Moved bulk of function to ..
The agent does now work and read the secret keys from the directory
* assuan.h: Added more status codes.
More error codes
* keydb.c (keydb_add_resource): Create keybox
* gpgsm.c: New option --agent-program
* assuan-handler.c (assuan_register_input_notify): New.
* base64.c: New. Changed all other functions to use this instead
--armor does now produce PEM format.
assuan-connect.c (assuan_pipe_connect): Add more error reporting.
New error codes and another mapping fnc.
Started with decryption stuff
Added decryption, some code cleanup
added test certificate and secret key
More error codes
Decryption does now work
The Agent does now call the pin entry program; however because we have
--encrypt does now work for a hardwired key.
new error codes
New searchmode and hack to allow a hex encoded serial number
Implemented encryption in server mode.
* assuan-connect.c (assuan_pipe_connect): Implemented the inital
* gpgsm.c (main): New options --assume-{armor,base64,binary}.
Fixed INPUT/OUTPUT command
Made decryption work in --server mode, allow output of plain base64,
Now that the DN encoding works more correct, we have to update the
* keybox-search.c (blob_cmp_name): Kludge to allow searching for
* keylist.c (list_cert_colon): Print alternative names of subject
* keylist.c (list_cert_colon): Print alternative names of subject
Fixed test key
Fixed test key
* sign.c (get_default_signer): Use keydb_classify_name here.
* util.h (digitp, hexdigitp): New ctype like macros.
* util.h (digitp, hexdigitp): New ctype like macros.
* gpg-agent.c (main): New option --batch. New option --debug-wait
* gpgsm.c (main): New option --debug-wait n, so that it is
* assuan-listen.c (assuan_close_input_fd): New.
* verify.c (gpgsm_verify): Add hash debug helpers
* keybox-blob.c (x509_email_kludge): New.
* keylist.c (list_cert_colon): Kludge to show an email address
* decrypt.c (gpgsm_decrypt): Write STATUS_DECRYPTION_*.
* keybox-search.c (blob_cmp_name): There is no terminating 0 stored
* gpgsm.c (main): Renamed the default key database to "keyring.kbx".
Changes to be used with the new libksba interface.
* Makefile.am (AM_CPPFLAGS): Add flags for libksba
* keyformat.txt: New.
* keybox-blob.c (_keybox_create_x509_blob): Skip the leading
* base64.c (base64_reader_cb): Try to detect an S/MIME body part.
* maperror.c (map_gcry_err): Add some mappings.
* keybox-blob.c (_keybox_create_x509_blob): Skip the leading
* verify.c (gpgsm_verify): Implemented non-detached signature
* genkey.c: Store the secret part and return the public part.
* assuan-handler.c (assuan_set_okay_line): New.
*** empty log message ***
* base64.c (gpgsm_create_writer): Allow to set the object name
new error codes
* maperror.c (map_assuan_err): Codes for CRL
* call-dirmngr.c: New.
* fingerprint.c (gpgsm_get_certid): Print the serialand not the
* assuan-client.c (_assuan_read_from_server): Skip spaces after
* call-dirmngr.c (inq_certificate): Changed for new interface semantic.
* trustlist.c: New.
* maperror.c: Add mapping for Not_Trusted.
* keybox-search.c (blob_cmp_fpr): New.
* import.c (gpgsm_import): Just do a basic cert check before
* gpg-agent.c: Removed unused cruft and implement the socket
* assuan-buffer.c (_assuan_read_line): Add output logging.
More error codes and mappings
* server.c (gpgsm_server): Use assuan_deinit_server and setup
* sysutils.c: New. This is the misc.c file from gnupg 1.0.6 with
* gpg-agent.c (main): Disable core dumps.
* command.c (cmd_get_passphrase): Remove the plus signs.
* assuan.h: Added Invalid Option error code.
* server.c (option_handler): New.
* assuan-connect.c: Move all except assuan_get_pid to...
* keybox-search.c (keybox_search): Allow KEYDB_SEARCH_MODE_FPR20.
* gpgsm.c: Add option --enable-crl-checks.
* certpath.c (unknown_criticals): New.
* certpath.c (gpgsm_validate_path): Print the DN of a missing issuer.
* mkdtemp.c: Copied from gnupg-1.0.6c and changed to use libgcrypt.
* assuan-socket-connect.c (LOGERRORX): and removed typo.
* gpgsm.c (main): Disable core dumps.
* scdaemon.c scdaemon.h, command.c: New. Based on the code from
Updated copyright notices
* certreqgen.c (create_request): Store the email address in the req.
* findkey.c (agent_key_available): New.
* call-agent.c (gpgsm_agent_havekey): New.
A few test certificates
* genkey.c (store_key): Protect the key.
Added a few more error codes
* cache.c: Add a few debug outputs.
* cache.c (housekeeping): Fixed linking in the remove case.
* decrypt.c (gpgsm_decrypt): Bail out after an decryption error.
* certlist.c (gpgsm_add_to_certlist): Check that the specified
Set version numbers add a comment
* assuan-buffer.c (writen,readline) [USE_GNU_PT]: Use pth_read/write.
* fopencookie.c: Dummy function.
* command.c (cmd_marktrusted): Implemented.
A bunch of new features. Allow empty responses on an inquiry.
More error codes
Some experimental code - don't use it.
* certpath.c (gpgsm_validate_path): Ask the agent to add the
* findkey.c (unprotect): Show an error message for a bad passphrase.
* certpath.c (check_cert_policy): New.
* keybox-search.c (blob_cmp_mail): Use case-insensitive compare
* server.c (option_handler): Allow to use -2 for "send all certs
* assuan-client.c (assuan_transact): Add 2 more arguments to
Changes needed to support smartcards. Well, only _support_. There is
Added more code fragments.
* pksign.c (agent_pksign): Detect whether a Smartcard is to be
Minor fixes; about to release 0.3.1
* gpgsm.c, gpgsm.h: Add local_user.
Signing using a PKCS15 smartcard does work. How to create such a card
This file was missing.
Well and some stuff to access the SC will be helpful. Note, that the
We got more error codes than actual code ;-)
Decryption using a Cryptoflex card does now work.
* assuan-client.c (_assuan_read_from_server): Detect END.
sm/
* server.c (cmd_listkeys, cmd_listsecretkeys): Divert to
* verify.c (gpgsm_verify): Detect certs-only message.
More error codes
* decrypt.c (gpgsm_decrypt): Allow multiple recipients.
Doc fixes, moved some fizmes to TODO, fixed minor bugs.
More stuff for SCs - don't expect them to work.
Added missing file
* export.c: New.
* divert-scd.c (encode_md_for_card): Don't do the pkcs-1 padding,
* card.c (card_open, card_close): Adjusted for changes in OpenSC.
* keylist.c (list_cert_colon): Fixed listing of crt record; the
* certpath.c (gpgsm_walk_cert_chain): Be a bit more silent on
yet another test certificate
* protect-tool.c (show_file): New. Used as default action.
* assuan-buffer.c (my_log_prefix): New. Use it for all i/o debug output.
* card.c (card_open): Return immediately when no reader is available.
* certlist.c (cert_usable_p): New.
* scdaemon.c: New option --debug-sc N.
* cryptmiss.c: New.
* command.c (cmd_pksign, cmd_pkdecrypt): Use a copy of the key ID.
* certpath.c (find_up): New to use the authorithKeyIdentifier.
* gpgsm.c (main): Check ksba version.
released 0.3.5
* certreqgen.c (gpgsm_genkey): Write status output on success.
* call-agent.c (start_agent): Make copies of old locales and check
Debug message cleanups.
Debug message cleanups.
* certpath.c (gpgsm_validate_path): Added EXPTIME arg and changed
* errors.h: Added STARUS_EXPSIG and STATUS_EXPKEYSIG.
sm/
* import.c (gpgsm_import): Try to identify the type of input and
* keylist.c (list_internal_keys): Renamed from gpgsm_list_keys.
* mkdtemp.c: Replaced byte by unsigned char because it is no longer
* assuan-util.c (assuan_set_io_func): New.
* no-pth.c, Makefile.am: Removed.
* import.c (gpgsm_import): Add error messages.
* gpgsm.c (main): Don't print the "go ahead" message for an
* gpgsm.c (main): New command --list-sigs
* sign.c (hash_and_copy_data): New.
* protect-tool.c: Add command --show-keygrip
Various changes.
* gpgsm.c (open_fwrite): New.
* call-dirmngr.c (lookup_status_cb): New.
* gpgsm.c (main): New option --log-file.
Fixed last fix.
* card-dinsig.c: Documented some stuff from the DIN norm.
* agent.h: Add a callback function to the pin_entry_info structure.
* certreqgen.c (read_parameters): Improved error handling.
* keybox-init.c (keybox_set_ephemeral): New.
* call-agent.c (learn_cb): Use log_info instead of log_error on
* certlist.c (gpgsm_add_to_certlist): Fixed locating of a
* gpgsm.c, gpgsm.h: New option --debug-no-path-validation.
* certdump.c (print_dn_part): Always print a leading slash,
* protect-tool.c (rsa_key_check): New.
* assuan-buffer.c (assuan_write_line): Make sure we never
* maperror.c (map_to_assuan_status): Map EOF to No_Data_Available.
* import.c (gpgsm_import): Print an STATUS_IMPORTED.
* Makefile.am (pkglib_PROGRAMS): Put protect-tool there.
* gpgsm.c (main): Use GNUPG_DEFAULT_HOMEDIR constant.
* protect-tool.c (export_p12_file): New.
* server.c (cmd_recipient): Add more reason codes.
* maperror.c (map_to_assuan_status): Map more errorcodes to Bad
* query.c (start_pinentry): Use GNUPG_DERAULT_PINENTRY.
* gpgsm.c: New option --auto-issuer-key-retrieve.
* argparse.c (optfile_parse): Renamed an auto I to P2 to avoid
* rndlinux.c: Removed HAVE_LINUX_RANDOM_H conditional because it
* configure.ac (development_version): New.
automake updated.
msgmerge'd.
* mk-w32-dist (bindir): Fixes vor VPATH builds in a subdir,
* photoid.c: Use __MINGW32__ to include windows because
* configure.ac: Link W32 version against libwsock32.
* README.W32: Adjusted some descriptions. Fixed the regsitry
* Makefile.am: Due to problems with VPATH builds we don't try to
Better keep it in the CVS
* mk-gpg-texi: New.
typo fix
* encode.c (encode_symmetric): Do not use the new encryption code.
* INSTALL: Replaced by generic install file.
* configure.ac: Set version number to 1.1.91.
typo fix.
* call-dirmngr.c (gpgsm_dirmngr_isvalid): print status of dirmngr
* keydb.c (keydb_store_cert): Add optional ar EXISTED and changed
* certpath.c (check_cert_policy): Don't use log_error to print a
* verify.c (gpgsm_verify): Extend the STATUS_BADSIG line with
* server.c (gpgsm_status2): Insert a blank between all optional
* argparse.c (initialize): We better exit after a read error so
* fseeko.c, ftello.c: New.
* keybox-defs.h: New BLOBTYPTE_EMPTY.
* delete.c: New.
* keydb.c (keydb_add_resource): Register a lock file.
Forgot to commit this:
Add a new readon code for delet key.
* rndw32.c (slow_gatherer_windowsNT): Use a simple array for the
* longlong.h: Replaced all K&R multiline strings by ISO ones for
Changed the lincese for Assuan to LGPL.
Add another item to the NEWS file.
* config.links: Added case for sparc64-netbsd. Suggested by
* delkey.c (do_delete_key): Always allow to delete a key in batch mode
* gpg.sgml: Document new --delete behaviour.
The big extension module removal.
* de.po: Fixed fuzzys and translated new strings.
msgfmt updated.
* configure.ac (ALL_LINGUAS): Added Catalan.
Removed some obsolete header files.
* configure.ac: Bumbed version number.
* g10.c (main): Try to use "gpg.conf" as default option file.
minor doc fixes.
* options.skel: Changed comments.
New Assuan testing tool.
First test script. Still missing the environment setup.
* asschk.c: Added some new features.
Added distfiles kludge to distribute the content of the samplekeys directory.
* card.c (card_get_serial_and_stamp): Use the tokeinfo serial
* gpgsm.c (emergency_cleanup): New.
Minor fixes
* signal.c: New. Taken from GnuPG 1.1.91.
Tweaked the build system so that make distcheck finanly said Well
* decrypt.c (prepare_decryption): Hack to detected already
* keybox-search.c (blob_cmp_fpr_part): New.
* keylist.c (list_cert_colon): Print the short fingerprint in the
Minor changes for gettext
* cipher.c: Include the DUMMY cipher only when the new ALLOW_DUMMY
* mpicoder.c (do_get_buffer): Don't remove leading zeros if the
* seckey-cert.c: Workaround to allow decryption of v3 keys created
Removed a leftover conflict indicator.
* card-common.h (struct p15_private_s): Forward declaration. Add
* call-agent.c (learn_cb): Special treatment when the issuer
* certpath.c: Renamed to ..
*** empty log message ***
Renamed some configure flags.
* scdaemon.c: Include i18n.h.
Renamed an error code.
* assuan.h: Renamed Bad_Certificate_Path to Bad_Certificate_Chain.
* call-scd.c (learn_status_cb): Handle CERTINFO status.
Made it compile.
* getkey.c (get_user_id_native): Renamed to ..
Short note about interactive and import.
* gpgsm.c (main): Use the log file only in server mode.
* divert-scd.c (getpin_cb): Pass a more descritive text to the
* vasprintf.c: Hack to handle NULL for %s.
* scdaemon.c (main): New option --daemon so that the program is
use setlocale().
* query.c (agent_askpin): Hack to show the right default prompt.
* import.c (import_print_stats): Print new non_imported counter
* errors.h: Added STATUS_IMPORT_PROBLEM.
* import.c (print_imported_summary): Cleaned up. Print new
* query.c (agent_askpin): Provide the default desc text depending
Include intl/ in the CVS again; otherwise we are not able to
* faq.raw: Updated. New Maintainer is David D. Scribner.
* random.c: Automagically detect the entrop gatherer when
* pkclist.c (do_we_trust_pre): Changed the wording of a warning.
* configure.ac (random_modules): Reworked the code to select the
* iobuf.c (block_filter): Removed the assert, so that one can pass
* gnupg.7: New mini man page.
* strgutil.c (set_native_charset): Allow NULL as argument to use
* gpg.sgml: Updated the charset option.
* g10.c (main): Try to set a default character set. Print the
Moved some items from TODO to NEWS.
* mk-w32-dist: Include more man pages and gpg split. Changed name
* gnupg.7: New mini man page.
* gpgsm.c (main): Disable the internal libgcrypt locking.
new test certs and messages
* gpg-agent.c (create_private_keys_directory)
* w32reg.c (read_w32_registry_string): Handle REG_EXPAND_SZ.
* mpicoder.c (mpi_set_buffer): Cast all left operands of a shift
* gpgkeys_hkp.c (send_key, get_key, search_key): Check return
Added prototype.
Cleanups and minor fixes.
typo fixes and disabled dummy cipher
typo fixes and new credits.
* g10.c, options.h: Removed option --emulate-checksum-bug.
* mpi-bit.c (mpi_normalize): Replaced the check for protected by
* configure.ac (random_modules): The default random module for
Updated texi files
* mk-w32-dist: Convert the character sets on a per language base.
* simple-gettext.c: Disable charset mappings. We do it now when
About to release 1.1.92
Argh, msgfmt reformatted some entries during the make distcheck
Bumped version number
* distfiles: Include mk-w32-dist.
fixed the test for a missing mail address
* Makefile.am (EXTRA_DIST): Include gnupg-32.reg
* tr.po, el.po: Updated.
Added tr and el rule.
* gpg.sgml: Add rebuild-keydb-caches.
* w32reg.c (read_w32_registry_string): Fallback to HLM.
* rndw32.c (SIZEOF_DISK_PERFORMANCE_STRUCT): Increased to 256.
* certcheck.c (gpgsm_check_cert_sig): Add cert hash debugging.
* DETAILS: s/XORed/ORed/.
comment type fix
* gpgkeys_hkp.c (handle_old_hkp_index): s/input/inp/ to avoid
* mpicoder.c (do_get_buffer): Avoid zero length allocation.
* gpg-agent.c (handle_signal): Flush cache on SIGHUP.
* tiger.c (tiger_get_info): Use a regular OID. Note that this
* getkey.c (get_pubkey_direct): New.
* import.c (import_keys_internal): s/inp/inp2/ to avoid shadowing
* DETAILS (KEY_CREATED): Enhanced by fingerprint.
* keygen.c (print_status_key_created): New.
* rndunix.c (my_popen): Make sure that stdin and stderr are
* configure.ac (NAME_OF_DEV_URANDOM): Use /dev/urandom for
Add simple tool to sign all keys in a keyring
Florian Weimer reminded me about that
* pkclist.c (do_edit_ownertrust): Show all user IDs. This should
* autogen.sh: Allow env variables to override the auto* tool
* config.links (powerpc-apple-darwin6.1): Disable assembler
* configure.ac: Changed version number comments.
* POTFILES.in (hkp.c): Removed.
Bumped version number for cvs version
* pubkey-enc.c (get_it): Fix segv, test for revoked only when PK
* gpgsplit.c: New options --secret-to-public and --no-split.
Fixed copyright year
* passphrase.c (agent_send_all_options): Use tty_get_ttyname to
* ttyio.c (TERMDEVICE): Removed.
Preparing 1.3.1 release.
Post release version number bump.
* config.sub, config.guess: Updated from ftp.gnu.org/gnu/config
Marked unused slots in the trustdb.
* g10.c: New options --[no-]mangle-dos-filenames.
* gpg.sgml: Document --no-mangle-dos-filenames.
* samplekeys.asc: Updated.
Simple script to create samplekeys.asc. CVS only.
* keydb.c (keydb_add_resource): Don't assume that try_make_homedir
Updated from latest NewPG project
Updated from latest NewPG project
* g10.c (add_group): Fixed group parsing to allow more than one
* compress.c (init_uncompress): Use a 15 bit window size so that
* acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume
Add primary key fingerprint to VALIDSIG status.
* Makefile.am (EXTRA_DIST): Add autogen.sh wrapper.
* autogen.sh: Add options to build for coldfire and uClinux.
* passphrase.c (read_passphrase_from_fd): Do a dummy read if the
* acinclude.m4 (GNUPG_CHECK_ENDIAN): Fix quoting of r.e. using
* md.c (md_start_debug): Need to open the file in binary mode.
* longlong.h (umul_ppmm): Support SH3 and SH4. Thanks to
* configure.ac (HAVE_DOSISH_SYSTEM): New automake conditional.
* gpg.sgml: Document --enable-progress-filter.
* Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
Removed assuan because we now use libassuan
* command.c (register_commands): Adjusted for new Assuan semantics.
* util.h (fopencokokie): Removed prototype and struct.
* Makefile.am (LDFLAGS): Removed.
* Makefile.am: Use libassuan. Don't override LDFLAGS anymore.
* scdaemon.c: New options --print-atr and --reader-port
* progress.c (handle_progress)
* fileutil.c (is_file_compressed): Fixed checking for "-" filename.
About to release 1.3.2
Bumbed version number after release
Make use of libgpg-error
* scdaemon.h: Include gpg-error.h and errno.h
A small step for GnuPG but a huge leap for error codes.
* import.c (import_keys_internal): Invalidate the cache so that
* import.c (import_keys_internal): Invalidate the cache so that
* parse-packet.c (parse): Disallow old style partial length for
Finished the bulk of changes for gnupg 1.9. This included switching
Key generation and signing using the OpenPGP card does rudimentary work.
* app-openpgp.c (store_fpr): Fixed fingerprint calculation.
* app-openpgp.c (do_setattr): Add setting of the URL.
Minor changes to make make dist work correctly.
* simple-pwquery.c, simple-pwquery.h: Moved to ../common.
* simple-pwquery.c, simple-pwquery.h: New; moved from ../agent.
* Makefile.am: Add sc-copykeys program.
* command.c (cmd_pkauth): New.
* app-openpgp.c (do_learn_status): Print more status information.
Adjusted for use with current libgcrypt (1.1.42).
* gpgsm.c (main): Add secmem features and set the random seed file.
*** empty log message ***
Remove leftover cruft
minor changes to make make distcheck happy
Cleanups, fixes and PC/SC support
About to release the first 1.9 version.
First bits of a card support backport from 1.9. It is not enabled by
* g10.c (main): New commands --card-edit, --card-status and
* util.h: Add the atoi_* and xtoi_* suite of macros from 1.9.
(tty_fprintf): New.
* keygen.c (do_add_key_flags, parse_parameter_usage): Add support
* cardglue.c (learn_status_cb): Release values before assignment
* primegen.c (gen_prime): Bail out if NBITS is zero. This is
(tty_print_string, tty_print_utf8_string2)
* cardglue.c (pin_cb): Detect whether an admin or regular PIN is
* ccid-driver.c (ccid_transceive): Add T=1 chaining for sending.
* primegen.c (gen_prime): Bail out if we try to generate a prime
Add news about OpenPGP card support.
* cardglue.c (card_close): New.
Updated texinfo files
About to release 1.3.3
(card_close): New.
Prepared for next development cycle
Always enable the gen_card_key prototype.
* passphrase.c (ask_passphrase): Add optional promptid arg.
(DLLIBS): Do not include -ldl in the mingw32 case.
(lock_pool) [_AIX]: Don't use plock.
(DLLIBS): Fixed last change.
(apdu_open_reader): Hacks for PC/SC under Windows.
* g10.c (main) [ENABLE_CARD_SUPPORT]: Add a default for
* Makefile.am (SUBDIRS): Add intl.
* ccid-driver.c (ccid_open_reader): Return an error if no USB
(gpgkeys_hkp_LDADD): Replaced INTLLIBS by LIBINTL.
New.
Updated required versions and add -I m4 to aclocal.
Replaced INTLLIBS by LIBINTL.
Gettexized
Updated to 0.12.1
* DETAILS: Add the 'a' value for field 12 and the new field 15.
* cardglue.c (open_card): Ask for card insertion.
(close_ct_reader, close_pcsc_reader): Implemented.
(get_key): Fixed invalid use of fprintf without
Auto-updates
Solved cvs conflict
* pubkey.c (pubkey_sign): Return an error if an ElGamal key is used.
Minor additions
about to release 1.3.4
(TESTS): Temporary remove tests using ElG signatures.
post release version number bumb
* configure.ac: Add a min_automake_version.
Removed accidential added file
* configure.ac: Use -Wformat-nonliteral in maintainer-mode.
(send_key): Add a content type.
(lock_pool) [_AIX]: Also set errno.
Preparing for 1.3.5
Post release version number change
A bunch of changes for the openpgp card.
* DETAILS (NEWSIG): Documented.
Renamed prototype parameter name to avoid gcc warnings.
(keyserver_spawn) [EXEC_TEMPFILE_ONLY]: Removed
* card-util.c (card_edit): Require PIN only for generate.
(ac_pipe_works): Fixed BRE syntax \? -> \{0,1\}.
Removed reference to non-available option
(write_plaintext_packet): Fixed the detection of too
* keylist.c (show_policy_url, show_keyserver_url, show_notation)
About to release 1.3.6
some late minor fixes.
* mk-w32-dist: Do not include the en@* po files.
* free-packet.c (copy_secret_key): Fixed memory leak when D is not
s/1/i/
(copy_secret_key): Get last fix right.
* configure.ac (AM_GNU_GETTEXT_VERSION): New.
Updated po files from 1.2.5
(encode_session_key): Changed the zero random byte
(generate_photo_id): Use tty_printf and not just
* photoid.c: Include ttyio.h.
* configure.ac: Check for readline.
* README: Doc --disable-card-support and --without-readline.
Document "--debug-ccid-driver".
* g10.c [HAVE_LIBUSB]: New option --debug-ccid-driver.
* configure.ac: Don't check for usb_create_match or
(apdu_open_reader): No fallback if a full CCID reader id has been
* cardglue.c (open_card): Use shutdown code if possible.
* gpg.sgml: Document -K.
* gpg.sgml: Document "addcardkey" and "keytocard".
Note: I have not fully tested the new key creation due to a pc/sc
We need to take care that several files are also used in gnupg 1.9 and
* card-util.c (card_edit): Take admin only status from the table.
* mk-w32-dist: Updated from stable branch.
* gpgv.c (i18n_init): Always use LC_ALL.
post release preparations
* configure.ac: New option --disable-finger.
Oops commited binary instead of source.
(read_parameter_file): Changed to use iobuf based file
* keygen.c (read_parameter_file): New keyword "Handle". This is
* Makefile.am (.S.o): Include MPI_SFLAGS. This is our bug 145.
* configure.ac: Actually name the option --disable-finger and not
* configure.ac: Actually name the option --disable-finger and not
Add dearmor.c
Added SELInux hacks and did some cleanups.
* misc.c (is_secured_filename): New.
(iobuf_get_fd): Removed double check on directfp and
* rndunix.c (start_gatherer) [ENABLE_SELINUX_HACKS]: Don't allow
* export.c (do_export_stream) [ENABLE_SELINUX_HACKS]: Don't allow
another s/unsigned char*/byte*/
Fix up the @setfilename lines.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): New.
New. Taken from gnupg 1.9.
Rebuilt
* pkclist.c (do_edit_ownertrust): Add a note to translators.
Add asprintf prototype.
* POTFILES.in: Updated.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): New.
* gpgkeys_ldap.c (main, show_help): Kludge to implement standard
* README: Mentioned --enable-selinux-support.
Updated.
post release preparations
Removed these generated files.
Add a note
test
Document IMPORT_CHECK.
(agent_get_passphrase): Cast UIDLEN to int. Noted
More fixups to help Debian's install-info.
* apdu.c (apdu_open_reader): Load pcsc_get_status_change fucntion.
* configure.ac: Remove the check for asprintf
(agent_send_all_options): Try to deduce the ttyname
(verify_chv3): The minimum length for CHV3 is
(mem2str): Translated comment to English.
* configure.ac: New option --disable-gnupg-iconv, define
Detect the Debian mingw32 package.
* configure.ac: New option --disable-gnupg-iconv, define
We don't want this file in the CVS
(load_libiconv) [_WIN32]: new.
* dynload.h: Always use it for _WIN32.
About to release 1.3.92
Added gpg.ru.1 to EXTRA_DIST
Does not belong into the CVS
post release preparations
Inlcude LIBICONV
(get_string): Removed debugging hack.
* strgutil.c (load_libiconv): Use log_info to avoid failures when
(open_info_file): New.
(S_IRGRP) [HAVE_DOSISH_SYSTEM]: Define to 0.
(fd_cache_strcmp): New. Use whenever we compare
*** empty log message ***
* passphrase.c (agent_get_passphrase): New args CUSTOM_PROMPT and
* app-openpgp.c (send_fprtime_if_not_null): New.
* sv.po: Take the update done for 1.2.6.
(keys): Removed my old 621CC013 key
(read_passphrase_from_fd): Fixed memory leak.
Prepared for last 1.4 release candidate
automake updates, removed one debug output
post release updates
About to release 1.4.0
Add a note on how to send translations.
Minor fixes
post release updates
* passphrase.c (agent_get_passphrase): Define NREAD locally as
(handle_iconv_error): Turn diagnostics into warnings
* seckey-cert.c (do_check): Handle case when checksum was okay but
(ask_expire_interval): For better translations chnage 2
(find_endpoint): New.
(set_native_charset): Assume that ASCII,
* w32installer.nsi: New.
Make --without-included-zlib work as
Make --without-included-zlib work as
Same for
(public_key_list): Do a trustdb staleness check before
* gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with
* g10.c (i18n_init) [W32]: Pass registry key to gettext
Minor changes
* gpgv.c (tty_fprintf): New stub.
(open_card): Issue new CARDCTRL(4) status.
(get_cached_data): New arg GET_IMMEDIATE to bypass
(do_generate_keypair): Don't continue after an error;
* w32installer.nsi: Create a start menu entry and enhanced the
Updated to the version from 1.2.7.
* keygen.c (generate_subkeypair): Detect primary key on-card and
Updated to match the switch to the NSIS installer.
About to do a release candidate
Last changes for W32
(GNUPG_CHECK_GNUMAKE): Removed. Not needed for
* gpg.sgml: Add bkuptocard command for --edit-key.
* w32installer.nsi: Added page to select the language.
* card-util.c (fetch_url): Fetch the key from the default
about to release 1.4.1rc2
* primegen.c (is_prime): Free A2. Noted by pmike2001 at mail.ru.
(secmem_realloc): Take control information into account
(keyedit_menu) [W32]: Run the trustdb stale check
* configure.ac: New option --enable-noexecstack.
* cardglue.c (pin_cb): Disable debug output.
* card-util.c (card_status): Use isotimestamp and not the
Preparing a release
Post release preparations
(parse_ccid_descriptor): Make SCM workaround
* keyedit.c (command_generator, keyedit_completion): Changed
(rndw32_gather_random_fast): While adding data use the
(pin_cb): Print a warning if the info string hack is
* w32installer.nsi: Allow including of WINPT source. Include
* keydb.c (keydb_add_resource): Clarify meaning of flags. Add new
(keygen_set_std_prefs): Explain the chosen order of
Changes to make use of code taken from libassuan. This replaces the
Typo fixes
* ccid-driver.c (ccid_slot_status): Fixed debug messages.
* g10.c (main, add_notation_data, add_policy_url)
* passphrase.c (agent_get_passphrase): Add new arg CACHEID.
(do_close_reader): Don't do a reset before close.
(ccid_transceive): Arghhh. The seqno is another
* cardglue.c (send_status_info): Make CTRL optional.
* cardglue.c (open_card): Check USE_AGENT.
* app-openpgp.c, app-common.h: Again updated from gnupg 1.9 CVS.
(add_notation_data): Check number of at-signs.
(add_notation_data): Check number of at-signs.
* passphrase.c (ask_passphrase): Unescape the description string.
Updated FSF street address and preparations for a release candidate.
* keydb.h [!ENABLE_AGENT_SUPPORT]: Define dummy types.
*** empty log message ***
.
(parse_signature): Use log_info for messages
* gpg.sgml: Document smartcard related options.
Preparing a release candidate
.
* conventional.test (algos): Uhh ohh, cut+paste error and not
Post release version number update
* tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols.
* configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
* g10.c, options.h: New option --limit-card-insert-tries.
Document --limit-card-insert-tries.
* gpg.sgml (http):
*** empty log message ***
Preparing a release
* passphrase.c (agent_get_passphrase): Make sure to release the
Updated.
post release version number updates
First commit to Subversion.
Add a note that CVS is beeing migrated to Subversion
Removed directories which are only used by the 1.9 branch
Converted all m_free to xfree etc.
Implemented PKA trust model
Implemented PKA trust model
Removed silly old file
Fixes pertaining to revocation creation with subkey-only exported card keys
auto retrieve keys from PKA. Thsi allows to specify an email address
Experimental code to improve AES performance. Got about 25% on ia32.
Add "help" sub option to --*-options.
Updated card stuff to support T=0 cards.
* mainproc.c (proc_symkey_enc): Take care of a canceled passphrase
Renamed g10.c to gpg.c
Fixes for the g10.c -> gpg.c renamed
Yet another fix for the gpg.c rename
exported subkeys are now merged into one output keyblock
Fixed minor card related bugs and enhanced status messages
cygwin fixes
Made strings translatable. Minor fixes.
Finished PKA feature
Add support fro CardMan 4040
Fixed a couple of problems
Lock random seed file
Fixed a wrong return code with gpg --verify
about to release 1.4.3rc1
Replaced an assert and fixed batch mode issue in cardglue.
Fixed problem with PGP2 style signatures and mutilple plaintext data
Stricter test of allowed signature packet compositions.
More tests added; make distcheck works
Preparing for an RC23
Updated
keep on walking towards rc3
Allow for rmd160 signatures when using gpg-agent.
Changed URLs
About to release 1.4.3
post release updates
See ChangeLog
Fixed segv
Add new regression test
.
use minimal posix sed
Fixed OSF5 warning suppression.
Forgot to save the actual fix
Updated keys
Added backsig to my key
About to do a new release
Typo fix
Ready for a release
Post release version update
do no use reopen_std under W32.
Fixed uploading of keays.
i18n fix
Updated.
Fixed memory allocation bug and typos.
Preparing a release candidate
Fixed bug 479. Not a real good fix but a reliable one which limits possible
Fix bug 655
Preparing 1.4.5
Forgot this one.
MOves trunk to a new branch.
Post release updates.
Allow to build w/o curl.
fix for bug 537 and documentation fixes.
Fixed bug 518
New command --gpgconf-test.
* openfile.c (ask_outfile_name): Fixed buffer overflow occurring
Preparing an RC
Changing the way man pages are build.
Preparing a release
Post release updates
/
Removed the use of g10defs.h.
Removed references to removed g10defs.h file.
distribute gnupg1.info. Fixes bug#740.
Fix bug#739 (proxy/shutdown)
Installed revised translation.
* parse-packet.c (read_protected_v3_mpi): Make sure to stop
Fix for Debian bug 402592
* secmem.c (ptr_into_pool_p): New.
[W32] Make use of the LANGUAGE envvar.
Updated
Preparing 1.4.7
Post release update
Add extra fflush (stdout)
util/
* mk-w32-dist: Remove underline markup from man pages. Reported
Add an extra warning for Camellia.
Improved detection of ketrings specified several times.
Switched to GPLv3.
* status.c (do_get_from_fd, do_shm_get): s/bool/getbool/ to
Preparing a release candidate
Post release update
Grammar fix
Comment typ fixes.
Fixed auto generation of the key stub.
Allow decryption using type 20 Elgamal keys.
Allow decryption using type 20 key.
Updated ZH po file.
Type fixes and @samp{} fix. From gnupg-2.
Preparing a release candidate
Fixed a regression in gpg_dermor.
Fixd a W32 problems with ldaps.
Preparing a release
Typo fix
Update
Add card vendor 004.
Improved AES performance.
Change default keyserver.
Powerpc64 fix.
Fixed URL.
prepare a release.
Post release version number bump.
add comment.
Fix rendering of @samp.
Yet another minor yat2m fix.
Ignore gpg2 introduced keywords for --auto-key-locate.
Translation fixes.
Typo fix by Ludwig Hügelschäfer.
Revert that last stupid setuid detection fix.
Update.
Fix !EROFS bug
Fix bug #947 (expire time overflow)
Fix possible NULL argument to printf
fix bug #922
Make --version close to GNU standards.
Check algo usage.
Close message digest; fixes memory leak.
Change SIG_ID computation to m
Change the SIG_ID computation to match 2.0.10.
Fix bug 998.
Better error message for a missing keyring.
Fix bug#931.
Backport of Creation-Date parameter for unattended key generation.
Improve dotlocking.
Fix for bug#1034.
Print 'empty file' warning only with --verbose.
Fix bug 1045.
Fix bug 1045
Fix bug#1044.
Fixed bug1058.
Fix bug#1069.
Add stub function. Noted by Daniel Leidert.
Fix bug#1040.
Update
Fix a couple of minor bugs.
fix bug#1085.
Fix bug#1087.
Repalce an assert by a proper error message.
First set of changes to backport the new card code from 2.0.
Parse EXTCAP lines from the card.
Update key generation menu to match gnupg 2.0.
commit 3f95e31e5df6bfcc0c0dd588e65243362242ae38
Preparing for a release candidate
Updated the German translation. Minor doc changes.
Makefile tweak and de.po line number update
Update doc. This time also the included files.
Fix two bugs
* miscutil.c (print_string2): Loose check for control characters
Fix compiler size warning for debug output
Restructured the compat functions and changed its license.
Fix debian bug#543530
Preparing 1.4.10.
Last minute fixes
Update line numbers - arghhh
Post release version number bump
Update from Jedi
Update zH_TW and check for stdint.h
Fix a W32 problem
Make it easier to distribute bzip2
Fix bug#1138.
Remove sparc64 asm modules
fix bug#1162.
minor changes for VMS
Fix bug#1059 (missing status line signature verification done with a
Fix some spelling errors. Fixes bug#1127.
Fix bug#1183
Change menu prompts.
Fix bug reporting address.
Fix bug 1186
Force SHA1 only for v1 cards
Fix for bug 1223
Fix bug 1179
Ignore some GnuPG-2 only options.
Fix bug 1231.
Backport bug fix. Fixes bug#1240.
support more hash algorithms to support the v2 card
Minor fixes
.
Preparing a release candidate
"make distcheck" fix
Minor changes to help the VMS port
The rest of the VMS changes.
Remove FAQ stuff
VMS fixes
Prepare for 1.4.11
Add a minor feature for w32.
Post release updates
Two little updates
Remove warnings on VMS
mips fixes
Detect unsigned time_t and adjust y2038 detection.
Revert last two changes and replace by code from libgcrypt 1.4.6.
Support a git revision number
Update gpg-zip.1 (bug#1317)
Don't link gpgv with libreadline
Add pubkey letters e and E for ECC.
Allow building for ARM thumb. Fixes bug#1202.
Print the decoded iteration count witn --list-packets.
Fix bug#1307
Fixed some autoconf bit rot.
Fix aliasing problem.
Removed some set but unused vars.
On VMS use --batch by default if in batch mode.
Rename all ChangeLog files to ChangeLog-2011.
Generate the ChangeLog from commit logs.
Update gitlog-to-changelog.
Use gcc pragmas to suppress some warnings.
Update copyright years.
Replace file locking by the new portable dotlock code.
Allow use of a standard space separated fingerprint.
Typo fixes and comment re-formatting.
gpg: Remove unused fields from a trust data structure.
Allow building with the 32 bit mingw-w64 toolchain.
Include bzip2 code to ease building for W32.
Add a DECRYPTION_INFO status.
Automate W32 installer building.
w32: Allow passing a relative name for the tarball
w32: Always build with -fno-omit-frame-pointer.
Do not copy default merge commit log entries into the ChangeLog.
Fix typos in comments.
Require gitlog-to-changelog to be installed.
Update documentation.
Update sample keys.
Update GNU helper files.
Add Ukrainian translation.
Auto update of uk.po
Fix ChangeLog creation rule.
Release 1.4.12
With --quiet do not print reading passphrase from fd message.
Fix typos spotted during translations
Update translations to adjust for typo fixes
autogen.sh: Do not use -c with chmod.
Fix extern inline use for gcc > 4.3 in c99 mode
Indent nested cpp directives for better readability.
Remove trailing white space from one file
Improve handling of random_seed read errors.
Fix usage of dlerror to conform to POSIX.
Support the not anymore patented IDEA cipher algorithm.
Create off-line card encryption key with the right size.
de.po: Grammar fix
tests: Skip secret key import check in SELinux mode
Support NetBSD m68K ELF targets
gettext: Upgrade to version 0.18
Workaround for a gettext problem during "make distcheck".
Update README and po files for a release
Fix potential heap corruption in "gpg -v --version"
Add meta option ignore-invalid-option.
State that disclaimers are not anymore needed for translations.
.gitignore: Add cruft from other branches.
Fix last commit
Adjust to GNU coding standards
Remove trailing white space from some files
Import only packets which are allowed in a keyblock.
gpg: Suppress "public key already present" in quiet mode.
po: Update zh_TW.po.
Update config.{guess,sub} to version 2012-07-31.
Update manuals from master
Last fix for the SRV record patches.
Release 1.4.13.
Post release updates
Fix idea.c for big endian CPUs.
Automake 1.13 compatibility fix.
Fix git revision parsing.
Mitigate a flush+reload cache attack on RSA secret exponents.
Prepare for a forthcoming new algorithm id.
Update to modern beta release numbering scheme.
Autoupdate a translation.
Release 1.4.14.
Post release updates.
gpg: No need to create a trustdb when encrypting with --always-trust.
gpg: Use 2048 as the default keysize in batch mode.
mpicalc: Change copyright notice.
Fix bug in mpi_tdiv_q_2exp.
gpg: Fix bug with deeply nested compressed packets.
gpg: Limit the nesting level of I/O filters.
keyserver: Allow use of cURL's default CA store.
gpg: Distinguish between missing and cleared key flags.
gpg: Protect against rogue keyservers sending secret keys.
gpg: Print a "not found" message for an unknown key in --key-edit.
doc: Update from master.
po: Autoupdate due to changed order of strings.
Release 1.4.15
Post release updates.
gpg: Do not require a trustdb with --always-trust.
mpi: Fix syntax error for mips64 and gcc < 4.4
Print the keyid for key packets with --list-packets.
mpi: mpi-pow improvements
gpg: Change armor Version header to emit only the major version.
Use blinding for the RSA secret operation.
Normalize the MPIs used as input to secret key functions.
Prepare for newer automakes which default to parallel tests.
Update config.{guess,sub} and some copyright notices.
Change --show-session-key to print the session key earlier.
Release 1.4.16
Post release version number bump.
Support building using the latest mingw-w64 toolchain.
gpg: Need to init the trustdb for import.
gpg: Avoid infinite loop in uncompressing garbled packets.
doc: Remove outdated Russian man page.
gpg: Use more specific reason codes for INV_RECP.
PC/SC cleanup.
intl: Fix for uClibc.
w32: Fix typo in README.W32.
Remove useless diagnostic in MDC verification.
Print hash algorithm in sig records
Fix syntax error introduced with 60bd6488
doc: Update from master.
po: Auto-update
Release 1.4.17
Post release changes.
Add CVE number
Make screening of keyserver result work with multi-key commands.
Limit keysize for unattended key generation to useful values.
Release 1.4.18
Post release updates
Add kbnode_t for easier backporting.
gpg: Fix regression due to the keyserver import filter.
gpg: Allow compressed data with algorithm 0.
Fix strict-alias warnings for rijndael.c
mpi: Suppress set-but-unused-variables warnings.
mpi: Improve mpi_invm to detect bad input.
Allow use of --debug-level=LEVEL without '='.
doc: Final update from master (gnupg 2.1)
doc: Cleanup gpg.texi.
mpi: Fix compiler warning.
doc: Minor fix
gpg: Add import option "keep-ownertrust".
gpg: Make the use of "--verify FILE" for detached sigs harder.
gpg: Fix a NULL-deref for invalid input data.
gpg: Fix off-by-one read in the attribute subpacket parser.
gpg: Fix use of uninit.value in listing sig subpkts.
doc: Do not install gnupg.7
scd: Fix possibly inhibited checkpin of the admin pin.
gpg: Fix possible read of unallocated memory
doc: Fix memory leak in yat2m.
doc: Formatting fixes.
Fix a problem with select and high fds.
Modernize to automake 1.14.
Update automake helper files.
Use ciphertext blinding for Elgamal decryption.
gpg: Print a warning if the subkey expiration may not be what you want.
gpg: Allow predefined names as answer to the keygen.algo prompt.
gpg: Limit the size of key packets to a sensible value.
gpg: Fix a NULL-deref due to empty ring trust packets.
gpg: Fix a NULL-deref in export due to invalid packet lengths.
gpg: Prevent an invalid memory read using a garbled keyring.
doc: Change remaining http links to gnupg.org to https
Use inline functions to convert buffer data to scalars.
gpg: Print better diagnostics for keyserver operations.
gpg: Remove an unused variable.
Protect against NULL return of mpi_get_opaque.
doc: Add warning note about not acting as an oracle to --batch.
doc: Fix name of keep-ownertrust.
Allow requesting only an IPGP certtype with dns_cert().
Add convenience function to hash a buffer.
Add new function strconcat.
Move two functions from g10/ to util/.
Switch to a hash and CERT record based PKA system.
po,intl: Update to 0.19.3.
Fix for building without DNS support.
po: Update German translation
po: Auto-update
Release 1.4.19.
Post release updates
gpg: Remove left-over debug message.
gpg: Fix DoS while parsing mangled secret key packets.
Obsolete option --no-sig-create-check.
gpg: Silence a compiler warning.
gpg: Avoid cluttering stdout with trustdb info in verbose mode.
gpg: Change default cipher for --symmetric from CAST5 to AES-128.
gpg: Reject signatures made with MD5.
po: Update German translation
po: Auto-update
w32: Avoid warning when using newer mingw versions.
Release 1.4.20
Yuri Chornoivan (1):
po: Update Ukrainian translation
-----------------------------------------------------------------------
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg.git
More information about the Pkg-gnupg-commit
mailing list