Jonathan McDowell [Sat, 14 Jul 2012 19:20:27 +0000 (13:20 -0600)]
Fix the size of the hash array when checking sig hashes
It was only 20 bytes - big enough for SHA1, but not when the larger
SHA2 hashes are available in nettle. This allows up to SHA512.
Jonathan McDowell [Sat, 14 Jul 2012 19:14:09 +0000 (13:14 -0600)]
Move .bzrignore to .gitignore
Jonathan McDowell [Sat, 14 Jul 2012 18:44:35 +0000 (12:44 -0600)]
Add initial Doxygen support
Massage the existing function/structure comments into something that
Doxygen likes, and document a few additional bits and pieces that
Doxygen was complaining about.
Jonathan McDowell [Fri, 13 Jul 2012 17:25:12 +0000 (11:25 -0600)]
Don't reject sig hashes we don't have support for.
We should err on the side of caution when we can't verify a sighash
because we don't have that algorithm compiled in, and allow it.
Jonathan McDowell [Fri, 13 Jul 2012 00:11:11 +0000 (18:11 -0600)]
Add checking for signature hashes
Signatures include the first 2 octets of the hash the signature is
over. Checking this matches what we expect is an easy way to drop
corrupt or incorrect signatures. It doesn't provide any cryptographic
verification but is a useful sanity check when accepting keys.
Jonathan McDowell [Thu, 12 Jul 2012 18:24:01 +0000 (12:24 -0600)]
Dump all the stripped keys at the end, rather than one at a time
We don't need to dump everything as we go, and will end up dumping
more than we intend (as we'll dump all of the keys still to go).
Jonathan McDowell [Wed, 11 Jul 2012 00:13:57 +0000 (18:13 -0600)]
Add libnettle autoconf checks for SHA224, SHA384 & SHA512.
Jonathan McDowell [Mon, 25 Jun 2012 21:18:03 +0000 (22:18 +0100)]
Switch to source format 3.0 (quilt) for Debian packaging.
Jonathan McDowell [Wed, 25 Apr 2012 04:59:45 +0000 (21:59 -0700)]
Cleanup hashquery.o on make clean
Jonathan McDowell [Wed, 25 Apr 2012 04:54:58 +0000 (21:54 -0700)]
Build Debian version number to indicate bzr build
Jonathan McDowell [Wed, 25 Apr 2012 04:30:22 +0000 (21:30 -0700)]
0.4.1 release
Release; update version string in configure.ac, README.
Update HISTORY and debian/changelog.
Jonathan McDowell [Wed, 25 Apr 2012 04:15:38 +0000 (21:15 -0700)]
Avoid race condition when receiving incoming mails
There's a race condition between us starting to accept a new incoming
mail and taking the lock to start processing it; a second copy of
onak-mail may come in and start to process the incomplete mail we're
in the process of receiving. Receive to a tmp file and rename to .onak
after we've received everything.
Fixes Debian bug #650557. Thanks to Helmut Grohne <helmut@subdivi.de>
Jonathan McDowell [Wed, 11 Apr 2012 05:27:02 +0000 (06:27 +0100)]
Fix deletion of skshash in DB4 backend
We need to delete the skshash while we still have the publickey
structure, so we can calculate the hash to free.
Jonathan McDowell [Wed, 11 Apr 2012 05:11:32 +0000 (22:11 -0700)]
Fix deletion error logging for DB4 backend
The change to include the keyid failed to remove some commas on the
format string, meaning the output was even less useful.
Jonathan McDowell [Mon, 2 Apr 2012 21:19:15 +0000 (14:19 -0700)]
Install /pks/hashquery in Debian packaging
Jonathan McDowell [Mon, 2 Apr 2012 17:50:21 +0000 (10:50 -0700)]
Add keyid to DB4 backend deletion error messages
We display an error when we fail to delete an entry from the worddb or
similar, but weren't including the keyid so this wasn't very useful.
Jonathan McDowell [Mon, 2 Apr 2012 00:24:18 +0000 (17:24 -0700)]
Add missing initialisation of DB4 cursor for skshash when deleting key
We were trying to use the id32db cursor which had already been closed.
Jonathan McDowell [Sun, 1 Apr 2012 22:21:10 +0000 (15:21 -0700)]
Drop HISTORY file in /usr/share/doc; it's already present as changelog.gz
Debian packaging cleanup.
Jonathan McDowell [Sun, 1 Apr 2012 22:02:24 +0000 (15:02 -0700)]
Allow retrieval of key by full fingerprint
GPG 1.4.12 switches to using the full fingerprint of a key when requesting
a refresh (commit
6fe25e5602fabe92c68e5ba30e4777221e8612df). We were only
supporting retrieval by 32 or 64 bit key ID. Detect when we're passed a
fingerprint and truncate it to the last 64 bits so we can look it up.
In the future we probably want to extend to being able to do lookups by
full fingerprint.
Jonathan McDowell [Sun, 1 Apr 2012 21:27:11 +0000 (14:27 -0700)]
Always put a leading 0x on keyids in HTML output links
We didn't always put a leading 0x when outputting URLs as part of
an index, which confuses some clients that try to autoparse returned
key IDs.
Jonathan McDowell [Sun, 1 Apr 2012 21:09:12 +0000 (14:09 -0700)]
Fix display of SHA-1 fingerprints
SHA-1 fingerprints have a double space in the middle and we were
putting the extra space in the wrong place.
Jonathan McDowell [Sun, 27 Nov 2011 22:45:44 +0000 (14:45 -0800)]
Add AC_PROG_CC_C99 to configure.ac
We aim to compile cleanly under C99, so get autoconf to give us the
appropriate compiler flags to enable it by default.
Jonathan McDowell [Tue, 18 Oct 2011 14:20:43 +0000 (07:20 -0700)]
Use nettle for hashing when available rather than internal MD5/SHA1 routines
Change the internal MD5/SHA1 routines to match nettle's name and
calling convention and add suitable autoconf bits to auto-select
nettle if it's available, otherwise fall back to the internal
routines as usual.
Not so much of an issue for MD5/SHA1 (though we might end up with
more optimised routines in some instances), but allows easier use
of other hashing/crypto functions in the future.
Jonathan McDowell [Tue, 18 Oct 2011 05:02:44 +0000 (22:02 -0700)]
Use C99 uint32_t rather than u_int32_t
Jonathan McDowell [Tue, 18 Oct 2011 04:53:03 +0000 (21:53 -0700)]
Clean up "set but not used" GCC warnings
GCC 4.6 now errors when a variable is set but not used; clean up
instances of this to fix compilation.
Jonathan McDowell [Sat, 7 May 2011 04:59:03 +0000 (21:59 -0700)]
Export find_packet from merge.c
Add find_packet to merge.h so it can be used in other components.
Jonathan McDowell [Mon, 2 May 2011 02:15:41 +0000 (19:15 -0700)]
Add some more subpacket types to the list to ignore
There are various signature subpacket types we know about, but have
no need to decode (or it doesn't make sense to decode if we're not
checking that the signature is valid). Add some more to prevent
warnings when adding keys that have these subpackets present.
Jonathan McDowell [Sun, 1 May 2011 02:55:05 +0000 (19:55 -0700)]
Clean up file header copyrights
Project Purple isn't a legal entity; credit primary author of files
and include a minimal GPL 2 header in each file rather than relying
on the copy of LICENCE shipped with everything else.
Jonathan McDowell [Sun, 1 May 2011 00:49:57 +0000 (17:49 -0700)]
Define OpenPGP constants and use them rather than magic numbers
Take the set of OpenPGP constants from RFC4880 that we're using
and produce some #defines, to try and make the code a bit clearer.
Jonathan McDowell [Sat, 30 Apr 2011 04:13:31 +0000 (21:13 -0700)]
Remove my name from the lookup/gpgwww trailers.
No reason for my name to be there; the onak name + VERSION is more
appropriate.
Jonathan McDowell [Mon, 25 Apr 2011 04:56:36 +0000 (21:56 -0700)]
Add a test for key fetching by SKS hash
New test to check we can correctly retrieve a key by SKS hash using
the onak CLI tool.
Jonathan McDowell [Mon, 25 Apr 2011 04:49:32 +0000 (21:49 -0700)]
Add /pks/hashquery
Add /pks/hashquery - an implementation of the SKS hash retrieval
portion of the gossip protocol.
hashquery takes a marshalled array of SKS hashes to retrieve and
returns a marshalled array of the keys requested.
(The marshalling functions essentially take the hash/key structures
and flatten them to a byte stream with a preceding network order
32 bit size value.)
Jonathan McDowell [Mon, 25 Apr 2011 04:03:30 +0000 (21:03 -0700)]
Add a dependency on CORE_OBJS to the dynamic backends
If these change we need to relink or unexpected things happen.
Jonathan McDowell [Mon, 25 Apr 2011 03:50:40 +0000 (20:50 -0700)]
Add support for displaying/retrieving by SKS hash to lookup and onak CLI
Now we are storing the SKS hash details of a key add the ability to
display the hash in /pks/lookup and retrieve it via the new hget
function. This should be compatible with the way in which SKS extends
lookup to support its hashes.
Also add hget to the onak CLI tool and the -s option for showing the
SKS hash of keys.
Jonathan McDowell [Mon, 25 Apr 2011 03:11:42 +0000 (20:11 -0700)]
Add support for key retrieval by SKS hash
Add a new backend DB function fetch_key_skshash and implement it
for the fs/db4/keyd & dynamic backends. This allows us to retrieve
a key using the SKS hash, which will be necessary to implement the
gossip protocol.
Jonathan McDowell [Mon, 25 Apr 2011 02:06:06 +0000 (19:06 -0700)]
Add support for calculating SKS style key hashes
SKS uses an MD5 hash over the sorted packets from a key as a token
for its gossip protocol. Add support for calculating this hash and a
structure for passing it around within onak.
Jonathan McDowell [Mon, 25 Apr 2011 01:47:24 +0000 (18:47 -0700)]
Make compare_packet follow memcmp semantics and export to other modules
compare_packet is potentially useful elsewhere, but rather than a
true/false comparison provide -1/0/1 for less than/equal/greater
than, as memcmp does.
Jonathan McDowell [Mon, 25 Apr 2011 01:33:13 +0000 (18:33 -0700)]
Fix buffer_getchar to only error if we'd exceed the buffer size
We were erroring when we retrieved the end of the buffer, and not
if we overflowed past the end. Check if we'd overflow and return
an error only in that case.
Jonathan McDowell [Mon, 25 Apr 2011 00:54:59 +0000 (17:54 -0700)]
Remove unused keydb_dynamic.h header file
Jonathan McDowell [Sun, 24 Apr 2011 02:28:31 +0000 (19:28 -0700)]
Add basic testing infrastructure + initial tests
Add some simple scripts to ensure key addition, deletion and retrieval
are at least working ok.
Jonathan McDowell [Sat, 23 Apr 2011 23:05:44 +0000 (16:05 -0700)]
Change fd_write to use fwrite instead of fputc
I have no idea why I had a loop around fputc instead of just
using fwrite.
Jonathan McDowell [Sat, 23 Apr 2011 22:45:16 +0000 (23:45 +0100)]
Change to using void * for character function content parameter
We were passing unsigned char * as the parameter to all of the
character fetching/putting functions. Use void * instead so that
we can pass other types of data without needlessly having to cast.
Jonathan McDowell [Wed, 20 Apr 2011 05:16:18 +0000 (22:16 -0700)]
Fix stupid case syntax error
Jonathan McDowell [Wed, 20 Apr 2011 05:13:09 +0000 (22:13 -0700)]
Add restart/force-reload options to init script
Debian requires these. Just do a stop and start.
Jonathan McDowell [Wed, 20 Apr 2011 05:12:44 +0000 (22:12 -0700)]
Add -1 to Debian package version
We're not a native Debian package.
Jonathan McDowell [Wed, 20 Apr 2011 05:00:14 +0000 (22:00 -0700)]
0.4.0 release
Release; update version string in configure.ac, README.
Update HISTORY and debian/changelog.
Jonathan McDowell [Sun, 17 Apr 2011 06:27:35 +0000 (23:27 -0700)]
Add Debian logrotate config snippet
Add a weekly rotation logrotate config snippet for onak.log
Jonathan McDowell [Sat, 16 Apr 2011 20:28:33 +0000 (13:28 -0700)]
Output details of key search after retrieval for pks/lookup
Rather than logging what we're searching for beforehand, and then
indicating failure after (but not success), just output the results
and search details after retrieval.
Jonathan McDowell [Sat, 16 Apr 2011 17:04:45 +0000 (10:04 -0700)]
Add Debian init.d file for keyd
Add an init.d file to start up/shut down keyd on Debian machines if
it's configured in onak.conf.
Jonathan McDowell [Mon, 11 Apr 2011 00:20:44 +0000 (17:20 -0700)]
Add ${perl:Depends} to dependencies
The onak-mail processing script is written in Perl, so we should
depend on it.
Jonathan McDowell [Sun, 10 Apr 2011 23:30:29 +0000 (16:30 -0700)]
Bump Debian Standards-Version to 3.9.2.0
No changes.
Jonathan McDowell [Sun, 10 Apr 2011 18:26:42 +0000 (19:26 +0100)]
Clean up use of PATH_MAX in keydb_fs.c
Hopefully this will enabled compilation on GNU/Hurd. PATH_MAX is not
entirely removed, but now only used for array definitions and
conditionally defined if not already defined. Moving the static defs
to dynamic allocations is future work, but this provides a start.
Jonathan McDowell [Sun, 10 Apr 2011 17:55:42 +0000 (10:55 -0700)]
Fix onak.c to include version.h not config.h
Oops; broken with the move from PACKAGE_VERSION to ONAK_VERSION.
Jonathan McDowell [Sun, 10 Apr 2011 17:55:16 +0000 (10:55 -0700)]
Added keydctl and testparse to .bzrignore
Jonathan McDowell [Sun, 10 Apr 2011 17:47:35 +0000 (10:47 -0700)]
Add a stats command to keyd
Add KEYD_CMD_STATS to obtain info about when keyd started, how many
connects it has seen and how many instances of each command.
Jonathan McDowell [Sun, 10 Apr 2011 06:38:38 +0000 (23:38 -0700)]
Make onak.c use ONAK_VERSION instead of PACKAGE_VERSION for version number
Missed this in the changes to add the bzr revno to non pristine builds.
Jonathan McDowell [Sun, 10 Apr 2011 06:12:06 +0000 (23:12 -0700)]
Remove keydctl.o in clean rule
Jonathan McDowell [Fri, 8 Apr 2011 06:34:27 +0000 (23:34 -0700)]
Allow db4 backend to compile with later versions of Berkeley DB
db5 is compatible with db4 at an API level, so look for >= v4 rather
than = v4 in our configure script.
Jonathan McDowell [Fri, 8 Apr 2011 06:01:15 +0000 (23:01 -0700)]
Use generic db dependencies rather than 4.8 versioned ones
Rather than depending on libdb4.8-dev and db4.8-util depend on
libdb-dev and db-util, allowing easy binary only rebuilds in the
event of new db4 releases.
Fixes Debian bug #621426
Jonathan McDowell [Thu, 7 Apr 2011 03:17:57 +0000 (20:17 -0700)]
Add the bzr version number to non release builds
If we're building from a bzr checkout then include the revision
number in the version string we report.
Jonathan McDowell [Wed, 6 Apr 2011 04:22:39 +0000 (21:22 -0700)]
Add keydctl for talking to keyd backend
The regular keydb functions for talking to keyd work fine for key
related operations, but there are extra things we want to do with
keyd (such as checking its status or asking it to cleanly exit) that
there's no way to do at present. Add keydctl to provide a way to
access these additional features.
Jonathan McDowell [Wed, 6 Apr 2011 02:12:45 +0000 (19:12 -0700)]
Add options details to keyd man page
Document -c/-f/-h options to keyd.
Jonathan McDowell [Wed, 6 Apr 2011 02:08:12 +0000 (19:08 -0700)]
Add help text for keyd
Support -h option for printing help text.
Jonathan McDowell [Thu, 31 Mar 2011 23:55:39 +0000 (16:55 -0700)]
Log when we're doing a clean keyd shutdown
If keyd receives a quit message it will cleanly shutdown; log this
fact so it's obvious that was the reason for exiting.
Jonathan McDowell [Thu, 31 Mar 2011 17:57:41 +0000 (10:57 -0700)]
Ignore SIGPIPE in keyd
catchsignals() normally catches SIGPIPE and sets the cleanup flag,
as per the other signals it catches. This is fine for the HKP CGI,
but not appropriate for keyd (as it's probably because the client
has exited without doing appropriate cleanup). Ignore it; we'll
deal with the error when we try to read/write to the socket.
Jonathan McDowell [Wed, 30 Mar 2011 06:28:07 +0000 (23:28 -0700)]
Make keyd command handling more consistent
Output KEYD_REPLY_OK response for close/quite commands as well
as data size for version/longkeyid commands. Means that commands
can always expect to get an OK response if they've been understood
and a size if they're going to result in some more data.
Jonathan McDowell [Tue, 29 Mar 2011 14:20:10 +0000 (07:20 -0700)]
Add an element to the keyd command enum for the last supported command
Add KEYD_CMD_LAST as a placeholder for the last supported keyd
command.
Jonathan McDowell [Tue, 29 Mar 2011 15:14:31 +0000 (07:14 -0800)]
Explicitly use 32 bits for keyd socket commands
While cross machine compatibility is not currently an aim for keyd
we should specify the word size for commands to help down the line
if we decide to do this.
Jonathan McDowell [Tue, 29 Mar 2011 01:35:25 +0000 (18:35 -0700)]
Configure db4 locks according to maxkeys and actually check maxkeys
The number of db4 objects iin use is related to the maximum number of
keys we return at once. Configure the locking subsystem accordingly
and limit the number of returned keys to maxkeys.
Significantly improves the reliability of the db4 backend on a large
busy server.
Jonathan McDowell [Sat, 19 Mar 2011 23:13:37 +0000 (16:13 -0700)]
Update maxpath/sixdegrees to my "new" RSA key.
Both maxpath and sixdegrees use my key ID as a default base;
change them to use
2DA8B985/4096R rather than
5B430367/1024D.
Jonathan McDowell [Wed, 16 Mar 2011 05:45:12 +0000 (22:45 -0700)]
Remove unused variables
More code cleanup.
Jonathan McDowell [Wed, 16 Mar 2011 05:01:45 +0000 (22:01 -0700)]
Fix fs backend compilation/linking
Several failures to change the calls to internal functions to have
the fs_ prefix and a use before definition of fs_getfullkeyid.
Jonathan McDowell [Wed, 16 Mar 2011 04:15:22 +0000 (21:15 -0700)]
Clean up remaining uses of %llX for printing keyids
It should be PRIX64 to ensure we use the right format for both 32 and
64 bit platforms.
Jonathan McDowell [Wed, 16 Mar 2011 03:40:44 +0000 (03:40 +0000)]
Add use_keyd config file option to select keyd as the backend
We want to be able to use a common config file across the various
tools, so add a config variable to indicate that we're using keyd.
This allows keyd to override the option and then get the configured
backend, while everything else knows to use keyd.
Jonathan McDowell [Wed, 16 Mar 2011 03:33:26 +0000 (03:33 +0000)]
Make keyd background itself by default
It's meant to be a daemon, so it should run in the background. The
-f option will cause it to run in the foreground for debugging etc.
Jonathan McDowell [Wed, 16 Mar 2011 02:50:25 +0000 (02:50 +0000)]
Add -c option to specify keyd config file on command line
Matches the parameter the onak binary takes and allows use of
something other than the compiled in default config file path.
Jonathan McDowell [Tue, 15 Mar 2011 14:26:56 +0000 (07:26 -0700)]
Only seed database for Debian install if we're using default config
If the user changes the config away from DB4 or the default DB
directory and deletes the old directory we'll think they don't
have an initialised key database and try to seed it with my key.
Check the config file and if it doesn't match what we expect
assume the user has configured appropriately and don't seed the DB.
Jonathan McDowell [Tue, 15 Mar 2011 05:05:21 +0000 (22:05 -0700)]
Update the copy of my key to my 4096R one
I updated my key a couple of years ago; replace 0x5B430367 (1024D)
with 0x2DA8B985 (4096R).
Jonathan McDowell [Tue, 15 Mar 2011 04:51:38 +0000 (04:51 +0000)]
Actually close the socket in keyd/the keyd backend
We were calling shutdown() on the socket, but this isn't sufficient -
we need to call close() as well. Otherwise we end up leaking sockets
and eventually keyd can no longer service requests.
Jonathan McDowell [Tue, 15 Mar 2011 04:29:50 +0000 (21:29 -0700)]
Send close command when cleaning up keyd backend
Previously we just shutdown the socket; we should really tell keyd
we're disappearing as well.
Jonathan McDowell [Tue, 15 Mar 2011 01:58:35 +0000 (18:58 -0700)]
Fix delete_key function in keyd backend
Need to use keyd_delete_key, not delete_key. Also move function to
before usage to eliminate need for prototype definition.
Jonathan McDowell [Mon, 18 Jan 2010 10:14:38 +0000 (23:14 +1300)]
Remove keydb backend specific compilation rule
We were defining a custom compile rule for the keydb .c -> .o stage,
which left out the CFLAGS. We don't need this; the custom bit is at
link time so we pick up the right libs.
Jonathan McDowell [Tue, 29 Dec 2009 16:43:42 +0000 (16:43 +0000)]
0.3.8 release
Release; update version string in configure.ac, README.
Update HISTORY and debian/changelog.
Jonathan McDowell [Sun, 27 Dec 2009 18:13:00 +0000 (18:13 +0000)]
Change Debian package to build against libdb4.8
libdb4.7 isn't in stable (lenny) and libdb4.8 is in testing (squeeze)
and sid, so given that we can do the auto upgrade no reason not to
bump to use the latest. Tested with 20000+ invocations of "onak index"
to try to confirm no repeat of the read-only-open problem hit with 4.6.
Jonathan McDowell [Sat, 26 Dec 2009 12:50:48 +0000 (12:50 +0000)]
Bump Debian Standards-Version to 3.8.3.0
No changes.
Jonathan McDowell [Sat, 26 Dec 2009 12:27:39 +0000 (12:27 +0000)]
Clarify licence is GPL v2
We didn't specify the version in the README, though it was correct in
debian/copyright. Add the version to the README and point to the
versioned file in debian/copyright rather than the symlink to the
current version.
Jonathan McDowell [Sat, 26 Dec 2009 12:18:13 +0000 (12:18 +0000)]
Fix PostgreSQL backend key iteration
We weren't passing the correct pointer into the parse_keys function
when parsing the packets we'd read.
Jonathan McDowell [Sat, 26 Dec 2009 12:16:02 +0000 (12:16 +0000)]
Change PostgreSQL backend to use PQescapeStringConn
While the PostgreSQL backend is not known to be in use anywhere we were
using an older escaping function (PQescapeString) which does not have
knowledge of the connection character encoding and so has potential
problems. Switch to using PQescapeStringConn, which does have this
knowledge.
Jonathan McDowell [Sat, 26 Dec 2009 12:09:21 +0000 (12:09 +0000)]
Don't add a key to the stats hash if it doesn't have any sigs
We always added a key to the stats hash if we tried to find its sigs,
even if it didn't exist. So if it doesn't have any sigs (either because
it doesn't exist or it's just a non linked in key), don't add it.
Closes Debian bug #542187.
Jonathan McDowell [Sat, 26 Dec 2009 11:35:49 +0000 (11:35 +0000)]
Bump debhelper compat level to 7
Jonathan McDowell [Sat, 26 Dec 2009 11:16:30 +0000 (11:16 +0000)]
Add Homepage and Vcs-Bzr fields to Debian control file
Point to the existing homepage and bzr repository.
Jonathan McDowell [Tue, 25 Aug 2009 15:03:09 +0000 (16:03 +0100)]
Correct formatting of some places we output a keyid
Format keyids in various places to be 16 digits long, zero padded
if necessary. Closes Debian bug #540196 (which has a patch from
Philippe Teuwen, but that uses 8 digits instead of 16).
Jonathan McDowell [Tue, 18 Aug 2009 16:38:28 +0000 (17:38 +0100)]
Limit key dump files to 100,000 keys for "onak dump"
Gives a file size of around 125M, which is a bit saner than > 1G
Jonathan McDowell [Tue, 18 Aug 2009 16:36:51 +0000 (17:36 +0100)]
Fix "onak dump" to actually generate multiple output files
We weren't incrementing the key count so everything went into a
single file instead of limiting the file size.
Jonathan McDowell [Tue, 2 Jun 2009 14:52:18 +0000 (15:52 +0100)]
0.3.7 release
Release; update version string in configure.ac, README.
Update HISTORY and debian/changelog.
Jonathan McDowell [Tue, 2 Jun 2009 10:43:37 +0000 (11:43 +0100)]
Obey binary flag for "onak get"
We accepted -b for "onak add" to read in a binary key, but always
output keys ASCII armoured; obey -b for get as well and return the
raw key data.
Jonathan McDowell [Tue, 2 Jun 2009 10:23:29 +0000 (11:23 +0100)]
Change Debian package to build against libdb4.7
db4.6 (on Debian at least) seems to throw a fit after a number of
read-only opens. db4.7 (and 4.5) don't seem to suffer from this.
Closes Debian bug #520117
Jonathan McDowell [Tue, 2 Jun 2009 10:19:01 +0000 (11:19 +0100)]
Open DB read only for onak lookup function
No need to open read/write when we're only doing a search.
Jonathan McDowell [Tue, 24 Mar 2009 20:47:43 +0000 (20:47 +0000)]
Ensure DB4 backend dbconns memory is initialised to zero
Change to using calloc to allocate the memory for the dbconns array,
as this will ensure that all the pointers in it are NULL which
prevents us segfaulting on abnormal cleanup. Fixes the segfault from
Debian bug #520117 but not the underlying issue.
Jonathan McDowell [Sun, 2 Nov 2008 13:15:29 +0000 (13:15 +0000)]
Add support for displaying Elgamal encrypt or sign keys (deprecated)
These keys are no longer supported as they're cryptographically weak,
but old versions exist and we should display them properly.