mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-23 15:07:03 +01:00
See ChangeLog: Wed Jan 5 11:51:17 CET 2000 Werner Koch
This commit is contained in:
parent
dae44387d6
commit
1f0c21cc77
1
THANKS
1
THANKS
@ -39,6 +39,7 @@ Hendrik Buschkamp buschkamp@rheumanet.org
|
||||
Holger Schurig holger@d.om.org
|
||||
Hugh Daniel hugh@toad.com
|
||||
Ian McKellar imckellar@harvestroad.com.au
|
||||
Jan Krueger max@physics.otago.ac.nz
|
||||
Janusz A. Urbanowicz alex@bofh.torun.pl
|
||||
James Troup james@nocrew.org
|
||||
Jean-loup Gailly gzip@prep.ai.mit.edu
|
||||
|
@ -1,3 +1,7 @@
|
||||
Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de>
|
||||
|
||||
* FAQ: Enhanced answer for the 3des-s2k bug.
|
||||
|
||||
Sat Dec 4 12:30:28 CET 1999 Werner Koch <wk@gnupg.de>
|
||||
|
||||
* gpg.sgml: Add section about the user ID
|
||||
|
@ -190,6 +190,14 @@ more arguments in future versions.
|
||||
Marks the end of a file processing which has been started
|
||||
by FILE_START.
|
||||
|
||||
BEGIN_DECRYPTION
|
||||
END_DECRYPTION
|
||||
Mark the start and end of the actual decryption process. These
|
||||
are also emmited when in --list-only mode.
|
||||
|
||||
BEGIN_ENCRYPTION
|
||||
END_ENCRYPTION
|
||||
Mark the start and end of the actual encryption process.
|
||||
|
||||
|
||||
Key generation
|
||||
|
11
doc/FAQ
11
doc/FAQ
@ -350,12 +350,12 @@
|
||||
hash algorithm to use.
|
||||
|
||||
Q: How can a get list of key IDs used to encrypt a message?
|
||||
A: gpg --batch --decrypt --status-fd 1 2>/dev/null \
|
||||
A: gpg --batch --decrypt --list-only --status-fd 1 2>/dev/null \
|
||||
| awk '/^\[GNUPG:\] ENC_TO / { print $3 }'
|
||||
|
||||
|
||||
Q: PGP 5.x, 6.x does not like my secret key.
|
||||
A: PGP probaly bails out on some private comment packets used by GnuPG.
|
||||
A: PGP probably bails out on some private comment packets used by GnuPG.
|
||||
These packets are fully in compliance with OpenPGP; however PGP is not
|
||||
really OpenPGP aware. A workaround is to eport the secret keys with
|
||||
this command:
|
||||
@ -364,10 +364,11 @@
|
||||
|
||||
Q: I can't decrypt my symmetrical only (-c) encrypted message with
|
||||
a new version of GnuPG.
|
||||
A: There used to be a bug in GnuPG < 1.0.1 which happens only if 3DES
|
||||
was used for symmetric only encryption (this has never been the default).
|
||||
A: There used to be a bug in GnuPG < 1.0.1 which happens only if 3DES or
|
||||
Twofish has been used for symmetric only encryption (this has never been
|
||||
the default).
|
||||
The bug has been fixed but to enable you to decrypt old messages, you
|
||||
should run gpg with the option "--emulate-3des-s2k-bug", decrypt the
|
||||
message and encrypt it again without this option. The option will
|
||||
be removed in 1.1, so better re/encrypt your message now.
|
||||
be removed in 1.1, so better re-encrypt your message now.
|
||||
|
||||
|
12
doc/gpg.sgml
12
doc/gpg.sgml
@ -1104,7 +1104,8 @@ Reset all packet, cipher and digest options to OpenPGP
|
||||
behavior. Use this option to reset all previous
|
||||
options like --rfc1991, --force-v3-sigs, --s2k-*,
|
||||
--cipher-algo, --digest-algo and --compress-algo to
|
||||
OpenPGP compliant values.
|
||||
OpenPGP compliant values. All PGP workarounds are also
|
||||
disabled.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
|
||||
@ -1232,6 +1233,15 @@ can get a faster listing. The excact behaviour of this option may change
|
||||
in future versions.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>--list-only</term>
|
||||
<listitem><para>
|
||||
Changes the behaviour of some commands. This is like --dry-run but
|
||||
different in some cases. The semantic of this command may be extended in
|
||||
the future. Currently it does only skip the actual decryption pass and
|
||||
therefore enables a fast listing of the encryption keys.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>--no-literal</term>
|
||||
<listitem><para>
|
||||
|
@ -1,3 +1,21 @@
|
||||
Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de>
|
||||
|
||||
* g10.c (main): Reset new global flag opt.pgp2_workarounds
|
||||
when --openpgp is used.
|
||||
* mainproc.c (proc_plaintext): Do the PGP2,5 workarounds only
|
||||
when the global falg is set.
|
||||
(proc_tree): Ditto.
|
||||
* textfilter.c (copy_clearsig_text): Ditto.
|
||||
* armor.c (armor_filter): Ditto.
|
||||
|
||||
* g10.c: New option --list-only
|
||||
* mainproc.c (proc_tree): Don't do it if opt.list_only is active.
|
||||
(proc_pubkey_enc): Implement option.
|
||||
|
||||
* status.h, status.c ({BEGIN,END}_{EN,DE}CRYPTION): New.
|
||||
* cipher.c (cipher_filter): New status outputs.
|
||||
* mainproc.c (proc_encrypted): New status outputs.
|
||||
|
||||
Fri Dec 31 14:08:15 CET 1999 Werner Koch <wk@gnupg.de>
|
||||
|
||||
* armor.c (armor_filter): Made the "Comment:" header translatable.
|
||||
|
@ -837,7 +837,8 @@ armor_filter( void *opaque, int control,
|
||||
hashes &= 1|2|4|8;
|
||||
if( !hashes ) {
|
||||
hashes |= 4; /* default to MD 5 */
|
||||
afx->pgp2mode = 1;
|
||||
if( opt.pgp2_workarounds )
|
||||
afx->pgp2mode = 1;
|
||||
}
|
||||
n=0;
|
||||
do {
|
||||
|
@ -33,6 +33,7 @@
|
||||
#include "packet.h"
|
||||
#include "options.h"
|
||||
#include "main.h"
|
||||
#include "status.h"
|
||||
|
||||
|
||||
#define MIN_PARTIAL_SIZE 512
|
||||
@ -54,7 +55,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
|
||||
if( use_mdc ) {
|
||||
ed.mdc_method = DIGEST_ALGO_SHA1;
|
||||
cfx->mdc_hash = md_open( DIGEST_ALGO_SHA1, 0 );
|
||||
md_start_debug( cfx->mdc_hash, "mdccreat" );
|
||||
/*md_start_debug( cfx->mdc_hash, "mdccreat" );*/
|
||||
}
|
||||
init_packet( &pkt );
|
||||
pkt.pkttype = use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
|
||||
@ -101,6 +102,7 @@ cipher_filter( void *opaque, int control,
|
||||
else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */
|
||||
assert(a);
|
||||
if( !cfx->header ) {
|
||||
write_status( STATUS_BEGIN_ENCRYPTION );
|
||||
write_header( cfx, a );
|
||||
}
|
||||
if( cfx->mdc_hash )
|
||||
@ -121,6 +123,7 @@ cipher_filter( void *opaque, int control,
|
||||
md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
|
||||
}
|
||||
cipher_close(cfx->cipher_hd);
|
||||
write_status( STATUS_END_ENCRYPTION );
|
||||
}
|
||||
else if( control == IOBUFCTRL_DESC ) {
|
||||
*(char**)buf = "cipher_filter";
|
||||
|
@ -180,6 +180,7 @@ enum cmd_and_opt_values { aNull = 0,
|
||||
oSetFilesize,
|
||||
oHonorHttpProxy,
|
||||
oFastListMode,
|
||||
oListOnly,
|
||||
oEmu3DESS2KBug, /* will be removed in 1.1 */
|
||||
aTest };
|
||||
|
||||
@ -350,6 +351,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oSetFilesize, "set-filesize", 20, "@" },
|
||||
{ oHonorHttpProxy,"honor-http-proxy", 0, "@" },
|
||||
{ oFastListMode,"fast-list-mode", 0, "@" },
|
||||
{ oListOnly, "list-only", 0, "@"},
|
||||
{ oEmu3DESS2KBug, "emulate-3des-s2k-bug", 0, "@"},
|
||||
{0} };
|
||||
|
||||
@ -592,6 +594,7 @@ main( int argc, char **argv )
|
||||
opt.completes_needed = 1;
|
||||
opt.marginals_needed = 3;
|
||||
opt.max_cert_depth = 5;
|
||||
opt.pgp2_workarounds = 1;
|
||||
#ifdef __MINGW32__
|
||||
opt.homedir = read_w32_registry_string( NULL, "Software\\GNU\\GnuPG", "HomeDir" );
|
||||
#else
|
||||
@ -700,7 +703,9 @@ main( int argc, char **argv )
|
||||
|
||||
case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break;
|
||||
case aSym: set_cmd( &cmd, aSym); break;
|
||||
|
||||
case aDecrypt: set_cmd( &cmd, aDecrypt); break;
|
||||
|
||||
case aEncr: set_cmd( &cmd, aEncr); break;
|
||||
case aSign: set_cmd( &cmd, aSign ); break;
|
||||
case aKeygen: set_cmd( &cmd, aKeygen); greeting=1; break;
|
||||
@ -804,6 +809,7 @@ main( int argc, char **argv )
|
||||
break;
|
||||
case oOpenPGP:
|
||||
opt.rfc1991 = 0;
|
||||
opt.pgp2_workarounds = 0;
|
||||
opt.escape_from = 0;
|
||||
opt.force_v3_sigs = 0;
|
||||
opt.compress_keys = 0; /* not mandated but we do it */
|
||||
@ -880,6 +886,7 @@ main( int argc, char **argv )
|
||||
case oSetFilesize: opt.set_filesize = pargs.r.ret_ulong; break;
|
||||
case oHonorHttpProxy: opt.honor_http_proxy = 1; break;
|
||||
case oFastListMode: opt.fast_list_mode = 1; break;
|
||||
case oListOnly: opt.list_only=1; break;
|
||||
|
||||
default : pargs.err = configfp? 1:2; break;
|
||||
}
|
||||
|
@ -225,10 +225,14 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
|
||||
|| is_RSA(enc->pubkey_algo) ) {
|
||||
if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
|
||||
|| !seckey_available( enc->keyid )) ) {
|
||||
c->dek = m_alloc_secure( sizeof *c->dek );
|
||||
if( (result = get_session_key( enc, c->dek )) ) {
|
||||
/* error: delete the DEK */
|
||||
m_free(c->dek); c->dek = NULL;
|
||||
if( opt.list_only )
|
||||
result = -1;
|
||||
else {
|
||||
c->dek = m_alloc_secure( sizeof *c->dek );
|
||||
if( (result = get_session_key( enc, c->dek )) ) {
|
||||
/* error: delete the DEK */
|
||||
m_free(c->dek); c->dek = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
@ -312,10 +316,14 @@ proc_encrypted( CTX c, PACKET *pkt )
|
||||
|
||||
print_failed_pkenc( c->failed_pkenc );
|
||||
|
||||
write_status( STATUS_BEGIN_DECRYPTION );
|
||||
|
||||
/*log_debug("dat: %sencrypted data\n", c->dek?"":"conventional ");*/
|
||||
if( !c->dek && !c->last_was_session_key ) {
|
||||
if( opt.list_only )
|
||||
result = -1;
|
||||
else if( !c->dek && !c->last_was_session_key ) {
|
||||
/* assume this is old conventional encrypted data
|
||||
* Actually we should use IDEA and MD5 in this case, but becuase
|
||||
* Actually we should use IDEA and MD5 in this case, but because
|
||||
* IDEA is patented we can't do so */
|
||||
c->dek = passphrase_to_dek( NULL, 0,
|
||||
opt.def_cipher_algo ? opt.def_cipher_algo
|
||||
@ -347,6 +355,7 @@ proc_encrypted( CTX c, PACKET *pkt )
|
||||
}
|
||||
free_packet(pkt);
|
||||
c->last_was_session_key = 0;
|
||||
write_status( STATUS_END_DECRYPTION );
|
||||
}
|
||||
|
||||
|
||||
@ -406,7 +415,7 @@ proc_plaintext( CTX c, PACKET *pkt )
|
||||
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
|
||||
md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
|
||||
}
|
||||
if( only_md5 && !opt.skip_verify ) {
|
||||
if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) {
|
||||
/* This is a kludge to work around a bug in pgp2. It does only
|
||||
* catch those mails which are armored. To catch the non-armored
|
||||
* pgp mails we could see whether there is the signature packet
|
||||
@ -1142,7 +1151,7 @@ proc_tree( CTX c, KBNODE node )
|
||||
KBNODE n1;
|
||||
int rc;
|
||||
|
||||
if( opt.list_packets )
|
||||
if( opt.list_packets || opt.list_only )
|
||||
return;
|
||||
|
||||
c->local_id = 0;
|
||||
@ -1194,8 +1203,10 @@ proc_tree( CTX c, KBNODE node )
|
||||
/* detached signature */
|
||||
free_md_filter_context( &c->mfx );
|
||||
c->mfx.md = md_open(sig->digest_algo, 0);
|
||||
if( sig->digest_algo == DIGEST_ALGO_MD5
|
||||
&& is_RSA( sig->pubkey_algo ) ) {
|
||||
if( !opt.pgp2_workarounds )
|
||||
;
|
||||
else if( sig->digest_algo == DIGEST_ALGO_MD5
|
||||
&& is_RSA( sig->pubkey_algo ) ) {
|
||||
/* enable a workaround for a pgp2 bug */
|
||||
c->mfx.md2 = md_open( DIGEST_ALGO_MD5, 0 );
|
||||
}
|
||||
|
@ -33,6 +33,7 @@ struct {
|
||||
int compress;
|
||||
char *outfile;
|
||||
int dry_run;
|
||||
int list_only;
|
||||
int textmode;
|
||||
int batch; /* run in batch mode */
|
||||
int answer_yes; /* answer yes on most questions */
|
||||
@ -63,6 +64,7 @@ struct {
|
||||
int compress_sigs;
|
||||
int always_trust;
|
||||
int rfc1991;
|
||||
int pgp2_workarounds;
|
||||
unsigned emulate_bugs; /* bug emulation flags EMUBUG_xxxx */
|
||||
int shm_coprocess;
|
||||
const char *set_filename;
|
||||
|
@ -120,6 +120,10 @@ write_status_text ( int no, const char *text)
|
||||
case STATUS_FILE_START : s = "FILE_START\n"; break;
|
||||
case STATUS_FILE_DONE : s = "FILE_DONE\n"; break;
|
||||
case STATUS_FILE_ERROR : s = "FILE_ERROR\n"; break;
|
||||
case STATUS_BEGIN_DECRYPTION:s = "BEGIN_DECRYPTION\n"; break;
|
||||
case STATUS_END_DECRYPTION : s = "END_DECRYPTION\n"; break;
|
||||
case STATUS_BEGIN_ENCRYPTION:s = "BEGIN_ENCRYPTION\n"; break;
|
||||
case STATUS_END_ENCRYPTION : s = "END_ENCRYPTION\n"; break;
|
||||
default: s = "?\n"; break;
|
||||
}
|
||||
|
||||
|
@ -69,6 +69,11 @@
|
||||
#define STATUS_FILE_DONE 39
|
||||
#define STATUS_FILE_ERROR 40
|
||||
|
||||
#define STATUS_BEGIN_DECRYPTION 41
|
||||
#define STATUS_END_DECRYPTION 42
|
||||
#define STATUS_BEGIN_ENCRYPTION 43
|
||||
#define STATUS_END_ENCRYPTION 44
|
||||
|
||||
|
||||
/*-- status.c --*/
|
||||
void set_status_fd ( int fd );
|
||||
|
@ -31,6 +31,7 @@
|
||||
#include "util.h"
|
||||
#include "filter.h"
|
||||
#include "i18n.h"
|
||||
#include "options.h"
|
||||
|
||||
#ifdef HAVE_DOSISH_SYSTEM
|
||||
#define LF "\r\n"
|
||||
@ -156,6 +157,9 @@ copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
|
||||
int truncated = 0;
|
||||
int pending_lf = 0;
|
||||
|
||||
if( !opt.pgp2_workarounds )
|
||||
pgp2mode = 0;
|
||||
|
||||
if( !escape_dash )
|
||||
escape_from = 0;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user