mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
wks: Do not use compression for the encrypted data.
* tools/gpg-wks-client.c (encrypt_response): Add arg -z0. * tools/gpg-wks-server.c (encrypt_stream): Ditto. -- If for example a server was built without the development packages of the compression libraries installed, the server will not be able to decrypt a request. In theory this can't happen due to the preference system but it is just to easy to create the server's key using a different version of gpg and then use gpg-wks-server built differently. For the short messages we exchange compression is not really required and thus we better do without to make the system more robust. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 70a8db0333e3c22403b3647f8b5f924f6dace719)
This commit is contained in:
parent
ae9159e068
commit
16424d8a34
@ -1151,6 +1151,7 @@ encrypt_response (estream_t *r_output, estream_t input, const char *addrspec,
|
|||||||
ccparray_put (&ccp, "--status-fd=2");
|
ccparray_put (&ccp, "--status-fd=2");
|
||||||
ccparray_put (&ccp, "--always-trust");
|
ccparray_put (&ccp, "--always-trust");
|
||||||
ccparray_put (&ccp, "--armor");
|
ccparray_put (&ccp, "--armor");
|
||||||
|
ccparray_put (&ccp, "-z0"); /* No compression for improved robustness. */
|
||||||
if (fake_submission_addr)
|
if (fake_submission_addr)
|
||||||
ccparray_put (&ccp, "--auto-key-locate=clear,local");
|
ccparray_put (&ccp, "--auto-key-locate=clear,local");
|
||||||
else
|
else
|
||||||
|
@ -586,6 +586,7 @@ encrypt_stream (estream_t *r_output, estream_t input, const char *keyfile)
|
|||||||
ccparray_put (&ccp, "--always-trust");
|
ccparray_put (&ccp, "--always-trust");
|
||||||
ccparray_put (&ccp, "--no-keyring");
|
ccparray_put (&ccp, "--no-keyring");
|
||||||
ccparray_put (&ccp, "--armor");
|
ccparray_put (&ccp, "--armor");
|
||||||
|
ccparray_put (&ccp, "-z0"); /* No compression for improved robustness. */
|
||||||
ccparray_put (&ccp, "--recipient-file");
|
ccparray_put (&ccp, "--recipient-file");
|
||||||
ccparray_put (&ccp, keyfile);
|
ccparray_put (&ccp, keyfile);
|
||||||
ccparray_put (&ccp, "--encrypt");
|
ccparray_put (&ccp, "--encrypt");
|
||||||
|
Loading…
x
Reference in New Issue
Block a user