1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-23 15:07:03 +01:00

See ChangeLog: Wed Jan 5 11:51:17 CET 2000 Werner Koch

This commit is contained in:
Werner Koch 2000-01-05 10:46:34 +00:00
parent dae44387d6
commit 1f0c21cc77
14 changed files with 97 additions and 18 deletions

1
THANKS
View File

@ -39,6 +39,7 @@ Hendrik Buschkamp buschkamp@rheumanet.org
Holger Schurig holger@d.om.org
Hugh Daniel hugh@toad.com
Ian McKellar imckellar@harvestroad.com.au
Jan Krueger max@physics.otago.ac.nz
Janusz A. Urbanowicz alex@bofh.torun.pl
James Troup james@nocrew.org
Jean-loup Gailly gzip@prep.ai.mit.edu

View File

@ -1,3 +1,7 @@
Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de>
* FAQ: Enhanced answer for the 3des-s2k bug.
Sat Dec 4 12:30:28 CET 1999 Werner Koch <wk@gnupg.de>
* gpg.sgml: Add section about the user ID

View File

@ -190,6 +190,14 @@ more arguments in future versions.
Marks the end of a file processing which has been started
by FILE_START.
BEGIN_DECRYPTION
END_DECRYPTION
Mark the start and end of the actual decryption process. These
are also emmited when in --list-only mode.
BEGIN_ENCRYPTION
END_ENCRYPTION
Mark the start and end of the actual encryption process.
Key generation

11
doc/FAQ
View File

@ -350,12 +350,12 @@
hash algorithm to use.
Q: How can a get list of key IDs used to encrypt a message?
A: gpg --batch --decrypt --status-fd 1 2>/dev/null \
A: gpg --batch --decrypt --list-only --status-fd 1 2>/dev/null \
| awk '/^\[GNUPG:\] ENC_TO / { print $3 }'
Q: PGP 5.x, 6.x does not like my secret key.
A: PGP probaly bails out on some private comment packets used by GnuPG.
A: PGP probably bails out on some private comment packets used by GnuPG.
These packets are fully in compliance with OpenPGP; however PGP is not
really OpenPGP aware. A workaround is to eport the secret keys with
this command:
@ -364,10 +364,11 @@
Q: I can't decrypt my symmetrical only (-c) encrypted message with
a new version of GnuPG.
A: There used to be a bug in GnuPG < 1.0.1 which happens only if 3DES
was used for symmetric only encryption (this has never been the default).
A: There used to be a bug in GnuPG < 1.0.1 which happens only if 3DES or
Twofish has been used for symmetric only encryption (this has never been
the default).
The bug has been fixed but to enable you to decrypt old messages, you
should run gpg with the option "--emulate-3des-s2k-bug", decrypt the
message and encrypt it again without this option. The option will
be removed in 1.1, so better re/encrypt your message now.
be removed in 1.1, so better re-encrypt your message now.

View File

@ -1104,7 +1104,8 @@ Reset all packet, cipher and digest options to OpenPGP
behavior. Use this option to reset all previous
options like --rfc1991, --force-v3-sigs, --s2k-*,
--cipher-algo, --digest-algo and --compress-algo to
OpenPGP compliant values.
OpenPGP compliant values. All PGP workarounds are also
disabled.
</para></listitem></varlistentry>
@ -1232,6 +1233,15 @@ can get a faster listing. The excact behaviour of this option may change
in future versions.
</para></listitem></varlistentry>
<varlistentry>
<term>--list-only</term>
<listitem><para>
Changes the behaviour of some commands. This is like --dry-run but
different in some cases. The semantic of this command may be extended in
the future. Currently it does only skip the actual decryption pass and
therefore enables a fast listing of the encryption keys.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-literal</term>
<listitem><para>

View File

@ -1,3 +1,21 @@
Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de>
* g10.c (main): Reset new global flag opt.pgp2_workarounds
when --openpgp is used.
* mainproc.c (proc_plaintext): Do the PGP2,5 workarounds only
when the global falg is set.
(proc_tree): Ditto.
* textfilter.c (copy_clearsig_text): Ditto.
* armor.c (armor_filter): Ditto.
* g10.c: New option --list-only
* mainproc.c (proc_tree): Don't do it if opt.list_only is active.
(proc_pubkey_enc): Implement option.
* status.h, status.c ({BEGIN,END}_{EN,DE}CRYPTION): New.
* cipher.c (cipher_filter): New status outputs.
* mainproc.c (proc_encrypted): New status outputs.
Fri Dec 31 14:08:15 CET 1999 Werner Koch <wk@gnupg.de>
* armor.c (armor_filter): Made the "Comment:" header translatable.

View File

@ -837,7 +837,8 @@ armor_filter( void *opaque, int control,
hashes &= 1|2|4|8;
if( !hashes ) {
hashes |= 4; /* default to MD 5 */
afx->pgp2mode = 1;
if( opt.pgp2_workarounds )
afx->pgp2mode = 1;
}
n=0;
do {

View File

@ -33,6 +33,7 @@
#include "packet.h"
#include "options.h"
#include "main.h"
#include "status.h"
#define MIN_PARTIAL_SIZE 512
@ -54,7 +55,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
if( use_mdc ) {
ed.mdc_method = DIGEST_ALGO_SHA1;
cfx->mdc_hash = md_open( DIGEST_ALGO_SHA1, 0 );
md_start_debug( cfx->mdc_hash, "mdccreat" );
/*md_start_debug( cfx->mdc_hash, "mdccreat" );*/
}
init_packet( &pkt );
pkt.pkttype = use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
@ -101,6 +102,7 @@ cipher_filter( void *opaque, int control,
else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */
assert(a);
if( !cfx->header ) {
write_status( STATUS_BEGIN_ENCRYPTION );
write_header( cfx, a );
}
if( cfx->mdc_hash )
@ -121,6 +123,7 @@ cipher_filter( void *opaque, int control,
md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
}
cipher_close(cfx->cipher_hd);
write_status( STATUS_END_ENCRYPTION );
}
else if( control == IOBUFCTRL_DESC ) {
*(char**)buf = "cipher_filter";

View File

@ -180,6 +180,7 @@ enum cmd_and_opt_values { aNull = 0,
oSetFilesize,
oHonorHttpProxy,
oFastListMode,
oListOnly,
oEmu3DESS2KBug, /* will be removed in 1.1 */
aTest };
@ -350,6 +351,7 @@ static ARGPARSE_OPTS opts[] = {
{ oSetFilesize, "set-filesize", 20, "@" },
{ oHonorHttpProxy,"honor-http-proxy", 0, "@" },
{ oFastListMode,"fast-list-mode", 0, "@" },
{ oListOnly, "list-only", 0, "@"},
{ oEmu3DESS2KBug, "emulate-3des-s2k-bug", 0, "@"},
{0} };
@ -592,6 +594,7 @@ main( int argc, char **argv )
opt.completes_needed = 1;
opt.marginals_needed = 3;
opt.max_cert_depth = 5;
opt.pgp2_workarounds = 1;
#ifdef __MINGW32__
opt.homedir = read_w32_registry_string( NULL, "Software\\GNU\\GnuPG", "HomeDir" );
#else
@ -700,7 +703,9 @@ main( int argc, char **argv )
case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break;
case aSym: set_cmd( &cmd, aSym); break;
case aDecrypt: set_cmd( &cmd, aDecrypt); break;
case aEncr: set_cmd( &cmd, aEncr); break;
case aSign: set_cmd( &cmd, aSign ); break;
case aKeygen: set_cmd( &cmd, aKeygen); greeting=1; break;
@ -804,6 +809,7 @@ main( int argc, char **argv )
break;
case oOpenPGP:
opt.rfc1991 = 0;
opt.pgp2_workarounds = 0;
opt.escape_from = 0;
opt.force_v3_sigs = 0;
opt.compress_keys = 0; /* not mandated but we do it */
@ -880,6 +886,7 @@ main( int argc, char **argv )
case oSetFilesize: opt.set_filesize = pargs.r.ret_ulong; break;
case oHonorHttpProxy: opt.honor_http_proxy = 1; break;
case oFastListMode: opt.fast_list_mode = 1; break;
case oListOnly: opt.list_only=1; break;
default : pargs.err = configfp? 1:2; break;
}

View File

@ -225,10 +225,14 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
|| is_RSA(enc->pubkey_algo) ) {
if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
|| !seckey_available( enc->keyid )) ) {
c->dek = m_alloc_secure( sizeof *c->dek );
if( (result = get_session_key( enc, c->dek )) ) {
/* error: delete the DEK */
m_free(c->dek); c->dek = NULL;
if( opt.list_only )
result = -1;
else {
c->dek = m_alloc_secure( sizeof *c->dek );
if( (result = get_session_key( enc, c->dek )) ) {
/* error: delete the DEK */
m_free(c->dek); c->dek = NULL;
}
}
}
else
@ -312,10 +316,14 @@ proc_encrypted( CTX c, PACKET *pkt )
print_failed_pkenc( c->failed_pkenc );
write_status( STATUS_BEGIN_DECRYPTION );
/*log_debug("dat: %sencrypted data\n", c->dek?"":"conventional ");*/
if( !c->dek && !c->last_was_session_key ) {
if( opt.list_only )
result = -1;
else if( !c->dek && !c->last_was_session_key ) {
/* assume this is old conventional encrypted data
* Actually we should use IDEA and MD5 in this case, but becuase
* Actually we should use IDEA and MD5 in this case, but because
* IDEA is patented we can't do so */
c->dek = passphrase_to_dek( NULL, 0,
opt.def_cipher_algo ? opt.def_cipher_algo
@ -347,6 +355,7 @@ proc_encrypted( CTX c, PACKET *pkt )
}
free_packet(pkt);
c->last_was_session_key = 0;
write_status( STATUS_END_DECRYPTION );
}
@ -406,7 +415,7 @@ proc_plaintext( CTX c, PACKET *pkt )
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
}
if( only_md5 && !opt.skip_verify ) {
if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) {
/* This is a kludge to work around a bug in pgp2. It does only
* catch those mails which are armored. To catch the non-armored
* pgp mails we could see whether there is the signature packet
@ -1142,7 +1151,7 @@ proc_tree( CTX c, KBNODE node )
KBNODE n1;
int rc;
if( opt.list_packets )
if( opt.list_packets || opt.list_only )
return;
c->local_id = 0;
@ -1194,8 +1203,10 @@ proc_tree( CTX c, KBNODE node )
/* detached signature */
free_md_filter_context( &c->mfx );
c->mfx.md = md_open(sig->digest_algo, 0);
if( sig->digest_algo == DIGEST_ALGO_MD5
&& is_RSA( sig->pubkey_algo ) ) {
if( !opt.pgp2_workarounds )
;
else if( sig->digest_algo == DIGEST_ALGO_MD5
&& is_RSA( sig->pubkey_algo ) ) {
/* enable a workaround for a pgp2 bug */
c->mfx.md2 = md_open( DIGEST_ALGO_MD5, 0 );
}

View File

@ -33,6 +33,7 @@ struct {
int compress;
char *outfile;
int dry_run;
int list_only;
int textmode;
int batch; /* run in batch mode */
int answer_yes; /* answer yes on most questions */
@ -63,6 +64,7 @@ struct {
int compress_sigs;
int always_trust;
int rfc1991;
int pgp2_workarounds;
unsigned emulate_bugs; /* bug emulation flags EMUBUG_xxxx */
int shm_coprocess;
const char *set_filename;

View File

@ -120,6 +120,10 @@ write_status_text ( int no, const char *text)
case STATUS_FILE_START : s = "FILE_START\n"; break;
case STATUS_FILE_DONE : s = "FILE_DONE\n"; break;
case STATUS_FILE_ERROR : s = "FILE_ERROR\n"; break;
case STATUS_BEGIN_DECRYPTION:s = "BEGIN_DECRYPTION\n"; break;
case STATUS_END_DECRYPTION : s = "END_DECRYPTION\n"; break;
case STATUS_BEGIN_ENCRYPTION:s = "BEGIN_ENCRYPTION\n"; break;
case STATUS_END_ENCRYPTION : s = "END_ENCRYPTION\n"; break;
default: s = "?\n"; break;
}

View File

@ -69,6 +69,11 @@
#define STATUS_FILE_DONE 39
#define STATUS_FILE_ERROR 40
#define STATUS_BEGIN_DECRYPTION 41
#define STATUS_END_DECRYPTION 42
#define STATUS_BEGIN_ENCRYPTION 43
#define STATUS_END_ENCRYPTION 44
/*-- status.c --*/
void set_status_fd ( int fd );

View File

@ -31,6 +31,7 @@
#include "util.h"
#include "filter.h"
#include "i18n.h"
#include "options.h"
#ifdef HAVE_DOSISH_SYSTEM
#define LF "\r\n"
@ -156,6 +157,9 @@ copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
int truncated = 0;
int pending_lf = 0;
if( !opt.pgp2_workarounds )
pgp2mode = 0;
if( !escape_dash )
escape_from = 0;