security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-18 14:17:03 +01:00
Code Activity

gpg: Turn --no-mdc-warn into a NOP.

Browse Source 
* g10/gpg.c (oNoMDCWarn): Remove.
(opts): Make --no-mdc-warn a NOP.
(main): Don't set var.
* g10/options.h (struct opt): Remove 'no_mdc_var'.
* g10/cipher-cfb.c (write_header): Assume opt.no_mdc_warn is false.
* g10/mainproc.c (proc_encrypted): Ditto.
--

Users should not be allowed to suppress the warning that they are
shooting into their foot.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 96350c5d5afcbc7f66c535e38b9fcc7355622855)
This commit is contained in:
Werner Koch 2018-05-15 12:19:40 +02:00
parent 64597e1bd9
commit 26c0d3a3fc
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
5 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/gpg.texi
View File

@ -2041,10 +2041,6 @@ place an unsafe gpg.conf file in place, and use this file to suppress
warnings about itself. The @option{--homedir} permissions warning may only be warnings about itself. The @option{--homedir} permissions warning may only be
suppressed on the command line. suppressed on the command line.
@item --no-mdc-warning
@opindex no-mdc-warning
Suppress the warning about missing MDC integrity protection.
@item --require-secmem @item --require-secmem
@itemx --no-require-secmem @itemx --no-require-secmem
@opindex require-secmem @opindex require-secmem

2
g10/cipher.c
View File

@ -64,7 +64,7 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
if (DBG_HASHING) if (DBG_HASHING)
gcry_md_debug (cfx->mdc_hash, "creatmdc"); gcry_md_debug (cfx->mdc_hash, "creatmdc");
} }
else if (!opt.no_mdc_warn) else
{ {
log_info ("WARNING: " log_info ("WARNING: "
"encrypting without integrity protection is dangerous\n"); "encrypting without integrity protection is dangerous\n");

4
g10/gpg.c
View File

@ -264,7 +264,6 @@ enum cmd_and_opt_values
oRequireSecmem, oRequireSecmem,
oNoRequireSecmem, oNoRequireSecmem,
oNoPermissionWarn, oNoPermissionWarn,
oNoMDCWarn,
oNoArmor, oNoArmor,
oNoDefKeyring, oNoDefKeyring,
oNoKeyring, oNoKeyring,
@ -727,7 +726,6 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oRequireSecmem, "require-secmem", "@"), ARGPARSE_s_n (oRequireSecmem, "require-secmem", "@"),
ARGPARSE_s_n (oNoRequireSecmem, "no-require-secmem", "@"), ARGPARSE_s_n (oNoRequireSecmem, "no-require-secmem", "@"),
ARGPARSE_s_n (oNoPermissionWarn, "no-permission-warning", "@"), ARGPARSE_s_n (oNoPermissionWarn, "no-permission-warning", "@"),
ARGPARSE_s_n (oNoMDCWarn, "no-mdc-warning", "@"),
ARGPARSE_s_n (oNoArmor, "no-armor", "@"), ARGPARSE_s_n (oNoArmor, "no-armor", "@"),
ARGPARSE_s_n (oNoArmor, "no-armour", "@"), ARGPARSE_s_n (oNoArmor, "no-armour", "@"),
ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"), ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"),
@ -911,6 +909,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oNoop, "no-force-v3-sigs", "@"), ARGPARSE_s_n (oNoop, "no-force-v3-sigs", "@"),
ARGPARSE_s_n (oNoop, "force-v4-certs", "@"), ARGPARSE_s_n (oNoop, "force-v4-certs", "@"),
ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"), ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"),
ARGPARSE_s_n (oNoop, "no-mdc-warning", "@"),
ARGPARSE_end () ARGPARSE_end ()
}; };
@ -3156,7 +3155,6 @@ main (int argc, char **argv)
case oRequireSecmem: require_secmem=1; break; case oRequireSecmem: require_secmem=1; break;
case oNoRequireSecmem: require_secmem=0; break; case oNoRequireSecmem: require_secmem=0; break;
case oNoPermissionWarn: opt.no_perm_warn=1; break; case oNoPermissionWarn: opt.no_perm_warn=1; break;
case oNoMDCWarn: opt.no_mdc_warn=1; break;
case oDisplayCharset: case oDisplayCharset:
if( set_native_charset( pargs.r.ret_str ) ) if( set_native_charset( pargs.r.ret_str ) )
log_error(_("'%s' is not a valid character set\n"), log_error(_("'%s' is not a valid character set\n"),

2
g10/mainproc.c
View File

@ -671,7 +671,7 @@ proc_encrypted (CTX c, PACKET *pkt)
log_info(_("decryption okay\n")); log_info(_("decryption okay\n"));
if (pkt->pkt.encrypted->mdc_method && !result) if (pkt->pkt.encrypted->mdc_method && !result)
write_status (STATUS_GOODMDC); write_status (STATUS_GOODMDC);
else if (!opt.no_mdc_warn) else
log_info (_("WARNING: message was not integrity protected\n")); log_info (_("WARNING: message was not integrity protected\n"));
} }
else if (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE) else if (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE)

1
g10/options.h
View File

@ -180,7 +180,6 @@ struct
prefitem_t *personal_compress_prefs; prefitem_t *personal_compress_prefs;
struct weakhash *weak_digests; struct weakhash *weak_digests;
int no_perm_warn; int no_perm_warn;
int no_mdc_warn;
char *temp_dir; char *temp_dir;
int no_encrypt_to; int no_encrypt_to;
int encrypt_to_default_key; int encrypt_to_default_key;