security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

bug fixes

This commit is contained in:
Werner Koch 2006-10-05 11:06:42 +00:00
parent 23b7b9a77b
commit 158a69aff7
13 changed files with 57 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@ -1,3 +1,7 @@
Noteworthy changes in version 1.9.92
-------------------------------------------------
Noteworthy changes in version 1.9.91 (2006-10-04) Noteworthy changes in version 1.9.91 (2006-10-04)
------------------------------------------------- -------------------------------------------------

22
TODO
View File

@ -69,12 +69,6 @@ might want to have an agent context for each service request
not a real problem because application will get a card removed status not a real problem because application will get a card removed status
and should the send a reset to try solving the problem. and should the send a reset to try solving the problem.
* tests
** Makefile.am
We use printf(1) to setup the library path, this is not portable.
Furthermore LD_LIBRARY_PATH is not used on all systems. It doesn't
matter for now, because we use some GNU/*BSDish features anyway.
** Add a test to check the extkeyusage. ** Add a test to check the extkeyusage.
* Windows port * Windows port
@ -93,15 +87,19 @@ might want to have an agent context for each service request
* g10/ * g10/
** issue a NO_SECKEY xxxx if a -u key was not found. ** issue a NO_SECKEY xxxx if a -u key was not found.
** Replace DIGEST_ALGO_SHA224
We can't do that right now because it is only defined by newer
versions of libgcrypt. Change this if we require libgcrypt 1.3
anyway.
** qbits ** qbits
We pass a new qbit parameter to genkey - implement this in libgcrypt. We pass a new qbit parameter to genkey - implement this in libgcrypt.
* When switching to libgcrypt 1.3
** scd#encode_md_for_card, g10#encode_md_value, sm@do_encode_md
Remove the extra test for a valid algorithm as libgcrypt will do it
then in gcry_md_algo_info.
** skclist.c ** skclist.c
As soon as we switch to libgcrypt 1.3 we should remove the hard Remove the hard coded constant in random_is_faked.
coded constant in random_is_faked. ** g10/ Replace DIGEST_ALGO_SHA224
We can't do that right now because it is only defined by newer
versions of libgcrypt.
* Extend selinux support to other modules * Extend selinux support to other modules

4
agent/ChangeLog
View File

@ -1,3 +1,7 @@
2006-10-05 Werner Koch <wk@g10code.com>
* divert-scd.c (encode_md_for_card): Check that the algo is valid.
2006-10-04 Werner Koch <wk@g10code.com> 2006-10-04 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_get_passphrase): Changed to return the * call-pinentry.c (agent_get_passphrase): Changed to return the

4
agent/command.c
View File

@ -470,7 +470,7 @@ cmd_sethash (assuan_context_t ctx, char *line)
char *endp; char *endp;
int algo; int algo;
/* parse the algo number and check it */ /* Parse the algo number and check it. */
algo = (int)strtoul (line, &endp, 10); algo = (int)strtoul (line, &endp, 10);
for (line = endp; *line == ' ' || *line == '\t'; line++) for (line = endp; *line == ' ' || *line == '\t'; line++)
; ;
@ -478,7 +478,7 @@ cmd_sethash (assuan_context_t ctx, char *line)
return set_error (GPG_ERR_UNSUPPORTED_ALGORITHM, NULL); return set_error (GPG_ERR_UNSUPPORTED_ALGORITHM, NULL);
ctrl->digest.algo = algo; ctrl->digest.algo = algo;
/* parse the hash value */ /* Parse the hash value. */
rc = parse_hexstring (ctx, line, &n); rc = parse_hexstring (ctx, line, &n);
if (rc) if (rc)
return rc; return rc;

2
agent/divert-scd.c
View File

@ -148,6 +148,8 @@ encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo,
*r_len = 0; *r_len = 0;
asnlen = DIM(asn); asnlen = DIM(asn);
if (!algo || gcry_md_test_algo (algo))
return gpg_error (GPG_ERR_DIGEST_ALGO);
if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen)) if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
{ {
log_error ("no object identifier for algo %d\n", algo); log_error ("no object identifier for algo %d\n", algo);

4
configure.ac
View File

@ -26,8 +26,8 @@ min_automake_version="1.9.3"
# Remember to change the version number immediately *after* a release. # Remember to change the version number immediately *after* a release.
# Set my_issvn to "yes" for non-released code. Remember to run an # Set my_issvn to "yes" for non-released code. Remember to run an
# "svn up" and "autogen.sh" right before creating a distribution. # "svn up" and "autogen.sh" right before creating a distribution.
m4_define([my_version], [1.9.91]) m4_define([my_version], [1.9.92])
m4_define([my_issvn], [no]) m4_define([my_issvn], [yes])
m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \

7
doc/gpg-agent.texi
View File

@ -740,11 +740,12 @@ test whether the key is a valid key to sign something and responds with
okay. okay.
@example @example
SETHASH <hexstring> SETHASH <algo> <hexstring>
@end example @end example
The client can use this command to tell the server about the data The client can use this command to tell the server about the data <hexstring>
(which usually is a hash) to be signed. (which usually is a hash) to be signed. <algo> is the decimal encoded hash
algorithm number as used by Libgcrypt.
The actual signing is done using The actual signing is done using

8
g10/ChangeLog
View File

@ -1,3 +1,11 @@
2006-10-05 Werner Koch <wk@g10code.com>
* status.c (progress_cb): Changed to libgcrypt API.
(set_status_fd): Register the progress cb.
* seskey.c (encode_md_value): Check that the hash algo is valid
before getting the OID.
2006-10-04 Werner Koch <wk@g10code.com> 2006-10-04 Werner Koch <wk@g10code.com>
* passphrase.c: Allow for a static passphrase in batch mode. * passphrase.c: Allow for a static passphrase in batch mode.

4
g10/seskey.c
View File

@ -267,7 +267,9 @@ encode_md_value (PKT_public_key *pk, PKT_secret_key *sk,
byte *asn; byte *asn;
size_t asnlen; size_t asnlen;
rc = gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, NULL, &asnlen); rc = gcry_md_test_algo (hash_algo);
if (!rc)
rc = gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, NULL, &asnlen);
if (rc) if (rc)
log_fatal ("can't get OID of algo %d: %s\n", log_fatal ("can't get OID of algo %d: %s\n",
hash_algo, gpg_strerror (rc)); hash_algo, gpg_strerror (rc));

22
g10/status.c
View File

@ -45,15 +45,17 @@ static FILE *statusfp;
static void static void
progress_cb ( void *ctx, int c ) progress_cb (void *ctx, const char *what, int printchar,
int current, int total)
{ {
char buf[50]; char buf[50];
if ( c == '\n' ) if ( printchar == '\n' && !strcmp (what, "primegen") )
sprintf ( buf, "%.20s X 100 100", (char*)ctx ); snprintf (buf, sizeof buf -1, "%.20s X 100 100", what );
else else
sprintf ( buf, "%.20s %c 0 0", (char*)ctx, c ); snprintf (buf, sizeof buf -1, "%.20s %c %d %d",
write_status_text ( STATUS_PROGRESS, buf ); what, printchar=='\n'?'X':printchar, current, total );
write_status_text (STATUS_PROGRESS, buf);
} }
static const char * static const char *
@ -209,10 +211,8 @@ set_status_fd ( int fd )
fd, strerror(errno)); fd, strerror(errno));
} }
last_fd = fd; last_fd = fd;
#warning Use libgrypt calls for progress indicators
/* register_primegen_progress ( progress_cb, "primegen" ); */ gcry_set_progress_handler ( progress_cb, NULL );
/* register_pk_dsa_progress ( progress_cb, "pk_dsa" ); */
/* register_pk_elg_progress ( progress_cb, "pk_elg" ); */
} }
int int

2
scd/app-openpgp.c
View File

@ -1926,7 +1926,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
start_at = time (NULL); start_at = time (NULL);
rc = iso7816_generate_keypair rc = iso7816_generate_keypair
#else #else
#warning key generation temporary replaced by reading an existing key. # warning key generation temporary replaced by reading an existing key.
rc = iso7816_read_public_key rc = iso7816_read_public_key
#endif #endif
(app->slot, (const unsigned char*)(keyno == 0? "\xB6" : (app->slot, (const unsigned char*)(keyno == 0? "\xB6" :

4
sm/ChangeLog
View File

@ -1,3 +1,7 @@
2006-10-05 Werner Koch <wk@g10code.com>
* certcheck.c (do_encode_md): Check that the has algo is valid.
2006-10-02 Marcus Brinkmann <marcus@g10code.de> 2006-10-02 Marcus Brinkmann <marcus@g10code.de>
* server.c (register_commands): New commands DUMPKEYS and * server.c (register_commands): New commands DUMPKEYS and

2
sm/certcheck.c
View File

@ -68,6 +68,8 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
nframe = (nbits+7) / 8; nframe = (nbits+7) / 8;
asnlen = DIM(asn); asnlen = DIM(asn);
if (!algo || gcry_md_test_algo (algo))
return gpg_error (GPG_ERR_DIGEST_ALGO);
if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen)) if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
{ {
log_error ("no object identifier for algo %d\n", algo); log_error ("no object identifier for algo %d\n", algo);